From 2c160661ec1f59f1c5cf1d6a7184944172df77d3 Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Wed, 1 Dec 2021 17:56:53 +0100 Subject: [PATCH] Apply fixes for breaking module changes in 21.11 --- machines/fuuko/services/scan.nix | 2 ++ machines/fuuko/services/wordclock-dimmer.nix | 31 ++++++++++++-------- machines/mayushii/configuration.nix | 2 +- machines/sayuri/configuration.nix | 2 +- modules/restic/system.nix | 4 +-- 5 files changed, 25 insertions(+), 16 deletions(-) diff --git a/machines/fuuko/services/scan.nix b/machines/fuuko/services/scan.nix index a9128bc..6380b97 100644 --- a/machines/fuuko/services/scan.nix +++ b/machines/fuuko/services/scan.nix @@ -3,11 +3,13 @@ users.users.scan = { home = "/var/lib/scans"; isSystemUser = true; + group = "scan"; # this is a low-risk account and since the only thing the account can do is # login to the ftp server from my home network, you can also sniff the # password since the connection is unencrypted password = "meeB3laodoo8na3z"; }; + users.groups.scan = { }; systemd.tmpfiles.rules = [ "d /var/lib/scans 0755 scan root 7d" diff --git a/machines/fuuko/services/wordclock-dimmer.nix b/machines/fuuko/services/wordclock-dimmer.nix index 8f2ec12..371f114 100644 --- a/machines/fuuko/services/wordclock-dimmer.nix +++ b/machines/fuuko/services/wordclock-dimmer.nix @@ -1,18 +1,25 @@ { config, ... }: - +let + password = "ymfQkXcEqGuk62S"; +in { services.mosquitto = { enable = true; - host = "0.0.0.0"; - users = { - wordclock = { - acl = [ - "topic readwrite wordclock/color/+" - ]; - password = "ymfQkXcEqGuk62S"; - }; - }; - checkPasswords = true; + listeners = [ + { + users = { + wordclock = { + acl = [ + "readwrite wordclock/color/+" + ]; + inherit password; + }; + }; + settings = { + allow_anonymous = false; + }; + } + ]; }; networking.firewall.allowedTCPPorts = [ 1883 ]; @@ -21,7 +28,7 @@ enable = true; mqtt = { user = "wordclock"; - password = config.services.mosquitto.users.wordclock.password; + inherit password; host = "localhost"; }; }; diff --git a/machines/mayushii/configuration.nix b/machines/mayushii/configuration.nix index 0bd0ce8..2db66fc 100644 --- a/machines/mayushii/configuration.nix +++ b/machines/mayushii/configuration.nix @@ -22,7 +22,7 @@ virtualisation.libvirtd = { enable = true; - qemuPackage = pkgs.qemu_kvm; + qemu.package = pkgs.qemu_kvm; }; services.samba = { diff --git a/machines/sayuri/configuration.nix b/machines/sayuri/configuration.nix index 4e2d48c..664b765 100644 --- a/machines/sayuri/configuration.nix +++ b/machines/sayuri/configuration.nix @@ -27,7 +27,7 @@ virtualisation.libvirtd = { enable = true; - qemuPackage = pkgs.qemu_kvm; + qemu.package = pkgs.qemu_kvm; }; services.tor = { diff --git a/modules/restic/system.nix b/modules/restic/system.nix index 02c556b..99088f8 100644 --- a/modules/restic/system.nix +++ b/modules/restic/system.nix @@ -77,7 +77,7 @@ in inherit repository; inherit (cfg) timerConfig; passwordFile = config.sops.secrets.restic-password.path; - s3CredentialsFile = config.sops.secrets.restic-s3.path; + environmentFile = config.sops.secrets.restic-s3.path; paths = [ "/etc" "/home" @@ -102,7 +102,7 @@ in services.restic.backups.system-prune = lib.mkIf cfg.prune { inherit repository; passwordFile = config.sops.secrets.restic-password.path; - s3CredentialsFile = config.sops.secrets.restic-s3.path; + environmentFile = config.sops.secrets.restic-s3.path; timerConfig = { OnCalendar = "*-1/2-07 03:00:00"; RandomizedDelaySec = "4h";