this replaces niv with nix flakes, attempting to preserve the old
structure as much as possible. Notable caveats:
- I'm not sure if flake inputs expose version information anywhere, so
the version in pkgs/mattermost/default.nix is now hardcoded.
Confusingly, this appears to trigger a rebuild. Maybe I've missed something.
- a lot of the old-style host.nix & deploy.nix machinery in nix-hexchen
does not work with flakes, and their newer replacements are not exposed
by upstream; I've put basic imitations of the relevant parts in this repo
- (in particular, directories in hosts/ won't become deployable configs
automatically)
- parts of the code are now probably more complicated than they'd have to be
- old variables names were preserved; confusingly, this means the flake
inputs are still called "sources"
apparently the nixpkgs mattermost module simply ignores its own config
if mutableConfig is false, and reads whatever config is currently in the
database (in our case, old stuff involving auth.infra4future.de).
This overwrites that.
this does a couple things:
- redo mattermost's secret config as an env file passed to systemd
- get rid of modules/mattermost.nix and use upstream module instead
- move some of the stuff in secret.json which don't need to be there
into nix (e.g. smtp port)
Also, I set the log level to ERROR in the env file. Mattermost doesn't
seem to respect it otherwise *shrug*