Reformat with nixpkgs-fmt
This commit is contained in:
parent
e80d63f7c2
commit
2f0cbffbbe
|
@ -1,4 +1,3 @@
|
|||
|
||||
# WARN: this file will get overwritten by $ cachix use <name>
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
|
@ -7,8 +6,9 @@ let
|
|||
toImport = name: value: folder + ("/" + name);
|
||||
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
|
||||
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
|
||||
in {
|
||||
in
|
||||
{
|
||||
inherit imports;
|
||||
nix.binaryCaches = ["https://cache.nixos.org/"];
|
||||
nix.binaryCaches = [ "https://cache.nixos.org/" ];
|
||||
}
|
||||
|
|
@ -1,4 +1,3 @@
|
|||
|
||||
{
|
||||
nix = {
|
||||
binaryCaches = [
|
||||
|
|
|
@ -7,7 +7,8 @@ let
|
|||
nixpkgs-channel = "nixos-unstable";
|
||||
home-manager-channel = "home-manager-master";
|
||||
};
|
||||
in rec {
|
||||
in
|
||||
rec {
|
||||
hera = nixos-20-09;
|
||||
apollo = nixos-20-09;
|
||||
cloud = hera;
|
||||
|
|
|
@ -18,7 +18,8 @@
|
|||
"TJHVUM6-RTB6V3D-JF4GIB2-TVDF2ST-5MTN6N2-ZDIWGF7-XZUCCFG-EQG5WA6";
|
||||
};
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
devices = pkgs.lib.getAttrs hosts devices;
|
||||
folders = {
|
||||
science = mkFolder "science";
|
||||
|
|
|
@ -45,35 +45,37 @@ with lib;
|
|||
};
|
||||
m-0.hosts = mkOption {
|
||||
type = types.attrs;
|
||||
default = let
|
||||
p = config.m-0.prefix;
|
||||
hera-p = "${p}::3";
|
||||
apollo-p = "${p}::1";
|
||||
wg-p = "${p}::100";
|
||||
v4-p = "10.0.0";
|
||||
in rec {
|
||||
hera = "${p}::1";
|
||||
hera-wg-host = "${p}::100:0:1";
|
||||
default =
|
||||
let
|
||||
p = config.m-0.prefix;
|
||||
hera-p = "${p}::3";
|
||||
apollo-p = "${p}::1";
|
||||
wg-p = "${p}::100";
|
||||
v4-p = "10.0.0";
|
||||
in
|
||||
rec {
|
||||
hera = "${p}::1";
|
||||
hera-wg-host = "${p}::100:0:1";
|
||||
|
||||
hera-v4 = "213.136.94.190";
|
||||
hera-v4 = "213.136.94.190";
|
||||
|
||||
hera-wg = "${wg-p}:1";
|
||||
apollo-wg = "${wg-p}:2";
|
||||
hera-wg = "${wg-p}:1";
|
||||
apollo-wg = "${wg-p}:2";
|
||||
|
||||
hera-intern = "${hera-p}:1";
|
||||
git = "${hera-p}:2";
|
||||
borg = "${hera-p}:3";
|
||||
matrix = "${hera-p}:8";
|
||||
cloud = "${hera-p}:9";
|
||||
chor-cloud = "${hera-p}:b";
|
||||
hera-intern = "${hera-p}:1";
|
||||
git = "${hera-p}:2";
|
||||
borg = "${hera-p}:3";
|
||||
matrix = "${hera-p}:8";
|
||||
cloud = "${hera-p}:9";
|
||||
chor-cloud = "${hera-p}:b";
|
||||
|
||||
apollo = apollo-wg;
|
||||
apollo = apollo-wg;
|
||||
|
||||
hera-intern-v4 = "${v4-p}.1";
|
||||
cloud-intern-v4 = "${v4-p}.2";
|
||||
chor-cloud-intern-v4 = "${v4-p}.3";
|
||||
matrix-intern-v4 = "${v4-p}.4";
|
||||
};
|
||||
hera-intern-v4 = "${v4-p}.1";
|
||||
cloud-intern-v4 = "${v4-p}.2";
|
||||
chor-cloud-intern-v4 = "${v4-p}.3";
|
||||
matrix-intern-v4 = "${v4-p}.4";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,112 +1,113 @@
|
|||
let
|
||||
inherit (import (import ../nix/sources.nix).nixos-unstable {}) lib;
|
||||
inherit (import (import ../nix/sources.nix).nixos-unstable { }) lib;
|
||||
makeConfig = hostName: imports:
|
||||
{ ... }: {
|
||||
imports = imports ++ [ ./roles/default.nix ];
|
||||
m-0.hostName = hostName;
|
||||
nixpkgs.overlays = [ (_: _: (import ../channels.nix).${hostName}) ];
|
||||
};
|
||||
{ ... }: {
|
||||
imports = imports ++ [ ./roles/default.nix ];
|
||||
m-0.hostName = hostName;
|
||||
nixpkgs.overlays = [ (_: _: (import ../channels.nix).${hostName}) ];
|
||||
};
|
||||
in
|
||||
{
|
||||
apollo = let
|
||||
install = f: ({ pkgs, ... }: { home.packages = f pkgs; });
|
||||
makeAutostart = name:
|
||||
{ config, ... }: {
|
||||
config.home.file.".config/autostart/${name}.desktop".source =
|
||||
"${config.home.path}/share/applications/${name}.desktop";
|
||||
};
|
||||
setStartpage = startpage:
|
||||
{ ... }: {
|
||||
programs.firefox.profiles."fz2sm95u.default".settings = {
|
||||
"browser.startup.homepage" = startpage;
|
||||
};
|
||||
};
|
||||
makeBlock = list:
|
||||
{ pkgs, lib, ... }: {
|
||||
systemd.user.services.blockserver = {
|
||||
Unit.Description = "Serve a blocklist";
|
||||
Service = {
|
||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842 -d ${
|
||||
apollo =
|
||||
let
|
||||
install = f: ({ pkgs, ... }: { home.packages = f pkgs; });
|
||||
makeAutostart = name:
|
||||
{ config, ... }: {
|
||||
config.home.file.".config/autostart/${name}.desktop".source =
|
||||
"${config.home.path}/share/applications/${name}.desktop";
|
||||
};
|
||||
setStartpage = startpage:
|
||||
{ ... }: {
|
||||
programs.firefox.profiles."fz2sm95u.default".settings = {
|
||||
"browser.startup.homepage" = startpage;
|
||||
};
|
||||
};
|
||||
makeBlock = list:
|
||||
{ pkgs, lib, ... }: {
|
||||
systemd.user.services.blockserver = {
|
||||
Unit.Description = "Serve a blocklist";
|
||||
Service = {
|
||||
ExecStart = "${pkgs.python3}/bin/python -m http.server 8842 -d ${
|
||||
pkgs.writeTextDir "blocklist" (lib.concatStringsSep "\r\n" list)
|
||||
}";
|
||||
Restart = "always";
|
||||
Restart = "always";
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
};
|
||||
};
|
||||
Install.WantedBy = [ "default.target" ];
|
||||
};
|
||||
};
|
||||
setWorkspaceName = name:
|
||||
{ pkgs, lib, ... }: {
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/wm/preferences" = {
|
||||
workspace-names = [ name ]; # use neo
|
||||
setWorkspaceName = name:
|
||||
{ pkgs, lib, ... }: {
|
||||
dconf.settings = {
|
||||
"org/gnome/desktop/wm/preferences" = {
|
||||
workspace-names = [ name ]; # use neo
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
tinkerPages = [
|
||||
"reddit.com"
|
||||
"github.com"
|
||||
"*.ccc.de"
|
||||
"haskell.org"
|
||||
"*.haskell.org"
|
||||
"*.nixos.org"
|
||||
"nixos.org"
|
||||
"matrix.org"
|
||||
"element.io"
|
||||
"youtube.de"
|
||||
"youtube.com"
|
||||
"*.element.io"
|
||||
];
|
||||
leisurePages = [
|
||||
"zeit.de"
|
||||
"heise.de"
|
||||
"spiegel.de"
|
||||
"xkcd.com"
|
||||
"smbc-comics.com"
|
||||
"tagesschau.de"
|
||||
"welt.de"
|
||||
"ndr.de"
|
||||
"ard.de"
|
||||
"zdf.de"
|
||||
"twitter.com"
|
||||
"chaos.social"
|
||||
];
|
||||
apolloConfig = name: imports:
|
||||
makeConfig "apollo" (
|
||||
imports ++ [
|
||||
./roles/arbtt
|
||||
./roles/zettelkasten.nix
|
||||
./roles/hoogle.nix
|
||||
./roles/battery.nix
|
||||
./roles/mpd.nix
|
||||
./roles/beets.nix
|
||||
./roles/mpclient.nix
|
||||
./roles/on-my-machine.nix
|
||||
./roles/desktop
|
||||
./roles/kassandra.nix
|
||||
./roles/git-sign.nix
|
||||
./roles/laptop.nix
|
||||
./roles/mail.nix
|
||||
./roles/update_tasks.nix
|
||||
./roles/research.nix
|
||||
./roles/vdirsyncer.nix
|
||||
./roles/khard.nix
|
||||
./roles/khal.nix
|
||||
./roles/taskwarrior.nix
|
||||
./roles/taskwarrior-git.nix
|
||||
(makeAutostart "unlock-ssh")
|
||||
(setWorkspaceName name)
|
||||
]
|
||||
);
|
||||
unrestricted = [
|
||||
./roles/accounting.nix
|
||||
./roles/mail-client.nix
|
||||
./roles/pythia.nix
|
||||
./roles/tinkering.nix
|
||||
./roles/chat.nix
|
||||
(setStartpage "https://stats.maralorn.de/d/health-status")
|
||||
(makeBlock [])
|
||||
];
|
||||
in
|
||||
tinkerPages = [
|
||||
"reddit.com"
|
||||
"github.com"
|
||||
"*.ccc.de"
|
||||
"haskell.org"
|
||||
"*.haskell.org"
|
||||
"*.nixos.org"
|
||||
"nixos.org"
|
||||
"matrix.org"
|
||||
"element.io"
|
||||
"youtube.de"
|
||||
"youtube.com"
|
||||
"*.element.io"
|
||||
];
|
||||
leisurePages = [
|
||||
"zeit.de"
|
||||
"heise.de"
|
||||
"spiegel.de"
|
||||
"xkcd.com"
|
||||
"smbc-comics.com"
|
||||
"tagesschau.de"
|
||||
"welt.de"
|
||||
"ndr.de"
|
||||
"ard.de"
|
||||
"zdf.de"
|
||||
"twitter.com"
|
||||
"chaos.social"
|
||||
];
|
||||
apolloConfig = name: imports:
|
||||
makeConfig "apollo" (
|
||||
imports ++ [
|
||||
./roles/arbtt
|
||||
./roles/zettelkasten.nix
|
||||
./roles/hoogle.nix
|
||||
./roles/battery.nix
|
||||
./roles/mpd.nix
|
||||
./roles/beets.nix
|
||||
./roles/mpclient.nix
|
||||
./roles/on-my-machine.nix
|
||||
./roles/desktop
|
||||
./roles/kassandra.nix
|
||||
./roles/git-sign.nix
|
||||
./roles/laptop.nix
|
||||
./roles/mail.nix
|
||||
./roles/update_tasks.nix
|
||||
./roles/research.nix
|
||||
./roles/vdirsyncer.nix
|
||||
./roles/khard.nix
|
||||
./roles/khal.nix
|
||||
./roles/taskwarrior.nix
|
||||
./roles/taskwarrior-git.nix
|
||||
(makeAutostart "unlock-ssh")
|
||||
(setWorkspaceName name)
|
||||
]
|
||||
);
|
||||
unrestricted = [
|
||||
./roles/accounting.nix
|
||||
./roles/mail-client.nix
|
||||
./roles/pythia.nix
|
||||
./roles/tinkering.nix
|
||||
./roles/chat.nix
|
||||
(setStartpage "https://stats.maralorn.de/d/health-status")
|
||||
(makeBlock [ ])
|
||||
];
|
||||
in
|
||||
{
|
||||
unrestricted = apolloConfig "Unrestricted" unrestricted;
|
||||
orga = apolloConfig "Orga" [
|
||||
|
|
|
@ -1,18 +1,19 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
let
|
||||
battery-watch = pkgs.writeHaskellScript {
|
||||
name = "battery-watch";
|
||||
bins = [ pkgs.acpi ];
|
||||
imports = [
|
||||
"DBus.Notify"
|
||||
"Control.Concurrent"
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"Replace.Megaparsec"
|
||||
"Data.Maybe"
|
||||
];
|
||||
} ''
|
||||
battery-watch = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "battery-watch";
|
||||
bins = [ pkgs.acpi ];
|
||||
imports = [
|
||||
"DBus.Notify"
|
||||
"Control.Concurrent"
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"Replace.Megaparsec"
|
||||
"Data.Maybe"
|
||||
];
|
||||
} ''
|
||||
moderateLevel = 50 -- percent
|
||||
lowLevel = 20 -- percent
|
||||
criticalLevel = 8 -- percent
|
||||
|
@ -58,7 +59,8 @@ let
|
|||
where
|
||||
myNote = blankNote { body = Just $ Text [i|#{currentLevel}% remaining.|]}
|
||||
'';
|
||||
in {
|
||||
in
|
||||
{
|
||||
|
||||
systemd.user = {
|
||||
services.battery = {
|
||||
|
|
|
@ -3,10 +3,11 @@
|
|||
home.packages = builtins.attrValues rec {
|
||||
inherit (pkgs) discord signal-desktop tdesktop dino element-desktop;
|
||||
weechat = pkgs.writeShellScriptBin "weechat" "ssh -t hera 'tmux -L weechat attach'";
|
||||
chat = pkgs.writeHaskellScript {
|
||||
name = "chat";
|
||||
bins = [ element-desktop signal-desktop weechat discord tdesktop dino pkgs.kitty];
|
||||
} ''
|
||||
chat = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "chat";
|
||||
bins = [ element-desktop signal-desktop weechat discord tdesktop dino pkgs.kitty ];
|
||||
} ''
|
||||
main = mapConcurrently_ Relude.id [ element_desktop, signal_desktop, _Discord, telegram_desktop, kitty "weechat", dino ]
|
||||
'';
|
||||
};
|
||||
|
|
|
@ -86,9 +86,10 @@
|
|||
controlMaster = "auto";
|
||||
controlPersist = "120";
|
||||
enable = true;
|
||||
matchBlocks = let
|
||||
agHost = "fb04217.mathematik.tu-darmstadt.de";
|
||||
in
|
||||
matchBlocks =
|
||||
let
|
||||
agHost = "fb04217.mathematik.tu-darmstadt.de";
|
||||
in
|
||||
{
|
||||
athene.hostname = "192.168.178.22";
|
||||
git-auto = {
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let inherit (import ../../../lib) colors;
|
||||
in {
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[ ./sleep-nag.nix ./kitty.nix ./wallpaper.nix ./gnome.nix ./firefox.nix ./desktop-items.nix ];
|
||||
m-0.colors = colors;
|
||||
|
|
|
@ -16,15 +16,16 @@ let
|
|||
superSimpleDesktopItem = name: simpleDesktopItem name name;
|
||||
terminalDesktopItem = name: namedTerminalDesktopItem name name;
|
||||
|
||||
in {
|
||||
in
|
||||
{
|
||||
home.packages = map superSimpleDesktopItem [ "kassandra2" "gw2" "chat" ]
|
||||
++ map terminalDesktopItem [
|
||||
"maintenance"
|
||||
"ncmpcpp"
|
||||
"kassandra"
|
||||
"hotkeys"
|
||||
"vim"
|
||||
"select-mode"
|
||||
"unlock-ssh"
|
||||
];
|
||||
"maintenance"
|
||||
"ncmpcpp"
|
||||
"kassandra"
|
||||
"hotkeys"
|
||||
"vim"
|
||||
"select-mode"
|
||||
"unlock-ssh"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -42,7 +42,7 @@
|
|||
volume-down = [ "<Primary><Shift>section" ];
|
||||
volume-up = [ "<Primary><Shift>degree" ];
|
||||
area-screenshot-clip = [ "Print" ];
|
||||
screenshot = [];
|
||||
screenshot = [ ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,10 +2,11 @@
|
|||
let
|
||||
my-lib = import ../../../lib;
|
||||
theme = my-lib.themes.default;
|
||||
in {
|
||||
in
|
||||
{
|
||||
home.sessionVariables.TERMINAL = "${pkgs.kitty}/bin/kitty";
|
||||
home.packages = [
|
||||
(pkgs.runCommandLocal "fake-gnome-terminal" {} ''
|
||||
(pkgs.runCommandLocal "fake-gnome-terminal" { } ''
|
||||
mkdir -p $out/bin
|
||||
ln -s ${pkgs.kitty}/bin/kitty $out/bin/gnome-terminal
|
||||
'')
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
sleep-nag = pkgs.writeHaskellScript {
|
||||
name = "sleep-nag";
|
||||
imports = [
|
||||
"Data.Time.LocalTime"
|
||||
"Data.Time.Format"
|
||||
"Data.Time.Clock"
|
||||
"Control.Concurrent"
|
||||
"Data.Functor"
|
||||
];
|
||||
bins = [ pkgs.libnotify ];
|
||||
} ''
|
||||
sleep-nag = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "sleep-nag";
