diff --git a/flake.lock b/flake.lock index 2392682..3744570 100644 --- a/flake.lock +++ b/flake.lock @@ -116,11 +116,11 @@ }, "catppuccin": { "locked": { - "lastModified": 1726952185, - "narHash": "sha256-l/HbsQjJMT6tlf8KCooFYi3J6wjIips3n6/aWAoLY4g=", + "lastModified": 1725509983, + "narHash": "sha256-NHCgHVqumPraFJnLrkanoLDuhOoUHUvRhvp/RIHJR+A=", "owner": "catppuccin", "repo": "nix", - "rev": "630b559cc1cb4c0bdd525af506935323e4ccd5d1", + "rev": "45745fe5960acaefef2b60f3455bcac6a0ca6bc9", "type": "github" }, "original": { @@ -285,11 +285,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -433,11 +433,11 @@ ] }, "locked": { - "lastModified": 1727111745, - "narHash": "sha256-EYLvFRoTPWtD+3uDg2wwQvlz88OrIr3zld+jFE5gDcY=", + "lastModified": 1725694918, + "narHash": "sha256-+HsjshXpqNiJHLaJaK0JnIicJ/a1NquKcfn4YZ3ILgg=", "owner": "nix-community", "repo": "home-manager", - "rev": "21c021862fa696c8199934e2153214ab57150cb6", + "rev": "aaebdea769a5c10f1c6e50ebdf5924c1a13f0cda", "type": "github" }, "original": { @@ -476,11 +476,11 @@ ] }, "locked": { - "lastModified": 1724435763, - "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", + "lastModified": 1726036828, + "narHash": "sha256-ZQHbpyti0jcAKnwQY1lwmooecLmSG6wX1JakQ/eZNeM=", "owner": "nix-community", "repo": "home-manager", - "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", + "rev": "8a1671642826633586d12ac3158e463c7a50a112", "type": "github" }, "original": { @@ -540,11 +540,11 @@ ] }, "locked": { - "lastModified": 1726975622, - "narHash": "sha256-bPDZosnom0+02ywmMZAvmj7zvsQ6mVv/5kmvSgbTkaY=", + "lastModified": 1725161148, + "narHash": "sha256-WfAHq3Ag3vLNFfWxKHjFBFdPI6JIideWFJod9mx1eoo=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "c7515c2fdaf2e1f3f49856cef6cec95bb2138417", + "rev": "32058e9138248874773630c846563b1a78ee7a5b", "type": "github" }, "original": { @@ -564,11 +564,11 @@ ] }, "locked": { - "lastModified": 1727142313, - "narHash": "sha256-uEkvjrMOmQiGMw2m7iAHZDE82Wt+i3P65+dFmgpBbAM=", + "lastModified": 1725672853, + "narHash": "sha256-z1O6dzCJ27OZpF680tZL0mQphQETdg4DTryvhFOpZyA=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "487e99ffa42d57de53eba5ca4b60cd95fb442c42", + "rev": "efd33fc8e5a149dd48d86ca6003b51ab3ce4ae21", "type": "github" }, "original": { @@ -579,11 +579,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1727040444, - "narHash": "sha256-19FNN5QT9Z11ZUMfftRplyNN+2PgcHKb3oq8KMW/hDA=", + "lastModified": 1725477728, + "narHash": "sha256-ahej1VRqKmWbG7gewty+GlrSBEeGY/J2Zy8Nt8+3fdg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "d0cb432a9d28218df11cbd77d984a2a46caeb5ac", + "rev": "880be1ab837e1e9fe0449dae41ac4d034694d4ce", "type": "github" }, "original": { @@ -623,11 +623,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1726969270, - "narHash": "sha256-8fnFlXBgM/uSvBlLWjZ0Z0sOdRBesyNdH0+esxqizGc=", + "lastModified": 1725407940, + "narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "23cbb250f3bf4f516a2d0bf03c51a30900848075", + "rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3", "type": "github" }, "original": { @@ -639,11 +639,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1725762081, - "narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=", + "lastModified": 1721524707, + "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05", + "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171", "type": "github" }, "original": { @@ -655,11 +655,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1727147895, - "narHash": "sha256-2YZYrtEqQlPT77i6F3PSfA6pHeC62Q94u+c5N26BbNo=", + "lastModified": 1726296585, + "narHash": "sha256-inm7AIEqfgF4wXkhWB2M5IfmdITSF90xpeDDSU3DfNc=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "1b7b0516e42e87d04944092f04e85a393f12e3a8", + "rev": "8539edfb09c674994303141378df4ab33cd765ad", "type": "github" }, "original": { @@ -671,11 +671,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1725194671, - "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", + "lastModified": 