maralorn/nixos-config
1
0
Fork 0
Code Wiki Activity

Lots of changes

Browse source
This commit is contained in:
Malte Brandy 2019-08-02 20:41:58 +02:00
parent 733ac4d4e2
commit 48257078eb
12 changed files with 134 additions and 173 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
home/modules/weechat/default.nix
View file

@ -10,7 +10,8 @@ in {
default = ""; default = "";
}; };
user = mkOption { type = types.str; }; user = mkOption { type = types.str; };
pw = mkOption { type = types.str; }; hackint_pw = mkOption { type = types.str; };
freenode_pw = mkOption { type = types.str; };
}; };
config = mkIf config.m-0.weechat.enable { config = mkIf config.m-0.weechat.enable {
@ -23,14 +24,14 @@ in {
target = ".weechat/perl"; target = ".weechat/perl";
source = ./plugins/perl; source = ./plugins/perl;
}; };
plugins = { # plugins = {
target = ".weechat/plugins.conf"; # target = ".weechat/plugins.conf";
text = '' # text = ''
[var] # [var]
python.buffer_autohide.hide_inactive = on # python.buffer_autohide.hide_inactive = off
python.buffer_autohide.hide_private = on # python.buffer_autohide.hide_private = off
''; # '';
}; # };
weechat = { weechat = {
target = ".weechat/weechat.conf"; target = ".weechat/weechat.conf";
text = '' text = ''
@ -67,7 +68,7 @@ in {
freenode.ssl = on freenode.ssl = on
freenode.sasl_mechanism = plain freenode.sasl_mechanism = plain
freenode.sasl_username = "${config.m-0.weechat.user}" freenode.sasl_username = "${config.m-0.weechat.user}"
freenode.sasl_password = "${config.m-0.weechat.pw}" freenode.sasl_password = "${config.m-0.weechat.freenode_pw}"
freenode.autoconnect = on freenode.autoconnect = on
freenode.username = "${config.m-0.weechat.user}" freenode.username = "${config.m-0.weechat.user}"
freenode.autojoin = "#nixos,#matrix,#haskell" freenode.autojoin = "#nixos,#matrix,#haskell"
@ -77,7 +78,7 @@ in {
hackint.ssl = on hackint.ssl = on
hackint.sasl_mechanism = plain hackint.sasl_mechanism = plain
hackint.sasl_username = "${config.m-0.weechat.user}" hackint.sasl_username = "${config.m-0.weechat.user}"
hackint.sasl_password = "${config.m-0.weechat.pw}" hackint.sasl_password = "${config.m-0.weechat.hackint_pw}"
hackint.autoconnect = on hackint.autoconnect = on
hackint.username = "${config.m-0.weechat.user}" hackint.username = "${config.m-0.weechat.user}"
hackint.autojoin = "${config.m-0.weechat.channels}" hackint.autojoin = "${config.m-0.weechat.channels}"

1
home/modules/weechat/plugins/python/autoload/buffer_autohide.py
View file

@ -1 +0,0 @@
../buffer_autohide.py

4
hosts/hera/home.nix
View file

@ -13,9 +13,7 @@
}; };
weechat = { weechat = {
enable = true; enable = true;
user = config.m-0.private.hackint.user; inherit (config.m-0.private.hackint) user hackint_pw freenode_pw channels;
pw = config.m-0.private.hackint.hackint_pw;
channels = config.m-0.private.hackint.channels;
}; };
}; };

BIN
hosts/hera/secret/default.nix
View file

Binary file not shown.

4
hosts/hera/web.nix
View file

@ -51,6 +51,7 @@ in {
}; };
containers.web = { containers.web = {
bindMounts = { bindMounts = {
"/var/www" = { hostPath = "/var/www"; };
"${certPath}" = { "${certPath}" = {
hostPath = certPath; hostPath = certPath;
isReadOnly = false; isReadOnly = false;
@ -60,7 +61,7 @@ in {
privateNetwork = true; privateNetwork = true;
hostBridge = "bridge"; hostBridge = "bridge";
config = { pkgs, lib, ... }: { config = { pkgs, lib, ... }: {
imports = [ ../../system ]; imports = [ ../../system ../../system/blog.nix ];
networking = { networking = {
interfaces.eth0 = { interfaces.eth0 = {
ipv6.addresses = [{ ipv6.addresses = [{
@ -76,7 +77,6 @@ in {
firewall.allowedTCPPorts = [ 80 443 ]; firewall.allowedTCPPorts = [ 80 443 ];
}; };
m-0 = { m-0 = {
blog.enable = true;
mathechor-de = { mathechor-de = {
enable = true; enable = true;
password = config.m-0.private.mathechor-pw; password = config.m-0.private.mathechor-pw;

