fixes for oracle when updating to latest

2024-09-19 20:34:46 +00:00 · 2022-12-06 17:56:29 +00:00 · 2022-12-06 17:56:29 +00:00 · 9b12369e43
commit 9b12369e43
parent 427bd1a421
7 changed files with 24 additions and 13 deletions
--- a/hosts/oracle/default.nix
+++ b/hosts/oracle/default.nix
@ -1,4 +1,4 @@
-{ inputs, globals, ... }:
+{ inputs, globals, overlays, ... }:

 with inputs;

@ -15,7 +15,8 @@ nixpkgs.lib.nixosSystem {
    home-manager.nixosModules.home-manager
    {
      gui.enable = false;
-      colorscheme = (import ../../modules/colorscheme/gruvbox);
+      theme = { colors = (import ../../modules/colorscheme/gruvbox).dark; };
+      nixpkgs.overlays = overlays;

      # FQDNs for various services
      networking.hostName = "oracle";
--- a/modules/nixos/user.nix
+++ b/modules/nixos/user.nix
@ -5,6 +5,7 @@
    passwordHash = lib.mkOption {
      type = lib.types.nullOr lib.types.str;
      description = "Password created with mkpasswd -m sha-512";
+      default = null;
      # Test it by running: mkpasswd -m sha-512 --salt "PZYiMGmJIIHAepTM"
    };

--- a/modules/services/nextcloud.nix
+++ b/modules/services/nextcloud.nix
@ -15,7 +15,7 @@

    services.nextcloud = {
      enable = true;
-      package = pkgs.nextcloud24; # Required to specify
+      package = pkgs.nextcloud25; # Required to specify
      https = true;
      hostName = "localhost";
      maxUploadSize = "50G";
--- a/modules/services/prometheus.nix
+++ b/modules/services/prometheus.nix
@ -8,6 +8,10 @@
  config = {

    services.grafana.enable = true;
+
+    # Required to fix error in latest nixpkgs
+    services.grafana.settings = { };
+
    services.prometheus = {
      enable = true;
      exporters.node.enable = true;
--- a/modules/services/transmission.nix
+++ b/modules/services/transmission.nix
@ -50,6 +50,10 @@
      }];
    }];

+    # Caddy and Transmission both try to set rmem_max for larger UDP packets.
+    # We will choose Transmission's recommendation (4 MB).
+    boot.kernel.sysctl."net.core.rmem_max" = 4194304;
+
    # Allow inbound connections to reach namespace
    systemd.services.transmission-web-netns = {
      description = "Forward to transmission in wireguard namespace";
--- a/modules/services/vaultwarden.nix
+++ b/modules/services/vaultwarden.nix
@ -52,6 +52,7 @@ in {
      handle = [{
        handler = "reverse_proxy";
        upstreams = [{ dial = "localhost:8222"; }];
+        headers.request.add."X-Real-IP" = [ "{http.request.remote.host}" ];
      }];
    }];

--- a/patches/calibre-web-cloudflare.patch
+++ b/patches/calibre-web-cloudflare.patch
@ -1,20 +1,20 @@
 diff --git a/cps/__init__.py b/cps/__init__.py
-index 0b912d23..ad5d1fa9 100644
+index 1ba1f778..da0bc718 100644
 --- a/cps/__init__.py
 +++ b/cps/__init__.py
-@@ -83,7 +83,6 @@ app.config.update(
- lm = MyLoginManager()
- lm.login_view = 'web.login'
- lm.anonymous_user = ub.Anonymous
-lm.session_protection = 'strong'
+@@ -100,7 +100,6 @@ updater_thread = Updater()
+ def create_app():
+     lm.login_view = 'web.login'
+     lm.anonymous_user = ub.Anonymous
+-    lm.session_protection = 'strong'
 
- if wtf_present:
-     csrf = CSRFProtect()
+     if csrf:
+         csrf.init_app(app)
 diff --git a/cps/admin.py b/cps/admin.py
-index 1004ee78..e295066e 100644
+index 09a553b4..5c646e46 100644
 --- a/cps/admin.py
 +++ b/cps/admin.py
-@@ -98,8 +98,6 @@ def before_request():
+@@ -104,8 +104,6 @@ def before_request():
     # make remember me function work
     if current_user.is_authenticated:
         confirm_login()