diff --git a/flake.lock b/flake.lock index 2b94209..952a006 100644 --- a/flake.lock +++ b/flake.lock @@ -3,17 +3,17 @@ "adblock-unbound": { "inputs": { "adblockStevenBlack": "adblockStevenBlack", - "flake-utils": "flake-utils", + "lancache-domains": "lancache-domains", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1688055723, - "narHash": "sha256-8WtkSAr4qYA3o6kiOCESK3rHJmIsa6TMBrT3/Cbfvro=", + "lastModified": 1704832551, + "narHash": "sha256-6xS/ANMIh3b4Ia3Ubl9rtb3LVw9QldihnP3IvuG9zwQ=", "owner": "MayNiklas", "repo": "nixos-adblock-unbound", - "rev": "9356ccd526fdcf91bfee7f0ebebae831349d43cc", + "rev": "a5d3731836b1c2ca65834e07be03c02daca5b434", "type": "github" }, "original": { @@ -41,16 +41,18 @@ "agenix": { "inputs": { "darwin": "darwin", + "home-manager": "home-manager", "nixpkgs": [ "nixpkgs" - ] + ], + "systems": "systems" }, "locked": { - "lastModified": 1682101079, - "narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=", + "lastModified": 1712079060, + "narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=", "owner": "ryantm", "repo": "agenix", - "rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447", + "rev": "1381a759b205dff7a6818733118d02253340fd5e", "type": "github" }, "original": { @@ -59,6 +61,22 @@ "type": "github" } }, + "authelia-438": { + "locked": { + "lastModified": 1712072300, + "narHash": "sha256-ktLwXde5fBdpjbzq0oVDJmXoc1PA42OVSfY5922gLgI=", + "owner": "nicomem", + "repo": "nixpkgs", + "rev": "3fcf0a77415c55b0a2e40e45543bd722139d1dc1", + "type": "github" + }, + "original": { + "owner": "nicomem", + "ref": "authelia-4.38", + "repo": "nixpkgs", + "type": "github" + } + }, "darwin": { "inputs": { "nixpkgs": [ @@ -67,11 +85,11 @@ ] }, "locked": { - "lastModified": 1696360011, - "narHash": "sha256-HpPv27qMuPou4acXcZ8Klm7Zt0Elv9dgDvSJaomWb9Y=", + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "8b6ea26d5d2e8359d06278364f41fbc4b903b28a", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", "type": "github" }, "original": { @@ -85,7 +103,7 @@ "inputs": { "devshell": "devshell", "flake-compat": "flake-compat", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": "nixpkgs" }, "locked": { @@ -113,11 +131,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1695052866, - "narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=", + "lastModified": 1711973905, + "narHash": "sha256-UFKME/N1pbUtn+2Aqnk+agUt8CekbpuqwzljivfIme8=", "owner": "serokell", "repo": "deploy-rs", - "rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9", + "rev": "88b3059b020da69cbe16526b8d639bd5e0b51c8b", "type": "github" }, "original": { @@ -170,11 +188,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -188,11 +206,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1693611461, - "narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=", + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", "type": "github" }, "original": { @@ -205,6 +223,24 @@ "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, + "locked": { + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, "locked": { "lastModified": 1709336216, "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", @@ -220,21 +256,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -250,6 +271,27 @@ } }, "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -272,11 +314,11 @@ }, "impermanence": { "locked": { - "lastModified": 