From 84c4c6556ea039e62a28510f372a4e9e683a275d Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Tue, 3 Feb 2026 14:46:33 -0600 Subject: [PATCH 01/10] modularize media wiki --- modules/mediawiki/default.nix | 13 +++++++ modules/mediawiki/options.nix | 72 +++++++++++++++++++++++++++++++++++ modules/mediawiki/sys.nix | 31 +++++++++++++++ 3 files changed, 116 insertions(+) create mode 100644 modules/mediawiki/default.nix create mode 100644 modules/mediawiki/options.nix create mode 100644 modules/mediawiki/sys.nix diff --git a/modules/mediawiki/default.nix b/modules/mediawiki/default.nix new file mode 100644 index 0000000..2ed69c2 --- /dev/null +++ b/modules/mediawiki/default.nix @@ -0,0 +1,13 @@ +{ + config, + lib, + pkgs, + doctrine, + ... +}: +doctrine.lib.mkModule { + inherit config; + name = "mediawiki"; + sys = ./sys.nix; + options = ./options.nix; +} diff --git a/modules/mediawiki/options.nix b/modules/mediawiki/options.nix new file mode 100644 index 0000000..06acbf1 --- /dev/null +++ b/modules/mediawiki/options.nix @@ -0,0 +1,72 @@ +{lib, ...}: +with lib.types; { + sys = { + hostName = lib.mkOption { + type = str; + description = "used for nginx virtualhost. no protocol"; + example = "wiki.posixlycorrect.com"; + }; + + name = lib.mkOption { + type = str; + description = "name of the wiki"; + example = "posixlycorrect wiki"; + }; + + passwordFile = lib.mkOption { + type = types.path; + description = "path of passwordfile for mediawiki"; + example = "/run/keys/mediawiki-password"; + }; + + skins = lib.mkOption { + type = types.attrsOf (types.nullOr str); + description = "skins for mediawiki"; + example = ''{ + citizen = "flakes.mediawikiSkinCitizen"; + };''; + }; + + extraConfig = lib.mkOption { + type = str; + example = '' + # Disable anonymous editing and account creation + $wgGroupPermissions['*']['edit'] = false; + $wgGroupPermissions['*']['createaccount'] = false; + + $wgCitizenThemeDefault = 'dark'; + $wgCitizenShowPageTools = 'login'; + $wgLogos = [ + 'icon' => "https://example.com/favicon.png", + '1x' => "https://example.com/favicon.png", + '2x' => "https://example.com/favicon.png", + ]; + + $wgEnableEmail = false; #TODO: arreglar esto + $wgNoReplyAddress = 'mediawiki@example.com'; + $wgEmergencyContact = 'mediawiki@example.com'; + $wgPasswordSender = 'mediawiki@example.com'; + ''; + }; + + extensions = lib.mkOption { + type = types.attrsOf (types.nullOr types.path); + description = "some extensions are included and can enabled by passing null"; + example = ''{ + VisualEditor = null; + CategoryTree = null; + CiteThisPage = null; + Scribunto = null; + Cite = null; + CodeEditor = null; + Math = null; + MultimediaViewer = null; + PdfHandler = null; + Poem = null; + SecureLinkFixer = null; + WikiEditor = null; + ParserFunctions = null; + };''; + }; + }; +} diff --git a/modules/mediawiki/sys.nix b/modules/mediawiki/sys.nix new file mode 100644 index 0000000..525ec3e --- /dev/null +++ b/modules/mediawiki/sys.nix @@ -0,0 +1,31 @@ +{ + pkgs, + lib, + cfg, + doctrine, + ... +}: with lib; { + services = { + nginx = { + virtualHosts.${cfg.hostName} = { + enableACME = true; + forceSSL = true; + extraConfig = '' + proxy_headers_hash_max_size 512; + proxy_headers_hash_bucket_size 128; + ''; + }; + }; + mediawiki = { + enable = true; + name = cfg.name; + webserver = "nginx"; + nginx.hostName = cfg.hostName; + database.type = "postgres"; + passwordFile = cfg.passwordFile; + skins = cfg.skins; + extraConfig = cfg.extraConfig; + extensions = cfg.extensions; + }; + }; +} From 6e15b6b370add1684d22e88f4276ecdc18d05a03 Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Tue, 3 Feb 2026 15:30:40 -0600 Subject: [PATCH 02/10] trivionomicon: mediawiki: add blank defaults --- modules/mediawiki/options.nix | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/modules/mediawiki/options.nix b/modules/mediawiki/options.nix index 06acbf1..dc01a74 100644 --- a/modules/mediawiki/options.nix +++ b/modules/mediawiki/options.nix @@ -22,6 +22,7 @@ with lib.types; { skins = lib.mkOption { type = types.attrsOf (types.nullOr str); description = "skins for mediawiki"; + default = {}; example = ''{ citizen = "flakes.mediawikiSkinCitizen"; };''; @@ -29,29 +30,18 @@ with lib.types; { extraConfig = lib.mkOption { type = str; + default = ""; example = '' # Disable anonymous editing and account creation $wgGroupPermissions['*']['edit'] = false; $wgGroupPermissions['*']['createaccount'] = false; - - $wgCitizenThemeDefault = 'dark'; - $wgCitizenShowPageTools = 'login'; - $wgLogos = [ - 'icon' => "https://example.com/favicon.png", - '1x' => "https://example.com/favicon.png", - '2x' => "https://example.com/favicon.png", - ]; - - $wgEnableEmail = false; #TODO: arreglar esto - $wgNoReplyAddress = 'mediawiki@example.com'; - $wgEmergencyContact = 'mediawiki@example.com'; - $wgPasswordSender = 'mediawiki@example.com'; ''; }; extensions = lib.mkOption { type = types.attrsOf (types.nullOr types.path); description = "some extensions are included and can enabled by passing null"; + default = {}; example = ''{ VisualEditor = null; CategoryTree = null; From 47390d14a36a30720f152bda440152e6334c6b30 Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Wed, 4 Feb 2026 20:35:54 -0600 Subject: [PATCH 03/10] trivionomicon: mediawiki: update passwordFile option description --- modules/mediawiki/options.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/mediawiki/options.nix b/modules/mediawiki/options.nix index dc01a74..3ab7894 100644 --- a/modules/mediawiki/options.nix +++ b/modules/mediawiki/options.nix @@ -15,7 +15,7 @@ with lib.types; { passwordFile = lib.mkOption { type = types.path; - description = "path of passwordfile for mediawiki"; + description = "A file containing the initial password for the administrator account 'admin'"; example = "/run/keys/mediawiki-password"; }; From f057233bc5d6b5d86be73261c002c46ed50ad43b Mon Sep 17 00:00:00 2001 From: Alejandro Soto Date: Sun, 8 Feb 2026 22:51:02 -0600 Subject: [PATCH 04/10] trivionomicon: mediawiki: formatting --- modules/mediawiki/options.nix | 42 +++++++++++++++++------------------ modules/mediawiki/sys.nix | 3 ++- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/modules/mediawiki/options.nix b/modules/mediawiki/options.nix index 3ab7894..bb39a14 100644 --- a/modules/mediawiki/options.nix +++ b/modules/mediawiki/options.nix @@ -12,22 +12,22 @@ with lib.types; { description = "name of the wiki"; example = "posixlycorrect wiki"; }; - + passwordFile = lib.mkOption { type = types.path; description = "A file containing the initial password for the administrator account 'admin'"; example = "/run/keys/mediawiki-password"; }; - + skins = lib.mkOption { type = types.attrsOf (types.nullOr str); description = "skins for mediawiki"; default = {}; - example = ''{ - citizen = "flakes.mediawikiSkinCitizen"; - };''; + example = '' { + citizen = "flakes.mediawikiSkinCitizen"; + };''; }; - + extraConfig = lib.mkOption { type = str; default = ""; @@ -42,21 +42,21 @@ with lib.types; { type = types.attrsOf (types.nullOr types.path); description = "some extensions are included and can enabled by passing null"; default = {}; - example = ''{ - VisualEditor = null; - CategoryTree = null; - CiteThisPage = null; - Scribunto = null; - Cite = null; - CodeEditor = null; - Math = null; - MultimediaViewer = null; - PdfHandler = null; - Poem = null; - SecureLinkFixer = null; - WikiEditor = null; - ParserFunctions = null; - };''; + example = '' { + VisualEditor = null; + CategoryTree = null; + CiteThisPage = null; + Scribunto = null; + Cite = null; + CodeEditor = null; + Math = null; + MultimediaViewer = null; + PdfHandler = null; + Poem = null; + SecureLinkFixer = null; + WikiEditor = null; + ParserFunctions = null; + };''; }; }; } diff --git a/modules/mediawiki/sys.nix b/modules/mediawiki/sys.nix index 525ec3e..b6a9273 100644 --- a/modules/mediawiki/sys.nix +++ b/modules/mediawiki/sys.nix @@ -4,7 +4,8 @@ cfg, doctrine, ... -}: with lib; { +}: +with lib; { services = { nginx = { virtualHosts.