update to NixOS 22.05

This commit is contained in:
Michele Guerini Rocco 2022-08-10 05:04:54 +02:00
parent d6d1cf413a
commit cc3f5a7f03
Signed by: rnhmjoj
GPG Key ID: BFBAF4C975F76450
4 changed files with 29 additions and 31 deletions

View File

@ -16,9 +16,10 @@
### State ### State
# Stateful things to do before updating: # Stateful things to do before updating:
# 1. Postgres migration # 1. Postgres migration (https://www.postgresql.org/docs/current/upgrading.html)
# 2. Matrix Synapse migration # 2. Matrix Synapse migration (https://matrix-org.github.io/synapse/latest/upgrade.html)
system.stateVersion = "21.05"; system.stateVersion = "22.05";
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
boot.tmpOnTmpfs = true; boot.tmpOnTmpfs = true;
@ -83,7 +84,7 @@
fazo = { fazo = {
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keyFiles = [ config.secrets.publicKeys.fazo]; openssh.authorizedKeys.keyFiles = [ config.secrets.publicKeys.fazo ];
}; };
# User # User
@ -152,7 +153,7 @@
### ACME certificates ### ACME certificates
security.acme = with config.var; { security.acme = with config.var; {
email = "rnhmjoj@inventati.org"; defaults.email = "rnhmjoj@inventati.org";
acceptTerms = true; acceptTerms = true;
certs."${hostname}" = { certs."${hostname}" = {
@ -174,7 +175,7 @@
enable = true; enable = true;
permitRootLogin = "no"; permitRootLogin = "no";
passwordAuthentication = false; passwordAuthentication = false;
challengeResponseAuthentication = false; kbdInteractiveAuthentication = false;
}; };
# Traceroute easter egg # Traceroute easter egg

View File

@ -3,16 +3,11 @@
{ {
imports = [ imports = [
(builtins.fetchTarball { (builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-21.11/nixos-mailserver-nixos-21.11.tar.gz"; url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-22.05/nixos-mailserver-nixos-22.05.tar.gz";
sha256 = "1i56llz037x416bw698v8j6arvv622qc0vsycd20lx3yx8n77n44"; sha256 = "0csx2i8p7gbis0n5aqpm57z5f9cd8n9yabq04bg1h4mkfcf7mpl6";
}) })
]; ];
security.acme = {
email = "rnhmjoj@inventati.org";
acceptTerms = true;
};
mailserver = { mailserver = {
enable = true; enable = true;
fqdn = "mail.eurofusion.eu"; fqdn = "mail.eurofusion.eu";

View File

@ -67,8 +67,8 @@ in
### Homeserver ### Homeserver
services.matrix-synapse = { services.matrix-synapse.enable = true;
enable = true; services.matrix-synapse.settings = {
server_name = config.var.hostname; server_name = config.var.hostname;
# Tell users about our TURN server # Tell users about our TURN server
@ -81,7 +81,7 @@ in
# Bind on localhost and used a reverse proxy # Bind on localhost and used a reverse proxy
listeners = [ listeners = [
{ bind_address = "localhost"; { bind_addresses = [ "localhost" ];
port = 8448; port = 8448;
type = "http"; type = "http";
tls = false; tls = false;
@ -101,24 +101,24 @@ in
}; };
# Make logging less verbose # Make logging less verbose
logConfig = '' log_config = pkgs.writeText "synapse-log.yml" ''
version: 1 version: 1
formatters: formatters:
journal_fmt: journal_fmt:
format: '%(name)s: [%(request)s] %(message)s' format: '%(name)s: [%(request)s] %(message)s'
filters: filters:
context: context:
(): synapse.util.logcontext.LoggingContextFilter (): synapse.util.logcontext.LoggingContextFilter
request: "" request: ""
handlers: handlers:
journal: journal:
class: systemd.journal.JournalHandler class: systemd.journal.JournalHandler
formatter: journal_fmt formatter: journal_fmt
filters: [context] filters: [context]
SYSLOG_IDENTIFIER: synapse SYSLOG_IDENTIFIER: synapse
root: root:
level: WARN level: WARN
handlers: [journal] handlers: [journal]
disable_existing_loggers: False disable_existing_loggers: False
''; '';

View File

@ -12,8 +12,10 @@ in
roomId = "!FsUSHSNMPMVTFFcvJo:maxwell.ydns.eu"; roomId = "!FsUSHSNMPMVTFFcvJo:maxwell.ydns.eu";
authToken = config.secrets.passwords.matrix; authToken = config.secrets.passwords.matrix;
}; };
monero = unstable.monero; haskellPackages = super.haskellPackages.override
element-web = unstable.element-web; { overrides = hself: hsuper:
{ inherit (unstable.haskellPackages) namecoin-update; };
};
}); });
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [