diff --git a/flake.lock b/flake.lock index 8073e81f..1216586a 100644 --- a/flake.lock +++ b/flake.lock @@ -83,11 +83,11 @@ ] }, "locked": { - "lastModified": 1755946532, - "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=", + "lastModified": 1759499898, + "narHash": "sha256-UNzYHLWfkSzLHDep5Ckb5tXc0fdxwPIrT+MY4kpQttM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada", + "rev": "655e067f96fd44b3f5685e17f566b0e4d535d798", "type": "github" }, "original": { @@ -153,11 +153,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1759235653, - "narHash": "sha256-sKFehUxXCzM6E1LcmnRa/O6HKsRI/TGtciG5ulAJt08=", + "lastModified": 1759532138, + "narHash": "sha256-sLQIlgDwMP3mEY2PwjGW+cL56QQ2n2WXoZ3GpG5QWOY=", "owner": "chaotic-cx", "repo": "nyx", - "rev": "2bf7f138e42fa8b2133761edab64263505cb83bf", + "rev": "bad02bbca5b5c6d45539a0d740ad0e21b1ba9afc", "type": "github" }, "original": { @@ -212,11 +212,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1759301100, - "narHash": "sha256-hmiTEoVAqLnn80UkreCNunnRKPucKvcg5T4/CELEtbw=", + "lastModified": 1759646430, + "narHash": "sha256-V8mjmGzi9nS7BZfhpzYAOUg3BcCsC6MrEh9xlKq3+7s=", "owner": "nix-community", "repo": "fenix", - "rev": "0956bc5d1df2ea800010172c6bc4470d9a22cb81", + "rev": "b326bea4d58c9a58b346f17c710538eac00f71d1", "type": "github" }, "original": { @@ -332,11 +332,11 @@ ] }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1759362264, + "narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "758cf7296bee11f1706a574c77d072b8a7baa881", "type": "github" }, "original": { @@ -392,11 +392,11 @@ ] }, "locked": { - "lastModified": 1756770412, - "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", + "lastModified": 1759362264, + "narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "4524271976b625a4a605beefd893f270620fd751", + "rev": "758cf7296bee11f1706a574c77d072b8a7baa881", "type": "github" }, "original": { @@ -491,11 +491,11 @@ ] }, "locked": { - "lastModified": 1758108966, - "narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=", + "lastModified": 1759523803, + "narHash": "sha256-PTod9NG+i3XbbnBKMl/e5uHDBYpwIWivQ3gOWSEuIEM=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b", + "rev": "cfc9f7bb163ad8542029d303e599c0f7eee09835", "type": "github" }, "original": { @@ -571,11 +571,11 @@ }, "hardware": { "locked": { - "lastModified": 1759261527, - "narHash": "sha256-wPd5oGvBBpUEzMF0kWnXge0WITNsITx/aGI9qLHgJ4g=", + "lastModified": 1759582739, + "narHash": "sha256-spZegilADH0q5OngM86u6NmXxduCNv5eX9vCiUPhOYc=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "e087756cf4abbe1a34f3544c480fc1034d68742f", + "rev": "3441b5242af7577230a78ffb03542add264179ab", "type": "github" }, "original": { @@ -590,11 +590,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1759201995, - "narHash": "sha256-3STv6fITv8Ar/kl0H7vIA7VV0d2gyLh8UL0BOiVacXg=", + "lastModified": 1759605748, + "narHash": "sha256-qALSaIE4fbTo0wbPjEp7RZKbtFk1cDhRZ0BYOHW0JwQ=", "owner": "helix-editor", "repo": "helix", - "rev": "bfcbef10c513108c7b43317569416c2eefc4ed44", + "rev": "6fffaf6a7ded9a12fb2d5715a4eb83787a5e6402", "type": "github" }, "original": { @@ -610,11 +610,11 @@ ] }, "locked": { - "lastModified": 1759331616, - "narHash": "sha256-LVpodobJvJM5rmfh2sFBHPNX0PYpNbbHzx/gprlKGGg=", + "lastModified": 1759573136, + "narHash": "sha256-ILSPD0Dm8p0w0fCVzOx98ZH8yFDrR75GmwmH3fS2VnE=", "owner": "nix-community", "repo": "home-manager", - "rev": "5890176f856dcaf55f3ab56b25d4138657531cbd", + "rev": "5f06ceafc6c9b773a776b9195c3f47bbe1defa43", "type": "github" }, "original": { @@ -652,11 +652,11 @@ ] }, "locked": { - "lastModified": 1759172751, - "narHash": "sha256-E8W8sRXfrvkFW26GuuiWq6QfReU7m5+cngwHuRo/3jc=", + "lastModified": 1759337100, + "narHash": "sha256-CcT3QvZ74NGfM+lSOILcCEeU+SnqXRvl1XCRHenZ0Us=", "owner": "nix-community", "repo": "home-manager", - "rev": "12fa8548feefa9a10266ba65152fd1a787cdde8f", + "rev": "004753ae6b04c4b18aa07192c1106800aaacf6c3", "type": "github" }, "original": { @@ -710,11 +710,11 @@ ] }, "locked": { - "lastModified": 1758192433, - "narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=", + "lastModified": 1759490292, + "narHash": "sha256-T6iWzDOXp8Wv0KQOCTHpBcmAOdHJ6zc/l9xaztW6Ivc=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7", + "rev": "9431db625cd9bb66ac55525479dce694101d6d7a", "type": "github" }, "original": { @@ -803,11 +803,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1759318697, - "narHash": "sha256-iCL/F+rlgzgBfG4QURfjBrxVBMPsXCzZKHXn1SNBshc=", + "lastModified": 1759530922, + "narHash": "sha256-9NgZKpibALekGTPDc2O8lP8vFealQSZkXe+L+S7MMZU=", "owner": "hyprwm", "repo": "hyprland", - "rev": "e0c96276df75accc853a30186ae5de580b2c725f", + "rev": "76d998743ac10e712238c1016db4d8e8d16f1049", "type": "github" }, "original": { @@ -824,11 +824,11 @@ ] }, "locked": { - "lastModified": 1759238633, - "narHash": "sha256-4/AtRCQKXuU49ozZZouWuC+T7vCjQh9HAz3N8Tt5OZE=", + "lastModified": 1759613406, + "narHash": "sha256-PzgQJydp+RlKvwDi807pXPlURdIAVqLppZDga3DwPqg=", "owner": "hyprwm", "repo": "contrib", - "rev": "513d71d3f42c05d6a38e215382c5a6ce971bd77d", + "rev": "32e1a75b65553daefb419f0906ce19e04815aa3a", "type": "github" }, "original": { @@ -942,11 +942,11 @@ ] }, "locked": { - "lastModified": 1757694755, - "narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=", + "lastModified": 1759080228, + "narHash": "sha256-RgDoAja0T1hnF0pTc56xPfLfFOO8Utol2iITwYbUhTk=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c", + "rev": "629b15c19fa4082e4ce6be09fdb89e8c3312aed7", "type": "github" }, "original": { @@ -971,11 +971,11 @@ ] }, "locked": { - "lastModified": 1756810301, - "narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=", + "lastModified": 1758927902, + "narHash": "sha256-LZgMds7M94+vuMql2bERQ6LiFFdhgsEFezE4Vn+Ys3A=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931", + "rev": "4dafa28d4f79877d67a7d1a654cddccf8ebf15da", "type": "github" }, "original": { @@ -1006,11 +1006,11 @@ ] }, "locked": { - "lastModified": 1758124489, - "narHash": "sha256-YiVF/8Me3vVKJBEgGpQhn0HF09EWfXZGaWLzAaJBrO4=", + "lastModified": 1759572448, + "narHash": "sha256-o+r44fqPQM+/hQdjFy9qV9C51Jhty6M4icFVYocyJfA=", "owner": "hyprwm", "repo": "hyprlock", - "rev": "7f769fa993cb492982d7bf25676c68ddbcc0268e", + "rev": "c8a6768dca626cf7d7cbc333095f048bc007b6d9", "type": "github" }, "original": { @@ -1069,11 +1069,11 @@ ] }, "locked": { - "lastModified": 1756117388, - "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=", + "lastModified": 1759490926, + "narHash": "sha256-7IbZGJ5qAAfZsGhBHIsP8MBsfuFYS0hsxYHVkkeDG5Q=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0", + "rev": "94cce794344538c4d865e38682684ec2bbdb2ef3", "type": "github" }, "original": { @@ -1191,11 +1191,11 @@ ] }, "locked": { - "lastModified": 1757230583, - "narHash": "sha256-4uqu7sFPOaVTCogsxaGMgbzZ2vK40GVGMfUmrvK3/LY=", + "lastModified": 1759387127, + "narHash": "sha256-uuwJAP92SkHmnI1zo7rrK/gEuHtb97vFZcMa5w+0SZA=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "fc3960e6c32c9d4f95fff2ef84444284d24d3bea", + "rev": "0cc290e05882745060fccfe6d7d073f913e0cce7", "type": "github" }, "original": { @@ -1229,11 +1229,11 @@ }, "mnw": { "locked": { - "lastModified": 