From da2b16997a36bdd446460401861862475d3191bd Mon Sep 17 00:00:00 2001 From: Michael Walker Date: Thu, 13 Jun 2024 23:25:05 +0100 Subject: [PATCH] Upgrade to NixOS 24.05 No major breaking changes this time. https://nixos.org/blog/announcements/2024/nixos-2405/ --- flake.lock | 26 +++++++++++++------------- flake.nix | 2 +- hosts/carcosa/configuration.nix | 2 +- hosts/nyarlathotep/configuration.nix | 3 ++- shared/bookdb/default.nix | 1 + shared/bookmarks/default.nix | 1 + shared/default.nix | 9 ++++----- shared/pleroma/default.nix | 1 + shared/resolved/default.nix | 1 + shared/rtorrent/default.nix | 1 + tools/provision-machine.sh | 2 +- 11 files changed, 27 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index c0fbeb62..ce5f6576 100644 --- a/flake.lock +++ b/flake.lock @@ -13,11 +13,11 @@ ] }, "locked": { - "lastModified": 1715818407, - "narHash": "sha256-mJWD7Z/4c7Kse57nG7gFaJumlzB5keeb4zkqUEImTQo=", + "lastModified": 1718093248, + "narHash": "sha256-aCsvnYBVmQh9x4TYhT3pA7pRWsPvaJQ+ITHH3A9dYPU=", "owner": "barrucadu", "repo": "bookdb", - "rev": "f24235749d9b414b1af587b6496af5341d81d36b", + "rev": "75d6b19cd503810afcadffeaae6a7adef66621f4", "type": "github" }, "original": { @@ -92,16 +92,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1717530100, - "narHash": "sha256-b4Dn+PnrZoVZ/BoR9JN2fTxXxplJrAsdSUIePf4Cacs=", + "lastModified": 1718208800, + "narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a2e1d0414259a144ebdc048408a807e69e0565af", + "rev": "cc54fb41d13736e92229c21627ea4f22199fee6b", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.11", + "ref": "nixos-24.05", "repo": "nixpkgs", "type": "github" } @@ -142,11 +142,11 @@ ] }, "locked": { - "lastModified": 1717154494, - "narHash": "sha256-56DvvRgqqWIZHUCQAnXvqzbceGK/xzItw3O9j+cxwEU=", + "lastModified": 1718096261, + "narHash": "sha256-iy/0qjoalx5CaTgT7klueuQhktV3FSbncmdpcugsz7c=", "owner": "barrucadu", "repo": "resolved", - "rev": "049d2555c8e48ed8e2cbd360809eb1e74e274977", + "rev": "f44e1883492d6a8de46bc05bc9676b1ca1cc60be", "type": "github" }, "original": { @@ -199,11 +199,11 @@ ] }, "locked": { - "lastModified": 1717455931, - "narHash": "sha256-8Q6mKSsto8gaGczXd4G0lvawdAYLa5Dlh3/g4hl5CaM=", + "lastModified": 1718137936, + "narHash": "sha256-psA+1Q5fPaK6yI3vzlLINNtb6EeXj111zQWnZYyJS9c=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d4555e80d80d2fa77f0a44201ca299f9602492a0", + "rev": "c279dec105dd53df13a5e57525da97905cc0f0d6", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index c88c3eb7..84cbe195 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hosts/carcosa/configuration.nix b/hosts/carcosa/configuration.nix index d6981a7e..1ccc93f6 100644 --- a/hosts/carcosa/configuration.nix +++ b/hosts/carcosa/configuration.nix @@ -29,7 +29,7 @@ in ############################################################################### networking.hostId = "f62895cc"; - boot.supportedFilesystems = [ "zfs" ]; + boot.supportedFilesystems = { zfs = true; }; # Bootloader boot.loader.grub.enable = true; diff --git a/hosts/nyarlathotep/configuration.nix b/hosts/nyarlathotep/configuration.nix index 6c3453a5..5842528e 100644 --- a/hosts/nyarlathotep/configuration.nix +++ b/hosts/nyarlathotep/configuration.nix @@ -33,7 +33,7 @@ in ############################################################################### networking.hostId = "4a592971"; # ZFS needs one of these - boot.supportedFilesystems = [ "zfs" ]; + boot.supportedFilesystems = { zfs = true; }; # Bootloader boot.loader.systemd-boot.enable = true; @@ -387,6 +387,7 @@ in description = "barrucadu/prometheus-awair-exporter metrics exporter"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; serviceConfig = { ExecStart = "${pkgs.nixfiles.prometheus-awair-exporter}/bin/prometheus-awair-exporter --address 127.0.0.1:${toString prometheusAwairExporterPort} --sensor living-room:10.0.20.117 --sensor bedroom:10.0.20.187"; DynamicUser = "true"; diff --git a/shared/bookdb/default.nix