diff --git a/configuration/services/battery-manager.nix b/configuration/services/battery-manager.nix
index 9da7e32..a16cca1 100644
--- a/configuration/services/battery-manager.nix
+++ b/configuration/services/battery-manager.nix
@@ -4,13 +4,9 @@
services.batteryManager = {
enable = true;
+ battery = "3ca39300-c523-4315-b9a3-d030f85a9373";
emailFile = "${config.sops.secrets."battery-manager/email".path}";
passwordFile = "${config.sops.secrets."battery-manager/password".path}";
-
- settings = {
- battery_id = "3ca39300-c523-4315-b9a3-d030f85a9373";
- log_level = "DEBUG";
- };
};
}
diff --git a/configuration/services/conduit/default.nix b/configuration/services/conduit/default.nix
index 18062ed..c3803f4 100644
--- a/configuration/services/conduit/default.nix
+++ b/configuration/services/conduit/default.nix
@@ -59,8 +59,11 @@ in
relay-ips = [ "116.202.158.55" ];
# SSL config
- pkey = "${config.security.acme.certs."tlater.net".directory}/key.pem";
- cert = "${config.security.acme.certs."tlater.net".directory}/fullchain.pem";
+ #
+ # TODO(tlater): Switch to letsencrypt once google fix:
+ # https://github.com/vector-im/element-android/issues/1533
+ pkey = config.sops.secrets."turn/ssl-key".path;
+ cert = config.sops.secrets."turn/ssl-cert".path;
# Based on suggestions from
# https://github.com/matrix-org/synapse/blob/develop/docs/turn-howto.md
diff --git a/configuration/sops.nix b/configuration/sops.nix
index 0337438..3a1c3d8 100644
--- a/configuration/sops.nix
+++ b/configuration/sops.nix
@@ -1,11 +1,18 @@
+{ config, lib, ... }:
{
sops = {
defaultSopsFile = ../keys/production.yaml;
secrets = {
- "battery-manager/email" = { };
+ "battery-manager/email" = lib.mkIf config.services.batteryManager.enable {
+ owner = "battery-manager";
+ group = "battery-manager";
+ };
- "battery-manager/password" = { };
+ "battery-manager/password" = lib.mkIf config.services.batteryManager.enable {
+ owner = "battery-manager";
+ group = "battery-manager";
+ };
# Gitea
"forgejo/metrics-token" = {
diff --git a/flake.lock b/flake.lock
index 276b8b2..7f117e9 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,206 +1,5 @@
{
"nodes": {
- "cachix": {
- "inputs": {
- "devenv": [
- "sonnenshift",
- "crate2nix"
- ],
- "flake-compat": [
- "sonnenshift",
- "crate2nix"
- ],
- "nixpkgs": "nixpkgs_3",
- "pre-commit-hooks": [
- "sonnenshift",
- "crate2nix"
- ]
- },
- "locked": {
- "lastModified": 1709700175,
- "narHash": "sha256-A0/6ZjLmT9qdYzKHmevnEIC7G+GiZ4UCr8v0poRPzds=",
- "owner": "cachix",
- "repo": "cachix",
- "rev": "be97b37989f11b724197b5f4c7ffd78f12c8c4bf",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "ref": "latest",
- "repo": "cachix",
- "type": "github"
- }
- },
- "cachix_2": {
- "inputs": {
- "devenv": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable"
- ],
- "flake-compat": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable"
- ],
- "nixpkgs": "nixpkgs_4",
- "pre-commit-hooks": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable"
- ]
- },
- "locked": {
- "lastModified": 1716549461,
- "narHash": "sha256-lHy5kgx6J8uD+16SO47dPrbob98sh+W1tf4ceSqPVK4=",
- "owner": "cachix",
- "repo": "cachix",
- "rev": "e2bb269fb8c0828d5d4d2d7b8d09ea85abcacbd4",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "ref": "latest",
- "repo": "cachix",
- "type": "github"
- }
- },
- "cachix_3": {
- "inputs": {
- "devenv": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable"
- ],
- "flake-compat": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable"
- ],
- "nixpkgs": "nixpkgs_5",
- "pre-commit-hooks": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable"
- ]
- },
- "locked": {
- "lastModified": 1716549461,
- "narHash": "sha256-lHy5kgx6J8uD+16SO47dPrbob98sh+W1tf4ceSqPVK4=",
- "owner": "cachix",
- "repo": "cachix",
- "rev": "e2bb269fb8c0828d5d4d2d7b8d09ea85abcacbd4",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "ref": "latest",
- "repo": "cachix",
- "type": "github"
- }
- },
- "crate2nix": {
- "inputs": {
- "cachix": "cachix",
- "crate2nix_stable": "crate2nix_stable",
- "devshell": "devshell_3",
- "flake-compat": "flake-compat_4",
- "flake-parts": "flake-parts_3",
- "nix-test-runner": "nix-test-runner_3",
- "nixpkgs": [
- "sonnenshift",
- "nixpkgs"
- ],
- "pre-commit-hooks": "pre-commit-hooks_3"
- },
- "locked": {
- "lastModified": 1739473963,
- "narHash": "sha256-ItAhpjNUzEWd/cgZVyW/jvoGbCec4TK29e1Mnmn1oJE=",
- "owner": "nix-community",
- "repo": "crate2nix",
- "rev": "be31feae9a82c225c0fd1bdf978565dc452a483a",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "repo": "crate2nix",
- "type": "github"
- }
- },
- "crate2nix_stable": {
- "inputs": {
- "cachix": "cachix_2",
- "crate2nix_stable": "crate2nix_stable_2",
- "devshell": "devshell_2",
- "flake-compat": "flake-compat_3",
- "flake-parts": "flake-parts_2",
- "nix-test-runner": "nix-test-runner_2",
- "nixpkgs": "nixpkgs_7",
- "pre-commit-hooks": "pre-commit-hooks_2"
- },
- "locked": {
- "lastModified": 1719760004,
- "narHash": "sha256-esWhRnt7FhiYq0CcIxw9pvH+ybOQmWBfHYMtleaMhBE=",
- "owner": "nix-community",
- "repo": "crate2nix",
- "rev": "1dee214bb20855fa3e1e7bb98d28922ddaff8c57",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "ref": "0.14.1",
- "repo": "crate2nix",
- "type": "github"
- }
- },
- "crate2nix_stable_2": {
- "inputs": {
- "cachix": "cachix_3",
- "crate2nix_stable": "crate2nix_stable_3",
- "devshell": "devshell",
- "flake-compat": "flake-compat_2",
- "flake-parts": "flake-parts",
- "nix-test-runner": "nix-test-runner",
- "nixpkgs": "nixpkgs_6",
- "pre-commit-hooks": "pre-commit-hooks"
- },
- "locked": {
- "lastModified": 1712821484,
- "narHash": "sha256-rGT3CW64cJS9nlnWPFWSc1iEa3dNZecVVuPVGzcsHe8=",
- "owner": "nix-community",
- "repo": "crate2nix",
- "rev": "42883afcad3823fa5811e967fb7bff54bc3c9d6d",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "ref": "0.14.0",
- "repo": "crate2nix",
- "type": "github"
- }
- },
- "crate2nix_stable_3": {
- "inputs": {
- "flake-utils": "flake-utils"
- },
- "locked": {
- "lastModified": 1702842982,
- "narHash": "sha256-A9AowkHIjsy1a4LuiPiVP88FMxyCWK41flZEZOUuwQM=",
- "owner": "nix-community",
- "repo": "crate2nix",
- "rev": "75ac2973affa6b9b4f661a7b592cba6e4f51d426",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "ref": "0.12.0",
- "repo": "crate2nix",
- "type": "github"
- }
- },
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
@@ -221,78 +20,6 @@
"type": "github"
}
},
- "devshell": {
- "inputs": {
- "flake-utils": "flake-utils_2",
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1717408969,
- "narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
- "owner": "numtide",
- "repo": "devshell",
- "rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "devshell",
- "type": "github"
- }
- },
- "devshell_2": {
- "inputs": {
- "flake-utils": "flake-utils_3",
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1717408969,
- "narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
- "owner": "numtide",
- "repo": "devshell",
- "rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "devshell",
- "type": "github"
- }
- },
- "devshell_3": {
- "inputs": {
- "flake-utils": "flake-utils_4",
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1711099426,
- "narHash": "sha256-HzpgM/wc3aqpnHJJ2oDqPBkNsqWbW0WfWUO8lKu8nGk=",
- "owner": "numtide",
- "repo": "devshell",
- "rev": "2d45b54ca4a183f2fdcf4b19c895b64fbf620ee8",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "devshell",
- "type": "github"
- }
- },
"disko": {
"inputs": {
"nixpkgs": [
@@ -300,11 +27,11 @@
]
},
"locked": {
- "lastModified": 1739634831,
- "narHash": "sha256-xFnU+uUl48Icas2wPQ+ZzlL2O3n8f6J2LrzNK9f2nng=",
+ "lastModified": 1737038063,
+ "narHash": "sha256-rMEuiK69MDhjz1JgbaeQ9mBDXMJ2/P8vmOYRbFndXsk=",
"owner": "nix-community",
"repo": "disko",
- "rev": "fa5746ecea1772cf59b3f34c5816ab3531478142",
+ "rev": "bf0abfde48f469c256f2b0f481c6281ff04a5db2",
"type": "github"
},
"original": {
@@ -315,7 +42,7 @@
},
"dream2nix": {
"inputs": {
- "nixpkgs": "nixpkgs_8",
+ "nixpkgs": "nixpkgs_3",
"purescript-overlay": "purescript-overlay",
"pyproject-nix": "pyproject-nix"
},
@@ -372,48 +99,6 @@
}
},
"flake-compat_2": {
- "locked": {
- "lastModified": 1696426674,
- "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
- "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
- "revCount": 57,
- "type": "tarball",
- "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
- },
- "original": {
- "type": "tarball",
- "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
- }
- },
- "flake-compat_3": {
- "locked": {
- "lastModified": 1696426674,
- "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
- "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
- "revCount": 57,
- "type": "tarball",
- "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
- },
- "original": {
- "type": "tarball",
- "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
- }
- },
- "flake-compat_4": {
- "locked": {
- "lastModified": 1696426674,
- "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
- "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
- "revCount": 57,
- "type": "tarball",
- "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
- },
- "original": {
- "type": "tarball",
- "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
- }
- },
- "flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@@ -429,157 +114,16 @@
"type": "github"
}
},
- "flake-parts": {
- "inputs": {
- "nixpkgs-lib": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1719745305,
- "narHash": "sha256-xwgjVUpqSviudEkpQnioeez1Uo2wzrsMaJKJClh+Bls=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
- "flake-parts_2": {
- "inputs": {
- "nixpkgs-lib": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1719745305,
- "narHash": "sha256-xwgjVUpqSviudEkpQnioeez1Uo2wzrsMaJKJClh+Bls=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "c3c5ecc05edc7dafba779c6c1a61cd08ac6583e9",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
- "flake-parts_3": {
- "inputs": {
- "nixpkgs-lib": [
- "sonnenshift",
- "crate2nix",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1712014858,
- "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "flake-parts",
- "type": "github"
- }
- },
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
- "lastModified": 1694529238,
- "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+ "lastModified": 1726560853,
+ "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
- "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "flake-utils_2": {
- "inputs": {
- "systems": "systems_3"
- },
- "locked": {
- "lastModified": 1701680307,
- "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "flake-utils_3": {
- "inputs": {
- "systems": "systems_4"
- },
- "locked": {
- "lastModified": 1701680307,
- "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "flake-utils_4": {
- "inputs": {
- "systems": "systems_5"
- },
- "locked": {
- "lastModified": 1701680307,
- "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "flake-utils_5": {
- "inputs": {
- "systems": "systems_6"
- },
- "locked": {
- "lastModified": 1710146030,
- "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+ "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@@ -608,123 +152,25 @@
"type": "github"
}
},
- "gitignore": {
+ "nix-github-actions": {
"inputs": {
"nixpkgs": [
"sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable",
- "pre-commit-hooks",
+ "poetry2nixi",
"nixpkgs"
]
},
"locked": {
- "lastModified": 1709087332,
- "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+ "lastModified": 1729742964,
+ "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
+ "owner": "nix-community",
+ "repo": "nix-github-actions",
+ "rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"type": "github"
},
"original": {
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "type": "github"
- }
- },
- "gitignore_2": {
- "inputs": {
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "pre-commit-hooks",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1709087332,
- "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "type": "github"
- }
- },
- "gitignore_3": {
- "inputs": {
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "pre-commit-hooks",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1709087332,
- "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
- "type": "github"
- },
- "original": {
- "owner": "hercules-ci",
- "repo": "gitignore.nix",
- "type": "github"
- }
- },
- "nix-test-runner": {
- "flake": false,
- "locked": {
- "lastModified": 1588761593,
- "narHash": "sha256-FKJykltAN/g3eIceJl4SfDnnyuH2jHImhMrXS2KvGIs=",
- "owner": "stoeffel",
- "repo": "nix-test-runner",
- "rev": "c45d45b11ecef3eb9d834c3b6304c05c49b06ca2",
- "type": "github"
- },
- "original": {
- "owner": "stoeffel",
- "repo": "nix-test-runner",
- "type": "github"
- }
- },
- "nix-test-runner_2": {
- "flake": false,
- "locked": {
- "lastModified": 1588761593,
- "narHash": "sha256-FKJykltAN/g3eIceJl4SfDnnyuH2jHImhMrXS2KvGIs=",
- "owner": "stoeffel",
- "repo": "nix-test-runner",
- "rev": "c45d45b11ecef3eb9d834c3b6304c05c49b06ca2",
- "type": "github"
- },
- "original": {
- "owner": "stoeffel",
- "repo": "nix-test-runner",
- "type": "github"
- }
- },
- "nix-test-runner_3": {
- "flake": false,
- "locked": {
- "lastModified": 1588761593,
- "narHash": "sha256-FKJykltAN/g3eIceJl4SfDnnyuH2jHImhMrXS2KvGIs=",
- "owner": "stoeffel",
- "repo": "nix-test-runner",
- "rev": "c45d45b11ecef3eb9d834c3b6304c05c49b06ca2",
- "type": "github"
- },
- "original": {
- "owner": "stoeffel",
- "repo": "nix-test-runner",
+ "owner": "nix-community",
+ "repo": "nix-github-actions",
"type": "github"
}
},
@@ -744,13 +190,29 @@
"type": "github"
}
},
+ "nixpkgs-crowdsec": {
+ "locked": {
+ "lastModified": 1738085579,
+ "narHash": "sha256-7mLjMrOiiIi0vI7BJwbEipYQzwA7JF/NWHP+LM4q5S8=",
+ "owner": "tlater",
+ "repo": "nixpkgs",
+ "rev": "426a7afc9a6ecfdac544bda4022acef31e36df34",
+ "type": "github"
+ },
+ "original": {
+ "owner": "tlater",
+ "ref": "tlater/fix-crowdsec",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"nixpkgs-unstable": {
"locked": {
- "lastModified": 1739611738,
- "narHash": "sha256-3bnOIZz8KXtzcaXGuH9Eriv0HiQyr1EIfcye+VHLQZE=",
+ "lastModified": 1737192615,
+ "narHash": "sha256-jtucJjcdryEZQw1g0RThPSPxCdWNHF42sLp8pmMMGDs=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "31ff66eb77d02e9ac34b7256a02edb1c43fb9998",
+ "rev": "09c71b16e6efc9e90edae7eb8b63348702ff9a85",
"type": "github"
},
"original": {
@@ -762,11 +224,11 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1739578539,
- "narHash": "sha256-jGiez5BtGGJUB/LXzRa+4AQurMO9acc1B69kBfgQhJc=",
+ "lastModified": 1737171713,
+ "narHash": "sha256-9mWmMXCto7e8U9hM8ZFozElv4dgOMTe308SSc7rEEFs=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "30d4471a8a2a13b716530d3aad60b9846ea5ff83",
+ "rev": "8773174492fc61571b578f34a59953baba46471a",
"type": "github"
},
"original": {
@@ -777,80 +239,6 @@
}
},
"nixpkgs_3": {
- "locked": {
- "lastModified": 1700612854,
- "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_4": {
- "locked": {
- "lastModified": 1715534503,
- "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "2057814051972fa1453ddfb0d98badbea9b83c06",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_5": {
- "locked": {
- "lastModified": 1715534503,
- "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "2057814051972fa1453ddfb0d98badbea9b83c06",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs_6": {
- "locked": {
- "lastModified": 1719506693,
- "narHash": "sha256-C8e9S7RzshSdHB7L+v9I51af1gDM5unhJ2xO1ywxNH8=",
- "path": "/nix/store/4p0avw1s3vf27hspgqsrqs37gxk4i83i-source",
- "rev": "b2852eb9365c6de48ffb0dc2c9562591f652242a",
- "type": "path"
- },
- "original": {
- "id": "nixpkgs",
- "type": "indirect"
- }
- },
- "nixpkgs_7": {
- "locked": {
- "lastModified": 1719506693,
- "narHash": "sha256-C8e9S7RzshSdHB7L+v9I51af1gDM5unhJ2xO1ywxNH8=",
- "path": "/nix/store/4p0avw1s3vf27hspgqsrqs37gxk4i83i-source",
- "rev": "b2852eb9365c6de48ffb0dc2c9562591f652242a",
- "type": "path"
- },
- "original": {
- "id": "nixpkgs",
- "type": "indirect"
- }
- },
- "nixpkgs_8": {
"locked": {
"lastModified": 1729850857,
"narHash": "sha256-WvLXzNNnnw+qpFOmgaM3JUlNEH+T4s22b5i2oyyCpXE=",
@@ -866,118 +254,34 @@
"type": "github"
}
},
- "pre-commit-hooks": {
+ "poetry2nixi": {
"inputs": {
- "flake-compat": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable",
- "flake-compat"
- ],
- "gitignore": "gitignore",
+ "flake-utils": "flake-utils",
+ "nix-github-actions": "nix-github-actions",
"nixpkgs": [
"sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable",
"nixpkgs"
],
- "nixpkgs-stable": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "crate2nix_stable",
- "nixpkgs"
- ]
+ "systems": "systems_3",
+ "treefmt-nix": "treefmt-nix"
},
"locked": {
- "lastModified": 1719259945,
- "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=",
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07",
+ "lastModified": 1738741221,
+ "narHash": "sha256-UiTOA89yQV5YNlO1ZAp4IqJUGWOnTyBC83netvt8rQE=",
+ "owner": "nix-community",
+ "repo": "poetry2nix",
+ "rev": "be1fe795035d3d36359ca9135b26dcc5321b31fb",
"type": "github"
},
"original": {
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "type": "github"
- }
- },
- "pre-commit-hooks_2": {
- "inputs": {
- "flake-compat": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "flake-compat"
- ],
- "gitignore": "gitignore_2",
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "nixpkgs"
- ],
- "nixpkgs-stable": [
- "sonnenshift",
- "crate2nix",
- "crate2nix_stable",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1719259945,
- "narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=",
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "type": "github"
- }
- },
- "pre-commit-hooks_3": {
- "inputs": {
- "flake-compat": [
- "sonnenshift",
- "crate2nix",
- "flake-compat"
- ],
- "flake-utils": "flake-utils_5",
- "gitignore": "gitignore_3",
- "nixpkgs": [
- "sonnenshift",
- "crate2nix",
- "nixpkgs"
- ],
- "nixpkgs-stable": [
- "sonnenshift",
- "crate2nix",
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1712055707,
- "narHash": "sha256-4XLvuSIDZJGS17xEwSrNuJLL7UjDYKGJSbK1WWX2AK8=",
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
- "rev": "e35aed5fda3cc79f88ed7f1795021e559582093a",
- "type": "github"
- },
- "original": {
- "owner": "cachix",
- "repo": "pre-commit-hooks.nix",
+ "owner": "nix-community",
+ "repo": "poetry2nix",
"type": "github"
}
},
"purescript-overlay": {
"inputs": {
- "flake-compat": "flake-compat_5",
+ "flake-compat": "flake-compat_2",
"nixpkgs": [
"tlaternet-webserver",
"dream2nix",
@@ -1022,6 +326,7 @@
"disko": "disko",
"foundryvtt": "foundryvtt",
"nixpkgs": "nixpkgs_2",
+ "nixpkgs-crowdsec": "nixpkgs-crowdsec",
"nixpkgs-unstable": "nixpkgs-unstable",
"sonnenshift": "sonnenshift",
"sops-nix": "sops-nix",
@@ -1070,22 +375,21 @@
},
"sonnenshift": {
"inputs": {
- "crate2nix": "crate2nix",
"nixpkgs": [
"nixpkgs"
- ]
+ ],
+ "poetry2nixi": "poetry2nixi"
},
"locked": {
- "lastModified": 1740082109,
- "narHash": "sha256-WdRNkwsIotFOSymee/yQyH46RmYtuxd1FENhvGL4KRc=",
- "ref": "tlater/rust-rewrite",
- "rev": "a1b48cf2ba194054e2d8816c94a84cebc4fb5de0",
- "revCount": 23,
+ "lastModified": 1738867540,
+ "narHash": "sha256-co2Fs1VoWtTzo7IAeRtaNnyofoUWFOv/Aa/+vSorurA=",
+ "ref": "refs/heads/main",
+ "rev": "c6eeff42799c9d4073a241056198004d89bf87df",
+ "revCount": 15,
"type": "git",
"url": "ssh://git@github.com/sonnenshift/battery-manager"
},
"original": {
- "ref": "tlater/rust-rewrite",
"type": "git",
"url": "ssh://git@github.com/sonnenshift/battery-manager"
}
@@ -1097,11 +401,11 @@
]
},
"locked": {
- "lastModified": 1739262228,
- "narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=",
+ "lastModified": 1737107480,
+ "narHash": "sha256-GXUE9+FgxoZU8v0p6ilBJ8NH7k8nKmZjp/7dmMrCv3o=",
"owner": "Mic92",
"repo": "sops-nix",
- "rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975",
+ "rev": "4c4fb93f18b9072c6fa1986221f9a3d7bf1fe4b6",
"type": "github"
},
"original": {
@@ -1155,51 +459,6 @@
"type": "github"
}
},
- "systems_4": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
- }
- },
- "systems_5": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
- }
- },
- "systems_6": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
- }
- },
"tlaternet-webserver": {
"inputs": {
"dream2nix": "dream2nix",
@@ -1222,6 +481,28 @@
"url": "https://gitea.tlater.net/tlaternet/tlaternet.git"
}
},
+ "treefmt-nix": {
+ "inputs": {
+ "nixpkgs": [
+ "sonnenshift",
+ "poetry2nixi",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1730120726,
+ "narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=",
+ "owner": "numtide",
+ "repo": "treefmt-nix",
+ "rev": "9ef337e492a5555d8e17a51c911ff1f02635be15",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "treefmt-nix",
+ "type": "github"
+ }
+ },
"utils": {
"inputs": {
"systems": "systems"
diff --git a/flake.nix b/flake.nix
index 737a17f..3d04d7c 100644
--- a/flake.nix
+++ b/flake.nix
@@ -23,9 +23,11 @@
};
sonnenshift = {
- url = "git+ssh://git@github.com/sonnenshift/battery-manager?ref=tlater/rust-rewrite";
+ url = "git+ssh://git@github.com/sonnenshift/battery-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
+
+ nixpkgs-crowdsec.url = "github:tlater/nixpkgs/tlater/fix-crowdsec";
};
outputs =
@@ -104,6 +106,7 @@
in
{
default = vm.config.system.build.vm;
+ crowdsec = pkgs.callPackage "${inputs.nixpkgs-crowdsec}/pkgs/by-name/cr/crowdsec/package.nix" { };
crowdsec-hub = localPkgs.crowdsec.hub;
crowdsec-firewall-bouncer = localPkgs.crowdsec.firewall-bouncer;
};
diff --git a/modules/crowdsec/default.nix b/modules/crowdsec/default.nix
index c0003a5..0d0ff1c 100644
--- a/modules/crowdsec/default.nix
+++ b/modules/crowdsec/default.nix
@@ -1,4 +1,5 @@
{
+ flake-inputs,
pkgs,
lib,
config,
@@ -8,6 +9,8 @@ let
cfg = config.security.crowdsec;
settingsFormat = pkgs.formats.yaml { };
+ crowdsec = flake-inputs.self.packages.${pkgs.system}.crowdsec;
+
hub = pkgs.fetchFromGitHub {
owner = "crowdsecurity";
repo = "hub";
@@ -16,14 +19,14 @@ let
};
cscli = pkgs.writeShellScriptBin "cscli" ''
- export PATH="$PATH:${cfg.package}/bin/"
+ export PATH="$PATH:${crowdsec}/bin/"
sudo=exec
if [ "$USER" != "crowdsec" ]; then
sudo='exec /run/wrappers/bin/sudo -u crowdsec'
fi
- $sudo ${cfg.package}/bin/cscli "$@"
+ $sudo ${crowdsec}/bin/cscli "$@"
'';
acquisitions = ''
@@ -50,7 +53,7 @@ in
package = lib.mkOption {
type = package;
- default = pkgs.crowdsec;
+ default = crowdsec;
};
stateDirectory = lib.mkOption {
diff --git a/pkgs/crowdsec/_sources/generated.json b/pkgs/crowdsec/_sources/generated.json
index 634bc18..8485779 100644
--- a/pkgs/crowdsec/_sources/generated.json
+++ b/pkgs/crowdsec/_sources/generated.json
@@ -21,7 +21,7 @@
},
"crowdsec-hub": {
"cargoLocks": null,
- "date": "2025-02-16",
+ "date": "2025-01-30",
"extract": null,
"name": "crowdsec-hub",
"passthru": null,
@@ -33,10 +33,10 @@
"name": null,
"owner": "crowdsecurity",
"repo": "hub",
- "rev": "f7d7f476f88a4af05e1cfb3994536990adecfb57",
- "sha256": "sha256-m78uipryHDKixJzrF4K59ioAJ3WJN1JlXEC0DNVMCJ8=",
+ "rev": "8f102f5ac79af59d3024ca2771b65ec87411ac02",
+ "sha256": "sha256-8K1HkBg0++Au1dr2KMrl9b2ruqXdo+vqWngOCwL11Mo=",
"type": "github"
},
- "version": "f7d7f476f88a4af05e1cfb3994536990adecfb57"
+ "version": "8f102f5ac79af59d3024ca2771b65ec87411ac02"
}
}
\ No newline at end of file
diff --git a/pkgs/crowdsec/_sources/generated.nix b/pkgs/crowdsec/_sources/generated.nix
index 7ef44e6..6f845ec 100644
--- a/pkgs/crowdsec/_sources/generated.nix
+++ b/pkgs/crowdsec/_sources/generated.nix
@@ -14,14 +14,14 @@
};
crowdsec-hub = {
pname = "crowdsec-hub";
- version = "f7d7f476f88a4af05e1cfb3994536990adecfb57";
+ version = "8f102f5ac79af59d3024ca2771b65ec87411ac02";
src = fetchFromGitHub {
owner = "crowdsecurity";
repo = "hub";
- rev = "f7d7f476f88a4af05e1cfb3994536990adecfb57";
+ rev = "8f102f5ac79af59d3024ca2771b65ec87411ac02";
fetchSubmodules = false;
- sha256 = "sha256-m78uipryHDKixJzrF4K59ioAJ3WJN1JlXEC0DNVMCJ8=";
+ sha256 = "sha256-8K1HkBg0++Au1dr2KMrl9b2ruqXdo+vqWngOCwL11Mo=";
};
- date = "2025-02-16";
+ date = "2025-01-30";
};
}