fix nixos-rebuild switch warnings on sputnik

2021-09-11 20:56:00 +02:00 · 2021-09-11 20:56:00 +02:00 · 26df76ed62
commit 26df76ed62
parent 8567dbf7b4
10 changed files with 4 additions and 289 deletions
--- a/configs/sputnik/codimd.nix
+++ b/configs/sputnik/codimd.nix
@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }: {

  services.nginx.enable = true;
-  services.nginx.virtualHosts.codimd = {
+  services.nginx.virtualHosts.hedgedoc = {
    listen = [
      {
        addr = "0.0.0.0";
@ -16,7 +16,7 @@
    ];
    enableACME = true;
    addSSL = true;
-    serverName = "codimd.ingolf-wagner.de";
+    serverName = "md.ingolf-wagner.de";
    locations."/".extraConfig = ''
      client_max_body_size 4G;
      proxy_set_header Host $host;
@ -24,13 +24,13 @@
    '';
  };

-  services.codimd = {
+  services.hedgedoc = {
    enable = true;
    configuration = {
      allowFreeURL = true;
      db = {
        dialect = "sqlite";
-        storage = "/var/lib/codimd/db.codimd.sqlite";
+        storage = "/var/lib/hedgedoc/db.sqlite";
        useCDN = false;
      };
      port = 3091;
--- a/configs/sputnik/configuration.nix
+++ b/configs/sputnik/configuration.nix
@ -10,7 +10,6 @@
    ./codimd.nix
    ./bitwarden.nix
    #./syncplay.nix
-    #./mail-server.nix

  ];

--- a/configs/sputnik/mail-server.nix
+++ b/configs/sputnik/mail-server.nix
@ -1,61 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-# make sure no update befor changing this parameter
-assert lib.versionOlder lib.version "20.09";
-
-let release = "nixos-20.09";
-
-in {
-  imports = [
-    (builtins.fetchTarball {
-      url =
-        "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz";
-      # This hash needs to be updated
-      sha256 = "0000000000000000000000000000000000000000000000000000";
-    })
-  ];
-
-  mailserver = {
-    enable = true;
-    fqdn = "mail.ingolf-wagner.de";
-    domains = [ "ingolf-wagner.de" ];
-
-    # A list of all login accounts. To create the password hashes, use
-    # nix-shell -p mkpasswd --run 'mkpasswd -m sha-512 "super secret password"'
-    loginAccounts = {
-      "root@ingolf-wagner.com" = {
-        hashedPassword = lib.fileContents
-          <secrets/mailserver/hashedPasswords/root_at_ingolf-wagner.de>;
-        #aliases = [
-        #  "postmaster@gaykraft.com"
-        #];
-        # Make this user the catchAll address for domains
-        catchAll = [ "ingol-wagner.de" ];
-      };
-    };
-
-    # Extra virtual aliases. These are email addresses that are forwarded to
-    # loginAccounts addresses.
-    #extraVirtualAliases = {
-    # address = forward address;
-    #"abuse@example.com" = "user1@example.com";
-    #};
-
-    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
-    # down nginx and opens port 80.
-    certificateScheme = 3;
-
-    # Enable IMAP and POP3
-    enableImap = false;
-    enablePop3 = true;
-    enableImapSsl = false;
-    enablePop3Ssl = true;
-
-    # Enable the ManageSieve protocol
-    enableManageSieve = true;
-
-    # whether to scan inbound emails for viruses (note that this requires at least
-    # 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty)
-    virusScanning = false;
-  };
-}
--- a/configs/workhorse/configuration.nix
+++ b/configs/workhorse/configuration.nix
@ -5,14 +5,11 @@
    ./hardware-configuration.nix

    #./bepasty.nix not working https://github.com/NixOS/nixpkgs/issues/116326
-    #./castget.nix
    ./gogs.nix
    ./grafana.nix
    ./graylog.nix
    ./jenkins.nix
    ./kibana.nix
-    #./lektor-gaykraft.nix
-    #./lektor-terranix.nix
    ./mail-fetcher.nix
    ./packages.nix
    ./prometheus.nix
@ -21,9 +18,7 @@
    ./tinc.nix
    ./transmission.nix
    ./weechat.nix
-    #./wetten.nix
    ./nextcloud.nix
-    #./mattermost.nix
    ./borg.nix
    #./metabase.nix
    #./jupyter.nix
--- a/configs/workhorse/jenkins.nix
+++ b/configs/workhorse/jenkins.nix
@ -79,19 +79,6 @@ in {

