flake-update #11
|
@ -18,17 +18,15 @@
|
|||
attrs:
|
||||
lib.listToAttrs (
|
||||
lib.flatten (
|
||||
lib.mapAttrsToList
|
||||
(
|
||||
outer_key:
|
||||
lib.mapAttrsToList (
|
||||
inner_key: value: {
|
||||
name = "${outer_key}-${inner_key}";
|
||||
inherit value;
|
||||
}
|
||||
)
|
||||
lib.mapAttrsToList (
|
||||
outer_key:
|
||||
lib.mapAttrsToList (
|
||||
inner_key: value: {
|
||||
name = "${outer_key}-${inner_key}";
|
||||
inherit value;
|
||||
}
|
||||
)
|
||||
attrs
|
||||
) attrs
|
||||
)
|
||||
);
|
||||
nixFromDirs =
|
||||
|
@ -37,17 +35,15 @@
|
|||
dir:
|
||||
builtins.concatLists (
|
||||
builtins.attrValues (
|
||||
builtins.mapAttrs
|
||||
(
|
||||
name: path_type:
|
||||
if path_type == "regular" && builtins.match "[^_].*\\.nix" name != null then
|
||||
[ (import (dir + "/${name}")) ]
|
||||
else if path_type == "directory" then
|
||||
nixFromDir (dir + "/${name}")
|
||||
else
|
||||
[ ]
|
||||
)
|
||||
(builtins.readDir dir)
|
||||
builtins.mapAttrs (
|
||||
name: path_type:
|
||||
if path_type == "regular" && builtins.match "[^_].*\\.nix" name != null then
|
||||
[ (import (dir + "/${name}")) ]
|
||||
else if path_type == "directory" then
|
||||
nixFromDir (dir + "/${name}")
|
||||
else
|
||||
[ ]
|
||||
) (builtins.readDir dir)
|
||||
)
|
||||
);
|
||||
in
|
||||
|
|
|
@ -60,38 +60,32 @@ let
|
|||
};
|
||||
project_configs = builtins.zipAttrsWith (_: lib.concatLists) [
|
||||
custom_configs
|
||||
(lib.genAttrs format_haskell (
|
||||
_: [
|
||||
{
|
||||
name = "haskell";
|
||||
auto-format = true;
|
||||
}
|
||||
]
|
||||
))
|
||||
(lib.genAttrs format_nix (
|
||||
_: [
|
||||
{
|
||||
name = "nix";
|
||||
auto-format = true;
|
||||
}
|
||||
]
|
||||
))
|
||||
(lib.genAttrs format_haskell (_: [
|
||||
{
|
||||
name = "haskell";
|
||||
auto-format = true;
|
||||
}
|
||||
]))
|
||||
(lib.genAttrs format_nix (_: [
|
||||
{
|
||||
name = "nix";
|
||||
auto-format = true;
|
||||
}
|
||||
]))
|
||||
];
|
||||
in
|
||||
{
|
||||
|
||||
home = {
|
||||
activation.configureHelixProjects = lib.concatStringsSep "\n" (
|
||||
lib.mapAttrsToList
|
||||
(name: value: ''
|
||||
if [ -d "${config.home.homeDirectory}/git/${name}" ]; then
|
||||
mkdir -p "${config.home.homeDirectory}/git/${name}/.helix"
|
||||
ln -sf ${
|
||||
(pkgs.formats.toml { }).generate "languages.toml" { language = value; }
|
||||
} ${config.home.homeDirectory}/git/${name}/.helix/languages.toml
|
||||
fi
|
||||
'')
|
||||
project_configs
|
||||
lib.mapAttrsToList (name: value: ''
|
||||
if [ -d "${config.home.homeDirectory}/git/${name}" ]; then
|
||||
mkdir -p "${config.home.homeDirectory}/git/${name}/.helix"
|
||||
ln -sf ${
|
||||
(pkgs.formats.toml { }).generate "languages.toml" { language = value; }
|
||||
} ${config.home.homeDirectory}/git/${name}/.helix/languages.toml
|
||||
fi
|
||||
'') project_configs
|
||||
);
|
||||
sessionVariables = {
|
||||
EDITOR = "hx";
|
||||
|
|
|
@ -6,15 +6,12 @@
|
|||
}:
|
||||
let
|
||||
inherit
|
||||
(pkgs.privateValue
|
||||
{
|
||||
gpg = "";
|
||||
name = "";
|
||||
mail = "";
|
||||
alternates = [ ];
|
||||
}
|
||||
"mail/me"
|
||||
)
|
||||
(pkgs.privateValue {
|
||||
gpg = "";
|
||||
name = "";
|
||||
mail = "";
|
||||
alternates = [ ];
|
||||
} "mail/me")
|
||||
gpg
|
||||
name
|
||||
alternates
|
||||
|
|
|
@ -5,14 +5,11 @@
|
|||
...
