Compare commits
10 Commits
cc0f6ec856
...
main
Author | SHA1 | Date | |
---|---|---|---|
a9ea135cb9
|
|||
b8699ba0b6
|
|||
eb3c301ef6
|
|||
a75875a311
|
|||
822044423e
|
|||
63d2dd2e93
|
|||
8235bd4cdf
|
|||
492b643d8b
|
|||
6ce084b652
|
|||
c870442536
|
@@ -25,7 +25,6 @@ NixOS dotfiles and configuration for various hosts and users.
|
||||
- [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host.
|
||||
- [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
|
||||
- [`update.sh`](./scripts/update.sh): Update flake and all packages.
|
||||
- [`cache.sh`](./scripts/cache.sh): Build all `nixosConfiguration`s and push them to `attic`.
|
||||
|
||||
Any `options.nix` files create custom option definitions when present.
|
||||
|
||||
|
82
flake.lock
generated
82
flake.lock
generated
@@ -10,11 +10,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758577685,
|
||||
"narHash": "sha256-iHT0kvsQJG+Z89quGi7rNCXEg2e3DBGfuuCMu/UwiIo=",
|
||||
"lastModified": 1759227262,
|
||||
"narHash": "sha256-ibKJckw+KWH6n+pscOA7DWImanr988zKB7R2Z6ZEMLM=",
|
||||
"owner": "aylur",
|
||||
"repo": "ags",
|
||||
"rev": "aa7a8a2dd6e54aaeb4e13a73ed3bc2283995090b",
|
||||
"rev": "f68a0d03fbb94f4beacedd922ffaa0bf0f10397a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -30,11 +30,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1757497936,
|
||||
"narHash": "sha256-BSfvr7wdY5SbathVlrOW7vCyI9UGVIe2b9rTJ0O5IKo=",
|
||||
"lastModified": 1759688436,
|
||||
"narHash": "sha256-EfTrJse33t3RP//DqESkTMCpMSdIi/wxxfa12+eP5jo=",
|
||||
"owner": "aylur",
|
||||
"repo": "astal",
|
||||
"rev": "344a6dce56437a190b99e516a6cab8332cccf19e",
|
||||
"rev": "12c15b44608422e494c387aba6adc1ab6315d925",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -121,11 +121,11 @@
|
||||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1756770412,
|
||||
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
|
||||
"lastModified": 1759362264,
|
||||
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "4524271976b625a4a605beefd893f270620fd751",
|
||||
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -183,11 +183,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758692005,
|
||||
"narHash": "sha256-bNRMXWSLM4K9cF1YaHYjLol60KIAWW4GzAoJDp5tA0w=",
|
||||
"lastModified": 1759711004,
|
||||
"narHash": "sha256-B39NxeKCnK3DJlmJKIts6njcXcVVASLUChDNmRl4dxQ=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "6ce2e18007ff022db41d9cc042f8838e8c51ed66",
|
||||
"rev": "6f4021da5d2bb5ea7cb782ff413ecb7062066820",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -250,11 +250,11 @@
|
||||
},
|
||||
"mnw": {
|
||||
"locked": {
|
||||
"lastModified": 1756659871,
|
||||
"narHash": "sha256-v6Rh4aQ6RKjM2N02kK9Usn0Ix7+OY66vNpeklc1MnGE=",
|
||||
"lastModified": 1758834834,
|
||||
"narHash": "sha256-Y7IvY4F8vajZyp3WGf+KaiIVwondEkMFkt92Cr9NZmg=",
|
||||
"owner": "Gerg-L",
|
||||
"repo": "mnw",
|
||||
"rev": "ed6cc3e48557ba18266e598a5ebb6602499ada16",
|
||||
"rev": "cfbc7d1cc832e318d0863a5fc91d940a96034001",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -289,11 +289,11 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1758427187,
|
||||
"narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",
|
||||
"lastModified": 1759381078,
|
||||
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",
|
||||
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -328,11 +328,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758695369,
|
||||
"narHash": "sha256-ACZf/yRD6GgM621x6PsZ1XJ9eHEvUMR9yywWmkC0HgQ=",
|
||||
"lastModified": 1759742968,
|
||||
"narHash": "sha256-yk56xZpanCPlhowzIEdS2GfPDG0yQ4kE/j85lJbAX1Y=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "880430522f1c24aae5895b011dbcd81726d02133",
|
||||
"rev": "9ea4f672c7138273a4131dd25038da49306685b8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -358,11 +358,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758271661,
|
||||
"narHash": "sha256-ENqd2/33uP5vB44ClDjjAV+J78oF8q1er4QUZuT8Z7g=",
|
||||
"lastModified": 1759469269,
|
||||
"narHash": "sha256-DP833ejGUNRRHsJOB3WRTaWWXLNucaDga2ju/fGe+sc=",
|
||||
"owner": "NotAShelf",
|
||||
"repo": "nvf",
|
||||
"rev": "b7571df4d6e9ac08506a738ddceeec0b141751b0",
|
||||
"rev": "e48638aef3a95377689de0ef940443c64f870a09",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -495,11 +495,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758633052,
|
||||
"narHash": "sha256-IBfdW6W/CxyuFfMVjSazL2F6z/kwCGec6X3eOk9PJSg=",
|
||||
"lastModified": 1759752146,
|
||||
"narHash": "sha256-g30leL+8jLxkYWiM5W2RjnhGyqBtErmeOX3ELK5CRAQ=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "f12387528b67f0c2095eb42fa0983a4223152717",
|
||||
"revCount": 13,
|
||||
"rev": "bc1564ea3eb472f7b843e3237da0d1cd2f6f8e37",
|
||||
"revCount": 14,
|
||||
"type": "git",
|
||||
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
|
||||
},
|
||||
@@ -511,11 +511,11 @@
|
||||
"secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1758576944,
|
||||
"narHash": "sha256-P6fvi2mjyJEUg19BTZ6eb+fRM8V6s2xY1SWQ8gb49U0=",
|
||||
"lastModified": 1759165833,
|
||||
"narHash": "sha256-EYAVKr7gGY7MDmgPIYsW3yk96q51UT1vtzlupR8paKg=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "a9d956a20fc4534fcc7d3da7f0994c499c4ea405",
|
||||
"revCount": 47,
|
||||
"rev": "a5c1c552628492281e05e99458f1ca3ec272b448",
|
||||
"revCount": 48,
|
||||
"type": "git",
|
||||
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
|
||||
},
|
||||
@@ -531,11 +531,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758425756,
|
||||
"narHash": "sha256-L3N8zV6wsViXiD8i3WFyrvjDdz76g3tXKEdZ4FkgQ+Y=",
|
||||
"lastModified": 1759635238,
|
||||
"narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "e0fdaea3c31646e252a60b42d0ed8eafdb289762",
|
||||
"rev": "6e5a38e08a2c31ae687504196a230ae00ea95133",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -554,11 +554,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758584568,
|
||||
"narHash": "sha256-FDxTheW6ynpbro/8eTZHhAY7J+HOf0jXeXq3jrJDcS8=",
|
||||
"lastModified": 1759638324,
|
||||
"narHash": "sha256-bj0L3n2UWE/DjqFjsydWsSzO74+dqUA4tiOX4At6LbM=",
