summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/nixpkgs.json6
-rwxr-xr-xkrebs/update-nixpkgs.sh2
-rw-r--r--lass/1systems/icarus/config.nix1
-rw-r--r--lass/1systems/morpheus/physical.nix5
-rw-r--r--lass/1systems/shodan/config.nix2
-rw-r--r--lass/1systems/uriel/physical.nix2
-rw-r--r--lass/2configs/copyq.nix3
-rw-r--r--lass/2configs/dcso-vpn.nix44
-rw-r--r--lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem0
-rw-r--r--lass/2configs/tests/dummy-secrets/dcsovpn/cert.key0
-rw-r--r--lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem0
-rw-r--r--lass/2configs/tests/dummy-secrets/dcsovpn/login.txt0
-rw-r--r--lass/2configs/websites/domsen.nix1
-rw-r--r--lass/2configs/websites/lassulus.nix2
14 files changed, 6 insertions, 62 deletions
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 161a099e5..72f85ab3a 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "7c2a362b58a1c2ba72d24aa3869da3b1a91d39e1",
- "date": "2020-10-20T09:32:31+02:00",
- "sha256": "0gl4xndyahasa9dv5mi3x9w8s457wl2xh9lcldizcn1irjvkrzs4",
+ "rev": "13d0c311e3ae923a00f734b43fd1d35b47d8943a",
+ "date": "2020-10-27T08:58:28+01:00",
+ "sha256": "0izp5y55whbdaf26w3zy2xvkjvlll39lib1ifvb61ps9gmvlqn39",
"fetchSubmodules": false
}
diff --git a/krebs/update-nixpkgs.sh b/krebs/update-nixpkgs.sh
index b0ffb6adc..9a0ea7ed4 100755
--- a/krebs/update-nixpkgs.sh
+++ b/krebs/update-nixpkgs.sh
@@ -3,7 +3,7 @@ dir=$(dirname $0)
oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/NixOS/nixpkgs \
- --rev refs/heads/nixos-20.03' \
+ --rev refs/heads/nixos-20.09' \
> $dir/nixpkgs.json
newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"
diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix
index 8332e7c53..609da6011 100644
--- a/lass/1systems/icarus/config.nix
+++ b/lass/1systems/icarus/config.nix
@@ -19,7 +19,6 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/syncthing.nix>
<stockholm/lass/2configs/nfs-dl.nix>
#<stockholm/lass/2configs/prism-share.nix>
- <stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/home-media.nix>
];
diff --git a/lass/1systems/morpheus/physical.nix b/lass/1systems/morpheus/physical.nix
index 3fb03cda4..6e59a2273 100644
--- a/lass/1systems/morpheus/physical.nix
+++ b/lass/1systems/morpheus/physical.nix
@@ -34,10 +34,7 @@
};
boot.initrd.luks = {
cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
- devices = [{
- name = "luksroot";
- device = "/dev/nvme0n1p3";
- }];
+ devices.luksroot.device = "/dev/nvme0n1p3";
};
services.udev.extraRules = ''
diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix
index e41c9bd1e..9e01396bc 100644
--- a/lass/1systems/shodan/config.nix
+++ b/lass/1systems/shodan/config.nix
@@ -15,8 +15,6 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/bitcoin.nix>
<stockholm/lass/2configs/backup.nix>
<stockholm/lass/2configs/blue-host.nix>
- <stockholm/lass/2configs/green-host.nix>
- <stockholm/lass/2configs/ssh-cryptsetup.nix>
<stockholm/lass/2configs/nfs-dl.nix>
<stockholm/lass/2configs/gg23.nix>
<stockholm/lass/2configs/hass>
diff --git a/lass/1systems/uriel/physical.nix b/lass/1systems/uriel/physical.nix
index 2d21f00d5..82a088643 100644
--- a/lass/1systems/uriel/physical.nix
+++ b/lass/1systems/uriel/physical.nix
@@ -15,7 +15,7 @@
loader.systemd-boot.enable = true;
loader.timeout = 5;
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
+ initrd.luks.devices.luksroot.device = "/dev/sda2";
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
#kernelModules = [ "kvm-intel" "msr" ];
diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix
index 56c091a6e..ed78699b0 100644
--- a/lass/2configs/copyq.nix
+++ b/lass/2configs/copyq.nix
@@ -25,9 +25,6 @@ in {
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
};
- path = with pkgs; [
- qt5.full
- ];
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
diff --git a/lass/2configs/dcso-vpn.nix b/lass/2configs/dcso-vpn.nix
deleted file mode 100644
index 0a5623bf0..000000000
--- a/lass/2configs/dcso-vpn.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-with import <stockholm/lib>;
-{ ... }:
-
-{
-
- users.extraUsers = {
- dcsovpn = rec {
- name = "dcsovpn";
- uid = genid "dcsovpn";
- description = "user for running dcso openvpn";
- home = "/home/${name}";
- };
- };
-
- users.extraGroups.dcsovpn.gid = genid "dcsovpn";
-
- services.openvpn.servers = {
- dcso = {
- config = ''
- client
- dev tun
- tun-mtu 1356
- mssfix
- proto udp
- float
- remote 217.111.55.41 1194
- nobind
- user dcsovpn
- group dcsovpn
- persist-key
- persist-tun
- ca ${toString <secrets/dcsovpn/ca.pem>}
- cert ${toString <secrets/dcsovpn/cert.pem>}
- key ${toString <secrets/dcsovpn/cert.key>}
- verb 3
- mute 20
- auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
- route-method exe
- route-delay 2
- '';
- updateResolvConf = true;
- };
- };
-}
diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem b/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem
deleted file mode 100644
index e69de29bb..000000000
--- a/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem
+++ /dev/null
diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key b/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key
deleted file mode 100644
index e69de29bb..000000000
--- a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key
+++ /dev/null
diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem b/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem
deleted file mode 100644
index e69de29bb..000000000
--- a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem
+++ /dev/null
diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt b/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt
deleted file mode 100644
index e69de29bb..000000000
--- a/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt
+++ /dev/null
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 78cfb29cd..ac7db10f5 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -97,7 +97,6 @@ in {
overwriteProtocol = "https";
};
https = true;
- nginx.enable = true;
};
services.nginx.virtualHosts."o.xanf.org" = {
enableACME = true;
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 74585a6f8..17df71310 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -16,7 +16,6 @@ in {
email = "acme@lassul.us";
acceptTerms = true;
certs."lassul.us" = {
- allowKeysForGroup = true;
group = "lasscert";
};
};
@@ -78,7 +77,6 @@ in {
email = "lassulus@lassul.us";
webroot = "/var/lib/acme/acme-challenge";
group = "nginx";
- user = "nginx";
};