From becf1495e5b06360424477d8c659a4d13466f1db Mon Sep 17 00:00:00 2001 From: Charlotte Van Petegem Date: Sat, 21 Jan 2023 09:55:59 +0100 Subject: [PATCH] Update dependencies --- flake.lock | 42 ++++++++++++------------- modules/base/sshd/default.nix | 6 ++-- modules/services/data-access/config.nix | 6 ++-- patches/211092.patch | 35 --------------------- 4 files changed, 29 insertions(+), 60 deletions(-) delete mode 100644 patches/211092.patch diff --git a/flake.lock b/flake.lock index 7ceacd71..417eb078 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ ] }, "locked": { - "lastModified": 1673945857, - "narHash": "sha256-stqsr3EjirlrLUYJaUCCovBIhHBi6eD+WcEBFV7wqe8=", + "lastModified": 1674237041, + "narHash": "sha256-yh+mrkkSCJpjPnLQfZ06OKoRlAQQlnyQuWtfl3a44BA=", "owner": "accentor", "repo": "flake", - "rev": "b8fc2a3a5ff7159b94a98193ab76ced982f1f924", + "rev": "6b6f16cf05dae032f5e178fbba6603682dc0a0bf", "type": "github" }, "original": { @@ -71,11 +71,11 @@ ] }, "locked": { - "lastModified": 1673966378, - "narHash": "sha256-FdpQdHNkq1Gxz1OFVQplXfdKadrvvc9V5/KMHRcT96o=", + "lastModified": 1674266385, + "narHash": "sha256-J/uRYXR4P3o7MaApy8qAv+Sfo+MbkdHKYsL/GkEHAlg=", "owner": "accentor", "repo": "web", - "rev": "c9c463b53f6cf2753bb075bcb870d747b494f88f", + "rev": "841c5b58f1d0ff5fda457e62adf455703f8983e2", "type": "github" }, "original": { @@ -153,11 +153,11 @@ ] }, "locked": { - "lastModified": 1674209471, - "narHash": "sha256-s32NbzdN9Y1vtf50ouRc8usBFl7ihQo1ABBOZoyBGes=", + "lastModified": 1674270221, + "narHash": "sha256-hKPiLGZswRWwBLjY269NFdILWFLl1bhCfPl9l/t+L0w=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "11f1b755fb5b78d7af074fcffe7dfcced082305d", + "rev": "5bd6b435915e95101a2400fa552e4f6f282e74b6", "type": "github" }, "original": { @@ -207,11 +207,11 @@ ] }, "locked": { - "lastModified": 1674082145, - "narHash": "sha256-4IpEt5Jc6VrNcpIcrKMCZAyeJMLXaaHk+yOV9HusO/A=", + "lastModified": 1674250603, + "narHash": "sha256-SBolFspxBHpW3hCCDNAFXUiO2mucmkVmf17UmSIK3Cs=", "owner": "nix-community", "repo": "home-manager", - "rev": "7026e1a934abfa02623c9870378dbcdac3cd7f80", + "rev": "275ab728912006eecb549338a50f24f294a7cfb7", "type": "github" }, "original": { @@ -250,11 +250,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1673796341, - "narHash": "sha256-1kZi9OkukpNmOaPY7S5/+SlCDOuYnP3HkXHvNDyLQcc=", + "lastModified": 1674120619, + "narHash": "sha256-xLT1FQl7/jNPOEq5q/vmc3AExt1V9LtcjM+QY2+MUpA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6dccdc458512abce8d19f74195bb20fdb067df50", + "rev": "d7705c01ef0a39c8ef532d1033bace8845a07d35", "type": "github" }, "original": { @@ -282,11 +282,11 @@ }, "nur": { "locked": { - "lastModified": 1674210405, - "narHash": "sha256-edYWlWOR3IVoSzF4/Bb1UGbK6thpIsHWwiukFrAtSnE=", + "lastModified": 1674290152, + "narHash": "sha256-2FPfuRPknBrg2ZBBa3latWxbbComAXLizS1ShsJHuLc=", "owner": "nix-community", "repo": "NUR", - "rev": "04eaf102cbcb942fde8eff4505101d84b1964e17", + "rev": "0eb18ae5ae3a5ff8cdef5a0c956d11cc414d757f", "type": "github" }, "original": { @@ -327,11 +327,11 @@ ] }, "locked": { - "lastModified": 1674213221, - "narHash": "sha256-4ekzzguZH45ZtL7VoEtUYN2s6epM6f+qId9EcfrWJb8=", + "lastModified": 1674236172, + "narHash": "sha256-UJM4B+quKj2iMtr1jOu8bhALrEOQkHyh4JVWuD86WBw=", "owner": "chvp", "repo": "tetris", - "rev": "5b27fe45af5f8e63896d4c1942dd58b284d79551", + "rev": "174b348c56890682924045b83dfe4b0292e30ae7", "type": "github" }, "original": { diff --git a/modules/base/sshd/default.nix b/modules/base/sshd/default.nix index a0a24452..8e2d7297 100644 --- a/modules/base/sshd/default.nix +++ b/modules/base/sshd/default.nix @@ -7,12 +7,14 @@ }; services.openssh = { enable = true; - passwordAuthentication = false; - permitRootLogin = "prohibit-password"; hostKeys = [ { bits = 4096; path = "${config.chvp.dataPrefix}/etc/ssh/ssh_host_rsa_key"; type = "rsa"; } { path = "${config.chvp.dataPrefix}/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; } ]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "prohibit-password"; + }; }; age.secrets."authorized_keys/root" = { diff --git a/modules/services/data-access/config.nix b/modules/services/data-access/config.nix index e9e0e653..2a047b58 100644 --- a/modules/services/data-access/config.nix +++ b/modules/services/data-access/config.nix @@ -22,13 +22,15 @@ security.sudo.enable = false; services.openssh = { enable = true; - permitRootLogin = "no"; hostKeys = [ { bits = 4096; path = "/run/secrets/ssh_host_rsa_key"; type = "rsa"; } { path = "/run/secrets/ssh_host_ed25519_key"; type = "ed25519"; } ]; + settings = { + HostKeyAlgorithms = "+ssh-rsa"; + PermitRootLogin = "no"; + }; extraConfig = '' - HostKeyAlgorithms +ssh-rsa Match group sftponly X11Forwarding no AllowTcpForwarding no diff --git a/patches/211092.patch b/patches/211092.patch deleted file mode 100644 index 37057ea8..00000000 --- a/patches/211092.patch +++ /dev/null @@ -1,35 +0,0 @@ -From ff10c88195c495c9d56bdfaf51d487ff6c28ae6c Mon Sep 17 00:00:00 2001 -From: Luflosi -Date: Mon, 16 Jan 2023 14:31:59 +0100 -Subject: [PATCH] mautrix-whatsapp: 0.8.0 -> 0.8.1 - ---- - pkgs/servers/mautrix-whatsapp/default.nix | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/pkgs/servers/mautrix-whatsapp/default.nix b/pkgs/servers/mautrix-whatsapp/default.nix -index 847aaeffdcadb..385fd1a78484c 100644 ---- a/pkgs/servers/mautrix-whatsapp/default.nix -+++ b/pkgs/servers/mautrix-whatsapp/default.nix -@@ -2,18 +2,18 @@ - - buildGoModule rec { - pname = "mautrix-whatsapp"; -- version = "0.8.0"; -+ version = "0.8.1"; - - src = fetchFromGitHub { - owner = "mautrix"; - repo = "whatsapp"; - rev = "v${version}"; -- hash = "sha256-shCFKTS6ArvjecokNSrgOBr5jO+64+d6OdubTHOWiws="; -+ hash = "sha256-fLYc0Z9lgNYjv4D+TpKP1+sBuILV1lf1IEDRYc8fUY4="; - }; - - buildInputs = [ olm ]; - -- vendorSha256 = "sha256-BD1DBzr8iwVq2Qe7Zz1i871ysAYJ7iUlcBftjDYreeM="; -+ vendorSha256 = "sha256-RUTImaiiCsNHZHGTAXPXySP3tlEUJr6DLhmNA3ubgFs="; - - doCheck = false; -