|
||||
"owner": "Gerg-L",
|
||||
"repo": "spicetify-nix",
|
||||
"rev": "9e9e48ca16628bf09a02bc5449d4b0761e15eebd",
|
||||
"rev": "c39a58510e55c4970e57176ab14b722a978e5f01",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -589,11 +589,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1758206697,
|
||||
"narHash": "sha256-/DbPkh6PZOgfueCbs3uzlk4ASU2nPPsiVWhpMCNkAd0=",
|
||||
"lastModified": 1758728421,
|
||||
"narHash": "sha256-ySNJ008muQAds2JemiyrWYbwbG+V7S5wg3ZVKGHSFu8=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "128222dc911b8e2e18939537bed1762b7f3a04aa",
|
||||
"rev": "5eda4ee8121f97b218f7cc73f5172098d458f1d1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@@ -42,9 +42,13 @@
|
||||
"flakes"
|
||||
];
|
||||
download-buffer-size = 524288000;
|
||||
substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
|
||||
substituters = lib.mkMerge [
|
||||
(lib.mkBefore [ "https://nix.karaolidis.com/main" ])
|
||||
(lib.mkAfter [ "https://nix-community.cachix.org/" ])
|
||||
];
|
||||
trusted-public-keys = lib.mkBefore [
|
||||
"nix.karaolidis.com:1yz1tIVLGDEOFC1p/uYtR4Sx+nIbdYDqsDv4kkV0uyk="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
netrc-file = config.sops.templates.nix-netrc.path;
|
||||
};
|
||||
|
4
hosts/common/configs/system/usb/default.nix
Normal file
4
hosts/common/configs/system/usb/default.nix
Normal file
@@ -0,0 +1,4 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [ usbutils ];
|
||||
}
|
@@ -251,7 +251,7 @@
|
||||
{
|
||||
mode = [ "n" ];
|
||||
key = "<leader>wq";
|
||||
action = "<cmd>wq<CR>";
|
||||
action = "<cmd>x<CR>";
|
||||
silent = true;
|
||||
desc = "Save & Quit";
|
||||
}
|
||||
|
@@ -29,7 +29,6 @@
|
||||
enable = true;
|
||||
key = config.sops.secrets."syncthing/key".path;
|
||||
cert = config.sops.secrets."syncthing/cert".path;
|
||||
extraOptions = [ "-no-default-folder" ];
|
||||
|
||||
settings = {
|
||||
options.urAccepted = -1;
|
||||
|
7
hosts/common/configs/user/gui/ghidra/default.nix
Normal file
7
hosts/common/configs/user/gui/ghidra/default.nix
Normal file
@@ -0,0 +1,7 @@
|
||||
{ user, home }:
|
||||
{ ... }:
|
||||
{
|
||||
programs.ghidra.enable = true;
|
||||
|
||||
environment.persistence."/persist/state"."${home}/.config/ghidra" = { };
|
||||
}
|
17
hosts/common/configs/user/gui/wireshark/default.nix
Normal file
17
hosts/common/configs/user/gui/wireshark/default.nix
Normal file
@@ -0,0 +1,17 @@
|
||||
{ user, home }:
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.wireshark = {
|
||||
enable = true;
|
||||
dumpcap.enable = true;
|
||||
usbmon.enable = true;
|
||||
};
|
||||
|
||||
boot.kernelModules = [ "usbmon" ];
|
||||
|
||||
users.users.${user}.extraGroups = [ "wireshark" ];
|
||||
|
||||
environment.persistence."/persist/state"."${home}/.config/wireshark" = { };
|
||||
|
||||
home-manager.users.${user}.home.packages = with pkgs; [ wireshark ];
|
||||
}
|
@@ -45,6 +45,7 @@
|
||||
../common/configs/system/system
|
||||
../common/configs/system/timezone
|
||||
../common/configs/system/upower
|
||||
../common/configs/system/usb
|
||||
../common/configs/system/users
|
||||
../common/configs/system/zsh
|
||||
|
||||
|
@@ -70,6 +70,7 @@ in
|
||||
(import ../../../common/configs/user/gui/gaming/prismlauncher { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/gaming/proton { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/gaming/wivrn { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/ghidra { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/gtk { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/hypridle { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/hyprland { inherit user home; })
|
||||
@@ -93,6 +94,7 @@ in
|
||||
(import ../../../common/configs/user/gui/transmission { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/vscode { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/wev { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/wireshark { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/wl-clipboard { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/x11 { inherit user home; })
|
||||
(import ../../../common/configs/user/gui/xdg { inherit user home; })
|
||||
|
@@ -37,6 +37,7 @@
|
||||
../common/configs/system/sudo
|
||||
../common/configs/system/system
|
||||
../common/configs/system/timezone
|
||||
../common/configs/system/usb
|
||||
../common/configs/system/users
|
||||
../common/configs/system/zsh
|
||||
|
||||
|
@@ -35,7 +35,7 @@
|
||||
|
||||
networking = {
|
||||
hostName = "jupiter-vps";
|
||||
publicIPv4 = "51.75.170.190";
|
||||
publicIPv4 = "217.154.55.15";
|
||||
};
|
||||
|
||||
environment.impermanence.enable = lib.mkForce false;
|
||||
|
@@ -1,7 +1,7 @@
|
||||
{
|
||||
disko.devices = {
|
||||
disk.main = {
|
||||
device = "/dev/sda";
|
||||
device = "/dev/vda";
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "gpt";
|
||||
|
@@ -39,6 +39,7 @@
|
||||
../common/configs/system/sshd
|
||||
../common/configs/system/sudo
|
||||
../common/configs/system/system
|
||||
../common/configs/system/usb
|
||||
../common/configs/system/users
|
||||
../common/configs/system/zsh
|
||||
|
||||
@@ -54,7 +55,7 @@
|
||||
|
||||
networking = {
|
||||
hostName = "jupiter";
|
||||
publicIPv4 = "51.89.210.124";
|
||||
publicIPv4 = "87.106.36.59";
|
||||
};
|
||||
|
||||
boot.initrd = {
|
||||
|
@@ -22,12 +22,22 @@
|
||||
# FIXME: https://github.com/icewind1991/nvidia-patch-nixos/issues/9
|
||||
package =
|
||||
let
|
||||
nvidiaStable = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
# FIXME: HDMI Crash, God knows when it will be reported and/or fixed
|
||||
nvidiaStable = config.boot.kernelPackages.nvidiaPackages.mkDriver {
|
||||
version = "580.82.09";
|
||||
sha256_64bit = "sha256-Puz4MtouFeDgmsNMKdLHoDgDGC+QRXh6NVysvltWlbc=";
|
||||
sha256_aarch64 = "sha256-6tHiAci9iDTKqKrDIjObeFdtrlEwjxOHJpHfX4GMEGQ=";
|
||||
openSha256 = "sha256-YB+mQD+oEDIIDa+e8KX1/qOlQvZMNKFrI5z3CoVKUjs=";
|
||||
settingsSha256 = "sha256-um53cr2Xo90VhZM1bM2CH4q9b/1W2YOqUcvXPV6uw2s=";
|
||||
persistencedSha256 = "sha256-lbYSa97aZ+k0CISoSxOMLyyMX//Zg2Raym6BC4COipU=";
