Update nixpkgs 2025-09-08-01-03

2025-09-08 03:04:03 +02:00
8 changed files with 7 additions and 154 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -404,26 +404,6 @@
        "url": "https://git.clerie.de/clerie/mitel_ommclient2.git"
      }
    },
    "mu5001tool": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1757364612,
        "narHash": "sha256-6MSqlWHH15qbWbvS9b6OTGdtIkW6GVb9SSLkEYAMdDw=",
        "ref": "refs/heads/main",
        "rev": "cb758d9bc97baa11e80a048e666c99986cabed43",
        "revCount": 6,
        "type": "git",
        "url": "https://git.clerie.de/clerie/mu5001tool.git"
      },
      "original": {
        "type": "git",
        "url": "https://git.clerie.de/clerie/mu5001tool.git"
      }
    },
    "nix2container": {
      "flake": false,
      "locked": {
@@ -763,7 +743,6 @@
        "hydra": "hydra",
        "lix": "lix_2",
        "lix-module": "lix-module",
        "mu5001tool": "mu5001tool",
        "nixos-exporter": "nixos-exporter",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_5",
--- a/flake.nix
+++ b/flake.nix
@@ -40,10 +40,6 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };
    fieldpoc.url = "git+https://git.clerie.de/clerie/fieldpoc.git";
    mu5001tool = {
      url = "git+https://git.clerie.de/clerie/mu5001tool.git";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nixos-exporter = {
      url = "git+https://git.clerie.de/clerie/nixos-exporter.git";
      inputs.nixpkgs.follows = "nixpkgs";
--- a/flake/inputs-overlay.nix
+++ b/flake/inputs-overlay.nix
@@ -5,7 +5,6 @@
 , chaosevents
 , harmonia
 , hydra
 , mu5001tool
 , nurausstieg
 , rainbowrss
 , scan-to-gpg
@@ -26,8 +25,6 @@ final: prev: {
    harmonia;
  inherit (hydra.packages.${final.system})
    hydra;
  inherit (mu5001tool.packages.${final.system})
    mu5001tool;
  inherit (nurausstieg.packages.${final.system})
    nurausstieg;
  inherit (rainbowrss.packages.${final.system})
--- a/hosts/astatine/configuration.nix
+++ b/hosts/astatine/configuration.nix
@@ -4,10 +4,6 @@
  imports =
    [
      ./hardware-configuration.nix
      ./grafana.nix
      ./mu5001tool.nix
      ./prometheus.nix
    ];
  profiles.clerie.network-fallback-dhcp.enable = true;
@@ -22,16 +18,6 @@
    terminal_output serial
  ";
  sops.secrets.monitoring-htpasswd = {
    owner = "nginx";
    group = "nginx";
  };
  services.nginx = {
    enable = true;
  };
  networking.firewall.allowedTCPPorts = [ 80 443 ];
  profiles.clerie.wg-clerie = {
    enable = true;
    ipv6s = [ "2a01:4f8:c0c:15f1::8108/128" ];
--- a/hosts/astatine/grafana.nix
+++ b/hosts/astatine/grafana.nix
@@ -1,45 +0,0 @@
 { config, ... }:
 {
  services.grafana = {
    enable  = true;
    settings = {
      server = {
        domain = "grafana.astatine.net.clerie.de";
        root_url = "https://grafana.astatine.net.clerie.de";
        http_port = 3001;
        http_addr = "::1";
      };
      "auth.anonymous" = {
        enabled = true;
      };
    };
    provision = {
      enable = true;
      datasources.settings.datasources = [
        {
          type = "prometheus";
          name = "Prometheus";
          url = "http://[::1]:9090";
          isDefault = true;
        }
      ];
    };
  };
  services.nginx = {
    virtualHosts = {
      "grafana.astatine.net.clerie.de" = {
        enableACME = true;
        forceSSL   = true;
        basicAuthFile = config.sops.secrets.monitoring-htpasswd.path;
        locations."/".proxyPass = "http://[::1]:3001/";
        locations."= /api/live/ws" = {
          proxyPass = "http://[::1]:3001";
          proxyWebsockets = true;
        };
      };
    };
  };
 }
--- a/hosts/astatine/mu5001tool.nix
