Update inputs

2025-03-08 18:47:04 +00:00
parent 44e3a3011a
commit e8090b2915
13 changed files with 111 additions and 49 deletions
--- a/nixos/boxes/britway/bgp.nix
+++ b/nixos/boxes/britway/bgp.nix
@@ -11,23 +11,24 @@ in
  config = {
    my = {
      secrets.files."britway/bgp-password-vultr.conf" = {
-        owner = "bird2";
-        group = "bird2";
+        owner = "bird";
+        group = "bird";
      };
    };

    environment.etc."bird/vultr-password.conf".source = config.age.secrets."britway/bgp-password-vultr.conf".path;

    systemd = {
-      services.bird2.after = [ "systemd-networkd-wait-online@veth0.service" ];
+      services.bird.after = [ "systemd-networkd-wait-online@veth0.service" ];
      network = {
        config.networkConfig.ManageForeignRoutes = false;
      };
    };

    services = {
-      bird2 = {
+      bird = {
        enable = true;
+        package = pkgs.bird2;
        preCheckConfig = ''
          echo '"dummy"' > vultr-password.conf
        '';
--- a/nixos/boxes/colony/vms/estuary/bgp.nix
+++ b/nixos/boxes/colony/vms/estuary/bgp.nix
@@ -8,8 +8,9 @@ in
 {
  config = {
    services = {
-      bird2 = {
+      bird = {
        enable = true;
+        package = pkgs.bird2;
        # TODO: Clean up and modularise
        config = ''
          define OWNAS = 211024;
--- a/nixos/boxes/home/palace/vms/sfh/default.nix
+++ b/nixos/boxes/home/palace/vms/sfh/default.nix
@@ -141,7 +141,7 @@ in
          containers.instances =
          let
            instances = {
-              unifi = {};
+              # unifi = {};
            };
          in
          mkMerge [
--- a/nixos/boxes/home/routing-common/dns_update.py
+++ b/nixos/boxes/home/routing-common/dns_update.py
@@ -2,7 +2,7 @@
 import argparse
 import subprocess

-import CloudFlare
+import cloudflare

 def main():
    parser = argparse.ArgumentParser(description='Cloudflare DNS update script')
@@ -19,17 +19,22 @@ def main():
    if args.api_token_file:
        with open(args.api_token_file) as f:
            cf_token = f.readline().strip()
+    cf = cloudflare.Cloudflare(api_token=cf_token)

-    cf = CloudFlare.CloudFlare(token=cf_token)
-    zones = cf.zones.get(params={'name': args.zone})
+    zones = list(cf.zones.list(name=args.zone))
    assert zones, f'Zone {args.zone} not found'
-    records = cf.zones.dns_records.get(zones[0]['id'], params={'name': args.record})
+    assert len(zones) == 1, f'More than one zone found for {args.zone}'
+    zone = zones[0]
+
+    records = list(cf.dns.records.list(zone_id=zone.id, name=args.record, type='A'))
    assert records, f'Record {args.record} not found in zone {args.zone}'
+    assert len(records) == 1, f'More than one record found for {args.record}'
+    record = records[0]

    print(f'Updating {args.record} -> {address}')
-    cf.zones.dns_records.patch(
-        zones[0]['id'], records[0]['id'],
-        data={'type': 'A', 'name': args.record, 'content': address})
+    cf.dns.records.edit(
+        zone_id=zone.id, dns_record_id=record.id,
+        type='A', content=address)

 if __name__ == '__main__':
    main()
--- a/nixos/boxes/kelder/containers/spoder/default.nix
+++ b/nixos/boxes/kelder/containers/spoder/default.nix
@@ -98,6 +98,7 @@ in
            https = true;
            config = {
              adminpassFile = config.age.secrets."kelder/nextcloud-root.txt".path;
+              dbtype = "sqlite";
            };
            settings = {
              updatechecker = false;
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -23,7 +23,7 @@ let
      pkgs = pkgs'.${config'.nixpkgs}.${config'.system};
      allPkgs = mapAttrs (_: p: p.${config'.system}) pkgs';

-      modules' = [ hmFlakes.${config'.home-manager}.nixosModule ] ++ (attrValues cfg.modules);
+      modules' = [ hmFlakes.${config'.home-manager}.nixosModules.default ] ++ (attrValues cfg.modules);
    in
    # Import eval-config ourselves since the flake now force-sets lib
    import "${pkgsFlake}/nixos/lib/eval-config.nix" {
--- a/nixos/modules/netboot/default.nix
+++ b/nixos/modules/netboot/default.nix
@@ -5,6 +5,7 @@ let

  cfg = config.my.netboot;