|
||||
imports = [
|
||||
"Data.Time.LocalTime"
|
||||
"Data.Time.Format"
|
||||
"Data.Time.Clock"
|
||||
"Control.Concurrent"
|
||||
"Data.Functor"
|
||||
];
|
||||
bins = [ pkgs.libnotify ];
|
||||
} ''
|
||||
main = forever $ do
|
||||
time <- getZonedTime
|
||||
let tod = localTimeOfDay . zonedTimeToLocalTime$ time
|
||||
|
@ -22,7 +23,8 @@ let
|
|||
else
|
||||
threadDelay 600000000
|
||||
'';
|
||||
in {
|
||||
in
|
||||
{
|
||||
systemd.user.services.sleep-nag = {
|
||||
Unit.Description = "Sleep nag";
|
||||
Service.ExecStart = "${sleep-nag}/bin/sleep-nag";
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
{ pkgs, ... }:
|
||||
let
|
||||
randomWallpaper = pkgs.writeHaskellScript {
|
||||
name = "random-wallpaper";
|
||||
imports = [ "System.Random" ];
|
||||
bins = [ pkgs.coreutils pkgs.glib ];
|
||||
} ''
|
||||
randomWallpaper = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "random-wallpaper";
|
||||
imports = [ "System.Random" ];
|
||||
bins = [ pkgs.coreutils pkgs.glib ];
|
||||
} ''
|
||||
main = do
|
||||
mode <- cat "/home/maralorn/volatile/mode" |> captureTrim
|
||||
(lines . decodeUtf8 -> files) <- ls ([i|/home/maralorn/.wallpapers/#{mode}|] :: String) |> captureTrim
|
||||
|
@ -15,7 +16,8 @@ let
|
|||
gsettings "set" "org.gnome.desktop.background" "picture-uri" new
|
||||
gsettings "set" "org.gnome.desktop.screensaver" "picture-uri" new
|
||||
'';
|
||||
in {
|
||||
in
|
||||
{
|
||||
home.packages = [ randomWallpaper ];
|
||||
systemd.user = {
|
||||
services.random-wallpaper = {
|
||||
|
|
|
@ -1,51 +1,52 @@
|
|||
{ pkgs, lib, config, ... }: let
|
||||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
gw2dir = "${config.home.homeDirectory}/volatile/GW2";
|
||||
wine = pkgs.wineWowPackages.staging;
|
||||
gw2env = ''
|
||||
cd ${gw2dir}
|
||||
export MESA_GLSL_CACHE_DISABLE=0
|
||||
export MESA_GLSL_CACHE_DIR="${gw2dir}/shader_cache"
|
||||
export mesa_glthread=true
|
||||
cd ${gw2dir}
|
||||
export MESA_GLSL_CACHE_DISABLE=0
|
||||
export MESA_GLSL_CACHE_DIR="${gw2dir}/shader_cache"
|
||||
export mesa_glthread=true
|
||||
|
||||
# Wine Settings
|
||||
export DXVK_HUD=fps,frametimes
|
||||
export DXVK_LOG_LEVEL=none
|
||||
#export DXVK_STATE_CACHE=1 default
|
||||
export DXVK_STATE_CACHE_PATH="${gw2dir}/dxvk_state_cache/"
|
||||
export WINEDEBUG=-all
|
||||
export WINEARCH=win64
|
||||
export WINEPREFIX="${gw2dir}/data"
|
||||
export STAGING_SHARED_MEMORY=1
|
||||
export WINEESYNC=1
|
||||
# Wine Settings
|
||||
export DXVK_HUD=fps,frametimes
|
||||
export DXVK_LOG_LEVEL=none
|
||||
#export DXVK_STATE_CACHE=1 default
|
||||
export DXVK_STATE_CACHE_PATH="${gw2dir}/dxvk_state_cache/"
|
||||
export WINEDEBUG=-all
|
||||
export WINEARCH=win64
|
||||
export WINEPREFIX="${gw2dir}/data"
|
||||
export STAGING_SHARED_MEMORY=1
|
||||
export WINEESYNC=1
|
||||
'';
|
||||
dxvk = fetchTarball {
|
||||
url = "https://github.com/doitsujin/dxvk/releases/download/v1.7.2/dxvk-1.7.2.tar.gz";
|
||||
sha256 = "07q9fsrvjq2ndnhd93000jw89bkaw6hdi2yhl4d6j8n4ak71r8pv";
|
||||
};
|
||||
gw2installdxvk = pkgs.writeShellScriptBin "gw2-install-dxvk"''
|
||||
${gw2env}
|
||||
cd ${dxvk}
|
||||
bash ./setup_dxvk.sh install
|
||||
url = "https://github.com/doitsujin/dxvk/releases/download/v1.7.2/dxvk-1.7.2.tar.gz";
|
||||
sha256 = "07q9fsrvjq2ndnhd93000jw89bkaw6hdi2yhl4d6j8n4ak71r8pv";
|
||||
};
|
||||
gw2installdxvk = pkgs.writeShellScriptBin "gw2-install-dxvk" ''
|
||||
${gw2env}
|
||||
cd ${dxvk}
|
||||
bash ./setup_dxvk.sh install
|
||||
'';
|
||||
gw2setup = pkgs.writeShellScriptBin "gw2-setup" ''
|
||||
mkdir -p ${gw2dir}
|
||||
${gw2env}
|
||||
echo Launching winecfg to configure desktop window
|
||||
${wine}/bin/winecfg
|
||||
echo Installing dxvk
|
||||
${gw2installdxvk}/bin/gw2-install-dxvk
|
||||
echo Downloading installer
|
||||
wget https://account.arena.net/content/download/gw2/win/64 -O Gw2Setup-64.exe
|
||||
echo Running installer
|
||||
${wine}/bin/wine64 ./Gw2Setup-64.exe
|
||||
mkdir -p ${gw2dir}
|
||||
${gw2env}
|
||||
echo Launching winecfg to configure desktop window
|
||||
${wine}/bin/winecfg
|
||||
echo Installing dxvk
|
||||
${gw2installdxvk}/bin/gw2-install-dxvk
|
||||
echo Downloading installer
|
||||
wget https://account.arena.net/content/download/gw2/win/64 -O Gw2Setup-64.exe
|
||||
echo Running installer
|
||||
${wine}/bin/wine64 ./Gw2Setup-64.exe
|
||||
'';
|
||||
gw2run = pkgs.writeShellScriptBin "gw2" ''
|
||||
${gw2env}
|
||||
cd "${gw2dir}/data/drive_c/Guild Wars 2"
|
||||
${wine}/bin/wine64 ./Gw2-64.exe $@ -autologin
|
||||
'';
|
||||
${gw2env}
|
||||
cd "${gw2dir}/data/drive_c/Guild Wars 2"
|
||||
${wine}/bin/wine64 ./Gw2-64.exe $@ -autologin
|
||||
'';
|
||||
in
|
||||
{
|
||||
{
|
||||
|
||||
dconf.settings."org/gnome/settings-daemon/plugins/media-keys" = {
|
||||
mic-mute = lib.mkForce [ ];
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{ pkgs, ... }: let
|
||||
dhallFiles = pkgs.runCommand "kassandra-config-src" {} ''
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
dhallFiles = pkgs.runCommand "kassandra-config-src" { } ''
|
||||
mkdir $out
|
||||
${pkgs.kassandra2}/bin/kassandra2 print-types > $out/types.dhall
|
||||
ln -s ${./kassandra}/{config,backend}.dhall $out
|
||||
|
@ -18,17 +19,18 @@
|
|||
dependencies = [ pkgs.dhallPackages.Prelude ];
|
||||
};
|
||||
|
||||
dhallResult = pkgs.runCommand "kassandra-config" {} ''
|
||||
dhallResult = pkgs.runCommand "kassandra-config" { } ''
|
||||
mkdir $out
|
||||
ln -s ${backend}/source.dhall $out/backend.dhall
|
||||
ln -s ${standalone}/source.dhall $out/config.dhall
|
||||
'';
|
||||
in
|
||||
{
|
||||
home.file = if pkgs.withSecrets then {
|
||||
"kassandra-config" = {
|
||||
target = ".config/kassandra";
|
||||
source = dhallResult.out;
|
||||
};
|
||||
} else {};
|
||||
home.file =
|
||||
if pkgs.withSecrets then {
|
||||
"kassandra-config" = {
|
||||
target = ".config/kassandra";
|
||||
source = dhallResult.out;
|
||||
};
|
||||
} else { };
|
||||
}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{ pkgs, ... }: let
|
||||
calendars = pkgs.privateValue [] "calendars";
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
calendars = pkgs.privateValue [ ] "calendars";
|
||||
in
|
||||
{
|
||||
home = {
|
||||
|
|
|
@ -2,13 +2,15 @@
|
|||
let
|
||||
modes = pkgs.lib.attrNames (import ../machines.nix).apollo;
|
||||
configPath = "${config.home.homeDirectory}/git/config";
|
||||
in {
|
||||
in
|
||||
{
|
||||
|
||||
home.packages = builtins.attrValues rec {
|
||||
zoom = pkgs.zoom-us.overrideAttrs (old: {
|
||||
postFixup = old.postFixup + ''
|
||||
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
|
||||
'';});
|
||||
'';
|
||||
});
|
||||
|
||||
maintenance = pkgs.writeShellScriptBin "maintenance" ''
|
||||
set -e
|
||||
|
@ -27,10 +29,11 @@ in {
|
|||
exe ([i|/home/maralorn/.modes/#{mode}/activate|] :: String)
|
||||
exe "random-wallpaper"
|
||||
'';
|
||||
updateModes = pkgs.writeHaskellScript {
|
||||
name = "update-modes";
|
||||
bins = [ activateMode pkgs.git pkgs.nix-output-monitor ];
|
||||
} ''
|
||||
updateModes = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "update-modes";
|
||||
bins = [ activateMode pkgs.git pkgs.nix-output-monitor ];
|
||||
} ''
|
||||
params = ["${configPath}/home-manager/target.nix", "-A", "apollo", "-o", "/home/maralorn/.modes"]
|
||||
|
||||
main = do
|
||||
|
@ -42,10 +45,11 @@ in {
|
|||
nom_build nixPath params
|
||||
activate_mode
|
||||
'';
|
||||
quickUpdateMode = pkgs.writeHaskellScript {
|
||||
name = "quick-update-mode";
|
||||
bins = [ updateModes pkgs.git pkgs.home-manager pkgs.nix-output-monitor ];
|
||||
} ''
|
||||
quickUpdateMode = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "quick-update-mode";
|
||||
bins = [ updateModes pkgs.git pkgs.home-manager pkgs.nix-output-monitor ];
|
||||
} ''
|
||||
getMode :: IO Text
|
||||
getMode = decodeUtf8 <$> (cat "/home/maralorn/volatile/mode" |> captureTrim)
|
||||
|
||||
|
@ -56,16 +60,17 @@ in {
|
|||
home_manager (nixPath <> ["switch", "-A", [i|apollo-#{mode}|]]) &!> StdOut |> nom
|
||||
update_modes
|
||||
'';
|
||||
selectMode = pkgs.writeHaskellScript {
|
||||
name = "select-mode";
|
||||
bins = [
|
||||
pkgs.dialog
|
||||
activateMode
|
||||
pkgs.ncurses
|
||||
pkgs.sway
|
||||
pkgs.gnome3.gnome-session
|
||||
];
|
||||
} ''
|
||||
selectMode = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "select-mode";
|
||||
bins = [
|
||||
pkgs.dialog
|
||||
activateMode
|
||||
pkgs.ncurses
|
||||
pkgs.sway
|
||||
pkgs.gnome3.gnome-session
|
||||
];
|
||||
} ''
|
||||
main = do
|
||||
mode <- decodeUtf8 <$> (dialog "--menu" "Select Mode" "20" "80" "5" ${
|
||||
lib.concatStrings (map (mode: ''"${mode}" "" '') modes)
|
||||
|
@ -80,7 +85,7 @@ in {
|
|||
inherit (pkgs.gnome3) nautilus;
|
||||
inherit (pkgs.xorg) xbacklight;
|
||||
inherit (pkgs)
|
||||
# web
|
||||
# web
|
||||
chromium
|
||||
|
||||
skypeforlinux google-chrome
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }: {
|
||||
home.packages = [ pkgs.neomutt ];
|
||||
}
|
||||
|
|
|
@ -3,8 +3,8 @@ let
|
|||
gpg = "6C3D12CD88CDF46C5EAF4D12226A2D41EF5378C9";
|
||||
name = "Malte Brandy";
|
||||
mail = "malte.brandy@maralorn.de";
|
||||
alternates = pkgs.privateValue [] "mail/alternates";
|
||||
lists = pkgs.privateValue { sortLists = []; stupidLists = []; notifications = []; } "mail/filters";
|
||||
alternates = pkgs.privateValue [ ] "mail/alternates";
|
||||
lists = pkgs.privateValue { sortLists = [ ]; stupidLists = [ ]; notifications = [ ]; } "mail/filters";
|
||||
maildir = config.accounts.email.maildirBasePath;
|
||||
# mhdr -h List-ID -d Maildir/hera/Archiv/unsortiert | sort | sed 's/^.*<\(.*\)>$/\1/' | uniq | xargs -I '{}' sh -c "notmuch count List:{} | sed 's/$/: {}/'" | sort
|
||||
# To find candidates
|
||||
|
@ -27,18 +27,19 @@ let
|
|||
myFilters = builtins.map filter.simpleSortList lists.sortLists
|
||||
++ builtins.map filter.stupidList lists.stupidLists
|
||||
++ builtins.map filter.notifications lists.notifications;
|
||||
sortMail = pkgs.writeHaskellScript {
|
||||
name = "sort-mail-archive";
|
||||
bins = [ pkgs.notmuch pkgs.coreutils pkgs.mblaze pkgs.findutils ];
|
||||
imports = [
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"qualified Data.List.NonEmpty as NE"
|
||||
"qualified Data.Text as T"
|
||||
"System.Environment (setEnv)"
|
||||
];
|
||||
} ''
|
||||
sortMail = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "sort-mail-archive";
|
||||
bins = [ pkgs.notmuch pkgs.coreutils pkgs.mblaze pkgs.findutils ];
|
||||
imports = [
|
||||
"Text.Megaparsec"
|
||||
"Text.Megaparsec.Char"
|
||||
"Text.Megaparsec.Char.Lexer"
|
||||
"qualified Data.List.NonEmpty as NE"
|
||||
"qualified Data.Text as T"
|
||||
"System.Environment (setEnv)"
|
||||
];
|
||||
} ''
|
||||
reScan = notmuch "new" "--quiet"
|
||||
|
||||
findFilterMail :: (Text,Text) -> IO (Maybe (LByteString, Text, Text))
|
||||
|
@ -107,7 +108,8 @@ let
|
|||
-- emptyDirs <- Main.find "${archive}" "-type" "d" "-empty" "!" "-name" "cur" "!" "-name" "tmp" "!" "-name" "new" "-print0" |> capture
|
||||
-- when (LBS.length emptyDirs > 0) $ writeOutput emptyDirs |> xargs "-0" "rmdir"
|
||||
'';
|
||||
in {
|
||||
in
|
||||
{
|
||||
|
||||
services.mbsync = {
|
||||
enable = true;
|
||||
|
@ -118,54 +120,57 @@ in {
|
|||
systemd.user.timers.mbsync.Timer.RandomizedDelaySec = "10m";
|
||||
|
||||
accounts.email.accounts = pkgs.privateValue { } "mail/accounts";
|
||||
systemd.user.services = let
|
||||
mkService = name: account:
|
||||
let
|
||||
configjs = pkgs.writeText "config.js" ''
|
||||
var child_process = require('child_process');
|
||||
systemd.user.services =
|
||||
let
|
||||
mkService = name: account:
|
||||
let
|
||||
configjs = pkgs.writeText "config.js" ''
|
||||
var child_process = require('child_process');
|
||||
|
||||
function getStdout(cmd) {
|
||||
var stdout = child_process.execSync(cmd);
|
||||
return stdout.toString().trim();
|
||||
}
|
||||
function getStdout(cmd) {
|
||||
var stdout = child_process.execSync(cmd);
|
||||
return stdout.toString().trim();
|
||||
}
|
||||
|
||||
exports.host = "${account.imap.host}"
|
||||
exports.port = 993
|
||||
exports.tls = true;
|
||||
exports.tlsOptions = { "rejectUnauthorized": false };
|
||||
exports.username = "${account.userName}";
|
||||
exports.password = getStdout("${toString account.passwordCommand}");
|
||||
exports.onNotify = "${pkgs.isync}/bin/mbsync ${name}"
|
||||
exports.onNotifyPost = "${pkgs.notmuch}/bin/notmuch new"
|
||||
exports.boxes = [ "Inbox" ];
|
||||
'';
|
||||
in {
|
||||
Unit = { Description = "Run imapnotify for imap account ${name}"; };
|
||||
Service = {
|
||||
ExecStart = "${pkgs.imapnotify}/bin/imapnotify -c ${configjs}";
|
||||
Restart = "always";
|
||||
RestartSec = "1min";
|
||||
exports.host = "${account.imap.host}"
|
||||
exports.port = 993
|
||||
exports.tls = true;
|
||||