|
||||
};
|
||||
|
||||
maybeFbc =
|
||||
if builtins.hasAttr nvidiaStable.version pkgs.nvidia-patch-list.fbc then
|
||||
pkgs.nvidia-patch.patch-fbc nvidiaStable
|
||||
else
|
||||
nvidiaStable;
|
||||
|
||||
nvidiaStableFinal =
|
||||
if builtins.hasAttr nvidiaStable.version pkgs.nvidia-patch-list.nvenc then
|
||||
pkgs.nvidia-patch.patch-nvenc maybeFbc
|
||||
@@ -53,8 +63,6 @@
|
||||
graphics = {
|
||||
enable32Bit = true;
|
||||
extraPackages = with pkgs; [
|
||||
amdvlk
|
||||
driversi686Linux.amdvlk
|
||||
rocmPackages.clr
|
||||
rocmPackages.clr.icd
|
||||
];
|
||||
@@ -92,10 +100,7 @@
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config = {
|
||||
cudaSupport = true;
|
||||
rocmSupport = true;
|
||||
};
|
||||
nixpkgs.config.cudaSupport = true;
|
||||
|
||||
services = {
|
||||
xserver.videoDrivers = [ "nvidia" ];
|
||||
|
@@ -136,6 +136,7 @@ in
|
||||
"outline"
|
||||
"shlink"
|
||||
"comentario"
|
||||
"immich"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@@ -31,6 +31,14 @@ in
|
||||
labels = [
|
||||
"traefik.enable=true"
|
||||
"traefik.http.routers.blog.rule=Host(`blog.karaolidis.com`)"
|
||||
|
||||
"traefik.http.routers.root.rule=Host(`karaolidis.com`) || Host(`www.karaolidis.com`)"
|
||||
"traefik.http.routers.root.middlewares=redirect-root-to-blog"
|
||||
"traefik.http.routers.root.service=noop@internal"
|
||||
|
||||
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.regex=^https://(www\.)?karaolidis\.com(/.*)?$"
|
||||
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.replacement=https://blog.karaolidis.com$${2}"
|
||||
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.permanent=false"
|
||||
];
|
||||
};
|
||||
|
||||
@@ -47,10 +55,6 @@ in
|
||||
labels = [
|
||||
"traefik.enable=true"
|
||||
"traefik.http.routers.blog-receiver.rule=Host(`blog.karaolidis.com`) && PathPrefix(`/upload`)"
|
||||
|
||||
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.regex=^https://(www\.)?karaolidis\.com(/.*)?$"
|
||||
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.replacement=https://blog.karaolidis.com$${2}"
|
||||
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.permanent=false"
|
||||
];
|
||||
};
|
||||
|
||||
|
@@ -16,6 +16,7 @@ in
|
||||
(import ./comentario { inherit user home; })
|
||||
(import ./gitea { inherit user home; })
|
||||
(import ./grafana { inherit user home; })
|
||||
(import ./immich { inherit user home; })
|
||||
(import ./littlelink { inherit user home; })
|
||||
(import ./lore { inherit user home; })
|
||||
(import ./media { inherit user home; })
|
||||
|
@@ -347,7 +347,7 @@ groups:
|
||||
type: threshold
|
||||
noDataState: NoData
|
||||
execErrState: Error
|
||||
for: 1m
|
||||
for: 15m
|
||||
keepFiringFor: 5m
|
||||
isPaused: false
|
||||
notification_settings:
|
||||
|
@@ -0,0 +1,215 @@
|
||||
{ user, home }:
|
||||
{
|
||||
config,
|
||||
inputs,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
hmConfig = config.home-manager.users.${user};
|
||||
inherit (hmConfig.virtualisation.quadlet) volumes containers networks;
|
||||
autheliaClientId = "kwrm5k1Bgwqd4BCXiWp0feL6adpthOn0GGgQ9iIVW7IH1UIj7bA2HVj9Jv42hUheoYoE8wWJpQi8woPomrSJIauTmsBMMFTTrI6r";
|
||||
in
|
||||
{
|
||||
home-manager.users.${user} = {
|
||||
sops = {
|
||||
secrets = {
|
||||
"immich/smtp".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
|
||||
"immich/postgresql".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
|
||||
"immich/admin".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
|
||||
"immich/authelia/password".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
|
||||
"immich/authelia/digest".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
|
||||
};
|
||||
|
||||
templates = {
|
||||
immich-postgresql-env.content = ''
|
||||
POSTGRES_PASSWORD=${hmConfig.sops.placeholder."immich/postgresql"}
|
||||
'';
|
||||
|
||||
immich-env.content = ''
|
||||
DB_PASSWORD=${hmConfig.sops.placeholder."immich/postgresql"}
|
||||
IMMICH_ADMIN_PASSWORD=${hmConfig.sops.placeholder."immich/admin"}
|
||||
'';
|
||||
|
||||
immich.content = builtins.readFile (
|
||||
(pkgs.formats.json { }).generate "config.json" {
|
||||
ffmpeg = {
|
||||
accel = "nvenc";
|
||||
accelDecode = true;
|
||||
};
|
||||
|
||||
oauth = {
|
||||
enabled = true;
|
||||
buttonText = "Login with Authelia";
|
||||
clientId = autheliaClientId;
|
||||
clientSecret = hmConfig.sops.placeholder."immich/authelia/password";
|
||||
issuerUrl = "https://id.karaolidis.com/.well-known/openid-configuration";
|
||||
scope = lib.strings.concatStringsSep " " [
|
||||
"openid"
|
||||
"profile"
|
||||
"email"
|
||||
];
|
||||
};
|
||||
|
||||
passwordLogin.enabled = true;
|
||||
|
||||
newVersionCheck.enabled = false;
|
||||
|
||||
library.watch.enabled = true;
|
||||
|
||||
server.externalDomain = "https://photos.karaolidis.com";
|
||||
|
||||
notifications.smtp = {
|
||||
enabled = true;
|
||||
from = "jupiter@karaolidis.com";
|
||||
transport = {
|
||||
host = "smtp.protonmail.ch";
|
||||
port = 587;
|
||||
username = "jupiter@karaolidis.com";
|
||||
password = hmConfig.sops.placeholder."immich/smtp";
|
||||
};
|
||||
};
|
||||
}
|
||||
);
|
||||
|
||||
authelia-immich.content = builtins.readFile (
|
||||
(pkgs.formats.yaml { }).generate "immich.yaml" {
|
||||
identity_providers.oidc = {
|
||||
authorization_policies.immich = {
|
||||
default_policy = "deny";
|
||||
rules = [
|
||||
{
|
||||
policy = "one_factor";
|
||||
subject = "group:immich";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
clients = [
|
||||
{
|
||||
client_id = autheliaClientId;
|
||||
client_name = "immich";
|
||||
client_secret = hmConfig.sops.placeholder."immich/authelia/digest";
|
||||
redirect_uris = [
|
||||
"https://photos.karaolidis.com/auth/login"
|
||||
"https://photos.karaolidis.com/user-settings"
|
||||
"app.immich:///oauth-callback"
|
||||
];
|
||||
authorization_policy = "immich";
|
||||
scopes = [
|
||||
"openid"
|
||||
"profile"
|
||||
"email"
|
||||
];
|
||||
token_endpoint_auth_method = "client_secret_post";
|
||||
