diff options
| -rw-r--r-- | flake.lock | 36 | ||||
| -rw-r--r-- | home/root/arrakis.nix | 54 | ||||
| -rw-r--r-- | hosts/arrakis/default.nix | 4 | ||||
| -rw-r--r-- | hosts/arrakis/services.nix | 2 | ||||
| -rw-r--r-- | hosts/common/core/default.nix | 3 | ||||
| -rw-r--r-- | hosts/common/optional/ebooks.nix | 2 | ||||
| -rw-r--r-- | hosts/common/optional/misc.nix | 2 | ||||
| -rw-r--r-- | hosts/common/optional/services/dhcp.nix | 6 | ||||
| -rw-r--r-- | hosts/common/optional/services/xorg.nix | 4 | ||||
| -rw-r--r-- | hosts/common/optional/sound.nix | 2 |
10 files changed, 62 insertions, 53 deletions
@@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1735468753, - "narHash": "sha256-2dt1nOe9zf9pDkf5Kn7FUFyPRo581s0n90jxYXJ94l0=", + "lastModified": 1736437680, + "narHash": "sha256-9Sy17XguKdEU9M5peTrkWSlI/O5IAqjHzdzxbXnc30g=", "owner": "nix-community", "repo": "disko", - "rev": "84a5b93637cc16cbfcc61b6e1684d626df61eb21", + "rev": "4d5d07d37ff773338e40a92088f45f4f88e509c8", "type": "github" }, "original": { @@ -27,11 +27,11 @@ ] }, "locked": { - "lastModified": 1736066484, - "narHash": "sha256-uTstP36WaFrw+TEHb8nLF14hFPzQBOhmIxzioHCDaL8=", + "lastModified": 1736421950, + "narHash": "sha256-RyrX0WFXxFrYvzHNLTIyuk3NcNl3UBykuYru/P0zW5E=", "owner": "nix-community", "repo": "home-manager", - "rev": "5ad12b6ea06b84e48f6b677957c74f32d47bdee0", + "rev": "d4aebb947a301b8da8654a804979a738c5c5da50", "type": "github" }, "original": { @@ -63,11 +63,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1735388221, - "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "lastModified": 1736441705, + "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337", "type": "github" }, "original": { @@ -78,11 +78,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1735834308, - "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=", + "lastModified": 1736344531, + "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6df24922a1400241dae323af55f30e4318a6ca65", + "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", "type": "github" }, "original": { @@ -94,11 +94,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1736066559, - "narHash": "sha256-H72cyGZp9JxzrhzSx/iT9rmLurM9J9G+m45l1RQQynk=", + "lastModified": 1736441877, + "narHash": "sha256-m3+PhBFkDwqo9lBplG4AyMW8P4/KcioJRS1UG8N7okM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8a36010652b4571ee6dc9125cec2eaebc30e9400", + "rev": "ce3899414dab3297cf025bfa356dc2da426feefd", "type": "github" }, "original": { @@ -164,11 +164,11 @@ ] }, "locked": { - "lastModified": 1736064798, - "narHash": "sha256-xJRN0FmX9QJ6+w8eIIIxzBU1AyQcLKJ1M/Gp6lnSD20=", + "lastModified": 1736203741, + "narHash": "sha256-eSjkBwBdQk+TZWFlLbclF2rAh4JxbGg8az4w/Lfe7f4=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5dc08f9cc77f03b43aacffdfbc8316807773c930", + "rev": "c9c88f08e3ee495e888b8d7c8624a0b2519cb773", "type": "github" }, "original": { diff --git a/home/root/arrakis.nix b/home/root/arrakis.nix index b852ce5..ac7a30a 100644 --- a/home/root/arrakis.nix +++ b/home/root/arrakis.nix @@ -9,16 +9,16 @@ executable = true; text = '' #!${pkgs.zsh}/bin/zsh - + function status_vpn { - + ip netns exec vpn su -c 'curl -m 10 -s https://bitgnome.net/ip/ | grep REMOTE_ADDR' nipsy ip netns exec vpn su -c 'curl -m 10 -s https://www.cloudflarestatus.com | grep "Cloudflare Status"' nipsy - + } - + function start_vpn { - + ip netns add vpn ip link add veth.host type veth peer veth.vpn ip link set dev veth.host up @@ -32,44 +32,52 @@ ip -n vpn link set wg1 up ip -n vpn route add default dev wg1 ip netns exec vpn nft -f /etc/nftables-vpn.conf - + } - + function stop_vpn { - - ip netns del vpn - ip link del veth.host - + + systemctl stop