Compare commits
23 commits
4d6acdbb41
...
71fbf8606e
Author | SHA1 | Date | |
---|---|---|---|
chayleaf | 71fbf8606e | ||
chayleaf | ef8c0dec63 | ||
chayleaf | ebab2df5c1 | ||
chayleaf | 7f829af357 | ||
chayleaf | 5bfcdf6e65 | ||
chayleaf | 0cc3ec10b3 | ||
chayleaf | ceeb526ec5 | ||
chayleaf | 598044863f | ||
chayleaf | 7535990be0 | ||
chayleaf | dcdb5f3734 | ||
chayleaf | 91a8a50c7b | ||
chayleaf | 5b0b925fe3 | ||
chayleaf | ece8104cf2 | ||
chayleaf | 891fa83f01 | ||
chayleaf | 8948db4dac | ||
chayleaf | 4e840ce3b3 | ||
chayleaf | 1ccdb2bd47 | ||
chayleaf | 1d77aed15f | ||
chayleaf | 67f43298e8 | ||
chayleaf | eda0322bc7 | ||
chayleaf | ce2d2e4a78 | ||
chayleaf | 73b1b3b47d | ||
chayleaf | ac5d7923fa |
11
COPYING
11
COPYING
|
@ -1 +1,10 @@
|
||||||
public domain/0BSD
|
Permission to use, copy, modify, and/or distribute this software for any
|
||||||
|
purpose with or without fee is hereby granted.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
|
||||||
|
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||||
|
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
|
||||||
|
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
||||||
|
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
|
||||||
|
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||||
|
PERFORMANCE OF THIS SOFTWARE.
|
||||||
|
|
103
flake.lock
103
flake.lock
|
@ -69,11 +69,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1693611461,
|
"lastModified": 1698882062,
|
||||||
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
|
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
|
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -107,11 +107,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696446489,
|
"lastModified": 1700419052,
|
||||||
"narHash": "sha256-xSjMKdNR+q/3hdSPyg/LUMsZT/WIoUi8dcm5zT4SMUQ=",
|
"narHash": "sha256-U6a5f9ynbzcp8PMIHULbHPkbwp7YfPKOYmTcLqlalD4=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "68f7d8c0fb0bfc67d1916dd7f06288424360d43a",
|
"rev": "993fb02d20760067b8ee19c713d94cee07037759",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -122,11 +122,11 @@
|
||||||
},
|
},
|
||||||
"impermanence": {
|
"impermanence": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1694622745,
|
"lastModified": 1697303681,
|
||||||
"narHash": "sha256-z397+eDhKx9c2qNafL1xv75lC0Q4nOaFlhaU1TINqb8=",
|
"narHash": "sha256-caJ0rXeagaih+xTgRduYtYKL1rZ9ylh06CIrt1w5B4g=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "impermanence",
|
"repo": "impermanence",
|
||||||
"rev": "e9643d08d0d193a2e074a19d4d90c67a874d932e",
|
"rev": "0f317c2e9e56550ce12323eb39302d251618f5b5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -143,11 +143,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697331506,
|
"lastModified": 1700512623,
|
||||||
"narHash": "sha256-N6RD9EudU+i7SJO3z3S309XQRhp81iqaN9G9sxRtVts=",
|
"narHash": "sha256-UpIxPW8Y5RauHugB9GRXge77vEs77RycZEDhh41V6Lc=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "maubot.nix",
|
"repo": "maubot.nix",
|
||||||
"rev": "cf32a2873523c80cebdd1ee409c45593040944b8",
|
"rev": "efe241fe720dfc9799348e5b12e7d55facd4bafa",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -181,11 +181,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696468271,
|
"lastModified": 1700468447,
|
||||||
"narHash": "sha256-ZpzAIqs8VmgRDz+rBe28+TErlXkhzrgPKg3YKYraReE=",
|
"narHash": "sha256-CGCewYuVPnlyC6cFHNrYVEx5BwFPZuEUA466odTS8wQ=",
|
||||||
"owner": "fufexan",
|
"owner": "fufexan",
|
||||||
"repo": "nix-gaming",
|
"repo": "nix-gaming",
|
||||||
"rev": "cc55064e30efdf1b1ad3df4d39983314ef440aae",
|
"rev": "cd4ca3d39babd063f36b6a46b31bf9a1be2ee7cc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -196,11 +196,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696614066,
|
"lastModified": 1700392353,
|
||||||
"narHash": "sha256-nAyYhO7TCr1tikacP37O9FnGr2USOsVBD3IgvndUYjM=",
|
"narHash": "sha256-KARn8aVJu5fdW0jdJYoOQ1SPqWlNdz4l7r90NbArWSY=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "bb2db418b616fea536b1be7f6ee72fb45c11afe0",
|
"rev": "2b00bc76dc893cd996a3d76a2f059d657a5ef37a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -225,11 +225,11 @@
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1689976554,
|
"lastModified": 1700085753,
|
||||||
"narHash": "sha256-uWJq3sIhkqfzPmfB2RWd5XFVooGFfSuJH9ER/r302xQ=",
|
"narHash": "sha256-qtib7f3eRwfaUF+VziJXiBcZFqpHCAXS4HlrFsnzzl4=",
|
||||||
"owner": "simple-nixos-mailserver",
|
"owner": "simple-nixos-mailserver",
|
||||||
"repo": "nixos-mailserver",
|
"repo": "nixos-mailserver",
|
||||||
"rev": "c63f6e7b053c18325194ff0e274dba44e8d2271e",
|
"rev": "008d78cc21959e33d0d31f375b88353a7d7121ae",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -245,11 +245,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696627040,
|
"lastModified": 1698842376,
|
||||||
"narHash": "sha256-HOG11+J/akMF/egPoVcVSk4nhFFQOuCl1K8pWjdZIL0=",
|
"narHash": "sha256-bQN00rn8GFwUt1uX8gPuhjdWo3Ev4z+wRcD/ziKUcRQ=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "nixos-router",
|
"repo": "nixos-router",
|
||||||
"rev": "fd1c895481286b80759b128b082c7a4cc132614a",
|
"rev": "e91a680d9e643208d818aafd15523ce2e387be2d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -260,16 +260,16 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696375444,
|
"lastModified": 1700509298,
|
||||||
"narHash": "sha256-Sv0ICt/pXfpnFhTGYTsX6lUr1SljnuXWejYTI2ZqHa4=",
|
"narHash": "sha256-I2BUpeOm77z+QpUPikxzjNw6bfLQ7ytN9TIUULv8y5Q=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "81e8f48ebdecf07aab321182011b067aafc78896",
|
"rev": "929e4c17a6016102ce8c0e8888fee06f8e62973e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"ref": "nixos-unstable",
|
"ref": "release-23.11",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -277,11 +277,11 @@
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "lib",
|
"dir": "lib",
|
||||||
"lastModified": 1693471703,
|
"lastModified": 1698611440,
|
||||||
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
|
