Compare commits

..

2 commits

Author SHA1 Message Date
e5bce573da
updated README 2023-11-08 00:26:30 +01:00
a3126d6b5d
Code Linting and hooks to do so automatically 2023-11-08 00:25:59 +01:00
5 changed files with 72 additions and 90 deletions

View file

@ -146,8 +146,7 @@ machine. The only technically required file in there is `configuration.nix`. So
A good skeleton is probably: A good skeleton is probably:
``` ```
flake-inputs: {config, pkgs, lib, flake-inputs, ... }: {
{config, pkgs, lib, ... }: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
@ -282,3 +281,29 @@ something like this:
{lib, pkgs, config, ...} : {lib, pkgs, config, ...} :
<module code > <module code >
``` ```
# Contributing
Like with all FS projects, you are welcome to contribute. Work is done usually by the person that is most annoyed
by the circumstances or by the person that didn't run fast enough. So we are happy if we get help. That doesn't
mean that we don't need to have some level of quality, people after us needs to work with it. It is live infrastructure
and downtime hurts someone (and in the wrong moment even really bad (Matheball ticket sales for example).
So here are some Guidelines.
## Coding style and linting.
If you run `nix check` there are automated checks in place, please make sure to pass them.
There is also a code autoformatter (`alejandra`) incorporated into those. You can also install
them into your local git repository as pre-commit hooks, and setting up a shell that has
even more tooling by running `nix develop`. That will give you a bash in which you can run
all the checks manually `pre-commit run -a`. This will also run the autoformatter.
## Process for submitting changes
1. If it is something bigger, please open an issue first describing what and why you want to do something.
If it is just something small, skip this step.
2. Fork the repo and implement your changes in a branch on your fork. Afterwards open a pull request (possibly mentioning the issue).
Against the main branch.
- Your branch should be based on an up to date version of main, if it is not consider rebasing.
3. You will need to find someone with the proper rights to approve of your changes, but most of the time there will be request
for changes first.

View file

@ -18,20 +18,32 @@
pkgs, pkgs,
... ...
}: { }: {
devShells.default = pkgs.mkShell { devShells.default = config.pre-commit.devShell;
shellHook = config.pre-commit.installationScript;
};
pre-commit = { pre-commit = let
generatedFiles = [
"hardware-configuration\\.nix"
];
in {
check.enable = true; check.enable = true;
pkgs = inputs'.nixpkgs.legacyPackages; pkgs = inputs'.nixpkgs.legacyPackages;
settings.hooks = { settings = {
# for some reason statix takes it config differently than all the other hooks.
settings.statix = {
format = "stderr";
ignore = generatedFiles;
};
hooks = {
nil.enable = true; nil.enable = true;
statix.enable = true; statix.enable = true;
deadnix.enable = true; deadnix = {
enable = true;
excludes = generatedFiles;
};
alejandra.enable = true; alejandra.enable = true;
}; };
}; };
};
# Per-system attributes can be defined here. The self' and inputs' # Per-system attributes can be defined here. The self' and inputs'
# module parameters provide easy access to attributes of the same # module parameters provide easy access to attributes of the same

View file

@ -33,24 +33,6 @@
"type": "indirect" "type": "indirect"
} }
}, },
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1697303681, "lastModified": 1697303681,
@ -169,35 +151,12 @@
"type": "github" "type": "github"
} }
}, },
"pre-commit-hooks": {
"inputs": {
"flake-compat": [],
"flake-utils": "flake-utils",
"gitignore": [],
"nixpkgs": [],
"nixpkgs-stable": []
},
"locked": {
"lastModified": 1699271226,
"narHash": "sha256-8Jt1KW3xTjolD6c6OjJm9USx/jmL+VVmbooADCkdDfU=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "ea758da1a6dcde6dc36db348ed690d09b9864128",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"impermanence": "impermanence", "impermanence": "impermanence",
"nixos-mailserver": "nixos-mailserver", "nixos-mailserver": "nixos-mailserver",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"pre-commit-hooks": "pre-commit-hooks",
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }
}, },
@ -222,21 +181,6 @@
"type": "github" "type": "github"
} }
}, },
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": { "utils": {
"locked": { "locked": {
"lastModified": 1605370193, "lastModified": 1605370193,

View file

@ -11,15 +11,15 @@
nixosConfigurations = withSystem "x86_64-linux" ({pkgs, ...}: let nixosConfigurations = withSystem "x86_64-linux" ({pkgs, ...}: let
machines = builtins.attrNames (builtins.readDir ./machines); machines = builtins.attrNames (builtins.readDir ./machines);
makeSystem = name: let makeSystem = name: let
importedModule = import (./. + "/machines/${name}/configuration.nix"); importedConfig = import (./. + "/machines/${name}/configuration.nix");
configModule = systemConfig =
if lib.isFunction importedModule if lib.isFunction importedConfig
then importedModule inputs then x: importedConfig (x // {flake-inputs = inputs;})
else importedModule; else importedConfig;
in in
pkgs.nixos { pkgs.nixos {
imports = [ imports = [
configModule systemConfig
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.impermanence.nixosModules.impermanence inputs.impermanence.nixosModules.impermanence
]; ];

View file

@ -28,32 +28,33 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.jitsi-meet = { services = {
jitsi-meet = {
enable = true; enable = true;
config = { config = {
defaultLang = "de"; defaultLang = "de";
}; };
inherit (cfg) hostName; inherit (cfg) hostName;
}; };
services.jitsi-videobridge = { jitsi-videobridge = {
openFirewall = true; openFirewall = true;
nat = { nat = {
publicAddress = "130.83.2.184"; publicAddress = "130.83.2.184";
inherit (cfg) localAddress; inherit (cfg) localAddress;
}; };
}; };
#We are behind a reverse proxy that handles TLS
nginx.virtualHosts."${cfg.hostName}" = {
enableACME = false;
forceSSL = false;
};
};
environment.persistence.${config.impermanence.name} = { environment.persistence.${config.impermanence.name} = {
directories = [ directories = [
"/var/lib/jitsi-meet" "/var/lib/jitsi-meet"
"/var/lib/prosody" "/var/lib/prosody"
]; ];
}; };
#We are behind a reverse proxy that handles TLS
services.nginx.virtualHosts."${cfg.hostName}" = {
enableACME = false;
forceSSL = false;
};
#The network ports for HTTP(S) are not opened automatically #The network ports for HTTP(S) are not opened automatically
networking.firewall.allowedTCPPorts = [80 443]; networking.firewall.allowedTCPPorts = [80 443];
}; };