From ad59ddc9dd899f6eeb413cfe01f994bd5dc09f7a Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Wed, 18 Jun 2025 09:34:08 -0500 Subject: [PATCH 1/3] Switch hub to systemd-boot. --- hosts/hub/default.nix | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/hosts/hub/default.nix b/hosts/hub/default.nix index 5bc5534..e32c8c7 100644 --- a/hosts/hub/default.nix +++ b/hosts/hub/default.nix @@ -37,17 +37,12 @@ ./apps/open-webui.nix ]; - boot.loader.grub = { - enable = true; - zfsSupport = true; - efiSupport = true; - efiInstallAsRemovable = true; - mirroredBoots = [ - { - devices = [ "nodev" ]; - path = "/boot"; - } - ]; + boot = { + loader = { + efi.canTouchEfiVariables = true; + systemd-boot.enable = true; + }; + supportedFilesystems = [ "zfs" ]; }; networking = { From bc7d30c1b9ceb1ee4bd50de20f9e775588d55535 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Tue, 15 Jul 2025 07:32:21 -0500 Subject: [PATCH 2/3] Bump dependencies. --- flake.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index 888eba9..7b4c98b 100644 --- a/flake.lock +++ b/flake.lock @@ -151,11 +151,11 @@ ] }, "locked": { - "lastModified": 1749154018, - "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", + "lastModified": 1752544374, + "narHash": "sha256-ReX0NG6nIAEtQQjLqeu1vUU2jjZuMlpymNtb4VQYeus=", "owner": "nix-community", "repo": "home-manager", - "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", + "rev": "2e00ed310c218127e02ffcf28ddd4e0f669fde3e", "type": "github" }, "original": { @@ -167,11 +167,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1750083401, - "narHash": "sha256-ynqbgIYrg7P1fAKYqe8I/PMiLABBcNDYG9YaAP/d/C4=", + "lastModified": 1752048960, + "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "61837d2a33ccc1582c5fabb7bf9130d39fee59ad", + "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806", "type": "github" }, "original": { @@ -215,11 +215,11 @@ }, "nixpkgsUnstable": { "locked": { - "lastModified": 1750134718, - "narHash": "sha256-v263g4GbxXv87hMXMCpjkIxd/viIF7p3JpJrwgKdNiI=", + "lastModified": 1752480373, + "narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9e83b64f727c88a7711a2c463a7b16eedb69a84c", + "rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08", "type": "github" }, "original": { @@ -231,11 +231,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1750133334, - "narHash": "sha256-urV51uWH7fVnhIvsZIELIYalMYsyr2FCalvlRTzqWRw=", + "lastModified": 1752436162, + "narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "36ab78dab7da2e4e27911007033713bab534187b", + "rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8", "type": "github" }, "original": { From c23fb20676d392b19c6001af65cddb894fefce39 Mon Sep 17 00:00:00 2001 From: Nolan Darilek Date: Tue, 15 Jul 2025 07:32:36 -0500 Subject: [PATCH 3/3] Document Nextcloud upgrade process if it breaks again. --- hosts/hub/apps/nextcloud.nix | 36 ++++++++++++++++++++++++++---------- 1 file changed, 26 insertions(+), 10 deletions(-) diff --git a/hosts/hub/apps/nextcloud.nix b/hosts/hub/apps/nextcloud.nix index 97371d5..e0511be 100644 --- a/hosts/hub/apps/nextcloud.nix +++ b/hosts/hub/apps/nextcloud.nix @@ -28,7 +28,7 @@ nextcloud = { enable = true; hostName = "nextcloud.thewordnerd.info"; - package = pkgs.nextcloud30; + package = pkgs.nextcloud31; configureRedis = true; maxUploadSize = "16G"; # autoUpdateApps.enable = true; @@ -54,27 +54,43 @@ }; resolved.enable = true; }; + # IMPORTANT: Nextcloud container startup workaround + # The nextcloud-setup service blocks container startup when it needs to perform upgrades, + # creating a circular dependency: the network can't be configured until the container is ready, + # but the container can't be ready without network access for the upgrade. + # + # To upgrade Nextcloud when changing major versions: + # 1. Uncomment the lines below to disable nextcloud-setup + # 2. Run: nixos-rebuild switch + # 3. Run: nixos-container run nextcloud -- nextcloud-occ upgrade + # 4. Run: nixos-container run nextcloud -- nextcloud-occ maintenance:mode --off + # 5. Comment out the lines below again + # 6. Run: nixos-rebuild switch + # + # systemd.services.nextcloud-setup = { + # enable = false; + # }; programs.nix-ld.enable = true; networking = { firewall.allowedTCPPorts = [ 80 ]; useHostResolvConf = lib.mkForce false; }; - virtualisation.docker.enable = true; - users.users.nextcloud.extraGroups = [ "docker" ]; + # virtualisation.docker.enable = true; + # users.users.nextcloud.extraGroups = [ "docker" ]; environment.systemPackages = with pkgs; [ poppler_utils - (pkgs.writeScriptBin "occ" '' - #!${pkgs.bash}/bin/bash - exec nextcloud-occ "$@" - '') + # (pkgs.writeScriptBin "occ" '' + # #!${pkgs.bash}/bin/bash + # exec nextcloud-occ "$@" + # '') ]; programs.java.binfmt = true; system.stateVersion = "24.11"; }; # https://discourse.nixos.org/t/podman-docker-in-nixos-container-ideally-in-unprivileged-one/22909/12 - additionalCapabilities = [ - ''all" --system-call-filter="add_key keyctl bpf" --capability="all'' - ]; + # additionalCapabilities = [ + # ''all" --system-call-filter="add_key keyctl bpf" --capability="all'' + # ]; bindMounts = { "/run/postgresql" = { hostPath = "/run/postgresql";