Merge branch '23.05' into consensus

resolves #20
This commit is contained in:
Fiscal Velvet Poet 2023-06-02 10:08:33 +10:00
commit 16a2ea357a
Signed by: fiscalvelvetpoet
GPG key ID: D8EBFD58B023BD47
5 changed files with 125 additions and 58 deletions

View file

@ -9,11 +9,11 @@
]
},
"locked": {
"lastModified": 1677126346,
"narHash": "sha256-4s+PPGC1M07QsPyeye5drc2JLa1lhDnCV3XAsG8+pH4=",
"lastModified": 1682101079,
"narHash": "sha256-MdAhtjrLKnk2uiqun1FWABbKpLH090oeqCSiWemtuck=",
"owner": "ryantm",
"repo": "agenix",
"rev": "c2a71c83c70844c5e31db69347e86af080bcdad0",
"rev": "2994d002dcff5353ca1ac48ec584c7f6589fe447",
"type": "github"
},
"original": {
@ -25,25 +25,55 @@
"colmena": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs",
"stable": "stable",
"utils": "utils"
"stable": "stable"
},
"locked": {
"lastModified": 1664434431,
"narHash": "sha256-F/Jl1GqSp08fw7PCHiv/ijn/pAP1YOStIhHws291s7A=",
"lastModified": 1684127108,
"narHash": "sha256-01bfuSY4gnshhtqA1EJCw2CMsKkAx+dHS+sEpQ2+EAQ=",
"owner": "zhaofengli",
"repo": "colmena",
"rev": "7253d9b4bb1f0f031d926092cb5dae3b03f1e812",
"rev": "5fdd743a11e7291bd8ac1e169d62ba6156c99be4",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"ref": "v0.3.2",
"ref": "v0.4.0",
"repo": "colmena",
"type": "github"
}
},
"crane": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": [
"ragenix",
"flake-utils"
],
"nixpkgs": [
"ragenix",
"nixpkgs"
],
"rust-overlay": [
"ragenix",
"rust-overlay"
]
},
"locked": {
"lastModified": 1681680516,
"narHash": "sha256-EB8Adaeg4zgcYDJn9sR6UMjN/OHdIiMMK19+3LmmXQY=",
"owner": "ipetkov",
"repo": "crane",
"rev": "54b63c8eae4c50172cb50b612946ff1d2bc1c75c",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -83,13 +113,47 @@
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -154,11 +218,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1653060744,
"narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=",
"lastModified": 1683408522,
"narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dfd82985c273aac6eced03625f454b334daae2e8",
"rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7",
"type": "github"
},
"original": {
@ -218,16 +282,16 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1685314633,
"narHash": "sha256-8LXBPqTQXl5ofkjpJ18JcbmLJ/lWDoMxtUwiDYv0wro=",
"lastModified": 1685533922,
"narHash": "sha256-y4FCQpYafMQ42l1V+NUrMel9RtFtZo59PzdzflKR/lo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8a17ce7abc03c50cd072e9e6c9b389c5f61836b",
"rev": "3a70dd92993182f8e514700ccf5b1ae9fc8a3b8d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-22.11",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
@ -235,18 +299,19 @@
"ragenix": {
"inputs": {
"agenix": "agenix",
"flake-utils": "flake-utils",
"crane": "crane",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1677625082,
"narHash": "sha256-62xmRPfjZgDn8AgEhb6eRoJrTxGeM8HfhfF+PkJokok=",
"lastModified": 1682237245,
"narHash": "sha256-xbBR7LNK+d5Yi/D6FXQGc1R6u2VV2nwr/Df5iaEbOEQ=",
"owner": "yaxitech",
"repo": "ragenix",
"rev": "6f2dacf3d6af36228a8fad3b136990a6b6dfe30b",
"rev": "281f68c3d477904f79ff1cd5807a8c226cd80a50",
"type": "github"
},
"original": {
@ -299,7 +364,7 @@
"ragenix": "ragenix",
"reciproka-web": "reciproka-web",
"resrok-web": "resrok-web",
"utils": "utils_2",
"utils": "utils",
"voc-web": "voc-web"
}
},
@ -315,11 +380,11 @@
]
},
"locked": {
"lastModified": 1676687290,
"narHash": "sha256-DP0CJ7qtUXf+mmMglJL1yANizzV1O4UfQ9NrKgy7O04=",
"lastModified": 1682129965,
"narHash": "sha256-1KRPIorEL6pLpJR04FwAqqnt4Tzcm4MqD84yhlD+XSk=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "bdccd5e973d45159f7d13f7c65a4271dc02cf6d4",
"rev": "2c417c0460b788328220120c698630947547ee83",
"type": "github"
},
"original": {
@ -330,36 +395,36 @@
},
"stable": {
"locked": {
"lastModified": 1653087707,
"narHash": "sha256-zfno3snrzZTWQ2B7K53QHrGZwrjnJLTRPalymrSsziU=",
"lastModified": 1669735802,
"narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cbd40c72b2603ab54e7208f99f9b35fc158bc009",
"rev": "731cc710aeebecbf45a258e977e8b68350549522",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-21.11",
"ref": "nixos-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1649676176,
"narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"locked": {
"lastModified": 1656928814,
"narHash": "sha256-RIFfgBuKz6Hp89yRr7+NR5tzIAbn52h8vT6vXkYjZoM=",

View file

@ -2,6 +2,7 @@
description = "reciproka-ops deployment";
inputs = {
colmena.url = "github:zhaofengli/colmena/?ref=v0.4.0";
ragenix = {
url = "github:yaxitech/ragenix";
inputs.nixpkgs.follows = "nixpkgs";
@ -19,14 +20,13 @@
url = git+https://reciproka.dev/resrok/resrok-web/?ref=consensus;
};
nix.url = "github:NixOS/nix/?ref=2.10.3";
nixpkgs.url = github:NixOS/nixpkgs/?ref=nixos-22.11;
nixpkgs.url = github:NixOS/nixpkgs/?ref=nixos-23.05;
nixpkgsUnstable.url = github:NixOS/nixpkgs/?ref=nixos-unstable;
utils.url = "github:numtide/flake-utils";
voc-web = {
flake = false;
url = git+https://reciproka.dev/voc/voc-web/?ref=consensus;
};
colmena.url = "github:zhaofengli/colmena/?ref=v0.3.2";
};
outputs = {...} @ args: import ./outputs.nix args;

View file

@ -17,9 +17,7 @@
];
# Common boot settings
boot = {
cleanTmpDir = true; # Clean /tmp on reboot
};
boot.tmp.cleanOnBoot = true; # Clean /tmp on reboot ;
# Select internationalisation properties.
i18n = {

View file

@ -7,9 +7,6 @@
}: {
services.openssh = {
enable = true; # Enable the OpenSSH daemon.
permitRootLogin = "prohibit-password";
kbdInteractiveAuthentication = false;
passwordAuthentication = false;
openFirewall = true;
hostKeys = [
{
@ -17,5 +14,10 @@
type = "ed25519";
}
];
settings = {
KbdInteractiveAuthentication = false;
PasswordAuthentication = false;
PermitRootLogin = "prohibit-password";
};
};
}

View file

@ -16,16 +16,18 @@ in {
type = "postgres"; # Database type
passwordFile = config.age.secrets.forgejo.path;
};
domain = "reciproka.dev"; # Domain name
rootUrl = "https://reciproka.dev/"; # Root web URL
httpPort = 3002; # Provided unique port
package = forgejo; # a soft fork of gitea
settings = let
docutils = pkgs.python37.withPackages (ps:
docutils = pkgs.python39.withPackages (ps:
with ps; [
docutils # Provides rendering of ReStructured Text files
pygments # Provides syntax highlighting
]);
server = {
DOMAIN = "reciproka.dev"; # Domain name
HTTP_PORT = 3002; # Provided unique port
ROOT_URL = "https://reciproka.dev/"; # Root web URL
};
service.DISABLE_REGISTRATION = true;
in {
mailer = {