2
lib/test.nix
View file

@ -12,7 +12,7 @@ in rec {
main = do main = do
(configDir:hostname:args) <- getArgs (configDir:hostname:args) <- getArgs
paths <- concat <$> mapM (getNivAssign configDir) ["nixpkgs", "unstable", "home-manager"] paths <- concat <$> mapM (getNivAssign configDir) ["nixpkgs", "unstable", "home-manager"]
putStrLn [i|Trying to build ${name} config for #{hostname}] putStrLn [i|Trying to build ${name} config for #{hostname}|]
${commandline} ${commandline}
''; '';
bins = [ get-niv-path pkgs.nix ]; bins = [ get-niv-path pkgs.nix ];

160
pkgs/default.nix
View file

@ -18,8 +18,8 @@ in rec {
core-system-pkgs = { core-system-pkgs = {
inherit neovim; inherit neovim;
inherit (pkgs) inherit (pkgs)
gitFull gnumake python3 mkpasswd file wget curl wireguard gnupg mutt bind gitFull gnumake python3 mkpasswd file wget curl wireguard gnupg mutt bind
liboping psmisc unzip rename whois lsof; liboping psmisc unzip rename whois lsof;
}; };
extra-system-pkgs = { extra-system-pkgs = {
@ -28,8 +28,8 @@ in rec {
inherit (pkgs.rxvt_unicode) terminfo; inherit (pkgs.rxvt_unicode) terminfo;
inherit (pkgs.pythonPackages) qrcode; inherit (pkgs.pythonPackages) qrcode;
inherit (pkgs) inherit (pkgs)
git-crypt htop tree pwgen borgbackup inotifyTools direnv socat nmap git-crypt htop tree pwgen borgbackup inotifyTools direnv socat nmap
tcpdump tmux tig exa fzf ag fd bat ripgrep ranger pass sshuttle; tcpdump tmux tig exa fzf ag fd bat ripgrep ranger pass sshuttle;
}; };
gw2wrapper = writeHaskellScript { gw2wrapper = writeHaskellScript {
name = "gw2wrapper"; name = "gw2wrapper";
@ -37,37 +37,37 @@ in rec {
imports = imports =
[ "System.Directory (withCurrentDirectory)" "Control.Monad (when)" ]; [ "System.Directory (withCurrentDirectory)" "Control.Monad (when)" ];
} '' } ''
waitForExit = do waitForExit = do
sleep "5s" sleep "5s"
processes <- readTrim $ ps "aux" processes <- readTrim $ ps "aux"
when when
(BSC.isInfixOf (BSC.pack "GW2.exe") (LBSC.toStrict processes)) (BSC.isInfixOf (BSC.pack "GW2.exe") (LBSC.toStrict processes))
waitForExit waitForExit
main = do main = do
withCurrentDirectory "/home/maralorn/GW2" $ exe "./play.sh" withCurrentDirectory "/home/maralorn/GW2" $ exe "./play.sh"
waitForExit waitForExit
''; '';
laptop-home-pkgs = { laptop-home-pkgs = {
maintenance = pkgs.writeShellScriptBin "maintenance" '' maintenance = pkgs.writeShellScriptBin "maintenance" ''
git -C ~/git/nixos/config pull git -C ~/git/nixos/config pull
update-home update-home
sudo -A update-system sudo -A update-system
sudo -A nix-collect-garbage --delete-older-than ${ sudo -A nix-collect-garbage --delete-older-than ${
toString gcRetentionDays toString gcRetentionDays
}d }d
sudo -A nix optimise-store sudo -A nix optimise-store
''; '';
rewlan = pkgs.writeShellScriptBin "rewlan" '' rewlan = pkgs.writeShellScriptBin "rewlan" ''
nmcli r wifi off; nmcli r wifi off;
sleep 0.1s; sleep 0.1s;
nmcli r wifi on; nmcli r wifi on;
''; '';
gw2 = pkgs.buildFHSUserEnv { gw2 = pkgs.buildFHSUserEnv {
name = "gw2"; name = "gw2";
targetPkgs = pkgs: (with pkgs; [ sambaFull ]); targetPkgs = pkgs: (with pkgs; [ sambaFull ]);
multiPkgs = pkgs: multiPkgs = pkgs:
(with pkgs; (with pkgs;
with xorg; [ with xorg; [
file file
@ -95,15 +95,14 @@ in rec {
gnutls gnutls
krb5Full krb5Full
]); ]);
runScript = "${gw2wrapper}/bin/gw2wrapper"; runScript = "${gw2wrapper}/bin/gw2wrapper";
}; };
cachix = import sources.cachix { }; cachix = import sources.cachix { };
nixfmt = import sources.nixfmt { }; inherit (pkgs.gnome3) nautilus;
inherit (pkgs.gnome3) nautilus; inherit (pkgs.xorg) xev xbacklight;
inherit (pkgs.xorg) xev xbacklight; inherit (pkgs)
inherit (pkgs)
# web # web
chromium chromium
# communication # communication
signal-desktop tdesktop acpi dino mumble signal-desktop tdesktop acpi dino mumble
@ -126,47 +125,48 @@ in rec {
# games # games
minetest; minetest;
}; };
my-home-pkgs = { my-home-pkgs = {
print215 = pkgs.writeShellScriptBin "print215" '' print215 = pkgs.writeShellScriptBin "print215" ''
scp "$@" ag-forward: scp "$@" ag-forward:
ssh ag-forward lpr -Zduplex -r "$@" ssh ag-forward lpr -Zduplex -r "$@"
''; '';
print215single = pkgs.writeShellScriptBin "print215single" '' print215single = pkgs.writeShellScriptBin "print215single" ''
scp "$@" ag-forward: scp "$@" ag-forward:
ssh ag-forward lpr -r "$@" ssh ag-forward lpr -r "$@"
''; '';
}; };
urxvt = pkgs.rxvt_unicode-with-plugins; urxvt = pkgs.rxvt_unicode-with-plugins;
terminal = pkgs.writeShellScriptBin "terminal" '' terminal = pkgs.writeShellScriptBin "terminal" ''
${urxvt}/bin/urxvtc "$@" ${urxvt}/bin/urxvtc "$@"
if [ $? -eq 2 ]; then if [ $? -eq 2 ]; then
${urxvt}/bin/urxvtd -q -o -f ${urxvt}/bin/urxvtd -q -o -f
${urxvt}/bin/urxvtc "$@" ${urxvt}/bin/urxvtc "$@"
fi fi
''; '';
desktop-pkgs = { desktop-pkgs = {
inherit urxvt tasktree terminal; inherit urxvt tasktree terminal;
inherit (pkgs) xautolock; inherit (pkgs) xautolock;
inherit (pkgs.gnome3) dconf; inherit (pkgs.gnome3) dconf;
}; };
home-pkgs = { home-pkgs = {
inherit (pkgs.pythonPackages) yapf jsbeautifier; nixfmt = import sources.nixfmt { };
inherit (pkgs) ncmpcpp shfmt htmlTidy astyle; inherit (pkgs.pythonPackages) yapf jsbeautifier;
inherit (my-lib) ghc; inherit (pkgs) ncmpcpp shfmt htmlTidy astyle;
inherit home-neovim; inherit (my-lib) ghc;
}; inherit home-neovim;
accounting-pkgs = { };
jali = pkgs.callPackage ./jali { }; accounting-pkgs = {
inherit (pkgs.haskellPackages) hledger hledger-ui; jali = pkgs.callPackage ./jali { };
inherit (pkgs) ledger; inherit (pkgs.haskellPackages) hledger hledger-ui;
}; inherit (pkgs) ledger;
system-pkgs = core-system-pkgs // extra-system-pkgs // { };
inherit (import ../lib/test.nix) system-pkgs = core-system-pkgs // extra-system-pkgs // {
inherit (import ../lib/test.nix)
test-system-config test-home-config test-config; test-system-config test-home-config test-config;
inherit (my-lib) home-manager; inherit (my-lib) home-manager;
}; };
foreign-home-pkgs = extra-system-pkgs; foreign-home-pkgs = extra-system-pkgs;
eventd = pkgs.callPackage ./eventd { }; eventd = pkgs.callPackage ./eventd { };
} }

20
system/blog.nix Normal file
View file

@ -0,0 +1,20 @@
{ config, pkgs, lib, ... }: {
networking.firewall.allowedTCPPorts = [ 80 443 ];
services = {
nginx = {
enable = true;
virtualHosts."blog.maralorn.de" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
root = "/var/www/blog";
index = "index.html";
};
};
};
};
};
}

8
system/default.nix
View file

@ -8,7 +8,6 @@ in {
../common ../common
./modules/laptop.nix ./modules/laptop.nix
./modules/mathechor.de.nix ./modules/mathechor.de.nix
./modules/blog.nix
./modules/riot.nix ./modules/riot.nix
./modules/loginctl-linger.nix ./modules/loginctl-linger.nix
]; ];
@ -40,11 +39,8 @@ in {
}; };
nix = { nix = {
binaryCaches = [ binaryCaches =
"https://cache.nixos.org/" [ "https://cache.nixos.org/" "https://nixcache.reflex-frp.org" ];
"https://nixcache.reflex-frp.org"
"ssh://nix-ssh@hera.m-0.eu"
];
binaryCachePublicKeys = binaryCachePublicKeys =
[ "ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI=" ]; [ "ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI=" ];
nixPath = [ "/etc/nix-path" ]; nixPath = [ "/etc/nix-path" ];

