jordan/nix-config
1
1
Fork 0
Code Issues 10 Pull Requests Actions Projects 3 Wiki Activity

Compare commits

base: jordan:helios-disko
Branches Tags
jordan:master jordan:helios-disko jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store
..
compare: jordan:34585223ca7e91ee03e1b443f58520dd139a98a9
Branches Tags
jordan:master jordan:helios-disko jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store

12 Commits
helios-dis ... 34585223ca

Author SHA1 Message Date
Jordan Holt
34585223ca kanidm: add dependency on tailscaled
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m26s
Details
2025-08-30 11:17:19 +01:00
Jordan Holt
feee691c27 flake.lock: Update
All checks were successful
Check flake / build-amd64-linux (push) Successful in 2m7s
Details 
Flake lock file updates:

• Updated input 'hyprland':
    'github:hyprwm/Hyprland/05a1c0aa7395d19213e587c83089ecbd7b92085c?narHash=sha256-egQBZALqGa6bfYtJK6mWrhxOby0Oiq23dUnIcwFT3Hg%3D' (2025-08-29)
  → 'github:hyprwm/Hyprland/ea42041f936d5810c5cfa45d6bece12dde2fd9b6?narHash=sha256-09FSU9GTVyDlTcXjsjzumfUkIJUwht1DESNh41kufdc%3D' (2025-08-29)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/84c26d62ce9e15489c63b83fc44e6eb62705d2c9?narHash=sha256-al0UcN5mXrO/p5lcH0MuQaj%2Bt97s3brzCii8GfCBMuA%3D' (2025-08-28)
  → 'github:NixOS/nixpkgs/41d292bfc37309790f70f4c120b79280ce40af16?narHash=sha256-YvtD2E7MYsQ3r7K9K2G7nCslCKMPShoSEAtbjHLtH0k%3D' (2025-08-29)
 2025-08-30 11:01:05 +01:00
Jordan Holt
d28ad7ffe1 hosts/vps1: drop suhailhussain.com
Some checks failed
Check flake / build-amd64-linux (push) Has been cancelled
Details
2025-08-29 16:34:36 +01:00
Jordan Holt
1c0f052eae flake.lock: Update
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m23s
Details 
Flake lock file updates:

• Updated input 'hyprland':
    'github:hyprwm/Hyprland/378e130f1426648d8d734049800128f9882805bf?narHash=sha256-sfE2ta6RgWpXuqh7UI%2BT9wFofp2X%2BAV4yD140P9s494%3D' (2025-08-27)
  → 'github:hyprwm/Hyprland/05a1c0aa7395d19213e587c83089ecbd7b92085c?narHash=sha256-egQBZALqGa6bfYtJK6mWrhxOby0Oiq23dUnIcwFT3Hg%3D' (2025-08-29)
• Updated input 'hyprland-plugins':
    'github:hyprwm/hyprland-plugins/bf843fc6adf90d43a5dd7742e9df61d395ba780d?narHash=sha256-aJ9jAYtZ64MWBpWPfH1q%2Bt6U9b6kJWc2yK9Vrlj6fZY%3D' (2025-08-27)
  → 'github:hyprwm/hyprland-plugins/376d08bbbd861f2125f5ef86e0003e3636ce110f?narHash=sha256-MeRYPD6GTbBEcoEqwl8kqCSKtM8CJcYayvPfKGoQkzc%3D' (2025-08-29)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/4e7667a90c167f7a81d906e5a75cba4ad8bee620?narHash=sha256-TH1SfSP523QI7kcPiNtMAEuwZR3Jdz0MCDXPs7TS8uo%3D' (2025-08-26)
  → 'github:NixOS/nixpkgs/84c26d62ce9e15489c63b83fc44e6eb62705d2c9?narHash=sha256-al0UcN5mXrO/p5lcH0MuQaj%2Bt97s3brzCii8GfCBMuA%3D' (2025-08-28)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/8a6d5427d99ec71c64f0b93d45778c889005d9c2?narHash=sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM%3D' (2025-08-27)
  → 'github:NixOS/nixpkgs/dfb2f12e899db4876308eba6d93455ab7da304cd?narHash=sha256-1wxxznpW2CKvI9VdniaUnTT2Os6rdRJcRUf65ZK9OtE%3D' (2025-08-28)
 2025-08-29 16:28:30 +01:00
Jordan Holt
f8e46130c4 flake.lock: Update
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m24s
Details 
Flake lock file updates:

