tlaternet/tlaternet-server
1
0
Fork 0
Code Issues 10 Pull requests Activity

Update to NixOS 22.11 #79

Manually merged
tlater merged 9 commits from tlater/22.11 into master 2023-01-11 02:39:59 +00:00
Conversation 0 Commits 9 Files changed 13 +246 -197
13 changed files with 246 additions and 197 deletions
Download patch file Download diff file Expand all files Collapse all files

9
configuration/default.nix
View file

@ -35,11 +35,11 @@
''; '';
# Enable remote builds from tlater # Enable remote builds from tlater
trustedUsers = ["@wheel"]; settings.trusted-users = ["@wheel"];
}; };
nixpkgs.config.allowUnfreePredicate = pkg: nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steamcmd"]; builtins.elem (lib.getName pkg) ["steam-original" "steam-runtime" "steam-run" "steamcmd"];
# Optimization for minecraft servers, see: # Optimization for minecraft servers, see:
# https://bugs.mojang.com/browse/MC-183518 # https://bugs.mojang.com/browse/MC-183518
@ -63,6 +63,8 @@
8448 8448
# starbound # starbound
21025 21025
# Minecraft
25565
config.services.coturn.listening-port config.services.coturn.listening-port
config.services.coturn.tls-listening-port config.services.coturn.tls-listening-port
@ -71,6 +73,9 @@
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
# More minecraft
25565
config.services.coturn.listening-port config.services.coturn.listening-port
config.services.coturn.tls-listening-port config.services.coturn.tls-listening-port
config.services.coturn.alt-listening-port config.services.coturn.alt-listening-port

12
configuration/hardware-specific/linode/hardware-configuration.nix
View file

@ -8,7 +8,7 @@
[ (modulesPath + "/profiles/qemu-guest.nix") [ (modulesPath + "/profiles/qemu-guest.nix")
]; ];
boot.initrd.availableKernelModules = [ "virtio_pci" "ahci" "sd_mod" ]; boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ]; boot.kernelModules = [ ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
@ -27,5 +27,13 @@
[ { device = "/dev/disk/by-uuid/45c8ad29-3861-4e68-a566-47e6d9269dca"; } [ { device = "/dev/disk/by-uuid/45c8ad29-3861-4e68-a566-47e6d9269dca"; }
]; ];
nix.maxJobs = lib.mkDefault 2; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

9
configuration/services/gitea.nix
View file

@ -8,12 +8,15 @@ in {
httpAddress = "127.0.0.1"; httpAddress = "127.0.0.1";
database.type = "postgres"; database.type = "postgres";
ssh.clonePort = 2222;
rootUrl = "https://${domain}/"; rootUrl = "https://${domain}/";
cookieSecure = true;
appName = "Gitea: Git with a cup of tea"; appName = "Gitea: Git with a cup of tea";
disableRegistration = true;
settings = {
server.SSH_PORT = 2222;
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
};
}; };
# Set up SSL # Set up SSL

10
configuration/services/nextcloud.nix
View file

@ -3,14 +3,14 @@
config, config,
... ...
}: let }: let
inherit (pkgs) fetchNextcloudApp; nextcloud = pkgs.nextcloud25;
nextcloud = pkgs.nextcloud24;
hostName = "nextcloud.${config.services.nginx.domain}"; hostName = "nextcloud.${config.services.nginx.domain}";
in { in {
services.nextcloud = { services.nextcloud = {
inherit hostName; inherit hostName;
package = nextcloud; package = nextcloud;
enableBrokenCiphersForSSE = false;
enable = true; enable = true;
maxUploadSize = "2G"; maxUploadSize = "2G";
https = true; https = true;
@ -28,12 +28,6 @@ in {
}; };
extraApps = { extraApps = {
# TODO(tlater): Seems like this won't work anymore from
# Nextcloud 25 onwards.
#
# Adopt whatever upstream does with this:
# https://github.com/nextcloud/server/issues/4917
inherit (pkgs.local) apporder;
inherit (pkgs.local) bookmarks calendar contacts cookbook news notes; inherit (pkgs.local) bookmarks calendar contacts cookbook news notes;
}; };