|
||||
}:
|
||||
let
|
||||
lists =
|
||||
pkgs.privateValue
|
||||
{
|
||||
sortLists = [ ];
|
||||
stupidLists = [ ];
|
||||
notifications = [ ];
|
||||
}
|
||||
"mail/filters";
|
||||
lists = pkgs.privateValue {
|
||||
sortLists = [ ];
|
||||
stupidLists = [ ];
|
||||
notifications = [ ];
|
||||
} "mail/filters";
|
||||
maildir = config.accounts.email.maildirBasePath;
|
||||
# mhdr -h List-ID -d Maildir/hera/Archiv/unsortiert | sort | sed 's/^.*<\(.*\)>$/\1/' | uniq | xargs -I '{}' sh -c "notmuch count List:{} | sed 's/$/: {}/'" | sort
|
||||
# To find candidates
|
||||
|
|
|
@ -3,16 +3,14 @@
|
|||
home = {
|
||||
# This fixes border drawing but makes neo wonky. sessionVariables.NIXOS_OZONE_WL = "1";
|
||||
packages = builtins.attrValues {
|
||||
zoom = pkgs.zoom-us.overrideAttrs (
|
||||
old: {
|
||||
postFixup =
|
||||
old.postFixup
|
||||
+ ''
|
||||
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
|
||||
wrapProgram $out/bin/zoom --unset XDG_SESSION_TYPE
|
||||
'';
|
||||
}
|
||||
);
|
||||
zoom = pkgs.zoom-us.overrideAttrs (old: {
|
||||
postFixup =
|
||||
old.postFixup
|
||||
+ ''
|
||||
wrapProgram $out/bin/zoom-us --unset XDG_SESSION_TYPE
|
||||
wrapProgram $out/bin/zoom --unset XDG_SESSION_TYPE
|
||||
'';
|
||||
});
|
||||
mic-check = pkgs.writeShellScriptBin "mic-check" ''
|
||||
echo "Activating loopback!"
|
||||
${pkgs.pulseaudio}/bin/pactl load-module module-loopback
|
||||
|
|
|
@ -190,9 +190,7 @@ let
|
|||
};
|
||||
}
|
||||
];
|
||||
my-hotkeys = pkgs.writeShellScriptBin "my-hotkeys" "${lib.getBin pkgs.wizards-dialog}/bin/hotkeys ${
|
||||
pkgs.writeText "hotkeys.yaml" (builtins.toJSON hotkeys)
|
||||
}";
|
||||
my-hotkeys = pkgs.writeShellScriptBin "my-hotkeys" "${lib.getBin pkgs.wizards-dialog}/bin/hotkeys ${pkgs.writeText "hotkeys.yaml" (builtins.toJSON hotkeys)}";
|
||||
in
|
||||
{
|
||||
home.packages = [ my-hotkeys ];
|
||||
|
|
|
@ -12,19 +12,17 @@ in
|
|||
[default]
|
||||
default_calendar = Standard
|
||||
[calendars]
|
||||
${pkgs.lib.concatMapStringsSep "\n"
|
||||
(
|
||||
{
|
||||
name,
|
||||
readOnly ? false,
|
||||
...
|
||||
}:
|
||||
''
|
||||
[[${name}]]
|
||||
type = discover
|
||||
path = ~/.calendars/${name}/*
|
||||
readonly = ${if readOnly then "True" else "False"}''
|
||||
)
|
||||
calendars}
|
||||
${pkgs.lib.concatMapStringsSep "\n" (
|
||||
{
|
||||
name,
|
||||
readOnly ? false,
|
||||
...
