bump from nixos-24.11 to nixos-unstable + bumped stateVersion

2024-08-16 14:19:37 +02:00 · 2024-08-16 14:19:37 +02:00 · 3ab76ae616
commit 3ab76ae616
parent 438f375f8e
5 changed files with 17 additions and 9 deletions
--- a/machines/gerd.nix
+++ b/machines/gerd.nix
@ -48,5 +48,5 @@
    };
  };

-  system.stateVersion = "24.05";
+  system.stateVersion = "24.11";
 }
--- a/machines/gerd/services/authelia/authelia.nix
+++ b/machines/gerd/services/authelia/authelia.nix
@ -4,6 +4,7 @@ let
  svc_domain = "auth.${config.mine.shared.settings.domain}";

  autheliaStateDir = "/var/lib/authelia-main";
+  port = 9091;
 in {
  services.authelia.instances.main = {
    enable = true;
@ -19,6 +20,8 @@ in {
    settings = {
      session.domain = config.mine.shared.settings.domain;

+      server.address = "tcp://127.0.0.1:${builtins.toString port}";
+
      # totp - disable for now, as it requires email server
      access_control.default_policy = "one_factor";
      # totp.disable = true;
@ -62,7 +65,7 @@ in {
  services.nginx.virtualHosts."${svc_domain}" = {
    forceSSL = true;
    enableACME = true;
-    locations."/".proxyPass = "http://localhost:${builtins.toString config.services.authelia.instances.main.settings.server.port}";
+    locations."/".proxyPass = "http://localhost:${builtins.toString port}";
  };

  # persistent files
--- a/machines/gerd/services/forgejo/auth_sources.nix
+++ b/machines/gerd/services/forgejo/auth_sources.nix
@ -83,7 +83,6 @@ let
    echo "PRERUN-AUTH: Finished adding/updating..."
  '';
 in {
-
  systemd.services.forgejo.preStart = lib.mkAfter ''
    ${scriptAddLDAPAuth}
    ${scriptAddOAuth}
--- a/machines/gerd/services/nextcloud.nix
+++ b/machines/gerd/services/nextcloud.nix
@ -129,7 +129,7 @@ in {
        version = "3.1.1";
        # TODO(eyJhb): add to niv
      in pkgs.fetchNextcloudApp {
-          sha256 = "sha256-EVHDDFtz92lZviuTqr+St7agfBWok83HpfuL6DFCoTE=";
+          sha256 = "sha256-b/tKk+y+ZypCHGNDtunDua2msYD6/TzA0haoC0k85F4=";
          url = "https://github.com/pulsejet/nextcloud-oidc-login/releases/download/v${version}/oidc_login.tar.gz";
          license = "agpl3Only";
      };
@ -162,7 +162,7 @@ in {

  systemd.services.nextcloud-setup = {
    # runs this after all the main nextcloud-setup stuff
-    postStop = lib.mkAfter ''
+    script = lib.mkAfter ''
      ${nextcloudSetupLdap}
      ${nextcloudSetupAdmin}
      ${nextcloudSetupEncryption}