diff --git a/common/fragments/grafana.nix b/common/fragments/grafana.nix index d900a53..e7eef20 100644 --- a/common/fragments/grafana.nix +++ b/common/fragments/grafana.nix @@ -1,10 +1,11 @@ -{ config, pkgs, ... }: { +{ config, ... }: +{ services.grafana = { enable = true; settings.server = { domain = "grafana.technogothic.net"; http_port = 2342; - http_addr = "localhost"; + http_addr = "127.0.0.1"; }; settings."auth.anonymous" = { enabled = true; @@ -13,8 +14,7 @@ }; }; - networking.firewall.allowedTCPPorts = - [ config.services.grafana.settings.server.http_port ]; + networking.firewall.allowedTCPPorts = [ config.services.grafana.settings.server.http_port ]; services.prometheus = { enable = true; @@ -23,41 +23,27 @@ scrapeConfigs = [ { job_name = "bloodletting"; - static_configs = [{ - targets = [ - "localhost:${ - toString config.services.prometheus.exporters.node.port - }" - ]; - }]; + static_configs = [ + { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; } + ]; } { job_name = "nginx"; - static_configs = [{ - targets = [ - "localhost:${ - toString config.services.prometheus.exporters.nginx.port - }" - ]; - }]; + static_configs = [ + { targets = [ "localhost:${toString config.services.prometheus.exporters.nginx.port}" ]; } + ]; } { job_name = "telegraf"; - static_configs = [{ - targets = [ - config.services.telegraf.extraConfig.outputs.prometheus_client.listen - ]; - }]; + static_configs = [ + { targets = [ config.services.telegraf.extraConfig.outputs.prometheus_client.listen ]; } + ]; } { job_name = "process"; - static_configs = [{ - targets = [ - "localhost:${ - toString config.services.prometheus.exporters.process.port - }" - ]; - }]; + static_configs = [ + { targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; } + ]; } ]; }; diff --git a/common/fragments/headscale.nix b/common/fragments/headscale.nix index 7bde8c1..bb82c83 100644 --- a/common/fragments/headscale.nix +++ b/common/fragments/headscale.nix @@ -1,15 +1,16 @@ -{ pkgs, ... }: { services.headscale = { enable = true; port = 52812; - settings.server_url = "https://hs.technogothic.net"; - settings.dns_config = { - nameservers = [ - "94.140.14.14" - "94.140.15.15" - ]; # AdGuard Public DNS - base_domain = "thorns.home.arpa"; + settings = { + server_url = "https://hs.technogothic.net"; + dns = { + nameservers.global = [ + "94.140.14.14" + "94.140.15.15" + ]; # AdGuard Public DNS + base_domain = "thorns.home.arpa"; + }; }; }; } diff --git a/common/home_manager/common.nix b/common/home_manager/common.nix index 9503fd5..67e1608 100644 --- a/common/home_manager/common.nix +++ b/common/home_manager/common.nix @@ -133,7 +133,7 @@ cat = "bat"; ip = "ip -color=always"; youtube-dl-audio = ''yt-dlp --ignore-errors --output "%(title)s.%(ext)s" --extract-audio --audio-format best''; - rsync = "rsync -az --partial --info=progress2"; + # rsync = "rsync -az --partial --info=progress2"; }; shellAliases.tailscale = lib.mkIf ( !pkgs.stdenv.isLinux diff --git a/common/linux-specific.nix b/common/linux-specific.nix index c30ef26..58256a0 100644 --- a/common/linux-specific.nix +++ b/common/linux-specific.nix @@ -38,9 +38,9 @@ }; # Configure keymap in X11 - services.xserver = { + services.xserver.xkb = { layout = "us"; - xkbVariant = ""; + variant = ""; }; # Enable the OpenSSH daemon. diff --git a/flake.lock b/flake.lock index c96f427..21f6c97 100644 --- a/flake.lock +++ b/flake.lock @@ -129,11 +129,11 @@ "systems": "systems_4" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -175,9 +175,7 @@ "frq-friend": { "inputs": { "naersk": "naersk", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs_2", "utils": "utils_2" }, "locked": { @@ -204,11 +202,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1732579614, - "narHash": "sha256-LREXerN4a4DHG38a2KZPum7E/OKNhYgrBtU6AsD5SnQ=", + "lastModified": 