update flake

2025-02-04 17:55:22 -06:00
parent d439a4e604
commit dc5e9c1667
7 changed files with 81 additions and 30 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -14,11 +14,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1738262370,
+        "lastModified": 1738503522,
-        "narHash": "sha256-d58ioZQgJMmRfp7KIQKIy5G8uio7nCQPP+YsLEbxIgg=",
+        "narHash": "sha256-1yrVbGLBMBPl34EibVARkUB9Gak1GjLRLZXJk9jbHxU=",
        "owner": "nix-community",
        "repo": "authentik-nix",
-        "rev": "e87750273754e7ee9249785ffc7151510e1d64c7",
+        "rev": "bc62d5509989f5dca633c65b58aa0ac79a48db3e",
        "type": "github"
      },
      "original": {
@@ -213,11 +213,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738275749,
+        "lastModified": 1738610386,
-        "narHash": "sha256-PM+cGduJ05EZ+YXulqAwUFjvfKpPmW080mcuN6R1POw=",
+        "narHash": "sha256-yb6a5efA1e8xze1vcdN2HBxqYr340EsxFMrDUHL3WZM=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "a8159195bfaef3c64df75d3b1e6a68d49d392be9",
+        "rev": "066ba0c5cfddbc9e0dddaec73b1561ad38aa8abe",
        "type": "github"
      },
      "original": {
@@ -395,11 +395,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1737751639,
+        "lastModified": 1738471961,
-        "narHash": "sha256-ZEbOJ9iT72iwqXsiEMbEa8wWjyFvRA9Ugx8utmYbpz4=",
+        "narHash": "sha256-cgXDFrplNGs7bCVzXhRofjD8oJYqqXGcmUzXjHmip6Y=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "dfad538f751a5aa5d4436d9781ab27a6128ec9d4",
+        "rev": "537286c3c59b40311e5418a180b38034661d2536",
        "type": "github"
      },
      "original": {
@@ -455,11 +455,11 @@
    },
    "nixpkgs-stable_2": {
      "locked": {
-        "lastModified": 1738163270,
+        "lastModified": 1738435198,
-        "narHash": "sha256-B/7Y1v4y+msFFBW1JAdFjNvVthvNdJKiN6EGRPnqfno=",
+        "narHash": "sha256-5+Hmo4nbqw8FrW85FlNm4IIrRnZ7bn0cmXlScNsNRLo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "59e618d90c065f55ae48446f307e8c09565d5ab0",
+        "rev": "f6687779bf4c396250831aa5a32cbfeb85bb07a3",
        "type": "github"
      },
      "original": {
@@ -471,11 +471,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1738142207,
+        "lastModified": 1738410390,
-        "narHash": "sha256-NGqpVVxNAHwIicXpgaVqJEJWeyqzoQJ9oc8lnK9+WC4=",
+        "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "9d3ae807ebd2981d593cddd0080856873139aa40",
+        "rev": "3a228057f5b619feb3186e986dbe76278d707b6e",
        "type": "github"
      },
      "original": {
@@ -635,11 +635,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1737411508,
+        "lastModified": 1738291974,
-        "narHash": "sha256-j9IdflJwRtqo9WpM0OfAZml47eBblUHGNQTe62OUqTw=",
+        "narHash": "sha256-wkwYJc8cKmmQWUloyS9KwttBnja2ONRuJQDEsmef320=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "015d461c16678fc02a2f405eb453abb509d4e1d4",
+        "rev": "4c1251904d8a08c86ac6bc0d72cc09975e89aef7",
        "type": "github"
      },
      "original": {
--- a/hosts/nas/apps/jellyseerr/default.nix
+++ b/hosts/nas/apps/jellyseerr/default.nix
@@ -2,7 +2,7 @@
 let
  jellyseerrPort = 5055;
-  dataDir = "/var/lib/jellyseerr";
+  dataDir = "/var/lib/private/jellyseerr";
 in
 {
  containers.jellyseerr = {
@@ -44,6 +44,18 @@ in
          useHostResolvConf = lib.mkForce false;
        };
        # Create and set permissions for required directories
        system.activationScripts.jellyseerr-dirs = ''
          mkdir -p /var/lib/private/jellyseerr
          chown -R jellyseerr:jellyseerr /var/lib/private/jellyseerr
          chmod -R 775 /var/lib/private/jellyseerr
          ln -sf /var/lib/private/jellyseerr /var/lib/jellyfin
        '';
        services.resolved.enable = true;
        system.stateVersion = "23.11";
      };
--- a/hosts/nas/apps/nextcloud/default.nix
