diff --git a/configuration/default.nix b/configuration/default.nix index 1f7a276..f69ec09 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -108,14 +108,11 @@ services.openssh = { enable = true; allowSFTP = false; + passwordAuthentication = false; + permitRootLogin = "no"; ports = [2222]; startWhenNeeded = true; - - settings = { - GatewayPorts = "yes"; - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; + gatewayPorts = "yes"; }; security = { diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix index c636078..1d3308a 100644 --- a/configuration/services/gitea.nix +++ b/configuration/services/gitea.nix @@ -2,19 +2,18 @@ domain = "gitea.${config.services.nginx.domain}"; in { services.gitea = { + inherit domain; enable = true; + + httpAddress = "127.0.0.1"; database.type = "postgres"; + rootUrl = "https://${domain}/"; + appName = "Gitea: Git with a cup of tea"; settings = { - server = { - DOMAIN = domain; - HTTP_ADDR = "127.0.0.1"; - ROOT_URL = "https://${domain}/"; - SSH_PORT = 2222; - }; - + server.SSH_PORT = 2222; service.DISABLE_REGISTRATION = true; session.COOKIE_SECURE = true; }; @@ -22,8 +21,7 @@ in { # Set up SSL services.nginx.virtualHosts."${domain}" = let - httpAddress = config.services.gitea.settings.server.HTTP_ADDR; - httpPort = config.services.gitea.settings.server.HTTP_PORT; + inherit (config.services.gitea) httpAddress httpPort; in { forceSSL = true; enableACME = true; diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix index 1551ab3..c25cfb2 100644 --- a/configuration/services/nextcloud.nix +++ b/configuration/services/nextcloud.nix @@ -3,7 +3,7 @@ config, ... }: let - nextcloud = pkgs.nextcloud26; + nextcloud = pkgs.nextcloud25; hostName = "nextcloud.${config.services.nginx.domain}"; in { services.nextcloud = { @@ -27,12 +27,6 @@ in { defaultPhoneRegion = "AT"; }; - phpOptions = - config.services.nextcloud.phpOptions.default - // { - "opcache.interned_strings_buffer" = "16"; - }; - extraApps = { inherit (pkgs.local) bookmarks calendar contacts cookbook news notes; }; diff --git a/flake.lock b/flake.lock index 590dec9..3fe3b91 100644 --- a/flake.lock +++ b/flake.lock @@ -20,16 +20,15 @@ "crane": { "flake": false, "locked": { - "lastModified": 1681175776, - "narHash": "sha256-7SsUy9114fryHAZ8p1L6G6YSu7jjz55FddEwa2U8XZc=", + "lastModified": 1670900067, + "narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=", "owner": "ipetkov", "repo": "crane", - "rev": "445a3d222947632b5593112bb817850e8a9cf737", + "rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b", "type": "github" }, "original": { "owner": "ipetkov", - "ref": "v0.12.1", "repo": "crane", "type": "github" } @@ -41,11 +40,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1686747123, - "narHash": "sha256-XUQK9kwHpTeilHoad7L4LjMCCyY13Oq383CoFADecRE=", + "lastModified": 1674127017, + "narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=", "owner": "serokell", "repo": "deploy-rs", - "rev": "724463b5a94daa810abfc64a4f87faef4e00f984", + "rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77", "type": "github" }, "original": { @@ -90,11 +89,11 @@ "pruned-racket-catalog": "pruned-racket-catalog" }, "locked": { - "lastModified": 1686064783, - "narHash": "sha256-qyptOk4vDut2JkRMJ+815eJNqqd8gIfjpz3l4WCCtMY=", + "lastModified": 1680605243, + "narHash": "sha256-dUrxj653kcLvjNKRI7NoTJoj+Q7G+vOYsl4iuwtnIWo=", "owner": "nix-community", "repo": "dream2nix", - "rev": "0c064fa9dd025069cc215b0a8b4eb5ea734aceb0", + "rev": "34a80ab215f1f24068ea9c76f3a7e5bc19478653", "type": "github" }, "original": { @@ -122,11 +121,11 @@ ] }, "locked": { - "lastModified": 