206
flake.lock generated
View file

@ -24,14 +24,31 @@
"type": "github" "type": "github"
} }
}, },
"all-cabal-json": {
"flake": false,
"locked": {
"lastModified": 1665552503,
"narHash": "sha256-r14RmRSwzv5c+bWKUDaze6pXM7nOsiz1H8nvFHJvufc=",
"owner": "nix-community",
"repo": "all-cabal-json",
"rev": "d7c0434eebffb305071404edcf9d5cd99703878e",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "hackage",
"repo": "all-cabal-json",
"type": "github"
}
},
"crane": { "crane": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1661875961, "lastModified": 1670900067,
"narHash": "sha256-f1h/2c6Teeu1ofAHWzrS8TwBPcnN+EEu+z1sRVmMQTk=", "narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=",
"owner": "ipetkov", "owner": "ipetkov",
"repo": "crane", "repo": "crane",
"rev": "d9f394e4e20e97c2a60c3ad82c2b6ef99be19e24", "rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -47,11 +64,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1659725433, "lastModified": 1672327199,
"narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=", "narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=",
"owner": "serokell", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb", "rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -63,11 +80,11 @@
"devshell": { "devshell": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1653917170, "lastModified": 1663445644,
"narHash": "sha256-FyxOnEE/V4PNEcMU62ikY4FfYPo349MOhMM97HS0XEo=", "narHash": "sha256-+xVlcK60x7VY1vRJbNUEAHi17ZuoQxAIH4S4iUFUGBA=",
"owner": "numtide", "owner": "numtide",
"repo": "devshell", "repo": "devshell",
"rev": "fc7a3e3adde9bbcab68af6d1e3c6eb738e296a92", "rev": "e3dc3e21594fe07bdb24bdf1c8657acaa4cb8f66",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -79,21 +96,25 @@
"dream2nix": { "dream2nix": {
"inputs": { "inputs": {
"alejandra": "alejandra", "alejandra": "alejandra",
"all-cabal-json": "all-cabal-json",
"crane": "crane", "crane": "crane",
"devshell": "devshell", "devshell": "devshell",
"flake-parts": "flake-parts",
"flake-utils-pre-commit": "flake-utils-pre-commit", "flake-utils-pre-commit": "flake-utils-pre-commit",
"ghc-utils": "ghc-utils",
"gomod2nix": "gomod2nix", "gomod2nix": "gomod2nix",
"mach-nix": "mach-nix", "mach-nix": "mach-nix",
"nix-pypi-fetcher": "nix-pypi-fetcher",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"poetry2nix": "poetry2nix", "poetry2nix": "poetry2nix",
"pre-commit-hooks": "pre-commit-hooks" "pre-commit-hooks": "pre-commit-hooks"
}, },
"locked": { "locked": {
"lastModified": 1663323895, "lastModified": 1672661134,
"narHash": "sha256-ZmI9C8HNVz2w3OnB79WR/LIgVEY8tDnR8tEPi3hMiJk=", "narHash": "sha256-WqBUyKeiv+jI11ug+qP0OnZ4nngK6eBRVTGHgdzEGvc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "dream2nix", "repo": "dream2nix",
"rev": "25be741ec92c77b8308ca6a7ab89593fe37b6542", "rev": "9f6911c78dcb0832f7fcc955e847db1a5a9ce29a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -135,11 +156,11 @@
"rust-analyzer-src": "rust-analyzer-src_2" "rust-analyzer-src": "rust-analyzer-src_2"
}, },
"locked": { "locked": {
"lastModified": 1663396212, "lastModified": 1672813381,
"narHash": "sha256-dlK10QPTDYNpJ/vl2QPKOTrqEbQwAR/v2f4+xsetTkw=", "narHash": "sha256-PKt6orRiFO19KFKnOhzK26hbFLtimlRNE2dGwrTEhII=",
"owner": "nix-community", "owner": "nix-community",
"repo": "fenix", "repo": "fenix",
"rev": "263cd7f991c07a9592a6e825bfc37b23b00eb244", "rev": "eb6583fcd626051c4d284f2fb51cd2659a43e7f6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -151,11 +172,11 @@
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1648199409, "lastModified": 1668681692,
"narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", "rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -167,11 +188,11 @@
