thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: various kanidm, jitsi and general fixes

Browse Source
This commit is contained in:
nhnn
2025-05-22 16:50:34 +03:00
parent eb29949a03
commit 14e8cf359d
12 changed files with 44 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
sp-modules/vikunja/flake.lock → sp-modules/jitsi-meet/flake.lock generated
View File

@@ -1,24 +1,24 @@
{
"nodes": {
"nixpkgs-24-11": {
"nixpkgs-2405": {
"locked": {
"lastModified": 1744440957,
"narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=",
"lastModified": 1735563628,
"narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d",
"rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs-24-11": "nixpkgs-24-11"
"nixpkgs-2405": "nixpkgs-2405"
}
}
},

6
sp-modules/jitsi-meet/flake.nix
View File

@@ -1,10 +1,12 @@
{
description = "PoC SP module for Jitsi Meet video conferences server";
inputs.nixpkgs-2405.url = "github:NixOS/nixpkgs/nixos-24.05";
outputs =
{ self }:
{ self, nixpkgs-2405 }:
{
nixosModules.default = import ./module.nix;
nixosModules.default = import ./module.nix nixpkgs-2405.legacyPackages.x86_64-linux;
configPathsNeeded = builtins.fromJSON (builtins.readFile ./config-paths-needed.json);
meta =
{ lib, ... }:

14
sp-modules/jitsi-meet/module.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, ... }:
oldPkgs: { config, lib, ... }:
let
domain = config.selfprivacy.domain;
cfg = config.selfprivacy.modules.jitsi-meet;
@@ -46,13 +46,13 @@ in
config = lib.mkIf cfg.enable {
nixpkgs.overlays = [
(_: prev: {
# We disable E2E for clients below
jitsi-meet = prev.jitsi-meet.overrideAttrs (old: {
meta = old.meta // {
knownVulnerabilities = [ ];
};
(final: prev: {
jicofo = oldPkgs.jicofo;
jitsi-meet = oldPkgs.jitsi-meet.overrideAttrs (old: {
meta = old.meta // { knownVulnerabilities = [ ]; };
});
jitsi-videobridge = oldPkgs.jitsi-videobridge;
jitsi-meet-prosody = oldPkgs.jitsi-meet-prosody;
})
];

2
sp-modules/simple-nixos-mailserver/auth-dovecot.nix
View File

@@ -25,7 +25,7 @@ let
# create service account token, needed for LDAP
kanidmExecStartPostScript = pkgs.writeShellScript "mailserver-kanidm-ExecStartPost-script.sh" ''
export HOME=$RUNTIME_DIRECTORY/client_home
readonly KANIDM="${pkgs.kanidm}/bin/kanidm"
readonly KANIDM="${config.services.kanidm.package}/bin/kanidm"
# get Kanidm service account for mailserver
KANIDM_SERVICE_ACCOUNT="$($KANIDM service-account list --name idm_admin | grep -E "^name: ${mailserver-service-account-name}$")"

3
sp-modules/simple-nixos-mailserver/config-paths-needed.json
View File

@@ -30,5 +30,6 @@
[ "services", "redis", "servers", "rspamd", "bind" ],
[ "services", "redis", "servers", "rspamd", "port" ],
[ "services", "redis", "servers", "rspamd", "requirePass" ],
[ "services", "rspamd" ]
[ "services", "rspamd" ],
[ "services", "kanidm", "package" ]
]

8
sp-modules/vikunja/flake.nix
View File

@@ -1,14 +1,10 @@
{
description = "PoC SP module for Vikunja service";
inputs = {
nixpkgs-24-11.url = "github:NixOS/nixpkgs/nixos-24.11";
};
outputs =
{ nixpkgs-24-11, ... }:
{ ... }:
{
nixosModules.default = import ./module.nix nixpkgs-24-11.legacyPackages.x86_64-linux;
nixosModules.default = import ./module.nix;
configPathsNeeded = builtins.fromJSON (builtins.readFile ./config-paths-needed.json);
meta =
{ lib, ... }:

4
sp-modules/vikunja/module.nix
View File

@@ -1,7 +1,7 @@
latestPkgs:
{
config,
lib,
pkgs,
...
}:
let
@@ -17,7 +17,7 @@ let
oauthClientSecretFP = auth-passthru.mkOAuth2ClientSecretFP oauthClientID;
vikunjaPackage = latestPkgs.vikunja.overrideAttrs (old: {
vikunjaPackage = pkgs.vikunja.overrideAttrs (old: {
doCheck = false; # Tests are slow.
patches = (old.patches or [ ]) ++ [
./load-client-secret-from-env.patch