diff --git a/configuration.nix b/configuration.nix index 59f5ba8..b04672e 100644 --- a/configuration.nix +++ b/configuration.nix @@ -16,9 +16,10 @@ ### State # Stateful things to do before updating: - # 1. Postgres migration - # 2. Matrix Synapse migration - system.stateVersion = "21.05"; + # 1. Postgres migration (https://www.postgresql.org/docs/current/upgrading.html) + # 2. Matrix Synapse migration (https://matrix-org.github.io/synapse/latest/upgrade.html) + system.stateVersion = "22.05"; + boot.kernelPackages = pkgs.linuxPackages_latest; boot.tmpOnTmpfs = true; @@ -83,7 +84,7 @@ fazo = { extraGroups = [ "wheel" ]; isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ config.secrets.publicKeys.fazo]; + openssh.authorizedKeys.keyFiles = [ config.secrets.publicKeys.fazo ]; }; # User @@ -152,7 +153,7 @@ ### ACME certificates security.acme = with config.var; { - email = "rnhmjoj@inventati.org"; + defaults.email = "rnhmjoj@inventati.org"; acceptTerms = true; certs."${hostname}" = { @@ -174,7 +175,7 @@ enable = true; permitRootLogin = "no"; passwordAuthentication = false; - challengeResponseAuthentication = false; + kbdInteractiveAuthentication = false; }; # Traceroute easter egg diff --git a/email.nix b/email.nix index a6aad53..5efbf93 100644 --- a/email.nix +++ b/email.nix @@ -3,16 +3,11 @@ { imports = [ (builtins.fetchTarball { - url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-21.11/nixos-mailserver-nixos-21.11.tar.gz"; - sha256 = "1i56llz037x416bw698v8j6arvv622qc0vsycd20lx3yx8n77n44"; + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-22.05/nixos-mailserver-nixos-22.05.tar.gz"; + sha256 = "0csx2i8p7gbis0n5aqpm57z5f9cd8n9yabq04bg1h4mkfcf7mpl6"; }) ]; - security.acme = { - email = "rnhmjoj@inventati.org"; - acceptTerms = true; - }; - mailserver = { enable = true; fqdn = "mail.eurofusion.eu"; diff --git a/matrix.nix b/matrix.nix index 3a9bb53..9384653 100644 --- a/matrix.nix +++ b/matrix.nix @@ -67,8 +67,8 @@ in ### Homeserver - services.matrix-synapse = { - enable = true; + services.matrix-synapse.enable = true; + services.matrix-synapse.settings = { server_name = config.var.hostname; # Tell users about our TURN server @@ -81,7 +81,7 @@ in # Bind on localhost and used a reverse proxy listeners = [ - { bind_address = "localhost"; + { bind_addresses = [ "localhost" ]; port = 8448; type = "http"; tls = false; @@ -101,24 +101,24 @@ in }; # Make logging less verbose - logConfig = '' + log_config = pkgs.writeText "synapse-log.yml" '' version: 1 formatters: - journal_fmt: - format: '%(name)s: [%(request)s] %(message)s' + journal_fmt: + format: '%(name)s: [%(request)s] %(message)s' filters: - context: - (): synapse.util.logcontext.LoggingContextFilter - request: "" + context: + (): synapse.util.logcontext.LoggingContextFilter + request: "" handlers: - journal: - class: systemd.journal.JournalHandler - formatter: journal_fmt - filters: [context] - SYSLOG_IDENTIFIER: synapse + journal: + class: systemd.journal.JournalHandler + formatter: journal_fmt + filters: [context] + SYSLOG_IDENTIFIER: synapse root: - level: WARN - handlers: [journal] + level: WARN + handlers: [journal] disable_existing_loggers: False ''; diff --git a/packages.nix b/packages.nix index be84a6c..a0f978c 100644 --- a/packages.nix +++ b/packages.nix @@ -12,8 +12,10 @@ in roomId = "!FsUSHSNMPMVTFFcvJo:maxwell.ydns.eu"; authToken = config.secrets.passwords.matrix; }; - monero = unstable.monero; - element-web = unstable.element-web; + haskellPackages = super.haskellPackages.override + { overrides = hself: hsuper: + { inherit (unstable.haskellPackages) namecoin-update; }; + }; }); environment.systemPackages = with pkgs; [