nix flake update

This update includes a mail-server update that obsoletes our custom patch.
2025-06-23 14:15:09 +02:00 · 2025-06-23 14:15:09 +02:00 · d6ae37faba
commit d6ae37faba
parent 375c2a2e4d
4 changed files with 17 additions and 85 deletions
--- a/flake-module.nix
+++ b/flake-module.nix
@ -1,8 +1,4 @@
-{
-  inputs,
-  lib,
-  ...
-}: {
+{inputs, ...}: {
  # debug = true;
  # We only define machines config in this flake yet, so we only include
  # the module that builds these. This file might get fuller, if we need to
@ -61,41 +57,8 @@
      config.permittedInsecurePackages = ["jitsi-meet-1.0.8043"];

      overlays = [
-        (_: prev: {
+        (_: _: {
          inherit (self'.packages) alias-to-sieve; # add custom package to convert alias files to sieve scripts on the stalwart machine
-          stalwart-mail = assert lib.assertMsg (prev.stalwart-mail.version == "0.11.7") ''
-            1. If the bug https://github.com/stalwartlabs/sieve/issues/11 is resolved to our satisfaction, try to remove this overlay.
-            2. Check whether sieve-rs recieved new updates that our patch needs to be rebased upon.
-            3. Check whether the sieve-rs patch below that exchanges the dependency needs updates.
-            4. Then update the version comparison in this assert statement.
-            5. Update the `cargoHash` by setting it to `lib.fakeHash` and then inserting the result.
-            6. Check if we can get rid of alias-to-sieve when stalwart-mail has a builtin mail-forwarding feature.
-          '';
-          # This override encapsulates the buildRustPackage function in a function that takes the arguments given by the nixpkgs-version of stalwart-mail
-          # and adds our patch to the arguments before handing the new arguments to buildRustPackage.
-            prev.stalwart-mail.override (
-              let
-                rp = pkgs.rustPlatform;
-              in {
-                rustPlatform =
-                  rp
-                  // {
-                    buildRustPackage = args:
-                      rp.buildRustPackage (
-                        args
-                        // rec {
-                          cargoPatches = [
-                            # Let stalwart-mail depend on our own version of the sieve crate that does not have some “loop prevention” that disables redirects to the original sender.
-                            # We want to redirect to sender if we simulate alias files and not doing so barely prevents loops in my opinion.
-                            ./patches/sieve-rs.patch
-                          ];
-                          # Replace the string with `lib.fakeHash` after version changes in order to get the new hash value.
-                          cargoHash = "sha256-fP5dyTmuwydPGCgpP6XtVFSHE0HwGfvw5UjwNz0R3ek=";
-                        }
-                      );
-                  };
-              }
-            );
        })
      ];
    };
--- a/flake.lock
+++ b/flake.lock
@ -373,11 +373,11 @@
        "nixpkgs-lib": "nixpkgs-lib"
      },
      "locked": {
-        "lastModified": 1743550720,
-        "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
+        "lastModified": 1749398372,
+        "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "c621e8422220273271f52058f618c94e405bb0f5",
+        "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",
        "type": "github"
      },
      "original": {
@ -625,11 +625,11 @@
    },
    "nixpkgs-lib": {
      "locked": {
-        "lastModified": 1743296961,
-        "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
+        "lastModified": 1748740939,
+        "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=",
        "owner": "nix-community",
        "repo": "nixpkgs.lib",
-        "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
+        "rev": "656a64127e9d791a334452c6b6606d17539476e2",
        "type": "github"
      },
      "original": {
@ -698,11 +698,11 @@
    },
    "nixpkgs_6": {
      "locked": {
-        "lastModified": 1746141548,
-        "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=",
+        "lastModified": 1750506804,
+        "narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78",
+        "rev": "4206c4cb56751df534751b058295ea61357bbbaa",
        "type": "github"
      },
      "original": {
@ -819,11 +819,11 @@
        "nixpkgs": []
      },
      "locked": {
-        "lastModified": 1742649964,
-        "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=",
+        "lastModified": 1749636823,
+        "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=",
        "owner": "cachix",
        "repo": "pre-commit-hooks.nix",
-        "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
+        "rev": "623c56286de5a3193aa38891a6991b28f9bab056",
        "type": "github"
      },
      "original": {
@ -849,11 +849,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1745310711,
-        "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=",
+        "lastModified": 1750119275,
+        "narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c",
+        "rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2",
        "type": "github"
      },
      "original": {
--- a/nixos/modules/mail.nix
+++ b/nixos/modules/mail.nix
@ -1,8 +1,4 @@
 /*
-* Building: We patch our version of stalwart and thus need to built it locally.
-*   Be aware that this needs some hours, about 20Gb RAM and a few Gb free space in /tmp.
-*   If you only want to deploy configuration changes and no software updates, consider building on the target VM.
-*   It has stalwart in its nix store and does not need to rebuild it.
 * Forwarding mails: Update the Sops-secrets in the machine directory, rebuild on the VM and deploy.
 *   Everything else should happen automatically but new redirects might take up to two hours due HRZ infrastructure.
 * Using the web admin interface: Set your SSH to do portforwarding of some local port to port 80 of the VM and
--- a/patches/sieve-rs.patch
+++ b/patches/sieve-rs.patch
@ -1,27 +0,0 @@
-diff --git a/Cargo.lock b/Cargo.lock
-index be36759b..b4316639 100644
--- a/Cargo.lock
-+++ b/Cargo.lock
-@@ -6404,8 +6404,7 @@ checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
- [[package]]
- name = "sieve-rs"
- version = "0.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "15ac54053752c25a0e545dd1953de716abcc80b12cfe0b6c2f2c1c73759d4f45"
-+source = "git+https://github.com/stalwartlabs/sieve.git#56450c6ccdf76f1de95931db24896599159efc53"
- dependencies = [
-  "ahash 0.8.11",
-  "bincode",
-diff --git a/Cargo.toml b/Cargo.toml
-index f055474f..2b64c9ac 100644
--- a/Cargo.toml
-+++ b/Cargo.toml
-@@ -63,3 +63,7 @@ incremental = false
- debug-assertions = false
- overflow-checks = false
- rpath = false
-+
-+
-+[patch.crates-io]
-+sieve-rs = { git = 'https://github.com/stalwartlabs/sieve.git' }
-