update 22.05

configuration.nix

@@ -41,6 +41,6 @@
 	};
     };
 
-    security.acme.email = "stubbfel@posteo.de";
+    security.acme.defaults.email = "stubbfel@posteo.de";
     security.acme.acceptTerms = true;
 }

programs/installed.nix

@@ -1,8 +1,12 @@
 { config, pkgs, ... }:
 
+let 
+    unstable = import <nixos-unstable> { config = {  allowUnfree = true; }; };
+in
+
 {
     environment.systemPackages = with pkgs; [
-        wget curl vim nano zsh fzf tmux git exa progress tldr htop docker-compose
+        wget curl vim nano zsh fzf tmux git exa progress tldr htop unstable.docker-compose
     ];
 
     imports =

services/enabled.nix

@@ -22,5 +22,6 @@
 	./mailcow.nix
         ./unciv.nix
         ./hydra.nix
+	./postgres.nix
     ];
 }

services/mailcow.nix

@@ -1,5 +1,9 @@
 { config, pkgs, ... }:
 
+let 
+    unstable = import <nixos-unstable> { config = {  allowUnfree = true; }; };
+in
+
 {
   services.nginx.virtualHosts."mailcow.stubbe.rocks" = {
       enableACME = true;
@@ -43,7 +47,7 @@ security.acme.certs."v22017115146555724.happysrv.de".postRun = ''
         pkgs.curl
         pkgs.gawk
         pkgs.docker
-        pkgs.docker-compose
+        unstable.docker-compose
         pkgs.which
         pkgs.coreutils-full
 	pkgs.unixtools.ping

services/nextcloud.nix

@@ -32,6 +32,20 @@ let
       ${myPhp}/bin/php \
       occ "$@"
   '';
+
+  daf = pkgs.writeScriptBin "nextcloud-daf" ''
+    #! ${pkgs.runtimeShell}
+    cd /var/www/nextcloud-tools/rescue
+    sudo=exec
+    if [[ "$USER" != nextcloud ]]; then
+      sudo='exec /run/wrappers/bin/sudo -u nextcloud --preserve-env=NEXTCLOUD_CONFIG_DIR --preserve-env=OC_PASS'
+    fi
+    export NEXTCLOUD_CONFIG_DIR="/var/www/nextcloud/config"
+    $sudo \
+      ${myPhp}/bin/php \
+      decrypt-all-files.php "$@"
+  '';
+  
 in
 {
 
@@ -165,7 +179,7 @@ in
       };
   };
 
-    environment.systemPackages = [ occ ];
+    environment.systemPackages = [ occ daf ];
 
     # Option I: PHP-FPM pool for Nextcloud
     services.phpfpm.pools.nextcloud = let
@@ -195,7 +209,7 @@ in
   };
 
 services.cron.enable = true;
-services.redis.enable = true;
+services.redis.servers."".enable = true;
 
 systemd.timers.nextcloud-cron = {
         wantedBy = [ "timers.target" ];

services/nexus.nix

@@ -5,11 +5,11 @@ let
   lPort = 9081;
   nexusPkgs = pkgs.nexus.overrideAttrs (oldAttrs: rec {
     pname = "nexus";
-    version = "3.38.0-01";
+    version = "3.41.1-01";
     sourceRoot = "${pname}-${version}";
     src = pkgs.fetchurl {
       url = "https://sonatype-download.global.ssl.fastly.net/nexus/3/nexus-${version}-unix.tar.gz";
-      sha256 = "0vycfzv50nmyhikl97ahcbb28g9ii1yykhcw9vyqrb1kf8nmxvnp";
+      sha256 = "1aig93k0kvayk0xlk5mrirqaba899x89xjwwz3kha47lhgc5zm0s";
     };
     installPhase = ''
       runHook preInstall

services/sshd.nix

@@ -3,6 +3,6 @@
 {
   services.openssh.enable = true;
   services.openssh.passwordAuthentication = false;
-  services.openssh.challengeResponseAuthentication = false;
+  services.openssh.kbdInteractiveAuthentication = false;
   services.openssh.permitRootLogin = "no";
 }