diff --git a/.gitattributes b/.gitattributes index 02fe85a..5238122 100644 --- a/.gitattributes +++ b/.gitattributes @@ -5,3 +5,4 @@ secrets/wg0.conf filter=git-crypt diff=git-crypt secrets/caddy_auth.nix filter=git-crypt diff=git-crypt secrets/matrix_reg_token.nix filter=git-crypt diff=git-crypt secrets/owntracks_caddy_auth.nix filter=git-crypt diff=git-crypt +secrets/secureboot.tar filter=git-crypt diff=git-crypt diff --git a/flake.lock b/flake.lock index 500e9e0..0b9b65c 100644 --- a/flake.lock +++ b/flake.lock @@ -64,11 +64,11 @@ ] }, "locked": { - "lastModified": 1737510347, - "narHash": "sha256-wEEkmpmd5FF0HEBeA3upQg2W1yI7jGJ7xg2dmKuZE7o=", + "lastModified": 1737683037, + "narHash": "sha256-1J2Pf6ub2DkkoqRq2xEFrusJKR4XHnnFk0wyOPrV2PM=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "ed6d2231a22a507f9a32d5661ef17c76eab8404d", + "rev": "f80c70946d3e27a466b8b9e65b24e36d571eac8b", "type": "github" }, "original": { @@ -79,11 +79,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1737359802, - "narHash": "sha256-utplyRM6pqnN940gfaLFBb9oUCSzkan86IvmkhsVlN8=", + "lastModified": 1737751639, + "narHash": "sha256-ZEbOJ9iT72iwqXsiEMbEa8wWjyFvRA9Ugx8utmYbpz4=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "61c79181e77ef774ab0468b28a24bc2647d498d6", + "rev": "dfad538f751a5aa5d4436d9781ab27a6128ec9d4", "type": "github" }, "original": { @@ -95,11 +95,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737299813, - "narHash": "sha256-Qw2PwmkXDK8sPQ5YQ/y/icbQ+TYgbxfjhgnkNJyT1X8=", + "lastModified": 1737672001, + "narHash": "sha256-YnHJJ19wqmibLQdUeq9xzE6CjrMA568KN/lFPuSVs4I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "107d5ef05c0b1119749e381451389eded30fb0d5", + "rev": "035f8c0853c2977b24ffc4d0a42c74f00b182cd8", "type": "github" }, "original": { diff --git a/secrets/secureboot.tar b/secrets/secureboot.tar new file mode 100644 index 0000000..7d87891 Binary files /dev/null and b/secrets/secureboot.tar differ diff --git a/services/caddy.nix b/services/caddy.nix index 0d62bb3..be4c1df 100644 --- a/services/caddy.nix +++ b/services/caddy.nix @@ -39,7 +39,7 @@ in } ''; - ${service_configs.gitea.domain}.extraConfig = '' + "${service_configs.gitea.domain}".extraConfig = '' reverse_proxy :${builtins.toString config.services.gitea.settings.server.HTTP_PORT} ''; @@ -78,7 +78,7 @@ in }; systemd.tmpfiles.rules = [ - "d ${service_configs.https.data_dir} 0750 ${config.services.caddy.user} ${config.services.caddy.group}" + "d ${service_configs.https.data_dir} g+rwx ${config.services.caddy.user} ${config.services.caddy.group}" ]; systemd.packages = with pkgs; [ nssTools ]; diff --git a/services/matrix.nix b/services/matrix.nix index df9f0ac..816f3d6 100644 --- a/services/matrix.nix +++ b/services/matrix.nix @@ -12,9 +12,6 @@ services.matrix-conduit = { enable = true; package = pkgs.conduwuit; - # package = pkgs.conduwuit.overrideAttrs (old: { - # cargoBuildFeatures = pkgs.lib.remove "release_max_log_level" old.cargoBuildFeatures; - # }); settings.global = { port = 6167; diff --git a/services/qbittorrent.nix b/services/qbittorrent.nix index 656a544..57bc643 100644 --- a/services/qbittorrent.nix +++ b/services/qbittorrent.nix @@ -59,7 +59,11 @@ IncludeOverheadInLimits = false; GlobalMaxRatio = 2; - QueueingSystemEnabled = false; # seed all torrents all the time + QueueingSystemEnabled = false; # seed all torrents all the timei + + # add a few trackers TODO! add a script so I can just do a list + AddTrackersEnabled = true; + AdditionalTrackers = "udp://tracker.opentrackr.org:1337/announce\\nudp://open.stealth.si:80/announce\\nudp://open.demonii.com:1337\\nudp://exodus.desync.com:6969/announce"; }; }; };