diff --git a/flake.lock b/flake.lock index 7ee0fb7..2cd09a7 100644 --- a/flake.lock +++ b/flake.lock @@ -68,11 +68,11 @@ ] }, "locked": { - "lastModified": 1742655702, - "narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", + "lastModified": 1747020534, + "narHash": "sha256-D/6rkiC6w2p+4SwRiVKrWIeYzun8FBg7NlMKMwQMxO0=", "owner": "nix-community", "repo": "home-manager", - "rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", + "rev": "b4bbdc6fde16fc2051fcde232f6e288cd22007ca", "type": "github" }, "original": { @@ -90,11 +90,11 @@ "nixpkgs-unstable": "nixpkgs-unstable" }, "locked": { - "lastModified": 1741725077, - "narHash": "sha256-p9mLfWb9PPLtRUKlJoQG71jFH6xU4Ox+rzPkExvAglY=", + "lastModified": 1746800328, + "narHash": "sha256-zPum6QW2wYqSJNO+wEPKQdWD1Rt3SM9ir0YfGOVqReo=", "owner": "fort-nix", "repo": "nix-bitcoin", - "rev": "875d25066d4ad4df2ced3a0a16be0e40bb469d95", + "rev": "b2bc5e6e7553954374593f6527e43828e7302b52", "type": "github" }, "original": { @@ -148,11 +148,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741600792, - "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", + "lastModified": 1746422338, + "narHash": "sha256-NTtKOTLQv6dPfRe00OGSywg37A1FYqldS6xiNmqBUYc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", + "rev": "5b35d248e9206c1f3baf8de6a7683fee126364aa", "type": "github" }, "original": { @@ -164,11 +164,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1741678040, - "narHash": "sha256-rmBsz7BBcDwfvDkxnKHmolKceGJrr0nyz5PQYZg0kMk=", + "lastModified": 1746332716, + "narHash": "sha256-VBmKSkmw9PYBCEGhBKzORjx+nwNZkPZyHcUHE21A/ws=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ee8818da146871cd570b164fc4f438f78479a50", + "rev": "6b1c028bce9c89e9824cde040d6986d428296055", "type": "github" }, "original": { @@ -180,11 +180,11 @@ }, "nixpkgs-unstable_2": { "locked": { - "lastModified": 1742889210, - "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=", + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "698214a32beb4f4c8e3942372c694f40848b360d", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", "type": "github" }, "original": { @@ -210,11 +210,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1742751704, - "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", + "lastModified": 1746957726, + "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", + "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", "type": "github" }, "original": { diff --git a/modules/forgejo.nix b/modules/forgejo.nix index 2758720..ee5cb80 100644 --- a/modules/forgejo.nix +++ b/modules/forgejo.nix @@ -25,20 +25,20 @@ with lib; ''; }; }; - services.gitea-actions-runner = { - package = pkgs.forgejo-actions-runner; - instances.default = { - enable = true; - name = "monolith"; - url = "https://git.tfcconnection.org"; - # Obtaining the path to the runner token file may differ - # tokenFile should be in format TOKEN=, since it's EnvironmentFile for systemd - token = "RP4DUN8EPbonAvl0TzQyco4iA5eXY5QYNc4btuzZ"; - labels = [ - "ubuntu-latest:docker://node:16-bullseye" - ## optionally provide native execution on the host: - "native:host" - ]; - }; - }; + # services.gitea-actions-runner = { + # package = pkgs.forgejo-actions-runner; + # instances.default = { + # enable = true; + # name = "monolith"; + # url = "https://git.tfcconnection.org"; + # # Obtaining the path to the runner token file may differ + # # tokenFile should be in format TOKEN=, since it's EnvironmentFile for systemd + # token = "RP4DUN8EPbonAvl0TzQyco4iA5eXY5QYNc4btuzZ"; + # labels = [ + # "ubuntu-latest:docker://node:16-bullseye" + # ## optionally provide native execution on the host: + # "native:host" + # ]; + # }; + # }; } diff --git a/modules/nextcloud.nix b/modules/nextcloud.nix new file mode 100644 index 0000000..75093ee --- /dev/null +++ b/modules/nextcloud.