diff --git a/Justfile b/Justfile index 4b8923a..dde2b71 100644 --- a/Justfile +++ b/Justfile @@ -61,6 +61,9 @@ gc generations="5d": sudo nix-store --gc sudo nix-collect-garbage -d --delete-older-than {{generations}} +repair: + sudo nix-store --repair --verify --check-contents + # Add a machine's age key for SOPS sops-add machine_name target: bun tools/onboard-machine.js {{machine_name}} {{target}} diff --git a/flake.lock b/flake.lock index 1ebe451..45b1ec2 100644 --- a/flake.lock +++ b/flake.lock @@ -20,26 +20,6 @@ "type": "github" } }, - "darwin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1730070491, - "narHash": "sha256-+RYCbdU6l4E4pr40++lrdhdE3gNC/BR54AL7xWG/YRU=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "5c0c6aaa797d6ccbb6cdab14de0248135735709d", - "type": "github" - }, - "original": { - "owner": "lnl7", - "repo": "nix-darwin", - "type": "github" - } - }, "devshell": { "inputs": { "nixpkgs": [ @@ -175,11 +155,11 @@ ] }, "locked": { - "lastModified": 1727826117, - "narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=", + "lastModified": 1730504689, + "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1", + "rev": "506278e768c2a08bec68eb62932193e341f55c90", "type": "github" }, "original": { @@ -310,11 +290,11 @@ ] }, "locked": { - "lastModified": 1729104314, - "narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=", + "lastModified": 1730302582, + "narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6", + "rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf", "type": "github" }, "original": { @@ -352,11 +332,11 @@ ] }, "locked": { - "lastModified": 1730016908, - "narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=", + "lastModified": 1730633670, + "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", "owner": "nix-community", "repo": "home-manager", - "rev": "e83414058edd339148dc142a8437edb9450574c8", + "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", "type": "github" }, "original": { @@ -373,11 +353,11 @@ ] }, "locked": { - "lastModified": 1730016908, - "narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=", + "lastModified": 1730490306, + "narHash": "sha256-AvCVDswOUM9D368HxYD25RsSKp+5o0L0/JHADjLoD38=", "owner": "nix-community", "repo": "home-manager", - "rev": "e83414058edd339148dc142a8437edb9450574c8", + "rev": "1743615b61c7285976f85b303a36cdf88a556503", "type": "github" }, "original": { @@ -393,15 +373,17 @@ ] }, "locked": { - "lastModified": 1718289195, - "narHash": "sha256-xmkExjsTztXW4/AYb3d3Er6Wwg4r7AVwq7rv9E93+Ec=", + "dir": "iceshrimp-js", + "lastModified": 1730406937, + "narHash": "sha256-y7qpPNAUi9IcncP8U9S/ywmqpIUQxeTQk9Px1NeGyC8=", "ref": "refs/heads/dev", - "rev": "746c6319d3425ccfacc906535c67951e161996d9", - "revCount": 47, + "rev": "e17f981d379d63abd2ed85463ca712496dd44eda", + "revCount": 49, "type": "git", "url": "https://iceshrimp.dev/iceshrimp/packaging" }, "original": { + "dir": "iceshrimp-js", "type": "git", "url": "https://iceshrimp.dev/iceshrimp/packaging" } @@ -541,11 +523,11 @@ ] }, "locked": { - "lastModified": 1729982130, - "narHash": "sha256-HmLLQbX07rYD0RXPxbf3kJtUo66XvEIX9Y+N5QHQ9aY=", + "lastModified": 1730448474, + "narHash": "sha256-qE/cYKBhzxHMtKtLK3hlSR3uzO1pWPGLrBuQK7r0CHc=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "2eb472230a5400c81d9008014888b4bff23bcf44", + "rev": "683d0c4cd1102dcccfa3f835565378c7f3cbe05e", "type": "github" }, "original": { @@ -652,22 +634,6 @@ "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz" } }, - "nixpkgs-master": { - "locked": { - "lastModified": 1730084548, - "narHash": "sha256-kKupAepQ12lu7nf3PLixumVJsJFTT8K3TnF2ECV2pAQ=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "4b0b590fa39550751323db7e0e099439b569cb2a", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "master", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-stable": { "locked": { "lastModified": 1720535198, @@ -686,11 +652,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1729973466, - "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", + "lastModified": 1730602179, + "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", + "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c", "type": "github" }, "original": { @@ -702,11 +668,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1729880355, - "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", "type": "github" }, "original": { @@ -750,11 +716,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1729880355, - "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", + "lastModified": 1730531603, + "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", + "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", "type": "github" }, "original": { @@ -766,11 +732,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1729951556, - "narHash": "sha256-bpb6r3GjzhNW8l+mWtRtLNg5PhJIae041sPyqcFNGb4=", + "lastModified": 1730272153, + "narHash": "sha256-B5WRZYsRlJgwVHIV6DvidFN7VX7Fg9uuwkRW9Ha8z+w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4e0eec54db79d4d0909f45a88037210ff8eaffee", + "rev": "2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53", "type": "github" }, "original": { @@ -795,11 +761,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1730058276, - "narHash": "sha256-t4fyRWIiDBJiDBnqqnxnk9nfT1SDTZN+koJLiuKkIT8=", + "lastModified": 1730569492, + "narHash": "sha256-NByr7l7JetL9kIrdCOcRqBu+lAkruYXETp1DMiDHNQs=", "owner": "nix-community", "repo": "nixvim", - "rev": "a20fbbc4b9665ec215e7bea061a1d64f6fd652ce", + "rev": "6f210158b03b01a1fd44bf3968165e6da80635ce", "type": "github" }, "original": { @@ -816,11 +782,11 @@ ] }, "locked": { - "lastModified": 1729316601, - "narHash": "sha256-sn/xeOAkY0vJbea0uxtmsiOlWatEApgyy3T1M2frgf8=", + "lastModified": 1730648040, + "narHash": "sha256-ndWfCUK1LZIbNAl/IHesD0zAe09tkKqENmmlYfMIofQ=", "ref": "refs/heads/main", - "rev": "095cf7f9b70c8d1006f28342537a9d58c8f1b241", - "revCount": 89, + "rev": "2eb28b339ac9d3d81b3e98f000887bedef02f435", + "revCount": 91, "type": "git", "url": "https://git.sapphic.engineer/noe/noe.sh" }, @@ -839,11 +805,11 @@ ] }, "locked": { - "lastModified": 1730044642, - "narHash": "sha256-DbyV9l3hkrSWcN34S6d9M4kAFss0gEHGtjqqMdG9eAs=", + "lastModified": 1730515563, + "narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=", "owner": "NuschtOS", "repo": "search", - "rev": "e373332c1f8237fc1263901745b0fe747228c8ba", + "rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e", "type": "github" }, "original": { @@ -902,7 +868,6 @@ "root": { "inputs": { "apple-silicon": "apple-silicon", - "darwin": "darwin", "doll-repair": "doll-repair", "fedi-emotes": "fedi-emotes", "flake-utils": "flake-utils", @@ -914,7 +879,6 @@ "lix-module": "lix-module", "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs_4", - "nixpkgs-master": "nixpkgs-master", "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable", "nixvim": "nixvim", @@ -947,11 +911,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1729999681, - "narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", + "lastModified": 1730605784, + "narHash": "sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", + "rev": "e9b5eef9b51cdf966c76143e13a9476725b2f760", "type": "github" }, "original": { @@ -1033,11 +997,11 @@ ] }, "locked": { - "lastModified": 1730025913, - "narHash": "sha256-Y9NtFmP8ciLyRsopcCx1tyoaaStKeq+EndwtGCgww7I=", + "lastModified": 1730321837, + "narHash": "sha256-vK+a09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/+maI=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "bae131e525cc8718da22fbeb8d8c7c43c4ea502a", + "rev": "746901bb8dba96d154b66492a29f5db0693dbfcc", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 4c0bf3d..cdf9db9 100644 --- a/flake.nix +++ b/flake.nix @@ -11,7 +11,6 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - nixpkgs-master.url = "github:nixos/nixpkgs/master"; # Home manageKr home-manager = { @@ -20,10 +19,6 @@ }; # Darwin & Apple Silicon tools - darwin = { - url = "github:lnl7/nix-darwin"; - inputs.nixpkgs.follows = "nixpkgs"; - }; apple-silicon.url = "github:tpwrules/nixos-apple-silicon"; # Secrets @@ -42,7 +37,7 @@ # Iceshrimpy iceshrimp = { - url = "git+https://iceshrimp.dev/iceshrimp/packaging"; + url = "git+https://iceshrimp.dev/iceshrimp/packaging?dir=iceshrimp-js"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; iceshrimp-withdrawal = { @@ -109,8 +104,6 @@ "aarch64-linux" "i686-linux" "x86_64-linux" - "aarch64-darwin" - "x86_64-darwin" ]; mkNixos = modules: nixpkgs.lib.nixosSystem { @@ -118,11 +111,6 @@ specialArgs = { inherit inputs outputs; }; }; - mkDarwin = system: modules: inputs.darwin.lib.darwinSystem { - inherit modules system inputs; - specialArgs = { inherit inputs outputs; }; - }; - mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration { inherit modules pkgs; extraSpecialArgs = { inherit inputs outputs; }; @@ -162,10 +150,6 @@ # These are usually stuff you would upstream into home-manager homeManagerModules = import ./modules/home-manager; - # Reusable nix-darwin packages you might want to export - # These are usually hacks! - darwinModules = import ./modules/darwin; - # NixOS configuration entrypoint # Available through 'nixos-rebuild --flake .#your-hostname' nixosConfigurations = { @@ -190,11 +174,6 @@ ts3 = mkNixos [ ./nixos/hosts/ts3 ]; # Teamspeak-san }; - darwinConfigurations = { - # in asahi => noe-air = mkDarwin "aarch64-darwin" [ ./darwin/hosts/noe-air ]; - AMERMACC02G65A8MD6T = mkDarwin "x86_64-darwin" [ ./darwin/hosts/work-mac ]; - }; - # Standalone home-manager configuration entrypoint # Available through 'home-manager --flake .#your-username@your-hostname' homeConfigurations = { diff --git a/home-manager/noe/hosts/aerial.nix b/home-manager/noe/hosts/aerial.nix index 2668a34..61ea016 100644 --- a/home-manager/noe/hosts/aerial.nix +++ b/home-manager/noe/hosts/aerial.nix @@ -30,7 +30,8 @@ gimp krita senpai - master.pokemmo-installer + # master.pokemmo-installer + jq ]; programs.vscode = { diff --git a/nixos/features/podman.nix b/nixos/features/podman.nix index 5a2a70e..980752a 100644 --- a/nixos/features/podman.nix +++ b/nixos/features/podman.nix @@ -8,8 +8,7 @@ dockerCompat = true; defaultNetwork.settings = { dns_enabled = true; - ipv6_enabled = true; - subnets = [{ gateway = "10.88.0.1"; subnet = "10.88.0.0/16"; } { gateway = "100.69.0.1"; subnet = "100.69.0.0/16"; }]; + ipv6_enabled = false; }; }; }; diff --git