flake.lock: Update

Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41' (2024-08-10)
  → 'github:ryantm/agenix/e600439ec4c273cf11e06fe4d9d906fb98fa097c' (2025-01-15)
• Updated input 'catppuccin':
    'github:catppuccin/nix/8eada392fd6571a747e1c5fc358dd61c14c8704e' (2025-01-05)
  → 'github:catppuccin/nix/1e3fe44bc13809f62c2ef0aa864a304a6c8ebea4' (2025-03-14)
• Removed input 'catppuccin/catppuccin-v1_1'
• Removed input 'catppuccin/catppuccin-v1_2'
• Removed input 'catppuccin/home-manager'
• Removed input 'catppuccin/home-manager/nixpkgs'
• Removed input 'catppuccin/home-manager-stable'
• Removed input 'catppuccin/home-manager-stable/nixpkgs'
• Updated input 'catppuccin/nixpkgs':
    'github:NixOS/nixpkgs/d3c42f187194c26d9f0309a8ecc469d6c878ce33' (2024-12-17)
  → 'github:NixOS/nixpkgs/10069ef4cf863633f57238f179a0297de84bd8d3' (2025-03-06)
• Removed input 'catppuccin/nixpkgs-stable'
• Removed input 'catppuccin/nuscht-search'
• Removed input 'catppuccin/nuscht-search/flake-utils'
• Removed input 'catppuccin/nuscht-search/flake-utils/systems'
• Removed input 'catppuccin/nuscht-search/ixx'
• Removed input 'catppuccin/nuscht-search/ixx/flake-utils'
• Removed input 'catppuccin/nuscht-search/ixx/nixpkgs'
• Removed input 'catppuccin/nuscht-search/nixpkgs'
• Updated input 'disko':
    'github:nix-community/disko/f720e64ec37fa16ebba6354eadf310f81555cc07' (2025-01-12)
  → 'github:nix-community/disko/0d8c6ad4a43906d14abd5c60e0ffe7b587b213de' (2025-03-12)
• Updated input 'emacs-overlay':
    'github:nix-community/emacs-overlay/244a2ab1459c72bac32a2db088549f8bc6d7a836' (2025-01-13)
  → 'github:nix-community/emacs-overlay/5d6c484290f0754ce745ea6f7e2b7d037bdc7b76' (2025-03-14)
• Updated input 'emacs-overlay/nixpkgs':
    'github:NixOS/nixpkgs/130595eba61081acde9001f43de3248d8888ac4a' (2025-01-10)
  → 'github:NixOS/nixpkgs/6607cf789e541e7873d40d3a8f7815ea92204f32' (2025-03-13)
• Updated input 'emacs-overlay/nixpkgs-stable':
    'github:NixOS/nixpkgs/1dab772dd4a68a7bba5d9460685547ff8e17d899' (2025-01-10)
  → 'github:NixOS/nixpkgs/cdd2ef009676ac92b715ff26630164bb88fec4e0' (2025-03-13)
• Updated input 'flakeParts':
    'github:hercules-ci/flake-parts/b905f6fc23a9051a6e1b741e1438dbfc0634c6de' (2025-01-06)
  → 'github:hercules-ci/flake-parts/f4330d22f1c5d2ba72d3d22df5597d123fdb60a9' (2025-03-07)
• Updated input 'flakeParts/nixpkgs-lib':
    'e9b5173191.tar.gz?narHash=sha256-CewEm1o2eVAnoqb6Ml%2BQi9Gg/EfNAxbRx1lANGVyoLI%3D' (2025-01-01)
  → 'github:nix-community/nixpkgs.lib/147dee35aab2193b174e4c0868bd80ead5ce755c' (2025-03-02)
• Updated input 'git-hooks-nix':
    'github:cachix/git-hooks.nix/a5a961387e75ae44cc20f0a57ae463da5e959656' (2025-01-03)
  → 'github:cachix/git-hooks.nix/b5a62751225b2f62ff3147d0a334055ebadcd5cc' (2025-03-07)
• Updated input 'homeManager':
