dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Update nixpkgs-stable to 24.11

Browse Source
This commit is contained in:
Jack O'Sullivan
2024-11-30 17:45:59 +00:00
parent 2fe94bba23
commit 5783d3a51e
20 changed files with 141 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nixos/boxes/britway/default.nix
View File

@@ -106,7 +106,7 @@ in
{
matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = lib.my.c.colony.prefixes.all.v4;
Gateway = allAssignments.estuary.as211024.ipv4.address;
@@ -123,7 +123,7 @@ in
Table = "ts-extra";
}
];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
routingPolicyRules = [
{
IncomingInterface = "tailscale0";
To = lib.my.c.colony.prefixes.all.v6;

12
nixos/boxes/colony/default.nix
View File

@@ -252,10 +252,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.vms.v6;
Prefix = prefixes.vms.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = prefixes.ctrs.v4;
Gateway = allAssignments.shill.routing.ipv4.address;
@@ -327,10 +327,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.mail.v6;
Prefix = prefixes.mail.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = prefixes.mail.v4;
Scope = "link";
@@ -350,10 +350,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.darts.v6;
Prefix = prefixes.darts.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = prefixes.darts.v4;
Scope = "link";

99
nixos/boxes/colony/vms/estuary/default.nix
View File

@@ -164,11 +164,9 @@ in
};
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
PersistentKeepalive = 25;
};
PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
PersistentKeepalive = 25;
}
];
};
@@ -278,52 +276,51 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.base.v6;
Prefix = prefixes.base.v6;
}
];
routes = map (r: { routeConfig = r; }) (flatten
([
{
Destination = prefixes.vip1;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.vip3;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.darts.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.cust.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
routes = flatten ([
{
Destination = prefixes.vip1;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.vip3;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.darts.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.cust.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = lib.my.c.tailscale.prefix.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = lib.my.c.tailscale.prefix.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
{
Destination = prefixes.qclk.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
] ++
(map (pName: [
{
Gateway = allAssignments.colony.routing.ipv4.address;
Destination = prefixes."${pName}".v4;
}
{
Destination = prefixes."${pName}".v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
]) [ "vms" "ctrs" "oci" ])));
{
Destination = prefixes.qclk.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
] ++
(map (pName: [
{
Gateway = allAssignments.colony.routing.ipv4.address;
Destination = prefixes."${pName}".v4;
}
{
Destination = prefixes."${pName}".v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
]) [ "vms" "ctrs" "oci" ]));
}
];
@@ -332,7 +329,7 @@ in
{
matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = lib.my.c.home.prefixes.all.v4;
Gateway = lib.my.c.home.vips.as211024.v4;
@@ -344,10 +341,8 @@ in
matchConfig.Name = "kelder";
routes = [
{
routeConfig = {
Destination = allAssignments.kelder.estuary.ipv4.address;
Scope = "link";
};
Destination = allAssignments.kelder.estuary.ipv4.address;
Scope = "link";
}
];
};

4
nixos/boxes/colony/vms/shill/containers-ext.nix
View File

@@ -47,10 +47,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.jam.v6;
Prefix = prefixes.jam.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = prefixes.jam.v4;
Scope = "link";

8
nixos/boxes/colony/vms/shill/containers/jackflix/default.nix
View File

@@ -94,6 +94,14 @@ in
};
};
nixpkgs.config.permittedInsecurePackages = [
# FIXME: This is needed for Sonarr
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
services = {
netdata.enable = true;

14
nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix
View File

@@ -71,14 +71,12 @@ in
RouteTable = routeTable;
};
wireguardPeers = [
# AirVPN NL
{
# AirVPN NL
wireguardPeerConfig = {
Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
};
Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
}
];
};
@@ -94,7 +92,7 @@ in
matchConfig.Name = "vpn";
address = [ "10.182.97.37/32" "fd7d:76ee:e68f:a993:735d:ef5e:6907:b122/128" ];
dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
routingPolicyRules = [
{
Family = "both";
SuppressPrefixLength = 0;