${cfg.hostName} = { From 28d99c5c0b58ea8bbf3a04f12707288db59014e6 Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Tue, 10 Feb 2026 23:48:07 -0600 Subject: [PATCH 05/10] vps: enable social predict --- sys/platforms/vps/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/platforms/vps/default.nix b/sys/platforms/vps/default.nix index cbf761c..598fb34 100644 --- a/sys/platforms/vps/default.nix +++ b/sys/platforms/vps/default.nix @@ -43,6 +43,12 @@ with lib; { fullyQualifiedDomain = "soju.posixlycorrect.com"; }; + socialpredict = { + enable = true; + backendPort = 8067; + domain = "markets.posixlycorrect.com"; + }; + mediawiki = { enable = true; hostName = "wiki.posixlycorrect.com"; From eef275f2fdb7843faab57960bcaa40162c252065 Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Tue, 10 Feb 2026 23:53:07 -0600 Subject: [PATCH 06/10] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'authentik-nix': 'github:nix-community/authentik-nix/c14192ad67d071f88eb5cd7492a9f03b62865642?narHash=sha256-fWNdWw/iky//zyGpSygNZ%2BXpa1ywwrgwniUTEBQCTvI%3D' (2025-11-09) → 'github:nix-community/authentik-nix/b09825ea48b0802b4806ed9f0f4721a49e36eb98?narHash=sha256-MLjqqCQsJFZJKqSMfarSVsFLNRiDK/pvOnoRwZ%2Besmk%3D' (2026-02-08) • Added input 'authentik-nix/authentik-go': 'github:goauthentik/client-go/280022b0a8de5c8f4b2965d1147a1c4fa846ba64?narHash=sha256-Yyna75Nd6485tZP9IpdEa5QNomswe9hRfM%2Bw3MuET9E%3D' (2026-02-05) • Updated input 'authentik-nix/authentik-src': 'github:goauthentik/authentik/70406664dca2a13aabb695094f85471585668cb1?narHash=sha256-HowB6DTGCqz770fKYbnE%2BrQ11XRV0WSNkLD%2BHSWZwz8%3D' (2025-11-03) → 'github:goauthentik/authentik/6760f4c5d38e245edb72e12e4f45bda8dd859ccd?narHash=sha256-t9DOFNSQJZdUnZSEr3z8EBRsltS4DKu9xad9gS5/Ikc%3D' (2026-02-02) • Updated input 'authentik-nix/flake-compat': 'github:edolstra/flake-compat/9100a0f413b0c601e0533d1d94ffd501ce2e7885?narHash=sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX%2BfjA8Xf8PUmqCY%3D' (2025-05-12) → 'github:edolstra/flake-compat/65f23138d8d09a92e30f1e5c87611b23ef451bf3?narHash=sha256-4VBOP18BFeiPkyhy9o4ssBNQEvfvv1kXkasAYd0%2BrrA%3D' (2025-12-07) • Updated input 'authentik-nix/flake-parts': 'github:hercules-ci/flake-parts/864599284fc7c0ba6357ed89ed5e2cd5040f0c04?narHash=sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4%3D' (2025-10-20) → 'github:hercules-ci/flake-parts/a34fae9c08a15ad73f295041fec82323541400a9?narHash=sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw%3D' (2025-12-15) • Updated input 'authentik-nix/flake-parts/nixpkgs-lib': 'github:nix-community/nixpkgs.lib/a73b9c743612e4244d865a2fdee11865283c04e6?narHash=sha256-x2rJ%2BOvzq0sCMpgfgGaaqgBSwY%2BLST%2BWbZ6TytnT9Rk%3D' (2025-08-10) → 'github:nix-community/nixpkgs.lib/2075416fcb47225d9b68ac469a5c4801a9c4dd85?narHash=sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo%3D' (2025-12-14) • Updated input 'authentik-nix/pyproject-build-systems': 'github:pyproject-nix/build-system-pkgs/dbfc0483b5952c6b86e36f8b3afeb9dde30ea4b5?narHash=sha256-fgxP2RCN4cg0jYiMYoETYc7TZ2JjgyvJa2y9l8oSUFE%3D' (2025-09-29) → 'github:pyproject-nix/build-system-pkgs/042904167604c681a090c07eb6967b4dd4dae88c?narHash=sha256-4bocaOyLa3AfiS8KrWjZQYu%2BIAta05u3gYZzZ6zXbT0%3D' (2025-11-20) • Updated