pre_configured_consent_duration = "1 year";
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
);
|
||||
};
|
||||
};
|
||||
|
||||
systemd.user.tmpfiles.rules = [
|
||||
"d /mnt/storage/private/storm/containers/storage/volumes/immich/_data 700 storm storm"
|
||||
];
|
||||
|
||||
virtualisation.quadlet = {
|
||||
networks.immich = { };
|
||||
|
||||
volumes = {
|
||||
immich-redis = { };
|
||||
immich-postgresql = { };
|
||||
immich-machine-learning-cache = { };
|
||||
};
|
||||
|
||||
containers = {
|
||||
immich = {
|
||||
containerConfig = {
|
||||
image = "docker-archive:${pkgs.dockerImages.immich}";
|
||||
volumes =
|
||||
let
|
||||
postStart = pkgs.writeTextFile {
|
||||
name = "post-start.sh";
|
||||
executable = true;
|
||||
text = builtins.readFile ./post-start.sh;
|
||||
};
|
||||
in
|
||||
[
|
||||
"${hmConfig.sops.templates.immich.path}:/etc/immich/config.json:ro"
|
||||
"${postStart}:/etc/immich/post-start.sh:ro"
|
||||
"/mnt/storage/private/storm/containers/storage/volumes/immich/_data:/var/lib/immich"
|
||||
];
|
||||
networks = [
|
||||
networks.immich.ref
|
||||
networks.traefik.ref
|
||||
];
|
||||
labels = [
|
||||
"traefik.enable=true"
|
||||
"traefik.http.routers.immich.rule=Host(`photos.karaolidis.com`)"
|
||||
];
|
||||
environments = {
|
||||
DB_HOSTNAME = "immich-postgresql";
|
||||
DB_USERNAME = "immich";
|
||||
DB_DATABASE_NAME = "immich";
|
||||
REDIS_HOSTNAME = "immich-redis";
|
||||
IMMICH_ADMIN_EMAIL = "jupiter@karaolidis.com";
|
||||
IMMICH_ADMIN_NAME = "Admin";
|
||||
};
|
||||
environmentFiles = [ hmConfig.sops.templates.immich-env.path ];
|
||||
podmanArgs = [ "--cdi-spec-dir=/run/cdi" ];
|
||||
devices = [ "nvidia.com/gpu=all" ];
|
||||
};
|
||||
|
||||
unitConfig = {
|
||||
After = [
|
||||
"${containers.immich-postgresql._serviceName}.service"
|
||||
"${containers.immich-redis._serviceName}.service"
|
||||
"sops-nix.service"
|
||||
];
|
||||
Requires = [
|
||||
"${containers.immich-postgresql._serviceName}.service"
|
||||
"${containers.immich-redis._serviceName}.service"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
immich-machine-learning.containerConfig = {
|
||||
image = "docker-archive:${pkgs.dockerImages.immich-machine-learning}";
|
||||
volumes = [ "${volumes.immich-machine-learning-cache.ref}:/tmp/immich-machine-learning" ];
|
||||
networks = [ networks.immich.ref ];
|
||||
podmanArgs = [ "--cdi-spec-dir=/run/cdi" ];
|
||||
devices = [ "nvidia.com/gpu=all" ];
|
||||
};
|
||||
|
||||
immich-postgresql = {
|
||||
containerConfig = {
|
||||
image = "docker-archive:${pkgs.dockerImages.postgresql-vectorchord}";
|
||||
networks = [ networks.immich.ref ];
|
||||
volumes = [ "${volumes.immich-postgresql.ref}:/var/lib/postgresql/data" ];
|
||||
environments = {
|
||||
POSTGRES_DB = "immich";
|
||||
POSTGRES_USER = "immich";
|
||||
};
|
||||
environmentFiles = [ hmConfig.sops.templates.immich-postgresql-env.path ];
|
||||
};
|
||||
|
||||
unitConfig.After = [ "sops-nix.service" ];
|
||||
};
|
||||
|
||||
immich-redis.containerConfig = {
|
||||
image = "docker-archive:${pkgs.dockerImages.redis}";
|
||||
networks = [ networks.immich.ref ];
|
||||
volumes = [ "${volumes.immich-redis.ref}:/var/lib/redis" ];
|
||||
exec = [ "--save 60 1" ];
|
||||
};
|
||||
|
||||
authelia.containerConfig.volumes = [
|
||||
"${hmConfig.sops.templates.authelia-immich.path}:/etc/authelia/conf.d/immich.yaml:ro"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@@ -0,0 +1,22 @@
|
||||
# shellcheck shell=sh
|
||||
|
||||
IMMICH_HOST="${IMMICH_HOST:-http://localhost:2283}"
|
||||
IMMICH_ADMIN_NAME="${IMMICH_ADMIN_NAME:-Admin}"
|
||||
|
||||
until response="$(curl -sf "$IMMICH_HOST/api/server/config")"; do
|
||||
echo "Waiting for Immich to be ready..."
|
||||
sleep 1
|
||||
done
|
||||
|
||||
is_initialized="$(echo "$response" | jq -r '.isInitialized')"
|
||||
|
||||
if [ "$is_initialized" = "false" ]; then
|
||||
curl -sf "$IMMICH_HOST/api/auth/admin-sign-up" \
|
||||
-X POST \
|
||||
-H 'Content-Type: application/json' \
|
||||
--data-raw '{
|
||||
"email":"'"$IMMICH_ADMIN_EMAIL"'",
|
||||
"password":"'"$IMMICH_ADMIN_PASSWORD"'",
|
||||
"name":"'"$IMMICH_ADMIN_NAME"'"
|
||||
}'
|
||||
fi
|
@@ -24,6 +24,8 @@ final: prev:
|
||||
grafana-image-renderer = final.docker-image-grafana-image-renderer;
|
||||
grafana-to-ntfy = final.docker-image-grafana-to-ntfy;
|
||||
grafana = final.docker-image-grafana;
|
||||
immich = final.docker-image-immich;
|
||||
immich-machine-learning = final.docker-image-immich-machine-learning;
|
||||
jellyseerr = final.docker-image-jellyseerr;
|
||||
littlelink-server = final.docker-image-littlelink-server;
|
||||
mariadb = final.docker-image-mariadb;
|
||||
@@ -36,6 +38,7 @@ final: prev:
|
||||
outline = final.docker-image-outline;
|
||||
plex = final.docker-image-plex;
|
||||
postgresql = final.docker-image-postgresql;
|
||||
postgresql-vectorchord = final.docker-image-postgresql-vectorchord;
|
||||
prometheus = final.docker-image-prometheus;
|
||||
prometheus-fail2ban-exporter = final.docker-image-prometheus-fail2ban-exporter;
|
||||
prometheus-node-exporter = final.docker-image-prometheus-node-exporter;
|
||||
|
@@ -2,19 +2,19 @@
|
||||
# AUTO-UPDATE: nix-update --flake comentario --version=branch=dev --subpackage frontend
|
||||
pkgs.buildGo125Module (finalAttrs: {
|
||||
pname = "comentario";
|
||||
version = "3.14.0-unstable-2025-09-23";
|
||||
version = "3.14.0-unstable-2025-10-03";
|
||||
|
||||
src = pkgs.fetchFromGitLab {
|
||||
owner = "comentario";
|
||||
repo = "comentario";
|
||||
# FIXME: Stable rev once type error is fixed
|
||||
rev = "7774ecce56565b25aa378ab5ff230e9d98d82c79";
|
||||
hash = "sha256-7z7TQp380E/XdZ0J68jUznj8gmZqApn37wnYHdPmIK0=";
|
||||
rev = "4f493bb2a8cfe6f72dea8aeb3c13671e90c667dc";
|
||||
hash = "sha256-L1QcDgjWin7DT3XMyTAMl4f8hnC5d7inemzBLFMppi0=";
|
||||
};
|
||||
|
||||
patches = [ ./superuser-claim.patch ];
|
||||
|
||||
vendorHash = "sha256-AOI/WnVkrSgJlT2FtYOTuifOPw8sfc4C0g/prVkvJlA=";
|
||||
vendorHash = "sha256-tnnSJN3CEDbuj4/B0PBwpYCdm3SOgSbvC7htS9+9pr4=";
|
||||
|
||||
