diff --git a/configuration/hardware-specific/hetzner/disko.nix b/configuration/hardware-specific/hetzner/disko.nix index 7e1acd7..cc15471 100644 --- a/configuration/hardware-specific/hetzner/disko.nix +++ b/configuration/hardware-specific/hetzner/disko.nix @@ -80,17 +80,6 @@ inherit mountOptions; mountpoint = "/var"; }; - "/volume/var/lib/private/matrix-conduit" = { - mountOptions = [ - # Explicitly don't compress here, since - # conduwuit's database does compression by - # itself, and relies on being able to read the - # raw file data from disk (which is impossible - # if btrfs compresses it) - "noatime" - ]; - mountpoint = "/var/lib/private/matrix-conduit"; - }; "/volume/nix-store" = { inherit mountOptions; mountpoint = "/nix"; diff --git a/configuration/nginx.nix b/configuration/nginx.nix index 3ec3bd9..0b72cc1 100644 --- a/configuration/nginx.nix +++ b/configuration/nginx.nix @@ -53,7 +53,7 @@ "*.tlater.com" ]; dnsProvider = "porkbun"; - group = "ssl-cert"; + group = "nginx"; credentialFiles = { PORKBUN_API_KEY_FILE = config.sops.secrets."porkbun/api-key".path; PORKBUN_SECRET_API_KEY_FILE = config.sops.secrets."porkbun/secret-api-key".path; @@ -61,12 +61,6 @@ }; }; - users.groups.ssl-cert = { }; - - systemd.services.nginx.serviceConfig.SupplementaryGroups = [ - config.security.acme.certs."tlater.net".group - ]; - services.backups.acme = { user = "acme"; paths = lib.mapAttrsToList ( diff --git a/configuration/services/battery-manager.nix b/configuration/services/battery-manager.nix index 9da7e32..a16cca1 100644 --- a/configuration/services/battery-manager.nix +++ b/configuration/services/battery-manager.nix @@ -4,13 +4,9 @@ services.batteryManager = { enable = true; + battery = "3ca39300-c523-4315-b9a3-d030f85a9373"; emailFile = "${config.sops.secrets."battery-manager/email".path}"; passwordFile = "${config.sops.secrets."battery-manager/password".path}"; - - settings = { - battery_id = "3ca39300-c523-4315-b9a3-d030f85a9373"; - log_level = "DEBUG"; - }; }; } diff --git a/configuration/services/conduit/default.nix b/configuration/services/conduit/default.nix index 5a2b8ac..c3803f4 100644 --- a/configuration/services/conduit/default.nix +++ b/configuration/services/conduit/default.nix @@ -1,6 +1,4 @@ { - pkgs, - flake-inputs, config, lib, ... @@ -20,12 +18,10 @@ in services.matrix-conduit = { enable = true; - package = flake-inputs.conduwuit.packages.${pkgs.system}.default; settings.global = { address = "127.0.0.1"; server_name = domain; - new_user_displayname_suffix = "🦆"; - allow_check_for_updates = true; + database_backend = "rocksdb"; # Set up delegation: https://docs.conduit.rs/delegation.html#automatic-recommended # This is primarily to make sliding sync work @@ -48,18 +44,11 @@ in }; }; - systemd.services.conduit.serviceConfig = { - ExecStart = lib.mkForce "${config.services.matrix-conduit.package}/bin/conduwuit"; - # Pass in the TURN secret via EnvironmentFile, not supported by - # upstream module currently. - # - # See also https://gitlab.com/famedly/conduit/-/issues/314 - EnvironmentFile = config.sops.secrets."turn/env".path; - }; - - systemd.services.coturn.serviceConfig.SupplementaryGroups = [ - config.security.acme.certs."tlater.net".group - ]; + # Pass in the TURN secret via EnvironmentFile, not supported by + # upstream module currently. + # + # See also https://gitlab.com/famedly/conduit/-/issues/314 + systemd.services.conduit.serviceConfig.EnvironmentFile = config.sops.secrets."turn/env".path; services.coturn = { enable = true; @@ -70,8 +59,11 @@ in relay-ips = [ "116.202.158.55" ]; # SSL config - pkey = "${config.security.acme.certs."tlater.net".directory}/key.pem"; - cert = "${config.security.acme.certs."tlater.net".directory}/fullchain.pem"; + # + # TODO(tlater): Switch to letsencrypt once google fix: + # https://github.com/vector-im/element-android/issues/1533 + pkey = config.sops.secrets."turn/ssl-key".path; + cert = config.sops.secrets."turn/ssl-cert".path; # Based on suggestions from # https://github.com/matrix-org/synapse/blob/develop/docs/turn-howto.md diff --git a/configuration/services/conduit/matrix-hookshot.nix b/configuration/services/conduit/matrix-hookshot.nix index c1f16dc..6f11728 100644 --- a/configuration/services/conduit/matrix-hookshot.nix +++ b/configuration/services/conduit/matrix-hookshot.nix @@ -138,7 +138,7 @@ in } ]; - metrics.enabled = true; + metrics.enable = true; }; }; } diff --git a/configuration/services/metrics/default.nix b/configuration/services/metrics/default.nix index fe250fe..84e126a 100644 --- a/configuration/services/metrics/default.nix +++ b/configuration/services/metrics/default.nix @@ -5,6 +5,5 @@ ./exporters.nix ./grafana.nix ./victoriametrics.nix - ./victorialogs.nix ]; } diff --git a/configuration/services/metrics/exporters.nix b/configuration/services/metrics/exporters.nix index 78ba684..a47a701 100644 --- a/configuration/services/metrics/exporters.nix +++ b/configuration/services/metrics/exporters.nix @@ -20,16 +20,6 @@ in timeout = "5s"; http.preferred_ip_protocol = "ip4"; }; - - turn_server = { - prober = "tcp"; - timeout = "5s"; - tcp = { - preferred_ip_protocol = "ip4"; - source_ip_address = "116.202.158.55"; - tls = true; - }; - }; }; }; }; diff --git a/configuration/services/metrics/grafana.nix b/configuration/services/metrics/grafana.nix index b872833..e597cff 100644 --- a/configuration/services/metrics/grafana.nix +++ b/configuration/services/metrics/grafana.nix @@ -1,9 +1,4 @@ -{ - pkgs, - config, - flake-inputs, - ... -}: +{ config, ... }: let domain = "metrics.${config.services.nginx.domain}"; in @@ -33,11 +28,6 @@ in }; }; - declarativePlugins = [ - pkgs.grafanaPlugins.victoriametrics-metrics-datasource - flake-inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.grafanaPlugins.victoriametrics-logs-datasource - ]; - provision = { enable = true; @@ -45,16 +35,7 @@ in { name = "Victoriametrics - tlater.net"; url = "http://localhost:8428"; - type = "victoriametrics-metrics-datasource"; - access = "proxy"; - isDefault = true; - } - - { - name = "Victorialogs - tlater.net"; - url = "http://${config.services.victorialogs.bindAddress}"; - type = "victoriametrics-logs-datasource"; - access = "proxy"; + type = "prometheus"; } ]; }; diff --git a/configuration/services/metrics/victorialogs.nix b/configuration/services/metrics/victorialogs.nix deleted file mode 100644 index ae47c39..0000000 --- a/configuration/services/metrics/victorialogs.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - ... -}: -let - cfg = config.services.victorialogs; -in -{ - options.services.victorialogs.bindAddress = lib.mkOption { - readOnly = true; - type = lib.types.str; - description = '' - Final address on which victorialogs listens. - ''; - }; - - config = { - services.victorialogs = { - enable = true; - bindAddress = - (lib.optionalString (lib.hasPrefix ":" cfg.listenAddress) "127.0.0.1") + cfg.listenAddress; - }; - - services.journald.upload = { - enable = true; - settings.Upload = { - URL = "http://${cfg.bindAddress}/insert/journald"; - NetworkTimeoutSec = "20s"; - }; - }; - systemd.services."systemd-journal-upload".after = [ "victorialogs.service" ]; - }; -} diff --git a/configuration/services/metrics/victoriametrics.nix b/configuration/services/metrics/victoriametrics.nix index 53864d6..eca65d0 100644 --- a/configuration/services/metrics/victoriametrics.nix +++ b/configuration/services/metrics/victoriametrics.nix @@ -40,30 +40,6 @@ in }; }; - blackbox_turn = { - targets = [ "turn.tlater.net:${toString config.services.coturn.tls-listening-port}" ]; - - extraSettings = { - metrics_path = "/probe"; - params.module = [ "turn_server" ]; - - relabel_configs = [ - { - source_labels = [ "__address__" ]; - target_label = "__param_target"; - } - { - source_labels = [ "__param_target" ]; - target_label = "instance"; - } - { - target_label = "__address__"; - replacement = "${blackbox_host}:${toString blackbox_port}"; - } - ]; - }; - }; - blackbox_exporter.targets = [ "${blackbox_host}:${toString blackbox_port}" ]; coturn.targets = [ "127.0.0.1:9641" ]; @@ -87,8 +63,6 @@ in # Configured in the hookshot listeners, but it's hard to filter # the correct values out of that config. matrixHookshot.targets = [ "127.0.0.1:9001" ]; - - victorialogs.targets = [ config.services.victorialogs.bindAddress ]; }; }; } diff --git a/configuration/sops.nix b/configuration/sops.nix index 0337438..3a1c3d8 100644 --- a/configuration/sops.nix +++ b/configuration/sops.nix @@ -1,11 +1,18 @@ +{ config, lib, ... }: { sops = { defaultSopsFile = ../keys/production.yaml; secrets = { - "battery-manager/email" = { }; + "battery-manager/email" = lib.mkIf config.services.batteryManager.enable { + owner = "battery-manager"; + group = "battery-manager"; + }; - "battery-manager/password" = { }; + "battery-manager/password" = lib.mkIf config.services.batteryManager.enable { + owner = "battery-manager"; + group = "battery-manager"; + }; # Gitea "forgejo/metrics-token" = { diff --git a/flake.lock b/flake.lock index 83911d7..7f117e9 100644 --- a/flake.lock +++ b/flake.lock @@ -1,375 +1,9 @@ { "nodes": { - "attic": { - "inputs": { - "crane": "crane", - "flake-compat": "flake-compat", - "flake-parts": "flake-parts", - "nix-github-actions": "nix-github-actions", - "nixpkgs": "nixpkgs", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1738524606, - "narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=", - "owner": "zhaofengli", - "repo": "attic", - "rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "ref": "main", - "repo": "attic", - "type": "github" - } - }, - "cachix": { - "inputs": { - "devenv": "devenv", - "flake-compat": "flake-compat_2", - "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_4" - }, - "locked": { - "lastModified": 1737621947, - "narHash": "sha256-8HFvG7fvIFbgtaYAY2628Tb89fA55nPm2jSiNs0/Cws=", - "owner": "cachix", - "repo": "cachix", - "rev": "f65a3cd5e339c223471e64c051434616e18cc4f5", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "master", - "repo": "cachix", - "type": "github" - } - }, - "cachix_2": { - "inputs": { - "devenv": [ - "conduwuit", - "cachix", - "devenv" - ], - "flake-compat": [ - "conduwuit", - "cachix", - "devenv" - ], - "git-hooks": [ - "conduwuit", - "cachix", - "devenv" - ], - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1728672398, - "narHash": "sha256-KxuGSoVUFnQLB2ZcYODW7AVPAh9JqRlD5BrfsC/Q4qs=", - "owner": "cachix", - "repo": "cachix", - "rev": "aac51f698309fd0f381149214b7eee213c66ef0a", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "latest", - "repo": "cachix", - "type": "github" - } - }, - "cachix_3": { - "inputs": { - "devenv": [ - "sonnenshift", - "crate2nix" - ], - "flake-compat": [ - "sonnenshift", - "crate2nix" - ], - "nixpkgs": "nixpkgs_7", - "pre-commit-hooks": [ - "sonnenshift", - "crate2nix" - ] - }, - "locked": { - "lastModified": 1709700175, - "narHash": "sha256-A0/6ZjLmT9qdYzKHmevnEIC7G+GiZ4UCr8v0poRPzds=", - "owner": "cachix", - "repo": "cachix", - "rev": "be97b37989f11b724197b5f4c7ffd78f12c8c4bf", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "latest", - "repo": "cachix", - "type": "github" - } - }, - "cachix_4": { - "inputs": { - "devenv": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable" - ], - "flake-compat": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable" - ], - "nixpkgs": "nixpkgs_8", - "pre-commit-hooks": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable" - ] - }, - "locked": { - "lastModified": 1716549461, - "narHash": "sha256-lHy5kgx6J8uD+16SO47dPrbob98sh+W1tf4ceSqPVK4=", - "owner": "cachix", - "repo": "cachix", - "rev": "e2bb269fb8c0828d5d4d2d7b8d09ea85abcacbd4", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "latest", - "repo": "cachix", - "type": "github" - } - }, - "cachix_5": { - "inputs": { - "devenv": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable" - ], - "flake-compat": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable" - ], - "nixpkgs": "nixpkgs_9", - "pre-commit-hooks": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable" - ] - }, - "locked": { - "lastModified": 1716549461, - "narHash": "sha256-lHy5kgx6J8uD+16SO47dPrbob98sh+W1tf4ceSqPVK4=", - "owner": "cachix", - "repo": "cachix", - "rev": "e2bb269fb8c0828d5d4d2d7b8d09ea85abcacbd4", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "latest", - "repo": "cachix", - "type": "github" - } - }, - "complement": { - "flake": false, - "locked": { - "lastModified": 1741891349, - "narHash": "sha256-YvrzOWcX7DH1drp5SGa+E/fc7wN3hqFtPbqPjZpOu1Q=", - "owner": "girlbossceo", - "repo": "complement", - "rev": "e587b3df569cba411aeac7c20b6366d03c143745", - "type": "github" - }, - "original": { - "owner": "girlbossceo", - "ref": "main", - "repo": "complement", - "type": "github" - } - }, - "conduwuit": { - "inputs": { - "attic": "attic", - "cachix": "cachix", - "complement": "complement", - "crane": "crane_2", - "fenix": "fenix", - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils", - "liburing": "liburing", - "nix-filter": "nix-filter", - "nixpkgs": [ - "nixpkgs" - ], - "rocksdb": "rocksdb" - }, - "locked": { - "lastModified": 1743735594, - "narHash": "sha256-aaP8OjY4fkpxk2JdSggx9S3Rk+P+VhuivT6aRpLxoj0=", - "owner": "girlbossceo", - "repo": "conduwuit", - "rev": "00f7745ec4ebcea5f892376c5de5db1299f71696", - "type": "github" - }, - "original": { - "owner": "girlbossceo", - "repo": "conduwuit", - "type": "github" - } - }, - "crane": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1722960479, - "narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=", - "owner": "ipetkov", - "repo": "crane", - "rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "crane_2": { - "locked": { - "lastModified": 1739936662, - "narHash": "sha256-x4syUjNUuRblR07nDPeLDP7DpphaBVbUaSoeZkFbGSk=", - "owner": "ipetkov", - "repo": "crane", - "rev": "19de14aaeb869287647d9461cbd389187d8ecdb7", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "ref": "master", - "repo": "crane", - "type": "github" - } - }, - "crate2nix": { - "inputs": { - "cachix": "cachix_3", - "crate2nix_stable": "crate2nix_stable", - "devshell": "devshell_3", - "flake-compat": "flake-compat_7", - "flake-parts": "flake-parts_5", - "nix-test-runner": "nix-test-runner_3", - "nixpkgs": [ - "sonnenshift", - "nixpkgs" - ], - "pre-commit-hooks": "pre-commit-hooks_3" - }, - "locked": { - "lastModified": 1739473963, - "narHash": "sha256-ItAhpjNUzEWd/cgZVyW/jvoGbCec4TK29e1Mnmn1oJE=", - "owner": "nix-community", - "repo": "crate2nix", - "rev": "be31feae9a82c225c0fd1bdf978565dc452a483a", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "crate2nix", - "type": "github" - } - }, - "crate2nix_stable": { - "inputs": { - "cachix": "cachix_4", - "crate2nix_stable": "crate2nix_stable_2", - "devshell": "devshell_2", - "flake-compat": "flake-compat_6", - "flake-parts": "flake-parts_4", - "nix-test-runner": "nix-test-runner_2", - "nixpkgs": "nixpkgs_11", - "pre-commit-hooks": "pre-commit-hooks_2" - }, - "locked": { - "lastModified": 1719760004, - "narHash": "sha256-esWhRnt7FhiYq0CcIxw9pvH+ybOQmWBfHYMtleaMhBE=", - "owner": "nix-community", - "repo": "crate2nix", - "rev": "1dee214bb20855fa3e1e7bb98d28922ddaff8c57", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "0.14.1", - "repo": "crate2nix", - "type": "github" - } - }, - "crate2nix_stable_2": { - "inputs": { - "cachix": "cachix_5", - "crate2nix_stable": "crate2nix_stable_3", - "devshell": "devshell", - "flake-compat": "flake-compat_5", - "flake-parts": "flake-parts_3", - "nix-test-runner": "nix-test-runner", - "nixpkgs": "nixpkgs_10", - "pre-commit-hooks": "pre-commit-hooks" - }, - "locked": { - "lastModified": 1712821484, - "narHash": "sha256-rGT3CW64cJS9nlnWPFWSc1iEa3dNZecVVuPVGzcsHe8=", - "owner": "nix-community", - "repo": "crate2nix", - "rev": "42883afcad3823fa5811e967fb7bff54bc3c9d6d", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "0.14.0", - "repo": "crate2nix", - "type": "github" - } - }, - "crate2nix_stable_3": { - "inputs": { - "flake-utils": "flake-utils_2" - }, - "locked": { - "lastModified": 1702842982, - "narHash": "sha256-A9AowkHIjsy1a4LuiPiVP88FMxyCWK41flZEZOUuwQM=", - "owner": "nix-community", - "repo": "crate2nix", - "rev": "75ac2973affa6b9b4f661a7b592cba6e4f51d426", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "0.12.0", - "repo": "crate2nix", - "type": "github" - } - }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat_4", - "nixpkgs": "nixpkgs_5", + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", "utils": "utils" }, "locked": { @@ -386,112 +20,6 @@ "type": "github" } }, - "devenv": { - "inputs": { - "cachix": "cachix_2", - "flake-compat": [ - "conduwuit", - "cachix", - "flake-compat" - ], - "git-hooks": [ - "conduwuit", - "cachix", - "git-hooks" - ], - "nix": "nix", - "nixpkgs": [ - "conduwuit", - "cachix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733323168, - "narHash": "sha256-d5DwB4MZvlaQpN6OQ4SLYxb5jA4UH5EtV5t5WOtjLPU=", - "owner": "cachix", - "repo": "devenv", - "rev": "efa9010b8b1cfd5dd3c7ed1e172a470c3b84a064", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "devenv", - "type": "github" - } - }, - "devshell": { - "inputs": { - "flake-utils": "flake-utils_3", - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1717408969, - "narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=", - "owner": "numtide", - "repo": "devshell", - "rev": "1ebbe68d57457c8cae98145410b164b5477761f4", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "devshell", - "type": "github" - } - }, - "devshell_2": { - "inputs": { - "flake-utils": "flake-utils_4", - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1717408969, - "narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=", - "owner": "numtide", - "repo": "devshell", - "rev": "1ebbe68d57457c8cae98145410b164b5477761f4", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "devshell", - "type": "github" - } - }, - "devshell_3": { - "inputs": { - "flake-utils": "flake-utils_5", - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1711099426, - "narHash": "sha256-HzpgM/wc3aqpnHJJ2oDqPBkNsqWbW0WfWUO8lKu8nGk=", - "owner": "numtide", - "repo": "devshell", - "rev": "2d45b54ca4a183f2fdcf4b19c895b64fbf620ee8", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "devshell", - "type": "github" - } - }, "disko": { "inputs": { "nixpkgs": [ @@ -499,11 +27,11 @@ ] }, "locked": { - "lastModified": 1743598667, - "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=", + "lastModified": 1737038063, + "narHash": "sha256-rMEuiK69MDhjz1JgbaeQ9mBDXMJ2/P8vmOYRbFndXsk=", "owner": "nix-community", "repo": "disko", - "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6", + "rev": "bf0abfde48f469c256f2b0f481c6281ff04a5db2", "type": "github" }, "original": { @@ -514,7 +42,7 @@ }, "dream2nix": { "inputs": { - "nixpkgs": "nixpkgs_12", + "nixpkgs": "nixpkgs_3", "purescript-overlay": "purescript-overlay", "pyproject-nix": "pyproject-nix" }, @@ -533,35 +61,12 @@ } }, "fenix": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1740724364, - "narHash": "sha256-D1jLIueJx1dPrP09ZZwTrPf4cubV+TsFMYbpYYTVj6A=", - "owner": "nix-community", - "repo": "fenix", - "rev": "edf7d9e431cda8782e729253835f178a356d3aab", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "main", - "repo": "fenix", - "type": "github" - } - }, - "fenix_2": { "inputs": { "nixpkgs": [ "tlaternet-webserver", "nixpkgs" ], - "rust-analyzer-src": "rust-analyzer-src_2" + "rust-analyzer-src": "rust-analyzer-src" }, "locked": { "lastModified": 1737181903, @@ -594,39 +99,6 @@ } }, "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "type": "github" - }, - "original": { - "owner": "edolstra", - "ref": "master", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_4": { "flake": false, "locked": { "lastModified": 1696426674, @@ -642,280 +114,16 @@ "type": "github" } }, - "flake-compat_5": { - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "revCount": 57, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-compat_6": { - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "revCount": 57, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-compat_7": { - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "revCount": 57, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" - } - }, - "flake-compat_8": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "conduwuit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "conduwuit", - "cachix", - "devenv", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { - "inputs": { - "nixpkgs-lib": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719745305, - "narHash": "sha256-xwgjVUpqSviudEkpQnioeez1Uo2wzrsMaJKJClh+Bls=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_4": { - "inputs": { - "nixpkgs-lib": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719745305, - "narHash": "sha256-xwgjVUpqSviudEkpQnioeez1Uo2wzrsMaJKJClh+Bls=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_5": { - "inputs": { - "nixpkgs-lib": [ - "sonnenshift", - "crate2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flake-utils": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "ref": "main", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { - "inputs": { - "systems": "systems_3" - }, - "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_3": { - "inputs": { - "systems": "systems_4" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_4": { - "inputs": { - "systems": "systems_5" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_5": { - "inputs": { - "systems": "systems_6" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_6": { - "inputs": { - "systems": "systems_7" - }, - "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -931,11 +139,11 @@ ] }, "locked": { - "lastModified": 1739712626, - "narHash": "sha256-u3m+awbdL+0BKk8IWidsWMr+R0ian3GZMUlH7623kd8=", + "lastModified": 1737076827, + "narHash": "sha256-vM9C1gFiQGa3nTYqmTBI8MoiUfprkQdepUBbxV7ECMQ=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "a7fa493ba2c623cf90e83756b62285b3b58f18d2", + "rev": "0a72a4bf64224c6584fd1b9e9f0012dd09af979a", "type": "github" }, "original": { @@ -944,225 +152,11 @@ "type": "github" } }, - "git-hooks": { - "inputs": { - "flake-compat": [ - "conduwuit", - "cachix", - "flake-compat" - ], - "gitignore": "gitignore", - "nixpkgs": [ - "conduwuit", - "cachix", - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable_2" - }, - "locked": { - "lastModified": 1733318908, - "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "6f4e2a2112050951a314d2733a994fbab94864c6", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "cachix", - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gitignore_2": { - "inputs": { - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gitignore_3": { - "inputs": { - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gitignore_4": { - "inputs": { - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "pre-commit-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "libgit2": { - "flake": false, - "locked": { - "lastModified": 1697646580, - "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=", - "owner": "libgit2", - "repo": "libgit2", - "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5", - "type": "github" - }, - "original": { - "owner": "libgit2", - "repo": "libgit2", - "type": "github" - } - }, - "liburing": { - "flake": false, - "locked": { - "lastModified": 1740613216, - "narHash": "sha256-NpPOBqNND3Qe9IwqYs0mJLGTmIx7e6FgUEBAnJ+1ZLA=", - "owner": "axboe", - "repo": "liburing", - "rev": "e1003e496e66f9b0ae06674869795edf772d5500", - "type": "github" - }, - "original": { - "owner": "axboe", - "ref": "master", - "repo": "liburing", - "type": "github" - } - }, - "nix": { - "inputs": { - "flake-compat": [ - "conduwuit", - "cachix", - "devenv" - ], - "flake-parts": "flake-parts_2", - "libgit2": "libgit2", - "nixpkgs": "nixpkgs_3", - "nixpkgs-23-11": [ - "conduwuit", - "cachix", - "devenv" - ], - "nixpkgs-regression": [ - "conduwuit", - "cachix", - "devenv" - ], - "pre-commit-hooks": [ - "conduwuit", - "cachix", - "devenv" - ] - }, - "locked": { - "lastModified": 1727438425, - "narHash": "sha256-X8ES7I1cfNhR9oKp06F6ir4Np70WGZU5sfCOuNBEwMg=", - "owner": "domenkozar", - "repo": "nix", - "rev": "f6c5ae4c1b2e411e6b1e6a8181cc84363d6a7546", - "type": "github" - }, - "original": { - "owner": "domenkozar", - "ref": "devenv-2.24", - "repo": "nix", - "type": "github" - } - }, - "nix-filter": { - "locked": { - "lastModified": 1731533336, - "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", - "owner": "numtide", - "repo": "nix-filter", - "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", - "type": "github" - }, - "original": { - "owner": "numtide", - "ref": "main", - "repo": "nix-filter", - "type": "github" - } - }, "nix-github-actions": { "inputs": { "nixpkgs": [ - "conduwuit", - "attic", + "sonnenshift", + "poetry2nixi", "nixpkgs" ] }, @@ -1180,209 +174,7 @@ "type": "github" } }, - "nix-test-runner": { - "flake": false, - "locked": { - "lastModified": 1588761593, - "narHash": "sha256-FKJykltAN/g3eIceJl4SfDnnyuH2jHImhMrXS2KvGIs=", - "owner": "stoeffel", - "repo": "nix-test-runner", - "rev": "c45d45b11ecef3eb9d834c3b6304c05c49b06ca2", - "type": "github" - }, - "original": { - "owner": "stoeffel", - "repo": "nix-test-runner", - "type": "github" - } - }, - "nix-test-runner_2": { - "flake": false, - "locked": { - "lastModified": 1588761593, - "narHash": "sha256-FKJykltAN/g3eIceJl4SfDnnyuH2jHImhMrXS2KvGIs=", - "owner": "stoeffel", - "repo": "nix-test-runner", - "rev": "c45d45b11ecef3eb9d834c3b6304c05c49b06ca2", - "type": "github" - }, - "original": { - "owner": "stoeffel", - "repo": "nix-test-runner", - "type": "github" - } - }, - "nix-test-runner_3": { - "flake": false, - "locked": { - "lastModified": 1588761593, - "narHash": "sha256-FKJykltAN/g3eIceJl4SfDnnyuH2jHImhMrXS2KvGIs=", - "owner": "stoeffel", - "repo": "nix-test-runner", - "rev": "c45d45b11ecef3eb9d834c3b6304c05c49b06ca2", - "type": "github" - }, - "original": { - "owner": "stoeffel", - "repo": "nix-test-runner", - "type": "github" - } - }, "nixpkgs": { - "locked": { - "lastModified": 1726042813, - "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "159be5db480d1df880a0135ca0bfed84c2f88353", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1724316499, - "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1730741070, - "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1743732435, - "narHash": "sha256-RrWgOj3F1N6kDG0xatvZzP0p1Zq00yhcTMlaj4bWi5E=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "a462b946265ed006720d02153882780b12a8376d", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_10": { - "locked": { - "lastModified": 1719506693, - "narHash": "sha256-C8e9S7RzshSdHB7L+v9I51af1gDM5unhJ2xO1ywxNH8=", - "path": "/nix/store/4p0avw1s3vf27hspgqsrqs37gxk4i83i-source", - "rev": "b2852eb9365c6de48ffb0dc2c9562591f652242a", - "type": "path" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_11": { - "locked": { - "lastModified": 1719506693, - "narHash": "sha256-C8e9S7RzshSdHB7L+v9I51af1gDM5unhJ2xO1ywxNH8=", - "path": "/nix/store/4p0avw1s3vf27hspgqsrqs37gxk4i83i-source", - "rev": "b2852eb9365c6de48ffb0dc2c9562591f652242a", - "type": "path" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_12": { - "locked": { - "lastModified": 1729850857, - "narHash": "sha256-WvLXzNNnnw+qpFOmgaM3JUlNEH+T4s22b5i2oyyCpXE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "41dea55321e5a999b17033296ac05fe8a8b5a257", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1717432640, - "narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "88269ab3044128b7c2f4c7d68448b2fb50456870", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1733212471, - "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { "locked": { "lastModified": 1702272962, "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", @@ -1398,13 +190,45 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs-crowdsec": { "locked": { - "lastModified": 1743703532, - "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=", + "lastModified": 1738085579, + "narHash": "sha256-7mLjMrOiiIi0vI7BJwbEipYQzwA7JF/NWHP+LM4q5S8=", + "owner": "tlater", + "repo": "nixpkgs", + "rev": "426a7afc9a6ecfdac544bda4022acef31e36df34", + "type": "github" + }, + "original": { + "owner": "tlater", + "ref": "tlater/fix-crowdsec", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1737192615, + "narHash": "sha256-jtucJjcdryEZQw1g0RThPSPxCdWNHF42sLp8pmMMGDs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bdb91860de2f719b57eef819b5617762f7120c70", + "rev": "09c71b16e6efc9e90edae7eb8b63348702ff9a85", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1737171713, + "narHash": "sha256-9mWmMXCto7e8U9hM8ZFozElv4dgOMTe308SSc7rEEFs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "8773174492fc61571b578f34a59953baba46471a", "type": "github" }, "original": { @@ -1414,166 +238,50 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_3": { "locked": { - "lastModified": 1700612854, - "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", + "lastModified": 1729850857, + "narHash": "sha256-WvLXzNNnnw+qpFOmgaM3JUlNEH+T4s22b5i2oyyCpXE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", + "rev": "41dea55321e5a999b17033296ac05fe8a8b5a257", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_8": { - "locked": { - "lastModified": 1715534503, - "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2057814051972fa1453ddfb0d98badbea9b83c06", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_9": { - "locked": { - "lastModified": 1715534503, - "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2057814051972fa1453ddfb0d98badbea9b83c06", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "pre-commit-hooks": { + "poetry2nixi": { "inputs": { - "flake-compat": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable", - "flake-compat" - ], - "gitignore": "gitignore_2", + "flake-utils": "flake-utils", + "nix-github-actions": "nix-github-actions", "nixpkgs": [ "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable", "nixpkgs" ], - "nixpkgs-stable": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "crate2nix_stable", - "nixpkgs" - ] + "systems": "systems_3", + "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1719259945, - "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07", + "lastModified": 1738741221, + "narHash": "sha256-UiTOA89yQV5YNlO1ZAp4IqJUGWOnTyBC83netvt8rQE=", + "owner": "nix-community", + "repo": "poetry2nix", + "rev": "be1fe795035d3d36359ca9135b26dcc5321b31fb", "type": "github" }, "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, - "pre-commit-hooks_2": { - "inputs": { - "flake-compat": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "flake-compat" - ], - "gitignore": "gitignore_3", - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "nixpkgs" - ], - "nixpkgs-stable": [ - "sonnenshift", - "crate2nix", - "crate2nix_stable", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1719259945, - "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, - "pre-commit-hooks_3": { - "inputs": { - "flake-compat": [ - "sonnenshift", - "crate2nix", - "flake-compat" - ], - "flake-utils": "flake-utils_6", - "gitignore": "gitignore_4", - "nixpkgs": [ - "sonnenshift", - "crate2nix", - "nixpkgs" - ], - "nixpkgs-stable": [ - "sonnenshift", - "crate2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712055707, - "narHash": "sha256-4XLvuSIDZJGS17xEwSrNuJLL7UjDYKGJSbK1WWX2AK8=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "e35aed5fda3cc79f88ed7f1795021e559582093a", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", + "owner": "nix-community", + "repo": "poetry2nix", "type": "github" } }, "purescript-overlay": { "inputs": { - "flake-compat": "flake-compat_8", + "flake-compat": "flake-compat_2", "nixpkgs": [ "tlaternet-webserver", "dream2nix", @@ -1612,30 +320,13 @@ "type": "github" } }, - "rocksdb": { - "flake": false, - "locked": { - "lastModified": 1741308171, - "narHash": "sha256-YdBvdQ75UJg5ffwNjxizpviCVwVDJnBkM8ZtGIduMgY=", - "owner": "girlbossceo", - "repo": "rocksdb", - "rev": "3ce04794bcfbbb0d2e6f81ae35fc4acf688b6986", - "type": "github" - }, - "original": { - "owner": "girlbossceo", - "ref": "v9.11.1", - "repo": "rocksdb", - "type": "github" - } - }, "root": { "inputs": { - "conduwuit": "conduwuit", "deploy-rs": "deploy-rs", "disko": "disko", "foundryvtt": "foundryvtt", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_2", + "nixpkgs-crowdsec": "nixpkgs-crowdsec", "nixpkgs-unstable": "nixpkgs-unstable", "sonnenshift": "sonnenshift", "sops-nix": "sops-nix", @@ -1643,23 +334,6 @@ } }, "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1740691488, - "narHash": "sha256-Fs6vBrByuiOf2WO77qeMDMTXcTGzrIMqLBv+lNeywwM=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "fe3eda77d3a7ce212388bda7b6cec8bffcc077e5", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, - "rust-analyzer-src_2": { "flake": false, "locked": { "lastModified": 1737140097, @@ -1701,17 +375,17 @@ }, "sonnenshift": { "inputs": { - "crate2nix": "crate2nix", "nixpkgs": [ "nixpkgs" - ] + ], + "poetry2nixi": "poetry2nixi" }, "locked": { - "lastModified": 1740082109, - "narHash": "sha256-WdRNkwsIotFOSymee/yQyH46RmYtuxd1FENhvGL4KRc=", + "lastModified": 1738867540, + "narHash": "sha256-co2Fs1VoWtTzo7IAeRtaNnyofoUWFOv/Aa/+vSorurA=", "ref": "refs/heads/main", - "rev": "a1b48cf2ba194054e2d8816c94a84cebc4fb5de0", - "revCount": 23, + "rev": "c6eeff42799c9d4073a241056198004d89bf87df", + "revCount": 15, "type": "git", "url": "ssh://git@github.com/sonnenshift/battery-manager" }, @@ -1727,11 +401,11 @@ ] }, "locked": { - "lastModified": 1743756170, - "narHash": "sha256-2b11EYa08oqDmF3zEBLkG1AoNn9rB1k39ew/T/mSvbU=", + "lastModified": 1737107480, + "narHash": "sha256-GXUE9+FgxoZU8v0p6ilBJ8NH7k8nKmZjp/7dmMrCv3o=", "owner": "Mic92", "repo": "sops-nix", - "rev": "cff8437c5fe8c68fc3a840a21bf1f4dc801da40d", + "rev": "4c4fb93f18b9072c6fa1986221f9a3d7bf1fe4b6", "type": "github" }, "original": { @@ -1785,70 +459,10 @@ "type": "github" } }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_5": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_6": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_7": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "tlaternet-webserver": { "inputs": { "dream2nix": "dream2nix", - "fenix": "fenix_2", + "fenix": "fenix", "nixpkgs": [ "nixpkgs" ] @@ -1867,9 +481,31 @@ "url": "https://gitea.tlater.net/tlaternet/tlaternet.git" } }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "sonnenshift", + "poetry2nixi", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1730120726, + "narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "9ef337e492a5555d8e17a51c911ff1f02635be15", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "utils": { "inputs": { - "systems": "systems_2" + "systems": "systems" }, "locked": { "lastModified": 1701680307, diff --git a/flake.nix b/flake.nix index 4f17def..3d04d7c 100644 --- a/flake.nix +++ b/flake.nix @@ -4,10 +4,6 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11-small"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small"; - conduwuit = { - url = "github:girlbossceo/conduwuit"; - inputs.nixpkgs.follows = "nixpkgs"; - }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; @@ -30,6 +26,8 @@ url = "git+ssh://git@github.com/sonnenshift/battery-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + + nixpkgs-crowdsec.url = "github:tlater/nixpkgs/tlater/fix-crowdsec"; }; outputs = @@ -108,6 +106,7 @@ in { default = vm.config.system.build.vm; + crowdsec = pkgs.callPackage "${inputs.nixpkgs-crowdsec}/pkgs/by-name/cr/crowdsec/package.nix" { }; crowdsec-hub = localPkgs.crowdsec.hub; crowdsec-firewall-bouncer = localPkgs.crowdsec.firewall-bouncer; }; diff --git a/modules/crowdsec/default.nix b/modules/crowdsec/default.nix index c0003a5..0d0ff1c 100644 --- a/modules/crowdsec/default.nix +++ b/modules/crowdsec/default.nix @@ -1,4 +1,5 @@ { + flake-inputs, pkgs, lib, config, @@ -8,6 +9,8 @@ let cfg = config.security.crowdsec; settingsFormat = pkgs.formats.yaml { }; + crowdsec = flake-inputs.self.packages.${pkgs.system}.crowdsec; + hub = pkgs.fetchFromGitHub { owner = "crowdsecurity"; repo = "hub"; @@ -16,14 +19,14 @@ let }; cscli = pkgs.writeShellScriptBin "cscli" '' - export PATH="$PATH:${cfg.package}/bin/" + export PATH="$PATH:${crowdsec}/bin/" sudo=exec if [ "$USER" != "crowdsec" ]; then sudo='exec /run/wrappers/bin/sudo -u crowdsec' fi - $sudo ${cfg.package}/bin/cscli "$@" + $sudo ${crowdsec}/bin/cscli "$@" ''; acquisitions = '' @@ -50,7 +53,7 @@ in package = lib.mkOption { type = package; - default = pkgs.crowdsec; + default = crowdsec; }; stateDirectory = lib.mkOption { diff --git a/pkgs/crowdsec/_sources/generated.json b/pkgs/crowdsec/_sources/generated.json index 97c4e87..8485779 100644 --- a/pkgs/crowdsec/_sources/generated.json +++ b/pkgs/crowdsec/_sources/generated.json @@ -21,7 +21,7 @@ }, "crowdsec-hub": { "cargoLocks": null, - "date": "2025-04-04", + "date": "2025-01-30", "extract": null, "name": "crowdsec-hub", "passthru": null, @@ -33,10 +33,10 @@ "name": null, "owner": "crowdsecurity", "repo": "hub", - "rev": "eebc5f71379ea8f4de4a26f6695e0340444c719c", - "sha256": "sha256-/jhsqumekdOHDbHjBP8KvAICsSNhCg5ejMT3jSRiROo=", + "rev": "8f102f5ac79af59d3024ca2771b65ec87411ac02", + "sha256": "sha256-8K1HkBg0++Au1dr2KMrl9b2ruqXdo+vqWngOCwL11Mo=", "type": "github" }, - "version": "eebc5f71379ea8f4de4a26f6695e0340444c719c" + "version": "8f102f5ac79af59d3024ca2771b65ec87411ac02" } } \ No newline at end of file diff --git a/pkgs/crowdsec/_sources/generated.nix b/pkgs/crowdsec/_sources/generated.nix index aca88b2..6f845ec 100644 --- a/pkgs/crowdsec/_sources/generated.nix +++ b/pkgs/crowdsec/_sources/generated.nix @@ -14,14 +14,14 @@ }; crowdsec-hub = { pname = "crowdsec-hub"; - version = "eebc5f71379ea8f4de4a26f6695e0340444c719c"; + version = "8f102f5ac79af59d3024ca2771b65ec87411ac02"; src = fetchFromGitHub { owner = "crowdsecurity"; repo = "hub"; - rev = "eebc5f71379ea8f4de4a26f6695e0340444c719c"; + rev = "8f102f5ac79af59d3024ca2771b65ec87411ac02"; fetchSubmodules = false; - sha256 = "sha256-/jhsqumekdOHDbHjBP8KvAICsSNhCg5ejMT3jSRiROo="; + sha256 = "sha256-8K1HkBg0++Au1dr2KMrl9b2ruqXdo+vqWngOCwL11Mo="; }; - date = "2025-04-04"; + date = "2025-01-30"; }; }