From 19576ffb1e91d37ea8a3e79ddcbd88215ae7dd90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:58:00 +0000 Subject: [PATCH 1/9] matrix-conduit: Stop using the version from unstable --- flake.lock | 17 ----------------- flake.nix | 4 +--- lib/default.nix | 10 ---------- 3 files changed, 1 insertion(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 8507c27..8d59020 100644 --- a/flake.lock +++ b/flake.lock @@ -289,22 +289,6 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1667610399, - "narHash": "sha256-XZd0f4ZWAY0QOoUSdiNWj/eFiKb4B9CJPtl9uO9SYY4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1dd8696f96db47156e1424a49578fe7dd4ce99a4", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { "lastModified": 1667564121, @@ -406,7 +390,6 @@ "inputs": { "deploy-rs": "deploy-rs", "nixpkgs": "nixpkgs_2", - "nixpkgs-unstable": "nixpkgs-unstable", "nvfetcher": "nvfetcher", "sops-nix": "sops-nix", "tlaternet-webserver": "tlaternet-webserver" diff --git a/flake.nix b/flake.nix index 04aa990..7a5daf9 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,6 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05"; - nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; deploy-rs.url = "github:serokell/deploy-rs"; sops-nix = { url = "github:Mic92/sops-nix"; @@ -22,7 +21,6 @@ outputs = { self, nixpkgs, - nixpkgs-unstable, sops-nix, nvfetcher, deploy-rs, @@ -66,7 +64,7 @@ # Helper functions # #################### lib = import ./lib { - inherit nixpkgs nixpkgs-unstable sops-nix tlaternet-webserver; + inherit nixpkgs sops-nix tlaternet-webserver; lib = nixpkgs.lib; }; diff --git a/lib/default.nix b/lib/default.nix index 5cd7382..5f6b68f 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,7 +1,6 @@ { lib, nixpkgs, - nixpkgs-unstable, sops-nix, tlaternet-webserver, }: let @@ -25,15 +24,6 @@ in { sops-nix.nixosModules.sops tlaternet-webserver.nixosModules.default (import ../configuration) - { - nixpkgs.overlays = [ - (self: super: { - matrix-conduit = nixpkgs-unstable.legacyPackages.${system}.matrix-conduit.override { - inherit (self) stdenv lib fetchFromGitLab rustPlatform pkg-config rocksdb; - }; - }) - ]; - } ] ++ extraModules; }; -- 2.50.1 From 411e075ef152e7d319800ccd81020641957e6c53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:11:01 +0000 Subject: [PATCH 2/9] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:nixos/nixpkgs/a9eedea7232f5d00f0aca7267efb69a54da1b8a1' (2023-01-03) → 'github:nixos/nixpkgs/54644f409ab471e87014bb305eac8c50190bcf48' (2023-01-10) • Updated input 'nvfetcher': 'github:berberman/nvfetcher/294826951113dcd3aa9abbcacfb1aa5b95a19116' (2022-11-05) → 'github:berberman/nvfetcher/0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9' (2023-01-06) • Updated input 'nvfetcher/flake-compat': 'github:edolstra/flake-compat/b4a34015c698c7793d592d66adbab377907a2be8' (2022-04-19) → 'github:edolstra/flake-compat/009399224d5e398d03b22badca40a37ac85412a1' (2022-11-17) • Updated input 'nvfetcher/flake-utils': 'github:numtide/flake-utils/6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817' (2022-10-29) → 'github:numtide/flake-utils/5aed5285a952e0b949eb3ba02c12fa4fcfef535f' (2022-11-02) • Updated input 'sops-nix': 'github:Mic92/sops-nix/b35586cc5abacd4eba9ead138b53e2a60920f781' (2023-01-01) → 'github:Mic92/sops-nix/2253120d2a6147e57bafb5c689e086221df8032f' (2023-01-08) • Updated input 'sops-nix/nixpkgs-stable': 'github:NixOS/nixpkgs/feda52be1d59f13b9aa02f064b4f14784b9a06c8' (2022-12-31) → 'github:NixOS/nixpkgs/9f11a2df77cb945c115ae2a65f53f38121597d73' (2023-01-07) --- flake.lock | 211 +++++++++++++++++++++++++++++++++++++---------------- flake.nix | 4 +- 2 files changed, 152 insertions(+), 63 deletions(-) diff --git a/flake.lock b/flake.lock index 8d59020..e156a33 100644 --- a/flake.lock +++ b/flake.lock @@ -24,14 +24,31 @@ "type": "github" } }, + "all-cabal-json": { + "flake": false, + "locked": { + "lastModified": 1665552503, + "narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=", + "owner": "nix-community", + "repo": "all-cabal-json", + "rev": "d7c0434eebffb305071404edcf9d5cd99703878e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "hackage", + "repo": "all-cabal-json", + "type": "github" + } + }, "crane": { "flake": false, "locked": { - "lastModified": 1661875961, - "narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=", + "lastModified": 1670900067, + "narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=", "owner": "ipetkov", "repo": "crane", - "rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24", + "rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b", "type": "github" }, "original": { @@ -47,11 +64,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1659725433, - "narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=", + "lastModified": 1672327199, + "narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=", "owner": "serokell", "repo": "deploy-rs", - "rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb", + "rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8", "type": "github" }, "original": { @@ -63,11 +80,11 @@ "devshell": { "flake": false, "locked": { - "lastModified": 1653917170, - "narHash": "sha256-FyxOnEE/V4PNEcMU62ikY4FfYPo349MOhMM97HS0XEo=", + "lastModified": 1663445644, + "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=", "owner": "numtide", "repo": "devshell", - "rev": "fc7a3e3adde9bbcab68af6d1e3c6eb738e296a92", + "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66", "type": "github" }, "original": { @@ -79,21 +96,25 @@ "dream2nix": { "inputs": { "alejandra": "alejandra", + "all-cabal-json": "all-cabal-json", "crane": "crane", "devshell": "devshell", + "flake-parts": "flake-parts", "flake-utils-pre-commit": "flake-utils-pre-commit", + "ghc-utils": "ghc-utils", "gomod2nix": "gomod2nix", "mach-nix": "mach-nix", + "nix-pypi-fetcher": "nix-pypi-fetcher", "nixpkgs": "nixpkgs_3", "poetry2nix": "poetry2nix", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1663323895, - "narHash": "sha256-ZmI9C8HNVz2w3OnB79WR/LIgVEY8tDnR8tEPi3hMiJk=", + "lastModified": 1672661134, + "narHash": "sha256-WqBUyKeiv+jI11ug+qP0OnZ4nngK6eBRVTGHgdzEGvc=", "owner": "nix-community", "repo": "dream2nix", - "rev": "25be741ec92c77b8308ca6a7ab89593fe37b6542", + "rev": "9f6911c78dcb0832f7fcc955e847db1a5a9ce29a", "type": "github" }, "original": { @@ -135,11 +156,11 @@ "rust-analyzer-src": "rust-analyzer-src_2" }, "locked": { - "lastModified": 1663396212, - "narHash": "sha256-dlK10QPTDYNpJ/vl2QPKOTrqEbQwAR/v2f4+xsetTkw=", + "lastModified": 1672813381, + "narHash": "sha256-PKt6orRiFO19KFKnOhzK26hbFLtimlRNE2dGwrTEhII=", "owner": "nix-community", "repo": "fenix", - "rev": "263cd7f991c07a9592a6e825bfc37b23b00eb244", + "rev": "eb6583fcd626051c4d284f2fb51cd2659a43e7f6", "type": "github" }, "original": { @@ -151,11 +172,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1648199409, - "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -167,11 +188,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -180,13 +201,31 @@ "type": "github" } }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1668450977, + "narHash": "sha256-cfLhMhnvXn6x1vPm+Jow3RiFAUSCw/l1utktCw5rVA4=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "d591857e9d7dd9ddbfba0ea02b43b927c3c0f1fa", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "locked": { - "lastModified": 1667077288, - "narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { @@ -226,6 +265,22 @@ "type": "github" } }, + "ghc-utils": { + "flake": false, + "locked": { + "lastModified": 1662774800, + "narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=", + "ref": "refs/heads/master", + "rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea", + "revCount": 1072, + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + }, + "original": { + "type": "git", + "url": "https://gitlab.haskell.org/bgamari/ghc-utils" + } + }, "gomod2nix": { "flake": false, "locked": { @@ -257,13 +312,29 @@ "type": "indirect" } }, + "nix-pypi-fetcher": { + "flake": false, + "locked": { + "lastModified": 1669065297, + "narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=", + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "rev": "a9885ac6a091576b5195d547ac743d45a2a615ac", + "type": "github" + }, + "original": { + "owner": "DavHau", + "repo": "nix-pypi-fetcher", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1648219316, - "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", + "lastModified": 