nativeBuildInputs = with pkgs; [
|
||||
go-swagger
|
||||
|
@@ -17,6 +17,8 @@
|
||||
docker-image-grafana-image-renderer = import ./docker/grafana-image-renderer { inherit pkgs; };
|
||||
docker-image-grafana-to-ntfy = import ./docker/grafana-to-ntfy { inherit pkgs; };
|
||||
docker-image-grafana = import ./docker/grafana { inherit pkgs; };
|
||||
docker-image-immich = import ./docker/immich { inherit pkgs; };
|
||||
docker-image-immich-machine-learning = import ./docker/immich-machine-learning { inherit pkgs; };
|
||||
docker-image-jellyseerr = import ./docker/jellyseerr { inherit pkgs; };
|
||||
docker-image-littlelink-server = import ./docker/littlelink-server { inherit pkgs; };
|
||||
docker-image-mariadb = import ./docker/mariadb { inherit pkgs; };
|
||||
@@ -29,6 +31,7 @@
|
||||
docker-image-outline = import ./docker/outline { inherit pkgs; };
|
||||
docker-image-plex = import ./docker/plex { inherit pkgs; };
|
||||
docker-image-postgresql = import ./docker/postgresql { inherit pkgs; };
|
||||
docker-image-postgresql-vectorchord = import ./docker/postgresql-vectorchord { inherit pkgs; };
|
||||
docker-image-prometheus = import ./docker/prometheus { inherit pkgs; };
|
||||
docker-image-prometheus-fail2ban-exporter = import ./docker/prometheus-fail2ban-exporter {
|
||||
inherit pkgs;
|
||||
|
41
packages/docker/immich-machine-learning/default.nix
Normal file
41
packages/docker/immich-machine-learning/default.nix
Normal file
@@ -0,0 +1,41 @@
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
entrypoint = pkgs.writeTextFile {
|
||||
name = "entrypoint";
|
||||
executable = true;
|
||||
destination = "/bin/entrypoint";
|
||||
text = builtins.readFile ./entrypoint.sh;
|
||||
};
|
||||
in
|
||||
pkgs.dockerTools.buildImage {
|
||||
name = "immich-machine-learning";
|
||||
fromImage = pkgs.docker-image-base;
|
||||
|
||||
copyToRoot = pkgs.buildEnv {
|
||||
name = "root";
|
||||
paths = with pkgs; [
|
||||
entrypoint
|
||||
immich-machine-learning
|
||||
];
|
||||
pathsToLink = [
|
||||
"/bin"
|
||||
"/lib"
|
||||
"/share"
|
||||
"/nix-support"
|
||||
];
|
||||
};
|
||||
|
||||
config = {
|
||||
Entrypoint = [ "entrypoint" ];
|
||||
Volumes = {
|
||||
"/tmp/immich-machine-learning" = { };
|
||||
};
|
||||
Env = [
|
||||
"IMMICH_LOG_LEVEL=warn"
|
||||
"MACHINE_LEARNING_CACHE_FOLDER=/tmp/immich-machine-learning"
|
||||
];
|
||||
ExposedPorts = {
|
||||
"3003/tcp" = { };
|
||||
};
|
||||
};
|
||||
}
|
19
packages/docker/immich-machine-learning/entrypoint.sh
Normal file
19
packages/docker/immich-machine-learning/entrypoint.sh
Normal file
@@ -0,0 +1,19 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
|
||||
LOG_PIPE="$(mktemp -u)"
|
||||
mkfifo "$LOG_PIPE"
|
||||
|
||||
(
|
||||
while IFS= read -r line; do
|
||||
if echo "$line" | grep -qEi "\[(WARN|ERROR)\]"; then
|
||||
echo "$line" >&2
|
||||
else
|
||||
echo "$line"
|
||||
fi
|
||||
done < "$LOG_PIPE"
|
||||
) &
|
||||
|
||||
exec machine-learning "$@" > "$LOG_PIPE" 2>&1
|
42
packages/docker/immich/default.nix
Normal file
42
packages/docker/immich/default.nix
Normal file
@@ -0,0 +1,42 @@
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
entrypoint = pkgs.writeTextFile {
|
||||
name = "entrypoint";
|
||||
executable = true;
|
||||
destination = "/bin/entrypoint";
|
||||
text = builtins.readFile ./entrypoint.sh;
|
||||
};
|
||||
in
|
||||
pkgs.dockerTools.buildImage {
|
||||
name = "immich";
|
||||
fromImage = pkgs.docker-image-base;
|
||||
|
||||
copyToRoot = pkgs.buildEnv {
|
||||
name = "root";
|
||||
paths = with pkgs; [
|
||||
entrypoint
|
||||
immich
|
||||
curl
|
||||
jq
|
||||
];
|
||||
pathsToLink = [
|
||||
"/bin"
|
||||
"/lib"
|
||||
];
|
||||
};
|
||||
|
||||
config = {
|
||||
Entrypoint = [ "entrypoint" ];
|
||||
Volumes = {
|
||||
"/var/lib/immich" = { };
|
||||
};
|
||||
WorkingDir = "/var/lib/immich";
|
||||
Env = [
|
||||
"IMMICH_CONFIG_FILE=/etc/immich/config.json"
|
||||
"IMMICH_MEDIA_LOCATION=/var/lib/immich"
|
||||
];
|
||||
ExposedPorts = {
|
||||
"2283/tcp" = { };
|
||||
};
|
||||
};
|
||||
}
|
16
packages/docker/immich/entrypoint.sh
Normal file
16
packages/docker/immich/entrypoint.sh
Normal file
@@ -0,0 +1,16 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
|
||||
server "$@" &
|
||||
PID="$!"
|
||||
|
||||
if [ -f /etc/immich/post-start.sh ]; then
|
||||
# shellcheck disable=SC1091
|
||||
. /etc/immich/post-start.sh
|
||||
fi
|
||||
|
||||
trap 'kill -KILL "$PID"' INT TERM
|
||||
wait "$PID"
|
||||
exit $?
|
100
packages/docker/postgresql-vectorchord/default.nix
Normal file
100
packages/docker/postgresql-vectorchord/default.nix
Normal file
@@ -0,0 +1,100 @@
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
postgresql = pkgs.postgresql.overrideAttrs (oldAttrs: {
|
||||
patches = oldAttrs.patches or [ ] ++ [ ../postgresql/allow-root.patch ];
|
||||
});
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/sql/postgresql/generic.nix
|
||||
postgresqlVectorchord =
|
||||
let
|
||||
installedExtensions = with postgresql.pkgs; [
|
||||
pgvector
|
||||
vectorchord
|
||||
];
|
||||
|
||||
finalPackage = pkgs.buildEnv {
|
||||
name = "${postgresql.pname}-vectorchord";
|
||||
|
||||
paths = installedExtensions ++ [
|
||||
postgresql
|
||||
postgresql.man
|
||||
];
|
||||
|
||||
pathsToLink = [
|
||||
"/"
|
||||
"/bin"
|
||||
"/share/postgresql/extension"
|
||||
"/share/postgresql/timezonesets"
|
||||
"/share/postgresql/tsearch_data"
|
||||
];
|
||||
|
||||
nativeBuildInputs = with pkgs; [ makeBinaryWrapper ];
|
||||
|
||||
postBuild =
|
||||
let
|
||||
args = pkgs.lib.concatMap (ext: ext.wrapperArgs or [ ]) installedExtensions;
|
||||
in
|
||||
''
|
||||
wrapProgram "$out/bin/postgres" ${pkgs.lib.concatStringsSep " " args}
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
inherit installedExtensions;
|
||||
inherit (postgresql) pkgs psqlSchema version;
|
||||
|
||||
pg_config = postgresql.pg_config.override {
|
||||
outputs = {
|
||||
out = finalPackage;
|
||||
man = finalPackage;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
finalPackage;
|
||||
|
||||
