ma treewide: make 21.05 compatible (is*User, other fixes)

2021-06-05 15:52:06 +02:00 · 2021-06-05 15:52:06 +02:00 · e7bf265a85
parent 771ea66091
commit e7bf265a85
13 changed files with 33 additions and 16 deletions
--- a/1systems/omo/config.nix
+++ b/1systems/omo/config.nix
@ -43,7 +43,6 @@ in {
      <stockholm/makefu/2configs/tools/dev.nix>
      <stockholm/makefu/2configs/tools/desktop.nix>
      <stockholm/makefu/2configs/tools/mobility.nix>
-      { environment.systemPackages = [ pkgs.esniper ]; }
      #<stockholm/makefu/2configs/graphite-standalone.nix>
      #<stockholm/makefu/2configs/share-user-sftp.nix>

@ -141,6 +140,7 @@ in {
    ];
  makefu.full-populate =  true;
  nixpkgs.config.allowUnfree = true;
+  users.users.share.isNormalUser = true;
  users.groups.share = {
    gid = (import <stockholm/lib>).genid "share";
    members = [ "makefu" "misa" ];
@ -152,6 +152,7 @@ in {
  users.users.misa = {
    uid = 9002;
    name = "misa";
+    isNormalUser = true;
  };

  zramSwap.enable = true;
--- a/2configs/bgt/hidden_service.nix
+++ b/2configs/bgt/hidden_service.nix
@ -41,8 +41,8 @@ in
  services.tor = {
    enable = true;
    hiddenServices."${name}".map = [
-     { port = "80"; }
-     # { port = "443"; toHost = "blog.binaergewitter.de"; }
+     { port = 80; }
+     # { port = 443; toHost = "blog.binaergewitter.de"; }
    ];
  };
 }
--- a/2configs/deployment/owncloud.nix
+++ b/2configs/deployment/owncloud.nix
@ -75,7 +75,7 @@ in {
    };
  };
  services.redis.enable = true;
-  systemd.services.redis.serviceConfig.LimitNOFILE=65536;
+  systemd.services.redis.serviceConfig.LimitNOFILE=mkForce "65536";
  services.postgresql = {
    enable = true;
    # Ensure the database, user, and permissions always exist
--- a/2configs/deployment/rss.euer.krebsco.de.nix
+++ b/2configs/deployment/rss.euer.krebsco.de.nix
@ -7,6 +7,11 @@ in {
    virtualHost = fqdn;
    selfUrlPath = "https://${fqdn}";
  };
+
+  nixpkgs.config.permittedInsecurePackages = [
+    "python2.7-Pillow-6.2.2"
+  ];
+
  systemd.services.tt-rss.serviceConfig.ExecStart = lib.mkForce "${pkgs.php}/bin/php /var/lib/tt-rss/update_daemon2.php";
  services.postgresql.package = pkgs.postgresql_9_6;
  state = [ config.services.postgresqlBackup.location ];
--- a/2configs/home/metube.nix
+++ b/2configs/home/metube.nix
@ -26,7 +26,10 @@ in
    ];
    user = "metube";
  };
-  users.users.metube.uid = uid;
+  users.users.metube = {
+    uid = uid;
+    isSystemUser = true;
+  };

  systemd.services.docker-metube.serviceConfig = {
    StandardOutput = lib.mkForce "journal";
--- a/2configs/home/zigbee2mqtt/default.nix
+++ b/2configs/home/zigbee2mqtt/default.nix
@ -20,7 +20,7 @@ in
  services.zigbee2mqtt = {
    enable = true;
    inherit dataDir;
-    config = {
+    settings = {
      permit_join = true;
      serial.port = "/dev/cc2531";
      homeassistant = true;
--- a/2configs/lanparty/samba.nix
+++ b/2configs/lanparty/samba.nix
@ -7,6 +7,7 @@
    description = "smb guest user";
    home = "/data/lanparty";
    createHome = true;
+    isNormalUser = true;
  };
  services.samba = {
    enable = true;
--- a/2configs/remote-build/slave.nix
+++ b/2configs/remote-build/slave.nix
@ -1,11 +1,12 @@
 {config,...}:{
  nix.trustedUsers = [ "nixBuild" ];
  users.users.nixBuild = {
-      name = "nixBuild";
-      useDefaultShell = true;
-      openssh.authorizedKeys.keys = [
-        config.krebs.users.buildbotSlave.pubkey
-        config.krebs.users.makefu-remote-builder.pubkey
-      ];
-    };
+    name = "nixBuild";
+    isNormalUser = true;
+    useDefaultShell = true;
+    openssh.authorizedKeys.keys = [
+      config.krebs.users.buildbotSlave.pubkey
+      config.krebs.users.makefu-remote-builder.pubkey
+    ];
+  };
 }
--- a/2configs/share-user-sftp.nix
+++ b/2configs/share-user-sftp.nix
@ -5,6 +5,7 @@
    share = {
      uid = 9002;
      home = "/var/empty";
+      isNormalUser = true;
      openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
    };
  };
--- a/2configs/share/gum.nix
+++ b/2configs/share/gum.nix
@ -11,7 +11,10 @@ in {
  #   home = "/var/empty";
  # };
  environment.systemPackages = [ pkgs.samba ];
-  users.users.download.uid = genid "download";
+  users.users.download = {
+    uid = genid "download";
+    isNormalUser = true;
+  };
  services.samba = {
    enable = true;
    shares = {
--- a/2configs/temp/share-samba.nix
+++ b/2configs/temp/share-samba.nix
@ -4,6 +4,7 @@
    uid = config.ids.uids.smbguest;
    group = "share";
    description = "smb guest user";
+    isNormalUser = true;
    home = "/var/empty";
  };
  users.groups.share.members = [ "makefu" ];
--- a/3modules/ps3netsrv.nix
+++ b/3modules/ps3netsrv.nix
@ -50,6 +50,7 @@ let
    # TODO only create if user is ps3netsrv
    users.users.ps3netsrv = {
      uid = genid "ps3netsrv";
+      isSystemUser = true;
    };
    users.groups.ps3netsrv.gid = genid "ps3netsrv";
  };
--- a/5pkgs/shiori/default.nix
+++ b/5pkgs/shiori/default.nix
@ -1,6 +1,6 @@
-{ go_1_14, buildGoPackage, fetchFromGitHub }:
+{ buildGoPackage, fetchFromGitHub }:
 let
-  builder = buildGoPackage.override { go = go_1_14; };
+  builder = buildGoPackage;
 in
 builder rec {
  name = "shiori-${version}";