dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Update nixpkgs-stable to 24.11

Browse Source
This commit is contained in:
Jack O'Sullivan 2024-11-30 17:45:59 +00:00
parent 2fe94bba23
commit 5783d3a51e
20 changed files with 141 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
flake.lock generated
View File

@ -437,16 +437,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1726989464, "lastModified": 1732466619,
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", "rev": "f3111f62a23451114433888902a55cf0692b408d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "home-manager", "id": "home-manager",
"ref": "release-24.05", "ref": "release-24.11",
"type": "indirect" "type": "indirect"
} }
}, },
@ -457,11 +457,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1732482255, "lastModified": 1732884235,
"narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=", "narHash": "sha256-r8j6R3nrvwbT1aUp4EPQ1KC7gm0pu9VcV1aNaB+XG6Q=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "a9953635d7f34e7358d5189751110f87e3ac17da", "rev": "819f682269f4e002884702b87e445c82840c68f2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -545,11 +545,11 @@
}, },
"nixpkgs-mine": { "nixpkgs-mine": {
"locked": { "locked": {
"lastModified": 1731774603, "lastModified": 1732985787,
"narHash": "sha256-d8Y7nqzdjKqG/sOkEm52J0C6jBX0cn1GHGuh0GUTqyI=", "narHash": "sha256-6rSJ9L4QywpHLi/xvpOHdTuPm6/eOJcXxnYzDbP3U1k=",
"owner": "devplayer0", "owner": "devplayer0",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0712614f7c9f98eddf838c2a6ae1a2e315ca6b83", "rev": "a28c46933ef5038fb7a2dd483b85152a539c7969",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -561,11 +561,11 @@
}, },
"nixpkgs-mine-stable": { "nixpkgs-mine-stable": {
"locked": { "locked": {
"lastModified": 1731774637, "lastModified": 1732985894,
"narHash": "sha256-j2swiGIVhYDpbsf+uCfMmxZ69nzy5VvW6OKUSJFifds=", "narHash": "sha256-YYuQQCcSF6KjgtAenZJiBmqt5jqP3UvYgC424VQ+22s=",
"owner": "devplayer0", "owner": "devplayer0",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "682a245504aa86e26aab8d4a5273333946d19689", "rev": "e0a3f4e2bbc5f7b681e344b389dcbab23f2e92a8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -577,26 +577,26 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1731797254, "lastModified": 1732824227,
"narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=", "narHash": "sha256-fYNXgpu1AEeLyd3fQt4Ym0tcVP7cdJ8wRoqJ+CtTRyY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59", "rev": "c71ad5c34d51dcbda4c15f44ea4e4aa6bb6ac1e9",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "id": "nixpkgs",
"ref": "nixos-24.05", "ref": "nixos-24.11",
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1732014248, "lastModified": 1732758367,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", "narHash": "sha256-RzaI1RO0UXqLjydtz3GAXSTzHkpb/lLD1JD8a0W4Wpo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", "rev": "fa42b5a5f401aab8a32bd33c9a4de0738180dc59",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
flake.nix
View File

@ -7,13 +7,13 @@
devshell.inputs.nixpkgs.follows = "nixpkgs-unstable"; devshell.inputs.nixpkgs.follows = "nixpkgs-unstable";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
nixpkgs-stable.url = "nixpkgs/nixos-24.05"; nixpkgs-stable.url = "nixpkgs/nixos-24.11";
nixpkgs-mine.url = "github:devplayer0/nixpkgs/devplayer0"; nixpkgs-mine.url = "github:devplayer0/nixpkgs/devplayer0";
nixpkgs-mine-stable.url = "github:devplayer0/nixpkgs/devplayer0-stable"; nixpkgs-mine-stable.url = "github:devplayer0/nixpkgs/devplayer0-stable";
home-manager-unstable.url = "home-manager"; home-manager-unstable.url = "home-manager";
home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable"; home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable";
home-manager-stable.url = "home-manager/release-24.05"; home-manager-stable.url = "home-manager/release-24.11";
home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable"; home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable";
# Stuff used by the flake for build / deployment # Stuff used by the flake for build / deployment