• Updated input 'home-manager':
    'github:nix-community/home-manager/4a44fb9f7555da362af9d499817084f4288a957f?narHash=sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk%3D' (2025-08-23)
  → 'github:nix-community/home-manager/54b2879ce622d44415e727905925e21b8f833a98?narHash=sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI%3D' (2025-08-26)
• Updated input 'hyprland':
    'github:hyprwm/Hyprland/0ed880f3f7dc2c746bf3590eee266c010d737558?narHash=sha256-LnlqoXiF%2BHfK2vU0hPwXB2BFy/Pkxtv86zIGdz2Ur9s%3D' (2025-08-24)
  → 'github:hyprwm/Hyprland/378e130f1426648d8d734049800128f9882805bf?narHash=sha256-sfE2ta6RgWpXuqh7UI%2BT9wFofp2X%2BAV4yD140P9s494%3D' (2025-08-27)
• Updated input 'hyprland/aquamarine':
    'github:hyprwm/aquamarine/50637ed23e962f0db294d6b0ef534f37b144644b?narHash=sha256-EjaD8%2Bd7AiAV2fGRN4NTMboWDwk8szDfwbzZ8DL1PhQ%3D' (2025-08-19)
  → 'github:hyprwm/aquamarine/81584dae2df6ac79f6b6dae0ecb7705e95129ada?narHash=sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l%2BbIxdT5gc%3D' (2025-08-23)
• Updated input 'hyprland/hyprgraphics':
    'github:hyprwm/hyprgraphics/4c1d63a0f22135db123fc789f174b89544c6ec2d?narHash=sha256-u%2BM2f0Xf1lVHzIPQ7DsNCDkM1NYxykOSsRr4t3TbSM4%3D' (2025-08-04)
  → 'github:hyprwm/hyprgraphics/157cc52065a104fc3b8fa542ae648b992421d1c7?narHash=sha256-uEC5O/NIUNs1zmc1aH1%2BG3GRACbODjk2iS0ET5hXtuk%3D' (2025-08-20)
• Updated input 'hyprland/hyprutils':
    'github:hyprwm/hyprutils/e631ea36ddba721eceda69bfee6dd01068416489?narHash=sha256-PosTxeL39YrLvCX5MqqPA6NNWQ4T5ea5K55nmN7ju9Q%3D' (2025-08-17)
  → 'github:hyprwm/hyprutils/b2ae3204845f5f2f79b4703b441252d8ad2ecfd0?narHash=sha256-oRDel6pNl/T2tI%2Bnc/USU9ZP9w08dxtl7hiZxa0C/Wc%3D' (2025-08-25)
• Updated input 'hyprland/nixpkgs':
    'github:NixOS/nixpkgs/fbcf476f790d8a217c3eab4e12033dc4a0f6d23c?narHash=sha256-wNO3%2BKs2jZJ4nTHMuks%2BcxAiVBGNuEBXsT29Bz6HASo%3D' (2025-08-14)
  → 'github:NixOS/nixpkgs/8a6d5427d99ec71c64f0b93d45778c889005d9c2?narHash=sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM%3D' (2025-08-27)
• Updated input 'hyprland/pre-commit-hooks':
    'github:cachix/git-hooks.nix/4b04db83821b819bbbe32ed0a025b31e7971f22e?narHash=sha256-I0Ok1OGDwc1jPd8cs2VvAYZsHriUVFGIUqW%2B7uSsOUM%3D' (2025-08-17)
  → 'github:cachix/git-hooks.nix/e891a93b193fcaf2fc8012d890dc7f0befe86ec2?narHash=sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs%3D' (2025-08-23)
• Updated input 'hyprland-plugins':
    'github:hyprwm/hyprland-plugins/c1ddebb423acc7c88653c04de5ddafee64dac89a?narHash=sha256-wrP8TM2lb2x0%2BPyTc7Uc3yfVBeIlYW7%2BhFeG14N9Cr8%3D' (2025-08-14)
