diff --git a/configuration/default.nix b/configuration/default.nix index f69ec09..1f7a276 100644 --- a/configuration/default.nix +++ b/configuration/default.nix @@ -108,11 +108,14 @@ services.openssh = { enable = true; allowSFTP = false; - passwordAuthentication = false; - permitRootLogin = "no"; ports = [2222]; startWhenNeeded = true; - gatewayPorts = "yes"; + + settings = { + GatewayPorts = "yes"; + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; }; security = { diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix index 1d3308a..c636078 100644 --- a/configuration/services/gitea.nix +++ b/configuration/services/gitea.nix @@ -2,18 +2,19 @@ domain = "gitea.${config.services.nginx.domain}"; in { services.gitea = { - inherit domain; enable = true; - - httpAddress = "127.0.0.1"; database.type = "postgres"; - rootUrl = "https://${domain}/"; - appName = "Gitea: Git with a cup of tea"; settings = { - server.SSH_PORT = 2222; + server = { + DOMAIN = domain; + HTTP_ADDR = "127.0.0.1"; + ROOT_URL = "https://${domain}/"; + SSH_PORT = 2222; + }; + service.DISABLE_REGISTRATION = true; session.COOKIE_SECURE = true; }; @@ -21,7 +22,8 @@ in { # Set up SSL services.nginx.virtualHosts."${domain}" = let - inherit (config.services.gitea) httpAddress httpPort; + httpAddress = config.services.gitea.settings.server.HTTP_ADDR; + httpPort = config.services.gitea.settings.server.HTTP_PORT; in { forceSSL = true; enableACME = true; diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix index c25cfb2..207679a 100644 --- a/configuration/services/nextcloud.nix +++ b/configuration/services/nextcloud.nix @@ -1,9 +1,10 @@ { pkgs, config, + options, ... }: let - nextcloud = pkgs.nextcloud25; + nextcloud = pkgs.nextcloud26; hostName = "nextcloud.${config.services.nginx.domain}"; in { services.nextcloud = { @@ -27,6 +28,12 @@ in { defaultPhoneRegion = "AT"; }; + phpOptions = + options.services.nextcloud.phpOptions.default + // { + "opcache.interned_strings_buffer" = "16"; + }; + extraApps = { inherit (pkgs.local) bookmarks calendar contacts cookbook news notes; }; diff --git a/flake.lock b/flake.lock index 3fe3b91..590dec9 100644 --- a/flake.lock +++ b/flake.lock @@ -20,15 +20,16 @@ "crane": { "flake": false, "locked": { - "lastModified": 1670900067, - "narHash": "sha256-VXVa+KBfukhmWizaiGiHRVX/fuk66P8dgSFfkVN4/MY=", + "lastModified": 1681175776, + "narHash": "sha256-7SsUy9114fryHAZ8p1L6G6YSu7jjz55FddEwa2U8XZc=", "owner": "ipetkov", "repo": "crane", - "rev": "59b31b41a589c0a65e4a1f86b0e5eac68081468b", + "rev": "445a3d222947632b5593112bb817850e8a9cf737", "type": "github" }, "original": { "owner": "ipetkov", + "ref": "v0.12.1", "repo": "crane", "type": "github" } @@ -40,11 +41,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1674127017, - "narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=", + "lastModified": 1686747123, + "narHash": "sha256-XUQK9kwHpTeilHoad7L4LjMCCyY13Oq383CoFADecRE=", "owner": "serokell", "repo": "deploy-rs", - "rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77", + "rev": "724463b5a94daa810abfc64a4f87faef4e00f984", "type": "github" }, "original": { @@ -89,11 +90,11 @@ "pruned-racket-catalog": "pruned-racket-catalog" }, "locked": { - "lastModified": 1680605243, - "narHash": "sha256-dUrxj653kcLvjNKRI7NoTJoj+Q7G+vOYsl4iuwtnIWo=", + "lastModified": 1686064783, + "narHash": "sha256-qyptOk4vDut2JkRMJ+815eJNqqd8gIfjpz3l4WCCtMY=", "owner": "nix-community", "repo": "dream2nix", - "rev": "34a80ab215f1f24068ea9c76f3a7e5bc19478653", + "rev": "0c064fa9dd025069cc215b0a8b4eb5ea734aceb0", "type": "github" }, "original": { @@ -121,11 +122,11 @@ ] }, "locked": { - "lastModified": 1680172861, - "narHash": "sha256-QMyI338xRxaHFDlCXdLCtgelGQX2PdlagZALky4ZXJ8=", + "lastModified": 