Compare commits

..

11 commits

Author SHA1 Message Date
281ad152d6
remove nixpkgs-unstable
the current version of woodpecker-server in stable now has the features this was original used for, not other usages of unstable are in tree left so removing it.
2024-11-12 19:55:48 +01:00
39b73b0926
format files with nix fmt 2024-11-12 19:54:46 +01:00
1283d7664f
make use of nixosModules output 2024-11-12 19:54:46 +01:00
4978ffc758
move overlay to overlays output 2024-11-12 19:54:46 +01:00
fi
c84d9e7d0a
Update element to 1.11.84 2024-11-11 02:43:08 +01:00
33b2cbf5d0
flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/38edd08881ce4dc24056eec173b43587a93c990f' (2024-11-01)
  → 'github:nixos/nixpkgs/11f65b4b0405cff5b54c813626bddcf5435d7ad2' (2024-11-09)
• Updated input 'nixpkgs-unstable':
    'github:nixos/nixpkgs/ab464abbeb3a2833288c6e907488c49c2e599f88' (2024-11-01)
  → 'github:nixos/nixpkgs/8aed22ecd71e5b67e5299efae8b9dc580dec711c' (2024-11-10)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/1666d16426abe79af5c47b7c0efa82fd31bf4c56' (2024-10-27)
  → 'github:Mic92/sops-nix/f1675e3b0e1e663a4af49be67ecbc9e749f85eb7' (2024-11-10)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/cd3e8833d70618c4eea8df06f95b364b016d4950' (2024-10-26)
  → 'github:NixOS/nixpkgs/3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c' (2024-11-03)
2024-11-10 23:14:58 +01:00
afb4fc71ce
Update infrastructure-authorized-keys rev 2024-11-10 23:10:50 +01:00
1fcd8c6421
fix typo and writing improvement 2024-11-10 20:18:59 +01:00
ff1a12846a
Add how to generate the NixOS Proxmox VE templates 2024-11-10 20:18:59 +01:00
2ba371f8cd
git: disable making org users auto watch new repos on creation
Also explicitly disable making users auto watch repos after their first
commit to it.
2024-11-10 19:38:05 +01:00
c8e7bd1ccf
git: enable sending of e-mails to watchers of repositories 2024-11-10 19:26:26 +01:00
5 changed files with 27 additions and 13 deletions

View file

@ -62,3 +62,14 @@ This is exactly what we're doing to set the default deployment user to `colmena-
}; };
``` ```
This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host. This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host.
## Build NixOS Proxmox VE Template
Build a new NixOS Proxmox VE Template for the thinkcccore's:
```shell
nix build .#proxmox-nixos-template
```
Build a new NixOS Proxmox VE Template for the chaosknoten:
```shell
nix build .#proxmox-chaosknoten-nixos-template
```

View file

@ -11,8 +11,8 @@
let let
authorizedKeysRepo = pkgs.fetchgit { authorizedKeysRepo = pkgs.fetchgit {
url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys"; url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys";
rev = "b6a29dc7af0a45a8c0b4904290c7cb0c5bc51413"; rev = "686a6af22f6696f0c0595c56f463c078550049fc";
hash = "sha256-c0aH0wQeJtfXJG5wAbS6aO8yILLI1NNkFAHAeOm8RXA="; hash = "sha256-plTYjM6zPzoBE/dp6EUrk9mCqmab278p8FqBCTX8Grc=";
}; };
authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys")); authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
in in

View file

@ -45,6 +45,9 @@
DEFAULT_USER_VISIBILITY = "limited"; DEFAULT_USER_VISIBILITY = "limited";
DEFAULT_KEEP_EMAIL_PRIVATE = true; DEFAULT_KEEP_EMAIL_PRIVATE = true;
ENABLE_BASIC_AUTHENTICATION = false; ENABLE_BASIC_AUTHENTICATION = false;
ENABLE_NOTIFY_MAIL = true;
AUTO_WATCH_NEW_REPOS = false;
AUTO_WATCH_ON_CHANGES = false;
}; };
repo = { repo = {
DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls"; DEFAULT_REPO_UNITS = "repo.code,repo.issues,repo.pulls";

View file

@ -1,10 +1,10 @@
{ pkgs, ... }: { pkgs, ... }:
let let
elementWebVersion = "1.11.80"; elementWebVersion = "1.11.84";
element-web = pkgs.fetchzip { element-web = pkgs.fetchzip {
url = "https://github.com/vector-im/element-web/releases/download/v${elementWebVersion}/element-v${elementWebVersion}.tar.gz"; url = "https://github.com/vector-im/element-web/releases/download/v${elementWebVersion}/element-v${elementWebVersion}.tar.gz";
sha256 = "sha256-sudWmNehxGsbZTNirTkoWQ/Bln1DC1CI30wocw9VoH8="; sha256 = "sha256-z2qaKKyUq2S/r3xUUU3ym0FgFbiQr6bcltuKvUMPbH4=";
}; };
elementSecurityHeaders = '' elementSecurityHeaders = ''
# Configuration best practices # Configuration best practices

View file

@ -38,11 +38,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1730428893, "lastModified": 1731133565,
"narHash": "sha256-fLLUd2dO/Vnf96UDr8YPzerYi+n99l3S5yIUDnmcPBE=", "narHash": "sha256-tCErjTdCUWK06LzkcvwUM+3pyrrmdf8e0VDBBTgqznE=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "38edd08881ce4dc24056eec173b43587a93c990f", "rev": "11f65b4b0405cff5b54c813626bddcf5435d7ad2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -54,11 +54,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1729973466, "lastModified": 1730602179,
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -83,11 +83,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1729999681, "lastModified": 1731213149,
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", "narHash": "sha256-jR8i6nFLmSmm0cIoeRQ8Q4EBARa3oGaAtEER/OMMxus=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", "rev": "f1675e3b0e1e663a4af49be67ecbc9e749f85eb7",
"type": "github" "type": "github"
}, },
"original": { "original": {