flake.nix/inputs/disko: v1.11.0 -> v1.13.0

This reverts commit 4a67eddf52.

base/services/journald-upload.nix

@@ -6,8 +6,7 @@ in
   services.journald.upload = {
     enable = lib.mkDefault true;
     settings.Upload = {
-      # URL = "https://journald.pvv.ntnu.no:${toString config.services.journald.remote.port}";
-      URL = "https://${values.hosts.ildkule.ipv4}:${toString config.services.journald.remote.port}";
+      URL = "https://journald.pvv.ntnu.no:${toString config.services.journald.remote.port}";
       ServerKeyFile = "-";
       ServerCertificateFile = "-";
       TrustedCertificateFile = "-";

flake.lock

@@ -43,16 +43,16 @@
         ]
       },
       "locked": {
-        "lastModified": 1736864502,
-        "narHash": "sha256-ItkIZyebGvNH2dK9jVGzJHGPtb6BSWLN8Gmef16NeY0=",
+        "lastModified": 1768920986,
+        "narHash": "sha256-CNzzBsRhq7gg4BMBuTDObiWDH/rFYHEuDRVOwCcwXw4=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "0141aabed359f063de7413f80d906e1d98c0c123",
+        "rev": "de5708739256238fb912c62f03988815db89ec9a",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "v1.11.0",
+        "ref": "v1.13.0",
         "repo": "disko",
         "type": "github"
       }

flake.nix

@@ -8,7 +8,7 @@
     sops-nix.url = "github:Mic92/sops-nix/master";
     sops-nix.inputs.nixpkgs.follows = "nixpkgs";
 
-    disko.url = "github:nix-community/disko/v1.11.0";
+    disko.url = "github:nix-community/disko/v1.13.0";
     disko.inputs.nixpkgs.follows = "nixpkgs";
 
     nix-topology.url = "github:oddlama/nix-topology/main";

hosts/bekkalokk/services/mediawiki/default.nix

@@ -210,6 +210,8 @@ in {
 
       # EXT:WikiEditor
       $wgWikiEditorRealtimePreview = true;
+
+      $wgSecretKey = file_get_contents("${config.sops.secrets."mediawiki/secret-key".path}");
     '';
   };
 
@@ -273,8 +275,6 @@ in {
   systemd.services.mediawiki-init = lib.mkIf cfg.enable {
     after = [ "sops-install-secrets.service" ];
     serviceConfig = {
-      BindReadOnlyPaths = [ "/run/credentials/mediawiki-init.service/secret-key:/var/lib/mediawiki/secret.key" ];
-      LoadCredential = [ "secret-key:${config.sops.secrets."mediawiki/secret-key".path}" ];
       UMask = lib.mkForce "0007";
     };
   };
@@ -282,8 +282,6 @@ in {
   systemd.services.phpfpm-mediawiki = lib.mkIf cfg.enable {
     after = [ "sops-install-secrets.service" ];
     serviceConfig = {
-      BindReadOnlyPaths = [ "/run/credentials/phpfpm-mediawiki.service/secret-key:/var/lib/mediawiki/secret.key" ];
-      LoadCredential = [ "secret-key:${config.sops.secrets."mediawiki/secret-key".path}" ];
       UMask = lib.mkForce "0007";
     };
   };

hosts/bicep/services/matrix/livekit.nix

@@ -64,11 +64,4 @@ in
       '';
     };
   };
-
-  networking.firewall.allowedUDPPortRanges = [
-    {
-      from = cfg.settings.rtc.port_range_start;
-      to = cfg.settings.rtc.port_range_end;
-    }
-  ];
 }

shells/cuda.nix

@@ -22,12 +22,12 @@ pkgs.mkShell {
     stdenv.cc
     unzip
     util-linux
-    xorg.libX11
-    xorg.libXext
-    xorg.libXi
-    xorg.libXmu
-    xorg.libXrandr
-    xorg.libXv
+    libX11
+    libXext
+    libXi
+    libXmu
+    libXrandr
+    libXv
     zlib
 
     cudatoolkit