|
||||
}:
|
||||
''
|
||||
[[${name}]]
|
||||
type = discover
|
||||
path = ~/.calendars/${name}/*
|
||||
readonly = ${if readOnly then "True" else "False"}''
|
||||
) calendars}
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -86,14 +86,12 @@ in
|
|||
human_buffer_names = on
|
||||
[server]
|
||||
${lib.concatStringsSep "\n" (
|
||||
lib.mapAttrsToList
|
||||
(server: serverConfig: ''
|
||||
${server}.address = "${serverConfig.address}"
|
||||
${server}.autoconnect = on
|
||||
${server}.username = "${serverConfig.user}"
|
||||
${server}.password = "${serverConfig.password}"
|
||||
'')
|
||||
(pkgs.privateValue { } "weechat/matrix")
|
||||
lib.mapAttrsToList (server: serverConfig: ''
|
||||
${server}.address = "${serverConfig.address}"
|
||||
${server}.autoconnect = on
|
||||
${server}.username = "${serverConfig.user}"
|
||||
${server}.password = "${serverConfig.password}"
|
||||
'') (pkgs.privateValue { } "weechat/matrix")
|
||||
)}
|
||||
'';
|
||||
};
|
||||
|
|
|
@ -65,16 +65,13 @@ in
|
|||
openDefaultPorts = true;
|
||||
cert = config.age.secrets."syncthing/apollo/cert.pem".path;
|
||||
key = config.age.secrets."syncthing/apollo/key.pem".path;
|
||||
settings =
|
||||
syncthing.declarativeWith
|
||||
[
|
||||
"hera"
|
||||
"zeus"
|
||||
"pegasus"
|
||||
"hephaistos"
|
||||
"athene"
|
||||
]
|
||||
"/home/maralorn/media";
|
||||
settings = syncthing.declarativeWith [
|
||||
"hera"
|
||||
"zeus"
|
||||
"pegasus"
|
||||
"hephaistos"
|
||||
"athene"
|
||||
] "/home/maralorn/media";
|
||||
};
|
||||
};
|
||||
system.stateVersion = "19.09";
|
||||
|
|
|
@ -42,12 +42,9 @@ in
|
|||
systemd.services =
|
||||
{
|
||||
pg_backup = {
|
||||
script =
|
||||
lib.concatMapStringsSep "\n"
|
||||
(
|
||||
name: "${config.services.postgresql.package}/bin/pg_dump ${name} > /var/lib/db-backup-dumps/${name}"
|
||||
)
|
||||
config.services.postgresql.ensureDatabases;
|
||||
script = lib.concatMapStringsSep "\n" (
|
||||
name: "${config.services.postgresql.package}/bin/pg_dump ${name} > /var/lib/db-backup-dumps/${name}"
|
||||
) config.services.postgresql.ensureDatabases;
|
||||
serviceConfig = {
|
||||
User = "postgres";
|
||||
Type = "oneshot";
|
||||
|
@ -76,14 +73,12 @@ in
|
|||
};
|
||||
}
|
||||
// lib.listToAttrs (
|
||||
map
|
||||
(name: {
|
||||
inherit name;
|
||||
value = {
|
||||
serviceConfig.Type = "oneshot";
|
||||
};
|
||||
})
|
||||
backupJobNames
|
||||
map (name: {
|
||||
inherit name;
|
||||
value = {
|
||||
serviceConfig.Type = "oneshot";
|
||||
};
|
||||
}) backupJobNames
|
||||
);
|
||||
services = {
|
||||
postgresql = {
|
||||
|
@ -98,16 +93,13 @@ in
|
|||
openDefaultPorts = true;
|
||||
cert = config.age.secrets."syncthing/hera/cert.pem".path;
|
||||
key = config.age.secrets."syncthing/hera/key.pem".path;
|
||||
settings =
|
||||
syncthing.declarativeWith
|
||||
[
|
||||
"apollo"
|
||||
"zeus"
|
||||
"pegasus"
|
||||
"hephaistos"
|
||||
"athene"
|
||||
]
|
||||
"/media";
|
||||
settings = syncthing.declarativeWith [
|
||||
"apollo"
|
||||
"zeus"
|
||||
"pegasus"
|
||||
"hephaistos"
|
||||
"athene"
|
||||
] "/media";
|
||||
};
|
||||
};
|
||||
systemd.tmpfiles.rules = [ "Z /media 0770 maralorn nginx - -" ];
|
||||
|
|
|
@ -71,16 +71,13 @@ in
|
|||
configDir = "/disk/persist/syncthing";
|
||||
cert = config.age.secrets."syncthing/zeus/cert.pem".path;
|
||||
key = config.age.secrets."syncthing/zeus/key.pem".path;
|
||||
settings =
|
||||
syncthing.declarativeWith
|
||||
[
|
||||
"hera"
|
||||
"apollo"
|
||||
"pegasus"
|
||||
"hephaistos"
|
||||
"athene"
|
||||
]
|
||||
"/disk/persist/home/maralorn/media";
|
||||
settings = syncthing.declarativeWith [
|
||||
"hera"
|
||||
"apollo"
|
||||
"pegasus"
|
||||
"hephaistos"
|
||||
"athene"
|
||||
] "/disk/persist/home/maralorn/media";
|
||||
};
|
||||
#minecraft-server = {
|
||||
# enable = true;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
programs.ssh.knownHosts =
|
||||
lib.mapAttrs (_: aliases: { extraHostNames = map (alias: "${alias}.maralorn.de") aliases; })
|
||||
config.m-0.hosts.aliases;
|
||||
programs.ssh.knownHosts = lib.mapAttrs (_: aliases: {
|
||||
extraHostNames = map (alias: "${alias}.maralorn.de") aliases;
|
||||
}) config.m-0.hosts.aliases;
|
||||
}
|
||||
|
|
|
@ -8,23 +8,12 @@ let
|
|||
inherit (config.m-0) virtualHosts;
|
||||
heading = name: link: ''<h2><a href=\"${link}\">${name}</a></h2>'';
|
||||
badge = src: link: ''<a href=\"${link}\">\n <img src=\"${src}\">\n</a>'';
|
||||
job = name: badge "https://ci.maralorn.de/badge/${name}.svg" "https://ci.maralorn.de/jobs/${name}";
|
||||
badges = lib.concatStringsSep "\\n" [
|
||||
(heading "ci.maralorn.de" "https://ci.maralorn.de")
|
||||
(job "test-config")
|
||||
(job "blog")
|
||||
|
||||
(heading "haskell-taskwarrior" "https://hackage.haskell.org/package/taskwarrior")
|
||||
(badge "https://github.com/maralorn/haskell-taskwarrior/actions/workflows/haskell.yml/badge.svg" "https://github.com/maralorn/haskell-taskwarrior/actions"
|
||||
)
|
||||
(badge "https://img.shields.io/hackage-deps/v/taskwarrior.svg" "http://packdeps.haskellers.com/reverse/taskwarrior"
|
||||
)
|
||||
(badge "https://repology.org/badge/vertical-allrepos/haskell:taskwarrior.svg?columns=3&header=" "https://repology.org/project/haskell:taskwarrior/versions"
|
||||
)
|
||||
|
||||
(heading "nix-output-monitor" "https://github.com/maralorn/nix-output-monitor")
|
||||
(badge "https://repology.org/badge/vertical-allrepos/nix-output-monitor.svg?columns=3&header=" "https://repology.org/project/nix-output-monitor/versions"
|
||||
)
|
||||
];
|
||||
dashboards = pkgs.runCommand "dashboards" { } ''
|
||||
mkdir -p $out
|
||||
|
@ -65,12 +54,7 @@ in
|
|||
{ name = "grafana"; }
|
||||
];
|
||||
};
|
||||
nginx = {
|
||||
enable = true;
|
||||
virtualHosts.${virtualHosts."graphs"} = {
|
||||
locations."/".proxyPass = "http://localhost:3000/";
|
||||
};
|
||||
};
|
||||
nginx.virtualHosts.${virtualHosts."graphs"}.locations."/".proxyPass = "http://localhost:3000/";
|
||||
grafana = {
|
||||
enable = true;
|
||||
settings = {
|
||||
|
@ -82,7 +66,7 @@ in
|
|||
users.default_theme = "dark";
|
||||
"auth.basic".enabled = false;
|
||||
server.domain = virtualHosts."graphs";
|
||||
dashboards.default_home_dashboard_path = "${dashboards}/accounting.json";
|
||||
dashboards.default_home_dashboard_path = "${dashboards}/health-status.json";
|
||||
};
|
||||
provision = {
|
||||
enable = true;
|
||||
|
|
|
@ -457,17 +457,14 @@ in
|
|||
++ (map
|
||||
(minutes: {
|
||||
alias = "Warnung bei ${minutes} Minuten offenem Fenster oder offener Tür";
|
||||
trigger =
|
||||
map
|
||||
(
|
||||
name:
|
||||
triggers.stateTrigger name
|
||||
// {
|
||||
to = "on";
|
||||
for = "00:${minutes}:00";
|
||||
}
|
||||
)
|
||||
fenster;
|
||||
trigger = map (
|
||||
name:
|
||||
triggers.stateTrigger name
|
||||
// {
|
||||
to = "on";
|
||||
for = "00:${minutes}:00";
|
||||
}
|
||||
) fenster;
|
||||
condition = {
|
||||
condition = "numeric_state";
|
||||