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
|
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -292,22 +292,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs2": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1696696817,
|
|
||||||
"narHash": "sha256-K8/YirUEkUD1Xd9Qg5R9czYU03M8wDN5W3DYns9F0rc=",
|
|
||||||
"owner": "nixos",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "0df1d6c8cac8e8dc08f42bfe062a1025555c9b6a",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nixos",
|
|
||||||
"ref": "master",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"notlua": {
|
"notlua": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -315,11 +299,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1691609126,
|
"lastModified": 1697413333,
|
||||||
"narHash": "sha256-InbGoENdL8LNT/09pl7AW5uv2ZSDburqr5LgvkJDfj0=",
|
"narHash": "sha256-2nmu/+QhR/VhxFFr54l0Ok/yVhLCrrYVuTgeD4LHEhE=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "notlua",
|
"repo": "notlua",
|
||||||
"rev": "0e972a0d23f2faa511b9a3f6d445204e18cd5020",
|
"rev": "ef7cdb7a883fe87238c9fff13bc14ad1fd06f4ba",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -335,11 +319,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1691616520,
|
"lastModified": 1700483422,
|
||||||
"narHash": "sha256-loZuL2YnMNwgH5GEZfXgXZadvo5P3Sp+YZSf9L3Wpu8=",
|
"narHash": "sha256-ni6niOmObnG9EVGtaeT1I7ULz5+EkEewGTJVeFuWNuc=",
|
||||||
"owner": "chayleaf",
|
"owner": "chayleaf",
|
||||||
"repo": "notnft",
|
"repo": "notnft",
|
||||||
"rev": "118e25deeb741ba7963931212f02c96c50898578",
|
"rev": "b3e6a023a13a81d70a6a30997e2f1aaf36feafb3",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -350,11 +334,11 @@
|
||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696624462,
|
"lastModified": 1700512041,
|
||||||
"narHash": "sha256-lGmf7IPqWLfxvEQcPujB8dzu+++NHqGYQkmC05y3ByA=",
|
"narHash": "sha256-fAl29aDdOj4AjORaEh85hS0GkCCfjFFCymuOfF4P+Ek=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "560b6a71f7fe0353dc19bc366a5ace71fbda51d1",
|
"rev": "4486267d862ccc8fbbac6c112ccf1f0595cfbd74",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -375,7 +359,6 @@
|
||||||
"nixos-mailserver": "nixos-mailserver",
|
"nixos-mailserver": "nixos-mailserver",
|
||||||
"nixos-router": "nixos-router",
|
"nixos-router": "nixos-router",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"nixpkgs2": "nixpkgs2",
|
|
||||||
"notlua": "notlua",
|
"notlua": "notlua",
|
||||||
"notnft": "notnft",
|
"notnft": "notnft",
|
||||||
"nur": "nur",
|
"nur": "nur",
|
||||||
|
@ -390,11 +373,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696558324,
|
"lastModified": 1700446608,
|
||||||
"narHash": "sha256-TnnP4LGwDB8ZGE7h2n4nA9Faee8xPkMdNcyrzJ57cbw=",
|
"narHash": "sha256-q/87GqBvQoUNBYiI3hwhsDqfyfk972RuZK+EwKab5s0=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "fdb37574a04df04aaa8cf7708f94a9309caebe2b",
|
"rev": "e17bfe3baa0487f0671c9ed0e9057d10987ba7f7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
18
flake.nix
18
flake.nix
|
@ -3,9 +3,8 @@
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
#nixpkgs.url = "github:nixos/nixpkgs/3dc2b4f8166f744c3b3e9ff8224e7c5d74a5424f";
|
#nixpkgs.url = "github:nixos/nixpkgs/3dc2b4f8166f744c3b3e9ff8224e7c5d74a5424f";
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
# nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
nixpkgs2.url = "github:nixos/nixpkgs/master";
|
nixpkgs.url = "github:nixos/nixpkgs/release-23.11";
|
||||||
# nixpkgs.url = "github:chayleaf/nixpkgs/ccache2";
|
|
||||||
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
||||||
mobile-nixos = {
|
mobile-nixos = {
|
||||||
# url = "github:NixOS/mobile-nixos";
|
# url = "github:NixOS/mobile-nixos";
|
||||||
|
@ -59,7 +58,6 @@
|
||||||
outputs = inputs@
|
outputs = inputs@
|
||||||
{ self
|
{ self
|
||||||
, nixpkgs
|
, nixpkgs
|
||||||
, nixpkgs2
|
|
||||||
, nixos-hardware
|
, nixos-hardware
|
||||||
, mobile-nixos
|
, mobile-nixos
|
||||||
, impermanence
|
, impermanence
|
||||||
|
@ -100,7 +98,7 @@
|
||||||
if nixpkgs.lib.hasInfix ":" addr then "[${addr}]" else addr;
|
if nixpkgs.lib.hasInfix ":" addr then "[${addr}]" else addr;
|
||||||
};
|
};
|
||||||
# can't use callPackage ./pkgs here, idk why; use import instead
|
# can't use callPackage ./pkgs here, idk why; use import instead
|
||||||
overlay = self: super: import ./pkgs {
|
overlay' = args: self: super: import ./pkgs ({
|
||||||
pkgs = super;
|
pkgs = super;
|
||||||
pkgs' = self;
|
pkgs' = self;
|
||||||
lib = super.lib;
|
lib = super.lib;
|
||||||
|
@ -109,16 +107,17 @@
|
||||||
nurpkgs = super;
|
nurpkgs = super;
|
||||||
};
|
};
|
||||||
nix-gaming = nix-gaming.packages.${super.system};
|
nix-gaming = nix-gaming.packages.${super.system};
|
||||||
};
|
} // args);
|
||||||
|
overlay = overlay' { };
|
||||||
# I override some settings down the line, but overlays always stay the same
|
# I override some settings down the line, but overlays always stay the same
|
||||||
mkPkgs = config: import nixpkgs (config // {
|
mkPkgs = config: import nixpkgs (config // {
|
||||||
overlays = (config.overlays or [ ]) ++ [ overlay ];
|
overlays = config.overlays or [ ] ++ [ overlay ];
|
||||||
});
|
});
|
||||||
# this is actual config, it gets processed below
|
# this is actual config, it gets processed below
|
||||||
config = let
|
config = let
|
||||||
mkBpiR3 = args: config: config // {
|
mkBpiR3 = args: config: config // {
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
modules = (config.modules or [ ]) ++ [ (import ./system/devices/bpi-r3-router.nix args) ];
|
modules = config.modules or [ ] ++ [ (import ./system/devices/bpi-r3-router.nix args) ];
|
||||||
};
|
};
|
||||||
routerConfig = rec {
|
routerConfig = rec {
|
||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
|
@ -170,7 +169,6 @@
|
||||||
notlua = notlua.lib.${system};
|
notlua = notlua.lib.${system};
|
||||||
};
|
};
|
||||||
home.user = [
|
home.user = [
|
||||||
{ _module.args.pkgs2 = import nixpkgs2 { inherit system; overlays = [ overlay ]; }; }
|
