fix openssh

2024-07-02 20:04:55 +02:00 · 2024-07-02 20:04:55 +02:00 · 9524fabb85
commit 9524fabb85
parent 50c5c88ed9
4 changed files with 45 additions and 16 deletions
--- a/common/tooling/security.nix
+++ b/common/tooling/security.nix
@ -59,6 +59,7 @@ in
      ++ optional graphical pkgs.lxqt.lxqt-policykit;
    services.passSecretService.enable = mkIf (tooling.enable && tooling.pass) true;
    services.openssh.settings.LoginGraceTime = 0;
    programs.gnupg.agent = {
      settings = {
        # default-cache-ttl = 6000;
--- a/modules/default.nix
+++ b/modules/default.nix
@ -10,7 +10,7 @@ in
    ./gitea.nix
    ./grafana.nix
    ./nextcloud.nix
-    ./prometheus.nix
+    # ./prometheus.nix
    # ./mjolnir.nix
    ./fail2ban.nix
    ./email.nix
@ -19,6 +19,7 @@ in
    ./nix_cache.nix
    ./auth.nix
    ./hedgedoc.nix
    ./factorio.nix
  ];
  options.serverConfig =
--- a/modules/factorio.nix
+++ b/modules/factorio.nix
@ -0,0 +1,27 @@
 { pkgs, config, lib, ...}: {
  networking.firewall.allowedTCPPorts = [
    34197
  ];
  networking.firewall.allowedUDPPorts = [
    34197
  ];
  systemd.services.clusterio-trangar = {
    description = "clusterio pulling its config from trang.ar";
    after = [ "network-online.target" ];
    wants = [ "network-online.target" ];
    serviceConfig.Type = "simple";
    # serviceConfig.PassEnvironment = "NIX_PATH";
    #serviceConfig.User = "grimmauld";
    #serviceConfig.Group = "users";
    serviceConfig.WorkingDirectory = "/home/grimmauld/clusterio";
    script = ''
      ${lib.getExe' config.nix.package "nix-shell"} -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos /home/grimmauld/clusterio/shell.nix
    '';
    wantedBy = ["multi-user.target"]; # starts after login
    enable = true;
  };
 }
--- a/nix/sources.json
+++ b/nix/sources.json
@ -5,10 +5,10 @@
        "homepage": "https://matrix.to/#/#agenix:nixos.org",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
+        "rev": "3a56735779db467538fb2e577eda28a9daacaca6",
-        "sha256": "1lpkwinlax40b7xgzspbkm9rsi4a1x48hxhixnni4irxxwnav0ah",
+        "sha256": "1h66zapc6im07k3kcgvhy3lhzahb70vd6m2ijhz4i0v6mn5l3fk9",
        "type": "tarball",
-        "url": "https://github.com/ryantm/agenix/archive/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9.tar.gz",
+        "url": "https://github.com/ryantm/agenix/archive/3a56735779db467538fb2e577eda28a9daacaca6.tar.gz",
        "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
    },
    "authentik-nix": {
@ -17,10 +17,10 @@
        "homepage": "",
        "owner": "nix-community",
        "repo": "authentik-nix",
-        "rev": "1942bdac27c337559ca16ddb7fca5c9ffb686e5b",
+        "rev": "bb756751b02b3138a2cba58064a28ddc6f2648df",
-        "sha256": "15xrzv6i0wkj3qrxpscgnq2kgc6xbjp26lhhlmvjgiv4bqm2q1dv",
+        "sha256": "118jnqj0pxvwx7kaz6im9g4ys8sgm1xslz4figqq4nq417vjh86p",
        "type": "tarball",
-        "url": "https://github.com/nix-community/authentik-nix/archive/1942bdac27c337559ca16ddb7fca5c9ffb686e5b.tar.gz",
+        "url": "https://github.com/nix-community/authentik-nix/archive/bb756751b02b3138a2cba58064a28ddc6f2648df.tar.gz",
        "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
    },
    "chaotic": {
@ -29,10 +29,10 @@
        "homepage": "https://nyx.chaotic.cx",
        "owner": "chaotic-cx",
        "repo": "nyx",
-        "rev": "798d56d819cd7d46ba9202afe81040887ac868ef",
+        "rev": "0e99464b8956307678b60ec7540e6cad730ee825",
-        "sha256": "1b1nish8zhc6mxp07rw874sqsf8212gg4srwyknd7fidn9gsk5jr",
+        "sha256": "1ksi4pssnxaa1pmxdk25gpbciaffjr5py3hdw0ifr0zcs8z22hyy",
        "type": "tarball",
-        "url": "https://github.com/chaotic-cx/nyx/archive/798d56d819cd7d46ba9202afe81040887ac868ef.tar.gz",
+        "url": "https://github.com/chaotic-cx/nyx/archive/0e99464b8956307678b60ec7540e6cad730ee825.tar.gz",
        "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
    },
    "glibc-eac": {
@ -50,19 +50,19 @@
    "lix-module": {
        "branch": "main",
        "repo": "https://git.lix.systems/lix-project/nixos-module.git",
-        "rev": "4e25f1ab68f2270f9cff59216056c21073db0164",
+        "rev": "5d9d94089fb1ca96222a34bfe245ef5c5ebefd37",
        "type": "git"
    },
    "lix-pkg": {
        "branch": "main",
        "repo": "https://git.lix.systems/lix-project/lix.git",
-        "rev": "8a3d063a494c4b8c767190a5ce3e4075a75f9d07",
+        "rev": "865a3732faca16a79bf24982011adf100de04463",
        "type": "git"
    },
    "nixos-mailserver": {
        "branch": "master",
        "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git",
-        "rev": "29916981e7b3b5782dc5085ad18490113f8ff63b",
+        "rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b",
        "type": "git"
    },
    "nixos-matrix-modules": {
@ -83,10 +83,10 @@
        "homepage": null,
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "57d6973abba7ea108bac64ae7629e7431e0199b6",
+        "rev": "2741b4b489b55df32afac57bc4bfd220e8bf617e",
-        "sha256": "1sx6ijjj0cic06khxb13iaihqadwm8drixy9rw32xapdvj6x92pm",
+        "sha256": "19z8yxgjm9jx7dls8942k6d8vp4dgh52azj1d6jgsy1vb27rw56k",
        "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/57d6973abba7ea108bac64ae7629e7431e0199b6.tar.gz",
+        "url": "https://github.com/NixOS/nixpkgs/archive/2741b4b489b55df32afac57bc4bfd220e8bf617e.tar.gz",
        "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
    },
    "ranger_udisk_menu": {