16
system/git.nix
View file

@ -11,8 +11,19 @@ let
post-update = writeHaskellScript { post-update = writeHaskellScript {
name = "post-update"; name = "post-update";
bins = [ pkgs.git pkgs.nix ]; bins = [ pkgs.git pkgs.nix ];
imports = [ "System.Environment (lookupEnv)" "Data.Foldable (for_)" ]; imports = [
"System.Environment (lookupEnv)"
"Data.Foldable (for_)"
"Control.Monad (ap)"
"Control.Exception (bracket)"
"System.Directory (withCurrentDirectory)"
];
} '' } ''
checkout :: String -> IO FilePath
checkout pwd = (mktemp "-d" |> captureTrim)
>>= ((ap (<$) $ git "clone" pwd) . LBSC.unpack)
main = do main = do
mirror <- lookupEnv "GL_OPTION_MIRROR" mirror <- lookupEnv "GL_OPTION_MIRROR"
for_ mirror $ \mirror -> do for_ mirror $ \mirror -> do
@ -20,8 +31,9 @@ let
git "push" "--all" mirror git "push" "--all" mirror
deploy <- lookupEnv "GL_OPTION_WEB_DEPLOY" deploy <- lookupEnv "GL_OPTION_WEB_DEPLOY"
for_ deploy $ \deploy -> do for_ deploy $ \deploy -> do
path <- readTrim pwd
echo ([i|Deploying build to /var/www/#{deploy}|] :: String) echo ([i|Deploying build to /var/www/#{deploy}|] :: String)
nix "build" "-o" ([i|/var/www/#{deploy}|] :: String) bracket (checkout $ LBSC.unpack path)(rm "-rf") $ \dir -> withCurrentDirectory dir $ nix "build" "-o" ([i|/var/www/#{deploy}|] :: String)
echo "Done" echo "Done"
test <- lookupEnv "GL_OPTION_TEST" test <- lookupEnv "GL_OPTION_TEST"
for_ test $ \_ -> do for_ test $ \_ -> do

53
system/modules/blog.nix
View file

@ -1,53 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
let
page = pkgs.stdenv.mkDerivation {
name = "blog.maralorn.de";
src = builtins.fetchGit "git@hera:blog";
buildInputs =
[ (pkgs.python3.withPackages (ps: [ ps.pelican ps.markdown ])) ];
LC_ALL = "en_US.UTF-8";
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
buildPhase = ''
make html
'';
installPhase = ''
mkdir $out
cp -r output/* $out
'';
};
in {
options = {
m-0.blog = {
enable = mkOption {
type = types.bool;
default = false;
};
};
};
config = mkIf config.m-0.blog.enable {
networking.firewall.allowedTCPPorts = [ 80 443 ];
services = {
nginx = {
enable = true;
virtualHosts."blog.maralorn.de" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
root = "${page}";
index = "index.html";
};
};
};
};
};
};
}

16
system/modules/mathechor.de.nix
View file

@ -4,18 +4,6 @@ with lib;
let let
me = config.m-0.private.me; me = config.m-0.private.me;
page = pkgs.stdenv.mkDerivation {
name = "mathechor.de";
src = builtins.fetchGit "git@hera:mathechor.de";
buildInputs = [ pkgs.pandoc pkgs.python3 ];
LC_ALL = "en_US.UTF-8";
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
installPhase = ''
mkdir $out
cp -r intern/output $out/intern
cp -r public/output $out/public
'';
};
in { in {
@ -41,7 +29,7 @@ in {
enableACME = true; enableACME = true;
locations = { locations = {
"/" = { "/" = {
root = "${page}/public"; root = "/var/www/mathechor/public";
index = "index.html"; index = "index.html";
extraConfig = extraConfig =
"location ~* .(otf)$ {add_header Access-Control-Allow-Origin *;}"; "location ~* .(otf)$ {add_header Access-Control-Allow-Origin *;}";
@ -54,7 +42,7 @@ in {
basicAuth.mathechor = config.m-0.mathechor-de.password; basicAuth.mathechor = config.m-0.mathechor-de.password;
locations = { locations = {
"/" = { "/" = {
root = "${page}/intern"; root = "/var/www/mathechor/intern";
index = "index.html"; index = "index.html";
}; };
"/mathechor.ics" = { "/mathechor.ics" = {