From cf76804cec45582ceb1d07c5cb739e765e1ae277 Mon Sep 17 00:00:00 2001 From: yuri Date: Thu, 4 Jul 2024 17:21:02 +0200 Subject: [PATCH] Update/fix keycloak, matrix, nextcloud, wireguard-nat-nftables --- config/hosts/keycloak/keycloak.nix | 3 +-- config/hosts/matrix/matrix-synapse.nix | 15 ++++++++------- config/hosts/nextcloud/nextcloud.nix | 6 +++--- flake.lock | 17 ----------------- flake.nix | 7 +++---- pkgs/wireguard-nat-nftables/default.nix | 12 +++--------- 6 files changed, 18 insertions(+), 42 deletions(-) diff --git a/config/hosts/keycloak/keycloak.nix b/config/hosts/keycloak/keycloak.nix index 0937e24..79e9a96 100644 --- a/config/hosts/keycloak/keycloak.nix +++ b/config/hosts/keycloak/keycloak.nix @@ -1,8 +1,7 @@ -{ nixpkgs-master-keycloak-23_0_7, ... }: +{ ... }: { services.keycloak = { enable = true; - package = nixpkgs-master-keycloak-23_0_7.legacyPackages."x86_64-linux".keycloak; settings = { hostname = "id.nekover.se"; hostname-admin = "keycloak-admin.nekover.se"; diff --git a/config/hosts/matrix/matrix-synapse.nix b/config/hosts/matrix/matrix-synapse.nix index 6527503..e719484 100644 --- a/config/hosts/matrix/matrix-synapse.nix +++ b/config/hosts/matrix/matrix-synapse.nix @@ -47,13 +47,6 @@ turn_user_lifetime = 86400000; turn_allow_guests = true; }; - sliding-sync = { - enable = true; - settings = { - SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl; - }; - environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret"; - }; extras = [ "oidc" ]; extraConfigFiles = [ "/secrets/matrix-registration-shared-secret.secret" @@ -62,4 +55,12 @@ "/secrets/matrix-keycloak-client-secret.secret" ]; }; + + services.matrix-sliding-sync = { + enable = true; + settings = { + SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl; + }; + environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret"; + }; } diff --git a/config/hosts/nextcloud/nextcloud.nix b/config/hosts/nextcloud/nextcloud.nix index 839d15d..0b1f3a2 100644 --- a/config/hosts/nextcloud/nextcloud.nix +++ b/config/hosts/nextcloud/nextcloud.nix @@ -2,13 +2,12 @@ { services.nextcloud = { enable = true; - package = pkgs.nextcloud28; + package = pkgs.nextcloud29; hostName = "cloud.nekover.se"; https = true; config = { dbtype = "pgsql"; adminpassFile = "/secrets/nextcloud-adminpass.secret"; - defaultPhoneRegion = "DE"; }; database.createLocally = true; configureRedis = true; @@ -17,7 +16,7 @@ inherit bookmarks contacts calendar tasks twofactor_webauthn user_oidc; }; maxUploadSize = "16G"; - extraOptions = { + settings = { mail_smtpmode = "smtp"; mail_sendmailmode = "smtp"; mail_smtpsecure = "ssl"; @@ -28,6 +27,7 @@ mail_smtphost = "mail-1.grzb.de"; mail_smtpport = 465; mail_smtpname = "cloud@nekover.se"; + default_phone_region = "DE"; }; # Only contains mail_smtppassword secretFile = "/secrets/nextcloud-secretfile.secret"; diff --git a/flake.lock b/flake.lock index df78fc6..aa5196f 100644 --- a/flake.lock +++ b/flake.lock @@ -115,22 +115,6 @@ "type": "github" } }, - "nixpkgs-master-keycloak-23_0_7": { - "locked": { - "lastModified": 1708610845, - "narHash": "sha256-2ta+qGOkQJOeDx00bzxmjP0XO38xkJjZDDA+hq/04SM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "edc6a7a312c4f914f9bded421efa6f0b1b715693", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "edc6a7a312c4f914f9bded421efa6f0b1b715693", - "type": "github" - } - }, "nixpkgs-unstable": { "locked": { "lastModified": 1719824438, @@ -167,7 +151,6 @@ "nixos-generators": "nixos-generators", "nixpkgs": "nixpkgs", "nixpkgs-master": "nixpkgs-master", - "nixpkgs-master-keycloak-23_0_7": "nixpkgs-master-keycloak-23_0_7", "nixpkgs-unstable": "nixpkgs-unstable", "simple-nixos-mailserver": "simple-nixos-mailserver" } diff --git a/flake.nix b/flake.nix index 1520a61..5cf2232 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,6 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; nixpkgs-master.url = "github:NixOS/nixpkgs/master"; - nixpkgs-master-keycloak-23_0_7.url = "github:NixOS/nixpkgs/edc6a7a312c4f914f9bded421efa6f0b1b715693"; nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; @@ -11,7 +10,7 @@ simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05"; }; - outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixpkgs-master-keycloak-23_0_7, nixos-generators, simple-nixos-mailserver, ... }@inputs: + outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, ... }@inputs: let hosts = import ./hosts.nix inputs; helper = import ./helper.nix inputs; @@ -29,7 +28,7 @@ nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts; specialArgs = { - inherit nixpkgs-unstable nixpkgs-master nixpkgs-master-keycloak-23_0_7 hosts simple-nixos-mailserver; + inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver; # Provide environment for secret key command keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ]; @@ -39,7 +38,7 @@ hydraJobs = { nixConfigurations = builtins.mapAttrs (host: helper.generateNixConfiguration host { - inherit nixpkgs-unstable nixpkgs-master nixpkgs-master-keycloak-23_0_7 hosts simple-nixos-mailserver; + inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver; }) hosts; }; diff --git a/pkgs/wireguard-nat-nftables/default.nix b/pkgs/wireguard-nat-nftables/default.nix index e687cee..3ce972e 100644 --- a/pkgs/wireguard-nat-nftables/default.nix +++ b/pkgs/wireguard-nat-nftables/default.nix @@ -1,17 +1,11 @@ { pkgs, ... }: -let - nftablesWithPythonOverlay = final: prev: { - nftables = (prev.nftables.override { withPython = true; }); - }; - pkgs-overlay = pkgs.extend nftablesWithPythonOverlay; -in -pkgs-overlay.python310Packages.buildPythonApplication { +pkgs.python3Packages.buildPythonApplication { pname = "wireguard-nat-nftables"; version = "0.0.1"; - propagatedBuildInputs = with pkgs-overlay; [ + propagatedBuildInputs = with pkgs; [ wireguard-tools - python310Packages.nftables + python3Packages.nftables ]; src = ./src;