From 642dad3afa2536c9c42e7e96a10da5e815f6f2bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Mon, 1 Dec 2025 16:22:00 +0800 Subject: [PATCH 1/6] update(treewide): Update to NixOS 25.11 --- configuration/hardware-specific/vm.nix | 8 +++++ configuration/nginx/ssl.nix | 34 +++++++++---------- configuration/services/foundryvtt.nix | 2 +- configuration/services/nextcloud.nix | 4 +-- configuration/services/ntfy-sh/default.nix | 1 - configuration/services/starbound.nix | 2 +- configuration/services/webserver.nix | 2 +- flake.lock | 32 +++++------------ flake.nix | 8 ++--- modules/crowdsec/default.nix | 2 +- .../remediations/cs-firewall-bouncer.nix | 2 +- pkgs/default.nix | 7 ++-- 12 files changed, 44 insertions(+), 60 deletions(-) diff --git a/configuration/hardware-specific/vm.nix b/configuration/hardware-specific/vm.nix index aa360aa..70c1b58 100644 --- a/configuration/hardware-specific/vm.nix +++ b/configuration/hardware-specific/vm.nix @@ -43,6 +43,14 @@ source = ../../keys/hosts/staging.key; }; + # Pretend the acme renew succeeds. + # + # TODO(tlater): Set up pebble to retrieve certs "properly" + # instead + systemd.services."acme-order-renew-tlater.net".script = '' + touch out/acme-success + ''; + virtualisation.vmVariant = { virtualisation = { memorySize = 3941; diff --git a/configuration/nginx/ssl.nix b/configuration/nginx/ssl.nix index 56bfa78..f3fac13 100644 --- a/configuration/nginx/ssl.nix +++ b/configuration/nginx/ssl.nix @@ -51,20 +51,9 @@ paths = [ "/var/lib/acme/tlater.net" ]; }; - systemd.services = { - nginx.serviceConfig.SupplementaryGroups = [ config.security.acme.certs."tlater.net".group ]; - - # Don't attempt to retrieve a certificate if the domain name - # doesn't *actually* match the cert name - # - # TODO(tlater): Set up pebble to retrieve certs "properly" - # instead - "acme-tlater.net".serviceConfig.ExecCondition = - let - confirm = ''[[ "tlater.net" = "${config.services.nginx.domain}" ]]''; - in - ''${pkgs.runtimeShell} -c '${confirm}' ''; - }; + systemd.services.nginx.serviceConfig.SupplementaryGroups = [ + config.security.acme.certs."tlater.net".group + ]; sops.secrets = { "porkbun/api-key".owner = "acme"; @@ -85,10 +74,18 @@ security.acme.certs."tlater.net".extraDomainNames = [ config.services.nginx.domain ]; - services.nginx = { - domain = "testHost"; + # Pretend the acme renew succeeds. + # + # TODO(tlater): Set up pebble to retrieve certs "properly" + # instead + systemd.services."acme-order-renew-tlater.net".script = '' + touch out/acme-success + ''; - virtualHosts."${config.services.nginx.domain}" = { + services.nginx = { + domain = "testHost.test"; + + virtualHosts."${config.services.nginx.domain}.local" = { useACMEHost = "tlater.net"; onlySSL = true; enableHSTS = true; @@ -109,6 +106,7 @@ { pkgs, ... }: { environment.systemPackages = [ pkgs.curl ]; + networking.hosts."192.168.1.2" = [ "testHost.test" ]; }; }; @@ -125,7 +123,7 @@ "--silent", "--dump-header -", "--cacert /certs/tlater.net/fullchain.pem", - "https://testHost", + "https://testHost.test", "-o /dev/null" ])) diff --git a/configuration/services/foundryvtt.nix b/configuration/services/foundryvtt.nix index 5c8a21f..d7b9d02 100644 --- a/configuration/services/foundryvtt.nix +++ b/configuration/services/foundryvtt.nix @@ -23,7 +23,7 @@ in minifyStaticFiles = true; proxySSL = true; proxyPort = 443; - package = flake-inputs.foundryvtt.packages.${pkgs.system}.foundryvtt_13; + package = flake-inputs.foundryvtt.packages.${pkgs.stdenv.hostPlatform.system}.foundryvtt_13; }; nginx.virtualHosts."${domain}" = diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix index 77cfa4c..30f79ed 100644 --- a/configuration/services/nextcloud.nix +++ b/configuration/services/nextcloud.nix @@ -5,7 +5,7 @@ ... }: let - nextcloud = pkgs.nextcloud31; + nextcloud = pkgs.nextcloud32; hostName = "nextcloud.${config.services.nginx.domain}"; in { @@ -104,7 +104,7 @@ in }; # Ensure that this service doesn't start before postgres is ready - systemd.services.nextcloud-setup.after = [ "postgresql.service" ]; + systemd.services.nextcloud-setup.after = [ "postgresql.target" ]; sops.secrets."nextcloud/tlater" = { owner = "nextcloud"; diff --git a/configuration/services/ntfy-sh/default.nix b/configuration/services/ntfy-sh/default.nix index aacec91..39ace90 100644 --- a/configuration/services/ntfy-sh/default.nix +++ b/configuration/services/ntfy-sh/default.nix @@ -17,7 +17,6 @@ in services.ntfy-sh = { enable = true; - package = flake-inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.ntfy-sh; environmentFile = config.sops.secrets."ntfy/users".path; diff --git a/configuration/services/starbound.nix b/configuration/services/starbound.nix index 6b97471..888fc3e 100644 --- a/configuration/services/starbound.nix +++ b/configuration/services/starbound.nix @@ -19,7 +19,7 @@ in serviceConfig = { ExecStart = "${ - flake-inputs.self.packages.${pkgs.system}.starbound + flake-inputs.self.packages.${pkgs.stdenv.hostPlatform.system}.starbound }/bin/launch-starbound ${./configs/starbound.json}"; Type = "simple"; diff --git a/configuration/services/webserver.nix b/configuration/services/webserver.nix index e8daeaf..ffe7480 100644 --- a/configuration/services/webserver.nix +++ b/configuration/services/webserver.nix @@ -20,7 +20,7 @@ in after = [ "network.target" ]; script = '' - ${lib.getExe flake-inputs.self.packages.${pkgs.system}.webserver} + ${lib.getExe flake-inputs.self.packages.