+++ b/hosts/astatine/mu5001tool.nix
@@ -1,16 +0,0 @@
 { config, pkgs, lib, ... }:
 {
  systemd.services."mu5001tool" = {
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      DynamicUser = true;
      LoadCredential = "zte-hypermobile-5g-password:${config.sops.secrets."zte-hypermobile-5g-password".path}";
    };
    script = ''
      ${lib.getExe pkgs.mu5001tool} --password-file ''${CREDENTIALS_DIRECTORY}/zte-hypermobile-5g-password prometheus-exporter --listen-port 9242
    '';
  };
 }
--- a/hosts/astatine/prometheus.nix
+++ b/hosts/astatine/prometheus.nix
@@ -1,46 +0,0 @@
 { config, ... }:
 {
  services.prometheus = {
    enable = true;
    enableReload = true;
    listenAddress = "[::1]";
    scrapeConfigs = [
      {
        job_name = "prometheus";
        scrape_interval = "20s";
        scheme = "http";
        static_configs = [
          {
            targets = [
              "[::1]:9090"
            ];
          }
        ];
      }
      {
        job_name = "mu5001tool";
        scrape_interval = "20s";
        static_configs = [
          {
            targets = [
              "[::1]:9242"
            ];
          }
        ];
      }
    ];
  };
  services.nginx = {
    virtualHosts = {
      "prometheus.astatine.net.clerie.de" = {
        enableACME = true;
        forceSSL   = true;
        basicAuthFile = config.sops.secrets.monitoring-htpasswd.path;
        locations."/".proxyPass = "http://[::1]:9090/";
      };
    };
  };
 }
--- a/hosts/astatine/secrets.json
+++ b/hosts/astatine/secrets.json
@@ -1,17 +1,19 @@
 {
 	"wg-clerie": "ENC[AES256_GCM,data:DbchcO6GTmSFyoHrRAkfu2flaKYrQHPk+rIerekYO4Cto9sqaWLgaSigpS8=,iv:no1xNRVqsKzAN6ssYA0Ir+utOM9tg8OBUT9PY2v0HPA=,tag:lZj1wEPFWHaf52N7YHEQKQ==,type:str]",
 	"wg-monitoring": "ENC[AES256_GCM,data:dTKKeieaGvECkHUpATLorhOgr9Re5CAH25y1WTcSqJZDsvnwD4CBbqMv2QQ=,iv:u1n1wyAW5aNcVYfGN8BmrEhIhtA3EfRDBNu65IdBZMI=,tag:RJYgOpel9uy6dC72MmqS5A==,type:str]",
 	"monitoring-htpasswd": "ENC[AES256_GCM,data:0uQ+Gwedi9kTaOzrwVzkNkS9qL0Dwmph1leK2sj/TndfSn3yaq7ur7ZHoPjWUl5Oy1poxU2rIUxWHajYC0n3yHv2AuGT,iv:FyH4MHcgW5iHkAsahNFtshnqqPOMlukg8aYfhcN9onw=,tag:q3BsnyKLrKYi/xDP6GmSkA==,type:str]",
 	"zte-hypermobile-5g-password": "ENC[AES256_GCM,data:lqxQICmWYwMejn8=,iv:TPYOs/cL/ETw7Ee0+YG/+Fhd7ASi0kr4rDLEiste+2Y=,tag:6O6AXIHkIjPm7hJVC4Y/1g==,type:str]",
 	"sops": {
 		"kms": null,
 		"gcp_kms": null,
 		"azure_kv": null,
 		"hc_vault": null,
 		"age": [
 			{
 				"recipient": "age1fffvnazdv3ys9ww8v4g832hv5nkvnk6d728syerzvpgskfmfkq8q00whpv",
 				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMQUF5dkRwdXRmUkJ1SXN5\nLzdOVkhWYUJGdFd4Qklsa1BXeVZlTGx0eDE0ClZmYWNLMEVzaVVXWGkwQUt5ZHF5\nS1c5OU9PWjBTelM5R2phNFdVNncxUUkKLS0tIDlwSXFyZWNVT1dtdGU5dVFSRHNE\nUUpJZHJZRTd6TnBUU2dCWW90UTRVb0UKCWrHWmQTNhez16wgEKj4EQA4+UBRmGQn\n+NHSjBCMBmmTdHb05nENYVK515Z0T/60+9N3VlNyHWS9IgC3mZRUBg==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
-		"lastmodified": "2025-09-08T21:03:41Z",
+		"lastmodified": "2024-04-21T16:03:13Z",
-		"mac": "ENC[AES256_GCM,data:ztS/Z6mn8hFAPsks2evJRJFocw/3oz22O2HeSEkY7Mu+bfNvClsJuvuTbnDadB0IwKiLDFWRMGs/UPFmNP6J/euro4cFHDWXopdXg7eDFGDoJDKIg4fBUtofdXIqWvDoQ9LeZNvc5Z4EEQYhs3LwFnAU0x15acwIIxr5TB9l8g8=,iv:WVjavmcrEs2CyYTfoTTP44c9TqFubUdE+PBN2jRPR+s=,tag:fBXzU69Q9MwD3o/Nyu5OZA==,type:str]",
+		"mac": "ENC[AES256_GCM,data:fA8fhOZbX30TYgwZXB7sQDNmck0JRDyAnEXf5nCYtli/Qvs78fTs4DdC08VOpOni8uAVARkFsGSo6Fjo/MpTSDVA8VNYZig/we/bWF+LQlEMCmiqwOI1R6eQ3GPxcRXltlO2aPPlT9BpLwIVZjGGjIsmjpVE8xjkCbLUUqj+UxY=,iv:fHLyw96QLVRrAQky2kR7TDDxf8CNXDV9lVQ5RETzJEI=,tag:y+cG9u3d6vCUmPyNMDRWpA==,type:str]",
 		"pgp": [
 			{
 				"created_at": "2024-04-21T16:02:41Z",