diff --git a/configuration/default.nix b/configuration/default.nix index d090cef..34a7868 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -35,11 +35,11 @@ ''; # Enable remote builds from tlater - settings.trusted-users = ["@wheel"]; + trustedUsers = ["@wheel"]; }; nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steam-run" "steamcmd"]; + builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steamcmd"]; # Optimization for minecraft servers, see: # https://bugs.mojang.com/browse/MC-183518 @@ -63,8 +63,6 @@ 8448 # starbound 21025 - # Minecraft - 25565 config.services.coturn.listening-port config.services.coturn.tls-listening-port @@ -73,9 +71,6 @@ ]; allowedUDPPorts = [ - # More minecraft - 25565 - config.services.coturn.listening-port config.services.coturn.tls-listening-port config.services.coturn.alt-listening-port diff --git a/configuration/hardware-specific/linode/hardware-configuration.nix b/configuration/hardware-specific/linode/hardware-configuration.nix index c1776d5..2a33a67 100644 --- a/configuration/hardware-specific/linode/hardware-configuration.nix +++ b/configuration/hardware-specific/linode/hardware-configuration.nix @@ -8,7 +8,7 @@ [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "virtio_pci" "ahci" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; @@ -27,13 +27,5 @@ [ { device = "/dev/disk/by-uuid/45c8ad29-3861-4e68-a566-47e6d9269dca"; } ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eth0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nix.maxJobs = lib.mkDefault 2; } diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix index 1d3308a..f346097 100644 --- a/configuration/services/gitea.nix +++ b/configuration/services/gitea.nix @@ -8,15 +8,12 @@ in { httpAddress = "127.0.0.1"; database.type = "postgres"; + ssh.clonePort = 2222; rootUrl = "https://${domain}/"; + cookieSecure = true; appName = "Gitea: Git with a cup of tea"; - - settings = { - server.SSH_PORT = 2222; - service.DISABLE_REGISTRATION = true; - session.COOKIE_SECURE = true; - }; + disableRegistration = true; }; # Set up SSL diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix index c25cfb2..fddddde 100644 --- a/configuration/services/nextcloud.nix +++ b/configuration/services/nextcloud.nix @@ -3,14 +3,14 @@ config, ... }: let - nextcloud = pkgs.nextcloud25; + inherit (pkgs) fetchNextcloudApp; + nextcloud = pkgs.nextcloud24; hostName = "nextcloud.${config.services.nginx.domain}"; in { services.nextcloud = { inherit hostName; package = nextcloud; - enableBrokenCiphersForSSE = false; enable = true; maxUploadSize = "2G"; https = true; @@ -28,6 +28,12 @@ in { }; extraApps = { + # TODO(tlater): Seems like this won't work anymore from + # Nextcloud 25 onwards. + # + # Adopt whatever upstream does with this: + # https://github.com/nextcloud/server/issues/4917 + inherit (pkgs.local) apporder; inherit (pkgs.local) bookmarks calendar contacts cookbook news notes; }; diff --git a/flake.lock b/flake.lock index e156a33..8507c27 100644 --- a/flake.lock +++ b/flake.lock @@ -24,31 +24,14 @@ "type": "github" } }, - "all-cabal-json": { - "flake": false, - "locked": { - "lastModified": 1665552503, - "narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=", - "owner": "nix-community", - "repo": "all-cabal-json", - "rev": "d7c0434eebffb305071404edcf9d5cd99703878e", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "hackage", - "repo": "all-cabal-json", - "type": "github" - } - }, "crane": { "flake": false, "locked": { - "lastModified": 1670900067, - "narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=", + "lastModified": 1661875961, + "narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=", "owner": "ipetkov", "repo": "crane", - "rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b", + "rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24", "type": "github" }, "original": { @@ -64,11 +47,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1672327199, - "narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=", + "lastModified": 1659725433, + "narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=", "owner": "serokell", "repo": "deploy-rs", - "rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8", + "rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb", "type": "github" }, "original": { @@ -80,11 +63,11 @@ "devshell": { "flake": false, "locked": { - "lastModified": 1663445644, - "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", + "lastModified": 1653917170, + "narHash": "sha256-FyxOnEE/V4PNEcMU62ikY4FfYPo349MOhMM97HS0XEo=", "owner": "numtide", "repo": "devshell", - "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", + "rev": "fc7a3e3adde9bbcab68af6d1e3c6eb738e296a92", "type": "github" }, "original": { @@ -96,25 +79,21 @@ "dream2nix": { "inputs": { "alejandra": "alejandra", - "all-cabal-json": "all-cabal-json", "crane": "crane", "devshell": "devshell", - "flake-parts": "flake-parts", "flake-utils-pre-commit": "flake-utils-pre-commit", - "ghc-utils": "ghc-utils", "gomod2nix": "gomod2nix", "mach-nix": "mach-nix", - "nix-pypi-fetcher": "nix-pypi-fetcher", "nixpkgs": "nixpkgs_3", "poetry2nix": "poetry2nix", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1672661134, - "narHash": "sha256-WqBUyKeiv+jI11ug+qP0OnZ4nngK6eBRVTGHgdzEGvc=", + "lastModified": 1663323895, + "narHash": "sha256-ZmI9C8HNVz2w3OnB79WR/LIgVEY8tDnR8tEPi3hMiJk=", "owner": "nix-community", "repo": "dream2nix", - "rev": "9f6911c78dcb0832f7fcc955e847db1a5a9ce29a", + "rev": "25be741ec92c77b8308ca6a7ab89593fe37b6542", "type": "github" }, "original": { @@ -156,11 +135,11 @@ "rust-analyzer-src": "rust-analyzer-src_2" }, "locked": { - "lastModified": 1672813381, - "narHash": "sha256-PKt6orRiFO19KFKnOhzK26hbFLtimlRNE2dGwrTEhII=", + "lastModified": 1663396212, + "narHash": "sha256-dlK10QPTDYNpJ/vl2QPKOTrqEbQwAR/v2f4+xsetTkw=", "owner": "nix-community", "repo": "fenix", - "rev": "eb6583fcd626051c4d284f2fb51cd2659a43e7f6", + "rev": "263cd7f991c07a9592a6e825bfc37b23b00eb244", "type": "github" }, "original": { @@ -172,11 +151,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "lastModified": 1648199409, + "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", "owner": "edolstra", "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", "type": "github" }, "original": { @@ -188,11 +167,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", "owner": "edolstra", "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", "type": "github" }, "original": { @@ -201,31 +180,13 @@ "type": "github" } }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1668450977, - "narHash": "sha256-cfLhMhnvXn6x1vPm+Jow3RiFAUSCw/l1utktCw5rVA4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "d591857e9d7dd9ddbfba0ea02b43b927c3c0f1fa", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flake-utils": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1667077288, + "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", "type": "github" }, "original": { @@ -265,22 +226,6 @@ "type": "github" } }, - "ghc-utils": { - "flake": false, - "locked": { - "lastModified": 1662774800, - "narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=", - "ref": "refs/heads/master", - "rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea", - "revCount": 1072, - "type": "git", - "url": "https://gitlab.haskell.org/bgamari/ghc-utils" - }, - "original": { - "type": "git", - "url": "https://gitlab.haskell.org/bgamari/ghc-utils" - } - }, "gomod2nix": { "flake": false, "locked": { @@ -312,29 +257,13 @@ "type": "indirect" } }, - "nix-pypi-fetcher": { - "flake": false, - "locked": { - "lastModified": 1669065297, - "narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=", - "owner": "DavHau", - "repo": "nix-pypi-fetcher", - "rev": "a9885ac6a091576b5195d547ac743d45a2a615ac", - "type": "github" - }, - "original": { - "owner": "DavHau", - "repo": "nix-pypi-fetcher", - "type": "github" - } - }, "nixpkgs": { "locked": { - "lastModified": 1671417167, - "narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=", + "lastModified": 1648219316, + "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7", + "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", "type": "github" }, "original": { @@ -344,63 +273,61 @@ "type": "github" } }, - "nixpkgs-lib": { + "nixpkgs-22_05": { "locked": { - "dir": "lib", - "lastModified": 1665349835, - "narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=", + "lastModified": 1667091951, + "narHash": "sha256-62sz0fn06Nq8OaeBYrYSR3Y6hUcp8/PC4dJ7HeGaOhU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1", + "rev": "6440d13df2327d2db13d3b17e419784020b71d22", "type": "github" }, "original": { - "dir": "lib", "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "release-22.05", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-stable": { + "nixpkgs-unstable": { "locked": { - "lastModified": 1673100377, - "narHash": "sha256-mT76pTd0YFxT6CwtPhDgHJhuIgLY+ZLSMiQpBufwMG4=", + "lastModified": 1667610399, + "narHash": "sha256-XZd0f4ZWAY0QOoUSdiNWj/eFiKb4B9CJPtl9uO9SYY4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9f11a2df77cb945c115ae2a65f53f38121597d73", + "rev": "1dd8696f96db47156e1424a49578fe7dd4ce99a4", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-22.11", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1673345971, - "narHash": "sha256-4DfFcKLRfVUTyuGrGNNmw37IeIZSoku9tgTVmu/iD98=", + "lastModified": 1667564121, + "narHash": "sha256-DlR65WyEW78cBmnOhxDzfvNQ9euJEGctSl77olqEaLg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "54644f409ab471e87014bb305eac8c50190bcf48", + "rev": "1404483f4531560aad73bdebae4096881c910ac0", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.11", + "ref": "nixos-22.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1665580254, - "narHash": "sha256-hO61XPkp1Hphl4HGNzj1VvDH5URt7LI6LaY/385Eul4=", + "lastModified": 1657638268, + "narHash": "sha256-blBNtQSslAFkg0Gym9fWNJk+bPxGSZib4SOcPrmTPi4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f634d427b0224a5f531ea5aa10c3960ba6ec5f0f", + "rev": "d80993b5f885515254746ba6d1917276ee386149", "type": "github" }, "original": { @@ -418,11 +345,11 @@ ] }, "locked": { - "lastModified": 1672979485, - "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", + "lastModified": 1667620329, + "narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", "owner": "berberman", "repo": "nvfetcher", - "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", + "rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", "type": "github" }, "original": { @@ -434,16 +361,16 @@ "poetry2nix": { "flake": false, "locked": { - "lastModified": 1666918719, - "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=", + "lastModified": 1632969109, + "narHash": "sha256-jPDclkkiAy5m2gGLBlKgH+lQtbF7tL4XxBrbSzw+Ioc=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "289efb187123656a116b915206e66852f038720e", + "rev": "aee8f04296c39d88155e05d25cfc59dfdd41cc77", "type": "github" }, "original": { "owner": "nix-community", - "ref": "1.36.0", + "ref": "1.21.0", "repo": "poetry2nix", "type": "github" } @@ -479,6 +406,7 @@ "inputs": { "deploy-rs": "deploy-rs", "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable", "nvfetcher": "nvfetcher", "sops-nix": "sops-nix", "tlaternet-webserver": "tlaternet-webserver" @@ -504,11 +432,11 @@ "rust-analyzer-src_2": { "flake": false, "locked": { - "lastModified": 1672757238, - "narHash": "sha256-BK1njXsjprMT0f+1aQYmZ/ueN9D3Y3wrz9gw4UvieRQ=", + "lastModified": 1662896065, + "narHash": "sha256-1LkSsXzI1JTAmP/GMTz4fTJd8y/tw8R79l96q+h7mu8=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "a97c71f92d574cb5104e3e1246eb9038d1a214a2", + "rev": "2e9f1204ca01c3e20898d4a67c8b84899d394a88", "type": "github" }, "original": { @@ -523,14 +451,14 @@ "nixpkgs": [ "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable" + "nixpkgs-22_05": "nixpkgs-22_05" }, "locked": { - "lastModified": 1673147300, - "narHash": "sha256-gR9OEfTzWfL6vG0qkbn1TlBAOlg4LuW8xK/u0V41Ihc=", + "lastModified": 1667427533, + "narHash": "sha256-MsgTnQEi1g7f8anlW5klHW2pJgam4CLbJaYyBw2ed58=", "owner": "Mic92", "repo": "sops-nix", - "rev": "2253120d2a6147e57bafb5c689e086221df8032f", + "rev": "486b4455da16272c1ed31bc82adcdbe7af829465", "type": "github" }, "original": { @@ -548,11 +476,11 @@ ] }, "locked": { - "lastModified": 1672884793, - "narHash": "sha256-biUbdKq8OaRQm25poaRJalrRq+M+/TrNr7J6rI65lNI=", - "ref": "refs/heads/master", - "rev": "b2894e4fefbdc1c9964ab47c931497a417562d8a", - "revCount": 53, + "lastModified": 1665746303, + "narHash": "sha256-lDVy7aBsAaO5TyeoZS4wL6qcBNuU1bQCcHPJxiEKtao=", + "ref": "master", + "rev": "5d037f9122e68aaa5db62d04810bf0c5e1e4325e", + "revCount": 49, "type": "git", "url": "https://gitea.tlater.net/tlaternet/tlaternet.git" }, @@ -563,11 +491,11 @@ }, "utils": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1648297722, + "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 2aa6c0b..04aa990 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,8 @@ description = "tlater.net host configuration"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; deploy-rs.url = "github:serokell/deploy-rs"; sops-nix = { url = "github:Mic92/sops-nix"; @@ -21,6 +22,7 @@ outputs = { self, nixpkgs, + nixpkgs-unstable, sops-nix, nvfetcher, deploy-rs, @@ -64,7 +66,7 @@ # Helper functions # #################### lib = import ./lib { - inherit nixpkgs sops-nix tlaternet-webserver; + inherit nixpkgs nixpkgs-unstable sops-nix tlaternet-webserver; lib = nixpkgs.lib; }; @@ -73,14 +75,15 @@ ################### packages.