7 files changed, 12 insertions, 30 deletions

diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix
index b41e396c9..5cf7d9242 100644
--- a/lass/1systems/green/config.nix
+++ b/lass/1systems/green/config.nix
@@ -42,13 +42,6 @@ with import <stockholm/lib>;
         "-M ${toString config.users.users.mainUser.uid}"
       ];
     };
-    "/home/lass/sync" = {
-      source = "/var/state/lass_sync";
-      options = [
-        "-M ${concatMapStringsSep ":" (u: toString config.users.users.${u}.uid) [ "syncthing" "mainUser" ]}"
-        "--create-for-user=${toString config.users.users.syncthing.uid}"
-      ];
-    };
     "/var/lib/bitlbee" = {
       source = "/var/state/bitlbee";
       options = [
@@ -94,4 +87,10 @@ with import <stockholm/lib>;
   krebs.iptables.tables.nat.PREROUTING.rules = [
     { predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; precedence = 101; }
   ];
+
+  # workaround for ssh access from yubikey via android
+  services.openssh.extraConfig = ''
+    HostKeyAlgorithms +ssh-rsa
+    PubkeyAcceptedAlgorithms +ssh-rsa
+  '';
 }
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
deleted file mode 100644
index 68acf12b8..000000000
--- a/lass/1systems/helios/config.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-with import <stockholm/lib>;
-{ pkgs, ... }:
-{
-  environment.systemPackages = with pkgs; [
-    dpass
-  ];
-}
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 88ac90de4..4d042de22 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -127,7 +127,6 @@ with import <stockholm/lib>;
     transmission
 
     macchanger
-    dpass
 
     dnsutils
     woeusb
diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index b303df938..4ed0bfa5f 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -120,8 +120,8 @@ in {
   services.mosquitto = {
     enable = true;
     listeners = [{
-      acl = [ "topic pattern readwrite #" ];
-      users.gg23 = { acl = [ "topic readwrite #" ]; password = "gg23-mqtt"; };
+      acl = [ ];
+      users.gg23 = { acl = [ "readwrite #" ]; password = "gg23-mqtt"; };
     }];
   };
 
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index 9932f8172..f900bc28e 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -14,7 +14,6 @@
   };
 
   krebs.tinc.retiolum = {
-    enableLegacy = true;
     enable = true;
     connectTo = [
       "prism"
diff --git a/lass/5pkgs/dpass/default.nix b/lass/5pkgs/dpass/default.nix
deleted file mode 100644
index c1e803bcb..000000000
--- a/lass/5pkgs/dpass/default.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ pass, write, writeDash, ... }:
-
-write "dsco-pass" {
-  "/bin/dpass".link = writeDash "dpass" ''
-    PASSWORD_STORE_DIR=$HOME/.dpasswordstore \
-    exec ${pass}/bin/pass $@
-  '';
-  "/bin/dpassmenu".link = writeDash "dpassmenu" ''
-    PASSWORD_STORE_DIR=$HOME/.dpasswordstore \
-    exec ${pass}/bin/passmenu $@
-  '';
-}
diff --git a/lass/krops.nix b/lass/krops.nix
index 4abd010e1..ace37888f 100644
--- a/lass/krops.nix
+++ b/lass/krops.nix
@@ -23,6 +23,10 @@
           name = "hosts/${name}";
         };
       };
+      stockholm.file = lib.mkForce {
+        path = toString ../.;
+        useChecksum = true;
+      };
     }
     (if lib.pathExists (./. + "/1systems/${name}/source.nix") then
       import (./. + "/1systems/${name}/source.nix") { inherit lib pkgs test; }