5
home-manager/modules/gui/default.nix
View File

@ -42,9 +42,8 @@ in
xdg-utils xdg-utils
font.package font.package
(nerdfonts.override { nerd-fonts.sauce-code-pro
fonts = [ "DroidSansMono" "SourceCodePro" ]; nerd-fonts.droid-sans-mono
})
noto-fonts-emoji noto-fonts-emoji
grim grim

4
nixos/boxes/britway/default.nix
View File

@ -106,7 +106,7 @@ in
{ {
matchConfig.Name = "as211024"; matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false; networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = lib.my.c.colony.prefixes.all.v4; Destination = lib.my.c.colony.prefixes.all.v4;
Gateway = allAssignments.estuary.as211024.ipv4.address; Gateway = allAssignments.estuary.as211024.ipv4.address;
@ -123,7 +123,7 @@ in
Table = "ts-extra"; Table = "ts-extra";
} }
]; ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [ routingPolicyRules = [
{ {
IncomingInterface = "tailscale0"; IncomingInterface = "tailscale0";
To = lib.my.c.colony.prefixes.all.v6; To = lib.my.c.colony.prefixes.all.v6;

12
nixos/boxes/colony/default.nix
View File

@ -252,10 +252,10 @@ in
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
ipv6PrefixConfig.Prefix = prefixes.vms.v6; Prefix = prefixes.vms.v6;
} }
]; ];
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = prefixes.ctrs.v4; Destination = prefixes.ctrs.v4;
Gateway = allAssignments.shill.routing.ipv4.address; Gateway = allAssignments.shill.routing.ipv4.address;
@ -327,10 +327,10 @@ in
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
ipv6PrefixConfig.Prefix = prefixes.mail.v6; Prefix = prefixes.mail.v6;
} }
]; ];
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = prefixes.mail.v4; Destination = prefixes.mail.v4;
Scope = "link"; Scope = "link";
@ -350,10 +350,10 @@ in
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
ipv6PrefixConfig.Prefix = prefixes.darts.v6; Prefix = prefixes.darts.v6;
} }
]; ];
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = prefixes.darts.v4; Destination = prefixes.darts.v4;
Scope = "link"; Scope = "link";

99
nixos/boxes/colony/vms/estuary/default.nix
View File

@ -164,11 +164,9 @@ in
}; };
wireguardPeers = [ wireguardPeers = [
{ {
wireguardPeerConfig = { PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E="; AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ]; PersistentKeepalive = 25;
PersistentKeepalive = 25;
};
} }
]; ];
}; };
@ -278,52 +276,51 @@ in
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
ipv6PrefixConfig.Prefix = prefixes.base.v6; Prefix = prefixes.base.v6;
} }
]; ];
routes = map (r: { routeConfig = r; }) (flatten routes = flatten ([
([ {
{ Destination = prefixes.vip1;
Destination = prefixes.vip1; Gateway = allAssignments.colony.routing.ipv4.address;
Gateway = allAssignments.colony.routing.ipv4.address; }
} {
{ Destination = prefixes.vip3;
Destination = prefixes.vip3; Gateway = allAssignments.colony.routing.ipv4.address;
Gateway = allAssignments.colony.routing.ipv4.address; }
} {
{ Destination = prefixes.darts.v4;
Destination = prefixes.darts.v4; Gateway = allAssignments.colony.routing.ipv4.address;
Gateway = allAssignments.colony.routing.ipv4.address; }
} {
{ Destination = prefixes.cust.v6;
Destination = prefixes.cust.v6; Gateway = allAssignments.colony.internal.ipv6.address;
Gateway = allAssignments.colony.internal.ipv6.address; }
}
{ {
Destination = lib.my.c.tailscale.prefix.v4; Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.colony.routing.ipv4.address; Gateway = allAssignments.colony.routing.ipv4.address;
} }
{ {
Destination = lib.my.c.tailscale.prefix.v6; Destination = lib.my.c.tailscale.prefix.v6;
Gateway = allAssignments.colony.internal.ipv6.address; Gateway = allAssignments.colony.internal.ipv6.address;
} }
{ {
Destination = prefixes.qclk.v4; Destination = prefixes.qclk.v4;
Gateway = allAssignments.colony.routing.ipv4.address; Gateway = allAssignments.colony.routing.ipv4.address;
} }
] ++ ] ++
(map (pName: [ (map (pName: [
{ {
Gateway = allAssignments.colony.routing.ipv4.address; Gateway = allAssignments.colony.routing.ipv4.address;
Destination = prefixes."${pName}".v4; Destination = prefixes."${pName}".v4;
} }
{ {
Destination = prefixes."${pName}".v6; Destination = prefixes."${pName}".v6;
Gateway = allAssignments.colony.internal.ipv6.address; Gateway = allAssignments.colony.internal.ipv6.address;
} }
]) [ "vms" "ctrs" "oci" ]))); ]) [ "vms" "ctrs" "oci" ]));
} }
]; ];
@ -332,7 +329,7 @@ in
{ {
matchConfig.Name = "as211024"; matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false; networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = lib.my.c.home.prefixes.all.v4; Destination = lib.my.c.home.prefixes.all.v4;
Gateway = lib.my.c.home.vips.as211024.v4; Gateway = lib.my.c.home.vips.as211024.v4;
@ -344,10 +341,8 @@ in
matchConfig.Name = "kelder"; matchConfig.Name = "kelder";
routes = [ routes = [
{ {
routeConfig = { Destination = allAssignments.kelder.estuary.ipv4.address;
Destination = allAssignments.kelder.estuary.ipv4.address; Scope = "link";
Scope = "link";
};
} }
]; ];
}; };

4
nixos/boxes/colony/vms/shill/containers-ext.nix
View File

@ -47,10 +47,10 @@ in
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
ipv6PrefixConfig.Prefix = prefixes.jam.v6; Prefix = prefixes.jam.v6;
} }
]; ];
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = prefixes.jam.v4; Destination = prefixes.jam.v4;
Scope = "link"; Scope = "link";

8
nixos/boxes/colony/vms/shill/containers/jackflix/default.nix
View File

@ -94,6 +94,14 @@ in
}; };
}; };
nixpkgs.config.permittedInsecurePackages = [
# FIXME: This is needed for Sonarr
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
services = { services = {
netdata.enable = true; netdata.enable = true;

14
nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix
View File

@ -71,14 +71,12 @@ in
RouteTable = routeTable; RouteTable = routeTable;
}; };
wireguardPeers = [ wireguardPeers = [
# AirVPN NL
{ {
# AirVPN NL Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
wireguardPeerConfig = { PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637"; PresharedKeyFile = config.age.secrets."${pskFile}".path;
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk="; AllowedIPs = [ "0.0.0.0/0" "::/0" ];
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
};
} }
]; ];
}; };
@ -94,7 +92,7 @@ in
matchConfig.Name = "vpn"; matchConfig.Name = "vpn";
address = [ "10.182.97.37/32" "fd7d:76ee:e68f:a993:735d:ef5e:6907:b122/128" ]; address = [ "10.182.97.37/32" "fd7d:76ee:e68f:a993:735d:ef5e:6907:b122/128" ];
dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ]; dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [ routingPolicyRules = [
{ {
Family = "both"; Family = "both";
SuppressPrefixLength = 0; SuppressPrefixLength = 0;

2
nixos/boxes/colony/vms/shill/containers/object.nix
View File

@ -237,7 +237,7 @@ in
harmonia = { harmonia = {
enable = true; enable = true;
signKeyPath = config.age.secrets."nix-cache.key".path; signKeyPaths = [ config.age.secrets."nix-cache.key".path ];
settings = { settings = {
priority = 30; priority = 30;
}; };

