diff --git a/common/default.nix b/common/default.nix index 035ad47..e0368e5 100644 --- a/common/default.nix +++ b/common/default.nix @@ -18,7 +18,7 @@ ''; nix.gc.automatic = lib.mkDefault true; nix.gc.options = lib.mkDefault "--delete-older-than 1w"; - nix.trustedUsers = [ "root" "@wheel" ]; + nix.settings.trusted-users = [ "root" "@wheel" ]; nix.extraOptions = '' experimental-features = nix-command flakes ''; diff --git a/flake.lock b/flake.lock index 506d1cd..156e147 100644 --- a/flake.lock +++ b/flake.lock @@ -514,16 +514,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1667921968, - "narHash": "sha256-EI+//LbhUzX471LHq8GgB+oUHpdA2rsiXpY1q5tDYGw=", + "lastModified": 1670276674, + "narHash": "sha256-FqZ7b2RpoHQ/jlG6JPcCNmG/DoUPCIvyaropUDFhF3Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "df2bcbbd1c2aa144261cf1b0003c889c075dc693", + "rev": "52e3e80afff4b16ccb7c52e9f0f5220552f03d04", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-22.05", + "ref": "nixos-22.11", "type": "indirect" } }, diff --git a/services/gitea.nix b/services/gitea.nix index 79ee32d..e09c379 100644 --- a/services/gitea.nix +++ b/services/gitea.nix @@ -48,21 +48,8 @@ httpAddress = "0.0.0.0"; httpPort = 3000; lfs.enable = true; - disableRegistration = true; database.type = "postgres"; - cookieSecure = true; - log.level = "Info"; - # mailerPasswordFile = - # "/var/lib/secrets/noreply"; # see below for access permissions settings = { - # mailer = { - # ENABLED = true; - # HOST = "0x0.rip:465"; - # FROM = "noreply@0x0.rip"; - # ENVELOPE_FROM = "noreply@0x0.rip"; - # USER = "noreply@0x0.rip"; - - # }; repository = { DEFAULT_PRIVATE = "public"; PREFERRED_LICENSES = "Unlicense"; @@ -97,6 +84,9 @@ }; "cron.git_gc_repos".ENABLED = true; "cron.delete_old_actions".ENABLED = true; + log.LEVEL = "Info"; + service.DISABLE_REGISTRATION = true; + session.COOKIE_SECURE = true; }; }; services.postgresqlBackup = { diff --git a/services/hedgedoc-hacc.nix b/services/hedgedoc-hacc.nix index f6c0d1f..54abf17 100644 --- a/services/hedgedoc-hacc.nix +++ b/services/hedgedoc-hacc.nix @@ -36,7 +36,7 @@ }; services.hedgedoc = { enable = true; - configuration = { + settings = { allowAnonymous = true; allowFreeURL = true; allowGravatar = false; diff --git a/services/hedgedoc-i4f.nix b/services/hedgedoc-i4f.nix index d402ec2..7c8ffa7 100644 --- a/services/hedgedoc-i4f.nix +++ b/services/hedgedoc-i4f.nix @@ -37,7 +37,7 @@ }; services.hedgedoc = { enable = true; - configuration = { + settings = { allowAnonymous = true; allowFreeURL = true; allowGravatar = false; diff --git a/services/nextcloud.nix b/services/nextcloud.nix index 2803c4d..5187efe 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -47,6 +47,9 @@ home = "/persist/nextcloud"; https = true; + # true by default for backwards-compatability, but we don't need it + enableBrokenCiphersForSSE = false; + hostName = "cloud.infra4future.de"; config = { dbtype = "pgsql";