|
||||||
nur.nixosModules.nur
|
nur.nixosModules.nur
|
||||||
./home/hosts/nixmsi.nix
|
./home/hosts/nixmsi.nix
|
||||||
];
|
];
|
||||||
|
@ -303,7 +301,7 @@
|
||||||
packages = lib.genAttrs [
|
packages = lib.genAttrs [
|
||||||
"x86_64-linux"
|
"x86_64-linux"
|
||||||
"aarch64-linux"
|
"aarch64-linux"
|
||||||
] (system: let self = overlay ((mkPkgs { inherit system; }) // self) (import nixpkgs { inherit system; }); in self);
|
] (system: let self = overlay' { isOverlay = false; } (mkPkgs { inherit system; } // self) (import nixpkgs { inherit system; }); in self);
|
||||||
nixosImages.router = let pkgs = mkPkgs { inherit (config.router-emmc) system; }; in {
|
nixosImages.router = let pkgs = mkPkgs { inherit (config.router-emmc) system; }; in {
|
||||||
emmcImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
|
emmcImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
|
||||||
inherit (nixosConfigurations.router-emmc) config;
|
inherit (nixosConfigurations.router-emmc) config;
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
cfg.enableKeePassXC = true;
|
cfg.enableKeePassXC = true;
|
||||||
};
|
};
|
||||||
profiles.chayleaf = {
|
profiles.chayleaf = {
|
||||||
extensions = with config.nur.repos.rycee.firefox-addons; [
|
extensions = (with config.nur.repos.rycee.firefox-addons; [
|
||||||
cookies-txt
|
cookies-txt
|
||||||
don-t-fuck-with-paste
|
don-t-fuck-with-paste
|
||||||
greasemonkey
|
greasemonkey
|
||||||
|
@ -32,7 +32,7 @@
|
||||||
unpaywall
|
unpaywall
|
||||||
vimium-c
|
vimium-c
|
||||||
youtube-shorts-block
|
youtube-shorts-block
|
||||||
] ++ (with pkgs.firefox-addons; [
|
]) ++ (with pkgs.firefoxAddons; [
|
||||||
fastforwardteam
|
fastforwardteam
|
||||||
middle-mouse-button-scroll
|
middle-mouse-button-scroll
|
||||||
rikaitan
|
rikaitan
|
||||||
|
|
|
@ -60,8 +60,7 @@
|
||||||
set argv[1] fish
|
set argv[1] fish
|
||||||
${pkgs.any-nix-shell}/bin/.any-nix-wrapper $argv
|
${pkgs.any-nix-shell}/bin/.any-nix-wrapper $argv
|
||||||
else if test $argv[1] = develop
|
else if test $argv[1] = develop
|
||||||
set argv[1] fish
|
command nix $argv --command fish
|
||||||
command nix develop --command $argv
|
|
||||||
else
|
else
|
||||||
command nix $argv
|
command nix $argv
|
||||||
end
|
end
|
||||||
|
@ -77,8 +76,7 @@
|
||||||
set argv[1] fish
|
set argv[1] fish
|
||||||
PATH="${nom-compat}/bin:$PATH" ${pkgs.any-nix-shell}/bin/.any-nix-wrapper $argv
|
PATH="${nom-compat}/bin:$PATH" ${pkgs.any-nix-shell}/bin/.any-nix-wrapper $argv
|
||||||
else if test $argv[1] = develop
|
else if test $argv[1] = develop
|
||||||
set argv[1] fish
|
command nom $argv --command fish
|
||||||
command nom develop --command $argv
|
|
||||||
else if test $argv[1] = build
|
else if test $argv[1] = build
|
||||||
command nom $argv
|
command nom $argv
|
||||||
else
|
else
|
||||||
|
|
|
@ -83,11 +83,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
neomutt = {
|
|
||||||
enable = true;
|
|
||||||
sidebar.enable = true;
|
|
||||||
vimKeys = true;
|
|
||||||
};
|
|
||||||
home-manager.enable = true;
|
home-manager.enable = true;
|
||||||
# i only use this as a login shell
|
# i only use this as a login shell
|
||||||
bash = {
|
bash = {
|
||||||
|
@ -102,11 +97,16 @@
|
||||||
package = pkgs.gitAndTools.gitFull;
|
package = pkgs.gitAndTools.gitFull;
|
||||||
delta.enable = true;
|
delta.enable = true;
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
|
commit.gpgsign = true;
|
||||||
# disable the atrocious gui password prompt
|
# disable the atrocious gui password prompt
|
||||||
core.askPass = "";
|
core.askPass = "";
|
||||||
# ...and prefer getting passwords from libsecret (and storing them there)
|
# ...and prefer getting passwords from libsecret (and storing them there)
|
||||||
credential.helper = "${pkgs.gitAndTools.gitFull}/bin/git-credential-libsecret";
|
credential.helper = "${pkgs.gitAndTools.gitFull}/bin/git-credential-libsecret";
|
||||||
init.defaultBranch = "master";
|
init.defaultBranch = "master";
|
||||||
|
# no need for git pust -u origin <branch>
|
||||||
|
push.autoSetupRemote = true;
|
||||||
|
# allow different upstream branch name
|
||||||
|
push.default = "upstream";
|
||||||
};
|
};
|
||||||
lfs.enable = true;
|
lfs.enable = true;
|
||||||
};
|
};
|
||||||
|
@ -155,7 +155,33 @@
|
||||||
# (because I use nix plugins and plugins are nix version-specific)
|
# (because I use nix plugins and plugins are nix version-specific)
|
||||||
package = pkgs.nix-index-unwrapped;
|
package = pkgs.nix-index-unwrapped;
|
||||||
};
|
};
|
||||||
|
#neomutt = {
|
||||||
|
# enable = true;
|
||||||
|
# sidebar.enable = true;
|
||||||
|
# vimKeys = true;
|
||||||
|
#};
|
||||||
|
alot = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
handle_mouse = true;
|
||||||
|
initial_command = "search tag:inbox AND NOT tag:killed";
|
||||||
|
prefer_plaintext = true;
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
msmtp.enable = true;
|
||||||
|
notmuch = {
|
||||||
|
enable = true;
|
||||||
|
hooks.preNew = ''
|
||||||
|
${config.services.mbsync.package}/bin/mbsync --all || ${pkgs.coreutils}/bin/true
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
mbsync.enable = true;
|
||||||
|
};
|
||||||
|
#services.mbsync.enable = true;
|
||||||
|
# TODO: see https://github.com/pazz/alot/issues/1632
|
||||||
|
home.file.".mailcap".text = ''
|
||||||
|
text/html; ${pkgs.w3m}/bin/w3m -dump -o document_charset=%{charset} -o display_link_number=1 '%s'; nametemplate=%s.html; copiousoutput
|
||||||
|
'';
|
||||||
|
|
||||||
systemd.user.timers.nix-index = {
|
systemd.user.timers.nix-index = {
|
||||||
Install.WantedBy = [ "timers.target" ];
|
Install.WantedBy = [ "timers.target" ];
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, pkgs, pkgs2, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
imports = [ ./terminal.nix ];
|
imports = [ ./terminal.nix ];
|
||||||
i18n.inputMethod = let fcitx5-qt = pkgs.libsForQt5.fcitx5-qt; in {
|
i18n.inputMethod = let fcitx5-qt = pkgs.libsForQt5.fcitx5-qt; in {
|
||||||
|
@ -178,10 +178,17 @@
|
||||||
input-default-bindings = false;
|
input-default-bindings = false;
|
||||||
};
|
};
|
||||||
# profiles = { };
|
# profiles = { };
|
||||||
package = pkgs.wrapMpv (pkgs.mpv-unwrapped.override {
|
package = pkgs.wrapMpv ((pkgs.mpv-unwrapped.override {
|
||||||
# webp support
|
# webp support
|
||||||
ffmpeg_5 = pkgs.ffmpeg_5-full;
|
ffmpeg_5 = pkgs.ffmpeg-custom;
|
||||||
}) {
|
}).overrideAttrs (old: {
|
||||||
|
patches = old.patches or [] ++ [
|
||||||
|
(pkgs.fetchpatch {
|
||||||
|
url = "https://github.com/mpv-player/mpv/pull/11648.patch";
|
||||||
|
hash = "sha256-rp5VxVD74dY3w5rKct1BwFbruxpHsGk8zwtkkhdJovM=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
})) {
|
||||||
scripts = with pkgs.mpvScripts; [
|
scripts = with pkgs.mpvScripts; [
|
||||||
thumbnail
|
thumbnail
|
||||||
mpris
|
mpris
|
||||||
|
@ -254,7 +261,7 @@
|
||||||
|
|
||||||
# for working with nix
|
# for working with nix
|
||||||
nix-init
|
nix-init
|
||||||
pkgs2.nvfetcher
|
nvfetcher
|
||||||
config.nur.repos.rycee.mozilla-addons-to-nix
|
config.nur.repos.rycee.mozilla-addons-to-nix
|
||||||
|
|
||||||
anki-bin
|
anki-bin
|
||||||
|
|
|
@ -25,27 +25,6 @@
|
||||||
inherit (notlua-nvim.keywords) REQ REQ';
|
inherit (notlua-nvim.keywords) REQ REQ';
|
||||||
in let
|
in let
|
||||||
vimg = name: PROP vim.g name;
|
vimg = name: PROP vim.g name;
|
||||||
# _ is basically semicolon
|
|
||||||
_ = { __IS_SEPARATOR = true; };
|
|
||||||
splitList = sep: list:
|
|
||||||
let
|
|
||||||
ivPairs = lib.imap0 (i: x: { inherit i x; }) list;
|
|
||||||
is' = map ({ i, ... }: i) (builtins.filter ({ x, ... }: sep == x) ivPairs);
|
|
||||||
is = [ 0 ] ++ (map (x: x + 1) is');
|
|
||||||
ie = is' ++ [ (builtins.length list) ];
|
|
||||||
se = lib.zipLists is ie;
|
|
||||||
in
|
|
||||||
map ({ fst, snd }: lib.sublist fst (snd - fst) list) se;
|
|
||||||
# this transforms [ a b _ c _ d _ e f g ] into [ (a b) c d (RETURN (e f g)) ]
|
|
||||||
L = args:
|
|
||||||
let
|
|
||||||
spl = splitList _ args;
|
|
||||||
body = lib.init spl;
|
|
||||||
ret = lib.last spl;
|
|
||||||
in
|
|
||||||
(map
|
|
||||||
(list: builtins.foldl' lib.id (builtins.head list) (builtins.tail list))
|
|
||||||
body) ++ (if ret == [] then [] else [(APPLY RETURN ret)]);
|
|
||||||
keymapSetSingle = opts@{
|
keymapSetSingle = opts@{
|
||||||
mode,
|
mode,
|
||||||
lhs,
|
lhs,
|
||||||
|
@ -84,7 +63,6 @@
|
||||||
|
|
||||||
which-key = REQ "which-key";
|
which-key = REQ "which-key";
|
||||||
luasnip = REQ "luasnip";
|
luasnip = REQ "luasnip";
|
||||||
compile' = name: stmts: compile name (L stmts);
|
|
||||||
in {
|
in {
|
||||||
enable = true;
|
enable = true;
|
||||||
defaultEditor = true;
|
defaultEditor = true;
|
||||||
|
@ -114,40 +92,40 @@
|
||||||
vimAlias = true;
|
vimAlias = true;
|
||||||
vimdiffAlias = true;
|
vimdiffAlias = true;
|
||||||
|
|
||||||
extraLuaConfig = (compile' "main" [
|
extraLuaConfig = compile "main" [
|
||||||
kmSetNs {
|
(kmSetNs {
|
||||||
"<C-X>" = {
|
"<C-X>" = {
|
||||||
rhs = DEFUN (vim.fn.system [ "chmod" "+x" (vim.fn.expand "%") ]);
|
rhs = DEFUN (vim.fn.system [ "chmod" "+x" (vim.fn.expand "%") ]);
|
||||||
desc = "chmod +x %";
|
desc = "chmod +x %";
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
SET (vimg "vimsyn_embed") "l" _
|
(SET (vimg "vimsyn_embed") "l")
|
||||||
LET (vim.api.nvim_create_augroup "nvimrc" { clear = true; }) (group:
|
(LET (vim.api.nvim_create_augroup "nvimrc" { clear = true; }) (group:
|
||||||
lib.mapAttrsToList (k: v: vim.api.nvim_create_autocmd k { inherit group; callback = v; }) {
|
lib.mapAttrsToList (k: v: vim.api.nvim_create_autocmd k { inherit group; callback = v; }) {
|
||||||
BufReadPre = DEFUN (SET vim.o.foldmethod "syntax");
|
BufReadPre = DEFUN (SET vim.o.foldmethod "syntax");
|
||||||
BufEnter = { buf, ... }:
|
BufEnter = { buf, ... }:
|
||||||
LET (vim.filetype.match { inherit buf; }) (filetype: L [
|
LET (vim.filetype.match { inherit buf; }) (filetype: [
|
||||||
IF (APPLY OR (map (EQ filetype) [ "gitcommit" "markdown" ])) (
|
(IF (APPLY OR (map (EQ filetype) [ "gitcommit" "markdown" "mail" ])) (
|
||||||
LET vim.o.colorcolumn (old_colorcolumn: L [
|
LET vim.o.colorcolumn (old_colorcolumn: [
|
||||||
SET vim.o.colorcolumn "73" _
|
(SET vim.o.colorcolumn "73")
|
||||||
vim.api.nvim_create_autocmd "BufLeave" {
|
(vim.api.nvim_create_autocmd "BufLeave" {
|
||||||
buffer = buf;
|
buffer = buf;
|
||||||
callback = DEFUN (L [
|
callback = DEFUN [
|
||||||
SET vim.o.colorcolumn old_colorcolumn _
|
(SET vim.o.colorcolumn old_colorcolumn)
|
||||||
# return true = delete autocommand
|
# return true = delete autocommand
|
||||||
true
|
(RETURN true)
|
||||||
]);
|
];
|
||||||
} _
|
})
|
||||||
])
|
])
|
||||||
) _
|
))
|
||||||
IF (EQ filetype "markdown") (
|
(IF (APPLY OR (map (EQ filetype) [ "markdown" "mail" ])) (
|
||||||
(SET (IDX vim.bo buf).textwidth 72)
|
(SET (IDX vim.bo buf).textwidth 72)
|
||||||
) _
|
))
|
||||||
]);
|
]);
|
||||||
BufWinEnter = { buf, ... }:
|
BufWinEnter = { buf, ... }:
|
||||||
LET (vim.filetype.match { inherit buf; }) (filetype: L [
|
LET (vim.filetype.match { inherit buf; }) (filetype: [
|
||||||
CALL (PROP vim.cmd "folddoc") "foldopen!" _
|
(CALL (PROP vim.cmd "folddoc") "foldopen!")
|
||||||
IF (EQ filetype "gitcommit") (
|
(IF (EQ filetype "gitcommit") (
|
||||||
vim.cmd {
|
vim.cmd {
|
||||||
cmd = "normal"; bang = true;
|
cmd = "normal"; bang = true;
|
||||||
args = [ "gg" ];
|
args = [ "gg" ];
|
||||||
|
@ -171,11 +149,11 @@
|
||||||
cmd = "normal"; bang = true;
|
cmd = "normal"; bang = true;
|
||||||
args = [ "gg" ];
|
args = [ "gg" ];
|
||||||
})
|
})
|
||||||
)) _
|
)))
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
) _
|
))
|
||||||
]);
|
];
|
||||||
plugins = let ps = pkgs.vimPlugins; in map (x: if x?config && x?plugin then { type = "lua"; } // x else x) [
|
plugins = let ps = pkgs.vimPlugins; in map (x: if x?config && x?plugin then { type = "lua"; } // x else x) [
|
||||||
ps.vim-svelte
|
ps.vim-svelte
|
||||||