  → 'github:hyprwm/hyprland-plugins/bf843fc6adf90d43a5dd7742e9df61d395ba780d?narHash=sha256-aJ9jAYtZ64MWBpWPfH1q%2Bt6U9b6kJWc2yK9Vrlj6fZY%3D' (2025-08-27)
• Updated input 'nixos-hardware':
    'github:NixOS/nixos-hardware/3dac8a872557e0ca8c083cdcfc2f218d18e113b0?narHash=sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA%3D' (2025-08-16)
  → 'github:NixOS/nixos-hardware/a65b650d6981e23edd1afa1f01eb942f19cdcbb7?narHash=sha256-9bHzrVbjAudbO8q4vYFBWlEkDam31fsz0J7GB8k4AsI%3D' (2025-08-26)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/b1b3291469652d5a2edb0becc4ef0246fff97a7c?narHash=sha256-wY1%2B2JPH0ZZC4BQefoZw/k%2B3%2BDowFyfOxv17CN/idKs%3D' (2025-08-23)
  → 'github:NixOS/nixpkgs/4e7667a90c167f7a81d906e5a75cba4ad8bee620?narHash=sha256-TH1SfSP523QI7kcPiNtMAEuwZR3Jdz0MCDXPs7TS8uo%3D' (2025-08-26)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/20075955deac2583bb12f07151c2df830ef346b4?narHash=sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs%2BStOp19xNsbqdOg%3D' (2025-08-19)
  → 'github:NixOS/nixpkgs/8a6d5427d99ec71c64f0b93d45778c889005d9c2?narHash=sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM%3D' (2025-08-27)
 2025-08-28 09:05:25 +01:00
Jordan Holt
2e970c3ef4 agenix-rekey: add master identity
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m20s
Details
2025-08-25 22:05:18 +01:00
Jordan Holt
34304b9e91 hosts/odyssey: add yubikey tools
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m20s
Details
2025-08-25 21:34:37 +01:00
Jordan Holt
c192217732 agenix-rekey: move to flake part 2025-08-25 21:34:10 +01:00
Jordan Holt
f4b0ae7fb8 flake.lock: Update
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m41s
Details 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/4073ff2f481f9ef3501678ff479ed81402caae6d?narHash=sha256-bU4nqi3IpsUZJeyS8Jk85ytlX61i4b0KCxXX9YcOgVc%3D' (2025-08-18)
  → 'github:nix-community/disko/bafad29f89e83b2d861b493aa23034ea16595560?narHash=sha256-iv8xVtmLMNLWFcDM/HcAPLRGONyTRpzL9NS09RnryRM%3D' (2025-08-25)
• Updated input 'firefox-gnome-theme':
    'github:rafaelmardojai/firefox-gnome-theme/99f0c72d0073f7c8057cd41b03aadec3af68fbeb?narHash=sha256-LnSZjUAXoQ6C4kw5PELOE1cmRzTF7pJ4fdi7E4NZl/E%3D' (2025-08-24)
  → 'github:rafaelmardojai/firefox-gnome-theme/b655eaf16d4cbec9c3472f62eee285d4b419a808?narHash=sha256-UqYGTBgI5ypGh0Kf6zZjom/vABg7HQocB4gmxzl12uo%3D' (2025-08-25)
• Updated input 'hyprland':
    'github:hyprwm/Hyprland/ced38b1b0f46f9fbdf9d37644d27bdbd2a29af1d?narHash=sha256-BVYvquLQY3VjkqosOrLBPLUo2AwujQGS40DTuHYsYdg%3D' (2025-08-24)
  → 'github:hyprwm/Hyprland/0ed880f3f7dc2c746bf3590eee266c010d737558?narHash=sha256-LnlqoXiF%2BHfK2vU0hPwXB2BFy/Pkxtv86zIGdz2Ur9s%3D' (2025-08-24)
