From 884bfdaa00f9353d3f0d79eb39618243ad619ff2 Mon Sep 17 00:00:00 2001 From: Nathan McCarty Date: Mon, 30 May 2022 21:47:04 -0400 Subject: [PATCH] Update to nixos 22.05 --- flake.lock | 116 ++++++++++------------------- flake.nix | 6 +- machines/oracles.nix | 8 +- machines/shadowchild.nix | 2 +- system-specific/matrix/gitea.nix | 2 +- system-specific/matrix/matrix.nix | 62 +++++++-------- system-specific/oracles/gitea.nix | 2 +- system-specific/oracles/matrix.nix | 50 +++++++------ 8 files changed, 109 insertions(+), 139 deletions(-) diff --git a/flake.lock b/flake.lock index 697a73f..39edc21 100644 --- a/flake.lock +++ b/flake.lock @@ -62,11 +62,11 @@ ] }, "locked": { - "lastModified": 1653452277, - "narHash": "sha256-brrORMUToSSoFGfSeVAJ7cRq+e03lWBztSPRqgbkRtg=", + "lastModified": 1653939718, + "narHash": "sha256-TrcymZYYwTr56ff/Ot5P0ZkvDAXXXtrahwCnB9OYZnA=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "2a9b6c9109e73e7c2c3b5de32577a1365926524c", + "rev": "97caa1df840ca614698e3e286a0a27916306234e", "type": "github" }, "original": { @@ -161,11 +161,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1653460119, - "narHash": "sha256-tP4mnBaE/2yehchIeRrCueF2NLS1G2XKGKq+q/oG0+o=", + "lastModified": 1653892373, + "narHash": "sha256-eEQXz5OPfyl8XrpTZhppJ+LSYNerX5m0pm1c/PWt2+Y=", "owner": "nix-community", "repo": "fenix", - "rev": "9a49d754de250ad696e49c9ae4ce4561ffe3fc38", + "rev": "2274b8fe08d8e98bb631a705291afa079f4290ea", "type": "github" }, "original": { @@ -177,11 +177,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1648199409, - "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=", + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", "owner": "edolstra", "repo": "flake-compat", - "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", "type": "github" }, "original": { @@ -192,11 +192,11 @@ }, "flake-utils": { "locked": { - "lastModified": 1652776076, - "narHash": "sha256-gzTw/v1vj4dOVbpBSJX4J0DwUR6LIyXo7/SuuTJp1kM=", + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", "type": "github" }, "original": { @@ -244,11 +244,11 @@ ] }, "locked": { - "lastModified": 1653340164, - "narHash": "sha256-t6BPApyasx6FOv2cEVyFBXvkEDrknyUe7bngMbNSBkA=", + "lastModified": 1653943687, + "narHash": "sha256-xXW9t24HLf89+n/92kOqRRfOBE3KDna+9rAOefs5WSQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "e66f0ff69a6c0698b35034b842c4b68814440778", + "rev": "8f3e26705178cc8c1d982d37d881fc0d5b5b1837", "type": "github" }, "original": { @@ -348,11 +348,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1653060744, - "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=", + "lastModified": 1653581809, + "narHash": "sha256-Uvka0V5MTGbeOfWte25+tfRL3moECDh1VwokWSZUdoY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "dfd82985c273aac6eced03625f454b334daae2e8", + "rev": "83658b28fe638a170a19b8933aa008b30640fbd1", "type": "github" }, "original": { @@ -364,11 +364,11 @@ }, "nixpkgs-21_11": { "locked": { - "lastModified": 1653132211, - "narHash": "sha256-5ugEYisGqixwarfn3BJvuWDnO6gT/AoxlsA6jnG8Fv8=", + "lastModified": 1653819578, + "narHash": "sha256-a1vaUl6VZz1NsWxMw0i5lRyHIOVUIuMZdQzV+4s+rY8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b5991e4971523a5fcc9413b9003b58e5c15aa7d8", + "rev": "baa82d4b626288c7439eeea073a18aabbe435991", "type": "github" }, "original": { @@ -380,11 +380,11 @@ }, "nixpkgs-22_05": { "locked": { - "lastModified": 1653460991, - "narHash": "sha256-8MgFe84UUKw5k5MybirNH0S+oSluN2cRQGt+ZkW+dxQ=", + "lastModified": 1653822412, + "narHash": "sha256-xZwMDQ8MdNiTwE8dcKAX1h3qCmLtuudNGxmFUX3xIes=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c3bf3a5c3ab6be29138b88900c417660a284fbd", + "rev": "db78278ff296cf21eca7e8c08ee99707387a54fa", "type": "github" }, "original": { @@ -394,29 +394,13 @@ "type": "github" } }, - "nixpkgs-staging": { - "locked": { - "lastModified": 1653437856, - "narHash": "sha256-ONO0zbEhvFjVIbIMnYsq0GjGrKSZuKjLqZhEw2Zqoh4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1774dcc1ca62f9deb31f776512e9482bcaf56192", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "staging-next-22.