diff --git a/flake.lock b/flake.lock index 632d531..b7e6d97 100644 --- a/flake.lock +++ b/flake.lock @@ -116,11 +116,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1728407414, - "narHash": "sha256-B8LaxUP93eh+it8RW1pGq4SsU2kj7f0ipzFuhBvpON8=", + "lastModified": 1730458408, + "narHash": "sha256-JQ+SphQn13bdibKUrBBBznYehXX4xJrxD1ifBp6vSWw=", "owner": "catppuccin", "repo": "nix", - "rev": "96cf8b4a05fb23a53c027621b1147b5cf9e5439f", + "rev": "191fbf2d81a63fad8f62f1233c0051f09b75d0ad", "type": "github" }, "original": { @@ -245,11 +245,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -267,11 +267,11 @@ ] }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -373,11 +373,11 @@ ] }, "locked": { - "lastModified": 1728727368, - "narHash": "sha256-7FMyNISP7K6XDSIt1NJxkXZnEdV3HZUXvFoBaJ/qdOg=", + "lastModified": 1730302582, + "narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "eb74e0be24a11a1531b5b8659535580554d30b28", + "rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf", "type": "github" }, "original": { @@ -433,11 +433,11 @@ ] }, "locked": { - "lastModified": 1728791962, - "narHash": "sha256-nr5QiXwQcZmf6/auC1UpX8iAtINMtdi2mH+OkqJQVmU=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "64c6325b28ebd708653dd41d88f306023f296184", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -455,11 +455,11 @@ ] }, "locked": { - "lastModified": 1728726232, - "narHash": "sha256-8ZWr1HpciQsrFjvPMvZl0W+b0dilZOqXPoKa2Ux36bc=", + "lastModified": 1730490306, + "narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=", "owner": "nix-community", "repo": "home-manager", - "rev": "d57112db877f07387ce7104b5ac346ede556d2d7", + "rev": "1743615b61c7285976f85b303a36cdf88a556503", "type": "github" }, "original": { @@ -489,6 +489,36 @@ "type": "github" } }, + "ixx": { + "inputs": { + "flake-utils": [ + "my-nixvim", + "nixvim", + "nuschtosSearch", + "flake-utils" + ], + "nixpkgs": [ + "my-nixvim", + "nixvim", + "nuschtosSearch", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729544999, + "narHash": "sha256-YcyJLvTmN6uLEBGCvYoMLwsinblXMkoYkNLEO4WnKus=", + "owner": "NuschtOS", + "repo": "ixx", + "rev": "65c207c92befec93e22086da9456d3906a4e999c", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "ref": "v0.0.5", + "repo": "ixx", + "type": "github" + } + }, "my-nixvim": { "inputs": { "flake-parts": "flake-parts", @@ -498,11 +528,11 @@ "nixvim": "nixvim" }, "locked": { - "lastModified": 1728878762, - "narHash": "sha256-aYYyuY+IM3d/5NbogZx7ctd8bfNmzHklNIwazSn3jx0=", + "lastModified": 1730642581, + "narHash": "sha256-Tcq+RnctJTm+TUr1fN3ivqYNcd1pJnHYzLDQdgUCX70=", "ref": "refs/heads/master", - "rev": "0df66b4ab6faf481b1a94dd2edef66eec8e1efde", - "revCount": 16, + "rev": "a09d2b94efb5e2d801275a244eedaab0816f3702", + "revCount": 18, "type": "git", "url": "https://git.xinyang.life/xin/nixvim" }, @@ -520,11 +550,11 @@ ] }, "locked": { - "lastModified": 1728385805, - "narHash": "sha256-mUd38b0vhB7yzgAjNOaFz7VY9xIVzlbn3P2wjGBcVV0=", + "lastModified": 1730448474, + "narHash": "sha256-qE/cYKBhzxHMtKtLK3hlSR3uzO1pWPGLrBuQK7r0CHc=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "48b50b3b137be5cfb9f4d006835ce7c3fe558ccc", + "rev": "683d0c4cd1102dcccfa3f835565378c7f3cbe05e", "type": "github" }, "original": { @@ -540,11 +570,11 @@ ] }, "locked": { - "lastModified": 1728790083, - "narHash": "sha256-grMdAd4KSU6uPqsfLzA1B/3pb9GtGI9o8qb0qFzEU/Y=", + "lastModified": 1730604744, + "narHash": "sha256-/MK6QU4iOozJ4oHTfZipGtOgaT/uy/Jm4foCqHQeYR4=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "5c54c33aa04df5dd4b0984b7eb861d1981009b22", + "rev": "cc2ddbf2df8ef7cc933543b1b42b845ee4772318", "type": "github" }, "original": { @@ -564,11 +594,11 @@ ] }, "locked": { - "lastModified": 1728179514, - "narHash": "sha256-mOGZFPYm9SuEXnYiXhgs/JmLu7RofRaMpAYyJiWudkc=", + "lastModified": 