${pkgs.stdenv.hostPlatform.system}.webserver} ''; environment = { diff --git a/flake.lock b/flake.lock index 3c65247..9ca0388 100644 --- a/flake.lock +++ b/flake.lock @@ -255,28 +255,15 @@ }, "nixpkgs": { "locked": { - "lastModified": 1763509821, - "narHash": "sha256-ibZr0ONEUA1W2WAdTzgm9/6jBE+tM20j1YW2FK4RZ/k=", - "rev": "659aa6fa27619d04de231b4cc0c938905dfa01e9", + "lastModified": 1764522689, + "narHash": "sha256-GzkEBSHGkj8EyOxnxQvl9sx0x2S7JzH0hwCziF176T8=", + "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f", "type": "tarball", - "url": "https://releases.nixos.org/nixos/25.05-small/nixos-25.05.812929.659aa6fa2761/nixexprs.tar.xz?lastModified=1763509821&rev=659aa6fa27619d04de231b4cc0c938905dfa01e9" + "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.650.8bb5646e0bed/nixexprs.tar.xz?lastModified=1764522689&rev=8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f" }, "original": { "type": "tarball", - "url": "https://channels.nixos.org/nixos-25.05-small/nixexprs.tar.xz" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1763835633, - "narHash": "sha256-nzRnw0UkYQpDm0o20AKvG/5oHCXy5qEGOsFAVhB5NmA=", - "rev": "050e09e091117c3d7328c7b2b7b577492c43c134", - "type": "tarball", - "url": "https://releases.nixos.org/nixos/unstable/nixos-25.11pre900642.050e09e09111/nixexprs.tar.xz?lastModified=1763835633&rev=050e09e091117c3d7328c7b2b7b577492c43c134" - }, - "original": { - "type": "tarball", - "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" + "url": "https://channels.nixos.org/nixos-25.11/nixexprs.tar.xz" } }, "pre-commit-hooks": { @@ -325,7 +312,6 @@ "flint": "flint", "foundryvtt": "foundryvtt", "nixpkgs": "nixpkgs", - "nixpkgs-unstable": "nixpkgs-unstable", "sonnenshift": "sonnenshift", "sops-nix": "sops-nix" } @@ -338,11 +324,11 @@ ] }, "locked": { - "lastModified": 1763619077, - "narHash": "sha256-dlfamaoIzFEgwgtzPJuw5Tl5SqjbWcV8CsbP2hVBeuI=", + "lastModified": 1764578400, + "narHash": "sha256-8V0SpIcYyjpP+nAHfYJDof7CofLTwVVDo5QLZ0epjOQ=", "ref": "refs/heads/main", - "rev": "64a2c8a3743ea6897ecac6692fba8aebc3389fca", - "revCount": 26, + "rev": "bf17617899692c9c2bfebfce87320a4174e6dc28", + "revCount": 27, "type": "git", "url": "ssh://git@github.com/sonnenshift/battery-manager" }, diff --git a/flake.nix b/flake.nix index 951eef5..10b52ec 100644 --- a/flake.nix +++ b/flake.nix @@ -2,8 +2,7 @@ description = "tlater.net host configuration"; inputs = { - nixpkgs.url = "https://channels.nixos.org/nixos-25.05-small/nixexprs.tar.xz"; - nixpkgs-unstable.url = "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz"; + nixpkgs.url = "https://channels.nixos.org/nixos-25.11/nixexprs.tar.xz"; ## Nix/OS utilities @@ -138,10 +137,7 @@ packages.${system} = { default = vm.config.system.build.vm; } - // import ./pkgs { - pkgs = nixpkgs.legacyPackages.${system}; - flake-inputs = inputs; - }; + // import ./pkgs { pkgs = nixpkgs.legacyPackages.${system}; }; ################### # Utility scripts # diff --git a/modules/crowdsec/default.nix b/modules/crowdsec/default.nix index 44e6bc5..9cb26f9 100644 --- a/modules/crowdsec/default.nix +++ b/modules/crowdsec/default.nix @@ -271,7 +271,7 @@ in # To add completions; sadly need to hand-roll this since # neither `symlinkJoin` nor `buildEnv` have collision # handling. - (pkgs.runCommandNoCCLocal "cscli" { } '' + (pkgs.runCommandLocal "cscli" { } '' mkdir -p $out ln -s ${cscli}/bin $out/bin ln -s ${cfg.package}/share $out/share diff --git a/modules/crowdsec/remediations/cs-firewall-bouncer.nix b/modules/crowdsec/remediations/cs-firewall-bouncer.nix index 42accc6..bdc6da8 100644 --- a/modules/crowdsec/remediations/cs-firewall-bouncer.nix +++ b/modules/crowdsec/remediations/cs-firewall-bouncer.nix @@ -6,7 +6,7 @@ ... }: let - inherit (flake-inputs.self.packages.${pkgs.system}) crowdsec-firewall-bouncer; + inherit (flake-inputs.self.packages.${pkgs.stdenv.hostPlatform.system}) crowdsec-firewall-bouncer; crowdsecCfg = config.security.crowdsec; cfg = crowdsecCfg.remediationComponents.firewallBouncer; diff --git a/pkgs/default.nix b/pkgs/default.nix index 1ce8cd2..31335a6 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,8 +1,5 @@ -{ pkgs, flake-inputs }: -let - inherit (flake-inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}) ast-grep; -in +{ pkgs }: pkgs.lib.packagesFromDirectoryRecursive { - callPackage = pkgs.lib.callPackageWith (pkgs // { inherit ast-grep; }); + inherit (pkgs) callPackage; directory = ./packages; } From 4b9da36a2502fc383684809ec9d5aceec746c24f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Sun, 30 Nov 2025 15:53:28 +0800 Subject: [PATCH 2/6] feat(grafana): Use ntfy for alerts instead of matrix-hookshot --- configuration/services/conduit/default.nix | 5 +- .../services/conduit/matrix-hookshot.nix | 172 ------------------ configuration/services/metrics/grafana.nix | 13 ++ .../services/metrics/victoriametrics.nix | 4 - keys/production.yaml | 7 +- keys/staging.yaml | 7 +- 6 files changed, 18 insertions(+), 190 deletions(-) delete mode 100644 configuration/services/conduit/matrix-hookshot.nix diff --git a/configuration/services/conduit/default.nix b/configuration/services/conduit/default.nix index b6f8f27..a4c91d3 100644 --- a/configuration/services/conduit/default.nix +++ b/configuration/services/conduit/default.nix @@ -12,10 +12,7 @@ let turn-realm = "turn.${config.services.nginx.domain}"; in { - imports = [ - ./heisenbridge.nix - ./matrix-hookshot.nix - ]; + imports = [ ./heisenbridge.nix ]; networking.firewall = { allowedTCPPorts = [ diff --git a/configuration/services/conduit/matrix-hookshot.nix b/configuration/services/conduit/matrix-hookshot.nix deleted file mode 100644 index c1fec82..0000000 --- a/configuration/services/conduit/matrix-hookshot.nix +++ /dev/null @@ -1,172 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: -let - matrixLib = pkgs.callPackage ./lib.nix { }; - - cfg = config.services.matrix-hookshot; - conduitCfg = config.services.matrix-conduit; - - domain = conduitCfg.settings.global.server_name; - - registration = matrixLib.writeRegistrationScript { - id = "matrix-hookshot"; - url = "http://127.0.0.1:9993"; - sender_localpart = "hookshot"; - - namespaces = { - aliases = [ ]; - rooms = [ ]; - users = [ - { - regex = "@${cfg.settings.generic.userIdPrefix}.*:${domain}"; - exclusive = true; - } - ]; - }; - - # Encryption support - # TODO(tlater): Enable when - # https://github.com/matrix-org/matrix-hookshot/issues/1060 is - # fixed - # extraSettings = { - # "de.sorunome.msc2409.push_ephemeral" = true; - # push_ephemeral = true; - # "org.matrix.msc3202" = true; - # }; - - runtimeRegistration = "${cfg.registrationFile}"; - }; -in -{ - # users = { - # users.matrix-hookshot = { - # home = "/run/matrix-hookshot"; - # group = "matrix-hookshot"; - # isSystemUser = true; - # }; - - # groups.matrix-hookshot = { }; - # }; - - systemd.services.matrix-hookshot = { - serviceConfig = { - Type = lib.mkForce "exec"; - - LoadCredential = "matrix-hookshot:/run/secrets/matrix-hookshot"; - inherit (registration) ExecStartPre; - - # Some library in matrix-hookshot wants a home directory - Environment = [ "HOME=/run/matrix-hookshot" ]; - - # User = "matrix-hookshot"; - DynamicUser = true; - StateDirectory = "matrix-hookshot"; - RuntimeDirectory = "matrix-hookshot"; - RuntimeDirectoryMode = "0700"; - - RestrictNamespaces = true; - PrivateUsers = true; - ProtectHostname = true; - ProtectClock = true; - ProtectKernelTunables = true; - ProtectKernelModules = true; - ProtectKernelLogs = true; - ProtectControlGroups = true; - RestrictAddressFamilies = [ - # "AF_UNIX" - "AF_INET" - "AF_INET6" - ]; - LockPersonality = true; - RestrictRealtime = true; - ProtectProc = "invisible"; - ProcSubset = "pid"; - UMask = 77; - }; - }; - - # services.redis.servers.matrix-hookshot = { - # enable = true; - # user = "matrix-hookshot"; - # }; - - services.matrix-hookshot = { - enable = true; - - serviceDependencies = [ "conduit.service" ]; - - registrationFile = "/run/matrix-hookshot/registration.yaml"; - - settings = { - bridge = { - inherit domain; - url = "http://localhost:${toString conduitCfg.settings.global.port}"; - mediaUrl = conduitCfg.settings.global.well_known.client; - port = 9993; - bindAddress = "127.0.0.1"; - }; - - bot.displayname = "Hookshot"; - - # cache.redisUri = "redis://${config.services.redis.servers.matrix-hookshot.unixSocket}"; - - generic = { - enabled = true; - outbound = false; - # Only allow webhooks from localhost for the moment - urlPrefix = "http://127.0.0.1:9000/webhook"; - userIdPrefix = "_webhooks_"; - allowJsTransformationFunctions = true; - }; - - # TODO(tlater): Enable when - # https://github.com/matrix-org/matrix-hookshot/issues/1060 is - # fixed - # encryption.storagePath = "/var/lib/matrix-hookshot/cryptostore"; - - permissions = [ - { - actor = "matrix.tlater.net"; - services = [ - { - service = "*"; - level = "notifications"; - } - ]; - } - { - actor = "@tlater:matrix.tlater.net"; - services = [ - { - service = "*"; - level = "admin"; - } - ]; - } - ]; - - listeners = [ - { - port = 9000; - resources = [ "webhooks" ]; - } - { - port = 9001; - resources = [ "metrics" ]; - } - ]; - - metrics.enabled = true; - }; - }; - - sops.secrets = { - # Accessed via systemd cred through /run/secrets/matrix-hookshot - "matrix-hookshot/as-token" = { }; - "matrix-hookshot/hs-token" = { }; - }; -} diff --git a/configuration/services/metrics/grafana.nix b/configuration/services/metrics/grafana.nix index 765a364..078f27c 100644 --- a/configuration/services/metrics/grafana.nix +++ b/configuration/services/metrics/grafana.nix @@ -57,6 +57,19 @@ in access = "proxy"; } ]; + + alerting.contactPoints.settings.contactPoints = [ + { + name = "ntfy"; + receivers = [ + { + uid = "ntfy"; + type = "webhook"; + settings.url = "http://${config.services.ntfy-sh.settings.listen-http}/local-alerts?template=grafana"; + } + ]; + } + ]; }; }; diff --git a/configuration/services/metrics/victoriametrics.nix b/configuration/services/metrics/victoriametrics.nix index 96e09e5..71741b5 100644 --- a/configuration/services/metrics/victoriametrics.nix +++ b/configuration/services/metrics/victoriametrics.nix @@ -89,10 +89,6 @@ in "127.0.0.1:8082" ]; - # Configured in the hookshot listeners, but it's hard to filter - # the correct values out of that config. - matrixHookshot.targets = [ "127.0.0.1:9001" ]; - victorialogs.targets = [ config.services.victorialogs.bindAddress ]; }; }; diff --git a/keys/production.yaml b/keys/production.yaml index ccbee64..6a60c40 100644 --- a/keys/production.yaml +++ b/keys/production.yaml @@ -20,9 +20,6 @@ steam: heisenbridge: as-token: ENC[AES256_GCM,data:+2yo6T18j34622H8ZWblAFB2phLw1q0k0vUQEZ5sFj7dQaRnkEiAMi0R3p17Zq0pOtGEC0RRZuPLYkcZ1oKP0w==,iv:lGwrQYp//FufpmJocrLIVyy9RK7lEEVcpAi0wmkjr34=,tag:yV06UbhAYJQz36O2XdhY+A==,type:str] hs-token: ENC[AES256_GCM,data:u52WpkQFd/J7JFoE/rfNluebyZQLOokvkVdL7+AEAvrhJhrkJli1ztkD79lbC+6tGUH4tT3T+nX9wvGKnrRUQg==,iv:as+9fVuvMg2IoE2WIKD9mHi+znhNcWRh5Zq+yr0xcDQ=,tag:mZ7fh7U0MfgI8hyq/28Bcg==,type:str] -matrix-hookshot: - as-token: ENC[AES256_GCM,data:nXTanPhDyDF7R3AllLqpM5dzljBrHwlh1KJnTGIi5PhbDY2lPj4+uXkMEwvm1u+hQjPyM7vKZPfK+0/dms6Y7A==,iv:fSakJN+yai0gfOJKFxxaxgyUtk0pNmIeqVgrdq92/24=,tag:Qc7+SUnm5/Nq5+QIScR9kQ==,type:str] - hs-token: ENC[AES256_GCM,data:Bwyj0JTTN0NNnwOs1zA8CqbtZSNcvlINeT7QVc2eJiHda92J6vQk7bSxy6KuqCN9DxlUsK13ggYjNORY2vic5w==,iv:Npnp8arYQ3Yb6CXrnKgE03hD7ZjGINPa/DwFI8D+5tA=,tag:FqNE6yI0nF4puEUw9MGAjQ==,type:str] wireguard: server-key: ENC[AES256_GCM,data:mXb7ZznJHf5CgV8rI4uzPBATMRbmd7LimgtCkQM9kAjbIaGwUBqJZBN3fXs=,iv:3Po1Orinzov9rnEm9cLzgJY1PeD+5Jl9115MriABHh8=,tag:E/2CjDO1JCvJzxCnqKcNyw==,type:str] restic: @@ -32,8 +29,8 @@ turn: env: ENC[AES256_GCM,data:kt5nhVo9pb/ZbPUEcqSYXxN9YMgQKnFb5VRfFFS/qoIaJ73uD2fuJKqcxAyVRrdLqnSAWSQBgTgunBzdP7xqLAK2qt8DYAQWHkIe9uxFbSXZpdmw,iv:9lq6SFwTFN4GGm6gPiJpUMasMdnHVF6XLGYrsyG3kjU=,tag:428Qf9DOiiHt/Wjb188b8g==,type:str] secret: ENC[AES256_GCM,data:si7ee6Xfhdgdyzbp6aQpF7pz3TmTBb7iQ82lRPVXNDg9JfHI+lbmgAsSnRLX5qMCA6P9R045sSMosqidL8QwRg==,iv:SrhpZKK8D45yxCEfDb9P3TwtA14+qEI+wcRqcN/a6pw=,tag:PiwV+mOL9xHJgJft6sc61g==,type:str] sops: - lastmodified: "2025-11-29T14:52:24Z" - mac: ENC[AES256_GCM,data:RC18s48jxRFQMtbmu74P7G4uhm2yHk9TB0wN7z4g8SNE3nfkYMvHAJqPr3A3dO+T33zkTFcSRm7fhWItUahTCW3fO10u6kDvWbnyjlSuAy86Tkz2iqeW4iSOzKswDptAgb/B+juAHhEMxDnkG5vpPlIcD0SVP89NlflXftogOqw=,iv:2vN2TJvzePzBJfUeBxvGXwGmRsB5sopqyWm9uUv/rzA=,tag:C6UOWrUxVsRMFncL1y1eTQ==,type:str] + lastmodified: "2025-12-01T11:39:17Z" + mac: ENC[AES256_GCM,data:TwhGOW/V9/IoBifzh1MSwy/ff7ONTnxEmwERD8Yl2E27WG/6dTVz0/nIlZ8KsEKLC6vB2m+sJT+14Q9KCj4Cn/bWV1PmhytktGPxLQpgF55+pZlSK1aLUPLq0hwE93b4MAeOvzoOXtCQguh1dsB2RkinabFoMeZ2xJ7Kc+jHlfA=,iv:Ri8aEA4tssGDv2UuKeza8vs94IovM9GARLIEapb9Ya0=,tag:MDgAffj7ndmMwpw7mBXNRg==,type:str] pgp: - created_at: "2025-10-03T21:38:48Z" enc: |- diff --git a/keys/staging.yaml b/keys/staging.yaml index 20ee3db..b5c8533 100644 --- a/keys/staging.yaml +++ b/keys/staging.yaml @@ -21,9 +21,6 @@ steam: heisenbridge: as-token: ENC[AES256_GCM,data:tXbOeo7nv8I=,iv:wJAKcOXX9nGIw4n38ThOoj29u7dUWhsxSQG/p79JlEw=,tag:rTVaGS2UuWcea1uBa8YX2g==,type:str] hs-token: ENC[AES256_GCM,data:VBwvwomv0Xg=,iv:q6INtJ+rg+QiXj8uBdBzQYQZUBBXp+9odxDHwvu8Jxc=,tag:XKhm8nxygAkKaiVPJ2Fcdg==,type:str] -matrix-hookshot: - as-token: ENC[AES256_GCM,data:uSUOo4f2KqA=,iv:Xb9G8Ecv6m59m51kDw2bOfq3SMJt4g9/6/EdH74R+KM=,tag:K9MSfO2c2Y4rlf0eYrmTnw==,type:str] - hs-token: ENC[AES256_GCM,data:0KsyA06InL4=,iv:zAR0Y1fk8SyodcSLBHlQ8I+BAmttz9Hkd8Q3OREFqs4=,tag:t1Et8N/3seq95DeGoUd7Sw==,type:str] wireguard: server-key: ENC[AES256_GCM,data:FvY897XdKoa/mckE8JQLCkklsnYD6Wz1wpsu5t3uhEnW3iarnDQxF9msuYU=,iv:jqGXfekM+Vs+J9b5nlZ5Skd1ZKHajoUo2Dc4tMYPm1w=,tag:EehikjI/FCU8wqtpvJRamQ==,type:str] restic: @@ -33,8 +30,8 @@ turn: env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str] secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str] sops: - lastmodified: "2025-11-29T11:54:33Z" - mac: ENC[AES256_GCM,data:SaTvwxfARVou/ZjrWfdC8J6je8l89Zuumdz7PkmY2Tl2CQVxZmEt4AyV4bWiCtWhJmfH1Qa8m4Q+DyqimjapgYT5cUB1yxlknp233bB/+5C5k3KozU2hmh80KYgR496FtQvI74p0qw/lw00CGCR3WHNcIc0dbTiDzC90HlOpafg=,iv:vxMCAjpgyWvxk18LalmFhwOb5b2ThCDq1KTaX2OPvpM=,tag:QMA+tC4hs/FBnuVDye38Vg==,type:str] + lastmodified: "2025-12-01T11:39:26Z" + mac: ENC[AES256_GCM,data:11VQAYk8Am0k8OO6BtU17qpuEhcJ8ylRhJWQNHVAsmi5BCFjD1zU3NkWhtSstPrBcqHMenG+9XuEzpNnbccHI2ru0qlILsQvNj5OKo96FnvYtzApYlApoAzOetCx08Lfxa4RGLN/XCUSuccjBIU2PZRWEK+z+Cm1wHUFeqc1xPc=,iv:6y9j55Cld+GoOVGWAqsEgURRna6dHA2mGZwHVA+ZOE8=,tag:bSZi3nYmYrn3nFT2+RBPUQ==,type:str] pgp: - created_at: "2025-10-03T21:38:26Z" enc: |- From 4d773ef9e23e65c36899d35dc5fb82c0e3e534fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Mon, 1 Dec 2025 20:06:01 +0800 Subject: [PATCH 3/6] feat(immich): Migrate to vectorchord --- configuration/services/immich.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configuration/services/immich.nix b/configuration/services/immich.nix index 39673d0..1255490 100644 --- a/configuration/services/immich.nix +++ b/configuration/services/immich.nix @@ -18,6 +18,9 @@ in enable = true; settings.server.externalDomain = "https://${hostName}"; + # We're using vectorchord now + database.enableVectors = false; + environment.IMMICH_TELEMETRY_INCLUDE = "all"; }; From 35c74ed36980f7f5becd78a6395680795c574276 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Mon, 1 Dec 2025 20:08:07 +0800 Subject: [PATCH 4/6] bump(flake.lock): Update other inputs --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 9ca0388..d5305b0 100644 --- a/flake.lock +++ b/flake.lock @@ -123,11 +123,11 @@ ] }, "locked": { - "lastModified": 1762276996, - "narHash": "sha256-TtcPgPmp2f0FAnc+DMEw4ardEgv1SGNR3/WFGH0N19M=", + "lastModified": 1764350888, + "narHash": "sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo=", "owner": "nix-community", "repo": "disko", - "rev": "af087d076d3860760b3323f6b583f4d828c1ac17", + "rev": "2055a08fd0e2fd41318279a5355eb8a161accf26", "type": "github" }, "original": { @@ -201,11 +201,11 @@ ] }, "locked": { - "lastModified": 1761916399, - "narHash": "sha256-wLZ8km5ftKlIDdHJrFiDQivXc5b+7DRxmBp2347H5g8=", + "lastModified": 1764578815, + "narHash": "sha256-WZ8+pH/cLjv3geonV3VFwtfa8IuTkPHb60a1ACQpOmc=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "8cceb7af3dfbe465b5108db5c098b097edf85790", + "rev": "1b875fb942c4ef926fd7aade7db327be363f7179", "type": "github" }, "original": { @@ -344,11 +344,11 @@ ] }, "locked": { - "lastModified": 1763607916, - "narHash": "sha256-VefBA1JWRXM929mBAFohFUtQJLUnEwZ2vmYUNkFnSjE=", + "lastModified": 1764483358, + "narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=", "owner": "Mic92", "repo": "sops-nix", - "rev": "877bb495a6f8faf0d89fc10bd142c4b7ed2bcc0b", + "rev": "5aca6ff67264321d47856a2ed183729271107c9c", "type": "github" }, "original": { From 0539da6ac3bec49b3c4cafaa3b02f8c37cd7dd1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Sun, 14 Dec 2025 03:11:04 +0800 Subject: [PATCH 5/6] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'disko': 'github:nix-community/disko/2055a08fd0e2fd41318279a5355eb8a161accf26?narHash=sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo%3D' (2025-11-28) → 'github:nix-community/disko/d64e5cdca35b5fad7c504f615357a7afe6d9c49e?narHash=sha256-fTLX9kDwLr9Y0rH/nG%2Bh1XG5UU%2BjBcy0PFYn5eneRX8%3D' (2025-12-10) • Updated input 'nixpkgs': 'https://releases.nixos.org/nixos/25.11/nixos-25.11.650.8bb5646e0bed/nixexprs.tar.xz?lastModified=1764522689&narHash=sha256-GzkEBSHGkj8EyOxnxQvl9sx0x2S7JzH0hwCziF176T8%3D&rev=8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f' (2025-11-30) → 'https://releases.nixos.org/nixos/25.11/nixos-25.11.1335.09eb77e94fa2/nixexprs.tar.xz?narHash=sha256-3bKCEc1JWOn8aj48H1yHKU6WDw0eSU2t7cKCL3FC%2BLo%3D' (2025-12-09) • Updated input 'sops-nix': 'github:Mic92/sops-nix/5aca6ff67264321d47856a2ed183729271107c9c?narHash=sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4%3D' (2025-11-30) → 'github:Mic92/sops-nix/496a6f625f63b780ce849891868f2fad22fd49c6?narHash=sha256-Ii16Nq5jL2wURXpV3D3tOM3vPpbKh18roHLkyZCHK4Q%3D' (2025-12-12) --- flake.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/flake.lock b/flake.lock index d5305b0..9394ffb 100644 --- a/flake.lock +++ b/flake.lock @@ -123,11 +123,11 @@ ] }, "locked": { - "lastModified": 1764350888, - "narHash": "sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo=", + "lastModified": 1765326679, + "narHash": "sha256-fTLX9kDwLr9Y0rH/nG+h1XG5UU+jBcy0PFYn5eneRX8=", "owner": "nix-community", "repo": "disko", - "rev": "2055a08fd0e2fd41318279a5355eb8a161accf26", + "rev": "d64e5cdca35b5fad7c504f615357a7afe6d9c49e", "type": "github" }, "original": { @@ -255,11 +255,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1764522689, - "narHash": "sha256-GzkEBSHGkj8EyOxnxQvl9sx0x2S7JzH0hwCziF176T8=", - "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f", + "lastModified": 1765311797, + "narHash": "sha256-3bKCEc1JWOn8aj48H1yHKU6WDw0eSU2t7cKCL3FC+Lo=", + "rev": "09eb77e94fa25202af8f3e81ddc7353d9970ac1b", "type": "tarball", - "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.650.8bb5646e0bed/nixexprs.tar.xz?lastModified=1764522689&rev=8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f" + "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.1335.09eb77e94fa2/nixexprs.tar.xz" }, "original": { "type": "tarball", @@ -344,11 +344,11 @@ ] }, "locked": { - "lastModified": 1764483358, - "narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=", + "lastModified": 1765553226, + "narHash": "sha256-Ii16Nq5jL2wURXpV3D3tOM3vPpbKh18roHLkyZCHK4Q=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5aca6ff67264321d47856a2ed183729271107c9c", + "rev": "496a6f625f63b780ce849891868f2fad22fd49c6", "type": "github" }, "original": { From d8c52f4f1b311832ca0efd3422f76bbb6a2b05a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Sun, 14 Dec 2025 03:15:25 +0800 Subject: [PATCH 6/6] update(pkgs): Update sources of all downstream packages --- pkgs/packages/crowdsec-hub.nix | 4 +- pkgs/packages/webserver/Cargo.lock | 241 ++++++++++++++++++---------- pkgs/packages/webserver/package.nix | 1 + pkgs/update.nu | 2 +- 4 files changed, 159 insertions(+), 89 deletions(-) diff --git a/pkgs/packages/crowdsec-hub.nix b/pkgs/packages/crowdsec-hub.nix index 3d0ad28..1a3a7b7 100644 --- a/pkgs/packages/crowdsec-hub.nix +++ b/pkgs/packages/crowdsec-hub.nix @@ -14,8 +14,8 @@ stdenvNoCC.mkDerivation (drv: { src = fetchFromGitHub { owner = "crowdsecurity"; repo = "hub"; - rev = "b63d9e925cfdd70f818a6a136ea53d5c8ca96d9a"; - hash = "sha256-FMArGnR/pI/QlzsznStp8vzs/LbXooVgLdoTw+eSbec="; + rev = "a7b7e3791525943a746068dee1e77da928db2707"; + hash = "sha256-dNUwTdCPqc7kB3uFTMCWwrQ9a+mPNmBget6NPff+jsY="; }; installPhase = '' diff --git a/pkgs/packages/webserver/Cargo.lock b/pkgs/packages/webserver/Cargo.lock index a6db6ec..c9c3ef5 100644 --- a/pkgs/packages/webserver/Cargo.lock +++ b/pkgs/packages/webserver/Cargo.lock @@ -40,6 +40,12 @@ dependencies = [ "pin-project-lite", ] +[[package]] +name = "async-once-cell" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4288f83726785267c6f2ef073a3d83dc3f9b81464e9f99898240cced85fce35a" + [[package]] name = "async-trait" version = "0.1.89" @@ -164,6 +170,12 @@ dependencies = [ "syn", ] +[[package]] +name = "base16" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d27c3610c36aee21ce8ac510e6224498de4228ad772a171ed65643a24693a5a8" + [[package]] name = "base64" version = "0.22.1" @@ -211,9 +223,9 @@ checksum = "276a59bf2b2c967788139340c9f0c5b12d7fd6630315c15c217e559de85d2609" [[package]] name = "cc" -version = "1.2.47" +version = "1.2.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd405d82c84ff7f35739f175f67d8b9fb7687a0e84ccdc78bd3568839827cf07" +checksum = "90583009037521a116abf44494efecd645ba48b6622457080f080b85544e2215" dependencies = [ "find-msvc-tools", "shlex", @@ -233,9 +245,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" [[package]] name = "codee" -version = "0.3.4" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30b61b7a19443f478176473b0c35acf7f9f7e2752c781dea55820343826f366c" +checksum = "a9dbbdc4b4d349732bc6690de10a9de952bd39ba6a065c586e26600b6b0b91f5" dependencies = [ "serde", "serde_json", @@ -768,12 +780,11 @@ dependencies = [ [[package]] name = "http" -version = "1.3.1" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4a85d31aea989eead29a3aaf9e1115a180df8282431156e533de47660892565" +checksum = "e3ba2a386d7f85a81f119ad7498ebe444d2e22c2af0b86b069416ace48b3311a" dependencies = [ "bytes", - "fnv", "itoa", ] @@ -892,9 +903,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.18" +version = "0.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52e9a2a24dc5c6821e71a7030e1e14b7b632acac55c40e9d2e082c621261bb56" +checksum = "727805d60e7938b76b826a6ef209eb70eaa1812794f9424d4a4e2d740662df5f" dependencies = [ "base64", "bytes", @@ -964,9 +975,9 @@ checksum = "7aedcccd01fc5fe81e6b489c15b247b8b0690feb23304303a9e560f37efc560a" [[package]] name = "icu_properties" -version = "2.1.1" +version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e93fcd3157766c0c8da2f8cff6ce651a31f0810eaa1c51ec363ef790bbb5fb99" +checksum = "020bfc02fe870ec3a66d93e677ccca0562506e5872c650f893269e08615d74ec" dependencies = [ "icu_collections", "icu_locale_core", @@ -978,9 +989,9 @@ dependencies = [ [[package]] name = "icu_properties_data" -version = "2.1.1" +version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02845b3647bb045f1100ecd6480ff52f34c35f82d9880e029d329c21d1054899" +checksum = "616c294cf8d725c6afcd8f55abc17c56464ef6211f9ed59cccffe534129c77af" [[package]] name = "icu_provider" @@ -1092,9 +1103,9 @@ dependencies = [ [[package]] name = "leptos" -version = "0.8.3" +version = "0.8.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c202a7897aa73c90ac4ce73713512d871f75e79847558d9e88f778659b164dc" +checksum = "87c98f6d751e524ff425ad9d63d53e120ed68311ffbc22bbd9c0b3c4005a421e" dependencies = [ "any_spawner", "base64", @@ -1117,23 +1128,26 @@ dependencies = [ "rustc_version", "send_wrapper", "serde", + "serde_json", "serde_qs", "server_fn", "slotmap", "tachys", "thiserror 2.0.17", "throw_error", - "typed-builder", - "typed-builder-macro", + "typed-builder 0.22.0", + "typed-builder-macro 0.22.0", "wasm-bindgen", + "wasm-bindgen-futures", + "wasm_split_helpers", "web-sys", ] [[package]] name = "leptos_axum" -version = "0.8.3" +version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a84872a7df15ec047f8b27b27e35354752a8cc62ab8b789e3dc9d4ed5613bcea" +checksum = "f0caa95760f87f3067e05025140becefdbdfd36cbc2adac4519f06e1f1edf4af" dependencies = [ "any_spawner", "axum", @@ -1155,22 +1169,22 @@ dependencies = [ [[package]] name = "leptos_config" -version = "0.8.3" +version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74eec2103dfa808f4b13c149dfbd3842f13a5948489fda3de31cc565fb28dbec" +checksum = "071fc40aeb9fcab885965bad1887990477253ad51f926cd19068f45a44c59e89" dependencies = [ "config", "regex", "serde", "thiserror 2.0.17", - "typed-builder", + "typed-builder 0.21.2", ] [[package]] name = "leptos_dom" -version = "0.8.3" +version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25b845379c33884f0dead9abb5aa3d258d7bd507789fc2527a5972f82c0757c7" +checksum = "78f4330c88694c5575e0bfe4eecf81b045d14e76a4f8b00d5fd2a63f8779f895" dependencies = [ "js-sys", "or_poisoned", @@ -1183,9 +1197,9 @@ dependencies = [ [[package]] name = "leptos_hot_reload" -version = "0.8.3" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fae732329192df886803f076515d73c883166a4c8cbc5532584d0d1e43539300" +checksum = "0d61ec3e1ff8aaee8c5151688550c0363f85bc37845450764c31ff7584a33f38" dependencies = [ "anyhow", "camino", @@ -1201,9 +1215,9 @@ dependencies = [ [[package]] name = "leptos_integration_utils" -version = "0.8.3" +version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51059fee81537ba299323e2b58c9d721f66fd8a2d42df710a020efbdfb8efae2" +checksum = "13cccc9305df53757bae61bf15641bfa6a667b5f78456ace4879dfe0591ae0e8" dependencies = [ "futures", "hydration_context", @@ -1216,9 +1230,9 @@ dependencies = [ [[package]] name = "leptos_macro" -version = "0.8.3" +version = "0.8.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e32ae8783d4b64838167e026ef773dbc53399e9e6658e9c2f65e0ce67a5ccec" +checksum = "9d199fafe14b7925fd392764fdd851215909604955acfda7c0263b8722d57c23" dependencies = [ "attribute-derive", "cfg-if", @@ -1239,9 +1253,9 @@ dependencies = [ [[package]] name = "leptos_meta" -version = "0.8.3" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef0521aeb2e73cbae8e6278287da485020b971e0b2cd471c5de5eb8cbcaa8802" +checksum = "2d489e38d3f541e9e43ecc2e3a815527840345a2afca629b3e23fcc1dd254578" dependencies = [ "futures", "indexmap", @@ -1254,9 +1268,9 @@ dependencies = [ [[package]] name = "leptos_router" -version = "0.8.3" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1b6df1b107c301bd39c114768a1196a8dfcbdae869364b3f0247e3f554b503a" +checksum = "19b824cae28db1551b71f8c2a45eab7bb98d61407f5adcc368cfe7b671e4a71d" dependencies = [ "any_spawner", "either_of", @@ -1279,9 +1293,9 @@ dependencies = [ [[package]] name = "leptos_router_macro" -version = "0.8.3" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d35d4bb7922e74546fac3e852b0f3252e9996e04fca12c359aba1e5958cfda8" +checksum = "409c0bd99f986c3cfa1a4db2443c835bc602ded1a12784e22ecb28c3ed5a2ae2" dependencies = [ "proc-macro-error2", "proc-macro2", @@ -1291,9 +1305,9 @@ dependencies = [ [[package]] name = "leptos_server" -version = "0.8.3" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26851048e161998b8f9fb3261a833ec64df2a2669ea95f360c54b7f47a1e07cb" +checksum = "dbf1045af93050bf3388d1c138426393fc131f6d9e46a65519da884c033ed730" dependencies = [ "any_spawner", "base64", @@ -1311,9 +1325,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.177" +version = "0.2.178" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2874a2af47a2325c2001a6e6fad9b16a53b802102b528163885171cf92b15976" +checksum = "37c93d8daa9d8a012fd8ab92f088405fb202ea0b6ab73ee2482ae66af4f42091" [[package]] name = "linear-map" @@ -1344,9 +1358,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.28" +version = "0.4.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432" +checksum = "5e5032e24019045c762d3c0f28f5b6b8bbf38563a65908389bf7978758920897" [[package]] name = "lru-slab" @@ -1379,9 +1393,9 @@ dependencies = [ [[package]] name = "markdown_view_leptos" -version = "0.1.3" +version = "0.1.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f75ce57ac1fcfcb0e31a39dd92f2c7f529c9840670b47d2516b4c037fd00689" +checksum = "b66d6cf3687d19bf331413559d3d159bb1c95d72beb71b982cd61009380c79a5" dependencies = [ "proc-macro2", "pulldown-cmark", @@ -1420,9 +1434,9 @@ dependencies = [ [[package]] name = "mio" -version = "1.1.0" +version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69d83b0086dc8ecf3ce9ae2874b2d1290252e2a30720bea58a5c6639b0092873" +checksum = "a69bcab0ad47271a0234d9422b131806bf3968021e5dc9328caf2d4cd58557fc" dependencies = [ "libc", "wasi", @@ -1481,12 +1495,12 @@ dependencies = [ [[package]] name = "oco_ref" -version = "0.2.0" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64b94982fe39a861561cf67ff17a7849f2cedadbbad960a797634032b7abb998" +checksum = "ed0423ff9973dea4d6bd075934fdda86ebb8c05bdf9d6b0507067d4a1226371d" dependencies = [ "serde", - "thiserror 1.0.69", + "thiserror 2.0.17", ] [[package]] @@ -1877,16 +1891,18 @@ dependencies = [ [[package]] name = "reactive_graph" -version = "0.2.3" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c79f7561c7c246e2c2feab3b0b63502b213e589d7768032bbfc5ea7b267140b9" +checksum = "4043190442021086719fb9183daacb050f44d4ed8d3a1c8534e366d45dd95c29" dependencies = [ "any_spawner", "async-lock", "futures", "guardian", "hydration_context", + "indexmap", "or_poisoned", + "paste", "pin-project-lite", "rustc-hash", "rustc_version", @@ -1899,9 +1915,9 @@ dependencies = [ [[package]] name = "reactive_stores" -version = "0.2.3" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9edd67f166cfec4ffc6abf271bada268c13dac0b0318f4c6a76a877490d0617a" +checksum = "25b73d94139821e0a2f31fb4e0eaf6ebbcf4d15c5e2fb353dc3babd4f6d35674" dependencies = [ "dashmap", "guardian", @@ -1916,9 +1932,9 @@ dependencies = [ [[package]] name = "reactive_stores_macro" -version = "0.2.3" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2418b703f385f35481737d8f2ccd9ae3de850dd778bce09817f30338f3cb5ca2" +checksum = "4fa40919eb2975100283b2a70e68eafce1e8bcf81f0622ff168e4c2b3f8d46bb" dependencies = [ "convert_case 0.8.0", "proc-macro-error2", @@ -1967,9 +1983,9 @@ checksum = "7a2d987857b319362043e95f5353c0535c1f58eec5336fdfcf626430af7def58" [[package]] name = "reqwest" -version = "0.12.24" +version = "0.12.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d0946410b9f7b082a427e4ef5c8ff541a88b357bc6c637c40db3a68ac70a36f" +checksum = "b6eff9328d40131d43bd911d42d79eb6a47312002a4daefc9e37f17e74a7701a" dependencies = [ "base64", "bytes", @@ -2084,9 +2100,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.13.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94182ad936a0c91c324cd46c6511b9510ed16af436d7b5bab34beab0afd55f7a" +checksum = "708c0f9d5f54ba0272468c1d306a52c495b31fa155e91bc25371e6df7996908c" dependencies = [ "web-time", "zeroize", @@ -2274,9 +2290,9 @@ dependencies = [ [[package]] name = "server_fn" -version = "0.8.3" +version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c27fbd25ecc066481e383e2ed62ab2480e708aa3fe46cba36e95f58e61dfd04" +checksum = "fdc30228718f62d80a376964baf990edbcb5e97688fdc71183a8ef3d44cb6c89" dependencies = [ "axum", "base64", @@ -2348,6 +2364,17 @@ dependencies = [ "digest", ] +[[package]] +name = "sha2" +version = "0.10.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + [[package]] name = "shlex" version = "1.3.0" @@ -2362,9 +2389,9 @@ checksum = "7a2ae44ef20feb57a68b23d846850f861394c2e02dc425a50098ae8c90267589" [[package]] name = "slotmap" -version = "1.0.7" +version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbff4acf519f630b3a3ddcfaea6c06b42174d9a44bc70c620e9ed1649d58b82a" +checksum = "bdd58c3c93c3d278ca835519292445cb4b0d4dc59ccfdf7ceadaab3f8aeb4038" dependencies = [ "version_check", ] @@ -2405,9 +2432,9 @@ checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292" [[package]] name = "syn" -version = "2.0.110" +version = "2.0.111" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a99801b5bd34ede4cf3fc688c5919368fea4e4814a4664359503e6015b280aea" +checksum = "390cc9a294ab71bdb1aa2e99d13be9c753cd2d7bd6560c77118597410c4d2e87" dependencies = [ "proc-macro2", "quote", @@ -2469,9 +2496,9 @@ dependencies = [ [[package]] name = "tachys" -version = "0.2.4" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d706b2ab0fa7e14b878d638faee3dafed08a2ab9ff7f116ad2445cce04bfaaa" +checksum = "f2b2db11e455f7e84e2cc3e76f8a3f3843f7956096265d5ecff781eabe235077" dependencies = [ "any_spawner", "async-trait", @@ -2556,9 +2583,9 @@ dependencies = [ [[package]] name = "throw_error" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41e42a6afdde94f3e656fae18f837cb9bbe500a5ac5de325b09f3ec05b9c28e3" +checksum = "dc0ed6038fcbc0795aca7c92963ddda636573b956679204e044492d2b13c8f64" dependencies = [ "pin-project-lite", ] @@ -2770,9 +2797,9 @@ dependencies = [ [[package]] name = "tower-http" -version = "0.6.6" +version = "0.6.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2" +checksum = "d4e6559d53cc268e5031cd8429d05415bc4cb4aefc4aa5d6cc35fbf5b924a1f8" dependencies = [ "bitflags", "bytes", @@ -2810,9 +2837,9 @@ checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3" [[package]] name = "tracing" -version = "0.1.41" +version = "0.1.43" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "784e0ac535deb450455cbfa28a6f0df145ea1bb7ae51b821cf5e7927fdcfbdd0" +checksum = "2d15d90a0b5c19378952d479dc858407149d7bb45a14de0142f6c534b16fc647" dependencies = [ "log", "pin-project-lite", @@ -2821,9 +2848,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.34" +version = "0.1.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9d12581f227e93f094d3af2ae690a574abb8a2b9b7a96e7cfe9647b2b617678" +checksum = "7a04e24fab5c89c6a36eb8558c9656f30d81de51dfa4d3b45f26b21d61fa0a6c" dependencies = [ "once_cell", ] @@ -2857,7 +2884,16 @@ version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fef81aec2ca29576f9f6ae8755108640d0a86dd3161b2e8bca6cfa554e98f77d" dependencies = [ - "typed-builder-macro", + "typed-builder-macro 0.21.2", +] + +[[package]] +name = "typed-builder" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "398a3a3c918c96de527dc11e6e846cd549d4508030b8a33e1da12789c856b81a" +dependencies = [ + "typed-builder-macro 0.22.0", ] [[package]] @@ -2871,6 +2907,17 @@ dependencies = [ "syn", ] +[[package]] +name = "typed-builder-macro" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e48cea23f68d1f78eb7bc092881b6bb88d3d6b5b7e6234f6f9c911da1ffb221" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "typenum" version = "1.19.0" @@ -2936,9 +2983,9 @@ checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" [[package]] name = "utf8-width" -version = "0.1.7" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86bd8d4e895da8537e5315b8254664e6b769c4ff3db18321b297a1e7004392e3" +checksum = "1292c0d970b54115d14f2492fe0170adf21d68a1de108eebc51c1df4f346a091" [[package]] name = "utf8_iter" @@ -2948,9 +2995,9 @@ checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be" [[package]] name = "uuid" -version = "1.18.1" +version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f87b8aa10b915a06587d0dec516c282ff295b475d94abf425d62b57710070a2" +checksum = "e2e054861b4bd027cd373e18e8d8d8e6548085000e41290d95ce0c373a654b4a" dependencies = [ "getrandom 0.3.4", "js-sys", @@ -3087,6 +3134,28 @@ dependencies = [ "web-sys", ] +[[package]] +name = "wasm_split_helpers" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a114b3073258dd5de3d812cdd048cca6842342755e828a14dbf15f843f2d1b84" +dependencies = [ + "async-once-cell", + "wasm_split_macros", +] + +[[package]] +name = "wasm_split_macros" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56481f8ed1a9f9ae97ea7b08a5e2b12e8adf9a7818a6ba952b918e09c7be8bf0" +dependencies = [ + "base16", + "quote", + "sha2", + "syn", +] + [[package]] name = "web-sys" version = "0.3.77" @@ -3318,9 +3387,9 @@ checksum = "d6bbff5f0aada427a1e5a6da5f1f98158182f26556f345ac9e04d36d0ebed650" [[package]] name = "winnow" -version = "0.7.13" +version = "0.7.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21a0236b59786fed61e2a80582dd500fe61f18b5dca67a4a067d0bc9039339cf" +checksum = "5a5364e9d77fcdeeaa6062ced926ee3381faa2ee02d3eb83a5c27a8825540829" dependencies = [ "memchr", ] @@ -3374,18 +3443,18 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.8.28" +version = "0.8.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43fa6694ed34d6e57407afbccdeecfa268c470a7d2a5b0cf49ce9fcc345afb90" +checksum = "fd74ec98b9250adb3ca554bdde269adf631549f51d8a8f8f0a10b50f1cb298c3" dependencies = [ "zerocopy-derive", ] [[package]] name = "zerocopy-derive" -version = "0.8.28" +version = "0.8.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c640b22cd9817fae95be82f0d2f90b11f7605f6c319d16705c459b27ac2cbc26" +checksum = "d8a8d209fdf45cf5138cbb5a506f6b52522a25afccc534d1475dad8e31105c6a" dependencies = [ "proc-macro2", "quote", diff --git a/pkgs/packages/webserver/package.nix b/pkgs/packages/webserver/package.nix index 00ebf58..111dc38 100644 --- a/pkgs/packages/webserver/package.nix +++ b/pkgs/packages/webserver/package.nix @@ -288,6 +288,7 @@ rustPlatform.buildRustPackage (drv: { (lib.makeBinPath [ ast-grep nix-prefetch-github + cargo ]) ]; } ./update.nu; diff --git a/pkgs/update.nu b/pkgs/update.nu index 0ed1bc1..7ae7d26 100644 --- a/pkgs/update.nu +++ b/pkgs/update.nu @@ -5,7 +5,7 @@ let packages_with_updatescript = ( | from json | $in.packages.x86_64-linux | columns - | filter {|p| nix eval $'.#($p)' --apply 'builtins.hasAttr "updateScript"' | $in == 'true' } + | where {|p| nix eval $'.#($p)' --apply 'builtins.hasAttr "updateScript"' | $in == 'true' } ) for $package in $packages_with_updatescript {