1671417167, + "narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", + "rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7", "type": "github" }, "original": { @@ -273,45 +344,63 @@ "type": "github" } }, - "nixpkgs-22_05": { + "nixpkgs-lib": { "locked": { - "lastModified": 1667091951, - "narHash": "sha256-62sz0fn06Nq8OaeBYrYSR3Y6hUcp8/PC4dJ7HeGaOhU=", + "dir": "lib", + "lastModified": 1665349835, + "narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6440d13df2327d2db13d3b17e419784020b71d22", + "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1673100377, + "narHash": "sha256-mT76pTd0YFxT6CwtPhDgHJhuIgLY+ZLSMiQpBufwMG4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9f11a2df77cb945c115ae2a65f53f38121597d73", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-22.05", + "ref": "release-22.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1667564121, - "narHash": "sha256-DlR65WyEW78cBmnOhxDzfvNQ9euJEGctSl77olqEaLg=", + "lastModified": 1673345971, + "narHash": "sha256-4DfFcKLRfVUTyuGrGNNmw37IeIZSoku9tgTVmu/iD98=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1404483f4531560aad73bdebae4096881c910ac0", + "rev": "54644f409ab471e87014bb305eac8c50190bcf48", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.05", + "ref": "nixos-22.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1657638268, - "narHash": "sha256-blBNtQSslAFkg0Gym9fWNJk+bPxGSZib4SOcPrmTPi4=", + "lastModified": 1665580254, + "narHash": "sha256-hO61XPkp1Hphl4HGNzj1VvDH5URt7LI6LaY/385Eul4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d80993b5f885515254746ba6d1917276ee386149", + "rev": "f634d427b0224a5f531ea5aa10c3960ba6ec5f0f", "type": "github" }, "original": { @@ -329,11 +418,11 @@ ] }, "locked": { - "lastModified": 1667620329, - "narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", + "lastModified": 1672979485, + "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", "owner": "berberman", "repo": "nvfetcher", - "rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", + "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", "type": "github" }, "original": { @@ -345,16 +434,16 @@ "poetry2nix": { "flake": false, "locked": { - "lastModified": 1632969109, - "narHash": "sha256-jPDclkkiAy5m2gGLBlKgH+lQtbF7tL4XxBrbSzw+Ioc=", + "lastModified": 1666918719, + "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=", "owner": "nix-community", "repo": "poetry2nix", - "rev": "aee8f04296c39d88155e05d25cfc59dfdd41cc77", + "rev": "289efb187123656a116b915206e66852f038720e", "type": "github" }, "original": { "owner": "nix-community", - "ref": "1.21.0", + "ref": "1.36.0", "repo": "poetry2nix", "type": "github" } @@ -415,11 +504,11 @@ "rust-analyzer-src_2": { "flake": false, "locked": { - "lastModified": 1662896065, - "narHash": "sha256-1LkSsXzI1JTAmP/GMTz4fTJd8y/tw8R79l96q+h7mu8=", + "lastModified": 1672757238, + "narHash": "sha256-BK1njXsjprMT0f+1aQYmZ/ueN9D3Y3wrz9gw4UvieRQ=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "2e9f1204ca01c3e20898d4a67c8b84899d394a88", + "rev": "a97c71f92d574cb5104e3e1246eb9038d1a214a2", "type": "github" }, "original": { @@ -434,14 +523,14 @@ "nixpkgs": [ "nixpkgs" ], - "nixpkgs-22_05": "nixpkgs-22_05" + "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1667427533, - "narHash": "sha256-MsgTnQEi1g7f8anlW5klHW2pJgam4CLbJaYyBw2ed58=", + "lastModified": 1673147300, + "narHash": "sha256-gR9OEfTzWfL6vG0qkbn1TlBAOlg4LuW8xK/u0V41Ihc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "486b4455da16272c1ed31bc82adcdbe7af829465", + "rev": "2253120d2a6147e57bafb5c689e086221df8032f", "type": "github" }, "original": { @@ -459,11 +548,11 @@ ] }, "locked": { - "lastModified": 1665746303, - "narHash": "sha256-lDVy7aBsAaO5TyeoZS4wL6qcBNuU1bQCcHPJxiEKtao=", - "ref": "master", - "rev": "5d037f9122e68aaa5db62d04810bf0c5e1e4325e", - "revCount": 49, + "lastModified": 1672884793, + "narHash": "sha256-biUbdKq8OaRQm25poaRJalrRq+M+/TrNr7J6rI65lNI=", + "ref": "refs/heads/master", + "rev": "b2894e4fefbdc1c9964ab47c931497a417562d8a", + "revCount": 53, "type": "git", "url": "https://gitea.tlater.net/tlaternet/tlaternet.git" }, @@ -474,11 +563,11 @@ }, "utils": { "locked": { - "lastModified": 1648297722, - "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", "owner": "numtide", "repo": "flake-utils", - "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 7a5daf9..de2ed54 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "tlater.net host configuration"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; deploy-rs.url = "github:serokell/deploy-rs"; sops-nix = { url = "github:Mic92/sops-nix"; @@ -97,7 +97,7 @@ ''; update-nextcloud-apps = let - nvfetcher-bin = "${nvfetcher.defaultPackage.