karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: karaolidis:e41e8c207801a7fa6f6e8f14915abaf4d99e562f
Branches Tags
karaolidis:main karaolidis:wireguard karaolidis:kubernetes
...
compare: karaolidis:main
Branches Tags
karaolidis:main karaolidis:wireguard karaolidis:kubernetes

20 Commits
e41e8c2078 ... main

Author SHA1 Message Date
Nikolaos Karaolidis
a9ea135cb9 Add ghidra, wireshark 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-10-12 22:00:44 +01:00
Nikolaos Karaolidis
b8699ba0b6 Add usbutils 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-10-12 21:16:37 +01:00
Nikolaos Karaolidis
eb3c301ef6 Fuck you nvidia 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-10-06 18:10:15 +01:00
Nikolaos Karaolidis
a75875a311 Update 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-10-06 12:03:06 +00:00
Nikolaos Karaolidis
822044423e Update nvf quit keybind 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-10-02 10:07:51 +00:00
Nikolaos Karaolidis
63d2dd2e93 Relax smart temperature warnings 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-10-01 08:14:40 +01:00
Nikolaos Karaolidis
8235bd4cdf Fix syncthing 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-30 13:25:52 +01:00
Nikolaos Karaolidis
492b643d8b Add immich 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-30 10:13:59 +01:00
Nikolaos Karaolidis
6ce084b652 Add nix-community cache 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-30 09:09:35 +01:00
Nikolaos Karaolidis
c870442536 Switch to IONOS 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-29 20:57:37 +01:00
Nikolaos Karaolidis
81b3faaf3e Update consent duration 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-29 20:49:14 +01:00
Nikolaos Karaolidis
2f286e25bc Fix nvim img-clip notification 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-29 08:56:57 +00:00
Nikolaos Karaolidis
871a8dcdbf Update TV DNS whitelist 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-27 10:44:07 +01:00
Nikolaos Karaolidis
5191357fcd Add signal 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-27 09:47:31 +01:00
Nikolaos Karaolidis
f1d0a8b2df Update nvf, add lazygit 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-26 12:59:03 +00:00
Nikolaos Karaolidis
116de857eb Update nvf 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-25 10:42:25 +00:00
Nikolaos Karaolidis
80bde87757 Add dig, httpie 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-24 14:19:12 +00:00
Nikolaos Karaolidis
82496be4b3 Edit git, neovim 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-24 12:59:23 +00:00
Nikolaos Karaolidis
fbe424384c Update 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-24 12:29:54 +00:00
Nikolaos Karaolidis
3dba5ed833 Silence shellcheck 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
 2025-09-23 00:10:35 +01:00
74 changed files with 1015 additions and 342 deletions
Expand all files Collapse all files

1
README.md
View File

@@ -25,7 +25,6 @@ NixOS dotfiles and configuration for various hosts and users.
- [`remove-host.sh`](./scripts/remove-host.sh): Remove references to a host.
- [`update-keys.sh`](./scripts/update-keys.sh): Update the encryption keys in all relevant files using `sops.yaml` configurations.
- [`update.sh`](./scripts/update.sh): Update flake and all packages.
- [`cache.sh`](./scripts/cache.sh): Build all `nixosConfiguration`s and push them to `attic`.
Any `options.nix` files create custom option definitions when present.

114
flake.lock generated
View File

@@ -10,11 +10,11 @@
]
},
"locked": {
"lastModified": 1756487002,
"narHash": "sha256-hN9RfNXy53qAkT68T+IYZpl68uE1uPOVMkw0MqC43KA=",
"lastModified": 1759227262,
"narHash": "sha256-ibKJckw+KWH6n+pscOA7DWImanr988zKB7R2Z6ZEMLM=",
"owner": "aylur",
"repo": "ags",
"rev": "8ff792dba6cc82eed10e760f551075564dd0a407",
"rev": "f68a0d03fbb94f4beacedd922ffaa0bf0f10397a",
"type": "github"
},
"original": {
@@ -30,11 +30,11 @@
]
},
"locked": {
"lastModified": 1756474652,
"narHash": "sha256-iiBU6itpEqE0spXeNJ3uJTfioSyKYjt5bNepykpDXTE=",
"lastModified": 1759688436,
"narHash": "sha256-EfTrJse33t3RP//DqESkTMCpMSdIi/wxxfa12+eP5jo=",
"owner": "aylur",
"repo": "astal",
"rev": "20bd8318e4136fbd3d4eb2d64dbabc3acbc915dd",
"rev": "12c15b44608422e494c387aba6adc1ab6315d925",
"type": "github"
},
"original": {
@@ -121,11 +121,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1754487366,
"narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"lastModified": 1759362264,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
"type": "github"
},
"original": {
@@ -183,11 +183,11 @@
]
},
"locked": {
"lastModified": 1756579987,
"narHash": "sha256-duCce8zGsaMsrqqOmLOsuaV1PVIw/vXWnKuLKZClsGg=",
"lastModified": 1759711004,
"narHash": "sha256-B39NxeKCnK3DJlmJKIts6njcXcVVASLUChDNmRl4dxQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "99a69bdf8a3c6bf038c4121e9c4b6e99706a187a",
"rev": "6f4021da5d2bb5ea7cb782ff413ecb7062066820",
"type": "github"
},
"original": {
@@ -212,11 +212,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1754297745,
"narHash": "sha256-aD6/scLN3L4ZszmNbhhd3JQ9Pzv1ScYFphz14wHinfs=",
"lastModified": 1756744479,
"narHash": "sha256-EyZXusK/wRD3V9vDh00W2Re3Eg8UQ+LjVBQrrH9dq1U=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "892cbdca865d6b42f9c0d222fe309f7720259855",
"rev": "747b7912f49e2885090c83364d88cf853a020ac1",
"type": "github"
},
"original": {
@@ -235,11 +235,11 @@
]
},
"locked": {
"lastModified": 1757531256,
"narHash": "sha256-aOqrRvKmHoPKVhEYgV/RbsMXYXy6W9Tt1uhGK3dWMlE=",
"lastModified": 1758632667,
"narHash": "sha256-C0aBPv8vqTI1QNVhygZxL0f49UERx2UejVdtyz67jhs=",
"ref": "refs/heads/main",
"rev": "be7b39f41a1137a68944fc73db5a24544e015eb6",
"revCount": 7,
"rev": "5e0737c20f3c265dbff604170a6433cc1e1a4b41",
"revCount": 8,
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
},
@@ -250,11 +250,11 @@
},
"mnw": {
"locked": {
"lastModified": 1748710831,
"narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=",
"lastModified": 1758834834,
"narHash": "sha256-Y7IvY4F8vajZyp3WGf+KaiIVwondEkMFkt92Cr9NZmg=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d",
"rev": "cfbc7d1cc832e318d0863a5fc91d940a96034001",
"type": "github"
},
"original": {
@@ -289,11 +289,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1756542300,
"narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=",
"lastModified": 1759381078,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d7600c775f877cd87b4f5a831c28aa94137377aa",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github"
},
"original": {
@@ -305,11 +305,11 @@
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1753579242,
"narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"lastModified": 1754788789,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6",
"type": "github"
},
"original": {
@@ -328,11 +328,11 @@
]
},
"locked": {
"lastModified": 1756630008,
"narHash": "sha256-weZiVKbiWQzTifm6qCxzhxghEu5mbh9mWNUdkzOLCR0=",
"lastModified": 1759742968,
"narHash": "sha256-yk56xZpanCPlhowzIEdS2GfPDG0yQ4kE/j85lJbAX1Y=",
"owner": "nix-community",
"repo": "NUR",
"rev": "f6a5a7b60dd6065e78ef06390767e689ffa3c23f",
"rev": "9ea4f672c7138273a4131dd25038da49306685b8",
"type": "github"
},
"original": {
@@ -358,11 +358,11 @@
]
},
"locked": {
"lastModified": 1755463179,
"narHash": "sha256-5Ggb1Mhf7ZlRgGi2puCa2PvWs6KbMnWBlW6KW7Vf79Y=",
"lastModified": 1759469269,
"narHash": "sha256-DP833ejGUNRRHsJOB3WRTaWWXLNucaDga2ju/fGe+sc=",
"owner": "NotAShelf",
"repo": "nvf",
"rev": "03833118267ad32226b014b360692bdce9d6e082",
"rev": "e48638aef3a95377689de0ef940443c64f870a09",
"type": "github"
},
"original": {
@@ -381,11 +381,11 @@
]
},
"locked": {
"lastModified": 1756052001,
"narHash": "sha256-dlLqyHxqiFAoIwshKe9X3PzXcJ+up88Qb2JVQswFaNE=",
"lastModified": 1758268943,
"narHash": "sha256-ufkrvMWvS+tgzs5H5iRZn/okuvmSzRLeBf+zUxES6YE=",
"owner": "icewind1991",
"repo": "nvidia-patch-nixos",
"rev": "780af7357d942fad2ddd9f325615a5f6ea7e37ee",
"rev": "e7358911c8f611eb1eb8e0758aa668d4d2d55cd9",
"type": "github"
},
"original": {
@@ -422,11 +422,11 @@
},
"quadlet-nix": {
"locked": {
"lastModified": 1754008153,
"narHash": "sha256-MYT1mDtSkiVg343agxgBFsnuNU3xS8vRy399JXX1Vw0=",
"lastModified": 1758631655,
"narHash": "sha256-EGeZ963L7xsNAY7snvP1JHQe7LWLVCM6f49+PzWjhEE=",
"owner": "SEIAROTg",
"repo": "quadlet-nix",
"rev": "1b2d27d460d8c7e4da5ba44ede463b427160b5c4",
"rev": "2ebe01b175e2e1e6de3f172d23f0c3b88713eec9",
"type": "github"
},
"original": {
@@ -495,11 +495,11 @@
]
},
"locked": {
"lastModified": 1757531894,
"narHash": "sha256-GwV3ES7n/2mwPeu8FGfViI6QfzbTrvNob3OZOsPQId0=",
"lastModified": 1759752146,
"narHash": "sha256-g30leL+8jLxkYWiM5W2RjnhGyqBtErmeOX3ELK5CRAQ=",
"ref": "refs/heads/main",
"rev": "3d069983345ea83549c641dd3f8875e54aaf1c2b",
"revCount": 12,
"rev": "bc1564ea3eb472f7b843e3237da0d1cd2f6f8e37",
"revCount": 14,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
},
@@ -511,11 +511,11 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1758576944,
"narHash": "sha256-P6fvi2mjyJEUg19BTZ6eb+fRM8V6s2xY1SWQ8gb49U0=",
"lastModified": 1759165833,
"narHash": "sha256-EYAVKr7gGY7MDmgPIYsW3yk96q51UT1vtzlupR8paKg=",
"ref": "refs/heads/main",
"rev": "a9d956a20fc4534fcc7d3da7f0994c499c4ea405",
"revCount": 47,
"rev": "a5c1c552628492281e05e99458f1ca3ec272b448",
"revCount": 48,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
},
@@ -531,11 +531,11 @@
]
},
"locked": {
"lastModified": 1754988908,
"narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
"lastModified": 1759635238,
"narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
"rev": "6e5a38e08a2c31ae687504196a230ae00ea95133",
"type": "github"
},
"original": {
@@ -554,11 +554,11 @@
]
},
"locked": {
"lastModified": 1756614537,
"narHash": "sha256-qyszmZO9CEKAlj5NBQo1AIIADm5Fgqs5ZggW1sU1TVo=",
"lastModified": 1759638324,
"narHash": "sha256-bj0L3n2UWE/DjqFjsydWsSzO74+dqUA4tiOX4At6LbM=",
"owner": "Gerg-L",
"repo": "spicetify-nix",
"rev": "374eb5d97092b97f7aaafd58a2012943b388c0df",
"rev": "c39a58510e55c4970e57176ab14b722a978e5f01",
"type": "github"
},
"original": {
@@ -589,11 +589,11 @@
]
},
"locked": {
"lastModified": 1755934250,
"narHash": "sha256-CsDojnMgYsfshQw3t4zjRUkmMmUdZGthl16bXVWgRYU=",
"lastModified": 1758728421,
"narHash": "sha256-ySNJ008muQAds2JemiyrWYbwbG+V7S5wg3ZVKGHSFu8=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "74e1a52d5bd9430312f8d1b8b0354c92c17453e5",
"rev": "5eda4ee8121f97b218f7cc73f5172098d458f1d1",
"type": "github"
},
"original": {

