mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upd

Browse Source
This commit is contained in:
mjallen18
2026-03-03 09:49:00 -06:00
parent ff9aea7a58
commit ddd99ef396
5 changed files with 362 additions and 363 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
flake.lock generated
View File

@@ -3,11 +3,11 @@
"authentik-go": { "authentik-go": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1770333754, "lastModified": 1771856219,
"narHash": "sha256-Yyna75Nd6485tZP9IpdEa5QNomswe9hRfM+w3MuET9E=", "narHash": "sha256-zTEmvxe+BpfWYvAl675PnhXCH4jV4GUTFb1MrQ1Eyno=",
"owner": "goauthentik", "owner": "goauthentik",
"repo": "client-go", "repo": "client-go",
"rev": "280022b0a8de5c8f4b2965d1147a1c4fa846ba64", "rev": "4c1444ee54d945fbcc5ae107b4f191ca0352023d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -31,11 +31,11 @@
"uv2nix": "uv2nix" "uv2nix": "uv2nix"
}, },
"locked": { "locked": {
"lastModified": 1770535094, "lastModified": 1772308481,
"narHash": "sha256-MLjqqCQsJFZJKqSMfarSVsFLNRiDK/pvOnoRwZ+esmk=", "narHash": "sha256-HnLfFmyMJpyhnvwfFViPgBkYuvZbWIf8TMyMDf5j/3I=",
"owner": "nix-community", "owner": "nix-community",
"repo": "authentik-nix", "repo": "authentik-nix",
"rev": "b09825ea48b0802b4806ed9f0f4721a49e36eb98", "rev": "5818986331de1a562c2505006b39a30aa1b081e6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -47,16 +47,16 @@
"authentik-src": { "authentik-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1770055313, "lastModified": 1771963976,
"narHash": "sha256-t9DOFNSQJZdUnZSEr3z8EBRsltS4DKu9xad9gS5/Ikc=", "narHash": "sha256-pVQ34cZYX3hlk6hF1aZ/n32xMqTF4Jmp0G0VGDU7iXc=",
"owner": "goauthentik", "owner": "goauthentik",
"repo": "authentik", "repo": "authentik",
"rev": "6760f4c5d38e245edb72e12e4f45bda8dd859ccd", "rev": "8af491630b70ff6bd089753e21bef511bfb3f557",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "goauthentik", "owner": "goauthentik",
"ref": "version/2025.12.3", "ref": "version/2026.2.0",
"repo": "authentik", "repo": "authentik",
"type": "github" "type": "github"
} }
@@ -187,11 +187,11 @@
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1770736414, "lastModified": 1772379624,
"narHash": "sha256-x5xdJgUxNflO9j2sJHIHnPujDy6eAWJPCMQml5y9XB4=", "narHash": "sha256-NG9LLTWlz4YiaTAiRGChbrzbVxBfX+Auq4Ab/SWmk4A=",
"owner": "nix-darwin", "owner": "nix-darwin",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "7c952d9a524ffbbd5b5edca38fe6d943499585cc", "rev": "52d061516108769656a8bd9c6e811c677ec5b462",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -208,11 +208,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1769524058, "lastModified": 1772420042,
"narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=", "narHash": "sha256-naZz40TUFMa0E0CutvwWsSPhgD5JldyTUDEgP9ADpfU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d", "rev": "5af7af10f14706e4095bd6bc0d9373eb097283c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -240,11 +240,11 @@
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1765121682, "lastModified": 1767039857,
"narHash": "sha256-4VBOP18BFeiPkyhy9o4ssBNQEvfvv1kXkasAYd0+rrA=", "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "65f23138d8d09a92e30f1e5c87611b23ef451bf3", "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -321,11 +321,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1765835352, "lastModified": 1769996383,
"narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "a34fae9c08a15ad73f295041fec82323541400a9", "rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -516,11 +516,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770654520, "lastModified": 1772516620,
"narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=", "narHash": "sha256-2r4cKdqCVlQkvcTcLUMxmsmAYZZxCMd//w/PnDnukTE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e", "rev": "2b9504d5a0169d4940a312abe2df2c5658db8de9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -536,11 +536,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770260404, "lastModified": 1772380125,
"narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", "narHash": "sha256-8C+y46xA9bxcchj9GeDPJaRUDApaA3sy2fhJr1bTbUw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", "rev": "a07a44a839eb036e950bf397d9b782916f8dcab3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -557,11 +557,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770654520, "lastModified": 1772516620,
"narHash": "sha256-mg5WZMIPGsFu9MxSrUcuJUPMbfMsF77el5yb/7rc10k=", "narHash": "sha256-2r4cKdqCVlQkvcTcLUMxmsmAYZZxCMd//w/PnDnukTE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "6c4fdbe1ad198fac36c320fd45c5957324a80b8e", "rev": "2b9504d5a0169d4940a312abe2df2c5658db8de9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -611,11 +611,11 @@
"homebrew-cask": { "homebrew-cask": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1770768367, "lastModified": 1772516445,
"narHash": "sha256-7pAX0i46XHzpqYu1HItBr0QO2ay5wQGRaiHWuVDe1yo=", "narHash": "sha256-MVerItEbtXcRWlg64/V4czYn75NFMp8bJF3fjBMn+2A=",
"owner": "homebrew", "owner": "homebrew",
"repo": "homebrew-cask", "repo": "homebrew-cask",
"rev": "a283d32dde9aabcfe41043fb2bfa4b1e73d747ea", "rev": "4b53553e463dcdee20d0fc1429e6828acebc5846",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -627,11 +627,11 @@
"homebrew-core": { "homebrew-core": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1770775175, "lastModified": 1772517113,
"narHash": "sha256-KkI+PwKlFn+tntpoSj187wEbO7tVtGyQRrdsgvHBv1U=", "narHash": "sha256-fBS2VdySWOlt1yZSLFqkGwVHRhZc49NdE/bHjMEr/ug=",
"owner": "homebrew", "owner": "homebrew",
"repo": "homebrew-core", "repo": "homebrew-core",
"rev": "1adc6a56bc0d3bb873b415668e53e2f81a27803d", "rev": "d67067daa2a50f72481c4adbed1d5b6a289efba1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -752,11 +752,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770315571, "lastModified": 1772341813,
"narHash": "sha256-hy0gcAgAcxrnSWKGuNO+Ob0x6jQ2xkR6hoaR0qJBHYs=", "narHash": "sha256-/PQ0ubBCMj/MVCWEI/XMStn55a8dIKsvztj4ZVLvUrQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "2684bb8080a6f2ca5f9d494de5ef875bc1c4ecdb", "rev": "a2051ff239ce2e8a0148fa7a152903d9a78e854f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -809,11 +809,11 @@
"nixpkgs": "nixpkgs_8" "nixpkgs": "nixpkgs_8"
}, },
"locked": { "locked": {
"lastModified": 1770692379, "lastModified": 1772506041,
"narHash": "sha256-05tn6+BH/B4Js+ele6uq2Xno0xpB0wv8fA6TNXMoXX8=", "narHash": "sha256-1tlskcMHk4x4AbxdoP1ikcTLv9vREbLOSPH0sZzVZvU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "07f2af64427334c4098770884746ecf2471a574f", "rev": "1ce151af917551265e61bc7fc5eb343ce091f285",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -847,11 +847,11 @@
"nixpkgs": "nixpkgs_10" "nixpkgs": "nixpkgs_10"
}, },
"locked": { "locked": {
"lastModified": 1771054135, "lastModified": 1771511514,
"narHash": "sha256-0RYmnOk40U4ZGbW/+3rHlNndrsuHCz9h+xequKWgwHQ=", "narHash": "sha256-qhtonMK07BCVC/wZ+pZ9/MKhcTric7YUaCpW6pOg8IM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-apple-silicon", "repo": "nixos-apple-silicon",