# vim-nix isn't necessary for syntax highlighting, but it improves overall editing experience
|
# vim-nix isn't necessary for syntax highlighting, but it improves overall editing experience
|
||||||
|
@ -190,8 +168,8 @@
|
||||||
sha256 = "sha256-X2IgIjO5NNq7vJdl09hBY1TFqHlsfF1xfllKr4osILI=";
|
sha256 = "sha256-X2IgIjO5NNq7vJdl09hBY1TFqHlsfF1xfllKr4osILI=";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = compile' "vscode_nvim" [
|
config = compile "vscode_nvim" [
|
||||||
(REQ "vscode").setup {
|
((REQ "vscode").setup {
|
||||||
transparent = true;
|
transparent = true;
|
||||||
color_overrides = {
|
color_overrides = {
|
||||||
vscGray = "#745b5f";
|
vscGray = "#745b5f";
|
||||||
|
@ -208,25 +186,25 @@
|
||||||
vscYellow = "#${config.colors.yellow}";
|
vscYellow = "#${config.colors.yellow}";
|
||||||
vscPink = "#cf83c4";
|
vscPink = "#cf83c4";
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
vim.api.nvim_set_hl 0 "NormalFloat" {
|
(vim.api.nvim_set_hl 0 "NormalFloat" {
|
||||||
bg = "NONE";
|
bg = "NONE";
|
||||||
} _
|
})
|
||||||
]; }
|
]; }
|
||||||
{ plugin = ps.nvim-web-devicons;
|
{ plugin = ps.nvim-web-devicons;
|
||||||
config = compile "nvim_web_devicons" ((REQ "nvim-web-devicons").setup { }); }
|
config = compile "nvim_web_devicons" ((REQ "nvim-web-devicons").setup { }); }
|
||||||
{ plugin = ps.nvim-tree-lua;
|
{ plugin = ps.nvim-tree-lua;
|
||||||
config = compile "nvim_tree_lua" (LET (REQ "nvim-tree") (REQ "nvim-tree.api") (nvim-tree: nvim-tree-api: L [
|
config = compile "nvim_tree_lua" (LET (REQ "nvim-tree") (REQ "nvim-tree.api") (nvim-tree: nvim-tree-api: [
|
||||||
SET (vimg "loaded_netrw") 1 _
|
(SET (vimg "loaded_netrw") 1)
|
||||||
SET (vimg "loaded_netrwPlugin") 1 _
|
(SET (vimg "loaded_netrwPlugin") 1)
|
||||||
SET vim.o.termguicolors true _
|
(SET vim.o.termguicolors true)
|
||||||
nvim-tree.setup { } _ # :help nvim-tree-setup
|
(nvim-tree.setup { }) # :help nvim-tree-setup
|
||||||
kmSetNs {
|
(kmSetNs {
|
||||||
"<C-N>" = {
|
"<C-N>" = {
|
||||||
rhs = nvim-tree-api.tree.toggle;
|
rhs = nvim-tree-api.tree.toggle;
|
||||||
desc = "Toggle NvimTree";
|
desc = "Toggle NvimTree";
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
])); }
|
])); }
|
||||||
ps.vim-sleuth
|
ps.vim-sleuth
|
||||||
ps.luasnip
|
ps.luasnip
|
||||||
|
@ -259,9 +237,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
formatting = {
|
formatting = {
|
||||||
format = entry: vim_item: let kind = PROP vim_item "kind"; in L [
|
format = entry: vim_item: let kind = PROP vim_item "kind"; in [
|
||||||
SET kind (string.format "%s %s" (IDX lspkind kind) kind) _
|
(SET kind (string.format "%s %s" (IDX lspkind kind) kind))
|
||||||
vim_item
|
(RETURN vim_item)
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
mapping = {
|
mapping = {
|
||||||
|
@ -311,28 +289,28 @@
|
||||||
config = compile "nvim_autopairs" (LET
|
config = compile "nvim_autopairs" (LET
|
||||||
(REQ "cmp") (REQ "nvim-autopairs.completion.cmp") (REQ "nvim-autopairs")
|
(REQ "cmp") (REQ "nvim-autopairs.completion.cmp") (REQ "nvim-autopairs")
|
||||||
(cmp: cmp-autopairs: nvim-autopairs:
|
(cmp: cmp-autopairs: nvim-autopairs:
|
||||||
L [
|
[
|
||||||
nvim-autopairs.setup {
|
(nvim-autopairs.setup {
|
||||||
disable_filetype = [ "TelescopePrompt" "vim" ];
|
disable_filetype = [ "TelescopePrompt" "vim" ];
|
||||||
} _
|
})
|
||||||
cmp.event.on cmp.event "confirm_done" (cmp-autopairs.on_confirm_done { }) _
|
(cmp.event.on cmp.event "confirm_done" (cmp-autopairs.on_confirm_done { }))
|
||||||
])); }
|
])); }
|
||||||
{ plugin = ps.comment-nvim;
|
{ plugin = ps.comment-nvim;
|
||||||
config = compile' "comment_nvim" [
|
config = compile "comment_nvim" [
|
||||||
(REQ "Comment").setup { } _
|
((REQ "Comment").setup { })
|
||||||
kmSetNs {
|
(kmSetNs {
|
||||||
"<space>/" = {
|
"<space>/" = {
|
||||||
# metatables......
|
# metatables......
|
||||||
rhs = REQ' (PROP (require "Comment.api") "toggle.linewise.current");
|
rhs = REQ' (PROP (require "Comment.api") "toggle.linewise.current");
|
||||||
desc = "Comment current line";
|
desc = "Comment current line";
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
kmSetVs {
|
(kmSetVs {
|
||||||
"<space>/" = {
|
"<space>/" = {
|
||||||
rhs = "<esc><cmd>lua require('Comment.api').toggle.linewise(vim.fn.visualmode())<cr>";
|
rhs = "<esc><cmd>lua require('Comment.api').toggle.linewise(vim.fn.visualmode())<cr>";
|
||||||
desc = "Comment selection";
|
desc = "Comment selection";
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
]; }
|
]; }
|
||||||
{ plugin = ps.nvim-lspconfig;
|
{ plugin = ps.nvim-lspconfig;
|
||||||
config = compile "nvim_lspconfig" (
|
config = compile "nvim_lspconfig" (
|
||||||
|
@ -341,9 +319,9 @@
|
||||||
(REQ "lspconfig.server_configurations.${name}")
|
(REQ "lspconfig.server_configurations.${name}")
|
||||||
# metatables, son! they harden in response to physical trauma
|
# metatables, son! they harden in response to physical trauma
|
||||||
(REQ' (PROP (require "lspconfig") name));
|
(REQ' (PROP (require "lspconfig") name));
|
||||||
in L [
|
in [
|
||||||
# See `:help vim.diagnostic.*` for documentation on any of the below functions
|
# See `:help vim.diagnostic.*` for documentation on any of the below functions
|
||||||
kmSetNs {
|
(kmSetNs {
|
||||||
"<space>e" = {
|
"<space>e" = {
|
||||||
rhs = vim.diagnostic.open_float;
|
rhs = vim.diagnostic.open_float;
|
||||||
desc = "Show diagnostics in a floating window.";
|
desc = "Show diagnostics in a floating window.";
|
||||||
|
@ -360,19 +338,17 @@
|
||||||
rhs = vim.diagnostic.setloclist;
|
rhs = vim.diagnostic.setloclist;
|
||||||
desc = "Add buffer diagnostics to the location list.";
|
desc = "Add buffer diagnostics to the location list.";
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
LET
|
(LET
|
||||||
# LET on_attach
|
# LET on_attach
|
||||||
(client: bufnr: L [
|
(client: bufnr: [
|
||||||
SET (IDX vim.bo bufnr).omnifunc "v:lua.vim.lsp.omnifunc" _
|
(SET (IDX vim.bo bufnr).omnifunc "v:lua.vim.lsp.omnifunc")
