diff --git a/README.md b/README.md index b55e1f2..bd3a29a 100644 --- a/README.md +++ b/README.md @@ -62,3 +62,14 @@ This is exactly what we're doing to set the default deployment user to `colmena- }; ``` This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host. + +## Build NixOS Proxmox VE Template + +Build a new NixOS Proxmox VE Template for the thinkcccore's: +```shell +nix build .#proxmox-nixos-template +``` +Build a new NixOS Proxmox VE Template for the chaosknoten: +```shell +nix build .#proxmox-chaosknoten-nixos-template +``` diff --git a/config/common/users.nix b/config/common/users.nix index 59682c4..026929b 100644 --- a/config/common/users.nix +++ b/config/common/users.nix @@ -11,8 +11,8 @@ let authorizedKeysRepo = pkgs.fetchgit { url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys"; - rev = "b6a29dc7af0a45a8c0b4904290c7cb0c5bc51413"; - hash = "sha256-c0aH0wQeJtfXJG5wAbS6aO8yILLI1NNkFAHAeOm8RXA="; + rev = "686a6af22f6696f0c0595c56f463c078550049fc"; + hash = "sha256-plTYjM6zPzoBE/dp6EUrk9mCqmab278p8FqBCTX8Grc="; }; authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys")); in diff --git a/config/hosts/git/forgejo.nix b/config/hosts/git/forgejo.nix index bb7099f..a57a37f 100644 --- a/config/hosts/git/forgejo.nix +++ b/config/hosts/git/forgejo.nix @@ -45,6 +45,9 @@ DEFAULT_USER_VISIBILITY = "limited"; DEFAULT_KEEP_EMAIL_PRIVATE = true; ENABLE_BASIC_AUTHENTICATION = false; + ENABLE_NOTIFY_MAIL = true; + AUTO_WATCH_NEW_REPOS = false; + AUTO_WATCH_ON_CHANGES = false; }; repo = { DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls"; diff --git a/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix b/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix index 5f0792f..1836f25 100644 --- a/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix +++ b/config/hosts/public-web-static/virtualHosts/element.hamburg.ccc.de.nix @@ -1,10 +1,10 @@ { pkgs, ... }: let - elementWebVersion = "1.11.80"; + elementWebVersion = "1.11.84"; element-web = pkgs.fetchzip { url = "https://github.com/vector-im/element-web/releases/download/v${elementWebVersion}/element-v${elementWebVersion}.tar.gz"; - sha256 = "sha256-sudWmNehxGsbZTNirTkoWQ/Bln1DC1CI30wocw9VoH8="; + sha256 = "sha256-z2qaKKyUq2S/r3xUUU3ym0FgFbiQr6bcltuKvUMPbH4="; }; elementSecurityHeaders = '' # Configuration best practices diff --git a/flake.lock b/flake.lock index f09abde..74a5396 100644 --- a/flake.lock +++ b/flake.lock @@ -38,11 +38,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730428893, - "narHash": "sha256-fLLUd2dO/Vnf96UDr8YPzerYi+n99l3S5yIUDnmcPBE=", + "lastModified": 1731133565, + "narHash": "sha256-tCErjTdCUWK06LzkcvwUM+3pyrrmdf8e0VDBBTgqznE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "38edd08881ce4dc24056eec173b43587a93c990f", + "rev": "11f65b4b0405cff5b54c813626bddcf5435d7ad2", "type": "github" }, "original": { @@ -54,11 +54,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1729973466, - "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", + "lastModified": 1730602179, + "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", + "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c", "type": "github" }, "original": { @@ -83,11 +83,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1729999681, - "narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", + "lastModified": 1731213149, + "narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=", "owner": "Mic92", "repo": "sops-nix", - "rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", + "rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7", "type": "github" }, "original": {