sync

2026-01-25 14:42:55 +00:00 · 2025-07-01 16:32:59 +00:00
parent de3b3aea49
commit eb1a74d694
7 changed files with 41 additions and 60 deletions
--- a/modules/cifs.nix
+++ b/modules/cifs.nix
@@ -6,7 +6,6 @@
  ...
 }: {
  services.samba.openFirewall = true;
-
  #services.samba-wsdd.enable = true; # make shares visible for windows 10 clients
  networking.firewall.allowedTCPPorts = [
    5357 # wsdd
@@ -14,29 +13,26 @@
  networking.firewall.allowedUDPPorts = [
    3702 # wsdd
  ];
-
  systemd.tmpfiles.rules = [
    "d /shares/Public 0777 root root - -"
  ];
-
  services.samba = {
    enable = true;
-    securityType = "user";
-    extraConfig = ''
-      workgroup = WORKGROUP
-      server string = smbnix
-      netbios name = smbnix
-      disable netbios = yes
-      security = user
-      #use sendfile = yes
-      #max protocol = smb2
-      # note: localhost is the ipv6 localhost ::1
-      hosts allow = 192.168.1. 127.0.0.1 localhost
-      hosts deny = 0.0.0.0/0
-      guest account = nobody
-      map to guest = bad user
-    '';
-    shares = {
+    settings = {
+      global = {
+        workgroup = "WORKGROUP";
+        "server string" = "smbnix";
+        "netbios name" = "smbnix";
+        "disable netbios" = "yes";
+        security = "user";
+        #"use sendfile" = "yes";
+        #"max protocol" = "smb2";
+        # note: localhost is the ipv6 localhost ::1
+        "hosts allow" = "192.168.1. 127.0.0.1 localhost";
+        "hosts deny" = "0.0.0.0/0";
+        "guest account" = "nobody";
+        "map to guest" = "bad user";
+      };
      public = {
        path = "/shares/Public";
        browseable = "no";
@@ -48,8 +44,8 @@
        "force group" = "samba-guest";
      };
    };
+    
  };
-
  users.users.samba-guest = {
    isSystemUser = true;
    description = "Residence of our Samba guest users";
@@ -59,4 +55,4 @@
    shell = pkgs.shadow;
  };
  users.groups.samba-guest = {};
-}
+}
--- a/modules/common.nix
+++ b/modules/common.nix
@@ -32,7 +32,8 @@
    };

    # Enable nix flakes
-    nix.package = pkgs.nixFlakes;
+    # nix.package = pkgs.nixFlakes;  #Deprecated
+    nix.package = pkgs.nixVersions.stable;
    nix.extraOptions = ''
      experimental-features = nix-command flakes
    '';
--- a/modules/kboot-conf/default.nix
+++ b/modules/kboot-conf/default.nix
@@ -8,16 +8,14 @@ with lib; let
  cfg = config.boot.loader.kboot-conf;

  # The builder used to write during system activation
-  builder = pkgs.substituteAll {
-    src = ./generate-kboot-conf.sh;
-    isExecutable = true;
+  # The builder used to write during system activation
+  builder = pkgs.replaceVars ./generate-kboot-conf.sh {
    path = [pkgs.coreutils pkgs.gnused pkgs.gnugrep];
    inherit (pkgs) bash;
  };
+  
  # The builder exposed in populateCmd, which runs on the build architecture
-  populateBuilder = pkgs.buildPackages.substituteAll {
-    src = ./generate-kboot-conf.sh;
-    isExecutable = true;
+  populateBuilder = pkgs.buildPackages.replaceVars ./generate-kboot-conf.sh {
    path = with pkgs.buildPackages; [coreutils gnused gnugrep];
    inherit (pkgs.buildPackages) bash;
  };
--- a/modules/nomad.nix
+++ b/modules/nomad.nix
@@ -58,7 +58,7 @@
  ];

  services.nomad = {
-    package = pkgs.nomad_1_6;
+    package = pkgs.nomad_1_9;
    dropPrivileges = false;
    enableDocker = true;
    enable = true;