"flake-compat_2": { "flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1650374568, "lastModified": 1668681692,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra", "owner": "edolstra",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8", "rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -180,13 +201,31 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1668450977,
"narHash": "sha256-cfLhMhnvXn6x1vPm+Jow3RiFAUSCw/l1utktCw5rVA4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "d591857e9d7dd9ddbfba0ea02b43b927c3c0f1fa",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1667077288, "lastModified": 1667395993,
"narHash": "sha256-bdC8sFNDpT0HK74u9fUkpbf1MEzVYJ+ka7NXCdgBoaA=", "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "6ee9ebb6b1ee695d2cacc4faa053a7b9baa76817", "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -226,6 +265,22 @@
"type": "github" "type": "github"
} }
}, },
"ghc-utils": {
"flake": false,
"locked": {
"lastModified": 1662774800,
"narHash": "sha256-1Rd2eohGUw/s1tfvkepeYpg8kCEXiIot0RijapUjAkE=",
"ref": "refs/heads/master",
"rev": "bb3a2d3dc52ff0253fb9c2812bd7aa2da03e0fea",
"revCount": 1072,
"type": "git",
"url": "https://gitlab.haskell.org/bgamari/ghc-utils"
},
"original": {
"type": "git",
"url": "https://gitlab.haskell.org/bgamari/ghc-utils"
}
},
"gomod2nix": { "gomod2nix": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -257,13 +312,29 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nix-pypi-fetcher": {
"flake": false,
"locked": {
"lastModified": 1669065297,
"narHash": "sha256-UStjXjNIuIm7SzMOWvuYWIHBkPUKQ8Id63BMJjnIDoA=",
"owner": "DavHau",
"repo": "nix-pypi-fetcher",
"rev": "a9885ac6a091576b5195d547ac743d45a2a615ac",
"type": "github"
},
"original": {
"owner": "DavHau",
"repo": "nix-pypi-fetcher",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1648219316, "lastModified": 1671417167,
"narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=", "narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634", "rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -273,61 +344,63 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-22_05": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1667091951, "dir": "lib",
"narHash": "sha256-62sz0fn06Nq8OaeBYrYSR3Y6hUcp8/PC4dJ7HeGaOhU=", "lastModified": 1665349835,
"narHash": "sha256-UK4urM3iN80UXQ7EaOappDzcisYIuEURFRoGQ/yPkug=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6440d13df2327d2db13d3b17e419784020b71d22", "rev": "34c5293a71ffdb2fe054eb5288adc1882c1eb0b1",
"type": "github" "type": "github"
}, },
"original": { "original": {
"dir": "lib",
"owner": "NixOS", "owner": "NixOS",
"ref": "release-22.05", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1667610399, "lastModified": 1673100377,
"narHash": "sha256-XZd0f4ZWAY0QOoUSdiNWj/eFiKb4B9CJPtl9uO9SYY4=", "narHash": "sha256-mT76pTd0YFxT6CwtPhDgHJhuIgLY+ZLSMiQpBufwMG4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1dd8696f96db47156e1424a49578fe7dd4ce99a4", "rev": "9f11a2df77cb945c115ae2a65f53f38121597d73",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixpkgs-unstable", "ref": "release-22.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1667564121, "lastModified": 1673345971,
"narHash": "sha256-DlR65WyEW78cBmnOhxDzfvNQ9euJEGctSl77olqEaLg=", "narHash": "sha256-4DfFcKLRfVUTyuGrGNNmw37IeIZSoku9tgTVmu/iD98=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1404483f4531560aad73bdebae4096881c910ac0", "rev": "54644f409ab471e87014bb305eac8c50190bcf48",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-22.05", "ref": "nixos-22.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1657638268, "lastModified": 1665580254,
