flake.lock: Update

Flake lock file updates: • Updated input 'disko': 'github:nix-community/disko/5fd852c4155a689098095406500d0ae3d04654a8' (2024-11-14) → 'github:nix-community/disko/a0c384e0a3b8bcaed30a6bcf3783f8a7c8b35be4' (2024-11-20) • Updated input 'dream2nix': 'github:nix-community/dream2nix/44d41411686bc798876bd6d9f36a4c1143138d85' (2024-11-12) → 'github:nix-community/dream2nix/e118d69b142dea7690555fc4502f288030c1d4ed' (2024-11-18) • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/4639038b0f5e66e7d0f3d103b8e44ded3ab7e337' (2024-11-14) → 'github:nix-community/emacs-overlay/79d8dd3148860718bc78b73c7e4972f850b19541' (2024-11-20) • Updated input 'emacs-overlay/nixpkgs': 'github:NixOS/nixpkgs/dc460ec76cbff0e66e269457d7b728432263166c' (2024-11-11) → 'github:NixOS/nixpkgs/5e4fbfb6b3de1aa2872b76d49fafc942626e2add' (2024-11-15) • Updated input 'emacs-overlay/nixpkgs-stable': 'github:NixOS/nixpkgs/689fed12a013f56d4c4d3f612489634267d86529' (2024-11-12) → 'github:NixOS/nixpkgs/e8c38b73aeb218e27163376a2d617e61a2ad9b59' (2024-11-16) • Updated input 'git-hooks-nix': 'github:cachix/git-hooks.nix/cd1af27aa85026ac759d5d3fccf650abe7e1bbf0' (2024-11-11) → 'github:cachix/git-hooks.nix/3308484d1a443fc5bc92012435d79e80458fe43c' (2024-11-19) • Updated input 'homeManager': 'github:nix-community/home-manager/35b055009afd0107b69c286fca34d2ad98940d57' (2024-11-13) → 'github:nix-community/home-manager/a46e702093a5c46e192243edbd977d5749e7f294' (2024-11-19) • Updated input 'lanzaboote': 'github:nix-community/lanzaboote/cef39a78679c266300874e7a7000b4da066228d4' (2024-11-04) → 'github:nix-community/lanzaboote/2f48272f34174fd2a5ab3df4d8a46919247be879' (2024-11-18) • Updated input 'lix-eval-jobs': 'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=57ddb99e781d19704f8a84036f9890e6ca554c41' (2024-11-09) → 'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=912a9d63319e71ca131e16eea3348145a255db2e' (2024-11-18) • Updated input 'lix-eval-jobs/flake-parts': 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01) → 'github:hercules-ci/flake-parts/506278e768c2a08bec68eb62932193e341f55c90' (2024-11-01) • Updated input 'lix-eval-jobs/treefmt-nix': 'github:numtide/treefmt-nix/aac86347fb5063960eccb19493e0cadcdb4205ca' (2024-10-22) → 'github:numtide/treefmt-nix/746901bb8dba96d154b66492a29f5db0693dbfcc' (2024-10-30) • Updated input 'lix-module': 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=691193879d96bdfd1e6ab5ebcca2fadc7604cf34' (2024-11-09) → 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=aa2846680fa9a2032939d720487942567fd9eb63' (2024-11-18) • Updated input 'lix-module/flake-utils': 'github:numtide/flake-utils/c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a' (2024-09-17) → 'github:numtide/flake-utils/11707dc2f618dd54ca8739b309ec4fc024de578b' (2024-11-13) • Updated input 'mobile-nixos': 'github:NixOS/mobile-nixos/2268e358ed407d9c0a4499ae767d105eeaeec586' (2024-11-06) → 'github:NixOS/mobile-nixos/b7db416f5db80a749b45083876e908cda64506ad' (2024-11-19) • Updated input 'nixDarwin': 'github:LnL7/nix-darwin/6c71c49e2448e51ad830ed211024e6d0edc50116' (2024-11-12) → 'github:LnL7/nix-darwin/61cee20168a3ebb71a9efd70a55adebaadfbe4d4' (2024-11-19) • Updated input 'nixosHardware': 'github:NixOS/nixos-hardware/f6581f1c3b137086e42a08a906bdada63045f991' (2024-11-12) → 'github:NixOS/nixos-hardware/672ac2ac86f7dff2f6f3406405bddecf960e0db6' (2024-11-16) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/dc460ec76cbff0e66e269457d7b728432263166c' (2024-11-11) → 'github:NixOS/nixpkgs/5e4fbfb6b3de1aa2872b76d49fafc942626e2add' (2024-11-15) • Updated input 'treefmt-nix': 'github:numtide/treefmt-nix/746901bb8dba96d154b66492a29f5db0693dbfcc' (2024-10-30) → 'github:numtide/treefmt-nix/5f5c2787576f3e39bbc2ebdbf8521b3177c5c19c' (2024-11-19)
2024-11-20 14:01:36 +00:00
12 changed files with 61 additions and 195 deletions