1730944043, + "narHash": "sha256-DIYTHa57pQQc9ARiMpJWYkaoiTaQPLH7Y4qK0J10Khk=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "018196c371073d669510fd69dd2f6dc0ec608c41", + "rev": "0a959b25ff573f079ed032f88d8c988561b96a96", "type": "github" }, "original": { @@ -579,11 +609,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1728729581, - "narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=", + "lastModified": 1730919458, + "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806", + "rev": "e1cc1f6483393634aee94514186d21a4871e78d7", "type": "github" }, "original": { @@ -595,11 +625,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1728492678, - "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "lastModified": 1730200266, + "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", + "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", "type": "github" }, "original": { @@ -611,23 +641,23 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1727825735, - "narHash": "sha256-0xHYkMkeLVQAMa7gvkddbPqpxph+hDzdu1XdGPJR+Os=", + "lastModified": 1730504152, + "narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" }, "original": { "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/fb192fec7cc7a4c26d51779e9bab07ce6fa5597a.tar.gz" + "url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz" } }, "nixpkgs-stable": { "locked": { - "lastModified": 1728740863, - "narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=", + "lastModified": 1730741070, + "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a3f9ad65a0bf298ed5847629a57808b97e6e8077", + "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", "type": "github" }, "original": { @@ -639,11 +669,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1728156290, - "narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=", + "lastModified": 1730602179, + "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "17ae88b569bb15590549ff478bab6494dde4a907", + "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c", "type": "github" }, "original": { @@ -655,11 +685,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1728876479, - "narHash": "sha256-tjVsONpCYX+pOBqpnLsNOcd9DpbzG2Tnm8K/lgTqQc8=", + "lastModified": 1730961289, + "narHash": "sha256-WrHPXxaPWDqu5r/546jf1pdfvEEuf0CIPuo7HjRLDdU=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "5f7b4a8a49de5fb589a4f67f1ec888382312a490", + "rev": "82596c07592c14102071f72488ace046aa8e93a9", "type": "github" }, "original": { @@ -698,11 +728,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1728829992, - "narHash": "sha256-722PdOQ4uTTAOyS3Ze4H7LXDNVi9FecKbLEvj3Qu0hM=", + "lastModified": 1730569492, + "narHash": "sha256-NByr7l7JetL9kIrdCOcRqBu+lAkruYXETp1DMiDHNQs=", "owner": "nix-community", "repo": "nixvim", - "rev": "619e24366e8ad34230d65a323d26ca981bfa6927", + "rev": "6f210158b03b01a1fd44bf3968165e6da80635ce", "type": "github" }, "original": { @@ -713,11 +743,11 @@ }, "nur": { "locked": { - "lastModified": 1728878648, - "narHash": "sha256-JYNGkY30+zGclR1zebnyHOtRhWKfKHLw6T4IoqhmJFs=", + "lastModified": 1730959878, + "narHash": "sha256-UZ6oSptjE04ooORHvvR+kiGnr/nhzWgYwGryxUkKAv0=", "owner": "nix-community", "repo": "NUR", - "rev": "23d88faa35dc9de0e35fc3dc2a863c4cf451a8f8", + "rev": "bc4d2a3b71c75d81cc247b1bf991b63f75358004", "type": "github" }, "original": { @@ -729,6 +759,7 @@ "nuschtosSearch": { "inputs": { "flake-utils": "flake-utils_2", + "ixx": "ixx", "nixpkgs": [ "my-nixvim", "nixvim", @@ -736,11 +767,11 @@ ] }, "locked": { - "lastModified": 1728701796, - "narHash": "sha256-FTDCOUnq+gdnHC3p5eisv1X1mMtKJDNMegwpZjRzQKY=", + "lastModified": 1730515563, + "narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=", "owner": "NuschtOS", "repo": "search", - "rev": "9578d865b081c29ae98131caf7d2f69a42f0ca6e", + "rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e", "type": "github" }, "original": { @@ -774,11 +805,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1728345710, - "narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=", + "lastModified": 1730883027, + "narHash": "sha256-pvXMOJIqRW0trsW+FzRMl6d5PbsM4rWfD5lcKCOrrwI=", "owner": "Mic92", "repo": "sops-nix", - "rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b", + "rev": "c5ae1e214ff935f2d3593187a131becb289ea639", "type": "github" }, "original": { @@ -871,11 +902,11 @@ ] }, "locked": { - "lastModified": 1727984844, - "narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=", + "lastModified": 1730321837, + "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64", + "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index c712f77..7bc10db 100644 --- a/flake.nix +++ b/flake.nix @@ -222,7 +222,7 @@ { ... }: { deployment = { - targetHost = "raspite.local"; + targetHost = "raspite.coho-tet.ts.net"; buildOnTarget = false; }; nixpkgs.system = "aarch64-linux"; diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index 20b90e6..b90e361 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -29,7 +29,7 @@ }; home.packages = with pkgs; [ - betterbird + thunderbird remmina ]; diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index 4601e8c..7fa91d2 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -225,6 +225,8 @@ # ==== GUI Softwares ==== # + eudic + # Gnome tweaks gnomeExtensions.paperwm gnomeExtensions.search-light @@ -348,11 +350,11 @@ fontconfig = { defaultFonts = { serif = [ - "Noto Serif CJK SC" + "Source Han Serif SC" "Ubuntu" ]; sansSerif = [ - "Noto Sans CJK SC" + "Source Han Sans SC" "Ubuntu" ]; monospace = [ diff --git a/machines/raspite/configuration.nix b/machines/raspite/configuration.nix index 049e67e..234d0e9 100644 --- a/machines/raspite/configuration.nix +++ b/machines/raspite/configuration.nix @@ -8,7 +8,10 @@ { imports = [ ./hass.nix ]; - commonSettings.nix.enableMirrors = true; + commonSettings = { + nix.enableMirrors = true; + auth.enable = true; + }; nixpkgs.overlays = [ # Workaround https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243 @@ -33,25 +36,15 @@ # boot.kernelPackages = pkgs.linuxPackages_stable; - custom.kanidm-client = { - enable = true; - uri = "https://auth.xinyang.life"; - asSSHAuth = { - enable = true; - allowedGroups = [ "linux_users" ]; - hardening = true; - }; - sudoers = [ "xin@auth.xinyang.life" ]; - }; - - security.sudo = { - execWheelOnly = true; - wheelNeedsPassword = false; - }; - # fileSystems."/".fsType = lib.mkForce "btrfs"; boot.supportedFilesystems.zfs = lib.mkForce false; - services.dae.enable = false; + services.dae.enable = true; services.dae.configFile = "/var/lib/dae/config.dae"; + + services.tailscale = { + enable = true; + permitCertUid = config.services.caddy.user; + openFirewall = true; + }; } diff --git a/machines/raspite/hass.nix b/machines/raspite/hass.nix index 68d161b..f7b682e 100644 --- a/machines/raspite/hass.nix +++ b/machines/raspite/hass.nix @@ -2,22 +2,21 @@ { services.home-assistant = { enable = true; - extraComponents = [ - "default_config" - "esphome" - "met" - "radio_browser" - ]; openFirewall = false; config = { default_config = { }; http = { - server_host = "::1"; - base_url = "raspite.local:1000"; - use_x_forward_for = true; - trusted_proxies = [ "::1" ]; + server_host = "127.0.0.1"; + use_x_forwarded_for = true; + trusted_proxies = [ "127.0.0.1" ]; }; }; + extraPackages = + python3Packages: with python3Packages; [ + # speed up aiohttp + isal + zlib-ng + ]; }; services.esphome = { @@ -27,23 +26,28 @@ users.groups.dialout.members = config.users.groups.wheel.members; - environment.systemPackages = with pkgs; [ zigbee2mqtt ]; + services.mosquitto = { + enable = true; + }; - networking.firewall.allowedTCPPorts = [ - 1000 - 1001 - ]; + services.zigbee2mqtt = { + enable = true; + settings = { + home-assistant = config.services.home-assistant.enable; + permit_join = true; + serial = { + port = "/dev/ttyUSB0"; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8443 ]; services.caddy = { enable = true; virtualHosts = { - # reverse_proxy ${config.services.home-assistant.config.http.server_host}:${toString config.services.home-assistant.config.http.server_port} - "raspite.local:1000".extraConfig = '' - reverse_proxy http://[::1]:8123 - ''; - - "raspite.local:1001".extraConfig = '' - reverse_proxy ${config.services.esphome.address}:${toString config.services.esphome.port} + "raspite.coho-tet.ts.net".extraConfig = '' + reverse_proxy ${config.services.home-assistant.config.http.server_host}:${toString config.services.home-assistant.config.http.server_port} ''; }; }; diff --git a/overlays/add-pkgs.nix b/overlays/add-pkgs.nix index 65b2131..35b6981 100644 --- a/overlays/add-pkgs.nix +++ b/overlays/add-pkgs.nix @@ -1,4 +1,3 @@ (final: prev: { oidc-agent = prev.callPackage ./pkgs/oidc-agent { }; - ocis = prev.callPackage ./pkgs/ocis { }; }) diff --git a/overlays/pkgs/ocis/default.nix b/overlays/pkgs/ocis/default.nix deleted file mode 100644 index 1f1aade..0000000 --- a/overlays/pkgs/ocis/default.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ - lib, - stdenvNoCC, - callPackage, - fetchFromGitHub, - buildGoModule, - gnumake, - pnpm, - nodejs, -}: -let - web = callPackage ./web.nix { }; - idp-assets = stdenvNoCC.mkDerivation { - pname = "idp-assets"; - version = "0-unstable-2020-10-14"; - src = fetchFromGitHub { - owner = "owncloud"; - repo = "assets"; - rev = "e8b6aeadbcee1865b9df682e9bd78083842d2b5c"; - hash = "sha256-PzGff2Zx8xmvPYQa4lS4yz2h+y/lerKvUZkYI7XvAUw="; - }; - installPhase = '' - mkdir -p $out/share - cp logo.svg favicon.ico $out/share/ - ''; - dontConfigure = true; - dontBuild = true; - dontFixup = true; - }; -in -buildGoModule rec { - pname = "ocis"; - version = "v5.0.7"; - - vendorHash = null; - - src = fetchFromGitHub { - owner = "owncloud"; - repo = "ocis"; - rev = version; - hash = "sha256-vCEr7UCGEPm0x04U8DpsUNz9c64ZSEIK4SDcitCIDCw="; - }; - - nativeBuildInputs = [ - gnumake - nodejs - pnpm.configHook - ]; - - pnpmDeps = pnpm.fetchDeps { - inherit pname version src; - sourceRoot = "${src.name}/services/idp"; - hash = "sha256-ojrgoyl+xBsgEsx3d3gv5Wf6ziabHoFkEpAoDZcYavo="; - }; - pnpmRoot = "services/idp"; - - buildPhase = '' - runHook preBuild - cp -r ${web}/share/* services/web/assets/ - pnpm -C services/idp build - - mkdir -p services/idp/assets/identifier/static - cp -r ${idp-assets}/share/* services/idp/assets/identifier/static/ - - make -C ocis VERSION=${version} DATE=${version} build - runHook postBuild - ''; - - installPhase = '' - mkdir -p $out/bin/ - cp ocis/bin/ocis $out/bin/ - ''; - - passthru = { - inherit web; - }; - - meta = with lib; { - homepage = "https://github.com/owncloud/ocis"; - description = "ownCloud Infinite Scale Stack"; - mainProgram = "ocis"; - license = licenses.asl20; - maintainers = with maintainers; [ xinyangli ]; - }; -} diff --git a/overlays/pkgs/ocis/web.nix b/overlays/pkgs/ocis/web.nix deleted file mode 100644 index d28340c..0000000 --- a/overlays/pkgs/ocis/web.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ - lib, - stdenvNoCC, - nodejs, - pnpm, - fetchFromGitHub, -}: -stdenvNoCC.mkDerivation rec { - pname = "ocis-web"; - version = "v8.0.5"; - - src = fetchFromGitHub { - owner = "owncloud"; - repo = "web"; - rev = version; - hash = "sha256-hupdtK/V74+X7/eXoDmUjFvSKuhnoOtNQz7o6TLJXG4="; - }; - - nativeBuildInputs = [ pnpm.configHook ]; - - buildInputs = [ nodejs ]; - - buildPhase = '' - pnpm build - ''; - - installPhase = '' - mkdir -p $out/share - cp -r dist/* $out/share/ - ''; - - pnpmDeps = pnpm.fetchDeps { - inherit pname version src; - hash = "sha256-m6yGqUmDor5273JsAlKs52Ug+bc3uhpI8F+MUhULAh4="; - }; - - meta = with lib; { - license = [ licenses.agpl3Only ]; - }; -}