diff --git a/flake.lock b/flake.lock index e4d6abb..3ebc308 100644 --- a/flake.lock +++ b/flake.lock @@ -1,7 +1,24 @@ { "nodes": { + "authentik-go": { + "flake": false, + "locked": { + "lastModified": 1770333754, + "narHash": "sha256-Yyna75Nd6485tZP9IpdEa5QNomswe9hRfM+w3MuET9E=", + "owner": "goauthentik", + "repo": "client-go", + "rev": "280022b0a8de5c8f4b2965d1147a1c4fa846ba64", + "type": "github" + }, + "original": { + "owner": "goauthentik", + "repo": "client-go", + "type": "github" + } + }, "authentik-nix": { "inputs": { + "authentik-go": "authentik-go", "authentik-src": "authentik-src", "flake-compat": "flake-compat", "flake-parts": "flake-parts", @@ -16,11 +33,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1762701457, - "narHash": "sha256-fWNdWw/iky//zyGpSygNZ+Xpa1ywwrgwniUTEBQCTvI=", + "lastModified": 1770535094, + "narHash": "sha256-MLjqqCQsJFZJKqSMfarSVsFLNRiDK/pvOnoRwZ+esmk=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "c14192ad67d071f88eb5cd7492a9f03b62865642", + "rev": "b09825ea48b0802b4806ed9f0f4721a49e36eb98", "type": "github" }, "original": { @@ -32,16 +49,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1762188128, - "narHash": "sha256-HowB6DTGCqz770fKYbnE+rQ11XRV0WSNkLD+HSWZwz8=", + "lastModified": 1770055313, + "narHash": "sha256-t9DOFNSQJZdUnZSEr3z8EBRsltS4DKu9xad9gS5/Ikc=", "owner": "goauthentik", "repo": "authentik", - "rev": "70406664dca2a13aabb695094f85471585668cb1", + "rev": "6760f4c5d38e245edb72e12e4f45bda8dd859ccd", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.10.1", + "ref": "version/2025.12.3", "repo": "authentik", "type": "github" } @@ -49,11 +66,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "lastModified": 1765121682, + "narHash": "sha256-4VBOP18BFeiPkyhy9o4ssBNQEvfvv1kXkasAYd0+rrA=", "owner": "edolstra", "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "rev": "65f23138d8d09a92e30f1e5c87611b23ef451bf3", "type": "github" }, "original": { @@ -67,11 +84,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1760948891, - "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=", + "lastModified": 1765835352, + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04", + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", "type": "github" }, "original": { @@ -216,16 +233,37 @@ ] }, "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", "owner": "nix-community", "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "impermanence", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1768598210, + "narHash": "sha256-kkgA32s/f4jaa4UG+2f8C225Qvclxnqs76mf8zvTVPg=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "c47b2cc64a629f8e075de52e4742de688f930dc6", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -238,11 +276,11 @@ ] }, "locked": { - "lastModified": 1759284596, - "narHash": "sha256-N/poXYxAbHyWf2EBC6CSc6vKq0txtHMqTUMdPNOUB0g=", + "lastModified": 1770237702, + "narHash": "sha256-a2gUeJd7B4KxYSI17MaEjVMJUMS4zRR2Ha2vFplssmc=", "ref": "refs/heads/master", - "rev": "51c57acdbff6f3f0c490bc67e791f5376a3f2be9", - "revCount": 72, + "rev": "0de7c28109045758ca5fd032e098a72520eec481", + "revCount": 73, "type": "git", "url": "https://git.posixlycorrect.com/fabian/homepage.git" }, @@ -252,12 +290,16 @@ } }, "impermanence": { + "inputs": { + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs" + }, "locked": { - "lastModified": 1737831083, - "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=", + "lastModified": 1769548169, + "narHash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=", "owner": "nix-community", "repo": "impermanence", - "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", + "rev": "7b1d382faf603b6d264f58627330f9faa5cba149", "type": "github" }, "original": { @@ -312,7 +354,7 @@ "nixGL": { "inputs": { "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1762090880, @@ -329,6 +371,37 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1768564909, + "narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1765674936, + "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1746378225, "narHash": "sha256-OeRSuL8PUjIfL3Q0fTbNJD/fmv1R+K2JAOqWJd3Oceg=", @@ -343,44 +416,29 @@ "type": "github" } }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1754788789, - "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "a73b9c743612e4244d865a2fdee11865283c04e6", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1763334038, - "narHash": "sha256-LBVOyaH6NFzQ3X/c6vfMZ9k4SV2ofhpxeL9YnhHNJQQ=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "4c8cdd5b1a630e8f72c9dd9bf582b1afb3127d2c", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_3": { "locked": { - "lastModified": 