feat(update): new kernel, new container versions and temporarily moving to zfs_unstable in waiting for stable to catch up with new kernel
This commit is contained in:
@@ -53,11 +53,9 @@ in {
|
||||
age.secrets = {
|
||||
authentikEnv = {
|
||||
file = "${self}/secrets/authentikEnv.age";
|
||||
owner = "authentik";
|
||||
};
|
||||
authentikCloudflared = {
|
||||
file = "${self}/secrets/authentikCloudflared.age";
|
||||
owner = "authentik";
|
||||
};
|
||||
};
|
||||
|
||||
@@ -99,7 +97,6 @@ in {
|
||||
middlewares = {
|
||||
authentik = {
|
||||
forwardAuth = {
|
||||
# tls.insecureSkipVerify = true;
|
||||
address = "https://localhost:9443/outpost.goauthentik.io/auth/traefik";
|
||||
trustForwardHeader = true;
|
||||
authResponseHeaders = [
|
||||
|
||||
@@ -101,7 +101,7 @@ in {
|
||||
label = "SYSTEM";
|
||||
memory = true;
|
||||
cpu = true;
|
||||
uptime = true;
|
||||
uptime = false;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
@@ -69,7 +69,7 @@ in {
|
||||
services = {
|
||||
${unit} = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud31;
|
||||
package = pkgs.nextcloud32;
|
||||
hostName = "nextcloud";
|
||||
configureRedis = true;
|
||||
caching = {
|
||||
|
||||
@@ -143,61 +143,63 @@ in {
|
||||
];
|
||||
};
|
||||
|
||||
services.traefik = lib.mkMerge [
|
||||
(lib.mkIf cfg.pihole.enable {
|
||||
dynamicConfigOptions = {
|
||||
http = {
|
||||
services = {
|
||||
pihole.loadBalancer.servers = [{url = "http://localhost:${toString cfg.pihole.port}";}];
|
||||
};
|
||||
routers = {
|
||||
pihole = {
|
||||
entryPoints = ["websecure"];
|
||||
rule = "Host(`${cfg.pihole.url}`)";
|
||||
service = "pihole";
|
||||
tls.certResolver = "letsencrypt";
|
||||
services = {
|
||||
traefik = lib.mkMerge [
|
||||
(lib.mkIf cfg.pihole.enable {
|
||||
dynamicConfigOptions = {
|
||||
http = {
|
||||
services = {
|
||||
pihole.loadBalancer.servers = [{url = "http://localhost:${toString cfg.pihole.port}";}];
|
||||
};
|
||||
routers = {
|
||||
pihole = {
|
||||
entryPoints = ["websecure"];
|
||||
rule = "Host(`${cfg.pihole.url}`)";
|
||||
service = "pihole";
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
})
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.qbittorrent.enable {
|
||||
dynamicConfigOptions = {
|
||||
http = {
|
||||
services = {
|
||||
qbittorrent.loadBalancer.servers = [{url = "http://localhost:${toString cfg.qbittorrent.port}";}];
|
||||
};
|
||||
routers = {
|
||||
qbittorrent = {
|
||||
entryPoints = ["websecure"];
|
||||
rule = "Host(`${cfg.qbittorrent.url}`)";
|
||||
service = "qbittorrent";
|
||||
tls.certResolver = "letsencrypt";
|
||||
(lib.mkIf cfg.qbittorrent.enable {
|
||||
dynamicConfigOptions = {
|
||||
http = {
|
||||
services = {
|
||||
qbittorrent.loadBalancer.servers = [{url = "http://localhost:${toString cfg.qbittorrent.port}";}];
|
||||
};
|
||||
routers = {
|
||||
qbittorrent = {
|
||||
entryPoints = ["websecure"];
|
||||
rule = "Host(`${cfg.qbittorrent.url}`)";
|
||||
service = "qbittorrent";
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
})
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.slskd.enable {
|
||||
dynamicConfigOptions = {
|
||||
http = {
|
||||
services = {
|
||||
slskd.loadBalancer.servers = [{url = "http://localhost:${toString cfg.slskd.port}";}];
|
||||
};
|
||||
routers = {
|
||||
slskd = {
|
||||
entryPoints = ["websecure"];
|
||||
rule = "Host(`${cfg.slskd.url}`)";
|
||||
service = "slskd";
|
||||
tls.certResolver = "letsencrypt";
|
||||
(lib.mkIf cfg.slskd.enable {
|
||||
dynamicConfigOptions = {
|
||||
http = {
|
||||
services = {
|
||||
slskd.loadBalancer.servers = [{url = "http://localhost:${toString cfg.slskd.port}";}];
|
||||
};
|
||||
routers = {
|
||||
slskd = {
|
||||
entryPoints = ["websecure"];
|
||||
rule = "Host(`${cfg.slskd.url}`)";
|
||||
service = "slskd";
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
})
|
||||
];
|
||||
})
|
||||
];
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers = lib.mkMerge [
|
||||
(lib.mkIf cfg.gluetun.enable {
|
||||
@@ -293,7 +295,7 @@ in {
|
||||
(lib.mkIf cfg.pihole.enable {
|
||||
pihole = {
|
||||
autoStart = true;
|
||||
image = "pihole/pihole:latest";
|
||||
image = "pihole/pihole:2025.08.0";
|
||||
volumes = [
|
||||
"/var/lib/pihole:/etc/pihole/"
|
||||
"/var/lib/dnsmasq.d:/etc/dnsmasq.d/"
|
||||
|
||||
Reference in New Issue
Block a user