${system}}/bin/nvfetcher"; + nvfetcher-bin = "${nvfetcher.packages.${system}.default}/bin/nvfetcher"; in writeShellScript "update-nextcloud-apps" '' cd "$(git rev-parse --show-toplevel)/pkgs" -- 2.50.1 From b798efb2c05a4c30bcba0e7ad2fe523ccd76d017 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:57:24 +0000 Subject: [PATCH 3/9] nextcloud: Update the service and apps for 22.11 --- configuration/services/nextcloud.nix | 10 +---- pkgs/_sources_nextcloud/generated.json | 59 ++++++++++++-------------- pkgs/_sources_nextcloud/generated.nix | 52 +++++++++++------------ pkgs/default.nix | 4 +- pkgs/mkNextcloudApp.nix | 15 +++---- pkgs/nextcloud-apps.toml | 27 ++++-------- 6 files changed, 70 insertions(+), 97 deletions(-) diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix index fddddde..c25cfb2 100644 --- a/configuration/services/nextcloud.nix +++ b/configuration/services/nextcloud.nix @@ -3,14 +3,14 @@ config, ... }: let - inherit (pkgs) fetchNextcloudApp; - nextcloud = pkgs.nextcloud24; + nextcloud = pkgs.nextcloud25; hostName = "nextcloud.${config.services.nginx.domain}"; in { services.nextcloud = { inherit hostName; package = nextcloud; + enableBrokenCiphersForSSE = false; enable = true; maxUploadSize = "2G"; https = true; @@ -28,12 +28,6 @@ in { }; extraApps = { - # TODO(tlater): Seems like this won't work anymore from - # Nextcloud 25 onwards. - # - # Adopt whatever upstream does with this: - # https://github.com/nextcloud/server/issues/4917 - inherit (pkgs.local) apporder; inherit (pkgs.local) bookmarks calendar contacts cookbook news notes; }; diff --git a/pkgs/_sources_nextcloud/generated.json b/pkgs/_sources_nextcloud/generated.json index c4a4b55..7752f5e 100644 --- a/pkgs/_sources_nextcloud/generated.json +++ b/pkgs/_sources_nextcloud/generated.json @@ -7,9 +7,8 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE=", - "type": "url", + "sha256": "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96", + "type": "tarball", "url": "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz" }, "version": "v0.15.0" @@ -22,12 +21,11 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM=", - "type": "url", - "url": "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz" + "sha256": "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx", + "type": "tarball", + "url": "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz" }, - "version": "11.0.4" + "version": "12.0.0" }, "calendar": { "cargoLocks": null, @@ -37,12 +35,11 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0=", - "type": "url", - "url": "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz" + "sha256": "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an", + "type": "tarball", + "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz" }, - "version": "v3.5.0" + "version": "v4.2.0" }, "contacts": { "cargoLocks": null, @@ -52,12 +49,11 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A=", - "type": "url", - "url": "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz" + "sha256": "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8", + "type": "tarball", + "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz" }, - "version": "v4.2.2" + "version": "v5.0.2" }, "cookbook": { "cargoLocks": null, @@ -67,12 +63,11 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I=", - "type": "url", - "url": "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz" + "sha256": "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg", + "type": "tarball", + "url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz" }, - "version": "0.9.17" + "version": "0.10.1" }, "news": { "cargoLocks": null, @@ -82,12 +77,11 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY=", - "type": "url", - "url": "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz" + "sha256": "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7", + "type": "tarball", + "url": "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz" }, - "version": "19.0.0" + "version": "20.0.0" }, "notes": { "cargoLocks": null, @@ -97,11 +91,10 @@ "passthru": null, "pinned": false, "src": { - "name": null, - "sha256": "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk=", - "type": "url", - "url": "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz" + "sha256": "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl", + "type": "tarball", + "url": "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz" }, - "version": "v4.5.1" + "version": "v4.6.0" } } \ No newline at end of file diff --git a/pkgs/_sources_nextcloud/generated.nix b/pkgs/_sources_nextcloud/generated.nix index 324306d..f3a0521 100644 --- a/pkgs/_sources_nextcloud/generated.nix +++ b/pkgs/_sources_nextcloud/generated.nix @@ -4,57 +4,57 @@ apporder = { pname = "apporder"; version = "v0.15.0"; - src = fetchurl { + src = fetchTarball { url = "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz"; - sha256 = "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE="; + sha256 = "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96"; }; }; bookmarks = { pname = "bookmarks"; - version = "11.0.4"; - src = fetchurl { - url = "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz"; - sha256 = "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM="; + version = "12.0.0"; + src = fetchTarball { + url = "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz"; + sha256 = "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx"; }; }; calendar = { pname = "calendar"; - version = "v3.5.0"; - src = fetchurl { - url = "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz"; - sha256 = "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0="; + version = "v4.2.0"; + src = fetchTarball { + url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz"; + sha256 = "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an"; }; }; contacts = { pname = "contacts"; - version = "v4.2.2"; - src = fetchurl { - url = "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz"; - sha256 = "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A="; + version = "v5.0.2"; + src = fetchTarball { + url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz"; + sha256 = "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8"; }; }; cookbook = { pname = "cookbook"; - version = "0.9.17"; - src = fetchurl { - url = "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz"; - sha256 = "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I="; + version = "0.10.1"; + src = fetchTarball { + url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz"; + sha256 = "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg"; }; }; news = { pname = "news"; - version = "19.0.0"; - src = fetchurl { - url = "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz"; - sha256 = "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY="; + version = "20.0.0"; + src = fetchTarball { + url = "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz"; + sha256 = "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7"; }; }; notes = { pname = "notes"; - version = "v4.5.1"; - src = fetchurl { - url = "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz"; - sha256 = "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk="; + version = "v4.6.0"; + src = fetchTarball { + url = "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz"; + sha256 = "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl"; }; }; } diff --git a/pkgs/default.nix b/pkgs/default.nix index 545984a..3818a26 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -2,7 +2,7 @@ pkgs, lib, }: let - inherit (builtins) listToAttrs mapAttrs; + inherit (builtins) fromJSON mapAttrs readFile; inherit (pkgs) callPackage; in { @@ -12,7 +12,7 @@ in # Add nextcloud apps let mkNextcloudApp = pkgs.callPackage ./mkNextcloudApp.nix {}; - sources = pkgs.callPackage ./_sources_nextcloud/generated.nix {}; + sources = fromJSON (readFile ./_sources_nextcloud/generated.json); in mapAttrs (_: source: mkNextcloudApp source) sources ) diff --git a/pkgs/mkNextcloudApp.nix b/pkgs/mkNextcloudApp.nix index 3c78a94..6430ac1 100644 --- a/pkgs/mkNextcloudApp.nix +++ b/pkgs/mkNextcloudApp.nix @@ -1,13 +1,8 @@ { fetchNextcloudApp, lib, -}: let - inherit (lib) removePrefix; -in - source: - fetchNextcloudApp { - name = source.pname; - version = removePrefix "v" source.version; - url = source.src.url; - sha256 = source.src.outputHash; - } +}: source: +fetchNextcloudApp { + url = source.src.url; + sha256 = source.src.sha256; +} diff --git a/pkgs/nextcloud-apps.toml b/pkgs/nextcloud-apps.toml index 6e06432..69bccdc 100644 --- a/pkgs/nextcloud-apps.toml +++ b/pkgs/nextcloud-apps.toml @@ -1,35 +1,26 @@ -[apporder] -src.github = "juliushaertl/apporder" -fetch.url = "https://github.com/juliushaertl/apporder/releases/download/$ver/apporder.tar.gz" - [bookmarks] src.github = "nextcloud/bookmarks" src.prefix = "v" -fetch.url = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" +fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" [calendar] -src.manual = "v3.5.0" # Pinned until we update to nextcloud 25 -# src.github = "nextcloud-releases/calendar" -fetch.url = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz" +src.github = "nextcloud-releases/calendar" +fetch.tarball = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz" [contacts] -src.manual = "v4.2.2" # Pinned until we update to nextcloud 25 -# src.github = "nextcloud-releases/contacts" -fetch.url = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz" +src.github = "nextcloud-releases/contacts" +fetch.tarball = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz" [cookbook] src.github_tag = "nextcloud/cookbook" src.prefix = "v" src.exclude_regex = 'v\d+\.\d+\.\d+-rc\d+' -fetch.url = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz" +fetch.tarball = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz" [news] src.github = "nextcloud/news" -# Sadly, the news app vendors things, and those are only included in -# their tarball. -fetch.url = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz" +fetch.tarball = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz" [notes] -src.manual = "v4.5.1" # Pinned until we update to nextcloud 25 -# src.github = "nextcloud/notes" -fetch.url = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz" +src.github = "nextcloud/notes" +fetch.tarball = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz" -- 2.50.1 From 544bd0a721cf9cc31a38c36b4e7cddcc6969a9cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:59:04 +0000 Subject: [PATCH 4/9] keys/staging: Add a few missing keys that made the vm break --- keys/staging.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/keys/staging.yaml b/keys/staging.yaml index 9adfde8..069a405 100644 --- a/keys/staging.yaml +++ b/keys/staging.yaml @@ -5,14 +5,17 @@ steam: turn: env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str] secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str] + ssl-key: ENC[AES256_GCM,data:RYfwHjBvwFXgXxXIEuWUzaycTdrCvmPivsNvvUIwDRynS5G2Dl6RCVp1w9zuLvoNun5ncUPGGuLMmVqN2wkJlw==,iv:UKI3bVTY7iTDNvp5UqrZ3QlQkMZ5p2bjgODEc6DCBfQ=,tag:sz7VTyRWyZxAsP4nE48DnA==,type:str] + #ENC[AES256_GCM,data:bxhKzU5Tzezl749CDu8e8kxa7ahGuZFaPa9K3kxuD+4sg5Hi3apgDlC0n8oK0DeiK4Ks7+9Cyw==,iv:T/zVJUpNAv1rR0a9+6SDTG08ws2A1hFBs5Ia3TpT0uk=,tag:uGXb1VryM+lIJ8r0I5durA==,type:comment] + ssl-cert: ENC[AES256_GCM,data:xHUr14CjKslgbGh/n5jYSOuCw9JRxS6YXE4fxS+aJzFcNeSeGNqoipPeuJupZGBnQP/FCqohiHY=,iv:/OEsVqRshGL9NIvntMC42EPZSNL0u6EfhtUBqgV7qog=,tag:4pxtNjuvy/ibm6nDtKdSkw==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2022-10-28T22:54:01Z" - mac: ENC[AES256_GCM,data:1nsv+Dl7lzRZNNb9kSuqFrXrcncIklw/A2uwd/yQQ546Rm/4gzpBZqCi6cv5VBCdc1iNuBcAM74DnZHMDmeWAiW0WfACPJMQjCes21P6IUsP2gu+bV2f9qqqnP2a5voxzFHp1aclklzMiiZJBEB1Y3UNz0ZG7A43hsOAE0/fJ9o=,iv:kY10PF5ErkKHXx8m0OyX2eU6kcFQsrsP3V2scVBMsuA=,tag:Uth0XfP2c0LBJQ7+7Uc0BQ==,type:str] + lastmodified: "2023-01-11T01:49:31Z" + mac: ENC[AES256_GCM,data:5IcHdNQ/mh6Jz60dlpgqbBtVGKYml4EOs7YXsBcejgAoPzZqEK+xb3f9+rq2G6sCcMXzROHJsdQUfp1wMgfp8DwVm4H+XO+SQh/E1kFuWO8G/IpXOT4P9RQC+wHxrVuxHd8pwl9CLv6uuMnO+FNg9TeWB2GAVxIBsY8JHwGN/BA=,iv:/Yqfij58LGNooyyhmr8aWCpknd4dN+b4iSvokVoDGls=,tag:XHm8Qcg75B1+pTOcgZubIQ==,type:str] pgp: - created_at: "2022-10-12T16:48:23Z" enc: | -- 2.50.1 From 77ddb15f22038cfe537167e81f984b1565a05178 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:59:35 +0000 Subject: [PATCH 5/9] flake.nix: Build the VM using `nix build` --- flake.nix | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/flake.nix b/flake.nix index de2ed54..2aa6c0b 100644 --- a/flake.nix +++ b/flake.nix @@ -73,15 +73,14 @@ ################### packages.