entity_id = "sensor.openweathermap_darmstadt_hourly_temperature";
|
||||
|
@ -632,13 +629,10 @@ in
|
|||
alertbadges = [
|
||||
{
|
||||
type = "entity-filter";
|
||||
entities =
|
||||
map
|
||||
(entity: {
|
||||
inherit entity;
|
||||
icon = "mdi:broadcast-off";
|
||||
})
|
||||
switches;
|
||||
entities = map (entity: {
|
||||
inherit entity;
|
||||
icon = "mdi:broadcast-off";
|
||||
}) switches;
|
||||
state_filter = [ "unavailable" ];
|
||||
}
|
||||
{
|
||||
|
|
|
@ -104,28 +104,26 @@ in
|
|||
let
|
||||
alert_type = "infrastructure";
|
||||
in
|
||||
map
|
||||
(
|
||||
entry:
|
||||
let
|
||||
inherit (entry) name;
|
||||
in
|
||||
{
|
||||
job_name = name;
|
||||
metrics_path = entry.metrics_path or null;
|
||||
static_configs = [
|
||||
{
|
||||
targets = [ entry.host ];
|
||||
labels = {
|
||||
inherit name;
|
||||
inherit alert_type;
|
||||
flaky = lib.boolToString entry.flaky or false;
|
||||
};
|
||||
}
|
||||
];
|
||||
}
|
||||
)
|
||||
targets;
|
||||
map (
|
||||
entry:
|
||||
let
|
||||
inherit (entry) name;
|
||||
in
|
||||
{
|
||||
job_name = name;
|
||||
metrics_path = entry.metrics_path or null;
|
||||
static_configs = [
|
||||
{
|
||||
targets = [ entry.host ];
|
||||
labels = {
|
||||
inherit name;
|
||||
inherit alert_type;
|
||||
flaky = lib.boolToString entry.flaky or false;
|
||||
};
|
||||
}
|
||||
];
|
||||
}
|
||||
) targets;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
{ pkgs, config, ... }:
|
||||
let
|
||||
adminCreds =
|
||||
pkgs.privateValue
|
||||
{
|
||||
adminpass = "";
|
||||
dbpass = "";
|
||||
adminuser = "";
|
||||
}
|
||||
"nextcloud-admin";
|
||||
adminCreds = pkgs.privateValue {
|
||||
adminpass = "";
|
||||
dbpass = "";
|
||||
adminuser = "";
|
||||
} "nextcloud-admin";
|
||||
nextcloudServices = hostname: {
|
||||
nextcloud-pg-backup = {
|
||||
script =
|
||||
|
|
|
@ -33,23 +33,16 @@ in
|
|||
domains = [ zone ];
|
||||
extra_records = lib.concatLists (
|
||||
lib.concatLists (
|
||||
lib.mapAttrsToList
|
||||
(
|
||||
host: ips:
|
||||
(map
|
||||
(
|
||||
alias:
|
||||
lib.mapAttrsToList
|
||||
(type: value: {
|
||||
name = "${alias}.${zone}";
|
||||
inherit type value;
|
||||
})
|
||||
(lib.filterAttrs (_: addr: addr != "") ips)
|
||||
)
|
||||
(hosts.aliases.${host} or [ ])
|
||||
)
|
||||
)
|
||||
hosts.tailscale
|
||||
lib.mapAttrsToList (
|
||||
host: ips:
|
||||
(map (
|
||||
alias:
|
||||
lib.mapAttrsToList (type: value: {
|
||||
name = "${alias}.${zone}";
|
||||
inherit type value;
|
||||
}) (lib.filterAttrs (_: addr: addr != "") ips)
|
||||
) (hosts.aliases.${host} or [ ]))
|
||||
) hosts.tailscale
|
||||
)
|
||||
);
|
||||
};
|
||||
|
|
|
@ -7,13 +7,11 @@ let
|
|||
in
|
||||
{
|
||||
systemd.services.mailman.postStart = lib.concatStringsSep "\n" (
|
||||
map
|
||||
(x: ''
|
||||
${(pkgs.mailmanPackages.buildEnvs { }).mailmanEnv}/bin/mailman syncmembers -W -G - "${x}" << EOF
|
||||
${lib.concatStringsSep "\n" lists."${x}"}
|
||||
EOF
|
||||
'')
|
||||
(builtins.attrNames lists)
|
||||
map (x: ''
|
||||
${(pkgs.mailmanPackages.buildEnvs { }).mailmanEnv}/bin/mailman syncmembers -W -G - "${x}" << EOF
|
||||
${lib.concatStringsSep "\n" lists."${x}"}
|
||||
EOF
|
||||
'') (builtins.attrNames lists)
|
||||
);
|
||||
services = {
|
||||
mailman = {
|
||||
|
|
|
@ -19,22 +19,19 @@ in
|
|||
};
|
||||
synapse-cleanup = {
|
||||
serviceConfig = {
|
||||
ExecStart =
|
||||
pkgs.writeHaskell "synapse-cleanup"
|
||||
{
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages ++ [
