diff --git a/flake.lock b/flake.lock index 2d6ca68..73755af 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1762286984, - "narHash": "sha256-9I2H9x5We6Pl+DBYHjR1s3UT8wgwcpAH03kn9CqtdQc=", + "lastModified": 1756719547, + "narHash": "sha256-N9gBKUmjwRKPxAafXEk1EGadfk2qDZPBQp4vXWPHINQ=", "owner": "serokell", "repo": "deploy-rs", - "rev": "9c870f63e28ec1e83305f7f6cb73c941e699f74f", + "rev": "125ae9e3ecf62fb2c0fd4f2d894eb971f1ecaed2", "type": "github" }, "original": { @@ -41,11 +41,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1764627417, - "narHash": "sha256-D6xc3Rl8Ab6wucJWdvjNsGYGSxNjQHzRc2EZ6eeQ6l4=", + "lastModified": 1758287904, + "narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=", "owner": "nix-community", "repo": "disko", - "rev": "5a88a6eceb8fd732b983e72b732f6f4b8269bef3", + "rev": "67ff9807dd148e704baadbd4fd783b54282ca627", "type": "github" }, "original": { @@ -73,11 +73,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1761588595, - "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -91,11 +91,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1764578815, - "narHash": "sha256-WZ8+pH/cLjv3geonV3VFwtfa8IuTkPHb60a1ACQpOmc=", + "lastModified": 1757786467, + "narHash": "sha256-gx3THVUlpycVrUFC9vGhAtYRLI7dJtHyo67Zdq5Hadc=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "1b875fb942c4ef926fd7aade7db327be363f7179", + "rev": "1bbc26a28d320fb336d94e9f3cc6b92c035fab20", "type": "github" }, "original": { @@ -117,11 +117,11 @@ ] }, "locked": { - "lastModified": 1763319842, - "narHash": "sha256-YG19IyrTdnVn0l3DvcUYm85u3PaqBt6tI6VvolcuHnA=", + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "7275fa67fbbb75891c16d9dee7d88e58aea2d761", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "type": "github" }, "original": { @@ -168,17 +168,17 @@ "type": "github" } }, - "nixpkgs-old": { + "nixpkgs-25_05": { "locked": { - "lastModified": 1764939437, - "narHash": "sha256-4TLFHUwXraw9Df5mXC/vCrJgb50CRr3CzUzF0Mn3CII=", - "owner": "nixos", + "lastModified": 1747610100, + "narHash": "sha256-rpR5ZPMkWzcnCcYYo3lScqfuzEw5Uyfh+R0EKZfroAc=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "00d2457e2f608b4be6fe8b470b0a36816324b0ae", + "rev": "ca49c4304acf0973078db0a9d200fd2bae75676d", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" @@ -186,11 +186,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1764950072, - "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", + "lastModified": 1759036355, + "narHash": "sha256-0m27AKv6ka+q270dw48KflE0LwQYrO7Fm4/2//KCVWg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f61125a668a320878494449750330ca58b78c557", + "rev": "e9f00bd893984bc8ce46c895c3bf7cac95331127", "type": "github" }, "original": { @@ -234,32 +234,32 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1764983851, - "narHash": "sha256-y7RPKl/jJ/KAP/VKLMghMgXTlvNIJMHKskl8/Uuar7o=", + "lastModified": 1759281824, + "narHash": "sha256-FIBE1qXv9TKvSNwst6FumyHwCRH3BlWDpfsnqRDCll0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d9bc5c7dceb30d8d6fafa10aeb6aa8a48c218454", + "rev": "5b5be50345d4113d04ba58c444348849f5585b4a", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_5": { "locked": { - "lastModified": 1764020296, - "narHash": "sha256-6zddwDs2n+n01l+1TG6PlyokDdXzu/oBmEejcH5L5+A=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a320ce8e6e2cc6b4397eef214d202a50a4583829", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.11-small", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -270,7 +270,6 @@ "disko": "disko", "foundryvtt": "foundryvtt", "nixpkgs": "nixpkgs_4", - "nixpkgs-old": "nixpkgs-old", "nixpkgs-unstable": "nixpkgs-unstable", "simple-nixos-mailserver": "simple-nixos-mailserver", "sops-nix": "sops-nix" @@ -281,19 +280,20 @@ "blobs": "blobs", "flake-compat": "flake-compat_2", "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_5", + "nixpkgs-25_05": "nixpkgs-25_05" }, "locked": { - "lastModified": 1764185122, - "narHash": "sha256-+HUOwSIFLoyett2cvRjuFIbhobpHallfP9J2cia1apo=", + "lastModified": 1755110674, + "narHash": "sha256-PigqTAGkdBYXVFWsJnqcirrLeFqRFN4PFigLA8FzxeI=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "a14fe3b293ec2720e5b7fc72ad136d22967e12ba", + "rev": "f5936247dbdb8501221978562ab0b302dd75456c", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-25.11", + "ref": "nixos-25.05", "repo": "nixos-mailserver", "type": "gitlab" } @@ -305,11 +305,11 @@ ] }, "locked": { - "lastModified": 1765079830, - "narHash": "sha256-i9GMbBLkeZ7MVvy7+aAuErXkBkdRylHofrAjtpUPKt8=", + "lastModified": 1759188042, + "narHash": "sha256-f9QC2KKiNReZDG2yyKAtDZh0rSK2Xp1wkPzKbHeQVRU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "aeb517262102f13683d7a191c7e496b34df8d24c", + "rev": "9fcfabe085281dd793589bdc770a2e577a3caa5d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b6d78b5..5c38181 100644 --- a/flake.nix +++ b/flake.nix @@ -1,13 +1,12 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; - nixpkgs-old.url = "github:nixos/nixpkgs/nixos-25.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; disko.url = "github:nix-community/disko"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.url = "github:serokell/deploy-rs"; - simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.11"; + simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05"; foundryvtt.url = "github:reckenrode/nix-foundryvtt"; }; @@ -15,7 +14,6 @@ inputs@{ self, nixpkgs, - nixpkgs-old, nixpkgs-unstable, disko, deploy-rs, @@ -30,7 +28,6 @@ defaultModuleArgs = { pkgs, ... }: { - _module.args.pkgs-old = import nixpkgs-old { system = "x86_64-linux"; }; _module.args.pkgs-unstable = import nixpkgs-unstable { system = "x86_64-linux"; config.allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [ "minecraft-server" ]; diff --git a/modules/default.nix b/modules/default.nix index d7a43a6..c590769 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -11,7 +11,6 @@ ./jellyfin.nix ./stb.nix ./monero.nix - ./minecraft-server.nix ./torrents.nix ./jitsi.nix ./binary-cache.nix diff --git a/modules/headscale.nix b/modules/headscale.nix index 4592bc2..08e92c4 100644 --- a/modules/headscale.nix +++ b/modules/headscale.nix @@ -27,10 +27,6 @@ in dns = { base_domain = "ts.net"; nameservers = { - global = [ - "9.9.9.10" - "149.112.112.10" - ]; split = { "foyer.cloud" = "10.33.0.100"; "foyer.lu" = "10.33.0.100"; diff --git a/modules/jellyfin.nix b/modules/jellyfin.nix index a052489..e97f601 100644 --- a/modules/jellyfin.nix +++ b/modules/jellyfin.nix @@ -1,9 +1,4 @@ -{ - config, - lib, - pkgs-old, - ... -}: +{ config, lib, ... }: let cfg = config.custom.services.jellyfin; in @@ -15,8 +10,6 @@ in config = lib.mkIf cfg.enable { services.jellyfin = { enable = true; - # Downgrade because of https://github.com/jellyfin/jellyfin/issues/15388 - package = pkgs-old.jellyfin; dataDir = "/nix/var/data/jellyfin"; }; diff --git a/modules/jitsi.nix b/modules/jitsi.nix index 67bb764..75bbaf5 100644 --- a/modules/jitsi.nix +++ b/modules/jitsi.nix @@ -12,7 +12,7 @@ in }; config = lib.mkIf cfg.enable { - nixpkgs.config.permittedInsecurePackages = [ "jitsi-meet-1.0.8792" ]; + nixpkgs.config.permittedInsecurePackages = [ "jitsi-meet-1.0.8043" ]; services.jitsi-meet = { enable = true; hostName = "jitsi.froidmont.org"; diff --git a/modules/minecraft-server.nix b/modules/minecraft-server.nix deleted file mode 100644 index 8c16078..0000000 --- a/modules/minecraft-server.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - config, - lib, - pkgs, - pkgs-unstable, - ... -}: -let - cfg = config.custom.services.minecraft-server; -in -{ - options.custom.services.minecraft-server = { - enable = lib.mkEnableOption "minecraft server"; - }; - - config = lib.mkIf cfg.enable { - services.minecraft-server = { - enable = true; - package = pkgs-unstable.minecraft-server; - eula = true; - openFirewall = true; - declarative = true; - serverProperties = { - enable-rcon = true; - "rcon.port" = 25575; - "rcon.password" = "password"; - server-port = 23363; - online-mode = true; - force-gamemode = true; - white-list = true; - diffuculty = "hard"; - }; - whitelist = { - paulplay15 = "1d5abc95-2fdb-4dcb-98e8-4fb5a0fba953"; - Xavier1258 = "e9059cf3-00ef-47a3-92ee-4e4a3fea0e6d"; - denisjulien3333 = "3c93e1a2-42d8-4a51-9fe3-924c8e8d5b07"; - }; - dataDir = "/nix/var/data/minecraft"; - }; - - services.bluemap = { - enable = true; - eula = true; - defaultWorld = "${config.services.minecraft-server.dataDir}/world"; - host = "mcmap.${config.networking.domain}"; - enableNginx = true; - enableRender = true; - }; - - services.nginx.virtualHosts."mcmap.${config.networking.domain}" = { - forceSSL = true; - enableACME = true; - }; - }; -} diff --git a/modules/torrents.nix b/modules/torrents.nix index f35a718..1babec0 100644 --- a/modules/torrents.nix +++ b/modules/torrents.nix @@ -161,7 +161,6 @@ in services.transmission = { enable = true; - package = pkgs-unstable.transmission_4; openRPCPort = true; user = config.users.users.www-data.name; group = config.users.groups.www-data.name; diff --git a/profiles/hel.nix b/profiles/hel.nix index 39aaed5..a721a04 100644 --- a/profiles/hel.nix +++ b/profiles/hel.nix @@ -1,9 +1,4 @@ -{ - config, - pkgs, - pkgs-unstable, - ... -}: +{ config, pkgs, ... }: { imports = [ ../environment.nix @@ -235,11 +230,10 @@ roundcube.enable = true; monero.enable = true; grafana.enable = true; - headscale.enable = true; - immich.enable = true; - minecraft-server.enable = true; monitoring-exporters.enable = true; + immich.enable = true; forgejo.enable = true; + headscale.enable = true; backup-job = { enable = true; @@ -380,6 +374,30 @@ }; }; + # services.minecraft-server = { + # enable = false; + # package = pkgs-unstable.minecraft-server; + # eula = true; + # openFirewall = false; + # declarative = true; + # serverProperties = { + # enable-rcon = true; + # "rcon.port" = 25575; + # "rcon.password" = "password"; + # server-port = 23363; + # online-mode = true; + # force-gamemode = true; + # white-list = true; + # diffuculty = "hard"; + # }; + # whitelist = { + # paulplay15 = "1d5abc95-2fdb-4dcb-98e8-4fb5a0fba953"; + # Xavier1258 = "e9059cf3-00ef-47a3-92ee-4e4a3fea0e6d"; + # denisjulien3333 = "3c93e1a2-42d8-4a51-9fe3-924c8e8d5b07"; + # }; + # dataDir = "/nix/var/data/minecraft"; + # }; + # virtualisation.oci-containers.containers = { # "minecraft" = { # image = "itzg/minecraft-server"; @@ -478,8 +496,6 @@ }; certificateScheme = "acme-nginx"; - - stateVersion = 3; }; services.rspamd.extraConfig = '' diff --git a/terraform/dns.tf b/terraform/dns.tf index 18ac033..309d129 100644 --- a/terraform/dns.tf +++ b/terraform/dns.tf @@ -28,14 +28,6 @@ resource "hetznerdns_record" "banditlair_hcloud_a" { ttl = 600 } -resource "hetznerdns_record" "banditlair_mcmap_a" { - zone_id = data.hetznerdns_zone.banditlair_zone.id - name = "mcmap" - value = local.hel1_ip - type = "A" - ttl = 600 -} - resource "hetznerdns_record" "webmail_a" { zone_id = data.hetznerdns_zone.banditlair_zone.id name = "webmail"