${system} = let inherit (nixpkgs.legacyPackages.${system}) writeShellScript; + vm = self.lib.makeNixosSystem { + inherit system; + extraModules = [(import ./configuration/hardware-specific/vm.nix)]; + }; in { - default = self.packages.${system}.run-vm; + default = vm.config.system.build.vm; run-vm = let - vm = self.lib.makeNixosSystem { - inherit system; - extraModules = [(import ./configuration/hardware-specific/vm.nix)]; - }; - qemuNetOpts = self.lib.makeQemuNetOpts { "2222" = "2222"; "3080" = "80"; @@ -105,9 +104,7 @@ ''; }; - apps.${system} = let - inherit (nixpkgs.legacyPackages.${system}) writeShellScript; - in { + apps.${system} = { default = { type = "app"; program = builtins.toString self.packages.${system}.run-vm; -- 2.50.1 From f6e39e09a5ce40f2235546ca59a95f361c2a4152 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 01:59:54 +0000 Subject: [PATCH 6/9] gitea: Update configuration for 22.11 --- configuration/services/gitea.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix index f346097..1d3308a 100644 --- a/configuration/services/gitea.nix +++ b/configuration/services/gitea.nix @@ -8,12 +8,15 @@ in { httpAddress = "127.0.0.1"; database.type = "postgres"; - ssh.clonePort = 2222; rootUrl = "https://${domain}/"; - cookieSecure = true; appName = "Gitea: Git with a cup of tea"; - disableRegistration = true; + + settings = { + server.SSH_PORT = 2222; + service.DISABLE_REGISTRATION = true; + session.COOKIE_SECURE = true; + }; }; # Set up SSL -- 2.50.1 From 957ab110c5ae2f23771009fc0c33e16993c0bf5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:00:13 +0000 Subject: [PATCH 7/9] firewall: Open Minecraft ports for port forwarding --- configuration/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/configuration/default.nix b/configuration/default.nix index 34a7868..b84937e 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -63,6 +63,8 @@ 8448 # starbound 21025 + # Minecraft + 25565 config.services.coturn.listening-port config.services.coturn.tls-listening-port @@ -71,6 +73,9 @@ ]; allowedUDPPorts = [ + # More minecraft + 25565 + config.services.coturn.listening-port config.services.coturn.tls-listening-port config.services.coturn.alt-listening-port -- 2.50.1 From b7726af1c4d6c7bc7dc6874516aae809ceadd0f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:00:33 +0000 Subject: [PATCH 8/9] config: Make changes suggested post 22.11 update --- configuration/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configuration/default.nix b/configuration/default.nix index b84937e..d090cef 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -35,11 +35,11 @@ ''; # Enable remote builds from tlater - trustedUsers = ["@wheel"]; + settings.trusted-users = ["@wheel"]; }; nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steamcmd"]; + builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steam-run" "steamcmd"]; # Optimization for minecraft servers, see: # https://bugs.mojang.com/browse/MC-183518 -- 2.50.1 From b7feffc52f25f75af8b20c7c0212475df028e983 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Wed, 11 Jan 2023 02:33:53 +0000 Subject: [PATCH 9/9] hardware-configuration: Update to new auto-generated settings --- .../linode/hardware-configuration.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/configuration/hardware-specific/linode/hardware-configuration.nix b/configuration/hardware-specific/linode/hardware-configuration.nix index 2a33a67..c1776d5 100644 --- a/configuration/hardware-specific/linode/hardware-configuration.nix +++ b/configuration/hardware-specific/linode/hardware-configuration.nix @@ -8,7 +8,7 @@ [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ "virtio_pci" "ahci" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; @@ -27,5 +27,13 @@ [ { device = "/dev/disk/by-uuid/45c8ad29-3861-4e68-a566-47e6d9269dca"; } ]; - nix.maxJobs = lib.mkDefault 2; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eth0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } -- 2.50.1