From cef07cde40f1431f0b795bdef2a39e8e9322b97d Mon Sep 17 00:00:00 2001 From: Florian Sesser <florian@private.storage> Date: Mon, 13 Feb 2023 17:27:18 +0000 Subject: [PATCH] Fix up some remaining warnings due to the upgrade --- morph/grid/local/Vagrantfile | 2 +- morph/lib/hardware-vagrant.nix | 2 +- nixos/modules/deployment.nix | 4 ++-- nixos/modules/issuer.nix | 2 +- nixos/modules/ssh.nix | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/morph/grid/local/Vagrantfile b/morph/grid/local/Vagrantfile index 64d4aec5..96946e53 100644 --- a/morph/grid/local/Vagrantfile +++ b/morph/grid/local/Vagrantfile @@ -60,7 +60,7 @@ Vagrant.configure("2") do |config| end # To make the VMs assign the static IPs to the network interfaces we need a rebuild: - config.vm.provision "shell", inline: "echo '{nix.trustedUsers = [ \"@wheel\" \"root\" \"vagrant\" ];}' > /etc/nixos/custom-configuration.nix" + config.vm.provision "shell", inline: "echo '{nix.settings.trusted-users = [ \"@wheel\" \"root\" \"vagrant\" ];}' > /etc/nixos/custom-configuration.nix" config.vm.provision "shell", inline: "nixos-rebuild switch" config.trigger.after :up do |trigger| diff --git a/morph/lib/hardware-vagrant.nix b/morph/lib/hardware-vagrant.nix index 6c41af49..fba93531 100644 --- a/morph/lib/hardware-vagrant.nix +++ b/morph/lib/hardware-vagrant.nix @@ -52,6 +52,6 @@ }; # We want to push packages with morph without having to sign them - nix.trustedUsers = [ "@wheel" "root" "vagrant" ]; + nix.settings.trusted-users = [ "@wheel" "root" "vagrant" ]; }; } diff --git a/nixos/modules/deployment.nix b/nixos/modules/deployment.nix index 41381ce5..cbc8766e 100755 --- a/nixos/modules/deployment.nix +++ b/nixos/modules/deployment.nix @@ -36,10 +36,10 @@ in { # Configure the system to use our binary cache so that deployment updates # only require downloading pre-built software, not building it ourselves. nix = { - binaryCachePublicKeys = [ + settings.trusted-public-keys = [ "saxtons.private.storage:MplOcEH8G/6mRlhlKkbA8GdeFR3dhCFsSszrspE/ZwY=" ]; - binaryCaches = [ + settings.substituters = [ "http://saxtons.private.storage" ]; }; diff --git a/nixos/modules/issuer.nix b/nixos/modules/issuer.nix index 375f064c..5537850b 100644 --- a/nixos/modules/issuer.nix +++ b/nixos/modules/issuer.nix @@ -254,7 +254,7 @@ in { ]; # NGINX reverse proxy - security.acme.email = cfg.letsEncryptAdminEmail; + security.acme.defaults.email = cfg.letsEncryptAdminEmail; security.acme.acceptTerms = true; services.nginx = { enable = true; diff --git a/nixos/modules/ssh.nix b/nixos/modules/ssh.nix index 8d5d5766..d872d111 100644 --- a/nixos/modules/ssh.nix +++ b/nixos/modules/ssh.nix @@ -29,7 +29,7 @@ allowSFTP = false; # We only allow key-based authentication. - challengeResponseAuthentication = false; + kbdInteractiveAuthentication = false; passwordAuthentication = false; extraConfig = '' -- GitLab