+++ b/hosts/nas/apps/nextcloud/default.nix
@@ -42,6 +42,7 @@ in
    config =
      { pkgs, lib, ... }:
      {
        imports = [ ../../../../share/nvidia ];
        nixpkgs.config.allowUnfree = true;
        services = {
@@ -66,6 +67,7 @@ in
              dbuser = "nextcloud";
            };
            settings = {
              loglevel = 3;
              allow_local_remote_servers = true;
              upgrade.disable-web = false;
              datadirectory = "/data";
@@ -76,6 +78,7 @@ in
                "10.0.2.18:443"
                "cloud.mjallen.dev"
              ];
              opcache.interned_strings_buffer = 16;
              trusted_proxies = [ "10.0.1.18" ];
              maintenance_window_start = 6;
              default_phone_region = "US";
@@ -114,6 +117,9 @@ in
        # System packages
        environment.systemPackages = with pkgs; [
          cudaPackages.cudnn
          cudatoolkit
          ffmpeg
          libtensorflow-bin
          nextcloud30
          nodejs
@@ -153,6 +159,25 @@ in
        '';
        hardware = {
          graphics = {
            enable = true;
            # setLdLibraryPath = true;
          };
        };
        programs = {
          nix-ld.enable = true;
        };
        share.hardware.nvidia = {
          enable = true;
          enableBeta = true;
          enableOpen = true;
          nvidiaSettings = true;
          enableNvidiaDocker = true;
        };
        system.stateVersion = "23.11";
        networking = {
          firewall = {
--- a/hosts/nas/apps/ollama/default.nix
+++ b/hosts/nas/apps/ollama/default.nix
@@ -19,9 +19,12 @@
    environmentFile = config.sops.secrets."jallen-nas/open-webui".path;
    environment = {
      OPENID_PROVIDER_URL = "https://authentik.mjallen.dev/application/o/chat/.well-known/openid-configuration";
-      OPENID_PROVIDER_NAME = "authentik";
+      OAUTH_PROVIDER_NAME = "authentik";
      OPENID_REDIRECT_URI = "https://chat.mjallen.dev/oauth/oidc/callback";
      ENABLE_OAUTH_SIGNUP = "true";
      OAUTH_MERGE_ACCOUNTS_BY_EMAIL = "true";
      ENABLE_SIGNUP = "False";
      ENABLE_LOGIN_FORM = "False";
      ANONYMIZED_TELEMETRY = "False";
      DO_NOT_TRACK = "True";
      SCARF_NO_ANALYTICS = "True";
--- a/hosts/nas/configuration.nix
+++ b/hosts/nas/configuration.nix
@@ -118,12 +118,15 @@ in
      sbctl
      speedtest-cli
      tailscale
      tigervnc
      tpm2-tools
      tpm2-tss
      usbutils
      vim
      vulkan-tools
      wget
      xorg.xinit
      xorg.xauth
    ];
  };
@@ -210,6 +213,7 @@ in
        papirus-icon-theme
        firefox
        swtpm
        tigervnc
      ];
    };
--- a/hosts/nas/services.nix
+++ b/hosts/nas/services.nix
@@ -95,9 +95,9 @@ in
    # Enable RDP
    xrdp = {
-      enable = enableDisplayManager;
+      enable = true;
-      defaultWindowManager = "startplasma-x11";
+      defaultWindowManager = "${pkgs.lxqt.lxqt-session}/bin/startlxqt";
-      openFirewall = enableDisplayManager;
+      openFirewall = true;
    };
    avahi = {
--- a/share/nvidia/default.nix
+++ b/share/nvidia/default.nix
@@ -17,7 +17,14 @@ in
      nvidia = {
       package =
         if cfg.enableBeta then
-            config.boot.kernelPackages.nvidiaPackages.beta
+          #  config.boot.kernelPackages.nvidiaPackages.beta
            config.boot.kernelPackages.nvidiaPackages.mkDriver {
              version = "570.86.16"; # use new 570 drivers
              sha256_64bit = "sha256-RWPqS7ZUJH9JEAWlfHLGdqrNlavhaR1xMyzs8lJhy9U=";
              openSha256 = "sha256-DuVNA63+pJ8IB7Tw2gM4HbwlOh1bcDg2AN2mbEU9VPE=";
              settingsSha256 = "sha256-9rtqh64TyhDF5fFAYiWl3oDHzKJqyOW3abpcf2iNRT8=";
              usePersistenced = false;
            }
           # pkgs.unstable.linuxPackages.nvidiaPackages.beta
         else
           config.boot.kernelPackages.nvidiaPackages.latest;