diff --git a/flake.lock b/flake.lock index 94e7f98..081fcf2 100644 --- a/flake.lock +++ b/flake.lock @@ -19,16 +19,16 @@ "brew-src": { "flake": false, "locked": { - "lastModified": 1745912035, - "narHash": "sha256-qwLrR5iOcQMlwS0yrkcd0NRQvrmAXPOaiL6vxxzyIVA=", + "lastModified": 1749511373, + "narHash": "sha256-7u1TdHQaUCzzgf/n8T3bQosuYXyNBEPU/3WQQqozE5o=", "owner": "Homebrew", "repo": "brew", - "rev": "3332d3331b56e0aff675d3816d8ebfe564075299", + "rev": "7b4ef99fed96966269ee35994407fa4c06097a4d", "type": "github" }, "original": { "owner": "Homebrew", - "ref": "4.5.0", + "ref": "4.5.6", "repo": "brew", "type": "github" } @@ -76,11 +76,11 @@ ] }, "locked": { - "lastModified": 1746411114, - "narHash": "sha256-mLlkVX1kKbAa/Ns5u26wDYw4YW4ziMFM21fhtRmfirU=", + "lastModified": 1749436314, + "narHash": "sha256-CqmqU5FRg5AadtIkxwu8ulDSOSoIisUMZRLlcED3Q5w=", "owner": "nix-community", "repo": "disko", - "rev": "b5d1320ebc2f34dbea4655f95167f55e2130cdb3", + "rev": "dfa4d1b9c39c0342ef133795127a3af14598017a", "type": "github" }, "original": { @@ -146,11 +146,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -183,16 +183,16 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1748034743, - "narHash": "sha256-pmxteQRUD2AROIRHqnOgTFpQn43UWk26QZxAUl1I5BQ=", + "lastModified": 1749247631, + "narHash": "sha256-KACEmiHBzH18p2mGp2QfKUoiEQy5pKTGllABMklsRr4=", "owner": "flox", "repo": "flox", - "rev": "0330f8a272dae1e08dfe9f7178c282fe0ba1b8bd", + "rev": "7b4bb3d5a23f5fe1fc68a4da504b9c467c7a0e09", "type": "github" }, "original": { "owner": "flox", - "ref": "v1.4.3", + "ref": "v1.4.4", "repo": "flox", "type": "github" } @@ -213,6 +213,32 @@ "type": "github" } }, + "git-hooks": { + "inputs": { + "flake-compat": [ + "simple-nixos-mailserver", + "flake-compat" + ], + "gitignore": "gitignore_2", + "nixpkgs": [ + "simple-nixos-mailserver", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "gitignore": { "inputs": { "nixpkgs": [ @@ -235,6 +261,28 @@ "type": "github" } }, + "gitignore_2": { + "inputs": { + "nixpkgs": [ + "simple-nixos-mailserver", + "git-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -242,16 +290,16 @@ ] }, "locked": { - "lastModified": 1747688870, - "narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=", + "lastModified": 1749154018, + "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "owner": "nix-community", "repo": "home-manager", - "rev": "d5f1f641b289553927b3801580598d200a501863", + "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -263,27 +311,27 @@ ] }, "locked": { - "lastModified": 1743127615, - "narHash": "sha256-+sMGqywrSr50BGMLMeY789mSrzjkoxZiu61eWjYS/8o=", + "lastModified": 1749622275, + "narHash": "sha256-9zwRWpVHlOLDbSngSCfppuogfHKnZ1N4j18WU5WzFBc=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "fc843893cecc1838a59713ee3e50e9e7edc6207c", + "rev": "294d18da177b1e454104af7cd3c7002e34293209", "type": "github" }, "original": { "owner": "lnl7", - "ref": "nix-darwin-24.11", + "ref": "nix-darwin-25.05", "repo": "nix-darwin", "type": "github" } }, "nix-flatpak": { "locked": { - "lastModified": 1744659587, - "narHash": "sha256-xJnbmRVte13akgn+Prg06IaRHJ5OX3uVltwsCP/mxoc=", + "lastModified": 1749394952, + "narHash": "sha256-WbWkzIvB0gqAdBLghdmUpGveY7MlAS2iMj3VEJnJ9yE=", "owner": "gmodena", "repo": "nix-flatpak", - "rev": "928d868a9141b48f152d3b2b00c433e688d4b106", + "rev": "64c6e53a3999957c19ab95cda78bde466d8374cc", "type": "github" }, "original": { @@ -294,20 +342,14 @@ }, "nix-homebrew": { "inputs": { - "brew-src": "brew-src", - "nix-darwin": [ - "nix-darwin" - ], - "nixpkgs": [ - "nixpkgs" - ] + "brew-src": "brew-src" }, "locked": { - "lastModified": 