diff --git a/.sops.yaml b/.sops.yaml index 443c711..f689d0b 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -25,7 +25,3 @@ creation_rules: key_groups: - age: - *primary - - path_regex: secrets/blarm-immich.env - key_groups: - - age: - - *primary diff --git a/flake.lock b/flake.lock index b806d59..b6f66c6 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1748405006, - "narHash": "sha256-pmt0SFjACJJAI8g8QU5arg2c9BXNZG9/okVwRSDJkG8=", + "lastModified": 1748161689, + "narHash": "sha256-gm1ikRi3L2qpTQUUV/dURDUeg/dfstopzBduTKkIdqw=", "owner": "rycee", "repo": "nur-expressions", - "rev": "f9801a86d6603260940890c36650275090d1dceb", + "rev": "c60c48473ddf0b439079824cb08ccfa6c703ff87", "type": "gitlab" }, "original": { @@ -118,11 +118,11 @@ ] }, "locked": { - "lastModified": 1748391243, - "narHash": "sha256-7sCuihzsTRZemtbTXaFUoGJUfuQErhKEcL9v7HKIo1k=", + "lastModified": 1748134483, + "narHash": "sha256-5PBK1nV8X39K3qUj8B477Aa2RdbLq3m7wRxUKRtggX4=", "owner": "nix-community", "repo": "home-manager", - "rev": "f5b12be834874f7661db4ced969a621ab2d57971", + "rev": "c1e671036224089937e111e32ea899f59181c383", "type": "github" }, "original": { @@ -133,11 +133,11 @@ }, "mnw": { "locked": { - "lastModified": 1748278309, - "narHash": "sha256-JCeiMrUhFku44kfKsgiD9Ibzho4MblBD2WmOQYsQyTY=", + "lastModified": 1747499976, + "narHash": "sha256-YTiSI4WLbk0CleXeBheYmKZV6iqKyBpyoh1e+vcQzu4=", "owner": "Gerg-L", "repo": "mnw", - "rev": "486a17ba1279ab2357cae8ff66b309db622f8831", + "rev": "72433a144c4ac16931e9148f78db4a0e4c147441", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748370509, - "narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=", + "lastModified": 1748026106, + "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4faa5f5321320e49a78ae7848582f684d64783e9", + "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c", "type": "github" }, "original": { @@ -220,11 +220,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1748217807, - "narHash": "sha256-P3u2PXxMlo49PutQLnk2PhI/imC69hFl1yY4aT5Nax8=", + "lastModified": 1746152631, + "narHash": "sha256-zBuvmL6+CUsk2J8GINpyy8Hs1Zp4PP6iBWSmZ4SCQ/s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3108eaa516ae22c2360928589731a4f1581526ef", + "rev": "032bc6539bd5f14e9d0c51bd79cfe9a055b094c3", "type": "github" }, "original": { @@ -260,11 +260,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1748318168, - "narHash": "sha256-pUDVxHarStrDYxd2tztz4SjNflzFxuMMEC3SK9WLUK8=", + "lastModified": 1747525582, + "narHash": "sha256-oEZ6DV4bPcNZIuwW5Kcd+/zT3PMkXse2kX/3jHoomGk=", "owner": "notashelf", "repo": "nvf", - "rev": "74ba4d955976af1422ea1f095968e547db70aa04", + "rev": "d3a0e7029ac57eef1120225973247851c5b967b5", "type": "github" }, "original": { @@ -283,11 +283,11 @@ ] }, "locked": { - "lastModified": 1748196248, - "narHash": "sha256-1iHjsH6/5UOerJEoZKE+Gx1BgAoge/YcnUsOA4wQ/BU=", + "lastModified": 1742765550, + "narHash": "sha256-2vVIh2JrL6GAGfgCeY9e6iNKrBjs0Hw3bGQEAbwVs68=", "owner": "nix-community", "repo": "plasma-manager", - "rev": "b7697abe89967839b273a863a3805345ea54ab56", + "rev": "b70be387276e632fe51232887f9e04e2b6ef8c16", "type": "github" }, "original": { diff --git a/modules/home/apps/librewolf/default.nix b/modules/home/apps/librewolf/default.nix index 2b0aca1..b7a0664 100644 --- a/modules/home/apps/librewolf/default.nix +++ b/modules/home/apps/librewolf/default.nix @@ -11,7 +11,7 @@ with lib.