aboutsummaryrefslogtreecommitdiff
path: root/tharos
diff options
context:
space:
mode:
authorValentin <valentin@fricklerhandwerk.de>2026-06-07 01:04:16 +0200
committerValentin <valentin@fricklerhandwerk.de>2026-06-07 01:04:16 +0200
commitb62e7be5219d53359f4c7b5ca4dd651ebd8fdc1f (patch)
tree356f1819808b637b0cea6bc0da223c70ee6781f9 /tharos
parent2a6e007837e19185ff3359f39d0244109edb48b5 (diff)
Nixpkgs update
Diffstat (limited to 'tharos')
-rw-r--r--tharos/cgit.nix1
-rw-r--r--tharos/grafana.nix5
-rw-r--r--tharos/nextcloud.nix8
3 files changed, 13 insertions, 1 deletions
diff --git a/tharos/cgit.nix b/tharos/cgit.nix
index e23c10c..241bb63 100644
--- a/tharos/cgit.nix
+++ b/tharos/cgit.nix
@@ -45,6 +45,7 @@
services.cgit.infra = rec {
enable = true;
nginx.virtualHost = "git.${self.domain}";
+ gitHttpBackend.checkExportOkFiles = false;
repos.infra = {
desc = "Quellcode für die technische Infrastruktur des Stadtteilbeirats Heimfeld";
inherit path;
diff --git a/tharos/grafana.nix b/tharos/grafana.nix
index be723c6..0c6fd4f 100644
--- a/tharos/grafana.nix
+++ b/tharos/grafana.nix
@@ -30,6 +30,11 @@
};
security = {
disable_initial_admin_creation = true;
+ # Bisheriger Upstream-Default aus Nixpkgs < 26.05.
+ # Wird von Grafana zur Verschlüsselung sensibler DB-Spalten (Datenquellen-Credentials, Alert-Channel-Secrets, OAuth-Tokens) genutzt.
+ # Aktuell enthält unsere Grafana-DB nichts dergleichen: einzige Datenquelle ist Prometheus auf localhost ohne Auth, kein Admin-Login, keine Notification-Channels.
+ # Sobald sich das ändert, durch einen eigenen Schlüssel via `secret_key_file` ersetzen.
+ secret_key = "SW2YcwTIb9zpOOhoPsMm";
};
"auth.anonymous" = {
enabled = true;
diff --git a/tharos/nextcloud.nix b/tharos/nextcloud.nix
index eedb507..303688d 100644
--- a/tharos/nextcloud.nix
+++ b/tharos/nextcloud.nix
@@ -2,7 +2,12 @@
{
flake.machines.tharos = {
nixos =
- { config, lib, ... }:
+ {
+ config,
+ pkgs,
+ lib,
+ ...
+ }:
let
apps = config.services.nextcloud.package.packages.apps;
nextcloud = config.services.nextcloud.hostName;
@@ -11,6 +16,7 @@
{
services.nextcloud = {
enable = true;
+ package = pkgs.nextcloud32;
hostName = "nextcloud.${self.domain}";
database.createLocally = true;
config.dbtype = "pgsql";