diff options
| author | Valentin <valentin@fricklerhandwerk.de> | 2026-06-07 01:04:16 +0200 |
|---|---|---|
| committer | Valentin <valentin@fricklerhandwerk.de> | 2026-06-07 01:04:16 +0200 |
| commit | b62e7be5219d53359f4c7b5ca4dd651ebd8fdc1f (patch) | |
| tree | 356f1819808b637b0cea6bc0da223c70ee6781f9 /tharos | |
| parent | 2a6e007837e19185ff3359f39d0244109edb48b5 (diff) | |
Nixpkgs update
Diffstat (limited to 'tharos')
| -rw-r--r-- | tharos/cgit.nix | 1 | ||||
| -rw-r--r-- | tharos/grafana.nix | 5 | ||||
| -rw-r--r-- | tharos/nextcloud.nix | 8 |
3 files changed, 13 insertions, 1 deletions
diff --git a/tharos/cgit.nix b/tharos/cgit.nix index e23c10c..241bb63 100644 --- a/tharos/cgit.nix +++ b/tharos/cgit.nix @@ -45,6 +45,7 @@ services.cgit.infra = rec { enable = true; nginx.virtualHost = "git.${self.domain}"; + gitHttpBackend.checkExportOkFiles = false; repos.infra = { desc = "Quellcode für die technische Infrastruktur des Stadtteilbeirats Heimfeld"; inherit path; diff --git a/tharos/grafana.nix b/tharos/grafana.nix index be723c6..0c6fd4f 100644 --- a/tharos/grafana.nix +++ b/tharos/grafana.nix @@ -30,6 +30,11 @@ }; security = { disable_initial_admin_creation = true; + # Bisheriger Upstream-Default aus Nixpkgs < 26.05. + # Wird von Grafana zur Verschlüsselung sensibler DB-Spalten (Datenquellen-Credentials, Alert-Channel-Secrets, OAuth-Tokens) genutzt. + # Aktuell enthält unsere Grafana-DB nichts dergleichen: einzige Datenquelle ist Prometheus auf localhost ohne Auth, kein Admin-Login, keine Notification-Channels. + # Sobald sich das ändert, durch einen eigenen Schlüssel via `secret_key_file` ersetzen. + secret_key = "SW2YcwTIb9zpOOhoPsMm"; }; "auth.anonymous" = { enabled = true; diff --git a/tharos/nextcloud.nix b/tharos/nextcloud.nix index eedb507..303688d 100644 --- a/tharos/nextcloud.nix +++ b/tharos/nextcloud.nix @@ -2,7 +2,12 @@ { flake.machines.tharos = { nixos = - { config, lib, ... }: + { + config, + pkgs, + lib, + ... + }: let apps = config.services.nextcloud.package.packages.apps; nextcloud = config.services.nextcloud.hostName; @@ -11,6 +16,7 @@ { services.nextcloud = { enable = true; + package = pkgs.nextcloud32; hostName = "nextcloud.${self.domain}"; database.createLocally = true; config.dbtype = "pgsql"; |