• Updated input 'hyprland/aquamarine':
    'github:hyprwm/aquamarine/be166e11d86ba4186db93e10c54a141058bdce49?narHash=sha256-zik7WISrR1ks2l6T1MZqZHb/OqroHdJnSnAehkE0kCk%3D' (2025-07-22)
  → 'github:hyprwm/aquamarine/50637ed23e962f0db294d6b0ef534f37b144644b?narHash=sha256-EjaD8%2Bd7AiAV2fGRN4NTMboWDwk8szDfwbzZ8DL1PhQ%3D' (2025-08-19)
• Updated input 'hyprland/hyprutils':
    'github:hyprwm/hyprutils/df6b8820c4a0835d83d0c7c7be86fbc555f1f7fd?narHash=sha256-6u6HdEFJh5gY6VfyMQbhP7zDdVcqOrCDTkbiHJmAtMI%3D' (2025-08-06)
  → 'github:hyprwm/hyprutils/e631ea36ddba721eceda69bfee6dd01068416489?narHash=sha256-PosTxeL39YrLvCX5MqqPA6NNWQ4T5ea5K55nmN7ju9Q%3D' (2025-08-17)
• Updated input 'hyprland/hyprwayland-scanner':
    'github:hyprwm/hyprwayland-scanner/fcca0c61f988a9d092cbb33e906775014c61579d?narHash=sha256-FnhBENxihITZldThvbO7883PdXC/2dzW4eiNvtoV5Ao%3D' (2025-07-07)
  → 'github:hyprwm/hyprwayland-scanner/b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d?narHash=sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw%3D' (2025-08-14)
• Updated input 'hyprland/nixpkgs':
    'github:NixOS/nixpkgs/85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054?narHash=sha256-iAcj9T/Y%2B3DBy2J0N%2ByF9XQQQ8IEb5swLFzs23CdP88%3D' (2025-08-09)
  → 'github:NixOS/nixpkgs/fbcf476f790d8a217c3eab4e12033dc4a0f6d23c?narHash=sha256-wNO3%2BKs2jZJ4nTHMuks%2BcxAiVBGNuEBXsT29Bz6HASo%3D' (2025-08-14)
• Updated input 'hyprland/pre-commit-hooks':
    'github:cachix/git-hooks.nix/9c52372878df6911f9afc1e2a1391f55e4dfc864?narHash=sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef%2B6fRcofA%3D' (2025-08-05)
  → 'github:cachix/git-hooks.nix/4b04db83821b819bbbe32ed0a025b31e7971f22e?narHash=sha256-I0Ok1OGDwc1jPd8cs2VvAYZsHriUVFGIUqW%2B7uSsOUM%3D' (2025-08-17)
• Updated input 'hyprland/xdph':
    'github:hyprwm/xdg-desktop-portal-hyprland/371b96bd11ad2006ed4f21229dbd1be69bed3e8a?narHash=sha256-js2sLRtsOUA/aT10OCDaTjO80yplqwOIaLUqEe0nMx0%3D' (2025-07-27)
  → 'github:hyprwm/xdg-desktop-portal-hyprland/a10726d6a8d0ef1a0c645378f983b6278c42eaa0?narHash=sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4%3D' (2025-08-16)
 2025-08-25 18:59:58 +01:00
Jordan Holt
b1a693dec8 hosts/vps1: update README.md
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m21s
Details
2025-08-24 17:26:02 +01:00
Jordan Holt
f7624fa703 hosts/vps1: add vaultwarden
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m16s
Details
2025-08-24 17:24:56 +01:00
Jordan Holt
91aa798243 flake.lock: Update
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m21s
Details 
Flake lock file updates:

• Updated input 'firefox-gnome-theme':
    'github:rafaelmardojai/firefox-gnome-theme/6fafa0409ad451b90db466f900b7549a1890bf1a?narHash=sha256-ClHCtrzwU6TIfK0qOzAsfPY4swrpbZ8SwUpBpVwphaY%3D' (2025-08-22)
  → 'github:rafaelmardojai/firefox-gnome-theme/99f0c72d0073f7c8057cd41b03aadec3af68fbeb?narHash=sha256-LnSZjUAXoQ6C4kw5PELOE1cmRzTF7pJ4fdi7E4NZl/E%3D' (2025-08-24)
• Updated input 'hyprland':
    'github:hyprwm/Hyprland/0d45b277d6c750377b336034b8adc53eae238d91?narHash=sha256-/yviTS9piazXoZAmnN0dXnYjDAFvooBnzJfPw2Gi30Y%3D' (2025-08-22)
  → 'github:hyprwm/Hyprland/ced38b1b0f46f9fbdf9d37644d27bdbd2a29af1d?narHash=sha256-BVYvquLQY3VjkqosOrLBPLUo2AwujQGS40DTuHYsYdg%3D' (2025-08-24)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9cb344e96d5b6918e94e1bca2d9f3ea1e9615545?narHash=sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A%3D' (2025-08-20)
  → 'github:NixOS/nixpkgs/b1b3291469652d5a2edb0becc4ef0246fff97a7c?narHash=sha256-wY1%2B2JPH0ZZC4BQefoZw/k%2B3%2BDowFyfOxv17CN/idKs%3D' (2025-08-23)
• Updated input 'pre-commit-hooks':
    'github:cachix/git-hooks.nix/3ff4596663c8cbbffe06d863ee4c950bce2c3b78?narHash=sha256-2KZl6cU5rzEwXKMW369kLTzinJXXkF3TRExA6qEeVbc%3D' (2025-08-22)
  → 'github:cachix/git-hooks.nix/e891a93b193fcaf2fc8012d890dc7f0befe86ec2?narHash=sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs%3D' (2025-08-23)
 2025-08-24 10:45:31 +01:00
13 changed files with 190 additions and 169 deletions
Expand all files Collapse all files