1706639736, - "narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=", + "lastModified": 1708968331, + "narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=", "owner": "nix-community", "repo": "impermanence", - "rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045", + "rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30", "type": "github" }, "original": { @@ -285,14 +327,51 @@ "type": "github" } }, + "invoiceplane-template": { + "inputs": { + "flake-parts": "flake-parts_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1712363499, + "narHash": "sha256-FAOmocYCC5EGaXhCyYAMRONHuWgWetZr5Wx5WC7USIU=", + "ref": "refs/heads/main", + "rev": "da49f15b23f3badfa15f11c79c0f2cb7c75be83b", + "revCount": 18, + "type": "git", + "url": "ssh://gitea@git.pub.solar/b12f/invoiceplane-templates" + }, + "original": { + "type": "git", + "url": "ssh://gitea@git.pub.solar/b12f/invoiceplane-templates" + } + }, + "lancache-domains": { + "flake": false, + "locked": { + "lastModified": 1679999806, + "narHash": "sha256-oDZ2pSf8IgofRS4HaRppGcd4kHQj48AC9dkS++avYy8=", + "owner": "uklans", + "repo": "cache-domains", + "rev": "31b2ba1e0a7c419327cb97f589b508d78b9aecbf", + "type": "github" + }, + "original": { + "owner": "uklans", + "repo": "cache-domains", + "type": "github" + } + }, "mobile-nixos": { "flake": false, "locked": { - "lastModified": 1696124168, - "narHash": "sha256-EzGHYAR7rozQQLZEHbKEcb5VpUFGoxwEsM0OWfW4wqU=", + "lastModified": 1711757427, + "narHash": "sha256-PqHK0J9YCRKlxpJp+UG+/xpwfIQRPVUPspvbbP3FB2M=", "owner": "nixos", "repo": "mobile-nixos", - "rev": "7cee346c3f8e73b25b1cfbf7a086a7652c11e0f3", + "rev": "f7087f8fdbd1309af315ef8c92345320aadc5edf", "type": "github" }, "original": { @@ -306,11 +385,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1690426816, - "narHash": "sha256-vvOrLE6LlBVYigA1gSrlkknFwfuq9qmLA4h6ubiJ22g=", + "lastModified": 1712254133, + "narHash": "sha256-fwuWrAprqoA4fUrkZGVb6PjRpebm5xjNsyoaw+JVSyY=", "owner": "musnix", "repo": "musnix", - "rev": "e651b06f8a3ac7d71486984100e8a79334da8329", + "rev": "b5bcdce137b00185dce5fa578739cd52770b8794", "type": "github" }, "original": { @@ -321,15 +400,15 @@ }, "nixd": { "inputs": { - "flake-parts": "flake-parts_2", + "flake-parts": "flake-parts_3", "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1710142672, - "narHash": "sha256-MRClVDHMGXglXpSR+RflwnrY/ngePqrxOwiwoh5/BtU=", + "lastModified": 1711809944, + "narHash": "sha256-Z5FEXEn/5lAnGUSDIah0NRkP3RCE5sQQrms7ltvzH/8=", "owner": "nix-community", "repo": "nixd", - "rev": "eb40e5b315fafa1086f69be84918bbd9235e0a10", + "rev": "bcf0de61178c4dbf1488e8417cc7e28cc5390164", "type": "github" }, "original": { @@ -341,11 +420,11 @@ }, "nixos-flake": { "locked": { - "lastModified": 1692742948, - "narHash": "sha256-19LQQFGshuQNrrXZYVt+mWY0O3NbhEXeMy3MZwzYZGo=", + "lastModified": 1711376798, + "narHash": "sha256-37wawZGSX/dD1rn7TwFJhUdpozC2VPEQXetpfpK/D+w=", "owner": "srid", "repo": "nixos-flake", - "rev": "2c25190ceacdaaae7e8afbecfa87096bb499a431", + "rev": "7b19503e7f8c7cc0884fc2fbd669c0cc2e05aef5", "type": "github" }, "original": { @@ -356,11 +435,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1686838567, - "narHash": "sha256-aqKCUD126dRlVSKV6vWuDCitfjFrZlkwNuvj5LtjRRU=", + "lastModified": 1712324865, + "narHash": "sha256-+BatEWd4HlMeK7Ora+gYIkarjxFVCg9oKrIeybHIIX4=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "429f232fe1dc398c5afea19a51aad6931ee0fb89", + "rev": "f3b959627bca46a9f7052b8fbc464b8323e68c2c", "type": "github" }, "original": { @@ -388,11 +467,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1693471703, - "narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=", + "lastModified": 1711703276, + "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85", + "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", "type": "github" }, "original": { @@ -404,6 +483,24 @@ } }, "nixpkgs-lib_2": { + "locked": { + "dir": "lib", + "lastModified": 1711703276, + "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib_3": { "locked": { "dir": "lib", "lastModified": 1709237383, @@ -423,11 +520,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1711717242, - "narHash": "sha256-PW9J9sFw5DA4Fo3Cq4Soc+an6tjTS4VV2NxG6G0UMqw=", + "lastModified": 1712353617, + "narHash": "sha256-9KtWUwlKA7g/PERi3eYMgh+Ok+Y9QxE6WSOblpyKYcs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "824952ff6b32b0019465b139b5c76d915ec074ea", + "rev": "f4089f8b1d676762db7acbb3e790ccee6d0c9da5", "type": "github" }, "original": { @@ -439,11 +536,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1711523803, - "narHash": "sha256-UKcYiHWHQynzj6CN/vTcix4yd1eCu1uFdsuarupdCQQ=", + "lastModified": 1712163089, + "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2726f127c15a4cc9810843b96cad73c7eb39e443", + "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", "type": "github" }, "original": { @@ -455,11 +552,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1690272529, - "narHash": "sha256-MakzcKXEdv/I4qJUtq/k/eG+rVmyOZLnYNC2w1mB59Y=", + "lastModified": 1711703276, + "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ef99fa5c5ed624460217c31ac4271cfb5cb2502c", + "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", "type": "github" }, "original": { @@ -487,11 +584,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1711460390, - "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", + "lastModified": 1712168706, + "narHash": "sha256-XP24tOobf6GGElMd0ux90FEBalUtw6NkBSVh/RlA6ik=", "owner": "nixos", "repo": "nixpkgs", - "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", + "rev": "1487bdea619e4a7a53a4590c475deabb5a9d1bfb", "type": "github" }, "original": { @@ -526,12 +623,14 @@ "inputs": { "adblock-unbound": "adblock-unbound", "agenix": "agenix", + "authelia-438": "authelia-438", "deno2nix": "deno2nix", "deploy-rs": "deploy-rs", "flake-compat": "flake-compat_2", "flake-parts": "flake-parts", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "impermanence": "impermanence", + "invoiceplane-template": "invoiceplane-template", "mobile-nixos": "mobile-nixos", "musnix": "musnix", "nixd": "nixd", @@ -543,13 +642,46 @@ "openstreetmap": "openstreetmap" } }, - "utils": { + "systems": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index dd6266d..48c2863 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,8 @@ deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.inputs.flake-compat.follows = "flake-compat"; + authelia-438.url = "github:nicomem/nixpkgs/authelia-4.38"; + agenix.url = "github:ryantm/agenix"; agenix.inputs.nixpkgs.follows = "nixpkgs"; @@ -41,6 +43,9 @@ openstreetmap.inputs.nixpkgs.follows = "nixpkgs"; deno2nix.url = "github:SnO2WMaN/deno2nix"; + + invoiceplane-template.url = "git+ssh://gitea@git.pub.solar/b12f/invoiceplane-templates"; + invoiceplane-template.