Set up PiGallery2

Monitor all relevant services in the MOTD script
Allow NAT loopback via DNS server
2025-12-23 14:19:27 +01:00 · 2025-12-22 08:01:38 +01:00 · 2025-12-22 07:58:38 +01:00 · 2025-12-21 23:40:04 +01:00 · 2025-12-21 23:04:10 +01:00 · 2025-12-06 05:18:46 +01:00
10 changed files with 291 additions and 57 deletions
--- a/configuration.nix
+++ b/configuration.nix
@@ -99,6 +99,8 @@ with pkgs;
        "root"
        "coolneng"
      ];
      lazy-trees = true;
      eval-cores = 2;
    };
    gc = {
      automatic = true;
@@ -210,6 +212,11 @@ with pkgs;
      owner = "inadyn";
      group = "inadyn";
    };
    secrets.inadyn-porkbun-secret = {
      file = secrets/inadyn-porkbun-secret.age;
      owner = "inadyn";
      group = "inadyn";
    };
    secrets.acme-duckdns = {
      file = secrets/acme-duckdns.age;
      owner = "acme";
--- a/flake.lock
+++ b/flake.lock
@@ -10,11 +10,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1754433428,
+        "lastModified": 1762618334,
-        "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
+        "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
+        "rev": "fcdea223397448d35d9b31f798479227e80183f6",
        "type": "github"
      },
      "original": {
@@ -45,6 +45,63 @@
        "type": "github"
      }
    },
    "determinate": {
      "inputs": {
        "determinate-nixd-aarch64-darwin": "determinate-nixd-aarch64-darwin",
        "determinate-nixd-aarch64-linux": "determinate-nixd-aarch64-linux",
        "determinate-nixd-x86_64-linux": "determinate-nixd-x86_64-linux",
        "nix": "nix",
        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
        "lastModified": 1766177528,
        "narHash": "sha256-Bl+p766mM7qNCZtMqmTz13RuUbOMKsFa+/vnGYoxgPk=",
        "rev": "b159c082f0f9bdefa6c386189a13c5fa0734d8d8",
        "revCount": 317,
        "type": "tarball",
        "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.15.0/019b3865-57a1-7d80-98c5-962fac29c404/source.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://flakehub.com/f/DeterminateSystems/determinate/%2A"
      }
    },
    "determinate-nixd-aarch64-darwin": {
      "flake": false,
      "locked": {
        "narHash": "sha256-vDaEQ5T4eA7kEPREmm68IVWGR6zT0aDL5slZxA6dkSc=",
        "type": "file",
        "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.0/macOS"
      },
      "original": {
        "type": "file",
        "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.0/macOS"
      }
    },
    "determinate-nixd-aarch64-linux": {
      "flake": false,
      "locked": {
        "narHash": "sha256-Hf4JsIv5G3IR0Q0RHGLSNdmDzFv97sVQQKwzY6A0vV4=",
        "type": "file",
        "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.0/aarch64-linux"
      },
      "original": {
        "type": "file",
        "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.0/aarch64-linux"
      }
    },
    "determinate-nixd-x86_64-linux": {
      "flake": false,
      "locked": {
        "narHash": "sha256-J+J4E02XpEl0ZkpzMbUmGCf6S4yk0gYCYmiGzZ058ik=",
        "type": "file",
        "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.0/x86_64-linux"
      },
      "original": {
        "type": "file",
        "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.0/x86_64-linux"
      }
    },
    "devshell": {
      "locked": {
        "lastModified": 1642188268,
@@ -61,6 +118,22 @@
      }
    },
    "flake-compat": {
      "flake": false,
      "locked": {
        "lastModified": 1696426674,
        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
        "owner": "edolstra",
        "repo": "flake-compat",
        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
        "type": "github"
      },
      "original": {
        "owner": "edolstra",
        "repo": "flake-compat",
        "type": "github"
      }
    },
    "flake-compat_2": {
      "flake": false,
      "locked": {
        "lastModified": 1641205782,
@@ -76,6 +149,53 @@
        "type": "github"
      }
    },