--- a/flake.lock
+++ b/flake.lock
@ -100,11 +100,11 @@
        "pyproject-nix": "pyproject-nix"
      },
      "locked": {
-        "lastModified": 1732113111,
-        "narHash": "sha256-KgGKWOEbqP15O2J6kue4JShHDk5yGG5e1GfY22bjuZU=",
+        "lastModified": 1731915700,
+        "narHash": "sha256-IVhIHdQaY4LU+6wOmXM6IhjKN8k0nbTacedIfxmt0RI=",
        "owner": "nix-community",
        "repo": "dream2nix",
-        "rev": "91bec8a0854abfa581a40b5030cfa8f98d2f8ee5",
+        "rev": "e118d69b142dea7690555fc4502f288030c1d4ed",
        "type": "github"
      },
      "original": {
@ -119,11 +119,11 @@
        "nixpkgs-stable": "nixpkgs-stable"
      },
      "locked": {
-        "lastModified": 1732179669,
-        "narHash": "sha256-zpaoCm2sakoi8hsabMjTq7kYTz0SJo7PhRUGk48QjXY=",
+        "lastModified": 1732093299,
+        "narHash": "sha256-LFw807llsc/qIMbSBHN4C3jtOeWHLtSgo2V2yhv1nC8=",
        "owner": "nix-community",
        "repo": "emacs-overlay",
-        "rev": "46cbce8bc96c36a83a2cae9312026b3028bdcb87",
+        "rev": "79d8dd3148860718bc78b73c7e4972f850b19541",
        "type": "github"
      },
      "original": {
@ -223,27 +223,6 @@
      }
    },
    "flake-parts_3": {
-      "inputs": {
-        "nixpkgs-lib": [
-          "nix-fast-build",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1722555600,
-        "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "8471fe90ad337a8074e957b69ca4d0089218391d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
-    "flake-parts_4": {
      "inputs": {
        "nixpkgs-lib": "nixpkgs-lib_2"
      },
@ -261,7 +240,7 @@
        "type": "github"
      }
    },
-    "flake-parts_5": {
+    "flake-parts_4": {
      "inputs": {
        "nixpkgs-lib": [
          "nixThePlanet",
@ -419,7 +398,7 @@
    },
    "hercules-ci-effects": {
      "inputs": {
-        "flake-parts": "flake-parts_5",
+        "flake-parts": "flake-parts_4",
        "nixpkgs": "nixpkgs_6"
      },
      "locked": {
@ -643,28 +622,6 @@
        "type": "github"
      }
    },
-    "nix-fast-build": {
-      "inputs": {
-        "flake-parts": "flake-parts_3",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "treefmt-nix": "treefmt-nix_2"
-      },
-      "locked": {
-        "lastModified": 1730278911,
-        "narHash": "sha256-CrbqsC+lEA3w6gLfpqfDMDEKoEta2sl4sbQK6Z/gXak=",
-        "owner": "Mic92",
-        "repo": "nix-fast-build",
-        "rev": "8e7c9d76979381441facb8888f21408312cf177a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "Mic92",
-        "repo": "nix-fast-build",
-        "type": "github"
-      }
-    },
    "nix-formatter-pack": {
      "inputs": {
        "nixpkgs": [
@ -755,7 +712,7 @@
    },
    "nixThePlanet": {
      "inputs": {
-        "flake-parts": "flake-parts_4",
+        "flake-parts": "flake-parts_3",
        "hercules-ci-effects": "hercules-ci-effects",
        "nixpkgs": [
          "nixpkgs"
@ -935,11 +892,11 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1732014248,
-        "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
+        "lastModified": 1731676054,
+        "narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
+        "rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
        "type": "github"
      },
      "original": {
@ -996,11 +953,11 @@
    },
    "nixpkgs_7": {
      "locked": {
-        "lastModified": 1732014248,
-        "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
+        "lastModified": 1731676054,
+        "narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
+        "rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
        "type": "github"
      },
      "original": {
@ -1162,13 +1119,12 @@
        "lix-eval-jobs": "lix-eval-jobs",
        "lix-module": "lix-module",
        "mobile-nixos": "mobile-nixos",
-        "nix-fast-build": "nix-fast-build",