1763421233, - "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "lastModified": 1770617025, + "narHash": "sha256-1jZvgZoAagZZB6NwGRv2T2ezPy+X6EFDsJm+YSlsvEs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "rev": "2db38e08fdadcc0ce3232f7279bab59a15b94482", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1770562336, + "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", "type": "github" }, "original": { @@ -393,14 +451,14 @@ "nur": { "inputs": { "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1763589398, - "narHash": "sha256-EwM6RvgVrrcFmvIGwwm7hALIz2QL4SnzNk82Fpg5UV0=", + "lastModified": 1770787645, + "narHash": "sha256-rAeQth94yU/X2zqlZ3ElKWVkt4Ms2i4fO1O3TF+MivA=", "owner": "nix-community", "repo": "NUR", - "rev": "a6894a64a56a2b3d40b08e34342d8c172510b490", + "rev": "886b4fa1151c4d2fbea7bd1bcbd3905d731b5ce8", "type": "github" }, "original": { @@ -425,11 +483,11 @@ ] }, "locked": { - "lastModified": 1759113590, - "narHash": "sha256-fgxP2RCN4cg0jYiMYoETYc7TZ2JjgyvJa2y9l8oSUFE=", + "lastModified": 1763662255, + "narHash": "sha256-4bocaOyLa3AfiS8KrWjZQYu+IAta05u3gYZzZ6zXbT0=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "dbfc0483b5952c6b86e36f8b3afeb9dde30ea4b5", + "rev": "042904167604c681a090c07eb6967b4dd4dae88c", "type": "github" }, "original": { @@ -446,11 +504,11 @@ ] }, "locked": { - "lastModified": 1760402624, - "narHash": "sha256-jF6UKLs2uGc2rtved8Vrt58oTWjTQoAssuYs/0578Z4=", + "lastModified": 1764134915, + "narHash": "sha256-xaKvtPx6YAnA3HQVp5LwyYG1MaN4LLehpQI8xEdBvBY=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "84c4ea102127c77058ea1ed7be7300261fafc7d2", + "rev": "2c8df1383b32e5443c921f61224b198a2282a657", "type": "github" }, "original": { @@ -469,7 +527,7 @@ "impermanence": "impermanence", "mediawikiSkinCitizen": "mediawikiSkinCitizen", "nixGL": "nixGL", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nur": "nur", "trivionomicon": "trivionomicon", "unstable": "unstable", @@ -570,11 +628,11 @@ }, "unstable": { "locked": { - "lastModified": 1763421233, - "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "lastModified": 1770562336, + "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", "owner": "nixos", "repo": "nixpkgs", - "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", "type": "github" }, "original": { @@ -596,11 +654,11 @@ ] }, "locked": { - "lastModified": 1761101082, - "narHash": "sha256-4Kt3RsfJgg6HzmDCc44ZN//xB8n7KGEGxxt9dNjqPQc=", + "lastModified": 1765631794, + "narHash": "sha256-90d//IZ4GXipNsngO4sb2SAPbIC/a2P+IAdAWOwpcOM=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "e6e728d9719e989c93e65145fe3f9e0c65a021a2", + "rev": "4cca323a547a1aaa9b94929c4901bed5343eafe8", "type": "github" }, "original": { @@ -611,11 +669,11 @@ }, "vpsadminos": { "locked": { - "lastModified": 1762202056, - "narHash": "sha256-nP3Egwd5i40bcNRfklH0WYPOFv9BUDAU5usozigDtSE=", + "lastModified": 1770130846, + "narHash": "sha256-B9uMrG9ghVJWNBXOMmKMqfxErh58A2AINXsdqMpgyvc=", "owner": "vpsfreecz", "repo": "vpsadminos", - "rev": "63538f06d436775273084157117ada72ca40f4d5", + "rev": "5e3a56de3af9244d2ebab808c24e5d590115534b", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index f60e7c6..da69510 100644 --- a/flake.nix +++ b/flake.nix @@ -1,10 +1,10 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; unstable.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { - url = "github:nix-community/home-manager/release-25.05"; + url = "github:nix-community/home-manager/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/home/modules/baseline.nix b/home/modules/baseline.nix index f432d0a..500ffc6 100644 --- a/home/modules/baseline.nix +++ b/home/modules/baseline.nix @@ -68,8 +68,10 @@ in { programs.git = { enable = true; - userEmail = "fabian@posixlycorrect.com"; - userName = "Fabian Montero"; + settings.user = { + email = "fabian@posixlycorrect.com"; + name = "Fabian Montero"; + }; }; local = { diff --git a/home/modules/gui/fonts.nix b/home/modules/gui/fonts.nix index b74c094..9a72c65 100644 --- a/home/modules/gui/fonts.nix +++ b/home/modules/gui/fonts.nix @@ -34,7 +34,6 @@ nerd-fonts.jetbrains-mono noto-fonts noto-fonts-cjk-sans - noto-fonts-emoji - noto-fonts-extra + noto-fonts-color-emoji ]; } diff --git a/pkgs/default.nix b/pkgs/default.nix index f6189a2..2e7eccd 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -6,7 +6,7 @@ with prev.lib; let inherit (final) callPackage fetchpatch; in { - homepage = flakes.homepage.packages.