Tons of changes
This commit is contained in:
parent
676bc91f74
commit
c7720b7035
|
@ -7,9 +7,6 @@ with lib;
|
||||||
imports = [ ./secret ];
|
imports = [ ./secret ];
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
nixpkgs.overlays = [ (self: super: {
|
|
||||||
unstable = import (builtins.fetchGit { url = "https://github.com/NixOS/nixpkgs-channels"; ref = "nixos-unstable";}) {};
|
|
||||||
})];
|
|
||||||
m-0.monitoring = [ {
|
m-0.monitoring = [ {
|
||||||
host = "apollo:9100";
|
host = "apollo:9100";
|
||||||
name = "apollo";
|
name = "apollo";
|
||||||
|
|
|
@ -1,8 +1,18 @@
|
||||||
let
|
let
|
||||||
inherit (import ../common/lib.nix) niv;
|
inherit (import ../common/lib.nix) niv;
|
||||||
|
pkgs = import <nixpkgs> {};
|
||||||
|
unstable = import <unstable> {};
|
||||||
|
lorriSrc = (import ../nix/sources.nix).lorri;
|
||||||
|
lorri = import lorriSrc { src = lorriSrc; pkgs = unstable; };
|
||||||
|
neovim = pkgs.neovim.override {
|
||||||
|
vimAlias = true;
|
||||||
|
withPython3 = true;
|
||||||
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
core = pkgs: with pkgs; [
|
core = builtins.attrValues {
|
||||||
|
inherit neovim;
|
||||||
|
inherit (pkgs)
|
||||||
gitFull
|
gitFull
|
||||||
gnumake
|
gnumake
|
||||||
python3
|
python3
|
||||||
|
@ -11,10 +21,6 @@ in
|
||||||
wget
|
wget
|
||||||
curl
|
curl
|
||||||
wireguard
|
wireguard
|
||||||
(pkgs.neovim.override {
|
|
||||||
vimAlias = true;
|
|
||||||
withPython3 = true;
|
|
||||||
})
|
|
||||||
gnupg
|
gnupg
|
||||||
mutt
|
mutt
|
||||||
bind
|
bind
|
||||||
|
@ -23,26 +29,24 @@ in
|
||||||
unzip
|
unzip
|
||||||
rename
|
rename
|
||||||
whois
|
whois
|
||||||
lsof
|
lsof;
|
||||||
];
|
};
|
||||||
|
|
||||||
|
extra = builtins.attrValues {
|
||||||
|
inherit lorri niv;
|
||||||
|
inherit (pkgs.gitAndTools) git-annex;
|
||||||
|
inherit (pkgs.rxvt_unicode) terminfo;
|
||||||
|
inherit (pkgs.pythonPackages) qrcode;
|
||||||
|
inherit (pkgs)
|
||||||
|
|
||||||
extra = pkgs: with pkgs; let
|
|
||||||
lorriSrc = builtins.fetchGit { url = "https://github.com/target/lorri.git"; ref = "rolling-release"; };
|
|
||||||
lorri = import "${lorriSrc}/default.nix" { src = lorriSrc; inherit pkgs; };
|
|
||||||
in
|
|
||||||
[
|
|
||||||
niv
|
|
||||||
git-crypt
|
git-crypt
|
||||||
gitAndTools.git-annex
|
|
||||||
htop
|
htop
|
||||||
tree
|
tree
|
||||||
rxvt_unicode.terminfo
|
|
||||||
pwgen
|
pwgen
|
||||||
borgbackup
|
borgbackup
|
||||||
inotifyTools
|
inotifyTools
|
||||||
|
|
||||||
direnv
|
direnv
|
||||||
#lorri
|
|
||||||
|
|
||||||
socat
|
socat
|
||||||
nmap
|
nmap
|
||||||
|
@ -58,10 +62,9 @@ in
|
||||||
|
|
||||||
ripgrep
|
ripgrep
|
||||||
|
|
||||||
pythonPackages.qrcode
|
|
||||||
ranger
|
ranger
|
||||||
|
|
||||||
pass
|
pass
|
||||||
sshuttle
|
sshuttle;
|
||||||
];
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,6 +6,7 @@ let
|
||||||
broken = false;
|
broken = false;
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
});
|
});
|
||||||
|
haskellList = list: ''["${builtins.concatStringsSep ''", "'' list}"]'';
|
||||||
writeHaskellScript = { name ? "haskell-script", bins ? [pkgs.coreutils], libraries ? [], imports ? []}: code:
|
writeHaskellScript = { name ? "haskell-script", bins ? [pkgs.coreutils], libraries ? [], imports ? []}: code:
|
||||||
unstable.writers.writeHaskellBin name { libraries = libraries ++ [shh unstable.haskellPackages.string-interpolate ]; } ''
|
unstable.writers.writeHaskellBin name { libraries = libraries ++ [shh unstable.haskellPackages.string-interpolate ]; } ''
|
||||||
{-# LANGUAGE DeriveDataTypeable #-}
|
{-# LANGUAGE DeriveDataTypeable #-}
|
||||||
|
@ -26,7 +27,7 @@ let
|
||||||
|
|
||||||
-- Load binaries from Nix packages. The dependencies will be captured
|
-- Load binaries from Nix packages. The dependencies will be captured
|
||||||
-- in the closure.
