diff --git a/flake.lock b/flake.lock index f937433..16a3896 100644 --- a/flake.lock +++ b/flake.lock @@ -104,11 +104,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1764522689, - "narHash": "sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD+/cTUzzgVFoaHrkqY=", + "lastModified": 1764677808, + "narHash": "sha256-H3lC7knbXOBrHI9hITQ7modLuX20mYJVhZORL5ioms0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f", + "rev": "1aab89277eb2d87823d5b69bae631a2496cff57a", "type": "github" }, "original": { @@ -120,11 +120,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1764517877, - "narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=", + "lastModified": 1764667669, + "narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c", + "rev": "418468ac9527e799809c900eda37cbff999199b6", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index a7104a6..1f905f0 100644 --- a/flake.nix +++ b/flake.nix @@ -31,7 +31,10 @@ { system.stateVersion = state; } agenix.nixosModules.default disko.nixosModules.disko - { environment.systemPackages = [ agenix.packages.${sys}.default ]; } + { + nixpkgs.hostPlatform = nixpkgs.lib.mkDefault sys; + environment.systemPackages = [ agenix.packages.${sys}.default ]; + } ]; }; }; @@ -40,7 +43,7 @@ nixosConfigurations = nixpkgs.lib.mergeAttrsList ( nixpkgs.lib.forEach [ [ "APPA" "x86_64-linux" "23.05" ] - [ "MOMO" "x86_64-linux" "23.05" ] + [ "MOMO" "aarch64-linux" "25.11" ] [ "PABU" "x86_64-linux" "24.05" ] ] (uncurry mkSystem) ); diff --git a/hosts/APPA/services/adguard-home.nix b/hosts/APPA/services/adguard-home.nix index 34fe862..917918c 100644 --- a/hosts/APPA/services/adguard-home.nix +++ b/hosts/APPA/services/adguard-home.nix @@ -70,12 +70,7 @@ } { domain = "momo.dryb.org"; - answer = "188.245.216.128"; - enabled = true; - } - { - domain = "momo.dryb.org"; - answer = "2a01:4f8:1c1e:8abc::1"; + answer = "144.24.175.22"; enabled = true; } { diff --git a/hosts/APPA/system.nix b/hosts/APPA/system.nix index 53d29ac..b6f6285 100644 --- a/hosts/APPA/system.nix +++ b/hosts/APPA/system.nix @@ -24,6 +24,8 @@ services.logind.settings.Login.HandleLidSwitch = "ignore"; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + users.groups.media = { }; systemd.tmpfiles.rules = [ "d /var/lib/media 2770 root media" ]; } diff --git a/hosts/MOMO/default.nix b/hosts/MOMO/default.nix index 1380564..c06deb2 100644 --- a/hosts/MOMO/default.nix +++ b/hosts/MOMO/default.nix @@ -7,13 +7,6 @@ ../../modules ]; - bchmnn = { - network = { - resolved.enable = true; - networkd.enable = true; - }; - }; - services.openssh = { settings = { PasswordAuthentication = false; diff --git a/hosts/MOMO/hardware.nix b/hosts/MOMO/hardware.nix index 2a302c4..4fb95f0 100644 --- a/hosts/MOMO/hardware.nix +++ b/hosts/MOMO/hardware.nix @@ -44,25 +44,15 @@ }; root = { name = "ROOT"; - end = "-8G"; + size = "100%"; content = { type = "filesystem"; format = "ext4"; mountpoint = "/"; }; }; - plainSwap = { - size = "100%"; - content = { - type = "swap"; - discardPolicy = "both"; - }; - }; }; }; }; }; - - networking.