"narHash": "sha256-blBNtQSslAFkg0Gym9fWNJk+bPxGSZib4SOcPrmTPi4=", "narHash": "sha256-hO61XPkp1Hphl4HGNzj1VvDH5URt7LI6LaY/385Eul4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d80993b5f885515254746ba6d1917276ee386149", "rev": "f634d427b0224a5f531ea5aa10c3960ba6ec5f0f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -345,11 +418,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1667620329, "lastModified": 1672979485,
"narHash": "sha256-v1Zk7rtEbAGpevBGPZvZBKpwbmw4I+uVwxvd+pBlp3o=", "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=",
"owner": "berberman", "owner": "berberman",
"repo": "nvfetcher", "repo": "nvfetcher",
"rev": "294826951113dcd3aa9abbcacfb1aa5b95a19116", "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -361,16 +434,16 @@
"poetry2nix": { "poetry2nix": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1632969109, "lastModified": 1666918719,
"narHash": "sha256-jPDclkkiAy5m2gGLBlKgH+lQtbF7tL4XxBrbSzw+Ioc=", "narHash": "sha256-BkK42fjAku+2WgCOv2/1NrPa754eQPV7gPBmoKQBWlc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "poetry2nix", "repo": "poetry2nix",
"rev": "aee8f04296c39d88155e05d25cfc59dfdd41cc77", "rev": "289efb187123656a116b915206e66852f038720e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "1.21.0", "ref": "1.36.0",
"repo": "poetry2nix", "repo": "poetry2nix",
"type": "github" "type": "github"
} }
@ -406,7 +479,6 @@
"inputs": { "inputs": {
"deploy-rs": "deploy-rs", "deploy-rs": "deploy-rs",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"nvfetcher": "nvfetcher", "nvfetcher": "nvfetcher",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"tlaternet-webserver": "tlaternet-webserver" "tlaternet-webserver": "tlaternet-webserver"
@ -432,11 +504,11 @@
"rust-analyzer-src_2": { "rust-analyzer-src_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1662896065, "lastModified": 1672757238,
"narHash": "sha256-1LkSsXzI1JTAmP/GMTz4fTJd8y/tw8R79l96q+h7mu8=", "narHash": "sha256-BK1njXsjprMT0f+1aQYmZ/ueN9D3Y3wrz9gw4UvieRQ=",
"owner": "rust-lang", "owner": "rust-lang",
"repo": "rust-analyzer", "repo": "rust-analyzer",
"rev": "2e9f1204ca01c3e20898d4a67c8b84899d394a88", "rev": "a97c71f92d574cb5104e3e1246eb9038d1a214a2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -451,14 +523,14 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-22_05": "nixpkgs-22_05" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1667427533, "lastModified": 1673147300,
"narHash": "sha256-MsgTnQEi1g7f8anlW5klHW2pJgam4CLbJaYyBw2ed58=", "narHash": "sha256-gR9OEfTzWfL6vG0qkbn1TlBAOlg4LuW8xK/u0V41Ihc=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "486b4455da16272c1ed31bc82adcdbe7af829465", "rev": "2253120d2a6147e57bafb5c689e086221df8032f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -476,11 +548,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1665746303, "lastModified": 1672884793,
"narHash": "sha256-lDVy7aBsAaO5TyeoZS4wL6qcBNuU1bQCcHPJxiEKtao=", "narHash": "sha256-biUbdKq8OaRQm25poaRJalrRq+M+/TrNr7J6rI65lNI=",
"ref": "master", "ref": "refs/heads/master",
"rev": "5d037f9122e68aaa5db62d04810bf0c5e1e4325e", "rev": "b2894e4fefbdc1c9964ab47c931497a417562d8a",
"revCount": 49, "revCount": 53,
"type": "git", "type": "git",
"url": "https://gitea.tlater.net/tlaternet/tlaternet.git" "url": "https://gitea.tlater.net/tlaternet/tlaternet.git"
}, },
@ -491,11 +563,11 @@
}, },
"utils": { "utils": {
"locked": { "locked": {
"lastModified": 1648297722, "lastModified": 1667395993,
"narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=", "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade", "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github" "type": "github"
}, },
"original": { "original": {

23
flake.nix
View file

@ -2,8 +2,7 @@
description = "tlater.net host configuration"; description = "tlater.net host configuration";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.url = "github:serokell/deploy-rs";
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
@ -22,7 +21,6 @@
outputs = { outputs = {
self, self,
nixpkgs, nixpkgs,
nixpkgs-unstable,
sops-nix, sops-nix,
nvfetcher, nvfetcher,
deploy-rs, deploy-rs,
@ -66,7 +64,7 @@
# Helper functions # # Helper functions #
#################### ####################
lib = import ./lib { lib = import ./lib {
inherit nixpkgs nixpkgs-unstable sops-nix tlaternet-webserver; inherit nixpkgs sops-nix tlaternet-webserver;
lib = nixpkgs.lib; lib = nixpkgs.lib;
}; };
@ -75,15 +73,14 @@
################### ###################
packages.${system} = let packages.${system} = let
inherit (nixpkgs.legacyPackages.${system}) writeShellScript; inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
vm = self.lib.makeNixosSystem {
inherit system;
extraModules = [(import ./configuration/hardware-specific/vm.nix)];
};
in { in {
default = self.packages.${system}.run-vm; default = vm.config.system.build.vm;
run-vm = let run-vm = let
vm = self.lib.makeNixosSystem {
inherit system;
extraModules = [(import ./configuration/hardware-specific/vm.nix)];
};
qemuNetOpts = self.lib.makeQemuNetOpts { qemuNetOpts = self.lib.makeQemuNetOpts {
"2222" = "2222"; "2222" = "2222";
"3080" = "80"; "3080" = "80";
@ -99,7 +96,7 @@
''; '';
update-nextcloud-apps = let update-nextcloud-apps = let
nvfetcher-bin = "${nvfetcher.defaultPackage.${system}}/bin/nvfetcher"; nvfetcher-bin = "${nvfetcher.packages.${system}.default}/bin/nvfetcher";
in in
writeShellScript "update-nextcloud-apps" '' writeShellScript "update-nextcloud-apps" ''
cd "$(git rev-parse --show-toplevel)/pkgs" cd "$(git rev-parse --show-toplevel)/pkgs"
@ -107,9 +104,7 @@
''; '';
}; };
apps.${system} = let apps.${system} = {
inherit (nixpkgs.legacyPackages.${system}) writeShellScript;
in {
default = { default = {
type = "app"; type = "app";
program = builtins.toString self.packages.${system}.run-vm; program = builtins.toString self.packages.${system}.run-vm;

7
keys/staging.yaml
View file

@ -5,14 +5,17 @@ steam:
turn: turn:
env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str] env: ENC[AES256_GCM,data:xjIz/AY109lyiL5N01p5T3HcYco/rM5CJSRTtg==,iv:16bW6OpyOK/QL0QPGQp/Baa9xyT8E3ZsYkwqmjuofk0=,tag:J5re3uKxIykw3YunvQWBgg==,type:str]
secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str] secret: ENC[AES256_GCM,data:eQ7dAocoZtg=,iv:fgzjTPv30WqTKlLy+yMn5MsKQgjhPnwlGFFwYEg3gWs=,tag:1ze33U1NBkgMX/9SiaBNQg==,type:str]
ssl-key: ENC[AES256_GCM,data:RYfwHjBvwFXgXxXIEuWUzaycTdrCvmPivsNvvUIwDRynS5G2Dl6RCVp1w9zuLvoNun5ncUPGGuLMmVqN2wkJlw==,iv:UKI3bVTY7iTDNvp5UqrZ3QlQkMZ5p2bjgODEc6DCBfQ=,tag:sz7VTyRWyZxAsP4nE48DnA==,type:str]
#ENC[AES256_GCM,data:bxhKzU5Tzezl749CDu8e8kxa7ahGuZFaPa9K3kxuD+4sg5Hi3apgDlC0n8oK0DeiK4Ks7+9Cyw==,iv:T/zVJUpNAv1rR0a9+6SDTG08ws2A1hFBs5Ia3TpT0uk=,tag:uGXb1VryM+lIJ8r0I5durA==,type:comment]
ssl-cert: ENC[AES256_GCM,data:xHUr14CjKslgbGh/n5jYSOuCw9JRxS6YXE4fxS+aJzFcNeSeGNqoipPeuJupZGBnQP/FCqohiHY=,iv:/OEsVqRshGL9NIvntMC42EPZSNL0u6EfhtUBqgV7qog=,tag:4pxtNjuvy/ibm6nDtKdSkw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
azure_kv: [] azure_kv: []
hc_vault: [] hc_vault: []
age: [] age: []
lastmodified: "2022-10-28T22:54:01Z" lastmodified: "2023-01-11T01:49:31Z"
mac: ENC[AES256_GCM,data:1nsv+Dl7lzRZNNb9kSuqFrXrcncIklw/A2uwd/yQQ546Rm/4gzpBZqCi6cv5VBCdc1iNuBcAM74DnZHMDmeWAiW0WfACPJMQjCes21P6IUsP2gu+bV2f9qqqnP2a5voxzFHp1aclklzMiiZJBEB1Y3UNz0ZG7A43hsOAE0/fJ9o=,iv:kY10PF5ErkKHXx8m0OyX2eU6kcFQsrsP3V2scVBMsuA=,tag:Uth0XfP2c0LBJQ7+7Uc0BQ==,type:str] mac: ENC[AES256_GCM,data:5IcHdNQ/mh6Jz60dlpgqbBtVGKYml4EOs7YXsBcejgAoPzZqEK+xb3f9+rq2G6sCcMXzROHJsdQUfp1wMgfp8DwVm4H+XO+SQh/E1kFuWO8G/IpXOT4P9RQC+wHxrVuxHd8pwl9CLv6uuMnO+FNg9TeWB2GAVxIBsY8JHwGN/BA=,iv:/Yqfij58LGNooyyhmr8aWCpknd4dN+b4iSvokVoDGls=,tag:XHm8Qcg75B1+pTOcgZubIQ==,type:str]
pgp: pgp:
- created_at: "2022-10-12T16:48:23Z" - created_at: "2022-10-12T16:48:23Z"
enc: | enc: |

10
lib/default.nix
View file

@ -1,7 +1,6 @@
{ {
lib, lib,
nixpkgs, nixpkgs,
nixpkgs-unstable,
sops-nix, sops-nix,
tlaternet-webserver, tlaternet-webserver,
}: let }: let
@ -25,15 +24,6 @@ in {
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
tlaternet-webserver.nixosModules.default tlaternet-webserver.nixosModules.default
(import ../configuration) (import ../configuration)
{
nixpkgs.overlays = [
(self: super: {
matrix-conduit = nixpkgs-unstable.legacyPackages.${system}.matrix-conduit.override {
inherit (self) stdenv lib fetchFromGitLab rustPlatform pkg-config rocksdb;
};
})
];
}
] ]
++ extraModules; ++ extraModules;
}; };

59
pkgs/_sources_nextcloud/generated.json
View file

@ -7,9 +7,8 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96",
"sha256": "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE=", "type": "tarball",
"type": "url",
"url": "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz" "url": "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz"
}, },
"version": "v0.15.0" "version": "v0.15.0"
@ -22,12 +21,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx",
"sha256": "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz"
"url": "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz"
}, },
"version": "11.0.4" "version": "12.0.0"
}, },
"calendar": { "calendar": {
"cargoLocks": null, "cargoLocks": null,
@ -37,12 +35,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an",
"sha256": "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz"
"url": "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz"
}, },
"version": "v3.5.0" "version": "v4.2.0"
}, },
"contacts": { "contacts": {
"cargoLocks": null, "cargoLocks": null,
@ -52,12 +49,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8",
"sha256": "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz"
"url": "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz"
}, },
"version": "v4.2.2" "version": "v5.0.2"
}, },
"cookbook": { "cookbook": {
"cargoLocks": null, "cargoLocks": null,
@ -67,12 +63,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg",
"sha256": "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz"
"url": "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz"
}, },
"version": "0.9.17" "version": "0.10.1"
}, },
"news": { "news": {
"cargoLocks": null, "cargoLocks": null,
@ -82,12 +77,11 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7",
"sha256": "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz"
"url": "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz"
}, },
"version": "19.0.0" "version": "20.0.0"
}, },
"notes": { "notes": {
"cargoLocks": null, "cargoLocks": null,
@ -97,11 +91,10 @@
"passthru": null, "passthru": null,
"pinned": false, "pinned": false,
"src": { "src": {
"name": null, "sha256": "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl",
"sha256": "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk=", "type": "tarball",
"type": "url", "url": "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz"
"url": "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz"
}, },
"version": "v4.5.1" "version": "v4.6.0"
} }
} }