|
||||
pkgs.haskellPackages.postgresql-simple
|
||||
pkgs.haskellPackages.HTTP
|
||||
];
|
||||
ghcEnv.PATH = "${
|
||||
lib.makeBinPath [
|
||||
pkgs.matrix-synapse-tools.rust-synapse-compress-state
|
||||
config.services.postgresql.package
|
||||
]
|
||||
}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
}
|
||||
(builtins.readFile ./synapse-cleanup.hs);
|
||||
ExecStart = pkgs.writeHaskell "synapse-cleanup" {
|
||||
libraries = builtins.attrValues pkgs.myHaskellScriptPackages ++ [
|
||||
pkgs.haskellPackages.postgresql-simple
|
||||
pkgs.haskellPackages.HTTP
|
||||
];
|
||||
ghcEnv.PATH = "${
|
||||
lib.makeBinPath [
|
||||
pkgs.matrix-synapse-tools.rust-synapse-compress-state
|
||||
config.services.postgresql.package
|
||||
]
|
||||
}:$PATH";
|
||||
ghcArgs = [ "-threaded" ];
|
||||
} (builtins.readFile ./synapse-cleanup.hs);
|
||||
User = "matrix-synapse";
|
||||
Type = "oneshot";
|
||||
};
|
||||
|
@ -91,13 +88,10 @@ in
|
|||
enable = true;
|
||||
settings =
|
||||
let
|
||||
server-secrets =
|
||||
pkgs.privateValue
|
||||
{
|
||||
registration_shared_secret = "";
|
||||
macaroon_secret_key = "";
|
||||
}
|
||||
"matrix/server-secrets";
|
||||
server-secrets = pkgs.privateValue {
|
||||
registration_shared_secret = "";
|
||||
macaroon_secret_key = "";
|
||||
} "matrix/server-secrets";
|
||||
in
|
||||
server-secrets
|
||||
// {
|
||||
|
|
|
@ -33,16 +33,13 @@ let
|
|||
"nixos-unstable" = [ ];
|
||||
}
|
||||
]
|
||||
++
|
||||
map
|
||||
(release: {
|
||||
"staging-${release}" = [ "staging-next-${release}" ];
|
||||
"staging-next-${release}" = [ "release-${release}" ];
|
||||
"release-${release}" = [ "nixos-${release}-small" ];
|
||||
"nixos-${release}-small" = [ "nixos-${release}" ];
|
||||
"nixos-${release}" = [ ];
|
||||
})
|
||||
releases
|
||||
++ map (release: {
|
||||
"staging-${release}" = [ "staging-next-${release}" ];
|
||||
"staging-next-${release}" = [ "release-${release}" ];
|
||||
"release-${release}" = [ "nixos-${release}-small" ];
|
||||
"nixos-${release}-small" = [ "nixos-${release}" ];
|
||||
"nixos-${release}" = [ ];
|
||||
}) releases
|
||||
);
|
||||
};
|
||||
in
|
||||
|
@ -58,9 +55,7 @@ in
|
|||
];
|
||||
Restart = "always"; # TODO: Add error handling to git querying github in nixpkgs-bot
|
||||
WorkingDirectory = "/var/lib/nixpkgs-bot";
|
||||
ExecStart = "${lib.getExe pkgs.nixpkgs-bot} ${
|
||||
builtins.toFile "config.yaml" (builtins.toJSON configFile)
|
||||
}";
|
||||
ExecStart = "${lib.getExe pkgs.nixpkgs-bot} ${builtins.toFile "config.yaml" (builtins.toJSON configFile)}";
|
||||
DynamicUser = true;
|
||||
StateDirectory = "nixpkgs-bot";
|
||||
};
|
||||
|
|
|
@ -29,12 +29,10 @@
|
|||
"books"
|
||||
"tmp"
|
||||
]
|
||||
(
|
||||
name: {
|
||||
path = "${config.services.syncthing.dataDir}/${name}";
|
||||
devices = builtins.attrNames config.services.syncthing.settings.devices;
|
||||
}
|
||||
);
|
||||
(name: {
|
||||
path = "${config.services.syncthing.dataDir}/${name}";
|
||||
devices = builtins.attrNames config.services.syncthing.settings.devices;
|
||||
});
|
||||
};
|
||||
};
|
||||
nginx.virtualHosts.${
|
||||
|
|
|
@ -34,34 +34,29 @@ in
|
|||
useNetworkd = true;
|
||||
useDHCP = false; # enabled per interface
|
||||
hosts = lib.zipAttrs (
|
||||
lib.mapAttrsToList
|
||||
(
|
||||
host: ip:
|
||||
if builtins.typeOf ip == "set" then
|
||||
{
|
||||
${ip.AAAA or null} = "${host} ${host}.m-0.eu";
|
||||
${ip.A or null} = "${host} ${host}.m-0.eu";
