From c919a32586a085420f31ba3b8ddf1bc65f910a96 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 1 Dec 2024 17:53:55 +0100 Subject: [PATCH 1/3] Update to NixOS 24.11 --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 3ce17857..79ad63a2 100644 --- a/flake.lock +++ b/flake.lock @@ -217,16 +217,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730327045, - "narHash": "sha256-xKel5kd1AbExymxoIfQ7pgcX6hjw9jCgbiBjiUfSVJ8=", + "lastModified": 1732981179, + "narHash": "sha256-F7thesZPvAMSwjRu0K8uFshTk3ZZSNAsXTIFvXBT+34=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "080166c15633801df010977d9d7474b4a6c549d7", + "rev": "62c435d93bf046a5396f3016472e8f7c8e2aed65", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.05", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index e9dc55f4..6a36aeb5 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Nixos org infra"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; From 89747eaafb74f1f8778815fabfd83c084478c3d8 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 1 Dec 2024 17:56:13 +0100 Subject: [PATCH 2/3] vaultwarden: move backupdir outside of service homedir --- non-critical-infra/modules/vaultwarden.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/non-critical-infra/modules/vaultwarden.nix b/non-critical-infra/modules/vaultwarden.nix index 1449539a..4ad2ec4a 100644 --- a/non-critical-infra/modules/vaultwarden.nix +++ b/non-critical-infra/modules/vaultwarden.nix @@ -7,7 +7,7 @@ services.vaultwarden = { enable = true; - backupDir = "/var/lib/bitwarden_rs/backups/"; + backupDir = "/var/backup/vaultwarden/"; environmentFile = "/var/lib/bitwarden_rs/vaultwarden.env"; config = { DOMAIN = "https://vault.nixos.org"; From 231db0f3fb363d1f51de48be569016f246c27801 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sun, 1 Dec 2024 18:33:55 +0100 Subject: [PATCH 3/3] Run formatter, apply shellcheck shell hints --- build/.envrc | 1 + channels.nix | 2 +- non-critical-infra/.envrc | 1 + terraform-iam/.envrc | 1 + terraform/.envrc | 1 + terraform/flake-module.nix | 10 +++++++--- 6 files changed, 12 insertions(+), 4 deletions(-) diff --git a/build/.envrc b/build/.envrc index 3550a30f..0f94eede 100644 --- a/build/.envrc +++ b/build/.envrc @@ -1 +1,2 @@ +# shellcheck shell=bash use flake diff --git a/channels.nix b/channels.nix index 70e455e3..75655ab2 100644 --- a/channels.nix +++ b/channels.nix @@ -3,7 +3,7 @@ rec { # "Channel name" = { # # This should be the part of # # https://hydra.nixos.org/job//latest-finished - # job = "project/jobset/jobname"; + # job = "project/jobset/jobname"; # # # When adding a new version, determine if it needs to be tagged as a # # variant -- for example: diff --git a/non-critical-infra/.envrc b/non-critical-infra/.envrc index 9cf00f39..321e088a 100644 --- a/non-critical-infra/.envrc +++ b/non-critical-infra/.envrc @@ -1 +1,2 @@ +# shellcheck shell=bash use flake .#non-critical-infra diff --git a/terraform-iam/.envrc b/terraform-iam/.envrc index 11f4c17d..cd7e606b 100644 --- a/terraform-iam/.envrc +++ b/terraform-iam/.envrc @@ -1,3 +1,4 @@ +# shellcheck shell=bash use flake .#terraform-iam export AWS_CONFIG_FILE=$PWD/aws-config diff --git a/terraform/.envrc b/terraform/.envrc index e1ef6425..e828500b 100644 --- a/terraform/.envrc +++ b/terraform/.envrc @@ -1,3 +1,4 @@ +# shellcheck shell=bash use flake .#terraform export AWS_CONFIG_FILE=$PWD/aws-config diff --git a/terraform/flake-module.nix b/terraform/flake-module.nix index 9d27966c..d49c88e9 100644 --- a/terraform/flake-module.nix +++ b/terraform/flake-module.nix @@ -2,9 +2,13 @@ let convert2Tofu = provider: provider.override (prev: { - homepage = builtins.replaceStrings [ "registry.terraform.io/providers" ] [ - "registry.opentofu.org" - ] prev.homepage; + homepage = + builtins.replaceStrings + [ "registry.terraform.io/providers" ] + [ + "registry.opentofu.org" + ] + prev.homepage; }); in {