fix: fix kanidm fr

feat: upgrade garage
feat: upgrade kanidm
2025-06-07 18:09:04 +02:00 · 2025-04-15 13:31:17 +02:00 · 2025-04-15 13:27:03 +02:00 · 2025-04-15 13:26:14 +02:00 · 2025-04-15 13:24:33 +02:00 · 2025-04-15 12:42:56 +02:00
7 changed files with 28 additions and 10 deletions
--- a/home-manager-modules/git/default.nix
+++ b/home-manager-modules/git/default.nix
@ -22,6 +22,12 @@ with lib;
        signByDefault = true;
        key = "6FC74C847011FD83";
      };
+      maintenance = {
+        enable = true;
+        repositories = [
+          "/home/julien/dev/nixpkgs"
+        ];
+      };
      delta.enable = true;
      ignores = [ ".direnv" ];
      extraConfig = {
--- a/lon.lock
+++ b/lon.lock
@ -157,9 +157,9 @@
      "owner": "nixos",
      "repo": "nixpkgs",
      "branch": "nixos-24.11",
-      "revision": "ebe2788eafd539477f83775ef93c3c7e244421d3",
-      "url": "https://github.com/nixos/nixpkgs/archive/ebe2788eafd539477f83775ef93c3c7e244421d3.tar.gz",
-      "hash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y="
+      "revision": "a880f49904d68b5e53338d1e8c7bf80f59903928",
+      "url": "https://github.com/nixos/nixpkgs/archive/a880f49904d68b5e53338d1e8c7bf80f59903928.tar.gz",
+      "hash": "sha256-o4FjFOUmjSRMK7dn0TFdAT0RRWUWD+WsspPHa+qEQT8="
    },
    "proxmox": {
      "type": "GitHub",
@ -186,9 +186,9 @@
      "owner": "nixos",
      "repo": "nixpkgs",
      "branch": "nixos-unstable",
-      "revision": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1",
-      "url": "https://github.com/nixos/nixpkgs/archive/e3e32b642a31e6714ec1b712de8c91a3352ce7e1.tar.gz",
-      "hash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk="
+      "revision": "063dece00c5a77e4a0ea24e5e5a5bd75232806f8",
+      "url": "https://github.com/nixos/nixpkgs/archive/063dece00c5a77e4a0ea24e5e5a5bd75232806f8.tar.gz",
+      "hash": "sha256-nEo1t3Q0F+0jQ36HJfbJtiRU4OI+/0jX/iITURKe3EE="
    }
  }
 }
--- a/machines/biblios/garage.nix
+++ b/machines/biblios/garage.nix
@ -10,7 +10,7 @@ in
 {
  services.garage = {
    enable = true;
-    package = pkgs.garage_1_0_1;
+    package = pkgs.garage_1_1_0;

    settings = {
      replication_factor = 1;
--- a/machines/core-security/kanidm.nix
+++ b/machines/core-security/kanidm.nix
@ -1,11 +1,12 @@
 { pkgs, config, ... }:
 let
  certificate = config.security.acme.certs."auth.luj.fr";
+  kanidm = pkgs.kanidm_1_5;
 in
 {
  services.kanidm = {
    enableServer = true;
-    package = pkgs.kanidm_1_4;
+    package = kanidm;
    serverSettings = rec {
      domain = "auth.luj.fr";
      origin = "https://${domain}";
@ -16,7 +17,7 @@ in
    };
  };

-  environment.systemPackages = [ pkgs.kanidm_1_4 ];
+  environment.systemPackages = [ kanidm ];

  users.users.kanidm.extraGroups = [ certificate.group ];

--- a/machines/fischer/home-julien.nix
+++ b/machines/fischer/home-julien.nix
@ -78,6 +78,7 @@
        unstable.nixfmt-rfc-style
        kanidm
        yubioath-flutter
+        ltex-ls
      ]
      ++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts);

--- a/machines/gallifrey/hardware.nix
+++ b/machines/gallifrey/hardware.nix
@ -22,7 +22,7 @@
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];
-  boot.kernelPackages = pkgs.linuxPackages_6_11;
+  boot.kernelPackages = pkgs.linuxPackages_6_13;

  fileSystems."/data" = {
    device = "/dev/disk/by-uuid/4680be45-8156-4bf0-8b0b-e7493aaf37c0";
--- a/machines/gustave/default.nix
+++ b/machines/gustave/default.nix
@ -23,6 +23,8 @@

  users.users.julien.linger = true;

+  services.backup.includes = [ "/home/julien/Maildir" ];
+
  services.openssh.extraConfig = ''
    HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
    HostKey /etc/ssh/ssh_host_ed25519_key
@ -113,11 +115,19 @@
  services.forgejo = {
    enable = true;
    package = pkgs.unstable.forgejo;
+    database.type = "postgres";
    settings = {
      server = {
        ROOT_URL = "https://git.luj.fr/";
        LANDING_PAGE = "luj";
      };
+      #openid.ENABLE_OPENID_SIGNIN = true;
+      openid.ENABLE_OPENID_SIGNUP = true;
+      oauth2_client.REGISTER_EMAIL_CONFIRM = false;
+      oauth2_client.ENABLE_AUTO_REGISTRATION = true;
+      oauth2_client.UPDATE_AVATAR = true;
+      oauth2_client.ACCOUNT_LINKING = "auto";
+      service.ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
    };
  };
Author	SHA1	Message	Date
Julien Malka	c138569331	fix: fix kanidm fr	2025-04-15 13:31:17 +02:00
Julien Malka	92d12fc312	feat: upgrade garage	2025-04-15 13:27:03 +02:00
Julien Malka	a4319b1bc8	feat: upgrade kanidm	2025-04-15 13:26:14 +02:00
Julien Malka	960484ebe5	feat: migrate forgejo to postgres	2025-04-15 13:24:33 +02:00
Julien Malka	c42963b3f8	chore: update nixpkgs	2025-04-15 12:42:56 +02:00
Julien Malka	248d6f9734	feat: add ltex-lsp to fischer	2025-04-09 20:42:39 +02:00
Julien Malka	f8eed474fd	chore: upgrade gallifrey kernel	2025-04-09 20:42:39 +02:00
Julien Malka	a72af96b83	chore: update unstable	2025-04-09 20:42:39 +02:00
Julien Malka	851df9429d	feat: init git maintenance mode	2025-04-09 20:42:39 +02:00