6
hosts/common/configs/system/nix/default.nix
View File

@@ -42,9 +42,13 @@
"flakes"
];
download-buffer-size = 524288000;
substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
substituters = lib.mkMerge [
(lib.mkBefore [ "https://nix.karaolidis.com/main" ])
(lib.mkAfter [ "https://nix-community.cachix.org/" ])
];
trusted-public-keys = lib.mkBefore [
"nix.karaolidis.com:1yz1tIVLGDEOFC1p/uYtR4Sx+nIbdYDqsDv4kkV0uyk="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
netrc-file = config.sops.templates.nix-netrc.path;
};

4
hosts/common/configs/system/usb/default.nix Normal file
View File

@@ -0,0 +1,4 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ usbutils ];
}

8
hosts/common/configs/user/console/curl/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [
curl
httpie
];
}

9
hosts/common/configs/user/console/git/default.nix
View File

@@ -26,7 +26,10 @@ in
push.autoSetupRemote = true;
core.fsmonitor = true;
feature.manyFiles = true;
fetch.writeCommitGraph = true;
fetch = {
prune = true;
writeCommitGraph = true;
};
http.cookiefile = "${home}/.config/git/cookies";
advice.detachedHead = false;
};
@@ -40,6 +43,10 @@ in
}
);
};
aliases = {
adog = "log --all --decorate --oneline --graph";
};
};
home = {

1
hosts/common/configs/user/console/ip/default.nix
View File

@@ -7,6 +7,7 @@
ipset
ethtool
tcpdump
dig
ipcalc
];
}

20
hosts/common/configs/user/console/lazygit/default.nix Normal file
View File

@@ -0,0 +1,20 @@
{ user, home }:
{ ... }:
{
environment.persistence."/persist/state"."${home}/.local/state/lazygit" = { };
home-manager.users.${user}.programs.lazygit = {
enable = true;
settings = {
gui = {
showBottomLine = false;
nerdFontsVersion = "3";
animateExplosion = false;
};
disableStartupPopups = true;
};
};
}

133
hosts/common/configs/user/console/neovim/default.nix
View File

@@ -27,11 +27,15 @@
vimAlias = true;
autocomplete = {
blink-cmp.enable = true;
blink-cmp = {
enable = true;
setupOpts = {
signature.enabled = true;
};
};
};
binds = {
# hardtime-nvim.enable = true;
whichKey.enable = true;
};
@@ -45,34 +49,23 @@
comment-nvim.enable = true;
};
# dashboard = {
# alpha.enable = true;
# };
dashboard = {
alpha.enable = true;
};
filetree = {
neo-tree = {
enable = true;
setupOpts = {
git_status_async = true;
window.mappings = lib.generators.mkLuaInline ''
{
["<space>"] = "noop",
}
'';
};
diagnostics = {
enable = true;
config = {
virtual_text = true;
signs = true;
};
};
# formatter = {
# conform-nvim.enable = true;
# };
git = {
enable = true;
# git-conflict.enable = true;
git-conflict.enable = true;
gitsigns.enable = true;
# neogit.enable = true;
vim-fugitive.enable = true;
};
languages = {
@@ -116,15 +109,12 @@
lsp = {
enable = true;
formatOnSave = true;
# nvim-docs-view.enable = true;
# otter-nvim.enable = true;
# trouble.enable = true;
otter-nvim = {
enable = true;
setupOpts.handle_leading_whitespace = true;
};
};
# minimap = {
# codewindow.enable = true;
# };
notify = {
nvim-notify.enable = true;
};
@@ -136,16 +126,8 @@
smartindent = true;
};
# projects = {
# project-nvim.enable = true;
# };
searchCase = "smart";
# snippets = {
# luasnip.enable = true;
# };
tabline = {
nvimBufferline = {
enable = true;
@@ -160,20 +142,24 @@
telescope = {
enable = true;
setupOpts.defaults.file_ignore_patterns = [
"node_modules"
"%.venv/"
"%.git/"
"dist/"
"build/"
"target/"
"result/"
];
setupOpts.defaults = {
wrap_results = true;
file_ignore_patterns = [
"node_modules"
"%.venv/"
"%.git/"
"dist/"
"build/"
"target/"
"result/"
];
};
};
terminal = {
toggleterm = {
enable = true;
lazygit.enable = true;
setupOpts.winbar.enabled = false;
};
};
@@ -186,41 +172,39 @@
};
ui = {
# breadcrumbs = {
# enable = true;
# navbuddy.enable = true;
# };
colorizer.enable = true;
# fastaction.enable = true;
# illuminate.enable = true;
illuminate.enable = true;
};
undoFile.enable = true;
utility = {
# diffview-nvim.enable = true;
# icon-picker.enable = true;
# images = {
# img-clip.enable = true;
# };
# mkdir.enable = true;
images = {
img-clip = {
enable = true;
setupOpts.default.verbose = false;
};
};
mkdir.enable = true;
motion = {
precognition.enable = true;
};
# nvim-biscuits.enable = true;
# smart-splits.enable = true;
surround.enable = true;
# undotree.enable = true;
# yazi-nvim.enable = true;
undotree.enable = true;
yazi-nvim = {
enable = true;
setupOpts.open_for_directories = true;
};
};
visuals = {
# cinnamon-nvim.enable = true;
# fidget-nvim.enable = true;
# highlight-undo.enable = true;
highlight-undo = {
enable = true;
setupOpts.duration = 250;
};
indent-blankline.enable = true;
nvim-cursorline.enable = true;
# nvim-scrollbar.enable = true;
nvim-scrollbar.enable = true;
nvim-web-devicons.enable = true;
};
@@ -267,23 +251,16 @@
{
mode = [ "n" ];
key = "<leader>wq";
action = "<cmd>wq<CR>";
action = "<cmd>x<CR>";
silent = true;
desc = "Save & Quit";
}
{
mode = [ "n" ];
key = "<leader>ee";
action = "<cmd>Neotree toggle<CR>";
key = "<leader>be";
action = "<cmd>enew<CR>";
silent = true;
desc = "Toggle Neo-tree";
}
{
mode = [ "n" ];
key = "<leader>ef";
action = "<cmd>Neotree reveal<CR>";
silent = true;
desc = "Reveal file in Neo-tree";
desc = "New buffer";
}
];
};

1
hosts/common/configs/user/console/syncthing/default.nix
View File

@@ -29,7 +29,6 @@
enable = true;
key = config.sops.secrets."syncthing/key".path;
cert = config.sops.secrets."syncthing/cert".path;
extraOptions = [ "-no-default-folder" ];
settings = {
options.urAccepted = -1;

2
hosts/common/configs/user/console/zellij/default.nix
View File

@@ -8,6 +8,8 @@
settings = {
theme = "matugen";
default_mode = "locked";
pane_frames = false;
copy_command = "wl-copy";

2
hosts/common/configs/user/gui/emoji/default.nix
View File

@@ -10,7 +10,7 @@ let
in
{
home-manager.users.${user} = {
programs.rofi.plugins = with pkgs; [ rofi-emoji-wayland ];
programs.rofi.plugins = with pkgs; [ rofi-emoji ];
wayland.windowManager.hyprland.settings.bind = [
# Super + Shift + :

7
hosts/common/configs/user/gui/ghidra/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{ user, home }:
{ ... }:
{
programs.ghidra.enable = true;
environment.persistence."/persist/state"."${home}/.config/ghidra" = { };
}

