Merge branch 'nixos-21.11' into 'main'
WIP: bump nixpkgs to 21.11 See merge request hacc/infra/haccfiles!84
This commit is contained in:
commit
f6f9fbf288
|
@ -6,7 +6,6 @@ in {
|
||||||
./nftnat
|
./nftnat
|
||||||
./decklink.nix
|
./decklink.nix
|
||||||
./websites.nix
|
./websites.nix
|
||||||
"${sources.nixpkgs-unstable}/nixos/modules/services/security/vaultwarden"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
# disabled since vaultwarden defines a dummy bitwarden_rs option that
|
# disabled since vaultwarden defines a dummy bitwarden_rs option that
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
"homepage": "https://mattermost.com",
|
"homepage": "https://mattermost.com",
|
||||||
"owner": "mattermost",
|
"owner": "mattermost",
|
||||||
"repo": "mattermost-server",
|
"repo": "mattermost-server",
|
||||||
"rev": "3172adfce9d98fe8f9c98ccd0a0fdbb52291ae0a",
|
"rev": "8f352436049776b5bd7c006bb03992d8fe2f029f",
|
||||||
"sha256": "1sy0kydp87pwby0whgq678jq1zpivqndip81787r9b3dqcyq47cp",
|
"sha256": "1sy0kydp87pwby0whgq678jq1zpivqndip81787r9b3dqcyq47cp",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/mattermost/mattermost-server/archive/refs/tags/v6.1.2.tar.gz",
|
"url": "https://github.com/mattermost/mattermost-server/archive/refs/tags/v6.1.2.tar.gz",
|
||||||
|
@ -70,27 +70,15 @@
|
||||||
"url_template": "<repo>/-/archive/<rev>.tar.gz"
|
"url_template": "<repo>/-/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"branch": "nixos-21.05",
|
|
||||||
"description": "Nix Packages collection",
|
|
||||||
"homepage": "",
|
|
||||||
"owner": "nixos",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "7bca80140fc7732c7357b26002db3d87b3ba4c61",
|
|
||||||
"sha256": "0vyjpf1jw4cvw7kfbk055faq08q4swz6v1h2mf9zw4r8frhqa73w",
|
|
||||||
"type": "tarball",
|
|
||||||
"url": "https://github.com/nixos/nixpkgs/archive/7bca80140fc7732c7357b26002db3d87b3ba4c61.tar.gz",
|
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
|
||||||
},
|
|
||||||
"nixpkgs-new": {
|
|
||||||
"branch": "nixos-21.11",
|
"branch": "nixos-21.11",
|
||||||
"description": "Nix Packages collection",
|
"description": "Nix Packages collection",
|
||||||
"homepage": "",
|
"homepage": "",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "8588b14a397e045692d0a87192810b6dddf53003",
|
"rev": "6c4b9f1a2fd761e2d384ef86cff0d208ca27fdca",
|
||||||
"sha256": "15srsgbhgn27wa4kz4x0gfqbsdnwig0h0y8gj2h4nnw92nrxpvnm",
|
"sha256": "1yl5gj0mzczhl1j8sl8iqpwa1jzsgr12fdszw9rq13cdig2a2r5f",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nixos/nixpkgs/archive/8588b14a397e045692d0a87192810b6dddf53003.tar.gz",
|
"url": "https://github.com/nixos/nixpkgs/archive/6c4b9f1a2fd761e2d384ef86cff0d208ca27fdca.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
|
@ -99,10 +87,10 @@
|
||||||
"homepage": "",
|
"homepage": "",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ac169ec6371f0d835542db654a65e0f2feb07838",
|
"rev": "945ec499041db73043f745fad3b2a3a01e826081",
|
||||||
"sha256": "0bwjyz15sr5f7z0niwls9127hikp2b6fggisysk0cnk3l6fa8abh",
|
"sha256": "1ixv310sjw0r5vda4yfwp3snyha2i9h7aqygd43cyvdk2qsjk8pq",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nixos/nixpkgs/archive/ac169ec6371f0d835542db654a65e0f2feb07838.tar.gz",
