update to NixOS 23.05

2023-07-10 23:48:50 +02:00 · 2023-07-10 23:48:50 +02:00 · 5bac3f4410
commit 5bac3f4410
parent 2c6a573578
3 changed files with 11 additions and 10 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -22,7 +22,7 @@


  boot.kernelPackages = pkgs.linuxPackages_latest;
-  boot.tmpOnTmpfs = true;
+  boot.tmp.useTmpfs = true;
  boot.kernel.sysctl = {
    # avoid OOM hangs
    "vm.admin_reserve_kbytes" = 262144;
@ -32,6 +32,7 @@
  i18n.defaultLocale = "en_US.UTF-8";

  systemd.enableEmergencyMode = false;
+  systemd.oomd.enable = false;

  networking = {
    hostName = "maxwell";
@ -175,9 +176,9 @@

  services.openssh = {
    enable = true;
-    permitRootLogin = "no";
-    passwordAuthentication = false;
-    kbdInteractiveAuthentication = false;
+    settings.PermitRootLogin = "no";
+    settings.PasswordAuthentication = false;
+    settings.KbdInteractiveAuthentication = false;
  };

  # Traceroute easter egg
@ -239,12 +240,13 @@
  ### Git server
  services.gitea = with config.var; {
    enable  = true;
-    domain  = hostname;
    appName = "Maxwell git server";
-    rootUrl = "https://${hostname}/git/";
    user    = "git";
    database.user = "git";
    settings = {
+      server.ROOT_URL = "https://${hostname}/git/";
+      server.domain = hostname;
+
      session.COOKIE_SECURE = true;
      log.LEVEL = "Error";
      service.DISABLE_REGISTRATION = false;
--- a/email.nix
+++ b/email.nix
@ -3,8 +3,8 @@
 {
  imports = [
    (builtins.fetchTarball {
-      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-22.11/nixos-mailserver-nixos-22.11.tar.gz";
-      sha256 = "1h1r4x2ffqwyk0ql6kjvcpg1bdiimyzhrsvn49702fsgzpx57fhd";
+      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-23.05/nixos-mailserver-nixos-23.05.tar.gz";
+      sha256 = "1ngil2shzkf61qxiqw11awyl81cr7ks2kv3r3k243zz7v2xakm5c";
    })
  ];

@ -31,7 +31,7 @@
    };

    # Use Let's Encrypt certificate
-    certificateScheme = 3;
+    certificateScheme = "acme-nginx";

    # There is one already (pdns-recursor)
    localDnsResolver = false;
--- a/hardware.nix
+++ b/hardware.nix
@ -12,7 +12,6 @@
  ];
  boot.loader.grub = { 
    enable  = true;
-    version = 2;
    device  = "/dev/sda";
  };