input 'authentik-nix/pyproject-nix': 'github:pyproject-nix/pyproject.nix/84c4ea102127c77058ea1ed7be7300261fafc7d2?narHash=sha256-jF6UKLs2uGc2rtved8Vrt58oTWjTQoAssuYs/0578Z4%3D' (2025-10-14) → 'github:pyproject-nix/pyproject.nix/2c8df1383b32e5443c921f61224b198a2282a657?narHash=sha256-xaKvtPx6YAnA3HQVp5LwyYG1MaN4LLehpQI8xEdBvBY%3D' (2025-11-26) • Updated input 'authentik-nix/uv2nix': 'github:pyproject-nix/uv2nix/e6e728d9719e989c93e65145fe3f9e0c65a021a2?narHash=sha256-4Kt3RsfJgg6HzmDCc44ZN//xB8n7KGEGxxt9dNjqPQc%3D' (2025-10-22) → 'github:pyproject-nix/uv2nix/4cca323a547a1aaa9b94929c4901bed5343eafe8?narHash=sha256-90d//IZ4GXipNsngO4sb2SAPbIC/a2P%2BIAdAWOwpcOM%3D' (2025-12-13) • Updated input 'home-manager': 'github:nix-community/home-manager/3b955f5f0a942f9f60cdc9cacb7844335d0f21c3?narHash=sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA%3D' (2025-09-21) → 'github:nix-community/home-manager/44831a7eaba4360fb81f2acc5ea6de5fde90aaa3?narHash=sha256-WHkdBlw6oyxXIra/vQPYLtqY%2B3G8dUVZM8bEXk0t8x4%3D' (2025-11-24) • Updated input 'homepage': 'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=refs/heads/master&rev=51c57acdbff6f3f0c490bc67e791f5376a3f2be9' (2025-10-01) → 'git+https://git.posixlycorrect.com/fabian/homepage.git?ref=refs/heads/master&rev=0de7c28109045758ca5fd032e098a72520eec481' (2026-02-04) • Updated input 'impermanence': 'github:nix-community/impermanence/4b3e914cdf97a5b536a889e939fb2fd2b043a170?narHash=sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI%3D' (2025-01-25) → 'github:nix-community/impermanence/7b1d382faf603b6d264f58627330f9faa5cba149?narHash=sha256-03%2BJxvzmfwRu%2B5JafM0DLbxgHttOQZkUtDWBmeUkN8Y%3D' (2026-01-27) • Added input 'impermanence/home-manager': 'github:nix-community/home-manager/c47b2cc64a629f8e075de52e4742de688f930dc6?narHash=sha256-kkgA32s/f4jaa4UG%2B2f8C225Qvclxnqs76mf8zvTVPg%3D' (2026-01-16) • Added input 'impermanence/home-manager/nixpkgs': follows 'impermanence/nixpkgs' • Added input 'impermanence/nixpkgs': 'github:nixos/nixpkgs/e4bae1bd10c9c57b2cf517953ab70060a828ee6f?narHash=sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc%3D' (2026-01-16) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/4c8cdd5b1a630e8f72c9dd9bf582b1afb3127d2c?narHash=sha256-LBVOyaH6NFzQ3X/c6vfMZ9k4SV2ofhpxeL9YnhHNJQQ%3D' (2025-11-16) → 'github:nixos/nixpkgs/ac62194c3917d5f474c1a844b6fd6da2db95077d?narHash=sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w%3D' (2026-01-02) • Updated input 'nur': 'github:nix-community/NUR/a6894a64a56a2b3d40b08e34342d8c172510b490?narHash=sha256-EwM6RvgVrrcFmvIGwwm7hALIz2QL4SnzNk82Fpg5UV0%3D' (2025-11-19) → 'github:nix-community/NUR/886b4fa1151c4d2fbea7bd1bcbd3905d731b5ce8?narHash=sha256-rAeQth94yU/X2zqlZ3ElKWVkt4Ms2i4fO1O3TF%2BMivA%3D' (2026-02-11) • Updated input 'nur/nixpkgs': 'github:nixos/nixpkgs/89c2b2330e733d6cdb5eae7b899326930c2c0648?narHash=sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw%3D' (2025-11-17) → 'github:nixos/nixpkgs/d6c71932130818840fc8fe9509cf50be8c64634f?narHash=sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84%3D' (2026-02-08) • Updated input 'trivionomicon': 'path:./trivionomicon' → 'path:./trivionomicon' • Updated input 'unstable': 'github:nixos/nixpkgs/89c2b2330e733d6cdb5eae7b899326930c2c0648?narHash=sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw%3D' (2025-11-17) → 'github:nixos/nixpkgs/d6c71932130818840fc8fe9509cf50be8c64634f?narHash=sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84%3D' (2026-02-08) • Updated input 'vpsadminos': 'github:vpsfreecz/vpsadminos/63538f06d436775273084157117ada72ca40f4d5?narHash=sha256-nP3Egwd5i40bcNRfklH0WYPOFv9BUDAU5usozigDtSE%3D' (2025-11-03) → 