|
-- in the closure.
|
||||||
loadFromBins ["${builtins.concatStringsSep ''", "'' (builtins.map toString bins)}"]
|
loadFromBins ${haskellList (builtins.map toString bins)}
|
||||||
|
|
||||||
${code}
|
${code}
|
||||||
'';
|
'';
|
||||||
|
@ -46,7 +47,7 @@ let
|
||||||
nix_instantiate ["--eval", "-E", [i|toString #{expr}|]] |> trimQuotation
|
nix_instantiate ["--eval", "-E", [i|toString #{expr}|]] |> trimQuotation
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
inherit writeHaskellScript get-niv-path unstable sources;
|
inherit writeHaskellScript get-niv-path unstable sources haskellList;
|
||||||
niv = (import sources.niv {}).niv;
|
niv = (import sources.niv {}).niv;
|
||||||
home-manager = pkgs.callPackage <home-manager/home-manager> {};
|
home-manager = pkgs.callPackage <home-manager/home-manager> {};
|
||||||
gcRetentionDays = 5;
|
gcRetentionDays = 5;
|
||||||
|
|
|
@ -77,7 +77,7 @@ mkIf config.m-0.laptop.enable {
|
||||||
evince
|
evince
|
||||||
gnome3.nautilus
|
gnome3.nautilus
|
||||||
|
|
||||||
# (import (fetchTarball https://cachix.org/api/v1/install) {}).cachix
|
(import ../nix/sources.nix).cachix
|
||||||
|
|
||||||
# look & feel
|
# look & feel
|
||||||
libertine
|
libertine
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
let
|
let
|
||||||
inherit (config.m-0.private) me wireguard;
|
inherit (config.m-0.private) me wireguard;
|
||||||
inherit (config.m-0) hosts prefix;
|
inherit (config.m-0) hosts prefix;
|
||||||
nixos-hardware = (builtins.fetchGit "https://github.com/nixos/nixos-hardware");
|
nixos-hardware = (import ../../nix/sources.nix).nixos-hardware;