52
pkgs/_sources_nextcloud/generated.nix
View file

@ -4,57 +4,57 @@
apporder = { apporder = {
pname = "apporder"; pname = "apporder";
version = "v0.15.0"; version = "v0.15.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz"; url = "https://github.com/juliushaertl/apporder/releases/download/v0.15.0/apporder.tar.gz";
sha256 = "sha256-p3VWxTYDCO2NePq6oLM8tBVqYkvoB7itqxp7IZwGDnE="; sha256 = "1nx1vdwlqyy3x5vw2h2xx51hmv7gsp8mam1fj813yc3655js9m96";
}; };
}; };
bookmarks = { bookmarks = {
pname = "bookmarks"; pname = "bookmarks";
version = "11.0.4"; version = "12.0.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz"; url = "https://github.com/nextcloud/bookmarks/releases/download/v12.0.0/bookmarks-12.0.0.tar.gz";
sha256 = "sha256-URqtzaCx8FEZHCDP1wSBUFNs+x50jesRtWi+xOU1oXM="; sha256 = "0dkfjafbynkrymsq183sad7zynqr2qls0cld73nvzn3smnvdl2xx";
}; };
}; };
calendar = { calendar = {
pname = "calendar"; pname = "calendar";
version = "v3.5.0"; version = "v4.2.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud-releases/calendar/releases/download/v3.5.0/calendar-v3.5.0.tar.gz"; url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.2.0/calendar-v4.2.0.tar.gz";
sha256 = "sha256-+LRGl9h40AQdWN9SW+NqGwTafAGwV07Af8nVs3pUCm0="; sha256 = "06p92w2idml5g3zc0xhp25rpgkxm3d5pmxpx7dmqlqvw8r6z07an";
}; };
}; };
contacts = { contacts = {
pname = "contacts"; pname = "contacts";
version = "v4.2.2"; version = "v5.0.2";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud-releases/contacts/releases/download/v4.2.2/contacts-v4.2.2.tar.gz"; url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.0.2/contacts-v5.0.2.tar.gz";
sha256 = "sha256-GTiyZsUHBXPgQ17DHAihmt2W/ZnAjDwfgwnujkRwk6A="; sha256 = "097a71if6kkc7nphfc8b6llqlsskjwp1vg83134hzgfscvllvaj8";
}; };
}; };
cookbook = { cookbook = {
pname = "cookbook"; pname = "cookbook";
version = "0.9.17"; version = "0.10.1";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/cookbook/releases/download/v0.9.17/Cookbook-0.9.17.tar.gz"; url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz";
sha256 = "sha256-3lCqvmaMsgrFD5PzyHIcwxxGeC+qOMTGxbOi7nPFL6I="; sha256 = "1xpy060yi7pl8i91xjv2jj18yvsmjzwmv91y7i686qq8n2kc1fcg";
}; };
}; };
news = { news = {
pname = "news"; pname = "news";
version = "19.0.0"; version = "20.0.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/news/releases/download/19.0.0/news.tar.gz"; url = "https://github.com/nextcloud/news/releases/download/20.0.0/news.tar.gz";
sha256 = "sha256-lVF4H9v7bSw8137lfq4PsVg8e1TpcgvJVQU/UVQfSoY="; sha256 = "0pnriarr2iqci2v2hn6vpvszf4m4pkcxsd2i13bp7n1zqkg6swd7";
}; };
}; };
notes = { notes = {
pname = "notes"; pname = "notes";
version = "v4.5.1"; version = "v4.6.0";
src = fetchurl { src = fetchTarball {
url = "https://github.com/nextcloud/notes/releases/download/v4.5.1/notes.tar.gz"; url = "https://github.com/nextcloud/notes/releases/download/v4.6.0/notes.tar.gz";
sha256 = "sha256-rd3uVkVtARX4enRAWm1ivV468lboYZnYe7/zsqaHYpk="; sha256 = "1jcgv3awr45jq3n3qv851qlpbdl2plixba0iq2s54dmhciypdckl";
}; };
}; };
} }