    "flake-parts": {
      "inputs": {
        "nixpkgs-lib": [
          "determinate",
          "nix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1748821116,
        "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
        "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
        "revCount": 377,
        "type": "tarball",
        "url": "https://api.flakehub.com/f/pinned/hercules-ci/flake-parts/0.1.377%2Brev-49f0870db23e8c1ca0b5259734a02cd9e1e371a1/01972f28-554a-73f8-91f4-d488cc502f08/source.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://flakehub.com/f/hercules-ci/flake-parts/0.1"
      }
    },
    "git-hooks-nix": {
      "inputs": {
        "flake-compat": "flake-compat",
        "gitignore": [
          "determinate",
          "nix"
        ],
        "nixpkgs": [
          "determinate",
          "nix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1747372754,
        "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
        "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
        "revCount": 1026,
        "type": "tarball",
        "url": "https://api.flakehub.com/f/pinned/cachix/git-hooks.nix/0.1.1026%2Brev-80479b6ec16fefd9c1db3ea13aeb038c60530f46/0196d79a-1b35-7b8e-a021-c894fb62163d/source.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://flakehub.com/f/cachix/git-hooks.nix/0.1.941"
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
@@ -97,10 +217,31 @@
        "type": "github"
      }
    },
    "nix": {
      "inputs": {
        "flake-parts": "flake-parts",
        "git-hooks-nix": "git-hooks-nix",
        "nixpkgs": "nixpkgs",
        "nixpkgs-23-11": "nixpkgs-23-11",
        "nixpkgs-regression": "nixpkgs-regression"
      },
      "locked": {
        "lastModified": 1766174426,
        "narHash": "sha256-0ZofAQZNgg5nfIKsVb7g4It6ufmIyLtfFRPOf+6WRkk=",
        "rev": "15d6091194b5b90d292e8d6283db77f09c303b1e",
        "revCount": 24285,
        "type": "tarball",
        "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.15.0/019b3854-cca6-7298-a91c-0fd8551a7270/source.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://flakehub.com/f/DeterminateSystems/nix-src/%2A"
      }
    },
    "nix-matrix-appservices": {
      "inputs": {
        "devshell": "devshell",
-        "flake-compat": "flake-compat",
+        "flake-compat": "flake-compat_2",
        "nixlib": "nixlib",
        "nixpkgs": [
          "nixpkgs"
@@ -137,11 +278,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1756245047,
+        "lastModified": 1764440730,
-        "narHash": "sha256-9bHzrVbjAudbO8q4vYFBWlEkDam31fsz0J7GB8k4AsI=",
+        "narHash": "sha256-ZlJTNLUKQRANlLDomuRWLBCH5792x+6XUJ4YdFRjtO4=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "a65b650d6981e23edd1afa1f01eb942f19cdcbb7",
+        "rev": "9154f4569b6cdfd3c595851a6ba51bfaa472d9f3",
        "type": "github"
      },
      "original": {
@@ -153,41 +294,87 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1755922037,
+        "lastModified": 1761597516,
-        "narHash": "sha256-wY1+2JPH0ZZC4BQefoZw/k+3+DowFyfOxv17CN/idKs=",
+        "narHash": "sha256-wxX7u6D2rpkJLWkZ2E932SIvDJW8+ON/0Yy8+a5vsDU=",
-        "owner": "NixOS",
+        "rev": "daf6dc47aa4b44791372d6139ab7b25269184d55",
-        "repo": "nixpkgs",
+        "revCount": 811874,
-        "rev": "b1b3291469652d5a2edb0becc4ef0246fff97a7c",
+        "type": "tarball",
-        "type": "github"
+        "url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.2505.811874%2Brev-daf6dc47aa4b44791372d6139ab7b25269184d55/019a3494-3498-707e-9086-1fb81badc7fe/source.tar.gz"
      },
      "original": {
-        "id": "nixpkgs",
+        "type": "tarball",
-        "ref": "nixos-25.05",
+        "url": "https://flakehub.com/f/NixOS/nixpkgs/0.2505"
        "type": "indirect"
      }
    },
-    "nixpkgs-unstable": {
+    "nixpkgs-23-11": {
      "locked": {
-        "lastModified": 1756125398,
+        "lastModified": 1717159533,
-        "narHash": "sha256-XexyKZpf46cMiO5Vbj+dWSAXOnr285GHsMch8FBoHbc=",
+        "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "3b9f00d7a7bf68acd4c4abb9d43695afb04e03a5",
+        "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
        "type": "github"
      },
      "original": {
-        "id": "nixpkgs",
+        "owner": "NixOS",
-        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
-        "type": "indirect"
+        "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
        "type": "github"
      }
    },
    "nixpkgs-regression": {
      "locked": {
        "lastModified": 1643052045,
        "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1765772535,
        "narHash": "sha256-aq+dQoaPONOSjtFIBnAXseDm9TUhIbe215TPmkfMYww=",
        "rev": "09b8fda8959d761445f12b55f380d90375a1d6bb",
        "revCount": 911985,
        "type": "tarball",
        "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.911985%2Brev-09b8fda8959d761445f12b55f380d90375a1d6bb/019b25ab-7c11-79e0-a0b0-c94d455b7190/source.tar.gz"
      },
      "original": {
        "type": "tarball",
        "url": "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1766201043,
        "narHash": "sha256-eplAP+rorKKd0gNjV3rA6+0WMzb1X1i16F5m5pASnjA=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "b3aad468604d3e488d627c0b43984eb60e75e782",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-25.11",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "agenix": "agenix",
        "determinate": "determinate",
        "nix-matrix-appservices": "nix-matrix-appservices",
        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs",
+        "nixpkgs": "nixpkgs_3"
        "nixpkgs-unstable": "nixpkgs-unstable"
      }
    },
    "systems": {
--- a/flake.nix
+++ b/flake.nix
@@ -1,9 +1,16 @@
 {
  description = "System configuration for zion";
  nixConfig = {
    extra-substituters = "https://install.determinate.systems";
    extra-trusted-public-keys = ''
      cache.flakehub.com-3:hJuILl5sVK4iKm86JzgdXW12Y2Hwd5G07qKtHTOcDCM=
    '';
  };
  inputs = {
-    nixpkgs.url = "nixpkgs/nixos-25.05";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
-    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
+    determinate.url = "https://flakehub.com/f/DeterminateSystems/determinate/*";
    agenix = {
      url = "github:ryantm/agenix";
      inputs.nixpkgs.follows = "nixpkgs";
@@ -32,6 +39,7 @@
          (import ./configuration.nix)
          inputs.agenix.nixosModules.age
          inputs.nixos-hardware.nixosModules.aoostar-r1-n100
          inputs.determinate.nixosModules.default
        ];
        specialArgs = {
          inherit inputs;
--- a/modules/containers.nix
+++ b/modules/containers.nix
@@ -44,6 +44,21 @@
          ports = [ "127.0.0.1:9090:8080" ];
          volumes = [ "/vault/opodsync:/var/www/server/data" ];
        };
        # Photo gallery
        pigallery2 = {
          image = "bpatrik/pigallery2@sha256:c936e4504cfe7158198542a8db794b24afb0301155d89e911f13bd04e0b406c2";
          ports = [ "127.0.0.1:9191:80" ];
          volumes = [
            "/vault/pigallery2/config:/app/data/config"
            "/vault/pigallery2/db:/app/data/db"
            "/vault/pigallery2/tmp:/app/data/tmp"
            "/vault/syncthing/Photos:/app/data/images"
          ];
          cmd = [
            "-e"
            "NODE_ENV=production"
          ];
        };
      };
    };
  };
--- a/modules/networking.nix
+++ b/modules/networking.nix
@@ -47,11 +47,9 @@ in
  # NOTE Temporary workaround until Inadyn fixes the Porkbun module
  services.oink = {
    enable = true;
-    settings = {
+    apiKeyFile = config.age.secrets.inadyn-porkbun.path;
-      apiKey = "PLACEHOLDER";
+    secretApiKeyFile = config.age.secrets.inadyn-porkbun-secret.path;
-      secretApiKey = "PLACEHOLDER";
+    settings.interval = 1800;
      interval = 1800;
    };
    domains = [
      {
        domain = "psydnd.org";
@@ -59,8 +57,6 @@ in
      }
    ];
  };
  # NOTE Load credentials using environment variables
  systemd.services.oink.serviceConfig.EnvironmentFile = config.age.secrets.inadyn-porkbun.path;