"rev": "357186cca0f4c7801ff16970e4b6a05e74fd88e0", "rev": "2b92d495204be0b10845c66361444dbc8441c68d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -862,11 +862,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1770631810, "lastModified": 1771969195,
"narHash": "sha256-b7iK/x+zOXbjhRqa+XBlYla4zFvPZyU5Ln2HJkiSnzc=", "narHash": "sha256-qwcDBtrRvJbrrnv1lf/pREQi8t2hWZxVAyeMo7/E9sw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "2889685785848de940375bf7fea5e7c5a3c8d502", "rev": "41c6b421bdc301b2624486e11905c9af7b8ec68e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -878,11 +878,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1768305791, "lastModified": 1771848320,
"narHash": "sha256-AIdl6WAn9aymeaH/NvBj0H9qM+XuAuYbGMZaP0zcXAQ=", "narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1412caf7bf9e660f2f962917c14b1ea1c3bc695e", "rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -894,11 +894,11 @@
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1765674936, "lastModified": 1769909678,
"narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=", "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85", "rev": "72716169fe93074c333e8d0173151350670b824c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -941,11 +941,11 @@
}, },
"nixpkgs-stable_2": { "nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1770617025, "lastModified": 1772465433,
"narHash": "sha256-1jZvgZoAagZZB6NwGRv2T2ezPy+X6EFDsJm+YSlsvEs=", "narHash": "sha256-ywy9troNEfpgh0Ee+zaV1UTgU8kYBVKtvPSxh6clYGU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2db38e08fdadcc0ce3232f7279bab59a15b94482", "rev": "c581273b8d5bdf1c6ce7e0a54da9841e6a763913",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -957,11 +957,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1770720068, "lastModified": 1772489420,
"narHash": "sha256-S8s8l0CfMYsFMNS0hXZaQV9sOTkUB6qdXdTSEs2aTT8=", "narHash": "sha256-5S6dLX9aLYhoGJYriyeQzNAfW40atqWCWfDBdMCJxmQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8ee95bcb238069810a968efbf2bba8e4d6ff11a6", "rev": "a655125ecdf797c9c3783c48b235b88ff160344f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -989,11 +989,11 @@
}, },
"nixpkgs_11": { "nixpkgs_11": {
"locked": { "locked": {
"lastModified": 1770720068, "lastModified": 1772489420,
"narHash": "sha256-S8s8l0CfMYsFMNS0hXZaQV9sOTkUB6qdXdTSEs2aTT8=", "narHash": "sha256-5S6dLX9aLYhoGJYriyeQzNAfW40atqWCWfDBdMCJxmQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8ee95bcb238069810a968efbf2bba8e4d6ff11a6", "rev": "a655125ecdf797c9c3783c48b235b88ff160344f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1005,11 +1005,11 @@
}, },
"nixpkgs_12": { "nixpkgs_12": {
"locked": { "locked": {
"lastModified": 1770380644, "lastModified": 1772173633,
"narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=", "narHash": "sha256-MOH58F4AIbCkh6qlQcwMycyk5SWvsqnS/TCfnqDlpj4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe", "rev": "c0f3d81a7ddbc2b1332be0d8481a672b4f6004d6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1204,11 +1204,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770726378, "lastModified": 1772024342,
"narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", "narHash": "sha256-+eXlIc4/7dE6EcPs9a2DaSY3fTA9AE526hGqkNID3Wg=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", "rev": "6e34e97ed9788b17796ee43ccdbaf871a5c2b476",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1233,11 +1233,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763662255, "lastModified": 1771423342,
"narHash": "sha256-4bocaOyLa3AfiS8KrWjZQYu+IAta05u3gYZzZ6zXbT0=", "narHash": "sha256-7uXPiWB0YQ4HNaAqRvVndYL34FEp1ZTwVQHgZmyMtC8=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "build-system-pkgs", "repo": "build-system-pkgs",