a/nixos/hosts/dis-sociat-ing/default.nix b/nixos/hosts/dis-sociat-ing/default.nix index 6a9fa94..c34fbc3 100644 --- a/nixos/hosts/dis-sociat-ing/default.nix +++ b/nixos/hosts/dis-sociat-ing/default.nix @@ -34,6 +34,7 @@ settings = { url = "https://dis.sociat.ing"; enableMetrics = true; + maxNoteLength = 100000; }; dbPasswordFile = config.sops.secrets.db_password.path; createDb = true; @@ -43,5 +44,5 @@ services.postgresql.package = pkgs.postgresql_15; services.redis.servers.iceshrimp.logfile = "stdout"; - boot.kernel.sysctl."net.ipv6.conf.eth0.disable_ipv6" = true; + # boot.kernel.sysctl."net.ipv6.conf.eth0.disable_ipv6" = true; } diff --git a/nixos/hosts/git/default.nix b/nixos/hosts/git/default.nix index cb4f7a5..6f8380c 100644 --- a/nixos/hosts/git/default.nix +++ b/nixos/hosts/git/default.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ pkgs, ... }: { imports = [ ../../templates/proxmox-lxc.nix ../../server.nix @@ -12,6 +12,7 @@ services.forgejo = { enable = true; + package = pkgs.forgejo; lfs = { enable = true; }; diff --git a/nixos/stacks/ps2.live/saerro.nix b/nixos/stacks/ps2.live/saerro.nix index eae8ed5..3279519 100644 --- a/nixos/stacks/ps2.live/saerro.nix +++ b/nixos/stacks/ps2.live/saerro.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: let +{ config, pkgs, inputs, ... }: let image = name: "ghcr.io/genudine/saerro/${name}:latest"; port = n: builtins.toString (8100 + n); containerGenerics = { @@ -7,7 +7,6 @@ ]; extraOptions = [ "--pod=saerro" - #"--pull=always" ]; autoStart = true; }; @@ -25,26 +24,27 @@ in { PORT = port 1; WEBSOCKET_HEALTHCHECK = "http://127.0.0.1:${port 2}/healthz"; }; - dependsOn = [ "saerro_maint" "saerro_postgres" ]; - } // containerGenerics; - - saerro_ws = { - image = image "websocket"; - environment = { - PORT = port 2; - WORLDS = "all"; - }; - dependsOn = [ "saerro_maint" "saerro_postgres" ]; - } // containerGenerics; - - saerro_maint = { - image = image "tasks"; - cmd = [ "auto-maintenance" ]; dependsOn = [ "saerro_postgres" ]; } // containerGenerics; + saerro_ws = { + image = "ps2live/saerro:latest"; + imageFile = inputs.saerro.packages.${pkgs.system}.container; + environment = { + PORT = port 2; + }; + dependsOn = [ "saerro_postgres" ]; + } // containerGenerics; + + saerro_maint = { + image = "ps2live/saerro/pruner:latest"; + imageFile = inputs.saerro.packages.${pkgs.system}.pruner; + dependsOn = [ "saerro_postgres" ]; + + } // containerGenerics; + saerro_postgres = { - image = "docker.io/timescale/timescaledb:latest-pg15"; + image = "docker.io/library/postgres:17"; volumes = [ "saerrodb:/var/lib/postgresql/data" ]; @@ -63,13 +63,9 @@ in { systemd.services.restart-upgrade-saerro = { serviceConfig.Type = "oneshot"; script = '' - ${pkgs.podman}/bin/podman pull ${config.virtualisation.oci-containers.containers.saerro_ws.image} ${pkgs.podman}/bin/podman pull ${config.virtualisation.oci-containers.containers.saerro_api.image} - ${pkgs.podman}/bin/podman pull ${config.virtualisation.oci-containers.containers.saerro_maint.image} - systemctl restart podman-saerro_ws systemctl restart podman-saerro_api - systemctl restart podman-saerro_maint ''; }; diff --git a/overlays/default.nix b/overlays/default.nix index 81f5316..d39b19a 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -27,7 +27,7 @@ config.allowUnfree = true; }; - master = import inputs.nixpkgs-master { + master = import inputs.nixpkgs-unstable { system = final.system; config.allowUnfree = true; };