4
hosts/common/configs/user/gui/hyprland/default.nix
View File

@@ -99,6 +99,8 @@
"$mod, mouse:273, resizewindow"
];
gesture = [ "3, horizontal, workspace" ];
input = {
accel_profile = "flat";
kb_layout = "us,gr";
@@ -114,8 +116,6 @@
};
gestures = {
workspace_swipe = true;
workspace_swipe_min_fingers = true;
workspace_swipe_forever = true;
workspace_swipe_cancel_ratio = 0.2;
};

2
hosts/common/configs/user/gui/rofi/default.nix
View File

@@ -14,7 +14,7 @@ in
home-manager.users.${user} = {
programs.rofi = {
enable = true;
package = pkgs.rofi-wayland;
package = pkgs.rofi;
};
home.file.${hmConfig.programs.rofi.configPath}.enable = false;

7
hosts/common/configs/user/gui/signal/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{ user, home }:
{ pkgs, ... }:
{
environment.persistence."/persist/state"."${home}/.config/Signal" = { };
home-manager.users.${user}.home.packages = with pkgs; [ signal-desktop ];
}

17
hosts/common/configs/user/gui/wireshark/default.nix Normal file
View File

@@ -0,0 +1,17 @@
{ user, home }:
{ pkgs, ... }:
{
programs.wireshark = {
enable = true;
dumpcap.enable = true;
usbmon.enable = true;
};
boot.kernelModules = [ "usbmon" ];
users.users.${user}.extraGroups = [ "wireshark" ];
environment.persistence."/persist/state"."${home}/.config/wireshark" = { };
home-manager.users.${user}.home.packages = with pkgs; [ wireshark ];
}

2
hosts/elara/users/nikara/configs/console/sas/default.nix
View File

@@ -36,7 +36,7 @@ in
programs = {
go = {
enable = true;
goPath = ".local/share/go";
env.GOPATH = "${home}/.local/share/go";
};
gradle = {

33
hosts/elara/users/nikara/configs/console/wsl/default.nix
View File

@@ -1,36 +1,5 @@
{ user, home }:
{ config, pkgs, ... }:
let
systemctl = "${pkgs.systemd}/bin/systemctl";
in
{ pkgs, ... }:
{
# FIXME: https://github.com/nix-community/NixOS-WSL/issues/375
# FIXME: https://github.com/Mic92/sops-nix/issues/687
# FIXME: https://github.com/microsoft/WSL/issues/8842
# FIXME: https://github.com/microsoft/WSL/issues/10205
# Fuck Microsoft.
security.sudo.extraRules = [
{
users = [ config.users.users.${user}.name ];
commands = [
{
command = "${systemctl} restart user@${toString config.users.users.${user}.uid}.service";
options = [ "NOPASSWD" ];
}
{
command = "${systemctl} restart user@${toString config.users.users.${user}.uid}";
options = [ "NOPASSWD" ];
}
];
}
];
users.users.${user}.shell = pkgs.writeShellApplication {
name = "wsl-zsh";
runtimeInputs = with pkgs; [ systemd ];
text = builtins.readFile ./wsl-zsh.sh;
passthru.shellPath = "/bin/wsl-zsh";
};
home-manager.users.${user}.home.packages = with pkgs; [ wsl-wl-clipboard ];
}

15
hosts/elara/users/nikara/configs/console/wsl/wsl-zsh.sh
View File

@@ -1,15 +0,0 @@
# shellcheck shell=bash
user_bus="${DBUS_SESSION_BUS_ADDRESS#unix:path=}"
if [ -S "$user_bus" ]; then
exec zsh
fi
until [ -S /run/dbus/system_bus_socket ]; do
sleep 0.1
done
sudo systemctl restart "user@${UID}.service"
exec zsh

2
hosts/elara/users/nikara/default.nix
View File

@@ -16,6 +16,7 @@ in
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/curl { inherit user home; })
(import ../../../common/configs/user/console/dive { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
(import ../../../common/configs/user/console/ffmpeg { inherit user home; })
@@ -26,6 +27,7 @@ in
(import ../../../common/configs/user/console/ip { inherit user home; })
(import ../../../common/configs/user/console/jq { inherit user home; })
(import ../../../common/configs/user/console/kubernetes { inherit user home; })
(import ../../../common/configs/user/console/lazygit { inherit user home; })
(import ../../../common/configs/user/console/lsof { inherit user home; })
(import ../../../common/configs/user/console/mprocs { inherit user home; })
(import ../../../common/configs/user/console/ncdu { inherit user home; })

1
hosts/himalia/default.nix
View File

@@ -45,6 +45,7 @@
../common/configs/system/system
../common/configs/system/timezone
../common/configs/system/upower
../common/configs/system/usb
../common/configs/system/users
../common/configs/system/zsh

4
hosts/himalia/hardware/default.nix
View File

@@ -62,10 +62,6 @@
name = "alc285-fixup";
patch = ./gu605c-spi-cs-gpio/alc285-fixup.patch;
}
{
name = "iwlwifi-no-disable-all-chans";
patch = ./iwlwifi/iwlwifi-no-disable-all-chans.patch;
}
];
initrd = {

26
hosts/himalia/hardware/iwlwifi/iwlwifi-no-disable-all-chans.patch
View File

@@ -1,26 +0,0 @@
diff --git a/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c b/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c
index 6adcfa6e214a..4512d846629c 100644
--- a/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c
+++ b/drivers/net/wireless/intel/iwlwifi/fw/regulatory.c
@@ -622,7 +622,7 @@ int iwl_fill_lari_config(struct iwl_fw_runtime *fwrt,
cmd->oem_uhb_allow_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_FORCE_DISABLE_CHANNELS, &value);
- if (!ret)
+ if (!ret && value != 0xFFFFFFFF)
cmd->force_disable_channels_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_ENERGY_DETECTION_THRESHOLD,
diff --git a/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c b/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c
index a75af8c1e8ab..e055a946b9e6 100644
--- a/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c
+++ b/drivers/net/wireless/intel/iwlwifi/mld/regulatory.c
@@ -259,7 +259,7 @@ void iwl_mld_configure_lari(struct iwl_mld *mld)
cmd.oem_uhb_allow_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_FORCE_DISABLE_CHANNELS, &value);
- if (!ret)
+ if (!ret && value != 0xFFFFFFFF)
cmd.force_disable_channels_bitmap = cpu_to_le32(value);
ret = iwl_bios_get_dsm(fwrt, DSM_FUNC_ENERGY_DETECTION_THRESHOLD,

5
hosts/himalia/users/nick/default.nix
View File

@@ -18,6 +18,7 @@ in
(import ../../../common/configs/user/console/attic { inherit user home; })
(import ../../../common/configs/user/console/brightnessctl { inherit user home; })
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/curl { inherit user home; })
(import ../../../common/configs/user/console/dive { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
(import ../../../common/configs/user/console/ffmpeg { inherit user home; })
@@ -27,6 +28,7 @@ in
(import ../../../common/configs/user/console/imagemagick { inherit user home; })
(import ../../../common/configs/user/console/ip { inherit user home; })
(import ../../../common/configs/user/console/jq { inherit user home; })
(import ../../../common/configs/user/console/lazygit { inherit user home; })
(import ../../../common/configs/user/console/libvirt { inherit user home; })
(import ../../../common/configs/user/console/lsof { inherit user home; })
(import ../../../common/configs/user/console/mprocs { inherit user home; })
@@ -68,6 +70,7 @@ in
(import ../../../common/configs/user/gui/gaming/prismlauncher { inherit user home; })
(import ../../../common/configs/user/gui/gaming/proton { inherit user home; })
(import ../../../common/configs/user/gui/gaming/wivrn { inherit user home; })
(import ../../../common/configs/user/gui/ghidra { inherit user home; })
(import ../../../common/configs/user/gui/gtk { inherit user home; })
(import ../../../common/configs/user/gui/hypridle { inherit user home; })
(import ../../../common/configs/user/gui/hyprland { inherit user home; })
@@ -85,11 +88,13 @@ in
(import ../../../common/configs/user/gui/qt { inherit user home; })
(import ../../../common/configs/user/gui/rofi { inherit user home; })
(import ../../../common/configs/user/gui/rquickshare { inherit user home; })
(import ../../../common/configs/user/gui/signal { inherit user home; })
(import ../../../common/configs/user/gui/swww { inherit user home; })
(import ../../../common/configs/user/gui/theme { inherit user home; })
(import ../../../common/configs/user/gui/transmission { inherit user home; })
(import ../../../common/configs/user/gui/vscode { inherit user home; })
(import ../../../common/configs/user/gui/wev { inherit user home; })
(import ../../../common/configs/user/gui/wireshark { inherit user home; })
(import ../../../common/configs/user/gui/wl-clipboard { inherit user home; })
(import ../../../common/configs/user/gui/x11 { inherit user home; })
(import ../../../common/configs/user/gui/xdg { inherit user home; })

1
hosts/installer/default.nix
View File

@@ -37,6 +37,7 @@
../common/configs/system/sudo
../common/configs/system/system
../common/configs/system/timezone
../common/configs/system/usb
../common/configs/system/users
../common/configs/system/zsh

2
hosts/jupiter-vps/default.nix
View File

@@ -35,7 +35,7 @@
networking = {
hostName = "jupiter-vps";
publicIPv4 = "51.75.170.190";
publicIPv4 = "217.154.55.15";
};
environment.impermanence.enable = lib.mkForce false;

2
hosts/jupiter-vps/format.nix
View File

@@ -1,7 +1,7 @@
{
disko.devices = {
disk.main = {
device = "/dev/sda";
device = "/dev/vda";
type = "disk";
content = {
type = "gpt";

4
hosts/jupiter/configs/tv/default.nix
View File

@@ -190,6 +190,10 @@ in
"msvdn.net"
"theplatform.eu"
"theplatform.com"
# Releases
"github.com"
"release-assets.githubusercontent.com"
];
in
[ "||*^" ] ++ (map (domain: "@@||${domain}^$important") domains);

3
hosts/jupiter/default.nix
View File

@@ -39,6 +39,7 @@
../common/configs/system/sshd
../common/configs/system/sudo
../common/configs/system/system
../common/configs/system/usb
../common/configs/system/users
../common/configs/system/zsh
@@ -54,7 +55,7 @@
networking = {
hostName = "jupiter";
publicIPv4 = "51.89.210.124";
publicIPv4 = "87.106.36.59";
};
boot.initrd = {

