phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 05:36:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update to NixOS 22.11

Browse source
This commit is contained in:
Paul-Henri Froidmont 2022-12-02 03:29:02 +01:00
parent 6e6fd0f658
commit 4b09375f34
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
7 changed files with 85 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

2
environment.nix
View file

@ -12,4 +12,6 @@
"nixpkgs=${nixpkgs}" "nixpkgs=${nixpkgs}"
]; ];
}; };
services.nscd.enableNsncd = true;
} }

67
flake.lock generated
View file

@ -69,21 +69,6 @@
} }
}, },
"nixpkgs-22_05": { "nixpkgs-22_05": {
"locked": {
"lastModified": 1654936503,
"narHash": "sha256-soKzdhI4jTHv/rSbh89RdlcJmrPgH8oMb/PLqiqIYVQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dab6df51387c3878cdea09f43589a15729cae9f4",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.05",
"type": "indirect"
}
},
"nixpkgs-22_05_2": {
"locked": { "locked": {
"lastModified": 1668908668, "lastModified": 1668908668,
"narHash": "sha256-oimCE4rY7Btuo/VYmA8khIyTHSMV7qUWTpz9w8yc9LQ=", "narHash": "sha256-oimCE4rY7Btuo/VYmA8khIyTHSMV7qUWTpz9w8yc9LQ=",
@ -99,6 +84,37 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-22_11": {
"locked": {
"lastModified": 1669834992,
"narHash": "sha256-YnhZGHgb4C3Q7DSGisO/stc50jFb9F/MzHeKS4giotg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "596a8e828c5dfa504f91918d0fa4152db3ab5502",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"nixpkgs-old": {
"locked": {
"lastModified": 1669764884,
"narHash": "sha256-1qWR/5+WtqxSedrFbUbM3zPMO7Ec2CGWaxtK4z4DdvY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "0244e143dc943bcf661fdaf581f01eb0f5000fcf",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1669320964, "lastModified": 1669320964,
@ -117,16 +133,16 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1669378442, "lastModified": 1669834992,
"narHash": "sha256-nm+4PN0A4SnV0SzEchxrMyKPvI3Ld/aoom4PnHeHucs=", "narHash": "sha256-YnhZGHgb4C3Q7DSGisO/stc50jFb9F/MzHeKS4giotg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0faaf0a9bb6dedb69bfd43ac06fb27fadc476c51", "rev": "596a8e828c5dfa504f91918d0fa4152db3ab5502",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-22.05", "ref": "nixos-22.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -150,6 +166,7 @@
"inputs": { "inputs": {
"deploy-rs": "deploy-rs", "deploy-rs": "deploy-rs",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
"nixpkgs-old": "nixpkgs-old",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"simple-nixos-mailserver": "simple-nixos-mailserver", "simple-nixos-mailserver": "simple-nixos-mailserver",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
@ -159,20 +176,20 @@
"inputs": { "inputs": {
"blobs": "blobs", "blobs": "blobs",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-22_05": "nixpkgs-22_05", "nixpkgs-22_11": "nixpkgs-22_11",
"utils": "utils_2" "utils": "utils_2"
}, },
"locked": { "locked": {
"lastModified": 1655930346, "lastModified": 1669838593,
"narHash": "sha256-ht56HHOzEhjeIgAv5ZNFjSVX/in1YlUs0HG9c1EUXTM=", "narHash": "sha256-wR4SVRtgRcgz1FR2i6hRl+m0RerlgkIlXyQ8/XtzVWk=",
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"rev": "f535d8123c4761b2ed8138f3d202ea710a334a1d", "rev": "70a970f5a02b7febec1c3065e10c4155b99ecf86",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"ref": "nixos-22.05", "ref": "nixos-22.11",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"type": "gitlab" "type": "gitlab"
} }
@ -182,7 +199,7 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-22_05": "nixpkgs-22_05_2" "nixpkgs-22_05": "nixpkgs-22_05"
}, },
"locked": { "locked": {
"lastModified": 1668915833, "lastModified": 1668915833,

17
flake.nix
View file

@ -1,16 +1,18 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
nixpkgs-old.url = "github:nixos/nixpkgs/nixos-22.05"; # Keep it until php74 is no longer needed for elefan
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs"; sops-nix.inputs.nixpkgs.follows = "nixpkgs";
deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.url = "github:serokell/deploy-rs";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.05"; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.11";
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, deploy-rs, sops-nix, simple-nixos-mailserver }: outputs = { self, nixpkgs, nixpkgs-old, nixpkgs-unstable, deploy-rs, sops-nix, simple-nixos-mailserver }:
let let
pkgs = nixpkgs.legacyPackages.x86_64-linux; pkgs = nixpkgs.legacyPackages.x86_64-linux;
pkgs-old = nixpkgs-old.legacyPackages.x86_64-linux;
pkgs-unstable = nixpkgs-unstable.legacyPackages.x86_64-linux; pkgs-unstable = nixpkgs-unstable.legacyPackages.x86_64-linux;
defaultModuleArgs = { pkgs, ... }: { defaultModuleArgs = { pkgs, ... }: {
_module.args.pkgs-unstable = import nixpkgs-unstable { _module.args.pkgs-unstable = import nixpkgs-unstable {
@ -93,6 +95,15 @@
networking.domain = "banditlair.com"; networking.domain = "banditlair.com";
nix.registry.nixpkgs.flake = nixpkgs; nix.registry.nixpkgs.flake = nixpkgs;
nixpkgs =
{
config = {
packageOverrides = pkgs: {
php74 = pkgs-old.php74;
};
};
};
system.stateVersion = "21.05"; system.stateVersion = "21.05";
} }
) )

2
hardware/hetzner-dedicated-storage1.nix
View file

@ -32,7 +32,7 @@
HOMEHOST <ignore> HOMEHOST <ignore>
''; '';
nix.maxJobs = lib.mkDefault 8; nix.settings.max-jobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
networking = { networking = {

2
modules/dokuwiki.nix
View file

@ -35,8 +35,6 @@ let
}; };
}; };
services.phpfpm.pools."dokuwiki-${name}.${config.networking.domain}".phpPackage = lib.mkOverride 10 pkgs.php74;
services.nginx.virtualHosts."${name}.${config.networking.domain}" = { services.nginx.virtualHosts."${name}.${config.networking.domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;

16
modules/grafana.nix
View file

@ -11,11 +11,16 @@
services.grafana = { services.grafana = {
enable = true; enable = true;
domain = "grafana.${config.networking.domain}";
security.adminPasswordFile = config.sops.secrets.grafanaAdminPassword.path;
dataDir = "/nix/var/data/grafana"; dataDir = "/nix/var/data/grafana";
settings = {
server = {
domain = "grafana.${config.networking.domain}";
};
security.admin_password = "$__file{${config.sops.secrets.grafanaAdminPassword.path}}";
};
provision = { provision = {
enable = true; enable = true;
datasources.settings = {
datasources = [ datasources = [
{ {
name = "Prometheus"; name = "Prometheus";
@ -30,7 +35,8 @@
url = "http://127.0.0.1:${toString config.services.loki.configuration.server.http_listen_port}"; url = "http://127.0.0.1:${toString config.services.loki.configuration.server.http_listen_port}";
} }
]; ];
dashboards = [ };
dashboards.settings.providers = [
{ {
name = "Config"; name = "Config";
options.path = ./dashboards; options.path = ./dashboards;
@ -41,13 +47,13 @@
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${config.services.grafana.domain}" = { "${config.services.grafana.settings.server.domain}" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}"; proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };

1
modules/nextcloud.nix
View file

@ -65,6 +65,7 @@ in
package = pkgs.nextcloud25; package = pkgs.nextcloud25;
hostName = "cloud.${config.networking.domain}"; hostName = "cloud.${config.networking.domain}";
https = true; https = true;
enableBrokenCiphersForSSE = false;
config = { config = {
dbtype = "pgsql"; dbtype = "pgsql";
dbuser = "nextcloud"; dbuser = "nextcloud";