|
||||||
in {
|
in {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
# You need pw-files for every configured user in ./secret/pw-useralias for login to work.
|
# You need pw-files for every configured user in ./secret/pw-useralias for login to work.
|
||||||
|
# dropbearkey -t rsa -f /etc/nixos/hosts/<hostname>/secret/boot_rsa
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (config.m-0.private) me;
|
inherit (config.m-0.private) me;
|
||||||
|
@ -12,6 +13,7 @@ imports = [
|
||||||
../../system/test-timer.nix
|
../../system/test-timer.nix
|
||||||
../../system/standalone.nix
|
../../system/standalone.nix
|
||||||
../../system/server.nix
|
../../system/server.nix
|
||||||
|
../../system/git.nix
|
||||||
./borg.nix
|
./borg.nix
|
||||||
./mail.nix
|
./mail.nix
|
||||||
./boot.nix
|
./boot.nix
|
||||||
|
@ -39,11 +41,6 @@ services = {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
m-0 = {
|
|
||||||
# dropbearkey -t rsa -f /etc/nixos/hosts/<hostname>/secret/boot_rsa
|
|
||||||
git-server.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.choreutes = {
|
users.users.choreutes = {
|
||||||
linger = true;
|
linger = true;
|
||||||
description = "choreutes";
|
description = "choreutes";
|
||||||
|
|
|
@ -26,7 +26,7 @@ containers.mail = {
|
||||||
config = { pkgs, lib, ... }: {
|
config = { pkgs, lib, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
../../system
|
../../system
|
||||||
"${(builtins.fetchGit "ssh://git@hera/nixos-mailserver")}"
|
"${(import ../../nix/sources.nix).nixos-mailserver}"
|
||||||
];
|
];
|
||||||
services.prometheus.exporters = {
|
services.prometheus.exporters = {
|
||||||
node.port = 9101;
|
node.port = 9101;
|
||||||
|
@ -44,8 +44,16 @@ containers.mail = {
|
||||||
};
|
};
|
||||||
systemd.services = {
|
systemd.services = {
|
||||||
atomail = {
|
atomail = {
|
||||||
script = ''
|
script =
|
||||||
${pkgs.python}/bin/python ${builtins.fetchGit "https://github.com/remko/atomail.git"}/atomail.py --title "Readlater-E-Mails" --uri="http://hera-intern-v4:8842/rss.xml" /var/www/rss.xml --mode=maildir --file "/var/vmail/maralorn.de/malte.brandy/.Move.readlater/" --max-items=100
|
let
|
||||||
|
atomail = pkgs.fetchFromGitHub {
|
||||||
|
owner = "remko";
|
||||||
|
repo = "atomail";
|
||||||
|
rev = "f079966cb808f51fcc67be91b609942cdb49898a";
|
||||||
|
sha256 = "0a4j4xajn2yysgcb17jmb6ak148kk0kwf7khml7dbnh7807fv9b6";
|
||||||
|
};
|
||||||
|
in ''
|
||||||
|
${pkgs.python}/bin/python ${atomail}/atomail.py --title "Readlater-E-Mails" --uri="http://hera-intern-v4:8842/rss.xml" /var/www/rss.xml --mode=maildir --file "/var/vmail/maralorn.de/malte.brandy/.Move.readlater/" --max-items=100
|
||||||
${pkgs.rsync}/bin/rsync -a /var/vmail/maralorn.de/malte.brandy/.Move.readlater/cur/ /var/vmail/maralorn.de/malte.brandy/.Archiv.unsortiert/cur --remove-source-files
|
${pkgs.rsync}/bin/rsync -a /var/vmail/maralorn.de/malte.brandy/.Move.readlater/cur/ /var/vmail/maralorn.de/malte.brandy/.Archiv.unsortiert/cur --remove-source-files
|
||||||
'';
|
'';
|
||||||
startAt = "19:58:00";
|
startAt = "19:58:00";
|
||||||
|
|
|
@ -1,4 +1,16 @@
|
||||||
{
|
{
|
||||||
|
"cachix": {
|
||||||
|
"branch": "master",
|
||||||
|
"description": "Command line client for Nix binary cache hosting:",
|
||||||
|
"homepage": "https://cachix.org",
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "cachix",
|
||||||
|
"rev": "53e15349b45679fd47a97bf4d030b024dbada9fd",
|
||||||
|
"sha256": "0ir92v4hk60hvvgqbjp97mlrks3wm7881gd2wc177r1hy24wvxdi",
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://github.com/cachix/cachix/archive/53e15349b45679fd47a97bf4d030b024dbada9fd.tar.gz",
|
||||||
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"branch": "release-19.03",
|
"branch": "release-19.03",
|
||||||
"description": "Manage a user environment using Nix",
|
"description": "Manage a user environment using Nix",
|
||||||
|
@ -11,6 +23,18 @@
|
||||||
"url": "https://github.com/rycee/home-manager/archive/a85f22164d56052f027e71718c99ec0a1c3d25d1.tar.gz",
|
"url": "https://github.com/rycee/home-manager/archive/a85f22164d56052f027e71718c99ec0a1c3d25d1.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
|
"lorri": {
|
||||||
|
"branch": "rolling-release",
|
||||||
|
"description": "Your project's nix-env",
|
||||||
|
"homepage": "",
|
||||||
|
"owner": "target",
|
||||||
|
"repo": "lorri",
|
||||||
|
"rev": "d3e452ebc2b24ab86aec18af44c8217b2e469b2a",
|
||||||
|
"sha256": "07yf3gl9sixh7acxayq4q8h7z4q8a66412z0r49sr69yxb7b4q89",
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://github.com/target/lorri/archive/d3e452ebc2b24ab86aec18af44c8217b2e469b2a.tar.gz",
|
||||||
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
|
},
|
||||||
"niv": {
|
"niv": {
|
||||||
"branch": "master",
|
"branch": "master",
|
||||||
"description": "Easy dependency management for Nix projects",
|
"description": "Easy dependency management for Nix projects",
|
||||||
|
@ -23,6 +47,30 @@
|
||||||
"url": "https://github.com/nmattia/niv/archive/8b7b70465c130d8d7a98fba1396ad1481daee518.tar.gz",
|
"url": "https://github.com/nmattia/niv/archive/8b7b70465c130d8d7a98fba1396ad1481daee518.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
|
"nixos-hardware": {
|
||||||
|
"branch": "master",
|
||||||
|
"description": "A collection of NixOS modules covering hardware quirks.",
|
||||||
|
"homepage": "",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixos-hardware",
|
||||||
|
"rev": "03db9669a6fc712e9537201d55639287eb606765",
|
||||||
|
"sha256": "1g8kap5qzva58pcwn2xj1cs0k9w9mpbrlk5diaaarlgizp4l2x0z",
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://github.com/nixos/nixos-hardware/archive/03db9669a6fc712e9537201d55639287eb606765.tar.gz",
|
||||||
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
|
},
|
||||||
|
"nixos-mailserver": {
|
||||||
|
"branch": "master",
|
||||||
|
"description": "Fork of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git",
|
||||||
|
"homepage": "",
|
||||||
|
"owner": "maralorn",
|
||||||
|
"repo": "nixos-mailserver",
|
||||||
|
"rev": "36f0b7ed587be92bfa9032d45bcc3c9b3520ed6b",
|
||||||
|
"sha256": "1bydmapzvw71qd5lkxkb706jfd8cc5zmnv7dcdxiqd73hyfydpas",
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://github.com/maralorn/nixos-mailserver/archive/36f0b7ed587be92bfa9032d45bcc3c9b3520ed6b.tar.gz",
|
||||||
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"branch": "nixos-19.03",
|
"branch": "nixos-19.03",
|
||||||
"description": "Nixpkgs/NixOS branches that track the Nixpkgs/NixOS channels",
|
"description": "Nixpkgs/NixOS branches that track the Nixpkgs/NixOS channels",
|
||||||
|
|
|
@ -6,7 +6,6 @@ in {
|
||||||
imports = [
|
imports = [
|
||||||
../common
|
../common
|
||||||
./modules/laptop.nix
|
./modules/laptop.nix
|
||||||
./modules/git.nix
|
|
||||||
./modules/mathechor.de.nix
|
./modules/mathechor.de.nix
|
||||||
./modules/blog.nix
|
./modules/blog.nix
|
||||||
./modules/riot.nix
|
./modules/riot.nix
|
||||||
|
|
42
system/git.nix
Normal file
42
system/git.nix
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
inherit (import ../common/lib.nix) writeHaskellScript haskellList;
|
||||||
|
me = config.m-0.private.me;
|
||||||
|
test-command = ["${pkgs.systemd}/bin/systemctl" "start" "test-and-bump-config.service"];
|
||||||
|
upgrade-command = ["${pkgs.systemd}/bin/systemctl" "start" "system-maintenance.service"];
