diff --git a/.gitattributes b/.gitattributes index ecba705..37dc6c6 100644 --- a/.gitattributes +++ b/.gitattributes @@ -3,7 +3,7 @@ secrets/hashedPass filter=git-crypt diff=git-crypt secrets/minecraft-whitelist.nix filter=git-crypt diff=git-crypt secrets/wg0.conf filter=git-crypt diff=git-crypt secrets/caddy_auth filter=git-crypt diff=git-crypt -secrets/matrix_reg_token.nix filter=git-crypt diff=git-crypt +secrets/matrix_reg_token filter=git-crypt diff=git-crypt secrets/owntracks_caddy_auth filter=git-crypt diff=git-crypt secrets/secureboot.tar filter=git-crypt diff=git-crypt secrets/zfs-key filter=git-crypt diff=git-crypt diff --git a/configuration.nix b/configuration.nix index 28cee28..fbdf9a6 100644 --- a/configuration.nix +++ b/configuration.nix @@ -194,19 +194,6 @@ sbctl ]; - services.zfs = { - autoScrub.enable = true; - trim.enable = true; - autoSnapshot = { - enable = true; - frequent = 4; # 15-minutes - hourly = 24; - daily = 7; - weekly = 4; - monthly = 12; - }; - }; - systemd.services.no-rgb = let no-rgb = ( @@ -347,5 +334,9 @@ # }; # }; + systemd.tmpfiles.rules = [ + "d /tank/music 775 ${username} users" + ]; + system.stateVersion = "24.11"; } diff --git a/flake.lock b/flake.lock index 1281959..0522216 100644 --- a/flake.lock +++ b/flake.lock @@ -183,11 +183,11 @@ ] }, "locked": { - "lastModified": 1738374527, - "narHash": "sha256-OcZG42dKolSREIIBM39/kY2TqykihbtYopQSjBbgBjM=", + "lastModified": 1738547119, + "narHash": "sha256-cc6AfR7W0AavgqA5nHUXRUus4Rr7oPWQNku5nhR4SYs=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "2c815583946bcf1f7327c89fdf9bb4af7f3f5a14", + "rev": "5b93268c80c3300dbec0fbbb2b50f674f84a474a", "type": "github" }, "original": { @@ -198,11 +198,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1738391520, - "narHash": "sha256-6HI58PKjddsC0RA0gBQlt6ox47oH//jLUHwx05RO8g0=", + "lastModified": 1738471961, + "narHash": "sha256-cgXDFrplNGs7bCVzXhRofjD8oJYqqXGcmUzXjHmip6Y=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "34b64e4e1ddb14e3ffc7db8d4a781396dbbab773", + "rev": "537286c3c59b40311e5418a180b38034661d2536", "type": "github" }, "original": { @@ -214,11 +214,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1738277201, - "narHash": "sha256-6L+WXKCw5mqnUIExvqkD99pJQ41xgyCk6z/H9snClwk=", + "lastModified": 1738435198, + "narHash": "sha256-5+Hmo4nbqw8FrW85FlNm4IIrRnZ7bn0cmXlScNsNRLo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "666e1b3f09c267afd66addebe80fb05a5ef2b554", + "rev": "f6687779bf4c396250831aa5a32cbfeb85bb07a3", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 3934d81..25a84ba 100644 --- a/flake.nix +++ b/flake.nix @@ -63,6 +63,7 @@ bitmagnet = 3333; owntracks = 3825; gitea = 2283; + immich = 2284; }; https = { diff --git a/secrets/matrix_reg_token b/secrets/matrix_reg_token new file mode 100644 index 0000000..206fd31 Binary files /dev/null and b/secrets/matrix_reg_token differ diff --git a/secrets/matrix_reg_token.nix b/secrets/matrix_reg_token.nix deleted file mode 100644 index 52490c1..0000000 Binary files a/secrets/matrix_reg_token.nix and /dev/null differ diff --git a/services/immich.nix b/services/immich.nix index a0c0dc4..d2b3026 100644 --- a/services/immich.nix +++ b/services/immich.nix @@ -9,7 +9,7 @@ services.immich = { enable = true; mediaLocation = service_configs.immich.dir; - port = 2284; + port = service_configs.ports.immich; # openFirewall = true; host = "0.0.0.0"; database = { diff --git a/services/matrix.nix b/services/matrix.nix index cb05217..5f5407f 100644 --- a/services/matrix.nix +++ b/services/matrix.nix @@ -6,9 +6,8 @@ ... }: { - imports = [ - ../secrets/matrix_reg_token.nix - ]; + services.matrix-conduit.settings.global.registration_token = + builtins.readFile ../secrets/matrix_reg_token; services.caddy.virtualHosts.${service_configs.https.domain}.extraConfig = lib.mkBefore '' header /.well-known/matrix/* Content-Type application/json diff --git a/services/minecraft.nix b/services/minecraft.nix index 03e90ca..4aaa214 100644 --- a/services/minecraft.nix +++ b/services/minecraft.nix @@ -51,8 +51,8 @@ in with pkgs; builtins.attrValues { FabricApi = fetchurl { - url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/S6sAWXmr/fabric-api-0.115.0%2B1.21.4.jar"; - sha512 = "abb2b28e9b874adfc82c3c87ddf348e2e98adc5153aed7ae5bcaddf5b1d8bd98982a052ab91411b7fad3bbdffc5d788be60d22b9c95dd21e62b96ea49aa404ca"; + url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/UnrycCWP/fabric-api-0.115.1%2B1.21.4.jar"; + sha512 = "d5e9f87679b5edc9786e651fc481f8861a9cf53ed381890a1cb5e129222d6c5fa99f06045007f8e1fba02da686cdb6db2d99b334a1d23881cb56dfa199932eea"; }; FerriteCore = fetchurl { diff --git a/zfs.nix b/zfs.nix index 1aa8ae7..eeeb39b 100644 --- a/zfs.nix +++ b/zfs.nix @@ -25,4 +25,21 @@ in boot.supportedFilesystems = [ "zfs" ]; boot.zfs.extraPools = [ service_configs.zpool ]; + + services.zfs = { + autoScrub.enable = true; + trim.enable = true; + # doesn't work, maybe replace with `services.sanoid` instead + autoSnapshot = { + # attempted to manually set zpool, didn't work + flags = "-k -p -P ${service_configs.zpool}"; + + enable = true; + frequent = 4; # 15-minutes + hourly = 24; + daily = 7; + weekly = 4; + monthly = 12; + }; + }; }