1680698112, - "narHash": "sha256-FgnobN/DvCjEsc0UAZEAdPLkL4IZi2ZMnu2K2bUaElc=", + "lastModified": 1680172861, + "narHash": "sha256-QMyI338xRxaHFDlCXdLCtgelGQX2PdlagZALky4ZXJ8=", "owner": "davhau", "repo": "drv-parts", - "rev": "e8c2ec1157dc1edb002989669a0dbd935f430201", + "rev": "ced8a52f62b0a94244713df2225c05c85b416110", "type": "github" }, "original": { @@ -144,11 +143,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1686637310, - "narHash": "sha256-sGfKyioVsxQppDM0eDO62wtFiz+bZOD0cBMMIEjqn4I=", + "lastModified": 1681712564, + "narHash": "sha256-14QeQU5m1iJg4v+HnLnH1X5W2V1d0lHfaHxDJP/6aig=", "owner": "nix-community", "repo": "fenix", - "rev": "6fbeedcd2fc1fba77152e13fd7492824d77a4060", + "rev": "0d8c0d08db5fe6e5d995f4584f991ad60bbb1673", "type": "github" }, "original": { @@ -176,11 +175,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -228,15 +227,12 @@ } }, "flake-utils": { - "inputs": { - "systems": "systems" - }, "locked": { - "lastModified": 1687171271, - "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -267,11 +263,11 @@ ] }, "locked": { - "lastModified": 1688686059, - "narHash": "sha256-1q+xdGil+mVkIMHovLv8bkXvwLjk92X6t0bvTpZVYb0=", + "lastModified": 1677026752, + "narHash": "sha256-cYeFDzb0kmKQhBuN0vYWoLulCqj3vf7QhvnsPBO66vc=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "440d3502d17c45d8dfeee5c1833d1ff03525a07b", + "rev": "6c52bfc6824a3dba673df4894a71193ec32aa399", "type": "github" }, "original": { @@ -361,27 +357,27 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1690066826, - "narHash": "sha256-6L2qb+Zc0BFkh72OS9uuX637gniOjzU6qCDBpjB2LGY=", + "lastModified": 1681613598, + "narHash": "sha256-Ogkoma0ytYcDoMR2N7CZFABPo+i0NNo26dPngru9tPc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ce45b591975d070044ca24e3003c830d26fea1c8", + "rev": "1040ce5f652b586da95dfd80d48a745e107b9eac", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-23.05", + "ref": "release-22.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1690272529, - "narHash": "sha256-MakzcKXEdv/I4qJUtq/k/eG+rVmyOZLnYNC2w1mB59Y=", + "lastModified": 1681648924, + "narHash": "sha256-pzi3HISK8+7mpEtv08Yr80wswyHKsz+RP1CROG1Qf6s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ef99fa5c5ed624460217c31ac4271cfb5cb2502c", + "rev": "f294325aed382b66c7a188482101b0f336d1d7db", "type": "github" }, "original": { @@ -408,16 +404,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1690370995, - "narHash": "sha256-9z//23jGegLJrf3ITStLwVf715O39dq5u48Kr/XW14U=", + "lastModified": 1681696129, + "narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f3fbbc36b4e179a5985b9ab12624e9dfe7989341", + "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-23.05", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } @@ -446,11 +442,11 @@ ] }, "locked": { - "lastModified": 1687440270, - "narHash": "sha256-aOAXvfVn+MBSkU+xlQEiyoGpRaF6NvQdpWIhw5OH/Dc=", + "lastModified": 1672979485, + "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", "owner": "berberman", "repo": "nvfetcher", - "rev": "44196458acc2c28c32e456c50277d6148e71e708", + "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", "type": "github" }, "original": { @@ -534,11 +530,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1686586902, - "narHash": "sha256-+zfBFBmUxWutKbhdntI9uvF4D5Rh7BhcByM2l+ReyTw=", + "lastModified": 1681679582, + "narHash": "sha256-bijdVXzzfVSMHCjRuQ+PysNJt0Ei2mIhs+CPnR6yP4w=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "1f1fe81f0db301124b3026bd2940294526cdd852", + "rev": "bab80dae445fd576cb4cc22ba208e9fbc39dc18d", "type": "github" }, "original": { @@ -556,11 +552,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1690199016, - "narHash": "sha256-yTLL72q6aqGmzHq+C3rDp3rIjno7EJZkFLof6Ika7cE=", + "lastModified": 1681721408, + "narHash": "sha256-NWCbZKOQEXz1hA2YDFxdd+fVrrw9edbG1DvbbLf7KUY=", "owner": "Mic92", "repo": "sops-nix", - "rev": "c36df4fe4bf4bb87759b1891cab21e7a05219500", + "rev": "de6514f8fe1b3c2b57307569a0898bc4be9ae1c5", "type": "github" }, "original": { @@ -569,21 +565,6 @@ "type": "github" } }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "tlaternet-webserver": { "inputs": { "dream2nix": "dream2nix", @@ -593,11 +574,11 @@ ] }, "locked": { - "lastModified": 1686688441, - "narHash": "sha256-rcqAQzExGu0uV9Din8yy+Nn8FQvG/Itm8hp66amDj6o=", + "lastModified": 1681761148, + "narHash": "sha256-eub9HQGCCjxOc+u4p9Om8y5EcVlBJOQOoK4APxXAbhc=", "ref": "refs/heads/master", - "rev": "c573a6f81827594ceeffbfa058659e2fc20e4a1e", - "revCount": 66, + "rev": "2ca66c4fe1b8cfdd5d873cadb2735cef555dacca", + "revCount": 62, "type": "git", "url": "https://gitea.tlater.net/tlaternet/tlaternet.git" }, diff --git a/flake.nix b/flake.nix index b6db610..4c8a805 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "tlater.net host configuration"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; deploy-rs.url = "github:serokell/deploy-rs"; sops-nix = { @@ -62,6 +62,7 @@ sshUser = "tlater"; sshOpts = ["-p" "2222" "-o" "ForwardAgent=yes"]; + fastConnection = true; }; ######### diff --git a/pkgs/_sources_nextcloud/generated.json b/pkgs/_sources_nextcloud/generated.json index e8bf16d..94d5c9a 100644 --- a/pkgs/_sources_nextcloud/generated.json +++ b/pkgs/_sources_nextcloud/generated.json @@ -7,11 +7,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-aflxesvTOdNjPtHRtSPtImdmh4JmzM4s8iF5+lYYo3c=", + "sha256": "1kdpma5f3rb9g29j364lqv6bkar5qgwlvcxmhpmzllwlkmjpc9w8", "type": "tarball", - "url": "https://github.com/nextcloud/bookmarks/releases/download/v13.0.1/bookmarks-13.0.1.tar.gz" + "url": "https://github.com/nextcloud/bookmarks/releases/download/v12.1.0/bookmarks-12.1.0.tar.gz" }, - "version": "13.0.1" + "version": "12.1.0" }, "calendar": { "cargoLocks": null, @@ -21,11 +21,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-OAsM65aBJUA8toRSr3/UsdSTq/Rgn43s4nOabqoEoAI=", + "sha256": "0xhrpadzz73rdjyk4y1xm5hwc6k104rlpp9nmw08pq8phpfs12qa", "type": "tarball", - "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.4.3/calendar-v4.4.3.tar.gz" + "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.3.3/calendar-v4.3.3.tar.gz" }, - "version": "v4.4.3" + "version": "v4.3.3" }, "contacts": { "cargoLocks": null, @@ -35,11 +35,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-aG2wD4ioDYXwbyzZBpsEzz0PNvuF95V0JdJNw+kbMzk=", + "sha256": "1rdql3m7pg9m044hppyrm3xw329y8h0pzwcmpcinjbjs0vqjssxk", "type": "tarball", - "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.3.2/contacts-v5.3.2.tar.gz" + "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.2.0/contacts-v5.2.0.tar.gz" }, - "version": "v5.3.2" + "version": "v5.2.0" }, "cookbook": { "cargoLocks": null, @@ -49,7 +49,7 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M=", + "sha256": "18rzvdqd99nlkk3p0y9y8b17ihw5c4c9wsx8psq6xadspm97002y", "type": "tarball", "url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz" }, @@ -63,11 +63,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-hhXPEITSbCiFs0o+TOsQnSasXBpjU9mA/OFsbzuaCPw=", + "sha256": "026ggjf6dqbjv8hnj6jj1nnqz0256ck2yg13zhln7zc84lhfzlfd", "type": "tarball", - "url": "https://github.com/nextcloud/news/releases/download/22.0.0/news.tar.gz" + "url": "https://github.com/nextcloud/news/releases/download/21.1.0/news.tar.gz" }, - "version": "22.0.0" + "version": "21.1.0" }, "notes": { "cargoLocks": null, @@ -77,10 +77,10 @@ "passthru": null, "pinned": false, "src": { - "sha256": "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw=", + "sha256": "0klqf8dixrrb8yp8cc60ggnvhmqb3yh9f6y1281jn8ia5jml622v", "type": "tarball", - "url": "https://github.com/nextcloud/notes/releases/download/v4.8.1/notes.tar.gz" + "url": "https://github.com/nextcloud/notes/releases/download/v4.7.2/notes.tar.gz" }, - "version": "v4.8.1" + "version": "v4.7.2" } } \ No newline at end of file diff --git a/pkgs/_sources_nextcloud/generated.nix b/pkgs/_sources_nextcloud/generated.nix index bab2e14..c29f6b5 100644 --- a/pkgs/_sources_nextcloud/generated.nix +++ b/pkgs/_sources_nextcloud/generated.nix @@ -3,26 +3,26 @@ { bookmarks = { pname = "bookmarks"; - version = "13.0.1"; + version = "12.1.0"; src = fetchTarball { - url = "https://github.com/nextcloud/bookmarks/releases/download/v13.0.1/bookmarks-13.0.1.tar.gz"; - sha256 = "sha256-aflxesvTOdNjPtHRtSPtImdmh4JmzM4s8iF5+lYYo3c="; + url = "https://github.com/nextcloud/bookmarks/releases/download/v12.1.0/bookmarks-12.1.0.tar.gz"; + sha256 = "1kdpma5f3rb9g29j364lqv6bkar5qgwlvcxmhpmzllwlkmjpc9w8"; }; }; calendar = { pname = "calendar"; - version = "v4.4.3"; + version = "v4.3.3"; src = fetchTarball { - url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.4.3/calendar-v4.4.3.tar.gz"; - sha256 = "sha256-OAsM65aBJUA8toRSr3/UsdSTq/Rgn43s4nOabqoEoAI="; + url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.3.3/calendar-v4.3.3.tar.gz"; + sha256 = "0xhrpadzz73rdjyk4y1xm5hwc6k104rlpp9nmw08pq8phpfs12qa"; }; }; contacts = { pname = "contacts"; - version = "v5.3.2"; + version = "v5.2.0"; src = fetchTarball { - url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.3.2/contacts-v5.3.2.tar.gz"; - sha256 = "sha256-aG2wD4ioDYXwbyzZBpsEzz0PNvuF95V0JdJNw+kbMzk="; + url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.2.0/contacts-v5.2.0.tar.gz"; + sha256 = "1rdql3m7pg9m044hppyrm3xw329y8h0pzwcmpcinjbjs0vqjssxk"; }; }; cookbook = { @@ -30,23 +30,23 @@ version = "0.10.2"; src = fetchTarball { url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz"; - sha256 = "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M="; + sha256 = "18rzvdqd99nlkk3p0y9y8b17ihw5c4c9wsx8psq6xadspm97002y"; }; }; news = { pname = "news"; - version = "22.0.0"; + version = "21.1.0"; src = fetchTarball { - url = "https://github.com/nextcloud/news/releases/download/22.0.0/news.tar.gz"; - sha256 = "sha256-hhXPEITSbCiFs0o+TOsQnSasXBpjU9mA/OFsbzuaCPw="; + url = "https://github.com/nextcloud/news/releases/download/21.1.0/news.tar.gz"; + sha256 = "026ggjf6dqbjv8hnj6jj1nnqz0256ck2yg13zhln7zc84lhfzlfd"; }; }; notes = { pname = "notes"; - version = "v4.8.1"; + version = "v4.7.2"; src = fetchTarball { - url = "https://github.com/nextcloud/notes/releases/download/v4.8.1/notes.tar.gz"; - sha256 = "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw="; + url = "https://github.com/nextcloud/notes/releases/download/v4.7.2/notes.tar.gz"; + sha256 = "0klqf8dixrrb8yp8cc60ggnvhmqb3yh9f6y1281jn8ia5jml622v"; }; }; } diff --git a/pkgs/nextcloud-apps.toml b/pkgs/nextcloud-apps.toml index 69bccdc..709633d 100644 --- a/pkgs/nextcloud-apps.toml +++ b/pkgs/nextcloud-apps.toml @@ -1,6 +1,8 @@ [bookmarks] -src.github = "nextcloud/bookmarks" +# src.github = "nextcloud/bookmarks" src.prefix = "v" +# TODO(tlater): Remove when we update to nextcloud 26 +src.manual = "v12.1.0" fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" [calendar]