104
flake.lock generated
View File

@@ -71,11 +71,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753216019, "lastModified": 1755946532,
"narHash": "sha256-zik7WISrR1ks2l6T1MZqZHb/OqroHdJnSnAehkE0kCk=", "narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "aquamarine", "repo": "aquamarine",
"rev": "be166e11d86ba4186db93e10c54a141058bdce49", "rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -213,11 +213,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1755519972, "lastModified": 1756115622,
"narHash": "sha256-bU4nqi3IpsUZJeyS8Jk85ytlX61i4b0KCxXX9YcOgVc=", "narHash": "sha256-iv8xVtmLMNLWFcDM/HcAPLRGONyTRpzL9NS09RnryRM=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "4073ff2f481f9ef3501678ff479ed81402caae6d", "rev": "bafad29f89e83b2d861b493aa23034ea16595560",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -229,11 +229,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1755874650, "lastModified": 1756083905,
"narHash": "sha256-ClHCtrzwU6TIfK0qOzAsfPY4swrpbZ8SwUpBpVwphaY=", "narHash": "sha256-UqYGTBgI5ypGh0Kf6zZjom/vABg7HQocB4gmxzl12uo=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "6fafa0409ad451b90db466f900b7549a1890bf1a", "rev": "b655eaf16d4cbec9c3472f62eee285d4b419a808",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -517,11 +517,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1755928099, "lastModified": 1756245065,
"narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=", "narHash": "sha256-aAZNbGcWrVRZgWgkQbkabSGcDVRDMgON4BipMy69gvI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "4a44fb9f7555da362af9d499817084f4288a957f", "rev": "54b2879ce622d44415e727905925e21b8f833a98",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -576,11 +576,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754305013, "lastModified": 1755678602,
"narHash": "sha256-u+M2f0Xf1lVHzIPQ7DsNCDkM1NYxykOSsRr4t3TbSM4=", "narHash": "sha256-uEC5O/NIUNs1zmc1aH1+G3GRACbODjk2iS0ET5hXtuk=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprgraphics", "repo": "hyprgraphics",
"rev": "4c1d63a0f22135db123fc789f174b89544c6ec2d", "rev": "157cc52065a104fc3b8fa542ae648b992421d1c7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -605,11 +605,11 @@
"xdph": "xdph" "xdph": "xdph"
}, },
"locked": { "locked": {
"lastModified": 1755883465, "lastModified": 1756498600,
"narHash": "sha256-/yviTS9piazXoZAmnN0dXnYjDAFvooBnzJfPw2Gi30Y=", "narHash": "sha256-09FSU9GTVyDlTcXjsjzumfUkIJUwht1DESNh41kufdc=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "Hyprland", "repo": "Hyprland",
"rev": "0d45b277d6c750377b336034b8adc53eae238d91", "rev": "ea42041f936d5810c5cfa45d6bece12dde2fd9b6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -635,11 +635,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1755183521, "lastModified": 1756461489,
"narHash": "sha256-wrP8TM2lb2x0+PyTc7Uc3yfVBeIlYW7+hFeG14N9Cr8=", "narHash": "sha256-MeRYPD6GTbBEcoEqwl8kqCSKtM8CJcYayvPfKGoQkzc=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprland-plugins", "repo": "hyprland-plugins",
"rev": "c1ddebb423acc7c88653c04de5ddafee64dac89a", "rev": "376d08bbbd861f2125f5ef86e0003e3636ce110f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -782,11 +782,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754481650, "lastModified": 1756117388,
"narHash": "sha256-6u6HdEFJh5gY6VfyMQbhP7zDdVcqOrCDTkbiHJmAtMI=", "narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprutils", "repo": "hyprutils",
"rev": "df6b8820c4a0835d83d0c7c7be86fbc555f1f7fd", "rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -807,11 +807,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751897909, "lastModified": 1755184602,
"narHash": "sha256-FnhBENxihITZldThvbO7883PdXC/2dzW4eiNvtoV5Ao=", "narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "hyprwayland-scanner", "repo": "hyprwayland-scanner",
"rev": "fcca0c61f988a9d092cbb33e906775014c61579d", "rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -906,11 +906,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1755330281, "lastModified": 1756245047,
"narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=", "narHash": "sha256-9bHzrVbjAudbO8q4vYFBWlEkDam31fsz0J7GB8k4AsI=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0", "rev": "a65b650d6981e23edd1afa1f01eb942f19cdcbb7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -946,11 +946,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1754725699, "lastModified": 1756266583,
"narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=", "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054", "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -993,11 +993,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1755615617, "lastModified": 1756386758,
"narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=", "narHash": "sha256-1wxxznpW2CKvI9VdniaUnTT2Os6rdRJcRUf65ZK9OtE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "20075955deac2583bb12f07151c2df830ef346b4", "rev": "dfb2f12e899db4876308eba6d93455ab7da304cd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1008,11 +1008,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1755704039, "lastModified": 1756469547,
"narHash": "sha256-gKlP0LbyJ3qX0KObfIWcp5nbuHSb5EHwIvU6UcNBg2A=", "narHash": "sha256-YvtD2E7MYsQ3r7K9K2G7nCslCKMPShoSEAtbjHLtH0k=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9cb344e96d5b6918e94e1bca2d9f3ea1e9615545", "rev": "41d292bfc37309790f70f4c120b79280ce40af16",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1078,11 +1078,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1754416808, "lastModified": 1755960406,
"narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=", "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864", "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1100,11 +1100,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1755879220, "lastModified": 1755960406,
"narHash": "sha256-2KZl6cU5rzEwXKMW369kLTzinJXXkF3TRExA6qEeVbc=", "narHash": "sha256-RF7j6C1TmSTK9tYWO6CdEMtg6XZaUKcvZwOCD2SICZs=",
"owner": "cachix", "owner": "cachix",
"repo": "git-hooks.nix", "repo": "git-hooks.nix",
"rev": "3ff4596663c8cbbffe06d863ee4c950bce2c3b78", "rev": "e891a93b193fcaf2fc8012d890dc7f0befe86ec2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -1143,11 +1143,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1755887038, "lastModified": 1756051653,
"narHash": "sha256-HoEMwFfR3rwNxwJjFCbj3rfW8k6EabHuMJAZOwsT95c=", "narHash": "sha256-JJkQliqI7zn+esLnKQP82eQEuolNz8IELm/BYGPTvEw=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "9e47b557087ebde3a30c9f97189d110c29d144fd", "rev": "01cf200f61946ac9f259f9163933ea1749cb3531",
"revCount": 40, "revCount": 41,
"type": "git", "type": "git",
"url": "ssh://git@git.vimium.com/jordan/nix-secrets.git" "url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
}, },
@@ -1349,11 +1349,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1753633878, "lastModified": 1755354946,
"narHash": "sha256-js2sLRtsOUA/aT10OCDaTjO80yplqwOIaLUqEe0nMx0=", "narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland", "repo": "xdg-desktop-portal-hyprland",
"rev": "371b96bd11ad2006ed4f21229dbd1be69bed3e8a", "rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View File