4
nixos/boxes/colony/vms/shill/default.nix
View File

@ -140,10 +140,10 @@ in
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
ipv6PrefixConfig.Prefix = prefixes.ctrs.v6; Prefix = prefixes.ctrs.v6;
} }
]; ];
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = lib.my.c.tailscale.prefix.v4; Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.waffletail.internal.ipv4.address; Gateway = allAssignments.waffletail.internal.ipv4.address;

2
nixos/boxes/home/castle/default.nix
View File

@ -36,7 +36,7 @@ in
cpu = { cpu = {
amd.updateMicrocode = true; amd.updateMicrocode = true;
}; };
opengl.extraPackages = with pkgs; [ graphics.extraPackages = with pkgs; [
intel-media-driver intel-media-driver
]; ];
bluetooth.enable = true; bluetooth.enable = true;

4
nixos/boxes/home/routing-common/default.nix
View File

@ -276,7 +276,7 @@ in
{ {
matchConfig.Name = "as211024"; matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false; networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = lib.my.c.colony.prefixes.all.v4; Destination = lib.my.c.colony.prefixes.all.v4;
Gateway = allAssignments.estuary.as211024.ipv4.address; Gateway = allAssignments.estuary.as211024.ipv4.address;
@ -301,7 +301,7 @@ in
{ {
"60-lan-hi" = { "60-lan-hi" = {
routes = map (r: { routeConfig = r; }) [ routes = [
{ {
Destination = elemAt routersPubV4 otherIndex; Destination = elemAt routersPubV4 otherIndex;
Gateway = net.cidr.host (otherIndex + 1) prefixes.hi.v4; Gateway = net.cidr.host (otherIndex + 1) prefixes.hi.v4;

10
nixos/boxes/kelder/containers/acquisition/default.nix
View File

@ -26,7 +26,7 @@ in
config = { config = {
# Hardware acceleration for Jellyfin # Hardware acceleration for Jellyfin
hardware.opengl = { hardware.graphics = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
vaapiIntel vaapiIntel
@ -78,6 +78,14 @@ in
}; };
}; };
nixpkgs.config.permittedInsecurePackages = [
# FIXME: This is needed for Sonarr
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
services = { services = {
transmission = { transmission = {
enable = true; enable = true;

14
nixos/boxes/kelder/containers/acquisition/networking.nix
View File

@ -73,14 +73,12 @@ in
RouteTable = routeTable; RouteTable = routeTable;
}; };
wireguardPeers = [ wireguardPeers = [
# AirVPN IE
{ {
# AirVPN IE Endpoint = "146.70.94.2:1637";
wireguardPeerConfig = { PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
Endpoint = "146.70.94.2:1637"; PresharedKeyFile = config.age.secrets."${pskFile}".path;
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk="; AllowedIPs = [ "0.0.0.0/0" "::/0" ];
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
};
} }
]; ];
}; };
@ -97,7 +95,7 @@ in
matchConfig.Name = "vpn"; matchConfig.Name = "vpn";
address = [ "10.161.170.28/32" "fd7d:76ee:e68f:a993:b12d:6d15:c80a:9516/128" ]; address = [ "10.161.170.28/32" "fd7d:76ee:e68f:a993:b12d:6d15:c80a:9516/128" ];
dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ]; dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [ routingPolicyRules = [
{ {
Family = "both"; Family = "both";
SuppressPrefixLength = 0; SuppressPrefixLength = 0;