    'github:nix-community/home-manager/9616d81f98032d1ee9bec68ab4b6a8c833add88c' (2025-01-13)
  → 'github:nix-community/home-manager/4e12151c9e014e2449e0beca2c0e9534b96a26b4' (2025-03-14)
• Updated input 'impermanence':
    'github:nix-community/impermanence/c64bed13b562fc3bb454b48773d4155023ac31b7' (2025-01-12)
  → 'github:nix-community/impermanence/4b3e914cdf97a5b536a889e939fb2fd2b043a170' (2025-01-25)
• Updated input 'lanzaboote':
    'github:nix-community/lanzaboote/93e6f0d77548be8757c11ebda5c4235ef4f3bc67' (2024-12-23)
  → 'github:nix-community/lanzaboote/d8099586d9a84308ffedac07880e7f07a0180ff4' (2025-03-08)
• Updated input 'lanzaboote/crane':
    'github:ipetkov/crane/ef80ead953c1b28316cc3f8613904edc2eb90c28' (2024-11-08)
  → 'github:ipetkov/crane/75390a36cd0c2cdd5f1aafd8a9f827d7107f2e53' (2025-03-05)
• Updated input 'lanzaboote/flake-compat':
    'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
  → 'github:edolstra/flake-compat/ff81ac966bb2cae68946d5ed5fc4994f96d0ffec' (2024-12-04)
• Updated input 'lanzaboote/flake-parts':
    'github:hercules-ci/flake-parts/506278e768c2a08bec68eb62932193e341f55c90' (2024-11-01)
  → 'github:hercules-ci/flake-parts/3876f6b87db82f33775b1ef5ea343986105db764' (2025-03-01)
• Updated input 'lanzaboote/pre-commit-hooks-nix':
    'github:cachix/pre-commit-hooks.nix/cd1af27aa85026ac759d5d3fccf650abe7e1bbf0' (2024-11-11)
  → 'github:cachix/pre-commit-hooks.nix/42b1ba089d2034d910566bf6b40830af6b8ec732' (2025-03-02)
• Removed input 'lanzaboote/pre-commit-hooks-nix/nixpkgs-stable'
• Updated input 'lanzaboote/rust-overlay':
    'github:oxalica/rust-overlay/0be641045af6d8666c11c2c40e45ffc9667839b5' (2024-11-18)
  → 'github:oxalica/rust-overlay/38e9826bc4296c9daf18bc1e6aa299f3e932a403' (2025-03-06)
• Updated input 'lix':
    'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=38dd196b03f4163ae3bbb2a1910b8f0f141ca0e2' (2025-01-12)
  → 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=af15a446ea88a2244e3c5a50eab776c33ab3bd80' (2025-03-14)
• Updated input 'lix-module':
    'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=c374ebf5548c7b6d4bf884369a5b6879cfc916ea' (2024-12-06)
  → 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=a6da43f8193d9e329bba1795c42590c27966082e' (2025-03-13)
• Updated input 'mobile-nixos':
    'github:NixOS/mobile-nixos/72a0601f36a1b424e8b72f17ff53509b990ee060' (2025-01-11)
  → 'github:NixOS/mobile-nixos/8956d72cf8fa9110dcc5fcbc537adee45a8014f5' (2025-03-04)
• Updated input 'nixosHardware':
    'github:NixOS/nixos-hardware/8870dcaff63dfc6647fb10648b827e9d40b0a337' (2025-01-09)
  → 'github:NixOS/nixos-hardware/e1f12151258b12c567f456d8248e4694e9390613' (2025-03-12)
• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/13c913f5deb3a5c08bb810efd89dc8cb24dd968b' (2025-01-06)
  → 'github:numtide/treefmt-nix/3d0579f5cc93436052d94b73925b48973a104204' (2025-02-17)

