feat(update): new kernel, new container versions and temporarily moving to zfs_unstable in waiting for stable to catch up with new kernel

2025-10-11 11:04:15 +02:00
parent e578a280db
commit 6b7ca2b194
6 changed files with 58 additions and 60 deletions
--- a/hosts/sobotka/default.nix
+++ b/hosts/sobotka/default.nix
@@ -68,7 +68,10 @@ in {
  boot = {
    supportedFilesystems = ["zfs"];
-    zfs.extraPools = ["data"];
+    zfs = {
      package = pkgs.zfs_unstable;
      extraPools = ["data"];
    };
  };
  services.zfs = {
--- a/modules/nixos/programs/pkgs/default.nix
+++ b/modules/nixos/programs/pkgs/default.nix
@@ -3,17 +3,16 @@
  config,
  lib,
  ...
-}:
+}: let
-let
+  inherit
-  inherit (lib)
+    (lib)
    mkIf
    mkOption
    mkMerge
    types
    ;
  cfg = config.nixos.programs.pkgs;
-in
+in {
 {
  options = {
    nixos.programs.pkgs = {
      enable = mkOption {
@@ -51,8 +50,7 @@ in
  };
  config = mkIf cfg.enable {
-    environment.systemPackages =
+    environment.systemPackages = with pkgs;
      with pkgs;
      mkMerge [
        [
          pciutils
@@ -110,9 +108,7 @@ in
        (mkIf cfg.server.enable [
          nvtopPackages.intel
          nvtopPackages.amd
          helix
          zfs
          zfstools
        ])
--- a/modules/server/authentik/default.nix
+++ b/modules/server/authentik/default.nix
@@ -53,11 +53,9 @@ in {
    age.secrets = {
      authentikEnv = {
        file = "${self}/secrets/authentikEnv.age";
        owner = "authentik";
      };
      authentikCloudflared = {
        file = "${self}/secrets/authentikCloudflared.age";
        owner = "authentik";
      };
    };
@@ -99,7 +97,6 @@ in {
            middlewares = {
              authentik = {
                forwardAuth = {
                  # tls.insecureSkipVerify = true;
                  address = "https://localhost:9443/outpost.goauthentik.io/auth/traefik";
                  trustForwardHeader = true;
                  authResponseHeaders = [
--- a/modules/server/homepage-dashboard/default.nix
+++ b/modules/server/homepage-dashboard/default.nix
@@ -101,7 +101,7 @@ in {
              label = "SYSTEM";
              memory = true;
              cpu = true;
-              uptime = true;
+              uptime = false;
            };
          }
        ];
--- a/modules/server/nextcloud/default.nix
+++ b/modules/server/nextcloud/default.nix
@@ -69,7 +69,7 @@ in {
    services = {
      ${unit} = {
        enable = true;
-        package = pkgs.nextcloud31;
+        package = pkgs.nextcloud32;
        hostName = "nextcloud";
        configureRedis = true;
        caching = {
--- a/modules/server/podman/default.nix
+++ b/modules/server/podman/default.nix
@@ -143,7 +143,8 @@ in {
      ];
    };
-    services.traefik = lib.mkMerge [
+    services = {
      traefik = lib.mkMerge [
        (lib.mkIf cfg.pihole.enable {
          dynamicConfigOptions = {
            http = {
@@ -198,6 +199,7 @@ in {
          };
        })
      ];
    };
    virtualisation.oci-containers.containers = lib.mkMerge [
      (lib.mkIf cfg.gluetun.enable {
@@ -293,7 +295,7 @@ in {
      (lib.mkIf cfg.pihole.enable {
        pihole = {
          autoStart = true;
-          image = "pihole/pihole:latest";
+          image = "pihole/pihole:2025.08.0";
          volumes = [
            "/var/lib/pihole:/etc/pihole/"
            "/var/lib/dnsmasq.d:/etc/dnsmasq.d/"