20 changed files with 151 additions and 138 deletions
--- a/config/hosts/eh22-wiki/dokuwiki.nix
+++ b/config/hosts/eh22-wiki/dokuwiki.nix
@ -21,8 +21,7 @@ let
  app = "dokuwiki";
  domain = "eh22.easterhegg.eu";
  dataDir = "/srv/www/${domain}";
-in
+in {
 {
  systemd.tmpfiles.rules = [
    "d ${dataDir} 0755 ${app} ${app}"
  ];
--- a/config/hosts/public-web-static/virtualHosts/hacker.tours.nix
+++ b/config/hosts/public-web-static/virtualHosts/hacker.tours.nix
@ -4,8 +4,7 @@ let
  domain = "hacker.tours";
  dataDir = "/var/www/${domain}";
  deployUser = "hackertours-website-deploy";
-in
+in {
 {
  services.nginx.virtualHosts = {
    "acme-${domain}" = {
      enableACME = true;
--- a/config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix
+++ b/config/hosts/public-web-static/virtualHosts/hackertours.hamburg.ccc.de.nix
@ -4,8 +4,7 @@ let
  domain = "hackertours.hamburg.ccc.de";
  dataDir = "/var/www/${domain}";
  deployUser = "ht-ccchh-website-deploy";
-in
+in {
 {
  services.nginx.virtualHosts = {
    "acme-${domain}" = {
      enableACME = true;
--- a/config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix
+++ b/config/hosts/public-web-static/virtualHosts/staging.hacker.tours.nix
@ -4,8 +4,7 @@ let
  domain = "staging.hacker.tours";
  dataDir = "/var/www/${domain}";
  deployUser = "hackertours-website-deploy";
-in
+in {
 {
  services.nginx.virtualHosts = {
    "acme-${domain}" = {
      enableACME = true;
--- a/config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix
+++ b/config/hosts/public-web-static/virtualHosts/staging.hackertours.hamburg.ccc.de.nix
@ -4,8 +4,7 @@ let
  domain = "staging.hackertours.hamburg.ccc.de";
  dataDir = "/var/www/${domain}";
  deployUser = "ht-ccchh-website-deploy";
-in
+in {
 {
  services.nginx.virtualHosts = {
    "acme-${domain}" = {
      enableACME = true;
--- a/config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix
+++ b/config/hosts/woodpecker/woodpecker-agent/woodpecker-agent.nix
@ -3,12 +3,13 @@
 # - https://woodpecker-ci.org/docs/administration/agent-config
 # - https://woodpecker-ci.org/docs/administration/backends/docker
-{ config, pkgs, ... }:
+{ config, pkgs, pkgs-unstable, ... }:
 {
  services.woodpecker-agents.agents."docker" = {
    enable = true;
-    package = pkgs.woodpecker-agent;
+    # Since we use woodpecker-server from unstable, use the agent from unstable as well.
    package = pkgs-unstable.woodpecker-agent;
    extraGroups = [ "docker" ];
    environment = {
      WOODPECKER_SERVER = "localhost${config.services.woodpecker-server.environment.WOODPECKER_GRPC_ADDR}";
--- a/config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix
+++ b/config/hosts/woodpecker/woodpecker-server/woodpecker-server.nix
@ -5,12 +5,14 @@
 # - https://woodpecker-ci.org/docs/administration/forges/forgejo
 # - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
-{ config, pkgs, ... }:
+{ config, pkgs, pkgs-unstable, ... }:
 {
  services.woodpecker-server = {
    enable = true;
-    package = pkgs.woodpecker-server;
+    # Use package from unstable to get at least version 2.6.0 for native Forgejo support.
    # https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.6.0
    package = pkgs-unstable.woodpecker-server;
    environment = {
      WOODPECKER_HOST = "https://woodpecker.hamburg.ccc.de";
      WOODPECKER_SERVER_ADDR = ":8001";
--- a/flake.lock
+++ b/flake.lock
@ -68,10 +68,27 @@
        "type": "github"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
        "lastModified": 1731265036,
        "narHash": "sha256-e5I+glVZwQvLT6WIeMFi0Mk+N/jkYauZ31ir2NRZcf8=",
        "owner": "nixos",
        "repo": "nixpkgs",
        "rev": "8aed22ecd71e5b67e5299efae8b9dc580dec711c",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
        "ref": "nixos-unstable-small",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "nixos-generators": "nixos-generators",
        "nixpkgs": "nixpkgs",
        "nixpkgs-unstable": "nixpkgs-unstable",
        "sops-nix": "sops-nix"
      }
    },
--- a/flake.nix
+++ b/flake.nix
@ -6,6 +6,7 @@
    # https://nixos.org/manual/nixos/stable/#sec-upgrading
    # https://github.com/NixOS/nixpkgs
    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05-small";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
    # Add nixos-generators as an input.
    # See here: https://github.com/nix-community/nixos-generators#using-in-a-flake
@ -22,32 +23,26 @@
    };
  };
-  outputs = { self, nixpkgs, nixos-generators, sops-nix, ... }:
+  outputs = { self, nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }:
    let
      system = "x86_64-linux";
-    in
+      shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {
    {
      overlays = {
        shairportSyncAirplay2 = final: prev: {
        shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
          # See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
          configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
          buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
        });
      };
-      };
+      pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
-      nixosModules = {
+    in
-        common = ./config/common;
+    {
        proxmox-vm = ./config/proxmox-vm;
        prometheus-exporter = ./config/extra/prometheus-exporter.nix;
      };
      nixosConfigurations = {
        audio-hauptraum-kueche = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
-            { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; }
+            { nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; }
            ./config/hosts/audio-hauptraum-kueche
          ];
        };
@ -55,9 +50,9 @@
        audio-hauptraum-tafel = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
-            { nixpkgs.overlays = [ self.overlays.shairportSyncAirplay2 ]; }
+            { nixpkgs.overlays = [ shairportSync431ExtendedNixpkgsUnstableOverlay ]; }
            ./config/hosts/audio-hauptraum-tafel
          ];
        };
@ -65,8 +60,8 @@
        esphome = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            ./config/hosts/esphome
          ];
        };
@ -74,8 +69,8 @@
        public-reverse-proxy = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            ./config/hosts/public-reverse-proxy
          ];
        };
@ -83,10 +78,10 @@
        netbox = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/netbox
          ];
        };
@ -94,10 +89,10 @@
        matrix = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/matrix
          ];
        };
@ -105,10 +100,10 @@
        public-web-static = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/public-web-static
          ];
        };
@ -116,10 +111,10 @@
        git = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/git
          ];
        };
@ -127,10 +122,10 @@
        forgejo-actions-runner = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/forgejo-actions-runner
          ];
        };
@ -138,8 +133,8 @@
        ptouch-print-server = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            ./config/hosts/ptouch-print-server
          ];
        };
@ -147,9 +142,9 @@
        eh22-wiki = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/eh22-wiki
          ];
        };
@ -157,9 +152,9 @@
        nix-box-june = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/nix-box-june
          ];
        };
@ -167,8 +162,8 @@
        yate = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            ./config/hosts/yate
          ];
        };
@ -176,8 +171,8 @@
        mqtt = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            ./config/hosts/mqtt
          ];
        };
@ -185,10 +180,10 @@
        mjolnir = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/mjolnir
          ];
        };
@ -196,19 +191,22 @@
        woodpecker = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/woodpecker
          ];
          specialArgs = {
            inherit pkgs-unstable;
          };
        };
        status = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
            ./config/hosts/status
          ];
@ -217,10 +215,10 @@
        penpot = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
            sops-nix.nixosModules.sops
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/penpot
          ];
        };
@ -228,9 +226,9 @@
        hydra = nixpkgs.lib.nixosSystem {
          inherit system;
          modules = [
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
-            self.nixosModules.prometheus-exporter
+            ./config/extra/prometheus-exporter.nix
            ./config/hosts/hydra
          ];
        };
@ -241,8 +239,8 @@
          system = "x86_64-linux";
          modules = [
            ./config/nixos-generators/proxmox.nix
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
          ];
          format = "proxmox";
        };
@ -252,8 +250,8 @@
          modules = [
            ./config/nixos-generators/proxmox-chaosknoten.nix
            ./config/proxmox-chaosknoten-additional-initial-config.nix
-            self.nixosModules.common
+            ./config/common
-            self.nixosModules.proxmox-vm
+            ./config/proxmox-vm
          ];
          format = "proxmox";
        };