From 0594a70fea841be9ce48575386f7e4579dbf1563 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 1 Dec 2021 16:44:42 +0100
Subject: l bitlbee: disable dynamicUser

---
 lass/2configs/bitlbee.nix | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'lass')

diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix
index d8f1ae888..b84221155 100644
--- a/lass/2configs/bitlbee.nix
+++ b/lass/2configs/bitlbee.nix
@@ -11,9 +11,22 @@ with (import <stockholm/lib>);
       pkgs.bitlbee-discord
     ];
     libpurple_plugins = [
-      # pkgs.telegram-purple
-      pkgs.tdlib-purple
+      pkgs.telegram-purple
+      # pkgs.tdlib-purple
       # pkgs.purple-gowhatsapp
     ];
   };
+
+  users.users.bitlbee = {
+    uid = genid_uint31 "bitlbee";
+    isSystemUser = true;
+    group = "bitlbee";
+  };
+  users.groups.bitlbee = {};
+
+  systemd.services.bitlbee.serviceConfig = {
+    DynamicUser = lib.mkForce false;
+    User = "bitlbee";
+    StateDirectory = lib.mkForce null;
+  };
 }
-- 
cgit v1.2.3


From 93fb28ac98fb301779c0ab1cd4ef54476faa9879 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 1 Dec 2021 17:52:23 +0100
Subject: l hass: use new mosquitto config

---
 lass/2configs/hass/default.nix | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

(limited to 'lass')

diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix
index be9c32809..b303df938 100644
--- a/lass/2configs/hass/default.nix
+++ b/lass/2configs/hass/default.nix
@@ -119,13 +119,10 @@ in {
 
   services.mosquitto = {
     enable = true;
-    host = "0.0.0.0";
-    allowAnonymous = false;
-    checkPasswords = true;
-    users.gg23 = {
-      password = "gg23-mqtt";
-      acl = [ "topic readwrite #" ];
-    };
+    listeners = [{
+      acl = [ "topic pattern readwrite #" ];
+      users.gg23 = { acl = [ "topic readwrite #" ]; password = "gg23-mqtt"; };
+    }];
   };
 
   environment.systemPackages = [ pkgs.mosquitto ];
-- 
cgit v1.2.3


From d33c92fe21e9690c9cc558a274472617ba034197 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 1 Dec 2021 18:53:18 +0100
Subject: l usershadow: remove legacy pamEnvironment

---
 lass/3modules/usershadow.nix | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'lass')

diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix
index c3d4de84d..1f5b6673f 100644
--- a/lass/3modules/usershadow.nix
+++ b/lass/3modules/usershadow.nix
@@ -28,15 +28,12 @@
       session required pam_permit.so
     '';
 
-    security.pam.services.dovecot2 = {
-      text = ''
-        auth required pam_exec.so expose_authtok /run/wrappers/bin/shadow_verify_pam ${cfg.pattern}
-        auth required pam_permit.so
-        account required pam_permit.so
-        session required pam_permit.so
-        session required pam_env.so envfile=${config.system.build.pamEnvironment}
-      '';
-    };
+    security.pam.services.dovecot2.text = ''
+      auth required pam_exec.so expose_authtok /run/wrappers/bin/shadow_verify_pam ${cfg.pattern}
+      auth required pam_permit.so
+      account required pam_permit.so
+      session required pam_permit.so
+    '';
 
     security.wrappers.shadow_verify_pam = {
       source = "${usershadow}/bin/verify_pam";
-- 
cgit v1.2.3


From 625d725e1394e0b9f5a4161fffc1b8adf8fe9595 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 1 Dec 2021 19:12:00 +0100
Subject: l usershadow: add groups to security.wrappers

---
 lass/3modules/usershadow.nix | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'lass')

diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix
index 1f5b6673f..b1011ced0 100644
--- a/lass/3modules/usershadow.nix
+++ b/lass/3modules/usershadow.nix
@@ -38,10 +38,12 @@
     security.wrappers.shadow_verify_pam = {
       source = "${usershadow}/bin/verify_pam";
       owner = "root";
+      group = "root";
     };
     security.wrappers.shadow_verify_arg = {
       source = "${usershadow}/bin/verify_arg";
       owner = "root";
+      group = "root";
     };
   };
 
-- 
cgit v1.2.3


From 70be7f119b25f1913be9a219f5dad0b179405b4e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 3 Dec 2021 16:23:46 +0100
Subject: l coaxmetal.r: remove obsolete trackpoint patch (is now upstream)

---
 lass/1systems/coaxmetal/physical.nix | 10 ----------
 1 file changed, 10 deletions(-)

(limited to 'lass')

diff --git a/lass/1systems/coaxmetal/physical.nix b/lass/1systems/coaxmetal/physical.nix
index b033477fe..6be047300 100644
--- a/lass/1systems/coaxmetal/physical.nix
+++ b/lass/1systems/coaxmetal/physical.nix
@@ -56,14 +56,4 @@
     xinput set-prop 'ETPS/2 Elantech TrackPoint' 'Evdev Wheel Emulation Button' 2
     xinput set-prop 'ETPS/2 Elantech TrackPoint' 'Evdev Wheel Emulation Axes' 6 7 4 5
   '';
-
-  # https://forums.lenovo.com/t5/Fedora/T14s-AMD-Trackpoint-almost-unusable/m-p/5064952?page=4
-  # https://bugzilla.kernel.org/show_bug.cgi?id=209167#c1
-  boot.kernelPatches = [{
-    name = "fix-trackpoint-jumping";
-    patch = pkgs.fetchurl {
-      url = "https://patchwork.kernel.org/project/linux-input/patch/20210729010940.5752-1-phoenix@emc.com.tw/raw/";
-      sha256 = "0apbf7c8w830dbdsrmxpip90d5zbg74a939x89jfgpvm5gbdqdjg";
-    };
-  }];
 }
-- 
cgit v1.2.3