diff options
author | V <v@unfathomable.blue> | 2022-06-02 18:44:20 +0200 |
---|---|---|
committer | V <v@unfathomable.blue> | 2022-06-04 00:19:22 +0200 |
commit | 69d03945f1027df7fc8d9d27a8be9d71712584f0 (patch) | |
tree | 7b45b3acc8b529b6d9b0c0623b16cd863664177c /fleet/modules | |
parent | ae60d61097496b57ccb051db67d76e0f7a238741 (diff) | |
download | unf-legacy-69d03945f1027df7fc8d9d27a8be9d71712584f0.tar.zst |
fleet: upgrade to NixOS 22.05
Change-Id: Ie5542d079ee7b2de06e0faed52343905b3287b39
Diffstat (limited to 'fleet/modules')
-rw-r--r-- | fleet/modules/acme.nix | 4 | ||||
-rw-r--r-- | fleet/modules/cgiserver.nix | 11 | ||||
-rw-r--r-- | fleet/modules/public-inbox.nix | 4 | ||||
-rw-r--r-- | fleet/modules/web.nix | 4 |
4 files changed, 13 insertions, 10 deletions
diff --git a/fleet/modules/acme.nix b/fleet/modules/acme.nix index f06ac4e..0c04228 100644 --- a/fleet/modules/acme.nix +++ b/fleet/modules/acme.nix @@ -32,10 +32,10 @@ in { config = { security.acme = { acceptTerms = true; - email = "acme@unfathomable.blue"; + defaults.email = "acme@unfathomable.blue"; }; - services.caddy.config = '' + services.caddy.extraConfig = '' ${concatStringsSep ", " (unique (mapAttrsToList (_: cert: "http://${cert.domain}") config.security.acme.certs))} { import all diff --git a/fleet/modules/cgiserver.nix b/fleet/modules/cgiserver.nix index 6cafbe0..a3e94c2 100644 --- a/fleet/modules/cgiserver.nix +++ b/fleet/modules/cgiserver.nix @@ -1,15 +1,16 @@ # SPDX-FileCopyrightText: V <v@unfathomable.blue> # SPDX-License-Identifier: OSL-3.0 -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, utils, pkgs, ... }: with lib; let cfg = config.services.cgiserver; - inherit (import "${modulesPath}/system/boot/systemd-unit-options.nix" { inherit config lib; }) - serviceOptions socketOptions; + inherit (utils.systemdUtils.unitOptions) + serviceOptions + socketOptions; # TODO(V): These descriptions could use a bit of work. instanceOpts = { name, ... }: { @@ -33,13 +34,13 @@ let serviceConfig = mkOption { description = "Extra options to put in the [Service] section of the application's service unit."; - inherit (serviceOptions.serviceConfig) type; + inherit ((serviceOptions { name = null; config = null; }).options.serviceConfig) type; default = {}; }; listenStreams = mkOption { description = "Addresses to listen on, in the format used by the ListenStream option of systemd.socket(5)."; - inherit (socketOptions.listenStreams) type; + inherit (socketOptions.options.listenStreams) type; default = [ "/run/${name}/${name}.sock" ]; }; }; diff --git a/fleet/modules/public-inbox.nix b/fleet/modules/public-inbox.nix index c263fad..d5e041c 100644 --- a/fleet/modules/public-inbox.nix +++ b/fleet/modules/public-inbox.nix @@ -50,6 +50,10 @@ let }; }; in { + # XXX(V): this is here to fix the build until we migrate to the + # upstream module that was added recently. + disabledModules = [ "services/mail/public-inbox.nix" ]; + options.services.public-inbox = { enable = mkOption { type = types.bool; diff --git a/fleet/modules/web.nix b/fleet/modules/web.nix index 248f78b..b4328b7 100644 --- a/fleet/modules/web.nix +++ b/fleet/modules/web.nix @@ -8,7 +8,7 @@ enable = true; # Snippets must be defined before they are used, so the mkBefore ensures they come first. - config = lib.mkBefore '' + extraConfig = lib.mkBefore '' (all) { log { output file /var/log/caddy/access.log @@ -40,7 +40,5 @@ ''; }; - systemd.services.caddy.serviceConfig.LogsDirectory = "caddy"; - networking.firewall.interfaces.ens3.allowedTCPPorts = [ 80 443 ]; } |