|
||||||
|
post-update = writeHaskellScript {
|
||||||
|
name = "post-update";
|
||||||
|
bins = [ pkgs.git pkgs.nix ];
|
||||||
|
imports = [ "System.Environment (lookupEnv)" "Data.Foldable (for_)"];
|
||||||
|
} ''
|
||||||
|
main = do
|
||||||
|
mirror <- lookupEnv "GL_OPTION_MIRROR"
|
||||||
|
for_ mirror $ \mirror -> do
|
||||||
|
writeOutput ([i|Forwarding push to #{mirror}|] :: String)
|
||||||
|
git "push" "--all" mirror
|
||||||
|
deploy <- lookupEnv "GL_OPTION_WEB_DEPLOY"
|
||||||
|
for_ deploy $ \deploy -> do
|
||||||
|
writeOutput ([i|Deploying build to /var/www/#{deploy}|] :: String)
|
||||||
|
nix "build" "-o" ([i|/var/www/#{deploy}|] :: String)
|
||||||
|
writeOutput "Done"
|
||||||
|
test <- lookupEnv "GL_OPTION_TEST"
|
||||||
|
for_ test $ \_ -> do
|
||||||
|
writeOutput "Triggering a system update … You can wait or disconnect";
|
||||||
|
exe "sudo" ${haskellList test-command};
|
||||||
|
exe "sudo" ${haskellList upgrade-command};
|
||||||
|
writeOutput "Done";
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
{
|
||||||
|
users.users.git.linger = true; # Frequent restarting of the systemd-user-unit leads to errors
|
||||||
|
security.sudo.extraRules = [ { commands = [
|
||||||
|
{ command = builtins.concatStringsSep " " test-command; options = [ "NOPASSWD" ]; }
|
||||||
|
{ command = builtins.concatStringsSep " " upgrade-command; options = [ "NOPASSWD" ]; }
|
||||||
|
]; users = [ "git" ]; } ];
|
||||||
|
services.gitolite = {
|
||||||
|
enable = true;
|
||||||
|
user = "git";
|
||||||
|
adminPubkey = builtins.elemAt me.keys 0;
|
||||||
|
commonHooks = [ "${post-update}/bin/post-update" ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,39 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
|
|
||||||
me = config.m-0.private.me;
|
|
||||||
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options = {
|
|
||||||
m-0.git-server.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = let
|
|
||||||
upgrade-command = "${pkgs.systemd}/bin/systemctl start nixos-upgrade.service";
|
|
||||||
in
|
|
||||||
mkIf config.m-0.git-server.enable {
|
|
||||||
users.users.git.linger = true; # Frequent restarting of the systemd-user-unit leads to errors
|
|
||||||
security.sudo.extraRules = [ { commands = [ { command = upgrade-command; options = [ "NOPASSWD" ]; } ]; users = [ "git" ]; } ];
|
|
||||||
services.gitolite = {
|
|
||||||
enable = true;
|
|
||||||
user = "git";
|
|
||||||
adminPubkey = builtins.elemAt me.keys 0;
|
|
||||||
commonHooks = [ "${pkgs.writeShellScriptBin "post-update" ''
|
|
||||||
if [ -n "$GL_OPTION_MIRROR" ]; then
|
|
||||||
echo "Forwarding push to $GL_OPTION_MIRROR";
|
|
||||||
git push --all $GL_OPTION_MIRROR;
|
|
||||||
fi
|
|
||||||
if [ -n "$GL_OPTION_REBUILD" ]; then
|
|
||||||
echo "Triggering a system update … You can wait or disconnect";
|
|
||||||
sudo ${upgrade-command};
|
|
||||||
echo "Done";
|
|
||||||
fi
|
|
||||||
''}/bin/post-update" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -8,6 +8,8 @@ config = {
|
||||||
startAt = "2:45";
|
startAt = "2:45";
|
||||||
environment.NIX_PATH = "/etc/nix-path:nixos-config=/etc/nixos/configuration.nix";
|
environment.NIX_PATH = "/etc/nix-path:nixos-config=/etc/nixos/configuration.nix";
|
||||||
path = [ pkgs.git ];
|
path = [ pkgs.git ];
|
||||||
|
restartIfChanged = false;
|
||||||
|
unitConfig.X-StopOnRemoval = false;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart = "${(import ./update-lib.nix config.system.build.nixos-rebuild).system-maintenance}/bin/system-maintenance";
|
ExecStart = "${(import ./update-lib.nix config.system.build.nixos-rebuild).system-maintenance}/bin/system-maintenance";