exports.tlsOptions = { "rejectUnauthorized": false };
|
||||
exports.username = "${account.userName}";
|
||||
exports.password = getStdout("${toString account.passwordCommand}");
|
||||
exports.onNotify = "${pkgs.isync}/bin/mbsync ${name}"
|
||||
exports.onNotifyPost = "${pkgs.notmuch}/bin/notmuch new"
|
||||
exports.boxes = [ "Inbox" ];
|
||||
'';
|
||||
in
|
||||
{
|
||||
Unit = { Description = "Run imapnotify for imap account ${name}"; };
|
||||
Service = {
|
||||
ExecStart = "${pkgs.imapnotify}/bin/imapnotify -c ${configjs}";
|
||||
Restart = "always";
|
||||
RestartSec = "1min";
|
||||
};
|
||||
Install = { WantedBy = [ "default.target" ]; };
|
||||
};
|
||||
Install = { WantedBy = [ "default.target" ]; };
|
||||
mkServiceWithName = name: account: {
|
||||
name = "imapnotify-${name}-inbox";
|
||||
value = mkService name account;
|
||||
};
|
||||
hasImapHost = name: account: account.imap != null;
|
||||
in
|
||||
lib.mapAttrs' mkServiceWithName
|
||||
(lib.filterAttrs hasImapHost config.accounts.email.accounts) // {
|
||||
mbsync.Service = {
|
||||
Environment = "PATH=${pkgs.coreutils}/bin";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "30s";
|
||||
};
|
||||
mkServiceWithName = name: account: {
|
||||
name = "imapnotify-${name}-inbox";
|
||||
value = mkService name account;
|
||||
};
|
||||
hasImapHost = name: account: account.imap != null;
|
||||
in lib.mapAttrs' mkServiceWithName
|
||||
(lib.filterAttrs hasImapHost config.accounts.email.accounts) // {
|
||||
mbsync.Service = {
|
||||
Environment = "PATH=${pkgs.coreutils}/bin";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "30s";
|
||||
};
|
||||
};
|
||||
|
||||
programs.msmtp.enable = true;
|
||||
programs.mbsync.enable = true;
|
||||
programs.notmuch = {
|
||||
enable = config.accounts.email.accounts != {};
|
||||
enable = config.accounts.email.accounts != { };
|
||||
hooks.postInsert = ''
|
||||
${pkgs.notmuch}/bin/notmuch tag +deleted -- "folder:/Trash/ (not tag:deleted)"
|
||||
${pkgs.notmuch}/bin/notmuch tag -deleted -- "(not folder:/Trash/) tag:deleted"
|
||||
|
@ -181,116 +186,118 @@ in {
|
|||
|
||||
home = {
|
||||
packages = [ sortMail ];
|
||||
file = let
|
||||
mutt_alternates = "@maralorn.de "
|
||||
+ (builtins.concatStringsSep " " alternates);
|
||||
show-sidebar = pkgs.writeText "show-sidebar" ''
|
||||
set sidebar_visible=yes
|
||||
bind index <up> sidebar-prev
|
||||
bind index <down> sidebar-next
|
||||
bind index <pageup> sidebar-page-up
|
||||
bind index <pagedown> sidebar-page-down
|
||||
bind index <space> sidebar-open
|
||||
bind index <return> sidebar-open
|
||||
bind index <enter> sidebar-open
|
||||
'';
|
||||
hide-sidebar = pkgs.writeText "hide-sidebar" ''
|
||||
set sidebar_visible=no
|
||||
bind index <up> previous-undeleted
|
||||
bind index <down> next-undeleted
|
||||
bind index <pageup> previous-page
|
||||
bind index <pagedown> next-page
|
||||
bind index <space> display-message
|
||||
bind index <return> display-message
|
||||
bind index <enter> display-message
|
||||
'';
|
||||
mailcap = pkgs.writeText "mailcap" ''
|
||||
text/html; ${pkgs.lynx}/bin/lynx -stdin -dump -force_html ; copiousoutput
|
||||
application/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
image/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
video/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
audio/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
'';
|
||||
in {
|
||||
".neomuttrc".text = ''
|
||||
set editor = "nvim"
|
||||
alternative_order text/plain text/html
|
||||
auto_view text/*
|
||||
auto_view message/*
|
||||
unset wait_key
|
||||
color normal default default
|
||||
file =
|
||||
let
|
||||
mutt_alternates = "@maralorn.de "
|
||||
+ (builtins.concatStringsSep " " alternates);
|
||||
show-sidebar = pkgs.writeText "show-sidebar" ''
|
||||
set sidebar_visible=yes
|
||||
bind index <up> sidebar-prev
|
||||
bind index <down> sidebar-next
|
||||
bind index <pageup> sidebar-page-up
|
||||
bind index <pagedown> sidebar-page-down
|
||||
bind index <space> sidebar-open
|
||||
bind index <return> sidebar-open
|
||||
bind index <enter> sidebar-open
|
||||
'';
|
||||
hide-sidebar = pkgs.writeText "hide-sidebar" ''
|
||||
set sidebar_visible=no
|
||||
bind index <up> previous-undeleted
|
||||
bind index <down> next-undeleted
|
||||
bind index <pageup> previous-page
|
||||
bind index <pagedown> next-page
|
||||
bind index <space> display-message
|
||||
bind index <return> display-message
|
||||
bind index <enter> display-message
|
||||
'';
|
||||
mailcap = pkgs.writeText "mailcap" ''
|
||||
text/html; ${pkgs.lynx}/bin/lynx -stdin -dump -force_html ; copiousoutput
|
||||
application/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
image/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
video/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
audio/*; ${pkgs.xdg_utils}/bin/xdg-open %s > /dev/null
|
||||
'';
|
||||
in
|
||||
{
|
||||
".neomuttrc".text = ''
|
||||
set editor = "nvim"
|
||||
alternative_order text/plain text/html
|
||||
auto_view text/*
|
||||
auto_view message/*
|
||||
unset wait_key
|
||||
color normal default default
|
||||
|
||||
set query_format="%4c %t %-70.70a %-70.70n %?e?(%e)?"
|
||||
set query_command = "${pkgs.notmuch}/bin/notmuch address --output=recipients --deduplicate=address '%s' | grep -i '%s'"
|
||||
bind editor <Tab> complete-query
|
||||
bind editor ^T complete
|
||||
set query_format="%4c %t %-70.70a %-70.70n %?e?(%e)?"
|
||||
set query_command = "${pkgs.notmuch}/bin/notmuch address --output=recipients --deduplicate=address '%s' | grep -i '%s'"
|
||||
bind editor <Tab> complete-query
|
||||
bind editor ^T complete
|
||||
|
||||
set crypt_use_gpgme = yes
|
||||
set pgp_use_gpg_agent = yes
|
||||
set pgp_auto_decode = yes
|
||||
set pgp_autosign = yes
|
||||
set pgp_replysign = yes
|
||||
set pgp_replyencrypt = yes
|
||||
set crypt_replysignencrypted = yes
|
||||
set crypt_verify_sig = yes
|
||||
set pgp_sign_as="${gpg}"
|
||||
set pgp_use_gpg_agent = yes
|
||||
set pgp_default_key="${gpg}"
|
||||
set timeout = 5
|
||||
set ts_enabled = yes
|
||||
set crypt_use_gpgme = yes
|
||||
set pgp_use_gpg_agent = yes
|
||||
set pgp_auto_decode = yes
|
||||
set pgp_autosign = yes
|
||||
set pgp_replysign = yes
|
||||
set pgp_replyencrypt = yes
|
||||
set crypt_replysignencrypted = yes
|
||||
set crypt_verify_sig = yes
|
||||
set pgp_sign_as="${gpg}"
|
||||
set pgp_use_gpg_agent = yes
|
||||
set pgp_default_key="${gpg}"
|
||||
set timeout = 5
|
||||
set ts_enabled = yes
|
||||
|
||||
set abort_noattach = ask-no
|
||||
set abort_noattach_regex = "(hängt an|anhäng|anhang|anbei|angehängt|attach|attached|attachments?)"
|
||||
set abort_unmodified = ask-yes
|
||||
set abort_noattach = ask-no
|
||||
set abort_noattach_regex = "(hängt an|anhäng|anhang|anbei|angehängt|attach|attached|attachments?)"
|
||||
set abort_unmodified = ask-yes
|
||||
|
||||
alternates ${mutt_alternates}
|
||||
set folder="${maildir}"
|
||||
mailboxes `find ${maildir} -type d -name Inbox -printf '"%h" '` `find ${maildir} -type d -name cur -printf '"%h" '`
|
||||
set sendmail="${pkgs.msmtp}/bin/msmtp --read-envelope-from"
|
||||
set sort=threads
|
||||
set sort_aux=last-date-received
|
||||
set realname="${name}"
|
||||
set from=fill-later
|
||||
set use_from=yes
|
||||
set fast_reply=yes
|
||||
set mailcap_path=${mailcap};
|
||||
set include=yes
|
||||
set edit_headers=yes
|
||||
set mbox_type=Maildir
|
||||
set spoolfile="${maildir}/hera/Archiv"
|
||||
set record="${maildir}/hera/Archiv/unsortiert"
|
||||
set postponed="${maildir}/hera/Drafts"
|
||||
set mail_check_stats=yes
|
||||
bind index / vfolder-from-query
|
||||
set header_cache = "~/.cache/neomutt"
|
||||
set date_format="!%y-%m-%d %H:%M"
|
||||
set mime_forward=yes
|
||||
set mime_forward_rest=yes
|
||||
alternates ${mutt_alternates}
|
||||
set folder="${maildir}"
|
||||
mailboxes `find ${maildir} -type d -name Inbox -printf '"%h" '` `find ${maildir} -type d -name cur -printf '"%h" '`
|
||||
set sendmail="${pkgs.msmtp}/bin/msmtp --read-envelope-from"
|
||||
set sort=threads
|
||||
set sort_aux=last-date-received
|
||||
set realname="${name}"
|
||||
set from=fill-later
|
||||
set use_from=yes
|
||||
set fast_reply=yes
|
||||
set mailcap_path=${mailcap};
|
||||
set include=yes
|
||||
set edit_headers=yes
|
||||
set mbox_type=Maildir
|
||||
set spoolfile="${maildir}/hera/Archiv"
|
||||
set record="${maildir}/hera/Archiv/unsortiert"
|
||||
set postponed="${maildir}/hera/Drafts"
|
||||
set mail_check_stats=yes
|
||||
bind index / vfolder-from-query
|
||||
set header_cache = "~/.cache/neomutt"
|
||||
set date_format="!%y-%m-%d %H:%M"
|
||||
set mime_forward=yes
|
||||
set mime_forward_rest=yes
|
||||
|
||||
macro index <F5> "!systemctl --user start mbsync > /dev/null<enter>"
|
||||
macro index <F5> "!systemctl --user start mbsync > /dev/null<enter>"
|
||||
|
||||
source "${hide-sidebar}"
|
||||
macro index <right> "<enter-command>source ${hide-sidebar}<enter>"
|
||||
macro index <left> "<enter-command>source ${show-sidebar}<enter>"
|
||||
set sidebar_folder_indent=no
|
||||
set sidebar_short_path=no
|
||||
set sidebar_component_depth=2
|
||||
set sidebar_width=60
|
||||
set sidebar_sort_method="alpha"
|
||||
set sidebar_indent_string=" "
|
||||
color sidebar_indicator black white
|
||||
color sidebar_highlight white blue
|
||||
set sidebar_format = "%B%* %?N?%N/?%S"
|
||||
source "${hide-sidebar}"
|
||||
macro index <right> "<enter-command>source ${hide-sidebar}<enter>"
|
||||
macro index <left> "<enter-command>source ${show-sidebar}<enter>"
|
||||
set sidebar_folder_indent=no
|
||||
set sidebar_short_path=no
|
||||
set sidebar_component_depth=2
|
||||
set sidebar_width=60
|
||||
set sidebar_sort_method="alpha"
|
||||
set sidebar_indent_string=" "
|
||||
color sidebar_indicator black white
|
||||
color sidebar_highlight white blue
|
||||
set sidebar_format = "%B%* %?N?%N/?%S"
|
||||
|
||||
alias f__0 ${name} <${mail}>
|
||||
${builtins.concatStringsSep "\n"
|
||||
(lib.imap1 (n: x: "alias f__${toString n} ${name} <${x}>")
|
||||
alternates)}
|
||||
send2-hook '~f fill-later' "push <edit-from><kill-line>f__<complete><search>${mail}<enter>"
|
||||
macro index,pager a "<pipe-message>${pkgs.khard}/bin/khard add-email<return>" "add sender to to khard"
|
||||
set query_command = "${pkgs.khard}/bin/khard email --parsable %s"
|
||||
'';
|
||||
};
|
||||
alias f__0 ${name} <${mail}>
|
||||
${builtins.concatStringsSep "\n"
|
||||
(lib.imap1 (n: x: "alias f__${toString n} ${name} <${x}>")
|
||||
alternates)}
|
||||
send2-hook '~f fill-later' "push <edit-from><kill-line>f__<complete><search>${mail}<enter>"
|
||||
macro index,pager a "<pipe-message>${pkgs.khard}/bin/khard add-email<return>" "add sender to to khard"
|
||||
set query_command = "${pkgs.khard}/bin/khard email --parsable %s"
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
let
|
||||
mail2rss = pkgs.writeHaskellScript {
|
||||
name = "mail2rss";
|
||||
bins = [ pkgs.notmuch pkgs.mblaze pkgs.isync pkgs.logfeed ];
|
||||
imports = [ "System.Environment (setEnv)" ];
|
||||
} ''
|
||||
mail2rss = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "mail2rss";
|
||||
bins = [ pkgs.notmuch pkgs.mblaze pkgs.isync pkgs.logfeed ];
|
||||
imports = [ "System.Environment (setEnv)" ];
|
||||
} ''
|
||||
main = do
|
||||
setEnv "NOTMUCH_CONFIG" "${
|
||||
config.home.sessionVariables.NOTMUCH_CONFIG or ""
|
||||
|
@ -17,7 +18,8 @@ let
|
|||
mbsync "-a"
|
||||
notmuch "new" "--quiet"
|
||||
'';
|
||||
in {
|
||||
in
|
||||
{
|
||||
systemd.user = {
|
||||
timers.mail2rss = {
|
||||
Timer.OnCalendar = "19:58";
|
||||
|
|
|
@ -22,8 +22,8 @@ let
|
|||
vim-trailing-whitespace vim-autoformat
|
||||
|
||||
# Git
|
||||
coc-git # statusline, numberline and explorer infos
|
||||
fugitive # various git commands
|
||||
coc-git# statusline, numberline and explorer infos
|
||||
fugitive# various git commands
|
||||
|
||||
# Commenting and Uncommenting
|
||||
nerdcommenter
|
||||
|
@ -38,7 +38,7 @@ let
|
|||
# nix syntax highlighting
|
||||
vim-nix vim-markdown
|
||||
# latex
|
||||
vimtex coc-vimtex # not sure if I need two
|
||||
vimtex coc-vimtex# not sure if I need two
|
||||
# ledger
|
||||
vim-ledger
|
||||
# rust
|
||||
|
|
|
@ -100,5 +100,6 @@ let
|
|||
${pkgs.taskwarrior}/bin/task gen_id:meditation done
|
||||
${hold}
|
||||
exit
|
||||
'';
|
||||
in { home.packages = [ pythia meditate ]; }
|
||||
'';
|
||||
in
|
||||
{ home.packages = [ pythia meditate ]; }
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
let
|
||||
makeUnlocker = { name, hostName, pubKey, passPath }:
|
||||
let knownHosts = pkgs.writeText "KnownBootHosts" "${hostName} ${pubKey}";
|
||||
in pkgs.writeShellScriptBin "unlock-${name}" ''
|
||||
in
|
||||
pkgs.writeShellScriptBin "unlock-${name}" ''
|
||||
echo "Waiting for host to come up";
|
||||
while true; do
|
||||
echo -n .
