Update inputs

nixos/boxes/castle/default.nix

@@ -25,7 +25,7 @@
             efi.canTouchEfiVariables = false;
             timeout = 10;
           };
-          kernelPackages = pkgs.linuxKernel.packages.linux_6_3;
+          kernelPackages = pkgs.linuxKernel.packages.linux_6_4;
           kernelModules = [ "kvm-amd" ];
           kernelParams = [ "amd_iommu=on" "amd_pstate=passive" ];
           kernelPatches = [

nixos/boxes/colony/vms/shill/containers/chatterbox.nix

@@ -60,6 +60,9 @@ in
             matrix-synapse = {
               enable = true;
               withJemalloc = true;
+              extras = [
+                "oidc"
+              ];
 
               extraConfigFiles = [ config.age.secrets."chatterbox/synapse.yaml".path ];
               settings = {

nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix

@@ -44,6 +44,8 @@ let
       '';
     };
     "/.well-known/webfinger".return = "301 https://toot.nul.ie$request_uri";
+    "/.well-known/nodeinfo".return = "301 https://toot.nul.ie$request_uri";
+    "/.well-known/host-meta".return = "301 https://toot.nul.ie$request_uri";
   };
 in
 {

nixos/boxes/kelder/default.nix

@@ -119,16 +119,7 @@ in
               enable = true;
             };
 
-            ddclient = {
-              enable = true;
-              use = "if, if=et1g0";
-
-              protocol = "cloudflare";
-              zone = lib.my.kelder.domain;
-              domains = [ "kelder-local.${lib.my.kelder.domain}" ];
-              username = "token";
-              passwordFile = config.age.secrets."kelder/ddclient-cloudflare.key".path;
-            };
+            # TODO: replace ddclient with script to update local IP
 
             samba = {
               enable = true;

nixos/boxes/tower/default.nix

@@ -25,7 +25,7 @@
             efi.canTouchEfiVariables = true;
             timeout = 10;
           };
-          kernelPackages = pkgs.linuxKernel.packages.linux_6_3;
+          kernelPackages = pkgs.linuxKernel.packages.linux_6_4;
           kernelModules = [ "kvm-intel" ];
           kernelParams = [ "intel_iommu=on" ];
           initrd = {

nixos/modules/pdns.nix

@@ -43,10 +43,11 @@ let
     };
   '';
 
+  staticZonePath = "/etc/pdns-bind-zones";
   loadZonesCommon = pkgs.writeShellScript "pdns-bind-load-common.sh" ''
     loadZones() {
-      for z in /etc/pdns/bind-zones/*.zone; do
-        zoneName="$(echo "$z" | ${pkgs.gnused}/bin/sed -rn 's|/etc/pdns/bind-zones/(.*)\.zone|\1|p')"
+      for z in ${staticZonePath}/*.zone; do
+        zoneName="$(echo "$z" | ${pkgs.gnused}/bin/sed -rn 's|${staticZonePath}/(.*)\.zone|\1|p')"
 
         zDat="/var/lib/pdns/bind-zones/"$zoneName".dat"
         newZonePath="$(readlink -f "$z")"
@@ -142,7 +143,7 @@ let
 
       # Use sponge instead of `sed -i` because that actually uses a temporary file and clobbers ownership...
       sed "s/^serial=.*$/serial=$serial/g" "$zDat" | sponge "$zDat"
-      sed "s/@@SERIAL@@/$serial/g" < /etc/pdns/bind-zones/"$zone".zone > /run/pdns/bind-zones/"$zone".zone
+      sed "s/@@SERIAL@@/$serial/g" < ${staticZonePath}/"$zone".zone > /run/pdns/bind-zones/"$zone".zone
       pdns_control bind-reload-now "$zone"
     '';
   };
@@ -270,7 +271,7 @@ in
           pdns-file-record
         ];
 
-        etc."pdns/bind-zones".source = "${zones}/*";
+        etc."pdns-bind-zones".source = "${zones}/*";
       };
 
       systemd.services.pdns = {

nixos/modules/tmproot.nix

@@ -195,9 +195,6 @@ in
     (mkIf config.services.mastodon.enable {
       my.tmproot.unsaved.ignore = [ "/var/lib/mastodon/.secrets_env" ];
     })
-    (mkIf config.services.ddclient.enable {
-      my.tmproot.unsaved.ignore = [ "/var/lib/private/ddclient" ];
-    })
     (mkIf config.services.samba.enable {
       my.tmproot.unsaved.ignore = [ "/var/cache/samba" ];
     })