      in [

-        (job "deploy-gaykraft" {
-          url = "ssh://gogs@workhorse.private:2222/palo/gaykraft.git";
-          credentialsId = gogs-id;
-        } [
-          { "build" = [ "nix-shell --run build" ]; }
-          {
-            "publish" = [{
-              script = "nix-shell --run publish";
-              credentialsId = sshSputnik;
-            }];
-          }
-        ])
-
        (job "sync-retiolum" {
          url = "git@github.com:krebs/retiolum.git";
          credentialsId = github-id;
--- a/configs/workhorse/lektor-gaykraft.nix
+++ b/configs/workhorse/lektor-gaykraft.nix
@ -1,55 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-let
-
-  containerName = "gaykraft";
-  port = 5001;
-  repository = "ssh://gogs@git.ingolf-wagner.de:443/palo/gaykraft.git";
-  sshKey = toString <secrets/lektor/gaykraft>;
-
-in {
-
-  services.nginx = {
-    enable = true;
-    statusPage = true;
-    virtualHosts = {
-      "${containerName}.${config.networking.hostName}.private" = {
-        serverAliases = [ ];
-        locations."/" = {
-          proxyPass =
-            "http://${config.networking.hostName}.private:${toString port}";
-        };
-      };
-    };
-  };
-
-  containers.${containerName} = {
-
-    bindMounts = {
-      "/var/src" = {
-        hostPath = toString "/var/src/";
-        isReadOnly = true;
-      };
-    };
-
-    autoStart = true;
-    config = { config, pkgs, ... }: {
-      imports = [ <system/all> ];
-      services.lektor = {
-        enable = true;
-        host = "git.ingolf-wagner.de";
-        sshKey = sshKey;
-        repository = repository;
-        port = port;
-        additionalScript =
-          pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
-      };
-    };
-
-  };
-
-  # it might take some time will this thing is up
-  systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec =
-    lib.mkForce "infinity";
-
-}
--- a/configs/workhorse/lektor-terranix.nix
+++ b/configs/workhorse/lektor-terranix.nix
@ -1,55 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-let
-
-  containerName = "terranix";
-  port = 5003;
-  repository = "ssh://gogs@git.ingolf-wagner.de:443/terranix/terranix.org.git";
-  sshKey = toString <secrets/lektor/terranix>;
-
-in {
-
-  services.nginx = {
-    enable = true;
-    statusPage = true;
-    virtualHosts = {
-      "${containerName}.${config.networking.hostName}.private" = {
-        serverAliases = [ ];
-        locations."/" = {
-          proxyPass =
-            "http://${config.networking.hostName}.private:${toString port}";
-        };
-      };
-    };
-  };
-
-  containers.${containerName} = {
-
-    bindMounts = {
-      "/var/src" = {
-        hostPath = toString "/var/src/";
-        isReadOnly = true;
-      };
-    };
-
-    autoStart = true;
-    config = { config, pkgs, ... }: {
-      imports = [ <system/all> ];
-      services.lektor = {
-        enable = true;
-        host = "git.ingolf-wagner.de";
-        sshKey = sshKey;
-        repository = repository;
-        port = port;
-        additionalScript =
-          pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
-      };
-    };
-
-  };
-
-  # it might take some time will this thing is up
-  systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec =
-    lib.mkForce "infinity";
-
-}
--- a/configs/workhorse/mail-fetcher.nix
+++ b/configs/workhorse/mail-fetcher.nix
@ -457,11 +457,6 @@ in {
      source = toString <secrets/mail/siteground/contact>;
      requiredBy = [ "fetchmail.service" ];
    };
-    "gaykraft.root" = {
-      user = config.users.users.mailUser.name;
-      source = toString <secrets/mail/gaykraft/root>;
-      requiredBy = [ "fetchmail.service" ];
-    };
    "c-base.palo" = {
      user = config.users.users.mailUser.name;
      source = toString <secrets/mail/c-base/palo>;
--- a/configs/workhorse/seafile.nix
+++ b/configs/workhorse/seafile.nix
@ -1,50 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
-
-  hostname = "seafile.gaykraft.com";
-  port = 3030;
-  home = "/home/seafile";
-  serviceName = "seafile-docker";
-
-in {
-
-  services.nginx = {
-    enable = true;
-    statusPage = true;
-    virtualHosts = {
-      "seafile.${config.networking.hostName}.private" = {
-        serverAliases = [ ];
-        locations."/" = {
-          proxyPass =
-            "http://${config.networking.hostName}.private:${toString port}";
-        };
-      };
-    };
-  };
-
-  systemd.services."${serviceName}" = {
-    enable = true;
-    description = "seafile service running as docker";
-    after = [ "network.target" "docker.service" ];
-    requires = [ "docker.service" ];
-    wantedBy = [ "multi-user.target" ];
-    script = ''
-      # delete old instance to ensure update
-      ${pkgs.docker}/bin/docker stop seafile || true && ${pkgs.docker}/bin/docker rm -f seafile || true
-      # start instance
-      ${pkgs.docker}/bin/docker run \
-        --name seafile \
-        --env SEAFILE_SERVER_HOSTNAME=${hostname} \
-        --env SEAFILE_ADMIN_EMAIL="root@${hostname}"  \
-        --env SEAFILE_ADMIN_PASSWORD="${
-          lib.fileContents <secrets/seafile/root>
-        }" \
-        --volume ${home}:/shared \
-        --publish ${toString port}:80 \
-        seafileltd/seafile:latest
-    '';
-  };
-
-  virtualisation.docker.enable = lib.mkDefault true;
-
-}
--- a/configs/workhorse/wetten.nix
+++ b/configs/workhorse/wetten.nix
@ -1,40 +0,0 @@
-{ config, lib, pkgs , ... }:
-{
-  imports = [
-    <wetten/nixos>
-  ];
-
-  krops.userKeys."wetten_appkey" = {
-    user = "wetten";
-    source = toString <secrets/betfair/appkey>;
-    requiredBy = [ "wetten.service" ];
-  };
-
-  krops.userKeys."wetten_key" = {
-    user = "wetten";
-    source = <secrets/betfair/key>;
-    requiredBy = [ "wetten.service" ];
-  };
-
-  krops.userKeys."wetten_cert" = {
-    user = "wetten";
-    source = toString <secrets/betfair/cert>;
-    requiredBy = [ "wetten.service" ];
-  };
-
-  krops.userKeys."wetten_password" = {
-    user = "wetten";
-    source = toString <secrets/betfair/password>;
-    requiredBy = [ "wetten.service" ];
-  };
-
-  services.wetten = {
-    enable = true;
-    username = "palipalo9@googlemail.com";
-    passwordFile = config.krops.userKeys."wetten_password".target;
-    appKeyFile = config.krops.userKeys."wetten_appkey".target;
-    clientCert = config.krops.userKeys."wetten_cert".target;
-    clientCertKey = config.krops.userKeys."wetten_key".target;
-  };
-
-}