|
||||
|
@ -20,4 +21,5 @@ let
|
|||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHkqWlFLtmIlTSKahr2PcL++K75YgfsSU6jwVYW5df3JCkowu/M16SIBxABxYSQrKej5uIz/OFCjqSxHJQ8D5wSYBvn2gYr/BbBcz4rfIJmZ55Od2jckaqlj/M8TtkuPPhsQG7S730vXxK5hbMT8iW5WWv8sIKY/WtaRbZOFMX/53WCLEHtnMu5zFJFWf92+mjIHSLyW8ggl1m525RUiaAfCge2vnuzIFq4kUqJxaWzxIvEWIncKWN10K/HMvdI+yOtbSen41uKedwSFhUFs3xHy1mJddYOrlcJQPt5zuuffZ/nTDVXMZoh5QNwg8ZlkkueVChaS1Y5STjb7cem1Mt";
|
||||
passPath = "eu/m-0/hera.m-0.eu/disk";
|
||||
}];
|
||||
in { config = { home.packages = map makeUnlocker unlocker; }; }
|
||||
in
|
||||
{ config = { home.packages = map makeUnlocker unlocker; }; }
|
||||
|
|
|
@ -1,14 +1,15 @@
|
|||
{ pkgs, lib, ... }:
|
||||
let
|
||||
addressbooks = pkgs.privateValue [] "addressbooks";
|
||||
calendars = pkgs.privateValue [] "calendars";
|
||||
addressbooks = pkgs.privateValue [ ] "addressbooks";
|
||||
calendars = pkgs.privateValue [ ] "calendars";
|
||||
mkConfig = config:
|
||||
(pkgs.formats.ini {}).generate "vdirsyncer-config" (
|
||||
(pkgs.formats.ini { }).generate "vdirsyncer-config" (
|
||||
lib.mapAttrs
|
||||
(
|
||||
name: section:
|
||||
(lib.mapAttrs (name: option: builtins.toJSON option) section)
|
||||
) config
|
||||
)
|
||||
config
|
||||
);
|
||||
mkCalendar = { name, url, username, passwordPath, collections ? [ "from a" "from b" ], readOnly ? false, type ? "caldav" }:
|
||||
let
|
||||
|
@ -16,62 +17,64 @@ let
|
|||
remoteName = "${pairName}_remote";
|
||||
localName = "${pairName}_local";
|
||||
in
|
||||
{
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
metadata = ["color"];
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.calendars/${name}/";
|
||||
fileext = ".ics";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
inherit type;
|
||||
inherit url;
|
||||
} // (if (type == "caldav") then {
|
||||
inherit username;
|
||||
"password.fetch" = [ "command" "${pkgs.pass}/bin/pass" passwordPath ];
|
||||
read_only = readOnly;
|
||||
} else {});
|
||||
{
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
metadata = [ "color" ];
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.calendars/${name}/";
|
||||
fileext = ".ics";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
inherit type;
|
||||
inherit url;
|
||||
} // (if (type == "caldav") then {
|
||||
inherit username;
|
||||
"password.fetch" = [ "command" "${pkgs.pass}/bin/pass" passwordPath ];
|
||||
read_only = readOnly;
|
||||
} else { });
|
||||
};
|
||||
mkAddressbook = { name, url, username, passwordPath, collections ? [ "from a" "from b" ], readOnly ? false }:
|
||||
let
|
||||
pairName = "${name}_contacts";
|
||||
remoteName = "${pairName}_remote";
|
||||
localName = "${pairName}_local";
|
||||
in
|
||||
{
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.contacts/${name}/";
|
||||
fileext = ".vcf";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
type = "carddav";
|
||||
inherit url username;
|
||||
"password.fetch" = [ "command" "${pkgs.pass}/bin/pass" passwordPath ];
|
||||
read_only = readOnly;
|
||||
};
|
||||
{
|
||||
"pair ${pairName}" = {
|
||||
a = localName;
|
||||
b = remoteName;
|
||||
inherit collections;
|
||||
conflict_resolution = "b wins";
|
||||
};
|
||||
"storage ${localName}" = {
|
||||
type = "filesystem";
|
||||
path = "~/.contacts/${name}/";
|
||||
fileext = ".vcf";
|
||||
};
|
||||
"storage ${remoteName}" = {
|
||||
type = "carddav";
|
||||
inherit url username;
|
||||
"password.fetch" = [ "command" "${pkgs.pass}/bin/pass" passwordPath ];
|
||||
read_only = readOnly;
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
home = {
|
||||
packages = [ pkgs.vdirsyncer ];
|
||||
file.".config/vdirsyncer/config".source = mkConfig
|
||||
(
|
||||
pkgs.lib.fold (a: b: a // b) {
|
||||
general.status_path = "~/.vdirsyncer/status";
|
||||
} (map mkCalendar calendars ++ map mkAddressbook addressbooks)
|
||||
pkgs.lib.fold (a: b: a // b)
|
||||
{
|
||||
general.status_path = "~/.vdirsyncer/status";
|
||||
}
|
||||
(map mkCalendar calendars ++ map mkAddressbook addressbooks)
|
||||
);
|
||||
};
|
||||
|
||||
|
|
|
@ -10,7 +10,8 @@ let
|
|||
scripts = [ pkgs.weechatScripts.weechat-matrix ];
|
||||
};
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
|
||||
home.file = {
|
||||
python_plugins = {
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
let
|
||||
notesDir = "${config.home.homeDirectory}/git/zettelkasten";
|
||||
cmd = "${pkgs.myHaskellPackages.neuron}/bin/neuron -d ${notesDir} rib -w -s 127.0.0.1:8002";
|
||||
in {
|
||||
in
|
||||
{
|
||||
systemd.user.services.neuron = {
|
||||
Unit.Description = "Neuron zettelkasten service";
|
||||
Install.WantedBy = [ "graphical-session.target" ];
|
||||
|
|
|
@ -18,13 +18,13 @@
|
|||
};
|
||||
plugins = [
|
||||
#{
|
||||
#name = "titles";
|
||||
#src = pkgs.fetchFromGitHub {
|
||||
#owner = "jreese";
|
||||
#repo = "zsh-titles";
|
||||
#rev = "b7d46d7";
|
||||
#sha256 = "0rca9a22vz11pnkks5vlspfnmd3m1s38hz901gvgfa39ch3va9ad";
|
||||
#};
|
||||
#name = "titles";
|
||||
#src = pkgs.fetchFromGitHub {
|
||||
#owner = "jreese";
|
||||
#repo = "zsh-titles";
|
||||
#rev = "b7d46d7";
|
||||
#sha256 = "0rca9a22vz11pnkks5vlspfnmd3m1s38hz901gvgfa39ch3va9ad";
|
||||
#};
|
||||
#}
|
||||
{
|
||||
name = "auto-notify";
|
||||
|
|
|
@ -13,4 +13,5 @@ let
|
|||
mkdir $out
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList (mode: config:
|
||||
"ln -s ${buildHomeManager host mode} $out/${mode}") modes)}'';
|
||||
in lib.mapAttrs buildModesForHost modes
|
||||
in
|
||||
lib.mapAttrs buildModesForHost modes
|
||||
|
|
15
home.nix
15
home.nix
|
@ -1,8 +1,13 @@
|
|||
let
|
||||
inherit (import (import ./nix/sources.nix).nixos-unstable { }) lib;
|
||||
modes = import home-manager/machines.nix;
|
||||
in lib.listToAttrs (lib.flatten (lib.mapAttrsToList (host: configs:
|
||||
lib.mapAttrsToList (mode: config: {
|
||||
name = "${host}-${mode}";
|
||||
value = config;
|
||||
}) configs) modes))
|
||||
in
|
||||
lib.listToAttrs (lib.flatten (lib.mapAttrsToList
|
||||
(host: configs:
|
||||
lib.mapAttrsToList
|
||||
(mode: config: {
|
||||
name = "${host}-${mode}";
|
||||
value = config;
|
||||
})
|
||||
configs)
|
||||
modes))
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
rec {
|
||||
themes = rec {
|
||||
default = material-light;
|
||||
material-light = rec { # Matches papercolor
|
||||
material-light = rec {
|
||||
# Matches papercolor
|
||||
primary = {
|
||||
foreground = "#2e2e2d";
|
||||
background = "#eaeaea";
|
||||
|
|
|
@ -3,10 +3,11 @@ let
|
|||
configPath = "/etc/nixos";
|
||||
in
|
||||
{
|
||||
update-system = pkgs.writeHaskellScript {
|
||||
name = "update-system";
|
||||
bins = [ nixos-rebuild pkgs.nix-output-monitor (import pkgs.sources.nvd { inherit pkgs; }) ];
|
||||
} ''
|
||||
update-system = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "update-system";
|
||||
bins = [ nixos-rebuild pkgs.nix-output-monitor (import pkgs.sources.nvd { inherit pkgs; }) ];
|
||||
} ''
|
||||
main = do
|
||||
paths <- myNixPath "${configPath}"
|
||||
args <- getArgs
|
||||
|
|
|
@ -10,29 +10,29 @@ let
|
|||
let
|
||||
name' = sanitizeName name + "-src";
|
||||
in
|
||||
if spec.builtin or true then
|
||||
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
|
||||
else
|
||||
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
|
||||
if spec.builtin or true then
|
||||
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
|
||||
else
|
||||
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
|
||||
|
||||
fetch_tarball = pkgs: name: spec:
|
||||
let
|
||||
name' = sanitizeName name + "-src";
|
||||
in
|
||||
if spec.builtin or true then
|
||||
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
|
||||
else
|
||||
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
|
||||
if spec.builtin or true then
|
||||
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
|
||||
else
|
||||
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
|
||||
|
||||
fetch_git = name: spec:
|
||||
let
|
||||
ref =
|
||||
if spec ? ref then spec.ref else
|
||||
if spec ? branch then "refs/heads/${spec.branch}" else
|
||||
if spec ? tag then "refs/tags/${spec.tag}" else
|
||||
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
|
||||
if spec ? branch then "refs/heads/${spec.branch}" else
|
||||
if spec ? tag then "refs/tags/${spec.tag}" else
|
||||
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
|
||||
in
|
||||
builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; };
|
||||
builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; };
|
||||
|
||||
fetch_local = spec: spec.path;
|
||||
|
||||
|
@ -66,16 +66,16 @@ let
|
|||
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
|
||||
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
|
||||
in
|
||||
if builtins.hasAttr "nixpkgs" sources
|
||||
then sourcesNixpkgs
|
||||
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
|
||||
import <nixpkgs> {}
|
||||
else
|
||||
abort
|
||||
''
|
||||
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
|
||||
add a package called "nixpkgs" to your sources.json.
|
||||
'';
|
||||
if builtins.hasAttr "nixpkgs" sources
|
||||
then sourcesNixpkgs
|
||||
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
|
||||
import <nixpkgs> { }
|
||||
else
|
||||
abort
|
||||
''
|
||||
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
|
||||
add a package called "nixpkgs" to your sources.json.
|
||||
'';
|
||||
|
||||
# The actual fetching function.
|
||||
fetch = pkgs: name: spec:
|
||||
|
@ -98,10 +98,10 @@ let
|
|||
saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
|
||||
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
|
||||
in
|
||||
if ersatz == "" then drv else
|
||||
# this turns the string into an actual Nix path (for both absolute and
|
||||
# relative paths)
|
||||
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
|
||||
if ersatz == "" then drv else
|
||||
# this turns the string into an actual Nix path (for both absolute and
|
||||
# relative paths)
|
||||
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
|
||||
|
||||
# Ports of functions for older nix versions
|
||||
|
||||
|
@ -112,7 +112,7 @@ let
|
|||
);
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
|
||||
range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1);
|
||||
range = first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1);
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
|
||||
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
|
||||
|
@ -123,43 +123,46 @@ let
|
|||
concatStrings = builtins.concatStringsSep "";
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
|
||||
optionalAttrs = cond: as: if cond then as else {};
|
||||
optionalAttrs = cond: as: if cond then as else { };
|
||||
|
||||
# fetchTarball version that is compatible between all the versions of Nix
|
||||
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
|
||||
let
|
||||
inherit (builtins) lessThan nixVersion fetchTarball;
|
||||
in
|
||||
if lessThan nixVersion "1.12" then
|
||||
fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
|
||||
else
|
||||
fetchTarball attrs;
|
||||
if lessThan nixVersion "1.12" then
|
||||
fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
|
||||
else
|
||||
fetchTarball attrs;
|
||||
|
||||
# fetchurl version that is compatible between all the versions of Nix
|
||||
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
|
||||
let
|
||||
inherit (builtins) lessThan nixVersion fetchurl;
|
||||
in
|
||||
if lessThan nixVersion "1.12" then
|
||||
fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
|
||||
else
|
||||
fetchurl attrs;
|
||||
if lessThan nixVersion "1.12" then
|
||||
fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
|
||||
else
|
||||
fetchurl attrs;
|
||||
|
||||
# Create the final "sources" from the config
|
||||
mkSources = config:
|
||||
mapAttrs (
|
||||
name: spec:
|
||||
if builtins.hasAttr "outPath" spec
|
||||
then abort
|
||||
"The values in sources.json should not have an 'outPath' attribute"
|
||||
else
|
||||
spec // { outPath = replace name (fetch config.pkgs name spec); }
|
||||
) config.sources;
|
||||
mapAttrs
|
||||
(
|
||||
name: spec:
|
||||
if builtins.hasAttr "outPath" spec
|
||||
then
|
||||
abort
|
||||
"The values in sources.json should not have an 'outPath' attribute"
|
||||
else
|
||||
spec // { outPath = replace name (fetch config.pkgs name spec); }
|
||||
)
|
||||
config.sources;
|
||||
|
||||
# The "config" used by the fetchers
|
||||
mkConfig =
|
||||
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
|
||||
, sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile)
|
||||
, sources ? if isNull sourcesFile then { } else builtins.fromJSON (builtins.readFile sourcesFile)
|
||||
, system ? builtins.currentSystem
|
||||
, pkgs ? mkPkgs sources system
|
||||
}: rec {
|
||||
|
@ -171,4 +174,4 @@ let
|
|||
};
|
||||
|
||||
in
|
||||
mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); }
|
||||
mkSources (mkConfig { }) // { __functor = _: settings: mkSources (mkConfig settings); }
|
||||
|
|
|
@ -6,7 +6,8 @@ let
|
|||
nixos-hardware = (import ../../../nix/sources.nix).nixos-hardware;
|
||||
inherit (import ../../../common/common.nix { inherit pkgs; }) syncthing;
|
||||
vpn = (import ../../../private.nix).privateValue ({ ... }: { }) "vpn";
|
||||
in {
|
||||
in
|
||||
{
|
||||
|
||||
imports = [
|
||||
"${nixos-hardware}/lenovo/thinkpad/t480s"
|
||||
|
@ -112,9 +113,9 @@ in {
|
|||
openDefaultPorts = true;
|
||||
declarative = syncthing.declarativeWith [ "hera" ] "/home/maralorn/media"
|
||||
// {
|
||||
cert = pkgs.privatePath "syncthing/apollo/cert.pem";
|
||||
key = pkgs.privatePath "syncthing/apollo/key.pem";
|
||||
};
|
||||
cert = pkgs.privatePath "syncthing/apollo/cert.pem";
|
||||
key = pkgs.privatePath "syncthing/apollo/key.pem";
|
||||
};
|
||||
};
|
||||
xserver = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,14 +1,15 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
adminCreds = pkgs.privateValue {
|
||||
adminpass = "";
|
||||
dbpass = "";
|
||||
adminuser = "";
|
||||
} "nextcloud-admin";
|
||||
adminCreds = pkgs.privateValue
|
||||
{
|
||||
adminpass = "";
|
||||
dbpass = "";
|
||||
adminuser = "";
|
||||
} "nextcloud-admin";
|
||||
inherit (config.m-0) hosts;
|
||||
certPath = "/var/lib/acme";
|
||||
nextcloud-container = { v6, v4, hostname, rss ? false, extraMounts ? {} }: {
|
||||
nextcloud-container = { v6, v4, hostname, rss ? false, extraMounts ? { } }: {
|
||||
bindMounts = {
|
||||
"${certPath}" = {
|
||||
hostPath = certPath;
|
||||
|
@ -99,9 +100,10 @@ let
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
pg_backup = {
|
||||
script = let
|
||||
name = "nextcloud-psql-${hostname}";
|
||||
in
|
||||
script =
|
||||
let
|
||||
name = "nextcloud-psql-${hostname}";
|
||||
in
|
||||
''
|
||||
${config.services.postgresql.package}/bin/pg_dump nextcloud > /var/lib/db-backup-dumps/${name}
|
||||
'';
|
||||
|
@ -120,18 +122,19 @@ let
|
|||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "nextcloud";
|
||||
ExecStart = let
|
||||
config = pkgs.writeText "updater.ini" (
|
||||
generators.toINI {} {
|
||||
updater = {
|
||||
user = adminCreds.adminuser;
|
||||
password = adminCreds.adminpass;
|
||||
url = "https://${hostname}/";
|
||||
mode = "singlerun";
|
||||
};
|
||||
}
|
||||
);
|
||||
in
|
||||
ExecStart =
|
||||
let
|
||||
config = pkgs.writeText "updater.ini" (
|
||||
generators.toINI { } {
|
||||
updater = {
|
||||
user = adminCreds.adminuser;
|
||||
password = adminCreds.adminpass;
|
||||
url = "https://${hostname}/";
|
||||
mode = "singlerun";
|
||||
};
|
||||
}
|
||||
);
|
||||
in
|
||||
"${pkgs.nextcloud-news-updater}/bin/nextcloud-news-updater -c ${config}";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
let
|
||||
inherit (config.m-0.private) me;
|
||||
inherit (import ../../../common/common.nix { inherit pkgs; }) syncthing;
|
||||
backupJobs = pkgs.privateValue {} "borgbackup";
|
||||
backupJobs = pkgs.privateValue { } "borgbackup";
|
||||
backupJobNames = map (name: "borgbackup-job-${name}") (lib.attrNames backupJobs);
|
||||
in
|
||||
{
|
||||
|
@ -49,9 +49,10 @@ in
|
|||
};
|
||||
nixpkgs.config.android_sdk.accept_license = true;
|
||||
systemd.services = {
|
||||
pg_backup = let
|
||||
name = "matrix-synapse";
|
||||
in
|
||||
pg_backup =
|
||||
let
|
||||
name = "matrix-synapse";
|
||||
in
|
||||
{
|
||||
script = ''
|
||||
${config.services.postgresql.package}/bin/pg_dump ${name} > /var/lib/db-backup-dumps/${name}
|
||||
|
@ -62,10 +63,11 @@ in
|
|||
};
|
||||
};
|
||||
night-routines = {
|
||||
script = let
|
||||
start = "${pkgs.systemd}/bin/systemctl start";
|
||||
container = "${pkgs.nixos-container}/bin/nixos-container run";
|
||||
in
|
||||
script =
|
||||
let
|
||||
start = "${pkgs.systemd}/bin/systemctl start";
|
||||
container = "${pkgs.nixos-container}/bin/nixos-container run";
|
||||
in
|
||||
''
|
||||
set -x
|
||||
set +e
|
||||
|
|
|
@ -51,8 +51,8 @@ in
|
|||
enableImapSsl = true;
|
||||
fqdn = "hera.m-0.eu";
|
||||
domains = [ "m-0.eu" "maralorn.de" "choreutes.de" "mathechor.de" ];
|
||||
forwards = pkgs.privateValue {} "mail/forwards";
|
||||
loginAccounts = pkgs.privateValue {} "mail/users";
|
||||
forwards = pkgs.privateValue { } "mail/forwards";
|
||||
loginAccounts = pkgs.privateValue { } "mail/users";
|
||||
hierarchySeparator = "/";
|
||||
certificateScheme = 1;
|
||||
certificateFile = "${certPath}/fullchain.pem";
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
let
|
||||
wireguard = import ../../../common/wireguard.nix;
|
||||
inherit (config.m-0) hosts;
|
||||
in {
|
||||
in
|
||||
{
|
||||
networking = {
|
||||
hostName = "hera";
|
||||
domain = "m-0.eu";
|
||||
|
|
|
@ -7,7 +7,8 @@ let
|
|||
'';
|
||||
};
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
m-0.monitoring = [{
|
||||
name = "hera-nginx";
|
||||
|
@ -42,16 +43,16 @@ in {
|
|||
forceSSL = true;
|
||||
inherit locations;
|
||||
};
|
||||
"fdroid.maralorn.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = "/var/www/fdroid/repo";
|
||||
"fdroid.maralorn.de" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations = {
|
||||
"/" = {
|
||||
root = "/var/www/fdroid/repo";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
let
|
||||
passwordFile = pkgs.privatePath "pam-login-password";
|
||||
openssh.authorizedKeys.keys = pkgs.privateValue [ ] "ssh-keys";
|
||||
in {
|
||||
in
|
||||
{
|
||||
users.users = {
|
||||
maralorn = {
|
||||
description = "maralorn";
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ lib, config, ... }:
|
||||
let secretsFile = "/var/lib/luks-secret/key";
|
||||
in {
|
||||
in
|
||||
{
|
||||
boot = {
|
||||
initrd = {
|
||||
luks.devices."nixos" = {
|
||||
|
|
|
@ -2,25 +2,28 @@
|
|||
let
|
||||
fqdn = "${config.networking.hostName}.${config.networking.domain}";
|
||||
key_dir = config.security.acme.certs."${fqdn}".directory;
|
||||
in {
|
||||
in
|
||||
{
|
||||
users.users.turnserver.extraGroups = [ "nginx" ]; # For read access to certs;
|
||||
networking.firewall = let
|
||||
range = [{
|
||||
from = config.services.coturn.min-port;
|
||||
to = config.services.coturn.max-port;
|
||||
}];
|
||||
ports = [
|
||||
config.services.coturn.listening-port
|
||||
config.services.coturn.alt-listening-port
|
||||
config.services.coturn.tls-listening-port
|
||||
config.services.coturn.alt-tls-listening-port
|
||||
];
|
||||
in {
|
||||
allowedUDPPortRanges = range;
|
||||
allowedTCPPortRanges = range;
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
networking.firewall =
|
||||
let
|
||||
range = [{
|
||||
from = config.services.coturn.min-port;
|
||||
to = config.services.coturn.max-port;
|
||||
}];
|
||||
ports = [
|
||||
config.services.coturn.listening-port
|
||||
config.services.coturn.alt-listening-port
|
||||
config.services.coturn.tls-listening-port
|
||||
config.services.coturn.alt-tls-listening-port
|
||||
];
|
||||
in
|
||||
{
|
||||
allowedUDPPortRanges = range;
|
||||
allowedTCPPortRanges = range;
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
security.acme.certs.${fqdn} = {
|
||||
postRun = "systemctl restart coturn.service";
|
||||
};
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
];
|
||||
nixPath = [ "/etc/nix-path" ];
|
||||
trustedUsers = [ "maralorn" "laminar" ];
|
||||
buildMachines = pkgs.privateValue [] "remote-builders";
|
||||
buildMachines = pkgs.privateValue [ ] "remote-builders";
|
||||
extraOptions = ''
|
||||
fallback = true
|
||||
keep-outputs = true
|
||||
|
@ -65,27 +65,28 @@
|
|||
builders-use-substitutes = true
|
||||
'';
|
||||
optimise = {
|
||||
dates = [];
|
||||
dates = [ ];
|
||||
automatic = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services = let
|
||||
hosts = builtins.attrNames config.services.nginx.virtualHosts;
|
||||
makeConfig = host: {
|
||||
name = "acme-${host}";
|
||||
value = {
|
||||
serviceConfig = {
|
||||
Restart = "on-failure";
|
||||
RestartSec = 600;
|
||||
};
|
||||
unitConfig = {
|
||||
StartLimitIntervalSec = 2400;
|
||||
StartLimitBurst = 3;
|
||||
systemd.services =
|
||||
let
|
||||
hosts = builtins.attrNames config.services.nginx.virtualHosts;
|
||||
makeConfig = host: {
|
||||
name = "acme-${host}";
|
||||
value = {
|
||||
serviceConfig = {
|
||||
Restart = "on-failure";
|
||||
RestartSec = 600;
|
||||
};
|
||||
unitConfig = {
|
||||
StartLimitIntervalSec = 2400;
|
||||
StartLimitBurst = 3;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
in
|
||||
{ nix-optimise.serviceConfig.Type = "oneshot"; } // builtins.listToAttrs (map makeConfig hosts);
|
||||
|
||||
services = {
|
||||
|
|
|
@ -13,7 +13,8 @@ let
|
|||
branding.welcomeBackgroundUrl =
|
||||
"https://cloud.maralorn.de/apps/theming/image/background";
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."element.maralorn.de" = {
|
||||
|
|
|
@ -36,7 +36,8 @@ let
|
|||
};
|
||||
Misc = { Debug = true; };
|
||||
});
|
||||
in {
|
||||
in
|
||||
{
|
||||
systemd.services.email2matrix = {
|
||||
script =
|
||||
"${pkgs.email2matrix}/bin/devture-email2matrix --config ${email2matrix-config}";
|
||||
|
|
|
@ -13,20 +13,24 @@
|
|||
#fontDir.enable = true;
|
||||
fonts = builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
nerdfonts # For all my terminal needs.
|
||||
libertine # nice text font
|
||||
material-icons # icons in my app
|
||||
nerdfonts# For all my terminal needs.
|
||||
libertine# nice text font
|
||||
material-icons# icons in my app
|
||||
b612; # sans font, very good for displays
|
||||
};
|
||||
};
|
||||
|
||||
# create a cache of the font sources, often slow internet connections make it painful to
|
||||
# re-download them after a few months
|
||||
environment.etc = let
|
||||
# fonts with src attributes
|
||||
font_sources = map (v: v.src) (lib.filter (v: v ? src) config.fonts.fonts);
|
||||
in builtins.listToAttrs (lib.imap0 (n: v:
|
||||
lib.nameValuePair "src-cache/fonts/${toString n}" {
|
||||
source = builtins.toPath v;
|
||||
}) font_sources);
|
||||
environment.etc =
|
||||
let
|
||||
# fonts with src attributes
|
||||
font_sources = map (v: v.src) (lib.filter (v: v ? src) config.fonts.fonts);
|
||||
in
|
||||
builtins.listToAttrs (lib.imap0
|
||||
(n: v:
|
||||
lib.nameValuePair "src-cache/fonts/${toString n}" {
|
||||
source = builtins.toPath v;
|
||||
})
|
||||
font_sources);
|
||||
}
|
||||
|
|
|
@ -3,7 +3,8 @@ let
|
|||
name = "foundryvtt";
|
||||
stateDir = "/var/lib/${name}";
|
||||
port = "3333";
|
||||
in {
|
||||
in
|
||||
{
|
||||
config = {
|
||||
users = {
|
||||
groups.${name} = { };
|
||||
|
|
|
@ -7,14 +7,15 @@ let
|
|||
"test-config.service"
|
||||
"--no-block"
|
||||
];
|
||||
post-update = pkgs.writeHaskellScript {
|
||||
name = "post-update";
|
||||
bins = [ pkgs.git pkgs.laminar ];
|
||||
imports = [
|
||||
"System.Environment (lookupEnv)"
|
||||
"System.Directory (withCurrentDirectory)"
|
||||
];
|
||||
} ''
|
||||
post-update = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "post-update";
|
||||
bins = [ pkgs.git pkgs.laminar ];
|
||||
imports = [
|
||||
"System.Environment (lookupEnv)"
|
||||
"System.Directory (withCurrentDirectory)"
|
||||
];
|
||||
} ''
|
||||
checkout :: String -> IO FilePath
|
||||
checkout path = do
|
||||
(decodeUtf8 -> repoDir) <- mktemp "-d" |> captureTrim
|
||||
|
@ -40,10 +41,13 @@ let
|
|||
bracket (checkout path) (rm "-rf") $ \repoDir -> withCurrentDirectory repoDir $ nix_build "-o" ([i|/var/www/#{deploy}|] :: String) target
|
||||
say "Done"
|
||||
'';
|
||||
in {
|
||||
systemd.tmpfiles.rules = let cfg = config.services.gitolite;
|
||||
in lib.mkAfter
|
||||
[ "z ${cfg.dataDir}/.ssh/id_ed25519 0600 ${cfg.user} ${cfg.group} - -" ];
|
||||
in
|
||||
{
|
||||
systemd.tmpfiles.rules =
|
||||
let cfg = config.services.gitolite;
|
||||
in
|
||||
lib.mkAfter
|
||||
[ "z ${cfg.dataDir}/.ssh/id_ed25519 0600 ${cfg.user} ${cfg.group} - -" ];
|
||||
services.gitolite = {
|
||||
enable = true;
|
||||
user = "git";
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
{{range .Alerts -}} [{{ .Status }}] {{index .Annotations "description"}} ({{index .Labels "alertname" }}){{ end -}}'';
|
||||
html_template = ''
|
||||
{{range .Alerts -}}{{ $severity := index .Labels "severity" }}{{ if eq .Status "firing" }}{{ if eq $severity "critical"}}<font color='red'><b>[FIRING - CRITICAL]</b></font>{{ else if eq $severity "warning"}}<font color='orange'><b>[FIRING - WARNING]</b></font>{{ else }}<font color='yellow'><b>[FIRING - {{ $severity }}]</b></font>{{ end }}{{ else }}<font color='green'><b>[RESOLVED]</b></font>{{ end }} {{ index .Annotations "description"}} {{ $url := index .Labels "url" }}{{ if eq $url "" }}{{ else }}<a href="{{ $url }}">more infos</a> {{ end }}({{ index .Labels "alertname"}}, <a href="https://stats.maralorn.de/d/health-status">dashboard</a>, <a href="{{ .SilenceURL }}">silence</a>)<br/>{{end -}}
|
||||
'';
|
||||
'';
|
||||
msg_type = "m.text"; # Must be either `m.text` or `m.notice`
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,13 +2,15 @@
|
|||
systemd.services.kassandra = {
|
||||
enable = true;
|
||||
description = "Kassandra Server";
|
||||
serviceConfig = let serverPath = "/var/cache/gc-links/kassandra-server";
|
||||
in {
|
||||
WorkingDirectory = serverPath;
|
||||
ExecStart = "${serverPath}/backend -b '::1' ";
|
||||
Restart = "always";
|
||||
Environment = "PATH=${pkgs.coreutils}/bin/:${pkgs.taskwarrior}/bin";
|
||||
User = "maralorn";
|
||||
};
|
||||
serviceConfig =
|
||||
let serverPath = "/var/cache/gc-links/kassandra-server";
|
||||
in
|
||||
{
|
||||
WorkingDirectory = serverPath;
|
||||
ExecStart = "${serverPath}/backend -b '::1' ";
|
||||
Restart = "always";
|
||||
Environment = "PATH=${pkgs.coreutils}/bin/:${pkgs.taskwarrior}/bin";
|
||||
User = "maralorn";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,25 +1,25 @@
|
|||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
{-# LANGUAGE ExtendedDefaultRules #-}
|
||||
{-# LANGUAGE NoImplicitPrelude #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
{-# LANGUAGE FlexibleContexts #-}
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
{-# LANGUAGE QuasiQuotes #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE NoImplicitPrelude #-}
|
||||
{-# OPTIONS_GHC -Wall -Werror -Wno-missing-signatures -Wno-type-defaults -Wno-orphans #-}
|
||||
|
||||
import System.Environment
|
||||
import Data.String.Interpolate
|
||||
import qualified Data.Text as Text
|
||||
import Language.Haskell.TH
|
||||
import Language.Haskell.TH.Syntax
|
||||
import Relude
|
||||
import Shh
|
||||
import Data.String.Interpolate
|
||||
import qualified Data.Text as Text
|
||||
import Language.Haskell.TH
|
||||
import Language.Haskell.TH.Syntax
|
||||
import Relude
|
||||
import Say
|
||||
import Shh
|
||||
import System.Environment
|
||||
|
||||
load Absolute ["git", "niv"]
|
||||
paths :: [Text]
|
||||
paths =
|
||||
$$(liftTyped . mapMaybe (\x -> foldr (<|>) Nothing $ (\bin -> Text.stripSuffix [i|/#{bin}|] $ toText x) <$> ["git", "tar", "nix-prefetch-url", "gzip"])=<< runIO pathBinsAbs)
|
||||
$$(liftTyped . mapMaybe (\x -> foldr (<|>) Nothing $ (\bin -> Text.stripSuffix [i|/#{bin}|] $ toText x) <$> ["git", "tar", "nix-prefetch-url", "gzip"]) =<< runIO pathBinsAbs)
|
||||
|
||||
repo = "git@hera.m-0.eu:nixos-config"
|
||||
|
||||
|
@ -28,9 +28,9 @@ main = do
|
|||
setEnv "PATH" . toString $ Text.intercalate ":" paths
|
||||
ignoreFailure $ niv "update"
|
||||
changed <- (mempty /=) <$> (git "status" "--porcelain" |> captureTrim)
|
||||
when changed $ do
|
||||
when changed $ do
|
||||
git "config" "user.email" "maralorn@maralorn.de"
|
||||
git "config" "user.name" "maralorn (nix-auto-updater)"
|
||||
git "commit" "-am" "Update dependencies with niv"
|
||||
git "config" "user.name" "maralorn (nix-auto-updater)"
|
||||
git "commit" "-am" "Update dependencies with niv"
|
||||
git "push" "-f" "origin" "HEAD:niv-bump"
|
||||
unless changed $ say "No updates in any niv source. Doing nothing."