|
"url": "https://github.com/nixos/nixpkgs/archive/945ec499041db73043f745fad3b2a3a01e826081.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"workadventure": {
|
"workadventure": {
|
||||||
|
|
|
@ -4,7 +4,6 @@ let
|
||||||
sources = import ../nix/sources.nix;
|
sources = import ../nix/sources.nix;
|
||||||
pkgs = import sources.nixpkgs args;
|
pkgs = import sources.nixpkgs args;
|
||||||
unstable = import sources.nixpkgs-unstable args;
|
unstable = import sources.nixpkgs-unstable args;
|
||||||
new = import sources.nixpkgs-new args;
|
|
||||||
|
|
||||||
callPackage = pkgs.lib.callPackageWith (pkgs // newpkgs);
|
callPackage = pkgs.lib.callPackageWith (pkgs // newpkgs);
|
||||||
|
|
||||||
|
|
|
@ -12,10 +12,9 @@ let
|
||||||
|
|
||||||
goPackagePath = "github.com/mattermost/mattermost-server";
|
goPackagePath = "github.com/mattermost/mattermost-server";
|
||||||
|
|
||||||
buildFlagsArray = ''
|
ldflags = [
|
||||||
-ldflags=
|
"-X ${goPackagePath}/model.BuildNumber=nixpkgs-${version}"
|
||||||
-X ${goPackagePath}/model.BuildNumber=nixpkgs-${version}
|
];
|
||||||
'';
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -57,6 +57,7 @@
|
||||||
home = "/persist/var/lib/gitlab-runner";
|
home = "/persist/var/lib/gitlab-runner";
|
||||||
extraGroups = [ "docker" ];
|
extraGroups = [ "docker" ];
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
|
group = "nogroup";
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualisation.docker.storageDriver = "zfs";
|
virtualisation.docker.storageDriver = "zfs";
|
||||||
|
|
|
@ -42,7 +42,12 @@
|
||||||
allowFreeURL = true;
|
allowFreeURL = true;
|
||||||
allowGravatar = false;
|
allowGravatar = false;
|
||||||
allowOrigin = [ "localhost" "pad.hacc.space" "fff-muc.de" ];
|
allowOrigin = [ "localhost" "pad.hacc.space" "fff-muc.de" ];
|
||||||
dbURL = "postgres://codimd:codimd@localhost:5432/codimd";
|
db = {
|
||||||
|
host = "/run/postgresql";
|
||||||
|
username = "codimd";
|
||||||
|
dialect = "postgres";
|
||||||
|
database = "codimd";
|
||||||
|
};
|
||||||
defaultPermission = "limited";
|
defaultPermission = "limited";
|
||||||
domain = "pad.hacc.space";
|
domain = "pad.hacc.space";
|
||||||
host = "0.0.0.0";
|
host = "0.0.0.0";
|
||||||
|
@ -74,6 +79,11 @@
|
||||||
"DATABASE codimd" = "ALL PRIVILEGES";
|
"DATABASE codimd" = "ALL PRIVILEGES";
|
||||||
};
|
};
|
||||||
}];
|
}];
|
||||||
|
authentication = ''
|
||||||
|
local all all trust
|
||||||
|
host codimd codimd 127.0.0.1/32 trust
|
||||||
|
'';
|
||||||
|
package = pkgs.postgresql_11;
|
||||||
};
|
};
|
||||||
services.postgresqlBackup = {
|
services.postgresqlBackup = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -42,7 +42,11 @@
|
||||||
allowFreeURL = true;
|
allowFreeURL = true;
|
||||||
allowGravatar = false;
|
allowGravatar = false;
|
||||||
allowOrigin = [ "localhost" "pad.infra4future.de" "fff-muc.de" ];
|
allowOrigin = [ "localhost" "pad.infra4future.de" "fff-muc.de" ];
|
||||||
dbURL = "postgres://hedgedoc:hedgedoc@localhost:5432/hedgedoc";
|
db = {
|
||||||
|
host = "/run/postgresql";
|
||||||
|
dialect = "postgres";
|
||||||
|
database = "hedgedoc";
|
||||||
|