|
||||||
|
|
|
@ -25,7 +25,7 @@ with lib;
|
||||||
environment = {
|
environment = {
|
||||||
# Put these into an extra file so the essential packages can also be included on non selfadminstrated systems from home-manager
|
# Put these into an extra file so the essential packages can also be included on non selfadminstrated systems from home-manager
|
||||||
systemPackages = let essentials = import ../common/essentials.nix;
|
systemPackages = let essentials = import ../common/essentials.nix;
|
||||||
in (essentials.core pkgs) ++ (essentials.extra pkgs) ++ (builtins.attrValues {
|
in essentials.core ++ essentials.extra ++ (builtins.attrValues {
|
||||||
inherit (import ./test-lib.nix) test-system-config test-home-config test-and-bump-config;
|
inherit (import ./test-lib.nix) test-system-config test-home-config test-and-bump-config;
|
||||||
inherit (import ../common/lib.nix) home-manager;
|
inherit (import ../common/lib.nix) home-manager;
|
||||||
inherit (import ./update-lib.nix config.system.build.nixos-rebuild) update-system system-maintenance;
|
inherit (import ./update-lib.nix config.system.build.nixos-rebuild) update-system system-maintenance;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
let
|
let
|
||||||
pkgs = import <nixpkgs> {};
|
pkgs = import <nixpkgs> {};
|
||||||
inherit (import ../common/lib.nix) writeHaskellScript get-niv-path home-manager unstable niv;
|
inherit (import ../common/lib.nix) writeHaskellScript get-niv-path home-manager unstable niv haskellList;
|
||||||
haskellBody = commandline:
|
haskellBody = commandline:
|
||||||
''
|
''
|
||||||
getNivPath dir = readTrim . get_niv_path ([i|#{dir :: String}/nix/sources.nix|] :: String)
|
getNivPath dir = readTrim . get_niv_path ([i|#{dir :: String}/nix/sources.nix|] :: String)
|
||||||
|
@ -33,6 +33,9 @@ let
|
||||||
|
|
||||||
repoSrc = "git@hera.m-0.eu:nixos-config";
|
repoSrc = "git@hera.m-0.eu:nixos-config";
|
||||||
configPath = "/etc/nixos";
|
configPath = "/etc/nixos";
|
||||||
|
systems = ["apollo" "hera"];
|
||||||
|
homes = ["apollo" "hera" "hephaistos"];
|
||||||
|
keys = ["default" "apollo" "hera"];
|
||||||
test-and-bump-config = writeHaskellScript {
|
test-and-bump-config = writeHaskellScript {
|
||||||
name = "test-and-bump-config";
|
name = "test-and-bump-config";
|
||||||
bins = [ test-system-config test-home-config pkgs.git pkgs.coreutils niv pkgs.git-crypt ];
|
bins = [ test-system-config test-home-config pkgs.git pkgs.coreutils niv pkgs.git-crypt ];
|
||||||
|
@ -48,10 +51,10 @@ let
|
||||||
path <- readTrim pwd
|
path <- readTrim pwd
|
||||||
bracket checkout (rm "-rf") $ \dir -> do
|
bracket checkout (rm "-rf") $ \dir -> do
|
||||||
withCurrentDirectory dir $ do
|
withCurrentDirectory dir $ do
|
||||||
mapM_ (\x -> git_crypt "unlock" ([i|${configPath}/.git/git-crypt/keys/#{x}|] :: String)) ["default", "apollo", "hera"]
|
mapM_ (\x -> git_crypt "unlock" ([i|${configPath}/.git/git-crypt/keys/#{x}|] :: String)) ${haskellList keys}
|
||||||
ignoreFailure $ niv "update"
|
ignoreFailure $ niv "update"
|
||||||
mapM_ (test_system_config dir) ["apollo", "hera"]
|
mapM_ (test_system_config dir) ${haskellList systems}
|
||||||
mapM_ (test_home_config dir) ["apollo", "hera", "hephaistos"]
|
mapM_ (test_home_config dir) ${haskellList homes}
|
||||||
changed <- ((mempty /=) <$>) . readTrim $ git "-C" dir "status" "--porcelain"
|
changed <- ((mempty /=) <$>) . readTrim $ git "-C" dir "status" "--porcelain"
|
||||||
when changed $ do
|
when changed $ do
|
||||||
git "-C" dir "config" "user.email" "maralorn@maralorn.de"
|
git "-C" dir "config" "user.email" "maralorn@maralorn.de"
|
||||||
|
|
Loading…
Reference in a new issue