24.11

did not test samba and headscale yet juanfont/headscale#2210 (comment)
motiejus · Nov 19, 2024 · e1b782a · e1b782a
1 parent 112e51d
commit e1b782a
Show file tree

Hide file tree

Showing 12 changed files with 53 additions and 64 deletions.
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -2,14 +2,14 @@
   description = "motiejus/config";
 
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
     flake-utils.url = "github:numtide/flake-utils";
     flake-compat.url = "github:nix-community/flake-compat";
     nixos-hardware.url = "github:NixOS/nixos-hardware/master";
     nur.url = "github:nix-community/NUR";
 
-    home-manager.url = "github:nix-community/home-manager/release-24.05";
+    home-manager.url = "github:nix-community/home-manager/release-24.11";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
 
     agenix = {

diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix
@@ -250,7 +250,7 @@ in
         '';
         "irc.jakstys.lt".extraConfig =
           let
-            gamja = pkgs.pkgs-unstable.compressDrvWeb (pkgs.gamja.override {
+            gamja = pkgs.compressDrvWeb (pkgs.gamja.override {
               gamjaConfig = {
                 server = {
                   url = "irc.jakstys.lt:6698";

diff --git a/hosts/mtworx/configuration.nix b/hosts/mtworx/configuration.nix
@@ -34,9 +34,6 @@ in
     kernelModules = [ "kvm-intel" ];
     loader.systemd-boot.enable = true;
 
-    # 6.10+ to fix audio. Thanks https://github.com/ilian/cfg/blob/4588b90e674827304cd8e0b9d1aecd75416d1cde/hosts/carbon/configuration.nix#L19
-    kernelPackages = pkgs.linuxPackages_6_11;
-
     initrd = {
       availableKernelModules = [
         "xhci_pci"
@@ -45,10 +42,7 @@ in
         "usbhid"
         "tpm_tis"
       ];
-      systemd = {
-        enableTpm2 = true;
-        emergencyAccess = true;
-      };
+      systemd.emergencyAccess = true;
       luks.devices = {
         luksroot = {
           device = "${nvme}-part3";

diff --git a/hosts/vm/configuration.nix b/hosts/vm/configuration.nix
@@ -1,6 +1,5 @@
 {
   self,
-  pkgs,
   modulesPath,
   ...
 }:
@@ -24,7 +23,6 @@
 
   boot = {
     loader.systemd-boot.enable = true;
-    kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages;
     supportedFilesystems = [
       "zfs"
       "btrfs"

diff --git a/hosts/vno1-gdrx/configuration.nix b/hosts/vno1-gdrx/configuration.nix
@@ -34,7 +34,6 @@ in
   };
 
   boot = {
-    kernelPackages = pkgs.linuxPackages_latest;
     kernelModules = [ "kvm-intel" ];
     loader.systemd-boot.enable = true;
     initrd = {

diff --git a/hosts/vno3-rp3b/configuration.nix b/hosts/vno3-rp3b/configuration.nix
@@ -126,7 +126,7 @@
   # shared printing
   services.avahi = {
     enable = true;
-    nssmdns = true;
+    nssmdns4 = true;
     openFirewall = true;
     publish = {
       enable = true;

diff --git a/modules/profiles/desktop/default.nix b/modules/profiles/desktop/default.nix
@@ -145,6 +145,7 @@ in
           ffmpeg
           tinycc
           scrcpy
+          cheese
           arandr
           pandoc
           evince
@@ -163,6 +164,7 @@ in
           libheif
           mplayer
           tcpflow
+          nautilus
           smplayer
           inkscape
           chromium
@@ -209,10 +211,12 @@ in
           graphicsmagick
           magic-wormhole
           signal-desktop
+          gnome-calendar
           element-desktop
           netsurf-browser
           man-pages-posix
           git-filter-repo
+          gnome-calculator
           age-plugin-yubikey
           hunspellDicts.en_US
           python3Packages.ipython
@@ -225,11 +229,6 @@ in
           gcc_latest
           clang-tools
 
-          gnome.cheese
-          gnome.nautilus
-          gnome.gnome-calculator
-          gnome.gnome-calendar
-
           xorg.xev
           xorg.xeyes
           xorg.lndir

diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix
@@ -81,7 +81,7 @@
           route /static/assets/* {
             uri strip_prefix /static
             file_server * {
-              root ${pkgs.pkgs-unstable.compressDrvWeb pkgs.gitea.data { }}/public
+              root ${pkgs.compressDrvWeb pkgs.gitea.data { }}/public
               precompressed zstd br gzip
             }
           }

diff --git a/modules/services/headscale/default.nix b/modules/services/headscale/default.nix
@@ -28,8 +28,8 @@
           server_url = "https://vpn.jakstys.lt";
           ip_prefixes = [ config.mj.services.headscale.subnetCIDR ];
           log.level = "warn";
-          dns_config = {
-            nameservers = [
+          dns = {
+            nameservers.global = [
               "1.1.1.1"
               "8.8.4.4"
             ];

diff --git a/modules/services/immich/default.nix b/modules/services/immich/default.nix
@@ -3,12 +3,10 @@
   lib,
   pkgs,
   myData,
-  nixpkgs-unstable,
   ...
 }:
 let
   cfg = config.mj.services.immich;
-  immich-package = pkgs.pkgs-unstable.immich;
   immich-user = config.services.immich.user;
   immich-group = config.services.immich.group;
   startScript = pkgs.writeShellApplication {
@@ -28,7 +26,7 @@ let
       exec setpriv \
         --ruid ${immich-user} \
         --inh-caps -all \
-        ${lib.getExe immich-package}
+        ${lib.getExe pkgs.immich}
     '';
   };
 in
@@ -38,12 +36,9 @@ in
     bindPaths = lib.mkOption { type = attrsOf str; };
   };
 
-  imports = [ "${nixpkgs-unstable}/nixos/modules/services/web-apps/immich.nix" ];
-
   config = lib.mkIf cfg.enable {
 
     services.immich = {
-      package = immich-package;
       enable = true;
       port = myData.ports.immich-server;
 

diff --git a/modules/services/jakstpub/default.nix b/modules/services/jakstpub/default.nix
@@ -31,28 +31,32 @@ in
         '';
       };
 
-      samba = {
-        # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
-        enable = true;
-        securityType = "user";
-        enableNmbd = false;
-        enableWinbindd = false;
-        extraConfig = ''
-          map to guest = Bad User
-          guest account = jakstpub
-          server role = standalone server
-        '';
-        shares =
-          let
-            defaults = {
-              "public" = "yes";
-              "mangled names" = "no";
-              "guest ok" = "yes";
-              "force user" = "jakstpub";
-              "force group" = "jakstpub";
+      samba =
+        let
+          defaults = {
+            "public" = "yes";
+            "mangled names" = "no";
+            "guest ok" = "yes";
+            "force user" = "jakstpub";
+            "force group" = "jakstpub";
+          };
+        in
+        {
+          # https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Standalone_Server
+          enable = true;
+
+          nmbd.enable = false;
+          winbindd.enable = false;
+
+          settings = {
+            global = {
+              security = "user";
+
+              "map to guest" = "Bad User";
+              "guest account" = "jakstpub";
+              "server role" = "standalone server";
             };
-          in
-          {
+
             public = defaults // {
               "path" = cfg.dataDir;
               "writeable" = "yes";
@@ -66,7 +70,7 @@ in
               "read only" = "yes";
             };
           };
-      };
+        };
 
       samba-wsdd = {
         enable = true;