19
hosts/jupiter/hardware/default.nix
View File

@@ -22,12 +22,22 @@
# FIXME: https://github.com/icewind1991/nvidia-patch-nixos/issues/9
package =
let
nvidiaStable = config.boot.kernelPackages.nvidiaPackages.stable;
# FIXME: HDMI Crash, God knows when it will be reported and/or fixed
nvidiaStable = config.boot.kernelPackages.nvidiaPackages.mkDriver {
version = "580.82.09";
sha256_64bit = "sha256-Puz4MtouFeDgmsNMKdLHoDgDGC+QRXh6NVysvltWlbc=";
sha256_aarch64 = "sha256-6tHiAci9iDTKqKrDIjObeFdtrlEwjxOHJpHfX4GMEGQ=";
openSha256 = "sha256-YB+mQD+oEDIIDa+e8KX1/qOlQvZMNKFrI5z3CoVKUjs=";
settingsSha256 = "sha256-um53cr2Xo90VhZM1bM2CH4q9b/1W2YOqUcvXPV6uw2s=";
persistencedSha256 = "sha256-lbYSa97aZ+k0CISoSxOMLyyMX//Zg2Raym6BC4COipU=";
};
maybeFbc =
if builtins.hasAttr nvidiaStable.version pkgs.nvidia-patch-list.fbc then
pkgs.nvidia-patch.patch-fbc nvidiaStable
else
nvidiaStable;
nvidiaStableFinal =
if builtins.hasAttr nvidiaStable.version pkgs.nvidia-patch-list.nvenc then
pkgs.nvidia-patch.patch-nvenc maybeFbc
@@ -53,8 +63,6 @@
graphics = {
enable32Bit = true;
extraPackages = with pkgs; [
amdvlk
driversi686Linux.amdvlk
rocmPackages.clr
rocmPackages.clr.icd
];
@@ -92,10 +100,7 @@
];
};
nixpkgs.config = {
cudaSupport = true;
rocmSupport = true;
};
nixpkgs.config.cudaSupport = true;
services = {
xserver.videoDrivers = [ "nvidia" ];

1
hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
View File

@@ -136,6 +136,7 @@ in
"outline"
"shlink"
"comentario"
"immich"
];
};
}

12
hosts/jupiter/users/storm/configs/console/podman/blog/default.nix
View File

@@ -31,6 +31,14 @@ in
labels = [
"traefik.enable=true"
"traefik.http.routers.blog.rule=Host(`blog.karaolidis.com`)"
"traefik.http.routers.root.rule=Host(`karaolidis.com`) || Host(`www.karaolidis.com`)"
"traefik.http.routers.root.middlewares=redirect-root-to-blog"
"traefik.http.routers.root.service=noop@internal"
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.regex=^https://(www\.)?karaolidis\.com(/.*)?$"
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.replacement=https://blog.karaolidis.com$${2}"
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.permanent=false"
];
};
@@ -47,10 +55,6 @@ in
labels = [
"traefik.enable=true"
"traefik.http.routers.blog-receiver.rule=Host(`blog.karaolidis.com`) && PathPrefix(`/upload`)"
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.regex=^https://(www\.)?karaolidis\.com(/.*)?$"
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.replacement=https://blog.karaolidis.com$${2}"
"traefik.http.middlewares.redirect-root-to-blog.redirectregex.permanent=false"
];
};

2
hosts/jupiter/users/storm/configs/console/podman/comentario/default.nix
View File

@@ -89,7 +89,7 @@ in
"email"
"is_admin"
];
pre_configured_consent_duration = "1 month";
pre_configured_consent_duration = "1 year";
}
];
};

1
hosts/jupiter/users/storm/configs/console/podman/default.nix
View File

@@ -16,6 +16,7 @@ in
(import ./comentario { inherit user home; })
(import ./gitea { inherit user home; })
(import ./grafana { inherit user home; })
(import ./immich { inherit user home; })
(import ./littlelink { inherit user home; })
(import ./lore { inherit user home; })
(import ./media { inherit user home; })

2
hosts/jupiter/users/storm/configs/console/podman/gitea/default.nix
View File

@@ -196,7 +196,7 @@ in
client_secret = hmConfig.sops.placeholder."gitea/authelia/digest";
redirect_uris = [ "https://git.karaolidis.com/user/oauth2/authelia/callback" ];
authorization_policy = "gitea";
pre_configured_consent_duration = "1 month";
pre_configured_consent_duration = "1 year";
}
];
};

2
hosts/jupiter/users/storm/configs/console/podman/grafana/alerting/rules.yaml
View File

@@ -347,7 +347,7 @@ groups:
type: threshold
noDataState: NoData
execErrState: Error
for: 1m
for: 15m
keepFiringFor: 5m
isPaused: false
notification_settings:

2
hosts/jupiter/users/storm/configs/console/podman/grafana/default.nix
View File

@@ -33,7 +33,7 @@ in
authorization_policy = "admin_one_factor";
require_pkce = true;
pkce_challenge_method = "S256";
pre_configured_consent_duration = "1 month";
pre_configured_consent_duration = "1 year";
}
];
}

215
hosts/jupiter/users/storm/configs/console/podman/immich/default.nix Normal file
View File

@@ -0,0 +1,215 @@
{ user, home }:
{
config,
inputs,
pkgs,
lib,
...
}:
let
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes containers networks;
autheliaClientId = "kwrm5k1Bgwqd4BCXiWp0feL6adpthOn0GGgQ9iIVW7IH1UIj7bA2HVj9Jv42hUheoYoE8wWJpQi8woPomrSJIauTmsBMMFTTrI6r";
in
{
home-manager.users.${user} = {
sops = {
secrets = {
"immich/smtp".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"immich/postgresql".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"immich/admin".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"immich/authelia/password".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
"immich/authelia/digest".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
};
templates = {
immich-postgresql-env.content = ''
POSTGRES_PASSWORD=${hmConfig.sops.placeholder."immich/postgresql"}
'';
immich-env.content = ''
DB_PASSWORD=${hmConfig.sops.placeholder."immich/postgresql"}
IMMICH_ADMIN_PASSWORD=${hmConfig.sops.placeholder."immich/admin"}
'';
immich.content = builtins.readFile (
(pkgs.formats.json { }).generate "config.json" {
ffmpeg = {
accel = "nvenc";
accelDecode = true;
};
oauth = {
enabled = true;
buttonText = "Login with Authelia";
clientId = autheliaClientId;
clientSecret = hmConfig.sops.placeholder."immich/authelia/password";
issuerUrl = "https://id.karaolidis.com/.well-known/openid-configuration";
scope = lib.strings.concatStringsSep " " [
"openid"
"profile"
"email"
];
};
passwordLogin.enabled = true;
newVersionCheck.enabled = false;
library.watch.enabled = true;
server.externalDomain = "https://photos.karaolidis.com";
notifications.smtp = {
enabled = true;
from = "jupiter@karaolidis.com";
transport = {
host = "smtp.protonmail.ch";
port = 587;
username = "jupiter@karaolidis.com";
password = hmConfig.sops.placeholder."immich/smtp";
};
};
}
);
authelia-immich.content = builtins.readFile (
(pkgs.formats.yaml { }).generate "immich.yaml" {
identity_providers.oidc = {
authorization_policies.immich = {
default_policy = "deny";
rules = [
{
policy = "one_factor";
subject = "group:immich";
}
];
};
clients = [
{
client_id = autheliaClientId;
client_name = "immich";
client_secret = hmConfig.sops.placeholder."immich/authelia/digest";
redirect_uris = [
"https://photos.karaolidis.com/auth/login"
"https://photos.karaolidis.com/user-settings"
"app.immich:///oauth-callback"
];
authorization_policy = "immich";
scopes = [
"openid"
"profile"
"email"
];
token_endpoint_auth_method = "client_secret_post";
pre_configured_consent_duration = "1 year";
}
];
};
}
);
};
};
systemd.user.tmpfiles.rules = [
"d /mnt/storage/private/storm/containers/storage/volumes/immich/_data 700 storm storm"
];
virtualisation.quadlet = {
networks.immich = { };
volumes = {
immich-redis = { };
immich-postgresql = { };
immich-machine-learning-cache = { };
};
containers = {
immich = {
containerConfig = {
image = "docker-archive:${pkgs.dockerImages.immich}";
volumes =
let
postStart = pkgs.writeTextFile {
name = "post-start.sh";
executable = true;
text = builtins.readFile ./post-start.sh;
};
in
[
"${hmConfig.sops.templates.immich.path}:/etc/immich/config.json:ro"
"${postStart}:/etc/immich/post-start.sh:ro"
"/mnt/storage/private/storm/containers/storage/volumes/immich/_data:/var/lib/immich"
];
networks = [
networks.immich.ref
networks.traefik.ref
];
labels = [
"traefik.enable=true"
"traefik.http.routers.immich.rule=Host(`photos.karaolidis.com`)"
];
environments = {
DB_HOSTNAME = "immich-postgresql";
DB_USERNAME = "immich";
DB_DATABASE_NAME = "immich";
REDIS_HOSTNAME = "immich-redis";
IMMICH_ADMIN_EMAIL = "jupiter@karaolidis.com";
IMMICH_ADMIN_NAME = "Admin";
};
environmentFiles = [ hmConfig.sops.templates.immich-env.path ];
podmanArgs = [ "--cdi-spec-dir=/run/cdi" ];
devices = [ "nvidia.com/gpu=all" ];
};
unitConfig = {
After = [
"${containers.immich-postgresql._serviceName}.service"
"${containers.immich-redis._serviceName}.service"
"sops-nix.service"
];
Requires = [
"${containers.immich-postgresql._serviceName}.service"
"${containers.immich-redis._serviceName}.service"
];
};
};
immich-machine-learning.containerConfig = {
image = "docker-archive:${pkgs.dockerImages.immich-machine-learning}";
volumes = [ "${volumes.immich-machine-learning-cache.ref}:/tmp/immich-machine-learning" ];
networks = [ networks.immich.ref ];
podmanArgs = [ "--cdi-spec-dir=/run/cdi" ];
devices = [ "nvidia.com/gpu=all" ];
};
immich-postgresql = {
containerConfig = {
image = "docker-archive:${pkgs.dockerImages.postgresql-vectorchord}";
networks = [ networks.immich.ref ];
volumes = [ "${volumes.immich-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {
POSTGRES_DB = "immich";
POSTGRES_USER = "immich";
};
environmentFiles = [ hmConfig.sops.templates.immich-postgresql-env.path ];
};
unitConfig.After = [ "sops-nix.service" ];
};
immich-redis.containerConfig = {
image = "docker-archive:${pkgs.dockerImages.redis}";
networks = [ networks.immich.ref ];
volumes = [ "${volumes.immich-redis.ref}:/var/lib/redis" ];
exec = [ "--save 60 1" ];
};
authelia.containerConfig.volumes = [
"${hmConfig.sops.templates.authelia-immich.path}:/etc/authelia/conf.d/immich.yaml:ro"
];
};
};
};
}