"rev": "042904167604c681a090c07eb6967b4dd4dae88c", "rev": "04e9c186e01f0830dad3739088070e4c551191a4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1254,11 +1254,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1764134915, "lastModified": 1771518446,
"narHash": "sha256-xaKvtPx6YAnA3HQVp5LwyYG1MaN4LLehpQI8xEdBvBY=", "narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "pyproject.nix", "repo": "pyproject.nix",
"rev": "2c8df1383b32e5443c921f61224b198a2282a657", "rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1369,11 +1369,11 @@
"nixpkgs": "nixpkgs_12" "nixpkgs": "nixpkgs_12"
}, },
"locked": { "locked": {
"lastModified": 1770683991, "lastModified": 1772495394,
"narHash": "sha256-xVfPvXDf9QN3Eh9dV+Lw6IkWG42KSuQ1u2260HKvpnc=", "narHash": "sha256-hmIvE/slLKEFKNEJz27IZ8BKlAaZDcjIHmkZ7GCEjfw=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "8b89f44c2cc4581e402111d928869fe7ba9f7033", "rev": "1d9b98a29a45abe9c4d3174bd36de9f28755e3ff",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1426,11 +1426,11 @@
"tinted-zed": "tinted-zed" "tinted-zed": "tinted-zed"
}, },
"locked": { "locked": {
"lastModified": 1770587906, "lastModified": 1772296853,
"narHash": "sha256-N9ZTG3ia7l4iQO+9JlOj+sX4yu6gl7a3aozrlhSIJwQ=", "narHash": "sha256-pAtzPsgHRKw/2Kv8HgAjSJg450FDldHPWsP3AKG/Xj0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "stylix", "repo": "stylix",
"rev": "72e6483a88d51471a6c55e1d43e7ed2bc47a76a4", "rev": "c4b8e80a1020e09a1f081ad0f98ce804a6e85acf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1612,11 +1612,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1765631794, "lastModified": 1772187362,
"narHash": "sha256-90d//IZ4GXipNsngO4sb2SAPbIC/a2P+IAdAWOwpcOM=", "narHash": "sha256-gCojeIlQ/rfWMe3adif3akyHsT95wiMkLURpxTeqmPc=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "uv2nix", "repo": "uv2nix",
"rev": "4cca323a547a1aaa9b94929c4901bed5343eafe8", "rev": "abe65de114300de41614002fe9dce2152ac2ac23",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
modules/nixos/services/nextcloud/default.nix
View File

@@ -20,7 +20,7 @@ let
# Setup the native NixOS Nextcloud service # Setup the native NixOS Nextcloud service
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud32; package = pkgs.nextcloud33;
hostName = "cloud.mjallen.dev"; hostName = "cloud.mjallen.dev";
home = "${cfg.configDir}/nextcloud"; home = "${cfg.configDir}/nextcloud";
datadir = "${cfg.dataDir}/nextcloud"; datadir = "${cfg.dataDir}/nextcloud";

546
modules/nixos/services/traefik/default.nix
View File

@@ -70,300 +70,300 @@ in
allowedUDPPorts = forwardPorts; allowedUDPPorts = forwardPorts;
}; };
services.traefik = { # services.traefik = {
enable = true; # enable = true;
dataDir = "${configDir}/traefik"; # dataDir = "${configDir}/traefik";
group = "jallen-nas"; # group; # group = "jallen-nas"; # group;
environmentFiles = [ config.sops.templates."traefik.env".path ]; # environmentFiles = [ config.sops.templates."traefik.env".path ];
static = { # static = {
# dir = "${configDir}/traefik"; # # dir = "${configDir}/traefik";
settings = { # settings = {
entryPoints = { # entryPoints = {
web = { # web = {
address = ":${toString httpPort}"; # address = ":${toString httpPort}";
asDefault = true; # asDefault = true;
http.redirections.entrypoint = { # http.redirections.entrypoint = {
to = "websecure"; # to = "websecure";
scheme = "https"; # scheme = "https";
}; # };
}; # };
websecure = { # websecure = {
address = ":${toString httpsPort}"; # address = ":${toString httpsPort}";
asDefault = true; # asDefault = true;
http.tls.certResolver = "letsencrypt"; # http.tls.certResolver = "letsencrypt";
}; # };
metrics = { # metrics = {
address = ":${toString metricsPort}"; # Port for metrics # address = ":${toString metricsPort}"; # Port for metrics
}; # };
}; # };
log = { # log = {
level = "INFO"; # level = "INFO";
}; # };
metrics = { # metrics = {
prometheus = { # prometheus = {
entryPoint = "metrics"; # entryPoint = "metrics";
addEntryPointsLabels = true; # addEntryPointsLabels = true;
addServicesLabels = true; # addServicesLabels = true;
buckets = [ # buckets = [
0.1 # 0.1
0.3 # 0.3
1.2 # 1.2
5.0 # 5.0
]; # Response time buckets # ]; # Response time buckets
}; # };
}; # };
certificatesResolvers.letsencrypt.acme = { # certificatesResolvers.letsencrypt.acme = {
email = letsEncryptEmail; # email = letsEncryptEmail;
storage = "${config.services.traefik.dataDir}/acme.json"; # storage = "${config.services.traefik.dataDir}/acme.json";
dnsChallenge = { # dnsChallenge = {
provider = "cloudflare"; # provider = "cloudflare";
resolvers = [ # resolvers = [
"1.1.1.1:53" # "1.1.1.1:53"
"8.8.8.8:53" # "8.8.8.8:53"
]; # ];
}; # };
}; # };
# Access the Traefik dashboard on <Traefik IP>:8080 # # Access the Traefik dashboard on <Traefik IP>:8080
api = { # api = {
dashboard = true; # dashboard = true;
insecure = true; # insecure = true;
}; # };
experimental = { # experimental = {
plugins = traefikPlugins; # plugins = traefikPlugins;
}; # };
}; # };
}; # };
dynamic = { # dynamic = {
dir = "/run/traefik"; # dir = "/run/traefik";
files = { # files = {
"serversTransports".settings.http = { # "serversTransports".settings.http = {
serversTransports = { # serversTransports = {
internal-https = { # internal-https = {
insecureSkipVerify = true; # insecureSkipVerify = true;
}; # };
http1 = { # http1 = {
serverName = "localhost"; # serverName = "localhost";
disableHTTP2 = true; # disableHTTP2 = true;
}; # };
}; # };
}; # };
"middlewares-authentik".settings.http = { # "middlewares-authentik".settings.http = {
middlewares = { # middlewares = {
authentik = { # authentik = {
forwardAuth = { # forwardAuth = {
tls.insecureSkipVerify = true; # tls.insecureSkipVerify = true;
address = "${authUrl}/auth/traefik"; # address = "${authUrl}/auth/traefik";
trustForwardHeader = true; # trustForwardHeader = true;
authResponseHeaders = [ # authResponseHeaders = [
"X-authentik-username" # "X-authentik-username"
"X-authentik-groups" # "X-authentik-groups"
"X-authentik-email" # "X-authentik-email"
"X-authentik-name" # "X-authentik-name"
"X-authentik-uid" # "X-authentik-uid"
"X-authentik-jwt" # "X-authentik-jwt"
"X-authentik-meta-jwks" # "X-authentik-meta-jwks"
"X-authentik-meta-outpost" # "X-authentik-meta-outpost"
"X-authentik-meta-provider" # "X-authentik-meta-provider"
"X-authentik-meta-app" # "X-authentik-meta-app"
"X-authentik-meta-version" # "X-authentik-meta-version"
]; # ];
}; # };
}; # };
}; # };
}; # };
"middlewares-crowdsec".settings.http = { # "middlewares-crowdsec".settings.http = {
middlewares = { # middlewares = {
crowdsec = { # crowdsec = {
plugin = { # plugin = {
bouncer = { # bouncer = {
enabled = true; # enabled = true;
crowdsecLapiKeyFile = config.sops.secrets."jallen-nas/traefik/crowdsec/lapi-key".path; # crowdsecLapiKeyFile = config.sops.secrets."jallen-nas/traefik/crowdsec/lapi-key".path;
crowdsecLapiScheme = "http"; # crowdsecLapiScheme = "http";
crowdsecLapiHost = "localhost:8181"; # crowdsecLapiHost = "localhost:8181";
crowdsecLapiPath = "/"; # crowdsecLapiPath = "/";
crowdsecLapiTLSInsecureVerify = false; # crowdsecLapiTLSInsecureVerify = false;
crowdsecCapiMachineIdFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-machine-id".path; # crowdsecCapiMachineIdFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-machine-id".path;
crowdsecCapiPasswordFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-password".path; # crowdsecCapiPasswordFile = config.sops.secrets."jallen-nas/traefik/crowdsec/capi-password".path;
crowdsecCapiScenarios = [ ]; # crowdsecCapiScenarios = [ ];
}; # };
}; # };
}; # };
}; # };
}; # };
"middlewares-geoblock".settings.http = { # "middlewares-geoblock".settings.http = {
middlewares = { # middlewares = {
whitelist-geoblock = { # whitelist-geoblock = {
plugin = { # plugin = {
geoblock = { # geoblock = {
silentStartUp = false; # silentStartUp = false;
allowLocalRequests = true; # allowLocalRequests = true;
logLocalRequests = false; # logLocalRequests = false;
logAllowedRequests = false; # logAllowedRequests = false;
logApiRequests = false; # logApiRequests = false;
api = "https://get.geojs.io/v1/ip/country/{ip}"; # api = "https://get.geojs.io/v1/ip/country/{ip}";
apiTimeoutMs = 500; # apiTimeoutMs = 500;
cacheSize = 25; # cacheSize = 25;
forceMonthlyUpdate = true; # forceMonthlyUpdate = true;
allowUnknownCountries = false; # allowUnknownCountries = false;
unknownCountryApiResponse = "nil"; # unknownCountryApiResponse = "nil";
blackListMode = false; # blackListMode = false;
countries = [ # countries = [
"CA" # "CA"
"US" # "US"
]; # ];
}; # };
}; # };
}; # };
}; # };
}; # };
"middlewares-ipallowlist".settings.http = { # "middlewares-ipallowlist".settings.http = {
middlewares = { # middlewares = {
internal-ipallowlist = { # internal-ipallowlist = {
ipAllowList = { # ipAllowList = {
sourceRange = [ # sourceRange = [
"127.0.0.1/32" # "127.0.0.1/32"
"10.0.1.0/24" # "10.0.1.0/24"
]; # ];
}; # };
}; # };
}; # };
}; # };
"services-auth".settings.http = { # "services-auth".settings.http = {
services = { # services = {
auth.loadBalancer.servers = [ # auth.loadBalancer.servers = [
{ # {
url = authUrl; # url = authUrl;
} # }
]; # ];
}; # };
}; # };
"services-cache".settings.http = { # "services-cache".settings.http = {
services = { # services = {
cache.loadBalancer = { # cache.loadBalancer = {
servers = [ # servers = [
{ # {
url = cacheUrl; # url = cacheUrl;
} # }
]; # ];
serversTransport = "http1"; # serversTransport = "http1";
}; # };
}; # };
}; # };
"services-nginx".settings.http = { # "services-nginx".settings.http = {
services = { # services = {
nginx.loadBalancer.servers = [ # nginx.loadBalancer.servers = [
{ # {
url = "http://localhost:8188"; # url = "http://localhost:8188";
} # }
]; # ];
}; # };
}; # };
"services-generated".settings.http = reverseProxyServiceConfigs; # "services-generated".settings.http = reverseProxyServiceConfigs;
"routers-auth".settings.http = { # "routers-auth".settings.http = {
routers = { # routers = {
auth = { # auth = {
entryPoints = [ "websecure" ]; # entryPoints = [ "websecure" ];
rule = "HostRegexp(`{subdomain:[a-z]+}.mjallen.dev`) && PathPrefix(`/outpost.goauthentik.io/`)"; # rule = "HostRegexp(`{subdomain:[a-z]+}.mjallen.dev`) && PathPrefix(`/outpost.goauthentik.io/`)";
service = "auth"; # service = "auth";
middlewares = [ # middlewares = [
"crowdsec" # "crowdsec"
"whitelist-geoblock" # "whitelist-geoblock"
]; # ];
priority = 15; # priority = 15;
tls.certResolver = "letsencrypt"; # tls.certResolver = "letsencrypt";
}; # };
}; # };
}; # };
"routers-matrix2".settings.http = { # "routers-matrix2".settings.http = {
routers = { # routers = {
matrix2 = { # matrix2 = {
