From b15fc41005c8f143af92db6af75814eefaf22c01 Mon Sep 17 00:00:00 2001 From: Alexander Bantyev Date: Tue, 12 Sep 2023 01:13:04 +0400 Subject: [PATCH] Update --- flake.lock | 11 +++++------ flake.nix | 5 +++-- machines/Librem5-Phone/default.nix | 4 +++- machines/T420-Laptop/default.nix | 4 ++-- profiles/servers/gitea.nix | 12 +++++++----- profiles/servers/mailserver.nix | 2 +- profiles/servers/nextcloud.nix | 1 + 7 files changed, 22 insertions(+), 17 deletions(-) diff --git a/flake.lock b/flake.lock index 200d0e6..255e253 100644 --- a/flake.lock +++ b/flake.lock @@ -552,16 +552,15 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1680096111, - "narHash": "sha256-iPnnmH/v5tCZhvoB8zLI3qzMZ5HVG81zuVQm1xADXro=", - "owner": "balsoft", + "lastModified": 1694432324, + "narHash": "sha256-bo3Gv6Cp40vAXDBPi2XiDejzp/kyz65wZg4AnEWxAcY=", + "owner": "nixos", "repo": "nixos-hardware", - "rev": "1b90b22936ca018a6683e4715e2b774efbbf1747", + "rev": "ca41b8a227dd235b1b308217f116c7e6e84ad779", "type": "github" }, "original": { - "owner": "balsoft", - "ref": "add-librem-5", + "owner": "nixos", "repo": "nixos-hardware", "type": "github" } diff --git a/flake.nix b/flake.nix index e79a436..13c3faa 100644 --- a/flake.nix +++ b/flake.nix @@ -103,7 +103,7 @@ flake = false; }; - nixos-hardware.url = "github:balsoft/nixos-hardware/add-librem-5"; + nixos-hardware.url = "github:nixos/nixos-hardware"; yt-dlp.url = "github:yt-dlp/yt-dlp"; yt-dlp.flake = false; @@ -129,7 +129,8 @@ localSystem = { inherit system; }; config = { android_sdk.accept_license = true; - permittedInsecurePackages = [ "openssl-1.1.1u" ]; + permittedInsecurePackages = [ "openssl-1.1.1v" ]; + allowUnfreePredicate = (pkg: pkg.pname == "firmware-imx"); }; }; in { diff --git a/machines/Librem5-Phone/default.nix b/machines/Librem5-Phone/default.nix index 17c7988..ae4b986 100644 --- a/machines/Librem5-Phone/default.nix +++ b/machines/Librem5-Phone/default.nix @@ -35,6 +35,8 @@ pass-secret-service ]; + hardware.librem5.audio = false; + programs.ssh.askPassword = "${pkgs.plasma5Packages.ksshaskpass.out}/bin/ksshaskpass"; @@ -51,7 +53,7 @@ mono.size = 11; }; - environment.systemPackages = [ pkgs.pure-maps pkgs.plasma5Packages.elisa ]; + environment.systemPackages = [ pkgs.pure-maps (pkgs.organicmaps.overrideAttrs (_: {meta = {};})) pkgs.plasma5Packages.elisa ]; environment.etc."gnss-share.conf".text = '' # Socket to sent NMEA location to diff --git a/machines/T420-Laptop/default.nix b/machines/T420-Laptop/default.nix index 1ddef04..61a01f2 100644 --- a/machines/T420-Laptop/default.nix +++ b/machines/T420-Laptop/default.nix @@ -6,7 +6,7 @@ # jitsi mailserver matrix-synapse - minidlna + # minidlna nextcloud nginx vsftpd @@ -24,7 +24,7 @@ systemd-boot.enable = lib.mkForce false; grub = { enable = lib.mkForce true; - device = "/dev/sda"; + device = "/dev/disk/by-path/pci-0000:06:00.0-scsi-0:0:0:0"; }; }; diff --git a/profiles/servers/gitea.nix b/profiles/servers/gitea.nix index dd092b5..8b69972 100644 --- a/profiles/servers/gitea.nix +++ b/profiles/servers/gitea.nix @@ -3,10 +3,12 @@ services.gitea = { enable = true; appName = "code.balsoft.ru"; - cookieSecure = true; - rootUrl = "https://code.balsoft.ru"; - domain = "code.balsoft.ru"; - httpPort = 6000; - disableRegistration = true; + settings.server = { + HTTP_PORT = 6000; + ROOT_URL = "https://code.balsoft.ru"; + DISABLE_REGISTRATION = true; + COOKIE_SECURE = true; + DOMAIN = "code.balsoft.ru"; + }; }; } diff --git a/profiles/servers/mailserver.nix b/profiles/servers/mailserver.nix index 072da8a..45da096 100644 --- a/profiles/servers/mailserver.nix +++ b/profiles/servers/mailserver.nix @@ -152,7 +152,7 @@ in { }; }; localDnsResolver = false; - certificateScheme = 1; + certificateScheme = "manual"; certificateFile = "/var/lib/acme/balsoft.ru/fullchain.pem"; keyFile = "/var/lib/acme/balsoft.ru/key.pem"; enableImap = true; diff --git a/profiles/servers/nextcloud.nix b/profiles/servers/nextcloud.nix index c2c37fa..477762d 100644 --- a/profiles/servers/nextcloud.nix +++ b/profiles/servers/nextcloud.nix @@ -4,6 +4,7 @@ hostName = "nextcloud.balsoft.ru"; config.adminpassFile = config.secrets.nextcloud.decrypted; package = pkgs.nextcloud27; + enableBrokenCiphersForSSE = false; https = true; }; secrets.nextcloud = {