prowlarr.service qbittorrent.service + + if ip netns | grep -q '^vpn '; then + ip netns del vpn + fi + + if ip link show veth.host > /dev/null; then + ip link del veth.host + fi + } - + if [[ -z "''${1}" || "''${1}" == "status" ]]; then - + status_vpn - + elif [[ "''${1}" == "restart" ]]; then - + stop_vpn sleep 2 start_vpn - + systemctl restart prowlarr.service qbittorrent.service + elif [[ "''${1}" == "restart_firewall" ]]; then - + ip netns exec vpn nft -f /etc/nftables-vpn.conf - + elif [[ "''${1}" == "start" ]]; then - + if [[ ! -f /run/netns/vpn ]]; then start_vpn else echo 'VPN service already appears to be running' >&2 fi - + elif [[ "''${1}" == "stop" ]]; then - + stop_vpn - + fi - + exit 0 ''; }; diff --git a/hosts/arrakis/default.nix b/hosts/arrakis/default.nix index 80509cb..d4cb7f3 100644 --- a/hosts/arrakis/default.nix +++ b/hosts/arrakis/default.nix @@ -79,7 +79,7 @@ environment.systemPackages = with pkgs; [ angband assaultcube - master.bsdgames + bsdgames bzflag extremetuxracer #frozen-bubble @@ -106,7 +106,7 @@ warzone2100 wpa_supplicant xonotic-sdl - master.xpilot-ng + xpilot-ng ]; imports = [ diff --git a/hosts/arrakis/services.nix b/hosts/arrakis/services.nix index b026cc1..ceb60c4 100644 --- a/hosts/arrakis/services.nix +++ b/hosts/arrakis/services.nix @@ -64,7 +64,7 @@ jellyfin = { enable = true; - package = pkgs.master.jellyfin; + #package = pkgs.master.jellyfin; }; nfs = { diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix index 2bc8d14..4f7b058 100644 --- a/hosts/common/core/default.nix +++ b/hosts/common/core/default.nix @@ -40,6 +40,7 @@ gnutar gptfdisk gzip + htop iproute2 iputils jq @@ -83,7 +84,7 @@ strace sysstat tcpdump - master.tftp-hpa + tftp-hpa traceroute tree tshark diff --git a/hosts/common/optional/ebooks.nix b/hosts/common/optional/ebooks.nix index b2cbb2b..e25a76d 100644 --- a/hosts/common/optional/ebooks.nix +++ b/hosts/common/optional/ebooks.nix @@ -2,7 +2,7 @@ { environment.systemPackages = with pkgs; [ libgourou - master.calibre + calibre ]; services.udisks2.enable = true; diff --git a/hosts/common/optional/misc.nix b/hosts/common/optional/misc.nix index f996274..4379afc 100644 --- a/hosts/common/optional/misc.nix +++ b/hosts/common/optional/misc.nix @@ -6,7 +6,7 @@ aspellDicts.en aspellDicts.en-computers aspellDicts.en-science - #dict + master.dict encfs enscript expect diff --git a/hosts/common/optional/services/dhcp.nix b/hosts/common/optional/services/dhcp.nix index cc21ef9..3eed193 100644 --- a/hosts/common/optional/services/dhcp.nix +++ b/hosts/common/optional/services/dhcp.nix @@ -9,8 +9,8 @@ systemPackages = with pkgs; [ ipxe - master.tftp-hpa - master.wol + tftp-hpa + wol ]; }; @@ -123,7 +123,7 @@ Restart = "always"; RestartSec = 5; Type = "exec"; - ExecStart = "${pkgs.master.tftp-hpa}/bin/in.tftpd -l -a 192.168.1.1:69 -P /run/tftpd.pid /etc/tftp"; + ExecStart = "${pkgs.tftp-hpa}/bin/in.tftpd -l -a 192.168.1.1:69 -P /run/tftpd.pid /etc/tftp"; TimeoutStopSec = 20; PIDFile = "/run/tftpd.pid"; }; diff --git a/hosts/common/optional/services/xorg.nix b/hosts/common/optional/services/xorg.nix index c9aaeaa..13d9144 100644 --- a/hosts/common/optional/services/xorg.nix +++ b/hosts/common/optional/services/xorg.nix @@ -7,7 +7,7 @@ feh gcr geeqie - master.ghostty + ghostty gimp #gimp-with-plugins google-chrome @@ -18,7 +18,7 @@ mesa-demos mpv polkit_gnome - master.rdesktop + rdesktop read-edid st sxiv diff --git a/hosts/common/optional/sound.nix b/hosts/common/optional/sound.nix index b05ef1e..ec7f41d 100644 --- a/hosts/common/optional/sound.nix +++ b/hosts/common/optional/sound.nix @@ -15,7 +15,7 @@ polyphone qsynth reaper - #master.rosegarden + master.rosegarden samplv1 sfizz surge-XT |