17
nixos/boxes/kelder/default.nix
View File

@ -121,8 +121,7 @@ in
samba = { samba = {
enable = true; enable = true;
enableNmbd = true; settings = {
shares = {
storage = { storage = {
path = "/mnt/storage"; path = "/mnt/storage";
browseable = "yes"; browseable = "yes";
@ -131,6 +130,8 @@ in
"directory mask" = "0775"; "directory mask" = "0775";
}; };
}; };
nmbd.enable = true;
}; };
samba-wsdd.enable = true; samba-wsdd.enable = true;
@ -180,12 +181,10 @@ in
}; };
wireguardPeers = [ wireguardPeers = [
{ {
wireguardPeerConfig = { PublicKey = "bP1XUNxp9i8NLOXhgPaIaRzRwi5APbam44/xjvYcyjU=";
PublicKey = "bP1XUNxp9i8NLOXhgPaIaRzRwi5APbam44/xjvYcyjU="; Endpoint = "${allAssignments.estuary.internal.ipv4.address}:${toString lib.my.c.kelder.vpn.port}";
Endpoint = "${allAssignments.estuary.internal.ipv4.address}:${toString lib.my.c.kelder.vpn.port}"; AllowedIPs = [ "0.0.0.0/0" ];
AllowedIPs = [ "0.0.0.0/0" ]; PersistentKeepalive = 25;
PersistentKeepalive = 25;
};
} }
]; ];
}; };
@ -213,7 +212,7 @@ in
address = with assignments.estuary; [ address = with assignments.estuary; [
(with ipv4; "${address}/${toString mask}") (with ipv4; "${address}/${toString mask}")
]; ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [ routingPolicyRules = [
{ {
Family = "both"; Family = "both";
SuppressPrefixLength = 0; SuppressPrefixLength = 0;

9
nixos/modules/common.nix
View File

@ -144,7 +144,10 @@ in
fish.enable = mkDefault true; fish.enable = mkDefault true;
# TODO: This is expecting to look up the channel for the database... # TODO: This is expecting to look up the channel for the database...
command-not-found.enable = mkDefault false; command-not-found.enable = mkDefault false;
vim.defaultEditor = true; vim = {
enable = true;
defaultEditor = true;
};
}; };
services = { services = {
@ -239,9 +242,7 @@ in
} }
(mkIf config.services.kmscon.enable { (mkIf config.services.kmscon.enable {
fonts.fonts = with pkgs; [ fonts.fonts = with pkgs; [
(nerdfonts.override { nerd-fonts.sauce-code-pro
fonts = [ "SourceCodePro" ];
})
]; ];
}) })
]; ];

2
nixos/modules/gui.nix
View File

@ -12,7 +12,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
hardware = { hardware = {
opengl.enable = mkDefault true; graphics.enable = mkDefault true;
}; };
systemd = { systemd = {

6
nixos/modules/l2mesh.nix
View File

@ -44,10 +44,8 @@ let
toString (mesh.baseMTU - overhead); toString (mesh.baseMTU - overhead);
bridgeFDBs = mapAttrsToList (n: peer: { bridgeFDBs = mapAttrsToList (n: peer: {
bridgeFDBConfig = { MACAddress = "00:00:00:00:00:00";
MACAddress = "00:00:00:00:00:00"; Destination = peer.addr;
Destination = peer.addr;
};
}) otherPeers; }) otherPeers;
}; };
}; };

21
nixos/modules/tmproot.nix
View File

@ -147,6 +147,15 @@ in
"/var/lib/systemd" "/var/lib/systemd"
{ directory = "/root/.cache/nix"; mode = "0700"; } { directory = "/root/.cache/nix"; mode = "0700"; }
# Including these unconditionally due to infinite recursion problems...
{
directory = "/etc/lvm/archive";
mode = "0700";
}
{
directory = "/etc/lvm/backup";
mode = "0700";
}
]; ];
files = [ files = [
"/etc/machine-id" "/etc/machine-id"
@ -260,18 +269,6 @@ in
my.tmproot.persistence.config.files = my.tmproot.persistence.config.files =
concatMap (k: [ k.path "${k.path}.pub" ]) config.services.openssh.hostKeys; concatMap (k: [ k.path "${k.path}.pub" ]) config.services.openssh.hostKeys;
}) })
(mkIf config.services.lvm.enable {
my.tmproot.persistence.config.directories = [
{
directory = "/etc/lvm/archive";
mode = "0700";
}
{
directory = "/etc/lvm/backup";
mode = "0700";
}
];
})
(mkIf (config.security.acme.certs != { }) { (mkIf (config.security.acme.certs != { }) {
my.tmproot.persistence.config.directories = [ my.tmproot.persistence.config.directories = [
{ {