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-unstable": { "locked": { - "lastModified": 1653060744, - "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=", + "lastModified": 1653845079, + "narHash": "sha256-7ghaQZ+7JXLI9FgNH8+RQHAt3/ubT92j8NtjZleP6t4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "dfd82985c273aac6eced03625f454b334daae2e8", + "rev": "b62ada430501de88dfbb08cea4eb98ead3a5e3e7", "type": "github" }, "original": { @@ -428,16 +412,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1653087707, - "narHash": "sha256-zfno3snrzZTWQ2B7K53QHrGZwrjnJLTRPalymrSsziU=", + "lastModified": 1653819559, + "narHash": "sha256-KzIZ1uaLR7vsBlcT0VWd8toFTC3yunSveNK+l2MQqrI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cbd40c72b2603ab54e7208f99f9b35fc158bc009", + "rev": "2a64cd672b2706fbca461870cc9ac708b49d9016", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-21.11", + "ref": "nixos-22.05", "repo": "nixpkgs", "type": "github" } @@ -544,15 +528,14 @@ "libnbtplusplus": "libnbtplusplus", "nixpkgs": [ "nixpkgs-unstable" - ], - "quazip": "quazip" + ] }, "locked": { - "lastModified": 1653418399, - "narHash": "sha256-YCbJAi/AWqk++qg8ADvXke0ghO1A1iigCx9Fq1rN5m0=", + "lastModified": 1653910862, + "narHash": "sha256-VZxKKsMfo9GbvYviWV4+9PFhxPswvZbB/gUPZVdh8A0=", "owner": "PolyMC", "repo": "PolyMC", - "rev": "e8b7e70ec95a7398b89c805ef3302ea08b6ca142", + "rev": "9054ee18a1d472dd201cec870c77530d218167de", "type": "github" }, "original": { @@ -561,22 +544,6 @@ "type": "github" } }, - "quazip": { - "flake": false, - "locked": { - "lastModified": 1643049383, - "narHash": "sha256-LcJY6yd6GyeL7X5MP4L94diceM1TYespWByliBsjK98=", - "owner": "stachenov", - "repo": "quazip", - "rev": "09ec1d10c6d627f895109b21728dda000cbfa7d1", - "type": "github" - }, - "original": { - "owner": "stachenov", - "repo": "quazip", - "type": "github" - } - }, "revealjs": { "flake": false, "locked": { @@ -602,7 +569,6 @@ "mozilla": "mozilla", "nix-doom-emacs": "nix-doom-emacs", "nixpkgs": "nixpkgs_2", - "nixpkgs-staging": "nixpkgs-staging", "nixpkgs-unstable": "nixpkgs-unstable", "polymc": "polymc", "sops-nix": "sops-nix" @@ -627,11 +593,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1653426632, - "narHash": "sha256-hDUT+zbzU7SOJJr3VoKiDLJLubu7x6ggDfJ2rzYnYxY=", + "lastModified": 1653813915, + "narHash": "sha256-E/zm2RipGRBFY6+9O7ADEb5X8hdTC7iIl6M9xYdg3Fg=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "d7c147406eff20783abba6ff1fe250ecc44cf800", + "rev": "f94fa62d69faf5bd63b3772d3ec4f0c76cf2db57", "type": "github" }, "original": { @@ -650,11 +616,11 @@ "nixpkgs-22_05": "nixpkgs-22_05" }, "locked": { - "lastModified": 1653462763, - "narHash": "sha256-n0beO7WNvAeEtTtnetzQCaGs615tU/DfM97k8r/7bUw=", + "lastModified": 1653827546, + "narHash": "sha256-va51HFf7UwktvriIbe9pjRPMr7p8IaxrwcDlZe7twzI=", "owner": "Mic92", "repo": "sops-nix", - "rev": "7385b12722ce903e477878147794bed9040227e2", + "rev": "36b5901782e7fbfc191cace910f67f8b8743f678", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 6e1990c..d735235 100644 --- a/flake.nix +++ b/flake.nix @@ -2,9 +2,8 @@ description = "Nathan's system configurations"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; - nixpkgs-staging.url = "github:NixOS/nixpkgs/staging-next-22.05"; fenix = { url = "github:nix-community/fenix"; inputs.nixpgks.follows = "nixpkgs"; @@ -44,7 +43,6 @@ { self , nixpkgs , nixpkgs-unstable - , nixpkgs-staging , fenix , emacs , mozilla @@ -154,7 +152,7 @@ in { nixosConfigurations = { - levitation = nixpkgs-staging.lib.nixosSystem { + levitation = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { unstable = import nixpkgs-unstable { diff --git a/machines/oracles.nix b/machines/oracles.nix index fd8590f..ef3a623 100644 --- a/machines/oracles.nix +++ b/machines/oracles.nix @@ -33,10 +33,12 @@ recommendedProxySettings = true; }; security.acme = { - email = "nathan@mccarty.io"; + defaults.email = "nathan@mccarty.io"; acceptTerms = true; }; # Redis - services.redis.enable = true; - services.redis.bind = "172.23.108.12"; + services.redis.servers.main = { + enable = true; + bind = "172.23.108.12"; + }; } diff --git a/machines/shadowchild.nix b/machines/shadowchild.nix index 1635043..bca9cc2 100644 --- a/machines/shadowchild.nix +++ b/machines/shadowchild.nix @@ -7,7 +7,7 @@ networking.firewall.allowPing = true; # Turn on nginx so we can get a lets encrypt cert - security.acme.email = "nathan@mccarty.io"; + security.acme.defaults.email = "nathan@mccarty.io"; security.acme.acceptTerms = true; services.nginx = { diff --git a/system-specific/matrix/gitea.nix b/system-specific/matrix/gitea.nix index 974b01a..edee9c4 100644 --- a/system-specific/matrix/gitea.nix +++ b/system-specific/matrix/gitea.nix @@ -27,7 +27,7 @@ description = "Create the network bridge woodpecker-br for filerun."; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - before = [ "docker-woodpecker-server" ]; + before = [ "docker-woodpecker-server.service" ]; serviceConfig.Type = "oneshot"; script = diff --git a/system-specific/matrix/matrix.nix b/system-specific/matrix/matrix.nix index fad4cce..4e0845a 100644 --- a/system-specific/matrix/matrix.nix +++ b/system-specific/matrix/matrix.nix @@ -19,7 +19,7 @@ in LC_CTYPE = "C"; ''; # configure cert email - security.acme.email = "thatonelutenist@protonmail.com"; + security.acme.defaults.email = "thatonelutenist@protonmail.com"; security.acme.acceptTerms = true; # Enable nginx services.nginx = { @@ -404,34 +404,36 @@ in services.matrix-synapse = { enable = true; - server_name = config.networking.domain; - public_baseurl = "https://matrix.community.rs"; - listeners = [ - { - port = 8008; - bind_address = "0.0.0.0"; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = false; - } - ]; - } - ]; - enable_registration = true; - enable_registration_captcha = true; - allow_guest_access = false; - extraConfig = '' - allow_public_rooms_over_federation: true - experimental_features: { spaces_enabled: true } - auto_join_rooms: [ "#space:community.rs" , "#rust:community.rs" , "#rules:community.rs" , "#info:community.rs" ] - ''; - turn_uris = [ "turn:turn.community.rs:3478?transport=udp" "turn:turn.community.rs:3478?transport=tcp" ]; - turn_user_lifetime = "1h"; - # Configure secrets - extraConfigFiles = [ config.sops.secrets."matrix-secrets.yaml".path ]; + settings = { + server_name = config.networking.domain; + public_baseurl = "https://matrix.community.rs"; + listeners = [ + { + port = 8008; + bind_addresses = [ "0.0.0.0" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" "federation" ]; + compress = false; + } + ]; + } + ]; + enable_registration = true; + enable_registration_captcha = true; + allow_guest_access = false; + extraConfig = '' + allow_public_rooms_over_federation: true + experimental_features: { spaces_enabled: true } + auto_join_rooms: [ "#space:community.rs" , "#rust:community.rs" , "#rules:community.rs" , "#info:community.rs" ] + ''; + turn_uris = [ "turn:turn.community.rs:3478?transport=udp" "turn:turn.community.rs:3478?transport=tcp" ]; + turn_user_lifetime = "1h"; + # Configure secrets + extraConfigFiles = [ config.sops.secrets."matrix-secrets.yaml".path ]; + }; }; } diff --git a/system-specific/oracles/gitea.nix b/system-specific/oracles/gitea.nix index 640b14f..b9512a3 100644 --- a/system-specific/oracles/gitea.nix +++ b/system-specific/oracles/gitea.nix @@ -28,7 +28,7 @@ description = "Create the network bridge woodpecker-br for filerun."; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - before = [ "docker-woodpecker-server" ]; + before = [ "docker-woodpecker-server.service" ]; serviceConfig.Type = "oneshot"; script = diff --git a/system-specific/oracles/matrix.nix b/system-specific/oracles/matrix.nix index 095ae3e..86e54e4 100644 --- a/system-specific/oracles/matrix.nix +++ b/system-specific/oracles/matrix.nix @@ -37,29 +37,31 @@ services.matrix-synapse = { enable = true; - enable_registration = true; - server_name = "mccarty.io"; - listeners = [ - { - port = 8008; - bind_address = "::1"; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = false; - } - ]; - } - ]; - database_user = "matrix-synapse"; - database_name = "synapse"; - extraConfig = '' - ip_range_whitelist: - - '172.23.0.0/16' - registration_requires_token: true - ''; + settings = { + enable_registration = true; + server_name = "mccarty.io"; + listeners = [ + { + port = 8008; + bind_addresses = [ "::1" ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = [ "client" "federation" ]; + compress = false; + } + ]; + } + ]; + database_user = "matrix-synapse"; + database_name = "synapse"; + extraConfig = '' + ip_range_whitelist: + - '172.23.0.0/16' + registration_requires_token: true + ''; + }; }; }