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: + +let + dn = "staff.tfcconnection.org"; +in +with lib; +{ + services = { + caddy = { + virtualHosts = { + "${dn}".extraConfig = '' + encode gzip + reverse_proxy localhost:8080 + + redir /.well-known/carddav /remote.php/dav 301 + redir /.well-known/caldav /remote.php/dav 301 + header { + Strict-Transport-Security "max-age=15768000; includeSubDomains; reload;" + Access-Control-Allow-Origin * + Referrer-Policy no-referrer-when-downgrade + } + redir /.well-known/oidc-configuration /apps/oidc/openid-configuration 301 + handle_path /whiteboard/* { + reverse_proxy http://127.0.0.1:3002 + } + ''; + }; + }; + + nextcloud = { + enable = true; f + }; + }; + environment.systemPackages = with pkgs; [ + nextcloud_package + # for nextcloud memories + unstable.exiftool + unstable.exif + ffmpeg_6 + nodejs_20 + unstable.perl536Packages.ImageExifTool + ]; +} diff --git a/system/shen/configuration.nix b/system/shen/configuration.nix index 87ec2ae..f9ab268 100644 --- a/system/shen/configuration.nix +++ b/system/shen/configuration.nix @@ -26,7 +26,7 @@ in ./hardware-configuration.nix ../../pkgs/base-packages.nix ../../modules/base.nix - ../../modules/localai.nix + # ../../modules/localai.nix ../../modules/forgejo.nix ../../modules/ollama.nix # ../../pkgs/server.nix @@ -57,14 +57,8 @@ in vaapiIntel vaapiVdpau libvdpau-va-gl - # rocm-opencl-icd - # rocm-opencl-runtime - # amdvlk ]; driSupport32Bit = lib.mkDefault true; - #extraPackages32 = with pkgs; [ - # driversi686linux.amdvlk - #]; }; nvidia = { diff --git a/system/shen/hardware-configuration.nix b/system/shen/hardware-configuration.nix index f5ce59f..e017cda 100644 --- a/system/shen/hardware-configuration.nix +++ b/system/shen/hardware-configuration.nix @@ -8,30 +8,36 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ "amdgpu" ]; - boot.kernelModules = [ "kvm-intel" "radeon.si_support=0" "amdgpu.si_support=1" ]; + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/33a4619f-a37c-4ab8-a6ea-fdf612b45657"; - fsType = "btrfs"; - options = [ "subvol=@" "noatime" "nodiratime" "compress=zstd" ]; - }; - - fileSystems."/storage" = - { device = "/dev/disk/by-label/STORAGE"; - fsType = "btrfs"; - options = [ "noatime" "nodiratime" "compress=zstd" ]; + { device = "/dev/disk/by-uuid/f50b3f2f-dddc-4921-b95a-13197c2e2d2e"; + fsType = "ext4"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/515E-CB13"; + { device = "/dev/disk/by-uuid/E25A-FD5F"; fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + fileSystems."/storage" = + { device = "/dev/disk/by-label/storage"; + fsType = "btrfs"; + options = [ "subvol=@" "compress=zstd" ]; + }; + + fileSystems."/snapshots" = + { device = "/dev/disk/by-label/storage"; + fsType = "btrfs"; + options = [ "subvol=@snapshots" "compress=zstd" ]; }; swapDevices = - [ { device = "/dev/disk/by-uuid/764d7116-eba7-4404-b175-be756a7e53f6"; } + [ { device = "/dev/disk/by-uuid/3bf2eafd-4c51-43e8-8034-0ced2ce1813e"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking @@ -41,5 +47,6 @@ networking.useDHCP = lib.mkDefault true; # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }