diff --git a/flake.lock b/flake.lock index ce43ec3..0cc751b 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "authentik-go": { "flake": false, "locked": { - "lastModified": 1770333754, - "narHash": "sha256-Yyna75Nd6485tZP9IpdEa5QNomswe9hRfM+w3MuET9E=", + "lastModified": 1771856219, + "narHash": "sha256-zTEmvxe+BpfWYvAl675PnhXCH4jV4GUTFb1MrQ1Eyno=", "owner": "goauthentik", "repo": "client-go", - "rev": "280022b0a8de5c8f4b2965d1147a1c4fa846ba64", + "rev": "4c1444ee54d945fbcc5ae107b4f191ca0352023d", "type": "github" }, "original": { @@ -31,11 +31,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1770535094, - "narHash": "sha256-MLjqqCQsJFZJKqSMfarSVsFLNRiDK/pvOnoRwZ+esmk=", + "lastModified": 1772308481, + "narHash": "sha256-HnLfFmyMJpyhnvwfFViPgBkYuvZbWIf8TMyMDf5j/3I=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "b09825ea48b0802b4806ed9f0f4721a49e36eb98", + "rev": "5818986331de1a562c2505006b39a30aa1b081e6", "type": "github" }, "original": { @@ -47,16 +47,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1770055313, - "narHash": "sha256-t9DOFNSQJZdUnZSEr3z8EBRsltS4DKu9xad9gS5/Ikc=", + "lastModified": 1771963976, + "narHash": "sha256-pVQ34cZYX3hlk6hF1aZ/n32xMqTF4Jmp0G0VGDU7iXc=", "owner": "goauthentik", "repo": "authentik", - "rev": "6760f4c5d38e245edb72e12e4f45bda8dd859ccd", + "rev": "8af491630b70ff6bd089753e21bef511bfb3f557", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.12.3", + "ref": "version/2026.2.0", "repo": "authentik", "type": "github" } @@ -187,11 +187,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1770736414, - "narHash": "sha256-x5xdJgUxNflO9j2sJHIHnPujDy6eAWJPCMQml5y9XB4=", + "lastModified": 1772379624, + "narHash": "sha256-NG9LLTWlz4YiaTAiRGChbrzbVxBfX+Auq4Ab/SWmk4A=", "owner": "nix-darwin", "repo": "nix-darwin", - "rev": "7c952d9a524ffbbd5b5edca38fe6d943499585cc", + "rev": "52d061516108769656a8bd9c6e811c677ec5b462", "type": "github" }, "original": { @@ -208,11 +208,11 @@ ] }, "locked": { - "lastModified": 1769524058, - "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=", + "lastModified": 1772420042, + "narHash": "sha256-naZz40TUFMa0E0CutvwWsSPhgD5JldyTUDEgP9ADpfU=", "owner": "nix-community", "repo": "disko", - "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d", + "rev": "5af7af10f14706e4095bd6bc0d9373eb097283c6", "type": "github" }, "original": { @@ -240,11 +240,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1765121682, - "narHash": "sha256-4VBOP18BFeiPkyhy9o4ssBNQEvfvv1kXkasAYd0+rrA=", + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", "owner": "edolstra", "repo": "flake-compat", - "rev": "65f23138d8d09a92e30f1e5c87611b23ef451bf3", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", "type": "github" }, "original": { @@ -321,11 +321,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1765835352, - "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", + "lastModified": 1769996383, + "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "a34fae9c08a15ad73f295041fec82323541400a9", + "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", "type": "github" }, "original": { @@ -516,11 +516,11 @@ ] }, "locked": { - "lastModified": 1770654520, - "narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=", + "lastModified": 1772516620, + "narHash": "sha256-2r4cKdqCVlQkvcTcLUMxmsmAYZZxCMd//w/PnDnukTE=", "owner": "nix-community", "repo": "home-manager", - "rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e", + "rev": "2b9504d5a0169d4940a312abe2df2c5658db8de9", "type": "github" }, "original": { @@ -536,11 +536,11 @@ ] }, "locked": { - "lastModified": 1770260404, - "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "lastModified": 1772380125, + "narHash": "sha256-8C+y46xA9bxcchj9GeDPJaRUDApaA3sy2fhJr1bTbUw=", "owner": "nix-community", "repo": "home-manager", - "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", + "rev": "a07a44a839eb036e950bf397d9b782916f8dcab3", "type": "github" }, "original": { @@ -557,11 +557,11 @@ ] }, "locked": { - "lastModified": 1770654520, - "narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=", + "lastModified": 1772516620, + "narHash": "sha256-2r4cKdqCVlQkvcTcLUMxmsmAYZZxCMd//w/PnDnukTE=", "owner": "nix-community", "repo": "home-manager", - "rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e", + "rev": "2b9504d5a0169d4940a312abe2df2c5658db8de9", "type": "github" }, "original": { @@ -611,11 +611,11 @@ "homebrew-cask": { "flake": false, "locked": { - "lastModified": 1770768367, - "narHash": "sha256-7pAX0i46XHzpqYu1HItBr0QO2ay5wQGRaiHWuVDe1yo=", + "lastModified": 1772516445, + "narHash": "sha256-MVerItEbtXcRWlg64/V4czYn75NFMp8bJF3fjBMn+2A=", "owner": "homebrew", "repo": "homebrew-cask", - "rev": "a283d32dde9aabcfe41043fb2bfa4b1e73d747ea", + "rev": "4b53553e463dcdee20d0fc1429e6828acebc5846", "type": "github" }, "original": { @@ -627,11 +627,11 @@ "homebrew-core": { "flake": false, "locked": { - "lastModified": 1770775175, - "narHash": "sha256-KkI+PwKlFn+tntpoSj187wEbO7tVtGyQRrdsgvHBv1U=", + "lastModified": 1772517113, + "narHash": "sha256-fBS2VdySWOlt1yZSLFqkGwVHRhZc49NdE/bHjMEr/ug=", "owner": "homebrew", "repo": "homebrew-core", - "rev": "1adc6a56bc0d3bb873b415668e53e2f81a27803d", + "rev": "d67067daa2a50f72481c4adbed1d5b6a289efba1", "type": "github" }, "original": { @@ -752,11 +752,11 @@ ] }, "locked": { - "lastModified": 1770315571, - "narHash": "sha256-hy0gcAgAcxrnSWKGuNO+Ob0x6jQ2xkR6hoaR0qJBHYs=", + "lastModified": 1772341813, + "narHash": "sha256-/PQ0ubBCMj/MVCWEI/XMStn55a8dIKsvztj4ZVLvUrQ=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "2684bb8080a6f2ca5f9d494de5ef875bc1c4ecdb", + "rev": "a2051ff239ce2e8a0148fa7a152903d9a78e854f", "type": "github" }, "original": { @@ -809,11 +809,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1770692379, - "narHash": "sha256-05tn6+BH/B4Js+ele6uq2Xno0xpB0wv8fA6TNXMoXX8=", + "lastModified": 1772506041, + "narHash": "sha256-1tlskcMHk4x4AbxdoP1ikcTLv9vREbLOSPH0sZzVZvU=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "07f2af64427334c4098770884746ecf2471a574f", + "rev": "1ce151af917551265e61bc7fc5eb343ce091f285", "type": "github" }, "original": { @@ -847,11 +847,11 @@ "nixpkgs": "nixpkgs_10" }, "locked": { - "lastModified": 1771054135, - "narHash": "sha256-0RYmnOk40U4ZGbW/+3rHlNndrsuHCz9h+xequKWgwHQ=", + "lastModified": 1771511514, + "narHash": "sha256-qhtonMK07BCVC/wZ+pZ9/MKhcTric7YUaCpW6pOg8IM=", "owner": "nix-community", "repo": "nixos-apple-silicon", - "rev": "357186cca0f4c7801ff16970e4b6a05e74fd88e0", + "rev": "2b92d495204be0b10845c66361444dbc8441c68d", "type": "github" }, "original": { @@ -862,11 +862,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1770631810, - "narHash": "sha256-b7iK/x+zOXbjhRqa+XBlYla4zFvPZyU5Ln2HJkiSnzc=", + "lastModified": 1771969195, + "narHash": "sha256-qwcDBtrRvJbrrnv1lf/pREQi8t2hWZxVAyeMo7/E9sw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "2889685785848de940375bf7fea5e7c5a3c8d502", + "rev": "41c6b421bdc301b2624486e11905c9af7b8ec68e", "type": "github" }, "original": { @@ -878,11 +878,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1768305791, - "narHash": "sha256-AIdl6WAn9aymeaH/NvBj0H9qM+XuAuYbGMZaP0zcXAQ=", + "lastModified": 1771848320, + "narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1412caf7bf9e660f2f962917c14b1ea1c3bc695e", + "rev": "2fc6539b481e1d2569f25f8799236694180c0993", "type": "github" }, "original": { @@ -894,11 +894,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1765674936, - "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=", + "lastModified": 1769909678, + "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85", + "rev": "72716169fe93074c333e8d0173151350670b824c", "type": "github" }, "original": { @@ -941,11 +941,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1770617025, - "narHash": "sha256-1jZvgZoAagZZB6NwGRv2T2ezPy+X6EFDsJm+YSlsvEs=", + "lastModified": 1772465433, + "narHash": "sha256-ywy9troNEfpgh0Ee+zaV1UTgU8kYBVKtvPSxh6clYGU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2db38e08fdadcc0ce3232f7279bab59a15b94482", + "rev": "c581273b8d5bdf1c6ce7e0a54da9841e6a763913", "type": "github" }, "original": { @@ -957,11 +957,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1770720068, - "narHash": "sha256-S8s8l0CfMYsFMNS0hXZaQV9sOTkUB6qdXdTSEs2aTT8=", + "lastModified": 1772489420, + "narHash": "sha256-5S6dLX9aLYhoGJYriyeQzNAfW40atqWCWfDBdMCJxmQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8ee95bcb238069810a968efbf2bba8e4d6ff11a6", + "rev": "a655125ecdf797c9c3783c48b235b88ff160344f", "type": "github" }, "original": { @@ -989,11 +989,11 @@ }, "nixpkgs_11": { "locked": { - "lastModified": 1770720068, - "narHash": "sha256-S8s8l0CfMYsFMNS0hXZaQV9sOTkUB6qdXdTSEs2aTT8=", + "lastModified": 1772489420, + "narHash": "sha256-5S6dLX9aLYhoGJYriyeQzNAfW40atqWCWfDBdMCJxmQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8ee95bcb238069810a968efbf2bba8e4d6ff11a6", + "rev": "a655125ecdf797c9c3783c48b235b88ff160344f", "type": "github" }, "original": { @@ -1005,11 +1005,11 @@ }, "nixpkgs_12": { "locked": { - "lastModified": 1770380644, - "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", + "lastModified": 1772173633, + "narHash": "sha256-MOH58F4AIbCkh6qlQcwMycyk5SWvsqnS/TCfnqDlpj4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe", + "rev": "c0f3d81a7ddbc2b1332be0d8481a672b4f6004d6", "type": "github" }, "original": { @@ -1204,11 +1204,11 @@ ] }, "locked": { - "lastModified": 1770726378, - "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", + "lastModified": 1772024342, + "narHash": "sha256-+eXlIc4/7dE6EcPs9a2DaSY3fTA9AE526hGqkNID3Wg=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", + "rev": "6e34e97ed9788b17796ee43ccdbaf871a5c2b476", "type": "github" }, "original": { @@ -1233,11 +1233,11 @@ ] }, "locked": { - "lastModified": 1763662255, - "narHash": "sha256-4bocaOyLa3AfiS8KrWjZQYu+IAta05u3gYZzZ6zXbT0=", + "lastModified": 1771423342, + "narHash": "sha256-7uXPiWB0YQ4HNaAqRvVndYL34FEp1ZTwVQHgZmyMtC8=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "042904167604c681a090c07eb6967b4dd4dae88c", + "rev": "04e9c186e01f0830dad3739088070e4c551191a4", "type": "github" }, "original": { @@ -1254,11 +1254,11 @@ ] }, "locked": { - "lastModified": 1764134915, - "narHash": "sha256-xaKvtPx6YAnA3HQVp5LwyYG1MaN4LLehpQI8xEdBvBY=", + "lastModified": 1771518446, + "narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "2c8df1383b32e5443c921f61224b198a2282a657", + "rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937", "type": "github" }, "original": { @@ -1369,11 +1369,11 @@ "nixpkgs": "nixpkgs_12" }, "locked": { - "lastModified": 1770683991, - "narHash": "sha256-xVfPvXDf9QN3Eh9dV+Lw6IkWG42KSuQ1u2260HKvpnc=", + "lastModified": 1772495394, + "narHash": "sha256-hmIvE/slLKEFKNEJz27IZ8BKlAaZDcjIHmkZ7GCEjfw=", "owner": "Mic92", "repo": "sops-nix", - "rev": "8b89f44c2cc4581e402111d928869fe7ba9f7033", + "rev": "1d9b98a29a45abe9c4d3174bd36de9f28755e3ff", "type": "github" }, "original": { @@ -1426,11 +1426,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1770587906, - "narHash": "sha256-N9ZTG3ia7l4iQO+9JlOj+sX4yu6gl7a3aozrlhSIJwQ=", + "lastModified": 1772296853, + "narHash": "sha256-pAtzPsgHRKw/2Kv8HgAjSJg450FDldHPWsP3AKG/Xj0=", "owner": "nix-community", "repo": "stylix", - "rev": "72e6483a88d51471a6c55e1d43e7ed2bc47a76a4", + "rev": "c4b8e80a1020e09a1f081ad0f98ce804a6e85acf", "type": "github" }, "original": { @@ -1612,11 +1612,11 @@ ] }, "locked": { - "lastModified": 1765631794, - "narHash": "sha256-90d//IZ4GXipNsngO4sb2SAPbIC/a2P+IAdAWOwpcOM=", + "lastModified": 1772187362, + "narHash": "sha256-gCojeIlQ/rfWMe3adif3akyHsT95wiMkLURpxTeqmPc=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "4cca323a547a1aaa9b94929c4901bed5343eafe8", + "rev": "abe65de114300de41614002fe9dce2152ac2ac23", "type": "github" }, "original": { diff --git a/modules/nixos/services/nextcloud/default.nix b/modules/nixos/services/nextcloud/default.nix index 62aa7f2..b05aa92 100644 --- a/modules/nixos/services/nextcloud/default.nix +++ b/modules/nixos/services/nextcloud/default.nix @@ -20,7 +20,7 @@ let # Setup the native NixOS Nextcloud service services.nextcloud = { enable = true; - package = pkgs.nextcloud32; + package = pkgs.nextcloud33; hostName = "cloud.mjallen.dev"; home = "${cfg.configDir}/nextcloud"; datadir = "${cfg.dataDir}/nextcloud"; diff --git a/modules/nixos/services/traefik/default.nix b/modules/nixos/services/traefik/default.nix index 0d3be47..6084023 100755 --- a/modules/nixos/services/traefik/default.nix +++ b/modules/nixos/services/traefik/default.nix @@ -70,300 +70,300 @@ in allowedUDPPorts = forwardPorts; }; - services.traefik = { - enable = true; - dataDir = "${configDir}/traefik"; - group = "jallen-nas"; # group; - environmentFiles = [ config.sops.templates."traefik.env".path ]; + # services.traefik = { + # enable = true; + # dataDir = "${configDir}/traefik"; + # group = "jallen-nas"; # group; + # environmentFiles = [ config.sops.templates."traefik.env".path ]; - static = { - # dir = "${configDir}/traefik"; - settings = { - entryPoints = { - web = { - address = ":${toString httpPort}"; - asDefault = true; - http.redirections.entrypoint = { - to = "websecure"; - scheme = "https"; - }; - }; + # static = { + # # dir = "${configDir}/traefik"; + # settings = { + # entryPoints = { + # web = { + # address = ":${toString httpPort}"; + # asDefault = true; + # http.redirections.entrypoint = { + # to = "websecure"; + # scheme = "https"; + # }; + # }; - websecure = { - address = ":${toString httpsPort}"; - asDefault = true; - http.tls.certResolver = "letsencrypt"; - }; + # websecure = { + # address = ":${toString httpsPort}"; + # asDefault = true; + # http.tls.certResolver = "letsencrypt"; + # }; - metrics = { - address = ":${toString metricsPort}"; # Port for metrics - }; - }; + # metrics = { + # address = ":${toString metricsPort}"; # Port for metrics + # }; + # }; - log = { - level = "INFO"; - }; + # log = { + # level = "INFO"; + # }; - metrics = { - prometheus = { - entryPoint = "metrics"; - addEntryPointsLabels = true; - addServicesLabels = true; - buckets = [ - 0.1 - 0.3 - 1.2 - 5.0 - ]; # Response time buckets - }; - }; + # metrics = { + # prometheus = { + # entryPoint = "metrics"; + # addEntryPointsLabels = true; + # addServicesLabels = true; + # buckets = [ + # 0.1 + # 0.3 + # 1.2 + # 5.0 + # ]; # Response time buckets + # }; + # }; - certificatesResolvers.letsencrypt.acme = { - email = letsEncryptEmail; - storage = "${config.services.traefik.dataDir}/acme.json"; - dnsChallenge = { - provider = "cloudflare"; - resolvers = [ - "1.1.1.1:53" - "8.8.8.8:53" - ]; - }; - }; + # certificatesResolvers.letsencrypt.acme = { + # email = letsEncryptEmail; + # storage = "${config.services.traefik.dataDir}/acme.json"; + # dnsChallenge = { + # provider = "cloudflare"; + # resolvers = [ + # "1.1.1.1:53" + # "8.8.8.8:53" + # ]; + # }; + # }; - # Access the Traefik dashboard on :8080 - api = { - dashboard = true; - insecure = true; - }; + # # Access the Traefik dashboard on :8080 + # api = { + # dashboard = true; + # insecure = true; + # }; - experimental = { - plugins = traefikPlugins; - }; - }; - }; + # experimental = { + # plugins = traefikPlugins; + # }; + # }; + # }; - dynamic = { - dir = "/run/traefik"; - files = { - "serversTransports".settings.http = { - serversTransports = { - internal-https = { - insecureSkipVerify = true; - }; - http1 = { - serverName = "localhost"; - disableHTTP2 = true; - }; - }; - }; + # dynamic = { + # dir = "/run/traefik"; + # files = { + # "serversTransports".settings.http = { + # serversTransports = { + # internal-https = { + # insecureSkipVerify = true; + # }; + # http1 = { + # serverName = "localhost"; + # disableHTTP2 = true; + # }; + # }; + # }; - "middlewares-authentik".settings.http = { - middlewares = { - authentik = { - forwardAuth = { - tls.insecureSkipVerify = true; - address = "${authUrl}/auth/traefik"; - trustForwardHeader = true; - authResponseHeaders = [ - "X-authentik-username" - "X-authentik-groups" - "X-authentik-email" - "X-authentik-name" - "X-authentik-uid" - "X-authentik-jwt" - "X-authentik-meta-jwks" - "X-authentik-meta-outpost" - "X-authentik-meta-provider" - "X-authentik-meta-app" - "X-authentik-meta-version" - ]; - }; - }; - }; - }; + # "middlewares-authentik".settings.http = { + # middlewares = { + # authentik = { + # forwardAuth = { + # tls.insecureSkipVerify = true; + # address = "${authUrl}/auth/traefik"; + # trustForwardHeader = true; + # authResponseHeaders = [ + # "X-authentik-username" + # "X-authentik-groups" + # "X-authentik-email" + # "X-authentik-name" + # "X-authentik-uid" + # "X-authentik-jwt" + # "X-authentik-meta-jwks" + # "X-authentik-meta-outpost" + # "X-authentik-meta-provider" + # "X-authentik-meta-app" + # "X-authentik-meta-version" + # ]; + # }; + # }; + # }; + # }; - "middlewares-crowdsec".settings.http = { - middlewares = { - crowdsec = { - plugin = { - bouncer = { - enabled = true; - crowdsecLapiKeyFile = config.sops.secrets."jallen-nas/traefik/crowdsec/lapi-key".path; - crowdsecLapiScheme = "http"; - crowdsecLapiHost = "localhost:8181"; - crowdsecLapiPath = "/"; - crowdsecLapiTLSInsecureVerify = false; - crowdsecCapiMachineIdFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-machine-id".path; - crowdsecCapiPasswordFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-password".path; - crowdsecCapiScenarios = [ ]; - }; - }; - }; - }; - }; + # "middlewares-crowdsec".settings.http = { + # middlewares = { + # crowdsec = { + # plugin = { + # bouncer = { + # enabled = true; + # crowdsecLapiKeyFile = config.sops.secrets."jallen-nas/traefik/crowdsec/lapi-key".path; + # crowdsecLapiScheme = "http"; + # crowdsecLapiHost = "localhost:8181"; + # crowdsecLapiPath = "/"; + # crowdsecLapiTLSInsecureVerify = false; + # crowdsecCapiMachineIdFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-machine-id".path; + # crowdsecCapiPasswordFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-password".path; + # crowdsecCapiScenarios = [ ]; + # }; + # }; + # }; + # }; + # }; - "middlewares-geoblock".settings.http = { - middlewares = { - whitelist-geoblock = { - plugin = { - geoblock = { - silentStartUp = false; - allowLocalRequests = true; - logLocalRequests = false; - logAllowedRequests = false; - logApiRequests = false; - api = "https://get.geojs.io/v1/ip/country/{ip}"; - apiTimeoutMs = 500; - cacheSize = 25; - forceMonthlyUpdate = true; - allowUnknownCountries = false; - unknownCountryApiResponse = "nil"; - blackListMode = false; - countries = [ - "CA" - "US" - ]; - }; - }; - }; - }; - }; + # "middlewares-geoblock".settings.http = { + # middlewares = { + # whitelist-geoblock = { + # plugin = { + # geoblock = { + # silentStartUp = false; + # allowLocalRequests = true; + # logLocalRequests = false; + # logAllowedRequests = false; + # logApiRequests = false; + # api = "https://get.geojs.io/v1/ip/country/{ip}"; + # apiTimeoutMs = 500; + # cacheSize = 25; + # forceMonthlyUpdate = true; + # allowUnknownCountries = false; + # unknownCountryApiResponse = "nil"; + # blackListMode = false; + # countries = [ + # "CA" + # "US" + # ]; + # }; + # }; + # }; + # }; + # }; - "middlewares-ipallowlist".settings.http = { - middlewares = { - internal-ipallowlist = { - ipAllowList = { - sourceRange = [ - "127.0.0.1/32" - "10.0.1.0/24" - ]; - }; - }; - }; - }; + # "middlewares-ipallowlist".settings.http = { + # middlewares = { + # internal-ipallowlist = { + # ipAllowList = { + # sourceRange = [ + # "127.0.0.1/32" + # "10.0.1.0/24" + # ]; + # }; + # }; + # }; + # }; - "services-auth".settings.http = { - services = { - auth.loadBalancer.servers = [ - { - url = authUrl; - } - ]; - }; - }; + # "services-auth".settings.http = { + # services = { + # auth.loadBalancer.servers = [ + # { + # url = authUrl; + # } + # ]; + # }; + # }; - "services-cache".settings.http = { - services = { - cache.loadBalancer = { - servers = [ - { - url = cacheUrl; - } - ]; - serversTransport = "http1"; - }; - }; - }; + # "services-cache".settings.http = { + # services = { + # cache.loadBalancer = { + # servers = [ + # { + # url = cacheUrl; + # } + # ]; + # serversTransport = "http1"; + # }; + # }; + # }; - "services-nginx".settings.http = { - services = { - nginx.loadBalancer.servers = [ - { - url = "http://localhost:8188"; - } - ]; - }; - }; + # "services-nginx".settings.http = { + # services = { + # nginx.loadBalancer.servers = [ + # { + # url = "http://localhost:8188"; + # } + # ]; + # }; + # }; - "services-generated".settings.http = reverseProxyServiceConfigs; + # "services-generated".settings.http = reverseProxyServiceConfigs; - "routers-auth".settings.http = { - routers = { - auth = { - entryPoints = [ "websecure" ]; - rule = "HostRegexp(`{subdomain:[a-z]+}.mjallen.dev`) && PathPrefix(`/outpost.goauthentik.io/`)"; - service = "auth"; - middlewares = [ - "crowdsec" - "whitelist-geoblock" - ]; - priority = 15; - tls.certResolver = "letsencrypt"; - }; - }; - }; + # "routers-auth".settings.http = { + # routers = { + # auth = { + # entryPoints = [ "websecure" ]; + # rule = "HostRegexp(`{subdomain:[a-z]+}.mjallen.dev`) && PathPrefix(`/outpost.goauthentik.io/`)"; + # service = "auth"; + # middlewares = [ + # "crowdsec" + # "whitelist-geoblock" + # ]; + # priority = 15; + # tls.certResolver = "letsencrypt"; + # }; + # }; + # }; - "routers-matrix2".settings.http = { - routers = { - matrix2 = { - entryPoints = [ "websecure" ]; - rule = "Host(`matrix.mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)"; - service = "nginx"; - middlewares = [ - "crowdsec" - "whitelist-geoblock" - ]; - priority = 1; - tls.certResolver = "letsencrypt"; - }; - }; - }; + # "routers-matrix2".settings.http = { + # routers = { + # matrix2 = { + # entryPoints = [ "websecure" ]; + # rule = "Host(`matrix.mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)"; + # service = "nginx"; + # middlewares = [ + # "crowdsec" + # "whitelist-geoblock" + # ]; + # priority = 1; + # tls.certResolver = "letsencrypt"; + # }; + # }; + # }; - "routers-matrix3".settings.http = { - routers = { - matrix3 = { - entryPoints = [ "websecure" ]; - rule = "Host(`mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)"; - service = "nginx"; - middlewares = [ - "crowdsec" - "whitelist-geoblock" - ]; - priority = 1; - tls.certResolver = "letsencrypt"; - }; - }; - }; + # "routers-matrix3".settings.http = { + # routers = { + # matrix3 = { + # entryPoints = [ "websecure" ]; + # rule = "Host(`mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)"; + # service = "nginx"; + # middlewares = [ + # "crowdsec" + # "whitelist-geoblock" + # ]; + # priority = 1; + # tls.certResolver = "letsencrypt"; + # }; + # }; + # }; - "routers-cache".settings.http = { - routers = { - cache = { - entryPoints = [ "websecure" ]; - rule = "Host(`cache.${domain}`)"; - service = "cache"; - middlewares = [ ]; - priority = 10; - tls.certResolver = "letsencrypt"; - }; - }; - }; + # "routers-cache".settings.http = { + # routers = { + # cache = { + # entryPoints = [ "websecure" ]; + # rule = "Host(`cache.${domain}`)"; + # service = "cache"; + # middlewares = [ ]; + # priority = 10; + # tls.certResolver = "letsencrypt"; + # }; + # }; + # }; - "home-assistant".settings.http = { - services = { - hass.loadBalancer.servers = [ - { - url = hassUrl; - } - ]; - }; - routers = { - hass = { - entryPoints = [ "websecure" ]; - rule = "Host(`hass.${domain}`)"; - service = "hass"; - middlewares = [ - "crowdsec" - "whitelist-geoblock" - # "authentik" - ]; - priority = 10; - tls.certResolver = "letsencrypt"; - }; - }; - }; - "routers-generated".settings.http = reverseProxyRouterConfigs; - }; - }; - }; + # "home-assistant".settings.http = { + # services = { + # hass.loadBalancer.servers = [ + # { + # url = hassUrl; + # } + # ]; + # }; + # routers = { + # hass = { + # entryPoints = [ "websecure" ]; + # rule = "Host(`hass.${domain}`)"; + # service = "hass"; + # middlewares = [ + # "crowdsec" + # "whitelist-geoblock" + # # "authentik" + # ]; + # priority = 10; + # tls.certResolver = "letsencrypt"; + # }; + # }; + # }; + # "routers-generated".settings.http = reverseProxyRouterConfigs; + # }; + # }; + # }; }; } diff --git a/modules/nixos/services/wyoming/default.nix b/modules/nixos/services/wyoming/default.nix index 4b8ceee..a906452 100755 --- a/modules/nixos/services/wyoming/default.nix +++ b/modules/nixos/services/wyoming/default.nix @@ -29,7 +29,6 @@ let services.wyoming = { faster-whisper.servers.hass-whisper = { enable = true; - useTransformers = false; device = lib.mkForce "auto"; language = "en"; model = "distil-large-v3"; diff --git a/packages/bcachefs/default.nix b/packages/bcachefs/default.nix index 9ff5b57..fe0406a 100644 --- a/packages/bcachefs/default.nix +++ b/packages/bcachefs/default.nix @@ -28,18 +28,18 @@ stdenv.mkDerivation (finalAttrs: { pname = "bcachefs-tools"; - version = "1.35.1"; + version = "1.36.1"; src = fetchFromGitHub { owner = "koverstreet"; repo = "bcachefs-tools"; tag = "v${finalAttrs.version}"; - hash = "sha256-1p2zbzQLza8w+hu+5OjPr+Lh6q6Kh9HdVxFkuCl2x8o="; + hash = lib.fakeHash; }; cargoDeps = rustPlatform.fetchCargoVendor { inherit (finalAttrs) src; - hash = "sha256-OlXkshfEXtY6fDBqhEJQhWhPjwQ5ofDIZ9IuchchKxk="; + hash = lib.fakeHash; }; postPatch = ''