diff --git a/flake.lock b/flake.lock index d37fdad..791ac58 100644 --- a/flake.lock +++ b/flake.lock @@ -96,11 +96,11 @@ ] }, "locked": { - "lastModified": 1654858401, - "narHash": "sha256-53bw34DtVJ2bnF6WEwy6Tym+qY0pNEiEwARUlvmTZjs=", + "lastModified": 1658746384, + "narHash": "sha256-CCJcoMOcXyZFrV1ag4XMTpAPjLWb4Anbv+ktXFI1ry0=", "owner": "numtide", "repo": "devshell", - "rev": "f55e05c6d3bbe9acc7363bc8fc739518b2f02976", + "rev": "0ffc7937bb5e8141af03d462b468bd071eb18e1b", "type": "github" }, "original": { @@ -143,11 +143,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1655326915, - "narHash": "sha256-jh8HXBycUQ6JljIqPN53Q4p4kmaYnL5ZL7fu3WHK9dk=", + "lastModified": 1657655129, + "narHash": "sha256-qlxaGIkHKqDb5X0FdQ+eLak4fyIoMWMjQFfX9GC3B9A=", "owner": "nix-community", "repo": "dream2nix", - "rev": "caa9c4b5ef1c2d6f81f2651927b01f246b3d78a9", + "rev": "b83394e5f27c9f351d681e21374d2af7ed65c6c4", "type": "github" }, "original": { @@ -235,11 +235,11 @@ "pre-commit-hooks-nix": "pre-commit-hooks-nix" }, "locked": { - "lastModified": 1655108975, - "narHash": "sha256-BVE61UMEhmXTCkMLoIyuOfGjV0Z4yHNtIiC5VYe02FM=", + "lastModified": 1658408533, + "narHash": "sha256-gHORUY3B4EufNRokgex8gf+m9I+yEHioDfZpCQ3pvAo=", "owner": "hercules-ci", "repo": "hercules-ci-agent", - "rev": "2ee7b49b01068d0fbd5bec61fdcd12b525dab5d7", + "rev": "0d8c4f153e64c059d1d274306fb38da0ed870bb1", "type": "github" }, "original": { @@ -315,11 +315,11 @@ ] }, "locked": { - "lastModified": 1638883897, - "narHash": "sha256-chkeli1ojkr3VfcAUxLueJ2zvF+DE+UPt7XtnmNWxK8=", + "lastModified": 1656185874, + "narHash": "sha256-sv7lsuARTT+LgMq0mFdFP73CHeqTeIvz2ZHzceQAK+0=", "owner": "mkaito", "repo": "nixos-modded-minecraft-servers", - "rev": "429148ffe9f6730f8281671c8591796d3fc064ef", + "rev": "74477f0041e76097a6800cda892744b4c4ab26d2", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "locked": { "host": "git.privatevoid.net", - "lastModified": 1655504882, - "narHash": "sha256-R3pRcYsxpHuCI4Z/XeiBle6qYQWt8IriZP3vz58OpMk=", + "lastModified": 1659373312, + "narHash": "sha256-ACyS/bZI8rT6MFQDs7B3ogsoMi79dIrN+mna1QiFJLU=", "owner": "max", "repo": "nix-super-fork", - "rev": "6281f78ce2059dbbcc98319cff773de5d71fd327", + "rev": "16eae95adfce8e781470748b95f32064028c0f27", "type": "gitlab" }, "original": { @@ -399,11 +399,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1655421536, - "narHash": "sha256-CjPYLRJj/aglDiY+755CYazTugGco0quzlTo1arVil0=", + "lastModified": 1659253578, + "narHash": "sha256-9xjr2VFCQEpgCKdfZjOhiaLZ/XozLp+Y3UmUn44wYZg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "87d9c84817d7be81850c07e8f6a362b1dfc30feb", + "rev": "ede02b4ccb13557b95058d66146640a2b0bb198f", "type": "github" }, "original": { diff --git a/hosts/VEGAS/modules/oauth2-proxy/default.nix b/hosts/VEGAS/modules/oauth2-proxy/default.nix index f998cb7..9724b49 100644 --- a/hosts/VEGAS/modules/oauth2-proxy/default.nix +++ b/hosts/VEGAS/modules/oauth2-proxy/default.nix @@ -1,4 +1,4 @@ -{ config, inputs, lib, pkgs, tools, ... }: +{ config, lib, pkgs, tools, ... }: let inherit (tools.meta) domain; login = x: "https://login.${domain}/auth/realms/master/protocol/openid-connect/${x}"; @@ -17,7 +17,6 @@ in services.oauth2_proxy = { enable = true; - package = inputs.self.packages.${pkgs.system}.oauth2-proxy; approvalPrompt = "auto"; provider = "keycloak"; scope = "openid"; diff --git a/packages/dream2nix-overrides/nodejs/default.nix b/packages/dream2nix-overrides/nodejs/default.nix index 1b9b1f9..e73bff1 100644 --- a/packages/dream2nix-overrides/nodejs/default.nix +++ b/packages/dream2nix-overrides/nodejs/default.nix @@ -32,7 +32,6 @@ in uptime-kuma.runtime-bugfixes = { patches = [ - ./uptime-kuma/log-in-data-dir.patch ./uptime-kuma/chmod-database.patch ./uptime-kuma/data-dir-concat-with-slash.patch ]; diff --git a/packages/dream2nix-overrides/nodejs/uptime-kuma/log-in-data-dir.patch b/packages/dream2nix-overrides/nodejs/uptime-kuma/log-in-data-dir.patch deleted file mode 100644 index 88cfd5d..0000000 --- a/packages/dream2nix-overrides/nodejs/uptime-kuma/log-in-data-dir.