From 0dc3dfd82d3e475bb18f8411842ecfa1d3291812 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Wed, 29 Nov 2023 16:12:24 +0100 Subject: [PATCH] feat: Update compute01, storage01 to 23.11 --- machines/compute01/ds-fr/module.nix | 2 +- machines/compute01/hedgedoc.nix | 2 +- machines/compute01/mastodon.nix | 2 ++ machines/compute01/nextcloud.nix | 2 -- machines/compute01/vaultwarden.nix | 2 +- machines/storage01/atticd.nix | 2 +- machines/storage01/forgejo.nix | 1 + machines/storage01/garage.nix | 6 +++++- meta/nodes.nix | 3 ++- 9 files changed, 14 insertions(+), 8 deletions(-) diff --git a/machines/compute01/ds-fr/module.nix b/machines/compute01/ds-fr/module.nix index 96fe4d5..3a9756c 100644 --- a/machines/compute01/ds-fr/module.nix +++ b/machines/compute01/ds-fr/module.nix @@ -364,7 +364,7 @@ in { ensureUsers = optional (cfg.user == "ds-fr") { name = "ds-fr"; - ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; }; extraPlugins = with config.services.postgresql.package.pkgs; diff --git a/machines/compute01/hedgedoc.nix b/machines/compute01/hedgedoc.nix index d37a728..21a06d7 100644 --- a/machines/compute01/hedgedoc.nix +++ b/machines/compute01/hedgedoc.nix @@ -41,7 +41,7 @@ in { ensureUsers = [{ name = "hedgedoc"; - ensurePermissions = { "DATABASE hedgedoc" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; }]; }; }; diff --git a/machines/compute01/mastodon.nix b/machines/compute01/mastodon.nix index 4a30e80..d2b7551 100644 --- a/machines/compute01/mastodon.nix +++ b/machines/compute01/mastodon.nix @@ -12,6 +12,8 @@ in { }; + streamingProcesses = 4; + configureNginx = true; extraConfig = { diff --git a/machines/compute01/nextcloud.nix b/machines/compute01/nextcloud.nix index e88386b..4079f2f 100644 --- a/machines/compute01/nextcloud.nix +++ b/machines/compute01/nextcloud.nix @@ -68,8 +68,6 @@ in { autoUpdateApps.enable = true; - enableBrokenCiphersForSSE = false; - extraOptions = { overwritehost = host; "overwrite.cli.url" = "https://${host}"; diff --git a/machines/compute01/vaultwarden.nix b/machines/compute01/vaultwarden.nix index 58b6991..e28f689 100644 --- a/machines/compute01/vaultwarden.nix +++ b/machines/compute01/vaultwarden.nix @@ -64,7 +64,7 @@ in { ensureUsers = [{ name = "vaultwarden"; - ensurePermissions = { "DATABASE vaultwarden" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; }]; }; }; diff --git a/machines/storage01/atticd.nix b/machines/storage01/atticd.nix index 3a738ae..014a21d 100644 --- a/machines/storage01/atticd.nix +++ b/machines/storage01/atticd.nix @@ -61,7 +61,7 @@ in { ensureUsers = [{ name = "atticd"; - ensurePermissions = { "DATABASE \"atticd\"" = "ALL PRIVILEGES"; }; + ensureDBOwnership = true; }]; }; }; diff --git a/machines/storage01/forgejo.nix b/machines/storage01/forgejo.nix index 5ac1e57..2f89a25 100644 --- a/machines/storage01/forgejo.nix +++ b/machines/storage01/forgejo.nix @@ -16,6 +16,7 @@ in { user = "git"; name = "gitea"; passwordFile = config.age.secrets."forgejo-database_password_file".path; + createDatabase = false; }; settings = { diff --git a/machines/storage01/garage.nix b/machines/storage01/garage.nix index 9d2e53b..05cbef6 100644 --- a/machines/storage01/garage.nix +++ b/machines/storage01/garage.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: let host = "s3.dgnum.eu"; @@ -13,9 +13,13 @@ in { services.garage = { enable = true; + package = pkgs.garage_0_8; + settings = { inherit data_dir metadata_dir; + db_engine = "sled"; + replication_mode = "none"; compression_level = 7; diff --git a/meta/nodes.nix b/meta/nodes.nix index 401da3c..c07cb3b 100644 --- a/meta/nodes.nix +++ b/meta/nodes.nix @@ -17,7 +17,7 @@ let deployment = { }; - nixpkgs = "23.05"; + nixpkgs = "23.11"; } // attrs; in @@ -27,6 +27,7 @@ builtins.mapAttrs mkNode { tags = [ "web" ]; }; + nixpkgs = "23.05"; stateVersion = "23.05"; };