entrypoint = pkgs.writeTextFile {
|
||||
name = "entrypoint";
|
||||
executable = true;
|
||||
destination = "/bin/entrypoint";
|
||||
text = builtins.readFile ../postgresql/entrypoint.sh;
|
||||
};
|
||||
|
||||
init = pkgs.writeTextDir "/etc/postgresql/init.sh" (builtins.readFile ./init.sh);
|
||||
in
|
||||
pkgs.dockerTools.buildImage {
|
||||
name = "postgresql-vectorchord";
|
||||
fromImage = pkgs.docker-image-base;
|
||||
|
||||
copyToRoot = pkgs.buildEnv {
|
||||
name = "root";
|
||||
paths = [
|
||||
entrypoint
|
||||
postgresqlVectorchord
|
||||
init
|
||||
];
|
||||
pathsToLink = [
|
||||
"/bin"
|
||||
"/lib"
|
||||
"/share"
|
||||
];
|
||||
};
|
||||
|
||||
runAsRoot = ''
|
||||
mkdir -p /etc/postgresql /run/postgresql
|
||||
cp ${postgresql}/share/postgresql/postgresql.conf.sample /etc/postgresql/postgresql.conf
|
||||
${pkgs.gnused}/bin/sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /etc/postgresql/postgresql.conf
|
||||
${pkgs.gnused}/bin/sed -ri "s/^#shared_preload_libraries = '''/shared_preload_libraries = 'vchord'/" /etc/postgresql/postgresql.conf
|
||||
'';
|
||||
|
||||
config = {
|
||||
Entrypoint = [ "entrypoint" ];
|
||||
ExposedPorts = {
|
||||
"5432/tcp" = { };
|
||||
};
|
||||
WorkingDir = "/var/lib/postgresql";
|
||||
Volumes = {
|
||||
"/var/lib/postgresql/data" = { };
|
||||
};
|
||||
};
|
||||
}
|
3
packages/docker/postgresql-vectorchord/init.sh
Normal file
3
packages/docker/postgresql-vectorchord/init.sh
Normal file
@@ -0,0 +1,3 @@
|
||||
# shellcheck shell=sh
|
||||
|
||||
psql --username="$POSTGRES_USER" -d postgres -c "CREATE EXTENSION IF NOT EXISTS vchord CASCADE;"
|
@@ -31,13 +31,18 @@ if [ ! -s "$PGDATA/PG_VERSION" ]; then
|
||||
POSTGRES_HOST_AUTH_METHOD="${POSTGRES_HOST_AUTH_METHOD:=$auth_method}"
|
||||
printf "\nhost all all all %s\n" "$POSTGRES_HOST_AUTH_METHOD" >> "$PGDATA/pg_hba.conf"
|
||||
|
||||
pg_ctl -w start
|
||||
pg_ctl -w start -o "-c config_file=/etc/postgresql/postgresql.conf"
|
||||
|
||||
if ! psql --username="$POSTGRES_USER" -d postgres -tc "SELECT 1 FROM pg_database WHERE datname = '$POSTGRES_DB'" | grep -q 1; then
|
||||
psql --username="$POSTGRES_USER" -d postgres -c "CREATE DATABASE \"$POSTGRES_DB\";"
|
||||
fi
|
||||
|
||||
pg_ctl -m fast -w stop
|
||||
if [ -f /etc/postgresql/init.sh ]; then
|
||||
# shellcheck disable=SC1091
|
||||
. /etc/postgresql/init.sh
|
||||
fi
|
||||
|
||||
pg_ctl -m fast -w stop -o "-c config_file=/etc/postgresql/postgresql.conf"
|
||||
fi
|
||||
|
||||
exec postgres -c config_file="/etc/postgresql/postgresql.conf" "$@" > "$LOG_PIPE" 2>&1
|
||||
|
@@ -2,18 +2,18 @@
|
||||
# AUTO-UPDATE: nix-update --flake --version=branch=master littlelink-server
|
||||
pkgs.stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "littlelink-server";
|
||||
version = "0-unstable-2025-09-04";
|
||||
version = "0-unstable-2025-10-01";
|
||||
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "techno-tim";
|
||||
repo = "littlelink-server";
|
||||
rev = "cafae98693fe0a0b34225be9dbfc7b4ef0c363d4";
|
||||
hash = "sha256-pjXmQm0iXZA9oc/zP4t2R3/Bsw6/89T8Hbx15mqzS3A=";
|
||||
rev = "1c4eb757b4b06ad778a45a00530a5d8937afd550";
|
||||
hash = "sha256-XIBtbaG3xcTPOnBPflmYdTAi8Z8KzX046faoN6m6GhA=";
|
||||
};
|
||||
|
||||
offlineCache = pkgs.fetchYarnDeps {
|
||||
yarnLock = finalAttrs.src + "/yarn.lock";
|
||||
hash = "sha256-9qOHA1fj4yAl879K8sWvnNtMVrQZE29FLF8aiQio0Dg=";
|
||||
hash = "sha256-KMZFPRRaPuZ8Rb6AKPx4/c/x/IJGjOpXBw2p5AzRgI8=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = with pkgs; [
|
||||
|
@@ -2,15 +2,17 @@
|
||||
# AUTO-UPDATE: nix-update --flake obsidian-plugin-excalidraw --subpackage mathjaxToSVG
|
||||
pkgs.buildNpmPackage (finalAttrs: {
|
||||
pname = "obsidian.plugins.excalidraw";
|
||||
version = "2.15.3";
|
||||
version = "2.16.1";
|
||||
|
||||
pkg = pkgs.fetchFromGitHub {
|
||||
owner = "zsviczian";
|
||||
repo = "obsidian-excalidraw-plugin";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-r5L+QWwVfx0j2z/dB86+uZSETFeApCscgWoappiRulw=";
|
||||
hash = "sha256-aaR8qeWFf5vjjIWJ1PNutq7+wYHsybqBbfdZW+6lcMU=";
|
||||
};
|
||||
|
||||
patches = [ ./package-lock.patch ];
|
||||
|
||||
mathjaxToSVG = pkgs.buildNpmPackage {
|
||||
pname = "obsidian.plugins.excalidraw.mathjaxToSVG";
|
||||
version = "1.0.0";
|
||||
@@ -30,7 +32,7 @@ pkgs.buildNpmPackage (finalAttrs: {
|
||||
|
||||
src = finalAttrs.pkg;
|
||||
|
||||
npmDepsHash = "sha256-SmAh2S4eGZKY5QtP1HxISdHJ2xnSFVtZwfIMKwSPiaY=";
|
||||
npmDepsHash = "sha256-Nw1EGBQ9aB61XpDank9Z2BKVPOdyPnx8uLf9IUOJ4aY=";
|
||||
npmPackFlags = [ "--ignore-scripts" ];
|
||||
|
||||
configurePhase = ''
|
||||
|
241
packages/obsidian/plugins/excalidraw/package-lock.patch
Normal file
241
packages/obsidian/plugins/excalidraw/package-lock.patch
Normal file
@@ -0,0 +1,241 @@
|
||||
diff --git a/package-lock.json b/package-lock.json
|
||||
index fc570c9..9422424 100644
|
||||
--- a/package-lock.json
|
||||
+++ b/package-lock.json
|
||||
@@ -11,7 +11,7 @@
|
||||
"dependencies": {
|
||||
"@popperjs/core": "^2.11.8",
|
||||
"@zsviczian/colormaster": "^1.2.2",
|
||||
- "@zsviczian/excalidraw": "0.18.0-37",
|
||||
+ "@zsviczian/excalidraw": "0.18.0-41",
|
||||
"chroma-js": "^3.1.2",
|
||||
"clsx": "^2.0.0",
|
||||
"es6-promise-pool": "2.5.0",
|
||||
@@ -3494,16 +3494,17 @@
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/@zsviczian/excalidraw": {
|
||||
- "version": "0.18.0-37",
|
||||
- "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-37.tgz",
|
||||
- "integrity": "sha512-SC4a6wj6IzE9HucxImDoOPcojojW/8FSry1hSA+hXfU350DhY6VlpFQ1DHJMPqVgIkFHB/hbCHt3klV+66+ouw==",
|
||||
+ "version": "0.18.0-41",
|
||||
+ "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-41.tgz",
|
||||
+ "integrity": "sha512-Js2ve1iZe59JXMjGo4KEeMBjJJP6imyoVh529BJ6K8x8n9B4W8AOMpQUSLjGH7Z3pkByNluUTTxkM5XBn1eotA==",
|
||||
+ "license": "MIT",
|
||||
"dependencies": {
|
||||
"@braintree/sanitize-url": "6.0.2",
|
||||
"@excalidraw/random-username": "1.1.0",
|
||||
"@radix-ui/react-popover": "1.1.6",
|
||||
"@radix-ui/react-tabs": "1.1.3",
|
||||
"@zsviczian/laser-pointer": "1.3.1",