22
hosts/jupiter/users/storm/configs/console/podman/immich/post-start.sh Normal file
View File

@@ -0,0 +1,22 @@
# shellcheck shell=sh
IMMICH_HOST="${IMMICH_HOST:-http://localhost:2283}"
IMMICH_ADMIN_NAME="${IMMICH_ADMIN_NAME:-Admin}"
until response="$(curl -sf "$IMMICH_HOST/api/server/config")"; do
echo "Waiting for Immich to be ready..."
sleep 1
done
is_initialized="$(echo "$response" | jq -r '.isInitialized')"
if [ "$is_initialized" = "false" ]; then
curl -sf "$IMMICH_HOST/api/auth/admin-sign-up" \
-X POST \
-H 'Content-Type: application/json' \
--data-raw '{
"email":"'"$IMMICH_ADMIN_EMAIL"'",
"password":"'"$IMMICH_ADMIN_PASSWORD"'",
"name":"'"$IMMICH_ADMIN_NAME"'"
}'
fi

4
hosts/jupiter/users/storm/configs/console/podman/media/plex/post-start.sh
View File

@@ -86,7 +86,7 @@ EOF
build_shows_payload() {
cat <<-EOF
name=Shows&type=show&agent=tv.plex.agents.series&scanner=Plex%20TV%20Series&language=en-US&location=%2Fvar%2Flib%2Fmedia%2Flibraries%2Fshows&prefs%5BuseSeasonTitles%5D=1&prefs%5BuseRedbandTrailers%5D=1&prefs%5BincludeAdultContent%5D=1&prefs%5BcollectionMode%5D=1&prefs%5BenableAdMarkerGeneration%5D=2
name=Shows&type=show&agent=tv.plex.agents.series&scanner=Plex%20TV%20Series&language=en-US&location=%2Fvar%2Flib%2Fmedia%2Flibraries%2Fshows&prefs%5BshowOrdering%5D=aired&prefs%5BuseSeasonTitles%5D=1&prefs%5BuseRedbandTrailers%5D=1&prefs%5BincludeAdultContent%5D=1&prefs%5BcollectionMode%5D=1&prefs%5BenableAdMarkerGeneration%5D=2
EOF
}
@@ -98,7 +98,7 @@ EOF
build_anime_shows_payload() {
cat <<-EOF
name=Shows%20%28Anime%29&type=show&agent=tv.plex.agents.series&scanner=Plex%20TV%20Series&language=en-US&location=%2Fvar%2Flib%2Fmedia%2Flibraries%2Fanime%2Fshows&prefs%5Bcountry%5D=JP&prefs%5BuseSeasonTitles%5D=1&prefs%5BuseRedbandTrailers%5D=1&prefs%5BincludeAdultContent%5D=1&prefs%5BcollectionMode%5D=1&prefs%5BenableAdMarkerGeneration%5D=2
name=Shows%20%28Anime%29&type=show&agent=tv.plex.agents.series&scanner=Plex%20TV%20Series&language=en-US&location=%2Fvar%2Flib%2Fmedia%2Flibraries%2Fanime%2Fshows&prefs%5Bcountry%5D=JP&prefs%5BshowOrdering%5D=aired&prefs%5BuseSeasonTitles%5D=1&prefs%5BuseRedbandTrailers%5D=1&prefs%5BincludeAdultContent%5D=1&prefs%5BcollectionMode%5D=1&prefs%5BenableAdMarkerGeneration%5D=2
EOF
}

3
hosts/jupiter/users/storm/configs/console/podman/media/transmission/default.nix
View File

@@ -33,8 +33,7 @@ in
volumes =
let
config = (pkgs.formats.json { }).generate "settings.override.json" {
ratio-limit-enabled = true;
ratio-limit = 5;
ratio-limit-enabled = false;
download-queue-enabled = false;
peer-limit-per-torrent = 100;
peer-limit-global = 1000;

2
hosts/jupiter/users/storm/configs/console/podman/nextcloud/default.nix
View File

@@ -137,7 +137,7 @@ in
"groups"
"is_admin"
];
pre_configured_consent_duration = "1 month";
pre_configured_consent_duration = "1 year";
}
];
};

2
hosts/jupiter/users/storm/configs/console/podman/outline/default.nix
View File

@@ -65,7 +65,7 @@ in
];
response_types = [ "code" ];
token_endpoint_auth_method = "client_secret_post";
pre_configured_consent_duration = "1 month";
pre_configured_consent_duration = "1 year";
}
];
};

2
hosts/jupiter/users/storm/configs/console/podman/vaultwarden/default.nix
View File

@@ -64,7 +64,7 @@ in
"offline_access"
];
response_types = [ "code" ];
pre_configured_consent_duration = "1 month";
pre_configured_consent_duration = "1 year";
}
];
};

5
overlays/default.nix
View File

@@ -3,7 +3,7 @@ final: prev:
android-tools = import ./android-tools final prev;
attic-client = import ./attic-client final prev;
darktable = import ./darktable final prev;
hyprland = import ./hyprland final prev;
go-swagger = import ./go-swagger final prev;
mpv = import ./mpv final prev;
spicetify-cli = import ./spicetify-cli final prev;
tea = import ./tea final prev;
@@ -24,6 +24,8 @@ final: prev:
grafana-image-renderer = final.docker-image-grafana-image-renderer;
grafana-to-ntfy = final.docker-image-grafana-to-ntfy;
grafana = final.docker-image-grafana;
immich = final.docker-image-immich;
immich-machine-learning = final.docker-image-immich-machine-learning;
jellyseerr = final.docker-image-jellyseerr;
littlelink-server = final.docker-image-littlelink-server;
mariadb = final.docker-image-mariadb;
@@ -36,6 +38,7 @@ final: prev:
outline = final.docker-image-outline;
plex = final.docker-image-plex;
postgresql = final.docker-image-postgresql;
postgresql-vectorchord = final.docker-image-postgresql-vectorchord;
prometheus = final.docker-image-prometheus;
prometheus-fail2ban-exporter = final.docker-image-prometheus-fail2ban-exporter;
prometheus-node-exporter = final.docker-image-prometheus-node-exporter;

13
overlays/go-swagger/default.nix Normal file
View File

@@ -0,0 +1,13 @@
final: prev:
# FIXME: https://github.com/go-swagger/go-swagger/issues/3220
# FIXME: https://github.com/go-swagger/go-swagger/issues/3229
prev.go-swagger.overrideAttrs (oldAttrs: {
src = final.fetchFromGitHub {
owner = "go-swagger";
repo = "go-swagger";
rev = "717e3cb29becaaf00e56953556c6d80f8a01b286";
hash = "sha256-IuIVc7NwfXSBQ2tojD4LY7I18k5MJaVeDDPsi/OBFL0=";
};
vendorHash = "sha256-x3fTIXmI5NnOKph1D84MHzf1Kod+WLYn1JtnWLr4x+U=";
})

4
overlays/hyprland/default.nix
View File

@@ -1,4 +0,0 @@
final: prev:
prev.hyprland.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./fix-maxwidth-resolution-mode.patch ];
})

13
overlays/hyprland/fix-maxwidth-resolution-mode.patch
View File

@@ -1,13 +0,0 @@
diff --git a/src/config/ConfigManager.cpp b/src/config/ConfigManager.cpp
index 635c7977..80093c0d 100644
--- a/src/config/ConfigManager.cpp
+++ b/src/config/ConfigManager.cpp
@@ -2091,6 +2091,8 @@ bool CMonitorRuleParser::parseMode(const std::string& value) {
m_rule.resolution = Vector2D(-1, -1);
else if (value.starts_with("highres"))
m_rule.resolution = Vector2D(-1, -2);
+ else if (value.starts_with("maxwidth"))
+ m_rule.resolution = Vector2D(-1, -3);
else if (parseModeLine(value, m_rule.drmMode)) {
m_rule.resolution = Vector2D(m_rule.drmMode.hdisplay, m_rule.drmMode.vdisplay);
m_rule.refreshRate = float(m_rule.drmMode.vrefresh) / 1000;

1
overlays/packages.nix
View File

@@ -4,7 +4,6 @@
android-tools
attic-client
darktable
hyprland
mpv
spicetify-cli
tea

7
overlays/tea/default.nix
View File

@@ -1,15 +1,10 @@
final: prev:
prev.tea.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [
# feat: add user auth via env
(builtins.fetchurl {
url = "https://gitea.com/gitea/tea/pulls/639.patch";
sha256 = "sha256:0c5gpi6aajd3h0wp7lrvj5qk9wsqhgbap7ijvl0x117v0g8mgzvs";
})
# fix: evaluate env login in repo context
(builtins.fetchurl {
url = "https://gitea.com/gitea/tea/pulls/809.patch";
sha256 = "sha256:1mmsnzabcdy5lihs51kbx8r1vcr51rfj9a8gl5894jm7qvng7c5d";
sha256 = "sha256:1pzp4z49nzdd0rd03d6gmdrkn95vxmamykpz10giampssjn31sn3";
})
];
})