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/hosts/MOMO/network.nix b/hosts/MOMO/network.nix index 6eb2781..49b7ce8 100644 --- a/hosts/MOMO/network.nix +++ b/hosts/MOMO/network.nix @@ -1,22 +1,27 @@ -{ ... }: +{ lib, ... }: { networking = { hostName = "MOMO"; - interfaces.enp1s0 = { - ipv6.addresses = [ + defaultGateway = "10.0.0.1"; + nameservers = [ + "9.9.9.9" + "149.112.112.112" + "2620:fe::fe" + "2620:fe::9" + ]; + interfaces.enp0s6 = { + ipv4.addresses = [ { - address = "2a01:4f8:1c1e:8abc::1"; - prefixLength = 64; + address = "10.0.0.183"; + prefixLength = 24; } ]; }; defaultGateway6 = { address = "fe80::1"; - interface = "enp1s0"; + interface = "enp0s6"; }; - nameservers = [ - "2a01:4ff:ff00::add:1" - "2a01:4ff:ff00::add:2" - ]; }; + + networking.useDHCP = lib.mkDefault true; } diff --git a/hosts/PABU/applications.nix b/hosts/PABU/applications.nix index d36642a..f1c8a72 100644 --- a/hosts/PABU/applications.nix +++ b/hosts/PABU/applications.nix @@ -30,7 +30,6 @@ # stuff nixd nixfmt-rfc-style - inputs.agenix.packages.x86_64-linux.default nix-output-monitor nvd ]; diff --git a/modules/core/network.nix b/modules/core/network.nix index fbe7417..8b7085a 100644 --- a/modules/core/network.nix +++ b/modules/core/network.nix @@ -10,12 +10,6 @@ nm = { enable = lib.mkEnableOption "nm"; }; - resolved = { - enable = lib.mkEnableOption "resolved"; - }; - networkd = { - enable = lib.mkEnableOption "networkd"; - }; }; }; config = { diff --git a/secrets/environments/acme.age b/secrets/environments/acme.age index 0a1b34b..74a258f 100644 Binary files a/secrets/environments/acme.age and b/secrets/environments/acme.age differ diff --git a/secrets/environments/miniflux.age b/secrets/environments/miniflux.age index 6798515..85121e1 100644 Binary files a/secrets/environments/miniflux.age and b/secrets/environments/miniflux.age differ diff --git a/secrets/environments/vaultwarden.age b/secrets/environments/vaultwarden.age index 45dcab0..41aacd1 100644 Binary files a/secrets/environments/vaultwarden.age and b/secrets/environments/vaultwarden.age differ diff --git a/secrets/passwords/anki/admin.age b/secrets/passwords/anki/admin.age index 871bda0..8fca19f 100644 Binary files a/secrets/passwords/anki/admin.age and b/secrets/passwords/anki/admin.age differ diff --git a/secrets/passwords/ddclient/cloudflare.age b/secrets/passwords/ddclient/cloudflare.age index ec6cb42..237a795 100644 Binary files a/secrets/passwords/ddclient/cloudflare.age and b/secrets/passwords/ddclient/cloudflare.age differ diff --git a/secrets/passwords/gitea/db.age b/secrets/passwords/gitea/db.age index 0cff7d0..05c6e84 100644 --- a/secrets/passwords/gitea/db.age +++ b/secrets/passwords/gitea/db.age @@ -1,11 +1,11 @@ age-encryption.org/v1 --> ssh-ed25519 lfMVeg ejjgNEnMOnPNlvp6kHNN4+FTaURnw/khEyk71q4pmX4 -GO80ST5fOV2OggwXXnRxahancZJnSOE6XhKIzanf6xM --> ssh-ed25519 