|
||||
|
|
|
@ -8,12 +8,14 @@ let
|
|||
echo "Cached build-result $1 to"
|
||||
${pkgs.nix}/bin/nix-store -r --indirect --add-root "/var/cache/gc-links/$2" "$1"
|
||||
''}";
|
||||
in {
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.laminar = {
|
||||
cfgFiles = mkOption {
|
||||
type = let valueType = with types; oneOf [ path (attrsOf valueType) ];
|
||||
in valueType;
|
||||
type =
|
||||
let valueType = with types; oneOf [ path (attrsOf valueType) ];
|
||||
in valueType;
|
||||
default = { };
|
||||
description = ''
|
||||
Every entry will be copied to /var/lib/laminar/cfg/<name>
|
||||
|
@ -25,24 +27,30 @@ in {
|
|||
};
|
||||
imports = [ ./kassandra.nix ./test-config.nix ./projects.nix ];
|
||||
config = {
|
||||
security.sudo.extraRules = let allowedCommands = [ cacheResult ];
|
||||
in [{
|
||||
commands = map (command: {
|
||||
inherit command;
|
||||
options = [ "NOPASSWD" ];
|
||||
}) allowedCommands;
|
||||
users = [ "laminar" ];
|
||||
}];
|
||||
security.sudo.extraRules =
|
||||
let allowedCommands = [ cacheResult ];
|
||||
in
|
||||
[{
|
||||
commands = map
|
||||
(command: {
|
||||
inherit command;
|
||||
options = [ "NOPASSWD" ];
|
||||
})
|
||||
allowedCommands;
|
||||
users = [ "laminar" ];
|
||||
}];
|
||||
services.laminar.cfgFiles = {
|
||||
env = builtins.toFile "laminar-env" ''
|
||||
TIMEOUT=14400
|
||||
'';
|
||||
scripts = {
|
||||
"nix-jobs" = pkgs.writeHaskell "nix-jobs" {
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
ghcEnv.PATH = "${lib.makeBinPath [ pkgs.laminar pkgs.nix ]}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
} (builtins.readFile ./nix-jobs.hs);
|
||||
"nix-jobs" = pkgs.writeHaskell "nix-jobs"
|
||||
{
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
ghcEnv.PATH = "${lib.makeBinPath [ pkgs.laminar pkgs.nix ]}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
}
|
||||
(builtins.readFile ./nix-jobs.hs);
|
||||
};
|
||||
jobs = {
|
||||
"nix-build.run" = pkgs.writeShellScript "nix-build" ''
|
||||
|
@ -92,17 +100,19 @@ in {
|
|||
LimitNOFILE = "1024000";
|
||||
};
|
||||
after = [ "network.target" ];
|
||||
preStart = let
|
||||
linkToPath = path: fileOrDir:
|
||||
(if types.path.check fileOrDir then
|
||||
[ "ln -sT ${fileOrDir} ${path}" ]
|
||||
else
|
||||
[ "mkdir -p ${path}" ] ++ lib.concatLists (lib.mapAttrsToList
|
||||
(dirName: content: linkToPath "${path}/${dirName}" content)
|
||||
fileOrDir));
|
||||
cfgDirContent = pkgs.runCommand "laminar-cfg-dir" { }
|
||||
(lib.concatStringsSep "\n" (linkToPath "$out" cfg.cfgFiles));
|
||||
in "ln -sfT ${cfgDirContent} ${cfgDir}";
|
||||
preStart =
|
||||
let
|
||||
linkToPath = path: fileOrDir:
|
||||
(if types.path.check fileOrDir then
|
||||
[ "ln -sT ${fileOrDir} ${path}" ]
|
||||
else
|
||||
[ "mkdir -p ${path}" ] ++ lib.concatLists (lib.mapAttrsToList
|
||||
(dirName: content: linkToPath "${path}/${dirName}" content)
|
||||
fileOrDir));
|
||||
cfgDirContent = pkgs.runCommand "laminar-cfg-dir" { }
|
||||
(lib.concatStringsSep "\n" (linkToPath "$out" cfg.cfgFiles));
|
||||
in
|
||||
"ln -sfT ${cfgDirContent} ${cfgDir}";
|
||||
};
|
||||
services = {
|
||||
nginx = {
|
||||
|
|
|
@ -31,7 +31,8 @@ let
|
|||
nix-jobs realise $drv
|
||||
laminarc set "RESULTDRV=$drv"
|
||||
'';
|
||||
in {
|
||||
in
|
||||
{
|
||||
security.sudo.extraRules = [{
|
||||
commands = [{
|
||||
command = deploy;
|
||||
|
|
|
@ -1,87 +1,99 @@
|
|||
{-# LANGUAGE DeriveAnyClass #-}
|
||||
{-# LANGUAGE TupleSections #-}
|
||||
{-# LANGUAGE LambdaCase #-}
|
||||
{-# LANGUAGE QuasiQuotes #-}
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
{-# LANGUAGE ExtendedDefaultRules #-}
|
||||
{-# LANGUAGE NoImplicitPrelude #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
{-# LANGUAGE FlexibleContexts #-}
|
||||
{-# LANGUAGE LambdaCase #-}
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
{-# LANGUAGE QuasiQuotes #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE TupleSections #-}
|
||||
{-# LANGUAGE NoImplicitPrelude #-}
|
||||
{-# OPTIONS_GHC -Wall -Werror -Wno-missing-signatures -Wno-type-defaults -Wno-orphans #-}
|
||||
|
||||
import Control.Concurrent ( threadDelay )
|
||||
import Control.Concurrent.Async ( forConcurrently_
|
||||
, race_
|
||||
, withAsync
|
||||
)
|
||||
import Control.Concurrent.STM ( check
|
||||
, retry
|
||||
)
|
||||
import Control.Exception ( bracket
|
||||
, catch
|
||||
, handle
|
||||
, handleJust
|
||||
, throwIO
|
||||
)
|
||||
import Data.Bits ( Bits((.|.)) )
|
||||
import qualified Data.Map as Map
|
||||
import qualified Data.Sequence as Seq
|
||||
import Data.String.Interpolate ( i )
|
||||
import Data.Text ( isInfixOf
|
||||
, splitOn
|
||||
, strip
|
||||
)
|
||||
import qualified Data.Text as T
|
||||
import Data.Time ( UTCTime
|
||||
, defaultTimeLocale
|
||||
, diffUTCTime
|
||||
, formatTime
|
||||
, getCurrentTime
|
||||
)
|
||||
import Relude
|
||||
import Say ( say
|
||||
, sayErr
|
||||
)
|
||||
import Shh ( (&!>)
|
||||
, ExecArg(..)
|
||||
, ExecReference(Absolute)
|
||||
, Stream(StdOut)
|
||||
, captureTrim
|
||||
, load
|
||||
, (|>)
|
||||
)
|
||||
import System.Directory ( createDirectoryIfMissing
|
||||
, doesFileExist
|
||||
, getModificationTime
|
||||
, removeFile
|
||||
)
|
||||
import System.Environment ( getArgs
|
||||
, getEnv
|
||||
, setEnv
|
||||
)
|
||||
import System.FSNotify ( Event(Removed)
|
||||
, watchDir
|
||||
, withManager
|
||||
)
|
||||
import System.IO ( BufferMode(LineBuffering)
|
||||
, hSetBuffering
|
||||
)
|
||||
import System.IO.Error
|
||||
import System.IO.Unsafe
|
||||
import System.Posix.Files ( groupReadMode
|
||||
, otherReadMode
|
||||
, ownerReadMode
|
||||
, ownerWriteMode
|
||||
)
|
||||
import System.Posix.IO ( OpenFileFlags(exclusive)
|
||||
, OpenMode(WriteOnly)
|
||||
, closeFd
|
||||
, defaultFileFlags
|
||||
, fdWrite
|
||||
, openFd
|
||||
)
|
||||
|
||||
import Control.Concurrent (threadDelay)
|
||||
import Control.Concurrent.Async (
|
||||
forConcurrently_,
|
||||
race_,
|
||||
withAsync,
|
||||
)
|
||||
import Control.Concurrent.STM (
|
||||
check,
|
||||
retry,
|
||||
)
|
||||
import Control.Exception (
|
||||
bracket,
|
||||
catch,
|
||||
handle,
|
||||
handleJust,
|
||||
throwIO,
|
||||
)
|
||||
import Data.Bits (Bits ((.|.)))
|
||||
import qualified Data.Map as Map
|
||||
import qualified Data.Sequence as Seq
|
||||
import Data.String.Interpolate (i)
|
||||
import Data.Text (
|
||||
isInfixOf,
|
||||
splitOn,
|
||||
strip,
|
||||
)
|
||||
import qualified Data.Text as T
|
||||
import Data.Time (
|
||||
UTCTime,
|
||||
defaultTimeLocale,
|
||||
diffUTCTime,
|
||||
formatTime,
|
||||
getCurrentTime,
|
||||
)
|
||||
import Relude
|
||||
import Say (
|
||||
say,
|
||||
sayErr,
|
||||
)
|
||||
import Shh (
|
||||
ExecArg (..),
|
||||
ExecReference (Absolute),
|
||||
Stream (StdOut),
|
||||
captureTrim,
|
||||
load,
|
||||
(&!>),
|
||||
(|>),
|
||||
)
|
||||
import System.Directory (
|
||||
createDirectoryIfMissing,
|
||||
doesFileExist,
|
||||
getModificationTime,
|
||||
removeFile,
|
||||
)
|
||||
import System.Environment (
|
||||
getArgs,
|
||||
getEnv,
|
||||
setEnv,
|
||||
)
|
||||
import System.FSNotify (
|
||||
Event (Removed),
|
||||
watchDir,
|
||||
withManager,
|
||||
)
|
||||
import System.IO (
|
||||
BufferMode (LineBuffering),
|
||||
hSetBuffering,
|
||||
)
|
||||
import System.IO.Error
|
||||
import System.IO.Unsafe
|
||||
import System.Posix.Files (
|
||||
groupReadMode,
|
||||
otherReadMode,
|
||||
ownerReadMode,
|
||||
ownerWriteMode,
|
||||
)
|
||||
import System.Posix.IO (
|
||||
OpenFileFlags (exclusive),
|
||||
OpenMode (WriteOnly),
|
||||
closeFd,
|
||||
defaultFileFlags,
|
||||
fdWrite,
|
||||
openFd,
|
||||
)
|
||||
|
||||
load Absolute ["laminarc", "nix-store"]
|
||||
|
||||
|
@ -94,13 +106,13 @@ throwWait = throwIO . WaitException
|
|||
|
||||
instance Semigroup JobResult where
|
||||
Success <> Success = Success
|
||||
_ <> _ = Failure
|
||||
_ <> _ = Failure
|
||||
|
||||
instance Monoid JobResult where
|
||||
mempty = Success
|
||||
|
||||
instance ExecArg Text where
|
||||
asArg = asArg . toString
|
||||
asArg = asArg . toString
|
||||
asArgFromList = asArgFromList . fmap toString
|
||||
|
||||
drvBasename :: Text -> Text
|
||||
|
@ -118,6 +130,7 @@ resultPath p = [i|#{resultDir}/#{drvBasename p}|]
|
|||
{-# NOINLINE jobMap #-}
|
||||
|
||||
data BuildState = Pending | Running UTCTime | Complete deriving (Show, Eq)
|
||||
|
||||
-- True means job is finished
|
||||
jobMap :: TVar (Map Text (TVar BuildState))
|
||||
jobMap = unsafePerformIO $ newTVarIO mempty
|
||||
|
@ -170,10 +183,10 @@ job derivationName = do
|
|||
flags <- filter (/= mempty) . splitOn " " . toText <$> getEnv "FLAGS"
|
||||
catch
|
||||
(nixStoreRealise derivationName flags)
|
||||
(\(err :: SomeException) -> do
|
||||
setResult Failure
|
||||
sayErr [i|nix-build failed with error #{err}.|]
|
||||
exitFailure
|
||||
( \(err :: SomeException) -> do
|
||||
setResult Failure
|
||||
sayErr [i|nix-build failed with error #{err}.|]
|
||||
exitFailure
|
||||
)
|
||||
setResult Success
|
||||
say [i|Build for #{derivationName} successful.|]
|
||||
|
@ -197,54 +210,60 @@ tryQueue derivationName = handleExisting $ do
|
|||
jobName <- startJob
|
||||
when (T.null jobName) $ throw [i|Laminarc returned an empty jobName.|]
|
||||
writeCount <- fdWrite fd (toString jobName)
|
||||
when (writeCount == 0)
|
||||
$ throw
|
||||
[i|Wrote 0 bytes of jobName "#{jobName}" to #{runningPath derivationName}|]
|
||||
when (writeCount == 0) $
|
||||
throw
|
||||
[i|Wrote 0 bytes of jobName "#{jobName}" to #{runningPath derivationName}|]
|
||||
pure . Just $ jobName
|
||||
startJob = do
|
||||
flags <- getEnv "FLAGS"
|
||||
decodeUtf8
|
||||
<$> ( laminarc "queue"
|
||||
"nix-build"
|
||||
([i|DERIVATION=#{derivationName}|] :: Text)
|
||||
([i|FLAGS=#{flags}|] :: Text)
|
||||
|> captureTrim
|
||||
<$> ( laminarc
|
||||
"queue"
|
||||
"nix-build"
|
||||
([i|DERIVATION=#{derivationName}|] :: Text)
|
||||
([i|FLAGS=#{flags}|] :: Text)
|
||||
|> captureTrim
|
||||
)
|
||||
handleExisting = handleJust
|
||||
(\x -> if isAlreadyExistsError x then Just x else Nothing)
|
||||
(const (pure Nothing))
|
||||
openNewFile = openFd (runningPath derivationName)
|
||||
WriteOnly
|
||||
(Just defaultMode)
|
||||
defaultFileFlags { exclusive = True }
|
||||
handleExisting =
|
||||
handleJust
|
||||
(\x -> if isAlreadyExistsError x then Just x else Nothing)
|
||||
(const (pure Nothing))
|
||||
openNewFile =
|
||||
openFd
|
||||
(runningPath derivationName)
|
||||
WriteOnly
|
||||
(Just defaultMode)
|
||||
defaultFileFlags{exclusive = True}
|
||||
defaultMode =
|
||||
ownerReadMode .|. ownerWriteMode .|. groupReadMode .|. otherReadMode
|
||||
|
||||
queueJobWithLaminarc :: Text -> IO Text
|
||||
queueJobWithLaminarc derivationName = whenNothingM
|
||||
(do
|
||||
jobMay <- tryQueue derivationName
|
||||
whenJust jobMay $ \jobName ->
|
||||
say [i|Job #{jobName} started for #{derivationName}. Waiting ...|]
|
||||
pure jobMay
|
||||
)
|
||||
(ensureRunningJob derivationName)
|
||||
queueJobWithLaminarc derivationName =
|
||||
whenNothingM
|
||||
( do
|
||||
jobMay <- tryQueue derivationName
|
||||
whenJust jobMay $ \jobName ->
|
||||
say [i|Job #{jobName} started for #{derivationName}. Waiting ...|]
|
||||
pure jobMay
|
||||
)
|
||||
(ensureRunningJob derivationName)
|
||||
|
||||
ensureRunningJob :: Text -> IO Text
|
||||
ensureRunningJob derivationName = whenNothingM
|
||||
(do
|
||||
jobMay <- getRunningJob derivationName
|
||||
whenJust jobMay $ \jobName ->
|
||||
say [i|Job #{jobName} running for #{derivationName}. Waiting ...|]
|
||||
pure jobMay
|
||||
)
|
||||
(queueJobWithLaminarc derivationName)
|
||||
ensureRunningJob derivationName =
|
||||
whenNothingM
|
||||
( do
|
||||
jobMay <- getRunningJob derivationName
|
||||
whenJust jobMay $ \jobName ->
|
||||
say [i|Job #{jobName} running for #{derivationName}. Waiting ...|]
|
||||
pure jobMay
|
||||
)
|
||||
(queueJobWithLaminarc derivationName)
|
||||
|
||||
-- Nothing means there is no running Job.
|
||||
getRunningJob :: Text -> IO (Maybe Text)
|
||||
getRunningJob derivationName = poll 0
|
||||
where
|
||||
path = runningPath derivationName
|
||||
path = runningPath derivationName
|
||||
request = handleNoExist (Just <$> readFileText path)
|
||||
handleNoExist =
|
||||
handleJust (guard . isDoesNotExistError) (const $ pure Nothing)
|
||||
|
@ -253,15 +272,14 @@ getRunningJob derivationName = poll 0
|
|||
if count < 50 && mayJob == Just ""
|
||||
then threadDelay 10000 >> poll (count + 1)
|
||||
else do
|
||||
|
||||
pure mayJob
|
||||
|
||||
getJobVar :: Text -> IO (TVar BuildState)
|
||||
getJobVar derivationName =
|
||||
atomically
|
||||
$ readTVar jobMap
|
||||
>>= maybe makeVar pure
|
||||
. Map.lookup derivationName
|
||||
atomically $
|
||||
readTVar jobMap
|
||||
>>= maybe makeVar pure
|
||||
. Map.lookup derivationName
|
||||
where
|
||||
makeVar = do
|
||||
newVar <- newTVar Pending
|
||||
|
@ -270,14 +288,14 @@ getJobVar derivationName =
|
|||
|
||||
realise :: Text -> IO ()
|
||||
realise derivationName = do
|
||||
jobVar <- getJobVar derivationName
|
||||
now <- getCurrentTime
|
||||
jobVar <- getJobVar derivationName
|
||||
now <- getCurrentTime
|
||||
runHere <- atomically $ do
|
||||
jobState <- readTVar jobVar
|
||||
case jobState of
|
||||
Complete -> pure False
|
||||
Complete -> pure False
|
||||
Running _ -> retry
|
||||
Pending -> do
|
||||
Pending -> do
|
||||
writeTVar jobVar (Running now)
|
||||
pure True
|
||||
when runHere $ do
|
||||
|
@ -291,12 +309,13 @@ realise derivationName = do
|
|||
where
|
||||
runBuild start = do
|
||||
jobName <- ensureRunningJob derivationName
|
||||
handleWaitFail $ waitForJob derivationName >>= \case
|
||||
Success -> do
|
||||
now <- getCurrentTime
|
||||
say
|
||||
[i|Job #{jobName} completed for #{derivationName} after #{formatTime defaultTimeLocale "%2h:%2M:%2S" (diffUTCTime now start)}.|]
|
||||
Failure -> throw [i|Job #{jobName} failed #{derivationName}.|]
|
||||
handleWaitFail $
|
||||
waitForJob derivationName >>= \case
|
||||
Success -> do
|
||||
now <- getCurrentTime
|
||||
say
|
||||
[i|Job #{jobName} completed for #{derivationName} after #{formatTime defaultTimeLocale "%2h:%2M:%2S" (diffUTCTime now start)}.|]
|
||||
Failure -> throw [i|Job #{jobName} failed #{derivationName}.|]
|
||||
processWaitFail (WaitException e) = do
|
||||
sayErr
|
||||
[i|Retrying to find or create a job for #{derivationName} after waiting for job failed with error "#{e}" |]
|
||||
|
@ -311,9 +330,9 @@ checkStaleness = forever $ do
|
|||
when nothingQueued $ do
|
||||
knownJobs <-
|
||||
fmap strip
|
||||
. lines
|
||||
. decodeUtf8
|
||||
<$> (laminarc "show-running" |> captureTrim)
|
||||
. lines
|
||||
. decodeUtf8
|
||||
<$> (laminarc "show-running" |> captureTrim)
|
||||
jobs <- Map.toList <$> readTVarIO jobMap
|
||||
forConcurrently_ jobs $ \(derivationName, jobVar) ->
|
||||
checkStalenessFor knownJobs jobVar derivationName
|
||||
|
@ -328,15 +347,15 @@ checkStalenessFor jobs jobVar derivationName =
|
|||
[i|Still waiting for job #{jobName} for #{derivationName} after #{formatTime defaultTimeLocale "%2h:%2M:%2S" (diffUTCTime now start)} ...|]
|
||||
fileTime <- getModificationTime (runningPath derivationName)
|
||||
let notRunning = not $ any (`isInfixOf` jobName) jobs
|
||||
oldEnough = diffUTCTime now fileTime > 60
|
||||
stale = notRunning && oldEnough
|
||||
oldEnough = diffUTCTime now fileTime > 60
|
||||
stale = notRunning && oldEnough
|
||||
when stale $ do
|
||||
removeFile (runningPath derivationName)
|
||||
sayErr
|
||||
[i|File #{runningPath derivationName} claiming job name "#{jobName}" seems to be stale. Deleting File.|]
|
||||
where
|
||||
running (Running a) = Just a
|
||||
running _ = Nothing
|
||||
running _ = Nothing
|
||||
|
||||
waitForJob :: Text -> IO JobResult
|
||||
waitForJob derivationName = do
|
||||
|
@ -344,18 +363,20 @@ waitForJob derivationName = do
|
|||
let finished = atomically (writeTVar done True)
|
||||
withManager $ \manager -> do
|
||||
_ <- watchDir manager runningDir fileDeleted (const finished)
|
||||
withAsync (whenNothingM_ (getRunningJob derivationName) finished)
|
||||
(const $ atomically $ readTVar done >>= check)
|
||||
withAsync
|
||||
(whenNothingM_ (getRunningJob derivationName) finished)
|
||||
(const $ atomically $ readTVar done >>= check)
|
||||
resultText <-
|
||||
handleJust
|
||||
(guard . isDoesNotExistError)
|
||||
(const $ throwWait
|
||||
[i|Job result file #{resultPath derivationName} does not exist.|]
|
||||
)
|
||||
(guard . isDoesNotExistError)
|
||||
( const $
|
||||
throwWait
|
||||
[i|Job result file #{resultPath derivationName} does not exist.|]
|
||||
)
|
||||
$ readFile (resultPath derivationName)
|
||||
maybe
|
||||
(throwWait [i|Failed to parse result from #{resultPath derivationName}.|])
|
||||
pure
|
||||
(throwWait [i|Failed to parse result from #{resultPath derivationName}.|])
|
||||
pure
|
||||
. readMaybe
|
||||
. toString
|
||||
$ resultText
|
||||
|
@ -363,7 +384,6 @@ waitForJob derivationName = do
|
|||
fileDeleted (Removed a _ _) | a == runningPath derivationName = True
|
||||
fileDeleted _ = False
|
||||
|
||||
|
||||
main :: IO ()
|
||||
main = do
|
||||
hSetBuffering stdout LineBuffering
|
||||
|
@ -373,11 +393,12 @@ main = do
|
|||
args <- fmap toText <$> getArgs
|
||||
handle (\(JobException e) -> sayErr e >> exitFailure) $ case args of
|
||||
["realise-here", derivationName] -> job derivationName
|
||||
["realise" , derivationName] -> do
|
||||
["realise", derivationName] -> do
|
||||
jobId <- getEnv "JOB"
|
||||
runId <- getEnv "RUN"
|
||||
setEnv "LAMINAR_REASON"
|
||||
[i|Building #{derivationName} in #{jobId}:#{runId}|]
|
||||
setEnv
|
||||
"LAMINAR_REASON"
|
||||
[i|Building #{derivationName} in #{jobId}:#{runId}|]
|
||||
race_ (realise derivationName) checkStaleness
|
||||
_ ->
|
||||
sayErr "Usage: realise-here <derivationName> | realise <derivationName>"
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
{ pkgs, lib, config, ... }:
|
||||
let
|
||||
path = [ pkgs.git pkgs.nix pkgs.gnutar pkgs.gzip pkgs.openssh pkgs.laminar ];
|
||||
in {
|
||||
in
|
||||
{
|
||||
services.laminar.cfgFiles.jobs = {
|
||||
"logfeed.run" = pkgs.writeShellScript "logfeed.run" ''
|
||||
set -e
|
||||
|
|
|
@ -1,37 +1,42 @@
|
|||
{-# LANGUAGE DeriveAnyClass #-}
|
||||
{-# LANGUAGE TupleSections #-}
|
||||
{-# LANGUAGE LambdaCase #-}
|
||||
{-# LANGUAGE QuasiQuotes #-}
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
{-# LANGUAGE ExtendedDefaultRules #-}
|
||||
{-# LANGUAGE NoImplicitPrelude #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
{-# LANGUAGE FlexibleContexts #-}
|
||||
{-# LANGUAGE LambdaCase #-}
|
||||
{-# LANGUAGE OverloadedStrings #-}
|
||||
{-# LANGUAGE QuasiQuotes #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE TupleSections #-}
|
||||
{-# LANGUAGE NoImplicitPrelude #-}
|
||||
{-# OPTIONS_GHC -Wall -Werror -Wno-missing-signatures -Wno-type-defaults -Wno-orphans #-}
|
||||
|
||||
import Control.Concurrent.Async
|
||||
import Data.String.Interpolate
|
||||
import Data.Text ( stripPrefix )
|
||||
import Language.Haskell.TH.Syntax
|
||||
import Relude
|
||||
import Say
|
||||
import Shh
|
||||
import System.Environment
|
||||
import Control.Concurrent.Async
|
||||
import Data.String.Interpolate
|
||||
import Data.Text (stripPrefix)
|
||||
import Language.Haskell.TH.Syntax
|
||||
import Relude
|
||||
import Say
|
||||
import Shh
|
||||
import System.Environment
|
||||
|
||||
load Absolute ["laminarc", "git"]
|
||||
|
||||
repo = "git@hera.m-0.eu:nixos-config"
|
||||
|
||||
jobs :: [String]
|
||||
jobs = $$(liftTyped =<< runIO (do
|
||||
homes <- getEnv "HOMES"
|
||||
systems <- getEnv "SYSTEMS"
|
||||
let ret =((\x -> [i|system-config-#{x}|]) <$> (words . toText) systems)
|
||||
<> ((\x -> [i|home-config-#{x}|]) <$> (words . toText) homes)
|
||||
say [i|Found jobs #{ret}|]
|
||||
pure ret
|
||||
))
|
||||
jobs =
|
||||
$$( liftTyped
|
||||
=<< runIO
|
||||
( do
|
||||
homes <- getEnv "HOMES"
|
||||
systems <- getEnv "SYSTEMS"
|
||||
let ret =
|
||||
((\x -> [i|system-config-#{x}|]) <$> (words . toText) systems)
|
||||
<> ((\x -> [i|home-config-#{x}|]) <$> (words . toText) homes)
|
||||
say [i|Found jobs #{ret}|]
|
||||
pure ret
|
||||
)
|
||||
)
|
||||
|
||||
deployCommand :: String
|
||||
deployCommand = $$(liftTyped =<< runIO (getEnv "DEPLOY"))
|
||||
|
@ -46,11 +51,11 @@ main = do
|
|||
mapConcurrently_ (\x -> laminarc ["run", x, [i|BRANCH=#{branch}|]]) jobs
|
||||
say [i|Builds succeeded.|]
|
||||
when (branch == "master") $ do
|
||||
say [i|Deploying new config to localhost.|]
|
||||
exe "/run/wrappers/bin/sudo" deployCommand
|
||||
say [i|Deploying new config to localhost.|]
|
||||
exe "/run/wrappers/bin/sudo" deployCommand
|
||||
when (branch == "niv-bump") $ do
|
||||
say [i|Merging branch niv-bump into master.|]
|
||||
git "clone" repo "."
|
||||
git "checkout" "master"
|
||||
git "merge" "origin/niv-bump"
|
||||
git "push"
|
||||
say [i|Merging branch niv-bump into master.|]
|
||||
git "clone" repo "."
|
||||
git "checkout" "master"
|
||||
git "merge" "origin/niv-bump"
|
||||
git "push"
|
||||
|
|
|
@ -14,19 +14,23 @@ let
|
|||
writeFileText "derivation" derivationName
|
||||
say [i|Build of ${name} config for #{hostname} was successful.|]
|
||||
'';
|
||||
test-system-config = pkgs.writeHaskellScript {
|
||||
name = "test-system-config";
|
||||
inherit bins;
|
||||
inherit imports;
|
||||
} (haskellBody "system" ''
|
||||
buildSystemParams ++ paths ++ ["-I", [i|nixos-config=#{configDir}/nixos/machines/#{hostname}/configuration.nix|]]'');
|
||||
test-system-config = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "test-system-config";
|
||||
inherit bins;
|
||||
inherit imports;
|
||||
}
|
||||
(haskellBody "system" ''
|
||||
buildSystemParams ++ paths ++ ["-I", [i|nixos-config=#{configDir}/nixos/machines/#{hostname}/configuration.nix|]]'');
|
||||
|
||||
test-home-config = pkgs.writeHaskellScript {
|
||||
name = "test-home-config";
|
||||
inherit bins;
|
||||
inherit imports;
|
||||
} (haskellBody "home"
|
||||
''paths ++ [[i|#{configDir}/home-manager/target.nix|], "-A", hostname]'');
|
||||
test-home-config = pkgs.writeHaskellScript
|
||||
{
|
||||
name = "test-home-config";
|
||||
inherit bins;
|
||||
inherit imports;
|
||||
}
|
||||
(haskellBody "home"
|
||||
''paths ++ [[i|#{configDir}/home-manager/target.nix|], "-A", hostname]'');
|
||||
path = [ pkgs.git pkgs.nix pkgs.gnutar pkgs.gzip pkgs.openssh pkgs.laminar ];
|
||||
common = ''
|
||||
set -e
|
||||
|
@ -70,33 +74,42 @@ let
|
|||
});
|
||||
deployCommand = "${pkgs.writeShellScript "deploy-system-config"
|
||||
"${pkgs.systemd}/bin/systemctl start --no-block update-config"}";
|
||||
in {
|
||||
in
|
||||
{
|
||||
services.laminar.cfgFiles.jobs = {
|
||||
"test-config.run" = pkgs.writeHaskell "test-config" {
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
ghcEnv = {
|
||||
HOMES = lib.concatStringsSep " " homes;
|
||||
SYSTEMS = lib.concatStringsSep " " systems;
|
||||
DEPLOY = deployCommand;
|
||||
PATH = "${lib.makeBinPath [ pkgs.laminar pkgs.git ]}:$PATH";
|
||||
};
|
||||
ghcArgs = [ "-threaded" ];
|
||||
} (builtins.readFile ./test-config.hs);
|
||||
"bump-config.run" = pkgs.writeHaskell "bump-config" {
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
ghcEnv.PATH = "${lib.makeBinPath [ pkgs.git pkgs.niv pkgs.nix ]}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
} (builtins.readFile ./bump-config.hs);
|
||||
"test-config.run" = pkgs.writeHaskell "test-config"
|
||||
{
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
ghcEnv = {
|
||||
HOMES = lib.concatStringsSep " " homes;
|
||||
SYSTEMS = lib.concatStringsSep " " systems;
|
||||
DEPLOY = deployCommand;
|
||||
PATH = "${lib.makeBinPath [ pkgs.laminar pkgs.git ]}:$PATH";
|
||||
};
|
||||
ghcArgs = [ "-threaded" ];
|
||||
}
|
||||
(builtins.readFile ./test-config.hs);
|
||||
"bump-config.run" = pkgs.writeHaskell "bump-config"
|
||||
{
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
ghcEnv.PATH = "${lib.makeBinPath [ pkgs.git pkgs.niv pkgs.nix ]}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
}
|
||||
(builtins.readFile ./bump-config.hs);
|
||||
} // lib.listToAttrs (map mkHomeJob homes)
|
||||
// lib.listToAttrs (map mkSystemJob homes);
|
||||
security.sudo.extraRules = let allowedCommands = [ deployCommand ];
|
||||
in [{
|
||||
commands = map (command: {
|
||||
inherit command;
|
||||
options = [ "NOPASSWD" ];
|
||||
}) allowedCommands;
|
||||
users = [ "laminar" ];
|
||||
}];
|
||||
// lib.listToAttrs (map mkSystemJob homes);
|
||||
security.sudo.extraRules =
|
||||
let allowedCommands = [ deployCommand ];
|
||||
in
|
||||
[{
|
||||
commands = map
|
||||
(command: {
|
||||
inherit command;
|
||||
options = [ "NOPASSWD" ];
|
||||
})
|
||||
allowedCommands;
|
||||
users = [ "laminar" ];
|
||||
}];
|
||||
systemd.services = {
|
||||
update-config = {
|
||||
path = [ pkgs.git pkgs.nix ];
|
||||
|
@ -111,13 +124,15 @@ in {
|
|||
StartLimitIntervalSec = 360;
|
||||
StartLimitBurst = 3;
|
||||
};
|
||||
script = let user = "maralorn";
|
||||
in ''
|
||||
/run/wrappers/bin/sudo -u ${user} git -C /etc/nixos pull --ff-only
|
||||
/run/wrappers/bin/sudo -u ${user} git -C /etc/nixos submodule update --init
|
||||
/var/cache/gc-links/system-config-hera/bin/switch-to-configuration switch
|
||||
/run/wrappers/bin/sudo -u ${user} /var/cache/gc-links/home-config-hera/default/activate
|
||||
'';
|
||||
script =
|
||||
let user = "maralorn";
|
||||
in
|
||||
''
|
||||
/run/wrappers/bin/sudo -u ${user} git -C /etc/nixos pull --ff-only
|
||||
/run/wrappers/bin/sudo -u ${user} git -C /etc/nixos submodule update --init
|
||||
/var/cache/gc-links/system-config-hera/bin/switch-to-configuration switch
|
||||
/run/wrappers/bin/sudo -u ${user} /var/cache/gc-links/home-config-hera/default/activate
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,21 +8,21 @@ in
|
|||
systemd.services = {
|
||||
synapse-cleanup = {
|
||||
serviceConfig = {
|
||||
ExecStart = pkgs.writeHaskell "synapse-cleanup" {
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages ++ [
|
||||
pkgs.haskellPackages.postgresql-simple
|
||||
pkgs.haskellPackages.HTTP
|
||||
];
|
||||
ghcEnv.PATH = "${lib.makeBinPath [ pkgs.matrix-synapse-tools.rust-synapse-compress-state pkgs.postgresql_12 ]}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
} (builtins.readFile ./synapse-cleanup.hs);
|
||||
ExecStart = pkgs.writeHaskell "synapse-cleanup"
|
||||
{
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages ++ [
|
||||
pkgs.haskellPackages.postgresql-simple
|
||||
pkgs.haskellPackages.HTTP
|
||||
];
|
||||
ghcEnv.PATH = "${lib.makeBinPath [ pkgs.matrix-synapse-tools.rust-synapse-compress-state pkgs.postgresql_12 ]}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
}
|
||||
(builtins.readFile ./synapse-cleanup.hs);
|
||||
User = "matrix-synapse";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
synapse-worker-1 = {
|
||||
|
||||
};
|
||||
synapse-worker-1 = { };
|
||||
};
|
||||
services = {
|
||||
nginx = {
|
||||
|
@ -31,9 +31,10 @@ in
|
|||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations = {
|
||||
"/.well-known/matrix/server".extraConfig = let
|
||||
server."m.server" = "${hostName}:443";
|
||||
in
|
||||
"/.well-known/matrix/server".extraConfig =
|
||||
let
|
||||
server."m.server" = "${hostName}:443";
|
||||
in
|
||||
''
|
||||
add_header Content-Type application/json;
|
||||
return 200 '${builtins.toJSON server}';
|
||||
|
@ -42,11 +43,11 @@ in
|
|||
let
|
||||
client."m.homeserver".base_url = "https://${hostName}";
|
||||
in
|
||||
''
|
||||
add_header Content-Type application/json;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
return 200 '${builtins.toJSON client}';
|
||||
'';
|
||||
''
|
||||
add_header Content-Type application/json;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
return 200 '${builtins.toJSON client}';
|
||||
'';
|
||||
};
|
||||
};
|
||||
virtualHosts."${hostName}" = {
|
||||
|
@ -69,12 +70,14 @@ in
|
|||
};
|
||||
|
||||
# Synapse
|
||||
matrix-synapse = let
|
||||
server-secrets = pkgs.privateValue {
|
||||
registration_shared_secret = "";
|
||||
macaroon_secret_key = "";
|
||||
} "matrix/server-secrets";
|
||||
in
|
||||
matrix-synapse =
|
||||
let
|
||||
server-secrets = pkgs.privateValue
|
||||
{
|
||||
registration_shared_secret = "";
|
||||
macaroon_secret_key = "";
|
||||
} "matrix/server-secrets";
|
||||
in
|
||||
server-secrets // {
|
||||
enable = true;
|
||||
package = pkgs.matrix-synapse;
|
||||
|
@ -86,14 +89,15 @@ in
|
|||
max_upload_size = "30M";
|
||||
dynamic_thumbnails = true;
|
||||
turn_shared_secret = config.services.coturn.static-auth-secret;
|
||||
turn_uris = let
|
||||
turns = "turns:${config.services.coturn.realm}:${
|
||||
turn_uris =
|
||||
let
|
||||
turns = "turns:${config.services.coturn.realm}:${
|
||||
toString config.services.coturn.tls-listening-port
|
||||
}";
|
||||
turn = "turn:${config.services.coturn.realm}:${
|
||||
turn = "turn:${config.services.coturn.realm}:${
|
||||
toString config.services.coturn.listening-port
|
||||
}";
|
||||
in
|
||||
in
|
||||
[
|
||||
"${turns}?transport=udp"
|
||||
"${turns}?transport=tcp"
|
||||
|
@ -145,7 +149,7 @@ in
|
|||
type = "metrics";
|
||||
port = 9148;
|
||||
bind_address = "127.0.0.1";
|
||||
resources = [];
|
||||
resources = [ ];
|
||||
tls = false;
|
||||
}
|
||||
{
|
||||
|
|
|
@ -10,7 +10,8 @@ let
|
|||
'';
|
||||
basicAuthFile = pkgs.privateFile "basic-auth/monitoring";
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./alertmanager.nix
|
||||
./grafana.nix
|
||||
|
|
|
@ -20,7 +20,7 @@ let
|
|||
(heading "nix-output-monitor" "https://github.com/maralorn/nix-output-monitor")
|
||||
(badge "https://repology.org/badge/vertical-allrepos/nix-output-monitor.svg?columns=3&header=" "https://repology.org/project/nix-output-monitor/versions")
|
||||
];
|
||||
dashboards = pkgs.runCommand "dashboards" {} ''
|
||||
dashboards = pkgs.runCommand "dashboards" { } ''
|
||||
mkdir -p $out
|
||||
cp ${./grafana-dashboards}/* $out
|
||||
substituteInPlace $out/health-status.json --replace '@BADGES@' '${badges}' \
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
let
|
||||
watchNixpkgsPackage = name: branch: path:
|
||||
let job_name = "nixpkgs ${name} on ${branch}";
|
||||
in {
|
||||
in
|
||||
{
|
||||
inherit job_name;
|
||||
metrics_path = "/job/${path}/prometheus";
|
||||
scheme = "https";
|
||||
|
@ -20,7 +21,7 @@ let
|
|||
};
|
||||
watchHaskellUnstable = name:
|
||||
watchNixpkgsPackage name "haskell-updates"
|
||||
"nixpkgs/haskell-updates/haskellPackages.${name}.x86_64-linux";
|
||||
"nixpkgs/haskell-updates/haskellPackages.${name}.x86_64-linux";
|
||||
watchedHaskellUpdatesPkgs = builtins.attrNames (pkgs.myHaskellPackages) ++ [
|
||||
"jsaddle-warp"
|
||||
"stan"
|
||||
|
@ -38,7 +39,8 @@ let
|
|||
"cachix"
|
||||
"taffybar"
|
||||
];
|
||||
in {
|
||||
in
|
||||
{
|
||||
services.prometheus.scrapeConfigs =
|
||||
map watchHaskellUnstable watchedHaskellUpdatesPkgs ++ [
|
||||
(watchNixpkgsPackage "haskell-language-server-toplevel" "haskell-updates"
|
||||
|
|
|
@ -28,7 +28,8 @@ let
|
|||
} # The blackbox exporter's real hostname:port.
|
||||
];
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
services.prometheus = {
|
||||
exporters.blackbox = {
|
||||
enable = true;
|
||||
|
|
|
@ -11,33 +11,41 @@
|
|||
};
|
||||
};
|
||||
ruleFiles = [ ./rules.yml ];
|
||||
scrapeConfigs = let alert_type = "infrastructure";
|
||||
in [
|
||||
(let name = "matrix-synapse";
|
||||
in {
|
||||
job_name = name;
|
||||
metrics_path = "/_synapse/metrics";
|
||||
static_configs = [{
|
||||
targets = [ "localhost:9148" ];
|
||||
labels = {
|
||||
inherit name;
|
||||
inherit alert_type;
|
||||
};
|
||||
}];
|
||||
})
|
||||
] ++ map (entry:
|
||||
let inherit (entry) name;
|
||||
in {
|
||||
job_name = name;
|
||||
static_configs = [{
|
||||
targets = [ entry.host ];
|
||||
labels = {
|
||||
inherit name;
|
||||
inherit alert_type;
|
||||
inContainer = lib.boolToString entry.container;
|
||||
};
|
||||
}];
|
||||
}) config.m-0.monitoring;
|
||||
scrapeConfigs =
|
||||
let alert_type = "infrastructure";
|
||||
in
|
||||
[
|
||||
(
|
||||
let name = "matrix-synapse";
|
||||
in
|
||||
{
|
||||
job_name = name;
|
||||
metrics_path = "/_synapse/metrics";
|
||||
static_configs = [{
|
||||
targets = [ "localhost:9148" ];
|
||||
labels = {
|
||||
inherit name;
|
||||
inherit alert_type;
|
||||
};
|
||||
}];
|
||||
}
|
||||
)
|
||||
] ++ map
|
||||
(entry:
|
||||
let inherit (entry) name;
|
||||
in
|
||||
{
|
||||
job_name = name;
|
||||
static_configs = [{
|
||||
targets = [ entry.host ];
|
||||
labels = {
|
||||
inherit name;
|
||||
inherit alert_type;
|
||||
inContainer = lib.boolToString entry.container;
|
||||
};
|
||||
}];
|
||||
})
|
||||
config.m-0.monitoring;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,7 +6,8 @@
|
|||
};
|
||||
environment.systemPackages =
|
||||
let newpg = config.containers.temp-pg.config.services.postgresql;
|
||||
in [
|
||||
in
|
||||
[
|
||||
(pkgs.writeScriptBin "upgrade-pg-cluster" ''
|
||||
set -x
|
||||
export OLDDATA="${config.services.postgresql.dataDir}"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
self: super:
|
||||
let
|
||||
unstable = import super.sources.nixos-unstable {};
|
||||
unstable = import super.sources.nixos-unstable { };
|
||||
in
|
||||
{
|
||||
inherit (unstable)
|
||||
|
|
|
@ -3,6 +3,7 @@ let
|
|||
unfree = import self.sources."${self.nixpkgs-channel}" { config.allowUnfree = true; };
|
||||
unstableUnfree =
|
||||
import self.sources.nixos-unstable { config.allowUnfree = true; };
|
||||
in {
|
||||
in
|
||||
{
|
||||
inherit (unfree) discord factorio steam zoom-us skypeforlinux google-chrome minecraft;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
self: super:
|
||||
let
|
||||
inherit (super) fetchFromGitHub;
|
||||
master = import super.sources.nixpkgs-master {};
|
||||
master = import super.sources.nixpkgs-master { };
|
||||
inherit (master.haskell.lib) overrideCabal unmarkBroken doJailbreak dontCheck;
|
||||
makeHaskellScriptPackages = p: {
|
||||
inherit (p)
|
||||
|
@ -20,9 +20,9 @@ let
|
|||
hedgehog nix-derivation req
|
||||
;
|
||||
} // makeHaskellScriptPackages p;
|
||||
overrides = self: super: {
|
||||
generic-optics = dontCheck (unmarkBroken super.generic-optics);
|
||||
};
|
||||
overrides = self: super: {
|
||||
generic-optics = dontCheck (unmarkBroken super.generic-optics);
|
||||
};
|
||||
haskellPackages = master.haskellPackages.extend overrides;
|
||||
ghc = haskellPackages.ghc;
|
||||
in
|
||||
|
|
|
@ -9,4 +9,5 @@ let
|
|||
isOverlay = n: (isNixDir n || isNixFile n) && notDefault n;
|
||||
overlays = builtins.filter isOverlay candidates;
|
||||
importOverlay = n: import (pathToOverlay n);
|
||||
in map importOverlay overlays
|
||||
in
|
||||
map importOverlay overlays
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
{ stdenv, lib, grafana, writeScriptBin, symlinkJoin, writeTextFile
|
||||
, grafanaPlugins ? { } }:
|
||||
{ stdenv
|
||||
, lib
|
||||
, grafana
|
||||
, writeScriptBin
|
||||
, symlinkJoin
|
||||
, writeTextFile
|
||||
, grafanaPlugins ? { }
|
||||
}:
|
||||
let
|
||||
provision = symlinkJoin {
|
||||
name = "provision-files";
|
||||
|
@ -47,7 +53,8 @@ let
|
|||
})
|
||||
];
|
||||
};
|
||||
in writeScriptBin "grafana-devel" ''
|
||||
in
|
||||
writeScriptBin "grafana-devel" ''
|
||||
#! ${stdenv.shell}
|
||||
set -ex
|
||||
DIR=$(mktemp -d)
|
||||
|
|
|
@ -3,7 +3,8 @@ let
|
|||
inherit (python3Packages) jinja2 pendulum GitPython buildPythonApplication;
|
||||
pname = "jali";
|
||||
version = "b47d3b9";
|
||||
in buildPythonApplication {
|
||||
in
|
||||
buildPythonApplication {
|
||||
name = "${pname}-${version}";
|
||||
inherit pname version;
|
||||
doCheck = false;
|
||||
|
|
|
@ -9,5 +9,6 @@ self: super: {
|
|||
buildInputs = [ openssl ];
|
||||
cargoSha256 = "0nlc09sh679vfq7n08836mnjsax2pnskm64jk3c6k0l2spina3nd";
|
||||
doCheck = false;
|
||||
}) { };
|
||||
})
|
||||
{ };
|
||||
}
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
final: prev: let
|
||||
kassandra = prev.haskellPackages.callCabal2nix "kassandra" (prev.sources.kassandra2 + "/kassandra") {};
|
||||
final: prev:
|
||||
let
|
||||
kassandra = prev.haskellPackages.callCabal2nix "kassandra" (prev.sources.kassandra2 + "/kassandra") { };
|
||||
standalone = prev.haskellPackages.callCabal2nix "standalone" (prev.sources.kassandra2 + "/standalone") { inherit kassandra; };
|
||||
in {
|
||||
in
|
||||
{
|
||||
kassandra2 = standalone;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
final: prev: let
|
||||
master = import prev.sources.nixpkgs-master {};
|
||||
in {
|
||||
logfeed = master.haskellPackages.callCabal2nix "logfeed" prev.sources.logfeed {};
|
||||
final: prev:
|
||||
let
|
||||
master = import prev.sources.nixpkgs-master { };
|
||||
in
|
||||
{
|
||||
logfeed = master.haskellPackages.callCabal2nix "logfeed" prev.sources.logfeed { };
|
||||
}
|
||||
|
|
|
@ -4,7 +4,8 @@ let
|
|||
let
|
||||
pname = "matrix-commander";
|
||||
version = "67a6a89";
|
||||
in python3Packages.buildPythonApplication {
|
||||
in
|
||||
python3Packages.buildPythonApplication {
|
||||
name = "${pname}-${version}";
|
||||
inherit pname version;
|
||||
src = fetchFromGitHub {
|
||||
|
@ -31,4 +32,5 @@ let
|
|||
$out/bin/matrix-commander --help > /dev/null
|
||||
'';
|
||||
};
|
||||
in { matrix-commander = self.callPackage package { }; }
|
||||
in
|
||||
{ matrix-commander = self.callPackage package { }; }
|
||||
|
|
|
@ -49,7 +49,7 @@ self: super: {
|
|||
nixfmt nixpkgs-fmt rnix-lsp tmate rustup kitty nix-top ghcWithPackages ghcid matrix-commander upterm
|
||||
lazygit
|
||||
;
|
||||
obelisk = (import self.sources.obelisk {}).command;
|
||||
obelisk = (import self.sources.obelisk { }).command;
|
||||
};
|
||||
accounting-pkgs = {
|
||||
inherit (self.haskellPackages) hledger hledger-ui hledger-web hledger-iadd;
|
||||
|
@ -57,7 +57,7 @@ self: super: {
|
|||
};
|
||||
system-pkgs = self.core-system-pkgs // self.extra-system-pkgs // {
|
||||
home-manager =
|
||||
self.callPackage "${self.sources.${self.home-manager-channel}}/home-manager" {};
|
||||
self.callPackage "${self.sources.${self.home-manager-channel}}/home-manager" { };
|
||||
};
|
||||
foreign-home-pkgs = self.extra-system-pkgs;
|
||||
}
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
self: super: {
|
||||
taskwarrior-git = self.haskellPackages.callCabal2nix "taskwarrior-git" self.sources.taskwarrior-git-backend {};
|
||||
taskwarrior-git = self.haskellPackages.callCabal2nix "taskwarrior-git" self.sources.taskwarrior-git-backend { };
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
self: super:
|
||||
let inherit (self) lib pkgs;
|
||||
in {
|
||||
in
|
||||
{
|
||||
haskellList = list: ''["${builtins.concatStringsSep ''", "'' list}"]'';
|
||||
# writeHaskell takes a name, an attrset with libraries and haskell version (both optional)
|
||||
# and some haskell source code and returns an executable.
|
||||
|
@ -13,37 +14,42 @@ in {
|
|||
# '';
|
||||
writeHaskell = name:
|
||||
{ libraries ? [ ], ghc ? pkgs.ghc, ghcArgs ? [ ], ghcEnv ? { } }:
|
||||
pkgs.writers.makeBinWriter {
|
||||
compileScript = let filename = lib.last (builtins.split "/" name);
|
||||
in ''
|
||||
cp $contentPath ${filename}.hs
|
||||
${
|
||||
lib.concatStringsSep " "
|
||||
(lib.mapAttrsToList (key: val: ''${key}="${val}"'') ghcEnv)
|
||||
} ${ghc.withPackages (_: libraries)}/bin/ghc ${
|
||||
lib.escapeShellArgs ghcArgs
|
||||
} ${filename}.hs
|
||||
mv ${filename} $out
|
||||
${pkgs.binutils-unwrapped}/bin/strip --strip-unneeded "$out"
|
||||
'';
|
||||
} name;
|
||||
pkgs.writers.makeBinWriter
|
||||
{
|
||||
compileScript =
|
||||
let filename = lib.last (builtins.split "/" name);
|
||||
in
|
||||
''
|
||||
cp $contentPath ${filename}.hs
|
||||
${
|
||||
lib.concatStringsSep " "
|
||||
(lib.mapAttrsToList (key: val: ''${key}="${val}"'') ghcEnv)
|
||||
} ${ghc.withPackages (_: libraries)}/bin/ghc ${
|
||||
lib.escapeShellArgs ghcArgs
|
||||
} ${filename}.hs
|
||||
mv ${filename} $out
|
||||
${pkgs.binutils-unwrapped}/bin/strip --strip-unneeded "$out"
|
||||
'';
|
||||
}
|
||||
name;
|
||||
|
||||
# writeHaskellBin takes the same arguments as writeHaskell but outputs a directory (like writeScriptBin)
|
||||
writeHaskellBin = name: pkgs.writeHaskell "/bin/${name}";
|
||||
writeHaskellScript = { name ? "haskell-script", bins ? [ ], imports ? [ ] }:
|
||||
code:
|
||||
pkgs.writeHaskellBin name {
|
||||
ghcArgs = [
|
||||
"-threaded"
|
||||
"-Wall"
|
||||
"-Wno-unused-top-binds"
|
||||
"-Wno-missing-signatures"
|
||||
"-Wno-type-defaults"
|
||||
"-Wno-unused-imports"
|
||||
"-Werror"
|
||||
];
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
} ''
|
||||
pkgs.writeHaskellBin name
|
||||
{
|
||||
ghcArgs = [
|
||||
"-threaded"
|
||||
"-Wall"
|
||||
"-Wno-unused-top-binds"
|
||||
"-Wno-missing-signatures"
|
||||
"-Wno-type-defaults"
|
||||
"-Wno-unused-imports"
|
||||
"-Werror"
|
||||
];
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages;
|
||||
} ''
|
||||
{-# LANGUAGE DeriveDataTypeable #-}
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
{-# LANGUAGE QuasiQuotes #-}
|
||||
|
|
13
private.nix
13
private.nix
|
@ -3,11 +3,14 @@ let
|
|||
explicitUsePrivate = builtins.getEnv "WITH_SECRETS" == "true";
|
||||
explicitNotUsePrivate = builtins.getEnv "WITH_SECRETS" == "false";
|
||||
usePrivate = !explicitNotUsePrivate && (explicitUsePrivate || privateExists);
|
||||
withSecrets = builtins.trace (if usePrivate then
|
||||
assert privateExists; "Building _with_ secrets!"
|
||||
else
|
||||
"Building _without_ secrets!") usePrivate;
|
||||
in {
|
||||
withSecrets = builtins.trace
|
||||
(if usePrivate then
|
||||
assert privateExists; "Building _with_ secrets!"
|
||||
else
|
||||
"Building _without_ secrets!")
|
||||
usePrivate;
|
||||
in
|
||||
{
|
||||
inherit withSecrets;
|
||||
privatePath = name:
|
||||
let path = "/etc/nixos/private/${name}";
|
||||
|
|
Loading…
Reference in a new issue