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/server/util-server.js b/server/util-server.js -index 39a2d90..ecb404a 100644 ---- a/server/util-server.js -+++ b/server/util-server.js -@@ -528,7 +528,7 @@ exports.convertToUTF8 = (body) => { - let logFile; - - try { -- logFile = fs.createWriteStream("./data/error.log", { -+ logFile = fs.createWriteStream((process.env.DATA_DIR || ".") + "/error.log", { - flags: "a" - }); - } catch (_) { } diff --git a/packages/patched-derivations.nix b/packages/patched-derivations.nix index 10df021..4897fd2 100644 --- a/packages/patched-derivations.nix +++ b/packages/patched-derivations.nix @@ -33,8 +33,6 @@ super: rec { jre = jre17_standard; }; - oauth2-proxy = patch super.oauth2-proxy "patches/base/oauth2-proxy"; - tempo = super.tempo.overrideAttrs (_: { version = builtins.substring 1 (-1) pins.tempo.version; src = super.npins.mkSource pins.tempo; diff --git a/packages/sources/sources.json b/packages/sources/sources.json index d0d97b4..e9c14e7 100644 --- a/packages/sources/sources.json +++ b/packages/sources/sources.json @@ -22,9 +22,9 @@ "repo": "searxng" }, "branch": "master", - "revision": "88733c0ce6e76a78593b8e4060e33a617cce3cd8", - "url": "https://github.com/searxng/searxng/archive/88733c0ce6e76a78593b8e4060e33a617cce3cd8.tar.gz", - "hash": "1pamar97lh0pbkbxqxn4grf9h98jg9xddrz98rgabvriz32rkn6l" + "revision": "1fbb514a4ead209c95b4ddca0430f754a4c11554", + "url": "https://github.com/searxng/searxng/archive/1fbb514a4ead209c95b4ddca0430f754a4c11554.tar.gz", + "hash": "1wllmb7s69fi7pgslkbq4sxxkrywfvi8pj78ichsh2md52idclmq" }, "stevenblack-hosts": { "type": "GitRelease", @@ -63,10 +63,10 @@ }, "pre_releases": false, "version_upper_bound": null, - "version": "1.15.0", - "revision": "751924b3355ca44d24ceede1cfdd983383426f5f", - "url": "https://api.github.com/repos/louislam/uptime-kuma/tarball/1.15.0", - "hash": "0yylwz4xa98d6szp3bk9sy4p6h2fimq8nq4yczw0jd5r81a1dmx9" + "version": "1.17.1", + "revision": "0ecaa2cbd7131a7a04ff47454ae8ddb903ce1cf6", + "url": "https://api.github.com/repos/louislam/uptime-kuma/tarball/1.17.1", + "hash": "1v104csjlwmb14yklfyil9h28q3cfl4g3rdjn8cmq8m964ddd84a" } }, "version": 2 diff --git a/patches/base/oauth2-proxy/GHPR_1502-Unbreak-oauth2-proxy-for-keycloak-provider-after-2c668a.patch b/patches/base/oauth2-proxy/GHPR_1502-Unbreak-oauth2-proxy-for-keycloak-provider-after-2c668a.patch deleted file mode 100644 index 87b6f48..0000000 --- a/patches/base/oauth2-proxy/GHPR_1502-Unbreak-oauth2-proxy-for-keycloak-provider-after-2c668a.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 0c932b61febe8a458d4bf4ff075feeffb02efc02 Mon Sep 17 00:00:00 2001 -From: Cullen Walsh -Date: Mon, 3 Jan 2022 17:32:33 -0800 -Subject: [PATCH 1/2] Unbreak oauth2-proxy for keycloak provider after 2c668a - -With 2c668a, oauth2-proxy fails a request if the token validation fails. -Token validation always fails with the keycloak provider, due to the -valudation request passing the token via the URL, and keycloak not -parsing the url for tokens. - -This is fixed by forcing the validation request to pass the token via a -header. - -This code taken from the DigitalOcean provider, which presumably forcing -the token to be passed via header for the same reason. - -Test plan: I was unable to build a docker image to test the fix, but I -believe it is relatively simple, and it passes the "looks good to me" -test plan. ---- - providers/keycloak.go | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/providers/keycloak.go b/providers/keycloak.go -index c1a873529..4a8af231a 100644 ---- a/providers/keycloak.go -+++ b/providers/keycloak.go -@@ -100,3 +100,8 @@ func (p *KeycloakProvider) EnrichSession(ctx context.Context, s *sessions.Sessio - - return nil - } -+ -+// ValidateSession validates the AccessToken -+func (p *KeycloakProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool { -+ return validateToken(ctx, p, s.AccessToken, makeOIDCHeader(s.AccessToken)) -+}