|
||||||
# Mappings.
|
# Mappings.
|
||||||
# See `:help vim.lsp.*` for documentation on any of the below functions
|
# See `:help vim.lsp.*` for documentation on any of the below functions
|
||||||
keymapSetNs {
|
(keymapSetNs {
|
||||||
buffer = bufnr;
|
buffer = bufnr;
|
||||||
keys = {
|
keys = {
|
||||||
"gD" = {
|
"gD" = { rhs = vim.lsp.buf.declaration; desc = "Jumps to the declaration of the symbol under the cursor."; };
|
||||||
rhs = vim.lsp.buf.declaration;
|
|
||||||
desc = "Jumps to the declaration of the symbol under the cursor."; };
|
|
||||||
"gd" = {
|
"gd" = {
|
||||||
rhs = vim.lsp.buf.definition;
|
rhs = vim.lsp.buf.definition;
|
||||||
desc = "Jumps to the definition of the symbol under the cursor."; };
|
desc = "Jumps to the definition of the symbol under the cursor."; };
|
||||||
|
@ -410,7 +386,7 @@
|
||||||
rhs = DEFUN (vim.lsp.buf.format { async = true; });
|
rhs = DEFUN (vim.lsp.buf.format { async = true; });
|
||||||
desc = "Formats a buffer."; };
|
desc = "Formats a buffer."; };
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
])
|
])
|
||||||
# LET rust_settings
|
# LET rust_settings
|
||||||
{ rust-analyzer = {
|
{ rust-analyzer = {
|
||||||
|
@ -428,29 +404,29 @@
|
||||||
(on_attach: rust_settings: capabilities:
|
(on_attach: rust_settings: capabilities:
|
||||||
LETREC
|
LETREC
|
||||||
# LETREC on_attach_rust
|
# LETREC on_attach_rust
|
||||||
(on_attach_rust: client: bufnr: L [
|
(on_attach_rust: client: bufnr: [
|
||||||
vim.api.nvim_buf_create_user_command bufnr "RustAndroid" (opts: L [
|
(vim.api.nvim_buf_create_user_command bufnr "RustAndroid" (opts: [
|
||||||
vim.lsp.set_log_level "debug" _
|
(vim.lsp.set_log_level "debug")
|
||||||
(lsp "rust_analyzer").setup {
|
((lsp "rust_analyzer").setup {
|
||||||
on_attach = on_attach_rust;
|
on_attach = on_attach_rust;
|
||||||
inherit capabilities;
|
inherit capabilities;
|
||||||
settings = vim.tbl_deep_extend
|
settings = vim.tbl_deep_extend
|
||||||
"keep"
|
"keep"
|
||||||
config.rustAnalyzerAndroidSettings
|
config.rustAnalyzerAndroidSettings
|
||||||
rust_settings;
|
rust_settings;
|
||||||
} _
|
})
|
||||||
]) {} _
|
]) {})
|
||||||
on_attach client bufnr _
|
(on_attach client bufnr)
|
||||||
])
|
])
|
||||||
# BEGIN
|
# BEGIN
|
||||||
(let setupLsp = name: args: (lsp name).setup ({
|
(let setupLsp = name: args: (lsp name).setup ({
|
||||||
inherit on_attach capabilities;
|
inherit on_attach capabilities;
|
||||||
settings = { };
|
settings = { };
|
||||||
} // args);
|
} // args);
|
||||||
in on_attach_rust: L [
|
in on_attach_rust: [
|
||||||
# vim.lsp.set_log_level "debug" _
|
# (vim.lsp.set_log_level "debug")
|
||||||
# see https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
|
# see https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
|
||||||
lib.mapAttrsToList setupLsp {
|
(lib.mapAttrsToList setupLsp {
|
||||||
bashls = { };
|
bashls = { };
|
||||||
clangd = { };
|
clangd = { };
|
||||||
# https://github.com/python-lsp/python-lsp-server/blob/develop/CONFIGURATION.md
|
# https://github.com/python-lsp/python-lsp-server/blob/develop/CONFIGURATION.md
|
||||||
|
@ -471,15 +447,15 @@
|
||||||
on_attach = on_attach_rust;
|
on_attach = on_attach_rust;
|
||||||
settings = rust_settings;
|
settings = rust_settings;
|
||||||
};
|
};
|
||||||
} _
|
})
|
||||||
]) # END
|
]) # END
|
||||||
) _ # END
|
)) # END
|
||||||
]); }
|
]); }
|
||||||
{ plugin = ps.which-key-nvim;
|
{ plugin = ps.which-key-nvim;
|
||||||
config = compile' "which_key_nvim" [
|
config = compile "which_key_nvim" [
|
||||||
SET vim.o.timeout true _
|
(SET vim.o.timeout true)
|
||||||
SET vim.o.timeoutlen 500 _
|
(SET vim.o.timeoutlen 500)
|
||||||
which-key.setup { } _
|
(which-key.setup { })
|
||||||
]; }
|
]; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
1407
pkgs/Cargo.lock
generated
1407
pkgs/Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -22,24 +22,24 @@
|
||||||
"pinned": false,
|
"pinned": false,
|
||||||
"src": {
|
"src": {
|
||||||
"name": null,
|
"name": null,
|
||||||
"sha256": "sha256-DcS5ov656f/l1zWPt+UYKxarDGcAWd6zTvi50Lsa1s8=",
|
"sha256": "sha256-72jxUJdn4j0FV1qFH0r7UEVrAvSwrWgWsxCXyT1N/1A=",
|
||||||
"type": "url",
|
"type": "url",
|
||||||
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-16/GE-Proton8-16.tar.gz"
|
"url": "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-24/GE-Proton8-24.tar.gz"
|
||||||
},
|
},
|
||||||
"version": "GE-Proton8-16"
|
"version": "GE-Proton8-24"
|
||||||
},
|
},
|
||||||
"searxng": {
|
"searxng": {
|
||||||
"cargoLocks": null,
|
"cargoLocks": null,
|
||||||
"date": "2023-10-06",
|
"date": "2023-11-14",
|
||||||
"extract": null,
|
"extract": null,
|
||||||
"name": "searxng",
|
"name": "searxng",
|
||||||
"passthru": null,
|
"passthru": null,
|
||||||
"pinned": false,
|
"pinned": false,
|
||||||
"src": {
|
"src": {
|
||||||
"sha256": "sha256-/blIZOaeOwQMp6T6GkNh8Fvtzh3Ik5UiPwuGjViENuE=",
|
"sha256": "sha256-vgDQ7cdWN79TFEbJGq0AdvC8p2YOmogk9iVViDkZDXw=",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/searxng/searxng/archive/ce270961e82585971579844c64d7cde5f5d855ec.tar.gz"
|
"url": "https://github.com/searxng/searxng/archive/b3d29cb86db4cc1a4e6320016529d1361451e1f1.tar.gz"
|
||||||
},
|
},
|
||||||
"version": "ce270961e82585971579844c64d7cde5f5d855ec"
|
"version": "b3d29cb86db4cc1a4e6320016529d1361451e1f1"
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -12,19 +12,19 @@
|
||||||
};
|
};
|
||||||
proton-ge = {
|
proton-ge = {
|
||||||
pname = "proton-ge";
|
pname = "proton-ge";
|
||||||
version = "GE-Proton8-16";
|
version = "GE-Proton8-24";
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-16/GE-Proton8-16.tar.gz";
|
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton8-24/GE-Proton8-24.tar.gz";
|
||||||
sha256 = "sha256-DcS5ov656f/l1zWPt+UYKxarDGcAWd6zTvi50Lsa1s8=";
|
sha256 = "sha256-72jxUJdn4j0FV1qFH0r7UEVrAvSwrWgWsxCXyT1N/1A=";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
searxng = {
|
searxng = {
|
||||||
pname = "searxng";
|
pname = "searxng";
|
||||||
version = "ce270961e82585971579844c64d7cde5f5d855ec";
|
version = "b3d29cb86db4cc1a4e6320016529d1361451e1f1";
|
||||||
src = fetchTarball {
|
src = fetchTarball {
|
||||||
url = "https://github.com/searxng/searxng/archive/ce270961e82585971579844c64d7cde5f5d855ec.tar.gz";
|
url = "https://github.com/searxng/searxng/archive/b3d29cb86db4cc1a4e6320016529d1361451e1f1.tar.gz";
|
||||||
sha256 = "sha256-/blIZOaeOwQMp6T6GkNh8Fvtzh3Ik5UiPwuGjViENuE=";
|
sha256 = "sha256-vgDQ7cdWN79TFEbJGq0AdvC8p2YOmogk9iVViDkZDXw=";
|
||||||
};
|
};
|
||||||
date = "2023-10-06";
|
date = "2023-11-14";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
