Commit 0b16190fb673
Changed files (6)
systems/aion/xmpp.nix
@@ -43,7 +43,7 @@
domain = "xmpp.sbr.pm";
dnsProvider = "gandiv5";
dnsResolver = "1.1.1.1:53"; # Use Cloudflare DNS for DNS-01 challenge
- credentialsFile = config.age.secrets."gandi.env".path;
+ environmentFile = config.age.secrets."gandi.env".path;
group = "prosody"; # Allow prosody to read certificates
reloadServices = [ "prosody.service" ]; # Reload prosody when certificates are renewed
server = "https://acme-v02.api.letsencrypt.org/directory"; # Use Let's Encrypt production
systems/carthage/extra.nix
@@ -713,7 +713,7 @@ in
# Use Caddy with rate-limit plugin
package = pkgs.caddy.withPlugins {
plugins = [ "github.com/mholt/caddy-ratelimit@v0.1.1-0.20250915152450-04ea34edc0c4" ];
- hash = "sha256-UV7fT6S5yC0OT5NTVrOieeUD4KYsho9rSsUscIbRpjU=";
+ hash = "sha256-x5jeKfjXeUj4t5t6+gRRjpmjF3n5P25T0lVED4EEu54=";
};
# Enable Prometheus metrics on VPN interface only
systems/kerkouane/extra.nix
@@ -480,7 +480,7 @@ in
# Use Caddy with rate-limit plugin
package = pkgs.caddy.withPlugins {
plugins = [ "github.com/mholt/caddy-ratelimit@v0.1.1-0.20250915152450-04ea34edc0c4" ];
- hash = "sha256-UV7fT6S5yC0OT5NTVrOieeUD4KYsho9rSsUscIbRpjU=";
+ hash = "sha256-x5jeKfjXeUj4t5t6+gRRjpmjF3n5P25T0lVED4EEu54=";
};
# Enable Prometheus metrics on VPN interface only
systems/kerkouane/hardware.nix
@@ -60,7 +60,7 @@
"67.207.67.3"
];
defaultGateway = "188.166.64.1";
- defaultGateway6 = "";
+ defaultGateway6 = null;
dhcpcd.enable = false;
usePredictableInterfaceNames = lib.mkForce true;
interfaces = {
flake.lock
@@ -50,6 +50,31 @@
"type": "github"
}
},
+ "agenix-26_05": {
+ "inputs": {
+ "darwin": "darwin_3",
+ "home-manager": [
+ "home-manager-26_05"
+ ],
+ "nixpkgs": [
+ "nixpkgs-26_05"
+ ],
+ "systems": "systems_3"
+ },
+ "locked": {
+ "lastModified": 1770165109,
+ "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=",
+ "owner": "ryantm",
+ "repo": "agenix",
+ "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb",
+ "type": "github"
+ },
+ "original": {
+ "owner": "ryantm",
+ "repo": "agenix",
+ "type": "github"
+ }
+ },
"argononed": {
"flake": false,
"locked": {
@@ -345,6 +370,28 @@
"type": "github"
}
},
+ "darwin_3": {
+ "inputs": {
+ "nixpkgs": [
+ "agenix-26_05",
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1744478979,
+ "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
+ "owner": "lnl7",
+ "repo": "nix-darwin",
+ "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
+ "type": "github"
+ },
+ "original": {
+ "owner": "lnl7",
+ "ref": "master",
+ "repo": "nix-darwin",
+ "type": "github"
+ }
+ },
"disko": {
"inputs": {
"nixpkgs": [
@@ -392,7 +439,7 @@
"nixpkgs"
],
"nixpkgs-stable": [
- "nixpkgs-25_11"
+ "nixpkgs-26_05"
]
},
"locked": {
@@ -548,7 +595,7 @@
},
"flake-utils_2": {
"inputs": {
- "systems": "systems_5"
+ "systems": "systems_6"
},
"locked": {
"lastModified": 1731533236,
@@ -717,6 +764,27 @@
"type": "github"
}
},
+ "home-manager-26_05": {
+ "inputs": {
+ "nixpkgs": [
+ "nixpkgs-26_05"
+ ]
+ },
+ "locked": {
+ "lastModified": 1779726825,
+ "narHash": "sha256-RUkMrREjKDQrA+dA9+xZviGAxM5W1aVdyOr/bSYpHrE=",
+ "owner": "nix-community",
+ "repo": "home-manager",
+ "rev": "b179bde238977f7d4454fc770b1a727eaf55111c",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "ref": "release-26.05",
+ "repo": "home-manager",
+ "type": "github"
+ }
+ },
"lanzaboote": {
"inputs": {
"crane": "crane_2",
@@ -750,7 +818,7 @@
"nixpkgs": [
"nixpkgs"
],
- "systems": "systems_3",
+ "systems": "systems_4",
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
@@ -989,6 +1057,22 @@
"type": "github"
}
},
+ "nixpkgs-26_05": {
+ "locked": {
+ "lastModified": 1780203844,
+ "narHash": "sha256-K5sT4jTpGs15ADhviMKNBH38REpPf5Q6mM1+N6cArVE=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "b51242d7d43689db2f3be91bd05d5b24fbb469c4",
+ "type": "github"
+ },
+ "original": {
+ "owner": "NixOS",
+ "ref": "nixos-26.05",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"nixpkgs-lib": {
"locked": {
"lastModified": 1777168982,
@@ -1174,6 +1258,7 @@
"inputs": {
"agenix": "agenix",
"agenix-25_11": "agenix-25_11",
+ "agenix-26_05": "agenix-26_05",
"buildkit-tekton": "buildkit-tekton",
"chapeau-rouge": "chapeau-rouge",