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = inputs@{ self, ... }: @@ -68,6 +73,7 @@ overlays = with inputs; [ agenix.overlays.default nixd.overlays.default + invoiceplane-template.overlays.default ]; }; }; diff --git a/hosts/frikandel/default.nix b/hosts/frikandel/default.nix index b17fef9..126999f 100644 --- a/hosts/frikandel/default.nix +++ b/hosts/frikandel/default.nix @@ -6,7 +6,6 @@ ./networking.nix ./unbound.nix ./nginx.nix - ./invoiceplane-proxy.nix ./wireguard.nix ./email.nix ./website.nix diff --git a/hosts/frikandel/invoiceplane-proxy.nix b/hosts/frikandel/invoiceplane-proxy.nix deleted file mode 100644 index f8f210b..0000000 --- a/hosts/frikandel/invoiceplane-proxy.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - flake, - config, - pkgs, - lib, - ... -}: { - security.acme.certs = { - "invoicing.b12f.io" = {}; - }; - - services.nginx.virtualHosts = { - "invoicing.b12f.io" = { - forceSSL = true; - useACMEHost = "invoicing.b12f.io"; - # This redirects to invoiceplane on pie - locations."/".proxyPass = "https://invoicing.b12f.io"; - }; - }; -} diff --git a/hosts/pie/authelia.nix b/hosts/pie/authelia.nix index 68ab212..42bebf0 100644 --- a/hosts/pie/authelia.nix +++ b/hosts/pie/authelia.nix @@ -1,14 +1,22 @@ { - flake, lib, config, pkgs, + flake, ... }: with lib; let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; in { + disabledModules = [ + "services/security/authelia.nix" + ]; + + imports = [ + "${flake.inputs.authelia-438}/nixos/modules/services/security/authelia.nix" + ]; + age.secrets."authelia-storage-encryption-key" = { file = "${flake.self}/secrets/authelia-storage-encryption-key.age"; mode = "400"; @@ -70,6 +78,7 @@ in { server = { port = 9092; host = "127.0.0.1"; + endpoints.authz.auth-request.implementation = "AuthRequest"; }; authentication_backend = { refresh_interval = "disable"; @@ -84,11 +93,9 @@ in { totp.issuer = "auth.b12f.io"; storage.local.path = "/var/lib/authelia-b12f/db.sqlite3"; access_control.default_policy = "two_factor"; - session = { - domain = "auth.b12f.io"; - # authelia_url = "https://auth.b12f.io"; - }; - notifier.disable_startup_check = true; + session.cookies = [ + { domain = "b12f.io"; authelia_url = "https://auth.b12f.io"; } + ]; notifier.smtp = { host = "mail.b12f.io"; port = 587; diff --git a/hosts/pie/invoiceplane.nix b/hosts/pie/invoiceplane.nix index 3efc6ed..0c5d4dd 100644 --- a/hosts/pie/invoiceplane.nix +++ b/hosts/pie/invoiceplane.nix @@ -28,11 +28,6 @@ in { "invoicing.b12f.io" = { forceSSL = true; useACMEHost = "invoicing.b12f.io"; - extraConfig = "include /etc/nginx/conf-available/authelia-location.conf;"; - locations."/".extraConfig = '' - include /etc/nginx/conf-available/proxy.conf; - include /etc/nginx/conf-available/authelia-authrequest.conf; - ''; }; }; @@ -49,6 +44,8 @@ in { createLocally = false; }; + invoiceTemplates = [ pkgs.invoiceplane-template ]; + extraConfig = '' SETUP_COMPLETED=true DISABLE_SETUP=true diff --git a/modules/proxy/proxy.conf b/modules/proxy/proxy.conf index 5c26297..5ed24ab 100644 --- a/modules/proxy/proxy.conf +++ b/modules/proxy/proxy.conf @@ -1,12 +1,7 @@ ## Headers -proxy_set_header Host $host; proxy_set_header X-Original-URL $scheme://$http_host$request_uri; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-URI $request_uri; proxy_set_header X-Forwarded-Ssl on; -proxy_set_header X-Forwarded-For $remote_addr; -proxy_set_header X-Real-IP $remote_addr; ## Basic Proxy Configuration client_body_buffer_size 128k; @@ -21,7 +16,7 @@ proxy_buffers 64 256k; ## Please read the following documentation before configuring this: ## https://www.authelia.com/integration/proxies/nginx/#trusted-proxies set_real_ip_from 10.13.12.0/24; -set_real_ip_from fc00::/7; +set_real_ip_from fd00:b12f:acab:1312:acab::/80; real_ip_header X-Forwarded-For; real_ip_recursive on; diff --git a/modules/wireguard/tunnel.nix b/modules/wireguard/tunnel.nix index 1a20ef1..f794c58 100644 --- a/modules/wireguard/tunnel.nix +++ b/modules/wireguard/tunnel.nix @@ -42,12 +42,6 @@ in { networking.firewall.allowedUDPPorts = [51820]; systemd.services.wireguard-wg-tunnel = { - after = [ - "network.target" - "network-online.target" - "nss-lookup.target" - ]; - wants = [ "wireguard-wg-private.service" ]; diff --git a/overlays/default.nix b/overlays/default.nix index 5f4dc5f..07157d6 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -9,15 +9,18 @@ nixpkgs.overlays = [ inputs.deno2nix.overlays.default inputs.nixd.overlays.default + inputs.invoiceplane-template.overlays.default (final: prev: let unstable = import inputs.nixpkgs-unstable { system = prev.system; }; master = import inputs.nixpkgs-master { system = prev.system; }; + authelia-438 = import inputs.authelia-438 { system = prev.system; }; in { factorio-headless = master.factorio-headless; - paperless-ngx = master.paperless-ngx; + paperless-ngx = unstable.paperless-ngx; waybar = master.waybar; ungoogled-chromium = master.ungoogled-chromium; + authelia = authelia-438.authelia; adlist = inputs.adblock-unbound.packages.${prev.system}; @@ -38,11 +41,11 @@ vimPlugins = prev.vimPlugins // {inherit (unstable.vimPlugins) nvim-lspconfig;}; }) + (import ./element-desktop.nix) (import ../pkgs) (import ./blesh.nix) (import ./rnix-lsp.nix) (import ./neovim-plugins.nix) - (import ./element-desktop.nix) (final: prev: { b12f-io = prev.stdenv.mkDerivation { diff --git a/pkgs/caddy/default.nix b/pkgs/caddy/default.nix deleted file mode 100644 index 4d0482b..0000000 --- a/pkgs/caddy/default.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ - lib, - buildGoModule, - fetchFromGitHub, - vendorSha256 ? "" -}: -with lib; -let - plugins = [ - "github.com/mholt/caddy-events-exec" - ]; - - imports = flip concatMapStrings plugins (pkg: "\t\t\t_ \"${pkg}\"\n"); - - main = '' - package main - - import ( - caddycmd "github.com/caddyserver/caddy/v2/cmd" - - _ "github.com/caddyserver/caddy/v2/modules/standard" - ${imports} - ) - - func main() { - caddycmd.Main() - } - ''; - -in buildGoModule rec { - pname = "caddy"; - version = "2.6.4"; - - subPackages = [ "cmd/caddy" ]; - - src = fetchFromGitHub { - owner = "caddyserver"; - repo = pname; - rev = "v${version}"; - sha256 = "sha256-xNCxzoNpXkj8WF9+kYJfO18ux8/OhxygkGjA49+Q4vY="; - }; - - inherit vendorSha256; - - overrideModAttrs = (_: { - preBuild = "echo '${main}' > cmd/caddy/main.go"; - postInstall = "cp go.sum go.mod $out/ && ls $out/"; - }); - - postPatch = '' - echo '${main}' > cmd/caddy/main.go - cat cmd/caddy/main.go - ''; - - postConfigure = '' - cp vendor/go.sum ./ - cp vendor/go.mod ./ - ''; - - meta = with lib; { - homepage = https://caddyserver.com; - description = "Fast, cross-platform HTTP/2 web server with automatic HTTPS"; - license = licenses.asl20; - maintainers = with maintainers; [ rushmorem fpletz zimbatm ]; - }; -}