about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--flake.lock80
-rw-r--r--modules/common/git.nix13
-rw-r--r--modules/common/profiles/dev/default.nix13
-rw-r--r--modules/nixos/k3s.nix2
-rw-r--r--modules/nixos/lxc.nix7
-rw-r--r--modules/nixos/unbound.nix25
-rw-r--r--nixosConfigurations/eonwe/default.nix1
7 files changed, 61 insertions, 80 deletions
diff --git a/flake.lock b/flake.lock
index e3f1942..0a6c0fd 100644
--- a/flake.lock
+++ b/flake.lock
@@ -124,11 +124,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1704277720,
-        "narHash": "sha256-meAKNgmh3goankLGWqqpw73pm9IvXjEENJloF0coskE=",
+        "lastModified": 1705452289,
+        "narHash": "sha256-i/WodLabBcmRr9hdSv5jzDigL1hRYuI8vNh+xTbGt+g=",
         "owner": "LnL7",
         "repo": "nix-darwin",
-        "rev": "0dd382b70c351f528561f71a0a7df82c9d2be9a4",
+        "rev": "74ab0227ee495e526f2dd57ea684b34f6396445a",
         "type": "github"
       },
       "original": {
@@ -179,11 +179,11 @@
     "flake-registry": {
       "flake": false,
       "locked": {
-        "lastModified": 1692779116,
-        "narHash": "sha256-erTXdDToRA8whxURoEgBGWj550vcUirO6adEFIjQ0M0=",
+        "lastModified": 1705308826,
+        "narHash": "sha256-Z3xTYZ9EcRIqZAufZbci912MUKB0sD+qxi/KTGMFVwY=",
         "owner": "NixOS",
         "repo": "flake-registry",
-        "rev": "3f641cbae15d3c74370aa9b97fd0ac478a114305",
+        "rev": "9c69f7bd2363e71fe5cd7f608113290c7614dcdd",
         "type": "github"
       },
       "original": {
@@ -199,11 +199,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1701680307,
-        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
+        "lastModified": 1705309234,
+        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
+        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
         "type": "github"
       },
       "original": {
@@ -220,11 +220,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1660459072,
-        "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
+        "lastModified": 1703887061,
+        "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
         "owner": "hercules-ci",
         "repo": "gitignore.nix",
-        "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
+        "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
         "type": "github"
       },
       "original": {
@@ -240,11 +240,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1704809957,
-        "narHash": "sha256-Z8sBeoeeY2O+BNqh5C+4Z1h1F1wQ2mij7yPZ2GY397M=",
+        "lastModified": 1705708511,
+        "narHash": "sha256-3f4BkRY70Fj7yvuo87c4QQPAjnt571g2wJ50jY7hnYc=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "e13aa9e287b3365473e5897e3667ea80a899cdfb",
+        "rev": "ce4b88c465d928f4f8b75d0920f1788d5b65ca94",
         "type": "github"
       },
       "original": {
@@ -314,11 +314,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1704774121,
-        "narHash": "sha256-ekU4NfPIRiskQPyuSEx4TA0jm0hieW4S6GblUZe9gkQ=",
+        "lastModified": 1705713628,
+        "narHash": "sha256-Z4AxGE1tFSZfj5Xy2/C396h8MqhWkKQSFFZpTz8K/40=",
         "owner": "Infinidoge",
         "repo": "nix-minecraft",
-        "rev": "9c4f6c849b710cff6c9970fc7c19681bfa5c43af",
+        "rev": "ca0510895503f8151dd0e9d38e05c183848a1e62",
         "type": "github"
       },
       "original": {
@@ -329,11 +329,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1704786394,
-        "narHash": "sha256-aJM0ln9fMGWw1+tjyl5JZWZ3ahxAA2gw2ZpZY/hkEMs=",
+        "lastModified": 1705312285,
+        "narHash": "sha256-rd+dY+v61Y8w3u9bukO/hB55Xl4wXv4/yC8rCGVnK5U=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "b34a6075e9e298c4124e35c3ccaf2210c1f3a43b",
+        "rev": "bee2202bec57e521e3bd8acd526884b9767d7fa0",
         "type": "github"
       },
       "original": {
@@ -344,11 +344,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1704842529,
-        "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=",
+        "lastModified": 1705666311,
+        "narHash": "sha256-VYdSQm7zq3AStyHhRr3SBCTA8fVzrl6WtIlXTs2Wlts=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5",
+        "rev": "a455c5fb3ee513e2f443838a0e84d52b035adb67",
         "type": "github"
       },
       "original": {
@@ -360,11 +360,11 @@
     },
     "nixpkgs-master": {
       "locked": {