|
||||
}
|
||||
else
|
||||
{ "${ip}" = "${host} ${host}.m-0.eu"; }
|
||||
)
|
||||
config.m-0.hosts
|
||||
++
|
||||
lib.mapAttrsToList
|
||||
(
|
||||
host: ips:
|
||||
let
|
||||
mkHost = name: "${name} ${name}.maralorn.de";
|
||||
name = "${host} ${host}.vpn.m-0.eu ${
|
||||
lib.concatMapStringsSep " " mkHost config.m-0.hosts.aliases.${host} or [ ]
|
||||
}";
|
||||
in
|
||||
{
|
||||
${ips.AAAA} = name;
|
||||
${ips.A} = name;
|
||||
}
|
||||
)
|
||||
config.m-0.hosts.tailscale
|
||||
lib.mapAttrsToList (
|
||||
host: ip:
|
||||
if builtins.typeOf ip == "set" then
|
||||
{
|
||||
${ip.AAAA or null} = "${host} ${host}.m-0.eu";
|
||||
${ip.A or null} = "${host} ${host}.m-0.eu";
|
||||
}
|
||||
else
|
||||
{ "${ip}" = "${host} ${host}.m-0.eu"; }
|
||||
) config.m-0.hosts
|
||||
++ lib.mapAttrsToList (
|
||||
host: ips:
|
||||
let
|
||||
mkHost = name: "${name} ${name}.maralorn.de";
|
||||
name = "${host} ${host}.vpn.m-0.eu ${
|
||||
lib.concatMapStringsSep " " mkHost config.m-0.hosts.aliases.${host} or [ ]
|
||||
}";
|
||||
in
|
||||
{
|
||||
${ips.AAAA} = name;
|
||||
${ips.A} = name;
|
||||
}
|
||||
) config.m-0.hosts.tailscale
|
||||
);
|
||||
};
|
||||
|
||||
|
@ -92,12 +87,10 @@ in
|
|||
email = "security@maralorn.de";
|
||||
};
|
||||
acceptTerms = true;
|
||||
certs = lib.genAttrs (builtins.attrValues config.m-0.virtualHosts) (
|
||||
_: {
|
||||
webroot = null;
|
||||
dnsProvider = "inwx";
|
||||
}
|
||||
);
|
||||
certs = lib.genAttrs (builtins.attrValues config.m-0.virtualHosts) (_: {
|
||||
webroot = null;
|
||||
dnsProvider = "inwx";
|
||||
});
|
||||
};
|
||||
|
||||
security.pam.services."login".failDelay.enable = true;
|
||||
|
@ -168,14 +161,11 @@ in
|
|||
;
|
||||
inherit (pkgs.python3Packages) qrcode;
|
||||
};
|
||||
variables =
|
||||
lib.genAttrs
|
||||
[
|
||||
"CURL_CA_BUNDLE"
|
||||
"GIT_SSL_CAINFO"
|
||||
"SSL_CERT_FILE"
|
||||
]
|
||||
(_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt");
|
||||
variables = lib.genAttrs [
|
||||
"CURL_CA_BUNDLE"
|
||||
"GIT_SSL_CAINFO"
|
||||
"SSL_CERT_FILE"
|
||||
] (_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt");
|
||||
};
|
||||
|
||||
systemd = {
|
||||
|
@ -223,21 +213,18 @@ in
|
|||
};
|
||||
nginx = {
|
||||
enable = lib.mkDefault (config.m-0.virtualHosts != { });
|
||||
virtualHosts =
|
||||
lib.mapAttrs'
|
||||
(name: hostname: {
|
||||
name = hostname;
|
||||
value = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = lib.mkIf (!(builtins.elem name (hosts.publicAliases.${hostName} or [ ]))) ''
|
||||
satisfy any;
|
||||
${lib.concatMapStringsSep "\n" (ip_range: "allow ${ip_range};") config.m-0.headscaleIPs}
|
||||
deny all;
|
||||
'';
|
||||
};
|
||||
})
|
||||
config.m-0.virtualHosts;
|
||||
virtualHosts = lib.mapAttrs' (name: hostname: {
|
||||
name = hostname;
|
||||
value = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
extraConfig = lib.mkIf (!(builtins.elem name (hosts.publicAliases.${hostName} or [ ]))) ''
|
||||
satisfy any;
|
||||
${lib.concatMapStringsSep "\n" (ip_range: "allow ${ip_range};") config.m-0.headscaleIPs}
|
||||
deny all;
|
||||
'';
|
||||
};
|
||||
}) config.m-0.virtualHosts;
|
||||
statusPage = true;
|
||||
recommendedOptimisation = true;
|
||||
recommendedGzipSettings = true;
|
||||
|
|
|
@ -1,15 +1,13 @@
|
|||
_final: prev: {
|
||||
element-web = prev.element-web.overrideAttrs (
|
||||
_: {
|
||||
postConfigure = ''
|
||||
patch node_modules/matrix-react-sdk/src/components/views/rooms/RoomList.tsx ${./RoomList.tsx.patch}