"chick-group": "chick-group",
@@ -1188,6 +1273,7 @@
"harmonia": "harmonia",
"home-manager": "home-manager",
"home-manager-25_11": "home-manager-25_11",
+ "home-manager-26_05": "home-manager-26_05",
"lanzaboote": "lanzaboote",
"llm-agents": "llm-agents",
"nix-cachyos-kernel": "nix-cachyos-kernel",
@@ -1196,6 +1282,7 @@
"nixos-raspberrypi": "nixos-raspberrypi",
"nixpkgs": "nixpkgs",
"nixpkgs-25_11": "nixpkgs-25_11",
+ "nixpkgs-26_05": "nixpkgs-26_05",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-wip-consolidated": "nixpkgs-wip-consolidated",
"pass-run": "pass-run",
@@ -1323,6 +1410,21 @@
"type": "github"
}
},
+ "systems_6": {
+ "locked": {
+ "lastModified": 1681028828,
+ "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+ "owner": "nix-systems",
+ "repo": "default",
+ "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-systems",
+ "repo": "default",
+ "type": "github"
+ }
+ },
"treefmt-nix": {
"inputs": {
"nixpkgs": [
@@ -1377,7 +1479,7 @@
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
- "systems": "systems_4"
+ "systems": "systems_5"
},
"locked": {
"lastModified": 1770377964,
flake.nix
@@ -92,51 +92,51 @@
hostname = "athena";
system = "aarch64-linux";
hardwareType = "rpi4";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
demeter = libx.mkHost {
hostname = "demeter";
system = "aarch64-linux";
hardwareType = "rpi4";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
aix = libx.mkHost {
hostname = "aix";
system = "aarch64-linux";
hardwareType = "rpi4";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
aion = libx.mkHost {
hostname = "aion";
system = "aarch64-linux";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
rhea = libx.mkHost {
hostname = "rhea";
system = "aarch64-linux";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
kerkouane = libx.mkHost {
hostname = "kerkouane";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
carthage = libx.mkHost {
hostname = "carthage";
- pkgsInput = inputs.nixpkgs-25_11;
- homeInput = inputs.home-manager-25_11;
- agenixInput = inputs.agenix-25_11;
+ pkgsInput = inputs.nixpkgs-26_05;
+ homeInput = inputs.home-manager-26_05;
+ agenixInput = inputs.agenix-26_05;
};
};
@@ -168,19 +168,19 @@
aix =
(self.nixosConfigurations.aix.extendModules {
modules = [
- "${inputs.nixpkgs-25_11}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+ "${inputs.nixpkgs-26_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
];
}).config.system.build.sdImage;
athena =
(self.nixosConfigurations.athena.extendModules {
modules = [
- "${inputs.nixpkgs-25_11}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+ "${inputs.nixpkgs-26_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
];
}).config.system.build.sdImage;
demeter =
(self.nixosConfigurations.demeter.extendModules {
modules = [
- "${inputs.nixpkgs-25_11}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+ "${inputs.nixpkgs-26_05}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
];
}).config.system.build.sdImage;
};
@@ -328,6 +328,12 @@
repo = "nixpkgs";
ref = "nixos-25.11";
};
+ nixpkgs-26_05 = {
+ type = "github";
+ owner = "NixOS";
+ repo = "nixpkgs";
+ ref = "nixos-26.05";
+ };
nixpkgs-master.url = "github:nixos/nixpkgs/master";
nixpkgs-wip-consolidated = {
type = "github";
@@ -356,6 +362,13 @@
ref = "release-25.11";
inputs.nixpkgs.follows = "nixpkgs-25_11";
};
+ home-manager-26_05 = {
+ type = "github";
+ owner = "nix-community";
+ repo = "home-manager";
+ ref = "release-26.05";
+ inputs.nixpkgs.follows = "nixpkgs-26_05";
+ };
dagger = {
type = "github";
@@ -367,7 +380,7 @@
emacs-overlay = {
url = "github:nix-community/emacs-overlay";
inputs.nixpkgs.follows = "nixpkgs";
- inputs.nixpkgs-stable.follows = "nixpkgs-25_11";
+ inputs.nixpkgs-stable.follows = "nixpkgs-26_05";
};
nixos-hardware = {
@@ -400,6 +413,9 @@
agenix-25_11.url = "github:ryantm/agenix";
agenix-25_11.inputs.nixpkgs.follows = "nixpkgs-25_11";
agenix-25_11.inputs.home-manager.follows = "home-manager-25_11";
+ agenix-26_05.url = "github:ryantm/agenix";
+ agenix-26_05.inputs.nixpkgs.follows = "nixpkgs-26_05";
+ agenix-26_05.inputs.home-manager.follows = "home-manager-26_05";
nix-cachyos-kernel = {
url = "github:xddxdd/nix-cachyos-kernel";