From ba4b977388f3b629b1200aeabb5e41f1a402c4f6 Mon Sep 17 00:00:00 2001 From: "Jill \"oatmealine\" Monoids" Date: Fri, 8 Dec 2023 12:06:38 +0100 Subject: [PATCH] upgrade to NixOS 23.11 code-server has been Expunged. forgejo themes dropped for the time being since they were buggy anyways --- config/forgejo/app.toml | 4 +- flake.lock | 108 +++++++++++------------ flake.nix | 4 +- hosts/lucent-firepit/default.nix | 5 -- hosts/lucent-firepit/webapps/default.nix | 6 -- modules/services/code-server.nix | 61 ------------- modules/services/forgejo.nix | 4 +- modules/services/postgres.nix | 1 + modules/services/vaultwarden.nix | 2 +- packages/gmusicbot.maven.nix | 38 -------- 10 files changed, 62 insertions(+), 171 deletions(-) delete mode 100644 modules/services/code-server.nix delete mode 100644 packages/gmusicbot.maven.nix diff --git a/config/forgejo/app.toml b/config/forgejo/app.toml index 3a665d3..84afbab 100644 --- a/config/forgejo/app.toml +++ b/config/forgejo/app.toml @@ -7,8 +7,8 @@ PASSWORD_CHECK_PWN = true DEFAULT_BRANCH = "main" [ui] -DEFAULT_THEME = "catppuccin-mocha" -THEMES="forgejo-auto,forgejo-light,forgejo-dark,arc-green,arc-pink,darkred,gitea-blue,gitea-modern,github,catppuccin-latte,catppuccin-frappe,catppuccin-macchiato,catppuccin-mocha" +DEFAULT_THEME = "forgejo-auto" +THEMES="forgejo-auto,forgejo-light,forgejo-dark" CUSTOM_EMOJIS = "blurry_eyes,horny,acab,tastymilk,gluttony,soul_of_fright,soul_of_night,soul_of_blight,bottom,spongesad,Tainted_John_F_Kennedy,John_F_Kennedy_Tainted,John_F_Kennedy,plumspin,despair,ihaveyourip,peeeh,penis,twister,speed,deadchat,housj,dothejej,b_,trollgecommence,nervous,coffee,dilf,closer,slugclose,pls,x3,observer,zamiel_approves,i_see_pizza,cutely_blushes,babytime,sleeby,zonkerdoodle,whenyoubigshit,the_cowboy,stupib,soul_of_might,scripulous_fingore_point,scripulous_fingore,rusty50,pickle,orang,oralpleasure,ohgod,michael,i_see_chicory,he,hapykity,handsr,handsl,slugloafspin,gamer_boi,feddynite,cock,feddy_glamcock,face,entropy,elonmusk,eeeeeeeeee,child,ancapistanian,aiki,gloopy,lamb,YOU,slightYOU,citat,ionn,eede,ed,blank,michael,BABAXD,BABA,EyesPepe,spamdance,pickledance,BABA_IS_OO,wieldr,wieldl,cinnamon,jillo,she,hydrogenperoxide,ObedientCitizen,misinformation,maenod,Snowsgiving22_AnimatedEmojis_mal" [mailer] diff --git a/flake.lock b/flake.lock index 6687c3d..3dd3624 100755 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1696775529, - "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=", + "lastModified": 1701216516, + "narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=", "owner": "ryantm", "repo": "agenix", - "rev": "daf42cb35b2dc614d1551e37f96406e4c4a2d3e4", + "rev": "13ac9ac6d68b9a0896e3d43a082947233189e247", "type": "github" }, "original": { @@ -68,11 +68,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1700793713, - "narHash": "sha256-Y1TUGNWmp8Pm83OnpVI+QAerdltEV1gupl2fVPcSJ0E=", + "lastModified": 1702002149, + "narHash": "sha256-KAtAAnpfogr6XzdskJ33ytdrd0c6UU4OT94u84eWvpQ=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "cc8840b8c004b94164b38d003581cba25bb44c99", + "rev": "170e86030361a09053abe3ca36b0fefa1292a13e", "type": "github" }, "original": { @@ -120,11 +120,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { @@ -195,16 +195,16 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1700392168, - "narHash": "sha256-v5LprEFx3u4+1vmds9K0/i7sHjT0IYGs7u9v54iz/OA=", + "lastModified": 1700814205, + "narHash": "sha256-lWqDPKHRbQfi+zNIivf031BUeyciVOtwCwTjyrhDB5g=", "owner": "nix-community", "repo": "home-manager", - "rev": "28535c3a34d79071f2ccb68671971ce0c0984d7e", + "rev": "aeb2232d7a32530d3448318790534d196bf9427a", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-23.05", + "ref": "release-23.11", "repo": "home-manager", "type": "github" } @@ -218,11 +218,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1700739112, - "narHash": "sha256-lsJWWR8JjIWku1AcMrHa7wO4UILytsFRgkFY7T9yRGQ=", + "lastModified": 1701988578, + "narHash": "sha256-44jQ4XMNP5ql3fdXLN+SCEnKfZcK1aY34koIwFLWgYw=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e40e486f61f2643578b9977b86f408799dbc75fd", + "rev": "6fb1b89b982eea26ecae75b93f1742537c4f31ae", "type": "github" }, "original": { @@ -261,11 +261,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1699969928, - "narHash": "sha256-c3ZGon18Cm37iTIe86nLkeNkVj16DvEvzvs6UqbvAd4=", + "lastModified": 1701083219, + "narHash": "sha256-0j4Poy2OEZ55GWagfj6ookxG6jXdsDHZLh6vU3DBuz4=", "owner": "hyprwm", "repo": "hyprpaper", - "rev": "38e18b70777be4e8af45698b8c7bdbf3a04387a0", + "rev": "b94f84605d6d6d8d3c17a42a72fc3b01df69ab7f", "type": "github" }, "original": { @@ -299,11 +299,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1700788664, - "narHash": "sha256-Z7LTeRl8kGkpnIzwdhvbXpH9+nBil5LWHzc3HSjOE0w=", + "lastModified": 1701998456, + "narHash": "sha256-I/5XgTPo0tMmk0o/IZuml7Dx1uVT4oMHLUPIgFE4Sg0=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "c26a7e6671d0f327116b15e3d68827fb6b2a14e2", + "rev": "2ac70284dc5835f375f4f63ea763ede4e46d0dce", "type": "github" }, "original": { @@ -314,11 +314,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1700559156, - "narHash": "sha256-gL4epO/qf+wo30JjC3g+b5Bs8UrpxzkhNBBsUYxpw2g=", + "lastModified": 1701656485, + "narHash": "sha256-xDFormrGCKKGqngHa2Bz1GTeKlFMMjLnHhTDRdMJ1hs=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "c3abafb01cd7045dba522af29b625bd1e170c2fb", + "rev": "fa194fc484fd7270ab324bb985593f71102e84d1", "type": "github" }, "original": { @@ -345,11 +345,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1700678569, - "narHash": "sha256-2Ki+2UvOidxEb3xB4ADqlbPQ2BZOF4uZMR094O8or2I=", + "lastModified": 1701615100, + "narHash": "sha256-7VI84NGBvlCTduw2aHLVB62NvCiZUlALLqBe5v684Aw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f1180704ac35baded1a74164365ac7cdfba6f38", + "rev": "e9f06adb793d1cca5384907b3b8a4071d5d7cb19", "type": "github" }, "original": { @@ -361,11 +361,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1700612854, - "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", + "lastModified": 1701718080, + "narHash": "sha256-6ovz0pG76dE0P170pmmZex1wWcQoeiomUZGggfH9XPs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", + "rev": "2c7f3c0fb7c08a0814627611d9d7d45ab6d75335", "type": "github" }, "original": { @@ -406,11 +406,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1700612854, - "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", + "lastModified": 1701718080, + "narHash": "sha256-6ovz0pG76dE0P170pmmZex1wWcQoeiomUZGggfH9XPs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", + "rev": "2c7f3c0fb7c08a0814627611d9d7d45ab6d75335", "type": "github" }, "original": { @@ -422,27 +422,27 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1687466461, - "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", - "owner": "nixos", + "lastModified": 1700204040, + "narHash": "sha256-xSVcS5HBYnD3LTer7Y2K8ZQCDCXMa3QUD1MzRjHzuhI=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", + "rev": "c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-23.05", + "owner": "NixOS", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_5": { "locked": { - "lastModified": 1698134075, - "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=", + "lastModified": 1700612854, + "narHash": "sha256-yrQ8osMD+vDLGFX7pcwsY/Qr5PUd6OmDMYJZzZi0+zc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4", + "rev": "19cbff58383a4ae384dea4d1d0c823d72b49d614", "type": "github" }, "original": { @@ -502,16 +502,16 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1700678569, - "narHash": "sha256-2Ki+2UvOidxEb3xB4ADqlbPQ2BZOF4uZMR094O8or2I=", + "lastModified": 1701952659, + "narHash": "sha256-TJv2srXt6fYPUjxgLAL0cy4nuf1OZD4KuA1TrCiQqg0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8f1180704ac35baded1a74164365ac7cdfba6f38", + "rev": "b4372c4924d9182034066c823df76d6eaf1f4ec4", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "type": "indirect" } }, @@ -629,18 +629,18 @@ "flake": false, "locked": { "host": "gitlab.freedesktop.org", - "lastModified": 1699292815, - "narHash": "sha256-HXu98PyBMKEWLqiTb8viuLDznud/SdkdJsx5A5CWx7I=", + "lastModified": 1701368958, + "narHash": "sha256-7kvyoA91etzVEl9mkA/EJfB6z/PltxX7Xc4gcr7/xlo=", "owner": "wlroots", "repo": "wlroots", - "rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1", + "rev": "5d639394f3e83b01596dcd166a44a9a1a2583350", "type": "gitlab" }, "original": { "host": "gitlab.freedesktop.org", "owner": "wlroots", "repo": "wlroots", - "rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1", + "rev": "5d639394f3e83b01596dcd166a44a9a1a2583350", "type": "gitlab" } }, @@ -660,11 +660,11 @@ ] }, "locked": { - "lastModified": 1697981233, - "narHash": "sha256-y8q4XUwx+gVK7i2eLjfR32lVo7TYvEslyzrmzYEaPZU=", + "lastModified": 1700508250, + "narHash": "sha256-X4o/mifI7Nhu0UKYlxx53wIC+gYDo3pVM9L2u3PE2bE=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "22e7a65ff9633e1dedfa5317fdffc49f68de2ff2", + "rev": "eb120ff25265ecacd0fc13d7dab12131b60d0f47", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 4d333da..daff7be 100755 --- a/flake.nix +++ b/flake.nix @@ -2,12 +2,12 @@ description = "Frosted Flakes"; inputs = { - nixpkgs.url = "nixpkgs/nixos-23.05"; + nixpkgs.url = "nixpkgs/nixos-23.11"; # WARNING: Where possible, prefer the stable branch of nixpkgs as nixpkgs-unstable may have incompatable or vulnerable software. nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; - home-manager.url = "github:nix-community/home-manager/release-23.05"; + home-manager.url = "github:nix-community/home-manager/release-23.11"; #home-manager.inputs.nixpkgs.follows = "nixpkgs"; # agenix - age-encrypted secrets diff --git a/hosts/lucent-firepit/default.nix b/hosts/lucent-firepit/default.nix index d7e8f16..24e1c65 100644 --- a/hosts/lucent-firepit/default.nix +++ b/hosts/lucent-firepit/default.nix @@ -31,11 +31,6 @@ in { users.groups.dotfiles = {}; users.groups.yugoslavia = {}; - # TODO: temporary fix; please find root cause. i'm begging you - nixpkgs.config.permittedInsecurePackages = [ - "nodejs-16.20.0" - ]; - normalUsers = { # aether??? is that... reference.../.??? aether https://www.curseforge.com/minecraft/mc-mods/aether mod Curseforge minecraft Forge Patreon Chat twitter code license Assets license All rights reserved categories Last Updated apr 17 2021 Game Version 1.12.2 aether aether = { diff --git a/hosts/lucent-firepit/webapps/default.nix b/hosts/lucent-firepit/webapps/default.nix index 7fa3117..85107e3 100644 --- a/hosts/lucent-firepit/webapps/default.nix +++ b/hosts/lucent-firepit/webapps/default.nix @@ -106,12 +106,6 @@ in { matomo = { enable = true; }; - - #code-server = { - # enable = true; - # domain = "dev-firepit.oat.zone"; - # port = 4444; - #}; }; }; diff --git a/modules/services/code-server.nix b/modules/services/code-server.nix deleted file mode 100644 index 81b3b97..0000000 --- a/modules/services/code-server.