'github:vpsfreecz/vpsadminos/5e3a56de3af9244d2ebab808c24e5d590115534b?narHash=sha256-B9uMrG9ghVJWNBXOMmKMqfxErh58A2AINXsdqMpgyvc%3D' (2026-02-03) --- flake.lock | 192 ++++++++++++++++++++++++++++++++++------------------- 1 file changed, 125 insertions(+), 67 deletions(-) diff --git a/flake.lock b/flake.lock index e4d6abb..7949e09 100644 --- a/flake.lock +++ b/flake.lock @@ -1,7 +1,24 @@ { "nodes": { + "authentik-go": { + "flake": false, + "locked": { + "lastModified": 1770333754, + "narHash": "sha256-Yyna75Nd6485tZP9IpdEa5QNomswe9hRfM+w3MuET9E=", + "owner": "goauthentik", + "repo": "client-go", + "rev": "280022b0a8de5c8f4b2965d1147a1c4fa846ba64", + "type": "github" + }, + "original": { + "owner": "goauthentik", + "repo": "client-go", + "type": "github" + } + }, "authentik-nix": { "inputs": { + "authentik-go": "authentik-go", "authentik-src": "authentik-src", "flake-compat": "flake-compat", "flake-parts": "flake-parts", @@ -16,11 +33,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1762701457, - "narHash": "sha256-fWNdWw/iky//zyGpSygNZ+Xpa1ywwrgwniUTEBQCTvI=", + "lastModified": 1770535094, + "narHash": "sha256-MLjqqCQsJFZJKqSMfarSVsFLNRiDK/pvOnoRwZ+esmk=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "c14192ad67d071f88eb5cd7492a9f03b62865642", + "rev": "b09825ea48b0802b4806ed9f0f4721a49e36eb98", "type": "github" }, "original": { @@ -32,16 +49,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1762188128, - "narHash": "sha256-HowB6DTGCqz770fKYbnE+rQ11XRV0WSNkLD+HSWZwz8=", + "lastModified": 1770055313, + "narHash": "sha256-t9DOFNSQJZdUnZSEr3z8EBRsltS4DKu9xad9gS5/Ikc=", "owner": "goauthentik", "repo": "authentik", - "rev": "70406664dca2a13aabb695094f85471585668cb1", + "rev": "6760f4c5d38e245edb72e12e4f45bda8dd859ccd", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.10.1", + "ref": "version/2025.12.3", "repo": "authentik", "type": "github" } @@ -49,11 +66,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "lastModified": 1765121682, + "narHash": "sha256-4VBOP18BFeiPkyhy9o4ssBNQEvfvv1kXkasAYd0+rrA=", "owner": "edolstra", "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "rev": "65f23138d8d09a92e30f1e5c87611b23ef451bf3", "type": "github" }, "original": { @@ -67,11 +84,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1760948891, - "narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=", + "lastModified": 1765835352, + "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04", + "rev": "a34fae9c08a15ad73f295041fec82323541400a9", "type": "github" }, "original": { @@ -216,11 +233,11 @@ ] }, "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", + "lastModified": 1763992789, + "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", "owner": "nix-community", "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", + "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", "type": "github" }, "original": { @@ -230,6 +247,27 @@ "type": "github" } }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "impermanence", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1768598210, + "narHash": "sha256-kkgA32s/f4jaa4UG+2f8C225Qvclxnqs76mf8zvTVPg=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "c47b2cc64a629f8e075de52e4742de688f930dc6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, "homepage": { "inputs": { "flake-utils": "flake-utils_3", @@ -238,11 +276,11 @@ ] }, "locked": { - "lastModified": 1759284596, - "narHash": "sha256-N/poXYxAbHyWf2EBC6CSc6vKq0txtHMqTUMdPNOUB0g=", + "lastModified": 1770237702, + "narHash": "sha256-a2gUeJd7B4KxYSI17MaEjVMJUMS4zRR2Ha2vFplssmc=", "ref": "refs/heads/master", - "rev": "51c57acdbff6f3f0c490bc67e791f5376a3f2be9", - "revCount": 72, + "rev": "0de7c28109045758ca5fd032e098a72520eec481", + "revCount": 73, "type": "git", "url": "https://git.posixlycorrect.com/fabian/homepage.git" }, @@ -252,12 +290,16 @@ } }, "impermanence": { + "inputs": { + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs" + }, "locked": { - "lastModified": 1737831083, - "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=", + "lastModified": 1769548169, + "narHash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=", "owner": "nix-community", "repo": "impermanence", - "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", + "rev": "7b1d382faf603b6d264f58627330f9faa5cba149", "type": "github" }, "original": { @@ -312,7 +354,7 @@ "nixGL": { "inputs": { "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1762090880, @@ -329,6 +371,37 @@ } }, "nixpkgs": { + "locked": { + "lastModified": 1768564909, + "narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1765674936, + "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs_2": { "locked": { "lastModified": 1746378225, "narHash": "sha256-OeRSuL8PUjIfL3Q0fTbNJD/fmv1R+K2JAOqWJd3Oceg=", @@ -343,28 +416,13 @@ "type": "github" } }, - "nixpkgs-lib": { + "nixpkgs_3": { "locked": { - "lastModified": 1754788789, - "narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "a73b9c743612e4244d865a2fdee11865283c04e6", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1763334038, - "narHash": "sha256-LBVOyaH6NFzQ3X/c6vfMZ9k4SV2ofhpxeL9YnhHNJQQ=", + "lastModified": 1767313136, + "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4c8cdd5b1a630e8f72c9dd9bf582b1afb3127d2c", + "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", "type": "github" }, "original": { @@ -374,13 +432,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1763421233, - "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "lastModified": 1770562336, + "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", "owner": "nixos", "repo": "nixpkgs", - "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", "type": "github" }, "original": { @@ -393,14 +451,14 @@ "nur": { "inputs": { "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1763589398, - "narHash": "sha256-EwM6RvgVrrcFmvIGwwm7hALIz2QL4SnzNk82Fpg5UV0=", + "lastModified": 1770787645, + "narHash": "sha256-rAeQth94yU/X2zqlZ3ElKWVkt4Ms2i4fO1O3TF+MivA=", "owner": "nix-community", "repo": "NUR", - "rev": "a6894a64a56a2b3d40b08e34342d8c172510b490", + "rev": "886b4fa1151c4d2fbea7bd1bcbd3905d731b5ce8", "type": "github" }, "original": { @@ -425,11 +483,11 @@ ] }, "locked": { - "lastModified": 1759113590, - "narHash": "sha256-fgxP2RCN4cg0jYiMYoETYc7TZ2JjgyvJa2y9l8oSUFE=", + "lastModified": 1763662255, + "narHash": "sha256-4bocaOyLa3AfiS8KrWjZQYu+IAta05u3gYZzZ6zXbT0=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "dbfc0483b5952c6b86e36f8b3afeb9dde30ea4b5", + "rev": "042904167604c681a090c07eb6967b4dd4dae88c", "type": "github" }, "original": { @@ -446,11 +504,11 @@ ] }, "locked": { - "lastModified": 1760402624, - "narHash": "sha256-jF6UKLs2uGc2rtved8Vrt58oTWjTQoAssuYs/0578Z4=", + "lastModified": 1764134915, + "narHash": "sha256-xaKvtPx6YAnA3HQVp5LwyYG1MaN4LLehpQI8xEdBvBY=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "84c4ea102127c77058ea1ed7be7300261fafc7d2", + "rev": "2c8df1383b32e5443c921f61224b198a2282a657", "type": "github" }, "original": { @@ -469,7 +527,7 @@ "impermanence": "impermanence", "mediawikiSkinCitizen": "mediawikiSkinCitizen", "nixGL": "nixGL", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nur": "nur", "trivionomicon": "trivionomicon", "unstable": "unstable", @@ -570,11 +628,11 @@ }, "unstable": { "locked": { - "lastModified": 1763421233, - "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", + "lastModified": 1770562336, + "narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=", "owner": "nixos", "repo": "nixpkgs", - "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", + "rev": "d6c71932130818840fc8fe9509cf50be8c64634f", "type": "github" }, "original": { @@ -596,11 +654,11 @@ ] }, "locked": { - "lastModified": 1761101082, - "narHash": "sha256-4Kt3RsfJgg6HzmDCc44ZN//xB8n7KGEGxxt9dNjqPQc=", + "lastModified": 1765631794, + "narHash": "sha256-90d//IZ4GXipNsngO4sb2SAPbIC/a2P+IAdAWOwpcOM=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "e6e728d9719e989c93e65145fe3f9e0c65a021a2", + "rev": "4cca323a547a1aaa9b94929c4901bed5343eafe8", "type": "github" }, "original": { @@ -611,11 +669,11 @@ }, "vpsadminos": { "locked": { - "lastModified": 1762202056, - "narHash": "sha256-nP3Egwd5i40bcNRfklH0WYPOFv9BUDAU5usozigDtSE=", + "lastModified": 1770130846, + "narHash": "sha256-B9uMrG9ghVJWNBXOMmKMqfxErh58A2AINXsdqMpgyvc=", "owner": "vpsfreecz", "repo": "vpsadminos", - "rev": "63538f06d436775273084157117ada72ca40f4d5", + "rev": "5e3a56de3af9244d2ebab808c24e5d590115534b", "type": "github" }, "original": { From d4dd54c356e51f20dd413e9d49f882e94e486bc6 Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Tue, 10 Feb 2026 23:54:24 -0600 Subject: [PATCH 07/10] flake: update to 25.11 --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index f60e7c6..da69510 100644 --- a/flake.nix +++ b/flake.nix @@ -1,10 +1,10 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; unstable.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { - url = "github:nix-community/home-manager/release-25.05"; + url = "github:nix-community/home-manager/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; From ac9f906948c77403726cf53fa1299e00bb7b151a Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Tue, 10 Feb 2026 23:54:59 -0600 Subject: [PATCH 08/10] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/44831a7eaba4360fb81f2acc5ea6de5fde90aaa3?narHash=sha256-WHkdBlw6oyxXIra/vQPYLtqY%2B3G8dUVZM8bEXk0t8x4%3D' (2025-11-24) → 'github:nix-community/home-manager/0d782ee42c86b196acff08acfbf41bb7d13eed5b?narHash=sha256-3iVX1%2B7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8%3D' (2026-02-05) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/ac62194c3917d5f474c1a844b6fd6da2db95077d?narHash=sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w%3D' (2026-01-02) → 'github:nixos/nixpkgs/2db38e08fdadcc0ce3232f7279bab59a15b94482?narHash=sha256-1jZvgZoAagZZB6NwGRv2T2ezPy%2BX6EFDsJm%2BYSlsvEs%3D' (2026-02-09) • Updated input 'trivionomicon': 'path:./trivionomicon' → 'path:./trivionomicon' --- flake.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/flake.lock b/flake.lock index 7949e09..3ebc308 100644 --- a/flake.lock +++ b/flake.lock @@ -233,16 +233,16 @@ ] }, "locked": { - "lastModified": 1763992789, - "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", "owner": "nix-community", "repo": "home-manager", - "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.05", + "ref": "release-25.11", "repo": "home-manager", "type": "github" } @@ -418,16 +418,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1767313136, - "narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=", + "lastModified": 1770617025, + "narHash": "sha256-1jZvgZoAagZZB6NwGRv2T2ezPy+X6EFDsJm+YSlsvEs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d", + "rev": "2db38e08fdadcc0ce3232f7279bab59a15b94482", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.05", + "ref": "nixos-25.11", "repo": "nixpkgs", "type": "github" } From c3511afc52ec32a45f87b789f7059083172bc2bb Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Fri, 13 Feb 2026 00:08:14 -0600 Subject: [PATCH 09/10] update config to new 25.11 options --- home/modules/baseline.nix | 6 ++++-- home/modules/gui/fonts.nix | 3 +-- pkgs/default.nix | 2 +- sys/modules/baseline.nix | 5 +++-- sys/modules/defaultDesktopPack.nix | 1 - sys/platforms/vps/default.nix | 7 +++---- trivionomicon/flake.nix | 2 +- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/home/modules/baseline.nix b/home/modules/baseline.nix index f432d0a..500ffc6 100644 --- a/home/modules/baseline.nix +++ b/home/modules/baseline.nix @@ -68,8 +68,10 @@ in { programs.git = { enable = true; - userEmail = "fabian@posixlycorrect.com"; - userName = "Fabian Montero"; + settings.user = { + email = "fabian@posixlycorrect.com"; + name = "Fabian Montero"; + }; }; local = { diff --git a/home/modules/gui/fonts.nix b/home/modules/gui/fonts.nix index b74c094..9a72c65 100644 --- a/home/modules/gui/fonts.nix +++ b/home/modules/gui/fonts.nix @@ -34,7 +34,6 @@ nerd-fonts.jetbrains-mono noto-fonts noto-fonts-cjk-sans - noto-fonts-emoji - noto-fonts-extra + noto-fonts-color-emoji ]; } diff --git a/pkgs/default.nix b/pkgs/default.nix index f6189a2..2e7eccd 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -6,7 +6,7 @@ with prev.lib; let inherit (final) callPackage fetchpatch; in { - homepage = flakes.homepage.packages.${final.system}.default; + homepage = flakes.homepage.packages.${final.stdenv.hostPlatform.system}.default; override = { diff --git a/sys/modules/baseline.nix b/sys/modules/baseline.nix index fd594b7..d8827b0 100644 --- a/sys/modules/baseline.nix +++ b/sys/modules/baseline.nix @@ -58,8 +58,7 @@ in { nerd-fonts.jetbrains-mono noto-fonts noto-fonts-cjk-sans - noto-fonts-emoji - noto-fonts-extra + noto-fonts-color-emoji nerd-fonts.fira-code nerd-fonts.droid-sans-mono ]; @@ -72,6 +71,8 @@ in { enableNotifications = true; }; }; + + networking.useDHCP = false; # The global useDHCP flag is deprecated, therefore explicitly set to false here. programs.dconf.enable = true; diff --git a/sys/modules/defaultDesktopPack.nix b/sys/modules/defaultDesktopPack.nix index 1c231b8..34b1983 100644 --- a/sys/modules/defaultDesktopPack.nix +++ b/sys/modules/defaultDesktopPack.nix @@ -34,7 +34,6 @@ in { networking = { networkmanager.enable = true; - useDHCP = false; # The global useDHCP flag is deprecated, therefore explicitly set to false here. }; services = { diff --git a/sys/platforms/vps/default.nix b/sys/platforms/vps/default.nix index 598fb34..7fb3266 100644 --- a/sys/platforms/vps/default.nix +++ b/sys/platforms/vps/default.nix @@ -111,9 +111,9 @@ with lib; { time.timeZone = "Europe/Amsterdam"; systemd = { - extraConfig = '' - DefaultTimeoutStartSec=900s - ''; + settings.Manager = { + DefaultTimeoutStartSec = "900s"; + }; network = let inherit (config.local.sys) nets; @@ -185,7 +185,6 @@ with lib; { users.fabian = { imports = [ - flakes.impermanence.nixosModules.home-manager.impermanence "${flakes.self}/home/platforms/fabian@vps" "${flakes.self}/home" ]; diff --git a/trivionomicon/flake.nix b/trivionomicon/flake.nix index 2b53ebd..151c3d3 100644 --- a/trivionomicon/flake.nix +++ b/trivionomicon/flake.nix @@ -210,7 +210,7 @@ }: flakes.nixpkgs.lib.makeOverridable flakes.nixpkgs.lib.nixosSystem { inherit pkgs; - inherit (pkgs) system; + inherit (pkgs.stdenv.hostPlatform) system; modules = [self.nixosModules.default] ++ modules; From b4be77aed9134afb2acc1eca2efc195ef94ea19a Mon Sep 17 00:00:00 2001 From: Fabian Montero Date: Fri, 13 Feb 2026 00:50:31 -0600 Subject: [PATCH 10/10] social predict: add nginx options --- sys/platforms/vps/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/platforms/vps/default.nix b/sys/platforms/vps/default.nix index 7fb3266..a65fd9b 100644 --- a/sys/platforms/vps/default.nix +++ b/sys/platforms/vps/default.nix @@ -47,6 +47,14 @@ with lib; { enable = true; backendPort = 8067; domain = "markets.posixlycorrect.com"; + nginx = { + enableACME = true; + forceSSL = true; + extraConfig = '' + proxy_headers_hash_max_size 512; + proxy_headers_hash_bucket_size 128; + ''; + }; }; mediawiki = {