From 9f4e61db423eab54e83a49de40bf981b393d8b1b Mon Sep 17 00:00:00 2001 From: Astrid Yu Date: Thu, 17 Oct 2024 17:11:42 -0700 Subject: [PATCH 1/5] nix flake update --- flake.lock | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/flake.lock b/flake.lock index 99f31ade..98d6d4ca 100644 --- a/flake.lock +++ b/flake.lock @@ -111,11 +111,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1710146030, - "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "lastModified": 1726560853, + "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", "type": "github" }, "original": { @@ -200,11 +200,11 @@ ] }, "locked": { - "lastModified": 1717527182, - "narHash": "sha256-vWSkg6AMok1UUQiSYVdGMOXKD2cDFnajITiSi0Zjd1A=", + "lastModified": 1726989464, + "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", "owner": "nix-community", "repo": "home-manager", - "rev": "845a5c4c073f74105022533907703441e0464bc3", + "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", "type": "github" }, "original": { @@ -240,11 +240,11 @@ ] }, "locked": { - "lastModified": 1701153607, - "narHash": "sha256-h+odOVyiGmEERMECoFOj5P7FPiMR8IPRzroFA4sKivg=", + "lastModified": 1728031945, + "narHash": "sha256-NRkLjdMtVfC6dD1gEbYZWFEtbmC2xfD6ft1IP7l76Vw=", "owner": "Mic92", "repo": "nix-ld", - "rev": "bf5aa84a713c31d95b4307e442e966d6c7fd7ae7", + "rev": "4524c512e8729ccb5a1b9239d01e1474cbf074a2", "type": "github" }, "original": { @@ -255,11 +255,11 @@ }, "nixlib": { "locked": { - "lastModified": 1712450863, - "narHash": "sha256-K6IkdtMtq9xktmYPj0uaYc8NsIqHuaAoRBaMgu9Fvrw=", + "lastModified": 1728781282, + "narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "3c62b6a12571c9a7f65ab037173ee153d539905f", + "rev": "16340f605f4e8e5cf07fd74dcbe692eee2d4f51b", "type": "github" }, "original": { @@ -276,11 +276,11 @@ ] }, "locked": { - "lastModified": 1718025593, - "narHash": "sha256-WZ1gdKq/9u1Ns/oXuNsDm+W0salonVA0VY1amw8urJ4=", + "lastModified": 1729127034, + "narHash": "sha256-42AMGl+dh4I2wGgICSeDI1mqYaDEJhwqquHJ1vA0QiQ=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "35c20ba421dfa5059e20e0ef2343c875372bdcf3", + "rev": "dd28a0806e7124fe392c33c9ccaa12f21970401f", "type": "github" }, "original": { @@ -291,11 +291,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1717995329, - "narHash": "sha256-lQJXEFHHVsFdFLx0bvoRbZH3IXUBsle6EWj9JroTJ/s=", + "lastModified": 1728729581, + "narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "58b52b0dd191af70f538c707c66c682331cfdffc", + "rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806", "type": "github" }, "original": { @@ -353,11 +353,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1717952948, - "narHash": "sha256-mJi4/gjiwQlSaxjA6AusXBN/6rQRaPCycR7bd8fydnQ=", + "lastModified": 1729044727, + "narHash": "sha256-GKJjtPY+SXfLF/yTN7M2cAnQB6RERFKnQhD8UvPSf3M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2819fffa7fa42156680f0d282c60d81e8fb185b7", + "rev": "dc2e0028d274394f73653c7c90cc63edbb696be1", "type": "github" }, "original": { @@ -369,11 +369,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1717786204, - "narHash": "sha256-4q0s6m0GUcN7q+Y2DqD27iLvbcd1G50T2lv08kKxkSI=", + "lastModified": 1728888510, + "narHash": "sha256-nsNdSldaAyu6PE3YUA+YQLqUDJh+gRbBooMMekZJwvI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "051f920625ab5aabe37c920346e3e69d7d34400e", + "rev": "a3c0b3b21515f74fd2665903d4ce6bc4dc81c77c", "type": "github" }, "original": { @@ -463,11 +463,11 @@ }, "nur": { "locked": { - "lastModified": 1718074627, - "narHash": "sha256-yQ9nbAdeXCJnklNR118kJzLPoU0RMopHHxCPsjpPitI=", + "lastModified": 1729210014, + "narHash": "sha256-46JsGJ8/wovNwq4jxlIVHewcel8yHLugACHhASWvNhM=", "owner": "nix-community", "repo": "NUR", - "rev": "461b91e03d3d15a05dd29395af474793f7cfef4c", + "rev": "7dced12690c675f0ea371f342e433060846b908a", "type": "github" }, "original": { From 6d13b4da4974b92429a50a95b0d6c237cdfbcb58 Mon Sep 17 00:00:00 2001 From: Astrid Yu Date: Thu, 17 Oct 2024 17:13:12 -0700 Subject: [PATCH 2/5] devshell: remove tftp-hpa --- nix/shells.