1756659871, - "narHash": "sha256-v6Rh4aQ6RKjM2N02kK9Usn0Ix7+OY66vNpeklc1MnGE=", + "lastModified": 1758834834, + "narHash": "sha256-Y7IvY4F8vajZyp3WGf+KaiIVwondEkMFkt92Cr9NZmg=", "owner": "Gerg-L", "repo": "mnw", - "rev": "ed6cc3e48557ba18266e598a5ebb6602499ada16", + "rev": "cfbc7d1cc832e318d0863a5fc91d940a96034001", "type": "github" }, "original": { @@ -1278,11 +1278,11 @@ ] }, "locked": { - "lastModified": 1759110900, - "narHash": "sha256-fcu/r0ijvaYT2VHGkZGr0wq9uBMNFkiftVBy43/2oig=", + "lastModified": 1759629535, + "narHash": "sha256-VIXcJ2ahRgoqIUySwAz3r5mtITO2dp6tXGCVKVW6FmA=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "2ac6a49266e9159ccb001b4c8cb1f50f67d502ae", + "rev": "df388c42b54714bd121796a9cec9322b7fa2894e", "type": "github" }, "original": { @@ -1411,11 +1411,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1758198701, - "narHash": "sha256-7To75JlpekfUmdkUZewnT6MoBANS0XVypW6kjUOXQwc=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0147c2f1d54b30b5dd6d4a8c8542e8d7edf93b5d", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -1443,11 +1443,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1759036355, - "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", + "lastModified": 1759381078, + "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", + "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "type": "github" }, "original": { @@ -1459,11 +1459,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1756696532, - "narHash": "sha256-6FWagzm0b7I/IGigOv9pr6LL7NQ86mextfE8g8Q6HBg=", + "lastModified": 1759386674, + "narHash": "sha256-wg1Lz/1FC5Q13R+mM5a2oTV9TA9L/CHHTm3/PiLayfA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "58dcbf1ec551914c3756c267b8b9c8c86baa1b2f", + "rev": "625ad6366178f03acd79f9e3822606dd7985b657", "type": "github" }, "original": { @@ -1482,11 +1482,11 @@ "systems": "systems_5" }, "locked": { - "lastModified": 1758271661, - "narHash": "sha256-ENqd2/33uP5vB44ClDjjAV+J78oF8q1er4QUZuT8Z7g=", + "lastModified": 1759469269, + "narHash": "sha256-DP833ejGUNRRHsJOB3WRTaWWXLNucaDga2ju/fGe+sc=", "owner": "notashelf", "repo": "nvf", - "rev": "b7571df4d6e9ac08506a738ddceeec0b141751b0", + "rev": "e48638aef3a95377689de0ef940443c64f870a09", "type": "github" }, "original": { @@ -1626,11 +1626,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1759245522, - "narHash": "sha256-H4Hx/EuMJ9qi1WzPV4UG2bbZiDCdREtrtDvYcHr0kmk=", + "lastModified": 1759601486, + "narHash": "sha256-ZywfLIFtRr907us1tONwUJLeg3ssO4D01XBFHx7RdAo=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "a6bc4a4bbe6a65b71cbf76a0cf528c47a8d9f97f", + "rev": "4ae99f0150c94f4bdf7192b4447f512ece3546fd", "type": "github" }, "original": { @@ -1648,11 +1648,11 @@ ] }, "locked": { - "lastModified": 1759113356, - "narHash": "sha256-xm4kEUcV2jk6u15aHazFP4YsMwhq+PczA+Ul/4FDKWI=", + "lastModified": 1759458749, + "narHash": "sha256-WKnbJnm1B2+TO2ZUudgS39EzecQeLl4/bnRtd3y46LI=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "be3b8843a2be2411500f6c052876119485e957a2", + "rev": "bbc3a8ae797d1700e57a4f4bcc4e79af727d4138", "type": "github" }, "original": { @@ -1923,11 +1923,11 @@ ] }, "locked": { - "lastModified": 1759180079, - "narHash": "sha256-5hqTGqAKcLEumY3tqOtHK17CA6RkzS1I0EGKfuoyb58=", + "lastModified": 1759590499, + "narHash": "sha256-EBToRzqe5WMz4DQyxOp9/CP+rWjdaZ2EUwbItfNf3VI=", "ref": "refs/heads/main", - "rev": "d4a254b38c7ac2b99931220d767610adfa3a57fe", - "revCount": 135, + "rev": "6e606c8bfa6a88209488790388b1005bc489fa66", + "revCount": 136, "type": "git", "url": "https://git.sr.ht/~canasta/zen-browser-flake" }, diff --git a/hosts/kima/modules.nix b/hosts/kima/modules.nix index 8ae58028..0cc0c3f2 100644 --- a/hosts/kima/modules.nix +++ b/hosts/kima/modules.nix @@ -216,7 +216,7 @@ flags = "--performance"; }; tailscale = { - enable = true; + enable = false; }; udisks = { enable = true; diff --git a/hosts/sobotka/server.nix b/hosts/sobotka/server.nix index 08323b7c..d60b15d0 100644 --- a/hosts/sobotka/server.nix +++ b/hosts/sobotka/server.nix @@ -1,4 +1,5 @@ -{config, ...