8
packages/comentario/default.nix
View File

@@ -2,19 +2,19 @@
# AUTO-UPDATE: nix-update --flake comentario --version=branch=dev --subpackage frontend
pkgs.buildGo125Module (finalAttrs: {
pname = "comentario";
version = "3.14.0-unstable-2025-09-20";
version = "3.14.0-unstable-2025-10-03";
src = pkgs.fetchFromGitLab {
owner = "comentario";
repo = "comentario";
# FIXME: Stable rev once type error is fixed
rev = "73cf8040cb9adb31794ec780e5905c2e747ca63f";
hash = "sha256-8rch1sL81wQblaUBebUA/C2HxtAfYHPadt2X2qJWJIk=";
rev = "4f493bb2a8cfe6f72dea8aeb3c13671e90c667dc";
hash = "sha256-L1QcDgjWin7DT3XMyTAMl4f8hnC5d7inemzBLFMppi0=";
};
patches = [ ./superuser-claim.patch ];
vendorHash = "sha256-AOI/WnVkrSgJlT2FtYOTuifOPw8sfc4C0g/prVkvJlA=";
vendorHash = "sha256-tnnSJN3CEDbuj4/B0PBwpYCdm3SOgSbvC7htS9+9pr4=";
nativeBuildInputs = with pkgs; [
go-swagger

3
packages/default.nix
View File

@@ -17,6 +17,8 @@
docker-image-grafana-image-renderer = import ./docker/grafana-image-renderer { inherit pkgs; };
docker-image-grafana-to-ntfy = import ./docker/grafana-to-ntfy { inherit pkgs; };
docker-image-grafana = import ./docker/grafana { inherit pkgs; };
docker-image-immich = import ./docker/immich { inherit pkgs; };
docker-image-immich-machine-learning = import ./docker/immich-machine-learning { inherit pkgs; };
docker-image-jellyseerr = import ./docker/jellyseerr { inherit pkgs; };
docker-image-littlelink-server = import ./docker/littlelink-server { inherit pkgs; };
docker-image-mariadb = import ./docker/mariadb { inherit pkgs; };
@@ -29,6 +31,7 @@
docker-image-outline = import ./docker/outline { inherit pkgs; };
docker-image-plex = import ./docker/plex { inherit pkgs; };
docker-image-postgresql = import ./docker/postgresql { inherit pkgs; };
docker-image-postgresql-vectorchord = import ./docker/postgresql-vectorchord { inherit pkgs; };
docker-image-prometheus = import ./docker/prometheus { inherit pkgs; };
docker-image-prometheus-fail2ban-exporter = import ./docker/prometheus-fail2ban-exporter {
inherit pkgs;

41
packages/docker/immich-machine-learning/default.nix Normal file
View File

@@ -0,0 +1,41 @@
{ pkgs, ... }:
let
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
destination = "/bin/entrypoint";
text = builtins.readFile ./entrypoint.sh;
};
in
pkgs.dockerTools.buildImage {
name = "immich-machine-learning";
fromImage = pkgs.docker-image-base;
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with pkgs; [
entrypoint
immich-machine-learning
];
pathsToLink = [
"/bin"
"/lib"
"/share"
"/nix-support"
];
};
config = {
Entrypoint = [ "entrypoint" ];
Volumes = {
"/tmp/immich-machine-learning" = { };
};
Env = [
"IMMICH_LOG_LEVEL=warn"
"MACHINE_LEARNING_CACHE_FOLDER=/tmp/immich-machine-learning"
];
ExposedPorts = {
"3003/tcp" = { };
};
};
}

19
packages/docker/immich-machine-learning/entrypoint.sh Normal file
View File

@@ -0,0 +1,19 @@
#!/usr/bin/env sh
set -o errexit
set -o nounset
LOG_PIPE="$(mktemp -u)"
mkfifo "$LOG_PIPE"
(
while IFS= read -r line; do
if echo "$line" | grep -qEi "\[(WARN|ERROR)\]"; then
echo "$line" >&2
else
echo "$line"
fi
done < "$LOG_PIPE"
) &
exec machine-learning "$@" > "$LOG_PIPE" 2>&1

42
packages/docker/immich/default.nix Normal file
View File

@@ -0,0 +1,42 @@
{ pkgs, ... }:
let
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
destination = "/bin/entrypoint";
text = builtins.readFile ./entrypoint.sh;
};
in
pkgs.dockerTools.buildImage {
name = "immich";
fromImage = pkgs.docker-image-base;
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with pkgs; [
entrypoint
immich
curl
jq
];
pathsToLink = [
"/bin"
"/lib"
];
};
config = {
Entrypoint = [ "entrypoint" ];
Volumes = {
"/var/lib/immich" = { };
};
WorkingDir = "/var/lib/immich";
Env = [
"IMMICH_CONFIG_FILE=/etc/immich/config.json"
"IMMICH_MEDIA_LOCATION=/var/lib/immich"
];
ExposedPorts = {
"2283/tcp" = { };
};
};
}

16
packages/docker/immich/entrypoint.sh Normal file
View File

@@ -0,0 +1,16 @@
#!/usr/bin/env sh
set -o errexit
set -o nounset
server "$@" &
PID="$!"
if [ -f /etc/immich/post-start.sh ]; then
# shellcheck disable=SC1091
. /etc/immich/post-start.sh
fi
trap 'kill -KILL "$PID"' INT TERM
wait "$PID"
exit $?

2
packages/docker/plex/entrypoint.sh
View File

@@ -6,10 +6,12 @@ set -o nounset
PREFERENCES="/var/lib/plex/Plex Media Server/Preferences.xml"
TEMPLATE_PREFERENCES="/etc/plex/Preferences.xml"
# shellcheck disable=SC2317
getPref() {
xmlstarlet sel -t -v "/Preferences/@$1" "$PREFERENCES" 2>/dev/null || true
}
# shellcheck disable=SC2317
setPref() {
name="$1"
value="$2"

100
packages/docker/postgresql-vectorchord/default.nix Normal file
View File

@@ -0,0 +1,100 @@
{ pkgs, ... }:
let
postgresql = pkgs.postgresql.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ../postgresql/allow-root.patch ];
});
# https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/sql/postgresql/generic.nix
postgresqlVectorchord =
let
installedExtensions = with postgresql.pkgs; [
pgvector
vectorchord
];
finalPackage = pkgs.buildEnv {
name = "${postgresql.pname}-vectorchord";
paths = installedExtensions ++ [
postgresql
postgresql.man
];
pathsToLink = [
"/"
"/bin"
"/share/postgresql/extension"
"/share/postgresql/timezonesets"
"/share/postgresql/tsearch_data"
];
nativeBuildInputs = with pkgs; [ makeBinaryWrapper ];
postBuild =
let
args = pkgs.lib.concatMap (ext: ext.wrapperArgs or [ ]) installedExtensions;
in
''
wrapProgram "$out/bin/postgres" ${pkgs.lib.concatStringsSep " " args}
'';
passthru = {
inherit installedExtensions;
inherit (postgresql) pkgs psqlSchema version;
pg_config = postgresql.pg_config.override {
outputs = {
out = finalPackage;
man = finalPackage;
};
};
};
};
in
finalPackage;
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
destination = "/bin/entrypoint";
text = builtins.readFile ../postgresql/entrypoint.sh;
};
init = pkgs.writeTextDir "/etc/postgresql/init.sh" (builtins.readFile ./init.sh);
in
pkgs.dockerTools.buildImage {
name = "postgresql-vectorchord";
fromImage = pkgs.docker-image-base;
copyToRoot = pkgs.buildEnv {
name = "root";
paths = [
entrypoint
postgresqlVectorchord
init
];
pathsToLink = [
"/bin"
"/lib"
"/share"
];
};
runAsRoot = ''
mkdir -p /etc/postgresql /run/postgresql
cp ${postgresql}/share/postgresql/postgresql.conf.sample /etc/postgresql/postgresql.conf
${pkgs.gnused}/bin/sed -ri "s!^#?(listen_addresses)\s*=\s*\S+.*!\1 = '*'!" /etc/postgresql/postgresql.conf
${pkgs.gnused}/bin/sed -ri "s/^#shared_preload_libraries = '''/shared_preload_libraries = 'vchord'/" /etc/postgresql/postgresql.conf
'';
config = {
Entrypoint = [ "entrypoint" ];
ExposedPorts = {
"5432/tcp" = { };
};
WorkingDir = "/var/lib/postgresql";
Volumes = {
"/var/lib/postgresql/data" = { };
};
};
}

3
packages/docker/postgresql-vectorchord/init.sh Normal file
View File

@@ -0,0 +1,3 @@
# shellcheck shell=sh
psql --username="$POSTGRES_USER" -d postgres -c "CREATE EXTENSION IF NOT EXISTS vchord CASCADE;"

9
packages/docker/postgresql/entrypoint.sh
View File

@@ -31,13 +31,18 @@ if [ ! -s "$PGDATA/PG_VERSION" ]; then
POSTGRES_HOST_AUTH_METHOD="${POSTGRES_HOST_AUTH_METHOD:=$auth_method}"
printf "\nhost all all all %s\n" "$POSTGRES_HOST_AUTH_METHOD" >> "$PGDATA/pg_hba.conf"
pg_ctl -w start
pg_ctl -w start -o "-c config_file=/etc/postgresql/postgresql.conf"
if ! psql --username="$POSTGRES_USER" -d postgres -tc "SELECT 1 FROM pg_database WHERE datname = '$POSTGRES_DB'" | grep -q 1; then
psql --username="$POSTGRES_USER" -d postgres -c "CREATE DATABASE \"$POSTGRES_DB\";"
fi
pg_ctl -m fast -w stop
if [ -f /etc/postgresql/init.sh ]; then
# shellcheck disable=SC1091
. /etc/postgresql/init.sh
fi
pg_ctl -m fast -w stop -o "-c config_file=/etc/postgresql/postgresql.conf"
fi
exec postgres -c config_file="/etc/postgresql/postgresql.conf" "$@" > "$LOG_PIPE" 2>&1