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nix/shells.nix b/nix/shells.nix index 77b5527f..3c25ea38 100644 --- a/nix/shells.nix +++ b/nix/shells.nix @@ -27,7 +27,6 @@ let tcpdump terraform terraform-ls - tftp-hpa tmux vault wget From 8b92764f21f36a196b00f34aa7ff11a8d4471aa1 Mon Sep 17 00:00:00 2001 From: Astrid Yu Date: Thu, 17 Oct 2024 17:14:58 -0700 Subject: [PATCH 3/5] hm: rename scripts to not start with . fixes errors like: > Nix error: store path 'wd5hn80m8r47cjjp711mcgvqvfhjcr4i-.p10k.zsh' starts with illegal character '.' --- nix/home-manager/astral/cli/.gitattributes | 2 +- nix/home-manager/astral/cli/default.nix | 4 ++-- nix/home-manager/astral/cli/{.p10k.zsh => p10k.zsh} | 0 nix/home-manager/astral/cli/{.profile => profile.sh} | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename nix/home-manager/astral/cli/{.p10k.zsh => p10k.zsh} (100%) rename nix/home-manager/astral/cli/{.profile => profile.sh} (100%) diff --git a/nix/home-manager/astral/cli/.gitattributes b/nix/home-manager/astral/cli/.gitattributes index 85042d28..5c03e9d1 100644 --- a/nix/home-manager/astral/cli/.gitattributes +++ b/nix/home-manager/astral/cli/.gitattributes @@ -1 +1 @@ -.p10k.zsh linguist-vendored +p10k.zsh linguist-vendored diff --git a/nix/home-manager/astral/cli/default.nix b/nix/home-manager/astral/cli/default.nix index 429fca11..a5c2ec00 100644 --- a/nix/home-manager/astral/cli/default.nix +++ b/nix/home-manager/astral/cli/default.nix @@ -1,6 +1,6 @@ # CLI-only home manager settings { config, lib, pkgs, ... }: -let commonProfile = builtins.readFile ./.profile; +let commonProfile = builtins.readFile ./profile.sh; in with lib; { imports = [ ./conda-hooks.nix ]; @@ -107,7 +107,7 @@ in with lib; { initExtraBeforeCompInit = '' # Powerlevel10k configuration - source ${./.p10k.zsh} + source ${./p10k.zsh} # kubectl completion type kubectl > /dev/null && source <(kubectl completion zsh) diff --git a/nix/home-manager/astral/cli/.p10k.zsh b/nix/home-manager/astral/cli/p10k.zsh similarity index 100% rename from nix/home-manager/astral/cli/.p10k.zsh rename to nix/home-manager/astral/cli/p10k.zsh diff --git a/nix/home-manager/astral/cli/.profile b/nix/home-manager/astral/cli/profile.sh similarity index 100% rename from nix/home-manager/astral/cli/.profile rename to nix/home-manager/astral/cli/profile.sh From 67eff88195a85f01ef6bbc446b8193c43d4a421e Mon Sep 17 00:00:00 2001 From: Astrid Yu Date: Thu, 17 Oct 2024 17:28:37 -0700 Subject: [PATCH 4/5] fix shai hulud iptsd ref --- machines/shai-hulud/configuration.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/machines/shai-hulud/configuration.nix b/machines/shai-hulud/configuration.nix index 8cf2d674..3e0f611a 100644 --- a/machines/shai-hulud/configuration.nix +++ b/machines/shai-hulud/configuration.nix @@ -12,8 +12,8 @@ with lib; { ./fs.nix ]; - microsoft-surface.kernelVersion = "6.8"; - microsoft-surface.ipts = { + microsoft-surface.kernelVersion = "6.10"; + services.iptsd = { enable = true; config = { Config = { From 08f298e5098d8232513163e0af5b19da1a8a50cf Mon Sep 17 00:00:00 2001 From: Astrid Yu Date: Thu, 17 Oct 2024 17:36:39 -0700 Subject: [PATCH 5/5] fixup postgres ensurePermissions clauses --- machines/gfdesk/configuration.nix | 2 +- nix/nixos-modules/roles/nextcloud.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/machines/gfdesk/configuration.nix b/machines/gfdesk/configuration.nix index cc43fb5b..83f523ad 100644 --- a/machines/gfdesk/configuration.nix +++ b/machines/gfdesk/configuration.nix @@ -48,7 +48,7 @@ with lib; { ensureDatabases = [ "akkoma" ]; ensureUsers = [{ name = "akkoma"; - ensurePermissions = { "DATABASE \"akkoma\"" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; }]; settings = { diff --git a/nix/nixos-modules/roles/nextcloud.nix b/nix/nixos-modules/roles/nextcloud.nix index 2787842f..99b3b117 100644 --- a/nix/nixos-modules/roles/nextcloud.nix +++ b/nix/nixos-modules/roles/nextcloud.nix @@ -117,7 +117,7 @@ in { ensureDatabases = [ "nextcloud" ]; ensureUsers = [{ name = "nextcloud"; - ensurePermissions = { "DATABASE \"nextcloud\"" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; }]; }; }