}: { +{ config, ... }: +{ server = { enable = true; email = "adam@cnst.dev"; @@ -43,6 +44,10 @@ }; jellyfin = { enable = true; + cloudflared = { + tunnelId = "234811e2-bc86-44b2-9abd-493686e25704"; + credentialsFile = config.age.secrets.jellyfinCloudflared.path; + }; }; uptime-kuma = { enable = true; @@ -89,7 +94,7 @@ gluetun.enable = true; qbittorrent = { enable = true; - port = 8080; + port = 8387; }; slskd = { enable = true; diff --git a/modules/server/authentik/default.nix b/modules/server/authentik/default.nix index c6e3871c..c4c5e472 100644 --- a/modules/server/authentik/default.nix +++ b/modules/server/authentik/default.nix @@ -4,11 +4,13 @@ pkgs, self, ... -}: let +}: +let unit = "authentik"; cfg = config.server.${unit}; srv = config.server; -in { +in +{ options.server.${unit} = { enable = lib.mkEnableOption { description = "Enable ${unit}"; @@ -53,15 +55,9 @@ in { age.secrets = { authentikEnv = { file = "${self}/secrets/authentikEnv.age"; - owner = "authentik"; - group = "authentik"; - mode = "0400"; }; authentikCloudflared = { file = "${self}/secrets/authentikCloudflared.age"; - owner = "authentik"; - group = "authentik"; - mode = "0400"; }; }; @@ -110,15 +106,16 @@ in { "X-authentik-username" "X-authentik-groups" "X-authentik-email" - "X-authentik-name" - "X-authentik-uid" + # "X-authentik-name" + # "X-authentik-uid" "X-authentik-jwt" - "X-authentik-meta-jwks" - "X-authentik-meta-outpost" - "X-authentik-meta-provider" - "X-authentik-meta-app" - "X-authentik-meta-version" + # "X-authentik-meta-jwks" + # "X-authentik-meta-outpost" + # "X-authentik-meta-provider" + # "X-authentik-meta-app" + # "X-authentik-meta-version" ]; + timeout = "10s"; }; }; }; @@ -133,7 +130,7 @@ in { routers = { auth = { - entryPoints = ["websecure"]; + entryPoints = [ "websecure" ]; rule = "Host(`${cfg.url}`) || HostRegexp(`{subdomain:[a-z0-9]+}.${srv.www.url}`) && PathPrefix(`/outpost.goauthentik.io/`)"; service = "auth"; tls.certResolver = "letsencrypt"; diff --git a/modules/server/www/default.nix b/modules/server/www/default.nix index 45f6f420..09c35f82 100644 --- a/modules/server/www/default.nix +++ b/modules/server/www/default.nix @@ -4,11 +4,18 @@ pkgs, self, ... -}: let - inherit (lib) mkOption mkEnableOption mkIf types; +}: +let + inherit (lib) + mkOption + mkEnableOption + mkIf + types + ; cfg = config.server.www; srv = config.server; -in { +in +{ options.server.www = { enable = mkEnableOption { description = "Enable personal website"; @@ -117,14 +124,14 @@ in { services.traefik.dynamicConfigOptions.http = { routers.webfinger = { - entryPoints = ["websecure"]; + entryPoints = [ "websecure" ]; rule = "Host(`${cfg.url}`) && Path(`/.well-known/webfinger`)"; service = "webfinger"; tls.certResolver = "letsencrypt"; }; services.webfinger.loadBalancer.servers = [ - {url = "http://127.0.0.1:8283";} + { url = "http://127.0.0.1:8283"; } ]; }; }; diff --git a/users/cnst/modules/kimamod.nix b/users/cnst/modules/kimamod.nix index 473dd921..9fca1386 100644 --- a/users/cnst/modules/kimamod.nix +++ b/users/cnst/modules/kimamod.nix @@ -11,7 +11,7 @@ enable = true; }; chromium = { - enable = true; + enable = false; }; discord = { enable = true;