${system} = let inherit (nixpkgs.legacyPackages.${system}) writeShellScript; - vm = self.lib.makeNixosSystem { - inherit system; - extraModules = [(import ./configuration/hardware-specific/vm.nix)]; - }; in { - default = vm.config.system.build.vm; + default = self.packages.${system}.run-vm; run-vm = let + vm = self.lib.makeNixosSystem { + inherit system; + extraModules = [(import ./configuration/hardware-specific/vm.nix)]; + }; + qemuNetOpts = self.lib.makeQemuNetOpts { "2222" = "2222"; "3080" = "80"; @@ -96,7 +99,7 @@ ''; update-nextcloud-apps = let - nvfetcher-bin = "${nvfetcher.packages.${system}.default}/bin/nvfetcher"; + nvfetcher-bin = "${nvfetcher.defaultPackage.${system}}/bin/nvfetcher"; in writeShellScript "update-nextcloud-apps" '' cd "$(git rev-parse --show-toplevel)/pkgs" @@ -104,7 +107,9 @@ ''; }; - apps.${system} = { + apps.${system} = let + inherit (nixpkgs.legacyPackages.${system}) writeShellScript; + in { default = { type = "app"; program = builtins.toString self.packages.${system}.run-vm; diff --git a/keys/staging.yaml b/keys/staging.yaml index 069a405..9adfde8 100644 --- a/keys/staging.yaml +++ b/keys/staging.yaml @@ -5,17 +5,14 @@ steam: turn: env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str] secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str] - ssl-key: ENC[AES256_GCM,data:RYfwHjBvwFXgXxXIEuWUzaycTdrCvmPivsNvvUIwDRynS5G2Dl6RCVp1w9zuLvoNun5ncUPGGuLMmVqN2wkJlw==,iv:UKI3bVTY7iTDNvp5UqrZ3QlQkMZ5p2bjgODEc6DCBfQ=,tag:sz7VTyRWyZxAsP4nE48DnA==,type:str] - #ENC[AES256_GCM,data:bxhKzU5Tzezl749CDu8e8kxa7ahGuZFaPa9K3kxuD+4sg5Hi3apgDlC0n8oK0DeiK4Ks7+9Cyw==,iv:T/zVJUpNAv1rR0a9+6SDTG08ws2A1hFBs5Ia3TpT0uk=,tag:uGXb1VryM+lIJ8r0I5durA==,type:comment] - ssl-cert: ENC[AES256_GCM,data:xHUr14CjKslgbGh/n5jYSOuCw9JRxS6YXE4fxS+aJzFcNeSeGNqoipPeuJupZGBnQP/FCqohiHY=,iv:/OEsVqRshGL9NIvntMC42EPZSNL0u6EfhtUBqgV7qog=,tag:4pxtNjuvy/ibm6nDtKdSkw==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-01-11T01:49:31Z" - mac: ENC[AES256_GCM,data:5IcHdNQ/mh6Jz60dlpgqbBtVGKYml4EOs7YXsBcejgAoPzZqEK+xb3f9+rq2G6sCcMXzROHJsdQUfp1wMgfp8DwVm4H+XO+SQh/E1kFuWO8G/IpXOT4P9RQC+wHxrVuxHd8pwl9CLv6uuMnO+FNg9TeWB2GAVxIBsY8JHwGN/BA=,iv:/Yqfij58LGNooyyhmr8aWCpknd4dN+b4iSvokVoDGls=,tag:XHm8Qcg75B1+pTOcgZubIQ==,type:str] + lastmodified: "2022-10-28T22:54:01Z" + mac: ENC[AES256_GCM,data:1nsv+Dl7lzRZNNb9kSuqFrXrcncIklw/A2uwd/yQQ546Rm/4gzpBZqCi6cv5VBCdc1iNuBcAM74DnZHMDmeWAiW0WfACPJMQjCes21P6IUsP2gu+bV2f9qqqnP2a5voxzFHp1aclklzMiiZJBEB1Y3UNz0ZG7A43hsOAE0/fJ9o=,iv:kY10PF5ErkKHXx8m0OyX2eU6kcFQsrsP3V2scVBMsuA=,tag:Uth0XfP2c0LBJQ7+7Uc0BQ==,type:str] pgp: - created_at: "2022-10-12T16:48:23Z" enc: | diff --git a/lib/default.nix b/lib/default.nix index 5f6b68f..5cd7382 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,6 +1,7 @@ { lib, nixpkgs, + nixpkgs-unstable, sops-nix, tlaternet-webserver, }: let @@ -24,6 +25,15 @@ in { sops-nix.nixosModules.sops tlaternet-webserver.nixosModules.default (import ../configuration) + { + nixpkgs.overlays = [ + (self: super: { + matrix-conduit = nixpkgs-unstable.legacyPackages.${system}.matrix-conduit.override { + inherit (self) stdenv lib fetchFromGitLab rustPlatform pkg-config rocksdb; + }; + }) + ]; + } ] ++ extraModules; }; diff --git a/pkgs/_sources_nextcloud/generated.json b/pkgs/_sources_nextcloud/generated.json index 7752f5e..c4a4b55 100644 --- a/pkgs/_sources_nextcloud/generated.json +++ b/pkgs/_sources_nextcloud/generated.json @@ -7,8 +7,9 @@ "passthru": null, "pinned": false, "src": { - "sha256": "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96", - "type": "tarball", + "name": null, + "sha256": "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE=", + "type": "url", "url": "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz" }, "version": "v0.15.0" @@ -21,11 +22,12 @@ "passthru": null, "pinned": false, "src": { - "sha256": "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx", - "type": "tarball", - "url": "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz" + "name": null, + "sha256": "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM=", + "type": "url", + "url": "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz" }, - "version": "12.0.0" + "version": "11.0.4" }, "calendar": { "cargoLocks": null, @@ -35,11 +37,12 @@ "passthru": null, "pinned": false, "src": { - "sha256": "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an", - "type": "tarball", - "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz" + "name": null, + "sha256": "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0=", + "type": "url", + "url": "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz" }, - "version": "v4.2.0" + "version": "v3.5.0" }, "contacts": { "cargoLocks": null, @@ -49,11 +52,12 @@ "passthru": null, "pinned": false, "src": { - "sha256": "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8", - "type": "tarball", - "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz" + "name": null, + "sha256": "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A=", + "type": "url", + "url": "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz" }, - "version": "v5.0.2" + "version": "v4.2.2" }, "cookbook": { "cargoLocks": null, @@ -63,11 +67,12 @@ "passthru": null, "pinned": false, "src": { - "sha256": "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg", - "type": "tarball", - "url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz" + "name": null, + "sha256": "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I=", + "type": "url", + "url": "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz" }, - "version": "0.10.1" + "version": "0.9.17" }, "news": { "cargoLocks": null, @@ -77,11 +82,12 @@ "passthru": null, "pinned": false, "src": { - "sha256": "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7", - "type": "tarball", - "url": "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz" + "name": null, + "sha256": "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY=", + "type": "url", + "url": "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz" }, - "version": "20.0.0" + "version": "19.0.0" }, "notes": { "cargoLocks": null, @@ -91,10 +97,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl", - "type": "tarball", - "url": "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz" + "name": null, + "sha256": "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk=", + "type": "url", + "url": "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz" }, - "version": "v4.6.0" + "version": "v4.5.1" } } \ No newline at end of file diff --git a/pkgs/_sources_nextcloud/generated.nix b/pkgs/_sources_nextcloud/generated.nix index f3a0521..324306d 100644 --- a/pkgs/_sources_nextcloud/generated.nix +++ b/pkgs/_sources_nextcloud/generated.nix @@ -4,57 +4,57 @@ apporder = { pname = "apporder"; version = "v0.15.0"; - src = fetchTarball { + src = fetchurl { url = "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz"; - sha256 = "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96"; + sha256 = "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE="; }; }; bookmarks = { pname = "bookmarks"; - version = "12.0.0"; - src = fetchTarball { - url = "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz"; - sha256 = "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx"; + version = "11.0.4"; + src = fetchurl { + url = "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz"; + sha256 = "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM="; }; }; calendar = { pname = "calendar"; - version = "v4.2.0"; - src = fetchTarball { - url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz"; - sha256 = "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an"; + version = "v3.5.0"; + src = fetchurl { + url = "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz"; + sha256 = "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0="; }; }; contacts = { pname = "contacts"; - version = "v5.0.2"; - src = fetchTarball { - url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz"; - sha256 = "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8"; + version = "v4.2.2"; + src = fetchurl { + url = "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz"; + sha256 = "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A="; }; }; cookbook = { pname = "cookbook"; - version = "0.10.1"; - src = fetchTarball { - url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz"; - sha256 = "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg"; + version = "0.9.17"; + src = fetchurl { + url = "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz"; + sha256 = "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I="; }; }; news = { pname = "news"; - version = "20.0.0"; - src = fetchTarball { - url = "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz"; - sha256 = "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7"; + version = "19.0.0"; + src = fetchurl { + url = "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz"; + sha256 = "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY="; }; }; notes = { pname = "notes"; - version = "v4.6.0"; - src = fetchTarball { - url = "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz"; - sha256 = "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl"; + version = "v4.5.1"; + src = fetchurl { + url = "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz"; + sha256 = "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk="; }; }; } diff --git a/pkgs/default.nix b/pkgs/default.nix index 3818a26..545984a 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,7 +2,7 @@ pkgs, lib, }: let - inherit (builtins) fromJSON mapAttrs readFile; + inherit (builtins) listToAttrs mapAttrs; inherit (pkgs) callPackage; in { @@ -12,7 +12,7 @@ in # Add nextcloud apps let mkNextcloudApp = pkgs.callPackage ./mkNextcloudApp.nix {}; - sources = fromJSON (readFile ./_sources_nextcloud/generated.json); + sources = pkgs.callPackage ./_sources_nextcloud/generated.nix {}; in mapAttrs (_: source: mkNextcloudApp source) sources ) diff --git a/pkgs/mkNextcloudApp.nix b/pkgs/mkNextcloudApp.nix index 6430ac1..3c78a94 100644 --- a/pkgs/mkNextcloudApp.nix +++ b/pkgs/mkNextcloudApp.nix @@ -1,8 +1,13 @@ { fetchNextcloudApp, lib, -}: source: -fetchNextcloudApp { - url = source.src.url; - sha256 = source.src.sha256; -} +}: let + inherit (lib) removePrefix; +in + source: + fetchNextcloudApp { + name = source.pname; + version = removePrefix "v" source.version; + url = source.src.url; + sha256 = source.src.outputHash; + } diff --git a/pkgs/nextcloud-apps.toml b/pkgs/nextcloud-apps.toml index 69bccdc..6e06432 100644 --- a/pkgs/nextcloud-apps.toml +++ b/pkgs/nextcloud-apps.toml @@ -1,26 +1,35 @@ +[apporder] +src.github = "juliushaertl/apporder" +fetch.url = "https://github.com/juliushaertl/apporder/releases/download/$ver/apporder.tar.gz" + [bookmarks] src.github = "nextcloud/bookmarks" src.prefix = "v" -fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" +fetch.url = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" [calendar] -src.github = "nextcloud-releases/calendar" -fetch.tarball = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz" +src.manual = "v3.5.0" # Pinned until we update to nextcloud 25 +# src.github = "nextcloud-releases/calendar" +fetch.url = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz" [contacts] -src.github = "nextcloud-releases/contacts" -fetch.tarball = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz" +src.manual = "v4.2.2" # Pinned until we update to nextcloud 25 +# src.github = "nextcloud-releases/contacts" +fetch.url = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz" [cookbook] src.github_tag = "nextcloud/cookbook" src.prefix = "v" src.exclude_regex = 'v\d+\.\d+\.\d+-rc\d+' -fetch.tarball = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz" +fetch.url = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz" [news] src.github = "nextcloud/news" -fetch.tarball = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz" +# Sadly, the news app vendors things, and those are only included in +# their tarball. +fetch.url = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz" [notes] -src.github = "nextcloud/notes" -fetch.tarball = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz" +src.manual = "v4.5.1" # Pinned until we update to nextcloud 25 +# src.github = "nextcloud/notes" +fetch.url = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz"