From 6e6ac58ebdabe85107a1d09b2e7663dbc051e3b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20R=C3=B6ger?= Date: Tue, 24 Mar 2026 21:10:08 +0100 Subject: [PATCH] System Gen2 @ 2026-03-24-21:10:07 by jonas@harbor --- flake.lock | 21 +++++++++++++++++++ hosts/harbor/configuration.nix | 23 +++++++++++++++++++-- hosts/harbor/hardware-configuration.nix | 27 +------------------------ modules/services/nextcloud-instance.nix | 7 +++---- 4 files changed, 46 insertions(+), 32 deletions(-) diff --git a/flake.lock b/flake.lock index 64863eb..b5d162c 100644 --- a/flake.lock +++ b/flake.lock @@ -55,6 +55,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1773889306, + "narHash": "sha256-PAqwnsBSI9SVC2QugvQ3xeYCB0otOwCacB1ueQj2tgw=", + "owner": "nix-community", + "repo": "disko", + "rev": "5ad85c82cc52264f4beddc934ba57f3789f28347", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "dzgui-nix": { "inputs": { "nixpkgs": [ @@ -751,6 +771,7 @@ "root": { "inputs": { "audio": "audio", + "disko": "disko", "dzgui-nix": "dzgui-nix", "firefox-addons": "firefox-addons", "home-manager": "home-manager", diff --git a/hosts/harbor/configuration.nix b/hosts/harbor/configuration.nix index 3f69f89..2e7e1a0 100644 --- a/hosts/harbor/configuration.nix +++ b/hosts/harbor/configuration.nix @@ -88,13 +88,16 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.11"; # Did you read the comment? + system.stateVersion = "25.11"; # Did you read the comment? # VPS compat boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/sda"; boot.loader.grub.version = 2; - boot.kernelParams = ["net.ifnames=0"]; # ensure iface is called eth0 + boot.kernelParams = [ + "net.ifnames=0" # ensure iface is called eth0 + "ip=173.249.42.252::173.249.42.1:255.255.255.0:harbor:eth0:none:8.8.8.8" + ]; networking.networkmanager.enable = true; networking = { # Static network configuration @@ -109,6 +112,22 @@ } ]; }; + # Temporary ssh server for disk unlock + boot.initrd = { + availableKernelModules = ["virtio_pci"]; + network = { + enable = true; + ssh = { + enable = true; + port = 2222; + authorizedKeys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyCyYsMSiy7shcehlzJEbCyRiHk+cicFB35Bc2uc4PjjkCjswLh01fRAV2QcplrNkH/5F4GBTbOoZHHc7/AVLyUxgwDC9ffD2i7fevuGpfBFy9D30uz6jDekxXkmRmIlidXLdG1Fh4zwVejGlwdhUu/Zb7PonO/dktx3EFdf1SpnW+y75anN85zoGsld7KQk42wEd0zXtCgx4CKI6Vvt6heWCEiJ9wyw1sLpTJr4H8In236CUj1/r1qY9Gfa8n9NA0J9XCpcwSCEWGRKQNicoQIpnp5txrgzaUq4r6qBKHmImYXmSTVnDZ9dJLRYNu2lDvBtTXP4ztlR6Lpxs873fPg51qgaX9rRVMMo/gGjq8fOFWsDVaJZab9VY3hZYNCKIbWFqo4GKyCQs9Xfzr2AUACm09HWiYMTefwEypOzvUb4z+LF2B/0c5XmghLF/TOzLVgDXzAgWMH4mCnPh9EDLHTtoJaGNURler9VRV8yQyLH6oK9UpHZovCFs7HpFN+WPv2QVFfkK8aHg7tnklFsT78z154bjuspiEI/fFGmTxoQUGufmHlRy/9GQDusgNfe24ZEB2hHBVjKv29XdIfvFAhoPVpA6+O/N3feSlmVISaU+8QraVQEf/TuQjopDUWpJTmqSxKvQSTPwcyWDy6NtcJ85bGAu6jSUGC3ouH4Rb2Q== cardno:000609618602" + ]; + hostKeys = ["/etc/secrets/initrd/ssh_host_rsa_key"]; + shell = "/bin/cryptsetup-askpass"; + }; + }; + }; # Set your time zone. time.timeZone = "Europe/Berlin"; diff --git a/hosts/harbor/hardware-configuration.nix b/hosts/harbor/hardware-configuration.nix index f8bf724..4ed0dd5 100644 --- a/hosts/harbor/hardware-configuration.nix +++ b/hosts/harbor/hardware-configuration.nix @@ -12,35 +12,10 @@ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod"]; + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; boot.initrd.kernelModules = []; boot.kernelModules = []; boot.extraModulePackages = []; - fileSystems."/" = { - device = "/dev/disk/by-uuid/a9ac5007-f148-4001-ba49-f6a0bfad85cc"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/12CE-A600"; - fsType = "vfat"; - options = ["fmask=0022" "dmask=0022"]; - }; - - swapDevices = [ - { - device = "/.swapfile"; - size = 2 * 1024; - } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens18.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/modules/services/nextcloud-instance.nix b/modules/services/nextcloud-instance.nix index 3b09b15..e110949 100644 --- a/modules/services/nextcloud-instance.nix +++ b/modules/services/nextcloud-instance.nix @@ -32,7 +32,7 @@ in { services.nextcloud = { # Instance enable = true; - package = pkgs.nextcloud31; + package = pkgs.nextcloud33; hostName = cfg.instanceFQDN; https = cfg.ssl; configureRedis = true; @@ -55,12 +55,11 @@ in { (config.services.nextcloud.package.packages.apps) calendar contacts - maps tasks ; drop_account = pkgs.fetchNextcloudApp { - sha256 = "sha256-AAWAR5i8moGlyGMaNqJwQPqPAHqWvIf4mvZ4U0dfg/A="; - url = "https://packages.framasoft.org/projects/nextcloud-apps/drop-account/drop_account-2.7.1.tar.gz"; + sha256 = "sha256-J+bZVNIb/MokuTYQu8RBKdnZFakh180pa1pW5KHlC80="; + url = "https://packages.framasoft.org/projects/nextcloud-apps/drop-account/drop_account-3.0.0.tar.gz"; license = "agpl3Only"; }; };