wurzel/fruitbasket
10
1
Fork 1
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity

fix build errors on 25.05

Browse source
This commit is contained in:
Rouven Seifert 2025-06-26 14:10:47 +02:00 committed by quitte
parent d638d96c72
commit 4c529e5ef2
5 changed files with 32 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

50
flake.lock generated
View file

@ -14,15 +14,15 @@
"uv2nix": "uv2nix" "uv2nix": "uv2nix"
}, },
"locked": { "locked": {
"lastModified": 1747509307, "lastModified": 1749129962,
"narHash": "sha256-v08I8e2006ZHamRJ9iawHGoQphYsQu0TrORd5qwg4nk=", "narHash": "sha256-gc1l5z5dWw9a9DWsrp0ZiD+SSMsNpEwMEiRi8K5sh5c=",
"owner": "MarcelCoding", "owner": "nix-community",
"repo": "authentik-nix", "repo": "authentik-nix",
"rev": "fa8d3ea7335ee2adf4d1a633bc725199def62791", "rev": "271a38f7c4e2551f0674b894e2adf7cd1ddb8168",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "MarcelCoding", "owner": "nix-community",
"repo": "authentik-nix", "repo": "authentik-nix",
"type": "github" "type": "github"
} }
@ -30,16 +30,16 @@
"authentik-src": { "authentik-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747329052, "lastModified": 1749043670,
"narHash": "sha256-idShMSYIrf3ViG9VFNGNu6TSjBz3Q+GJMMeCzcJwfG4=", "narHash": "sha256-gwHngqb23U8By7jhxFWQZOXy+vPQApJSkvr4gHI5ifQ=",
"owner": "goauthentik", "owner": "goauthentik",
"repo": "authentik", "repo": "authentik",
"rev": "ae47624761f05040149d856d5e55a90cd7492740", "rev": "bda30c5ad5838fea36dc0a06f8580cca437f0fc0",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "goauthentik", "owner": "goauthentik",
"ref": "version/2025.4.1", "ref": "version/2025.4.2",
"repo": "authentik", "repo": "authentik",
"type": "github" "type": "github"
} }
@ -105,11 +105,11 @@
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": "nixpkgs-lib"
}, },
"locked": { "locked": {
"lastModified": 1743550720, "lastModified": 1748821116,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5", "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -283,27 +283,27 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1747335874, "lastModified": 1748929857,
"narHash": "sha256-IKKIXTSYJMmUtE+Kav5Rob8SgLPnfnq4Qu8LyT4gdqQ=", "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ba8b70ee098bc5654c459d6a95dfc498b91ff858", "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-24.11", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": { "nixpkgs-lib": {
"locked": { "locked": {
"lastModified": 1743296961, "lastModified": 1748740939,
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", "rev": "656a64127e9d791a334452c6b6606d17539476e2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -440,11 +440,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744599653, "lastModified": 1748562898,
"narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=", "narHash": "sha256-STk4QklrGpM3gliPKNJdBLSQvIrqRuwHI/rnYb/5rh8=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "build-system-pkgs", "repo": "build-system-pkgs",
"rev": "7dba6dbc73120e15b558754c26024f6c93015dd7", "rev": "33bd58351957bb52dd1700ea7eeefe34de06a892",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -649,11 +649,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1746649034, "lastModified": 1748916602,
"narHash": "sha256-gmv+ZiY3pQnwgI0Gm3Z1tNSux1CnOJ0De+xeDOol1+0=", "narHash": "sha256-GiwjjmPIISDFD0uQ1DqQ+/38hZ+2z1lTKVj/TkKaWwQ=",
"owner": "pyproject-nix", "owner": "pyproject-nix",
"repo": "uv2nix", "repo": "uv2nix",
"rev": "fe540e91c26f378c62bf6da365a97e848434d0cd", "rev": "a4dd471de62b27928191908f57bfcd702ec2bfc9",
"type": "github" "type": "github"
}, },
"original": { "original": {

5
flake.nix
View file

@ -17,10 +17,7 @@
notenrechner.url = "git+https://git.ifsr.de/frieder.hannenheim/notenrechner.git"; notenrechner.url = "git+https://git.ifsr.de/frieder.hannenheim/notenrechner.git";
notenrechner.inputs.nixpkgs.follows = "nixpkgs"; notenrechner.inputs.nixpkgs.follows = "nixpkgs";
authentik = { authentik = {
# change to old one when we are at 25.05 url = "github:nix-community/authentik-nix";
# see https://github.com/nix-community/authentik-nix/issues/56 for context
url = "github:MarcelCoding/authentik-nix";
# url = "github:nix-community/authentik-nix";
}; };

7
modules/mail/dovecot2.nix
View file

@ -19,6 +19,10 @@ in
993 # IMAPS 993 # IMAPS
4190 # Managesieve 4190 # Managesieve
]; ];
environment.systemPackages = [
pkgs.dovecot_pigeonhole
];
sops.secrets."dovecot_ldap_search".owner = config.services.dovecot2.user; sops.secrets."dovecot_ldap_search".owner = config.services.dovecot2.user;
services.dovecot2 = { services.dovecot2 = {
enable = true; enable = true;
@ -65,9 +69,6 @@ in
specialUse = "Archive"; specialUse = "Archive";
}; };
}; };
modules = [
pkgs.dovecot_pigeonhole
];
# set to satisfy the sieveScripts check, will be overridden by userdb lookups anyways # set to satisfy the sieveScripts check, will be overridden by userdb lookups anyways
mailUser = "vmail"; mailUser = "vmail";
mailGroup = "vmail"; mailGroup = "vmail";

1
modules/mail/rspamd.nix
View file

@ -197,6 +197,7 @@ in
extraConfig = '' extraConfig = ''
allow 141.30.0.0/16; allow 141.30.0.0/16;
allow 141.76.0.0/16; allow 141.76.0.0/16;
allow 2a13:dd80::/29;
deny all; deny all;
''; '';
}; };

23
modules/matrix/mautrix-telegram.nix
View file

@ -17,22 +17,11 @@ in
sops.secrets.mautrix-telegram_env = { }; sops.secrets.mautrix-telegram_env = { };
services.matrix-synapse.settings.app_service_config_files = [
# The registration file is automatically generated after starting the
# appservice for the first time.
registrationFileSynapse
];
systemd.tmpfiles.rules = [
# copy registration file over to synapse
"C ${registrationFileSynapse} - - - - ${registrationFileMautrix}"
"Z /var/lib/matrix-synapse/ - matrix-synapse matrix-synapse - -"
];
services.mautrix-telegram = { services.mautrix-telegram = {
enable = true; enable = true;
environmentFile = config.sops.secrets.mautrix-telegram_env.path; environmentFile = config.sops.secrets.mautrix-telegram_env.path;
registerToSynapse = true;
settings = { settings = {
homeserver = { homeserver = {
@ -57,14 +46,4 @@ in
}; };
}; };
}; };
# If we don't explicitly set {a,h}s_token, mautrix-telegram will try to read them from the registrationFile
# and write them to the settingsFile in /nix/store, which obviously fails.
systemd.services.mautrix-telegram.serviceConfig.ExecStart =
lib.mkForce (pkgs.writeShellScript "start" ''
export MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=$(grep as_token ${registrationFileMautrix} | cut -d' ' -f2-)
export MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=$(grep hs_token ${registrationFileMautrix} | cut -d' ' -f2-)
${pkgs.mautrix-telegram}/bin/mautrix-telegram --config='${settingsFile}'
'');
} }