From 71b9dc991a4f616efa4b0b684a7128b5a73ccd68 Mon Sep 17 00:00:00 2001
From: Michael Walker <mike@barrucadu.co.uk>
Date: Tue, 2 Jan 2024 18:51:04 +0000
Subject: [PATCH] Upgrade to NixOS 23.11

---
 flake.lock                             | 56 +++++++++++++++++++++-----
 flake.nix                              |  6 +--
 hosts/azathoth/configuration.nix       |  2 +-
 hosts/nyarlathotep/configuration.nix   |  4 +-
 scripts/documentation.sh               |  2 +
 shared/default.nix                     |  4 +-
 shared/erase-your-darlings/default.nix |  2 +-
 7 files changed, 57 insertions(+), 19 deletions(-)

diff --git a/flake.lock b/flake.lock
index d26aa106..77ce3c90 100644
--- a/flake.lock
+++ b/flake.lock
@@ -43,16 +43,16 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1702350026,
-        "narHash": "sha256-A+GNZFZdfl4JdDphYKBJ5Ef1HOiFsP18vQe9mqjmUis=",
+        "lastModified": 1703992652,
+        "narHash": "sha256-C0o8AUyu8xYgJ36kOxJfXIroy9if/G6aJbNOpA5W0+M=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "9463103069725474698139ab10f17a9d125da859",
+        "rev": "32f63574c85fbc80e4ba1fbb932cde9619bad25e",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-23.05",
+        "ref": "nixos-23.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -65,20 +65,21 @@
         "nix-github-actions": "nix-github-actions",
         "nixpkgs": [
           "nixpkgs"
-        ]
+        ],
+        "systems": "systems",
+        "treefmt-nix": "treefmt-nix"
       },
       "locked": {
-        "lastModified": 1696512612,
-        "narHash": "sha256-p6niqag7b4XEHvzWgG0X/xjoW/ZXbAxW8ggd8yReT3Y=",
+        "lastModified": 1703546497,
+        "narHash": "sha256-CN/7HaEmHz+akXKejkRVhsxAm6HPGOmYBWMtgMkuROA=",
         "owner": "nix-community",
         "repo": "poetry2nix",
-        "rev": "e23218d1599e3369dfc878757e58974017e0ecc8",
+        "rev": "528d500ea826383cc126a9be1e633fc92b19ce5d",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
         "repo": "poetry2nix",
-        "rev": "e23218d1599e3369dfc878757e58974017e0ecc8",
         "type": "github"
       }
     },
@@ -88,7 +89,7 @@
         "nixpkgs": "nixpkgs",
         "poetry2nix": "poetry2nix",
         "sops-nix": "sops-nix",
-        "systems": "systems"
+        "systems": "systems_2"
       }
     },
     "sops-nix": {
@@ -115,6 +116,20 @@
       }
     },
     "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "id": "systems",
+        "type": "indirect"
+      }
+    },
+    "systems_2": {
       "locked": {
         "lastModified": 1681028828,
         "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@@ -128,6 +143,27 @@
         "repo": "default",
         "type": "github"
       }
+    },
+    "treefmt-nix": {
+      "inputs": {
+        "nixpkgs": [
+          "poetry2nix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1702979157,
+        "narHash": "sha256-RnFBbLbpqtn4AoJGXKevQMCGhra4h6G2MPcuTSZZQ+g=",
+        "owner": "numtide",
+        "repo": "treefmt-nix",
+        "rev": "2961375283668d867e64129c22af532de8e77734",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "treefmt-nix",
+        "type": "github"
+      }
     }
   },
   "root": "root",
diff --git a/flake.nix b/flake.nix
index 55f21334..44ef4593 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,8 +1,8 @@
 {
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
     poetry2nix = {
-      url = "github:nix-community/poetry2nix?rev=e23218d1599e3369dfc878757e58974017e0ecc8";
+      url = "github:nix-community/poetry2nix";
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.flake-utils.follows = "flake-utils";
     };
@@ -23,7 +23,7 @@
       system = "x86_64-linux";
       pkgs = import nixpkgs {
         inherit system;
-        overlays = [ poetry2nix.overlay ];
+        overlays = [ poetry2nix.overlays.default ];
       };
     in
     {
diff --git a/hosts/azathoth/configuration.nix b/hosts/azathoth/configuration.nix
index 51fdf903..2c85569c 100644
--- a/hosts/azathoth/configuration.nix
+++ b/hosts/azathoth/configuration.nix
@@ -60,7 +60,7 @@ in
     enableGhostscriptFonts = true;
     fontconfig.cache32Bit = true;
 
-    fonts = with pkgs; [
+    packages = with pkgs; [
       terminus_font
       source-code-pro
     ];
diff --git a/hosts/nyarlathotep/configuration.nix b/hosts/nyarlathotep/configuration.nix
index 56b79acf..d369fb25 100644
--- a/hosts/nyarlathotep/configuration.nix
+++ b/hosts/nyarlathotep/configuration.nix
@@ -83,7 +83,7 @@ in
 
   environment.etc."dns/hosts/stevenblack".source = builtins.fetchurl {
     url = "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts";
-    sha256 = "0zh5184apb1c6mv8sabfwlg49s6xxapwxq5qid7d48786xggq6wi";
+    sha256 = "1jzfgf8q3wvm88gb4hv80f1cgvs88krgmcc29w1j81qnfrkblxm9";
   };
 
   environment.etc."dns/zones/10.in-addr.arpa".text = ''
@@ -143,7 +143,7 @@ in
     description = "Guest user";
     isNormalUser = true;
     group = "users";
-    passwordFile = config.sops.secrets."users/notbarrucadu".path;
+    hashedPasswordFile = config.sops.secrets."users/notbarrucadu".path;
     shell = "/run/current-system/sw/bin/nologin";
   };
   sops.secrets."users/notbarrucadu".neededForUsers = true;
diff --git a/scripts/documentation.sh b/scripts/documentation.sh
index c07c4ad9..ac7382f8 100644
--- a/scripts/documentation.sh
+++ b/scripts/documentation.sh
@@ -41,6 +41,7 @@ print("")
 
 with open(os.getenv("NIXOS_OPTIONS_JSON"), "r") as f:
     options = json.load(f)
+    del options["_module.args"]
 
 modules = {}
 for key, defn in options.items():
@@ -84,6 +85,7 @@ print("")
 
 with open(os.getenv("NIXOS_OPTIONS_JSON"), "r") as f:
     options = json.load(f)
+    del options["_module.args"]
 
 for option in sorted(options.keys()):
     defn = options[option]
diff --git a/shared/default.nix b/shared/default.nix
index 53ef3f4e..09387712 100644
--- a/shared/default.nix
+++ b/shared/default.nix
@@ -46,7 +46,7 @@ in
     #############################################################################
 
     # The NixOS release to be compatible with for stateful data such as databases.
-    system.stateVersion = "23.05";
+    system.stateVersion = "23.11";
 
     # Only keep the last 500MiB of systemd journal.
     services.journald.extraConfig = "SystemMaxUse=500M";
@@ -87,7 +87,7 @@ in
     i18n.defaultLocale = "en_GB.UTF-8";
 
     # Timezone
-    services.timesyncd.enable = true;
+    services.timesyncd.enable = mkForce true;
     time.timeZone = "Europe/London";
 
     # Keyboard
diff --git a/shared/erase-your-darlings/default.nix b/shared/erase-your-darlings/default.nix
index 3302d2f5..b419e010 100644
--- a/shared/erase-your-darlings/default.nix
+++ b/shared/erase-your-darlings/default.nix
@@ -37,7 +37,7 @@ in
     # Switch back to immutable users
     users.mutableUsers = mkForce false;
     users.extraUsers.barrucadu.initialPassword = mkForce null;
-    users.extraUsers.barrucadu.passwordFile = cfg.barrucaduPasswordFile;
+    users.extraUsers.barrucadu.hashedPasswordFile = cfg.barrucaduPasswordFile;
 
     # Persist state in `cfg.persistDir`
     services.openssh.hostKeys = [