diff options
-rw-r--r-- | krebs/nixpkgs.json | 6 | ||||
-rwxr-xr-x | krebs/update-nixpkgs.sh | 2 | ||||
-rw-r--r-- | lass/1systems/icarus/config.nix | 1 | ||||
-rw-r--r-- | lass/1systems/morpheus/physical.nix | 5 | ||||
-rw-r--r-- | lass/1systems/shodan/config.nix | 2 | ||||
-rw-r--r-- | lass/1systems/uriel/physical.nix | 2 | ||||
-rw-r--r-- | lass/2configs/copyq.nix | 3 | ||||
-rw-r--r-- | lass/2configs/dcso-vpn.nix | 44 | ||||
-rw-r--r-- | lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem | 0 | ||||
-rw-r--r-- | lass/2configs/tests/dummy-secrets/dcsovpn/cert.key | 0 | ||||
-rw-r--r-- | lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem | 0 | ||||
-rw-r--r-- | lass/2configs/tests/dummy-secrets/dcsovpn/login.txt | 0 | ||||
-rw-r--r-- | lass/2configs/websites/domsen.nix | 1 | ||||
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 2 |
14 files changed, 6 insertions, 62 deletions
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 161a099e5..72f85ab3a 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "7c2a362b58a1c2ba72d24aa3869da3b1a91d39e1", - "date": "2020-10-20T09:32:31+02:00", - "sha256": "0gl4xndyahasa9dv5mi3x9w8s457wl2xh9lcldizcn1irjvkrzs4", + "rev": "13d0c311e3ae923a00f734b43fd1d35b47d8943a", + "date": "2020-10-27T08:58:28+01:00", + "sha256": "0izp5y55whbdaf26w3zy2xvkjvlll39lib1ifvb61ps9gmvlqn39", "fetchSubmodules": false } diff --git a/krebs/update-nixpkgs.sh b/krebs/update-nixpkgs.sh index b0ffb6adc..9a0ea7ed4 100755 --- a/krebs/update-nixpkgs.sh +++ b/krebs/update-nixpkgs.sh @@ -3,7 +3,7 @@ dir=$(dirname $0) oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --url https://github.com/NixOS/nixpkgs \ - --rev refs/heads/nixos-20.03' \ + --rev refs/heads/nixos-20.09' \ > $dir/nixpkgs.json newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 8332e7c53..609da6011 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -19,7 +19,6 @@ with import <stockholm/lib>; <stockholm/lass/2configs/syncthing.nix> <stockholm/lass/2configs/nfs-dl.nix> #<stockholm/lass/2configs/prism-share.nix> - <stockholm/lass/2configs/ssh-cryptsetup.nix> <stockholm/lass/2configs/network-manager.nix> <stockholm/lass/2configs/home-media.nix> ]; diff --git a/lass/1systems/morpheus/physical.nix b/lass/1systems/morpheus/physical.nix index 3fb03cda4..6e59a2273 100644 --- a/lass/1systems/morpheus/physical.nix +++ b/lass/1systems/morpheus/physical.nix @@ -34,10 +34,7 @@ }; boot.initrd.luks = { cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - devices = [{ - name = "luksroot"; - device = "/dev/nvme0n1p3"; - }]; + devices.luksroot.device = "/dev/nvme0n1p3"; }; services.udev.extraRules = '' diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index e41c9bd1e..9e01396bc 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -15,8 +15,6 @@ with import <stockholm/lib>; <stockholm/lass/2configs/bitcoin.nix> <stockholm/lass/2configs/backup.nix> <stockholm/lass/2configs/blue-host.nix> - <stockholm/lass/2configs/green-host.nix> - <stockholm/lass/2configs/ssh-cryptsetup.nix> <stockholm/lass/2configs/nfs-dl.nix> <stockholm/lass/2configs/gg23.nix> <stockholm/lass/2configs/hass> diff --git a/lass/1systems/uriel/physical.nix b/lass/1systems/uriel/physical.nix index 2d21f00d5..82a088643 100644 --- a/lass/1systems/uriel/physical.nix +++ b/lass/1systems/uriel/physical.nix @@ -15,7 +15,7 @@ loader.systemd-boot.enable = true; loader.timeout = 5; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + initrd.luks.devices.luksroot.device = "/dev/sda2"; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; #kernelModules = [ "kvm-intel" "msr" ]; diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index 56c091a6e..ed78699b0 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -25,9 +25,6 @@ in { environment = { DISPLAY = ":${toString config.services.xserver.display}"; }; - path = with pkgs; [ - qt5.full - ]; serviceConfig = { SyslogIdentifier = "copyq"; ExecStart = "${pkgs.copyq}/bin/copyq"; diff --git a/lass/2configs/dcso-vpn.nix b/lass/2configs/dcso-vpn.nix deleted file mode 100644 index 0a5623bf0..000000000 --- a/lass/2configs/dcso-vpn.nix +++ /dev/null @@ -1,44 +0,0 @@ -with import <stockholm/lib>; -{ ... }: - -{ - - users.extraUsers = { - dcsovpn = rec { - name = "dcsovpn"; - uid = genid "dcsovpn"; - description = "user for running dcso openvpn"; - home = "/home/${name}"; - }; - }; - - users.extraGroups.dcsovpn.gid = genid "dcsovpn"; - - services.openvpn.servers = { - dcso = { - config = '' - client - dev tun - tun-mtu 1356 - mssfix - proto udp - float - remote 217.111.55.41 1194 - nobind - user dcsovpn - group dcsovpn - persist-key - persist-tun - ca ${toString <secrets/dcsovpn/ca.pem>} - cert ${toString <secrets/dcsovpn/cert.pem>} - key ${toString <secrets/dcsovpn/cert.key>} - verb 3 - mute 20 - auth-user-pass ${toString <secrets/dcsovpn/login.txt>} - route-method exe - route-delay 2 - ''; - updateResolvConf = true; - }; - }; -} diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem b/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem deleted file mode 100644 index e69de29bb..000000000 --- a/lass/2configs/tests/dummy-secrets/dcsovpn/ca.pem +++ /dev/null diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key b/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key deleted file mode 100644 index e69de29bb..000000000 --- a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.key +++ /dev/null diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem b/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem deleted file mode 100644 index e69de29bb..000000000 --- a/lass/2configs/tests/dummy-secrets/dcsovpn/cert.pem +++ /dev/null diff --git a/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt b/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt deleted file mode 100644 index e69de29bb..000000000 --- a/lass/2configs/tests/dummy-secrets/dcsovpn/login.txt +++ /dev/null diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 78cfb29cd..ac7db10f5 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -97,7 +97,6 @@ in { overwriteProtocol = "https"; }; https = true; - nginx.enable = true; }; services.nginx.virtualHosts."o.xanf.org" = { enableACME = true; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 74585a6f8..17df71310 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -16,7 +16,6 @@ in { email = "acme@lassul.us"; acceptTerms = true; certs."lassul.us" = { - allowKeysForGroup = true; group = "lasscert"; }; }; @@ -78,7 +77,6 @@ in { email = "lassulus@lassul.us"; webroot = "/var/lib/acme/acme-challenge"; group = "nginx"; - user = "nginx"; }; |