diff --git a/common.nix b/common.nix index 8110907..69a5eea 100644 --- a/common.nix +++ b/common.nix @@ -80,6 +80,6 @@ in ln -sfn /run/current-system/sw/bin/bash /bin/bash ''; - system.stateVersion = "25.11"; + system.stateVersion = "26.05"; }; } diff --git a/flake.lock b/flake.lock index e1c3098..b73f0b1 100644 --- a/flake.lock +++ b/flake.lock @@ -25,16 +25,16 @@ ] }, "locked": { - "lastModified": 1777851538, - "narHash": "sha256-Gp8qwTEYNoy2yvmErVGlvLOQvrtEECCAKbonW7VJef8=", + "lastModified": 1779726825, + "narHash": "sha256-RUkMrREjKDQrA+dA9+xZviGAxM5W1aVdyOr/bSYpHrE=", "owner": "nix-community", "repo": "home-manager", - "rev": "cc09c0f9b7eaa95c2d9827338a5eb03d32505ca5", + "rev": "b179bde238977f7d4454fc770b1a727eaf55111c", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.11", + "ref": "release-26.05", "repo": "home-manager", "type": "github" } diff --git a/flake.nix b/flake.nix index ec56742..25a59d7 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,7 @@ nixpkgs.url = "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/0.1"; home-manager = { - url = "github:nix-community/home-manager/release-25.11"; + url = "github:nix-community/home-manager/release-26.05"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/home.nix b/home.nix index 0300051..a71e14f 100644 --- a/home.nix +++ b/home.nix @@ -22,7 +22,7 @@ in home.username = username; home.homeDirectory = "/home/${username}"; - home.stateVersion = "25.11"; + home.stateVersion = "26.05"; home.packages = with pkgs; [ # The reason this VM exists. @@ -130,22 +130,21 @@ in programs.ssh = { enable = true; # Don't pull in home-manager's default ProxyCommand/ServerAlive/etc; - # we only want our own matchBlocks. Silences the deprecation warning + # we only want our own settings. Silences the deprecation warning # asking us to opt into the new explicit-defaults behavior. enableDefaultConfig = false; - matchBlocks."*" = { - proxyCommand = "${pkgs.netcat-openbsd}/bin/nc -X connect -x ${net.firewallIp}:8080 %h %p"; - }; + settings = { + "*" = { + ProxyCommand = "${pkgs.netcat-openbsd}/bin/nc -X connect -x ${net.firewallIp}:8080 %h %p"; + }; - matchBlocks."ssh.dev.azure.com" = { - extraOptions = { + "ssh.dev.azure.com" = { # Disable weak crypto warnings - Azure Devops does not support post-quantum yet WarnWeakCrypto = "no-pq-kex"; }; - }; - matchBlocks."bitbucket.org" = { - extraOptions = { + + "bitbucket.org" = { WarnWeakCrypto = "no-pq-kex"; }; }; diff --git a/src/rootcell/providers/aws-ec2-config.ts b/src/rootcell/providers/aws-ec2-config.ts index c4654be..d2119a5 100644 --- a/src/rootcell/providers/aws-ec2-config.ts +++ b/src/rootcell/providers/aws-ec2-config.ts @@ -25,7 +25,7 @@ export function parseAwsEc2Config(env: NodeJS.ProcessEnv): AwsEc2Config { agentRootVolumeGiB: positiveIntegerEnv(env, "ROOTCELL_AWS_AGENT_ROOT_VOLUME_GIB", 60), firewallRootVolumeGiB: positiveIntegerEnv(env, "ROOTCELL_AWS_FIREWALL_ROOT_VOLUME_GIB", 64), nixosAmiOwnerId: env.ROOTCELL_AWS_NIXOS_AMI_OWNER_ID ?? NIXOS_AMI_OWNER_ID, - nixosAmiNamePattern: env.ROOTCELL_AWS_NIXOS_AMI_NAME_PATTERN ?? "nixos/25.11*", + nixosAmiNamePattern: env.ROOTCELL_AWS_NIXOS_AMI_NAME_PATTERN ?? "nixos/26.05*", }, "invalid AWS EC2 provider config"); } diff --git a/src/rootcell/providers/aws-ec2/README.md b/src/rootcell/providers/aws-ec2/README.md index 5731534..178544c 100644 --- a/src/rootcell/providers/aws-ec2/README.md +++ b/src/rootcell/providers/aws-ec2/README.md @@ -97,12 +97,12 @@ data "aws_ami" "nixos_arm64" { ``` The default owner is the official NixOS AMI publisher account -`427812963091`, and the default name pattern is `nixos/25.11*`. Override them +`427812963091`, and the default name pattern is `nixos/26.05*`. Override them only when intentionally testing a different upstream image stream: ```sh ROOTCELL_AWS_NIXOS_AMI_OWNER_ID=427812963091 -ROOTCELL_AWS_NIXOS_AMI_NAME_PATTERN='nixos/25.11*' +ROOTCELL_AWS_NIXOS_AMI_NAME_PATTERN='nixos/26.05*' ``` Official NixOS AMIs initially accept SSH as `root`. Rootcell supplies a diff --git a/src/rootcell/rootcell.test.ts b/src/rootcell/rootcell.test.ts index ee83c3d..de33ed3 100644 --- a/src/rootcell/rootcell.test.ts +++ b/src/rootcell/rootcell.test.ts @@ -544,7 +544,7 @@ describe("environment parsing", () => { agentRootVolumeGiB: 60, firewallRootVolumeGiB: 64, nixosAmiOwnerId: "427812963091", - nixosAmiNamePattern: "nixos/25.11*", + nixosAmiNamePattern: "nixos/26.05*", }); }); @@ -3025,7 +3025,7 @@ function fakeAwsOutputs(controlCidr: string): Record { agent_private_ip: "192.168.109.11", firewall_private_ip: "192.168.109.10", nixos_ami_id: "ami-nixos", - nixos_ami_name: "nixos/25.11-aarch64-linux", + nixos_ami_name: "nixos/26.05-aarch64-linux", applied_control_cidr: controlCidr, }; }