-        "lastModified": 1704917226,
-        "narHash": "sha256-81Mz54Gu49h2pA51Em0uEUMfeQTm9Etgs9a1ohqmPwo=",
+        "lastModified": 1705740246,
+        "narHash": "sha256-APl3uibJr7dWxzSa17VCY1IceWz9UT1ySehju8SIYYM=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3534a235f11c376779a900694008b9d1fa0be14d",
+        "rev": "a268720526d5a602e902b68b27667b1e7eec8e48",
         "type": "github"
       },
       "original": {
@@ -376,11 +376,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1704916268,
-        "narHash": "sha256-4QqFzzV7sfUQCW/6Xkjd2ETA8ogfdZU95BhzU3txyGs=",
+        "lastModified": 1705736500,
+        "narHash": "sha256-63GKAub3O5JtzcMDgidEKOU5+2jjXlhc1n8aVxv0pbk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "33e57e0c38127b5140b3505deda8669fcf4ab4ea",
+        "rev": "e31f16e3f93c25159b02627198d065ad6480c19a",
         "type": "github"
       },
       "original": {
@@ -392,16 +392,16 @@
     },
     "nixpkgs-stable_2": {
       "locked": {
-        "lastModified": 1685801374,
-        "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
+        "lastModified": 1704874635,
+        "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
+        "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-23.05",
+        "ref": "nixos-23.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -455,11 +455,11 @@
         "nixpkgs-stable": "nixpkgs-stable_2"
       },
       "locked": {
-        "lastModified": 1704913983,
-        "narHash": "sha256-K/GuHFFriQhH3VPWMhm6bYelDuPyGGjGu1OF1EWUn5k=",
+        "lastModified": 1705229514,
+        "narHash": "sha256-itILy0zimR/iyUGq5Dgg0fiW8plRDyxF153LWGsg3Cw=",
         "owner": "cachix",
         "repo": "pre-commit-hooks.nix",
-        "rev": "b0265634df1dc584585c159b775120e637afdb41",
+        "rev": "ffa9a5b90b0acfaa03b1533b83eaf5dead819a05",
         "type": "github"
       },
       "original": {
@@ -524,11 +524,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1704849611,
-        "narHash": "sha256-AzXnAJ5S3E2FUMPQmflYp8tsbhHBx+uK4lfKG7OKRFI=",
+        "lastModified": 1705713606,
+        "narHash": "sha256-8VYBrwOxaofT+GAxQ5Z1wYF22KHOPwTrfliDTuOrNEc=",
         "owner": "nix-community",
         "repo": "nix-vscode-extensions",
-        "rev": "657b4c72ffc5fef00090418bd5080f331b646a75",
+        "rev": "8430e52a88282c7295c409ba315f6e0967403f39",
         "type": "github"
       },
       "original": {
diff --git a/modules/common/git.nix b/modules/common/git.nix
index fbd7ec7..45a0347 100644
--- a/modules/common/git.nix
+++ b/modules/common/git.nix
@@ -68,7 +68,7 @@ in {
               core.whitespace = "trailing-space";
               init.defaultBranch = "master";
               status.submoduleSummary = true;
-              commit.verbose = 1;
+              commit.verbose = true;
               push.autoSetupRemote = true;
               pull.rebase = true;
               rebase = {
@@ -93,19 +93,22 @@ in {
               gitlab.user = my.username;
             }
             // mapAttrs'
-            (n: v: nameValuePair ''url "git@${v}:"'' {insteadOf = "${n}:";}) {
-              "alpine" = "gitlab.alpinelinux.org";
+            (name: value: nameValuePair ''url "git@${value}:"'' {insteadOf = "${name}:";}) {
               "bitbucket" = "bitbucket.com";
               "codeberg" = "codeberg.org";
-              "freedesktop" = "gitlab.freedesktop.org";
               "github" = "github.com";
               "gitlab" = "gitlab.com";
+              "sourcehut" = "git.sr.ht";
+            }
+            // mapAttrs'
+            (name: values: nameValuePair ''url "https://${values}/"'' {insteadOf = "${name}:";}) {
+              "alpine" = "gitlab.alpinelinux.org";
+              "freedesktop" = "gitlab.freedesktop.org";
               "gnome" = "gitlab.gnome.org";
               "haskell" = "gitlab.haskell.org";
               "kde" = "invent.kde.org";
               "notabug" = "notabug.org";
               "opencode" = "opencode.net";
-              "sourcehut" = "git.sr.ht";
               "torproject" = "gitlab.torproject.org";
               "videolan" = "code.videolan.org";
             };
diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix
index f7c313f..1bc0b0e 100644
--- a/modules/common/profiles/dev/default.nix
+++ b/modules/common/profiles/dev/default.nix
@@ -61,16 +61,17 @@ in {
         };
 