  # Firewall configuration
  networking.firewall = {
@@ -112,6 +108,14 @@ in
          "fd00::3/128"
        ];
      }
      # kathreftis
      {
        PublicKey = "qfHtv6LSZjtxvH46d8pysr+/yPo2tV9cZumgIpxBNF4=";
        AllowedIPs = [
          "10.8.0.4/32"
          "fd00::4/128"
        ];
      }
    ];
  };
@@ -160,11 +164,12 @@ in
      conf-file = "${pkgs.dnsmasq}/share/dnsmasq/trust-anchors.conf";
      dnssec = false;
      address = "/psydnd.org/192.168.128.2";
    };
  };
  # Encrypted DNS
-  services.dnscrypt-proxy2 = {
+  services.dnscrypt-proxy = {
    enable = true;
    upstreamDefaults = true;
    settings = {
--- a/modules/webstack.nix
+++ b/modules/webstack.nix
@@ -11,7 +11,7 @@
  services.nginx = {
    enable = true;
    recommendedTlsSettings = true;
-    recommendedZstdSettings = true;
+    recommendedBrotliSettings = true;
    recommendedProxySettings = true;
    recommendedOptimisation = true;
    clientMaxBodySize = "0";
@@ -169,6 +169,11 @@
        forceSSL = true;
        locations."/".proxyPass = "http://localhost:9092/";
      };
      "photos.psydnd.org" = {
        useACMEHost = "psydnd.org";
        forceSSL = true;
        locations."/".proxyPass = "http://localhost:9191/";
      };
    };
  };
--- a/scripts/motd.sh
+++ b/scripts/motd.sh
@@ -20,30 +20,31 @@ echo "============================================================
 - System uptime.......: $upDays days $upHours hours $upMins minutes $upSecs seconds
 ============================================================"
 services=(
-	"syncthing.service"
+    "syncthing.service"
-	"radicale.service"
+    "radicale.service"
-	"miniflux.service"
+    "miniflux.service"
-	"gitea.service"
+    "gitea.service"
-	"dendrite.service"
+    "dendrite.service"
-	"nginx.service"
+    "nginx.service"
-	"dnsmasq.service"
+    "dnsmasq.service"
-	"podman-openbooks.service"
+    "dnscrypt-proxy.service"
-	"mosquitto.service"
+    "podman-openbooks.service"
-	"podman-mqtt2prometheus.service"
+    "mosquitto.service"
-	"prometheus.service"
+    "podman-mqtt2prometheus.service"
-	"grafana.service"
+    "prometheus.service"
    "grafana.service"
 )
 for var in "${services[@]}"; do
-	if [[ -z $var ]]; then
+    if [[ -z $var ]]; then
-		printf "\n"
+        printf "\n"
-	else
+    else
-		if systemctl -q is-active "${var}"; then
+        if systemctl -q is-active "${var}"; then
-			printf "%-40s [\e[32mOK\e[39m]\n" "$var"
+            printf "%-40s [\e[32mOK\e[39m]\n" "$var"
-		else
+        else
-			printf "%-40s [\e[31mFAIL\e[39m]\n" "$var"
+            printf "%-40s [\e[31mFAIL\e[39m]\n" "$var"
-		fi
+        fi
-	fi
+    fi
 done
 echo "============================================================"
--- a/secrets/inadyn-porkbun-secret.age
+++ b/secrets/inadyn-porkbun-secret.age
@@ -0,0 +1,5 @@
 age-encryption.org/v1
 -> ssh-ed25519 iUaRGg paS5BxWWicriSLAZyCBKd2xylLAp4/LcHmogO7me8yQ
 MWW/Pkvn+4G4YeYXY9ZPXC92TbcFXQMyHJ2ltFzXpZs
 --- ZdFfQ7tHfEo+u/0MmigCNh6OIxkd2bimRN30rMUs1ks
 <EFBFBD>9<EFBFBD>7Y<EFBFBD>$B<>sX<0E>ʽb<CABD>O'J<><4A>S'<27>5!<21><>UMʯ-v<>m<EFBFBD><6D><EFBFBD><EFBFBD><EFBFBD>8%|R,<2C>~I<><14><>G<EFBFBD><47>VQE<0E>0D<30>:Qv<<1E><>)<29><0B><>%fc<66><63>XZչ 7+yB
--- a/secrets/inadyn-porkbun.age
+++ b/secrets/inadyn-porkbun.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -17,6 +17,7 @@ in
  "signal.age".publicKeys = [ zion ];
  "inadyn-duckdns.age".publicKeys = [ zion ];
  "inadyn-porkbun.age".publicKeys = [ zion ];
  "inadyn-porkbun-secret.age".publicKeys = [ zion ];
  "acme-duckdns.age".publicKeys = [ zion ];
  "acme-porkbun.age".publicKeys = [ zion ];
  "microbin.age".publicKeys = [ zion ];
Author	SHA1	Message	Date
coolneng	c7eefea616	Set up PiGallery2	2025-12-23 14:19:27 +01:00
coolneng	7608249b0b	Monitor all relevant services in the MOTD script	2025-12-22 08:01:38 +01:00
coolneng	61b35e5f4a	Allow NAT loopback via DNS server	2025-12-22 07:58:38 +01:00
coolneng	1ccc0041d6	Add kafthretis as a wireguard peer	2025-12-21 23:40:04 +01:00
