commit c6f28e2d1d2511fe32c0a474a5cadbc1daf0288d
parent e332012bd677f5f32b0746bf04bc2eef19bd97d4
Author: Leah (ctucx) <git@ctu.cx>
Date: Mon, 18 Nov 2024 13:54:59 +0100
parent e332012bd677f5f32b0746bf04bc2eef19bd97d4
Author: Leah (ctucx) <git@ctu.cx>
Date: Mon, 18 Nov 2024 13:54:59 +0100
required changes for nixpkgs/home-manager 24.11
9 files changed, 25 insertions(+), 45 deletions(-)
diff --git a/configurations/common/programs/networkUtilities.nix b/configurations/common/programs/networkUtilities.nix @@ -18,7 +18,7 @@ in { home-manager.users.leah.home = { packages = with pkgs; [ dnsutils - nmap-unfree + nmap tcpdump iperf3 ] ++ (if pkgs.stdenv.isDarwin then [
diff --git a/flake.nix b/flake.nix @@ -53,6 +53,7 @@ wanderduene = import ./machines/wanderduene; }; + colmenaHive = inputs.colmena.lib.makeHive self.outputs.colmena; nixosConfigurations = (import (inputs.colmena + "/src/nix/hive/eval.nix") { rawFlake = inputs.self; colmenaOptions = import (inputs.colmena + "/src/nix/hive/options.nix");
diff --git a/machines/briefkasten/router/default.nix b/machines/briefkasten/router/default.nix @@ -18,7 +18,7 @@ wireguard-tools ]; - services.avahi.interfaces = [ "brlan" ]; - networking.useDHCP = false; + services.avahi.allowInterfaces = [ "brlan" ]; + networking.useDHCP = false; }
diff --git a/machines/briefkasten/router/ppp.nix b/machines/briefkasten/router/ppp.nix @@ -46,7 +46,7 @@ ${pkgs.envsubst}/bin/envsubst -i "${config.environment.etc."ppp/peers/dtagdsl".source}" > /etc/ppp/peers/dtagdsl ''; - preStartFile = utils.systemdUtils.lib.makeJobScript "pppd-dtagdsl-pre-start" preStart; + preStartFile = utils.systemdUtils.lib.makeJobScript { name = "pppd-dtagdsl-pre-start"; text = preStart; enableStrictShellChecks = true; }; in { EnvironmentFile = config.age.secrets.pppd-env.path; ExecStartPre = [
diff --git a/machines/briefkasten/router/systemd-networkd.nix b/machines/briefkasten/router/systemd-networkd.nix @@ -55,13 +55,11 @@ FirewallMark = 51820; }; wireguardPeers = [{ - wireguardPeerConfig={ - Endpoint = "195.39.247.161:51820"; - PublicKey = "kih/GnR4Bov/DM/7Rd21wK+PFQRUNH6sywVuNKkUAkk="; - AllowedIPs = [ "0.0.0.0/0" "::/0" ]; - PersistentKeepalive = 10; -# RouteTable = "off"; - }; + Endpoint = "195.39.247.161:51820"; + PublicKey = "kih/GnR4Bov/DM/7Rd21wK+PFQRUNH6sywVuNKkUAkk="; + AllowedIPs = [ "0.0.0.0/0" "::/0" ]; + PersistentKeepalive = 10; +# RouteTable = "off"; }]; }; @@ -113,28 +111,28 @@ "2a0f:4ac0:acab::1/62" ]; routingPolicyRules = [ - { routingPolicyRuleConfig = { + { From = "195.39.246.32/28"; Table = 254; Priority = 1900; SuppressPrefixLength = 0; - };} - { routingPolicyRuleConfig = { + } + { From = "2a0f:4ac0:acab::/62"; Table = 254; Priority = 1900; SuppressPrefixLength = 0; - };} - { routingPolicyRuleConfig = { + } + { From = "195.39.246.32/28"; Table = 1234; Priority = 2000; - };} - { routingPolicyRuleConfig = { + } + { From = "2a0f:4ac0:acab::/62"; Table = 1234; Priority = 2000; - };} + } ]; }; @@ -146,14 +144,14 @@ MTUBytes = "1500"; }; routes = [ - { routeConfig = { + { Destination = "0.0.0.0/0"; Table = "1234"; - };} - { routeConfig = { + } + { Destination = "::/0"; Table = "1234"; - };} + } ]; };
diff --git a/machines/trabbi/grafana/default.nix b/machines/trabbi/grafana/default.nix @@ -24,7 +24,7 @@ server = { domain = "grafana.ctu.cx"; root_url = "https://grafana.ctu.cx/"; - http_addr = "[::1]"; + http_addr = "::1"; http_port = 3001; }; security.allow_embedding = true;
diff --git a/machines/trabbi/matrix/mautrix-whatsapp.nix b/machines/trabbi/matrix/mautrix-whatsapp.nix @@ -2,10 +2,6 @@ { - services.matrix-synapse.settings.app_service_config_files = [ - "/var/lib/mautrix-whatsapp/whatsapp-registration.yaml" - ]; - users.users.matrix-synapse.extraGroups = [ "mautrix-whatsapp" ];
diff --git a/machines/trabbi/matrix/synapse.nix b/machines/trabbi/matrix/synapse.nix @@ -27,11 +27,6 @@ services = { postgresql = { enable = true; - # ensureUsers = [{ - # name = "matrix-sliding-sync-proxy"; - # ensurePermissions."DATABASE syncv3" = "ALL PRIVILEGES"; - # }]; - ensureDatabases = [ "syncv3" ]; initialScript = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" @@ -41,15 +36,6 @@ ''; }; - matrix-sliding-sync = { - enable = true; - environmentFile = config.age.secrets.matrix-sliding-sync-env.path; - settings = { - SYNCV3_SERVER = "https://matrix.ctu.cx"; - SYNCV3_BINDADDR = "[::1]:8009"; - }; - }; - matrix-synapse = { enable = true; withJemalloc = true; @@ -101,7 +87,6 @@ kTLS = true; locations = { "/_matrix".proxyPass = "http://[::1]:8008"; - "/_matrix/client/unstable/org.matrix.msc3575/".proxyPass = "http://[::1]:8009/_matrix/client/unstable/org.matrix.msc3575/"; # "/_synapse".proxyPass = "http://[::1]:8008"; # "/admin/".alias = "${pkgs.synapse-admin}/";
diff --git a/machines/trabbi/vaultwarden.nix b/machines/trabbi/vaultwarden.nix @@ -16,7 +16,7 @@ restic-backups.vaultwarden = { user = "vaultwarden"; passwordFile = config.age.secrets.restic-vaultwarden.path; - paths = [ "/var/lib/bitwarden_rs" ]; + paths = [ "/var/lib/bitwarden_rs" "/var/lib/vaultwarden_backups"]; }; systemd.services.vaultwarden.onFailure = [ "email-notify@%i.service" ]; @@ -25,7 +25,7 @@ vaultwarden = { enable = true; dbBackend = "sqlite"; - backupDir = "/var/lib/bitwarden_rs/backups"; + backupDir = "/var/lib/vaultwarden_backups"; environmentFile = config.age.secrets.vaultwarden-secrets.path; config = { DOMAIN = "https://vault.ctu.cx";