${final.system}.default; + homepage = flakes.homepage.packages.${final.stdenv.hostPlatform.system}.default; override = { diff --git a/sys/modules/baseline.nix b/sys/modules/baseline.nix index fd594b7..d8827b0 100644 --- a/sys/modules/baseline.nix +++ b/sys/modules/baseline.nix @@ -58,8 +58,7 @@ in { nerd-fonts.jetbrains-mono noto-fonts noto-fonts-cjk-sans - noto-fonts-emoji - noto-fonts-extra + noto-fonts-color-emoji nerd-fonts.fira-code nerd-fonts.droid-sans-mono ]; @@ -72,6 +71,8 @@ in { enableNotifications = true; }; }; + + networking.useDHCP = false; # The global useDHCP flag is deprecated, therefore explicitly set to false here. programs.dconf.enable = true; diff --git a/sys/modules/defaultDesktopPack.nix b/sys/modules/defaultDesktopPack.nix index 1c231b8..34b1983 100644 --- a/sys/modules/defaultDesktopPack.nix +++ b/sys/modules/defaultDesktopPack.nix @@ -34,7 +34,6 @@ in { networking = { networkmanager.enable = true; - useDHCP = false; # The global useDHCP flag is deprecated, therefore explicitly set to false here. }; services = { diff --git a/sys/platforms/vps/default.nix b/sys/platforms/vps/default.nix index cbf761c..a65fd9b 100644 --- a/sys/platforms/vps/default.nix +++ b/sys/platforms/vps/default.nix @@ -43,6 +43,20 @@ with lib; { fullyQualifiedDomain = "soju.posixlycorrect.com"; }; + socialpredict = { + enable = true; + backendPort = 8067; + domain = "markets.posixlycorrect.com"; + nginx = { + enableACME = true; + forceSSL = true; + extraConfig = '' + proxy_headers_hash_max_size 512; + proxy_headers_hash_bucket_size 128; + ''; + }; + }; + mediawiki = { enable = true; hostName = "wiki.posixlycorrect.com"; @@ -105,9 +119,9 @@ with lib; { time.timeZone = "Europe/Amsterdam"; systemd = { - extraConfig = '' - DefaultTimeoutStartSec=900s - ''; + settings.Manager = { + DefaultTimeoutStartSec = "900s"; + }; network = let inherit (config.local.sys) nets; @@ -179,7 +193,6 @@ with lib; { users.fabian = { imports = [ - flakes.impermanence.nixosModules.home-manager.impermanence "${flakes.self}/home/platforms/fabian@vps" "${flakes.self}/home" ]; diff --git a/trivionomicon/flake.nix b/trivionomicon/flake.nix index 2b53ebd..151c3d3 100644 --- a/trivionomicon/flake.nix +++ b/trivionomicon/flake.nix @@ -210,7 +210,7 @@ }: flakes.nixpkgs.lib.makeOverridable flakes.nixpkgs.lib.nixosSystem { inherit pkgs; - inherit (pkgs) system; + inherit (pkgs.stdenv.hostPlatform) system; modules = [self.nixosModules.default] ++ modules; diff --git a/trivionomicon/modules/mediawiki/options.nix b/trivionomicon/modules/mediawiki/options.nix index 3ab7894..bb39a14 100644 --- a/trivionomicon/modules/mediawiki/options.nix +++ b/trivionomicon/modules/mediawiki/options.nix @@ -12,22 +12,22 @@ with lib.types; { description = "name of the wiki"; example = "posixlycorrect wiki"; }; - + passwordFile = lib.mkOption { type = types.path; description = "A file containing the initial password for the administrator account 'admin'"; example = "/run/keys/mediawiki-password"; }; - + skins = lib.mkOption { type = types.attrsOf (types.nullOr str); description = "skins for mediawiki"; default = {}; - example = ''{ - citizen = "flakes.mediawikiSkinCitizen"; - };''; + example = '' { + citizen = "flakes.mediawikiSkinCitizen"; + };''; }; - + extraConfig = lib.mkOption { type = str; default = ""; @@ -42,21 +42,21 @@ with lib.types; { type = types.attrsOf (types.nullOr types.path); description = "some extensions are included and can enabled by passing null"; default = {}; - example = ''{ - VisualEditor = null; - CategoryTree = null; - CiteThisPage = null; - Scribunto = null; - Cite = null; - CodeEditor = null; - Math = null; - MultimediaViewer = null; - PdfHandler = null; - Poem = null; - SecureLinkFixer = null; - WikiEditor = null; - ParserFunctions = null; - };''; + example = '' { + VisualEditor = null; + CategoryTree = null; + CiteThisPage = null; + Scribunto = null; + Cite = null; + CodeEditor = null; + Math = null; + MultimediaViewer = null; + PdfHandler = null; + Poem = null; + SecureLinkFixer = null; + WikiEditor = null; + ParserFunctions = null; + };''; }; }; } diff --git a/trivionomicon/modules/mediawiki/sys.nix b/trivionomicon/modules/mediawiki/sys.nix index 525ec3e..b6a9273 100644 --- a/trivionomicon/modules/mediawiki/sys.nix +++ b/trivionomicon/modules/mediawiki/sys.nix @@ -4,7 +4,8 @@ cfg, doctrine, ... -}: with lib; { +}: +with lib; { services = { nginx = { virtualHosts.${cfg.hostName} = {