cleanup

common/hardware/laptop.nix

@@ -68,14 +68,7 @@ in
         ];
         loader.systemd-boot.enable = true;
         extraModulePackages = [
-          (config.boot.kernelPackages.ddcci-driver.overrideAttrs (old: {
+          config.boot.kernelPackages.ddcci-driver
-            patches = [
-              (pkgs.fetchpatch {
-                url = "https://gitlab.com/Sweenu/ddcci-driver-linux/-/commit/7f851f5fb8fbcd7b3a93aaedff90b27124e17a7e.patch";
-                hash = "sha256-Y1ktYaJTd9DtT/mwDqtjt/YasW9cVm0wI43wsQhl7Bg=";
-              })
-            ];
-          }))
         ];
         kernelModules = [
           "ddcci_backlight"

fake_flake.nix

@@ -43,6 +43,7 @@ in
     "${nivSources.agenix}/modules/age.nix"
     "${nivSources.nixos-mailserver}/default.nix"
     "${nivSources.nixos-matrix-modules}/module.nix"
+    "${nivSources.authentik-nix}/module.nix"
 
     # fixme: ideally we'd not rely on the flake syntax to load the module
     (builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default

modules/default.nix

@@ -51,7 +51,15 @@ in
       type = types.attrsOf (
         types.submodule (
           { config, ... }:
-          rec {
+          let 
+            type_lookup = {
+                  proxy = { locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.port}"; };
+                  redirect = { locations."/".return = "307 https://${domain}"; };
+                  custom = {};
+                  none = {};
+                };
+          in
+            {
             options = {
               port = mkOption {
                 type = types.int;
@@ -63,27 +71,13 @@ in
                 description = "name if the vhost";
               };
               accessType = mkOption {
-                type = types.enum [
+                type = types.enum (lib.attrNames type_lookup);
-                  "proxy"
+                default = "none";
-                  "redirect"
-                  "custom"
-                  "none"
-                ];
-                default = "proxy";
                 description = "nginx template to use";
               };
               extraNginx = mkOption {
                 type = types.attrs;
-                default =
+                default = type_lookup.${config.accessType};
-                  if config.accessType == "redirect" then
-                    { locations."/".return = "307 https://${domain}"; }
-                  else
-                    (
-                      if config.accessType == "proxy" then
-                        { locations."/".proxyPass = "http://127.0.0.1:${builtins.toString config.port}"; }
-                      else
-                        { }
-                    );
                 description = "location definition for nginx";
               };
             };
@@ -183,19 +177,7 @@ in
         nix_cache_host = rec {
           host = "nixcache.${domain}";
           port = 5000;
-#          accessType = "custom";
+
-#          extraNginx.locations."/".extraConfig = ''
-#        proxy_pass http://127.0.0.1:${builtins.toString port};
-#       proxy_set_header Host $host;
-#        proxy_redirect http:// https://;
-#        proxy_http_version 1.1;
-#        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#        proxy_set_header Upgrade $http_upgrade;
-#        proxy_set_header Connection $connection_upgrade;
-#
-#        zstd on;
-#        zstd_types application/x-nix-archive;
-#      '';
         };
       };
     };

nix/sources.json

@@ -11,16 +11,28 @@
         "url": "https://github.com/ryantm/agenix/archive/8d37c5bdeade12b6479c85acd133063ab53187a0.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
+    "authentik-nix": {
+        "branch": "main",
+        "description": "Nix flake with package, NixOS module and basic VM test for authentik. Trying to provide an alternative deployment mode to the officially supported docker-compose approach. Not affiliated with or officially supported by the authentik project [maintainer=@willibutz]",
+        "homepage": "",
+        "owner": "nix-community",
+        "repo": "authentik-nix",
+        "rev": "e9ae3992d542972d787adf2b200a7489ca83aa91",
+        "sha256": "08ppl68pmz6042cxa3j7fjpz6r6ym3dmp8h40c5q3bx3a77zwm94",
+        "type": "tarball",
+        "url": "https://github.com/nix-community/authentik-nix/archive/e9ae3992d542972d787adf2b200a7489ca83aa91.tar.gz",
+        "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
+    },
     "chaotic": {
         "branch": "main",
         "description": "Nix flake for \"too much bleeding-edge\" and unreleased packages (e.g., mesa_git, linux_cachyos, firefox_nightly, sway_git, gamescope_git). And experimental modules (e.g., HDR, duckdns).",
         "homepage": "https://nyx.chaotic.cx",
         "owner": "chaotic-cx",
         "repo": "nyx",
-        "rev": "dcb0f06376629577a71a5322566acaf5c33bc232",
+        "rev": "bae54b9e537d17c298b30436990d4962caab73d0",
-        "sha256": "0cgddk9mdw6v1dmz55w2xcfbg26mxyyqs21hcbk0lpz6rgcb7lqg",
+        "sha256": "13p1ygwf7q95na4lc3b4cp8rinpc4jvdhyz4c50ig77iz55mvbij",
         "type": "tarball",
-        "url": "https://github.com/chaotic-cx/nyx/archive/dcb0f06376629577a71a5322566acaf5c33bc232.tar.gz",
+        "url": "https://github.com/chaotic-cx/nyx/archive/bae54b9e537d17c298b30436990d4962caab73d0.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "lix-module": {
@@ -32,7 +44,7 @@
     "lix-pkg": {
         "branch": "main",
         "repo": "https://git.lix.systems/lix-project/lix.git",
-        "rev": "9ae90612a7535b87f26f2f9ff6b6ef2bb066998f",
+        "rev": "ceccac835c55e3b5c805851bad871360641ff1d9",
         "type": "git"
     },
     "nixos-mailserver": {