        "nix-on-droid": "nix-on-droid",
        "nixDarwin": "nixDarwin",
        "nixThePlanet": "nixThePlanet",
        "nixosHardware": "nixosHardware",
        "nixpkgs": "nixpkgs_7",
-        "treefmt-nix": "treefmt-nix_3",
+        "treefmt-nix": "treefmt-nix_2",
        "vscode-server": "vscode-server"
      }
    },
@ -1300,36 +1256,15 @@
    "treefmt-nix_2": {
      "inputs": {
        "nixpkgs": [
-          "nix-fast-build",
          "nixpkgs"
        ]
      },
      "locked": {
-        "lastModified": 1723808491,
-        "narHash": "sha256-rhis3qNuGmJmYC/okT7Dkc4M8CeUuRCSvW6kC2f3hBc=",
+        "lastModified": 1732013921,
+        "narHash": "sha256-grEEN4LjL4DTDZUyZjVcj9dXRykH/SKnpOIADN0q5w8=",
        "owner": "numtide",
        "repo": "treefmt-nix",
-        "rev": "1d07739554fdc4f8481068f1b11d6ab4c1a4167a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
-    },
-    "treefmt-nix_3": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1732187120,
-        "narHash": "sha256-XdW2mYXvPHYtZ8oQqO3tRYtxx7kI0Hs3NU64IwAtD68=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "37f8f47cb618eddee0c0dd31a582b1cd3013c7f6",
+        "rev": "5f5c2787576f3e39bbc2ebdbf8521b3177c5c19c",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -62,10 +62,6 @@
    };
    catppuccin.url = "github:catppuccin/nix";
    emacs-overlay.url = "github:nix-community/emacs-overlay";
-    nix-fast-build = {
-      url = "github:Mic92/nix-fast-build";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
  };

  outputs =
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -110,13 +110,11 @@
          "cloudflare-dyndns-api-token" = { };
          "restic-hetzner-password" = { };
          "hass-ssh-key".owner = "hass";
-          "sisko-attic-environment-file".owner = "atticd";
          "autistici-password" = {
            # FIXME terrible, should create a third ad-hoc group
            owner = "grafana";
            group = "forgejo";
          };
-
        };
      };
    };
--- a/hosts/sisko/default.nix
+++ b/hosts/sisko/default.nix
@ -18,7 +18,7 @@
      "sisko-proxy"
      "invidious"
      "searx"
-      "sisko-share"
+      "sisko-nfs"
      "forgejo"
      "prometheus"
      "grafana"
@ -30,7 +30,6 @@
      "immich"
      "paperless"
      "syncthing"
-      "atticd"
    ]
    ++ [
      ./disko.nix
--- a/modules/atticd/default.nix
+++ b/modules/atticd/default.nix
@ -1,52 +0,0 @@
-{ config, lib, ... }:
-{
-  services.atticd = {
-    enable = true;
-    settings = {
-      listen = "0.0.0.0:8081";
-      allowed-hosts = [ ]; # Allow all hosts
-      # api-endpoint = "https://cache.staging.mlabs.city/";
-      soft-delete-caches = false;
-      require-proof-of-possession = true;
-
-      database.url = "sqlite://${config.services.atticd.settings.storage.path}/server.db?mode=rwc";
-
-      storage = {
-        type = "local";
-        path = "/mnt/hd/atticd";
-      };
-
-      compression = {
-        level = 8;
-        type = "zstd";
-      };
-
-      chunking = {
-        nar-size-threshold = 64 * 1024; # 64 KiB
-        min-size = 16 * 1024; # 16 KiB
-        avg-size = 64 * 1024; # 64 KiB
-        max-size = 256 * 1024; # 256 KiB
-      };
-    };
-    environmentFile = config.age.secrets.sisko-attic-environment-file.path;
-  };
-
-  systemd.services.atticd = {
-    serviceConfig = {
-      DynamicUser = lib.mkForce false;
-    };
-  };
-
-  systemd.tmpfiles.rules = [
-    "d config.services.atticd.settings.storage.path 770 atticd atticd"
-  ];
-
-  users = {
-    groups.atticd = { };
-    users.atticd = {
-      group = "atticd";
-      home = config.services.atticd.settings.storage.path;
-      isSystemUser = true;
-    };
-  };
-}
--- a/modules/forgejo-runners/default.nix
+++ b/modules/forgejo-runners/default.nix
@ -23,7 +23,6 @@ let
        nix-fast-build