coolneng	2856e30cbf	flake.lock: Update Flake lock file updates: • Updated input 'determinate': 'https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.13.2/019a9b01-c0c6-7e1c-959e-98ac5b7675de/source.tar.gz' (2025-11-19) → 'https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.15.0/019b3865-57a1-7d80-98c5-962fac29c404/source.tar.gz' (2025-12-19) • Updated input 'determinate/determinate-nixd-aarch64-darwin': 'https://install.determinate.systems/determinate-nixd/tag/v3.13.2/macOS' → 'https://install.determinate.systems/determinate-nixd/tag/v3.15.0/macOS' • Updated input 'determinate/determinate-nixd-aarch64-linux': 'https://install.determinate.systems/determinate-nixd/tag/v3.13.2/aarch64-linux' → 'https://install.determinate.systems/determinate-nixd/tag/v3.15.0/aarch64-linux' • Updated input 'determinate/determinate-nixd-x86_64-linux': 'https://install.determinate.systems/determinate-nixd/tag/v3.13.2/x86_64-linux' → 'https://install.determinate.systems/determinate-nixd/tag/v3.15.0/x86_64-linux' • Updated input 'determinate/nix': 'https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.13.2/019a9af6-3d7b-71bc-bccd-8b18e147ad77/source.tar.gz' (2025-11-19) → 'https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.15.0/019b3854-cca6-7298-a91c-0fd8551a7270/source.tar.gz' (2025-12-19) • Updated input 'determinate/nixpkgs': 'https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.897465%2Brev-8b6600824693a9c706ef09bd86711ca393703466/019a9577-b407-75dd-b18b-3308def1c215/source.tar.gz' (2025-11-17) → 'https://api.flakehub.com/f/pinned/DeterminateSystems/nixpkgs-weekly/0.1.911985%2Brev-09b8fda8959d761445f12b55f380d90375a1d6bb/019b25ab-7c11-79e0-a0b0-c94d455b7190/source.tar.gz' (2025-12-15) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/c97c47f' (2025-12-04) → 'github:NixOS/nixpkgs/b3aad46' (2025-12-20)	2025-12-21 23:04:10 +01:00
coolneng	3e577066c1	Migrate to Determinate Nix	2025-12-06 05:18:46 +01:00
coolneng	3f10536deb	flake.lock: Update Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/1aab89277eb2d87823d5b69bae631a2496cff57a?narHash=sha256-H3lC7knbXOBrHI9hITQ7modLuX20mYJVhZORL5ioms0%3D' (2025-12-02) → 'github:NixOS/nixpkgs/c97c47f2bac4fa59e2cbdeba289686ae615f8ed4?narHash=sha256-OtzF5wBvO0jgW1WW1rQU9cMGx7zuvkF7CAVJ1ypzkxA%3D' (2025-12-04)	2025-12-05 23:51:49 +01:00
coolneng	25e995dfb3	Adapt dnscrypt-proxy config to upstream changes	2025-12-04 17:31:29 +01:00
coolneng	f2faa9047b	flake.lock: Update Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/9edb1787864c4f59ae5074ad498b6272b3ec308d?narHash=sha256-NA/FT2hVhKDftbHSwVnoRTFhes62%2B7dxZbxj5Gxvghs%3D' (2025-08-05) → 'github:ryantm/agenix/fcdea223397448d35d9b31f798479227e80183f6?narHash=sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L%2BVSybPfiIgzU8lbQ%3D' (2025-11-08) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/a65b650d6981e23edd1afa1f01eb942f19cdcbb7?narHash=sha256-9bHzrVbjAudbO8q4vYFBWlEkDam31fsz0J7GB8k4AsI%3D' (2025-08-26) → 'github:NixOS/nixos-hardware/9154f4569b6cdfd3c595851a6ba51bfaa472d9f3?narHash=sha256-ZlJTNLUKQRANlLDomuRWLBCH5792x%2B6XUJ4YdFRjtO4%3D' (2025-11-29) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f?narHash=sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD%2B/cTUzzgVFoaHrkqY%3D' (2025-11-30) → 'github:NixOS/nixpkgs/1aab89277eb2d87823d5b69bae631a2496cff57a?narHash=sha256-H3lC7knbXOBrHI9hITQ7modLuX20mYJVhZORL5ioms0%3D' (2025-12-02) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/3b9f00d7a7bf68acd4c4abb9d43695afb04e03a5?narHash=sha256-XexyKZpf46cMiO5Vbj%2BdWSAXOnr285GHsMch8FBoHbc%3D' (2025-08-25) → 'github:NixOS/nixpkgs/418468ac9527e799809c900eda37cbff999199b6?narHash=sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y%3D' (2025-12-02)	2025-12-04 17:21:24 +01:00
coolneng	22fc403563	Use Brotli instead of ZSTD for Nginx	2025-12-01 09:26:14 +01:00
coolneng	d5e11e4909	Remove redundant secret injection for oink	2025-12-01 09:25:15 +01:00
coolneng	bcc764dd50	Upgrade to NixOS 25.11	2025-12-01 09:24:18 +01:00