b/shared/bookdb/default.nix index a8be39a6..c289bedc 100644 --- a/shared/bookdb/default.nix +++ b/shared/bookdb/default.nix @@ -28,6 +28,7 @@ in description = "barrucadu/bookdb webapp"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" "${backend}-bookdb-db.service" ]; + wants = [ "network-online.target" ]; requires = [ "${backend}-bookdb-db.service" ]; path = [ pkgs.imagemagick ]; serviceConfig = { diff --git a/shared/bookmarks/default.nix b/shared/bookmarks/default.nix index 0c126e55..e09d8bae 100644 --- a/shared/bookmarks/default.nix +++ b/shared/bookmarks/default.nix @@ -24,6 +24,7 @@ in description = "barrucadu/bookmarks webapp"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" "${backend}-bookmarks-db.service" ]; + wants = [ "network-online.target" ]; requires = [ "${backend}-bookmarks-db.service" ]; serviceConfig = { ExecStart = "${pkgs.nixfiles.bookmarks}/bin/bookmarks ${optionalString (!cfg.readOnly) "--allow-writes"}"; diff --git a/shared/default.nix b/shared/default.nix index 09d2201a..2573a146 100644 --- a/shared/default.nix +++ b/shared/default.nix @@ -46,7 +46,7 @@ in ############################################################################# # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "23.11"; + system.stateVersion = "24.05"; # Only keep the last 500MiB of systemd journal. services.journald.extraConfig = "SystemMaxUse=500M"; @@ -56,10 +56,8 @@ in nix.gc.options = "--delete-older-than 30d"; nix.optimise.automatic = true; - # Enable flakes & pin nixpkgs to the same version that built the - # system + # Enable flakes nix.extraOptions = "experimental-features = nix-command flakes"; - nix.registry.nixpkgs.flake = flakeInputs.nixpkgs; # Clear out /tmp after a fortnight and give all normal users a ~/tmp # cleaned out weekly. @@ -99,7 +97,7 @@ in # Keyboard console.keyMap = "uk"; - services.xserver.layout = "gb"; + services.xserver.xkb.layout = "gb"; ############################################################################# ## Firewall @@ -175,6 +173,7 @@ in # Only pubkey auth settings.PasswordAuthentication = false; settings.KbdInteractiveAuthentication = false; + authorizedKeysInHomedir = true; }; # Start ssh-agent as a systemd user service diff --git a/shared/pleroma/default.nix b/shared/pleroma/default.nix index a2c07c72..7032a412 100644 --- a/shared/pleroma/default.nix +++ b/shared/pleroma/default.nix @@ -63,6 +63,7 @@ in systemd.services.pleroma = { wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" "${backend}-pleroma-db.service" ]; + wants = [ "network-online.target" ]; requires = [ "${backend}-pleroma-db.service" ]; environment = { DOMAIN = cfg.domain; diff --git a/shared/resolved/default.nix b/shared/resolved/default.nix index 149292eb..256793d8 100644 --- a/shared/resolved/default.nix +++ b/shared/resolved/default.nix @@ -19,6 +19,7 @@ in description = "barrucadu/resolved nameserver"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; serviceConfig = { AmbientCapabilities = "CAP_NET_BIND_SERVICE"; ExecStart = concatStringsSep " " [ diff --git a/shared/rtorrent/default.nix b/shared/rtorrent/default.nix index 6bc9f443..791e7cfb 100644 --- a/shared/rtorrent/default.nix +++ b/shared/rtorrent/default.nix @@ -68,6 +68,7 @@ in enable = true; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; serviceConfig = { ExecStart = "${pkgs.rtorrent}/bin/rtorrent -n -o system.daemon.set=true -o import=${rtorrentrc}"; User = cfg.user; diff --git a/tools/provision-machine.sh b/tools/provision-machine.sh index 2cf4719b..68baeee4 100644 --- a/tools/provision-machine.sh +++ b/tools/provision-machine.sh @@ -106,7 +106,7 @@ cat < /mnt/persist/etc/nixos/hosts/new/header.nix with lib; { networking.hostId = "$(head -c 4 /dev/urandom | xxd -p)"; - boot.supportedFilesystems = [ "zfs" ]; + boot.supportedFilesystems = { zfs = true; }; ############################################################################### ## GENERATED CONFIG BELOW THIS LINE