diff --git a/flake.lock b/flake.lock index d987117..3757c42 100644 --- a/flake.lock +++ b/flake.lock @@ -188,11 +188,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1687173957, - "narHash": "sha256-GOds2bAQcZ94fb9/Nl/aM+r+0wGSi4EKYuZYR8Dw4R8=", + "lastModified": 1692793255, + "narHash": "sha256-yVyj0AE280JkccDHuG1XO9oGxN6bW8ksr/xttXcXzK0=", "owner": "numtide", "repo": "devshell", - "rev": "2cf83bb31720fcc29a999aee28d6da101173e66a", + "rev": "2aa26972b951bc05c3632d4e5ae683cb6771a7c6", "type": "github" }, "original": { @@ -387,11 +387,11 @@ ] }, "locked": { - "lastModified": 1687595284, - "narHash": "sha256-W4bGX7yCjWLeAugWpCMURlXxgPmXBJGTr/isGyd6Uew=", + "lastModified": 1692099905, + "narHash": "sha256-/pSusGhmIdSdAaywQRFA5dVbfdIzlWQTecM+E46+cJ0=", "owner": "nix-community", "repo": "home-manager", - "rev": "05a584b4f63f5de442f59c8cec01dddc77312856", + "rev": "2a6679aa9cc3872c29ba2a57fe1b71b3e3c5649f", "type": "github" }, "original": { @@ -407,11 +407,11 @@ ] }, "locked": { - "lastModified": 1687606638, - "narHash": "sha256-kloVhlQlholYXI6nfXkEa/4B+LZ+22YayxPoKZNkqRU=", + "lastModified": 1693125758, + "narHash": "sha256-7u591OQ1nzQ/IRMDBix8Ox1q+u3OyPQHs2HDZnR89qk=", "owner": "nix-community", "repo": "home-manager", - "rev": "68aebb45de644b81a71f0c7b8b22ad51c9a0df7a", + "rev": "f8c5fd75092448ac134d7fb823556b37d3c821f5", "type": "github" }, "original": { @@ -421,11 +421,11 @@ }, "impermanence": { "locked": { - "lastModified": 1684264534, - "narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=", + "lastModified": 1690797372, + "narHash": "sha256-GImz19e33SeVcIvBB7NnhbJSbTpFFmNtWLh7Z85Y188=", "owner": "nix-community", "repo": "impermanence", - "rev": "89253fb1518063556edd5e54509c30ac3089d5e6", + "rev": "e3a7acd113903269a1b5c8b527e84ce7ee859851", "type": "github" }, "original": { @@ -473,11 +473,11 @@ }, "nixpkgs-mine": { "locked": { - "lastModified": 1687611476, - "narHash": "sha256-7LzqSblaNWMwT6KL4fC9+zsAS+YJYSTkLbVKoo+mNTk=", + "lastModified": 1693148900, + "narHash": "sha256-rk+VheIaneH2XpLgYQ1QvC+w4rTiKxGaq/3onUq/OBk=", "owner": "devplayer0", "repo": "nixpkgs", - "rev": "7ba13caee5ea68574ed8ef7ba05c03352a58928d", + "rev": "34753e65f6c7887a1ea6bad9700b84993b336c41", "type": "github" }, "original": { @@ -489,11 +489,11 @@ }, "nixpkgs-mine-stable": { "locked": { - "lastModified": 1687611609, - "narHash": "sha256-RxFHlQIYykJO1MnByUBz8Yl+/FJRmL7wiZRC7EnjXKE=", + "lastModified": 1693148935, + "narHash": "sha256-EzIaEnhDZBSSO6LCRhRriq5tZLyayseuTxWaLndtFHU=", "owner": "devplayer0", "repo": "nixpkgs", - "rev": "d4f62cff19daf3e45aa9ca48aa601e0dd95d0ffa", + "rev": "e1d2b37448af90de8215c270230967fa29446cae", "type": "github" }, "original": { @@ -505,11 +505,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1687466461, - "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=", + "lastModified": 1693087214, + "narHash": "sha256-Kn1SSqRfPpqcI1MDy82JXrPT1WI8c03TA2F0xu6kS+4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b", + "rev": "f155f0cf4ea43c4e3c8918d2d327d44777b6cad4", "type": "github" }, "original": { @@ -520,11 +520,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1687502512, - "narHash": "sha256-dBL/01TayOSZYxtY4cMXuNCBk8UMLoqRZA+94xiFpJA=", + "lastModified": 1693003285, + "narHash": "sha256-5nm4yrEHKupjn62MibENtfqlP6pWcRTuSKrMiH9bLkc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3ae20aa58a6c0d1ca95c9b11f59a2d12eebc511f", + "rev": "5690c4271f2998c304a45c91a0aeb8fb69feaea7", "type": "github" }, "original": { diff --git a/nixos/boxes/castle/default.nix b/nixos/boxes/castle/default.nix index 0b7ed40..0473b58 100644 --- a/nixos/boxes/castle/default.nix +++ b/nixos/boxes/castle/default.nix @@ -25,7 +25,7 @@ efi.canTouchEfiVariables = false; timeout = 10; }; - kernelPackages = pkgs.linuxKernel.packages.linux_6_3; + kernelPackages = pkgs.linuxKernel.packages.linux_6_4; kernelModules = [ "kvm-amd" ]; kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ]; kernelPatches = [ diff --git a/nixos/boxes/colony/vms/shill/containers/chatterbox.nix b/nixos/boxes/colony/vms/shill/containers/chatterbox.nix index 4e0e871..8c3cd6f 100644 --- a/nixos/boxes/colony/vms/shill/containers/chatterbox.nix +++ b/nixos/boxes/colony/vms/shill/containers/chatterbox.nix @@ -60,6 +60,9 @@ in matrix-synapse = { enable = true; withJemalloc = true; + extras = [ + "oidc" + ]; extraConfigFiles = [ config.age.secrets."chatterbox/synapse.yaml".path ]; settings = { diff --git a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix index baccfdc..afe95eb 100644 --- a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix +++ b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix @@ -44,6 +44,8 @@ let ''; }; "/.well-known/webfinger".return = "301 https://toot.nul.ie$request_uri"; + "/.well-known/nodeinfo".return = "301 https://toot.nul.ie$request_uri"; + "/.well-known/host-meta".return = "301 https://toot.nul.ie$request_uri"; }; in { diff --git a/nixos/boxes/kelder/default.nix b/nixos/boxes/kelder/default.nix index a34d9cb..66a6a35 100644 --- a/nixos/boxes/kelder/default.nix +++ b/nixos/boxes/kelder/default.nix @@ -119,16 +119,7 @@ in enable = true; }; - ddclient = { - enable = true; - use = "if, if=et1g0"; - - protocol = "cloudflare"; - zone = lib.my.kelder.domain; - domains = [ "kelder-local.${lib.my.kelder.domain}" ]; - username = "token"; - passwordFile = config.age.secrets."kelder/ddclient-cloudflare.key".path; - }; + # TODO: replace ddclient with script to update local IP samba = { enable = true; diff --git a/nixos/boxes/tower/default.nix b/nixos/boxes/tower/default.nix index 5889aa2..0694b7c 100644 --- a/nixos/boxes/tower/default.nix +++ b/nixos/boxes/tower/default.nix @@ -25,7 +25,7 @@ efi.canTouchEfiVariables = true; timeout = 10; }; - kernelPackages = pkgs.linuxKernel.packages.linux_6_3; + kernelPackages = pkgs.linuxKernel.packages.linux_6_4; kernelModules = [ "kvm-intel" ]; kernelParams = [ "intel_iommu=on" ]; initrd = { diff --git a/nixos/modules/pdns.nix b/nixos/modules/pdns.nix index 43334e4..231829c 100644 --- a/nixos/modules/pdns.nix +++ b/nixos/modules/pdns.nix @@ -43,10 +43,11 @@ let }; ''; + staticZonePath = "/etc/pdns-bind-zones"; loadZonesCommon = pkgs.writeShellScript "pdns-bind-load-common.sh" '' loadZones() { - for z in /etc/pdns/bind-zones/*.zone; do - zoneName="$(echo "$z" | ${pkgs.gnused}/bin/sed -rn 's|/etc/pdns/bind-zones/(.*)\.zone|\1|p')" + for z in ${staticZonePath}/*.zone; do + zoneName="$(echo "$z" | ${pkgs.gnused}/bin/sed -rn 's|${staticZonePath}/(.*)\.zone|\1|p')" zDat="/var/lib/pdns/bind-zones/"$zoneName".dat" newZonePath="$(readlink -f "$z")" @@ -142,7 +143,7 @@ let # Use sponge instead of `sed -i` because that actually uses a temporary file and clobbers ownership... sed "s/^serial=.*$/serial=$serial/g" "$zDat" | sponge "$zDat" - sed "s/@@SERIAL@@/$serial/g" < /etc/pdns/bind-zones/"$zone".zone > /run/pdns/bind-zones/"$zone".zone + sed "s/@@SERIAL@@/$serial/g" < ${staticZonePath}/"$zone".zone > /run/pdns/bind-zones/"$zone".zone pdns_control bind-reload-now "$zone" ''; }; @@ -270,7 +271,7 @@ in pdns-file-record ]; - etc."pdns/bind-zones".source = "${zones}/*"; + etc."pdns-bind-zones".source = "${zones}/*"; }; systemd.services.pdns = { diff --git a/nixos/modules/tmproot.nix b/nixos/modules/tmproot.nix index 9593d90..15e75ad 100644 --- a/nixos/modules/tmproot.nix +++ b/nixos/modules/tmproot.nix @@ -195,9 +195,6 @@ in (mkIf config.services.mastodon.enable { my.tmproot.unsaved.ignore = [ "/var/lib/mastodon/.secrets_env" ]; }) - (mkIf config.services.ddclient.enable { - my.tmproot.unsaved.ignore = [ "/var/lib/private/ddclient" ]; - }) (mkIf config.services.samba.enable { my.tmproot.unsaved.ignore = [ "/var/cache/samba" ]; })