diff --git a/flake.lock b/flake.lock index f2cfffb..e55e8d0 100644 --- a/flake.lock +++ b/flake.lock @@ -37,11 +37,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1736005916, - "narHash": "sha256-a/sqKV5GvqEcQEGfUGQkhWaUnqIRi8oiDAHbBG1oFZg=", + "lastModified": 1732215451, + "narHash": "sha256-P2VVlzRGKBNsiHsN1yMZcSMXpwtIx9ysMFZAqKFJ14o=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "5db6f7711a28abd4b6bbe152c8a7de9d00b1e30d", + "rev": "9d9c0a3a94a91cfed654a18239e27cf56970daa4", "type": "github" }, "original": { @@ -53,16 +53,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1734959339, - "narHash": "sha256-CkUmsVKzAQ/VWIhtxWxlcGtrWVa8hxqsMqvfcsG5ktA=", + "lastModified": 1732213300, + "narHash": "sha256-4Pv35cnZGiTxe6j2O0F9L9sHzxVIC1SazeAUD5kWeBs=", "owner": "goauthentik", "repo": "authentik", - "rev": "e87a17fd8169d3fa92bcc47eb2743928df83bc95", + "rev": "527e584699abc93712114b05f70f59c5187caa66", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2024.12.1", + "ref": "version/2024.10.4", "repo": "authentik", "type": "github" } @@ -153,19 +153,24 @@ "flake-utils": "flake-utils_4", "liburing": "liburing", "nix-filter": "nix-filter", - "nixpkgs": "nixpkgs_4", + "nixpkgs": [ + "unstable" + ], "rocksdb": "rocksdb" }, "locked": { "lastModified": 1721105087, "narHash": "sha256-t74TUSswsCkOdZCKjgP74qEHKg78ShKTkP6x9/zqYX4=", - "path": "/nix/store/sw263a1qb3z8qc6bb78fm4mslsz5ya7i-source", + "owner": "girlbossceo", + "repo": "conduwuit", "rev": "c29197b3f457cf72197ef5251f9815107b2526d7", - "type": "path" + "type": "github" }, "original": { - "id": "conduwuit", - "type": "indirect" + "owner": "girlbossceo", + "ref": "v0.4.5", + "repo": "conduwuit", + "type": "github" } }, "crane": { @@ -419,27 +424,6 @@ "type": "github" } }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flake-utils": { "inputs": { "systems": [ @@ -609,11 +593,11 @@ ] }, "locked": { - "lastModified": 1735344290, - "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", + "lastModified": 1732466619, + "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=", "owner": "nix-community", "repo": "home-manager", - "rev": "613691f285dad87694c2ba1c9e6298d04736292d", + "rev": "f3111f62a23451114433888902a55cf0692b408d", "type": "github" }, "original": { @@ -626,7 +610,7 @@ "homepage": { "inputs": { "flake-utils": "flake-utils_6", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1732147487, @@ -645,11 +629,11 @@ }, "impermanence": { "locked": { - "lastModified": 1734945620, - "narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=", + "lastModified": 1731242966, + "narHash": "sha256-B3C3JLbGw0FtLSWCjBxU961gLNv+BOOBC6WvstKLYMw=", "owner": "nix-community", "repo": "impermanence", - "rev": "d000479f4f41390ff7cf9204979660ad5dd16176", + "rev": "3ed3f0eaae9fcc0a8331e77e9319c8a4abd8a71a", "type": "github" }, "original": { @@ -813,7 +797,7 @@ "nixGL": { "inputs": { "flake-utils": "flake-utils_7", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1713543440, @@ -985,22 +969,6 @@ } }, "nixpkgs_4": { - "locked": { - "lastModified": 1720768451, - "narHash": "sha256-EYekUHJE2gxeo2pM/zM9Wlqw1Uw2XTJXOSAO79ksc4Y=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7e7c39ea35c5cdd002cd4588b03a3fb9ece6fad9", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { "locked": { "lastModified": 1719426051, "narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=", @@ -1013,7 +981,7 @@ "type": "indirect" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1660551188, "narHash": "sha256-a1LARMMYQ8DPx1BgoI/UN4bXe12hhZkCNqdxNi6uS0g=", @@ -1028,13 +996,13 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { - "lastModified": 1735922141, - "narHash": "sha256-vk0xwGZSlvZ/596yxOtsk4gxsIx2VemzdjiU8zhjgWw=", + "lastModified": 