Update/fix keycloak, matrix, nextcloud, wireguard-nat-nftables

config/hosts/keycloak/keycloak.nix

@@ -1,8 +1,7 @@
-{ nixpkgs-master-keycloak-23_0_7, ... }:
+{ ... }:
 {
   services.keycloak = {
     enable = true;
-    package = nixpkgs-master-keycloak-23_0_7.legacyPackages."x86_64-linux".keycloak;
     settings = {
       hostname = "id.nekover.se";
       hostname-admin = "keycloak-admin.nekover.se";

config/hosts/matrix/matrix-synapse.nix

@@ -47,13 +47,6 @@
       turn_user_lifetime = 86400000;
       turn_allow_guests = true;
     };
-    sliding-sync = {
-      enable = true;
-      settings = {
-        SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl;
-      };
-      environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret";
-    };
     extras = [ "oidc" ];
     extraConfigFiles = [
       "/secrets/matrix-registration-shared-secret.secret"
@@ -62,4 +55,12 @@
       "/secrets/matrix-keycloak-client-secret.secret"
     ];
   };
+
+  services.matrix-sliding-sync = {
+      enable = true;
+      settings = {
+        SYNCV3_SERVER = config.services.matrix-synapse.settings.public_baseurl;
+      };
+      environmentFile = "/secrets/matrix-SYNCV3_SECRET.secret";
+  };
 }

config/hosts/nextcloud/nextcloud.nix

@@ -2,13 +2,12 @@
 {
   services.nextcloud = {
     enable = true;
-    package = pkgs.nextcloud28;
+    package = pkgs.nextcloud29;
     hostName = "cloud.nekover.se";
     https = true;
     config = {
       dbtype = "pgsql";
       adminpassFile = "/secrets/nextcloud-adminpass.secret";
-      defaultPhoneRegion = "DE";
     };
     database.createLocally = true;
     configureRedis = true;
@@ -17,7 +16,7 @@
       inherit bookmarks contacts calendar tasks twofactor_webauthn user_oidc;
     };
     maxUploadSize = "16G";
-    extraOptions = {
+    settings = {
       mail_smtpmode = "smtp";
       mail_sendmailmode = "smtp";
       mail_smtpsecure = "ssl";
@@ -28,6 +27,7 @@
       mail_smtphost = "mail-1.grzb.de";
       mail_smtpport = 465;
       mail_smtpname = "cloud@nekover.se";
+      default_phone_region = "DE";
     };
     # Only contains mail_smtppassword
     secretFile = "/secrets/nextcloud-secretfile.secret";

flake.lock

@@ -115,22 +115,6 @@
         "type": "github"
       }
     },
-    "nixpkgs-master-keycloak-23_0_7": {
-      "locked": {
-        "lastModified": 1708610845,
-        "narHash": "sha256-2ta+qGOkQJOeDx00bzxmjP0XO38xkJjZDDA+hq/04SM=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "edc6a7a312c4f914f9bded421efa6f0b1b715693",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "edc6a7a312c4f914f9bded421efa6f0b1b715693",
-        "type": "github"
-      }
-    },
     "nixpkgs-unstable": {
       "locked": {
         "lastModified": 1719824438,
@@ -167,7 +151,6 @@
         "nixos-generators": "nixos-generators",
         "nixpkgs": "nixpkgs",
         "nixpkgs-master": "nixpkgs-master",
-        "nixpkgs-master-keycloak-23_0_7": "nixpkgs-master-keycloak-23_0_7",
         "nixpkgs-unstable": "nixpkgs-unstable",
         "simple-nixos-mailserver": "simple-nixos-mailserver"
       }

flake.nix

@@ -3,7 +3,6 @@
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
     nixpkgs-master.url = "github:NixOS/nixpkgs/master";
-    nixpkgs-master-keycloak-23_0_7.url = "github:NixOS/nixpkgs/edc6a7a312c4f914f9bded421efa6f0b1b715693";
     nixos-generators = {
       url = "github:nix-community/nixos-generators";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -11,7 +10,7 @@
     simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.05";
   };
 
-  outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixpkgs-master-keycloak-23_0_7, nixos-generators, simple-nixos-mailserver, ... }@inputs:
+  outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-master, nixos-generators, simple-nixos-mailserver, ... }@inputs:
   let
     hosts = import ./hosts.nix inputs;
     helper = import ./helper.nix inputs;
@@ -29,7 +28,7 @@
         nodeNixpkgs = builtins.mapAttrs (name: host: host.pkgs) hosts;
 
         specialArgs = {
-          inherit nixpkgs-unstable nixpkgs-master nixpkgs-master-keycloak-23_0_7 hosts simple-nixos-mailserver;
+          inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver;
 
           # Provide environment for secret key command
           keyCommandEnv = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" ];
@@ -39,7 +38,7 @@
 
     hydraJobs = {
       nixConfigurations = builtins.mapAttrs (host: helper.generateNixConfiguration host {
-        inherit nixpkgs-unstable nixpkgs-master nixpkgs-master-keycloak-23_0_7 hosts simple-nixos-mailserver;
+        inherit nixpkgs-unstable nixpkgs-master hosts simple-nixos-mailserver;
       }) hosts;
     };
 

pkgs/wireguard-nat-nftables/default.nix

@@ -1,17 +1,11 @@
 { pkgs, ... }:
-let
+pkgs.python3Packages.buildPythonApplication {
-  nftablesWithPythonOverlay = final: prev: {
-    nftables = (prev.nftables.override { withPython = true; });
-  };
-  pkgs-overlay = pkgs.extend nftablesWithPythonOverlay;
-in
-pkgs-overlay.python310Packages.buildPythonApplication {
   pname = "wireguard-nat-nftables";
   version = "0.0.1";
 
-  propagatedBuildInputs = with pkgs-overlay; [
+  propagatedBuildInputs = with pkgs; [
     wireguard-tools
-    python310Packages.nftables
+    python3Packages.nftables
   ];
 
   src = ./src;