Update to NixOS 23.11

flake.lock

@@ -23,11 +23,11 @@
         "utils": "utils"
       },
       "locked": {
-        "lastModified": 1695052866,
+        "lastModified": 1702378423,
-        "narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
+        "narHash": "sha256-tuJ8NWjaH/OuZSZukS6T+suia7E1QIPXW2nzkuUCCNA=",
         "owner": "serokell",
         "repo": "deploy-rs",
-        "rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
+        "rev": "2ccd5d9939d41ac797c3ce769a689fdbc76fdebb",
         "type": "github"
       },
       "original": {
@@ -73,11 +73,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1696777017,
+        "lastModified": 1701473318,
-        "narHash": "sha256-yCqwecHKXGXjAlS5JrtVO2EAkFCYWqvLF+ER0WebZ6g=",
+        "narHash": "sha256-QdCJN8GeNl/V8wMjrvNkrWzNXnahgfjBfCSya4qQdrc=",
         "owner": "reckenrode",
         "repo": "nix-foundryvtt",
-        "rev": "9b880a901139a65bebb72d359425d45c7f5224b2",
+        "rev": "f624c0ceabe13dd876ecff871e0dc7f55f96e993",
         "type": "github"
       },
       "original": {
@@ -134,11 +134,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1694908564,
+        "lastModified": 1702148972,
-        "narHash": "sha256-ducA98AuWWJu5oUElIzN24Q22WlO8bOfixGzBgzYdVc=",
+        "narHash": "sha256-h2jODFP6n+ABrUWcGRSVPRFfLOkM9TJ2pO+h+9JcaL0=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "596611941a74be176b98aeba9328aa9d01b8b322",
+        "rev": "b8f33c044e51de6dde3ad80a9676945e0e4e3227",
         "type": "github"
       },
       "original": {
@@ -150,11 +150,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1695830400,
+        "lastModified": 1702312524,
-        "narHash": "sha256-gToZXQVr0G/1WriO83olnqrLSHF2Jb8BPcmCt497ro0=",
+        "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "8a86b98f0ba1c405358f1b71ff8b5e1d317f5db2",
+        "rev": "a9bf124c46ef298113270b1f84a164865987a91c",
         "type": "github"
       },
       "original": {
@@ -166,32 +166,32 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1694304580,
+        "lastModified": 1701389149,
-        "narHash": "sha256-5tIpNodDpEKT8mM/F5zCzWEAnidOg8eb1/x3SRaaBLs=",
+        "narHash": "sha256-rU1suTIEd5DGCaAXKW6yHoCfR1mnYjOXQFOaH7M23js=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "4c8cf44c5b9481a4f093f1df3b8b7ba997a7c760",
+        "rev": "5de0b32be6e85dc1a9404c75131316e4ffbc634c",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-23.05",
+        "ref": "nixos-23.11",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1695825837,
+        "lastModified": 1702233072,
-        "narHash": "sha256-4Ne11kNRnQsmSJCRSSNkFRSnHC4Y5gPDBIQGjjPfJiU=",
+        "narHash": "sha256-H5G2wgbim2Ku6G6w+NSaQaauv6B6DlPhY9fMvArKqRo=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "5cfafa12d57374f48bcc36fda3274ada276cf69e",
+        "rev": "781e2a9797ecf0f146e81425c822dca69fe4a348",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-23.05",
+        "ref": "nixos-23.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -253,11 +253,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1695284550,
+        "lastModified": 1702177193,
-        "narHash": "sha256-z9fz/wz9qo9XePEvdduf+sBNeoI9QG8NJKl5ssA8Xl4=",
+        "narHash": "sha256-J2409SyXROoUHYXVy9h4Pj0VU8ReLuy/mzBc9iK4DBg=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "2f375ed8702b0d8ee2430885059d5e7975e38f78",
+        "rev": "d806e546f96c88cd9f7d91c1c19ebc99ba6277d9",
         "type": "github"
       },
       "original": {

flake.nix

@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
     nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
     sops-nix.url = "github:Mic92/sops-nix";
     sops-nix.inputs.nixpkgs.follows = "nixpkgs";
@@ -31,7 +31,7 @@
 
         buildInputs = with pkgs-unstable; [
           nixpkgs-fmt
-          terraform
+          opentofu
           terraform-ls
           sops
           deploy-rs.packages."x86_64-linux".deploy-rs

hardware/hcloud.nix

@@ -13,6 +13,7 @@
   networking.firewall.allowPing = true;
   networking.usePredictableInterfaceNames = false;
 
+  networking.useDHCP = false;
   networking.dhcpcd.enable = false;
 
   systemd.network = {

hardware/hetzner-dedicated-storage1.nix

@@ -1,14 +1,13 @@
 { modulesPath, config, lib, pkgs, ... }:
 
 {
-  imports =
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-    [
-      (modulesPath + "/installer/scan/not-detected.nix")
-    ];
 
   boot.initrd.availableKernelModules = [ "ahci" "sd_mod" ];
   boot.initrd.kernelModules = [ "dm-snapshot" ];
-  boot.initrd.services.swraid.mdadmConf = config.environment.etc."mdadm.conf".text;
+  boot.swraid.mdadmConf = ''
+    HOMEHOST <ignore>
+  '';
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
   boot.loader.systemd-boot.enable = false;
@@ -18,8 +17,7 @@
     devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" ];
   };
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    {
     device = "/dev/disk/by-uuid/e5c27021-ce34-4680-ba6f-233070cb944f";
     fsType = "ext4";
   };
@@ -28,36 +26,27 @@
 
   time.timeZone = "Europe/Amsterdam";
 
-  environment.etc."mdadm.conf".text = ''
-    HOMEHOST <ignore>
-  '';
-
   nix.settings.max-jobs = lib.mkDefault 8;
   powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
 
   networking = {
     useDHCP = false;
     defaultGateway = "78.46.96.225";
-    defaultGateway6 = { address = "fe80::1"; interface = "enp2s0"; };
+    defaultGateway6 = {
-    nameservers = [
+      address = "fe80::1";
-      "213.133.100.100"
+      interface = "enp2s0";
-      "213.133.99.99"
+    };
-      "213.133.98.98"
+    nameservers = [ "213.133.100.100" "213.133.99.99" "213.133.98.98" ];
-    ];
     interfaces = {
       enp2s0 = {
-        ipv4.addresses = [
+        ipv4.addresses = [{
-          {
           address = "78.46.96.243";
           prefixLength = 24;
-          }
+        }];
-        ];
+        ipv6.addresses = [{
-        ipv6.addresses = [
-          {
           address = "2a01:4f8:120:8233::1";
           prefixLength = 64;
-          }
+        }];
-        ];
       };
       vlan4001 = {
         mtu = 1400;
@@ -74,8 +63,10 @@
         };
       };
     };
-    vlans.vlan4001 = { id = 4001; interface = "enp2s0"; };
+    vlans.vlan4001 = {
+      id = 4001;
+      interface = "enp2s0";
+    };
   };
 
-
 }

modules/nextcloud.nix

@@ -57,7 +57,6 @@ in {
     package = pkgs.nextcloud27;
     hostName = "cloud.${config.networking.domain}";
     https = true;
-    enableBrokenCiphersForSSE = false;
     maxUploadSize = "1G";
     config = {
       dbtype = "pgsql";

profiles/backend.nix

@@ -69,7 +69,7 @@
 
     services.murmur.enable = true;
 
-    services.mastodon.enable = true;
+    services.mastodon.enable = false;
   };
 
   services.uptime-kuma = {