Updates!

2025-11-18 13:06:31 -06:00
parent ff550b960e
commit 10c3898b0b
7 changed files with 79 additions and 159 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -10,11 +10,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1750173260,
-        "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=",
+        "lastModified": 1762618334,
+        "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf",
+        "rev": "fcdea223397448d35d9b31f798479227e80183f6",
        "type": "github"
      },
      "original": {
@@ -26,11 +26,11 @@
    "flake-compat": {
      "flake": false,
      "locked": {
-        "lastModified": 1673956053,
-        "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
+        "lastModified": 1761588595,
+        "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
        "owner": "edolstra",
        "repo": "flake-compat",
-        "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
+        "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
        "type": "github"
      },
      "original": {
@@ -39,59 +39,20 @@
        "type": "github"
      }
    },
-    "flake-compat_2": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
-    "lix": {
-      "inputs": {
-        "flake-compat": "flake-compat_2",
-        "nix2container": "nix2container",
-        "nixpkgs": "nixpkgs",
-        "nixpkgs-regression": "nixpkgs-regression",
-        "pre-commit-hooks": "pre-commit-hooks"
-      },
-      "locked": {
-        "lastModified": 1737234286,
-        "narHash": "sha256-CCKIAE84dzkrnlxJCKFyffAxP3yfsOAbdvydUGqq24g=",
-        "rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
-        "revCount": 16631,
-        "type": "git",
-        "url": "https://git.lix.systems/lix-project/lix"
-      },
-      "original": {
-        "rev": "2837da71ec1588c1187d2e554719b15904a46c8b",
-        "type": "git",
-        "url": "https://git.lix.systems/lix-project/lix"
-      }
-    },
    "nix-serve-ng": {
      "inputs": {
        "flake-compat": "flake-compat",
-        "lix": "lix",
        "nixpkgs": [
          "nixpkgs"
        ],
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1748458972,
-        "narHash": "sha256-N6c3NozYqAGwmjf+k5GHOZzlcquDntrJwsZQ7O2sqtQ=",
+        "lastModified": 1763069480,
+        "narHash": "sha256-dbjGP/uD2WeGYf6A5CmLb6z5owleoYXybFbkTcWSvxA=",
        "owner": "aristanetworks",
        "repo": "nix-serve-ng",
-        "rev": "1d21f73a2d563ffbb924a4244c29b35e898caefe",
+        "rev": "3b9c80f78501813b1a29c5b33a3ccc50a7506f0e",
        "type": "github"
      },
      "original": {
@@ -100,76 +61,13 @@
        "type": "github"
      }
    },
-    "nix2container": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1724996935,
-        "narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=",
-        "owner": "nlewo",
-        "repo": "nix2container",
-        "rev": "fa6bb0a1159f55d071ba99331355955ae30b3401",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nlewo",
-        "repo": "nix2container",
-        "type": "github"
-      }
-    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1733348545,
-        "narHash": "sha256-b4JrUmqT0vFNx42aEN9LTWOHomkTKL/ayLopflVf81U=",
+        "lastModified": 1763334038,
+        "narHash": "sha256-LBVOyaH6NFzQ3X/c6vfMZ9k4SV2ofhpxeL9YnhHNJQQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "9ecb50d2fae8680be74c08bb0a995c5383747f89",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-24.11-small",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-lib": {
-      "locked": {
-        "lastModified": 1751159883,
-        "narHash": "sha256-urW/Ylk9FIfvXfliA1ywh75yszAbiTEVgpPeinFyVZo=",
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "rev": "14a40a1d7fb9afa4739275ac642ed7301a9ba1ab",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "type": "github"
-      }
-    },
-    "nixpkgs-regression": {
-      "locked": {
-        "lastModified": 1643052045,
-        "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
-        "type": "github"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1753115646,
-        "narHash": "sha256-yLuz5cz5Z+sn8DRAfNkrd2Z1cV6DaYO9JMrEz4KZo/c=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "92c2e04a475523e723c67ef872d8037379073681",
+        "rev": "4c8cdd5b1a630e8f72c9dd9bf582b1afb3127d2c",
        "type": "github"
      },
      "original": {
@@ -178,16 +76,31 @@
        "type": "indirect"
      }
    },
+    "nixpkgs-lib": {
+      "locked": {
+        "lastModified": 1761765539,
+        "narHash": "sha256-b0yj6kfvO8ApcSE+QmA6mUfu8IYG6/uU28OFn4PaC8M=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "719359f4562934ae99f5443f20aa06c2ffff91fc",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
    "parts": {
      "inputs": {
        "nixpkgs-lib": "nixpkgs-lib"
      },
      "locked": {
-        "lastModified": 1753121425,
-        "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=",
+        "lastModified": 1762980239,
+        "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e",
+        "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da",
        "type": "github"
      },
      "original": {
@@ -196,27 +109,11 @@
        "type": "github"
      }
    },
-    "pre-commit-hooks": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1733318908,
-        "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=",
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "rev": "6f4e2a2112050951a314d2733a994fbab94864c6",
-        "type": "github"
-      },
-      "original": {
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "type": "github"
-      }
-    },
    "root": {
      "inputs": {
        "agenix": "agenix",
        "nix-serve-ng": "nix-serve-ng",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs",
        "parts": "parts"
      }
    },
@@ -255,11 +152,11 @@
        "systems": "systems_2"
      },
      "locked": {
-        "lastModified": 1687709756,
-        "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=",
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
--- a/nix/application/containers.nix
+++ b/nix/application/containers.nix
@@ -23,7 +23,7 @@
      };