1746464788, - "narHash": "sha256-57lVFGLEGoKXQVSaQQQC+DFDYagUIG4rtEbc4S1nvH8=", + "lastModified": 1749519004, + "narHash": "sha256-alxmYUeHT/rKYKuHuOHDazQqCIYdbEsaEpc1uMGosfM=", "owner": "zhaofengli-wip", "repo": "nix-homebrew", - "rev": "20e4702906fb0a8de16902621689cafef445a35d", + "rev": "e048b6646bc275341e0a854fa06168cec4c33962", "type": "github" }, "original": { @@ -367,11 +409,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1746529785, - "narHash": "sha256-gfBL3G+hepeQzg+vtLF0nd9DB4IggfDuCYUGJaO1Jp0=", + "lastModified": 1749597956, + "narHash": "sha256-fnQeXowOTEct5iZZ5oUKqsBQfdvdyaEtSAz1sFhO40I=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "3779328f563511c7e163d3206142dc409eab1988", + "rev": "8fb23a149c209046b8ad16874826756235e73fdd", "type": "github" }, "original": { @@ -382,11 +424,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1746468201, - "narHash": "sha256-hSOSlrvMJwGr8hX/gc0mnhUf5UIClMDUAadfXlSXzfc=", + "lastModified": 1749195551, + "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "6aabf68429c0a414221d1790945babfb6a0bd068", + "rev": "4602f7e1d3f197b3cb540d5accf5669121629628", "type": "github" }, "original": { @@ -454,11 +496,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1745255241, - "narHash": "sha256-IPCL863A3Ry7adhpcXhvGl7csPVbzTtq45xktfj0+gg=", + "lastModified": 1747930217, + "narHash": "sha256-aryIB9783YDo6i+5bY71/OXbc4fHEF2+94zRLx1PzAs=", "owner": "stackbuilders", "repo": "nixpkgs-terraform", - "rev": "0d1a5910763ed3ff9db91fc9c6e237df0f79de5a", + "rev": "c24e91407cb7297a8291f054007a520d8c008c5b", "type": "github" }, "original": { @@ -469,11 +511,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1749523198, - "narHash": "sha256-How2kQw0psKmCdXgojc95Sf3K5maHB3qfINxTZFCAPM=", + "lastModified": 1749558678, + "narHash": "sha256-DUVAe8E2X2QM0dAnTGlTiqemMqUMMyIeCH7UeNo0g64=", "owner": "nixos", "repo": "nixpkgs", - "rev": "cdc68935eba9f86d155585fdf6f17af6824f38ac", + "rev": "a12f3a99614894502e73eb816e9e076b0ab05730", "type": "github" }, "original": { @@ -485,16 +527,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1749173751, - "narHash": "sha256-ENY3y3v6S9ZmLDDLI3LUT8MXmfXg/fSt2eA4GCnMVCE=", + "lastModified": 1749494155, + "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ed29f002b6d6e5e7e32590deb065c34a31dc3e91", + "rev": "88331c17ba434359491e8d5889cce872464052c2", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } @@ -588,11 +630,11 @@ ] }, "locked": { - "lastModified": 1746498961, - "narHash": "sha256-rp+oh/N88JKHu7ySPuGiA3lBUVIsrOtHbN2eWJdYCgk=", + "lastModified": 1749523120, + "narHash": "sha256-lEhEK8qE8xto2Wnj4f7R+VRSg7M6tgTTkJVTZ2QxXOI=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "24b00064cdd1d7ba25200c4a8565dc455dc732ba", + "rev": "d0727dbab79c5a28289f3c03e4fac7d5b95bafb3", "type": "github" }, "original": { @@ -605,24 +647,25 @@ "inputs": { "blobs": "blobs", "flake-compat": "flake-compat_3", + "git-hooks": "git-hooks", "nixpkgs": [ "nixpkgs" ], - "nixpkgs-24_11": [ + "nixpkgs-25_05": [ "nixpkgs" ] }, "locked": { - "lastModified": 1746469806, - "narHash": "sha256-kL3cc25sc0x+6gBZYjuE4566RT1E3XLQs4V8sl7D+VE=", + "lastModified": 1747965231, + "narHash": "sha256-BW3ktviEhfCN/z3+kEyzpDKAI8qFTwO7+S0NVA0C90o=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "14857a0309d7bbdf7c51bbfa309d0d13448ae77e", + "rev": "53007af63fade28853408370c4c600a63dd97f41", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixos-mailserver", "type": "gitlab" } @@ -634,11 +677,11 @@ ] }, "locked": { - "lastModified": 1746485181, - "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", + "lastModified": 1749592509, + "narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=", "owner": "mic92", "repo": "sops-nix", - "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", + "rev": "50754dfaa0e24e313c626900d44ef431f3210138", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 819fc1c..88988b6 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { # Where we get most of our software. Giant mono repo with recipes # called derivations that say how to build software. - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; compose2nix = { @@ -18,7 +18,7 @@ }; flox = { - url = "github:flox/flox/v1.4.3"; + url = "github:flox/flox/v1.4.4"; }; # My oh-my-posh theme @@ -29,13 +29,13 @@ # Manages things in home directory home-manager = { - url = "github:nix-community/home-manager/release-24.11"; + url = "github:nix-community/home-manager/release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; # Controls system level software and settings including fonts on macOS nix-darwin = { - url = "github:lnl7/nix-darwin/nix-darwin-24.11"; + url = "github:lnl7/nix-darwin/nix-darwin-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -45,8 +45,6 @@ # Manage Homebrew itself nix-homebrew = { url = "github:zhaofengli-wip/nix-homebrew"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.nix-darwin.follows = "nix-darwin"; }; nixos-cosmic = { @@ -64,8 +62,8 @@ }; simple-nixos-mailserver = { - url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.11"; - inputs.nixpkgs-24_11.follows = "nixpkgs"; + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05"; + inputs.nixpkgs-25_05.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/modules/hosts/common/default.nix b/modules/hosts/common/default.nix index 6671d2d..25ec28f 100644 --- a/modules/hosts/common/default.nix +++ b/modules/hosts/common/default.nix @@ -261,7 +261,7 @@ in { autosuggestion.enable = true; history.save = 1000000; history.size = 1000000; - initExtra = '' + initContent = '' [ -f ~/.private-env ] && source ~/.private-env || echo '~/.private-env is missing' [ -f ~/.gitconfig-local ] || echo '~/.gitconfig-local is missing. Create it and set user.email' diff --git a/modules/hosts/darwin/default.nix b/modules/hosts/darwin/default.nix index e66703c..e57fa95 100644 --- a/modules/hosts/darwin/default.nix +++ b/modules/hosts/darwin/default.nix @@ -1,4 +1,6 @@ { pkgs, hostname, username, ... }: { + system.primaryUser = username; + environment = { shells = with pkgs; [ bash zsh ]; pathsToLink = [ @@ -125,8 +127,6 @@ zsh.enable = true; }; - services.nix-daemon.enable = true; - users.users.${username} = { home = "/Users/${username}"; shell = pkgs.zsh; diff --git a/modules/hosts/darwin/home.nix b/modules/hosts/darwin/home.nix index fecd38b..f7d831d 100644 --- a/modules/hosts/darwin/home.nix +++ b/modules/hosts/darwin/home.nix @@ -1,7 +1,7 @@ { username, ... }: { # dawrwin-specific shell config programs.zsh = { - initExtra = '' + initContent = '' function otpon() { osascript -e 'tell application "yubiswitch" to KeyOn' } @@ -17,8 +17,8 @@ oh-my-zsh.plugins = [ "macos" ]; shellAliases = { currentwifi = "networksetup -getairportnetwork en0 |cut -d ':' -f2- | cut -d ' ' -f2-"; - nixdiff = "brew outdated && brew outdated --cask && mas outdated && cd ~/repos/dots && darwin-rebuild build --flake . && nvd diff /run/current-system result"; - nixup = "darwin-rebuild switch --flake ~/repos/dots"; + nixdiff = "brew outdated && brew outdated --cask && mas outdated && cd ~/repos/dots && sudo darwin-rebuild build --flake . && nvd diff /run/current-system result"; + nixup = "sudo darwin-rebuild switch --flake ~/repos/dots"; uwgconnect = "networksetup -setairportnetwork en0 SecureWest"; uwgforget = "networksetup -removepreferredwirelessnetwork en0 SecureWest"; ykey = "pkill -9 gpg-agent && source ~/.zshrc; ssh-add -L"; diff --git a/modules/hosts/darwin/mightymac/default.nix b/modules/hosts/darwin/mightymac/default.nix index 556d57e..2313b46 100644 --- a/modules/hosts/darwin/mightymac/default.nix +++ b/modules/hosts/darwin/mightymac/default.nix @@ -77,4 +77,6 @@ "Xcode" = 497799835; }; }; + + security.pam.services.sudo_local.enable = false; } diff --git a/modules/hosts/nixos/bigboy/default.nix b/modules/hosts/nixos/bigboy/default.nix index 02ae2d2..ffe2aeb 100644 --- a/modules/hosts/nixos/bigboy/default.nix +++ b/modules/hosts/nixos/bigboy/default.nix @@ -43,7 +43,6 @@ zoom-us ]; - hardware.pulseaudio.enable = false; networking.networkmanager.enable = true; @@ -82,6 +81,7 @@ pulse.enable = true; }; printing.enable = true; # Enable CUPS + pulseaudio.enable = false; smartd.enable = true; xserver = { enable = true; diff --git a/modules/hosts/nixos/default.nix b/modules/hosts/nixos/default.nix index 3ce89b9..88ad973 100644 --- a/modules/hosts/nixos/default.nix +++ b/modules/hosts/nixos/default.nix @@ -29,12 +29,9 @@ fonts.fontDir.enable = true; fonts.packages = with pkgs; [ font-awesome - (nerdfonts.override { - fonts = [ - "Hack" - "SourceCodePro" - ]; - }) + nerd-fonts.hack + # Pulled from https://github.com/NixOS/nixpkgs/blob/nixos-25.05/pkgs/data/fonts/nerd-fonts/manifests/fonts.json + nerd-fonts.sauce-code-pro ]; networking.hostName = "${hostname}"; diff --git a/modules/hosts/nixos/hetznix01/post-install/default.nix b/modules/hosts/nixos/hetznix01/post-install/default.nix index 0164d74..54cabb2 100644 --- a/modules/hosts/nixos/hetznix01/post-install/default.nix +++ b/modules/hosts/nixos/hetznix01/post-install/default.nix @@ -112,16 +112,6 @@ in { }; plausible = { enable = true; - adminUser = { - # activate is used to skip the email verification of the admin-user that's - # automatically created by plausible. This is only supported if - # postgresql is configured by the module. This is done by default, but - # can be turned off with services.plausible.database.postgres.setup. - activate = true; - email = "${username}@technicalissues.us"; - name = username; - passwordFile = config.sops.secrets.plausible_admin_pass.path; - }; database = { clickhouse.setup = true; postgres.setup = true; diff --git a/modules/hosts/nixos/nixnuc/default.nix b/modules/hosts/nixos/nixnuc/default.nix index 13e91e7..d672f52 100644 --- a/modules/hosts/nixos/nixnuc/default.nix +++ b/modules/hosts/nixos/nixnuc/default.nix @@ -128,7 +128,6 @@ in { ]; # Enable sound with pipewire. - hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; @@ -136,6 +135,7 @@ in { alsa.support32Bit = true; pulse.enable = true; }; + services.pulseaudio.enable = false; programs.mtr.enable = true; diff --git a/modules/hosts/nixos/rainbow-planet/default.nix b/modules/hosts/nixos/rainbow-planet/default.nix index ac2179d..c97b3a5 100644 --- a/modules/hosts/nixos/rainbow-planet/default.nix +++ b/modules/hosts/nixos/rainbow-planet/default.nix @@ -47,7 +47,7 @@ mumble networkmanager-openvpn pavucontrol - polkit-kde-agent + kdePackages.polkit-kde-agent-1 #ulauncher podman-compose podman-tui # status of containers in the terminal @@ -140,7 +140,6 @@ }; # Enable sound with pipewire. - hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; @@ -149,6 +148,7 @@ pulse.enable = true; wireplumber.enable = true; }; + services.pulseaudio.enable = false; sops = { age.keyFile = "${config.users.users.${username}.home}/.config/sops/age/keys.txt";