diff options
57 files changed, 3753 insertions, 1212 deletions
diff --git a/Readme.md b/Readme.md new file mode 100644 index 0000000..0e40f2a --- /dev/null +++ b/Readme.md @@ -0,0 +1,32 @@ +# stuebinm's nixfiles + +this repository contains most of my personal NixOS configuration. + +Unless you're me, you're probably not interested in most of it, with the following +possible exceptions: + - `/pkgs` contains several package recipes which are not in `nixpkgs`, and which + I don't plan to contribute there. Not all of them are stable or regularly + tested, built, or otherwise maintained, but several of them are part of my + normal setup. If in doubt, consult the ordering in `pkgs/overlay.nix`, which + can give a rough indication. + + Several of these depend on each other; if you want to use these, it's probably + best to import the entire `overlay.nix` file into your nixpkgs; but be aware + that it's opinionated in several ways, and some packages also depend on the + rust-overlay. + - `/modules` contains NixOS modules for a few of the packages in `/pkgs`. + You can use these by overlaying the relevant packages into your nixpkgs instance + & then importing the module file into your system configuration. + - `/tests` contains NixOS VM tests for the things in `/modules`. + Run these as `nix-build tests -A <name>`. + +In general you're welcome to re-use or import these definitions, but don't +necessarily except me to continue maintaining anything here (assume the usual +"this software is provided 'as-is', without warranty of any kind ..." etc.). + +More generally, this repository might also server as an example for a +deterministic NixOS setup with `npins` which does not depend on flakes (beyond +some hackery to get at the flake-specific definitions of `nixpkgs`, since what I +do here is still closer to a flake-based setup than it is to a traditional +channels-based setup). + diff --git a/abbenay/configuration.nix b/abbenay/configuration.nix index 99f8a97..e367c71 100644 --- a/abbenay/configuration.nix +++ b/abbenay/configuration.nix @@ -7,7 +7,8 @@ ]; services.avahi.enable = true; - services.avahi.nssmdns = true; + services.avahi.nssmdns4 = true; + services.avahi.nssmdns6 = true; services.openssh.enable = true; users.users.stuebinm.openssh.authorizedKeys.keys = [ diff --git a/chaski/configuration.nix b/chaski/configuration.nix index d2b1233..0271e0f 100644 --- a/chaski/configuration.nix +++ b/chaski/configuration.nix @@ -9,17 +9,16 @@ [ # Include the results of the hardware scan. ./hardware-configuration.nix # ./services/uplcg.nix - ./services/tracktrain.nix ./services/chat.nix ./services/bahnhof-name.nix ./services/conduit.nix + ./services/headscale.nix ]; sops.defaultSopsFile = ../secrets/chaski.yaml; # This will automatically import SSH keys as age keys sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - environment.noXlibs = true; services.nginx.enable = true; services.nginx.package = pkgs.nginx.override { gd = null; }; diff --git a/chaski/services/chat.nix b/chaski/services/chat.nix index 6d26ada..484a3b9 100644 --- a/chaski/services/chat.nix +++ b/chaski/services/chat.nix @@ -4,7 +4,7 @@ # (and not deal with having an irc relay) { - imports = [ inputs.home-manager.nixosModule ]; + imports = [ inputs.home-manager.nixosModules.default ]; programs.mosh.enable = true; programs.fish.enable = true; diff --git a/chaski/services/headscale.nix b/chaski/services/headscale.nix new file mode 100644 index 0000000..80153e4 --- /dev/null +++ b/chaski/services/headscale.nix @@ -0,0 +1,40 @@ +{ config, lib, pkgs, ... }: + +{ + # services.headscale = { + # enable = true; + # settings = { + # server_url = "https://headscale.noms.ing"; + # listen_addr = "127.0.0.1:8323"; + + # # oidc = { + # # only_start_if_oidc_is_available = true; + # # issuer = "https://idm.cuties.network/oauth2/openid/headscale"; + # # client_id = "headscale"; + # # client_secret_path = "/run/secrets/headscale_oidc_secret"; + # # strip_email_domain = true; + # # }; + + # # dns_config.magic_dns = true; + # # dns_config.domains = [ "nodes.headscale.noms.ing" ]; + # # dns_config.base_domain = "ts.cuties.network"; + # }; + # }; + + # users.users.headscale.extraGroups = [ config.users.groups.keys.name ]; + # sops.secrets.headscale_oidc_secret = { + # owner = config.users.users.headscale.name; + # sopsFile = ./headscale.sops.yaml; + # }; + + services.nginx.virtualHosts."headscale.noms.ing" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:8323"; + proxyWebsockets = true; + }; + }; + + # services.tailscale.enable = true; +} diff --git a/chaski/services/tracktrain.nix b/chaski/services/tracktrain.nix deleted file mode 100644 index 50ba440..0000000 --- a/chaski/services/tracktrain.nix +++ /dev/null @@ -1,168 +0,0 @@ -{ config, lib, pkgs, inputs, ... }: - -let - # this gets rid of the implicit dependency on ghc, reducing closure size - stripLib = drv: pkgs.stdenv.mkDerivation { - name = drv.name + "-without-lib"; - src = drv.outPath; - buildPhase = '' - mkdir -p $out - cp -r $src/bin $out - ''; - phases = [ "buildPhase" ]; - }; - - tracktrain-config = '' - dbstring: "dbname=tracktrain user=tracktrain" - gtfs: ${pkgs.copyPathToStore ./gtfs.zip} - - warp: - port: 4000 - - login: - enable: false - url: "http://dings" - clientname: not - clientsecret: used - ''; -in -{ - services.nginx.recommendedProxySettings = true; - services.nginx.virtualHosts."tracktrain.stuebinm.eu" = { - locations."/" = { - proxyPass = "http://192.168.42.41:4000"; - proxyWebsockets = true; - }; - locations."/api" = { - proxyPass = "http://192.168.42.41:4000"; - proxyWebsockets = true; - extraConfig = '' - add_header 'Access-Control-Allow-Origin' '*' always; - ''; - }; - locations."/metrics/" = { - proxyPass = "http://localhost:2342"; - proxyWebsockets = true; - extraConfig = '' - rewrite ^/metrics/(.*) /$1 break; - ''; - }; - locations."/assets" = { - proxyPass = "http://192.168.42.41:4567"; - }; - enableACME = true; - forceSSL = true; - }; - - - services.prometheus = { - enable = true; - port = 9001; - scrapeConfigs = [ { - job_name = "tracktrain"; - static_configs = [{ - targets = [ "192.168.42.41:4000" ]; - }]; - } ]; - }; - - services.grafana = { - enable = true; - settings.server = { - serve_from_sub_path = true; - domain = "tracktrain.ilztalbahn.eu"; - root_url = "%(protocol)s://%(domain)s:/metrics/"; - http_port = 2342; - http_addr = "0.0.0.0"; - }; - - provision = { - enable = true; - datasources.settings.datasources = [ { - url = "http://localhost:9001"; - type = "prometheus"; - name = "prometheus"; - } ]; - }; - }; - - networking.firewall.allowedTCPPorts = [ 443 ]; - - containers.tracktrain = { - autoStart = true; - privateNetwork = true; - hostAddress6 = "fd00::42:40"; - localAddress6 = "fd00::42:41"; - hostAddress = "192.168.42.40"; - localAddress = "192.168.42.41"; - - config = { config, pkgs, ... }: { - - environment.noXlibs = true; - systemd.services.dufs = { - enable = true; - description = "assets for tracktrain's frontend"; - wantedBy = [ "tracktrain.service" ]; - serviceConfig.Type = "simple"; - path = [ pkgs.dufs ]; - script = '' - dufs -b 0.0.0.0 -p 4567 --path-prefix /assets --auth /@$(cat /username):$(cat /password)"@*" --auth-method basic --allow-upload --allow-delete /assets - ''; - }; - - systemd.services.tracktrain = { - enable = true; - - description = "tracks trains, hopefully"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig.Type = "simple"; - path = [ pkgs.wget ]; - script = '' - cd /tmp - ln -sf ${pkgs.writeText "config.yaml" tracktrain-config} "config.yaml" - ${ - import inputs.tracktrain { - nixpkgs = pkgs; - compiler = "default"; - } - }/bin/tracktrain +RTS -T - ''; - startAt = "daily"; - }; - - services.postgresql = { - enable = true; - - ensureDatabases = [ "tracktrain" ]; - ensureUsers = [ { - name = "tracktrain"; - ensureDBOwnership = true; - } ]; - authentication = '' - local all all trust - host all all 127.0.0.1/32 trust - ''; - }; - - networking.firewall.enable = false; - system.stateVersion = "22.05"; - - services.coredns = { - enable = true; - config = '' - .:53 { - forward . 1.1.1.1 - } - ''; - }; - }; - }; - - networking.nat = { - enable = true; - internalInterfaces = [ "ve-tracktrain" ]; - externalInterface = "ens3"; - }; - -} diff --git a/common/common.nix b/common/common.nix index 51eb334..02fec64 100644 --- a/common/common.nix +++ b/common/common.nix @@ -32,8 +32,8 @@ # we don't actually use the x server, but the console / tty keyboard # settings will be derived from this - services.xserver.layout = "de"; - services.xserver.xkbOptions = "caps:escape"; + services.xserver.xkb.layout = "de"; + services.xserver.xkb.options = "caps:escape"; documentation = { dev.enable = true; diff --git a/common/desktop.nix b/common/desktop.nix index 158ce0b..e570579 100644 --- a/common/desktop.nix +++ b/common/desktop.nix @@ -5,10 +5,6 @@ ./common.nix ]; - # nix.extraOptions = '' - # plugin-files = ${pkgs.nix-doc}/lib/libnix_doc_plugin.so - # ''; - # Enable CUPS to print documents. services.printing = { enable = true; @@ -50,7 +46,7 @@ programs.slock.enable = true; environment.systemPackages = with pkgs; [ - hikari fuzzel + hikari fuzzel apply-config ]; security.pam.services.hikari-unlocker.text = '' @@ -76,7 +72,7 @@ #boot.kernelParams = [ "console=tty1" ]; - hardware.opengl.enable = true; + hardware.graphics.enable = true; programs.xwayland.enable = false; programs.wireshark.enable = true; xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-wlr ]; @@ -87,12 +83,23 @@ fonts.enableDefaultPackages = true; fonts.packages = with pkgs; [ noto-fonts - noto-fonts-cjk + noto-fonts-cjk-sans noto-fonts-cjk-serif noto-fonts-emoji - ]; + ] ++ (with lib.attrsets; + builtins.filter isDerivation (attrValues pkgs.nerd-fonts)); + + xdg.portal.wlr.enable = true; + + services.pipewire = { + enable = true; + audio.enable = true; + pulse.enable = true; + alsa = { + enable = true; + support32Bit = true; + }; + # jack.enable = true; + }; - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; } diff --git a/common/monitoring.nix b/common/monitoring.nix index e5f111c..0ae744d 100644 --- a/common/monitoring.nix +++ b/common/monitoring.nix @@ -12,8 +12,8 @@ set daemon 120 with start delay 60 set mailserver - ping.stuebinm.eu - port 2525 + mail.stuebinm.eu + port 25 set httpd port 2812 address localhost allow localhost diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..55e130e --- /dev/null +++ b/default.nix @@ -0,0 +1,93 @@ +{ system ? "x86_64-linux" +, inputs ? import ./inputs.nix { inherit system; } +}: + +let + inherit (inputs) sops-nix home-manager nixpkgs; + + mkConfig = imports: config: + inputs.nixpkgs-flake.lib.nixosSystem rec { + system = "x86_64-linux"; + modules = [ config ] ++ imports; + extraModules = + builtins.attrValues self.modules + ++ [ sops-nix ]; + pkgs = nixpkgs; + + specialArgs = { + inherit inputs system; + craneLib = inputs.crane.lib.${system}; + }; + }; + mkDesktop = mkConfig [ ./common/desktop.nix ]; + mkServer = mkConfig [ + ./common/headless.nix + ]; + deploy-vps = hostname: { + inherit hostname; + profiles.system = { + user = "root"; + sshUser = "root"; + path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.${hostname}; + }; + }; + + self = { + + nixosConfigurations = { + chaski = mkServer ./chaski/configuration.nix; + flora = mkServer ./flora/configuration.nix; + abbenay = mkDesktop ./abbenay/configuration.nix; + cyberbox = mkDesktop ./cyberbox/configuration.nix; + ilex = mkDesktop ./ilex/configuration.nix; + }; + + deploy.nodes = { + chaski = deploy-vps "chaski"; + flora = deploy-vps "flora"; + parsons = { + hostname = "parsons"; + profiles.home = { + user = "stuebinm"; + sshUser = "stuebinm"; + path = inputs.deploy-rs.lib.x86_64-linux.activate.home-manager + self.homeConfigurations.stuebinm-minimal; + }; + }; + abbenay = { + hostname = "abbenay"; + profiles.system = { + user = "root"; + sshUser = "stuebinm"; + interactiveSudo = true; + path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.abbenay; + }; + }; + }; + + homeConfigurations = let + home = root: + home-manager.lib.homeManagerConfiguration rec { + pkgs = nixpkgs; + modules = [ root ]; + extraSpecialArgs = { + inherit inputs; + system = "x86_64-linux"; + }; + }; + in { + stuebinm = home ./home/home.nix; + stuebinm-minimal = home ./home/home-minimal.nix; + }; + + home = self.homeConfigurations.stuebinm.activationPackage; + home-minimal = self.homeConfigurations.stuebinm-minimal.activationPackage; + + modules = import ./modules; + packages = import ./pkgs { inherit nixpkgs; }; + tests = import ./tests { inherit nixpkgs; inherit system; }; + }; + +in self diff --git a/flake.lock b/flake.lock deleted file mode 100644 index d52230b..0000000 --- a/flake.lock +++ /dev/null @@ -1,520 +0,0 @@ -{ - "nodes": { - "almanac": { - "flake": false, - "locked": { - "lastModified": 1679514360, - "narHash": "sha256-sCAaGFNGzb51+v/JLBW5Rp5RaHr+3drlaw56y36YBCA=", - "ref": "refs/heads/master", - "rev": "cdd82b013777324f146c4961b866154a9287110b", - "revCount": 61, - "type": "git", - "url": "https://stuebinm.eu/git/forks/almanac" - }, - "original": { - "type": "git", - "url": "https://stuebinm.eu/git/forks/almanac" - } - }, - "bahnhof-name": { - "flake": false, - "locked": { - "lastModified": 1705365694, - "narHash": "sha256-D7zmuc9fz2sYZI4FvA+btOhVsZP3aV37F5L2rq/vu24=", - "ref": "refs/heads/main", - "rev": "0c05c14574ed301c1f80ceeb5edabc34e47feffb", - "revCount": 24, - "type": "git", - "url": "https://stuebinm.eu/git/bahnhof.name" - }, - "original": { - "type": "git", - "url": "https://stuebinm.eu/git/bahnhof.name" - } - }, - "blobs": { - "flake": false, - "locked": { - "lastModified": 1604995301, - "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=", - "owner": "simple-nixos-mailserver", - "repo": "blobs", - "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265", - "type": "gitlab" - }, - "original": { - "owner": "simple-nixos-mailserver", - "repo": "blobs", - "type": "gitlab" - } - }, - "blog": { - "flake": false, - "locked": { - "lastModified": 1706402379, - "narHash": "sha256-R67pbfZ27q67F9pweDSieYl4wEbIy2yC2cM4rxIuO4k=", - "ref": "refs/heads/main", - "rev": "58e380da3f6cc57bc8673067973d880c209c011c", - "revCount": 47, - "type": "git", - "url": "ssh://cgit/~/blog" - }, - "original": { - "type": "git", - "url": "ssh://cgit/~/blog" - } - }, - "deploy-rs": { - "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": [ - "nixpkgs" - ], - "utils": "utils" - }, - "locked": { - "lastModified": 1710103703, - "narHash": "sha256-DqHB7aQtRCqDeGW4byEQ9yBrRnRidiSOgo2GcRSmN8Y=", - "ref": "nom-flag", - "rev": "9001480e03ab8c957716e2bf164bbde605472399", - "revCount": 310, - "type": "git", - "url": "https://stuebinm.eu/git/forks/deploy-rs" - }, - "original": { - "ref": "nom-flag", - "type": "git", - "url": "https://stuebinm.eu/git/forks/deploy-rs" - } - }, - "feeds": { - "flake": false, - "locked": { - "lastModified": 1691005375, - "narHash": "sha256-t/2lssXYZ2wecGp+N5T54IEKIUJLxsv5gf4AGZ0FudM=", - "path": "/home/stuebinm/org/nonpublic.nix", - "type": "path" - }, - "original": { - "path": "/home/stuebinm/org/nonpublic.nix", - "type": "path" - } - }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "gtfsBooks": { - "flake": false, - "locked": { - "lastModified": 1655157692, - "narHash": "sha256-Uy2TdvrZjFMa2fzvFlXZ7AhPxnMM4Ss5tgxLHVWX/Rw=", - "ref": "main", - "rev": "2a9d4fcf48b872aef1343f71dfddf44946fd8eb5", - "revCount": 18, - "type": "git", - "url": "https://stuebinm.eu/git/forks/gtfs-books" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://stuebinm.eu/git/forks/gtfs-books" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712386041, - "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-23.11", - "repo": "home-manager", - "type": "github" - } - }, - "isabelle-utils": { - "flake": false, - "locked": { - "lastModified": 1635264830, - "narHash": "sha256-AsubIRh3QsuPzp/vs12BHuZ1FCIW3zTfp+f17f2PN4k=", - "ref": "refs/heads/master", - "rev": "e7427d5c67c0a90c369adecb4b0c65c043cb2e34", - "revCount": 17, - "type": "git", - "url": "https://stuebinm.eu/git/isabelle-utils" - }, - "original": { - "type": "git", - "url": "https://stuebinm.eu/git/isabelle-utils" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1713013257, - "narHash": "sha256-ZEfGB3YCBVggvk0BQIqVY7J8XF/9jxQ68fCca6nib+8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "90055d5e616bd943795d38808c94dbf0dd35abe8", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-23.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1713128889, - "narHash": "sha256-aB90ZqzosyRDpBh+rILIcyP5lao8SKz8Sr2PSWvZrzk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "2748d22b45a99fb2deafa5f11c7531c212b2cefa", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "ntfy-matrix-bot": { - "flake": false, - "locked": { - "lastModified": 1711577402, - "narHash": "sha256-O8xtbOhrXiJhteEOcYYXqXuA/edkebg0GERBcZ3mH/w=", - "ref": "refs/heads/main", - "rev": "bade89a506c380a7d4cab4fdd765e28686c14776", - "revCount": 1, - "type": "git", - "url": "https://stuebinm.eu/git/ntfy-matrix-bot" - }, - "original": { - "type": "git", - "url": "https://stuebinm.eu/git/ntfy-matrix-bot" - } - }, - "playground": { - "flake": false, - "locked": { - "lastModified": 1682694042, - "narHash": "sha256-c3lC31iR1CPi8A8nV8ZjMtpt0cUACz4V4LUBd4awQOs=", - "ref": "refs/heads/master", - "rev": "19144f12772063b1c6f00ad186dabbf53ea25985", - "revCount": 25, - "type": "git", - "url": "https://stuebinm.eu/git/playground" - }, - "original": { - "type": "git", - "url": "https://stuebinm.eu/git/playground" - } - }, - "root": { - "inputs": { - "almanac": "almanac", - "bahnhof-name": "bahnhof-name", - "blog": "blog", - "deploy-rs": "deploy-rs", - "feeds": "feeds", - "gtfsBooks": "gtfsBooks", - "home-manager": "home-manager", - "isabelle-utils": "isabelle-utils", - "nixpkgs": "nixpkgs", - "nixpkgs-unstable": "nixpkgs-unstable", - "ntfy-matrix-bot": "ntfy-matrix-bot", - "playground": "playground", - "rust-overlay": "rust-overlay", - "showrt": "showrt", - "simple-nixos-mailserver": "simple-nixos-mailserver", - "sops-nix": "sops-nix", - "tracktrain": "tracktrain", - "traveltext": "traveltext", - "uplcg": "uplcg", - "walint": "walint" - } - }, - "rust-overlay": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1713150335, - "narHash": "sha256-Ic7zCPfiSYc9nFFp+E44WFk3TBJ99J/uPZ4QXX+uPPw=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "b186d85e747e2b7bee220ec95839fb66c868dc47", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "showrt": { - "flake": false, - "locked": { - "lastModified": 1670187823, - "narHash": "sha256-po1Ef3+KiNSCLX45nUNZHyRntH5bVQTrqi+ZNFaaUCc=", - "ref": "main", - "rev": "7de36af3c6ffcc25832a6ff2303ba6c4c1101de5", - "revCount": 7, - "type": "git", - "url": "https://stuebinm.eu/git/showrt" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://stuebinm.eu/git/showrt" - } - }, - "simple-nixos-mailserver": { - "inputs": { - "blobs": "blobs", - "flake-compat": "flake-compat_2", - "nixpkgs": [ - "nixpkgs-unstable" - ], - "nixpkgs-23_05": [ - "nixpkgs" - ], - "nixpkgs-23_11": [ - "nixpkgs" - ], - "utils": "utils_2" - }, - "locked": { - "lastModified": 1706219574, - "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=", - "owner": "simple-nixos-mailserver", - "repo": "nixos-mailserver", - "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf", - "type": "gitlab" - }, - "original": { - "owner": "simple-nixos-mailserver", - "ref": "nixos-23.11", - "repo": "nixos-mailserver", - "type": "gitlab" - } - }, - "sops-nix": { - "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ], - "nixpkgs-stable": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1713174909, - "narHash": "sha256-APoDs2GtzVrsE+Z9w72qpHzEtEDfuinWcNTN7zhwLxg=", - "owner": "Mic92", - "repo": "sops-nix", - "rev": "cc535d07cbcdd562bcca418e475c7b1959cefa4b", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "sops-nix", - "type": "github" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "tracktrain": { - "flake": false, - "locked": { - "lastModified": 1688154251, - "narHash": "sha256-iv2xUUYhjIcKWs1+l7h43z7v/a9/OamBKXi/gcl4ppI=", - "ref": "main", - "rev": "a995dabf07574a32c1ae62ad23b96ba7d8e076ee", - "revCount": 92, - "type": "git", - "url": "https://stuebinm.eu/git/tracktrain" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://stuebinm.eu/git/tracktrain" - } - }, - "traveltext": { - "flake": false, - "locked": { - "lastModified": 1681684407, - "narHash": "sha256-lSrfRmnFVOwlX/dvLRjFB0P6XdSX+rHnkv5IQ/Ccjmc=", - "ref": "main", - "rev": "b6080abc5661f9323593944f5701d7dd7597afb9", - "revCount": 20, - "type": "git", - "url": "https://stuebinm.eu/git/traveltext" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://stuebinm.eu/git/traveltext" - } - }, - "uplcg": { - "flake": false, - "locked": { - "lastModified": 1687024567, - "narHash": "sha256-SdAnUQwHxK/8CZpjxB/s0zMeO453nZzh6JABvl/55Rg=", - "ref": "main", - "rev": "b61c0b191578d6ed39a6038cca7b436764a1f9f1", - "revCount": 124, - "type": "git", - "url": "https://stuebinm.eu/git/forks/uplcg" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://stuebinm.eu/git/forks/uplcg" - } - }, - "utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_2": { - "locked": { - "lastModified": 1605370193, - "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5021eac20303a61fafe17224c087f5519baed54d", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "walint": { - "flake": false, - "locked": { - "lastModified": 1646586788, - "narHash": "sha256-33qvc6ZIJzBb7NUz7FHLAzAZ9rg/hGnLqKMjIXgUqdM=", - "ref": "playground", - "rev": "6b71528e72458bcb5e0a0089033b9367c887967f", - "revCount": 265, - "type": "git", - "url": "https://stuebinm.eu/git/walint" - }, - "original": { - "ref": "playground", - "type": "git", - "url": "https://stuebinm.eu/git/walint" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/flake.nix b/flake.nix deleted file mode 100644 index 2771329..0000000 --- a/flake.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ - description = '' - stuebinm's flake stuff. feel free to reuse parts you find useful, but - I suggest you don't depend on any of them actually working. - ''; - - inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; - nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; - - home-manager.url = "github:nix-community/home-manager/release-23.11"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; - deploy-rs.url = "git+https://stuebinm.eu/git/forks/deploy-rs?ref=nom-flag"; - deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; - simple-nixos-mailserver.url = - "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11"; - simple-nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs-unstable"; - simple-nixos-mailserver.inputs.nixpkgs-23_05.follows = "nixpkgs"; - simple-nixos-mailserver.inputs.nixpkgs-23_11.follows = "nixpkgs"; - rust-overlay.url = "github:oxalica/rust-overlay"; - rust-overlay.inputs.nixpkgs.follows = "nixpkgs"; - sops-nix.url = "github:Mic92/sops-nix"; - sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable"; - sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs"; - - uplcg.url = "git+https://stuebinm.eu/git/forks/uplcg?ref=main"; - uplcg.flake = false; - tracktrain.url = "git+https://stuebinm.eu/git/tracktrain?ref=main"; - tracktrain.flake = false; - blog.url = "git+ssh://cgit/~/blog"; - blog.flake = false; - playground.url = "git+https://stuebinm.eu/git/playground"; - playground.flake = false; - traveltext.url = "git+https://stuebinm.eu/git/traveltext?ref=main"; - traveltext.flake = false; - showrt.url = "git+https://stuebinm.eu/git/showrt?ref=main"; - showrt.flake = false; - almanac.url = "git+https://stuebinm.eu/git/forks/almanac"; - almanac.flake = false; - feeds.url = "path:/home/stuebinm/org/nonpublic.nix"; - feeds.flake = false; - isabelle-utils.url = "git+https://stuebinm.eu/git/isabelle-utils"; - isabelle-utils.flake = false; - bahnhof-name.url = "git+https://stuebinm.eu/git/bahnhof.name"; - bahnhof-name.flake = false; - ntfy-matrix-bot.url = "git+https://stuebinm.eu/git/ntfy-matrix-bot"; - ntfy-matrix-bot.flake = false; - - gtfsBooks.url = "git+https://stuebinm.eu/git/forks/gtfs-books?ref=main"; - gtfsBooks.flake = false; - walint.url = "git+https://stuebinm.eu/git/walint?ref=playground"; - walint.flake = false; - }; - - outputs = { self, deploy-rs, sops-nix, ... }@inputs: - let - nixpkgs = import inputs.nixpkgs { - system = "x86_64-linux"; - overlays = [ - inputs.rust-overlay.overlays.default - self.overlays.default - ]; - config.permittedInsecurePackages = [ - "schildichat-web-1.11.30-sc.2" - ]; - }; - mkConfig = imports: config: - inputs.nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - modules = [ config ] ++ imports; - extraModules = - builtins.attrValues self.nixosModules - ++ [ sops-nix.nixosModules.sops ]; - pkgs = nixpkgs; - - specialArgs = { - inherit inputs system; - craneLib = inputs.crane.lib.${system}; - }; - }; - mkDesktop = mkConfig [ ./common/desktop.nix ]; - mkServer = mkConfig [ - ./common/headless.nix - ]; - deploy-vps = hostname: { - inherit hostname; - profiles.system = { - user = "root"; - sshUser = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.${hostname}; - }; - }; - in { - - nixosConfigurations = { - chaski = mkServer ./chaski/configuration.nix; - flora = mkServer ./flora/configuration.nix; - abbenay = mkDesktop ./abbenay/configuration.nix; - cyberbox = mkDesktop ./cyberbox/configuration.nix; - ilex = mkDesktop ./ilex/configuration.nix; - }; - - deploy.nodes = { - chaski = deploy-vps "chaski"; - flora = deploy-vps "flora"; - parsons = { - hostname = "parsons"; - profiles.home = { - user = "stuebinm"; - sshUser = "stuebinm"; - path = deploy-rs.lib.x86_64-linux.activate.home-manager - self.homeConfigurations.stuebinm-minimal; - }; - }; - abbenay = { - hostname = "abbenay"; - profiles.system = { - user = "root"; - sshUser = "stuebinm"; - interactiveSudo = true; - path = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.abbenay; - }; - }; - }; - - checks = builtins.mapAttrs - (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; - - homeConfigurations = let - home = root: - inputs.home-manager.lib.homeManagerConfiguration rec { - pkgs = nixpkgs; - modules = [ root ]; - extraSpecialArgs = { - inherit inputs; - system = "x86_64-linux"; - }; - }; - in { - stuebinm = home ./home/home.nix; - stuebinm-minimal = home ./home/home-minimal.nix; - }; - - home = self.homeConfigurations.stuebinm.activationPackage; - home-minimal = self.homeConfigurations.stuebinm-minimal.activationPackage; - - overlays.default = final: prev: - import ./pkgs/overlay.nix { inherit inputs; } final prev; - packages.x86_64-linux = { - inherit (nixpkgs) - galmon-core galmon-full almanac rustex - kijetesantakaluotokieni showrt isabelle-utils isabat - travelynx crs-tracker crs-php bahnhof-name matrix-to - hikari_unstable heartwood radicle-interface radicle-tui - inweb nomsring bookwyrm mollysocket git-annex-remote-remarkable2 - ntfy-matrix-bot transport_validator; - - tests.bookwyrm = nixpkgs.nixosTest ./tests/bookwyrm.nix; - }; - - nixosModules = { - # glitchtip = import ./modules/glitchtip.nix; - bookwyrm = import ./modules/bookwyrm.nix; - mollysocket = import ./modules/mollysocket.nix; - }; - - hydraJobs = { - inherit (self) packages home; - }; - }; -} diff --git a/flora/services/akkoma.nix b/flora/services/akkoma.nix index 756f2a7..6864a29 100644 --- a/flora/services/akkoma.nix +++ b/flora/services/akkoma.nix @@ -45,7 +45,7 @@ in ref = "stable"; }; admin = { - package = pkgs.akkoma-frontends.admin-fe; + package = pkgs.akkoma-admin-fe; name = "admin-fe"; ref = "stable"; }; @@ -59,7 +59,8 @@ in config = { ":pleroma"."Pleroma.Web.Endpoint" = { "url" = { host = "pleroma.stuebinm.eu"; scheme = "https"; port = 443; }; - "http" = { ip = "::"; port = 4000; }; + # below uses IPv4; IPv6 breaks the elixir format generator … + "http" = { ip = "0.0.0.0"; port = 4000; }; secret_key_base._secret = "/sops/keyBase"; signing_salt._secret = "/sops/signingSalt"; }; @@ -97,9 +98,11 @@ in ":mrf".policies = map mkAtom [ "Pleroma.Web.ActivityPub.MRF.SimplePolicy" ]; + ":http".pool_timeout = 30000; + "Pleroma.Upload" = { filters = map mkAtom [ - "Pleroma.Upload.Filter.Exiftool" + "Pleroma.Upload.Filter.Exiftool.StripMetadata" "Pleroma.Upload.Filter.AnonymizeFilename" "Pleroma.Upload.Filter.Dedupe" ]; @@ -154,7 +157,7 @@ in services.postgresql = { enable = true; - package = pkgs.postgresql_12; + package = pkgs.postgresql_16; ensureDatabases = [ "pleroma" ]; ensureUsers = [ { @@ -162,6 +165,22 @@ in ensureDBOwnership = true; } ]; + settings = { + max_connections = 20; + shared_buffers = "256MB"; + effective_cache_size = "768MB"; + maintenance_work_mem = "64MB"; + checkpoint_completion_target = 0.9; + wal_buffers = "7864kB"; + default_statistics_target = 100; + random_page_cost = 1.1; + effective_io_concurrency = 200; + work_mem = "6553kB"; + huge_pages = "off"; + min_wal_size = "2GB"; + max_wal_size = "8GB"; + }; + # give pleroma access. must be done with lib.mkForce, for some reason authentication = pkgs.lib.mkForce '' # Generated file; do not edit! @@ -203,7 +222,7 @@ in enableACME = true; locations."/" = { - proxyPass = "http://[${config.containers.pleroma.localAddress6}]:4000"; + proxyPass = "http://${config.containers.pleroma.localAddress}:4000"; proxyWebsockets = true; # these headers are in the example config in the NixOS manual. # take some time to figure out what they all do, and if these diff --git a/flora/services/cgit.nix b/flora/services/cgit.nix index 032ec1d..b846ad4 100644 --- a/flora/services/cgit.nix +++ b/flora/services/cgit.nix @@ -56,10 +56,14 @@ let ''; in { - services.fcgiwrap = { + services.fcgiwrap.instances.cgit.process = { user = "git"; group = "users"; - enable = true; + }; + services.fcgiwrap.instances.cgit.socket = { + user = "git"; + group = "users"; + mode = "0622"; }; services.nginx.virtualHosts."stuebinm.eu" = { @@ -69,7 +73,7 @@ in # this one should come last, behind the git-http-backend blocks locations."~ /git(/.*)".priority = 1100; locations."~ /git(/.*)".extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi; fastcgi_param CGIT_CONFIG ${pkgs.writeText "cgit.conf" cgitconf}; @@ -78,7 +82,7 @@ in locations."~ /git(/[^/]*/(info/refs|git-(upload|receive)-pack|objects/info/packs))" = { extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME ${pkgs.gitMinimal}/bin/git-http-backend; fastcgi_param GIT_HTTP_EXPORT_ALL ""; @@ -89,7 +93,7 @@ in locations."~ /git/forks(/.*/(info/refs|git-(upload|receive)-pack|objects/info/packs))" = { extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address}; include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME ${pkgs.gitMinimal}/bin/git-http-backend; fastcgi_param GIT_HTTP_EXPORT_ALL ""; @@ -101,7 +105,8 @@ in # user for git repo administration users.users.git = { - openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; + openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys + ++ [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIbHG2wmMiUyvqb9oUa2KunEgv4Iab3FGCER/i2f2gKL terru@work" ]; home = "/var/git"; isNormalUser = true; packages = [ pkgs.gitMinimal ]; diff --git a/flora/services/mail.nix b/flora/services/mail.nix index 2e1179a..523c32d 100644 --- a/flora/services/mail.nix +++ b/flora/services/mail.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, inputs, ... }: { - imports = [ inputs.simple-nixos-mailserver.nixosModule ]; + imports = [ inputs.simple-nixos-mailserver ]; sops.secrets."mail/hashedPassword" = {}; mailserver = { - enable = true; + enable = false; fqdn = "mail.stuebinm.eu"; domains = [ "stuebinm.eu" ]; diff --git a/flora/services/monit.nix b/flora/services/monit.nix index 0b7ee7c..19e7e88 100644 --- a/flora/services/monit.nix +++ b/flora/services/monit.nix @@ -16,15 +16,15 @@ if failed port 64738 of type tcp using ssl with expect "NixOS" then alert - check process postfix with pidfile /var/lib/postfix/queue/pid/master.pid - start program = "${pkgs.systemd}/bin/systemctl start postfix" - stop program = "${pkgs.systemd}/bin/systemctl stop postfix" - if failed port 25 protocol smtp for 5 cycles then restart + # check process postfix with pidfile /var/lib/postfix/queue/pid/master.pid + # start program = "${pkgs.systemd}/bin/systemctl start postfix" + # stop program = "${pkgs.systemd}/bin/systemctl stop postfix" + # if failed port 25 protocol smtp for 5 cycles then restart - check process dovecot with pidfile /var/run/dovecot2/master.pid - start program = "${pkgs.systemd}/bin/systemctl start dovecot2" - stop program = "${pkgs.systemd}/bin/systemctl stop dovecot2" - if failed host mail.stuebinm.eu port 993 type tcpssl sslauto protocol imap for 5 cycles then restart + # check process dovecot with pidfile /var/run/dovecot2/master.pid + # start program = "${pkgs.systemd}/bin/systemctl start dovecot2" + # stop program = "${pkgs.systemd}/bin/systemctl stop dovecot2" + # if failed host mail.stuebinm.eu port 993 type tcpssl sslauto protocol imap for 5 cycles then restart check host bahnhof.name with address bahnhof.name if failed port 443 with protocol https @@ -41,6 +41,14 @@ check host hacc-mattermost with address mattermost.infra4future.de if failed port 443 with protocol https then alert + + check host hacc-nextcloud with address cloud.infra4future.de + if failed port 443 with protocol https + then alert + + check host nobelium with address colorspace.club + if failed port 443 with protocol https + then alert ''; }; diff --git a/flora/services/nginx.nix b/flora/services/nginx.nix index 1d95255..c5aa45b 100644 --- a/flora/services/nginx.nix +++ b/flora/services/nginx.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, inputs, ... }: { networking.firewall.allowedTCPPorts = [ 80 443 ]; @@ -14,22 +14,44 @@ enableACME = true; forceSSL = true; locations."/".root = ../../pkgs/nomsing; + extraConfig = '' + include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf; + ''; }; virtualHosts."meow.noms.ing" = { enableACME = true; forceSSL = true; locations."/".root = ../../pkgs/nomsing; + extraConfig = '' + include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf; + ''; }; virtualHosts."webring.noms.ing" = { enableACME = true; forceSSL = true; locations."~ (.*)".extraConfig = '' - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.instances.nomsing.socket.address}; include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME ${lib.getExe pkgs.nomsring}; fastcgi_param PATH_INFO $1; ''; + extraConfig = '' + include ${inputs."ai.robots.txt"}/nginx-block-ai-bots.conf; + ''; }; + + }; + + services.fcgiwrap.instances.nomsing = { + socket = { + user = "nomsring"; + group = "users"; + mode = "0622"; + }; + }; + + users.users.nomsring = { + isSystemUser = true; + group = "users"; }; - services.fcgiwrap.enable = true; } diff --git a/flora/services/ntfy.nix b/flora/services/ntfy.nix index aa46a39..25ae8f8 100644 --- a/flora/services/ntfy.nix +++ b/flora/services/ntfy.nix @@ -10,8 +10,8 @@ listen-unix = "/run/ntfy-sh/ntfy.sock"; listen-unix-mode = 511; ## lossy nix->yaml conversion eats octal literals (equal to 0777) - smtp-server-listen = ":2525"; - smtp-server-domain = "ping.stuebinm.eu"; + smtp-server-listen = ":25"; + smtp-server-domain = "mail.stuebinm.eu"; auth-file = "/var/lib/ntfy-sh/user.db"; auth-default-access = "deny-all"; @@ -21,7 +21,7 @@ }; }; - networking.firewall.allowedTCPPorts = [ 2525 ]; + networking.firewall.allowedTCPPorts = [ 25 ]; services.mollysocket = { enable = true; diff --git a/home/home-minimal.nix b/home/home-minimal.nix index 42f358d..cfeb2b2 100644 --- a/home/home-minimal.nix +++ b/home/home-minimal.nix @@ -131,15 +131,53 @@ extraConfig = { log.showSignature = true; init.defaultBranch = "main"; - alias.search = "!git log --format='tformat:%h %cs %s' --no-show-signature | fzf --multi --preview 'git show {+1}|bat -p -lpatch --color=always' | cut -f1 -d\" \" | wl-copy -n && wl-paste"; - alias.where = "!fish -c git-where"; merge.conflictStyle = "zdiff3"; push.autoSetupRemote = true; + pull.rebase = true; commit.verbose = true; rerere.enabled = true; branch.sort = "-authordate"; + tag.sort = "version:refname"; + column.ui = "auto"; + + diff = { + algorithm = "histogram"; + colorMoved = "plain"; + mnemoicPrefix = true; + renames = true; + }; + + alias = { + search = "!git log --format='tformat:%h %cs %s' --no-show-signature | fzf --multi --preview 'git show {+1}|bat -p -lpatch --color=always' | cut -f1 -d\" \" | wl-copy -n && wl-paste"; + where = "!fish -c git-where"; + }; + + merge.mergiraf = { + name = "mergiraf"; + driver = "merigraf merge --git %O %A %B -s %S -x %X -y %Y -p %P"; + }; }; + attributes = [ + "*.java merge=mergiraf" + "*.rs merge=mergiraf" + "*.go merge=mergiraf" + "*.js merge=mergiraf" + "*.jsx merge=mergiraf" + "*.json merge=mergiraf" + "*.yml merge=mergiraf" + "*.yaml merge=mergiraf" + "*.html merge=mergiraf" + "*.htm merge=mergiraf" + "*.xhtml merge=mergiraf" + "*.xml merge=mergiraf" + "*.c merge=mergiraf" + "*.h merge=mergiraf" + "*.cpp merge=mergiraf" + "*.hpp merge=mergiraf" + "*.cs merge=mergiraf" + ]; + # diff-so-fancy.enable = true; # difftastic.enable = true; delta = { diff --git a/home/home.nix b/home/home.nix index 1e49983..e743f2a 100644 --- a/home/home.nix +++ b/home/home.nix @@ -83,6 +83,20 @@ userName = "stuebinm@ilztalbahn.eu"; passwordCommand = "secret-tool lookup mail ilztalbahn"; }; + accounts.preprint = { + address = "admin@books.exposed"; + imap.host = "books.exposed"; + mbsync = { + enable = true; + create = "maildir"; + }; + msmtp.enable = true; + mu.enable = true; + realName = "terru"; + smtp.host = "books.exposed"; + userName = "admin@books.exposed"; + passwordCommand = "secret-tool lookup mail preprint"; + }; }; programs.bash = { @@ -104,6 +118,7 @@ noms = "curl https://www.bahn.de/service/zug/db_lounge -s | htmlq --attribute href a | grep Speisen | xargs curl -s | pdftotext - /dev/stdout | less"; gosh = "rlwrap gosh"; geojson2gtfs = ''jq -r ".features[0].geometry.coordinates | to_entries | map([.value[0], .value[1], .key])[] | @csv"''; + slurpqr = "grim -g (slurp) - | zbarimg -q --raw - | wl-copy -n && wl-paste"; }; functions.fetchpdf.body = '' set url $argv[1] @@ -153,7 +168,7 @@ functions.stealemoji.body = '' if [ (expr (count $argv) % 2) != 0 ] echo wrong count of arguments - exit 1 + return 1 end set n (expr (count $argv) / 2) echo stealing $n emoji @@ -166,6 +181,19 @@ scp $argv[(seq 2 2 (expr $n + 1))].png flora:/var/lib/containers/pleroma/var/lib/akkoma/static/emoji/unsorted/ ssh flora machinectl shell pleroma /bin/sh -c \"pleroma_ctl emoji reload\" ''; + # source: https://notes.moira.is/Computer+Stuff/Useful+commands/Make+it+look+scanned + functions.scanify.body = '' + if [ (expr (count $argv) % 2) != 0 ] + echo usage: scanify input.pdf output.pdf + return 1 + end + if [ test -e tmp.pdf ] + echo error: would override tmp.pdf + return 1 + end + convert -density 150 $argv[1] -blur .1 -rotate .2 -attenuate .3 +noise gaussian tmp.pdf + gs -sDEVICE=pdfwrite -dCompatibilityLevel=1.4 -dPDFSETTINGS=/printer -dNOPAUSE -dQUIET -dBATCH -sOutputFile=$argv[2] tmp.pdf + ''; }; programs.kitty = { @@ -215,7 +243,7 @@ }; systemd.user.services.syncical = let - feeds = (import inputs.feeds).ical; in { + feeds = inputs.feeds.ical; in { Unit.Description = "syncs ical feeds for almanac agenda"; Service = { ExecStart = (pkgs.writeShellScript "syncical" '' @@ -239,7 +267,7 @@ programs.newsboat = { enable = true; - urls = (import ./newsboat-public.nix) ++ (import inputs.feeds).rss; + urls = (import ./newsboat-public.nix) ++ inputs.feeds.rss; browser = lib.getExe' pkgs.offpunk "offpunk"; reloadThreads = 300; queries = { @@ -249,7 +277,7 @@ paper = ''tags # "paper"''; }; extraConfig = let - mkMpv = cmd: ''set browser "kitty @launch --type tab mpv --ytdl-format='b[height<=1100]' %u > /dev/null" ; ${cmd} ; set browser "${config.programs.newsboat.browser} %u"''; + mkMpv = cmd: ''set browser "kitty @launch --type tab mpv --ytdl-format='bv[height<=1100]+ba' %u > /dev/null" ; ${cmd} ; set browser "${config.programs.newsboat.browser} %u"''; in '' color background white default color listnormal white default @@ -267,7 +295,7 @@ macro 3 ${mkMpv "three"} macro 4 ${mkMpv "four"} macro 5 ${mkMpv "five"} - macro f set browser "${pkgs.xdg_utils}/bin/xdg-open %u >/dev/null 2>&1 &" ; open-in-browser ; set browser "${config.programs.newsboat.browser} %u" + macro f set browser "${pkgs.xdg-utils}/bin/xdg-open %u >/dev/null 2>&1 &" ; open-in-browser ; set browser "${config.programs.newsboat.browser} %u" macro d set browser "kitty @launch --type tab fish -c 'fetchpdf %u'" ; open-in-browser ; set browser "${config.programs.newsboat.browser} %u" bind-key j down @@ -315,6 +343,11 @@ user = "git"; identityFile = keydir + "/id_surltesh-echer"; }; + "encoder* mixer* atem* minion*" = { + # hostname = "%h.lan.c3voc.de"; + user = "voc"; + extraOptions.StrictHostKeyChecking = "no"; + }; "nobelium" = { hostname = "no.colorspace.club"; user = "root"; @@ -336,6 +369,11 @@ user = "root"; identityFile = keydir + "/id_ed25519"; }; + "billy" = { + hostname = "billy.books.exposed"; + user = "root"; + identityFile = keydir + "/id_ed25519"; + }; }; }; @@ -354,11 +392,13 @@ services.mako = { enable = true; - backgroundColor = "#74389eb0"; - borderColor = "#c27cb6ff"; - defaultTimeout = 5000; # milliseconds - padding = "10"; - output = "DP-9"; + settings = { + background-color = "#74389eb0"; + border-color = "#c27cb6ff"; + default-timeout = 5000; # milliseconds + padding = "10"; + output = "DP-9"; + }; }; services.mpd = { diff --git a/home/newsboat-public.nix b/home/newsboat-public.nix index 65915d4..29e2370 100644 --- a/home/newsboat-public.nix +++ b/home/newsboat-public.nix @@ -27,6 +27,11 @@ with import ./newsboat-lib.nix; (ntag "https://www.latex-project.org/feed.xml" "comp") (ntag "https://git.github.io/feed.xml" "comp") (ntag "https://www.gdl.de/feed.rss" "trains") + (ntag "https://www.transformativeworks.org/feed" "fandom") + (ntag "https://haskell.github.io/security-advisories/atom.xml" "comp") + (ntag "https://blog.haskell.org/atom.xml" "comp") + (ntag "https://mastodon.social/@opentrainticketing.rss" "trains") + (ntag "https://meta.akkoma.dev/c/releases/7.rss" "security") # blogs (btag "https://scilogs.spektrum.de/klimalounge/feed/" "climate") @@ -74,7 +79,7 @@ with import ./newsboat-lib.nix; (btag "https://www.haskellforall.com/feeds/posts/default" "comp") (btag "http://conal.net/blog/feed" "comp") (btag "https://michael.stapelberg.ch/posts/tags/distri/feed.xml" "comp") - (btag "https://mattermost.com/blog/category/releases/rss" "security") + (btag "https://mattermost.com/blog/category/releases/feed/" "security") (btag "https://mattermost.com/security-updates/feed/" "security") (btag "https://ionathan.ch/feed.xml" "comp") (btag "https://wingolog.org/feed/atom" "comp") @@ -197,6 +202,23 @@ with import ./newsboat-lib.nix; (btag "https://leona.is/atom.xml" "friends") (btag "https://computer.rip/rss.xml" "comp") (btag "https://nicole.wien/index.xml" "friends") + (btag "https://nanmu.me/en/posts/index.xml" "comp") + (btag "https://forgejo.org/releases/rss.xml" "comp") + (btag "https://ludic.mataroa.blog/rss/" "comp") + (btag "https://blog.poisson.chat/rss.xml" "comp") + (btag "https://blog.nadja.top/feed.rss" "hardware") + (btag "https://matttproud.com/blog/index.xml" "comp") + (btag "https://www.rntz.net/blog/atom.xml" "comp") + (btag "https://realdougwilson.com/feed.xml" "fonts") + (btag "https://feeds.feedburner.com/balpha" "fonts") + (btag "https://lambdaland.org/index.xml" "comp") + (btag "https://iliana.fyi/atom.xml" "comp") + (btag "https://artemis.sh/feed.xml" "comp") + (btag "https://gomakethings.com/feed/index.xml" "comp") + (btag "https://wok.oblomov.eu/index.rss" "comp") + (btag "https://antonia.is/rss.xml" "friends") + (btag "https://ancientalexandra.weebly.com/3/feed" "hist") + (btag "https://github.com/bookwyrm-social/bookwyrm/releases.atom" "comp") # paper (btag "http://arxiv.org/rss/cs.PL" "paper") @@ -209,8 +231,6 @@ with import ./newsboat-lib.nix; (ytag "UCXuqSBlHAE6Xw-yeJA0Tunw" "tech") # Linus Tech Tips (ytag "UCBa659QWEk1AI4Tg--mrJ2A" "stuff") # Tom Scott (ytag "UCtGG8ucQgEJPeUPhJZ4M4jA" "stuff") # Rare Earth - (ytag "UCwRH985XgMYXQ6NxXDo8npw" "stuff") # Kurzgesagt de - (ytag "UCsXVk37bltHxD1rDPwtNM8Q" "stuff") # Kurzgesagt en (ytag "UC9GwQ_SGeq7Nrn4NQfwVoRA" "climate") # Students for Future (ytag "UCN29LJGZ8FY30ysxdTnDsaw" "stuff") # Die Filmanalyse (ytag "UCv1WDP5EiipMQ__C4Cg6aow" "pol") # Tilo Jung @@ -219,8 +239,6 @@ with import ./newsboat-lib.nix; (ytag "UCncTjqw75krp9j_wRRh5Gvw" "writing") # World Building Notes (ytag "UCPlJ-KlPelfnwq0GHSeSpGQ" "talks") # It's all about Math (ytag "UCmrWzKsW9IGU2l6a_MGJ3dw" "ling") # LangTime Studio - (ytag "UCXl0Zbk8_rvjyLwAR-Xh9pQ" "maths") # Insights into Mathematics (Wildberger) - (ytag "UCPjHlmSGP-rMg5PR-PyaJug" "chaos") # Henk Rijckaert (ytag "UC3XTzVzaHQEd30rQbuvCtTQ" "latenight") # Last Week Tonight (ytag "UCSju5G2aFaWMqn-_0YBtq5A" "maths") # Standupmaths (ytag "UC2PA-AKmVpU6NKCGtZq_rKQ" "left") # Philosophy Tube @@ -261,6 +279,11 @@ with import ./newsboat-lib.nix; (ytag "UC6IxnFzHofFJ5X2PycSMsww" "stuff") # xkcd's What If? (ytag "UClgXF_jwWAwPRu8nT1g90xQ" "stuff") # Matt Gray (ytag "UCqqJQ_cXSat0KIAVfIfKkVA" "food") # Kenji + (ytag "UCK48_8v5k90EXEYRD5mATlw" "plants") # techplant + (ytag "UChIwaIJ8nxk8nskUZJD2yyg" "plants") # plants in jars + (ytag "UCWYSiz0rqNEJ0mX4a45Lhrw" "plants") # nick alexander + (ytag "UC9_p50tH3WmMslWRWKnM7dQ" "food") # Adam Ragusea + (ytag "UCQBG3PzyQKY8ieMG2gDAyOQ" "food") # Peaceful cuisine (blender 2737) # blender developers (blender 10) # reels (blender 9) # open movies @@ -278,8 +301,7 @@ with import ./newsboat-lib.nix; (podcast "https://feed.podbean.com/lingfieldnotes/feed.xml") (podcast "https://dasklima.podigee.io/feed/mp3") (podcast "https://www.haecksen.org/podcast/rss") - (podcast "https://www.ndr.de/nachrichten/info/podcast4684.xml") - + (music "https://feeds.soundcloud.com/users/soundcloud%3Ausers%3A39508706/sounds.rss") ] diff --git a/home/packages-minimal.nix b/home/packages-minimal.nix index c024654..b1121ac 100644 --- a/home/packages-minimal.nix +++ b/home/packages-minimal.nix @@ -4,11 +4,6 @@ home.packages = with pkgs; [ emacs-all-the-icons-fonts - # flake-enabled version of nix - (pkgs.writeScriptBin "nif" '' - #!/usr/bin/env bash - exec ${pkgs.nixFlakes}/bin/nix --experimental-features "nix-command flakes" "$@" - '') lynx pandoc # general cli utils @@ -17,17 +12,17 @@ ripgrep shellcheck graphviz zip unzip acpi sfz viu glow yt-dlp weechat hexyl bottom lm_sensors - usbutils libidn + usbutils libidn bsd-finger cyme # nix tools nixpkgs-review nix-top nix-diff nix-tree # git - gitAndTools.gitAnnex git-bug git-appraise + gitAndTools.gitAnnex git-bug git-appraise mergiraf # other things gauche # html, js & co jq html-tidy nodePackages.stylelint nodePackages.js-beautify zola lowdown # nix things - nixfmt niv inputs.deploy-rs.defaultPackage.${system} + nixfmt-rfc-style deploy-rs.deploy-rs ]; } diff --git a/home/packages.nix b/home/packages.nix index 1f5e8cf..415d963 100644 --- a/home/packages.nix +++ b/home/packages.nix @@ -1,38 +1,39 @@ { config, lib, pkgs, inputs, system, craneLib, ... }: let - isabelle = import "${inputs.playground.outPath}/isabelle-nix-fhsenv" { inherit pkgs; }; + isabelle = import "${inputs.playground.outPath}/isabelle-nix-fhsenv" { inherit pkgs; }; in { home.packages = with pkgs; [ - # inputs.emacs-overlay.packages.x86_64-linux.emacsPgtk - emacs29-pgtk - emacs-all-the-icons-fonts nerdfonts + emacs-pgtk + emacs-all-the-icons-fonts julia-mono # internet apps & clients - firefox keepassxc mumble lynx thunderbird offpunk - openconnect matterhorn tdesktop monolith magic-wormhole-rs + firefox keepassxc mumble lynx offpunk + openconnect tdesktop monolith magic-wormhole-rs + dino # graphics & audio - audacity blender darktable kdenlive moc ffmpeg-full - gimp-with-plugins inkscape krita meshlab pavucontrol moc + audacity blender darktable ffmpeg-full + gimp-with-plugins inkscape pavucontrol # krita gst_all_1.gstreamer vimiv-qt # LaTeX & documents - xournal pandoc zathura pdfpc + xournalpp pandoc zathura pdfpc poppler_utils typst rustex (texlive.combine { inherit (texlive) scheme-full; pkgFilter = pkg: lib.elem pkg.tlType [ "run" "bin" "doc" ]; }) # general cli utils - almanac libnotify grim slurp wl-clipboard showrt - kijetesantakaluotokieni mpc_cli duf dufs progress hledger + almanac libnotify grim slurp (zbar.override { enableVideo = false; withXorg = false; }) + wl-clipboard showrt + kijetesantakaluotokieni mpc_cli dufs progress hledger wineWowPackages.full sops xdg-utils exiftool - mercurial darcs git-annex-remote-remarkable2 + mercurial darcs git-annex-remote-remarkable2 git-who rlwrap # graphical utils - kitty baobab + kitty # gnss things - gpsd galmon-full + gpsd # galmon-full # transport things transport_validator # things for emacs @@ -43,41 +44,33 @@ in haskell-language-server haskellPackages.hoogle haskellPackages.stylish-haskell # other functional things - racket dhall lean4 dune_2 ocamlPackages.utop ocamlPackages.ocp-indent + racket dhall dune_2 ocamlPackages.utop ocamlPackages.ocp-indent ocamlPackages.merlin ocaml gauche (agda.withPackages (p: [ p.standard-library p.cubical ])) - (twelf.overrideAttrs (old: { - src = fetchFromGitHub { - owner = "k4rtik"; - repo = "twelf"; - rev = "c1bec0d0b9fa506e36bb364b1765191b159e6c4c"; - hash = "sha256-sh/yMlCvMMq6GBqAKO+V0Bcyp38zB7I/3H8a0fxqOos="; - }; - })) + # html, js & co jq ijq html-tidy nodePackages.stylelint nodePackages.js-beautify zola libxml2 fq htmlq - # purescript - #spago purescript # nodePackages.purescript-language-server nodejs # rust - #cargo rustc - rust-bin.stable.latest.minimal - rust-analyzer rustfmt + rust-bin.stable.latest.minimal rust-analyzer rustfmt # go - go gopls godef gore gocode gotests gomodifytags + go gopls godef gore gotests gomodifytags # C/C++ clang clang-tools rtags irony-server # others - julia python39 inweb + python3 inweb # nix things - nixfmt niv inputs.deploy-rs.defaultPackage.${system} - #haskellPackages.nix-serve-ng - nix-doc nix-output-monitor - direnv + npins nix-output-monitor direnv # isabelle - (isabelle.mkEnv "isabelle-env" "fish") - isabat + (isabelle.mkEnv "isabelle-env" "fish") isabat (import inputs.traveltext { inherit pkgs; }) ]; + + xdg.desktopEntries."pavucontrol" = { + name = "pavucontrol"; + exec = "pavucontrol"; + terminal = false; + type = "Application"; + }; } diff --git a/home/unstable.nix b/home/unstable.nix index 0adb0ba..fc3b6ac 100644 --- a/home/unstable.nix +++ b/home/unstable.nix @@ -1,25 +1,11 @@ -{config, pkgs, inputs, system, ...}: +{config, pkgs, inputs, ...}: -with inputs.nixpkgs-unstable.legacyPackages.${system}; +with inputs.nixpkgs-unstable; { home.packages = [ - dino - (stdenv.mkDerivation { - name = "signal-wayland"; - src = signal-desktop; - phases = [ "buildPhase" ]; - buildPhase = '' - mkdir -p $out - cp -r $src/{bin,lib} $out - ''; - }) - gleam + signal-desktop yazi - - # hikari development - pkgs.pandoc # pkgs.xorg.xcbutilwm.dev - pkgs.bmake pkgs.pkg-config - ]; #++ hikari.buildInputs; + ]; xdg.desktopEntries."Signal" = { name = "Signal"; diff --git a/ilex/configuration.nix b/ilex/configuration.nix index 2fa26cd..d648adc 100644 --- a/ilex/configuration.nix +++ b/ilex/configuration.nix @@ -5,11 +5,26 @@ ./hardware-configuration.nix ]; - networking.firewall.allowedTCPPorts = [ 5000 ]; + specialisation.printing = { + configuration = { + services.avahi.enable = true; + services.avahi.nssmdns4 = true; + services.avahi.nssmdns6 = true; + services.ipp-usb.enable = true; + hardware.sane.enable = true; + users.users.stuebinm.extraGroups = [ "scanner" "lp" ]; + }; + inheritParentConfig = true; + }; + + services.tailscale.enable = true; + + networking.firewall.allowedTCPPorts = [ 5000 14054 ]; + networking.firewall.allowedUDPPorts = [ 9100 9103 ]; boot.kernelPackages = pkgs.linuxKernel.packageAliases.linux_latest; - hardware.opengl.driSupport32Bit = true; + hardware.graphics.enable32Bit = true; hardware.bluetooth.enable = true; services.blueman.enable = true; @@ -55,13 +70,9 @@ host all all 127.0.0.1/32 trust host all all ::1/127 trust ''; + extensions = ps: [ ps.postgis ]; }; - # services.redis.servers."bookwyrm" = { - # enable = true; - # port = 6379; - # }; - services.tlp = { enable = true; settings = { diff --git a/inputs.nix b/inputs.nix new file mode 100644 index 0000000..b31981b --- /dev/null +++ b/inputs.nix @@ -0,0 +1,69 @@ +{ system ? "x86_64-linux", sources ? import ./npins }: + +let + + # some of my dependencies are only usable as flakes. this is just enough + # nonsense to import these + callFlake = name: inputs: + let + self = (import "${sources.${name}}/flake.nix").outputs + ({ self = self // { outPath = sources.${name}.outPath; }; } // inputs); + in + self // { outPath = sources.${name}.outPath; }; + + inputs = sources // rec { + + flake-utils = callFlake "flake-utils" { }; + + deploy-rs = callFlake "deploy-rs" { + # there's an implicit contract here that the module deploy-rs produces + # will not depend on the nixpkgs it is given, but that works out + inherit nixpkgs; + utils = flake-utils; + }; + + # both copies of nixpkgs get // { outPath = }'d, so that the nixPath + # override can use these paths. + nixpkgs = import sources.nixpkgs { + inherit system; + overlays = [ + (import sources.rust-overlay) + deploy-rs.overlay + (import ./pkgs/overlay.nix { inherit inputs; }) + lix-overlay + ]; + } // { outPath = sources.nixpkgs.outPath; }; + + # 'boring' version of nixpkgs with fewer (used for vm tests, + # so they're buildable without having to compile e.g. the lix version + # from the overlay) + nixpkgs-boring = import sources.nixpkgs { + inherit system; + overlays = [ + (import ./pkgs/overlay.nix { inherit inputs; }) + ]; + } // { outPath = sources.nixpkgs.outPath; }; + + nixpkgs-unstable = + import sources.nixpkgs-unstable { inherit system; } + // { outPath = sources.nixpkgs-unstable.outPath; }; + + # this absurd third copy only exists because non-flake nixpkgs does not + # as easily expose the evalConfig function .. + nixpkgs-flake = + (import "${sources.nixpkgs}/flake.nix").outputs { self = nixpkgs-flake; } + // { outPath = sources.nixpkgs.outPath; }; + + home-manager = callFlake "home-manager" { inherit nixpkgs; }; + + feeds = import /home/stuebinm/org/nonpublic.nix; + + sops-nix = import "${sources.sops-nix}/modules/sops"; + + simple-nixos-mailserver = import sources.simple-nixos-mailserver; + + lix-overlay = import "${sources.lix-nixos-module}/overlay.nix" { + lix = sources.lix // { rev = sources.lix.revision; }; + }; + }; +in inputs diff --git a/modules/bookwyrm.nix b/modules/bookwyrm.nix index b57636d..94b9f28 100644 --- a/modules/bookwyrm.nix +++ b/modules/bookwyrm.nix @@ -11,7 +11,7 @@ in settings = mkOption { default = {}; type = types.attrsOf (types.oneOf [ types.bool types.str types.int ]); - description = mdDoc '' + description = '' Settings passed to bookwyrm via environment variables. See bookwyrm's [.env.example](https://github.com/bookwyrm-social/bookwyrm/blob/v0.7.2/.env.example) file for what is permissible here. @@ -21,7 +21,7 @@ in package = mkOption { default = pkgs.bookwyrm.override { inherit (cfg) settings; }; type = types.package; - description = mdDoc '' + description = '' The bookwyrm package to use. Note that this includes the settings .env file; if you set this directly, settings set via {option}`services.bookwyrm.settings` will be ignored. @@ -31,7 +31,7 @@ in stateDir = mkOption { default = "/var/lib/bookwyrm"; type = types.path; - description = mdDoc '' + description = '' Where bookwyrm keeps dynamic data (in practice, exclusively book covers?) when not configured to use an S3-compatible storage. This should be persistent storage, otherwise you will have missing book covers and no obvious way to re-download them @@ -42,7 +42,7 @@ in bindAddress = mkOption { default = "0.0.0.0"; type = types.str; - description = mdDoc '' + description = '' Address bookwyrm should bind to. ''; }; @@ -50,7 +50,7 @@ in port = mkOption { default = 8000; type = types.port; - description = mdDoc '' + description = '' Port bookwyrm should listen on. ''; }; @@ -58,7 +58,7 @@ in threads = mkOption { default = 8; type = types.int; - description = mdDoc '' + description = '' Number of threads that gunicorn should spawn. ''; }; @@ -66,8 +66,8 @@ in setupNginx = mkOption { default = false; type = types.bool; - description = mdDoc '' - Whether to set up a simple nginx config to server bookwyrm's `static/` and `image` + description = '' + Whether to set up a simple nginx config to serve bookwyrm's `static/` and `image` directories. ''; }; @@ -75,7 +75,7 @@ in nginxVirtualHost = mkOption { default = "default"; type = types.str; - description = mdDoc '' + description = '' The name of the nginx virtual host to set up. ''; }; @@ -83,7 +83,7 @@ in installWrapper = mkOption { default = true; type = types.bool; - description = mdDoc '' + description = '' Whether to install a wrapper script `bookworm-manage.py` into the system environmnt, which calls bookwyrm's `manage.py` script with the correct python path. ''; @@ -92,7 +92,7 @@ in environmentFile = mkOption { default = null; type = types.nullOr types.path; - description = mdDoc '' + description = '' An environment file containing config options which should not be set via Nix / not be contained in the nix store. ''; diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 0000000..c5430f8 --- /dev/null +++ b/modules/default.nix @@ -0,0 +1,5 @@ +{ + # glitchtip = import ./glitchtip.nix; + bookwyrm = import ./bookwyrm.nix; + mollysocket = import ./mollysocket.nix; +} diff --git a/modules/mollysocket.nix b/modules/mollysocket.nix index 5ca68c9..a318124 100644 --- a/modules/mollysocket.nix +++ b/modules/mollysocket.nix @@ -6,6 +6,8 @@ let configFile = configFormat.generate "mollysocket-config.toml" cfg.settings; in { + disabledModules = [ "services/misc/mollysocket.nix" ]; + options.services.mollysocket = with lib; { enable = mkEnableOption "mollysocket, which allows getting Signal notifications via UnifiedPush"; @@ -13,7 +15,7 @@ in settings = mkOption { default = {}; type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); - description = lib.mdDoc '' + description = '' Configuration options for mollysocket. See the upstream [Readme.md](https://github.com/mollyim/mollysocket/blob/main/README.md#configuration) file for what is permissable here. @@ -28,7 +30,7 @@ in environmentFile = mkOption { default = null; type = with types; nullOr path; - description = lib.mdDoc '' + description = '' Configuration options set via environment Variables. Useful for e.g. keeping some values outside of Nix. ''; @@ -37,7 +39,7 @@ in stateDir = mkOption { default = "/var/lib/mollysocket"; type = lib.types.path; - description = lib.mdDoc '' + description = '' Directory in which state is kept, unless a custom database location is set using {option}`services.mollysocket.settings.db`. This directory will be created automatically. @@ -47,7 +49,7 @@ in installWrapper = mkOption { default = true; type = lib.types.bool; - description = lib.mdDoc '' + description = '' Whether to install a mollysocket executable wrapped to use the generated config into {option}`environment.systemPackages`. ''; diff --git a/npins/default.nix b/npins/default.nix new file mode 100644 index 0000000..6592476 --- /dev/null +++ b/npins/default.nix @@ -0,0 +1,146 @@ +/* + This file is provided under the MIT licence: + + Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +*/ +# Generated by npins. Do not modify; will be overwritten regularly +let + data = builtins.fromJSON (builtins.readFile ./sources.json); + version = data.version; + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 + range = + first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 + stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); + + # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 + stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); + concatMapStrings = f: list: concatStrings (map f list); + concatStrings = builtins.concatStringsSep ""; + + # If the environment variable NPINS_OVERRIDE_${name} is set, then use + # the path directly as opposed to the fetched source. + # (Taken from Niv for compatibility) + mayOverride = + name: path: + let + envVarName = "NPINS_OVERRIDE_${saneName}"; + saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name; + ersatz = builtins.getEnv envVarName; + in + if ersatz == "" then + path + else + # this turns the string into an actual Nix path (for both absolute and + # relative paths) + builtins.trace "Overriding path of \"${name}\" with \"${ersatz}\" due to set \"${envVarName}\"" ( + if builtins.substring 0 1 ersatz == "/" then + /. + ersatz + else + /. + builtins.getEnv "PWD" + "/${ersatz}" + ); + + mkSource = + name: spec: + assert spec ? type; + let + path = + if spec.type == "Git" then + mkGitSource spec + else if spec.type == "GitRelease" then + mkGitSource spec + else if spec.type == "PyPi" then + mkPyPiSource spec + else if spec.type == "Channel" then + mkChannelSource spec + else if spec.type == "Tarball" then + mkTarballSource spec + else + builtins.throw "Unknown source type ${spec.type}"; + in + spec // { outPath = mayOverride name path; }; + + mkGitSource = + { + repository, + revision, + url ? null, + submodules, + hash, + branch ? null, + ... + }: + assert repository ? type; + # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository + # In the latter case, there we will always be an url to the tarball + if url != null && !submodules then + builtins.fetchTarball { + inherit url; + sha256 = hash; # FIXME: check nix version & use SRI hashes + } + else + let + url = + if repository.type == "Git" then + repository.url + else if repository.type == "GitHub" then + "https://github.com/${repository.owner}/${repository.repo}.git" + else if repository.type == "GitLab" then + "${repository.server}/${repository.repo_path}.git" + else + throw "Unrecognized repository type ${repository.type}"; + urlToName = + url: rev: + let + matched = builtins.match "^.*/([^/]*)(\\.git)?$" url; + + short = builtins.substring 0 7 rev; + + appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else ""; + in + "${if matched == null then "source" else builtins.head matched}${appendShort}"; + name = urlToName url revision; + in + builtins.fetchGit { + rev = revision; + inherit name; + # hash = hash; + inherit url submodules; + }; + + mkPyPiSource = + { url, hash, ... }: + builtins.fetchurl { + inherit url; + sha256 = hash; + }; + + mkChannelSource = + { url, hash, ... }: + builtins.fetchTarball { + inherit url; + sha256 = hash; + }; + + mkTarballSource = + { + url, + locked_url ? url, + hash, + ... + }: + builtins.fetchTarball { + url = locked_url; + sha256 = hash; + }; +in +if version == 5 then + builtins.mapAttrs mkSource data.pins +else + throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`" diff --git a/npins/sources.json b/npins/sources.json new file mode 100644 index 0000000..c22ea40 --- /dev/null +++ b/npins/sources.json @@ -0,0 +1,281 @@ +{ + "pins": { + "ai.robots.txt": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "ai-robots-txt", + "repo": "ai.robots.txt" + }, + "branch": "main", + "submodules": false, + "revision": "4ed17b8e4af67d347b039429eb633c96acbba72f", + "url": "https://github.com/ai-robots-txt/ai.robots.txt/archive/4ed17b8e4af67d347b039429eb633c96acbba72f.tar.gz", + "hash": "1j36ynmb4hcjr8mlgb7m3n9qi8izj11rc5z8zawbqc9d1skpk16b" + }, + "almanac": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/forks/almanac" + }, + "branch": "master", + "submodules": false, + "revision": "cdd82b013777324f146c4961b866154a9287110b", + "url": null, + "hash": "0804k1zcnyhfdgjxmpgyg9l537j6p4ajrjgzz9svxka6acc1l85h" + }, + "bahnhof-name": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/bahnhof.name" + }, + "branch": "main", + "submodules": false, + "revision": "2dd565d546ef7cba05846e90d79ae4a15a193f41", + "url": null, + "hash": "137wq0hj9j4wikq401mz577a7r5cmfzfxyf4wv1ncxy450l4lrsh" + }, + "blog": { + "type": "Git", + "repository": { + "type": "Git", + "url": "ssh://cgit/~/blog" + }, + "branch": "main", + "submodules": false, + "revision": "99f88a9b675838f08e711a73a1bd5b6c80d66d31", + "url": null, + "hash": "1dnkz5vsbn8f924crhqp97xfkamypai1mqmbj867kwv0bvs036gb" + }, + "deploy-rs": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/forks/deploy-rs" + }, + "branch": "nom-flag", + "submodules": false, + "revision": "9001480e03ab8c957716e2bf164bbde605472399", + "url": null, + "hash": "1iiplqa731ldha728xk2fi36n87p20hnzf35g21jli1dlknw388f" + }, + "flake-utils": { + "type": "GitRelease", + "repository": { + "type": "GitHub", + "owner": "numtide", + "repo": "flake-utils" + }, + "pre_releases": false, + "version_upper_bound": null, + "release_prefix": null, + "submodules": false, + "version": "v1.0.0", + "revision": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8", + "url": "https://api.github.com/repos/numtide/flake-utils/tarball/v1.0.0", + "hash": "0hynd4rbkbplxzl2a8wb3r8z0h17z2alhhdsam78g3vgzpzg0d43" + }, + "gtfsBooks": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/forks/gtfs-books" + }, + "branch": "main", + "submodules": false, + "revision": "2a9d4fcf48b872aef1343f71dfddf44946fd8eb5", + "url": null, + "hash": "077xjxaisjqcnqwjpq8cfg34y27cv5aidvzwv4d5736rz9v96bak" + }, + "home-manager": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "nix-community", + "repo": "home-manager" + }, + "branch": "release-25.05", + "submodules": false, + "revision": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", + "url": "https://github.com/nix-community/home-manager/archive/7aae0ee71a17b19708b93b3ed448a1a0952bf111.tar.gz", + "hash": "12246mk1xf1bmak1n36yfnr4b0vpcwlp6q66dgvz8ip8p27pfcw2" + }, + "isabelle-utils": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/isabelle-utils" + }, + "branch": "master", + "submodules": false, + "revision": "e7427d5c67c0a90c369adecb4b0c65c043cb2e34", + "url": null, + "hash": "129pizyyvxg7lzgk9pqn48a7brhyh5fv7vwzrs7wnhkp30hrpjq2" + }, + "lix": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://git.lix.systems/lix-project/lix.git" + }, + "branch": "main", + "submodules": false, + "revision": "cd129186ea2bfbd13bf9170b820ca13711eb2310", + "url": null, + "hash": "0i206c6zcip5m11kdmhj3b9zmvw877610cd86410drw8l8i13ksa" + }, + "lix-nixos-module": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://git.lix.systems/lix-project/nixos-module.git" + }, + "branch": "main", + "submodules": false, + "revision": "3c23c6ae2aecc1f76ae7993efe1a78b5316f0700", + "url": null, + "hash": "1yv1d45jgfzjxcg23m2qwis5rxx2v45vfid8b0lm1sl6p66h4hpc" + }, + "nixos-mailserver": { + "type": "Git", + "repository": { + "type": "GitLab", + "repo_path": "simple-nixos-mailserver/nixos-mailserver", + "server": "https://gitlab.com/" + }, + "branch": "master", + "submodules": false, + "revision": "b9e28e23af46f4b5c4ca287ea8ce46e5b39e723c", + "url": "https://gitlab.com/api/v4/projects/simple-nixos-mailserver%2Fnixos-mailserver/repository/archive.tar.gz?sha=b9e28e23af46f4b5c4ca287ea8ce46e5b39e723c", + "hash": "14zhxa6ig7wf0pr1ya3hc4frbb8rpj5ac1pmpd28lh5cbqcnr2yf" + }, + "nixpkgs": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "NixOS", + "repo": "nixpkgs" + }, + "branch": "nixos-25.05", + "submodules": false, + "revision": "b2485d56967598da068b5a6946dadda8bfcbcd37", + "url": "https://github.com/NixOS/nixpkgs/archive/b2485d56967598da068b5a6946dadda8bfcbcd37.tar.gz", + "hash": "1q0m25p83mk0zz42yyi0avyvm77x09ydgrlkkfpzwf22ghb27yfy" + }, + "nixpkgs-unstable": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "NixOS", + "repo": "nixpkgs" + }, + "branch": "nixpkgs-unstable", + "submodules": false, + "revision": "3078b9a9e75f1790e6d6ef9955fdc6a2d1740cc6", + "url": "https://github.com/NixOS/nixpkgs/archive/3078b9a9e75f1790e6d6ef9955fdc6a2d1740cc6.tar.gz", + "hash": "0wl64hww7n9yyswq5w0xg1svnlh1cn07dlnv4dqlp5pinhy1qgy5" + }, + "ntfy-matrix-bot": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/ntfy-matrix-bot" + }, + "branch": "main", + "submodules": false, + "revision": "c4bedb1756c96db3f7d01feedc6587f7b0c3dc0f", + "url": null, + "hash": "1kq34zk7k6rg9k8frvx51hl1ldqqbfgvhm9f827b5a4c0rx28dah" + }, + "playground": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/playground" + }, + "branch": "master", + "submodules": false, + "revision": "19144f12772063b1c6f00ad186dabbf53ea25985", + "url": null, + "hash": "1ss0n237f0dmw0akw2q0qp8nvnijcg35f9qgy3i27m4ib3gl4ybk" + }, + "rust-overlay": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "oxalica", + "repo": "rust-overlay" + }, + "branch": "master", + "submodules": false, + "revision": "65162ae665154e0eddb395166bd4956358981dd0", + "url": "https://github.com/oxalica/rust-overlay/archive/65162ae665154e0eddb395166bd4956358981dd0.tar.gz", + "hash": "05di19x4h0w4gdd47qbmi9zch5l60h550447msdm72yc910kly40" + }, + "showrt": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/showrt" + }, + "branch": "main", + "submodules": false, + "revision": "7de36af3c6ffcc25832a6ff2303ba6c4c1101de5", + "url": null, + "hash": "09shk9b3969gmbmh8mavgss6f90zb51rsfby5n1d924agxzl93d6" + }, + "simple-nixos-mailserver": { + "type": "Git", + "repository": { + "type": "GitLab", + "repo_path": "simple-nixos-mailserver/nixos-mailserver", + "server": "https://gitlab.com/" + }, + "branch": "nixos-24.05", + "submodules": false, + "revision": "636b82f4175e3f6b1e80d2189bb0469e2ae01a55", + "url": "https://gitlab.com/api/v4/projects/simple-nixos-mailserver%2Fnixos-mailserver/repository/archive.tar.gz?sha=636b82f4175e3f6b1e80d2189bb0469e2ae01a55", + "hash": "08zdidja5kdqgskynxsmcd8skh1b7cfl9ijjy9pak4b5h3aw2iqv" + }, + "sops-nix": { + "type": "Git", + "repository": { + "type": "GitHub", + "owner": "Mic92", + "repo": "sops-nix" + }, + "branch": "master", + "submodules": false, + "revision": "77c423a03b9b2b79709ea2cb63336312e78b72e2", + "url": "https://github.com/Mic92/sops-nix/archive/77c423a03b9b2b79709ea2cb63336312e78b72e2.tar.gz", + "hash": "0hw7xx8y5lsf3gzzdl1wc3m5li7dl5gcfvjwfphhdkgxijiczgj6" + }, + "traveltext": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/traveltext" + }, + "branch": "main", + "submodules": false, + "revision": "d876202506621eb76012c12cbb0e91fd2bb0ada0", + "url": null, + "hash": "0886l3r4fnnd6pc699n9l7kzh1y00y6bbdalab90gjqccviwv9cd" + }, + "uplcg": { + "type": "Git", + "repository": { + "type": "Git", + "url": "https://stuebinm.eu/git/forks/uplcg" + }, + "branch": "main", + "submodules": false, + "revision": "b61c0b191578d6ed39a6038cca7b436764a1f9f1", + "url": null, + "hash": "0675z5gvw0chx3hrr7bpiqxiwcykxhgw8qws17yazi071i8jgl29" + } + }, + "version": 5 +} diff --git a/pkgs/akkoma/default.nix b/pkgs/akkoma/default.nix new file mode 100644 index 0000000..32d85a9 --- /dev/null +++ b/pkgs/akkoma/default.nix @@ -0,0 +1,211 @@ +{ lib +, beamPackages +, fetchgit +, fetchFromGitea +, fetchFromGitHub +, fetchFromGitLab +, cmake +, file +, nixosTests +, ... +}: +beamPackages.mixRelease rec { + pname = "akkoma"; + version = "3.15.2"; + + src = fetchgit { + url = "https://akkoma.dev/AkkomaGang/akkoma.git"; + rev = "refs/tags/v${version}"; + hash = "sha256-GW86OyO/XPIrCS+cPKQ8LG8PdhhfA2rNH1FXFiuL6vM="; + }; + + postPatch = '' + # Remove dependency on OS_Mon + sed -E -i 's/(^|\s):os_mon,//' \ + mix.exs + ''; + + postBuild = '' + # Digest and compress static files + rm -f priv/static/READ_THIS_BEFORE_TOUCHING_FILES_HERE + mix phx.digest --no-compile + ''; + + mixNixDeps = import ./mix.nix { + inherit beamPackages lib; + overrides = final: prev: + let + mimeTypePatchPhase = '' + mkdir -p config + cat >> config/config.exs <<EOF + Mix.Config.config :mime, :types, %{ + "application/xml" => ["xml"], + "application/xrd+xml" => ["xrd+xml"], + "application/jrd+json" => ["jrd+json"], + "application/activity+json" => ["activity+json"], + "application/ld+json" => ["activity+json"] + } + Mix.Config.config :mime, :extensions, %{ + "activity+json" => "text/plain", + "jrd+json" => "text/plain", + "xrd+xml" => "text/plain" + } + EOF + ''; + # Akkoma adds some things to the `mime` package's configuration, which requires it to be recompiled. + # However, we can't just recompile things like we would on other systems. + # Therefore, we need to add it to mime's compile-time config too, and also in every package that depends on mime, directly or indirectly. + # We take the lazy way out and just add it to every dependency - it won't make a difference in packages that don't depend on `mime`. + addMimeTypes = _: p: p.override { + patchPhase = mimeTypePatchPhase; + }; + in + (lib.attrsets.mapAttrs addMimeTypes prev) // { + # mix2nix does not support git dependencies yet, + # so we need to add them manually + captcha = beamPackages.buildMix rec { + name = "captcha"; + version = "0.1.0"; + + src = fetchFromGitLab { + domain = "git.pleroma.social"; + group = "pleroma"; + owner = "elixir-libraries"; + repo = "elixir-captcha"; + rev = "6630c42aaaab124e697b4e513190c89d8b64e410"; + hash = "sha256-KLsKBfCt6bUylSTTqRQi6ic0MyimanvIZRhU4Iv5Fmw="; + }; + + # the binary is not getting installed by default + postInstall = "mv priv/* $out/lib/erlang/lib/${name}-${version}/priv/"; + }; + concurrent_limiter = beamPackages.buildMix rec { + name = "concurrent_limiter"; + version = "0.1.1"; + + src = fetchFromGitea { + domain = "akkoma.dev"; + owner = "AkkomaGang"; + repo = "concurrent-limiter"; + rev = "a9e0b3d64574bdba761f429bb4fba0cf687b3338"; + hash = "sha256-A7ucZnXks4K+JDVY5vV2cT5KfEOUOo/OHO4rga5mGys="; + }; + }; + elasticsearch = beamPackages.buildMix rec { + name = "elasticsearch"; + version = "1.0.1"; + + src = fetchFromGitea { + domain = "akkoma.dev"; + owner = "AkkomaGang"; + repo = "elasticsearch-elixir"; + rev = "6cd946f75f6ab9042521a009d1d32d29a90113ca"; + hash = "sha256-CtmQHVl+VTpemne+nxbkYGcErrgCo+t3ZBPbkFSpyF0="; + }; + }; + mfm_parser = beamPackages.buildMix rec { + name = "mfm_parser"; + version = "0.2.0"; + + src = fetchgit { + url = "https://akkoma.dev/AkkomaGang/mfm-parser.git"; + rev = "360a30267a847810a63ab48f606ba227b2ca05f0"; + hash = "sha256-VJn9/i3peMhA+F/LyuPa3biZx0LXBPH+GbDsOWIxYE0="; + }; + + beamDeps = with final; [ phoenix_view temple ]; + patchPhase = mimeTypePatchPhase; + }; + search_parser = beamPackages.buildMix rec { + name = "search_parser"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "FloatingGhost"; + repo = "pleroma-contrib-search-parser"; + rev = "08971a81e68686f9ac465cfb6661d51c5e4e1e7f"; + hash = "sha256-sbo9Kcp2oT05o2GAF+IgziLPYmCkWgBfFMBCytmqg3Y="; + }; + + beamDeps = with final; [ nimble_parsec ]; + }; + temple = beamPackages.buildMix rec { + name = "temple"; + version = "0.9.0-rc.0"; + + src = fetchFromGitea { + domain = "akkoma.dev"; + owner = "AkkomaGang"; + repo = "temple"; + rev = "066a699ade472d8fa42a9d730b29a61af9bc8b59"; + hash = "sha256-qA0z8WTMjO2OixcZBARn/LbuV3s3LGtwZ9nSjj/tWBc="; + }; + + mixEnv = "dev"; + beamDeps = with final; [ earmark_parser ex_doc makeup makeup_elixir makeup_erlang nimble_parsec ]; + patchPhase = mimeTypePatchPhase; + }; + + # Some additional build inputs and build fixes + fast_html = prev.fast_html.override { + nativeBuildInputs = [ cmake ]; + dontUseCmakeConfigure = true; + }; + http_signatures = beamPackages.buildMix rec { + name = "http_signatures"; + version = "0.1.3"; + + src = fetchFromGitea { + domain = "akkoma.dev"; + owner = "AkkomaGang"; + repo = "http_signatures"; + rev = "d44c43d66758c6a73eaa4da9cffdbee0c5da44ae"; + hash = "sha256-o5xF++AIJLVMFuQwldNyWpYJGWFHZZTfGy1V80TZzR8="; + }; + + beamDeps = with final; [ credo ex_doc dialyxir temple ]; + patchPhase = '' + substituteInPlace mix.exs --replace ":logger" ":logger, :public_key" + ${mimeTypePatchPhase} + ''; + }; + majic = beamPackages.buildMix { + name = "majic"; + version = "1.0.0"; + + src = fetchFromGitea { + domain = "akkoma.dev"; + owner = "AkkomaGang"; + repo = "majic"; + rev = "80540b36939ec83f48e76c61e5000e0fd67706f0"; + hash = "sha256-OMM9aDRvbqCOBIE+iPySU8ONRn1BqHDql22rRSmdW08="; + }; + + buildInputs = [ file ]; + beamDeps = with final; [ nimble_pool mime plug credo dialyxir ex_doc elixir_make ]; + patchPhase = mimeTypePatchPhase; + }; + + syslog = prev.syslog.override { + buildPlugins = with beamPackages; [ pc ]; + }; + }; + }; + + passthru = { + tests = with nixosTests; { inherit akkoma akkoma-confined; }; + inherit mixNixDeps; + + # Used to make sure the service uses the same version of elixir as + # the package + elixirPackage = beamPackages.elixir; + }; + + meta = { + description = "ActivityPub microblogging server"; + homepage = "https://akkoma.social"; + license = lib.licenses.agpl3Only; + maintainers = with lib.maintainers; [ mvs ]; + platforms = lib.platforms.unix; + }; +} diff --git a/pkgs/akkoma/mix.nix b/pkgs/akkoma/mix.nix new file mode 100644 index 0000000..baee997 --- /dev/null +++ b/pkgs/akkoma/mix.nix @@ -0,0 +1,1793 @@ +{ lib, beamPackages, overrides ? (x: y: {}) }: + +let + buildRebar3 = lib.makeOverridable beamPackages.buildRebar3; + buildMix = lib.makeOverridable beamPackages.buildMix; + buildErlangMk = lib.makeOverridable beamPackages.buildErlangMk; + + self = packages // (overrides self packages); + + packages = with beamPackages; with self; { + argon2_elixir = buildMix rec { + name = "argon2_elixir"; + version = "3.2.1"; + + src = fetchHex { + pkg = "argon2_elixir"; + version = "${version}"; + sha256 = "a813b78217394530b5fcf4c8070feee43df03ffef938d044019169c766315690"; + }; + + beamDeps = [ comeonin elixir_make ]; + }; + + base62 = buildMix rec { + name = "base62"; + version = "1.2.2"; + + src = fetchHex { + pkg = "base62"; + version = "${version}"; + sha256 = "d41336bda8eaa5be197f1e4592400513ee60518e5b9f4dcf38f4b4dae6f377bb"; + }; + + beamDeps = [ custom_base ]; + }; + + bbcode_pleroma = buildMix rec { + name = "bbcode_pleroma"; + version = "0.2.0"; + + src = fetchHex { + pkg = "bbcode_pleroma"; + version = "${version}"; + sha256 = "19851074419a5fedb4ef49e1f01b30df504bb5dbb6d6adfc135238063bebd1c3"; + }; + + beamDeps = [ nimble_parsec ]; + }; + + bcrypt_elixir = buildMix rec { + name = "bcrypt_elixir"; + version = "3.0.1"; + + src = fetchHex { + pkg = "bcrypt_elixir"; + version = "${version}"; + sha256 = "486bb95efb645d1efc6794c1ddd776a186a9a713abf06f45708a6ce324fb96cf"; + }; + + beamDeps = [ comeonin elixir_make ]; + }; + + benchee = buildMix rec { + name = "benchee"; + version = "1.3.1"; + + src = fetchHex { + pkg = "benchee"; + version = "${version}"; + sha256 = "76224c58ea1d0391c8309a8ecbfe27d71062878f59bd41a390266bf4ac1cc56d"; + }; + + beamDeps = [ deep_merge statistex ]; + }; + + bunt = buildMix rec { + name = "bunt"; + version = "1.0.0"; + + src = fetchHex { + pkg = "bunt"; + version = "${version}"; + sha256 = "dc5f86aa08a5f6fa6b8096f0735c4e76d54ae5c9fa2c143e5a1fc7c1cd9bb6b5"; + }; + + beamDeps = []; + }; + + cachex = buildMix rec { + name = "cachex"; + version = "3.6.0"; + + src = fetchHex { + pkg = "cachex"; + version = "${version}"; + sha256 = "ebf24e373883bc8e0c8d894a63bbe102ae13d918f790121f5cfe6e485cc8e2e2"; + }; + + beamDeps = [ eternal jumper sleeplocks unsafe ]; + }; + + calendar = buildMix rec { + name = "calendar"; + version = "1.0.0"; + + src = fetchHex { + pkg = "calendar"; + version = "${version}"; + sha256 = "990e9581920c82912a5ee50e62ff5ef96da6b15949a2ee4734f935fdef0f0a6f"; + }; + + beamDeps = [ tzdata ]; + }; + + castore = buildMix rec { + name = "castore"; + version = "1.0.11"; + + src = fetchHex { + pkg = "castore"; + version = "${version}"; + sha256 = "e03990b4db988df56262852f20de0f659871c35154691427a5047f4967a16a62"; + }; + + beamDeps = []; + }; + + certifi = buildRebar3 rec { + name = "certifi"; + version = "2.14.0"; + + src = fetchHex { + pkg = "certifi"; + version = "${version}"; + sha256 = "ea59d87ef89da429b8e905264fdec3419f84f2215bb3d81e07a18aac919026c3"; + }; + + beamDeps = []; + }; + + combine = buildMix rec { + name = "combine"; + version = "0.10.0"; + + src = fetchHex { + pkg = "combine"; + version = "${version}"; + sha256 = "1b1dbc1790073076580d0d1d64e42eae2366583e7aecd455d1215b0d16f2451b"; + }; + + beamDeps = []; + }; + + comeonin = buildMix rec { + name = "comeonin"; + version = "5.5.1"; + + src = fetchHex { + pkg = "comeonin"; + version = "${version}"; + sha256 = "65aac8f19938145377cee73973f192c5645873dcf550a8a6b18187d17c13ccdb"; + }; + + beamDeps = []; + }; + + connection = buildMix rec { + name = "connection"; + version = "1.1.0"; + + src = fetchHex { + pkg = "connection"; + version = "${version}"; + sha256 = "722c1eb0a418fbe91ba7bd59a47e28008a189d47e37e0e7bb85585a016b2869c"; + }; + + beamDeps = []; + }; + + cors_plug = buildMix rec { + name = "cors_plug"; + version = "3.0.3"; + + src = fetchHex { + pkg = "cors_plug"; + version = "${version}"; + sha256 = "3f2d759e8c272ed3835fab2ef11b46bddab8c1ab9528167bd463b6452edf830d"; + }; + + beamDeps = [ plug ]; + }; + + cowboy = buildErlangMk rec { + name = "cowboy"; + version = "2.13.0"; + + src = fetchHex { + pkg = "cowboy"; + version = "${version}"; + sha256 = "e724d3a70995025d654c1992c7b11dbfea95205c047d86ff9bf1cda92ddc5614"; + }; + + beamDeps = [ cowlib ranch ]; + }; + + cowboy_telemetry = buildRebar3 rec { + name = "cowboy_telemetry"; + version = "0.4.0"; + + src = fetchHex { + pkg = "cowboy_telemetry"; + version = "${version}"; + sha256 = "7d98bac1ee4565d31b62d59f8823dfd8356a169e7fcbb83831b8a5397404c9de"; + }; + + beamDeps = [ cowboy telemetry ]; + }; + + cowlib = buildRebar3 rec { + name = "cowlib"; + version = "2.14.0"; + + src = fetchHex { + pkg = "cowlib"; + version = "${version}"; + sha256 = "0af652d1550c8411c3b58eed7a035a7fb088c0b86aff6bc504b0bc3b7f791aa2"; + }; + + beamDeps = []; + }; + + credo = buildMix rec { + name = "credo"; + version = "1.7.11"; + + src = fetchHex { + pkg = "credo"; + version = "${version}"; + sha256 = "56826b4306843253a66e47ae45e98e7d284ee1f95d53d1612bb483f88a8cf219"; + }; + + beamDeps = [ bunt file_system jason ]; + }; + + custom_base = buildMix rec { + name = "custom_base"; + version = "0.2.1"; + + src = fetchHex { + pkg = "custom_base"; + version = "${version}"; + sha256 = "8df019facc5ec9603e94f7270f1ac73ddf339f56ade76a721eaa57c1493ba463"; + }; + + beamDeps = []; + }; + + db_connection = buildMix rec { + name = "db_connection"; + version = "2.7.0"; + + src = fetchHex { + pkg = "db_connection"; + version = "${version}"; + sha256 = "dcf08f31b2701f857dfc787fbad78223d61a32204f217f15e881dd93e4bdd3ff"; + }; + + beamDeps = [ telemetry ]; + }; + + decimal = buildMix rec { + name = "decimal"; + version = "2.3.0"; + + src = fetchHex { + pkg = "decimal"; + version = "${version}"; + sha256 = "a4d66355cb29cb47c3cf30e71329e58361cfcb37c34235ef3bf1d7bf3773aeac"; + }; + + beamDeps = []; + }; + + deep_merge = buildMix rec { + name = "deep_merge"; + version = "1.0.0"; + + src = fetchHex { + pkg = "deep_merge"; + version = "${version}"; + sha256 = "ce708e5f094b9cd4e8f2be4f00d2f4250c4095be93f8cd6d018c753894885430"; + }; + + beamDeps = []; + }; + + dialyxir = buildMix rec { + name = "dialyxir"; + version = "1.4.5"; + + src = fetchHex { + pkg = "dialyxir"; + version = "${version}"; + sha256 = "b0fb08bb8107c750db5c0b324fa2df5ceaa0f9307690ee3c1f6ba5b9eb5d35c3"; + }; + + beamDeps = [ erlex ]; + }; + + earmark = buildMix rec { + name = "earmark"; + version = "1.4.46"; + + src = fetchHex { + pkg = "earmark"; + version = "${version}"; + sha256 = "798d86db3d79964e759ddc0c077d5eb254968ed426399fbf5a62de2b5ff8910a"; + }; + + beamDeps = []; + }; + + earmark_parser = buildMix rec { + name = "earmark_parser"; + version = "1.4.43"; + + src = fetchHex { + pkg = "earmark_parser"; + version = "${version}"; + sha256 = "970a3cd19503f5e8e527a190662be2cee5d98eed1ff72ed9b3d1a3d466692de8"; + }; + + beamDeps = []; + }; + + eblurhash = buildRebar3 rec { + name = "eblurhash"; + version = "1.2.2"; + + src = fetchHex { + pkg = "eblurhash"; + version = "${version}"; + sha256 = "8c20ca00904de023a835a9dcb7b7762fed32264c85a80c3cafa85288e405044c"; + }; + + beamDeps = []; + }; + + ecto = buildMix rec { + name = "ecto"; + version = "3.12.5"; + + src = fetchHex { + pkg = "ecto"; + version = "${version}"; + sha256 = "6eb18e80bef8bb57e17f5a7f068a1719fbda384d40fc37acb8eb8aeca493b6ea"; + }; + + beamDeps = [ decimal jason telemetry ]; + }; + + ecto_enum = buildMix rec { + name = "ecto_enum"; + version = "1.4.0"; + + src = fetchHex { + pkg = "ecto_enum"; + version = "${version}"; + sha256 = "8fb55c087181c2b15eee406519dc22578fa60dd82c088be376d0010172764ee4"; + }; + + beamDeps = [ ecto ecto_sql postgrex ]; + }; + + ecto_psql_extras = buildMix rec { + name = "ecto_psql_extras"; + version = "0.8.7"; + + src = fetchHex { + pkg = "ecto_psql_extras"; + version = "${version}"; + sha256 = "ac0a0bce57ffe36b30fac2a2d0d427b04de016e6af5db6f4b41afa1241f39cda"; + }; + + beamDeps = [ ecto_sql postgrex table_rex ]; + }; + + ecto_sql = buildMix rec { + name = "ecto_sql"; + version = "3.12.1"; + + src = fetchHex { + pkg = "ecto_sql"; + version = "${version}"; + sha256 = "aff5b958a899762c5f09028c847569f7dfb9cc9d63bdb8133bff8a5546de6bf5"; + }; + + beamDeps = [ db_connection ecto postgrex telemetry ]; + }; + + elixir_make = buildMix rec { + name = "elixir_make"; + version = "0.9.0"; + + src = fetchHex { + pkg = "elixir_make"; + version = "${version}"; + sha256 = "db23d4fd8b757462ad02f8aa73431a426fe6671c80b200d9710caf3d1dd0ffdb"; + }; + + beamDeps = []; + }; + + elixir_xml_to_map = buildMix rec { + name = "elixir_xml_to_map"; + version = "3.1.0"; + + src = fetchHex { + pkg = "elixir_xml_to_map"; + version = "${version}"; + sha256 = "8fe5f2e75f90bab07ee2161120c2dc038ebcae8135554f5582990f1c8c21f911"; + }; + + beamDeps = [ erlsom ]; + }; + + erlex = buildMix rec { + name = "erlex"; + version = "0.2.7"; + + src = fetchHex { + pkg = "erlex"; + version = "${version}"; + sha256 = "3ed95f79d1a844c3f6bf0cea61e0d5612a42ce56da9c03f01df538685365efb0"; + }; + + beamDeps = []; + }; + + erlsom = buildRebar3 rec { + name = "erlsom"; + version = "1.5.2"; + + src = fetchHex { + pkg = "erlsom"; + version = "${version}"; + sha256 = "4e765cc677fb30509f7b628ff2914e124cf4dcc0fac1c0a62ee4dcee24215b5d"; + }; + + beamDeps = []; + }; + + eternal = buildMix rec { + name = "eternal"; + version = "1.2.2"; + + src = fetchHex { + pkg = "eternal"; + version = "${version}"; + sha256 = "2c9fe32b9c3726703ba5e1d43a1d255a4f3f2d8f8f9bc19f094c7cb1a7a9e782"; + }; + + beamDeps = []; + }; + + ex_aws = buildMix rec { + name = "ex_aws"; + version = "2.5.8"; + + src = fetchHex { + pkg = "ex_aws"; + version = "${version}"; + sha256 = "8f79777b7932168956c8cc3a6db41f5783aa816eb50de356aed3165a71e5f8c3"; + }; + + beamDeps = [ hackney jason mime req sweet_xml telemetry ]; + }; + + ex_aws_s3 = buildMix rec { + name = "ex_aws_s3"; + version = "2.5.6"; + + src = fetchHex { + pkg = "ex_aws_s3"; + version = "${version}"; + sha256 = "9874e12847e469ca2f13a5689be04e546c16f63caf6380870b7f25bf7cb98875"; + }; + + beamDeps = [ ex_aws sweet_xml ]; + }; + + ex_const = buildMix rec { + name = "ex_const"; + version = "0.3.0"; + + src = fetchHex { + pkg = "ex_const"; + version = "${version}"; + sha256 = "76546322abb9e40ee4a2f454cf1c8a5b25c3672fa79bed1ea52c31e0d2428ca9"; + }; + + beamDeps = []; + }; + + ex_doc = buildMix rec { + name = "ex_doc"; + version = "0.37.2"; + + src = fetchHex { + pkg = "ex_doc"; + version = "${version}"; + sha256 = "4dfa56075ce4887e4e8b1dcc121cd5fcb0f02b00391fd367ff5336d98fa49049"; + }; + + beamDeps = [ earmark_parser makeup_elixir makeup_erlang ]; + }; + + ex_machina = buildMix rec { + name = "ex_machina"; + version = "2.8.0"; + + src = fetchHex { + pkg = "ex_machina"; + version = "${version}"; + sha256 = "79fe1a9c64c0c1c1fab6c4fa5d871682cb90de5885320c187d117004627a7729"; + }; + + beamDeps = [ ecto ecto_sql ]; + }; + + ex_syslogger = buildMix rec { + name = "ex_syslogger"; + version = "2.0.0"; + + src = fetchHex { + pkg = "ex_syslogger"; + version = "${version}"; + sha256 = "a52b2fe71764e9e6ecd149ab66635812f68e39279cbeee27c52c0e35e8b8019e"; + }; + + beamDeps = [ jason syslog ]; + }; + + excoveralls = buildMix rec { + name = "excoveralls"; + version = "0.16.1"; + + src = fetchHex { + pkg = "excoveralls"; + version = "${version}"; + sha256 = "dae763468e2008cf7075a64cb1249c97cb4bc71e236c5c2b5e5cdf1cfa2bf138"; + }; + + beamDeps = [ hackney jason ]; + }; + + expo = buildMix rec { + name = "expo"; + version = "0.4.1"; + + src = fetchHex { + pkg = "expo"; + version = "${version}"; + sha256 = "2ff7ba7a798c8c543c12550fa0e2cbc81b95d4974c65855d8d15ba7b37a1ce47"; + }; + + beamDeps = []; + }; + + fast_html = buildMix rec { + name = "fast_html"; + version = "2.4.1"; + + src = fetchHex { + pkg = "fast_html"; + version = "${version}"; + sha256 = "767a63ecc941d3fc0e0e9609ded1a5e798398e5b1bf4d2f47bcb5992a86b32cf"; + }; + + beamDeps = [ elixir_make nimble_pool ]; + }; + + fast_sanitize = buildMix rec { + name = "fast_sanitize"; + version = "0.2.3"; + + src = fetchHex { + pkg = "fast_sanitize"; + version = "${version}"; + sha256 = "e8ad286d10d0386e15d67d0ee125245ebcfbc7d7290b08712ba9013c8c5e56e2"; + }; + + beamDeps = [ fast_html plug ]; + }; + + file_system = buildMix rec { + name = "file_system"; + version = "1.1.0"; + + src = fetchHex { + pkg = "file_system"; + version = "${version}"; + sha256 = "bfcf81244f416871f2a2e15c1b515287faa5db9c6bcf290222206d120b3d43f6"; + }; + + beamDeps = []; + }; + + finch = buildMix rec { + name = "finch"; + version = "0.18.0"; + + src = fetchHex { + pkg = "finch"; + version = "${version}"; + sha256 = "69f5045b042e531e53edc2574f15e25e735b522c37e2ddb766e15b979e03aa65"; + }; + + beamDeps = [ castore mime mint nimble_options nimble_pool telemetry ]; + }; + + flake_id = buildMix rec { + name = "flake_id"; + version = "0.1.0"; + + src = fetchHex { + pkg = "flake_id"; + version = "${version}"; + sha256 = "31fc8090fde1acd267c07c36ea7365b8604055f897d3a53dd967658c691bd827"; + }; + + beamDeps = [ base62 ecto ]; + }; + + floki = buildMix rec { + name = "floki"; + version = "0.37.0"; + + src = fetchHex { + pkg = "floki"; + version = "${version}"; + sha256 = "516a0c15a69f78c47dc8e0b9b3724b29608aa6619379f91b1ffa47109b5d0dd3"; + }; + + beamDeps = []; + }; + + gen_smtp = buildRebar3 rec { + name = "gen_smtp"; + version = "1.2.0"; + + src = fetchHex { + pkg = "gen_smtp"; + version = "${version}"; + sha256 = "5ee0375680bca8f20c4d85f58c2894441443a743355430ff33a783fe03296779"; + }; + + beamDeps = [ ranch ]; + }; + + gettext = buildMix rec { + name = "gettext"; + version = "0.22.3"; + + src = fetchHex { + pkg = "gettext"; + version = "${version}"; + sha256 = "935f23447713954a6866f1bb28c3a878c4c011e802bcd68a726f5e558e4b64bd"; + }; + + beamDeps = [ expo ]; + }; + + glob_ex = buildMix rec { + name = "glob_ex"; + version = "0.1.11"; + + src = fetchHex { + pkg = "glob_ex"; + version = "${version}"; + sha256 = "342729363056e3145e61766b416769984c329e4378f1d558b63e341020525de4"; + }; + + beamDeps = []; + }; + + hackney = buildRebar3 rec { + name = "hackney"; + version = "1.22.0"; + + src = fetchHex { + pkg = "hackney"; + version = "${version}"; + sha256 = "628569e451820950382be3d3e6481d7c59997e606c7823bddb4ce5d10812dfcb"; + }; + + beamDeps = [ certifi idna metrics mimerl parse_trans ssl_verify_fun unicode_util_compat ]; + }; + + hpax = buildMix rec { + name = "hpax"; + version = "0.1.2"; + + src = fetchHex { + pkg = "hpax"; + version = "${version}"; + sha256 = "2c87843d5a23f5f16748ebe77969880e29809580efdaccd615cd3bed628a8c13"; + }; + + beamDeps = []; + }; + + html_entities = buildMix rec { + name = "html_entities"; + version = "0.5.2"; + + src = fetchHex { + pkg = "html_entities"; + version = "${version}"; + sha256 = "c53ba390403485615623b9531e97696f076ed415e8d8058b1dbaa28181f4fdcc"; + }; + + beamDeps = []; + }; + + httpoison = buildMix rec { + name = "httpoison"; + version = "1.8.2"; + + src = fetchHex { + pkg = "httpoison"; + version = "${version}"; + sha256 = "2bb350d26972e30c96e2ca74a1aaf8293d61d0742ff17f01e0279fef11599921"; + }; + + beamDeps = [ hackney ]; + }; + + idna = buildRebar3 rec { + name = "idna"; + version = "6.1.1"; + + src = fetchHex { + pkg = "idna"; + version = "${version}"; + sha256 = "92376eb7894412ed19ac475e4a86f7b413c1b9fbb5bd16dccd57934157944cea"; + }; + + beamDeps = [ unicode_util_compat ]; + }; + + igniter = buildMix rec { + name = "igniter"; + version = "0.5.27"; + + src = fetchHex { + pkg = "igniter"; + version = "${version}"; + sha256 = "3042a71d4466e9c9b98a23d182eb02014a1c4802a35de0fa8233263d27c99550"; + }; + + beamDeps = [ glob_ex inflex jason owl req rewrite sourceror spitfire ]; + }; + + inet_cidr = buildMix rec { + name = "inet_cidr"; + version = "1.0.8"; + + src = fetchHex { + pkg = "inet_cidr"; + version = "${version}"; + sha256 = "d5b26da66603bb56c933c65214c72152f0de9a6ea53618b56d63302a68f6a90e"; + }; + + beamDeps = []; + }; + + inflex = buildMix rec { + name = "inflex"; + version = "2.1.0"; + + src = fetchHex { + pkg = "inflex"; + version = "${version}"; + sha256 = "14c17d05db4ee9b6d319b0bff1bdf22aa389a25398d1952c7a0b5f3d93162dd8"; + }; + + beamDeps = []; + }; + + jason = buildMix rec { + name = "jason"; + version = "1.4.4"; + + src = fetchHex { + pkg = "jason"; + version = "${version}"; + sha256 = "c5eb0cab91f094599f94d55bc63409236a8ec69a21a67814529e8d5f6cc90b3b"; + }; + + beamDeps = [ decimal ]; + }; + + joken = buildMix rec { + name = "joken"; + version = "2.6.2"; + + src = fetchHex { + pkg = "joken"; + version = "${version}"; + sha256 = "5134b5b0a6e37494e46dbf9e4dad53808e5e787904b7c73972651b51cce3d72b"; + }; + + beamDeps = [ jose ]; + }; + + jose = buildMix rec { + name = "jose"; + version = "1.11.10"; + + src = fetchHex { + pkg = "jose"; + version = "${version}"; + sha256 = "0d6cd36ff8ba174db29148fc112b5842186b68a90ce9fc2b3ec3afe76593e614"; + }; + + beamDeps = []; + }; + + jumper = buildMix rec { + name = "jumper"; + version = "1.0.2"; + + src = fetchHex { + pkg = "jumper"; + version = "${version}"; + sha256 = "9b7782409021e01ab3c08270e26f36eb62976a38c1aa64b2eaf6348422f165e1"; + }; + + beamDeps = []; + }; + + linkify = buildMix rec { + name = "linkify"; + version = "0.5.3"; + + src = fetchHex { + pkg = "linkify"; + version = "${version}"; + sha256 = "3ef35a1377d47c25506e07c1c005ea9d38d700699d92ee92825f024434258177"; + }; + + beamDeps = []; + }; + + mail = buildMix rec { + name = "mail"; + version = "0.4.3"; + + src = fetchHex { + pkg = "mail"; + version = "${version}"; + sha256 = "164975550b977e47cab431c403b0e90c8ce542036d32c7189b83839d8d7d391b"; + }; + + beamDeps = []; + }; + + makeup = buildMix rec { + name = "makeup"; + version = "1.2.1"; + + src = fetchHex { + pkg = "makeup"; + version = "${version}"; + sha256 = "d36484867b0bae0fea568d10131197a4c2e47056a6fbe84922bf6ba71c8d17ce"; + }; + + beamDeps = [ nimble_parsec ]; + }; + + makeup_elixir = buildMix rec { + name = "makeup_elixir"; + version = "1.0.1"; + + src = fetchHex { + pkg = "makeup_elixir"; + version = "${version}"; + sha256 = "7284900d412a3e5cfd97fdaed4f5ed389b8f2b4cb49efc0eb3bd10e2febf9507"; + }; + + beamDeps = [ makeup nimble_parsec ]; + }; + + makeup_erlang = buildMix rec { + name = "makeup_erlang"; + version = "1.0.2"; + + src = fetchHex { + pkg = "makeup_erlang"; + version = "${version}"; + sha256 = "af33ff7ef368d5893e4a267933e7744e46ce3cf1f61e2dccf53a111ed3aa3727"; + }; + + beamDeps = [ makeup ]; + }; + + meck = buildRebar3 rec { + name = "meck"; + version = "0.9.2"; + + src = fetchHex { + pkg = "meck"; + version = "${version}"; + sha256 = "81344f561357dc40a8344afa53767c32669153355b626ea9fcbc8da6b3045826"; + }; + + beamDeps = []; + }; + + metrics = buildRebar3 rec { + name = "metrics"; + version = "1.0.1"; + + src = fetchHex { + pkg = "metrics"; + version = "${version}"; + sha256 = "69b09adddc4f74a40716ae54d140f93beb0fb8978d8636eaded0c31b6f099f16"; + }; + + beamDeps = []; + }; + + mime = buildMix rec { + name = "mime"; + version = "2.0.6"; + + src = fetchHex { + pkg = "mime"; + version = "${version}"; + sha256 = "c9945363a6b26d747389aac3643f8e0e09d30499a138ad64fe8fd1d13d9b153e"; + }; + + beamDeps = []; + }; + + mimerl = buildRebar3 rec { + name = "mimerl"; + version = "1.3.0"; + + src = fetchHex { + pkg = "mimerl"; + version = "${version}"; + sha256 = "a1e15a50d1887217de95f0b9b0793e32853f7c258a5cd227650889b38839fe9d"; + }; + + beamDeps = []; + }; + + mint = buildMix rec { + name = "mint"; + version = "1.5.2"; + + src = fetchHex { + pkg = "mint"; + version = "${version}"; + sha256 = "d77d9e9ce4eb35941907f1d3df38d8f750c357865353e21d335bdcdf6d892a02"; + }; + + beamDeps = [ castore hpax ]; + }; + + mneme = buildMix rec { + name = "mneme"; + version = "0.10.2"; + + src = fetchHex { + pkg = "mneme"; + version = "${version}"; + sha256 = "3b9493fc114c4bb0f6232e021620ffd7944819b9b9105a5b286b6dc907f7720a"; + }; + + beamDeps = [ file_system igniter nimble_options owl rewrite sourceror text_diff ]; + }; + + mock = buildMix rec { + name = "mock"; + version = "0.3.9"; + + src = fetchHex { + pkg = "mock"; + version = "${version}"; + sha256 = "9e1b244c4ca2551bb17bb8415eed89e40ee1308e0fbaed0a4fdfe3ec8a4adbd3"; + }; + + beamDeps = [ meck ]; + }; + + mogrify = buildMix rec { + name = "mogrify"; + version = "0.9.3"; + + src = fetchHex { + pkg = "mogrify"; + version = "${version}"; + sha256 = "0189b1e1de27455f2b9ae8cf88239cefd23d38de9276eb5add7159aea51731e6"; + }; + + beamDeps = []; + }; + + mox = buildMix rec { + name = "mox"; + version = "1.2.0"; + + src = fetchHex { + pkg = "mox"; + version = "${version}"; + sha256 = "c7b92b3cc69ee24a7eeeaf944cd7be22013c52fcb580c1f33f50845ec821089a"; + }; + + beamDeps = [ nimble_ownership ]; + }; + + nimble_options = buildMix rec { + name = "nimble_options"; + version = "1.1.1"; + + src = fetchHex { + pkg = "nimble_options"; + version = "${version}"; + sha256 = "821b2470ca9442c4b6984882fe9bb0389371b8ddec4d45a9504f00a66f650b44"; + }; + + beamDeps = []; + }; + + nimble_ownership = buildMix rec { + name = "nimble_ownership"; + version = "1.0.1"; + + src = fetchHex { + pkg = "nimble_ownership"; + version = "${version}"; + sha256 = "3825e461025464f519f3f3e4a1f9b68c47dc151369611629ad08b636b73bb22d"; + }; + + beamDeps = []; + }; + + nimble_parsec = buildMix rec { + name = "nimble_parsec"; + version = "1.4.2"; + + src = fetchHex { + pkg = "nimble_parsec"; + version = "${version}"; + sha256 = "4b21398942dda052b403bbe1da991ccd03a053668d147d53fb8c4e0efe09c973"; + }; + + beamDeps = []; + }; + + nimble_pool = buildMix rec { + name = "nimble_pool"; + version = "1.1.0"; + + src = fetchHex { + pkg = "nimble_pool"; + version = "${version}"; + sha256 = "af2e4e6b34197db81f7aad230c1118eac993acc0dae6bc83bac0126d4ae0813a"; + }; + + beamDeps = []; + }; + + oban = buildMix rec { + name = "oban"; + version = "2.19.2"; + + src = fetchHex { + pkg = "oban"; + version = "${version}"; + sha256 = "de8314b00b31d17f98fd2c76781f80c1cfc8621122b41830c0834486c44e1087"; + }; + + beamDeps = [ ecto_sql igniter jason postgrex telemetry ]; + }; + + oban_met = buildMix rec { + name = "oban_met"; + version = "1.0.1"; + + src = fetchHex { + pkg = "oban_met"; + version = "${version}"; + sha256 = "0492d841f880b76c5b73081bc70ebea20ebacc08e871345f72c2270513f09957"; + }; + + beamDeps = [ oban ]; + }; + + oban_web = buildMix rec { + name = "oban_web"; + version = "2.11.1"; + + src = fetchHex { + pkg = "oban_web"; + version = "${version}"; + sha256 = "d853c6af3f7c20d03a2bf7b1baad71835d50fbb98af05004e9b51da558b90b01"; + }; + + beamDeps = [ jason oban oban_met phoenix phoenix_html phoenix_live_view phoenix_pubsub ]; + }; + + open_api_spex = buildMix rec { + name = "open_api_spex"; + version = "3.21.2"; + + src = fetchHex { + pkg = "open_api_spex"; + version = "${version}"; + sha256 = "f42ae6ed668b895ebba3e02773cfb4b41050df26f803f2ef634c72a7687dc387"; + }; + + beamDeps = [ decimal jason plug poison ]; + }; + + owl = buildMix rec { + name = "owl"; + version = "0.12.2"; + + src = fetchHex { + pkg = "owl"; + version = "${version}"; + sha256 = "6398efa9e1fea70a04d24231e10dcd66c1ac1aa2da418d20ef5357ec61de2880"; + }; + + beamDeps = []; + }; + + parse_trans = buildRebar3 rec { + name = "parse_trans"; + version = "3.4.1"; + + src = fetchHex { + pkg = "parse_trans"; + version = "${version}"; + sha256 = "620a406ce75dada827b82e453c19cf06776be266f5a67cff34e1ef2cbb60e49a"; + }; + + beamDeps = []; + }; + + phoenix = buildMix rec { + name = "phoenix"; + version = "1.7.20"; + + src = fetchHex { + pkg = "phoenix"; + version = "${version}"; + sha256 = "6be2ab98302e8784a31829e0d50d8bdfa81a23cd912c395bafd8b8bfb5a086c2"; + }; + + beamDeps = [ castore jason phoenix_pubsub phoenix_template phoenix_view plug plug_cowboy plug_crypto telemetry websock_adapter ]; + }; + + phoenix_ecto = buildMix rec { + name = "phoenix_ecto"; + version = "4.6.3"; + + src = fetchHex { + pkg = "phoenix_ecto"; + version = "${version}"; + sha256 = "909502956916a657a197f94cc1206d9a65247538de8a5e186f7537c895d95764"; + }; + + beamDeps = [ ecto phoenix_html plug postgrex ]; + }; + + phoenix_html = buildMix rec { + name = "phoenix_html"; + version = "3.3.4"; + + src = fetchHex { + pkg = "phoenix_html"; + version = "${version}"; + sha256 = "0249d3abec3714aff3415e7ee3d9786cb325be3151e6c4b3021502c585bf53fb"; + }; + + beamDeps = [ plug ]; + }; + + phoenix_live_dashboard = buildMix rec { + name = "phoenix_live_dashboard"; + version = "0.8.6"; + + src = fetchHex { + pkg = "phoenix_live_dashboard"; + version = "${version}"; + sha256 = "1681ab813ec26ca6915beb3414aa138f298e17721dc6a2bde9e6eb8a62360ff6"; + }; + + beamDeps = [ ecto ecto_psql_extras mime phoenix_live_view telemetry_metrics ]; + }; + + phoenix_live_view = buildMix rec { + name = "phoenix_live_view"; + version = "1.0.4"; + + src = fetchHex { + pkg = "phoenix_live_view"; + version = "${version}"; + sha256 = "a9865316ddf8d78f382d63af278d20436b52d262b60239956817a61279514366"; + }; + + beamDeps = [ floki jason phoenix phoenix_html phoenix_template phoenix_view plug telemetry ]; + }; + + phoenix_pubsub = buildMix rec { + name = "phoenix_pubsub"; + version = "2.1.3"; + + src = fetchHex { + pkg = "phoenix_pubsub"; + version = "${version}"; + sha256 = "bba06bc1dcfd8cb086759f0edc94a8ba2bc8896d5331a1e2c2902bf8e36ee502"; + }; + + beamDeps = []; + }; + + phoenix_swoosh = buildMix rec { + name = "phoenix_swoosh"; + version = "1.2.1"; + + src = fetchHex { + pkg = "phoenix_swoosh"; + version = "${version}"; + sha256 = "4000eeba3f9d7d1a6bf56d2bd56733d5cadf41a7f0d8ffe5bb67e7d667e204a2"; + }; + + beamDeps = [ finch hackney phoenix phoenix_html phoenix_view swoosh ]; + }; + + phoenix_template = buildMix rec { + name = "phoenix_template"; + version = "1.0.4"; + + src = fetchHex { + pkg = "phoenix_template"; + version = "${version}"; + sha256 = "2c0c81f0e5c6753faf5cca2f229c9709919aba34fab866d3bc05060c9c444206"; + }; + + beamDeps = [ phoenix_html ]; + }; + + phoenix_view = buildMix rec { + name = "phoenix_view"; + version = "2.0.4"; + + src = fetchHex { + pkg = "phoenix_view"; + version = "${version}"; + sha256 = "4e992022ce14f31fe57335db27a28154afcc94e9983266835bb3040243eb620b"; + }; + + beamDeps = [ phoenix_html phoenix_template ]; + }; + + plug = buildMix rec { + name = "plug"; + version = "1.16.1"; + + src = fetchHex { + pkg = "plug"; + version = "${version}"; + sha256 = "a13ff6b9006b03d7e33874945b2755253841b238c34071ed85b0e86057f8cddc"; + }; + + beamDeps = [ mime plug_crypto telemetry ]; + }; + + plug_cowboy = buildMix rec { + name = "plug_cowboy"; + version = "2.7.2"; + + src = fetchHex { + pkg = "plug_cowboy"; + version = "${version}"; + sha256 = "245d8a11ee2306094840c000e8816f0cbed69a23fc0ac2bcf8d7835ae019bb2f"; + }; + + beamDeps = [ cowboy cowboy_telemetry plug ]; + }; + + plug_crypto = buildMix rec { + name = "plug_crypto"; + version = "2.1.0"; + + src = fetchHex { + pkg = "plug_crypto"; + version = "${version}"; + sha256 = "131216a4b030b8f8ce0f26038bc4421ae60e4bb95c5cf5395e1421437824c4fa"; + }; + + beamDeps = []; + }; + + plug_static_index_html = buildMix rec { + name = "plug_static_index_html"; + version = "1.0.0"; + + src = fetchHex { + pkg = "plug_static_index_html"; + version = "${version}"; + sha256 = "79fd4fcf34d110605c26560cbae8f23c603ec4158c08298bd4360fdea90bb5cf"; + }; + + beamDeps = [ plug ]; + }; + + poison = buildMix rec { + name = "poison"; + version = "5.0.0"; + + src = fetchHex { + pkg = "poison"; + version = "${version}"; + sha256 = "11dc6117c501b80c62a7594f941d043982a1bd05a1184280c0d9166eb4d8d3fc"; + }; + + beamDeps = [ decimal ]; + }; + + poolboy = buildRebar3 rec { + name = "poolboy"; + version = "1.5.2"; + + src = fetchHex { + pkg = "poolboy"; + version = "${version}"; + sha256 = "dad79704ce5440f3d5a3681c8590b9dc25d1a561e8f5a9c995281012860901e3"; + }; + + beamDeps = []; + }; + + postgrex = buildMix rec { + name = "postgrex"; + version = "0.20.0"; + + src = fetchHex { + pkg = "postgrex"; + version = "${version}"; + sha256 = "d36ef8b36f323d29505314f704e21a1a038e2dc387c6409ee0cd24144e187c0f"; + }; + + beamDeps = [ db_connection decimal jason ]; + }; + + pot = buildRebar3 rec { + name = "pot"; + version = "1.0.2"; + + src = fetchHex { + pkg = "pot"; + version = "${version}"; + sha256 = "78fe127f5a4f5f919d6ea5a2a671827bd53eb9d37e5b4128c0ad3df99856c2e0"; + }; + + beamDeps = []; + }; + + ranch = buildRebar3 rec { + name = "ranch"; + version = "2.2.0"; + + src = fetchHex { + pkg = "ranch"; + version = "${version}"; + sha256 = "fa0b99a1780c80218a4197a59ea8d3bdae32fbff7e88527d7d8a4787eff4f8e7"; + }; + + beamDeps = []; + }; + + recon = buildMix rec { + name = "recon"; + version = "2.5.6"; + + src = fetchHex { + pkg = "recon"; + version = "${version}"; + sha256 = "96c6799792d735cc0f0fd0f86267e9d351e63339cbe03df9d162010cefc26bb0"; + }; + + beamDeps = []; + }; + + remote_ip = buildMix rec { + name = "remote_ip"; + version = "1.1.0"; + + src = fetchHex { + pkg = "remote_ip"; + version = "${version}"; + sha256 = "616ffdf66aaad6a72fc546dabf42eed87e2a99e97b09cbd92b10cc180d02ed74"; + }; + + beamDeps = [ combine plug ]; + }; + + req = buildMix rec { + name = "req"; + version = "0.5.8"; + + src = fetchHex { + pkg = "req"; + version = "${version}"; + sha256 = "d7fc5898a566477e174f26887821a3c5082b243885520ee4b45555f5d53f40ef"; + }; + + beamDeps = [ finch jason mime plug ]; + }; + + rewrite = buildMix rec { + name = "rewrite"; + version = "1.1.2"; + + src = fetchHex { + pkg = "rewrite"; + version = "${version}"; + sha256 = "7f8b94b1e3528d0a47b3e8b7bfeca559d2948a65fa7418a9ad7d7712703d39d4"; + }; + + beamDeps = [ glob_ex sourceror text_diff ]; + }; + + sleeplocks = buildRebar3 rec { + name = "sleeplocks"; + version = "1.1.3"; + + src = fetchHex { + pkg = "sleeplocks"; + version = "${version}"; + sha256 = "d3b3958552e6eb16f463921e70ae7c767519ef8f5be46d7696cc1ed649421321"; + }; + + beamDeps = []; + }; + + sourceror = buildMix rec { + name = "sourceror"; + version = "1.7.1"; + + src = fetchHex { + pkg = "sourceror"; + version = "${version}"; + sha256 = "cd6f268fe29fa00afbc535e215158680a0662b357dc784646d7dff28ac65a0fc"; + }; + + beamDeps = []; + }; + + spitfire = buildMix rec { + name = "spitfire"; + version = "0.1.5"; + + src = fetchHex { + pkg = "spitfire"; + version = "${version}"; + sha256 = "866a55d21fe827934ff38200111335c9dd311df13cbf2580ed71d84b0a783150"; + }; + + beamDeps = []; + }; + + ssl_verify_fun = buildRebar3 rec { + name = "ssl_verify_fun"; + version = "1.1.7"; + + src = fetchHex { + pkg = "ssl_verify_fun"; + version = "${version}"; + sha256 = "fe4c190e8f37401d30167c8c405eda19469f34577987c76dde613e838bbc67f8"; + }; + + beamDeps = []; + }; + + statistex = buildMix rec { + name = "statistex"; + version = "1.0.0"; + + src = fetchHex { + pkg = "statistex"; + version = "${version}"; + sha256 = "ff9d8bee7035028ab4742ff52fc80a2aa35cece833cf5319009b52f1b5a86c27"; + }; + + beamDeps = []; + }; + + sweet_xml = buildMix rec { + name = "sweet_xml"; + version = "0.7.5"; + + src = fetchHex { + pkg = "sweet_xml"; + version = "${version}"; + sha256 = "193b28a9b12891cae351d81a0cead165ffe67df1b73fe5866d10629f4faefb12"; + }; + + beamDeps = []; + }; + + swoosh = buildMix rec { + name = "swoosh"; + version = "1.14.4"; + + src = fetchHex { + pkg = "swoosh"; + version = "${version}"; + sha256 = "081c5a590e4ba85cc89baddf7b2beecf6c13f7f84a958f1cd969290815f0f026"; + }; + + beamDeps = [ cowboy ex_aws finch gen_smtp hackney jason mail mime plug plug_cowboy req telemetry ]; + }; + + syslog = buildRebar3 rec { + name = "syslog"; + version = "1.1.0"; + + src = fetchHex { + pkg = "syslog"; + version = "${version}"; + sha256 = "4c6a41373c7e20587be33ef841d3de6f3beba08519809329ecc4d27b15b659e1"; + }; + + beamDeps = []; + }; + + table_rex = buildMix rec { + name = "table_rex"; + version = "4.1.0"; + + src = fetchHex { + pkg = "table_rex"; + version = "${version}"; + sha256 = "95932701df195d43bc2d1c6531178fc8338aa8f38c80f098504d529c43bc2601"; + }; + + beamDeps = []; + }; + + telemetry = buildRebar3 rec { + name = "telemetry"; + version = "1.3.0"; + + src = fetchHex { + pkg = "telemetry"; + version = "${version}"; + sha256 = "7015fc8919dbe63764f4b4b87a95b7c0996bd539e0d499be6ec9d7f3875b79e6"; + }; + + beamDeps = []; + }; + + telemetry_metrics = buildMix rec { + name = "telemetry_metrics"; + version = "0.6.2"; + + src = fetchHex { + pkg = "telemetry_metrics"; + version = "${version}"; + sha256 = "9b43db0dc33863930b9ef9d27137e78974756f5f198cae18409970ed6fa5b561"; + }; + + beamDeps = [ telemetry ]; + }; + + telemetry_metrics_prometheus = buildMix rec { + name = "telemetry_metrics_prometheus"; + version = "1.1.0"; + + src = fetchHex { + pkg = "telemetry_metrics_prometheus"; + version = "${version}"; + sha256 = "d43b3659b3244da44fe0275b717701542365d4519b79d9ce895b9719c1ce4d26"; + }; + + beamDeps = [ plug_cowboy telemetry_metrics_prometheus_core ]; + }; + + telemetry_metrics_prometheus_core = buildMix rec { + name = "telemetry_metrics_prometheus_core"; + version = "1.1.0"; + + src = fetchHex { + pkg = "telemetry_metrics_prometheus_core"; + version = "${version}"; + sha256 = "0dd10e7fe8070095df063798f82709b0a1224c31b8baf6278b423898d591a069"; + }; + + beamDeps = [ telemetry telemetry_metrics ]; + }; + + telemetry_poller = buildRebar3 rec { + name = "telemetry_poller"; + version = "1.1.0"; + + src = fetchHex { + pkg = "telemetry_poller"; + version = "${version}"; + sha256 = "9eb9d9cbfd81cbd7cdd24682f8711b6e2b691289a0de6826e58452f28c103c8f"; + }; + + beamDeps = [ telemetry ]; + }; + + tesla = buildMix rec { + name = "tesla"; + version = "1.14.1"; + + src = fetchHex { + pkg = "tesla"; + version = "${version}"; + sha256 = "c1dde8140a49a3bef5bb622356e77ac5a24ad0c8091f12c3b7fc1077ce797155"; + }; + + beamDeps = [ castore finch hackney jason mime mint mox poison telemetry ]; + }; + + text_diff = buildMix rec { + name = "text_diff"; + version = "0.1.0"; + + src = fetchHex { + pkg = "text_diff"; + version = "${version}"; + sha256 = "d1ffaaecab338e49357b6daa82e435f877e0649041ace7755583a0ea3362dbd7"; + }; + + beamDeps = []; + }; + + timex = buildMix rec { + name = "timex"; + version = "3.7.11"; + + src = fetchHex { + pkg = "timex"; + version = "${version}"; + sha256 = "8b9024f7efbabaf9bd7aa04f65cf8dcd7c9818ca5737677c7b76acbc6a94d1aa"; + }; + + beamDeps = [ combine gettext tzdata ]; + }; + + trailing_format_plug = buildMix rec { + name = "trailing_format_plug"; + version = "0.0.7"; + + src = fetchHex { + pkg = "trailing_format_plug"; + version = "${version}"; + sha256 = "bd4fde4c15f3e993a999e019d64347489b91b7a9096af68b2bdadd192afa693f"; + }; + + beamDeps = [ plug ]; + }; + + tzdata = buildMix rec { + name = "tzdata"; + version = "1.1.2"; + + src = fetchHex { + pkg = "tzdata"; + version = "${version}"; + sha256 = "cec7b286e608371602318c414f344941d5eb0375e14cfdab605cca2fe66cba8b"; + }; + + beamDeps = [ hackney ]; + }; + + ueberauth = buildMix rec { + name = "ueberauth"; + version = "0.10.5"; + + src = fetchHex { + pkg = "ueberauth"; + version = "${version}"; + sha256 = "3efd1f31d490a125c7ed453b926f7c31d78b97b8a854c755f5c40064bf3ac9e1"; + }; + + beamDeps = [ plug ]; + }; + + unicode_util_compat = buildRebar3 rec { + name = "unicode_util_compat"; + version = "0.7.0"; + + src = fetchHex { + pkg = "unicode_util_compat"; + version = "${version}"; + sha256 = "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"; + }; + + beamDeps = []; + }; + + unsafe = buildMix rec { + name = "unsafe"; + version = "1.0.2"; + + src = fetchHex { + pkg = "unsafe"; + version = "${version}"; + sha256 = "b485231683c3ab01a9cd44cb4a79f152c6f3bb87358439c6f68791b85c2df675"; + }; + + beamDeps = []; + }; + + vex = buildMix rec { + name = "vex"; + version = "0.9.2"; + + src = fetchHex { + pkg = "vex"; + version = "${version}"; + sha256 = "76e709a9762e98c6b462dfce92e9b5dfbf712839227f2da8add6dd11549b12cb"; + }; + + beamDeps = []; + }; + + web_push_encryption = buildMix rec { + name = "web_push_encryption"; + version = "0.3.1"; + + src = fetchHex { + pkg = "web_push_encryption"; + version = "${version}"; + sha256 = "4f82b2e57622fb9337559058e8797cb0df7e7c9790793bdc4e40bc895f70e2a2"; + }; + + beamDeps = [ httpoison jose ]; + }; + + websock = buildMix rec { + name = "websock"; + version = "0.5.3"; + + src = fetchHex { + pkg = "websock"; + version = "${version}"; + sha256 = "6105453d7fac22c712ad66fab1d45abdf049868f253cf719b625151460b8b453"; + }; + + beamDeps = []; + }; + + websock_adapter = buildMix rec { + name = "websock_adapter"; + version = "0.5.8"; + + src = fetchHex { + pkg = "websock_adapter"; + version = "${version}"; + sha256 = "315b9a1865552212b5f35140ad194e67ce31af45bcee443d4ecb96b5fd3f3782"; + }; + + beamDeps = [ plug plug_cowboy websock ]; + }; + + websockex = buildMix rec { + name = "websockex"; + version = "0.4.3"; + + src = fetchHex { + pkg = "websockex"; + version = "${version}"; + sha256 = "95f2e7072b85a3a4cc385602d42115b73ce0b74a9121d0d6dbbf557645ac53e4"; + }; + + beamDeps = []; + }; + }; +in self + diff --git a/pkgs/apply-config/apply-config b/pkgs/apply-config/apply-config new file mode 100755 index 0000000..4fea8ca --- /dev/null +++ b/pkgs/apply-config/apply-config @@ -0,0 +1,135 @@ +#!