do a small amount of refactoring, change versions to 25.11, and make a systemd unit to upgrade nextcloud daily on queen

2025-08-25 12:15:58 +02:00 · 2025-08-25 12:15:58 +02:00 · 9749e5bd55
commit 9749e5bd55
parent 015061c001
10 changed files with 81 additions and 52 deletions
--- a/nixos/shared/default.nix
+++ b/nixos/shared/default.nix
@ -4,7 +4,6 @@
  lib,
  config,
  pkgs,
-  mkIf,
  ...
 }: {
  imports = [
@ -91,13 +90,15 @@
    # grub.enable = false;
  };

-  programs.zsh = {
-    enable = true;
-  };
+  programs = {
+    zsh = {
+      enable = true;
+    };

-  programs.gnupg.agent = {
-    enable = true;
-    enableBrowserSocket = true;
+    gnupg.agent = {
+      enable = true;
+      enableBrowserSocket = true;
+    };
  };

  stylix = {
@ -174,36 +175,37 @@
    #   sansSerif = ["Atkinson Hyperlegible"];
    # };
  };
-
-  systemd.services."shutdown-zellij-zsh" = {
-    path = with pkgs; [killall];
-    enable = true;
-    unitConfig = {
-      Before = "shutdown.target";
-    };
-    serviceConfig = {
-      Type = "oneshot";
-      ExecStart = "${pkgs.killall}/bin/killall -SIGKILL zellij zsh";
-      RemainAfterExit = "yes";
-    };
-  };
-
-  systemd.services."start-vpn-wg" =
-    if config.services.vpn-ip.enable
-    then {
-      path = with pkgs; [systemd];
+  systemd = {
+    services."shutdown-zellij-zsh" = {
+      path = with pkgs; [killall];
      enable = true;
      unitConfig = {
-        Wants = "network-online.target";
-        After = "network-online.target";
+        Before = "shutdown.target";
      };
      serviceConfig = {
        Type = "oneshot";
-        ExecStart = "${pkgs.systemd}/bin/systemctl start wg-quick-wg0.service";
+        ExecStart = "${pkgs.killall}/bin/killall -SIGKILL zellij zsh";
        RemainAfterExit = "yes";
      };
-    }
-    else {};
+    };
+
+    services."start-vpn-wg" =
+      if config.services.vpn-ip.enable
+      then {
+        path = with pkgs; [systemd];
+        enable = true;
+        unitConfig = {
+          Wants = "network-online.target";
+          After = "network-online.target";
+        };
+        serviceConfig = {
+          Type = "oneshot";
+          ExecStart = "${pkgs.systemd}/bin/systemctl start wg-quick-wg0.service";
+          RemainAfterExit = "yes";
+        };
+      }
+      else {};
+  };

  networking =
    if config.services.vpn-ip.enable
@ -252,20 +254,22 @@
  };

  users = {
-    users.lillian = {
-      isNormalUser = true;
-      extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];
-      shell = pkgs.zsh;
-      hashedPasswordFile = config.sops.secrets."lillian-password".path;
-      openssh.authorizedKeys.keys = [
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhwA+ZdP2tEBYQNdzLHZzFHxocyeqzhXI6tFpaZA3PZ lillian@EDI"
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30G2PJOnI6jnAtxOQV0SpLFUva0adarLZLvaoZvjGE lillian@GLaDOS"
-      ];
+    users = {
+      lillian = {
+        isNormalUser = true;
+        extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];
+        shell = pkgs.zsh;
+        hashedPasswordFile = config.sops.secrets."lillian-password".path;
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhwA+ZdP2tEBYQNdzLHZzFHxocyeqzhXI6tFpaZA3PZ lillian@EDI"
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30G2PJOnI6jnAtxOQV0SpLFUva0adarLZLvaoZvjGE lillian@GLaDOS"
+        ];
+      };
+
+      root = {
+        hashedPassword = "*";
+      };
    };
    mutableUsers = false;
-
-    users.root = {
-      hashedPassword = "*";
-    };
  };
 }