diff --git a/doc/book.toml b/doc/book.toml index 5799732..9b9738c 100644 --- a/doc/book.toml +++ b/doc/book.toml @@ -1,6 +1,5 @@ [book] authors = ["ahtlon"] language = "de" -multilingual = false src = "src" title = "Malobeo Infrastruktur Dokumentation" diff --git a/flake.lock b/flake.lock index 3914a22..c08ed02 100644 --- a/flake.lock +++ b/flake.lock @@ -85,16 +85,16 @@ ] }, "locked": { - "lastModified": 1763992789, - "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", + "lastModified": 1781319724, + "narHash": "sha256-ZGuxexEMo4Xv28KJ0dX/m/PHN4oZIOnxHZpNTyrvx4M=", "owner": "nix-community", "repo": "home-manager", - "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", + "rev": "8355f0a16b2dbb06a97959a918af5b239bbe05ae", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.05", + "ref": "release-26.05", "repo": "home-manager", "type": "github" } @@ -126,11 +126,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1780588968, - "narHash": "sha256-zQk+GqLO+T9taIl1UUt3swvaOksWJxL7PL8K0+Fc/Hs=", + "lastModified": 1781389237, + "narHash": "sha256-Ne1/E5XNUq0gleaQz0vW5R4xf/0h/uEZ+bOW1aNjeQk=", "owner": "astro", "repo": "microvm.nix", - "rev": "4d3fb17437944ea57eef2b9e6108ca777b1209ca", + "rev": "6ad601df0a07d9855c5e8f9b81135ecaf7c287eb", "type": "github" }, "original": { @@ -180,11 +180,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1781020964, - "narHash": "sha256-fS7xTi2j2iso5Hj7RNZLv/acDlCT+fgMVkVk40A7Uco=", + "lastModified": 1781622756, + "narHash": "sha256-JrPh4M6S7aPsEE9tOENuZrxC6o2szSLlK+t4+nLke9s=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "32c2cd9e46286c4eced3dc6b613c659126bf3cca", + "rev": "08018c72174a4df5657f8d94178ac69fb9c243e5", "type": "github" }, "original": { @@ -212,11 +212,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1780749050, - "narHash": "sha256-3av0pIjlOWQ6rDbNOmpUSvbNnJkGORQKKjb4LtCZsIY=", + "lastModified": 1781577229, + "narHash": "sha256-lrp67w8AulE9Ks53n27I45ADSzbOCn4H+CNW1Ck8B+8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a799d3e3886da994fa307f817a6bc705ae538eeb", + "rev": "567a49d1913ce81ac6e9582e3553dd90a955875f", "type": "github" }, "original": { @@ -241,16 +241,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1780952837, - "narHash": "sha256-Fwd1+spDtQ0hDyBwme6ufG3n4mY0UrjjFdYHv+G/Hds=", + "lastModified": 1781216227, + "narHash": "sha256-9mUW6gNwoN2SWc/l0fW4svPNOulXLl8ijqKyeSOGgJE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e820eb4a444b46a19b2e03e8dfd2359439ff30fe", + "rev": "a0374025a863d007d98e3297f6aa46cc3141c2f0", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.11", + "ref": "nixos-26.05", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index decbc2c..84216fd 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-26.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; @@ -43,7 +43,7 @@ }; home-manager= { - url = "github:nix-community/home-manager/release-25.05"; + url = "github:nix-community/home-manager/release-26.05"; inputs = { nixpkgs.follows = "nixpkgs"; }; diff --git a/machines/fanny/configuration.nix b/machines/fanny/configuration.nix index f2cc70d..c398678 100644 --- a/machines/fanny/configuration.nix +++ b/machines/fanny/configuration.nix @@ -165,7 +165,7 @@ in defaults.email = "malobeo@systemli.org"; defaults = { dnsProvider = "njalla"; - credentialsFile = config.sops.secrets.njala_api_key.path; + environmentFile = config.sops.secrets.njala_api_key.path; dnsPropagationCheck = false; }; }; diff --git a/machines/lucia/configuration.nix b/machines/lucia/configuration.nix index 778f186..06e5aae 100644 --- a/machines/lucia/configuration.nix +++ b/machines/lucia/configuration.nix @@ -64,29 +64,29 @@ in }; - mpd = { - enable = true; - musicDirectory = "/var/lib/mpd/music"; - extraConfig = '' - audio_output { - type "alsa" - name "My ALSA" - device "hw:0,0" # optional - format "44100:16:2" # optional - mixer_type "hardware" - mixer_device "default" - mixer_control "PCM" - } - ''; + # mpd = { + # enable = true; + # musicDirectory = "/var/lib/mpd/music"; + # settings = { + # audio_output = [{ + # type = "alsa"; + # name = "My ALSA"; + # device = "hw:0,0"; # optional + # format = "44100:16:2"; # optional + # mixer_type = "hardware"; + # mixer_device = "default"; + # mixer_control = "PCM"; + # }]; + # }; - # Optional: - network.listenAddress = "any"; # if you want to allow non-localhost connections - startWhenNeeded = true; # systemd feature: only start MPD service upon connection to its socket - }; + # # Optional: + # network.listenAddress = "any"; # if you want to allow non-localhost connections + # startWhenNeeded = true; # systemd feature: only start MPD service upon connection to its socket + # }; - ympd = { - enable = true; - }; + # ympd = { + # enable = true; + # }; #samba = { # enable = true; @@ -199,7 +199,7 @@ in defaults.email = "malobeo@systemli.org"; defaults = { dnsProvider = "njalla"; - credentialsFile = config.sops.secrets.njala_api_key.path; + environmentFile = config.sops.secrets.njala_api_key.path; dnsPropagationCheck = false; }; }; diff --git a/machines/modules/malobeo/metrics.nix b/machines/modules/malobeo/metrics.nix index 9c74b10..4bed4a5 100644 --- a/machines/modules/malobeo/metrics.nix +++ b/machines/modules/malobeo/metrics.nix @@ -41,17 +41,22 @@ in }; }; - services.promtail = { + services.alloy = { enable = cfg.enablePromtail; - configFile = import ./promtail_config.nix { + extraFlags = ["--config.format=promtail"]; #TODO please change this to native alloy config later + configPath = import ./promtail_config.nix { lokiAddress = cfg.lokiHost; logNginx = cfg.logNginx; config = config; pkgs = pkgs; }; }; - - users.users.promtail.extraGroups = [ "systemd-journal" ] ++ (lib.optionals cfg.logNginx [ "nginx" ]) ; + users.groups.promtail = {}; + users.users.promtail = { + isNormalUser = true; + group = "promtail"; + extraGroups = [ "systemd-journal" ] ++ (lib.optionals cfg.logNginx [ "nginx" ]) ; + }; }; } diff --git a/machines/nextcloud/configuration.nix b/machines/nextcloud/configuration.nix index e2fcac8..cd0439f 100644 --- a/machines/nextcloud/configuration.nix +++ b/machines/nextcloud/configuration.nix @@ -39,7 +39,7 @@ in services.nextcloud = { enable = true; - package = pkgs.nextcloud32; + package = pkgs.nextcloud33; hostName = "cloud.malobeo.org"; config.adminpassFile = config.sops.secrets.nextcloudAdminPass.path; maxUploadSize = "10G"; @@ -55,8 +55,8 @@ in extraApps = { inherit (config.services.nextcloud.package.packages.apps) contacts calendar polls registration collectives forms; deck = pkgs.fetchNextcloudApp { - sha256 = "sha256-epjwIANb6vTNx9KqaG6jZc14YPoFMBTCj+/c9JHcWkA="; - url = "https://link.storjshare.io/raw/jvrl62dakd6htpyxohjkiiqiw5ma/mal/deck32.tar.gz"; + sha256 = "sha256-Oc/J0Ey7f9aHhLBWoAXaDMe2t0eeEQKvpwY510qNpiI="; + url = "https://s3.g.megas4.com/ya5mczgkbk6bw7tcy2yr4bl2vdryfe76ok2dj/malo/deck33.tar.gz"; license = "agpl3Plus"; }; }; diff --git a/machines/overwatch/configuration.nix b/machines/overwatch/configuration.nix index 06cac14..0454632 100644 --- a/machines/overwatch/configuration.nix +++ b/machines/overwatch/configuration.nix @@ -37,6 +37,7 @@ in services.grafana = { enable = true; settings = { + security.secret_key = "SW2YcwTIb9zpOOhoPsMm"; server = { domain = "grafana.malobeo.org"; http_port = 2342;