ueRyzQ 4Wl+WB42XSsp6vplm22uAEeWP9TqxMcdmjlFGr7dCAo -/IO0WGVrMQOaFq61E+xp9Lxdv2qRhvrabNV0UUqZ5QI --> ssh-ed25519 IYnDOQ UM+pMKLlneDup00dYXRz3vIWY5LTbFRhpKE2KkT5RFM -2/c1gonJkrk5Cwngks/Ib+IVNOWSuJmX4YymwvYv4x8 ---- fUKSKeqg8Y9qCdKg0lZpL1OPZDkRgnmsHo16owGX1nM -sn -3dkG4@QH6?,4Td"P `| ;`Rgt -]?M7ӷ@KPt \ No newline at end of file +-> ssh-ed25519 lfMVeg sKw7P77Yj9ihIeOHoc02ZBEWJf79TK6DnrgB/486J0E +YtZ7tkjnWH23rHN1XoWVvXIkCh9X5fTNXZq2sveiWCI +-> ssh-ed25519 ueRyzQ dVvsSHh6jrphQUAu3Rz74JoW0+I/ta4lEy1c4kxYywo +5bJw1bOwbxtdC63g74ey+4WDEXr55itKBhGF3jqxEyM +-> ssh-ed25519 IYnDOQ R4qlE6Tr56MrRz8LJlmsUyyMtOGnWK2n+UNpdiHr9Ac +kgCdfY+LRb7SGnx6trr7bE9oxku3XJoeVKnXpNMK5JY +-> ssh-ed25519 HDF3Lg s+ztnMwn83F4Fj4sTT7ejYxfKnjg5dPTMgoKLFOMHh8 +bPbOkHMseBCzExS7FURgVzQEp2iTT/is/FL9V2bw8nE +--- tDGtEh6zW4CoInvkAd5YPzGnv+erMiSyZcpkA9/H+6Q +T Ԍ+GZ@x>5jjʕs?RDmRVhxI 9͛TOE:/xXcJT 1c \ No newline at end of file diff --git a/secrets/passwords/nextcloud/admin.age b/secrets/passwords/nextcloud/admin.age index 87daa35..709f345 100644 Binary files a/secrets/passwords/nextcloud/admin.age and b/secrets/passwords/nextcloud/admin.age differ diff --git a/secrets/passwords/paperless/admin.age b/secrets/passwords/paperless/admin.age index f83128a..0a47758 100644 --- a/secrets/passwords/paperless/admin.age +++ b/secrets/passwords/paperless/admin.age @@ -1,9 +1,12 @@ age-encryption.org/v1 --> ssh-ed25519 lfMVeg cuYTx24l4NmkI6j3/LXlK/7AoSmGn91bVwsALwyEeg8 -u8kIquf9+b1D3pL2MWKk/uInbI+0IcNK7Cpe2fzmtFk --> ssh-ed25519 ueRyzQ Ee63Opci8c5srBzPKRLK3AF5SGwC6MqGcKbHS1hlwX4 -2Sg/l9fADn6uFV2eRtV9cwluCGtateXR/fDF1n8+BLs --> ssh-ed25519 IYnDOQ Fg5g+CIqJu08ApVV5zdPqXPvQ4PaC1MiYG2ANNEVMnE -8DjMqxmcutUDD455tQDtcA76dedfqicO0CoBpjaWssI ---- H/6V7b1UEtCW0BbLpEwSm3T2M9kvYC/83wIKsDwZve8 -VxnfL!ۀ:b`,Ky-hIO6VD2X&Vq@? \ No newline at end of file +-> ssh-ed25519 lfMVeg THPNrpb41SFy4x4+D3ZrMf8AuoRL8MQpn6DbCcEGgH4 +Qbo7PCCPwGhaMyEa2gRjmaN6t3us6NfG78r5h98rpZo +-> ssh-ed25519 ueRyzQ jnoSbBMvEZAH/oHNqVr3T6ytyQ7/UQ/YCGzNy7a2YHI +9wBXCDaemGH0qUnNYqoqU6BCsBLBzqEEFsICvrIqYLk +-> ssh-ed25519 IYnDOQ TQN80BmcNxz6vD6adPftf4oGkB1oQXU7HuWkKfGFpgs +P9FUyS+0muH8LUUDe2wqGY8gcIKyom6iuO9EqCGT1YM +-> ssh-ed25519 HDF3Lg V47k+SMUvuCCnsLXbhgicyFZERGXhRfJPFw0bHqZFHk +MkrS7g7R5NhoWvdXbJ4mx6ZgCq2ABUgsyq+KMLnLRd4 +--- N3GpbRoA+uqRkbnLAIaihurobQRgiEWGAQSPCHH3V8M +܅ i +,ќik>o$c$m~٨zR69kPoH8Sf \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index e1d68cc..77f619b 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,6 +1,6 @@ let APPA = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGvQbYHiB17BfsvHBgPYJN50Th+da+rtbsTIjOSaT+1Y root@APPA"; - MOMO = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOQ8YOOaQj3NnMlTjlFX9iWDIpPMrO2W4EkL65GJP+y4 root@MOMO"; + MOMO = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMHuXl/Llex0+xBmDJmJkwp4kT3mWRTfRPeyJDHgAJzM root@MOMO"; gandalf = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAOG8Sja2i6nepkEkuxYdu86XbT9vS5uniBmZifSMZ0t jacob.bachmann@posteo.de";