8
packages/littlelink-server/default.nix
View File

@@ -2,18 +2,18 @@
# AUTO-UPDATE: nix-update --flake --version=branch=master littlelink-server
pkgs.stdenv.mkDerivation (finalAttrs: {
pname = "littlelink-server";
version = "0-unstable-2025-08-25";
version = "0-unstable-2025-10-01";
src = pkgs.fetchFromGitHub {
owner = "techno-tim";
repo = "littlelink-server";
rev = "9c65c4f389a92b2bf2ca85e545960ef3be4e72e9";
hash = "sha256-nd3dMWuYz2Af5XokTgMJdF0U2L98EW6CVuDGSXSOlls=";
rev = "1c4eb757b4b06ad778a45a00530a5d8937afd550";
hash = "sha256-XIBtbaG3xcTPOnBPflmYdTAi8Z8KzX046faoN6m6GhA=";
};
offlineCache = pkgs.fetchYarnDeps {
yarnLock = finalAttrs.src + "/yarn.lock";
hash = "sha256-Ikd2PUBIPTTv7e08HbANk4chwMtObyZtnd6pyiWKqps=";
hash = "sha256-KMZFPRRaPuZ8Rb6AKPx4/c/x/IJGjOpXBw2p5AzRgI8=";
};
nativeBuildInputs = with pkgs; [

10
packages/obsidian/plugins/excalidraw/default.nix
View File

@@ -2,15 +2,17 @@
# AUTO-UPDATE: nix-update --flake obsidian-plugin-excalidraw --subpackage mathjaxToSVG
pkgs.buildNpmPackage (finalAttrs: {
pname = "obsidian.plugins.excalidraw";
version = "2.15.1";
version = "2.16.1";
pkg = pkgs.fetchFromGitHub {
owner = "zsviczian";
repo = "obsidian-excalidraw-plugin";
rev = finalAttrs.version;
hash = "sha256-EsyR5PTZkR+/+5F9mteZ06smbX0mhxtbagO6ZDloHgs=";
hash = "sha256-aaR8qeWFf5vjjIWJ1PNutq7+wYHsybqBbfdZW+6lcMU=";
};
patches = [ ./package-lock.patch ];
mathjaxToSVG = pkgs.buildNpmPackage {
pname = "obsidian.plugins.excalidraw.mathjaxToSVG";
version = "1.0.0";
@@ -30,9 +32,7 @@ pkgs.buildNpmPackage (finalAttrs: {
src = finalAttrs.pkg;
patches = [ ./package-lock.patch ];
npmDepsHash = "sha256-QuhHPLjPpZNKZH7qhOr77CCZS9+ls35+ka4WYOEt4zI=";
npmDepsHash = "sha256-Nw1EGBQ9aB61XpDank9Z2BKVPOdyPnx8uLf9IUOJ4aY=";
npmPackFlags = [ "--ignore-scripts" ];
configurePhase = ''

234
packages/obsidian/plugins/excalidraw/package-lock.patch
View File

@@ -1,27 +1,241 @@
diff --git a/package-lock.json b/package-lock.json
index 21d66bd..fc0b033 100644
index fc570c9..9422424 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,7 +11,7 @@
"dependencies": {
"@popperjs/core": "^2.11.8",
"@zsviczian/colormaster": "^1.2.2",
- "@zsviczian/excalidraw": "0.18.0-31",
+ "@zsviczian/excalidraw": "0.18.0-37",
- "@zsviczian/excalidraw": "0.18.0-37",
+ "@zsviczian/excalidraw": "0.18.0-41",
"chroma-js": "^3.1.2",
"clsx": "^2.0.0",
"es6-promise-pool": "2.5.0",
@@ -3494,9 +3494,10 @@
@@ -3494,16 +3494,17 @@
"license": "MIT"
},
"node_modules/@zsviczian/excalidraw": {
- "version": "0.18.0-31",
- "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-31.tgz",
- "integrity": "sha512-A1wyp8EVOhCdoxdX7middc8LoLpjPLtxiSTeBbdMtungl8VQzAcQ2tSGCkncK/8RBcBaUk44Hr6KcWjezHnQew==",
+ "version": "0.18.0-37",
+ "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-37.tgz",
+ "integrity": "sha512-SC4a6wj6IzE9HucxImDoOPcojojW/8FSry1hSA+hXfU350DhY6VlpFQ1DHJMPqVgIkFHB/hbCHt3klV+66+ouw==",
- "version": "0.18.0-37",
- "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-37.tgz",
- "integrity": "sha512-SC4a6wj6IzE9HucxImDoOPcojojW/8FSry1hSA+hXfU350DhY6VlpFQ1DHJMPqVgIkFHB/hbCHt3klV+66+ouw==",
+ "version": "0.18.0-41",
+ "resolved": "https://registry.npmjs.org/@zsviczian/excalidraw/-/excalidraw-0.18.0-41.tgz",
+ "integrity": "sha512-Js2ve1iZe59JXMjGo4KEeMBjJJP6imyoVh529BJ6K8x8n9B4W8AOMpQUSLjGH7Z3pkByNluUTTxkM5XBn1eotA==",
+ "license": "MIT",
"dependencies": {
"@braintree/sanitize-url": "6.0.2",
"@excalidraw/random-username": "1.1.0",
"@radix-ui/react-popover": "1.1.6",
"@radix-ui/react-tabs": "1.1.3",
"@zsviczian/laser-pointer": "1.3.1",
- "@zsviczian/mermaid-to-excalidraw": "1.1.2",
+ "@zsviczian/mermaid-to-excalidraw": "1.1.3",
"browser-fs-access": "0.29.1",
"canvas-roundrect-polyfill": "0.0.1",
"clsx": "1.1.1",
@@ -3580,13 +3581,15 @@
"license": "MIT"
},
"node_modules/@zsviczian/mermaid-to-excalidraw": {
- "version": "1.1.2",
- "resolved": "https://registry.npmjs.org/@zsviczian/mermaid-to-excalidraw/-/mermaid-to-excalidraw-1.1.2.tgz",
- "integrity": "sha512-r6Krur0IZEEm8fuYdb8tteRfa4aYChKaXXmg0CpE+8Ovae/PAzvWvKXBw45oOlhjtVRO3kA89blDj+oxrJLusA==",
+ "version": "1.1.3",
+ "resolved": "https://registry.npmjs.org/@zsviczian/mermaid-to-excalidraw/-/mermaid-to-excalidraw-1.1.3.tgz",
+ "integrity": "sha512-JwE9B2L2k2mAGMA0D7ougV/EBnGMJX24MMcD10mPqdHvE0sunD6ijmfHoL00ZMXtAZfrvjIYoTXiPhSIFkWdUA==",
"dependencies": {
"@excalidraw/markdown-to-text": "0.1.2",
- "mermaid": "10.9.3",
- "nanoid": "4.0.2"
+ "cross-env": "^7.0.3",
+ "mermaid": "10.9.4",
+ "nanoid": "4.0.2",
+ "react-split": "^2.0.14"
}
},
"node_modules/@zsviczian/rollup-plugin-postprocess": {
@@ -4136,7 +4139,6 @@
"version": "7.0.3",
"resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz",
"integrity": "sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==",
- "dev": true,
"license": "MIT",
"dependencies": {
"cross-spawn": "^7.0.1"
@@ -4155,7 +4157,6 @@
"version": "7.0.6",
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
- "dev": true,
"license": "MIT",
"dependencies": {
"path-key": "^3.1.0",
@@ -4359,9 +4360,9 @@
"license": "MIT"
},
"node_modules/cytoscape": {
- "version": "3.32.0",
- "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.32.0.tgz",
- "integrity": "sha512-5JHBC9n75kz5851jeklCPmZWcg3hUe6sjqJvyk3+hVqFaKcHwHgxsjeN1yLmggoUc6STbtm9/NQyabQehfjvWQ==",
+ "version": "3.33.1",
+ "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.33.1.tgz",
+ "integrity": "sha512-iJc4TwyANnOGR1OmWhsS9ayRS3s+XQ185FmuHObThD+5AeJCakAAbWv8KimMTt08xCCLNgneQwFp+JRJOr9qGQ==",
"license": "MIT",
"engines": {
"node": ">=0.10"
@@ -4831,9 +4832,9 @@
}
},
"node_modules/dayjs": {
- "version": "1.11.13",
- "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.13.tgz",
- "integrity": "sha512-oaMBel6gjolK862uaPQOVTA7q3TZhuSvuMQAAglQDOWYO9A91IrAOUJEyKVlqJlHE0vq5p5UXxzdPfMH/x6xNg==",
+ "version": "1.11.18",
+ "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.18.tgz",
+ "integrity": "sha512-zFBQ7WFRvVRhKcWoUh+ZA1g2HVgUbsZm9sbddh8EC5iv93sui8DVVz1Npvz+r6meo9VKfa8NyLWBsQK1VvIKPA==",
"license": "MIT"
},
"node_modules/debug": {
@@ -4854,9 +4855,9 @@
}
},
"node_modules/decode-named-character-reference": {
- "version": "1.1.0",
- "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.1.0.tgz",
- "integrity": "sha512-Wy+JTSbFThEOXQIR2L6mxJvEs+veIzpmqD7ynWxMXGpnk3smkHQOp6forLdHsKpAMW9iJpaBBIxz285t1n1C3w==",
+ "version": "1.2.0",
+ "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.2.0.tgz",
+ "integrity": "sha512-c6fcElNV6ShtZXmsgNgFFV5tVX2PaV4g+MOAkb8eXHvn6sryJBrZa9r0zV6+dtTyoCKxtDy5tyQ5ZwQuidtd+Q==",
"license": "MIT",
"dependencies": {
"character-entities": "^2.0.0"
@@ -5995,7 +5996,6 @@
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
"integrity": "sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==",
- "dev": true,
"license": "ISC"
},
"node_modules/jackspeak": {
@@ -6142,9 +6142,9 @@
}
},
"node_modules/katex": {
- "version": "0.16.22",
- "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.22.tgz",
- "integrity": "sha512-XCHRdUw4lf3SKBaJe4EvgqIuWwkPSo9XoeO8GjQW94Bp7TWv9hNhzZjZ+OH9yf1UmLygb7DIT5GSFQiyt16zYg==",
+ "version": "0.16.23",
+ "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.23.tgz",
+ "integrity": "sha512-7VlC1hsEEolL9xNO05v9VjrvWZePkCVBJqj8ruICxYjZfHaHbaU53AlP+PODyFIXEnaEIEWi3wJy7FPZ95JAVg==",
"funding": [
"https://opencollective.com/katex",
"https://github.com/sponsors/katex"
@@ -6431,9 +6431,9 @@
}
},
"node_modules/mermaid": {
- "version": "10.9.3",
- "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.3.tgz",
- "integrity": "sha512-V80X1isSEvAewIL3xhmz/rVmc27CVljcsbWxkxlWJWY/1kQa4XOABqpDl2qQLGKzpKm6WbTfUEKImBlUfFYArw==",
+ "version": "10.9.4",
+ "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.4.tgz",
+ "integrity": "sha512-VIG2B0R9ydvkS+wShA8sXqkzfpYglM2Qwj7VyUeqzNVqSGPoP/tcaUr3ub4ESykv8eqQJn3p99bHNvYdg3gCHQ==",
"license": "MIT",
"dependencies": {
"@braintree/sanitize-url": "^6.0.1",
@@ -7243,7 +7243,6 @@
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz",
"integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==",
- "dev": true,
"license": "MIT",
"engines": {
"node": ">=8"
@@ -7996,6 +7995,17 @@
"node": ">=6.0.0"
}
},
+ "node_modules/prop-types": {
+ "version": "15.8.1",
+ "resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.1.tgz",
+ "integrity": "sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==",
+ "license": "MIT",
+ "dependencies": {
+ "loose-envify": "^1.4.0",
+ "object-assign": "^4.1.1",
+ "react-is": "^16.13.1"
+ }
+ },
"node_modules/punycode": {
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
@@ -8069,6 +8079,12 @@
"react": "^18.3.1"
}
},
+ "node_modules/react-is": {
+ "version": "16.13.1",
+ "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz",
+ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==",
+ "license": "MIT"
+ },
"node_modules/react-remove-scroll": {
"version": "2.7.0",
"resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.7.0.tgz",
@@ -8116,6 +8132,19 @@
}
}
},
+ "node_modules/react-split": {
+ "version": "2.0.14",
+ "resolved": "https://registry.npmjs.org/react-split/-/react-split-2.0.14.tgz",
+ "integrity": "sha512-bKWydgMgaKTg/2JGQnaJPg51T6dmumTWZppFgEbbY0Fbme0F5TuatAScCLaqommbGQQf/ZT1zaejuPDriscISA==",
+ "license": "MIT",
+ "dependencies": {
+ "prop-types": "^15.5.7",
+ "split.js": "^1.6.0"
+ },
+ "peerDependencies": {
+ "react": "*"
+ }
+ },
"node_modules/react-style-singleton": {
"version": "2.2.3",
"resolved": "https://registry.npmjs.org/react-style-singleton/-/react-style-singleton-2.2.3.tgz",
@@ -8577,7 +8606,6 @@
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
"integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==",
- "dev": true,
"license": "MIT",
"dependencies": {
"shebang-regex": "^3.0.0"
@@ -8590,7 +8618,6 @@
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz",
"integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==",
- "dev": true,
"license": "MIT",
"engines": {
"node": ">=8"
@@ -8686,6 +8713,12 @@
"node": ">=18"
}
},
+ "node_modules/split.js": {
+ "version": "1.6.5",
+ "resolved": "https://registry.npmjs.org/split.js/-/split.js-1.6.5.tgz",
+ "integrity": "sha512-mPTnGCiS/RiuTNsVhCm9De9cCAUsrNFFviRbADdKiiV+Kk8HKp/0fWu7Kr8pi3/yBmsqLFHuXGT9UUZ+CNLwFw==",
+ "license": "MIT"
+ },
"node_modules/string-width": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz",
@@ -9340,7 +9373,6 @@
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
"integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==",
- "dev": true,
"license": "ISC",
"dependencies": {
"isexe": "^2.0.0"