.forgejo/workflows/build.yaml

@@ -8,7 +8,7 @@ jobs:
       - uses: actions/checkout@v4
         name: Checkout repository
       - name: Attic login
-        run: attic login nixfleet http://sisko.wg.aciceri.dev:8081 ${{secrets.ATTIC_NIXFLEET_TOKEN}}
+        run: attic login nixfleet http://10.100.0.1:8081 ${{secrets.ATTIC_NIXFLEET_TOKEN}}
       - name: Build with nix
         run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true
       - name: Report checks

flake.lock

@@ -26,11 +26,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1742098205,
-        "narHash": "sha256-gCkVTohFTyq/Pi3dlUhv1uA5Kqbalf45nLmUDRluULE=",
+        "lastModified": 1741914590,
+        "narHash": "sha256-R8Bxh/AMD6nvmQrC43DkUkuwDmTWlyvNAzJ0Riq5w5U=",
         "owner": "catppuccin",
         "repo": "nix",
-        "rev": "d84df59c7aa29cebaff9f190d19c24e7ddacd773",
+        "rev": "1e3fe44bc13809f62c2ef0aa864a304a6c8ebea4",
         "type": "github"
       },
       "original": {
@@ -122,11 +122,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1742113225,
-        "narHash": "sha256-tUor57FbLwwy+duUbjq8Ff0TyayK1i50rUbXBfdgfuM=",
+        "lastModified": 1741945480,
+        "narHash": "sha256-D80QGijmeVxm/4fJVd53dP8MHCLcn+JjtgniaGKIXvg=",
         "owner": "nix-community",
         "repo": "emacs-overlay",
-        "rev": "7e13aa507d714371e6ff70a91d76dcb339311773",
+        "rev": "5d6c484290f0754ce745ea6f7e2b7d037bdc7b76",
         "type": "github"
       },
       "original": {
@@ -282,11 +282,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1742058297,
-        "narHash": "sha256-b4SZc6TkKw8WQQssbN5O2DaCEzmFfvSTPYHlx/SFW9Y=",
+        "lastModified": 1741379162,
+        "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "59f17850021620cd348ad2e9c0c64f4e6325ce2a",
+        "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc",
         "type": "github"
       },
       "original": {
@@ -464,11 +464,11 @@
     "lix": {
       "flake": false,
       "locked": {
-        "lastModified": 1742087036,
-        "narHash": "sha256-oiVgpmK9bZe7lvf7JRc7jAW4fotEuW9d/3e9LJMk8mU=",
+        "lastModified": 1741957871,
+        "narHash": "sha256-BSim3favVai9y7eMaFWNNDbIJ0mdRp5TMcJvHWdjC1s=",
         "ref": "refs/heads/main",
-        "rev": "29732f19a2a9e0d9e7a5bad953c4fad6f719c50e",
-        "revCount": 17654,
+        "rev": "af15a446ea88a2244e3c5a50eab776c33ab3bd80",
+        "revCount": 17649,
         "type": "git",
         "url": "https://git@git.lix.systems/lix-project/lix"
       },
@@ -663,11 +663,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1741851582,
-        "narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=",
+        "lastModified": 1741246872,
+        "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "6607cf789e541e7873d40d3a8f7815ea92204f32",
+        "rev": "10069ef4cf863633f57238f179a0297de84bd8d3",
         "type": "github"
       },
       "original": {

hmModules/niri/default.nix

@@ -14,8 +14,8 @@ let
           cols = "150";
         };
         floating-btop = {
-          rows = "60";
-          cols = "210";
+          rows = "210";
+          cols = "60";
         };
       };
       kirk = {
@@ -38,7 +38,7 @@ let
   run-floating-btop =
     with niriVars.floating-btop;
     pkgs.writeScriptBin "run-floating-btop" ''
-      foot --title='bTop' -W ${cols}x${rows} btop
+      foot --title='bTop' -W ${rows}x${cols} btop
     '';
 in
 {

hmModules/shell/default.nix

@@ -64,7 +64,7 @@
       };
       auto_sync = true;
       sync_frequency = "5m";
-      sync_address = "http://sisko.wg.aciceri.dev:8889";
+      sync_address = "http://sisko.fleet:8889";
       search_mode = "fuzzy";
       style = "compact";
     };

hosts/sisko/default.nix

@@ -32,7 +32,6 @@
       "matrix"
       "radarr"
       "zerotier"
-      "mosh"
     ]
     ++ [
       ./disko.nix