2
nixos/boxes/colony/vms/shill/containers/object.nix
View File

@@ -237,7 +237,7 @@ in
harmonia = {
enable = true;
signKeyPath = config.age.secrets."nix-cache.key".path;
signKeyPaths = [ config.age.secrets."nix-cache.key".path ];
settings = {
priority = 30;
};

4
nixos/boxes/colony/vms/shill/default.nix
View File

@@ -140,10 +140,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.ctrs.v6;
Prefix = prefixes.ctrs.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.waffletail.internal.ipv4.address;

2
nixos/boxes/home/castle/default.nix
View File

@@ -36,7 +36,7 @@ in
cpu = {
amd.updateMicrocode = true;
};
opengl.extraPackages = with pkgs; [
graphics.extraPackages = with pkgs; [
intel-media-driver
];
bluetooth.enable = true;

4
nixos/boxes/home/routing-common/default.nix
View File

@@ -276,7 +276,7 @@ in
{
matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = lib.my.c.colony.prefixes.all.v4;
Gateway = allAssignments.estuary.as211024.ipv4.address;
@@ -301,7 +301,7 @@ in
{
"60-lan-hi" = {
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = elemAt routersPubV4 otherIndex;
Gateway = net.cidr.host (otherIndex + 1) prefixes.hi.v4;

10
nixos/boxes/kelder/containers/acquisition/default.nix
View File

@@ -26,7 +26,7 @@ in
config = {
# Hardware acceleration for Jellyfin
hardware.opengl = {
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
vaapiIntel
@@ -78,6 +78,14 @@ in
};
};
nixpkgs.config.permittedInsecurePackages = [
# FIXME: This is needed for Sonarr
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
services = {
transmission = {
enable = true;

14
nixos/boxes/kelder/containers/acquisition/networking.nix
View File

@@ -73,14 +73,12 @@ in
RouteTable = routeTable;
};
wireguardPeers = [
# AirVPN IE
{
# AirVPN IE
wireguardPeerConfig = {
Endpoint = "146.70.94.2:1637";
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
};
Endpoint = "146.70.94.2:1637";
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
}
];
};
@@ -97,7 +95,7 @@ in
matchConfig.Name = "vpn";
address = [ "10.161.170.28/32" "fd7d:76ee:e68f:a993:b12d:6d15:c80a:9516/128" ];
dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
routingPolicyRules = [
{
Family = "both";
SuppressPrefixLength = 0;

17
nixos/boxes/kelder/default.nix
View File

@@ -121,8 +121,7 @@ in
samba = {
enable = true;
enableNmbd = true;
shares = {
settings = {
storage = {
path = "/mnt/storage";
browseable = "yes";
@@ -131,6 +130,8 @@ in
"directory mask" = "0775";
};
};
nmbd.enable = true;
};
samba-wsdd.enable = true;
@@ -180,12 +181,10 @@ in
};
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "bP1XUNxp9i8NLOXhgPaIaRzRwi5APbam44/xjvYcyjU=";
Endpoint = "${allAssignments.estuary.internal.ipv4.address}:${toString lib.my.c.kelder.vpn.port}";
AllowedIPs = [ "0.0.0.0/0" ];
PersistentKeepalive = 25;
};
PublicKey = "bP1XUNxp9i8NLOXhgPaIaRzRwi5APbam44/xjvYcyjU=";
Endpoint = "${allAssignments.estuary.internal.ipv4.address}:${toString lib.my.c.kelder.vpn.port}";
AllowedIPs = [ "0.0.0.0/0" ];
PersistentKeepalive = 25;
}
];
};
@@ -213,7 +212,7 @@ in
address = with assignments.estuary; [
(with ipv4; "${address}/${toString mask}")
];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
routingPolicyRules = [
{
Family = "both";
SuppressPrefixLength = 0;