# TODO: remove this file when searxng gets updated in nixpkgs
|
|
||||||
{ lib
|
|
||||||
, buildPythonPackage
|
|
||||||
, fetchPypi
|
|
||||||
}:
|
|
||||||
|
|
||||||
buildPythonPackage rec {
|
|
||||||
pname = "chompjs";
|
|
||||||
version = "1.2.2";
|
|
||||||
format = "setuptools";
|
|
||||||
|
|
||||||
src = fetchPypi {
|
|
||||||
inherit pname version;
|
|
||||||
hash = "sha256-I5PbVinyjO1OF78t9h67lVBM/VsogYoMj3iFZS4WTn8=";
|
|
||||||
};
|
|
||||||
|
|
||||||
pythonImportsCheck = [ "chompjs" ];
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "Parsing JavaScript objects into Python dictionaries";
|
|
||||||
homepage = "https://pypi.org/project/chompjs/";
|
|
||||||
license = licenses.mit;
|
|
||||||
maintainers = with maintainers; [ chayleaf ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -3,6 +3,7 @@
|
||||||
, nur
|
, nur
|
||||||
, nix-gaming
|
, nix-gaming
|
||||||
, pkgs' ? pkgs
|
, pkgs' ? pkgs
|
||||||
|
, isOverlay ? true
|
||||||
, ... }:
|
, ... }:
|
||||||
let
|
let
|
||||||
inherit (pkgs') callPackage;
|
inherit (pkgs') callPackage;
|
||||||
|
@ -65,8 +66,33 @@ in
|
||||||
/*ghidra = pkgs.ghidra.overrideAttrs (old: {
|
/*ghidra = pkgs.ghidra.overrideAttrs (old: {
|
||||||
patches = old.patches ++ [ ./ghidra-stdcall.patch ];
|
patches = old.patches ++ [ ./ghidra-stdcall.patch ];
|
||||||
});*/
|
});*/
|
||||||
|
ffmpeg-custom = (pkgs'.ffmpeg_6-full.override {
|
||||||
|
withCuda = false;
|
||||||
|
withCudaLLVM = false;
|
||||||
|
withNvdec = false;
|
||||||
|
withNvenc = false;
|
||||||
|
}).overrideAttrs (old: {
|
||||||
|
version = "unstable-20231031";
|
||||||
|
src = pkgs'.fetchgit {
|
||||||
|
url = "https://git.ffmpeg.org/ffmpeg.git";
|
||||||
|
rev = "4e5f3e6b8e1132354eed810dfdadf87f45c5de27";
|
||||||
|
hash = "sha256-fiWkU9fK8qPmxl2MOADKdlFf6XjHGKFhi8uaWltphCE=";
|
||||||
|
};
|
||||||
|
patches = [ ];
|
||||||
|
postPatch = ''
|
||||||
|
${old.postPatch or ""}
|
||||||
|
substituteInPlace libavutil/hwcontext_vulkan.c \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_QUEUE FF_VK_EXT_VIDEO_DECODE_QUEUE \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_H264 FF_VK_EXT_VIDEO_DECODE_H264 \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_H265 FF_VK_EXT_VIDEO_DECODE_H265 \
|
||||||
|
--replace FF_VK_KHR_VIDEO_DECODE_AV1 FF_VK_EXT_VIDEO_DECODE_AV1
|
||||||
|
'';
|
||||||
|
buildInputs = old.buildInputs ++ [ pkgs'.libaribcaption ];
|
||||||
|
configureFlags = old.configureFlags ++ [ "--enable-libaribcaption" ];
|
||||||
|
});
|
||||||
gimp = callPackage ./gimp { inherit (pkgs) gimp; };
|
gimp = callPackage ./gimp { inherit (pkgs) gimp; };
|
||||||
home-daemon = callPackage ./home-daemon { };
|
home-daemon = callPackage ./home-daemon { };
|
||||||
|
libaribcaption = callPackage ./libaribcaption { };
|
||||||
# pin version
|
# pin version
|
||||||
looking-glass-client = pkgs.looking-glass-client.overrideAttrs (old: {
|
looking-glass-client = pkgs.looking-glass-client.overrideAttrs (old: {
|
||||||
version = "B6";
|
version = "B6";
|
||||||
|
@ -81,7 +107,6 @@ in
|
||||||
kvmfrOverlay = kvmfr: kvmfr.overrideAttrs (old: {
|
kvmfrOverlay = kvmfr: kvmfr.overrideAttrs (old: {
|
||||||
inherit (pkgs'.looking-glass-client) version src;
|
inherit (pkgs'.looking-glass-client) version src;
|
||||||
});
|
});
|
||||||
pineapplebot = callPackage ./pineapplebot.nix { };
|
|
||||||
proton-ge = pkgs.stdenvNoCC.mkDerivation {
|
proton-ge = pkgs.stdenvNoCC.mkDerivation {
|
||||||
inherit (sources.proton-ge) pname version src;
|
inherit (sources.proton-ge) pname version src;
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
|
@ -90,21 +115,18 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
rofi-steam-game-list = callPackage ./rofi-steam-game-list { };
|
rofi-steam-game-list = callPackage ./rofi-steam-game-list { };
|
||||||
scanservjs = callPackage ./scanservjs.nix { };
|
scanservjs = callPackage ./scanservjs { };
|
||||||
searxng = pkgs'.python3.pkgs.toPythonModule (pkgs.searxng.overrideAttrs (old: {
|
searxng = pkgs'.python3.pkgs.toPythonModule (pkgs.searxng.overrideAttrs (old: {
|
||||||
inherit (sources.searxng) src;
|
inherit (sources.searxng) src;
|
||||||
version = "unstable-" + sources.searxng.date;
|
version = "unstable-" + sources.searxng.date;
|
||||||
propagatedBuildInputs = old.propagatedBuildInputs ++ [
|
postInstall = builtins.replaceStrings [ "/botdetection" ] [ "" ] old.postInstall;
|
||||||
(pkgs'.python3.pkgs.callPackage ./chompjs.nix { })
|
|
||||||
];
|
|
||||||
}));
|
}));
|
||||||
# system76-scheduler = callPackage ./system76-scheduler.nix { };
|
|
||||||
techmino = callPackage ./techmino { };
|
techmino = callPackage ./techmino { };
|
||||||
|
|
||||||
firefox-addons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; });
|
firefoxAddons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; });
|
||||||
mpvScripts = pkgs.mpvScripts // callPackage ./mpv-scripts { };
|
mpvScripts = lib.optionalAttrs isOverlay pkgs.mpvScripts // callPackage ./mpv-scripts { };
|
||||||
|
|
||||||
qemu_7 = callPackage ./qemu_7.nix {
|
qemu_7 = callPackage ./qemu/7.nix {
|
||||||
stdenv = pkgs'.ccacheStdenv;
|
stdenv = pkgs'.ccacheStdenv;
|
||||||
inherit (pkgs.darwin.apple_sdk.frameworks) CoreServices Cocoa Hypervisor vmnet;
|
inherit (pkgs.darwin.apple_sdk.frameworks) CoreServices Cocoa Hypervisor vmnet;
|
||||||
inherit (pkgs.darwin.stubs) rez setfile;
|
inherit (pkgs.darwin.stubs) rez setfile;
|
||||||
|
@ -118,7 +140,7 @@ in
|
||||||
qemu_7_xen_4_15-light = lib.lowPrio (pkgs'.qemu_7.override { hostCpuOnly = true; xenSupport = true; xen = pkgs.xen_4_15-light; });
|
qemu_7_xen_4_15-light = lib.lowPrio (pkgs'.qemu_7.override { hostCpuOnly = true; xenSupport = true; xen = pkgs.xen_4_15-light; });
|
||||||
qemu_7_test = lib.lowPrio (pkgs'.qemu_7.override { hostCpuOnly = true; nixosTestRunner = true; });
|
qemu_7_test = lib.lowPrio (pkgs'.qemu_7.override { hostCpuOnly = true; nixosTestRunner = true; });
|
||||||
# TODO: when https://gitlab.com/virtio-fs/virtiofsd/-/issues/96 is fixed remove this
|
# TODO: when https://gitlab.com/virtio-fs/virtiofsd/-/issues/96 is fixed remove this
|
||||||
virtiofsd = callPackage ./qemu_virtiofsd.nix {
|
virtiofsd = callPackage ./qemu/virtiofsd.nix {
|
||||||
qemu = pkgs'.qemu_7;
|
qemu = pkgs'.qemu_7;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -130,5 +152,6 @@ in
|
||||||
stdenv = pkgs'.ccacheStdenv;
|
stdenv = pkgs'.ccacheStdenv;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
// import ./postgresql-packages { inherit pkgs pkgs' lib sources isOverlay; }
|
||||||
// import ./ccache.nix { inherit pkgs pkgs' lib sources; }
|