1732824227, + "narHash": "sha256-fYNXgpu1AEeLyd3fQt4Ym0tcVP7cdJ8wRoqJ+CtTRyY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d29ab98cd4a70a387b8ceea3e930b3340d41ac5a", + "rev": "c71ad5c34d51dcbda4c15f44ea4e4aa6bb6ac1e9", "type": "github" }, "original": { @@ -1044,34 +1012,13 @@ "type": "github" } }, - "nixpkgs_8": { - "locked": { - "lastModified": 1735834308, - "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "6df24922a1400241dae323af55f30e4318a6ca65", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nur": { - "inputs": { - "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_8", - "treefmt-nix": "treefmt-nix_2" - }, "locked": { - "lastModified": 1736062223, - "narHash": "sha256-E2pP/HI/adDIzDhYR25xlTQpvMnssZPhozHbTg66H/E=", + "lastModified": 1733015936, + "narHash": "sha256-d/wq3j57flyYQ1F3s/B2f0bHCaOKF6d7JTxzfMCGRmw=", "owner": "nix-community", "repo": "NUR", - "rev": "c069281f9ef15582d5c1c59995e9d6cf2c0ed1b6", + "rev": "d711073b26533360c2bc595b4e6a824b873f8e22", "type": "github" }, "original": { @@ -1098,11 +1045,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1735164664, - "narHash": "sha256-DaWy+vo3c4TQ93tfLjUgcpPaSoDw4qV4t76Y3Mhu84I=", + "lastModified": 1730284601, + "narHash": "sha256-eHYcKVLIRRv3J1vjmxurS6HVdGphB53qxUeAkylYrZY=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "1fb01e90771f762655be7e0e805516cd7fa4d58e", + "rev": "43a898b4d76f7f3f70df77a2cc2d40096bc9d75e", "type": "github" }, "original": { @@ -1191,7 +1138,7 @@ "impermanence": "impermanence", "mediawikiSkinCitizen": "mediawikiSkinCitizen", "nixGL": "nixGL", - "nixpkgs": "nixpkgs_7", + "nixpkgs": "nixpkgs_6", "nur": "nur", "unstable": "unstable", "vpsadminos": "vpsadminos" @@ -1311,34 +1258,13 @@ "type": "github" } }, - "treefmt-nix_2": { - "inputs": { - "nixpkgs": [ - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733222881, - "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "49717b5af6f80172275d47a418c9719a31a78b53", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, "unstable": { "locked": { - "lastModified": 1735834308, - "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=", + "lastModified": 1732837521, + "narHash": "sha256-jNRNr49UiuIwaarqijgdTR2qLPifxsVhlJrKzQ8XUIE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6df24922a1400241dae323af55f30e4318a6ca65", + "rev": "970e93b9f82e2a0f3675757eb0bfc73297cc6370", "type": "github" }, "original": { @@ -1350,11 +1276,11 @@ }, "vpsadminos": { "locked": { - "lastModified": 1734458258, - "narHash": "sha256-xZEbuwAAbxwujrGtuydDNBjzMLnE9YOcuLv3hdudZe4=", + "lastModified": 1732972373, + "narHash": "sha256-n1JQ6x5nh7/sgKKe8uWWdrw2pz2tkJm6IRpI5+I1chI=", "owner": "vpsfreecz", "repo": "vpsadminos", - "rev": "83ddccf4462f155f12596af773e9291d7ebc37a3", + "rev": "adea302cd4033be844cd033d30bc552270025331", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 1293ed2..1a053f5 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,12 @@ homepage.url = "git+https://git.posixlycorrect.com/fabian/homepage.git?ref=master"; + conduwuit = { + url = "github:girlbossceo/conduwuit?ref=v0.4.5"; + #FIXME: PodrĂ¡ volver a "nixpkgs" una vez que rocksdb.enableLiburing llegue a stable + inputs.nixpkgs.follows = "unstable"; + }; + authentik-nix = { url = "github:nix-community/authentik-nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -53,7 +59,7 @@ config = import ./pkgs/config nixpkgs.lib; overlays = [ self.overlays.default - nur.overlays.default + nur.overlay nixGL.overlay ]; }; diff --git a/home/modules/gui/default.nix b/home/modules/gui/default.nix index 1e8196e..9dcf14c 100644 --- a/home/modules/gui/default.nix +++ b/home/modules/gui/default.nix @@ -112,47 +112,5 @@ in { polybar.enable = true; picom.enable = true; }; - - gtk = { - enable = true; - - iconTheme = { - name = "Papirus-Dark"; - package = pkgs.papirus-icon-theme; - }; - theme = { - package = pkgs.materia-theme; - name = "Materia-dark"; - }; - - gtk2.extraConfig = '' - gtk-toolbar-style=GTK_TOOLBAR_BOTH_HORIZ - gtk-menu-images=1 - gtk-button-images=1 - ''; - - gtk3.extraConfig = { - gtk-application-prefer-dark-theme = 1; - }; - gtk4.extraConfig = { - gtk-application-prefer-dark-theme = 1; - }; - }; - - qt = { - enable = true; - style.name = "bb10dark"; - platformTheme.name = "gtk"; - }; - - home.sessionVariables = { - # Use gtk in jvm apps - _JAVA_OPTIONS = concatStringsSep " " [ - "-Dawt.useSystemAAFontSettings=on" - "-Dswing.aatext=true" - "-Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel" - "-Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel" - ]; - }; }; } diff --git a/home/modules/gui/i3.nix b/home/modules/gui/i3.nix index 527f462..50f19d1 100644 --- a/home/modules/gui/i3.nix +++ b/home/modules/gui/i3.nix @@ -68,12 +68,10 @@ with lib; { notification = false; always = true; } - { - #todo: move this to browsers module + { #todo: move this to browsers module command = "${pkgs.i3-gaps}/bin/i3-msg 'workspace 1; exec ${pkgs.firefox}/bin/firefox'"; } - { - #todo: move this to telegram module + { #todo: move this to telegram module command = "${pkgs.i3-gaps}/bin/i3-msg 'workspace 2; exec ${pkgs.tdesktop}/bin/telegram-desktop'"; } #{ diff --git a/home/platforms/fabian@posixlycorrect/default.nix b/home/platforms/fabian@posixlycorrect/default.nix index 47824ca..32aaad4 100644 --- a/home/platforms/fabian@posixlycorrect/default.nix +++ b/home/platforms/fabian@posixlycorrect/default.nix @@ -70,7 +70,6 @@ packages = with pkgs; [ darktable deluge - gajim gnucash kdenlive virt-manager diff --git a/sys/modules/users.nix b/sys/modules/users.nix index 9925e76..4711909 100644 --- a/sys/modules/users.nix +++ b/sys/modules/users.nix @@ -66,7 +66,7 @@ in { shell = pkgs.zsh; extraGroups = ["users" "networkmanager"] - ++ optionals (v.admin) ["wheel" "libvirtd" "dialout" "adbusers"]; + ++ optionals (v.admin) ["wheel" "libvirtd" "dialout" "adbusers" ]; openssh.authorizedKeys.keyFiles = v.sshKeyPublicFile; }) enabledUsers; diff --git a/sys/platforms/vps/srv/default.nix b/sys/platforms/vps/srv/default.nix index cf7adb0..3216ccb 100644 --- a/sys/platforms/vps/srv/default.nix +++ b/sys/platforms/vps/srv/default.nix @@ -10,6 +10,7 @@ with lib; { ./net.nix ./mediawiki.nix # ./jitsi.nix + # ./matrix.nix currently not being used ./forgejo.nix ./vaultwarden.nix # ./bepasty.nix diff --git a/sys/platforms/vps/srv/matrix.nix b/sys/platforms/vps/srv/matrix.nix new file mode 100644 index 0000000..44644fd --- /dev/null +++ b/sys/platforms/vps/srv/matrix.nix @@ -0,0 +1,58 @@ +{ + lib, + pkgs, + config, + flakes, + ... +}: +with lib; let + subdomain = "matrix.posixlycorrect.com"; + baseUrl = "https://${subdomain}"; +in { + # ver https://nixos.org/manual/nixos/stable/#module-services-matrix + services = { + matrix-conduit = { + enable = true; + package = flakes.conduwuit.packages.${pkgs.system}.default; + settings.global = { + address = "::1"; + port = 6167; + allow_encryption = true; + allow_federation = true; + allow_registration = false; + database_backend = "rocksdb"; + server_name = "posixlycorrect.com"; + allow_check_for_updates = true; + new_user_displayname_suffix = ""; + }; + }; + + nginx.virtualHosts = let + clientConfig."m.homeserver".base_url = baseUrl; + serverConfig."m.server" = "${subdomain}:443"; + mkWellKnown = data: '' + default_type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; + in { + "posixlycorrect.com" = { + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; + }; + "${subdomain}" = { + enableACME = true; + forceSSL = true; + extraConfig = '' + proxy_headers_hash_max_size 512; + proxy_headers_hash_bucket_size 128; + ''; + locations."/".extraConfig = '' + return 403; + ''; + locations."/_matrix".proxyPass = "http://[::1]:6167"; + locations."/_synapse/client".proxyPass = "http://[::1]:6167"; + }; + }; + }; +}