        curl
        tea
-        attic-client
      ]
    }; do
      for bin in "$dir"/bin/*; do
--- a/modules/home-assistant/default.nix
+++ b/modules/home-assistant/default.nix
@ -70,6 +70,15 @@ in
          "::1"
        ];
      };
+      # ffmpeg = {};
+      # camera = [
+      #   {
+      #     name = "EyeToy";
+      #     platform = "ffmpeg";
+      #     input = "/dev/video1";
+      #     extra_arguments = "-vcodec h264";
+      #   }
+      # ];
      homeassistant = {
        unit_system = "metric";
        time_zone = "Europe/Rome";
@ -78,6 +87,17 @@ in
        internal_url = "http://rock5b.fleet:8123";
      };
      logger.default = "WARNING";
+      # backup = {};
+      # media_player = [{
+      #   platform = "webostv";
+      #   host = "10.1.1.213";
+      #   name = "TV";
+      #   timeout = "5";
+      #   turn_on_action = {
+      #     service = "wake_on_lan.send_magic_packet";
+      #     data.mac = "20:28:bc:74:14:c2";
+      #   };
+      # }];
      wake_on_lan = { };
      switch = [
        {
@ -89,6 +109,7 @@ in
        }
      ];
      shell_command.turn_off_picard = ''${pkgs.openssh}/bin/ssh -i /var/lib/hass/.ssh/id_ed25519 -o StrictHostKeyChecking=no hass@picard.fleet "exec sudo \$(readlink \$(which systemctl)) poweroff"'';
+      # shell_command.turn_off_picard = ''whoami'';
      prometheus = {
        namespace = "hass";
      };
--- a/modules/nix/default.nix
+++ b/modules/nix/default.nix
@ -2,23 +2,17 @@
  config,
  lib,
  fleetFlake,
-  pkgs,
  ...
 }:
 {
  nixpkgs.overlays = [
    (final: _: {
-      nix-fast-build = fleetFlake.inputs.nix-fast-build.packages.${final.system}.nix-fast-build // {
-        nix = final.nix;
-      };
      nix-eval-job = fleetFlake.inputs.lix-eval-jobs.packages.${final.system}.nix-eval-jobs // {
        nix = final.nix;
      };
    })
  ];

-  environment.systemPackages = [ pkgs.nix-fast-build ];
-
  nix = {
    optimise.automatic = true;

--- a/modules/sisko-nfs/default.nix
+++ b/modules/sisko-nfs/default.nix
@ -0,0 +1,20 @@
+{
+  systemd.tmpfiles.rules = [
+    "d /export 770 nobody nogroup"
+  ];
+
+  fileSystems."/export/hd" = {
+    device = "/mnt/hd";
+    options = [ "bind" ];
+  };
+
+  services.nfs.server = {
+    enable = true;
+    exports = ''
+      /export     10.100.0.1/24(rw,fsid=0,no_subtree_check)
+      /export/hd  10.100.0.1/24(rw,nohide,insecure,no_subtree_check,no_root_squash)
+    '';
+  };
+
+  networking.firewall.allowedTCPPorts = [ 2049 ];
+}
--- a/modules/sisko-share/default.nix
+++ b/modules/sisko-share/default.nix
@ -1,39 +0,0 @@
-{
-  systemd.tmpfiles.rules = [
-    "d /export 770 nobody nogroup"
-  ];
-
-  fileSystems."/export/hd" = {
-    device = "/mnt/hd";
-    options = [ "bind" ];
-  };
-
-  services.nfs.server = {
-    enable = true;
-    exports = ''
-      /export     10.100.0.1/24(rw,fsid=0,no_subtree_check)
-      /export/hd  10.100.0.1/24(rw,nohide,insecure,no_subtree_check,no_root_squash)
-    '';
-  };
-
-  services.webdav = {
-    enable = true;
-
-    settings = {
-      address = "10.1.1.2"; # accessible only in LAN, used by Kodi installed on the TV
-      port = 9999;
-      scope = "/mnt/hd/torrent";
-      modify = false;
-      auth = false; # TODO should we enable authentication? It's only reachable in LAN
-      debug = true;
-      users = [ ];
-    };
-  };
-
-  users.users.webdav.extraGroups = [ "transmission" ];
-
-  networking.firewall.allowedTCPPorts = [
-    2049
-    9999
-  ];
-}
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -161,11 +161,6 @@ with keys.users;
    ccr-gpg
    sisko
  ];
-  "sisko-attic-environment-file.age".publicKeys = [
-    ccr-ssh
-    ccr-gpg
-    sisko
-  ];

  # WireGuard
  "picard-wireguard-private-key.age".publicKeys = [
--- a/secrets/sisko-attic-environment-file.age
+++ b/secrets/sisko-attic-environment-file.age