Compare commits
2 commits
cf77666322
...
aef71f548a
Author | SHA1 | Date | |
---|---|---|---|
Tristan Daniël Maat | aef71f548a | ||
Tristan Daniël Maat | 501c3466bc |
|
@ -132,7 +132,10 @@
|
||||||
sudo.execWheelOnly = true;
|
sudo.execWheelOnly = true;
|
||||||
|
|
||||||
pam = {
|
pam = {
|
||||||
enableSSHAgentAuth = true;
|
sshAgentAuth = {
|
||||||
|
enable = true;
|
||||||
|
authorizedKeysFiles = ["/etc/ssh/authorized_keys.d/%u"];
|
||||||
|
};
|
||||||
services.sudo.sshAgentAuth = true;
|
services.sudo.sshAgentAuth = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -3,6 +3,9 @@
|
||||||
config,
|
config,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
|
# Update pending on rewrite of nextcloud news, though there is an
|
||||||
|
# alpha to switch to if it becomes necessary:
|
||||||
|
# https://github.com/nextcloud/news/issues/2610
|
||||||
nextcloud = pkgs.nextcloud27;
|
nextcloud = pkgs.nextcloud27;
|
||||||
hostName = "nextcloud.${config.services.nginx.domain}";
|
hostName = "nextcloud.${config.services.nginx.domain}";
|
||||||
in {
|
in {
|
||||||
|
@ -17,15 +20,16 @@ in {
|
||||||
configureRedis = true;
|
configureRedis = true;
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
overwriteProtocol = "https";
|
|
||||||
|
|
||||||
dbtype = "pgsql";
|
dbtype = "pgsql";
|
||||||
dbhost = "/run/postgresql";
|
dbhost = "/run/postgresql";
|
||||||
|
|
||||||
adminuser = "tlater";
|
adminuser = "tlater";
|
||||||
adminpassFile = config.sops.secrets."nextcloud/tlater".path;
|
adminpassFile = config.sops.secrets."nextcloud/tlater".path;
|
||||||
|
};
|
||||||
|
|
||||||
defaultPhoneRegion = "AT";
|
settings = {
|
||||||
|
default_phone_region = "AT";
|
||||||
|
overwriteprotocol = "https";
|
||||||
};
|
};
|
||||||
|
|
||||||
phpOptions = {
|
phpOptions = {
|
||||||
|
@ -37,8 +41,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.redis.vmOverCommit = true;
|
|
||||||
|
|
||||||
# Ensure that this service doesn't start before postgres is ready
|
# Ensure that this service doesn't start before postgres is ready
|
||||||
systemd.services.nextcloud-setup.after = ["postgresql.service"];
|
systemd.services.nextcloud-setup.after = ["postgresql.service"];
|
||||||
|
|
||||||
|
|
|
@ -242,16 +242,16 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1714272655,
|
"lastModified": 1718208800,
|
||||||
"narHash": "sha256-3/ghIWCve93ngkx5eNPdHIKJP/pMzSr5Wc4rNKE1wOc=",
|
"narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "12430e43bd9b81a6b4e79e64f87c624ade701eaf",
|
"rev": "cc54fb41d13736e92229c21627ea4f22199fee6b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"ref": "nixos-23.11",
|
"ref": "nixos-24.05",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
description = "tlater.net host configuration";
|
description = "tlater.net host configuration";
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
disko = {
|
disko = {
|
||||||
url = "github:nix-community/disko";
|
url = "github:nix-community/disko";
|
||||||
|
|
Loading…
Reference in a new issue