@@ -113,10 +113,10 @@
}: }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ imports = [
inputs.agenix-rekey.flakeModule
inputs.pre-commit-hooks.flakeModule inputs.pre-commit-hooks.flakeModule
inputs.nix-topology.flakeModule inputs.nix-topology.flakeModule
inputs.treefmt-nix.flakeModule inputs.treefmt-nix.flakeModule
./nix/agenix-rekey.nix
./nix/devshell.nix ./nix/devshell.nix
./nix/hosts.nix ./nix/hosts.nix
]; ];

9
hosts/common.nix
View File

@@ -6,12 +6,19 @@
}: }:
{ {
imports = [ imports = [
inputs.agenix.nixosModules.age inputs.agenix.nixosModules.default
inputs.agenix-rekey.nixosModules.default
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
../modules/nixos ../modules/nixos
../modules/nixos/impermanence.nix ../modules/nixos/impermanence.nix
]; ];
age.rekey = {
masterIdentities = [ ../secrets/yubikey-nix-primary.pub ];
storageMode = "local";
localStorageDir = ./. + "/secrets/rekeyed/${config.networking.hostName}";
};
nixpkgs = { nixpkgs = {
config.allowUnfree = true; config.allowUnfree = true;
overlays = [ overlays = [

3
hosts/helios/default.nix
View File

@@ -1,5 +1,4 @@
{ {
inputs,
pkgs, pkgs,
lib, lib,
... ...
@@ -10,9 +9,7 @@ let
in in
{ {
imports = [ imports = [
inputs.disko.nixosModules.disko
./hardware-configuration.nix ./hardware-configuration.nix
./disko-config.nix
../desktop.nix ../desktop.nix
../../users/jordan ../../users/jordan
]; ];

101
hosts/helios/disko-config.nix
View File

@@ -1,101 +0,0 @@
{ ... }:
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/disk/by-id/ata-SanDisk_Ultra_II_480GB_162224802391";
content = {
type = "gpt";
partitions = {
MBR = {
size = "1M";
type = "EF02"; # For GRUB MBR
};
boot = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "rpool";
};
};
};
};
};
};
zpool = {
rpool = {
type = "zpool";
options = {
ashift = "12";
};
rootFsOptions = {
compression = "zstd";
acltype = "posix";
atime = "off";
xattr = "sa";
dnodesize = "auto";
mountpoint = "none";
canmount = "off";
devices = "off";
exec = "off";
setuid = "off";
};
datasets = {
"local" = {
type = "zfs_fs";
};
"local/root" = {
type = "zfs_fs";
mountpoint = "/";
options = {
canmount = "noauto";
mountpoint = "/";
exec = "on";
setuid = "on";
};
postCreateHook = "zfs snapshot rpool/local/root@blank";
};
"local/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options = {
canmount = "noauto";
mountpoint = "/nix";
exec = "on";
setuid = "on";
};
};
"local/state" = {
type = "zfs_fs";
mountpoint = "/state";
options = {
canmount = "noauto";
mountpoint = "/state";
};
};
"safe" = {
type = "zfs_fs";
};
"safe/persist" = {
type = "zfs_fs";
mountpoint = "/persist";
options = {
canmount = "noauto";
mountpoint = "/persist";
};
};
};
};
};
};
}

11
hosts/odyssey/default.nix
View File

@@ -50,6 +50,17 @@
capSysAdmin = true; capSysAdmin = true;
}; };
environment.systemPackages = with pkgs; [
yubikey-manager
age-plugin-yubikey
];
services.udev.packages = with pkgs; [
libfido2
];
services.pcscd.enable = true;
modules = { modules = {
hardware.presonus-studio.enable = true; hardware.presonus-studio.enable = true;
services = { services = {

4
hosts/vps1/README.md
View File

@@ -6,8 +6,8 @@ VPS hosted in OVH.
## Specs ## Specs
- CPU - ?? - CPU - 4 vCores
- Memory - ?? - Memory - 4 GB
### Disks ### Disks

