kay: bump to unstable

the following modules are in a broken state
 - mail
 - matrix sliding sync

3 files changed, 1 insertions, 210 deletions

diff --git a/os/common/configuration.nix b/os/common/configuration.nix
index 44afc1a..74c4f9b 100644
--- a/os/common/configuration.nix
+++ b/os/common/configuration.nix
@@ -3,18 +3,15 @@
 in {
   disabledModules = [
     "services/networking/pppd.nix"
-    "services/mail/stalwart-mail.nix"
   ];
   imports = [
     ./modules/nix.nix
     ./modules/user.nix
     ./modules/environment.nix
-
     ./modules/pppd.nix
-    ./modules/stalwart-mail.nix
   ];
 
-  system.stateVersion = "24.11";
+  system.stateVersion = "24.05";
   time.timeZone = "Asia/Kolkata";
   networking.useDHCP = false;
 
diff --git a/os/common/modules/stalwart-mail.nix b/os/common/modules/stalwart-mail.nix
deleted file mode 100644
index 68e8400..0000000
--- a/os/common/modules/stalwart-mail.nix
+++ /dev/null
@@ -1,163 +0,0 @@
-{ config, lib, pkgs, ... }: let
-  cfg = config.services.stalwart-mail;
-  configFormat = pkgs.formats.toml { };
-  configFile = configFormat.generate "stalwart-mail.toml" cfg.settings;
-  dataDir = "/var/lib/stalwart-mail";
-
-  readTOML =
-    path:
-    builtins.fromTOML (builtins.unsafeDiscardStringContext (lib.readFile path));
-  recursiveUpdateList =
-    attrList:
-    lib.lists.foldr (a1: a2: lib.attrsets.recursiveUpdate a1 a2) {} attrList;
-  mkOverrideRec =
-    priority:
-    content:
-    if lib.isAttrs content then
-      lib.mapAttrs (_: v: mkOverrideRec priority v) content
-    else
-      lib.mkOverride priority content;
-  mkOptionDefaultRec = mkOverrideRec 1500;
-
-  cfgPkg = pkgs.callPackage ../pkgs/stalwart-mail-config.nix {};
-  cfgFiles = (readTOML "${cfgPkg}/config.toml").include.files;
-  settingsDefault = recursiveUpdateList (map (path: readTOML path) cfgFiles);
-in {
-  options.services.stalwart-mail = {
-    enable = lib.mkEnableOption "the Stalwart all-in-one email server";
-    package = lib.mkPackageOption pkgs "stalwart-mail" { };
-
-    loadCredential = lib.mkOption {
-      type = lib.types.listOf lib.types.str;
-      default = [];
-      example = [ "dkim.private:/path/to/stalwart.private" ];
-      description = ''
-        This can be used to pass secrets to the systemd service without adding them to
-        the nix store.
-        See the LoadCredential section of systemd.exec manual for more information.
-      '';
-    };
-
-    settings = lib.mkOption {
-      inherit (configFormat) type;
-      default = { };
-      description = ''
-        Configuration options for the Stalwart email server.
-        See <https://stalw.art/docs/category/configuration> for available options.
-
-        By default, the module is configured to store everything locally.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    # set the default upstream settings
-    # assumptions
-    # 1. ./config.toml exists and only containts include.files and macros
-    # 2. no other files containts include.files
-    services.stalwart-mail.settings = mkOptionDefaultRec
-      (lib.attrsets.recursiveUpdate settingsDefault {
-        macros.base_path = dataDir;
-        server.run-as.user = {};
-        server.run-as.group = {};
-        global.tracing.method = "stdout";
-        # outliers as of v0.6.0
-        acme."letsencrypt".cache = "${cfg.settings.macros.base_path}/acme";
-      });
-
-    assertions = let 
-      m = cfg.settings.macros;
-
-      mkMacroMessage =
-        opt:
-        "config.stalwart-mail.settings.macros.${opt} can not be empty";
-    in [
-      {
-        assertion = m ? host
-                    && m.host != ""
-                    && m.host != null;
-        message = mkMacroMessage "host";
-      }
-      {
-        assertion = m ? default_domain
-                    && m.default_domain != ""
-                    && m.default_domain != null;
-        message = mkMacroMessage "default_domain";
-      }
-      {
-        assertion = m ? default_directory
-                    && m.default_directory != ""
-                    && m.default_directory != null;
-        message = mkMacroMessage "default_directory";
-      }
-      {
-        assertion = m ? default_store &&
-                    m.default_store != ""
-                    && m.default_store != null;
-        message = mkMacroMessage "default_store";
-      }
-    ];
-
-    systemd.services.stalwart-mail = {
-      wantedBy = [ "multi-user.target" ];
-      after = [ "local-fs.target" "network.target" ];
-
-      serviceConfig = {
-        ExecStart =
-          "${cfg.package}/bin/stalwart-mail --config=${configFile}";
-
-        # Base from template resources/systemd/stalwart-mail.service
-        Type = "simple";
-        LimitNOFILE = 65536;
-        KillMode = "process";
-        KillSignal = "SIGINT";
-        Restart = "on-failure";
-        RestartSec = 5;
-        StandardOutput = "journal";
-        StandardError = "journal";
-        SyslogIdentifier = "stalwart-mail";
-
-        DynamicUser = true;
-        User = "stalwart-mail";
-        StateDirectory = "stalwart-mail";
-        LoadCredential = cfg.loadCredential;
-
-        # Bind standard privileged ports
-        AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
-        CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
-
-        # Hardening
-        DeviceAllow = [ "" ];
-        LockPersonality = true;
-        MemoryDenyWriteExecute = true;
-        PrivateDevices = true;
-        PrivateUsers = false;  # incompatible with CAP_NET_BIND_SERVICE
-        ProcSubset = "pid";
-        PrivateTmp = true;
-        ProtectClock = true;
-        ProtectControlGroups = true;
-        ProtectHome = true;
-        ProtectHostname = true;
-        ProtectKernelLogs = true;
-        ProtectKernelModules = true;
-        ProtectKernelTunables = true;
-        ProtectProc = "invisible";
-        ProtectSystem = "strict";
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
-        RestrictNamespaces = true;
-        RestrictRealtime = true;
-        RestrictSUIDSGID = true;
-        SystemCallArchitectures = "native";
-        SystemCallFilter = [ "@system-service" "~@privileged" ];
-        UMask = "0077";
-      };
-    };
-
-    # Make admin commands available in the shell
-    environment.systemPackages = [ cfg.package cfgPkg ];
-  };
-
-  meta = {
-    maintainers = with lib.maintainers; [ happysalada pacien ];
-  };
-}
diff --git a/os/common/pkgs/stalwart-mail-config.nix b/os/common/pkgs/stalwart-mail-config.nix
deleted file mode 100644
index 77fc366..0000000
--- a/os/common/pkgs/stalwart-mail-config.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ lib,
-  stdenvNoCC,
-  fetchzip,
-  stalwart-mail,
-}:
-
-stdenvNoCC.mkDerivation {
-  pname = stalwart-mail.pname + "-config";
-  version = stalwart-mail.version;
-
-  src = let 
-    rev = stalwart-mail.src.rev;
-    owner = stalwart-mail.src.owner;
-    repo = stalwart-mail.src.repo;
-  in fetchzip {
-    url = "https://github.com/${owner}/${repo}/raw/${rev}/resources/config.zip";
-    # gives us a chance to manually verify config changes, if not use
-    # stalwart-mail.src
-    hash = "sha256-ji7+f3BGzVEb9gp5BXCStPR4/Umy93OTMA+DhYI/azk=";
-  };
-
-  outputs = [ "out" ];
-  patchPhase = ''
-    # TODO: remove me
-    # toml spec violation, author said this will be fixed on the next realase
-    sed -e 's/\[storage.fts\]//g' -e 's/default-language = "en"//g' \
-        -i ./common/store.toml
-
-    # outliers as of 0.6.0
-    # smtp/signature.toml:#public-key = "file://%{BASE_PATH}%/etc/dkim/%{DEFAULT_DOMAIN}%.cert"
-    # smtp/signature.toml:private-key = "file://%{BASE_PATH}%/etc/dkim/%{DEFAULT_DOMAIN}%.key"
-    # common/tls.toml:cache = "%{BASE_PATH}%/etc/acme"
-    find -type f \
-        -name '*.toml' \
-        -exec sed 's=%{BASE_PATH}%/etc=${placeholder "out"}=g' -i {} \;
-  '';
-  installPhase = "cp -r ./ $out";
-
-  meta = stalwart-mail.meta // {
-    description = "Configs for" + stalwart-mail.meta.description;
-    maintainers = with lib.maintainers; [ sinanmohd ];
-  };
-}