|
||||
- "@zsviczian/mermaid-to-excalidraw": "1.1.2",
|
||||
+ "@zsviczian/mermaid-to-excalidraw": "1.1.3",
|
||||
"browser-fs-access": "0.29.1",
|
||||
"canvas-roundrect-polyfill": "0.0.1",
|
||||
"clsx": "1.1.1",
|
||||
@@ -3580,13 +3581,15 @@
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/@zsviczian/mermaid-to-excalidraw": {
|
||||
- "version": "1.1.2",
|
||||
- "resolved": "https://registry.npmjs.org/@zsviczian/mermaid-to-excalidraw/-/mermaid-to-excalidraw-1.1.2.tgz",
|
||||
- "integrity": "sha512-r6Krur0IZEEm8fuYdb8tteRfa4aYChKaXXmg0CpE+8Ovae/PAzvWvKXBw45oOlhjtVRO3kA89blDj+oxrJLusA==",
|
||||
+ "version": "1.1.3",
|
||||
+ "resolved": "https://registry.npmjs.org/@zsviczian/mermaid-to-excalidraw/-/mermaid-to-excalidraw-1.1.3.tgz",
|
||||
+ "integrity": "sha512-JwE9B2L2k2mAGMA0D7ougV/EBnGMJX24MMcD10mPqdHvE0sunD6ijmfHoL00ZMXtAZfrvjIYoTXiPhSIFkWdUA==",
|
||||
"dependencies": {
|
||||
"@excalidraw/markdown-to-text": "0.1.2",
|
||||
- "mermaid": "10.9.3",
|
||||
- "nanoid": "4.0.2"
|
||||
+ "cross-env": "^7.0.3",
|
||||
+ "mermaid": "10.9.4",
|
||||
+ "nanoid": "4.0.2",
|
||||
+ "react-split": "^2.0.14"
|
||||
}
|
||||
},
|
||||
"node_modules/@zsviczian/rollup-plugin-postprocess": {
|
||||
@@ -4136,7 +4139,6 @@
|
||||
"version": "7.0.3",
|
||||
"resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz",
|
||||
"integrity": "sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==",
|
||||
- "dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"cross-spawn": "^7.0.1"
|
||||
@@ -4155,7 +4157,6 @@
|
||||
"version": "7.0.6",
|
||||
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
||||
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
||||
- "dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"path-key": "^3.1.0",
|
||||
@@ -4359,9 +4360,9 @@
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/cytoscape": {
|
||||
- "version": "3.32.0",
|
||||
- "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.32.0.tgz",
|
||||
- "integrity": "sha512-5JHBC9n75kz5851jeklCPmZWcg3hUe6sjqJvyk3+hVqFaKcHwHgxsjeN1yLmggoUc6STbtm9/NQyabQehfjvWQ==",
|
||||
+ "version": "3.33.1",
|
||||
+ "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.33.1.tgz",
|
||||
+ "integrity": "sha512-iJc4TwyANnOGR1OmWhsS9ayRS3s+XQ185FmuHObThD+5AeJCakAAbWv8KimMTt08xCCLNgneQwFp+JRJOr9qGQ==",
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
"node": ">=0.10"
|
||||
@@ -4831,9 +4832,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/dayjs": {
|
||||
- "version": "1.11.13",
|
||||
- "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.13.tgz",
|
||||
- "integrity": "sha512-oaMBel6gjolK862uaPQOVTA7q3TZhuSvuMQAAglQDOWYO9A91IrAOUJEyKVlqJlHE0vq5p5UXxzdPfMH/x6xNg==",
|
||||
+ "version": "1.11.18",
|
||||
+ "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.18.tgz",
|
||||
+ "integrity": "sha512-zFBQ7WFRvVRhKcWoUh+ZA1g2HVgUbsZm9sbddh8EC5iv93sui8DVVz1Npvz+r6meo9VKfa8NyLWBsQK1VvIKPA==",
|
||||
"license": "MIT"
|
||||
},
|
||||
"node_modules/debug": {
|
||||
@@ -4854,9 +4855,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/decode-named-character-reference": {
|
||||
- "version": "1.1.0",
|
||||
- "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.1.0.tgz",
|
||||
- "integrity": "sha512-Wy+JTSbFThEOXQIR2L6mxJvEs+veIzpmqD7ynWxMXGpnk3smkHQOp6forLdHsKpAMW9iJpaBBIxz285t1n1C3w==",
|
||||
+ "version": "1.2.0",
|
||||
+ "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.2.0.tgz",
|
||||
+ "integrity": "sha512-c6fcElNV6ShtZXmsgNgFFV5tVX2PaV4g+MOAkb8eXHvn6sryJBrZa9r0zV6+dtTyoCKxtDy5tyQ5ZwQuidtd+Q==",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"character-entities": "^2.0.0"
|
||||
@@ -5995,7 +5996,6 @@
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
|
||||
"integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==",
|
||||
- "dev": true,
|
||||
"license": "ISC"
|
||||
},
|
||||
"node_modules/jackspeak": {
|
||||
@@ -6142,9 +6142,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/katex": {
|
||||
- "version": "0.16.22",
|
||||
- "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.22.tgz",
|
||||
- "integrity": "sha512-XCHRdUw4lf3SKBaJe4EvgqIuWwkPSo9XoeO8GjQW94Bp7TWv9hNhzZjZ+OH9yf1UmLygb7DIT5GSFQiyt16zYg==",
|
||||
+ "version": "0.16.23",
|
||||
+ "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.23.tgz",
|
||||
+ "integrity": "sha512-7VlC1hsEEolL9xNO05v9VjrvWZePkCVBJqj8ruICxYjZfHaHbaU53AlP+PODyFIXEnaEIEWi3wJy7FPZ95JAVg==",
|
||||
"funding": [
|
||||
"https://opencollective.com/katex",
|
||||
"https://github.com/sponsors/katex"
|
||||
@@ -6431,9 +6431,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/mermaid": {
|
||||
- "version": "10.9.3",
|
||||
- "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.3.tgz",
|
||||
- "integrity": "sha512-V80X1isSEvAewIL3xhmz/rVmc27CVljcsbWxkxlWJWY/1kQa4XOABqpDl2qQLGKzpKm6WbTfUEKImBlUfFYArw==",
|
||||
+ "version": "10.9.4",
|
||||
+ "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.4.tgz",
|
||||
+ "integrity": "sha512-VIG2B0R9ydvkS+wShA8sXqkzfpYglM2Qwj7VyUeqzNVqSGPoP/tcaUr3ub4ESykv8eqQJn3p99bHNvYdg3gCHQ==",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@braintree/sanitize-url": "^6.0.1",
|
||||
@@ -7243,7 +7243,6 @@
|
||||
"version": "3.1.1",
|
||||
"resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz",
|
||||
"integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==",
|
||||
- "dev": true,
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
@@ -7996,6 +7995,17 @@
|
||||
"node": ">=6.0.0"
|
||||
}
|
||||
},
|
||||
+ "node_modules/prop-types": {
|
||||
+ "version": "15.8.1",
|
||||
+ "resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.1.tgz",
|
||||
+ "integrity": "sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==",
|
||||
+ "license": "MIT",
|
||||
+ "dependencies": {
|
||||
+ "loose-envify": "^1.4.0",
|
||||
+ "object-assign": "^4.1.1",
|
||||
+ "react-is": "^16.13.1"
|
||||
+ }
|
||||
+ },
|
||||
"node_modules/punycode": {
|
||||
"version": "2.3.1",
|
||||
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
|
||||
@@ -8069,6 +8079,12 @@
|
||||
"react": "^18.3.1"
