From 979e49fb31d5cf1bc528bdbad4884eeb7b67decd Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Tue, 15 Jul 2025 10:35:35 +0200 Subject: ... --- _sources/generated.json | 36 ++++++++++---------- _sources/generated.nix | 36 ++++++++++---------- accounts/gkleen@sif/default.nix | 17 +++++----- flake.lock | 66 ++++++++++++++++++------------------ hosts/surtr/email/default.nix | 42 +++++++++++------------ overlays/etesync-dav.nix | 47 ++++++------------------- overlays/prometheus-lvm-exporter.nix | 2 +- overlays/spice-record.nix | 2 ++ overlays/swayosd/default.nix | 2 +- system-profiles/nfsroot.nix | 2 +- 10 files changed, 115 insertions(+), 137 deletions(-) diff --git a/_sources/generated.json b/_sources/generated.json index ad09ec7c..4498b987 100644 --- a/_sources/generated.json +++ b/_sources/generated.json @@ -22,7 +22,7 @@ }, "bpf-examples": { "cargoLocks": null, - "date": "2025-05-27", + "date": "2025-07-04", "extract": null, "name": "bpf-examples", "passthru": null, @@ -34,12 +34,12 @@ "name": null, "owner": "xdp-project", "repo": "bpf-examples", - "rev": "4fae19c659726963d5195ec124f01634620f0c71", - "sha256": "sha256-PKvknYKq/BYtzRvXZT4t76DdC794aj9uYXXE/tHtY2o=", + "rev": "588d0064f575e58878f27bfa7eb52e460150dc6a", + "sha256": "sha256-8wp2lfp7RQYmMJmHp0hzpCYQXj6hQXDIIKhpiCBYTt0=", "sparseCheckout": [], "type": "github" }, - "version": "4fae19c659726963d5195ec124f01634620f0c71" + "version": "588d0064f575e58878f27bfa7eb52e460150dc6a" }, "emacs-scratch_el": { "cargoLocks": null, @@ -327,11 +327,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-Ooaj+5npHkgo4eoletkhFbGQL+1ScE+39MaL6bnp+yw=", + "sha256": "sha256-JDKt+MzxxyaFWnzuq/7FfT/JPUknH/RRw4Cb8XDOtlk=", "type": "tarball", - "url": "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.5.0.tar.gz" + "url": "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.6.0.tar.gz" }, - "version": "0.5.0" + "version": "0.6.0" }, "psql-versioning": { "cargoLocks": null, @@ -397,7 +397,7 @@ }, "swayosd": { "cargoLocks": null, - "date": "2025-04-20", + "date": "2025-07-07", "extract": null, "name": "swayosd", "passthru": null, @@ -407,13 +407,13 @@ "fetchSubmodules": false, "leaveDotGit": false, "name": null, - "rev": "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c", - "sha256": "sha256-Z9c/5jKxs5ctUuVu7g+BXA1Wy4lyZLpGATtj2jd84jI=", + "rev": "73aed75146b81aaf67c4301353790ff5a17aed1f", + "sha256": "sha256-p31HNelptAw7Sk0NmYP4FkoUCdA5uAsrXC20JJp24Vw=", "sparseCheckout": [], "type": "git", "url": "https://github.com/ErikReider/SwayOSD" }, - "version": "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c" + "version": "73aed75146b81aaf67c4301353790ff5a17aed1f" }, "tomorrow-night-paradise-theme": { "cargoLocks": null, @@ -437,7 +437,7 @@ }, "v4l2loopback": { "cargoLocks": null, - "date": "2025-06-11", + "date": "2025-07-08", "extract": null, "name": "v4l2loopback", "passthru": null, @@ -449,12 +449,12 @@ "name": null, "owner": "umlaeute", "repo": "v4l2loopback", - "rev": "8219e4b00101dba8b6865108405cf656302a173d", - "sha256": "sha256-oaPhLQPM9zywRrEklZBC8Unz3gKfNwxin2ukh3ZCfbI=", + "rev": "e3fb6825ebb4bc6da2e15a515e24769d76c93332", + "sha256": "sha256-cgxdWuIwmNaOIYmMA1mEvC+1FQFhTGsffVv71md5yXo=", "sparseCheckout": [], "type": "github" }, - "version": "8219e4b00101dba8b6865108405cf656302a173d" + "version": "e3fb6825ebb4bc6da2e15a515e24769d76c93332" }, "xcompose": { "cargoLocks": null, @@ -486,10 +486,10 @@ "pinned": false, "src": { "name": null, - "sha256": "sha256-dR9To7YTU1Ir+AX6MLvL0WZmEmU345cG6rT4w2jxEaw=", + "sha256": "sha256-bQroVcClW/zCjf+6gE7IUlublV00pBGRoVYaTOwD2L0=", "type": "url", - "url": "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.6.9.tar.gz" + "url": "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.6.30.tar.gz" }, - "version": "2025.6.9" + "version": "2025.6.30" } } \ No newline at end of file diff --git a/_sources/generated.nix b/_sources/generated.nix index a912f452..f470ad9e 100644 --- a/_sources/generated.nix +++ b/_sources/generated.nix @@ -18,15 +18,15 @@ }; bpf-examples = { pname = "bpf-examples"; - version = "4fae19c659726963d5195ec124f01634620f0c71"; + version = "588d0064f575e58878f27bfa7eb52e460150dc6a"; src = fetchFromGitHub { owner = "xdp-project"; repo = "bpf-examples"; - rev = "4fae19c659726963d5195ec124f01634620f0c71"; + rev = "588d0064f575e58878f27bfa7eb52e460150dc6a"; fetchSubmodules = true; - sha256 = "sha256-PKvknYKq/BYtzRvXZT4t76DdC794aj9uYXXE/tHtY2o="; + sha256 = "sha256-8wp2lfp7RQYmMJmHp0hzpCYQXj6hQXDIIKhpiCBYTt0="; }; - date = "2025-05-27"; + date = "2025-07-04"; }; emacs-scratch_el = { pname = "emacs-scratch_el"; @@ -196,10 +196,10 @@ }; prometheus-lvm-exporter = { pname = "prometheus-lvm-exporter"; - version = "0.5.0"; + version = "0.6.0"; src = fetchTarball { - url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.5.0.tar.gz"; - sha256 = "sha256-Ooaj+5npHkgo4eoletkhFbGQL+1ScE+39MaL6bnp+yw="; + url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v0.6.0.tar.gz"; + sha256 = "sha256-JDKt+MzxxyaFWnzuq/7FfT/JPUknH/RRw4Cb8XDOtlk="; }; }; psql-versioning = { @@ -242,17 +242,17 @@ }; swayosd = { pname = "swayosd"; - version = "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c"; + version = "73aed75146b81aaf67c4301353790ff5a17aed1f"; src = fetchgit { url = "https://github.com/ErikReider/SwayOSD"; - rev = "ce1f34d80a7f8b4393a5551ea0535bd8beabb28c"; + rev = "73aed75146b81aaf67c4301353790ff5a17aed1f"; fetchSubmodules = false; deepClone = false; leaveDotGit = false; sparseCheckout = [ ]; - sha256 = "sha256-Z9c/5jKxs5ctUuVu7g+BXA1Wy4lyZLpGATtj2jd84jI="; + sha256 = "sha256-p31HNelptAw7Sk0NmYP4FkoUCdA5uAsrXC20JJp24Vw="; }; - date = "2025-04-20"; + date = "2025-07-07"; }; tomorrow-night-paradise-theme = { pname = "tomorrow-night-paradise-theme"; @@ -270,15 +270,15 @@ }; v4l2loopback = { pname = "v4l2loopback"; - version = "8219e4b00101dba8b6865108405cf656302a173d"; + version = "e3fb6825ebb4bc6da2e15a515e24769d76c93332"; src = fetchFromGitHub { owner = "umlaeute"; repo = "v4l2loopback"; - rev = "8219e4b00101dba8b6865108405cf656302a173d"; + rev = "e3fb6825ebb4bc6da2e15a515e24769d76c93332"; fetchSubmodules = true; - sha256 = "sha256-oaPhLQPM9zywRrEklZBC8Unz3gKfNwxin2ukh3ZCfbI="; + sha256 = "sha256-cgxdWuIwmNaOIYmMA1mEvC+1FQFhTGsffVv71md5yXo="; }; - date = "2025-06-11"; + date = "2025-07-08"; }; xcompose = { pname = "xcompose"; @@ -294,10 +294,10 @@ }; yt-dlp = { pname = "yt-dlp"; - version = "2025.6.9"; + version = "2025.6.30"; src = fetchurl { - url = "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.6.9.tar.gz"; - sha256 = "sha256-dR9To7YTU1Ir+AX6MLvL0WZmEmU345cG6rT4w2jxEaw="; + url = "https://pypi.org/packages/source/y/yt_dlp/yt_dlp-2025.6.30.tar.gz"; + sha256 = "sha256-bQroVcClW/zCjf+6gE7IUlublV00pBGRoVYaTOwD2L0="; }; }; } diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index 706eb241..a1a694ea 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix @@ -172,6 +172,7 @@ in { }; }; }; + chromium.enable = true; zathura = { enable = true; @@ -509,14 +510,14 @@ in { wrappedYTMDesktop libsForQt5.qt5ct playerctl evince papers thunderbird zoom-us xdg-desktop-portal steam steam-run wireshark virt-manager rclone cached-nix-shell worktime - fira-code-symbols libreoffice xournalpp google-chrome + fira-code-symbols libreoffice xournalpp nixos-shell virt-viewer freerdp gnome-icon-theme paper-icon-theme sshpassSecret weechat element-desktop sieve-connect gimp3 inkscape udiskie glab nitrokey-app pynitrokey gtklock wlrctl remmina openscad spice-record libguestfs-with-appliance nerd-fonts.fira-mono nerd-fonts.symbols-only nerd-fonts.fira-code powerline-fonts - swtpm (hunspellWithDicts (with hunspellDicts; [en_GB-large de_DE])) + swtpm (hunspell.withDicts (dicts: with dicts; [en_GB-large de_DE])) libation libqalculate ] ++ mapAttrsToList (_name: pkg: pkgs.callPackage pkg {}) (customUtils.nixImport { dir = ./utils; }); @@ -695,10 +696,10 @@ in { ${lib.getExe' config.systemd.package "systemd-run"} --wait --user --slice-inherit \ --property 'CPUAccounting=yes' --property 'CPUQuotaPeriodSec=50ms' \ -E DSCP=46 -E NIXOS_OZONE_WL \ - -- ${lib.getExe pkgs.dscp} ${lib.getExe' pkgs.google-chrome "google-chrome-stable"} \ + -- ${lib.getExe pkgs.dscp} ${lib.getExe cfg.programs.chromium.package} \ --class=Rainbow \ --app="https://web.openrainbow.com" \ - --user-data-dir=''${HOME}/.config/google-chrome-rainbow + --user-data-dir=''${HOME}/.config/chromium-rainbow ''); icon = pkgs.fetchurl { url = "https://web.openrainbow.com/rb/2.139.17/assets/skins/rainbow/images/homepage/logo__rainbow.svg"; @@ -712,10 +713,10 @@ in { name = "Kimai"; exec = toString (pkgs.writeShellScript "kimai" '' exec -- \ - ${lib.getExe' pkgs.google-chrome "google-chrome-stable"} \ + ${lib.getExe cfg.programs.chromium.package} \ --class=Kimai \ --app="https://kimai.yggdrasil.li" \ - --user-data-dir=''${HOME}/.config/google-chrome-kimai + --user-data-dir=''${HOME}/.config/chromium-kimai ''); icon = pkgs.fetchurl { url = "https://www.kimai.org/images/kimai_logo.png"; @@ -730,10 +731,10 @@ in { name = "Audiobookshelf"; exec = toString (pkgs.writeShellScript "audiobookshelf" '' exec -- \ - ${lib.getExe' pkgs.google-chrome "google-chrome-stable"} \ + ${lib.getExe cfg.programs.chromium.package} \ --class=Audiobookshelf \ --app="https://audiobookshelf.yggdrasil.li" \ - --user-data-dir=''${HOME}/.config/google-chrome-audiobookshelf + --user-data-dir=''${HOME}/.config/chromium-audiobookshelf ''); icon = pkgs.fetchurl { url = "https://www.audiobookshelf.org/Logo.png"; diff --git a/flake.lock b/flake.lock index e4c3a97c..404d81b6 100644 --- a/flake.lock +++ b/flake.lock @@ -407,11 +407,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1750735687, - "narHash": "sha256-pscxcZpLGcEEJGVjFAM7X77cARABc7M+zVyUN6qsEmU=", + "lastModified": 1752078530, + "narHash": "sha256-TrRmlYdhWcadWvBpDjB9Xlry4uT4ZUIO46d+o5tjtCQ=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "a581a91b7406a0b9039ef22e37e5166bd3b1a139", + "rev": "d231d92313192d4d0c78d6ef04167fed9dee87cf", "type": "github" }, "original": { @@ -441,11 +441,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1750684365, - "narHash": "sha256-BqtoSRCgmutJXnQFZs+KFMNvp3LuX6POIHjXIxWdlTE=", + "lastModified": 1750791124, + "narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=", "owner": "YaLTeR", "repo": "niri", - "rev": "4c02f3bba451747c3f337f4c131b0c7f9ef41bb7", + "rev": "37458d94b288945f6cfbd3c5c233f634d59f246c", "type": "github" }, "original": { @@ -482,11 +482,11 @@ ] }, "locked": { - "lastModified": 1750565152, - "narHash": "sha256-A6ZIoIgaPPkzIVxKuaxwEJicPOeTwC/MD9iuC3FVhDM=", + "lastModified": 1751774635, + "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "78cd697acc2e492b4e92822a4913ffad279c20e6", + "rev": "85686025ba6d18df31cc651a91d5adef63378978", "type": "github" }, "original": { @@ -539,11 +539,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1750431636, - "narHash": "sha256-vnzzBDbCGvInmfn2ijC4HsIY/3W1CWbwS/YQoFgdgPg=", + "lastModified": 1752048960, + "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "1552a9f4513f3f0ceedcf90320e48d3d47165712", + "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", "type": "github" }, "original": { @@ -664,11 +664,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1750622754, - "narHash": "sha256-kMhs+YzV4vPGfuTpD3mwzibWUE6jotw5Al2wczI0Pv8=", + "lastModified": 1751943650, + "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c7ab75210cb8cb16ddd8f290755d9558edde7ee1", + "rev": "88983d4b665fb491861005137ce2b11a9f89f203", "type": "github" }, "original": { @@ -712,11 +712,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1750506804, - "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=", + "lastModified": 1751984180, + "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4206c4cb56751df534751b058295ea61357bbbaa", + "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", "type": "github" }, "original": { @@ -950,11 +950,11 @@ ] }, "locked": { - "lastModified": 1750499893, - "narHash": "sha256-ThKBd8XSvITAh2JqU7enOp8AfKeQgf9u7zYC41cnBE4=", + "lastModified": 1751557494, + "narHash": "sha256-dnueIffmEKtG0V4feifalsOYaHXXsrGMaoKI+4O7v/8=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "e824458bd917b44bf4c38795dea2650336b2f55d", + "rev": "939ef94aea81c17bfd2f388465309eab76c45c37", "type": "github" }, "original": { @@ -1000,11 +1000,11 @@ ] }, "locked": { - "lastModified": 1750119275, - "narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=", + "lastModified": 1751606940, + "narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=", "owner": "Mic92", "repo": "sops-nix", - "rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2", + "rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d", "type": "github" }, "original": { @@ -1075,11 +1075,11 @@ ] }, "locked": { - "lastModified": 1749778965, - "narHash": "sha256-MDq5YPXq3VO7aGrIIz9IMexJcdRiLCcDK4Bk3Kev7Sw=", + "lastModified": 1752195249, + "narHash": "sha256-xJ4P6Ekm1tQTtUHboca+vqosXQZHPCDTYOq/HfZ6o1M=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "22ddf88e3a06551b769f0a585601d89180c69a38", + "rev": "06b039bb2fa0bc57ac6e611e05de70d36bb1af8b", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ ] }, "locked": { - "lastModified": 1747383113, - "narHash": "sha256-/YW7eOKU3gsNplxvUDpEj1LiXtcCENSFpS1c8kXSDWw=", + "lastModified": 1752562190, + "narHash": "sha256-zWOMCNe56H2PHUd3rJZ6tklZUZBLgRo85jd9IlK1g9o=", "owner": "gkleen", "repo": "Waybar", - "rev": "919036587381595f15010ac95644992fe6d7343d", + "rev": "d008cd998369c40f2344a856caf39cdbbd7bd068", "type": "github" }, "original": { @@ -1132,11 +1132,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1750686869, - "narHash": "sha256-FS/rYXd96VBtKNJRTV2xTpTk8CgrYP+lFsFj0+VKgoY=", + "lastModified": 