From 6085f86d2a39c5c8d8c8f256fe2650f02e6ff368 Mon Sep 17 00:00:00 2001 From: stuebinm Date: Mon, 29 May 2023 02:13:36 +0200 Subject: initial jump to nixos 23.05 --- chaski/configuration.nix | 9 +-- chaski/services/chat.nix | 1 + chaski/services/gtfs.zip | Bin 38165 -> 61958 bytes common/desktop.nix | 2 + common/headless.nix | 8 +- cyberbox/configuration.nix | 1 - flake.lock | 132 ++++++++----------------------- flake.nix | 8 +- flora/configuration.nix | 1 - flora/services/akkoma.nix | 24 +----- home/home.nix | 2 +- ilex/configuration.nix | 4 +- modules/crs-tools.nix | 4 +- pkgs/0002-fix-django-version-bound.patch | 25 ++++++ pkgs/glitchtip.nix | 6 +- pkgs/overlay.nix | 16 ++-- pkgs/travelynx.nix | 4 +- surltesh-echer/configuration.nix | 1 - 18 files changed, 93 insertions(+), 155 deletions(-) create mode 100644 pkgs/0002-fix-django-version-bound.patch diff --git a/chaski/configuration.nix b/chaski/configuration.nix index cbc2e91..c6141fc 100644 --- a/chaski/configuration.nix +++ b/chaski/configuration.nix @@ -8,7 +8,7 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - ./services/uplcg.nix + # ./services/uplcg.nix ./services/tracktrain.nix ./services/chat.nix ./services/bahnhof-name.nix @@ -19,7 +19,6 @@ # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; boot.loader.grub.devices = [ "/dev/sda" ]; networking = { @@ -44,11 +43,5 @@ firewall.allowedTCPPorts = [ 80 443 ]; }; - services.nix-serve = { - enable = true; - openFirewall = true; - }; - - system.stateVersion = "20.09"; # Did you read the comment? } diff --git a/chaski/services/chat.nix b/chaski/services/chat.nix index df3f4bb..6d26ada 100644 --- a/chaski/services/chat.nix +++ b/chaski/services/chat.nix @@ -7,6 +7,7 @@ imports = [ inputs.home-manager.nixosModule ]; programs.mosh.enable = true; + programs.fish.enable = true; users.users.chat = { isNormalUser = true; home = "/home/chat"; diff --git a/chaski/services/gtfs.zip b/chaski/services/gtfs.zip index 463603a..e0b8fc3 100644 Binary files a/chaski/services/gtfs.zip and b/chaski/services/gtfs.zip differ diff --git a/common/desktop.nix b/common/desktop.nix index c97b3b9..376bd87 100644 --- a/common/desktop.nix +++ b/common/desktop.nix @@ -24,6 +24,8 @@ drivers = [ pkgs.epson-escpr2 pkgs.epson-escpr ]; }; + programs.fish.enable = true; + users.mutableUsers = false; users.defaultUserShell = pkgs.fish; users.users.stuebinm = { diff --git a/common/headless.nix b/common/headless.nix index 25c668b..396ded0 100644 --- a/common/headless.nix +++ b/common/headless.nix @@ -18,8 +18,10 @@ services.openssh = { enable = true; - permitRootLogin = "prohibit-password"; - passwordAuthentication = false; + settings = { + PermitRootLogin = "prohibit-password"; + PasswordAuthentication = false; + }; }; security.sudo.enable = false; @@ -35,7 +37,7 @@ bantime-increment.enable = true; bantime-increment.overalljails = true; bantime-increment.maxtime = "1312m"; - ignoreIP = [ "185.39.64.13" ]; + maxretry = 20; }; services.logrotate = { diff --git a/cyberbox/configuration.nix b/cyberbox/configuration.nix index 12b22ae..430dbad 100644 --- a/cyberbox/configuration.nix +++ b/cyberbox/configuration.nix @@ -17,7 +17,6 @@ # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only networking = { diff --git a/flake.lock b/flake.lock index b976202..184f197 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1682063650, - "narHash": "sha256-VaDHh2z6xlnTHaONlNVHP7qEMcK5rZ8Js3sT6mKb2XY=", + "lastModified": 1683779844, + "narHash": "sha256-sIeOU0GsCeQEn5TpqE/jFRN4EGsPsjqVRsPdrzIDABM=", "owner": "serokell", "repo": "deploy-rs", - "rev": "c2ea4e642dc50fd44b537e9860ec95867af30d39", + "rev": "c80189917086e43d49eece2bd86f56813500a0eb", "type": "github" }, "original": { @@ -86,26 +86,6 @@ "type": "github" } }, - "emacs-overlay": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1676308357, - "narHash": "sha256-iHlVbnn/WkEbBF41YIMVBTWf/ldMCVrHKpL1nRO31R0=", - "owner": "nix-community", - "repo": "emacs-overlay", - "rev": "d938b780a3d8072aeac0178c46121060079ff217", - "type": "gitlab" - }, - "original": { - "owner": "nix-community", - "repo": "emacs-overlay", - "rev": "d938b780a3d8072aeac0178c46121060079ff217", - "type": "gitlab" - } - }, "feeds": { "flake": false, "locked": { @@ -152,21 +132,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "inputs": { "systems": "systems" }, @@ -205,20 +170,19 @@ "inputs": { "nixpkgs": [ "nixpkgs" - ], - "utils": "utils_2" + ] }, "locked": { - "lastModified": 1681092193, - "narHash": "sha256-JerCqqOqbT2tBnXQW4EqwFl0hHnuZp21rIQ6lu/N4rI=", + "lastModified": 1685189510, + "narHash": "sha256-Hq5WF7zIixojPgvhgcd6MBvywwycVZ9wpK/8ogOyoaA=", "owner": "nix-community", "repo": "home-manager", - "rev": "f9edbedaf015013eb35f8caacbe0c9666bbc16af", + "rev": "2d963854ae2499193c0c72fd67435fee34d3e4fd", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-22.11", + "ref": "master", "repo": "home-manager", "type": "github" } @@ -256,16 +220,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1673540789, - "narHash": "sha256-xqnxBOK3qctIeUVxecydrEDbEXjsvHCPGPbvsl63M/U=", + "lastModified": 1685302407, + "narHash": "sha256-GaH2fAOQOSJehr085tMNaE2LPTbVRI7burGZUVeSfmQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0f213d0fee84280d8c3a97f7469b988d6fe5fcdf", + "rev": "b2ea8027e4d43b652293448eeafe564b53ca2a94", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "release-23.05", "repo": "nixpkgs", "type": "github" } @@ -287,11 +251,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1682109806, - "narHash": "sha256-d9g7RKNShMLboTWwukM+RObDWWpHKaqTYXB48clBWXI=", + "lastModified": 1685012353, + "narHash": "sha256-U3oOge4cHnav8OLGdRVhL45xoRj4Ppd+It6nPC9nNIU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2362848adf8def2866fabbffc50462e929d7fffb", + "rev": "aeb75dba965e790de427b73315d5addf91a54955", "type": "github" }, "original": { @@ -302,22 +266,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1682420296, - "narHash": "sha256-z4o4LlrraR31cxUcHb8/TsSBvtLa/+k/I3FxPnNNDWo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7cca4067c6967814d853270297cdc3bc25b5c58b", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-22.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1670751203, "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=", @@ -354,13 +302,12 @@ "bahnhof-name": "bahnhof-name", "blog": "blog", "deploy-rs": "deploy-rs", - "emacs-overlay": "emacs-overlay", "feeds": "feeds", "gtfsBooks": "gtfsBooks", "home-manager": "home-manager", "isabelle-utils": "isabelle-utils", "nix-gleam": "nix-gleam", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "playground": "playground", "rust-overlay": "rust-overlay", @@ -375,17 +322,17 @@ }, "rust-overlay": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1682389182, - "narHash": "sha256-8t2nmFnH+8V48+IJsf8AK51ebXNlVbOSVYOpiqJKvJE=", + "lastModified": 1685240871, + "narHash": "sha256-bOCbP0lWTjhmrPcdyuFD/yx/38CKkzC2TNXmBzZSLJA=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "74f1a64dd28faeeb85ef081f32cad2989850322c", + "rev": "aa1b08de9ca770534ad750dccc70cebd95c15e26", "type": "github" }, "original": { @@ -415,16 +362,16 @@ "inputs": { "blobs": "blobs", "flake-compat": "flake-compat_2", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "nixpkgs-22_11": "nixpkgs-22_11", - "utils": "utils_3" + "utils": "utils_2" }, "locked": { - "lastModified": 1671738303, - "narHash": "sha256-PRgqtaWf2kMSYqVmcnmhTh+UsC0RmvXRTr+EOw5VZUA=", + "lastModified": 1684964237, + "narHash": "sha256-dDS+GhdZN2MAa2FJKFGM2gpgAXhx+xoMkpVsRx9qpDE=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "6d0d9fb966cc565a3df74d3b686f924c7615118c", + "rev": "1bcfcf786bc289ca1bd2c9d29d6f02d9141b1da3", "type": "gitlab" }, "original": { @@ -444,11 +391,11 @@ ] }, "locked": { - "lastModified": 1682338428, - "narHash": "sha256-T7AL/Us6ecxowjMAlO77GETTQO2SO+1XX2+Y/OSfHk8=", + "lastModified": 1685242617, + "narHash": "sha256-UBPXGfGwGMJm2Wj9kDj8+TMMK2PTouSM/TpiXYtaqtQ=", "owner": "Mic92", "repo": "sops-nix", - "rev": "7c8e9727a2ecf9994d4a63d577ad5327e933b6a4", + "rev": "3e016341d4dca6ce7c62316f90e66341841a30f9", "type": "github" }, "original": { @@ -475,11 +422,11 @@ "tracktrain": { "flake": false, "locked": { - "lastModified": 1678972003, - "narHash": "sha256-LcygaLOmX4YPn2mh312Jw3ZpFu7T/4w2+SyqgSl5Qlw=", + "lastModified": 1685134031, + "narHash": "sha256-pue+T755mMbzBmYL6nspiHaFvbKrjfG9I3XxhRegN7U=", "ref": "main", - "rev": "bd81153b3be98e6c8d514b2bfdd731637d821414", - "revCount": 86, + "rev": "c0128f357b5268cd31969b8ff630db3ccb3681de", + "revCount": 91, "type": "git", "url": "https://stuebinm.eu/git/tracktrain" }, @@ -539,21 +486,6 @@ } }, "utils_2": { - "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_3": { "locked": { "lastModified": 1605370193, "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", diff --git a/flake.nix b/flake.nix index 9bfce9b..0d902d1 100644 --- a/flake.nix +++ b/flake.nix @@ -2,17 +2,15 @@ description = "testing nix flakes for server deployment"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/release-22.11"; + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; - home-manager.url = "github:nix-community/home-manager/release-22.11"; + home-manager.url = "github:nix-community/home-manager/master"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; - emacs-overlay.url = - "gitlab:nix-community/emacs-overlay?rev=d938b780a3d8072aeac0178c46121060079ff217"; rust-overlay.url = "github:oxalica/rust-overlay"; rust-overlay.inputs.nixpkgs.follows = "nixpkgs"; sops-nix.url = "github:Mic92/sops-nix"; @@ -134,7 +132,7 @@ inherit (nixpkgs) galmon-core galmon-full glitchtip typst almanac kijetesantakaluotokieni showrt isabelle-utils isabat emacs29 - crs-tools travelynx; + travelynx crs-tracker crs-php bahnhof-name; }; nixosModules = { glitchtip = import ./modules/glitchtip.nix; }; diff --git a/flora/configuration.nix b/flora/configuration.nix index 954e5e6..82c08f5 100644 --- a/flora/configuration.nix +++ b/flora/configuration.nix @@ -16,7 +16,6 @@ # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; boot.loader.grub.devices = [ "/dev/sda" ]; sops.defaultSopsFile = ../secrets/flora.yaml; diff --git a/flora/services/akkoma.nix b/flora/services/akkoma.nix index 688b5ec..3d031ee 100644 --- a/flora/services/akkoma.nix +++ b/flora/services/akkoma.nix @@ -2,13 +2,6 @@ let - unstable = import inputs.nixpkgs-unstable { - inherit system; - overlays = [ (self: super: rec { - beamPackages = super.beam.packagesWith super.erlang_nox; - elixir = beamPackages.elixir_1_13; - }) ]; - }; staticDir = "/var/lib/akkoma/static"; inherit ((pkgs.formats.elixirConf {}).lib) mkAtom mkTuple; in @@ -39,32 +32,19 @@ in # so disable it here or this won't build at all. documentation.enable = false; - imports = [ - ("${inputs.nixpkgs-unstable}/nixos/modules/services/web-apps/akkoma.nix") - ]; - - # the pleroma_ctl wrapper uses pkgs.elixir, which without this is not the same - # as akkoma's elixir - nixpkgs.overlays = [ - (self: super: { - elixir = unstable.beamPackages.elixir_1_13; - }) - ]; - system.stateVersion = "22.11"; services.akkoma = { enable = true; - package = unstable.akkoma; frontends = { primary = { - package = unstable.akkoma-frontends.akkoma-fe; + package = pkgs.akkoma-frontends.akkoma-fe; name = "pleroma-fe"; ref = "stable"; }; admin = { - package = unstable.akkoma-frontends.admin-fe; + package = pkgs.akkoma-frontends.admin-fe; name = "admin-fe"; ref = "stable"; }; diff --git a/home/home.nix b/home/home.nix index ed171d4..237279c 100644 --- a/home/home.nix +++ b/home/home.nix @@ -306,7 +306,7 @@ }; - programs.mako = { + services.mako = { enable = true; backgroundColor = "#ff00ff80"; borderColor = "#ff00ff"; diff --git a/ilex/configuration.nix b/ilex/configuration.nix index 3988e81..402e967 100644 --- a/ilex/configuration.nix +++ b/ilex/configuration.nix @@ -15,7 +15,7 @@ networking.firewall.allowedTCPPorts = [ 5000 ]; - boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_2; + boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_3; hardware.opengl.driSupport32Bit = true; # Use the systemd-boot EFI boot loader. @@ -64,7 +64,7 @@ host all all 127.0.0.1/32 trust host all all ::1/127 trust ''; - package = pkgs.postgresql_11; + # package = pkgs.postgresql_11; }; # services.glitchtip = { diff --git a/modules/crs-tools.nix b/modules/crs-tools.nix index fb43136..3ca9ce7 100644 --- a/modules/crs-tools.nix +++ b/modules/crs-tools.nix @@ -31,7 +31,7 @@ let ?> ''; tracker = pkgs.stdenv.mkDerivation { - src = pkgs.crs-tools.tracker; + src = pkgs.crs-tracker; name = "tracker-with-config"; buildPhase = '' mkdir $out @@ -83,7 +83,7 @@ in { services.phpfpm = { pools.crs-tracker = { - phpPackage = pkgs.crs-tools.php; + phpPackage = pkgs.crs-php; user = "crs-tools"; group = "crs-tools"; settings = { diff --git a/pkgs/0002-fix-django-version-bound.patch b/pkgs/0002-fix-django-version-bound.patch new file mode 100644 index 0000000..43d97a9 --- /dev/null +++ b/pkgs/0002-fix-django-version-bound.patch @@ -0,0 +1,25 @@ +From 59895529d6449b9a85d1be25d404b9f2a3ceee0e Mon Sep 17 00:00:00 2001 +From: stuebinm +Date: Mon, 29 May 2023 00:24:56 +0200 +Subject: [PATCH] fix django version bonud + +--- + pyproject.toml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/pyproject.toml b/pyproject.toml +index 1704691..a3e31af 100644 +--- a/pyproject.toml ++++ b/pyproject.toml +@@ -7,7 +7,7 @@ license = "MIT" + + [tool.poetry.dependencies] + python = "^3.8" +-Django = "~4.1.0" ++Django = "~4.2.0" + djangorestframework = "^3.12.1" + django-allauth = "~0.52.0" + django-cors-headers = "^3.2.0" +-- +2.38.4 + diff --git a/pkgs/glitchtip.nix b/pkgs/glitchtip.nix index fa1a594..380eb48 100644 --- a/pkgs/glitchtip.nix +++ b/pkgs/glitchtip.nix @@ -17,7 +17,10 @@ let inherit python; projectDir = src; - patches = [ ./0001-fix-poetry-name-issue.patch ]; + patches = [ + ./0001-fix-poetry-name-issue.patch + ./0002-fix-django-version-bound.patch + ]; # a bunch of python packages seem to misdeclare their dependencies # a few are also just broken when building with Nix, so use these @@ -66,6 +69,7 @@ let buildInputs = [ unzip ]; propagatedBuildInputs = [ pythonApp.dependencyEnv ]; + buildPhase = '' unzip ${frontend} -d unpacked mv unpacked/dist/glitchtip-frontend dist diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix index 4ce3d37..665f7f6 100644 --- a/pkgs/overlay.nix +++ b/pkgs/overlay.nix @@ -3,6 +3,7 @@ self: super: let unstable = inputs.nixpkgs-unstable.legacyPackages.${self.system}; # { inherit (self) system; }; + crs-tools = self.callPackage ./crs-tools.nix {}; in { galmon-core = self.callPackage (import ./galmon.nix {}) {}; @@ -65,7 +66,7 @@ in emacs29 = self.callPackage (import "${inputs.nixpkgs.outPath}/pkgs/applications/editors/emacs/generic.nix" { version = "29"; - sha256 = "sha256-eYROQSXqBV4ULUZOVe1C9G/5LLp7u8qTvqAf0cz62Dg="; + sha256 = "sha256-52ww8DBlDu1frfmLMTnsCmQld6OVX7qBNqVXjuY3GA8="; }) { inherit (self.darwin.apple_sdk.frameworks) AppKit Carbon Cocoa IOKit OSAKit Quartz QuartzCore WebKit ImageCaptureCore GSS ImageIO; @@ -78,18 +79,21 @@ in withX = false; }; - crs-tools = self.callPackage ./crs-tools.nix {}; + crs-tracker = crs-tools.tracker; + crs-php = crs-tools.php; travelynx = self.callPackage ./travelynx.nix {}; - gleam = unstable.gleam; beamPackages = super.beam.packagesWith super.erlang_nox; - elixir = super.elixir_1_14; + elixir = self.beamPackages.elixir_1_14; + erlang = super.erlang_nox; - bahnhof-name = self.buildGleamApplication - { + bahnhof-name = let + inherit (self.callPackage "${inputs.nix-gleam.outPath}/builder/default.nix" {}) buildGleamApplication; + in buildGleamApplication { version = "0.1"; pname = "bahnhof.name"; src = inputs.bahnhof-name; }; + } diff --git a/pkgs/travelynx.nix b/pkgs/travelynx.nix index 4cbb6d0..1eabcae 100644 --- a/pkgs/travelynx.nix +++ b/pkgs/travelynx.nix @@ -212,9 +212,9 @@ let version = "2.0.2"; src = fetchgit { url = "https://git.finalrewind.org/travelynx"; - sha256 = "sha256-wUaQ+1+aqoF0mire8izWNKtlbRIEtrWEc7eACGNjGIY="; + sha256 = "sha256-J5csb1TrDMvtKClhpDC48C+Rqr4b1we+7jCjNifq1yg="; }; - buildInputs = [ p ]; + # buildInputs = [ p ]; buildPhase = '' substituteInPlace index.pl \ --replace "/usr/bin/env perl" ${perlWithPackages.outPath}/bin/perl diff --git a/surltesh-echer/configuration.nix b/surltesh-echer/configuration.nix index d3ab32d..0b5dab9 100644 --- a/surltesh-echer/configuration.nix +++ b/surltesh-echer/configuration.nix @@ -8,7 +8,6 @@ # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; - boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; networking.hostName = "surltesh-echer"; # Define your hostname. -- cgit v1.2.3