1
hosts/vps1/default.nix
View File

@@ -12,6 +12,7 @@
./matrix.nix ./matrix.nix
./nginx.nix ./nginx.nix
./photoprism.nix ./photoprism.nix
./vaultwarden.nix
../server.nix ../server.nix
]; ];

6
hosts/vps1/kanidm.nix
View File

@@ -30,6 +30,12 @@ in
}; };
}; };
# LDAP server binds to tailscale network interface
systemd.services.kanidm = {
requires = [ "tailscaled.service" ];
after = [ "tailscaled.service" ];
};
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"${domain}" = { "${domain}" = {
useACMEHost = "${domain}"; useACMEHost = "${domain}";

9
hosts/vps1/nginx.nix
View File

@@ -164,15 +164,6 @@ in
root = "/var/www/pki.vimium.com"; root = "/var/www/pki.vimium.com";
}; };
}; };
"suhailhussain.com" = {
forceSSL = true;
enableACME = true;
serverAliases = [ "www.suhailhussain.com" ];
extraConfig = nginxErrorPages + nginxEdgeHeaders + nginxStrictHeaders;
locations."/" = {
root = "/var/www/suhailhussain.com";
};
};
"vimium.com" = { "vimium.com" = {
default = true; default = true;
forceSSL = true; forceSSL = true;

73
hosts/vps1/vaultwarden.nix Normal file
View File

@@ -0,0 +1,73 @@
{
inputs,
config,
lib,
...
}:
let
inherit (lib)
mkForce
;
baseDomain = "vimium.com";
domain = "vaultwarden.${baseDomain}";
in
{
age.secrets."files/services/vaultwarden/envfile" = {
file = "${inputs.secrets}/files/services/vaultwarden/envfile.age";
};
services.vaultwarden = {
enable = true;
dbBackend = "sqlite";
backupDir = "/var/cache/vaultwarden-backup";
config = {
dataFolder = mkForce "/var/lib/vaultwarden";
useSysLog = true;
webVaultEnabled = true;
rocketPort = 8222;
signupsAllowed = false;
passwordIterations = 1000000;
invitationsAllowed = true;
invitationOrgName = "Vaultwarden";
domain = "https://${domain}";
};
environmentFile = config.age.secrets."files/services/vaultwarden/envfile".path;
};
services.nginx.virtualHosts = {
"${domain}" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.rocketPort}";
proxyWebsockets = true;
};
};
};
systemd.services.backup-vaultwarden.environment.DATA_FOLDER = mkForce "/var/lib/vaultwarden";
systemd.services.vaultwarden.serviceConfig = {
StateDirectory = mkForce "vaultwarden";
RestartSec = "60";
};
environment.persistence."/persist".directories = [
{
directory = "/var/lib/vaultwarden";
user = "vaultwarden";
group = "vaultwarden";
mode = "0700";
}
];
environment.persistence."/state".directories = [
{
directory = config.services.vaultwarden.backupDir;
user = "vaultwarden";
group = "vaultwarden";
mode = "0700";
}
];
}

29
nix/agenix-rekey.nix Normal file
View File

@@ -0,0 +1,29 @@
{
inputs,
...
}:
{
imports = [
inputs.agenix-rekey.flakeModule
];
perSystem =
{ config, ... }:
{
agenix-rekey.nixosConfigurations = inputs.self.nixosConfigurations;
devshells.default = {
commands = [
{
inherit (config.agenix-rekey) package;
help = "Edit, generate, and rekey secrets";
}
];
env = [
{
name = "AGENIX_REKEY_ADD_TO_GIT";
value = "true";
}
];
};
};
}

7
secrets/yubikey-nix-primary.pub Normal file
View File

@@ -0,0 +1,7 @@
# Serial: 24187788, Slot: 1
# Name: YubiKey Nix Primary
# Created: Mon, 25 Aug 2025 21:00:00 +0000
# PIN policy: Once (A PIN is required once per session, if set)
# Touch policy: Cached (A physical touch is required for decryption, and is cached for 15 seconds)
# Recipient: age1yubikey1qwwyem3502gqenzet20xdpjnuhhv2cezvzk590jdta9wqkw48p8gj7n4x96
AGE-PLUGIN-YUBIKEY-13SFHZQVZDDFHVHQGGYPC3