|
||||
cp ${./orville_communicator.opus} node_modules/matrix-react-sdk/res/media/message.ogg
|
||||
'';
|
||||
preInstall = ''
|
||||
find . -name 'bundle.css'
|
||||
bundlecss=$(find . -name 'bundle.css')
|
||||
cat ${./user.css} >> $bundlecss
|
||||
'';
|
||||
}
|
||||
);
|
||||
element-web = prev.element-web.overrideAttrs (_: {
|
||||
postConfigure = ''
|
||||
patch node_modules/matrix-react-sdk/src/components/views/rooms/RoomList.tsx ${./RoomList.tsx.patch}
|
||||
cp ${./orville_communicator.opus} node_modules/matrix-react-sdk/res/media/message.ogg
|
||||
'';
|
||||
preInstall = ''
|
||||
find . -name 'bundle.css'
|
||||
bundlecss=$(find . -name 'bundle.css')
|
||||
cat ${./user.css} >> $bundlecss
|
||||
'';
|
||||
});
|
||||
}
|
||||
|
|
|
@ -2,13 +2,11 @@ _final: prev:
|
|||
let
|
||||
set =
|
||||
n:
|
||||
prev.${n}.overrideAttrs (
|
||||
old: {
|
||||
meta = old.meta // {
|
||||
mainProgram = n;
|
||||
};
|
||||
}
|
||||
);
|
||||
prev.${n}.overrideAttrs (old: {
|
||||
meta = old.meta // {
|
||||
mainProgram = n;
|
||||
};
|
||||
});
|
||||
in
|
||||
{
|
||||
newsboat = set "newsboat";
|
||||
|
|
|
@ -1,18 +1,14 @@
|
|||
_final: prev: {
|
||||
ristate = prev.ristate.overrideAttrs (
|
||||
drv: rec {
|
||||
src = prev.fetchFromGitLab {
|
||||
owner = "snakedye";
|
||||
repo = "ristate";
|
||||
rev = "92e989f26cadac69af1208163733e73b4cf447da";
|
||||
hash = "sha256-6slH7R6kbSXQBd7q38oBEbngaCbFv0Tyq34VB1PAfhM=";
|
||||
};
|
||||
cargoDeps = drv.cargoDeps.overrideAttrs (
|
||||
_: {
|
||||
inherit src;
|
||||
outputHash = "sha256-fOo9C0dNL9dYy5wXq/yEDqOV0OhOTEY42XK8ShpQh6k=";
|
||||
}
|
||||
);
|
||||
}
|
||||
);
|
||||
ristate = prev.ristate.overrideAttrs (drv: rec {
|
||||
src = prev.fetchFromGitLab {
|
||||
owner = "snakedye";
|
||||
repo = "ristate";
|
||||
rev = "92e989f26cadac69af1208163733e73b4cf447da";
|
||||
hash = "sha256-6slH7R6kbSXQBd7q38oBEbngaCbFv0Tyq34VB1PAfhM=";
|
||||
};
|
||||
cargoDeps = drv.cargoDeps.overrideAttrs (_: {
|
||||
inherit src;
|
||||
outputHash = "sha256-fOo9C0dNL9dYy5wXq/yEDqOV0OhOTEY42XK8ShpQh6k=";
|
||||
});
|
||||
});
|
||||
}
|
||||
|
|
|
@ -21,22 +21,20 @@ in
|
|||
ghcArgs ? [ ],
|
||||
ghcEnv ? { },
|
||||
}:
|
||||
pkgs.writers.makeBinWriter
|
||||
{
|
||||
compileScript =
|
||||
let
|
||||
filename = lib.last (builtins.split "/" name);
|
||||
in
|
||||
''
|
||||
cp $contentPath ${filename}.hs
|
||||
${lib.concatStringsSep " " (lib.mapAttrsToList (key: val: ''${key}="${val}"'') ghcEnv)} ${
|
||||
ghc.withPackages (_: libraries)
|
||||
}/bin/ghc ${lib.escapeShellArgs ghcArgs} ${filename}.hs
|
||||
mv ${filename} $out
|
||||
${pkgs.binutils-unwrapped}/bin/strip --strip-unneeded "$out"
|
||||
'';
|
||||
}
|
||||
name;
|
||||
pkgs.writers.makeBinWriter {
|
||||
compileScript =
|
||||
let
|
||||
filename = lib.last (builtins.split "/" name);
|
||||
in
|
||||
''
|
||||
cp $contentPath ${filename}.hs
|
||||
${lib.concatStringsSep " " (lib.mapAttrsToList (key: val: ''${key}="${val}"'') ghcEnv)} ${
|
||||
ghc.withPackages (_: libraries)
|
||||
}/bin/ghc ${lib.escapeShellArgs ghcArgs} ${filename}.hs
|
||||
mv ${filename} $out
|
||||
${pkgs.binutils-unwrapped}/bin/strip --strip-unneeded "$out"
|
||||
'';
|
||||
} name;
|
||||
|
||||
# writeHaskellBin takes the same arguments as writeHaskell but outputs a directory (like writeScriptBin)
|
||||
writeHaskellBin = name: pkgs.writeHaskell "/bin/${name}";
|
||||
|
|
Loading…
Reference in a new issue