diff --git a/flake.lock b/flake.lock index 3744570..6081249 100644 --- a/flake.lock +++ b/flake.lock @@ -116,11 +116,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1725509983, - "narHash": "sha256-NHCgHVqumPraFJnLrkanoLDuhOoUHUvRhvp/RIHJR+A=", + "lastModified": 1726952185, + "narHash": "sha256-l/HbsQjJMT6tlf8KCooFYi3J6wjIips3n6/aWAoLY4g=", "owner": "catppuccin", "repo": "nix", - "rev": "45745fe5960acaefef2b60f3455bcac6a0ca6bc9", + "rev": "630b559cc1cb4c0bdd525af506935323e4ccd5d1", "type": "github" }, "original": { @@ -285,11 +285,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -433,11 +433,11 @@ ] }, "locked": { - "lastModified": 1725694918, - "narHash": "sha256-+HsjshXpqNiJHLaJaK0JnIicJ/a1NquKcfn4YZ3ILgg=", + "lastModified": 1726985855, + "narHash": "sha256-NJPGK030Y3qETpWBhj9oobDQRbXdXOPxtu+YgGvZ84o=", "owner": "nix-community", "repo": "home-manager", - "rev": "aaebdea769a5c10f1c6e50ebdf5924c1a13f0cda", + "rev": "04213d1ce4221f5d9b40bcee30706ce9a91d148d", "type": "github" }, "original": { @@ -476,11 +476,11 @@ ] }, "locked": { - "lastModified": 1726036828, - "narHash": "sha256-ZQHbpyti0jcAKnwQY1lwmooecLmSG6wX1JakQ/eZNeM=", + "lastModified": 1724435763, + "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", "owner": "nix-community", "repo": "home-manager", - "rev": "8a1671642826633586d12ac3158e463c7a50a112", + "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", "type": "github" }, "original": { @@ -540,11 +540,11 @@ ] }, "locked": { - "lastModified": 1725161148, - "narHash": "sha256-WfAHq3Ag3vLNFfWxKHjFBFdPI6JIideWFJod9mx1eoo=", + "lastModified": 1726975622, + "narHash": "sha256-bPDZosnom0+02ywmMZAvmj7zvsQ6mVv/5kmvSgbTkaY=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "32058e9138248874773630c846563b1a78ee7a5b", + "rev": "c7515c2fdaf2e1f3f49856cef6cec95bb2138417", "type": "github" }, "original": { @@ -564,11 +564,11 @@ ] }, "locked": { - "lastModified": 1725672853, - "narHash": "sha256-z1O6dzCJ27OZpF680tZL0mQphQETdg4DTryvhFOpZyA=", + "lastModified": 1727055858, + "narHash": "sha256-JZldqP3uEzphER/63J8crL9O9uR7g+cNAkb+erRmN48=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "efd33fc8e5a149dd48d86ca6003b51ab3ce4ae21", + "rev": "de538d220bccc69ad940a53e2b50fef7e05501f2", "type": "github" }, "original": { @@ -579,11 +579,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1725477728, - "narHash": "sha256-ahej1VRqKmWbG7gewty+GlrSBEeGY/J2Zy8Nt8+3fdg=", + "lastModified": 1727040444, + "narHash": "sha256-19FNN5QT9Z11ZUMfftRplyNN+2PgcHKb3oq8KMW/hDA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "880be1ab837e1e9fe0449dae41ac4d034694d4ce", + "rev": "d0cb432a9d28218df11cbd77d984a2a46caeb5ac", "type": "github" }, "original": { @@ -623,11 +623,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1725407940, - "narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=", + "lastModified": 1726838390, + "narHash": "sha256-NmcVhGElxDbmEWzgXsyAjlRhUus/nEqPC5So7BOJLUM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3", + "rev": "944b2aea7f0a2d7c79f72468106bc5510cbf5101", "type": "github" }, "original": { @@ -639,11 +639,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1721524707, - "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=", + "lastModified": 1725762081, + "narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171", + "rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05", "type": "github" }, "original": { @@ -655,11 +655,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1726296585, - "narHash": "sha256-inm7AIEqfgF4wXkhWB2M5IfmdITSF90xpeDDSU3DfNc=", + "lastModified": 1727093669, + "narHash": "sha256-VUBuY1qGk0FBMBydHWyp85f/pypH6nlSXnnIJh3Z4XA=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "8539edfb09c674994303141378df4ab33cd765ad", + "rev": "67cce3820108e9ef3ecd69097089a13a2e3f5909", "type": "github" }, "original": { @@ -671,11 +671,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1726042813, - "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=", + "lastModified": 1725194671, + "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "159be5db480d1df880a0135ca0bfed84c2f88353", + "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", "type": "github" }, "original": { @@ -713,11 +713,11 @@ }, "nur": { "locked": { - "lastModified": 1725687722, - "narHash": "sha256-LPv282y5okYk8ebiBsEbDXy2WykwdBPpAthjKSmTfNI=", + "lastModified": 1727091899, + "narHash": "sha256-ztA+/sTDdsba2c4JrxUcKA+RH8mKy5RO1ikCrEmcsH4=", "owner": "nix-community", "repo": "NUR", - "rev": "ff7f8143f33751c4f37caec678ed1eb63006c0d3", + "rev": "9134c128b0a9610bdf6771a561e185e6dfbdd05b", "type": "github" }, "original": { @@ -774,11 +774,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1725540166, - "narHash": "sha256-htc9rsTMSAY5ek+DB3tpntdD/es0eam2hJgO92bWSys=", + "lastModified": 1726524647, + "narHash": "sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d9d781523a1463965cd1e1333a306e70d9feff07", + "rev": "e2d404a7ea599a013189aa42947f66cede0645c8", "type": "github" }, "original": { diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index 71ffff6..b850d52 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -27,7 +27,7 @@ }; home.packages = with pkgs; [ - # betterbird + betterbird remmina ]; diff --git a/machines/massicot/default.nix b/machines/massicot/default.nix index f74f265..ecbc6e2 100644 --- a/machines/massicot/default.nix +++ b/machines/massicot/default.nix @@ -1,7 +1,5 @@ { inputs, - config, - libs, pkgs, ... }: @@ -51,13 +49,6 @@ efiSupport = true; configurationLimit = 5; }; - # - # fileSystems."/mnt/storage" = { - # device = "//u380335-sub1.your-storagebox.de/u380335-sub1"; - # fsType = "cifs"; - # options = [ "credentials=${config.sops.secrets.storage_box_mount.path}" ]; - # }; - # environment.systemPackages = with pkgs; [ cifs-utils git @@ -69,14 +60,11 @@ hostName = "massicot"; }; - custom.kanidm-client = { - enable = true; - uri = "https://auth.xinyang.life/"; - asSSHAuth = { + commonSettings = { + auth.enable = true; + nix = { enable = true; - allowedGroups = [ "linux_users" ]; }; - sudoers = [ "xin@auth.xinyang.life" ]; }; security.sudo = { diff --git a/machines/massicot/kanidm-provision.nix b/machines/massicot/kanidm-provision.nix index bd38b03..91f86d2 100644 --- a/machines/massicot/kanidm-provision.nix +++ b/machines/massicot/kanidm-provision.nix @@ -139,7 +139,8 @@ originUrl = [ "http://localhost/" "http://127.0.0.1/" - "oc://android.owncloud.com" + # TODO: Should allow mobile redirect url not ending with / + # "oc://android.owncloud.com" ]; basicSecretFile = config.sops.secrets."kanidm/ocis_android_secret".path; preferShortUsername = true; diff --git a/modules/nixos/common-settings/autoupgrade.nix b/modules/nixos/common-settings/autoupgrade.nix new file mode 100644 index 0000000..6c2cc83 --- /dev/null +++ b/modules/nixos/common-settings/autoupgrade.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + ... +}: + +let + inherit (lib) + mkIf + mkEnableOption + mkOption + types + ; + + cfg = config.commonSettings.autoupgrade; +in +{ + options.commonSettings.autoupgrade = { + enable = mkEnableOption "auto upgrade with nixos-rebuild"; + flake = mkOption { + type = types.str; + default = "github:xinyangli/nixos-config/deploy"; + }; + }; + + config = mkIf cfg.enable { + system.autoUpgrade = { + enable = true; + flake = cfg.flake; + }; + }; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 36bf773..bfc36ce 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,6 +1,7 @@ { imports = [ ./common-settings/auth.nix + ./common-settings/autoupgrade.nix ./common-settings/nix-conf.nix ./restic.nix ./vaultwarden.nix