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ config, lib, pkgs, options, ... }: - -with lib; -let - cfg = config.modules.services.code-server; -in { - options.modules.services.code-server = { - enable = mkOption { - type = types.bool; - default = false; - }; - domain = mkOption { - type = types.str; - default = "dev-firepit.oat.zone"; - }; - port = mkOption { - type = types.int; - default = 4444; - }; - }; - - config = mkIf cfg.enable { - services = { - code-server = { - enable = true; - port = cfg.port; - # temporary - auth = "password"; - # temporary - hashedPassword = removeSuffix "\n" (builtins.readFile /etc/code-server-password); - - extraPackages = with pkgs; [ git nix nixpkgs-fmt ]; - }; - - nginx.virtualHosts."${cfg.domain}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - extraConfig = '' - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header Host $host; - ''; - }; - locations."= /robots.txt" = { - extraConfig = '' - add_header Content-Type text/plain; - return 200 "User-agent: *\nDisallow: /\n"; - ''; - }; - }; - }; - - users.users.code-server = { - extraGroups = [ "nix-users" "dotfiles" ]; - shell = pkgs.unstable.fish; - }; - }; -} diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix index b79cedf..2b31c69 100644 --- a/modules/services/forgejo.nix +++ b/modules/services/forgejo.nix @@ -42,7 +42,7 @@ in { }; settings = mkMerge [ (builtins.fromTOML (builtins.readFile "/etc/dotfiles/config/forgejo/app.toml")) { "ui.meta" = { - AUTHOR = "aether & oat"; + AUTHOR = "dark-firepit.cloud"; DESCRIPTION = "dark-firepit's shared git instance"; }; "server" = { @@ -57,7 +57,7 @@ in { }; gitea-actions-runner = mkIf cfg.enableActions { - instances."#{config.networking.hostName}" = { + instances."${config.networking.hostName}" = { enable = true; name = "ci"; url = "https://${cfg.domain}/"; diff --git a/modules/services/postgres.nix b/modules/services/postgres.nix index 00291b2..bdc847e 100644 --- a/modules/services/postgres.nix +++ b/modules/services/postgres.nix @@ -14,6 +14,7 @@ in { config = mkIf cfg.enable { services.postgresql = { enable = true; + package = pkgs.postgresql_15; }; }; } diff --git a/modules/services/vaultwarden.nix b/modules/services/vaultwarden.nix index 6f05d32..e074ca0 100644 --- a/modules/services/vaultwarden.nix +++ b/modules/services/vaultwarden.nix @@ -55,7 +55,7 @@ in { ensureDatabases = [ "vaultwarden" ]; ensureUsers = [ { name = "vaultwarden"; - ensurePermissions = { "DATABASE vaultwarden" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; } ]; }; diff --git a/packages/gmusicbot.maven.nix b/packages/gmusicbot.maven.nix deleted file mode 100644 index c1065f1..0000000 --- a/packages/gmusicbot.maven.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ lib, pkgs }: - -let - shade_1_5 = map (obj: pkgs.javaPackages.fetchMaven { - version = "1.5"; - artifactId = "maven-shade-plugin"; - groupId = "org.apache.maven.plugins"; - sha512 = obj.sha512; - type = obj.type; - }) [ - { type = "jar"; sha512 = "sha512-AoBtMzmqWMiOz5CSzl6ucYXK2iPtYbSlbsa2f8gCeP9ZtZfM+LkrEVzF9JcWsn+qbA9zC84O0fUyt7fJl8ZrBg=="; } - { type = "pom"; sha512 = "sha512-YJTFhsAs3hV26L0+fAStwY6AHnPx6+cCo6yP/ZJTOUZvrlNTA1qxP/aBYjhPX3IvQ+UhagwdrSbA4uIS3w5sUw=="; } - ]; -in pkgs.javaPackages.mavenbuild rec { - version = "2023-05-19"; - name = "gmusicbot-${version}"; - - mavenDeps = [ - shade_1_5 - ]; - m2Path = "/jmusicbot/jmusicbot/${version}"; - - src = pkgs.fetchFromGitea { - domain = "git.oat.zone"; - owner = "oat"; - repo = "GMusicBot"; - rev = "master"; - sha256 = "sha256-+sH5LI7PUN25rR1DM529Ly0WPHB4/JIQAPxWi0IlsZ4="; - }; - - meta = with pkgs.lib; { - description = "Discord music bot that's easy to set up and run yourself"; - homepage = "https://git.oat.zone/oat/GMusicBot"; - sourceProvenance = with sourceTypes; [ binaryBytecode ]; - license = licenses.asl20; - inherit (pkgs.jre_headless.meta) platforms; - }; -}