Commit graph

65 commits

Author SHA1 Message Date
920ea9e8d4 flake updates & mattermost 8.1.5 → 8.1.6 2023-11-14 19:58:36 +01:00
f03a582345 updates: mattermost 8.1.4 → 8.1.5 2023-11-07 17:36:53 +01:00
ea5a77703e updates
general updates of flake input & mattermost minor version bump (8.1.3 → 8.1.4)
2023-10-27 18:41:39 +02:00
e03bf84d3a mattermost: jump ESR versions 7.8.x → 8.1.3
package definition adjusted by comparing to the current version in
Nixpkgs.
2023-10-07 22:27:23 +02:00
a4288d77ce update
(inputs & mattermost security release)
2023-10-07 20:02:02 +02:00
eae84263f5 less verbose container definitions
move some options (the nopersist & container profiles + allowUnfree
packages) into the evalConfig used for containers, so we don't have to
repeat ourselves as much.

also removed some no-longer-needed specialArgs.

also made thelounge work with nopersist, which for some reason it didn't
use before.
2023-09-28 01:11:02 +02:00
6586f0c552 remove unstable
this downgrades vaultwarden back to what's in stable; this was the last
thing we used from unstable, so remove that as well.
2023-09-28 01:11:02 +02:00
a17cd69a52 keep using the old uffd's pythonPackages, lol 2023-09-28 01:11:02 +02:00
54fe6bfce7 Revert "new uffd packaging"
This reverts commit 90f4971e88d22da6b2a213bbeb1790f456024b36, and resets
the uffd version to the one we are already using, in hopes of making the
update slightly less painfull (haha).
2023-09-28 01:11:02 +02:00
3407e873ef new uffd packaging 2023-09-28 01:11:02 +02:00
4b40d665fe update inputs
this now no longer needs to be built with allow_broken; tracktrain's
packaging now includes an override to remove the marked-broken state.
2023-09-28 01:11:02 +02:00
72ca5b2888 initial work for 23.05
in theory this might be ready to deploy. Potential hazards & things to
know when actually doing so:

 1. the mysql version used by mattermost was updated (the old uses an
    openssl which is marked insecure). Might have to migrate a database
 2. lots of settings now use RFC 42-style settings, which might contain
    new typos
 3. this updates uffd (& changes the patches we apply). Since version
    dependencies of uffd are basically "whatever debian has" we have
    never bothered to match them, but afaik have also never updated uffd
    since the initial deploy some years ago. No guarantee it still
    works.
 4. tracktrain depends on haskellPackages.conferer-warp, which is
    currently marked broken. There is no reason for this (it builds
    fine). Until fixed upstream, build with NIXPKGS_ALLOW_BROKEN=1.
    cf. https://github.com/NixOS/nixpkgs/pull/234784; waiting for a
    merge of haskell-updates into 23.05
2023-09-28 01:11:02 +02:00
4fb06c3e10 mattermost 7.8.10 → 7.8.11
(another security update)
2023-09-20 00:33:36 +02:00
c18215f356 mattermost 7.8.8 → 7.8.10 2023-09-06 17:02:46 +02:00
6a4ff47443 mattermost 7.8.7 → 7.8.8 2023-07-19 22:20:45 +02:00
109aada070 mattermost 7.8.5 → 7.8.7 2023-07-08 00:33:11 +02:00
d8e937a91d mattermost: 7.1.8 → 7.8.5 2023-05-19 23:06:15 +02:00
a3689d1c76 mattermost: 7.1.7 → 7.1.8
this is a security update, see
https://mattermost.com/blog/mattermost-security-updates-7-9-2-7-8-3-esr-7-7-4-7-1-8-esr-released/
for more.
2023-04-15 19:02:42 +02:00
eda184ee48 netbox: remove python override workaround
this is currently unused anyways, but in case we ever do need it again,
https://github.com/NixOS/nixpkgs/pull/223268 has removed the need for
the weird override workaround.
2023-04-05 23:04:59 +02:00
8d9df0e20e mattermost: 7.1.4 → 7.1.7
apparently the 7.1.x series is now old enough that even though it
does still get security fixes, the mattermost team no longer mentions
this on their blog, so we missed out on a couple. fun!
2023-03-24 03:49:37 +01:00
9af819b4b8 init tracktrain 2023-01-22 02:25:07 +01:00
34a147afe6 python 3.9 -> python 3.10
(nixos 22.11 changed the default version, so some of our stuff broke)
2022-12-17 15:54:31 +01:00
84dab162c1 don't vendor the netbox package definition
(because there's a simpler but also more cursed way of doing it instead)
2022-12-09 14:08:17 +01:00
f75429781d netbox uff(d) 2022-12-09 02:53:48 +01:00
b15f303107
mattermost: update to 7.1.4 2022-11-26 16:39:02 +01:00
c09337c973 shoehorn nix-hexchen-style config into flakes
this replaces niv with nix flakes, attempting to preserve the old
structure as much as possible. Notable caveats:
 - I'm not sure if flake inputs expose version information anywhere, so
   the version in pkgs/mattermost/default.nix is now hardcoded.
   Confusingly, this appears to trigger a rebuild. Maybe I've missed something.
 - a lot of the old-style host.nix & deploy.nix machinery in nix-hexchen
   does not work with flakes, and their newer replacements are not exposed
   by upstream; I've put basic imitations of the relevant parts in this repo
 - (in particular, directories in hosts/ won't become deployable configs
   automatically)
 - parts of the code are now probably more complicated than they'd have to be
 - old variables names were preserved; confusingly, this means the flake
   inputs are still called "sources"
2022-11-13 22:45:50 +01:00
b1974aa2d0 solve some TODOs
(one of these has even been around for a while!)
2022-11-11 16:30:38 +01:00
eb8807feff remove docker override
(hasn't been used for some while now)
2022-11-11 16:30:38 +01:00
a8b3f4b16c remove bottom from unstable packages
(is in stable now)
2022-11-11 16:30:38 +01:00
e29cd5f887 remove unused packages
(most of these were all for nixda)
2022-11-11 16:30:38 +01:00
b5a68e09fd
gitea: fix uffd login
(note that this actually has to patch uffd)
2022-07-27 23:26:13 +02:00
hexchen
27cc65fb14 feat: new SSO!!!! 🎉 2022-04-30 20:43:12 +00:00
schweby
238c1b2c92
mediawiki cleanup 2022-01-27 20:36:34 +01:00
c2c0bd366a
bump nixpkgs to 21.11
This simply updates nixpkgs to 21.11 (along with a general update of
other sources), then follows the hints given out in the build process
until everything (on parsons) ran through fine.

Some things to note:
 - syncthing's declarative config is gone. Instead, declarative and
   non-declarative configuration can now be mixed, but with
   `overrideDevices` set to true, it _should_ ignore non-declarative
   settings and basically behave the same as before (or at least that's
   how I understood the documentation on that)
 - some postfix options now require a lib.mkForce, since the mail module
   also wants to set them — we should probably look into if the mail
   module has nicer ways of handling our settings now (which I didn't
   do)
 - we no longer import the vaultwarden module from unstable, since it's
   included in nixos 21.11 as-is. We _do_ still import the vaultwarden
   package from unstable, since downgrading sounds like a bad idea.
 - nix build will print a warning that `literalExample` is now
   depricated, but we don't seem to use that — I guess at some point
   we'll have to search through our sources if it doesn't go away

This was not yet deployed, and should probably considered a
work-in-progress.

Building Nixda currently fails decklink seems to have disappeared.
2022-01-27 20:36:17 +01:00
schweby
ba60e3cf76 pkgs/blackmagic-desktop-video: update to 12.2.2 2021-12-19 17:13:51 +01:00
schweby
af8b16117f sources: add 21.11 as nixpkgs-new 2021-12-11 13:20:15 +01:00
schweby
668a3fa4ee replace stdenv.lib with lib because deprecated 2021-11-19 19:54:19 +01:00
schweby
6a7e836d22 pkgs/companion: update hash 2021-10-31 21:37:50 +01:00
schweby
939d7adbb6 pkgs/companion: fix hash
who needs consistent links anyway
should fix nixda not building on parsons
2021-10-27 09:20:20 +02:00
56cbb7601b services/vaultwarden: init vaultwarden 2021-09-28 11:13:25 +00:00
schweby
3c3e4c0c83 pkgs/companion: fix hash of nodeHeaders 2021-09-19 16:37:18 +02:00
hexchen
a113c05025 pkgs: init bitfocus companion for streamdeck 2021-08-28 14:31:14 +00:00
schweby
56ad0ed886 nixda/decklink: bump version of bmv to 12.1
bmv = blackmagicvideo
2021-08-23 19:54:18 +00:00
hexchen
35cd963f8c services/gitlab-runner: init on parsons
also disable ci for hainich
2021-08-23 19:32:02 +00:00
84ac81435e hainich: hacky version of thelounge as webchat
Intended for KontraIAA; requirements were that it should be a simple and
non-confusing as possible.

I tried both KiwiIRC and thelounge, and found both horrible to
package (a fact not helped by the somewhat opaque structure of
nixpkgs.nodePackages, which does contain a version of thelounge but
will apparently ignore overrides of the src attribute).

Instead, this now contains a very hacky version of thelounge, which
merely takes the already-built version from nixpkgs and glues some extra
css to it which hides potentially confusing fields.

Things hidden on the "connect" screen:
 - the "name" field (since thelounge offers "nick" "name" and "realname"
   by default, which seems too much for something embedded on a website)
 - the "I have a password" checkbox

Things hidden on the general view:
 - the button to open the side panel (the panel itself is not hidden,
   and will appear by itself on wider layouts), so that users will only
   see that one channel
 - the "channel options" menu (which includes a "leave channel" option
   which would effectively break the webchat)

Things not addressed:
 - thelounge has autocompletion for /join /leave, etc. Do we want to
   disable that as well?
 - It would probably useful to suppress all the "x joined the channel"
   messages. Thelounge supports this, but apparently doesn't support
   setting it as default?

Misc:
 - for now, users will be connected to #thelounge on libera.chat, which
   appears to be okay with being used as an experimental channel
 - I allowed prefetching link previews, but only on the server's side
   (i.e. users' browsers won't fetch content from arbitrary sites)
 - not yet tested on hainich, but should work (tested in a NixOS
   container)
 - currently assumes a "webchat.voc.hacc.space" domain (I think we had a
   voc domain? but I forgot where it is …)
2021-08-23 19:32:02 +00:00
hexchen
cf5062adfd sources: update nixpkgs to 21.05
this caused various other changes related to nftables, we are now using
hexchen's fork of pbb's module.
2021-08-07 12:05:25 +00:00
schweby
b092919a53 nixda:update desktopvideo to 12.0 2021-06-09 21:58:06 +00:00
schweby
d37899698c
hainich: remove minecraft
nixos and its concepts/service management/update mechanism don't play nice with minecraft
In general some things I wanted to do (e.g. a map) are to spikiely resource intensive to run on a server meant to provide other services consistently
A replacement will be provided soon™
2021-06-06 18:22:24 +02:00
schweby
ae8bf7c8f6
sources: manage mattermost with niv
also reenables mattermost
also updated to version 5.34.2
2021-04-28 22:29:31 +02:00
schweby
d48c7cdcac
pkgs: set jre_headless to jdk11_headless
this is a workaround to be able to use java 11 with the
minecraft-server module
minecraft calls for jre_headless, which is still java 8
newer java version don't ship jre, which now have to be custom built or
the jdk used
2021-04-03 21:07:02 +02:00