entryPoints = [ "websecure" ]; # entryPoints = [ "websecure" ];
rule = "Host(`matrix.mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)"; # rule = "Host(`matrix.mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)";
service = "nginx"; # service = "nginx";
middlewares = [ # middlewares = [
"crowdsec" # "crowdsec"
"whitelist-geoblock" # "whitelist-geoblock"
]; # ];
priority = 1; # priority = 1;
tls.certResolver = "letsencrypt"; # tls.certResolver = "letsencrypt";
}; # };
}; # };
}; # };
"routers-matrix3".settings.http = { # "routers-matrix3".settings.http = {
routers = { # routers = {
matrix3 = { # matrix3 = {
entryPoints = [ "websecure" ]; # entryPoints = [ "websecure" ];
rule = "Host(`mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)"; # rule = "Host(`mjallen.dev`) && PathPrefix(`/.well-known/matrix/`)";
service = "nginx"; # service = "nginx";
middlewares = [ # middlewares = [
"crowdsec" # "crowdsec"
"whitelist-geoblock" # "whitelist-geoblock"
]; # ];
priority = 1; # priority = 1;
tls.certResolver = "letsencrypt"; # tls.certResolver = "letsencrypt";
}; # };
}; # };
}; # };
"routers-cache".settings.http = { # "routers-cache".settings.http = {
routers = { # routers = {
cache = { # cache = {
entryPoints = [ "websecure" ]; # entryPoints = [ "websecure" ];
rule = "Host(`cache.${domain}`)"; # rule = "Host(`cache.${domain}`)";
service = "cache"; # service = "cache";
middlewares = [ ]; # middlewares = [ ];
priority = 10; # priority = 10;
tls.certResolver = "letsencrypt"; # tls.certResolver = "letsencrypt";
}; # };
}; # };
}; # };
"home-assistant".settings.http = { # "home-assistant".settings.http = {
services = { # services = {
hass.loadBalancer.servers = [ # hass.loadBalancer.servers = [
{ # {
url = hassUrl; # url = hassUrl;
} # }
]; # ];
}; # };
routers = { # routers = {
hass = { # hass = {
entryPoints = [ "websecure" ]; # entryPoints = [ "websecure" ];
rule = "Host(`hass.${domain}`)"; # rule = "Host(`hass.${domain}`)";
service = "hass"; # service = "hass";
middlewares = [ # middlewares = [
"crowdsec" # "crowdsec"
"whitelist-geoblock" # "whitelist-geoblock"
# "authentik" # # "authentik"
]; # ];
priority = 10; # priority = 10;
tls.certResolver = "letsencrypt"; # tls.certResolver = "letsencrypt";
}; # };
}; # };
}; # };
"routers-generated".settings.http = reverseProxyRouterConfigs; # "routers-generated".settings.http = reverseProxyRouterConfigs;
}; # };
}; # };
}; # };
}; };
} }

1
modules/nixos/services/wyoming/default.nix
View File

@@ -29,7 +29,6 @@ let
services.wyoming = { services.wyoming = {
faster-whisper.servers.hass-whisper = { faster-whisper.servers.hass-whisper = {
enable = true; enable = true;
useTransformers = false;
device = lib.mkForce "auto"; device = lib.mkForce "auto";
language = "en"; language = "en";
model = "distil-large-v3"; model = "distil-large-v3";

6
packages/bcachefs/default.nix
View File

@@ -28,18 +28,18 @@
stdenv.mkDerivation (finalAttrs: { stdenv.mkDerivation (finalAttrs: {
pname = "bcachefs-tools"; pname = "bcachefs-tools";
version = "1.35.1"; version = "1.36.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "koverstreet"; owner = "koverstreet";
repo = "bcachefs-tools"; repo = "bcachefs-tools";
tag = "v${finalAttrs.version}"; tag = "v${finalAttrs.version}";
hash = "sha256-1p2zbzQLza8w+hu+5OjPr+Lh6q6Kh9HdVxFkuCl2x8o="; hash = lib.fakeHash;
}; };
cargoDeps = rustPlatform.fetchCargoVendor { cargoDeps = rustPlatform.fetchCargoVendor {
inherit (finalAttrs) src; inherit (finalAttrs) src;
hash = "sha256-OlXkshfEXtY6fDBqhEJQhWhPjwQ5ofDIZ9IuchchKxk="; hash = lib.fakeHash;
}; };
postPatch = '' postPatch = ''