/usr/bin/env gosh + +(use gauche.parseopt) +(use gauche.process) +(use util.match) + +(define action #f) +(define attribute + (string-append "nixosConfigurations." (sys-gethostname))) +(define keep #f) +(define specialisation #f) +(define verbose #f) +(define extra-nix-args '()) +(define config-path ".") + + +(define (usage progname) + (display +#"~|progname|: Activate a nixos configuration. + +Usage: ~|progname| [OPTIONS] [PATH] ACTION + +where ACTION is one of the actions which can be passed to switch-to-configuration +(i.e. dry-activate, switch, test, or boot). + +Options: + -A --attr Attribute which evaluates to a (built) configuration. + Defaults to nixosConfigurations.<hostname> + -k --keep Add a garbage collection root for the built configuration. + -s --specialisation Specialisation to apply. + -v --verbose Display commands before they are run. + -h --help Print this help message. +")) + + +(define (log-msg msg) + (display (format "apply-config: ~a\n" msg) (standard-error-port))) + +(define (log-verbose msg) + (when verbose + (log-msg msg))) + +(define (run-command cmd) + (when verbose + (log-msg (format "running ~a" cmd))) + (do-process! cmd)) + + +(define (main args) + (let-args + (cdr args) + ((o-verbose "v|verbose") + ; these are taken from nix-build + (o-attribute "A|attr=s") + (o-keep "k|keep") + (o-specialisation "s|specialisation=s") + (help "h|help" => + (cut (begin (usage (car args)) (exit 0)))) + (else (opt . _) + (print "unknown option: " opt "\n") (usage (car args)) (exit 1)) + . restargs) + + (when o-attribute + (set! attribute o-attribute)) + (set! keep o-keep) + (set! specialisation o-specialisation) + (set! verbose o-verbose) + + (match restargs + [((or "dry-activate" "switch" "test" "boot")) + (set! action (string->symbol (car restargs)))] + [(path (or "dry-activate" "switch" "test" "boot")) + (set! action (string->symbol (cadr restargs))) + (set! config-path path)] + [_ (begin (usage (car args)) (exit 1))]) + + (when (and specialisation (not (or (equal? action "test") (equal? action "switch")))) + (log-msg "Error: --specialisation can only be used with `test' or `switch'") + (exit 1)) + + (log-verbose (format "action: ~a" action)) + + + (let ([built-config (build-config)]) + (log-verbose (format "built config is ~a" built-config)) + (install-in-env built-config) + (switch-to-configuration built-config)) + + 0)) + + +(define (build-config) + (define (optional b args) + (if b args '())) + (define nix-cmd + (append + ; use nix-build since it actually prints the outpath + `(nix-build ,config-path --no-out-link --log-format bar-with-logs) + (optional attribute (list '-A (string-append attribute ".config.system.build.toplevel"))) + extra-nix-args)) + (log-verbose nix-cmd) + (process-output->string + nix-cmd :on-abnormal-exit :error)) + + +(define (install-in-env built-config) + (define cmd + `(sudo nix-env -p /nix/var/nix/profiles/system --install ,built-config)) + + (if (or (equal? action 'switch) (equal? action 'boot)) + (run-command cmd) + (log-verbose + "skipping nix-env profile installation"))) + + +(define (switch-to-configuration built-config) + (define cmd + `(sudo systemd-run + -E LOCALE_ARCHIVE + -E NIXOS_INSTALL_BOOTLOADER + --collect + --no-ask-password + --pty + --quiet + --same-dir + --service-type=exec + --unit=nixos-rebuild-switch-to-configuration + --wait + ,(string-append built-config "/bin/switch-to-configuration") + ,action)) + + (log-verbose cmd) + (unless (do-process cmd) + (log "warning: error(s) occurred while switching to the new configuration"))) + diff --git a/pkgs/apply-config/default.nix b/pkgs/apply-config/default.nix new file mode 100644 index 0000000..03ba1f9 --- /dev/null +++ b/pkgs/apply-config/default.nix @@ -0,0 +1,14 @@ +{ stdenvNoCC, gauche }: + +stdenvNoCC.mkDerivation { + name = "apply-config"; + + src = ./.; + + buildInputs = [ gauche ]; + + installPhase = '' + mkdir -p $out/bin + cp apply-config $out/bin + ''; +} diff --git a/pkgs/bookwyrm.nix b/pkgs/bookwyrm.nix deleted file mode 100644 index 7a5daec..0000000 --- a/pkgs/bookwyrm.nix +++ /dev/null @@ -1,138 +0,0 @@ -{ lib -, fetchFromGitHub -, python -, writeShellScriptBin -, writeText -, settings ? { } -}: - -let - # set some dummy values to make the package build - settingsWithDefaults = { - DOMAIN = "localhost"; - DEBUG = false; - USE_HTTPS = false; - EMAIL = "your@email.here"; - PGPORT = 5432; - POSTGRES_USER = "bookwyrm"; - POSTGRES_DB = "bookwyrm"; - POSTGRES_HOST = "localhost"; - REDIS_ACTIVITY_HOST = "localhost"; - REDIS_ACTIVITY_PORT = 6379; - REDIS_BROKER_HOST = "localhost"; - REDIS_BROKER_PORT = 6379; - EMAIL_HOST = "smtp.example.com"; - EMAIL_PORT = 587; - EMAIL_HOST_USER = "mail@example.org"; - EMAIL_HOST_PASSWORD = "blub"; - MEDIA_ROOT = "/var/lib/bookwyrm/images"; - } // settings; - - # toShellVar produces "" for false, which bookwyrm rejects - toDjangoVar = name: value: lib.toShellVar name - (if value == false then "false" else - (if value == true then "true" else value)); - - envfile = writeText "bookwyrm.env" - (lib.strings.concatLines - (lib.mapAttrsToList toDjangoVar settingsWithDefaults)); - - bookwyrm = python.pkgs.buildPythonApplication rec { - pname = "bookwyrm"; - version = "0.7.2"; - - format = "other"; - - src = fetchFromGitHub { - owner = "bookwyrm-social"; - repo = "bookwyrm"; - rev = "refs/tags/v${version}"; - hash = "sha256-5QhIHpNUn65qTh7ARlnGfUESoxw8hqFaoS2D2z+OSlM="; - }; - - propagatedBuildInputs = with python.pkgs; [ - aiohttp - bleach - celery - colorthief - django - django-celery-beat - bw-file-resubmit - django-compressor - django-imagekit - django-model-utils - django-sass-processor - django-csp - environs - flower - gunicorn - libsass - markdown - packaging - pillow - psycopg2 - pycryptodome - dateutil - redis - requests - responses - pytz - boto3 - django-storages - django-redis - opentelemetry-api - opentelemetry-exporter-otlp-proto-grpc - # opentelemetry-instrumentation-celery - opentelemetry-instrumentation-django - # opentelemetry-instrumentation-pyscopg2 - opentelemetry-sdk - protobuf - pyotp - qrcode - grpcio - ]; - - postBuild = '' - ln -s ${envfile} .env - # needed for the python settings.py file to not fail, but not - # used during the commands executed below, so this is safe - export SECRET_KEY=fnord - - substituteInPlace contrib/systemd/* \ - --replace /opt/bookwyrm/venv/bin/gunicorn ${lib.getExe python.pkgs.gunicorn} \ - --replace /opt/bookwyrm/venv/bin/celery ${lib.getExe' python.pkgs.celery "celery"} \ - --replace /opt/bookwyrm $out - - sed -i /BindPath/d contrib/systemd/* - - python manage.py compile_themes - python manage.py collectstatic --no-input - ''; - - postInstall = '' - mkdir -p $out/lib/systemd/system - cp -r * .env $out - cp -r contrib/systemd/* $out/lib/systemd/system - ''; - - passthru = { - pythonPath = python.pkgs.makePythonPath propagatedBuildInputs; - gunicorn = python.pkgs.gunicorn; - celery = python.pkgs.celery; - manage = environmentFile: writeShellScriptBin "bookwyrm-manage.py" '' - set -a - ${if environmentFile != null - then "source ${environmentFile}" - else ""} - export PYTHONPATH=${passthru.pythonPath} - cd ${bookwyrm.outPath} - exec ${bookwyrm.outPath}/manage.py "$@" - ''; - }; - - # hacky hacky hack - shellHook = '' - export PYTHONPATH=${passthru.pythonPath} - ''; - }; -in bookwyrm diff --git a/pkgs/bookwyrm/default.nix b/pkgs/bookwyrm/default.nix new file mode 100644 index 0000000..e4c55bf --- /dev/null +++ b/pkgs/bookwyrm/default.nix @@ -0,0 +1,94 @@ +{ lib +, stdenvNoCC +, writeShellScriptBin +, writeText +, source-han-sans-vf-ttf +, bookwyrm-unwrapped +, settings ? { } +}: + +let + # set some dummy values to make the package build + settingsWithDefaults = { + DOMAIN = "localhost"; + DEBUG = false; + USE_HTTPS = false; + EMAIL = "your@email.here"; + PGPORT = 5432; + POSTGRES_USER = "bookwyrm"; + POSTGRES_DB = "bookwyrm"; + POSTGRES_HOST = "localhost"; + REDIS_ACTIVITY_HOST = "localhost"; + REDIS_ACTIVITY_PORT = 6379; + REDIS_BROKER_HOST = "localhost"; + REDIS_BROKER_PORT = 6379; + EMAIL_HOST = "smtp.example.com"; + EMAIL_PORT = 587; + EMAIL_HOST_USER = "mail@example.org"; + EMAIL_HOST_PASSWORD = "blub"; + MEDIA_ROOT = "/var/lib/bookwyrm/images"; + } // settings; + + # toShellVar produces "" for false, which bookwyrm rejects + toDjangoVar = name: value: lib.toShellVar name + (if value == false then "false" else + (if value == true then "true" else value)); + + envfile = writeText "bookwyrm.env" + (lib.strings.concatLines + (lib.mapAttrsToList toDjangoVar settingsWithDefaults)); + +in stdenvNoCC.mkDerivation (finalAttrs: { + pname = "bookwyrm"; + inherit (bookwyrm-unwrapped) version; + src = bookwyrm-unwrapped; + + dontConfigure = true; + + buildPhase = '' + runHook preBuild + + ln -s ${envfile} .env + # needed for the python settings.py file to not fail, but not + # used during the commands executed below, so this is safe + export SECRET_KEY=fnord + + export PYTHONPATH=${bookwyrm-unwrapped.pythonPath} + ./manage.py compile_themes + ./manage.py collectstatic --no-input + + ln -s ${source-han-sans-vf-ttf}/share/fonts/variable/SourceHanSans-VF.ttf.ttc static/fonts/source_han_sans/ + + substituteInPlace contrib/systemd/* \ + --replace /opt/bookwyrm/venv/bin/gunicorn ${lib.getExe bookwyrm-unwrapped.gunicorn} \ + --replace /opt/bookwyrm/venv/bin/celery ${lib.getExe' bookwyrm-unwrapped.celery "celery"} \ + --replace /opt/bookwyrm $out + + sed -i /BindPath/d contrib/systemd/* + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + mkdir -p $out/lib/systemd/system + cp -r * .env $out + cp -r contrib/systemd/* $out/lib/systemd/system + + runHook postInstall + ''; + + passthru = rec { + inherit (bookwyrm-unwrapped) celery gunicorn pythonPath; + manage = environmentFile: writeShellScriptBin "bookwyrm-manage.py" '' + set -a + ${if environmentFile != null + then "source ${environmentFile}" + else ""} + export PYTHONPATH=${pythonPath} + cd ${finalAttrs.finalPackage.outPath} + exec ${finalAttrs.finalPackage.outPath}/manage.py "$@" + ''; + }; +}) diff --git a/pkgs/bookwyrm/unwrapped.nix b/pkgs/bookwyrm/unwrapped.nix new file mode 100644 index 0000000..151a9b5 --- /dev/null +++ b/pkgs/bookwyrm/unwrapped.nix @@ -0,0 +1,80 @@ +{ lib +, fetchFromGitHub +, python +}: + +python.pkgs.buildPythonApplication rec { + pname = "bookwyrm-unwrapped"; + version = "0.7.5"; + + format = "other"; + + src = fetchFromGitHub { + owner = "bookwyrm-social"; + repo = "bookwyrm"; + rev = "refs/tags/v${version}"; + hash = "sha256-/oak9dEB2rR2z8b9oXVQ6+F2H7s0F5hVxmAlPdpaA0w="; + }; + + propagatedBuildInputs = with python.pkgs; [ + aiohttp + bleach + celery + colorthief + django + django-celery-beat + bw-file-resubmit + django-compressor + django-imagekit + django-model-utils + django-sass-processor + django-csp + django-oauth-toolkit + django-storages + django-pgtrigger + s3-tar + environs + flower + gunicorn + libsass + markdown + packaging + pillow + psycopg2 + pycryptodome + dateutil + redis + requests + responses + pytz + boto3 + django-storages + django-redis + opentelemetry-api + opentelemetry-exporter-otlp-proto-grpc + # opentelemetry-instrumentation-celery + opentelemetry-instrumentation-django + # opentelemetry-instrumentation-pyscopg2 + opentelemetry-sdk + protobuf + pyotp + qrcode + grpcio + ]; + + postInstall = '' + mkdir $out + cp -r * $out + ''; + + passthru = { + pythonPath = python.pkgs.makePythonPath propagatedBuildInputs; + gunicorn = python.pkgs.gunicorn; + celery = python.pkgs.celery; + }; + + # hacky hacky hack + shellHook = '' + export PYTHONPATH=${passthru.pythonPath} + ''; +} diff --git a/pkgs/default.nix b/pkgs/default.nix new file mode 100644 index 0000000..9e4b3b4 --- /dev/null +++ b/pkgs/default.nix @@ -0,0 +1,13 @@ +{ nixpkgs ? (import ./../inputs.nix {}).nixpkgs }: + +{ + inherit (nixpkgs) + galmon-core galmon-full almanac rustex + kijetesantakaluotokieni showrt isabelle-utils isabat + travelynx crs-tracker crs-php bahnhof-name matrix-to + hikari_unstable heartwood radicle-interface radicle-tui + inweb nomsring bookwyrm mollysocket git-annex-remote-remarkable2 + ntfy-matrix-bot transport_validator mergiraf git-who; + + pkgs = nixpkgs; +} diff --git a/pkgs/hikari.nix b/pkgs/hikari.nix new file mode 100644 index 0000000..afbc335 --- /dev/null +++ b/pkgs/hikari.nix @@ -0,0 +1,70 @@ +{ lib, stdenv, fetchzip +, pkg-config, bmake +, cairo, glib, libevdev, libinput, libxkbcommon, linux-pam, pango, pixman +, libucl, wayland, wayland-protocols, wayland-scanner, wlroots, mesa +, libdrm, libgbm +, features ? { + gammacontrol = true; + layershell = true; + screencopy = true; + xwayland = true; + } +}: + +stdenv.mkDerivation rec { + pname = "hikari"; + version = "2.3.3"; + + src = fetchzip { + url = "https://hikari.acmelabs.space/releases/${pname}-${version}.tar.gz"; + sha256 = "sha256-5Ug0U3ESC5F/gj7bahnLYkeY/weSCj0QASwdFuWwdMI="; + }; + + nativeBuildInputs = [ pkg-config bmake ]; + + buildInputs = [ + cairo + glib + libevdev + libinput + libxkbcommon + libdrm + libgbm + linux-pam + pango + pixman + libucl + mesa # for libEGL + wayland + wayland-protocols + wayland-scanner + wlroots + ]; + + patches = [ ./patches/hikari-gtk4.patch ]; + + enableParallelBuilding = true; + + makeFlags = with lib; [ "PREFIX=$(out)" "DEBUG=YES" ] + ++ optional stdenv.isLinux "WITH_POSIX_C_SOURCE=YES" + ++ mapAttrsToList (feat: enabled: + optionalString enabled "WITH_${toUpper feat}=YES" + ) features; + + postPatch = '' + # Can't suid in nix store + # Run hikari as root (it will drop privileges as early as possible), or create + # a systemd unit to give it the necessary permissions/capabilities. + substituteInPlace Makefile --replace '4555' '555' + + sed -i 's@<drm_fourcc.h>@<libdrm/drm_fourcc.h>@' src/*.c + ''; + + meta = with lib; { + description = "package definition kept around since it was removed in nixpkgs"; + homepage = "https://hikari.acmelabs.space"; + license = licenses.bsd2; + platforms = platforms.linux ++ platforms.freebsd; + maintainers = with maintainers; [ jpotier ]; + }; +} diff --git a/pkgs/mollysocket.nix b/pkgs/mollysocket.nix index 8ac434d..a58c1a0 100644 --- a/pkgs/mollysocket.nix +++ b/pkgs/mollysocket.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "mollysocket"; - version = "1.2.0"; + version = "1.5.3"; src = fetchFromGitHub { owner = "mollyim"; repo = "mollysocket"; rev = "${version}"; - hash = "sha256-9yXC64i5NeSjsLnjgNtA+qkhE7i+Ku1Cu8B9xDajD9Y="; + hash = "sha256-2OWkPTbrD4oXHoB+qszVjLr0e/AUuNnuaYXZ3kOyuxg="; }; - cargoHash = "sha256-vqi18y1Z9Fo1P6ihdN1LCK6Trr7fcfzCsQfPNt0MYNk="; + cargoHash = "sha256-fR87PUgb+F2Q4vRYUonmGi6JzJLvGWPEKhwHw+TAsyQ="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/nomsring/nomsring.cabal b/pkgs/nomsring/nomsring.cabal index 0ee04a3..ea3625f 100644 --- a/pkgs/nomsring/nomsring.cabal +++ b/pkgs/nomsring/nomsring.cabal @@ -13,7 +13,7 @@ common warnings executable nomsring import: warnings main-is: Main.hs - build-depends: base ^>=4.17.2.1 + build-depends: base , cgi ^>=3001.5 , data-clist ^>= 0.2 default-language: GHC2021 diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix index 4d1d55d..687d5cf 100644 --- a/pkgs/overlay.nix +++ b/pkgs/overlay.nix @@ -1,8 +1,9 @@ -{ inputs, ... }: +{ inputs ? import ../inputs.nix }: + self: super: let - unstable = inputs.nixpkgs-unstable.legacyPackages.