dan/ops-jrz1
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
ops-jrz1/flake.nix
Dan 4c38331e17 Fix Matrix package references to use nixpkgs-unstable 
Matrix packages (mautrix-*, matrix-continuwuity) only exist in
nixpkgs-unstable, not in nixpkgs 24.05 stable. This commit updates
all module defaults and references to use pkgs-unstable.

Changes:
- Add pkgs-unstable to module function signatures (4 modules)
- Update package option defaults from pkgs.* to pkgs-unstable.*
- Configure pkgs-unstable in flake.nix to permit olm-3.2.16
- Add VM config permittedInsecurePackages for olm (mautrix dependency)

The olm library is deprecated with known CVEs but required by mautrix
bridges. This is acceptable for testing; production should migrate to
newer cryptography implementations when available.

This maintains our stable base system (NixOS 24.05) while using
unstable only for Matrix ecosystem packages under active development.
2025-10-21 00:06:43 -07:00

55 lines
1.5 KiB
Nix
Raw Blame History

{
description = "ops-jrz1 NixOS server configuration with Matrix platform";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, nixpkgs-unstable, sops-nix, ... }@inputs: {
nixosConfigurations = {
# Production configuration (for actual VPS deployment)
ops-jrz1 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
pkgs-unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config.allowUnfree = true;
};
};
modules = [
./configuration.nix
./hosts/ops-jrz1.nix
sops-nix.nixosModules.sops
];
};
# VM testing configuration (for local validation before deployment)
ops-jrz1-vm = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
pkgs-unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config = {
allowUnfree = true;
permittedInsecurePackages = [
"olm-3.2.16" # Required by mautrix bridges (VM testing only)
];
};
};
};
modules = [
./configuration.nix
./hosts/ops-jrz1-vm.nix
# Note: No sops-nix for VM testing
];
};
};
};
}
Reference in a new issue View git blame Copy permalink