From 9b12369e43da6d581637cf4af862584fef23a7f1 Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Tue, 6 Dec 2022 17:56:29 +0000 Subject: [PATCH] fixes for oracle when updating to latest --- hosts/oracle/default.nix | 5 +++-- modules/nixos/user.nix | 1 + modules/services/nextcloud.nix | 2 +- modules/services/prometheus.nix | 4 ++++ modules/services/transmission.nix | 4 ++++ modules/services/vaultwarden.nix | 1 + patches/calibre-web-cloudflare.patch | 20 ++++++++++---------- 7 files changed, 24 insertions(+), 13 deletions(-) diff --git a/hosts/oracle/default.nix b/hosts/oracle/default.nix index c8a9163..8bdbd64 100644 --- a/hosts/oracle/default.nix +++ b/hosts/oracle/default.nix @@ -1,4 +1,4 @@ -{ inputs, globals, ... }: +{ inputs, globals, overlays, ... }: with inputs; @@ -15,7 +15,8 @@ nixpkgs.lib.nixosSystem { home-manager.nixosModules.home-manager { gui.enable = false; - colorscheme = (import ../../modules/colorscheme/gruvbox); + theme = { colors = (import ../../modules/colorscheme/gruvbox).dark; }; + nixpkgs.overlays = overlays; # FQDNs for various services networking.hostName = "oracle"; diff --git a/modules/nixos/user.nix b/modules/nixos/user.nix index 24d0ff8..54a17a8 100644 --- a/modules/nixos/user.nix +++ b/modules/nixos/user.nix @@ -5,6 +5,7 @@ passwordHash = lib.mkOption { type = lib.types.nullOr lib.types.str; description = "Password created with mkpasswd -m sha-512"; + default = null; # Test it by running: mkpasswd -m sha-512 --salt "PZYiMGmJIIHAepTM" }; diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix index 55d18eb..5feb598 100644 --- a/modules/services/nextcloud.nix +++ b/modules/services/nextcloud.nix @@ -15,7 +15,7 @@ services.nextcloud = { enable = true; - package = pkgs.nextcloud24; # Required to specify + package = pkgs.nextcloud25; # Required to specify https = true; hostName = "localhost"; maxUploadSize = "50G"; diff --git a/modules/services/prometheus.nix b/modules/services/prometheus.nix index 543540a..15e91ee 100644 --- a/modules/services/prometheus.nix +++ b/modules/services/prometheus.nix @@ -8,6 +8,10 @@ config = { services.grafana.enable = true; + + # Required to fix error in latest nixpkgs + services.grafana.settings = { }; + services.prometheus = { enable = true; exporters.node.enable = true; diff --git a/modules/services/transmission.nix b/modules/services/transmission.nix index 7fd56ad..8c7e667 100644 --- a/modules/services/transmission.nix +++ b/modules/services/transmission.nix @@ -50,6 +50,10 @@ }]; }]; + # Caddy and Transmission both try to set rmem_max for larger UDP packets. + # We will choose Transmission's recommendation (4 MB). + boot.kernel.sysctl."net.core.rmem_max" = 4194304; + # Allow inbound connections to reach namespace systemd.services.transmission-web-netns = { description = "Forward to transmission in wireguard namespace"; diff --git a/modules/services/vaultwarden.nix b/modules/services/vaultwarden.nix index c8da296..d9cf20f 100644 --- a/modules/services/vaultwarden.nix +++ b/modules/services/vaultwarden.nix @@ -52,6 +52,7 @@ in { handle = [{ handler = "reverse_proxy"; upstreams = [{ dial = "localhost:8222"; }]; + headers.request.add."X-Real-IP" = [ "{http.request.remote.host}" ]; }]; }]; diff --git a/patches/calibre-web-cloudflare.patch b/patches/calibre-web-cloudflare.patch index 1e1363d..3378dcd 100644 --- a/patches/calibre-web-cloudflare.patch +++ b/patches/calibre-web-cloudflare.patch @@ -1,20 +1,20 @@ diff --git a/cps/__init__.py b/cps/__init__.py -index 0b912d23..ad5d1fa9 100644 +index 1ba1f778..da0bc718 100644 --- a/cps/__init__.py +++ b/cps/__init__.py -@@ -83,7 +83,6 @@ app.config.update( - lm = MyLoginManager() - lm.login_view = 'web.login' - lm.anonymous_user = ub.Anonymous --lm.session_protection = 'strong' +@@ -100,7 +100,6 @@ updater_thread = Updater() + def create_app(): + lm.login_view = 'web.login' + lm.anonymous_user = ub.Anonymous +- lm.session_protection = 'strong' - if wtf_present: - csrf = CSRFProtect() + if csrf: + csrf.init_app(app) diff --git a/cps/admin.py b/cps/admin.py -index 1004ee78..e295066e 100644 +index 09a553b4..5c646e46 100644 --- a/cps/admin.py +++ b/cps/admin.py -@@ -98,8 +98,6 @@ def before_request(): +@@ -104,8 +104,6 @@ def before_request(): # make remember me function work if current_user.is_authenticated: confirm_login()