|
||||
}
|
||||
},
|
||||
+ "node_modules/react-is": {
|
||||
+ "version": "16.13.1",
|
||||
+ "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz",
|
||||
+ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==",
|
||||
+ "license": "MIT"
|
||||
+ },
|
||||
"node_modules/react-remove-scroll": {
|
||||
"version": "2.7.0",
|
||||
"resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.7.0.tgz",
|
||||
@@ -8116,6 +8132,19 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
+ "node_modules/react-split": {
|
||||
+ "version": "2.0.14",
|
||||
+ "resolved": "https://registry.npmjs.org/react-split/-/react-split-2.0.14.tgz",
|
||||
+ "integrity": "sha512-bKWydgMgaKTg/2JGQnaJPg51T6dmumTWZppFgEbbY0Fbme0F5TuatAScCLaqommbGQQf/ZT1zaejuPDriscISA==",
|
||||
+ "license": "MIT",
|
||||
+ "dependencies": {
|
||||
+ "prop-types": "^15.5.7",
|
||||
+ "split.js": "^1.6.0"
|
||||
+ },
|
||||
+ "peerDependencies": {
|
||||
+ "react": "*"
|
||||
+ }
|
||||
+ },
|
||||
"node_modules/react-style-singleton": {
|
||||
"version": "2.2.3",
|
||||
"resolved": "https://registry.npmjs.org/react-style-singleton/-/react-style-singleton-2.2.3.tgz",
|
||||
@@ -8577,7 +8606,6 @@
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
|
||||
"integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==",
|
||||
- "dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"shebang-regex": "^3.0.0"
|
||||
@@ -8590,7 +8618,6 @@
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz",
|
||||
"integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==",
|
||||
- "dev": true,
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
"node": ">=8"
|
||||
@@ -8686,6 +8713,12 @@
|
||||
"node": ">=18"
|
||||
}
|
||||
},
|
||||
+ "node_modules/split.js": {
|
||||
+ "version": "1.6.5",
|
||||
+ "resolved": "https://registry.npmjs.org/split.js/-/split.js-1.6.5.tgz",
|
||||
+ "integrity": "sha512-mPTnGCiS/RiuTNsVhCm9De9cCAUsrNFFviRbADdKiiV+Kk8HKp/0fWu7Kr8pi3/yBmsqLFHuXGT9UUZ+CNLwFw==",
|
||||
+ "license": "MIT"
|
||||
+ },
|
||||
"node_modules/string-width": {
|
||||
"version": "5.1.2",
|
||||
"resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz",
|
||||
@@ -9340,7 +9373,6 @@
|
||||
"version": "2.0.2",
|
||||
"resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
|
||||
"integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==",
|
||||
- "dev": true,
|
||||
"license": "ISC",
|
||||
"dependencies": {
|
||||
"isexe": "^2.0.0"
|
@@ -2,13 +2,13 @@
|
||||
# AUTO-UPDATE: nix-update --flake obsidian-plugin-tasks
|
||||
pkgs.stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "tasks";
|
||||
version = "7.21.0";
|
||||
version = "7.22.0";
|
||||
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "obsidian-tasks-group";
|
||||
repo = "obsidian-tasks";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-/7vTXAsMHWOopscdKldbXpvQvEl4qcnV3HpYClZWUsg=";
|
||||
hash = "sha256-wPby/HGT4oqMVes2Ws09RiI/YXETYI3oiiRwuV+0yXY=";
|
||||
};
|
||||
|
||||
offlineCache = pkgs.fetchYarnDeps {
|
||||
|
@@ -3,13 +3,13 @@
|
||||
# FIXME: https://github.com/dani-garcia/vaultwarden/pull/3899
|
||||
pkgs.rustPlatform.buildRustPackage (finalAttrs: {
|
||||
pname = "oidcwarden";
|
||||
version = "2025.8.1-1";
|
||||
version = "2025.9.0-1";
|
||||
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "Timshel";
|
||||
repo = "OIDCWarden";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-yH2qewIV79hBDRn0KFj2mULpD2tTm5+8E2kIN8uMWHM=";
|
||||
hash = "sha256-iTlaCjNuDBjbAp8O0WxiLULumI3wKjgrJoxzLKix/qI=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-ZPCRFBaISCIlPY/x3lTqxuePgZXcOLvgyOrw2XVcAVw=";
|
||||
|
@@ -2,13 +2,13 @@
|
||||
# AUTO-UPDATE: nix-update --flake prometheus-podman-exporter
|
||||
pkgs.buildGoModule (finalAttrs: {
|
||||
pname = "prometheus-podman-exporter";
|
||||
version = "1.18.1";
|
||||
version = "1.19.0";
|
||||
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "containers";
|
||||
repo = "prometheus-podman-exporter";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-h4bOb1xbQTKnN5m4Xa28C2cBoXDo/EAleUNVUC03ixQ=";
|
||||
hash = "sha256-/nVdoYChdJb8+I36EhN0MgnmRFR0dSzt0FI39BziaJA=";
|
||||
};
|
||||
|
||||
vendorHash = null;
|
||||
|
@@ -1,19 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
flake_json=$(nix flake show --json)
|
||||
|
||||
build_and_push() {
|
||||
local expr="$1"
|
||||
nix build "$expr" --no-link --print-out-paths | while IFS= read -r path; do
|
||||
attic push main "$path"
|
||||
done
|
||||
}
|
||||
|
||||
jq -r '.nixosConfigurations | keys[]' <<<"$flake_json" | while IFS= read -r cfg; do
|
||||
expr=".#nixosConfigurations.\"$cfg\".config.system.build.toplevel"
|
||||
build_and_push "$expr"
|
||||
done
|
@@ -1,15 +1,41 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
find . -type f -name '*.nix' ! -path './submodules/*' | while read -r file; do
|
||||
successes=()
|
||||
failures=()
|
||||
|
||||
while read -r file; do
|
||||
update_command=$(grep -oP '^#\s*AUTO-UPDATE:\s*\K.+' "$file" || true)
|
||||
|
||||
if [[ -n "$update_command" ]]; then
|
||||
echo "Running update command in: $file"
|
||||
eval "$update_command"
|
||||
if ( eval "$update_command" ); then
|
||||
successes+=("$file")
|
||||
else
|
||||
failures+=("$file")
|
||||
fi
|
||||
fi
|
||||
done < <(find . -type f -name '*.nix' ! -path './submodules/*')
|
||||
|
||||
if [[ ${#successes[@]} -gt 0 ]]; then
|
||||
echo "Successful Updates (${#successes[@]} total):"
|
||||
for item in "${successes[@]}"; do
|
||||
echo " - $item"
|
||||
done
|
||||
else
|
||||
echo "No automated update commands were successfully executed."
|
||||
fi
|
||||
|
||||
if [[ ${#failures[@]} -gt 0 ]]; then
|
||||
echo "Failed Updates (${#failures[@]} total):"
|
||||
for item in "${failures[@]}"; do
|
||||
echo " - $item"
|
||||
done
|
||||
exit 1
|
||||
else
|
||||
echo "No automated update commands failed."
|
||||
fi
|
||||
|
||||
nix flake update
|
||||
exit $?
|
||||
|
Submodule submodules/sas updated: f12387528b...bc1564ea3e
Submodule submodules/secrets updated: a9d956a20f...a5c1c55262
Reference in New Issue
Block a user