${self.system}; + unstable = inputs.nixpkgs-unstable; crs-tools = self.callPackage ./crs-tools.nix {}; rustPlatform = self.makeRustPlatform { cargo = self.rust-bin.stable.latest.minimal; @@ -11,12 +12,7 @@ let radicle = import ./radicle.nix; in { - beamPackages = super.beam.packagesWith self.erlang; - elixir = self.beamPackages.elixir; - erlang = super.erlang_nox; - - inherit (unstable) lean4; - + beam = super.beam_minimal; git-annex-remote-remarkable2 = self.callPackage ({ rustPlatform, fetchgit, ... }: @@ -25,7 +21,7 @@ in src = fetchgit { url = "https://stuebinm.eu/git/git-annex-remote-remarkable2"; rev = "refs/heads/main"; - hash = "sha256-ZDoZFFADti3ZwLZqeP/F3BbW+Csuprw6+1LBBQIjnlo="; + hash = "sha256-Lgo+9FxJQ/ozBf79llYBu10JYMDvXn2vYkHbOZjRu/Y="; }; cargoLock.lockFile = "${src.outPath}/Cargo.lock"; }) { }; @@ -35,18 +31,16 @@ in galmon-core = self.callPackage ./galmon.nix {}; galmon-full = self.callPackage ./galmon.nix { buildAll = true; }; - hikari = super.hikari.overrideAttrs (old: { - makeFlags = old.makeFlags ++ [ "DEBUG=YES" ]; - patches = [ ./patches/hikari-gtk4.patch ]; - }); - - akkoma-fe = super.akkoma-frontends.akkoma-fe.overrideAttrs (old: { - patches = [ ./patches/akkoma-fe-toki-pona.patch ]; + akkoma-fe = super.akkoma-fe.overrideAttrs (old: { + patches = [ + ./patches/akkoma-fe-toki-pona.patch + ./patches/akkoma-fe-toki-pona-2.patch + ]; }); - akkoma = super.akkoma.overrideAttrs (old: { + akkoma = (self.callPackage ./akkoma {}).overrideAttrs { patches = [ ./patches/akkoma-toki-pona.patch ]; - }); + }; cgit = super.cgit.overrideAttrs (old: { patches = [ ./patches/cgit-main-instead-of-master.patch ]; @@ -55,10 +49,43 @@ in almanac = self.rustPlatform.buildRustPackage rec { pname = "almanac"; version = "git"; - src = inputs.almanac.outPath; + src = inputs.almanac; cargoLock.lockFile = "${src}/Cargo.lock"; }; + mergiraf = self.rustPlatform.buildRustPackage rec { + pname = "mergiraf"; + version = "git"; + src = self.fetchgit { + url = "https://codeberg.org/mergiraf/mergiraf"; + rev = "v0.2.0"; + hash = "sha256-egtX2daCbPXi5rX2OxbEZA/VI9R4HMj5LRKbUEBFo+E="; + }; + # TODO: probably unnecessary once we are on nixpkgs 24.11; earlier version + # hardcode --frozen here, but cargo wants --offline. + # the postBuild hook is necessary to set up things for the install hook + buildPhase = '' + cargo build -j $NIX_BUILD_CORES \ + --target x86_64-unknown-linux-gnu \ + --release \ + --offline + + runHook postBuild + ''; + # no idea why this didn't work with either test or build inputs .. + preCheck = '' + export PATH=$PATH:${self.gitMinimal}/bin + ''; + cargoLock = { + lockFile = "${src}/Cargo.lock"; + outputHashes = { + "tree-sitter-go-0.23.1" = "sha256-elPqkvVYs0vADOuN/umDteWP5hqcXhQAoSkqYDtTxaU="; + "tree-sitter-xml-0.7.0" = "sha256-RTWvOUAs3Uql9DKsP1jf9FZZHaZORE40GXd+6g6RQZw="; + "tree-sitter-yaml-0.6.1" = "sha256-gS+SjOnGl/86U9VV/y1ca7naYIe7DAOvOv++jCRLTKo="; + }; + }; + }; + rustex = rustPlatform.buildRustPackage rec { pname = "rustex"; version = "git"; @@ -157,10 +184,10 @@ in }; in '' ln -sf ${TwemojiMozilla-colr} \ - node_modules/matrix-react-sdk/res/fonts/Twemoji_Mozilla/TwemojiMozilla-colr.woff2 + res/fonts/Twemoji_Mozilla/TwemojiMozilla-colr.woff2 ln -sf ${TwemojiMozilla-sbix} \ - node_modules/matrix-react-sdk/res/fonts/Twemoji_Mozilla/TwemojiMozilla-sbix.woff2 - substituteInPlace node_modules/matrix-react-sdk/src/stores/room-list/ListLayout.ts \ + res/fonts/Twemoji_Mozilla/TwemojiMozilla-sbix.woff2 + substituteInPlace src/stores/room-list/ListLayout.ts \ --replace "TILE_HEIGHT_PX = 44" "TILE_HEIGHT_PX = 32" ''; }; @@ -178,7 +205,7 @@ in , lib, stm, text, time, vector, wai, wai-extra, warp }: mkDerivation { - pname = "bahnhof.name"; + pname = "bahnhof-name"; version = "0.2.0.0"; src = inputs.bahnhof-name; isLibrary = false; @@ -188,6 +215,7 @@ in http-client-openssl http-types stm text time vector wai wai-extra warp ]; + jailbreak = true; mainProgram = "bahnhof-name"; license = lib.licenses.eupl12; postInstall = '' @@ -199,6 +227,8 @@ in nomsring = super.haskellPackages.callPackage ./nomsring {}; + apply-config = self.callPackage ./apply-config {}; + #### sporadically maintained / updated #### hikari_unstable = (unstable.hikari.overrideAttrs (old: { @@ -208,6 +238,42 @@ in [ "PREFIX=$(out)" "WITH_POSIX_C_SOURCE=YES" "WITH_GAMMACONTROL=YES" "WITH_LAYERSHELL=YES" "WITH_SCREENCOPY=YES" ]; })).override { wlroots = unstable.wlroots_0_16; stdenv = self.clangStdenv; }; + twelf = super.twelf.overrideAttrs (old: { + src = self.fetchFromGitHub { + owner = "k4rtik"; + repo = "twelf"; + rev = "c1bec0d0b9fa506e36bb364b1765191b159e6c4c"; + hash = "sha256-sh/yMlCvMMq6GBqAKO+V0Bcyp38zB7I/3H8a0fxqOos="; + }; + }); + + git-who = self.buildGoModule rec { + pname = "git-who"; + version = "1.1"; + + src = (self.fetchFromGitHub { + owner = "sinclairtarget"; + repo = "git-who"; + rev = "v${version}"; + hash = "sha256-H6RbmkM8/n0HDMI3auz6YyEn/vsfXWk5ig+pBhZG3nI="; + # submodules contain test data and have ssh urls, hence this absurdity + fetchSubmodules = true; + leaveDotGit = true; + }).overrideAttrs { + GIT_CONFIG_COUNT = 1; + GIT_CONFIG_KEY_0 = "url.https://github.com/.insteadOf"; + GIT_CONFIG_VALUE_0 = "git@github.com:"; + }; + + vendorHash = "sha256-e2P7szjtAn4EFTy+eGi/9cYf/Raw/7O+PbYEOD8i3Hs="; + + nativeCheckInputs = [ self.gitMinimal ]; + }; + + + hikari = self.callPackage ./hikari.nix { wlroots = self.wlroots_0_15; }; + + wlroots_0_15 = self.callPackage ./wlroots_0_15.nix {}; travelynx = self.callPackage ./travelynx.nix {}; @@ -215,13 +281,14 @@ in #### packaged mostly as shitpost / to play around with #### - bookwyrm = (self.callPackage ./bookwyrm.nix { - python = super.python311.override ({ + bookwyrm = self.callPackage ./bookwyrm {}; + bookwyrm-unwrapped = (self.callPackage ./bookwyrm/unwrapped.nix { + python = super.python312.override ({ packageOverrides = self: super: { - django = super.django_3; - python-crontab = super.python-crontab.overridePythonAttrs (_: { doCheck = false; }); django-sass-processor = self.callPackage ./python/django-sass-processor.nix {}; django-imagekit = self.callPackage ./python/django-imagekit.nix {}; + django-pgtrigger = self.callPackage ./python/django-pgtrigger.nix {}; + s3-tar = self.callPackage ./python/s3-tar.nix {}; bw-file-resubmit = self.callPackage ./python/bw-file-resubmit.nix {}; }; }); diff --git a/pkgs/patches/akkoma-fe-toki-pona-2.patch b/pkgs/patches/akkoma-fe-toki-pona-2.patch new file mode 100644 index 0000000..3dc549b --- /dev/null +++ b/pkgs/patches/akkoma-fe-toki-pona-2.patch @@ -0,0 +1,13 @@ +diff --git a/src/lib/post_language.js b/src/lib/post_language.js +index 7dcaebce..4d146773 100644 +--- a/src/lib/post_language.js ++++ b/src/lib/post_language.js +@@ -3,7 +3,7 @@ import { computed } from 'vue' + + export const usePostLanguageOptions = () => { + const postLanguageOptions = computed(() => { +- return iso6391.getAllCodes().map(lang => ({ ++ return iso6391.getAllCodes().concat(['tok']).map(lang => ({ + key: lang, + value: lang, + label: lang, diff --git a/pkgs/patches/akkoma-fe-toki-pona.patch b/pkgs/patches/akkoma-fe-toki-pona.patch index 281fdfc..b556fb6 100644 --- a/pkgs/patches/akkoma-fe-toki-pona.patch +++ b/pkgs/patches/akkoma-fe-toki-pona.patch @@ -4,23 +4,9 @@ Date: Fri, 23 Jun 2023 01:56:43 +0200 Subject: [PATCH] mi la, toki pona li pona a --- - src/components/post_status_form/post_status_form.js | 2 +- src/services/locale/locale.service.js | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) -diff --git a/src/components/post_status_form/post_status_form.js b/src/components/post_status_form/post_status_form.js -index 5647a9eb..25180ba9 100644 ---- a/src/components/post_status_form/post_status_form.js -+++ b/src/components/post_status_form/post_status_form.js -@@ -303,7 +303,7 @@ const PostStatusForm = { - mobileLayout: state => state.interface.mobileLayout - }), - isoLanguages () { -- return iso6391.getAllCodes(); -+ return iso6391.getAllCodes().concat(['tok']); - } - }, - watch: { diff --git a/src/services/locale/locale.service.js b/src/services/locale/locale.service.js index 8cef2522..8bee6ad2 100644 --- a/src/services/locale/locale.service.js diff --git a/pkgs/python/django-imagekit.nix b/pkgs/python/django-imagekit.nix index 9a11a4f..f746db7 100644 --- a/pkgs/python/django-imagekit.nix +++ b/pkgs/python/django-imagekit.nix @@ -9,12 +9,12 @@ buildPythonPackage rec { pname = "django-imagekit"; - version = "4.1.0"; + version = "5.0.0"; format = "setuptools"; src = fetchPypi { inherit pname version; - hash = "sha256-5VmuquQ6M7NPh2Man6VpZFXkRR/6c4pCY1/eRC/trFw="; + hash = "sha256-qun3So6bbOtdFffY4mYwKQHnbZ9TLHi9UTXLD6IGprA="; }; propagatedBuildInputs = [ diff --git a/pkgs/python/django-pgtrigger.nix b/pkgs/python/django-pgtrigger.nix new file mode 100644 index 0000000..be266b4 --- /dev/null +++ b/pkgs/python/django-pgtrigger.nix @@ -0,0 +1,25 @@ +{ lib +, buildPythonPackage +, fetchPypi +, django +, python +, poetry-core +, s3-tar +}: + +buildPythonPackage rec { + pname = "django_pgtrigger"; + version = "4.13.2"; + pyproject = true; + + src = fetchPypi { + inherit pname version; + hash = "sha256-9NkG3zpt3hq8QriLNRvZQsGA/ijftmT/TnZuvivY/YE="; + }; + + nativeCheckInputs = [ + django + poetry-core + s3-tar + ]; +} diff --git a/pkgs/python/django-sass-processor.nix b/pkgs/python/django-sass-processor.nix index 90bba5f..8566bea 100644 --- a/pkgs/python/django-sass-processor.nix +++ b/pkgs/python/django-sass-processor.nix @@ -8,13 +8,13 @@ }: buildPythonPackage rec { - pname = "django-sass-processor"; - version = "1.2.2"; + pname = "django_sass_processor"; + version = "1.4.1"; format = "setuptools"; src = fetchPypi { inherit pname version; - hash = "sha256-9gmMGBzJWiFZPfa7UCeR4yAVYVIigD3iFv3Mi7QsD3c="; + hash = "sha256-Hp0Edp922Ju/d7myebqD36ytnJjAPKiljs/CnZl+b88="; }; propagatedBuildInputs = [ diff --git a/pkgs/python/s3-tar.nix b/pkgs/python/s3-tar.nix new file mode 100644 index 0000000..8778bc7 --- /dev/null +++ b/pkgs/python/s3-tar.nix @@ -0,0 +1,21 @@ +{ lib +, buildPythonPackage +, fetchPypi +, python +, boto3 +}: + +buildPythonPackage rec { + pname = "s3-tar"; + version = "0.1.13"; + format = "setuptools"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-0LPuK/NYp+mVFUlrlAdrbrsT8kM6WhVfg5Jb1LW9wgU="; + }; + + propagatedBuildInputs = [ + boto3 + ]; +} diff --git a/pkgs/travelynx.nix b/pkgs/travelynx.nix index 384a660..2b00a2f 100644 --- a/pkgs/travelynx.nix +++ b/pkgs/travelynx.nix @@ -162,7 +162,6 @@ let perlWithPackages = perl.withPackages (_: [ Cache - # CacheCache CAMPDF CryptEksblowfish DateTime @@ -207,6 +206,7 @@ let mkdir -p $out cp -r * $out ''; + passthru.perl = perlWithPackages; }; in travelynx diff --git a/pkgs/wlroots_0_15.nix b/pkgs/wlroots_0_15.nix new file mode 100644 index 0000000..6b63e4c --- /dev/null +++ b/pkgs/wlroots_0_15.nix @@ -0,0 +1,121 @@ +{ lib +, stdenv +, fetchFromGitLab +, meson +, ninja +, pkg-config +, wayland-scanner +, libGL +, wayland +, wayland-protocols +, libinput +, libxkbcommon +, pixman +, libcap +, mesa +, xorg +, libpng +, ffmpeg_4 +, ffmpeg +, hwdata +, seatd +, vulkan-loader +, glslang +, libliftoff +, libdisplay-info +, libdrm +, libgbm +, cmake +, nixosTests + +, enableXWayland ? true +, xwayland ? null +}: + +let + version = "0.15.2"; +in +stdenv.mkDerivation { + + pname = "wlroots"; + inherit version; + + inherit enableXWayland; + + src = fetchFromGitLab { + domain = "gitlab.freedesktop.org"; + owner = "wlroots"; + repo = "wlroots"; + rev = version; + hash = "sha256-MFR38UuB/wW7J9ODDUOfgTzKLse0SSMIRYTpEaEdRwM="; + }; + + CFLAGS = [ "-Wno-calloc-transposed-args" ]; + + postPatch = '' + substituteInPlace backend/drm/meson.build \ + --replace /usr/share/hwdata/ ${hwdata}/share/hwdata/ + ''; + + # $out for the library and $examples for the example programs (in examples): + outputs = [ "out" "examples" ]; + + strictDeps = true; + depsBuildBuild = [ pkg-config ]; + + nativeBuildInputs = [ meson ninja pkg-config wayland-scanner glslang cmake ]; + + buildInputs = [ + libGL + libdrm + libgbm + libcap + libinput + libpng + libxkbcommon + mesa + pixman + seatd + vulkan-loader + wayland + wayland-protocols + xorg.libX11 + xorg.xcbutilerrors + xorg.xcbutilimage + xorg.xcbutilrenderutil + xorg.xcbutilwm + ffmpeg_4 + ] + ++ lib.optional enableXWayland xwayland; + + mesonFlags = + lib.optional (!enableXWayland) "-Dxwayland=disabled" + ; + + postFixup = '' + # Install ALL example programs to $examples: + # screencopy dmabuf-capture input-inhibitor layer-shell idle-inhibit idle + # screenshot output-layout multi-pointer rotation tablet touch pointer + # simple + mkdir -p $examples/bin + cd ./examples + for binary in $(find . -executable -type f -printf '%P\n' | grep -vE '\.so'); do + cp "$binary" "$examples/bin/wlroots-$binary" + done + ''; + + # Test via TinyWL (the "minimum viable product" Wayland compositor based on wlroots): + passthru.tests.tinywl = nixosTests.tinywl; + + meta = { + description = "A modular Wayland compositor library"; + longDescription = '' + Pluggable, composable, unopinionated modules for building a Wayland + compositor; or about 50,000 lines of code you were going to write anyway. + ''; + changelog = "https://gitlab.freedesktop.org/wlroots/wlroots/-/tags/${version}"; + license = lib.licenses.mit; + platforms = lib.platforms.linux; + maintainers = with lib.maintainers; [ primeos synthetica rewine ]; + }; + } diff --git a/secrets/common.yaml b/secrets/common.yaml index 7fc1a30..1eecebd 100644 --- a/secrets/common.yaml +++ b/secrets/common.yaml @@ -1,5 +1,5 @@ monit: - mail: ENC[AES256_GCM,data:QOq9eDdG4r81V1q9N7rCIIjfAhynv7sGMvZs7qdb5tu4qSXp4xcLhE2nk8cJR+XUChi83AC29YH3H7pP17XpguzF,iv:QL6vN7z30QrZDYudmuIg59Kf01TmPZW1UOwh4qWttqc=,tag:SeA5ur9L0cun4RebVRhWCQ==,type:str] + mail: ENC[AES256_GCM,data:FdnK81GT/itLxXRWPlsafj4eifrqFN2s7BOPcS33hS5x0R/cNyu/Ykx3ZJQQM0/M9siQ+o05Q2OWCiY6kSqNv7a1,iv:8kTMHSXZCgku551eAE35DwIj5BDWYMmArVyXAmxitWc=,tag:CZT/XHW83qOsLGWfSH6Jaw==,type:str] sops: kms: [] gcp_kms: [] @@ -33,8 +33,8 @@ sops: dWcwWnpYQnRsTWhzZ3JvYk1XUC9iUzQKApP0h4UxJmCKOOHUN+lkt2dSVCljpP03 +0kxmI1ex6aTH9lxQuNBa99OJ2XWZ2/Bmx/sWD7NzcNlRSW/aGMOfg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-07T17:49:12Z" - mac: ENC[AES256_GCM,data:Veg4lSarFpVaY71tFL0mOR6A/WDxB07O9RXtsxZcukEQqEmay85bJ/C7paoCO+EwU/1isupNA6kWgRGbrV3ts2dUGLQG55MpkK3dRaaADHkV3GThOwvASxer37SznZNvIj1TiVS55UcOl3d+hDI3q5rhQ2RrCHy5dVDvbnG92AM=,iv:jNb8fbNnezWn6Qe717sLGJmUesxR2LAVrQpKpvB5CXA=,tag:/OuZBnDnN4YB5MWJ29usLQ==,type:str] + lastmodified: "2024-12-06T14:52:14Z" + mac: ENC[AES256_GCM,data:aFuvWKss5qIYXhIDlrup9wAhwqUJkmBrfma3fArtb6Ch+jzLnpeAx5uzbjoAZt73H6SaWa8OR9nM72R3ayvf3AFalK9Drb5vBS/bxFD8Xq0I0POsGrroaX4h0wzsvXyU829HD4C2OsxS7qfayhlBWcICKQRN+2nbltzwf0OB0IM=,iv:rogSHSLL6yS5Hs5jdd9mMC5UVTxiPbuFViOj8Lks+0E=,tag:FNdHhC0mYmQ9oZAviHKFjg==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.8.1 + version: 3.9.1 diff --git a/secrets/flora.yaml b/secrets/flora.yaml index 589010a..f070ace 100644 --- a/secrets/flora.yaml +++ b/secrets/flora.yaml @@ -5,7 +5,7 @@ akkoma: signingSalt: ENC[AES256_GCM,data:/htaDciCAhI=,iv:MV4vYD+qaNBicKZEmYffGfTqE2AQgfUdQVjTrLGPMck=,tag:/Of2A9X2QeE6k4lHwWKcOQ==,type:str] jokenDefaultSigner: ENC[AES256_GCM,data:1Wl/N58oiGiGeBHSkJPqLeHOyBmVgLGshAmTyi2H8cu7w/tIHMxW2sd11hhzyq2FCNVsL3Bi+yXgydG7uCl5yw==,iv:criEzJfQMsAUZ7tnIQvr9HOqn7NjBBzXL+rFAgzohPY=,tag:+izDkiUEfwD1+Ym2OuZRnA==,type:str] mollysocket: - config.toml: ENC[AES256_GCM,data:FGT6QOpqaf74yKmUFyyeAPLLv1BEtXZvLrUZw9bCG3hjmd2oUqcX2EGSWWICik3bnfgwYtQAnORg,iv:wEaK5COW9Gm7Hux+Kt8/Md+O/ygSWUk65gMnD6Mnw2g=,tag:4AhZs2vVE2oYErJOC5lMEw==,type:str] + config.toml: ENC[AES256_GCM,data:i7p6ZwsXuRcgSdqRML81UJF07fgQMpT6zJOre6mzm7FSFJY8Y+xN6b6F1LsGENZxZmrPCYHgDOC3sCZGqOAdkbNKg9HVBVEfdDNf4bV9br/+FMM/c+GFRhTwmQMHlwKp1jWCK9m9UktxQZ1rpRMWo5HIWlU5yATs0Q==,iv:IutMOB6Yc1Qqe0MXU31PxZ3rLgvmKo5H0tYkOuk0cao=,tag:OJxfHMB2PotRpCbMqr3wFw==,type:str] sops: kms: [] gcp_kms: [] @@ -30,8 +30,8 @@ sops: SEx0Y2tsaGtkV3dMd0t0ejl3WVkwOW8KTpb14yYJ1bOeLquOrmworNqiwYoZSYiQ LkLkXKSGf6T3BrL0t0bM3fgwSQN3k92GGsEZzY7I2hhxZoNXGBOaKg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-07T17:49:23Z" - mac: ENC[AES256_GCM,data:xPJv1ReXaYtCfvVPXUj+ybPlCE2KkDhF4AAS6nH5l/gy3R5FJsaQZcU784gaqKUcAa74591ENt2Ch7scVlpO3w1y+XHnO51ddgjJ0RXsll3PMaMy3B9dIoxjORBEt7pLNTFPGDkWdbSTPeF9JUypJVvAyC08l0tn3yeCM3oNKEo=,iv:qMk16+6GDb4bqO0ZoV7H1MAOu0K52i3THxOgFd8hYFk=,tag:zMxqN1S60loHfAYKhNn6Cg==,type:str] + lastmodified: "2024-12-03T22:54:22Z" + mac: ENC[AES256_GCM,data:YrTRkLgLk3882XApFOAOHg3ItsY32bOfQ1u6FaHH40y+IaNNdb5iOPf0JDxGLy5RqUucWP3BkuMQSHHGVTQ7CZwBEzOR2Z4X0uOHy/g+a6fUp3J4IV3DjFH14b9gqRevas7IXZeC0ZzlxJVbB6f82TeB1V7gAPLpM3OX6p7i4Ks=,iv:lroONyxLKZw788k2IXCellEYR00rVgbHpgixTWY7vcA=,tag:HmSoOfGJiKvigkbG1Sr6wQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 diff --git a/surltesh-echer/configuration.scm b/surltesh-echer/configuration.scm index e97a9f3..7c679c8 100644 --- a/surltesh-echer/configuration.scm +++ b/surltesh-echer/configuration.scm @@ -11,8 +11,7 @@ emacs terminals wm xdisorg shells admin - version-control - nss) + version-control) (use-service-modules desktop base) @@ -52,9 +51,7 @@ ;; window managers hikari emacs kitty fuzzel git - fish - ;; for HTTPS access - nss-certs) + fish) %base-packages)) ;; Use the "desktop" services, which include the X11 diff --git a/surltesh-echer/home/home-configuration.scm b/surltesh-echer/home/home-configuration.scm index 9e87bac..728cfba 100644 --- a/surltesh-echer/home/home-configuration.scm +++ b/surltesh-echer/home/home-configuration.scm @@ -71,7 +71,7 @@ (url "https://git.savannah.gnu.org/git/guix.git") (branch "master") (commit - "5a95cf76e1d0f9fdff5b232b42337c657b76d1d4") + "7a89bbffd081129da8c2c5b58b4e12133bf210c5") (introduction (make-channel-introduction "9edb3f66fd807b096b48283debdcddccfea34bad" diff --git a/tests/default.nix b/tests/default.nix new file mode 100644 index 0000000..06d2f52 --- /dev/null +++ b/tests/default.nix @@ -0,0 +1,6 @@ +{ system ? "x86_64-linux", nixpkgs ? (import ../inputs.nix { inherit system; }).nixpkgs-boring }: + +{ + bookwyrm = nixpkgs.nixosTest ./bookwyrm.nix; + travelynx = nixpkgs.nixosTest ./travelynx.nix; +} diff --git a/tests/travelynx.nix b/tests/travelynx.nix new file mode 100644 index 0000000..d15899e --- /dev/null +++ b/tests/travelynx.nix @@ -0,0 +1,80 @@ +{ + name = "travelynx-prove-test-suite"; + + nodes.travelynx = { config, pkgs, ... }: { + + services.postgresql = { + enable = true; + ensureDatabases = [ "travelynx" ]; + ensureUsers = [{ + name = "travelynx"; + ensureDBOwnership = true; + }]; + authentication = '' + host all all ::1/127 trust + ''; + }; + + environment.etc."/travelynx".source = pkgs.travelynx; + + environment.etc."/travelynx.conf".text = '' + { + base_url => Mojo::URL->new('http://localhost'), + + cache => { + schedule => './var/cache/travelynx/iris', + realtime => './var/cache/travelynx/iris-rt', + }, + + db => { + host => 'localhost', + port => 5432, + database => 'travelynx', + user => 'travelynx', + }, + + hypnotoad => { + accepts => 100, + clients => 10, + listen => [ 'http://127.0.0.1:8093' ], + pid_file => '/tmp/travelynx.pid', + workers => 2, + spare => 2, + }, + + mail => { + disabled => 1, + }, + + ref => { + issues => 'https://github.com/derf/travelynx/issues', + source => 'https://github.com/derf/travelynx', + }, + + secrets => [ + "secret" + ], + + version => 'vm-test', + }; + ''; + + environment.systemPackages = [ pkgs.travelynx.perl ]; + }; + + testScript = '' + machine.start() + machine.wait_for_unit("postgresql.service") + + machine.succeed("cp -r /etc/travelynx/* .") + machine.succeed("chmod +w -R .") + machine.succeed("cp /etc/travelynx.conf .") + + machine.succeed("./index.pl database migrate") + + # this executes travelynx's own test suite, which requires a working database + # & networking, hence i didn't put it into the package's test phase + # (also, it seems to be failing?) + machine.succeed("prove") + ''; +} |