1734878912, + "narHash": "sha256-M1uvMQUY9yuzlLlDYbP2LjBrolkGiYVKIRRwlxWYyTg=", "owner": "helix-editor", "repo": "helix", - "rev": "80709cee610f1758af1e62d53bde2eb8aa706a0c", + "rev": "ea17b9edb708bc5ea26fec95dda66a6f45753545", "type": "github" }, "original": { @@ -224,16 +222,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1734366194, + "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -241,15 +239,15 @@ "lix": { "flake": false, "locked": { - "lastModified": 1723503926, - "narHash": "sha256-Rosl9iA9MybF5Bud4BTAQ9adbY81aGmPfV8dDBGl34s=", - "rev": "bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2", + "lastModified": 1729298361, + "narHash": "sha256-hiGtfzxFkDc9TSYsb96Whg0vnqBVV7CUxyscZNhed0U=", + "rev": "ad9d06f7838a25beec425ff406fe68721fef73be", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2.tar.gz?rev=bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/ad9d06f7838a25beec425ff406fe68721fef73be.tar.gz?rev=ad9d06f7838a25beec425ff406fe68721fef73be" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/2.91.0.tar.gz" + "url": "https://git.lix.systems/lix-project/lix/archive/2.91.1.tar.gz" } }, "lix-module": { @@ -262,15 +260,15 @@ ] }, "locked": { - "lastModified": 1723510904, - "narHash": "sha256-zNW/rqNJwhq2lYmQf19wJerRuNimjhxHKmzrWWFJYts=", - "rev": "622a2253a071a1fb97a4d3c8103a91114acc1140", + "lastModified": 1732605668, + "narHash": "sha256-DN5/166jhiiAW0Uw6nueXaGTueVxhfZISAkoxasmz/g=", + "rev": "f19bd752910bbe3a861c9cad269bd078689d50fe", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/622a2253a071a1fb97a4d3c8103a91114acc1140.tar.gz?rev=622a2253a071a1fb97a4d3c8103a91114acc1140" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/f19bd752910bbe3a861c9cad269bd078689d50fe.tar.gz?rev=f19bd752910bbe3a861c9cad269bd078689d50fe" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz" } }, "lowdown-src": { @@ -355,7 +353,7 @@ }, "naersk_2": { "inputs": { - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1687852486, @@ -380,11 +378,11 @@ ] }, "locked": { - "lastModified": 1698420672, - "narHash": "sha256-/TdeHMPRjjdJub7p7+w55vyABrsJlt5QkznPYy55vKA=", + "lastModified": 1721727458, + "narHash": "sha256-r/xppY958gmZ4oTfLiHN0ZGuQ+RSTijDblVgVLFi1mw=", "owner": "nix-community", "repo": "naersk", - "rev": "aeb58d5e8faead8980a807c840232697982d47b9", + "rev": "3fb418eaf352498f6b6c30592e3beb63df42ef11", "type": "github" }, "original": { @@ -397,7 +395,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -421,11 +419,11 @@ ] }, "locked": { - "lastModified": 1732420287, - "narHash": "sha256-CzvYF4x6jUh/+NEEIFrIY5t1W/N3IA2bNZJiMXu9GTo=", + "lastModified": 1733570843, + "narHash": "sha256-sQJAxY1TYWD1UyibN/FnN97paTFuwBw3Vp3DNCyKsMk=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "3c52583b99666a349a6219dc1f0dd07d75c82d6a", + "rev": "a35b08d09efda83625bef267eb24347b446c80b8", "type": "github" }, "original": { @@ -450,16 +448,16 @@ }, "nixpkgs-darwin": { "locked": { - "lastModified": 1730891215, - "narHash": "sha256-i85DPrhDuvzgvIWCpJlbfM2UFtNYbapo20MtQXsvay4=", + "lastModified": 1734761983, + "narHash": "sha256-U1kYa/N53vruy1E/E/n7NxsJDbTkVQmC7TCdTeNieSE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c128e44a249d6180740d0a979b6480d5b795c013", + "rev": "d38b1bc9ef4bf6ca6726e0681895e1c3e8215a49", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixpkgs-24.05-darwin", + "ref": "nixpkgs-24.11-darwin", "repo": "nixpkgs", "type": "github" } @@ -482,11 +480,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1732238832, - "narHash": "sha256-sQxuJm8rHY20xq6Ah+GwIUkF95tWjGRd1X8xF+Pkk38=", + "lastModified": 1734435836, + "narHash": "sha256-kMBQ5PRiFLagltK0sH+08aiNt3zGERC2297iB6vrvlU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8edf06bea5bcbee082df1b7369ff973b91618b8d", + "rev": "4989a246d7a390a859852baddb1013f825435cee", "type": "github" }, "original": { @@ -497,6 +495,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1681272286, + "narHash": "sha256-9X5p+gwYrowgbsRgkf14HFI0fkr6UikuwRIQAMlF1yI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "6b70761ea8c896aff8994eb367d9526686501860", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1687946342, "narHash": "sha256-vRxti8pOuXS0rJmqjbD8ueEEFXWSK22ISHoCWkhgzzg=", @@ -510,7 +524,7 @@ "type": "indirect" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1657693803, "narHash": "sha256-G++2CJ9u0E7NNTAi9n5G8TdDmGJXcIjkJ3NF8cetQB8=", @@ -526,23 +540,23 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_5": { "locked": { - "lastModified": 1731797254, - "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", + "lastModified": 1734737257, + "narHash": "sha256-GIMyMt1pkkoXdCq9un859bX6YQZ/iYtukb9R5luazLM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", + "rev": "1c6e20d41d6a9c1d737945962160e8571df55daa", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1682092588, "narHash": "sha256-NjKBPnScpbGiH/YOx74DIFOVkr5AKJOVZoy0l7J58gk=", @@ -569,7 +583,7 @@ "matrix-ril100": "matrix-ril100", "mms": "mms", "nix-darwin": "nix-darwin", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-darwin": "nixpkgs-darwin", "nixpkgs-unstable": "nixpkgs-unstable", "url-eater": "url-eater", @@ -727,11 +741,11 @@ "utils": "utils_4" }, "locked": { - "lastModified": 1710529176, - "narHash": "sha256-TuDrnw1USxWsGQMQuX50D69A3Z555vC0Q0knYcd/qGE=", + "lastModified": 1734618283, + "narHash": "sha256-QFYFxw58d3WOU6SYDiazyaSz+mSJwgABsMEf1joM2FE=", "owner": "AgathaSorceress", "repo": "url-eater", - "rev": "21be820dcd6fa5c91e9a46fb8c72f13db631ed54", + "rev": "96af6b75a3605043141db6bf80ad60866c10c827", "type": "github" }, "original": { @@ -799,11 +813,11 @@ "systems": "systems_6" }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -832,7 +846,7 @@ }, "vampysite": { "inputs": { - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_6", "utils": "utils_5" }, "locked": { diff --git a/flake.nix b/flake.nix index eb446df..e084747 100644 --- a/flake.nix +++ b/flake.nix @@ -1,18 +1,18 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; - nixpkgs-darwin.url = "github:NixOS/nixpkgs/nixpkgs-24.05-darwin"; + nixpkgs-darwin.url = "github:NixOS/nixpkgs/nixpkgs-24.11-darwin"; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; vampysite.url = "git+https://git.lain.faith/sorceress/vampysite"; home-manager = { - url = "github:nix-community/home-manager/release-24.05"; + url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -42,10 +42,7 @@ inputs.nixpkgs.follows = "nixpkgs-unstable"; }; - frq-friend = { - url = "git+https://git.xenua.me/xenua/fedi-frq-friend"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + frq-friend.url = "git+https://git.xenua.me/xenua/fedi-frq-friend"; helix = { url = "github:helix-editor/helix"; @@ -177,11 +174,8 @@ ./common/linux-specific.nix ./hosts/watchtower/configuration.nix (import "${home-manager}/nixos") - "${nixpkgs-unstable}/nixos/modules/services/torrent/flood.nix" ]; - disabledModules = [ "services/torrent/flood.nix" ]; - deployment = { targetUser = "root"; targetHost = "watchtower"; @@ -212,7 +206,6 @@ ./common ./common/linux-specific.nix ./hosts/tears/configuration.nix - ./common/options.nix (import "${home-manager}/nixos") url-eater.nixosModules.default ]; diff --git a/hosts/bloodletting/configuration.nix b/hosts/bloodletting/configuration.nix index 8ce7c22..fa63455 100644 --- a/hosts/bloodletting/configuration.nix +++ b/hosts/bloodletting/configuration.nix @@ -269,6 +269,16 @@ }; }; + virtualHosts."jellyfin.technogothic.net" = { + useACMEHost = "technogothic.net"; + forceSSL = true; + + locations."/" = { + proxyPass = "http://watchtower.thorns.home.arpa:8096"; + proxyWebsockets = true; + }; + }; + virtualHosts."carvideo.technogothic.net" = { useACMEHost = "technogothic.net"; forceSSL = true;