1751228685, + "narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "117af56a83e2d1d25016fbd504a2a040babe586a", + "rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b", "type": "github" }, "original": { diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 2879c4a6..fa7ddac6 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix @@ -261,7 +261,7 @@ in { virtual_transport = "dvlmtp:unix:/run/dovecot-lmtp"; smtputf8_enable = false; - authorized_submit_users = "inline:{ root= postfwd= dovecot2= }"; + authorized_submit_users = "inline:{ root= postfwd= ${config.services.dovecot2.user}= }"; authorized_flush_users = "inline:{ root= }"; authorized_mailq_users = "inline:{ root= }"; @@ -503,7 +503,7 @@ in { }; }; - users.groups.${config.services.rspamd.group}.members = [ config.services.postfix.user "dovecot2" ]; + users.groups.${config.services.rspamd.group}.members = [ config.services.postfix.user config.services.dovecot2.user ]; services.redis.servers.rspamd.enable = true; @@ -513,8 +513,8 @@ in { services.dovecot2 = { enable = true; enablePAM = false; - sslServerCert = "/run/credentials/dovecot2.service/surtr.yggdrasil.li.pem"; - sslServerKey = "/run/credentials/dovecot2.service/surtr.yggdrasil.li.key.pem"; + sslServerCert = "/run/credentials/dovecot.service/surtr.yggdrasil.li.pem"; + sslServerKey = "/run/credentials/dovecot.service/surtr.yggdrasil.li.key.pem"; sslCACert = toString ./ca/ca.crt; mailLocation = "maildir:/var/lib/mail/%u/maildir:UTF-8:INDEX=/var/lib/dovecot/indices/%u"; mailPlugins.globally.enable = [ "fts" "fts_xapian" ]; @@ -527,8 +527,8 @@ in { dovecotSqlConf = pkgs.writeText "dovecot-sql.conf" '' driver = pgsql connect = dbname=email - password_query = SELECT (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN NULL ELSE "password" END) as password, (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN true WHEN password IS NULL THEN true ELSE NULL END) as nopassword, "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM imap_user WHERE "user" = '%n' - user_query = SELECT "user", quota_rule, 'dovecot2' as uid, 'dovecot2' as gid FROM imap_user WHERE "user" = '%n' + password_query = SELECT (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN NULL ELSE "password" END) as password, (CASE WHEN '%k' = 'valid' AND '%m' = 'EXTERNAL' THEN true WHEN password IS NULL THEN true ELSE NULL END) as nopassword, "user", quota_rule, '${config.services.dovecot2.user}' as uid, '${config.services.dovecot2.group}' as gid FROM imap_user WHERE "user" = '%n' + user_query = SELECT "user", quota_rule, '${config.services.dovecot2.user}' as uid, 'dovecot2' as gid FROM imap_user WHERE "user" = '%n' iterate_query = SELECT "user" FROM imap_user ''; in '' @@ -536,16 +536,16 @@ in { mail_plugins = $mail_plugins quota - first_valid_uid = ${toString config.users.users.dovecot2.uid} - last_valid_uid = ${toString config.users.users.dovecot2.uid} - first_valid_gid = ${toString config.users.groups.dovecot2.gid} - last_valid_gid = ${toString config.users.groups.dovecot2.gid} + first_valid_uid = ${toString config.users.users.${config.services.dovecot2.user}.uid} + last_valid_uid = ${toString config.users.users.${config.services.dovecot2.user}.uid} + first_valid_gid = ${toString config.users.groups.${config.services.dovecot2.group}.gid} + last_valid_gid = ${toString config.users.groups.${config.services.dovecot2.group}.gid} ${concatMapStringsSep "\n\n" (domain: concatMapStringsSep "\n" (subdomain: '' local_name ${subdomain} { - ssl_cert =