      gitea = {
-        image = "docker.io/gitea/gitea:1.24.0-rc0-rootless";
+        image = "docker.io/gitea/gitea:1.25.0-rootless";
        volumes = [ "/home/sezycei/srv/containerdata/gitea/data:/var/lib/gitea"
                    "/home/sezycei/srv/containerdata/gitea/config:/etc/gitea"
                  ];
@@ -146,7 +146,7 @@
      };

      vaultwarden = {
-        image = "vaultwarden/server:1.33.2";
+        image = "vaultwarden/server:1.34.3";
        ports = [ "40080:80" ];
        volumes = [
          "/home/sezycei/srv/containerdata/bitwarden/data:/data"
--- a/nix/application/nginx.nix
+++ b/nix/application/nginx.nix
@@ -87,7 +87,6 @@
            proxy_set_header X-Request-Base "https://hydra.matri.cx";
          '';
        };
-        "jame.su" = static { dir = "/var/www/jame.su"; };
        "llm.matri.cx" = proxiedLAN { 
          target = "http://192.168.0.94:11434"; 
          extra = ''
@@ -102,7 +101,6 @@
        "purr.eversole.co" = proxied { target = "http://127.0.0.1:5195"; };
        "pw.eversole.co" = proxied { target = "http://127.0.0.1:40080"; };
        "sezycei.com" = static { dir = "/var/www/sezycei.com"; };
-        "snakebelmont.com" = static { dir = "/var/www/snakebelmont.com"; };
        "transmission.matri.cx" = proxiedLAN { target = "http://127.0.0.1:9091"; };
        "vpn.matri.cx" = {
          forceSSL = true;
--- a/nix/system/dns.nix
+++ b/nix/system/dns.nix
@@ -59,7 +59,7 @@
        }
      }

-      *.ycombinator.com {
+      news.ycombinator.com {
        template IN A  {
            answer "{{ .Name }} 0 IN A 127.0.0.1"
        }
@@ -70,6 +70,18 @@
            answer "{{ .Name }} 0 IN A 127.0.0.1"
        }
      }
+
+      4chan.org {
+        template IN A  {
+            answer "{{ .Name }} 0 IN A 127.0.0.1"
+        }
+      }
+
+      *.4chan.org {
+        template IN A  {
+            answer "{{ .Name }} 0 IN A 127.0.0.1"
+        }
+      }
    '';
  };
 }
--- a/nix/system/hardware.nix
+++ b/nix/system/hardware.nix
@@ -32,7 +32,10 @@
    };
  };

-  swapDevices = [ ];
+  swapDevices = [{
+    device = "/swap";
+    size = (8 * 1024);
+  }];

  networking.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
--- a/nix/system/network.nix
+++ b/nix/system/network.nix
@@ -2,8 +2,8 @@
  networking = {
    hostName = "eve-psr-nix0";
    firewall = {
-      allowedTCPPorts = [ 22 80 443 5000 23231 23232 23233 20443 ];
-      allowedUDPPorts = [ 53 51820 config.services.tailscale.port 20443 ];
+      allowedTCPPorts = [ 22 80 443 4242 5000 23231 23232 23233 20443 ];
+      allowedUDPPorts = [ 53 4242 51820 config.services.tailscale.port 20443 ];
      extraCommands = ''
        iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o enp1s0 -j MASQUERADE
      '';
--- a/nix/user/users.nix
+++ b/nix/user/users.nix
@@ -2,22 +2,32 @@
  programs.bash.promptInit = ''
    PS1='\u@\h:\w\n-> '
  '';
-  users.users = {
-    sezycei = {
-      isNormalUser = true;
-      extraGroups = [ "wheel" "nginx" ];
-      packages = with pkgs; [ atuin bun byobu purescript stack tmux ];
-    };
+  users = {
+    users = {
+      sezycei = {
+        isNormalUser = true;
+        extraGroups = [ "wheel" "nginx" ];
+        packages = with pkgs; [ atuin bun byobu purescript stack tmux ];
+      };

-    cridycei = {
-      isNormalUser = true;
-      extraGroups = [ ];
-      packages = with pkgs; [ ];
-    };
+      cridycei = {
+        isNormalUser = true;
+        extraGroups = [ ];
+        packages = with pkgs; [ ];
+      };

-    torrent = {
-      isNormalUser = true;
-      homeMode = "770";
+      torrent = {
+        isNormalUser = true;
+        homeMode = "770";
+      };
+      reticulum = {
+        isSystemUser = true;
+        description = "Reticulum daemon user";
+        group = "reticulum";
+        home = "/var/lib/reticulum";
+        createHome = true;
+      };
    };
+    groups.reticulum = {};
  };
 }