pinpox/infra
1
0
Fork 0
forked from pub-solar/infra
Code Pull requests Activity
594 commits 15 branches 0 tags 13 MiB
Commit graph

22 commits

Author SHA1 Message Date
teutat3s
f8f67b8908
security: update mastodon to 4.2.10 
https://github.com/mastodon/mastodon/releases/tag/v4.2.10
* Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7)
* Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3)
* Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx)
 2024-07-05 12:03:14 +02:00
teutat3s
bc9ac6011e
flake: update to NixOS 24.05 
Fix warnings:
trace: warning: The option `services.nextcloud.extraOptions' defined in `/nix/store/a53lc1l5wy9vbv1d3n93903dq0wjgvfj-source/flake.nix#nixosModules.nextcloud' has been renamed to `services.nextcloud.settings'.
trace: warning: The option `services.nextcloud.skeletonDirectory' defined in `/nix/store/a53lc1l5wy9vbv1d3n93903dq0wjgvfj-source/flake.nix#nixosModules.nextcloud' has been renamed to `services.nextcloud.settings.skeletondirectory'.
trace: warning: The option `services.nextcloud.config.overwriteProtocol' defined in `/nix/store/a53lc1l5wy9vbv1d3n93903dq0wjgvfj-source/flake.nix#nixosModules.nextcloud' has been renamed to `services.nextcloud.settings.overwriteprotocol'.
trace: warning: The option `services.matrix-synapse.sliding-sync' defined in `/nix/store/a53lc1l5wy9vbv1d3n93903dq0wjgvfj-source/flake.nix#nixosModules.matrix' has been renamed to `services.matrix-sliding-sync'.

Fix errors:
loki: fix config for version 3+
keycloak: declarative-user-profile feature is now enabled by default

error: A definition for option `programs.gnupg.agent.pinentryPackage' is not of type `null or package'. Definition values:
- In `/nix/store/a53lc1l5wy9vbv1d3n93903dq0wjgvfj-source/flake.nix#nixosModules.forgejo': "curses"
 2024-06-23 15:19:18 +02:00
teutat3s
aa244087d3
forgejo: use latest version from unstable for security fixes 
error: Package ‘forgejo-1.20.6-1-unstable-2024-04-18’ in /nix/store/qk1dpz44db85rhd8lr4j6i2hkn9j5hg4-source/pkgs/applications/version-management/forgejo/default.nix:147 is marked as insecure, refusing to evaluate.

Known issues:
- Forgejo v1.20.x is EOL
- OAuth2 implementation does not always require authentication for public clients
 2024-06-22 20:55:50 +02:00
teutat3s
d8866860d5
prometheus-node-exporter: use version 1.8.1 to fix 
error message spamming logs
 2024-06-08 23:52:53 +02:00
teutat3s
2ca0bd7c3e
style: run treefmt 2024-05-08 22:57:07 +02:00
teutat3s
ff9703e542
matrix: init stickerpicker 2024-05-07 17:47:55 +02:00
teutat3s
c86e22b292
ci: update forgejo-runner to version 3.4.1 
https://github.com/NixOS/nixpkgs/pull/301383
 2024-04-23 00:38:53 +02:00
teutat3s
b76b7821a7
chore: update flake inputs 
• Updated input 'deploy-rs':
    'github:serokell/deploy-rs/1776009f1f3fb2b5d236b84d9815f2edee463a9b' (2024-01-10)
  → 'github:serokell/deploy-rs/0a0187794ac7f7a1e62cda3dabf8dc041f868790' (2024-02-16)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/b253292d9c0a5ead9bc98c4e9a26c6312e27d69f' (2024-02-01)
  → 'github:hercules-ci/flake-parts/f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2' (2024-03-01)
• Updated input 'flake-parts/nixpkgs-lib':
    'github:NixOS/nixpkgs/97b17f32362e475016f942bbdfda4a4a72a8a652?dir=lib' (2024-01-29)
  → 'github:NixOS/nixpkgs/1536926ef5621b09bba54035ae2bb6d806d72ac8?dir=lib' (2024-02-29)
• Updated input 'nix-darwin':
    'github:lnl7/nix-darwin/44f50a5ecaab72a61d5fd8e5c5717bc4bf9c25dd' (2024-02-12)
  → 'github:lnl7/nix-darwin/daa03606dfb5296a22e842acb02b46c1c4e9f5e7' (2024-03-04)
• Updated input 'nixos-flake':
    'github:srid/nixos-flake/3891b2030114f8661402991eac9be0ed59f786ae' (2024-02-09)
  → 'github:srid/nixos-flake/50203d68b305abff2f29e555992eb55ddeffbcd5' (2024-02-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/c68a9fc85c2cb3a313be6ff40511635544dde8da' (2024-02-15)
  → 'github:nixos/nixpkgs/617579a787259b9a6419492eaac670a5f7663917' (2024-03-04)
• Updated input 'unstable':
    'github:nixos/nixpkgs/a4d4fe8c5002202493e87ec8dbc91335ff55552c' (2024-02-15)
  → 'github:nixos/nixpkgs/b8697e57f10292a6165a20f03d2f42920dfaf973' (2024-03-03)
• Removed input 'nixpkgs-head'
 2024-03-05 21:39:19 +01:00
Akshay Mankar
f7d7964299
security: Upgrade mastodon to 4.2.7 2024-02-16 13:22:39 +01:00
teutat3s
fcc74784ea
fix: remove mastodon version 4.2.5 overlay 
It's now included in nixos-23.11
 2024-02-06 10:57:28 +01:00
teutat3s
e007b034ed
security: update mastodon to 4.2.5 
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw

Pull in the patch early while NixOS channels are catching to build and
cache https://github.com/NixOS/nixpkgs/pull/285565

https://nixpk.gs/pr-tracker.html?pr=285565
 2024-02-01 17:59:32 +01:00
teutat3s
815033c764
treewide: apply nixpkgs-fmt 
Used command:
nixpkgs-fmt .
 2024-01-27 20:29:30 +01:00
teutat3s
7cc3a261ed
chore: update flake inputs home-manager, nixpkgs, 
remove temporary input release-2311

• Updated input 'home-manager':
    'github:nix-community/home-manager/6761b8188b860f374b457eddfdb05c82eef9752f' (2023-12-10)
  → 'github:nix-community/home-manager/1488651d02c1a7a15e284210f0d380a62d8d8cef' (2023-12-17)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7' (2023-12-12)
  → 'github:nixos/nixpkgs/1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f' (2023-12-17)
• Removed input 'release-2311'
 2023-12-18 12:41:30 +01:00
teutat3s
4de835127f
fix(keycloak): NullPointerException 
Use nightly to fix Cannot invoke "org.keycloak.models.RealmModel.getClientScopesStream()" because "realm" is null

Until 23.0.2 is out

https://github.com/keycloak/keycloak/pull/25313

https://github.com/keycloak/keycloak/issues/25176
https://github.com/keycloak/keycloak/issues/25183
 2023-12-14 01:53:29 +01:00
teutat3s
e6177069ab
fix(security): pull in forgejo 1.20.6-1 early 
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#1206-1

https://github.com/NixOS/nixpkgs/pull/274026
https://nixpk.gs/pr-tracker.html?pr=274026

• Added input 'release-2311':
    'github:nixos/nixpkgs/c15f414581b4eb4113eed52ed303a1e62771fb6f' (2023-12-13)
 2023-12-14 00:49:21 +01:00
teutat3s
2ee4bc5682
feat: NixOS 23.11 Tapir 
https://nixos.org/manual/nixos/stable/release-notes#sec-release-23.11-highlights

Track nixos-23.11 branch, remove unstable overlays

This will update our services to the following versions:
nextcloud: 27.1.3 -> 27.1.4
forgejo: 1.20.5-0 -> 1.20.6-0
keycloak: 21.1.2 -> 22.0.5
matrix-synapse: 1.95.1 -> 1.97.0

Internal:
postgresql: 14.9 -> 15.5

Flake inputs diff:
• Updated input 'home-manager':
    'github:nix-community/home-manager/28535c3a34d79071f2ccb68671971ce0c0984d7e' (2023-11-19)
  → 'github:nix-community/home-manager/aeb2232d7a32530d3448318790534d196bf9427a' (2023-11-24)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/d2332963662edffacfddfad59ff4f709dde80ffe' (2023-11-30)
  → 'github:nixos/nixpkgs/5de0b32be6e85dc1a9404c75131316e4ffbc634c' (2023-12-01)
 2023-12-02 11:13:56 +01:00
Akshay Mankar
a2e7adbc79
element: Add themes 2023-11-19 16:03:24 +01:00
teutat3s
37176a52ce
feat: mastodon module updates from nixos-unstable 
Pull in changes from https://github.com/NixOS/nixpkgs/pull/251950 early
 2023-11-18 18:46:23 +01:00
teutat3s
eeb15c93fc
feat: update forgejo to version 1.20.5-0 
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#1-20-5-0
 2023-11-18 18:45:58 +01:00
b12f
f5185e5c15
feat: add mediawiki 
Co-authored-by: @teutat3s <teutates@mailbox.org>
 2023-11-15 21:40:29 +01:00
teutat3s
7be3567e6d
flora-6: refactor to use flake.parts 2023-11-15 18:54:32 +00:00
teutat3s
e43cb021ce
feat: use mastodon version 4.2.1 from our fork 
This still needs updates in the NixOS module to account for the changes
in https://github.com/mastodon/mastodon/pull/24655 that change how
multiple streaming processes run. Hopefully this is fine for a single
streaming process though.

https://github.com/NixOS/nixpkgs/pull/251950
https://github.com/teutat3s/nixpkgs/tree/mastodon-4.2.1
 2023-10-28 16:57:24 +02:00