From 1cc6abb89ac4cf8b4999ecf224e5060e98fc2552 Mon Sep 17 00:00:00 2001
From: blake <me@blakedheld.xyz>
Date: Fri, 17 Oct 2025 16:11:31 -0500
Subject: [PATCH] testing use of unstable

---
 flake.lock                              | 36 +++++++++++++++++
 hosts/nixos/snowbelle/configuration.nix |  2 +-
 modules/homelab/immich/default.nix      | 51 ++++++++++++++-----------
 3 files changed, 66 insertions(+), 23 deletions(-)

diff --git a/flake.lock b/flake.lock
index a769142..db3b72e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -88,6 +88,23 @@
         "type": "github"
       }
     },
+    "brew-src": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1758543057,
+        "narHash": "sha256-lw3V2jOGYphUFHYQ5oARcb6urlbNpUCLJy1qhsGdUmc=",
+        "owner": "Homebrew",
+        "repo": "brew",
+        "rev": "5b236456eb93133c2bd0d60ef35ed63f1c0712f6",
+        "type": "github"
+      },
+      "original": {
+        "owner": "Homebrew",
+        "ref": "4.6.12",
+        "repo": "brew",
+        "type": "github"
+      }
+    },
     "copyparty": {
       "inputs": {
         "flake-utils": "flake-utils",
@@ -285,6 +302,24 @@
         "type": "github"
       }
     },
+    "nix-homebrew": {
+      "inputs": {
+        "brew-src": "brew-src"
+      },
+      "locked": {
+        "lastModified": 1758598228,
+        "narHash": "sha256-qr60maXGbZ4FX5tejPRI3nr0bnRTnZ3AbbbfO6/6jq4=",
+        "owner": "zhaofengli",
+        "repo": "nix-homebrew",
+        "rev": "f36e5db56e117f7df701ab152d0d2036ea85218c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "zhaofengli",
+        "repo": "nix-homebrew",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1748162331,
@@ -386,6 +421,7 @@
         "copyparty": "copyparty",
         "home-manager": "home-manager",
         "nix-darwin": "nix-darwin",
+        "nix-homebrew": "nix-homebrew",
         "nixpkgs": "nixpkgs_2",
         "nixpkgs-unstable": "nixpkgs-unstable",
         "nvf": "nvf",
diff --git a/hosts/nixos/snowbelle/configuration.nix b/hosts/nixos/snowbelle/configuration.nix
index deab8f1..977dbca 100644
--- a/hosts/nixos/snowbelle/configuration.nix
+++ b/hosts/nixos/snowbelle/configuration.nix
@@ -8,7 +8,7 @@ in
   imports =
     [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
-      ../../../hosts
+      ../../nixos
       ../../../users/blake
       ../../../modules/system
       ../../../modules/holocron
diff --git a/modules/homelab/immich/default.nix b/modules/homelab/immich/default.nix
index 2ecb71a..5542b46 100644
--- a/modules/homelab/immich/default.nix
+++ b/modules/homelab/immich/default.nix
@@ -1,12 +1,16 @@
-{ pkgs, config, lib, inputs, ... }:
-
-let
+{
+  pkgs,
+  config,
+  lib,
+  inputs,
+  unstable_pkgs,
+  ...
+}: let
   service = "immich";
   cfg = config.homelab.${service};
   sec = config.sops.secrets;
   homelab = config.homelab;
-in
-{
+in {
   options.homelab.${service} = {
     enable = lib.mkEnableOption "enables ${service}";
 
@@ -43,9 +47,8 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    
     # declare ${service} group
-    users.groups.${service} = { gid = lib.mkForce cfg.ids; };
+    users.groups.${service} = {gid = lib.mkForce cfg.ids;};
 
     # declare ${service} user
     users.users.${service} = {
@@ -55,13 +58,14 @@ in
       home = cfg.data_dir;
       createHome = true;
       group = service;
-      extraGroups = [ "video" "render" ];
+      extraGroups = ["video" "render"];
     };
 
     # enable the ${service} service
     services.${service} = {
       enable = true;
-      package = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.immich;
+      #package = inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.immich;
+      package = unstable_pkgs.x86_64.immich;
       openFirewall = true;
       user = service;
       group = service;
@@ -72,16 +76,16 @@ in
     };
 
     # override umask to make permissions work out
-#    systemd.services."${toString service}-server".serviceConfig = {
-#      UMask = lib.mkForce "0007";
-#    };
+    #    systemd.services."${toString service}-server".serviceConfig = {
+    #      UMask = lib.mkForce "0007";
+    #    };
 
-#    # open firewall
-#    networking.firewall.allowedTCPPorts = [ cfg.port ];
+    #    # open firewall
+    #    networking.firewall.allowedTCPPorts = [ cfg.port ];
 
     # add to caddy for reverse proxy
     services.caddy.virtualHosts."${cfg.url}" = {
-      serverAliases = [ "photos.${homelab.public_domain}" ];
+      serverAliases = ["photos.${homelab.public_domain}"];
       extraConfig = ''
         tls ${sec."ssl_blakedheld_crt".path} ${sec."ssl_blakedheld_key".path}
         reverse_proxy 127.0.0.1:${toString cfg.port}
@@ -89,16 +93,19 @@ in
     };
 
     # add to glance
-    homelab.glance.links.services = [{
-      title = service;
-      url = "https://photos.${homelab.public_domain}";
-      error-url = "http://${homelab.host_ip}:${toString cfg.port}";
-      check-url = "http://${homelab.host_ip}:${toString cfg.port}";
-      icon = "di:${service}"; }];
+    homelab.glance.links.services = [
+      {
+        title = service;
+        url = "https://photos.${homelab.public_domain}";
+        error-url = "http://${homelab.host_ip}:${toString cfg.port}";
+        check-url = "http://${homelab.host_ip}:${toString cfg.port}";
+        icon = "di:${service}";
+      }
+    ];
 
     # add to backups
     system.backups.baks = {
-      ${service} = { paths = [ cfg.data_dir "/var/lib/redis-immich" ]; };
+      ${service} = {paths = [cfg.data_dir "/var/lib/redis-immich"];};
     };
   };
 }