1680698112, + "narHash": "sha256-FgnobN/DvCjEsc0UAZEAdPLkL4IZi2ZMnu2K2bUaElc=", "owner": "davhau", "repo": "drv-parts", - "rev": "ced8a52f62b0a94244713df2225c05c85b416110", + "rev": "e8c2ec1157dc1edb002989669a0dbd935f430201", "type": "github" }, "original": { @@ -143,11 +144,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1681712564, - "narHash": "sha256-14QeQU5m1iJg4v+HnLnH1X5W2V1d0lHfaHxDJP/6aig=", + "lastModified": 1686637310, + "narHash": "sha256-sGfKyioVsxQppDM0eDO62wtFiz+bZOD0cBMMIEjqn4I=", "owner": "nix-community", "repo": "fenix", - "rev": "0d8c0d08db5fe6e5d995f4584f991ad60bbb1673", + "rev": "6fbeedcd2fc1fba77152e13fd7492824d77a4060", "type": "github" }, "original": { @@ -175,11 +176,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", "owner": "edolstra", "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { @@ -227,12 +228,15 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "lastModified": 1687171271, + "narHash": "sha256-BJlq+ozK2B1sJDQXS3tzJM5a+oVZmi1q0FlBK/Xqv7M=", "owner": "numtide", "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "rev": "abfb11bd1aec8ced1c9bb9adfe68018230f4fb3c", "type": "github" }, "original": { @@ -263,11 +267,11 @@ ] }, "locked": { - "lastModified": 1677026752, - "narHash": "sha256-cYeFDzb0kmKQhBuN0vYWoLulCqj3vf7QhvnsPBO66vc=", + "lastModified": 1688686059, + "narHash": "sha256-1q+xdGil+mVkIMHovLv8bkXvwLjk92X6t0bvTpZVYb0=", "owner": "reckenrode", "repo": "nix-foundryvtt", - "rev": "6c52bfc6824a3dba673df4894a71193ec32aa399", + "rev": "440d3502d17c45d8dfeee5c1833d1ff03525a07b", "type": "github" }, "original": { @@ -357,27 +361,27 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1681613598, - "narHash": "sha256-Ogkoma0ytYcDoMR2N7CZFABPo+i0NNo26dPngru9tPc=", + "lastModified": 1690066826, + "narHash": "sha256-6L2qb+Zc0BFkh72OS9uuX637gniOjzU6qCDBpjB2LGY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1040ce5f652b586da95dfd80d48a745e107b9eac", + "rev": "ce45b591975d070044ca24e3003c830d26fea1c8", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-22.11", + "ref": "release-23.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1681648924, - "narHash": "sha256-pzi3HISK8+7mpEtv08Yr80wswyHKsz+RP1CROG1Qf6s=", + "lastModified": 1690272529, + "narHash": "sha256-MakzcKXEdv/I4qJUtq/k/eG+rVmyOZLnYNC2w1mB59Y=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f294325aed382b66c7a188482101b0f336d1d7db", + "rev": "ef99fa5c5ed624460217c31ac4271cfb5cb2502c", "type": "github" }, "original": { @@ -404,16 +408,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1681696129, - "narHash": "sha256-Ba2y1lmsWmmAOAoTD5G9UnTS/UqV0ZFyzysgdfu7qag=", + "lastModified": 1690370995, + "narHash": "sha256-9z//23jGegLJrf3ITStLwVf715O39dq5u48Kr/XW14U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "de66115c552acc4e0c0f92c5a5efb32e37dfa216", + "rev": "f3fbbc36b4e179a5985b9ab12624e9dfe7989341", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } @@ -442,11 +446,11 @@ ] }, "locked": { - "lastModified": 1672979485, - "narHash": "sha256-LrY0K1yya3nvRlGDc98wm68ozVj7E6a1EXXEr7eHp8E=", + "lastModified": 1687440270, + "narHash": "sha256-aOAXvfVn+MBSkU+xlQEiyoGpRaF6NvQdpWIhw5OH/Dc=", "owner": "berberman", "repo": "nvfetcher", - "rev": "0a9ac5fd07b52467d81163b1f8c94c12e5c9aff9", + "rev": "44196458acc2c28c32e456c50277d6148e71e708", "type": "github" }, "original": { @@ -530,11 +534,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1681679582, - "narHash": "sha256-bijdVXzzfVSMHCjRuQ+PysNJt0Ei2mIhs+CPnR6yP4w=", + "lastModified": 1686586902, + "narHash": "sha256-+zfBFBmUxWutKbhdntI9uvF4D5Rh7BhcByM2l+ReyTw=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "bab80dae445fd576cb4cc22ba208e9fbc39dc18d", + "rev": "1f1fe81f0db301124b3026bd2940294526cdd852", "type": "github" }, "original": { @@ -552,11 +556,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1681721408, - "narHash": "sha256-NWCbZKOQEXz1hA2YDFxdd+fVrrw9edbG1DvbbLf7KUY=", + "lastModified": 1690199016, + "narHash": "sha256-yTLL72q6aqGmzHq+C3rDp3rIjno7EJZkFLof6Ika7cE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "de6514f8fe1b3c2b57307569a0898bc4be9ae1c5", + "rev": "c36df4fe4bf4bb87759b1891cab21e7a05219500", "type": "github" }, "original": { @@ -565,6 +569,21 @@ "type": "github" } }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "tlaternet-webserver": { "inputs": { "dream2nix": "dream2nix", @@ -574,11 +593,11 @@ ] }, "locked": { - "lastModified": 1681761148, - "narHash": "sha256-eub9HQGCCjxOc+u4p9Om8y5EcVlBJOQOoK4APxXAbhc=", + "lastModified": 1686688441, + "narHash": "sha256-rcqAQzExGu0uV9Din8yy+Nn8FQvG/Itm8hp66amDj6o=", "ref": "refs/heads/master", - "rev": "2ca66c4fe1b8cfdd5d873cadb2735cef555dacca", - "revCount": 62, + "rev": "c573a6f81827594ceeffbfa058659e2fc20e4a1e", + "revCount": 66, "type": "git", "url": "https://gitea.tlater.net/tlaternet/tlaternet.git" }, diff --git a/flake.nix b/flake.nix index 4c8a805..b6db610 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "tlater.net host configuration"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; deploy-rs.url = "github:serokell/deploy-rs"; sops-nix = { @@ -62,7 +62,6 @@ sshUser = "tlater"; sshOpts = ["-p" "2222" "-o" "ForwardAgent=yes"]; - fastConnection = true; }; ######### diff --git a/pkgs/_sources_nextcloud/generated.json b/pkgs/_sources_nextcloud/generated.json index 94d5c9a..e8bf16d 100644 --- a/pkgs/_sources_nextcloud/generated.json +++ b/pkgs/_sources_nextcloud/generated.json @@ -7,11 +7,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "1kdpma5f3rb9g29j364lqv6bkar5qgwlvcxmhpmzllwlkmjpc9w8", + "sha256": "sha256-aflxesvTOdNjPtHRtSPtImdmh4JmzM4s8iF5+lYYo3c=", "type": "tarball", - "url": "https://github.com/nextcloud/bookmarks/releases/download/v12.1.0/bookmarks-12.1.0.tar.gz" + "url": "https://github.com/nextcloud/bookmarks/releases/download/v13.0.1/bookmarks-13.0.1.tar.gz" }, - "version": "12.1.0" + "version": "13.0.1" }, "calendar": { "cargoLocks": null, @@ -21,11 +21,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "0xhrpadzz73rdjyk4y1xm5hwc6k104rlpp9nmw08pq8phpfs12qa", + "sha256": "sha256-OAsM65aBJUA8toRSr3/UsdSTq/Rgn43s4nOabqoEoAI=", "type": "tarball", - "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.3.3/calendar-v4.3.3.tar.gz" + "url": "https://github.com/nextcloud-releases/calendar/releases/download/v4.4.3/calendar-v4.4.3.tar.gz" }, - "version": "v4.3.3" + "version": "v4.4.3" }, "contacts": { "cargoLocks": null, @@ -35,11 +35,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "1rdql3m7pg9m044hppyrm3xw329y8h0pzwcmpcinjbjs0vqjssxk", + "sha256": "sha256-aG2wD4ioDYXwbyzZBpsEzz0PNvuF95V0JdJNw+kbMzk=", "type": "tarball", - "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.2.0/contacts-v5.2.0.tar.gz" + "url": "https://github.com/nextcloud-releases/contacts/releases/download/v5.3.2/contacts-v5.3.2.tar.gz" }, - "version": "v5.2.0" + "version": "v5.3.2" }, "cookbook": { "cargoLocks": null, @@ -49,7 +49,7 @@ "passthru": null, "pinned": false, "src": { - "sha256": "18rzvdqd99nlkk3p0y9y8b17ihw5c4c9wsx8psq6xadspm97002y", + "sha256": "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M=", "type": "tarball", "url": "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz" }, @@ -63,11 +63,11 @@ "passthru": null, "pinned": false, "src": { - "sha256": "026ggjf6dqbjv8hnj6jj1nnqz0256ck2yg13zhln7zc84lhfzlfd", + "sha256": "sha256-hhXPEITSbCiFs0o+TOsQnSasXBpjU9mA/OFsbzuaCPw=", "type": "tarball", - "url": "https://github.com/nextcloud/news/releases/download/21.1.0/news.tar.gz" + "url": "https://github.com/nextcloud/news/releases/download/22.0.0/news.tar.gz" }, - "version": "21.1.0" + "version": "22.0.0" }, "notes": { "cargoLocks": null, @@ -77,10 +77,10 @@ "passthru": null, "pinned": false, "src": { - "sha256": "0klqf8dixrrb8yp8cc60ggnvhmqb3yh9f6y1281jn8ia5jml622v", + "sha256": "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw=", "type": "tarball", - "url": "https://github.com/nextcloud/notes/releases/download/v4.7.2/notes.tar.gz" + "url": "https://github.com/nextcloud/notes/releases/download/v4.8.1/notes.tar.gz" }, - "version": "v4.7.2" + "version": "v4.8.1" } } \ No newline at end of file diff --git a/pkgs/_sources_nextcloud/generated.nix b/pkgs/_sources_nextcloud/generated.nix index c29f6b5..bab2e14 100644 --- a/pkgs/_sources_nextcloud/generated.nix +++ b/pkgs/_sources_nextcloud/generated.nix @@ -3,26 +3,26 @@ { bookmarks = { pname = "bookmarks"; - version = "12.1.0"; + version = "13.0.1"; src = fetchTarball { - url = "https://github.com/nextcloud/bookmarks/releases/download/v12.1.0/bookmarks-12.1.0.tar.gz"; - sha256 = "1kdpma5f3rb9g29j364lqv6bkar5qgwlvcxmhpmzllwlkmjpc9w8"; + url = "https://github.com/nextcloud/bookmarks/releases/download/v13.0.1/bookmarks-13.0.1.tar.gz"; + sha256 = "sha256-aflxesvTOdNjPtHRtSPtImdmh4JmzM4s8iF5+lYYo3c="; }; }; calendar = { pname = "calendar"; - version = "v4.3.3"; + version = "v4.4.3"; src = fetchTarball { - url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.3.3/calendar-v4.3.3.tar.gz"; - sha256 = "0xhrpadzz73rdjyk4y1xm5hwc6k104rlpp9nmw08pq8phpfs12qa"; + url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.4.3/calendar-v4.4.3.tar.gz"; + sha256 = "sha256-OAsM65aBJUA8toRSr3/UsdSTq/Rgn43s4nOabqoEoAI="; }; }; contacts = { pname = "contacts"; - version = "v5.2.0"; + version = "v5.3.2"; src = fetchTarball { - url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.2.0/contacts-v5.2.0.tar.gz"; - sha256 = "1rdql3m7pg9m044hppyrm3xw329y8h0pzwcmpcinjbjs0vqjssxk"; + url = "https://github.com/nextcloud-releases/contacts/releases/download/v5.3.2/contacts-v5.3.2.tar.gz"; + sha256 = "sha256-aG2wD4ioDYXwbyzZBpsEzz0PNvuF95V0JdJNw+kbMzk="; }; }; cookbook = { @@ -30,23 +30,23 @@ version = "0.10.2"; src = fetchTarball { url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.2/Cookbook-0.10.2.tar.gz"; - sha256 = "18rzvdqd99nlkk3p0y9y8b17ihw5c4c9wsx8psq6xadspm97002y"; + sha256 = "sha256-XgBwUr26qW6wvqhrnhhhhcN4wkI+eXDHnNSm1HDbP6M="; }; }; news = { pname = "news"; - version = "21.1.0"; + version = "22.0.0"; src = fetchTarball { - url = "https://github.com/nextcloud/news/releases/download/21.1.0/news.tar.gz"; - sha256 = "026ggjf6dqbjv8hnj6jj1nnqz0256ck2yg13zhln7zc84lhfzlfd"; + url = "https://github.com/nextcloud/news/releases/download/22.0.0/news.tar.gz"; + sha256 = "sha256-hhXPEITSbCiFs0o+TOsQnSasXBpjU9mA/OFsbzuaCPw="; }; }; notes = { pname = "notes"; - version = "v4.7.2"; + version = "v4.8.1"; src = fetchTarball { - url = "https://github.com/nextcloud/notes/releases/download/v4.7.2/notes.tar.gz"; - sha256 = "0klqf8dixrrb8yp8cc60ggnvhmqb3yh9f6y1281jn8ia5jml622v"; + url = "https://github.com/nextcloud/notes/releases/download/v4.8.1/notes.tar.gz"; + sha256 = "sha256-7GkTGyGTvtDbZsq/zOdbBE7xh6DZO183W6I5XX1ekbw="; }; }; } diff --git a/pkgs/nextcloud-apps.toml b/pkgs/nextcloud-apps.toml index 709633d..69bccdc 100644 --- a/pkgs/nextcloud-apps.toml +++ b/pkgs/nextcloud-apps.toml @@ -1,8 +1,6 @@ [bookmarks] -# src.github = "nextcloud/bookmarks" +src.github = "nextcloud/bookmarks" src.prefix = "v" -# TODO(tlater): Remove when we update to nextcloud 26 -src.manual = "v12.1.0" fetch.tarball = "https://github.com/nextcloud/bookmarks/releases/download/v$ver/bookmarks-$ver.tar.gz" [calendar]