all: welcome to 23.05

2023-08-12 18:57:16 -07:00
parent d3a469a3f7
commit e352f95114
20 changed files with 182 additions and 192 deletions
@@ -42,6 +42,8 @@ in
    openFirewall = lib.mkDefault false;
  };

+  time.timeZone = "Canada/Pacific";
+
  # programs.gnupg.agent.enable = true;
  # programs.gnupg.agent.pinentryFlavor = "curses";

@@ -44,6 +44,7 @@ in
      packages = [ pkgs.dconf ];
    };
  };
+  programs.dconf.enable = true;

  security.pam.services.Default.enableGnomeKeyring = true;
  security.pam.services.Login.enableGnomeKeyring = true;
@@ -63,7 +64,7 @@ in
  environment.systemPackages = with pkgs; [
    unstable.sublime-music
    unstable.nheko
-    unstable.tootle
+    unstable.tuba
    unstable.newsflash
    unstable.liferea

@@ -6,16 +6,18 @@

  services.gitea = {
    enable = true;
-    package = pkgs.unstable.forgejo;
+    package = pkgs.forgejo;
    appName = "Sealight Git Forge";
-    domain = "git.sealight.xyz";
-    rootUrl = "https://git.sealight.xyz";
-    httpPort = 3001;
    database = {
      type = "postgres";
      passwordFile = "/run/agenix/gitea-dbpass";
    };
    settings = {
+      server = {
+        DOMAIN = "git.sealight.xyz";
+        ROOT_URL = "https://git.sealight.xyz";
+        HTTP_PORT = 3001;
+      };
      metrics = {
        ENABLED = true;
      };
@@ -1,12 +1,12 @@
 { config, lib, pkgs, ... }:
 {
-  services.gonic.enable = true;
-  services.gonic.settings = ''
+  mossnet.gonic.enable = true;
+  mossnet.gonic.settings = ''
    music-path /mnt/two/music/
    podcast-path /data/podcasts
    cache-path /data/cache
  '';
-  services.gonic.group = "audio";
-  services.gonic.user = "headphones";
+  mossnet.gonic.user = "headphones";
+  mossnet.gonic.group = "audio";
  networking.firewall.allowedTCPPorts = [ 4747 ];
 }
@@ -3,9 +3,9 @@
 {
  # k3s
  networking.firewall.allowedTCPPorts = [ 6443 ];
-  services.k3s.enable = false;
+  services.k3s.enable = true;
  services.k3s.role = "server";
-  services.k3s.clusterInit = true;
+  services.k3s.clusterInit = false;
  # services.k3s.extraFlags = toString [
  #   "--kubelet-arg=v=4" # Optionally add additional args to k3s
  # ];
@@ -37,9 +37,10 @@
      ensureUsers = [{
        name = "grafana";
        ensurePermissions = {
-          "DATABASE wallabag" = "SELECT";
-          "DATABASE ulogger" = "SELECT";
-          "DATABASE photoprism" = "SELECT";
+          "ALL TABLES IN SCHEMA public" = "SELECT";
+          "DATABASE wallabag" = "CONNECT";
+          "DATABASE ulogger" = "CONNECT";
+          "DATABASE photoprism" = "CONNECT";
        };
      }];
    };
@@ -39,13 +39,14 @@
    alsa.support32Bit = true;
    pulse.enable = true;
    jack.enable = true;
-    config = {
-      pipewire."context.properties"."default.clock.rate" = "48000";
-      pipewire-pulse."stream.properties"."resample.quality" = 15;
-      client."stream.properties"."resample.quality" = 15;
-      client-rt."stream.properties"."resample.quality" = 15;
-      #jack."context.modules" = [];
-    };
+    # Deprecated as of 23.05
+    # config = {
+    #   pipewire."context.properties"."default.clock.rate" = "48000";
+    #   pipewire-pulse."stream.properties"."resample.quality" = 15;
+    #   client."stream.properties"."resample.quality" = 15;
+    #   client-rt."stream.properties"."resample.quality" = 15;
+    #   #jack."context.modules" = [];
+    # };
    #media-session.config.bluez-monitor.properties = {
    #  "bluez5.headset-roles" = [ "hsp_hs" "hsp_ag" ];
    #  "bluez5.codecs" = [ "aac" "ldac" "aptx_hd" ];
@@ -2,8 +2,8 @@
 {
  services.openssh = {
    enable = true;
-    passwordAuthentication = false;
-    permitRootLogin = "no";
+    settings.PasswordAuthentication = false;
+    settings.PermitRootLogin = "no";
  };
  networking.firewall.allowedTCPPorts = [ 80 443 22 ]; # ssh and website
  security.sudo.wheelNeedsPassword = false; # needed for deploy-rs