1726042813, + "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", + "rev": "159be5db480d1df880a0135ca0bfed84c2f88353", "type": "github" }, "original": { @@ -713,11 +713,11 @@ }, "nur": { "locked": { - "lastModified": 1727146799, - "narHash": "sha256-EgTExhm77mFu0dNkl4A9LaVYwZYcx62hIG1Q7IJbzzg=", + "lastModified": 1725687722, + "narHash": "sha256-LPv282y5okYk8ebiBsEbDXy2WykwdBPpAthjKSmTfNI=", "owner": "nix-community", "repo": "NUR", - "rev": "819ed7a5b7dfec428810dfa1403d4fcb5cad44f3", + "rev": "ff7f8143f33751c4f37caec678ed1eb63006c0d3", "type": "github" }, "original": { @@ -774,11 +774,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1726524647, - "narHash": "sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4=", + "lastModified": 1725540166, + "narHash": "sha256-htc9rsTMSAY5ek+DB3tpntdD/es0eam2hJgO92bWSys=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e2d404a7ea599a013189aa42947f66cede0645c8", + "rev": "d9d781523a1463965cd1e1333a306e70d9feff07", "type": "github" }, "original": { diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index b850d52..71ffff6 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -27,7 +27,7 @@ }; home.packages = with pkgs; [ - betterbird + # betterbird remmina ]; diff --git a/machines/massicot/default.nix b/machines/massicot/default.nix index ecbc6e2..f74f265 100644 --- a/machines/massicot/default.nix +++ b/machines/massicot/default.nix @@ -1,5 +1,7 @@ { inputs, + config, + libs, pkgs, ... }: @@ -49,6 +51,13 @@ efiSupport = true; configurationLimit = 5; }; + # + # fileSystems."/mnt/storage" = { + # device = "//u380335-sub1.your-storagebox.de/u380335-sub1"; + # fsType = "cifs"; + # options = [ "credentials=${config.sops.secrets.storage_box_mount.path}" ]; + # }; + # environment.systemPackages = with pkgs; [ cifs-utils git @@ -60,11 +69,14 @@ hostName = "massicot"; }; - commonSettings = { - auth.enable = true; - nix = { + custom.kanidm-client = { + enable = true; + uri = "https://auth.xinyang.life/"; + asSSHAuth = { enable = true; + allowedGroups = [ "linux_users" ]; }; + sudoers = [ "xin@auth.xinyang.life" ]; }; security.sudo = { diff --git a/machines/massicot/kanidm-provision.nix b/machines/massicot/kanidm-provision.nix index 91f86d2..bd38b03 100644 --- a/machines/massicot/kanidm-provision.nix +++ b/machines/massicot/kanidm-provision.nix @@ -139,8 +139,7 @@ originUrl = [ "http://localhost/" "http://127.0.0.1/" - # TODO: Should allow mobile redirect url not ending with / - # "oc://android.owncloud.com" + "oc://android.owncloud.com" ]; basicSecretFile = config.sops.secrets."kanidm/ocis_android_secret".path; preferShortUsername = true; diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index ea52862..2d2ef8c 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -17,7 +17,6 @@ networking.hostName = "weilite"; commonSettings = { auth.enable = true; - autoupgrade.enable = true; nix = { enable = true; enableMirrors = true; @@ -158,7 +157,7 @@ repo = "github.com/caddy-dns/cloudflare"; version = "89f16b99c18ef49c8bb470a82f895bce01cbaece"; } - { +{ repo = "github.com/caddy-dns/dnspod"; version = "1fd4ce87e919f47db5fa029c31ae74b9737a58af"; } diff --git a/modules/nixos/common-settings/autoupgrade.nix b/modules/nixos/common-settings/autoupgrade.nix deleted file mode 100644 index 6c2cc83..0000000 --- a/modules/nixos/common-settings/autoupgrade.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - ... -}: - -let - inherit (lib) - mkIf - mkEnableOption - mkOption - types - ; - - cfg = config.commonSettings.autoupgrade; -in -{ - options.commonSettings.autoupgrade = { - enable = mkEnableOption "auto upgrade with nixos-rebuild"; - flake = mkOption { - type = types.str; - default = "github:xinyangli/nixos-config/deploy"; - }; - }; - - config = mkIf cfg.enable { - system.autoUpgrade = { - enable = true; - flake = cfg.flake; - }; - }; -} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index bfc36ce..36bf773 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,7 +1,6 @@ { imports = [ ./common-settings/auth.nix - ./common-settings/autoupgrade.nix ./common-settings/nix-conf.nix ./restic.nix ./vaultwarden.nix