${namespace}; let cfg = config.${namespace}.apps.librewolf; defaultSettings = { - "browser.startup.homepage" = "https://search.stahl.sh"; + "browser.startup.homepage" = "https://search.monapona.dev"; "browser.startup.page" = 3; "privacy.resistFingerprinting" = false; "privacy.fingerprintingProtection" = true; @@ -36,8 +36,8 @@ let default = "SearXNG"; engines = { "SearXNG" = { - urls = [ { template = "https://search.stahl.sh/search?q={searchTerms}"; } ]; - icon = "https://search.stahl.sh/static/themes/simple/img/favicon.png"; + urls = [ { template = "https://search.monapona.dev/search?q={searchTerms}"; } ]; + icon = "https://search.monapona.dev/static/themes/simple/img/favicon.png"; definedAliases = [ "@s" ]; }; diff --git a/modules/nixos/services/cinny/default.nix b/modules/nixos/services/cinny/default.nix index 53b6569..7b14cbd 100644 --- a/modules/nixos/services/cinny/default.nix +++ b/modules/nixos/services/cinny/default.nix @@ -14,7 +14,8 @@ in options.${namespace}.services.cinny = { enable = mkEnableOption "Cinny"; nginx = { - enable = mkEnableOption "Enable nginx for this service." // { + enable = mkEnableOption "Enable nginx for this service." + // { default = true; }; }; diff --git a/modules/nixos/services/forgejo/default.nix b/modules/nixos/services/forgejo/default.nix index 051e7e5..4d36167 100644 --- a/modules/nixos/services/forgejo/default.nix +++ b/modules/nixos/services/forgejo/default.nix @@ -14,8 +14,9 @@ in options.${namespace}.services.forgejo = { enable = mkEnableOption "Forgejo"; nginx = { - enable = mkEnableOption "Enable nginx for this service." // { - default = true; + enable = mkEnableOption "Enable nginx for this service." + // { + default = true; }; }; diff --git a/modules/nixos/services/immich/default.nix b/modules/nixos/services/immich/default.nix deleted file mode 100644 index 3e47702..0000000 --- a/modules/nixos/services/immich/default.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ - lib, - config, - namespace, - ... -}: -with lib; -with lib.${namespace}; -let - cfg = config.${namespace}.services.immich; -in -{ - options.${namespace}.services.immich = { - enable = mkBoolOpt false "Immich"; - - nginx = { - enable = mkEnableOption "Enable nginx for this service." // { - default = true; - }; - }; - - domain = mkOption { - description = "The domain to serve Immich on."; - type = types.nullOr types.str; - default = "immich.stahl.sh"; - }; - - port = mkOption { - type = types.port; - default = 2283; - description = "The port that Immich will listen on."; - }; - }; - - config = mkIf cfg.enable { - - services.immich = { - enable = true; - mediaLocation = "/data/immich"; - host = "0.0.0.0"; - port = cfg.port; - secretsFile = "/run/secrets/immich"; - redis.enable = true; - machine-learning.enable = true; - database = { - enable = true; - createDB = false; - }; - }; - - services.postgresql.extensions = ps: with ps; [ pgvector ]; # Ensure pgvector is available - - networking.firewall.allowedTCPPorts = mkIf cfg.nginx.enable [ - cfg.port - 80 - 443 - ]; - - awesome-flake.services.acme.enable = mkIf cfg.nginx.enable true; - - services.nginx = mkIf cfg.nginx.enable { - enable = true; - - virtualHosts."${cfg.domain}" = { - forceSSL = true; - useACMEHost = "stahl.sh"; - locations."/" = { - proxyPass = "http://127.0.0.1:${builtins.toString cfg.port}"; - proxyWebsockets = true; - }; - }; - }; - - sops.secrets.immich = { - format = "dotenv"; - sopsFile = ../../../../secrets/blarm-immich.env; - }; - }; - -} diff --git a/modules/nixos/services/linkwarden/default.nix b/modules/nixos/services/linkwarden/default.nix index 0e0eca0..c2236e4 100644 --- a/modules/nixos/services/linkwarden/default.nix +++ b/modules/nixos/services/linkwarden/default.nix @@ -22,8 +22,9 @@ in enable = mkEnableOption "Linkwarden"; package = lib.mkPackageOption pkgs.awesome-flake "linkwarden" { }; nginx = { - enable = mkEnableOption "Enable nginx for this service." // { - default = true; + enable = mkEnableOption "Enable nginx for this service." + // { + default = true; }; }; diff --git a/modules/nixos/services/searxng/default.nix b/modules/nixos/services/searxng/default.nix index cc71ea3..1a44d38 100644 --- a/modules/nixos/services/searxng/default.nix +++ b/modules/nixos/services/searxng/default.nix @@ -20,13 +20,15 @@ in }; nginx = { - enable = mkEnableOption "Enable nginx for this service." // { - default = true; + enable = mkEnableOption "Enable nginx for this service." + // { + default = true; }; }; - + redlib = { - enable = mkEnableOption "Whether or not to enable redlib." // { + enable = mkEnableOption "Whether or not to enable redlib." + // { default = true; }; diff --git a/secrets/blarm-immich.env b/secrets/blarm-immich.env deleted file mode 100644 index f4c33ea..0000000 --- a/secrets/blarm-immich.env +++ /dev/null @@ -1,6 +0,0 @@ -sops_age__list_0__map_enc=-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAvOS9jWCt6QlFLZ1dQQ1ZO\ncGxzckdaK3VHSXBjaDZWeS9hd1dudU5YNm5NCk05ZEsyUEJoTi83c3J1OE91ODZs\nUDNRRG5VZm1LaUhRLy9UZSs3SDNwQlEKLS0tIFpyZXJIbFZWaUlDckdFRFdySEls\nSlg1dGN5VmEwcTZBWGZVQkt1b2V4ZDQKFYi1xQUv25PkuO9PU1HQ4Y3EahhDoFVj\n7rsuVpfxe6Ci3ezlOqbzbA5EFEZBXhnAqGzABwSAdp7k2UsDbhw3Tg==\n-----END AGE ENCRYPTED FILE-----\n -sops_age__list_0__map_recipient=age132m0pg4utk3cjve2lgcjffvz7cevl0fq5krufu9sgud7wu2wgurqk49kgl -sops_lastmodified=2025-05-25T11:14:04Z -sops_mac=ENC[AES256_GCM,data:aQwqX1QC4EKkRhl3wTvxW2fCn6r5EN4a4rqsBpIIlMO4ZnIanqyhpL4xigIA5el2hw1SCQnj1v07FBt1g1qEPx6yGy7XPTufwXpMTwkm/gTYvRV7wyYs48QAU9c3h6+6ffQzpxvR8gijRzdsvYqKfYXc7dPq1hXrDFMy7e1hDkI=,iv:gDEuGnpJ9PQh3NFFqQzSoV8OAMgZhyXD364UbQkPWv4=,tag:vYyuDR7MYy1OFYDEBwm1hA==,type:str] -sops_unencrypted_suffix=_unencrypted -sops_version=3.10.2 diff --git a/systems/x86_64-linux/blarm/default.nix b/systems/x86_64-linux/blarm/default.nix index 7bca4a4..3c35668 100644 --- a/systems/x86_64-linux/blarm/default.nix +++ b/systems/x86_64-linux/blarm/default.nix @@ -59,7 +59,6 @@ with lib.${namespace}; linkwarden = enabled; forgejo = enabled; searxng = enabled; - immich = enabled; }; #container.invidious = enabled;