Bump nixpkgs and rust-overlay in flake.lock. Add a wud container
(ghcr.io/getwud/wud) on port 8186 and enable paperless on port 8187
with OCR settings and public consumption. Switch homepage theme to
light and set a background image. Comment out onnxruntime CUDA overlay.
Rename group "libvirt" to "libvirtd".
Add diffoscope and nix-index to systemPackages.
Replace hplipWithPlugin with hplip.
Enable spice USB redirection and add pkgs.virtiofsd to
virtualisation.libvirtd.qemu.vhostUserPackages.
Open firewall ports for Scrutiny (8185) and homepage (8080).
Add binutils to systemPackages and enable services.influxdb2.
Configure Scrutiny to use InfluxDB.
Enable homepage-dashboard with widgets, bookmarks and an
environmentFile for secrets.
Fix docker pull string formatting and minor whitespace cleanup.
Enable and configure openssh service:
- enable service
- disable PasswordAuthentication and KbdInteractiveAuthentication
- set PermitRootLogin to prohibit-password (allow root keys only)
- add ed25519 public key to authorizedKeys
Open firewall TCP port 22
Add detailed fail2ban configuration: global settings, immich and
forgejo jails with systemd backend, journalmatch identifiers and
local filter definitions.
Remove standalone services.fail2ban.enable and eliminate unused
TCP port 9000 plus a debug log-level flag in netflow2ng. Add nixpkgs
overlay to
build onnxruntime with cudaSupport.
Enable hardware.graphics, nvidia.open and nvidia-container-toolkit; set
xserver video driver to nvidia and enable nixpkgs.allowUnfree
Update Frigate container to stable-tensorrt, add nvidia GPU device,
mount model cache and add --privileged
Add lshw to system packages
