hswaw/machines/customs: upgrade to workspace nixos-unstable 2021-08-11

Change-Id: I6eb4408d40e14f24ebbe3f9f3aef0be952b44e8b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1167
Reviewed-by: vuko <vuko@hackerspace.pl>

hswaw/machines/customs.hackerspace.pl/checkinator-tracker.nix

@@ -46,7 +46,8 @@ let
 in {
   users.users."${user}" = {
     group           = "${group}";
-    useDefaultShell = true;
+    isSystemUser = true;
+    uid = 1001;
   };
   users.groups."${group}" = {};
 

hswaw/machines/customs.hackerspace.pl/checkinator-web.nix

@@ -80,7 +80,8 @@ let
 in {
   users.users."${user}" = {
     group           = "${group}";
-    useDefaultShell = true;
+    isSystemUser = true;
+    uid = 1002;
   };
   users.groups."${group}" = {};
 

hswaw/machines/customs.hackerspace.pl/configuration.nix

@@ -497,31 +497,32 @@ in {
 
   services.unbound = {
     enable = true;
-    interfaces = [
-      networks.lan.ipv4
-      "127.0.0.1"
-      "::1"
-      # networks.lan.ipv6 TODO
-    ];
-    allowedAccess = [
-      "127.0.0.1/8"
-      "10.0.0.0/8"
-    ];
-    extraConfig = builtins.concatStringsSep "\n" ((map (
-      name: ''
-        stub-zone:
-            name: ${name}
-            stub-addr: ${networks.uplink.ipv4}
-      ''
-    ) [ "waw.hackerspace.pl" "api.eye.fi" "api.ustream.tv" "i"]) ++ [''
-      forward-zone:
-          name: "."
-          forward-addr: 185.236.240.1
-    '']);
+
+    settings = {
+      server = {
+        interface = [
+          networks.lan.ipv4
+          "127.0.0.1"
+          "::1"
+          # networks.lan.ipv6 TODO
+        ];
+        access-control = [
+          "127.0.0.1/8 allow"
+          "10.0.0.0/8 allow"
+        ];
+      };
+
+      stub-zone = map (name: {
+        name = name;
+        stub-addr = networks.uplink.ipv4;
+      }) [ "waw.hackerspace.pl" "api.eye.fi" "api.ustream.tv" "i" ];
+      forward-zone = {
+        name = ".";
+        forward-addr = "185.236.240.1";
+      };
+    };
   };
 
-  
-
   # Public VPN access for Hackerspace members
   services.openvpn.servers.members.config = ''
     script-security 3

hswaw/machines/customs.hackerspace.pl/laserproxy/service.nix

@@ -7,7 +7,8 @@ let
 in {
   users.users."${user}" = {
     group           = "${group}";
-    useDefaultShell = true;
+    isSystemUser = true;
+    uid = 1004;
   };
   users.groups."${group}" = {};
 

hswaw/machines/customs.hackerspace.pl/mikrotik-exporter.nix

@@ -18,7 +18,8 @@ let
 in {
   users.users."${user}" = {
     group           = "${group}";
-    useDefaultShell = true;
+    isSystemUser = true;
+    uid = 1003;
   };
   users.groups."${group}" = {};
 

ops/machines.nix

@@ -152,7 +152,7 @@ in {
     ../bgpwtf/machines/edge01.waw.bgp.wtf-hardware.nix
   ];
 
-  "customs.hackerspace.pl" = mkMachine nixpkgsCustoms [
+  "customs.hackerspace.pl" = mkMachine pkgs [
     ../hswaw/machines/customs.hackerspace.pl/configuration.nix
   ];
 }