Flake update (old)

Set up pihole. Updates
Add open-webui. Perms on data dir might be wrong
2025-08-25 08:20:16 -04:00 · 2025-08-25 08:19:57 -04:00 · 2025-08-25 08:19:25 -04:00 · 2025-05-12 07:11:08 -04:00
5 changed files with 43 additions and 22 deletions
--- a/flake.lock
+++ b/flake.lock
@ -23,11 +23,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1733861262,
+        "lastModified": 1742376361,
-        "narHash": "sha256-+jjPup/ByS0LEVIrBbt7FnGugJgLeG9oc+ivFASYn2U=",
+        "narHash": "sha256-VFMgJkp/COvkt5dnkZB4D2szVdmF6DGm5ZdVvTUy61c=",
        "owner": "nixos",
        "repo": "nixos-hardware",
-        "rev": "cf737e2eba82b603f54f71b10cb8fd09d22ce3f5",
+        "rev": "daaae13dff0ecc692509a1332ff9003d9952d7a9",
        "type": "github"
      },
      "original": {
@ -38,16 +38,16 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1716394534,
+        "lastModified": 1742554312,
-        "narHash": "sha256-R5cP4FbP/YLhkE2B1omXTZEUTOZG0tjCe4/n/yz+LwQ=",
+        "narHash": "sha256-DJOKAFZMmFbRR12SQu/yXsgPG82fjkS0H7QvJJ82gi0=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "4a817d2083d6cd7068dc55511fbf90f84653b301",
+        "rev": "b393925ca6963c33dac1f65122802ffa6e06dd95",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
-        "ref": "24.11-pre",
+        "ref": "release-24.11",
        "type": "indirect"
      }
    },
@ -66,11 +66,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1733965552,
+        "lastModified": 1742406979,
-        "narHash": "sha256-GZ4YtqkfyTjJFVCub5yAFWsHknG1nS/zfk7MuHht4Fs=",
+        "narHash": "sha256-r0aq70/3bmfjTP+JZs4+XV5SgmCtk1BLU4CQPWGtA7o=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "2d73fc6ac4eba4b9a83d3cb8275096fbb7ab4004",
+        "rev": "1770be8ad89e41f1ed5a60ce628dd10877cb3609",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -2,7 +2,7 @@
  description = "NixOS configurations for my machines";
  inputs = {
-    nixpkgs.url = "nixpkgs/24.11-pre";
+    nixpkgs.url = "nixpkgs/release-24.11";
    nixos-hardware = {
      url = github:nixos/nixos-hardware;
    };
--- a/machines/cj/configuration.nix
+++ b/machines/cj/configuration.nix
@ -7,6 +7,10 @@
      ./hardware-configuration-zfs.nix
    ];
  nixpkgs.config.permittedInsecurePackages = [
    "electron-27.3.11"
  ];
  # This lets us pin the nixpkgs registry by default to the nixpkgs used to build this system.
  # Doing this means we are less likely to require the 30+MB download when
  # running commands like nix search or nix run
@ -75,11 +79,13 @@
    wireless = {
      enable = false; # turn of wifi until needed
      userControlled.enable = true;
-      environmentFile = "/run/secrets/wifi/env";
+      #environmentFile = "/run/secrets/wifi/env";
      secretsFile = "/run/secrets/wifi/env";
      networks = {
-        "@SSID_HOME@" = {
+        home.pskRaw = "ext:PSKRAW_HOME";
-          pskRaw = "@PSKRAW_HOME@";
+        #"@SSID_HOME@" = {
-        };
+          #pskRaw = "@PSKRAW_HOME@";
        #};
      };
    };
    firewall = import ./firewall.nix;
@ -95,9 +101,6 @@
  #};
  hardware.bluetooth.enable = false;
  # Enable sound.
  sound.enable = false;
  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.jacob = {
    isNormalUser = true;
@ -170,6 +173,15 @@
    # Enable the OpenSSH daemon.
    openssh.enable = true;
    # This is an ollama frontend. Formerly called ollama-webui
    open-webui = {
      enable = true;
      environment.OLLAMA_API_BASE_URL = "http://192.168.88.18:11434";
      host = "cj.monster-squeaker.ts.net";
      port = 8687;
      stateDir = "/serverdata/open-webui";
    };
    pipewire = {
      enable = true;
      alsa.enable = true;
@ -185,7 +197,11 @@
    syncthing = import ./syncthing.nix;
-    tailscale.enable = true;
+    tailscale = {
      enable = true;
      extraUpFlags = "--accept-dns=false";
      openFirewall = true;
    };
    timesyncd.enable = true;
--- a/machines/cj/hardware-configuration-zfs.nix
+++ b/machines/cj/hardware-configuration-zfs.nix
@ -80,6 +80,11 @@
      fsType = "zfs";
      neededForBoot = true;
    };
  fileSystems."/serverdata/open-webui" =
    { device = "rpool/serverdata/open-webui";
      fsType = "zfs";
      neededForBoot = true;
    };
  fileSystems."/serverdata/pihole" =
    { device = "rpool/serverdata/pihole";
      fsType = "zfs";
--- a/machines/cj/pihole.nix
+++ b/machines/cj/pihole.nix
@ -1,9 +1,9 @@
 { serverIP, serverIP6 } : {
-  image = "pihole/pihole:2024.07.0";
+  image = "pihole/pihole:2025.06.2";
  ports = [
    "53:53/tcp"
    "53:53/udp"
-    #"8088:80"
+    "8585:80"
    #"4438:443"
  ];
  environment = {
@ -24,7 +24,7 @@
  ];
  extraOptions = [
    #"--cap-add=NET_ADMIN"
-    "--network=host"
+    #"--network=host"
    "--no-hosts" # do not populate internal /etc/hosts with container host's
  ];
 }
Author	SHA1	Message	Date
Jacob Hinkle	b2b899b67a	Flake update (old)	2025-08-25 08:20:16 -04:00
Jacob Hinkle	99feef450c	Set up pihole. Updates	2025-08-25 08:19:57 -04:00
Jacob Hinkle	d22a5f0db1	Add open-webui. Perms on data dir might be wrong	2025-08-25 08:19:25 -04:00
Jacob Hinkle	ecaa0e698c	Upgrade pihole to 2025.04.0	2025-05-12 07:11:08 -04:00