6
packages/obsidian/plugins/linter/default.nix
View File

@@ -2,16 +2,16 @@
# AUTO-UPDATE: nix-update --flake obsidian-plugin-linter
pkgs.buildNpmPackage (finalAttrs: {
pname = "linter";
version = "1.29.2";
version = "1.30.0";
src = pkgs.fetchFromGitHub {
owner = "platers";
repo = "obsidian-linter";
rev = finalAttrs.version;
hash = "sha256-I60nP99bdQfvq+GYtUvHPpYqp/nqpn3BqrgZzgPzRpI=";
hash = "sha256-pqbCt5h1KXwe2wXoF8v9xj3ntKcWwClQrcO6RHQa5QY=";
};
npmDepsHash = "sha256-5e7eFX25818dsux9hSdNRsTJPHbaR8n69s6/nnIHFyc=";
npmDepsHash = "sha256-6VgGl27vYunzU3QvPT4ljFtG/7RxhmrUPQZHE7eGepo=";
npmPackFlags = [ "--ignore-scripts" ];
installPhase = ''

4
packages/obsidian/plugins/tasks/default.nix
View File

@@ -2,13 +2,13 @@
# AUTO-UPDATE: nix-update --flake obsidian-plugin-tasks
pkgs.stdenv.mkDerivation (finalAttrs: {
pname = "tasks";
version = "7.21.0";
version = "7.22.0";
src = pkgs.fetchFromGitHub {
owner = "obsidian-tasks-group";
repo = "obsidian-tasks";
rev = finalAttrs.version;
hash = "sha256-/7vTXAsMHWOopscdKldbXpvQvEl4qcnV3HpYClZWUsg=";
hash = "sha256-wPby/HGT4oqMVes2Ws09RiI/YXETYI3oiiRwuV+0yXY=";
};
offlineCache = pkgs.fetchYarnDeps {

4
packages/oidcwarden/default.nix
View File

@@ -3,13 +3,13 @@
# FIXME: https://github.com/dani-garcia/vaultwarden/pull/3899
pkgs.rustPlatform.buildRustPackage (finalAttrs: {
pname = "oidcwarden";
version = "2025.8.1-1";
version = "2025.9.0-1";
src = pkgs.fetchFromGitHub {
owner = "Timshel";
repo = "OIDCWarden";
rev = "v${finalAttrs.version}";
hash = "sha256-yH2qewIV79hBDRn0KFj2mULpD2tTm5+8E2kIN8uMWHM=";
hash = "sha256-iTlaCjNuDBjbAp8O0WxiLULumI3wKjgrJoxzLKix/qI=";
};
cargoHash = "sha256-ZPCRFBaISCIlPY/x3lTqxuePgZXcOLvgyOrw2XVcAVw=";

4
packages/prometheus-podman-exporter/default.nix
View File

@@ -2,13 +2,13 @@
# AUTO-UPDATE: nix-update --flake prometheus-podman-exporter
pkgs.buildGoModule (finalAttrs: {
pname = "prometheus-podman-exporter";
version = "1.18.0";
version = "1.19.0";
src = pkgs.fetchFromGitHub {
owner = "containers";
repo = "prometheus-podman-exporter";
rev = "v${finalAttrs.version}";
hash = "sha256-hrecxJp78c8LruXTGRDU6zNWnyh+vwgCpVJsm026NYw=";
hash = "sha256-/nVdoYChdJb8+I36EhN0MgnmRFR0dSzt0FI39BziaJA=";
};
vendorHash = null;

11
patches.nix
View File

@@ -1,10 +1 @@
{ patcher, ... }:
{
quadlet-nix.patches = [
(patcher.fetchpatch {
name = "feat: supports images";
url = "https://github.com/SEIAROTg/quadlet-nix/compare/main...karaolidis:quadlet-nix:image.diff";
hash = "sha256-8li8XuBV3+J0s3FACOyKP+ndffn8T/PQXq+UrIk2TAc=";
})
];
}
{ patcher, ... }: { }

19
scripts/cache.sh
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
flake_json=$(nix flake show --json)
build_and_push() {
local expr="$1"
nix build "$expr" --no-link --print-out-paths | while IFS= read -r path; do
attic push main "$path"
done
}
jq -r '.nixosConfigurations | keys[]' <<<"$flake_json" | while IFS= read -r cfg; do
expr=".#nixosConfigurations.\"$cfg\".config.system.build.toplevel"
build_and_push "$expr"
done

36
scripts/update.sh
View File

@@ -1,15 +1,41 @@
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
find . -type f -name '*.nix' ! -path './submodules/*' | while read -r file; do
successes=()
failures=()
while read -r file; do
update_command=$(grep -oP '^#\s*AUTO-UPDATE:\s*\K.+' "$file" || true)
if [[ -n "$update_command" ]]; then
echo "Running update command in: $file"
eval "$update_command"
if ( eval "$update_command" ); then
successes+=("$file")
else
failures+=("$file")
fi
fi
done
done < <(find . -type f -name '*.nix' ! -path './submodules/*')
if [[ ${#successes[@]} -gt 0 ]]; then
echo "Successful Updates (${#successes[@]} total):"
for item in "${successes[@]}"; do
echo " - $item"
done
else
echo "No automated update commands were successfully executed."
fi
if [[ ${#failures[@]} -gt 0 ]]; then
echo "Failed Updates (${#failures[@]} total):"
for item in "${failures[@]}"; do
echo " - $item"
done
exit 1
else
echo "No automated update commands failed."
fi
nix flake update
exit $?

2
submodules/lib

Submodule submodules/lib updated: be7b39f41a...5e0737c20f

2
submodules/sas

Submodule submodules/sas updated: 3d06998334...bc1564ea3e

2
submodules/secrets

Submodule submodules/secrets updated: a9d956a20f...a5c1c55262