diff --git a/flake.lock b/flake.lock index f6434fa..e91b1a1 100644 --- a/flake.lock +++ b/flake.lock @@ -58,11 +58,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1736005916, - "narHash": "sha256-a/sqKV5GvqEcQEGfUGQkhWaUnqIRi8oiDAHbBG1oFZg=", + "lastModified": 1733851514, + "narHash": "sha256-fQt/HzF+OBC8xLRYeHiYLSEzjrgOLNWhyd102aY2oLU=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "5db6f7711a28abd4b6bbe152c8a7de9d00b1e30d", + "rev": "b059e1d6e7a94bbeabb4e87d47b5f5097fd61823", "type": "github" }, "original": { @@ -74,16 +74,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1734959339, - "narHash": "sha256-CkUmsVKzAQ/VWIhtxWxlcGtrWVa8hxqsMqvfcsG5ktA=", + "lastModified": 1733849292, + "narHash": "sha256-gJYgrRxytoGHkjeEsiKY/tl06D8XOnZZ9SDpK1WSyUw=", "owner": "goauthentik", "repo": "authentik", - "rev": "e87a17fd8169d3fa92bcc47eb2743928df83bc95", + "rev": "0edd7531a152910e6bdd4f7d3d0cde3ed5fdd956", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2024.12.1", + "ref": "version/2024.10.5", "repo": "authentik", "type": "github" } @@ -246,16 +246,16 @@ ] }, "locked": { - "lastModified": 1735344290, - "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=", + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "613691f285dad87694c2ba1c9e6298d04736292d", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.11", + "ref": "release-24.05", "repo": "home-manager", "type": "github" } @@ -269,11 +269,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1735074045, + "lastModified": 1733868086, "narHash": "sha256-CeYsC8J2dNiV2FCQOxK1oZ/jNpOF2io7aCEFHmfi95U=", "owner": "astro", "repo": "microvm.nix", - "rev": "2ae08de8e8068b00193b9cfbc0acc9dfdda03181", + "rev": "870cb181719aa12baf478d7cde6068ec7ed144ae", "type": "github" }, "original": { @@ -360,11 +360,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1735834308, - "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=", + "lastModified": 1730200266, + "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6df24922a1400241dae323af55f30e4318a6ca65", + "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", "type": "github" }, "original": { @@ -376,16 +376,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1736200483, - "narHash": "sha256-JO+lFN2HsCwSLMUWXHeOad6QUxOuwe9UOAF/iSl1J4I=", + "lastModified": 1733730953, + "narHash": "sha256-dlK7n82FEyZlHH7BFHQAM5tua+lQO1Iv7aAtglc1O5s=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3f0a8ac25fb674611b98089ca3a5dd6480175751", + "rev": "7109b680d161993918b0a126f38bc39763e5a709", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } @@ -408,11 +408,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1735164664, - "narHash": "sha256-DaWy+vo3c4TQ93tfLjUgcpPaSoDw4qV4t76Y3Mhu84I=", + "lastModified": 1730284601, + "narHash": "sha256-eHYcKVLIRRv3J1vjmxurS6HVdGphB53qxUeAkylYrZY=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "1fb01e90771f762655be7e0e805516cd7fa4d58e", + "rev": "43a898b4d76f7f3f70df77a2cc2d40096bc9d75e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 089d94b..f636dcf 100644 --- a/flake.nix +++ b/flake.nix @@ -2,9 +2,9 @@ description = "A simple system flake using some Aux defaults"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; home-manager = { - url = "github:nix-community/home-manager/release-24.11"; + url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; microvm.url = "github:astro/microvm.nix"; diff --git a/hosts/nixmox-curiosity/configuration.nix b/hosts/nixmox-curiosity/configuration.nix index b3d58ff..8527e2b 100644 --- a/hosts/nixmox-curiosity/configuration.nix +++ b/hosts/nixmox-curiosity/configuration.nix @@ -103,6 +103,6 @@ qemuGuest.enable = true; }; - system.stateVersion = "24.11"; # Did you read the comment? + system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/nixmox-curiosity/home.nix b/hosts/nixmox-curiosity/home.nix index 5173e23..e88fe0b 100644 --- a/hosts/nixmox-curiosity/home.nix +++ b/hosts/nixmox-curiosity/home.nix @@ -2,7 +2,7 @@ { home = { username = "tbarnouin"; - stateVersion = "24.11"; + stateVersion = "24.05"; sessionPath = [ "$HOME/.local/bin" ]; diff --git a/hosts/nixmox-perseverance/configuration.nix b/hosts/nixmox-perseverance/configuration.nix index ed6c2c2..778d107 100644 --- a/hosts/nixmox-perseverance/configuration.nix +++ b/hosts/nixmox-perseverance/configuration.nix @@ -103,6 +103,6 @@ qemuGuest.enable = true; }; - system.stateVersion = "24.11"; # Did you read the comment? + system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/hosts/nixmox-perseverance/home.nix b/hosts/nixmox-perseverance/home.nix index 5173e23..e88fe0b 100644 --- a/hosts/nixmox-perseverance/home.nix +++ b/hosts/nixmox-perseverance/home.nix @@ -2,7 +2,7 @@ { home = { username = "tbarnouin"; - stateVersion = "24.11"; + stateVersion = "24.05"; sessionPath = [ "$HOME/.local/bin" ]; diff --git a/services/minimalConfig/default.nix b/services/minimalConfig/default.nix index 2d15b80..fd83cb6 100644 --- a/services/minimalConfig/default.nix +++ b/services/minimalConfig/default.nix @@ -118,7 +118,7 @@ }; system = { - stateVersion = "24.11"; + stateVersion = "24.05"; activationScripts.ensure-ssh-key-dir.text = "mkdir -p /etc/ssh"; }; } diff --git a/services/nginx/default.nix b/services/nginx/default.nix index 9095fcf..626dfe7 100644 --- a/services/nginx/default.nix +++ b/services/nginx/default.nix @@ -61,14 +61,12 @@ in # Enable CSP for your services. #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; - add_header Content-Security-Policy "frame-ancestors self cloud.le43.eu office.le43.eu; upgrade-insecure-requests; frame-src 'self' http://office.le43.eu;"; - # Minimize information leaked to other domains add_header 'Referrer-Policy' 'origin-when-cross-origin'; # Disable embedding as a frame - #add_header X-Frame-Options SAMEORIGIN; + add_header X-Frame-Options SAMEORIGIN; # Prevent injection of code in other mime types (XSS Attacks) add_header X-Content-Type-Options nosniff; @@ -115,7 +113,7 @@ in forceSSL = true; enableACME = true; locations."/" = { - proxyPass = "http://192.168.1.125:8000"; + proxyPass = "http://192.168.1.46"; proxyWebsockets = true; recommendedProxySettings = true; }; diff --git a/systems/minimalLXCConfig.nix b/systems/minimalLXCConfig.nix index 32cbcb3..cc45864 100644 --- a/systems/minimalLXCConfig.nix +++ b/systems/minimalLXCConfig.nix @@ -126,7 +126,7 @@ }; system = { - stateVersion = "24.11"; + stateVersion = "24.05"; activationScripts.ensure-ssh-key-dir.text = "mkdir -p /etc/ssh"; }; } diff --git a/systems/minimalMicrovmConfig.nix b/systems/minimalMicrovmConfig.nix index cd46ddc..ce0ab8a 100644 --- a/systems/minimalMicrovmConfig.nix +++ b/systems/minimalMicrovmConfig.nix @@ -187,7 +187,7 @@ in }; system = { - stateVersion = "24.11"; + stateVersion = "24.05"; activationScripts.ensure-ssh-key-dir.text = "mkdir -p /etc/ssh"; }; }; diff --git a/systems/minimalVMConfig.nix b/systems/minimalVMConfig.nix index 1431860..bb06f68 100644 --- a/systems/minimalVMConfig.nix +++ b/systems/minimalVMConfig.nix @@ -114,7 +114,7 @@ }; system = { - stateVersion = "24.11"; + stateVersion = "24.05"; activationScripts.ensure-ssh-key-dir.text = "mkdir -p /etc/ssh"; }; }