modules/cloudflare-dyndns/default.nix

@@ -11,7 +11,6 @@
       "photos.aciceri.dev"
       "jelly.aciceri.dev"
       "matrix.aciceri.dev"
-      "vpn.aciceri.dev"
     ];
     apiTokenFile = config.age.secrets.cloudflare-dyndns-api-token.path;
   };

modules/home-assistant/default.nix

@@ -80,6 +80,7 @@ in
         time_zone = "Europe/Rome";
         temperature_unit = "C";
         external_url = "https://home.aciceri.dev";
+        internal_url = "http://rock5b.fleet:8123";
       };
       logger.default = "WARNING";
       wake_on_lan = { };
@@ -88,7 +89,7 @@ in
           name = "Picard";
           platform = "wake_on_lan";
           mac = "74:56:3c:37:17:bd"; # this shouldn't be public
-          host = "picard.wg.aciceri.dev";
+          host = "picard.fleet";
           turn_off.service = "shell_command.turn_off_picard";
         }
       ];

modules/mount-sisko/default.nix

@@ -16,7 +16,7 @@
   };
 
   fileSystems."/mnt/nas" = {
-    device = "sisko.wg.aciceri.dev:/hd";
+    device = "sisko.fleet:/hd";
     fsType = "nfs";
     options = [
       "x-systemd.automount"

modules/nginx-base/default.nix

@@ -12,6 +12,7 @@
           "*.sisko.wg.aciceri.dev"
         ];
         dnsProvider = "cloudflare";
+        # dnsResolver = "1.1.1.1:53";
         dnsPropagationCheck = true;
         group = config.services.nginx.group;
         environmentFile = config.age.secrets.cloudflare-dyndns-api-token.path;

modules/nix/default.nix

@@ -81,7 +81,7 @@
     distributedBuilds = true;
     buildMachines =
       lib.lists.optional (config.networking.hostName == "picard") {
-        hostName = "sisko.wg.aciceri.dev";
+        hostName = "sisko.fleet";
         system = "aarch64-linux";
         maxJobs = 7;
         supportedFeatures = [

modules/prometheus/default.nix

@@ -8,11 +8,11 @@ in
     pushgateway = {
       enable = true;
       web = {
-        listen-address = "sisko.wg.aciceri.dev:9094";
+        listen-address = "sisko.fleet:9094";
       };
     };
     checkConfig = false; # Otherwise it will fail because it cannot access bearer_token_file
-    webExternalUrl = "https://status.wg.aciceri.dev";
+    webExternalUrl = "https://status.aciceri.dev";
     globalConfig.scrape_interval = "10s";
     scrapeConfigs = [
       {
@@ -22,7 +22,7 @@ in
         static_configs = [
           {
             targets = [
-              "sisko.wg.aciceri.dev:${builtins.toString config.services.home-assistant.config.http.server_port}"
+              "sisko.fleet:${builtins.toString config.services.home-assistant.config.http.server_port}"
             ];
           }
         ];
@@ -39,7 +39,7 @@ in
         job_name = "node";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9100") [
+            targets = builtins.map (host: "${host}.fleet:9100") [
               "sisko"
               "picard"
               "kirk"
@@ -51,7 +51,7 @@ in
         job_name = "wireguard";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9586") [
+            targets = builtins.map (host: "${host}.fleet:9586") [
               "picard"
               "kirk"
             ];
@@ -62,7 +62,7 @@ in
         job_name = "zfs";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9134") [
+            targets = builtins.map (host: "${host}.fleet:9134") [
               "picard"
               "kirk"
             ];
@@ -73,7 +73,7 @@ in
         job_name = "restic";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9753") [ "sisko" ];
+            targets = builtins.map (host: "${host}.fleet:9753") [ "sisko" ];
           }
         ];
       }
@@ -81,7 +81,7 @@ in
         job_name = "postgres";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9187") [ "sisko" ];
+            targets = builtins.map (host: "${host}.fleet:9187") [ "sisko" ];
           }
         ];
       }
@@ -89,7 +89,7 @@ in
         job_name = "nginx";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9117") [ "sisko" ];
+            targets = builtins.map (host: "${host}.fleet:9117") [ "sisko" ];
           }
         ];
       }
@@ -97,7 +97,7 @@ in
         job_name = "smartctl";
         static_configs = [
           {
-            targets = builtins.map (host: "${host}.wg.aciceri.dev:9633") [
+            targets = builtins.map (host: "${host}.fleet:9633") [
               "sisko"
               "kirk"
               "picard"

