- Added systemd service dependencies for gitea-runner-default
- Ensured nginx.service is required and started before gitea-runner-default
- Maintains proper service startup order for forgejo deployment
- Renamed `setting.main` to `settings.main` in the Postfix module for consistency with configuration standards.
- Ensured proper functionality of service by aligning with expected key structure.
- Renamed and reorganized configuration keys for consistency (`settings` usage).
- Updated Postfix, systemd, and Syncthing configurations to adhere to the standardized format.
- Improved maintainability and readability of NixOS configurations.
- Replaced `inherit` with explicit `settings` for Git user configuration.
- Unified Git configuration structure across NixOS and home modules.
- Adjusted GUI configuration by enabling `gdm.autoSuspend` and reordering options.
- Enabled `services.gnome.gnome-remote-desktop` in the `x1` configuration.
- Removed an unused `lib` parameter in the `forgejo.nix` module.
- Updated the `home-manager` source in the `flake.lock` file with the latest revision and hash.
Switched from `forgejo-actions-runner` to `forgejo-runner` package for the gitea actions runner instance. This aligns with the updated package naming convention in the system configuration. The change ensures proper integration with the forgejo ecosystem and maintains consistency with the project's package structure.
- Introduced a new `wyoming.nix` file with service definitions for `faster-whisper` and `piper`.
- Enabled TCP ports `10200` and `10300` in the firewall for service communication.
- Updated SGX configuration to include `wyoming.nix` in system imports.
- Enabled `libvirtd` in virtualization settings to allow libvirt usage.
- Added `libvirtd` to `user.extraGroups` for better permissions and management.
- Bumped package version from 2.0.36 to 2.0.50.
- Updated package source hash and npmDeps hash to match the new version.
- Refreshed `package-lock.json` with the updated version.
- Reformatted `netatalk` service dependencies for readability.
- Updated `hosts allow` setting to include `100.64.0.` for enhanced network access control.
- Uncommented `rustdesk.nix` in MX system and added `rustdesk-flutter` to GUI services.
- Disabled `services.rustdesk-server.signal` on X1 system to align with updated settings.
- Added extra HTTP headers and security configurations in the Nginx proxy for Headscale.
- Improves websocket handling, security headers, and HTTPS redirection.
- Introduced OIDC settings in Headscale, including allowed domains, client ID, client secret path, and issuer.
- Enables support for OpenID Connect authentication.
- Included `headscale.nix` in the MX system configuration for VPN management.
- Added Nginx and ACME configuration to route traffic securely to Headscale.
- Ensures Headscale is enabled with required settings and packaged in the system.
- Included `tailscale` package in the unstable overlay for additional VPN tools.
- Facilitates easier package management and usage for systems requiring Tailscale.
- Added `services.tailscale.enable = true` to the configurations of SGX, MX, and X1 systems for VPN support.
- Improves secure connectivity and simplifies network management across these systems.
- Added OIDC app to Nextcloud with specific URL, SHA256, and license configuration for authentication support.
- Configured Nginx to redirect `.well-known/webfinger` to Nextcloud for improved compatibility.
- Updated Nextcloud settings to include `overwrite.cli.url` for proper URL handling.
- Changed `powerManagement.cpuFreqGovernor` from `ondemand` to `performance` for enhanced CPU performance.
- Aligns system configuration with performance optimization goals.
- Disabled `security.tpm2.enable` and `security.tpm2.abrmd.enable` options.
- Ensures TPM2-related services are not active on the system for this configuration.
- Added `emailOnFailure.enable` option to metacfg with a default of `false`.
- Enabled email notifications on failure for SGX and MX systems.
- Enhanced `systemd-email-notify` module to support the new configuration.
- Introduced a default `home-manager` configuration for user setup.
- Enabled multiple CLI tools like `bash`, `fish`, `bat`, and `starship`.
- Configured `home.sessionPath` to include the user's bin directory.
- Removed SGX-specific settings including `aesmd_dcap`, `sgx_default_qcnl.conf`, and `security.tpm2` configurations.
- Updated `system.stateVersion` and switched kernel modules to `kvm-amd`.
- Adjusted disk UUIDs and removed unused `/boot` filesystem definition.