4
pkgs/default.nix
View file

@ -2,7 +2,7 @@
pkgs, pkgs,
lib, lib,
}: let }: let
inherit (builtins) listToAttrs mapAttrs; inherit (builtins) fromJSON mapAttrs readFile;
inherit (pkgs) callPackage; inherit (pkgs) callPackage;
in in
{ {
@ -12,7 +12,7 @@ in
# Add nextcloud apps # Add nextcloud apps
let let
mkNextcloudApp = pkgs.callPackage ./mkNextcloudApp.nix {}; mkNextcloudApp = pkgs.callPackage ./mkNextcloudApp.nix {};
sources = pkgs.callPackage ./_sources_nextcloud/generated.nix {}; sources = fromJSON (readFile ./_sources_nextcloud/generated.json);
in in
mapAttrs (_: source: mkNextcloudApp source) sources mapAttrs (_: source: mkNextcloudApp source) sources
) )

15
pkgs/mkNextcloudApp.nix
View file

@ -1,13 +1,8 @@
{ {
fetchNextcloudApp, fetchNextcloudApp,
lib, lib,
}: let }: source:
inherit (lib) removePrefix; fetchNextcloudApp {
in url = source.src.url;
source: sha256 = source.src.sha256;
fetchNextcloudApp { }
name = source.pname;
version = removePrefix "v" source.version;
url = source.src.url;
sha256 = source.src.outputHash;
}

27
pkgs/nextcloud-apps.toml
View file

@ -1,35 +1,26 @@
[apporder]
src.github = "juliushaertl/apporder"
fetch.url = "https://github.com/juliushaertl/apporder/releases/download/$ver/apporder.tar.gz"
[bookmarks] [bookmarks]
src.github = "nextcloud/bookmarks" src.github = "nextcloud/bookmarks"
src.prefix = "v" src.prefix = "v"
fetch.url = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz"
[calendar] [calendar]
src.manual = "v3.5.0" # Pinned until we update to nextcloud 25 src.github = "nextcloud-releases/calendar"
# src.github = "nextcloud-releases/calendar" fetch.tarball = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz"
fetch.url = "https://github.com/nextcloud-releases/calendar/releases/download/$ver/calendar-$ver.tar.gz"
[contacts] [contacts]
src.manual = "v4.2.2" # Pinned until we update to nextcloud 25 src.github = "nextcloud-releases/contacts"
# src.github = "nextcloud-releases/contacts" fetch.tarball = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz"
fetch.url = "https://github.com/nextcloud-releases/contacts/releases/download/$ver/contacts-$ver.tar.gz"
[cookbook] [cookbook]
src.github_tag = "nextcloud/cookbook" src.github_tag = "nextcloud/cookbook"
src.prefix = "v" src.prefix = "v"
src.exclude_regex = 'v\d+\.\d+\.\d+-rc\d+' src.exclude_regex = 'v\d+\.\d+\.\d+-rc\d+'
fetch.url = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz" fetch.tarball = "https://github.com/nextcloud/cookbook/releases/download/v$ver/Cookbook-$ver.tar.gz"
[news] [news]
src.github = "nextcloud/news" src.github = "nextcloud/news"
# Sadly, the news app vendors things, and those are only included in fetch.tarball = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz"
# their tarball.
fetch.url = "https://github.com/nextcloud/news/releases/download/$ver/news.tar.gz"
[notes] [notes]
src.manual = "v4.5.1" # Pinned until we update to nextcloud 25 src.github = "nextcloud/notes"
# src.github = "nextcloud/notes" fetch.tarball = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz"
fetch.url = "https://github.com/nextcloud/notes/releases/download/$ver/notes.tar.gz"