+  # Newer releases don't boot on desktop?
  ipxe = pkgs.ipxe.overrideAttrs (o: rec {
    version = "1.21.1-unstable-2024-06-27";
    src = pkgs.fetchFromGitHub {
@@ -13,6 +14,9 @@ let
      rev = "b66e27d9b29a172a097c737ab4d378d60fe01b05";
      hash = "sha256-TKZ4WjNV2oZIYNefch7E7m1JpeoC/d7O1kofoNv8G40=";
    };
+
+    # Newer GCC requires this upstream patch
+    patches = (if (o ? patches) then o.patches else [ ]) ++ [ ./fix-uninitialised-var.patch ];
  });
  tftpRoot = pkgs.linkFarm "tftp-root" [
    {
--- a/nixos/modules/netboot/fix-uninitialised-var.patch
+++ b/nixos/modules/netboot/fix-uninitialised-var.patch
@@ -0,0 +1,48 @@
+From 7f75d320f6d8ac7ec5185b2145da87f698aec273 Mon Sep 17 00:00:00 2001
+From: Michael Brown <mcb30@ipxe.org>
+Date: Mon, 2 Sep 2024 12:24:57 +0100
+Subject: [PATCH] [etherfabric] Fix use of uninitialised variable in
+ falcon_xaui_link_ok()
+
+The link status check in falcon_xaui_link_ok() reads from the
+FCN_XX_CORE_STAT_REG_MAC register only on production hardware (where
+the FPGA version reads as zero), but modifies the value and writes
+back to this register unconditionally.  This triggers an uninitialised
+variable warning on newer versions of gcc.
+
+Fix by assuming that the register exists only on production hardware,
+and so moving the "modify-write" portion of the "read-modify-write"
+operation to also be covered by the same conditional check.
+
+Signed-off-by: Michael Brown <mcb30@ipxe.org>
+---
+ src/drivers/net/etherfabric.c | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/src/drivers/net/etherfabric.c b/src/drivers/net/etherfabric.c
+index b40596beae7..be30b71f79f 100644
+--- a/src/drivers/net/etherfabric.c
+++ b/src/drivers/net/etherfabric.c
+@@ -2225,13 +2225,16 @@ falcon_xaui_link_ok ( struct efab_nic *efab )
+ 		sync = ( sync == FCN_XX_SYNC_STAT_DECODE_SYNCED );
+ 		
+ 		link_ok = align_done && sync;
+-	}
+ 
+-	/* Clear link status ready for next read */
+-	EFAB_SET_DWORD_FIELD ( reg, FCN_XX_COMMA_DET, FCN_XX_COMMA_DET_RESET );
+-	EFAB_SET_DWORD_FIELD ( reg, FCN_XX_CHARERR, FCN_XX_CHARERR_RESET);
+-	EFAB_SET_DWORD_FIELD ( reg, FCN_XX_DISPERR, FCN_XX_DISPERR_RESET);
+-	falcon_xmac_writel ( efab, &reg, FCN_XX_CORE_STAT_REG_MAC );
+		/* Clear link status ready for next read */
+		EFAB_SET_DWORD_FIELD ( reg, FCN_XX_COMMA_DET,
+				       FCN_XX_COMMA_DET_RESET );
+		EFAB_SET_DWORD_FIELD ( reg, FCN_XX_CHARERR,
+				       FCN_XX_CHARERR_RESET );
+		EFAB_SET_DWORD_FIELD ( reg, FCN_XX_DISPERR,
+				       FCN_XX_DISPERR_RESET );
+		falcon_xmac_writel ( efab, &reg, FCN_XX_CORE_STAT_REG_MAC );
+	}
+ 
+ 	has_phyxs = ( efab->phy_op->mmds & ( 1 << MDIO_MMD_PHYXS ) );
+ 	if ( link_ok && has_phyxs ) {
--- a/nixos/modules/network.nix
+++ b/nixos/modules/network.nix
@@ -1,6 +1,6 @@
 { lib, pkgs, config, ... }:
 let
-  inherit (lib) flatten optional mkIf mkDefault mkMerge;
+  inherit (lib) flatten optional mkIf mkDefault mkMerge versionAtLeast;
 in
 {
  config = mkMerge [
@@ -13,9 +13,11 @@ in
      };

      systemd = {
-        additionalUpstreamSystemUnits = [
+        additionalUpstreamSystemUnits = mkIf (config.system.nixos.release == "24.12:u-24.11") [
          # TODO: NixOS has its own version of this, but with `network` instead of `networkd`. Is this just a typo? It
          # hasn't been updated in 2 years...
+          # This has been done upstream now :)
+          # TODO: Remove when 25.05 releases
          "systemd-networkd-wait-online@.service"
        ];
      };
--- a/nixos/modules/tmproot.nix
+++ b/nixos/modules/tmproot.nix
@@ -551,7 +551,7 @@ in
          ];
        });
      })
-      (mkIf config.services.pds.enable {
+      (mkIf (config.services ? "pds" && config.services.pds.enable) {
        my.tmproot.persistence.config.directories = [
          {
            directory = "/var/lib/pds";