From cef07cde40f1431f0b795bdef2a39e8e9322b97d Mon Sep 17 00:00:00 2001
From: Florian Sesser <florian@private.storage>
Date: Mon, 13 Feb 2023 17:27:18 +0000
Subject: [PATCH] Fix up some remaining warnings due to the upgrade

---
 morph/grid/local/Vagrantfile   | 2 +-
 morph/lib/hardware-vagrant.nix | 2 +-
 nixos/modules/deployment.nix   | 4 ++--
 nixos/modules/issuer.nix       | 2 +-
 nixos/modules/ssh.nix          | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/morph/grid/local/Vagrantfile b/morph/grid/local/Vagrantfile
index 64d4aec5..96946e53 100644
--- a/morph/grid/local/Vagrantfile
+++ b/morph/grid/local/Vagrantfile
@@ -60,7 +60,7 @@ Vagrant.configure("2") do |config|
   end
 
   # To make the VMs assign the static IPs to the network interfaces we need a rebuild:
-  config.vm.provision "shell", inline: "echo '{nix.trustedUsers = [ \"@wheel\" \"root\" \"vagrant\" ];}' > /etc/nixos/custom-configuration.nix"
+  config.vm.provision "shell", inline: "echo '{nix.settings.trusted-users = [ \"@wheel\" \"root\" \"vagrant\" ];}' > /etc/nixos/custom-configuration.nix"
   config.vm.provision "shell", inline: "nixos-rebuild switch"
 
   config.trigger.after :up do |trigger|
diff --git a/morph/lib/hardware-vagrant.nix b/morph/lib/hardware-vagrant.nix
index 6c41af49..fba93531 100644
--- a/morph/lib/hardware-vagrant.nix
+++ b/morph/lib/hardware-vagrant.nix
@@ -52,6 +52,6 @@
       };
 
     # We want to push packages with morph without having to sign them
-    nix.trustedUsers = [ "@wheel" "root" "vagrant" ];
+    nix.settings.trusted-users = [ "@wheel" "root" "vagrant" ];
   };
 }
diff --git a/nixos/modules/deployment.nix b/nixos/modules/deployment.nix
index 41381ce5..cbc8766e 100755
--- a/nixos/modules/deployment.nix
+++ b/nixos/modules/deployment.nix
@@ -36,10 +36,10 @@ in {
     # Configure the system to use our binary cache so that deployment updates
     # only require downloading pre-built software, not building it ourselves.
     nix = {
-      binaryCachePublicKeys = [
+      settings.trusted-public-keys = [
         "saxtons.private.storage:MplOcEH8G/6mRlhlKkbA8GdeFR3dhCFsSszrspE/ZwY="
       ];
-      binaryCaches = [
+      settings.substituters = [
         "http://saxtons.private.storage"
       ];
     };
diff --git a/nixos/modules/issuer.nix b/nixos/modules/issuer.nix
index 375f064c..5537850b 100644
--- a/nixos/modules/issuer.nix
+++ b/nixos/modules/issuer.nix
@@ -254,7 +254,7 @@ in {
     ];
 
     # NGINX reverse proxy
-    security.acme.email = cfg.letsEncryptAdminEmail;
+    security.acme.defaults.email = cfg.letsEncryptAdminEmail;
     security.acme.acceptTerms = true;
     services.nginx = {
       enable = true;
diff --git a/nixos/modules/ssh.nix b/nixos/modules/ssh.nix
index 8d5d5766..d872d111 100644
--- a/nixos/modules/ssh.nix
+++ b/nixos/modules/ssh.nix
@@ -29,7 +29,7 @@
       allowSFTP = false;
 
       # We only allow key-based authentication.
-      challengeResponseAuthentication = false;
+      kbdInteractiveAuthentication = false;
       passwordAuthentication = false;
 
       extraConfig = ''
-- 
GitLab