modules/promtail/default.nix

@@ -12,7 +12,7 @@ let
     };
     clients = [
       {
-        url = "http://sisko.wg.aciceri.dev:${
+        url = "http://sisko.fleet:${
           builtins.toString config.services.loki.configuration.server.http_listen_port or 3100
         }/loki/api/v1/push";
       }

modules/syncthing/default.nix

@@ -3,7 +3,7 @@
   services = {
     syncthing = {
       enable = true;
-      guiAddress = "${config.networking.hostName}.wg.aciceri.dev:8434";
+      guiAddress = "${config.networking.hostName}.fleet:8434";
       # TODO Use the home-manager module instead of the following conditions
       user = if config.networking.hostName == "sisko" then "syncthing" else "ccr";
       dataDir = if config.networking.hostName == "sisko" then "/mnt/hd/syncthing" else "/home/ccr";
@@ -16,25 +16,25 @@
           picard = {
             id = "XKSCJ46-EM6GIZ7-6ABQTZZ-ZRVWVFM-MJ3QNVG-F5EWHY5-ZUNYVSL-DA77YAG";
             addresses = [
-              "tcp://picard.wg.aciceri.dev"
+              "tcp://picard.fleet"
             ];
           };
           sisko = {
             id = "QE6V7PR-VHMAHHS-GHD4ZI3-IBB7FEM-M6EQZBX-YFCWDAK-YCYL6VO-NNRMXQK";
             addresses = [
-              "tcp://sisko.wg.aciceri.dev"
+              "tcp://sisko.fleet"
             ];
           };
           kirk = {
             id = "OVPXSCE-XFKCBJ2-A4SKJRI-DYBZ6CV-U2OFNA2-ALHOPW5-PPMHOIQ-5TG2HAJ";
             addresses = [
-              "tcp://kirk.wg.aciceri.dev"
+              "tcp://kirk.fleet"
             ];
           };
           oneplus8t = {
             id = "KMB2YRF-DGTWU24-SLITU23-5TN7BMQ-6PFAQQZ-CZ7J2QL-PIGVBTU-VRFRMQV";
             addresses = [
-              "tcp://oneplus8t.wg.aciceri.dev"
+              "tcp://oneplus8t.fleet"
             ];
           };
         };

modules/wireguard-common/default.nix

@@ -24,4 +24,9 @@
     privateKeyFile = config.age.secrets."${config.networking.hostName}-wireguard-private-key".path;
     listenPort = 51820;
   };
+
+  networking.hosts = lib.mapAttrs' (hostname: vpnConfig: {
+    name = vpnConfig.ip;
+    value = [ "${hostname}.fleet" ];
+  }) vpn;
 }

modules/zerotier/default.nix

@@ -1,16 +1,6 @@
-{ config, lib, ... }:
 {
   services.zerotierone = {
     enable = true;
     joinNetworks = [ "632ea29085af0cb4" ];
   };
-  environment =
-    if (config.networking.hostName == "sisko") then
-      {
-        persistence."/persist".directories = [
-          "/var/lib/zerotier-one"
-        ];
-      }
-    else
-      { };
 }

packages/deploy/deploy.sh

@@ -2,8 +2,8 @@ host=${1-picard}
 
 nixos-rebuild switch \
   --flake ".#${host}" \
-  --target-host "root@${host}.wg.aciceri.dev" \
-  --build-host "root@${host}.wg.aciceri.dev" \
+  --target-host "root@${host}.fleet" \
+  --build-host "root@${host}.fleet" \
   --option warn-dirty false \
   --fast \
   "${@:2}"