fix

2023-12-10 13:16:29 +01:00 · 2023-12-10 13:16:29 +01:00 · 403554015a
commit 403554015a
parent 0cae64a938
7 changed files with 10 additions and 10 deletions
--- a/hosts/ds9/default.nix
+++ b/hosts/ds9/default.nix
@ -74,7 +74,7 @@ in
    enable = true;
    configurations."ds9-offsite" = {
      source_directories = [ "/backups" "/data" "/persistent" ];
-      repositories = [ "ssh://root@gatebridge/media/backup/ds9" ];
+      repositories = [{ label = "gatebridge"; path = "ssh://root@gatebridge/media/backup/ds9"; }];
      exclude_if_present = [ ".nobackup" ];
      #upload_rate_limit = "4000";
      encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.borgmaticEncryptionKey.path}";
--- a/hosts/picard/default.nix
+++ b/hosts/picard/default.nix
@ -147,8 +147,8 @@
    configurations."picard-ds9" = {
      source_directories = [ "/persistent" ];
      repositories = [
-        "ssh://picardbackup@ds9/backups/picard/borgmatic"
+        { label = "ds9"; path = "ssh://picardbackup@ds9/backups/picard/borgmatic"; }
-        "ssh://root@gatebridge/media/backup/picard"
+        { label = "gatebridge"; path = "ssh://root@gatebridge/media/backup/picard"; }
      ];
      exclude_if_present = [ ".nobackup" ];
      encryption_passcommand = "${pkgs.coreutils}/bin/cat ${config.age.secrets.picardResticPassword.path}";
--- a/hosts/picard/xynospace-matrix.nix
+++ b/hosts/picard/xynospace-matrix.nix
@ -47,7 +47,7 @@ in
    ensureUsers = [
      {
        name = "slidingsync";
-        ensurePermissions."DATABASE slidingsync" = "ALL PRIVILEGES";
+        ensureDBOwnership = true;
      }
    ];
  };
--- a/nixos-modules/services/authelia.nix
+++ b/nixos-modules/services/authelia.nix
@ -50,7 +50,7 @@ in
            host = "/run/postgresql";
            port = "5432";
            database = "authelia";
-            username = "authelia-main";
+            username = "authelia";
            password = "dosentmatter";
          };
        };
@ -68,8 +68,8 @@ in
      ensureDatabases = [ "authelia" ];
      ensureUsers = [
        {
-          name = "authelia-main";
+          name = "authelia";
-          ensurePermissions."DATABASE authelia" = "ALL PRIVILEGES";
+          ensureDBOwnership = true;
        }
      ];
    };
--- a/nixos-modules/services/hedgedoc.nix
+++ b/nixos-modules/services/hedgedoc.nix
@ -59,7 +59,7 @@ in
      ensureUsers = [
        {
          name = "hedgedoc";
-          ensurePermissions."DATABASE hedgedoc" = "ALL PRIVILEGES";
+          ensureDBOwnership = true;
        }
      ];
    };
--- a/nixos-modules/system/agenix.nix
+++ b/nixos-modules/system/agenix.nix
@ -19,7 +19,7 @@ in
  config = mkIf cfg.enable {
    environment.systemPackages = [ inputs.agenix.packages.${pkgs.system}.default ];
    # Set passwords
-    users.users.root.passwordFile = config.age.secrets.rootPasswd.path;
+    users.users.root.hashedPasswordFile = config.age.secrets.rootPasswd.path;
    age.identityPaths =
      [
        "/persistent/etc/ssh/ssh_host_ed25519_key"
--- a/nixos-modules/user/default.nix
+++ b/nixos-modules/user/default.nix
@ -57,7 +57,7 @@ in
      extraGroups = [ "wheel" ] ++ extraGroups;
      shell = pkgs.zsh;
      openssh.authorizedKeys.keys = pubkeys.ragon.user ++ extraAuthorizedKeys;
-      passwordFile = config.age.secrets.ragonPasswd.path;
+      hashedPasswordFile = config.age.secrets.ragonPasswd.path;
    };
    ragon.agenix.secrets.ragonPasswd = { };