From 10b9c9d7168d10dc0f3b2c7966010a633c6b8364 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Mon, 25 Dec 2023 19:32:04 +0100 Subject: [PATCH] pin home manager flake input to 23.11 branch change wireguard endpoint address permit insecure electron versions due to deprecation --- flake.lock | 70 ++++++++++++++++++++++++++++++----------------- flake.nix | 15 +++++++--- nixos/default.nix | 12 +++++--- 3 files changed, 64 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index 2f81c87..fcc235b 100644 --- a/flake.lock +++ b/flake.lock @@ -8,14 +8,15 @@ ], "nixpkgs": [ "nixpkgs" - ] + ], + "systems": "systems" }, "locked": { - "lastModified": 1701216516, - "narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=", + "lastModified": 1703433843, + "narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=", "owner": "ryantm", "repo": "agenix", - "rev": "13ac9ac6d68b9a0896e3d43a082947233189e247", + "rev": "417caa847f9383e111d1397039c9d4337d024bf0", "type": "github" }, "original": { @@ -32,11 +33,11 @@ ] }, "locked": { - "lastModified": 1673295039, - "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=", + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "87b9d090ad39b25b2400029c64825fc2a8868943", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", "type": "github" }, "original": { @@ -53,14 +54,18 @@ ] }, "locked": { - "lastModified": 1702195709, - "narHash": "sha256-+zRjWkm5rKqQ57PuLZ3JF3xi3vPMiOJzItb1m/43Cq4=", - "type": "tarball", - "url": "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz" + "lastModified": 1703367386, + "narHash": "sha256-FMbm48UGrBfOWGt8+opuS+uLBLQlRfhiYXhHNcYMS5k=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "d5824a76bc6bb93d1dce9ebbbcb09a9b6abcc224", + "type": "github" }, "original": { - "type": "tarball", - "url": "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz" + "owner": "nix-community", + "ref": "release-23.11", + "repo": "home-manager", + "type": "github" } }, "homeage": { @@ -85,11 +90,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1702336390, - "narHash": "sha256-BRO8J8QbmyuS0XMh4UfY11akgTGZj1YhkqNvR83JrsI=", + "lastModified": 1702453208, + "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "fef05bf9c8e818f4ca1425ef4c18e6680becd072", + "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6", "type": "github" }, "original": { @@ -101,11 +106,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1702233072, - "narHash": "sha256-H5G2wgbim2Ku6G6w+NSaQaauv6B6DlPhY9fMvArKqRo=", + "lastModified": 1703200384, + "narHash": "sha256-q5j06XOsy0qHOarsYPfZYJPWbTbc8sryRxianlEPJN0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "781e2a9797ecf0f146e81425c822dca69fe4a348", + "rev": "0b3d618173114c64ab666f557504d6982665d328", "type": "github" }, "original": { @@ -117,11 +122,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1702272962, - "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "lastModified": 1703134684, + "narHash": "sha256-SQmng1EnBFLzS7WSRyPM9HgmZP2kLJcPAz+Ug/nug6o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "rev": "d6863cbcbbb80e71cecfc03356db1cda38919523", "type": "github" }, "original": { @@ -133,11 +138,11 @@ }, "nur": { "locked": { - "lastModified": 1702408331, - "narHash": "sha256-wUO8C8LoQv31udnmWsp9FSR2QSdazM50ltJrhuShQJw=", + "lastModified": 1703528695, + "narHash": "sha256-vHC5auhnV5JZLaERNpYu0A2+zX0eiwzsT0iIuT40Dmo=", "owner": "nix-community", "repo": "NUR", - "rev": "82d6c2887abbcc767962134c212b2b766390f7c7", + "rev": "747c0cbbecc987e67f49680b6753cc0e8ab355c5", "type": "github" }, "original": { @@ -156,6 +161,21 @@ "nixpkgs-unstable": "nixpkgs-unstable", "nur": "nur" } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index bd06ea8..51c89c7 100644 --- a/flake.nix +++ b/flake.nix @@ -6,8 +6,7 @@ nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nur.url = "github:nix-community/NUR"; home-manager = { - url = - "https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz"; + url = "github:nix-community/home-manager?ref=release-23.11"; inputs.nixpkgs.follows = "nixpkgs"; }; homeage = { @@ -22,8 +21,16 @@ nixos-hardware.url = "github:NixOS/nixos-hardware/master"; }; - outputs = { nixpkgs, nixpkgs-unstable, home-manager, homeage, agenix, nur - , nixos-hardware, ... }: { + outputs = + { nixpkgs + , nixpkgs-unstable + , home-manager + , homeage + , agenix + , nur + , nixos-hardware + , ... + }: { formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt; nixosConfigurations.pim = nixpkgs.lib.nixosSystem rec { diff --git a/nixos/default.nix b/nixos/default.nix index 7822e83..3decc34 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -6,9 +6,9 @@ time.timeZone = "Europe/Amsterdam"; i18n.defaultLocale = "en_US.UTF-8"; - services.gnome.gnome-keyring.enable = lib.mkForce false; - services = { + gnome.gnome-keyring.enable = lib.mkForce false; + xserver = { enable = true; displayManager.gdm = { enable = true; }; @@ -123,11 +123,11 @@ wg-quick.interfaces.home = { privateKeyFile = config.age.secrets.wg-quick-home-privkey.path; - address = [ "10.225.191.4/24" "fd11:5ee:bad:c0de::4/64" ]; + address = [ "10.225.191.4/24" ]; dns = [ "192.168.30.8" ]; peers = [{ presharedKeyFile = config.age.secrets.wg-quick-home-preshared-key.path; - endpoint = "84.245.14.149:51820"; + endpoint = "wg.geokunis2.nl:51820"; publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg="; allowedIPs = [ "0.0.0.0/0" "::0/0" ]; }]; @@ -141,4 +141,8 @@ setSocketVariable = true; }; }; + + nixpkgs.config.permittedInsecurePackages = [ + "electron-25.9.0" + ]; }