         packages = with pkgs; [
+          age
+          htmlq
+          httpie
+          hydra-check
+          jq
+          logcli
           nix-index
           nix-update
           nixpkgs-review
-          hydra-check
-          jq
-          yq
-          htmlq
           sops
-          httpie
-          logcli
+          yq
         ];
       };
 
diff --git a/modules/nixos/k3s.nix b/modules/nixos/k3s.nix
index dcbd052..016eb50 100644
--- a/modules/nixos/k3s.nix
+++ b/modules/nixos/k3s.nix
@@ -23,7 +23,7 @@ in {
 
     systemd.services.k3s.environment = {
       K3S_KUBECONFIG_OUTPUT = "/etc/rancher/k3s/k3s.yaml";
-      K3S_KUBECONFIG_MODE = "600";
+      K3S_KUBECONFIG_MODE = "664";
     };
   };
 }
diff --git a/modules/nixos/lxc.nix b/modules/nixos/lxc.nix
index 4f7805f..bfdab8f 100644
--- a/modules/nixos/lxc.nix
+++ b/modules/nixos/lxc.nix
@@ -6,11 +6,10 @@
 with lib; let
   cfg = config.nixfiles.modules.lxc;
 in {
-  options.nixfiles.modules.lxc.enable =
-    mkEnableOption "LXC/LXD";
+  options.nixfiles.modules.lxc.enable = mkEnableOption "LXC/Incus";
 
   config = mkIf cfg.enable {
-    virtualisation.lxd.enable = true;
-    my.extraGroups = "lxd";
+    virtualisation.incus.enable = true;
+    my.extraGroups = ["incus-admin"];
   };
 }
diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix
index 8dce3f5..e6cad81 100644
--- a/modules/nixos/unbound.nix
+++ b/modules/nixos/unbound.nix
@@ -24,30 +24,7 @@ in {
     mkIf cfg.enable {
       ark.directories = [config.services.unbound.stateDir];
 
-      nixfiles.modules = {
-        redis.enable = true;
-
-        promtail.filters = [
-          {
-            match = {
-              selector = ''{syslog_identifier="unbound"} |~ " start | stopped |.*in-addr.arpa."'';
-              action = "drop";
-            };
-          }
-          {
-            match = {
-              selector = ''{syslog_identifier="unbound"} |= "reply:"'';
-              stages = [{static_labels.dns = "reply";}];
-            };
-          }
-          {
-            match = {
-              selector = ''{syslog_identifier="unbound"} |~ "redirect |always_null|always_nxdomain"'';
-              stages = [{static_labels.dns = "block";}];
-            };
-          }
-        ];
-      };
+      nixfiles.modules.redis.enable = true;
 
       services = {
         unbound = {
diff --git a/nixosConfigurations/eonwe/default.nix b/nixosConfigurations/eonwe/default.nix
index 9afaf2c..219991a 100644
--- a/nixosConfigurations/eonwe/default.nix
+++ b/nixosConfigurations/eonwe/default.nix
@@ -24,6 +24,7 @@ with lib; {
       steam-run.quirks.blackIsleStudios = true;
     };
     libvirtd.enable = true;
+    lxc.enable = true;
     mpd.enable = true;
     qutebrowser.enable = true;
   };

Consider giving Nix/NixOS a try! <3