update 22.05

2022-09-27 19:55:50 +02:00
parent 120ba60838
commit 5ad6cf7b17
7 changed files with 31 additions and 8 deletions
--- a/configuration.nix
+++ b/configuration.nix
@@ -41,6 +41,6 @@
 	};
    };

-    security.acme.email = "stubbfel@posteo.de";
+    security.acme.defaults.email = "stubbfel@posteo.de";
    security.acme.acceptTerms = true;
 }
--- a/programs/installed.nix
+++ b/programs/installed.nix
@@ -1,8 +1,12 @@
 { config, pkgs, ... }:

+let 
+    unstable = import <nixos-unstable> { config = {  allowUnfree = true; }; };
+in
+
 {
    environment.systemPackages = with pkgs; [
-        wget curl vim nano zsh fzf tmux git exa progress tldr htop docker-compose
+        wget curl vim nano zsh fzf tmux git exa progress tldr htop unstable.docker-compose
    ];

    imports =
--- a/services/enabled.nix
+++ b/services/enabled.nix
@@ -22,5 +22,6 @@
 	./mailcow.nix
        ./unciv.nix
        ./hydra.nix
+	./postgres.nix
    ];
 }
--- a/services/mailcow.nix
+++ b/services/mailcow.nix
@@ -1,5 +1,9 @@
 { config, pkgs, ... }:

+let 
+    unstable = import <nixos-unstable> { config = {  allowUnfree = true; }; };
+in
+
 {
  services.nginx.virtualHosts."mailcow.stubbe.rocks" = {
      enableACME = true;
@@ -43,7 +47,7 @@ security.acme.certs."v22017115146555724.happysrv.de".postRun = ''
        pkgs.curl
        pkgs.gawk
        pkgs.docker
-        pkgs.docker-compose
+        unstable.docker-compose
        pkgs.which
        pkgs.coreutils-full
 	pkgs.unixtools.ping
--- a/services/nextcloud.nix
+++ b/services/nextcloud.nix
@@ -32,6 +32,20 @@ let
      ${myPhp}/bin/php \
      occ "$@"
  '';
+
+  daf = pkgs.writeScriptBin "nextcloud-daf" ''
+    #! ${pkgs.runtimeShell}
+    cd /var/www/nextcloud-tools/rescue
+    sudo=exec
+    if [[ "$USER" != nextcloud ]]; then
+      sudo='exec /run/wrappers/bin/sudo -u nextcloud --preserve-env=NEXTCLOUD_CONFIG_DIR --preserve-env=OC_PASS'
+    fi
+    export NEXTCLOUD_CONFIG_DIR="/var/www/nextcloud/config"
+    $sudo \
+      ${myPhp}/bin/php \
+      decrypt-all-files.php "$@"
+  '';
+  
 in
 {

@@ -165,7 +179,7 @@ in
      };
  };

-    environment.systemPackages = [ occ ];
+    environment.systemPackages = [ occ daf ];

    # Option I: PHP-FPM pool for Nextcloud
    services.phpfpm.pools.nextcloud = let
@@ -195,7 +209,7 @@ in
  };

 services.cron.enable = true;
-services.redis.enable = true;
+services.redis.servers."".enable = true;

 systemd.timers.nextcloud-cron = {
        wantedBy = [ "timers.target" ];
--- a/services/nexus.nix
+++ b/services/nexus.nix
@@ -5,11 +5,11 @@ let
  lPort = 9081;
  nexusPkgs = pkgs.nexus.overrideAttrs (oldAttrs: rec {
    pname = "nexus";
-    version = "3.38.0-01";
+    version = "3.41.1-01";
    sourceRoot = "${pname}-${version}";
    src = pkgs.fetchurl {
      url = "https://sonatype-download.global.ssl.fastly.net/nexus/3/nexus-${version}-unix.tar.gz";
-      sha256 = "0vycfzv50nmyhikl97ahcbb28g9ii1yykhcw9vyqrb1kf8nmxvnp";
+      sha256 = "1aig93k0kvayk0xlk5mrirqaba899x89xjwwz3kha47lhgc5zm0s";
    };
    installPhase = ''
      runHook preInstall
--- a/services/sshd.nix
+++ b/services/sshd.nix
@@ -3,6 +3,6 @@
 {
  services.openssh.enable = true;
  services.openssh.passwordAuthentication = false;
-  services.openssh.challengeResponseAuthentication = false;
+  services.openssh.kbdInteractiveAuthentication = false;
  services.openssh.permitRootLogin = "no";
 }