};
|
||||||
defaultPermission = "freely";
|
defaultPermission = "freely";
|
||||||
domain = "pad.infra4future.de";
|
domain = "pad.infra4future.de";
|
||||||
host = "0.0.0.0";
|
host = "0.0.0.0";
|
||||||
|
@ -56,6 +60,7 @@
|
||||||
};
|
};
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = pkgs.postgresql_11;
|
||||||
authentication = ''
|
authentication = ''
|
||||||
local all all trust
|
local all all trust
|
||||||
host hedgedoc hedgedoc 127.0.0.1/32 trust
|
host hedgedoc hedgedoc 127.0.0.1/32 trust
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
{ config, lib, pkgs, profiles, modules, evalConfig, ... }:
|
{ config, lib, pkgs, profiles, modules, evalConfig, ... }:
|
||||||
|
|
||||||
let
|
{
|
||||||
new = import (import ../nix/sources.nix).nixpkgs-new {};
|
|
||||||
in {
|
|
||||||
containers.lantifa = {
|
containers.lantifa = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
|
@ -37,7 +35,6 @@ in {
|
||||||
services.mediawiki = {
|
services.mediawiki = {
|
||||||
enable = true;
|
enable = true;
|
||||||
name = "LANtifa";
|
name = "LANtifa";
|
||||||
package = new.mediawiki;
|
|
||||||
database.createLocally = true;
|
database.createLocally = true;
|
||||||
passwordFile = "/var/lib/mediawiki/mediawiki-password";
|
passwordFile = "/var/lib/mediawiki/mediawiki-password";
|
||||||
extraConfig = let
|
extraConfig = let
|
||||||
|
|
|
@ -124,8 +124,8 @@
|
||||||
# 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty)
|
# 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty)
|
||||||
virusScanning = false;
|
virusScanning = false;
|
||||||
};
|
};
|
||||||
services.postfix.submissionOptions.smtpd_sender_restrictions = "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
|
services.postfix.submissionOptions.smtpd_sender_restrictions = lib.mkForce "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
|
||||||
services.postfix.submissionsOptions.smtpd_sender_restrictions = "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
|
services.postfix.submissionsOptions.smtpd_sender_restrictions = lib.mkForce "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
|
||||||
services.postfix.virtual = ''
|
services.postfix.virtual = ''
|
||||||
@4future.dev @hacc.space
|
@4future.dev @hacc.space
|
||||||
@4futu.re @hacc.space
|
@4futu.re @hacc.space
|
||||||
|
|
|
@ -202,6 +202,7 @@ in {
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = lib.mkForce true; # mattermost sets this to false. wtf.
|
enable = lib.mkForce true; # mattermost sets this to false. wtf.
|
||||||
|
package = pkgs.postgresql_11;
|
||||||
ensureDatabases = [ "mattermost" ];
|
ensureDatabases = [ "mattermost" ];
|
||||||
ensureUsers = [ {
|
ensureUsers = [ {
|
||||||
name = "mattermost";
|
name = "mattermost";
|
||||||
|
|
|
@ -102,6 +102,7 @@
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = pkgs.postgresql_11;
|
||||||
ensureDatabases = [ "nextcloud" ];
|
ensureDatabases = [ "nextcloud" ];
|
||||||
ensureUsers = [
|
ensureUsers = [
|
||||||
{ # by default, postgres has unix sockets enabled, and allows a
|
{ # by default, postgres has unix sockets enabled, and allows a
|
||||||
|
|
|
@ -34,8 +34,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue