Merge pull request #289 from barrucadu/nixos-2405

Upgrade to NixOS 24.05
barrucadu · Jun 13, 2024 · cf8786b · cf8786b
2 parents 0552e14 + da2b169
commit cf8786b
Show file tree

Hide file tree

Showing 11 changed files with 27 additions and 22 deletions.
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
     sops-nix = {
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";

diff --git a/hosts/carcosa/configuration.nix b/hosts/carcosa/configuration.nix
@@ -29,7 +29,7 @@ in
   ###############################################################################
 
   networking.hostId = "f62895cc";
-  boot.supportedFilesystems = [ "zfs" ];
+  boot.supportedFilesystems = { zfs = true; };
 
   # Bootloader
   boot.loader.grub.enable = true;

diff --git a/hosts/nyarlathotep/configuration.nix b/hosts/nyarlathotep/configuration.nix
@@ -33,7 +33,7 @@ in
   ###############################################################################
 
   networking.hostId = "4a592971"; # ZFS needs one of these
-  boot.supportedFilesystems = [ "zfs" ];
+  boot.supportedFilesystems = { zfs = true; };
 
   # Bootloader
   boot.loader.systemd-boot.enable = true;
@@ -387,6 +387,7 @@ in
       description = "barrucadu/prometheus-awair-exporter metrics exporter";
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" ];
+      wants = [ "network-online.target" ];
       serviceConfig = {
         ExecStart = "${pkgs.nixfiles.prometheus-awair-exporter}/bin/prometheus-awair-exporter --address 127.0.0.1:${toString prometheusAwairExporterPort} --sensor living-room:10.0.20.117 --sensor bedroom:10.0.20.187";
         DynamicUser = "true";

diff --git a/shared/bookdb/default.nix b/shared/bookdb/default.nix
@@ -28,6 +28,7 @@ in
       description = "barrucadu/bookdb webapp";
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" "${backend}-bookdb-db.service" ];
+      wants = [ "network-online.target" ];
       requires = [ "${backend}-bookdb-db.service" ];
       path = [ pkgs.imagemagick ];
       serviceConfig = {

diff --git a/shared/bookmarks/default.nix b/shared/bookmarks/default.nix
@@ -24,6 +24,7 @@ in
       description = "barrucadu/bookmarks webapp";
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" "${backend}-bookmarks-db.service" ];
+      wants = [ "network-online.target" ];
       requires = [ "${backend}-bookmarks-db.service" ];
       serviceConfig = {
         ExecStart = "${pkgs.nixfiles.bookmarks}/bin/bookmarks ${optionalString (!cfg.readOnly) "--allow-writes"}";

diff --git a/shared/default.nix b/shared/default.nix
@@ -46,7 +46,7 @@ in
     #############################################################################
 
     # The NixOS release to be compatible with for stateful data such as databases.
-    system.stateVersion = "23.11";
+    system.stateVersion = "24.05";
 
     # Only keep the last 500MiB of systemd journal.
     services.journald.extraConfig = "SystemMaxUse=500M";
@@ -56,10 +56,8 @@ in
     nix.gc.options = "--delete-older-than 30d";
     nix.optimise.automatic = true;
 
-    # Enable flakes & pin nixpkgs to the same version that built the
-    # system
+    # Enable flakes
     nix.extraOptions = "experimental-features = nix-command flakes";
-    nix.registry.nixpkgs.flake = flakeInputs.nixpkgs;
 
     # Clear out /tmp after a fortnight and give all normal users a ~/tmp
     # cleaned out weekly.
@@ -99,7 +97,7 @@ in
 
     # Keyboard
     console.keyMap = "uk";
-    services.xserver.layout = "gb";
+    services.xserver.xkb.layout = "gb";
 
     #############################################################################
     ## Firewall
@@ -175,6 +173,7 @@ in
       # Only pubkey auth
       settings.PasswordAuthentication = false;
       settings.KbdInteractiveAuthentication = false;
+      authorizedKeysInHomedir = true;
     };
 
     # Start ssh-agent as a systemd user service

diff --git a/shared/pleroma/default.nix b/shared/pleroma/default.nix
@@ -63,6 +63,7 @@ in
     systemd.services.pleroma = {
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" "${backend}-pleroma-db.service" ];
+      wants = [ "network-online.target" ];
       requires = [ "${backend}-pleroma-db.service" ];
       environment = {
         DOMAIN = cfg.domain;

diff --git a/shared/resolved/default.nix b/shared/resolved/default.nix
@@ -19,6 +19,7 @@ in
       description = "barrucadu/resolved nameserver";
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" ];
+      wants = [ "network-online.target" ];
       serviceConfig = {
         AmbientCapabilities = "CAP_NET_BIND_SERVICE";
         ExecStart = concatStringsSep " " [

diff --git a/shared/rtorrent/default.nix b/shared/rtorrent/default.nix
@@ -68,6 +68,7 @@ in
       enable = true;
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" ];
+      wants = [ "network-online.target" ];
       serviceConfig = {
         ExecStart = "${pkgs.rtorrent}/bin/rtorrent -n -o system.daemon.set=true -o import=${rtorrentrc}";
         User = cfg.user;

diff --git a/tools/provision-machine.sh b/tools/provision-machine.sh
@@ -106,7 +106,7 @@ cat <<EOF > /mnt/persist/etc/nixos/hosts/new/header.nix
 with lib;
 {
   networking.hostId = "$(head -c 4 /dev/urandom | xxd -p)";
-  boot.supportedFilesystems = [ "zfs" ];
+  boot.supportedFilesystems = { zfs = true; };
 
   ###############################################################################
   ## GENERATED CONFIG BELOW THIS LINE