// import ./ccache.nix { inherit pkgs pkgs' lib sources; }
|
||||||
// import ../system/hardware/bpi-r3/pkgs.nix { inherit pkgs pkgs' lib sources; }
|
// import ../system/hardware/bpi-r3/pkgs.nix { inherit pkgs pkgs' lib sources; }
|
||||||
|
|
|
@ -63,10 +63,10 @@
|
||||||
};
|
};
|
||||||
"youtube-nonstop" = buildFirefoxXpiAddon {
|
"youtube-nonstop" = buildFirefoxXpiAddon {
|
||||||
pname = "youtube-nonstop";
|
pname = "youtube-nonstop";
|
||||||
version = "0.9.1";
|
version = "0.9.2";
|
||||||
addonId = "{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}";
|
addonId = "{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}";
|
||||||
url = "https://addons.mozilla.org/firefox/downloads/file/3848483/youtube_nonstop-0.9.1.xpi";
|
url = "https://addons.mozilla.org/firefox/downloads/file/4187690/youtube_nonstop-0.9.2.xpi";
|
||||||
sha256 = "8340d57622a663949ec1768eb37d47651c809fadf0ffaa5ff546c48fdd28e33d";
|
sha256 = "7659d180f76ea908ea81b84ed9bdd188624eaaa62b88accbe6d8ad4e8caeff38";
|
||||||
meta = with lib;
|
meta = with lib;
|
||||||
{
|
{
|
||||||
homepage = "https://github.com/lawfx/YoutubeNonStop";
|
homepage = "https://github.com/lawfx/YoutubeNonStop";
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
diff --git a/kvmfr.c b/kvmfr.c
|
|
||||||
index 121aae5b..2f4c9e1a 100644
|
|
||||||
--- a/kvmfr.c
|
|
||||||
+++ b/kvmfr.c
|
|
||||||
@@ -539,7 +539,11 @@ static int __init kvmfr_module_init(void)
|
|
||||||
if (kvmfr->major < 0)
|
|
||||||
goto out_free;
|
|
||||||
|
|
||||||
+#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
|
|
||||||
kvmfr->pClass = class_create(THIS_MODULE, KVMFR_DEV_NAME);
|
|
||||||
+#else
|
|
||||||
+ kvmfr->pClass = class_create(KVMFR_DEV_NAME);
|
|
||||||
+#endif
|
|
||||||
if (IS_ERR(kvmfr->pClass))
|
|
||||||
goto out_unreg;
|
|
||||||
|
|
33
pkgs/libaribcaption/default.nix
Normal file
33
pkgs/libaribcaption/default.nix
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
{ lib
|
||||||
|
, stdenv
|
||||||
|
, fetchFromGitHub
|
||||||
|
, cmake
|
||||||
|
|
||||||
|
, fontconfig
|
||||||
|
, freetype
|
||||||
|
}:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "libaribcaption";
|
||||||
|
version = "1.1.1";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "xqq";
|
||||||
|
repo = "libaribcaption";
|
||||||
|
rev = "v${version}";
|
||||||
|
hash = "sha256-x6l0ZrTktSsqfDLVRXpQtUOruhfc8RF3yT991UVZiKA=";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [ cmake ];
|
||||||
|
|
||||||
|
cmakeFlags = [ "-DBUILD_SHARED_LIBS=ON" ];
|
||||||
|
|
||||||
|
buildInputs = lib.optionals (!stdenv.isDarwin) [ fontconfig freetype ];
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "Portable ARIB STD-B24 Caption Decoder/Renderer";
|
||||||
|
homepage = "https://github.com/xqq/libaribcaption";
|
||||||
|
license = licenses.mit;
|
||||||
|
maintainers = with maintainers; [ chayleaf ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,34 +0,0 @@
|
||||||
{ python3
|
|
||||||
, fetchFromGitHub
|
|
||||||
, rustPlatform
|
|
||||||
, magic ? "<PIZZABOT_MAGIC_SEP>"
|
|
||||||
, ... }:
|
|
||||||
|
|
||||||
python3.pkgs.buildPythonPackage rec {
|
|
||||||
pname = "pineapplebot";
|
|
||||||
version = "0.1.0";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "chayleaf";
|
|
||||||
repo = "pizzabot_v3";
|
|
||||||
rev = "master";
|
|
||||||
sha256 = "sha256-ZLskMlllZfmqIlbSr0pNHHJehDycohiwqgYbuEYP7Qc=";
|
|
||||||
};
|
|
||||||
preBuild = ''
|
|
||||||
head -n13 Cargo.toml > Cargo.toml.new
|
|
||||||
mv Cargo.toml.new Cargo.toml
|
|
||||||
'';
|
|
||||||
sourceRoot = "source/pineapplebot";
|
|
||||||
cargoDeps = rustPlatform.fetchCargoTarball {
|
|
||||||
inherit src sourceRoot;
|
|
||||||
name = "${pname}-${version}";
|
|
||||||
sha256 = "14jxgykwg1apy97gy1j8mz7ny2cqg4q9s03a2bk9kx2y6ibm4668";
|
|
||||||
};
|
|
||||||
nativeBuildInputs = with rustPlatform; [
|
|
||||||
cargoSetupHook
|
|
||||||
maturinBuildHook
|
|
||||||
];
|
|
||||||
doCheck = false;
|
|
||||||
doInstallCheck = true;
|
|
||||||
pythonImportsCheck = [ "pineapplebot" ];
|
|
||||||
PIZZABOT_MAGIC = magic;
|
|
||||||
}
|
|
45
pkgs/postgresql-packages/default.nix
Normal file
45
pkgs/postgresql-packages/default.nix
Normal file
|
@ -0,0 +1,45 @@
|
||||||
|
{ pkgs
|
||||||
|
, pkgs'
|
||||||
|
, isOverlay
|
||||||
|
, lib
|
||||||
|
, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (pkgs') callPackage;
|
||||||
|
|
||||||
|
extraPackages = {
|
||||||
|
tsja = callPackage ./tsja.nix { };
|
||||||
|
};
|
||||||
|
gen' = postgresql: builtins.mapAttrs (k: v: v.override { inherit postgresql; }) extraPackages;
|
||||||
|
gen = ver:
|
||||||
|
lib.optionalAttrs isOverlay pkgs."postgresql${toString ver}Packages"
|
||||||
|
// gen' pkgs."postgresql${if ver == "" then "" else "_" + toString ver}";
|
||||||
|
psql = ver: let
|
||||||
|
old = pkgs."postgresql${if ver == "" then "" else "_" + toString ver}";
|
||||||
|
in old // { pkgs = old.pkgs // gen' old; };
|
||||||
|
self = {
|
||||||
|
mecab = pkgs.mecab.overrideAttrs (old: {
|
||||||
|
postInstall = ''
|
||||||
|
mkdir -p $out/lib/mecab/dic
|
||||||
|
ln -s ${callPackage /${pkgs.path}/pkgs/tools/text/mecab/ipadic.nix {
|
||||||
|
mecab-nodic = callPackage /${pkgs.path}/pkgs/tools/text/mecab/nodic.nix { };
|
||||||
|
}} $out/lib/mecab/dic/ipadic
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
postgresqlPackages = gen "";
|
||||||
|
postgresql11Packages = gen 11;
|
||||||
|
postgresql12Packages = gen 12;
|
||||||
|
postgresql13Packages = gen 13;
|
||||||
|
postgresql14Packages = gen 14;
|
||||||
|
postgresql15Packages = gen 15;
|
||||||
|
postgresql16Packages = gen 16;
|
||||||
|
} // lib.optionalAttrs isOverlay {
|
||||||
|
postgresql = psql "";
|
||||||
|
postgresql_11 = psql 11;
|
||||||
|
postgresql_12 = psql 12;
|
||||||
|
postgresql_13 = psql 13;
|
||||||
|
postgresql_14 = psql 14;
|
||||||
|
postgresql_15 = psql 15;
|
||||||
|
postgresql_16 = psql 16;
|
||||||
|
};
|
||||||
|
in self
|
39
pkgs/postgresql-packages/tsja.nix
Normal file
39
pkgs/postgresql-packages/tsja.nix
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
{ lib
|
||||||
|
, stdenv
|
||||||
|
, postgresql
|
||||||
|
, mecab
|
||||||
|
}:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "tsja";
|
||||||
|
version = "0.5.0";
|
||||||
|
|
||||||
|
src = fetchTarball {
|
||||||
|
url = "https://www.amris.jp/tsja/tsja-${version}.tar.xz";
|
||||||
|
sha256 = "0hx4iygnqw1ay3nwrf3x2izflw4ip9i8i0yny26vivdz862m97w7";
|
||||||
|
};
|
||||||
|
|
||||||
|
postPatch = ''
|
||||||
|
substituteInPlace Makefile \
|
||||||
|
--replace /usr/local/pgsql ${postgresql} \
|
||||||
|
--replace -L/usr/local/lib "" \
|
||||||
|
--replace -I/usr/local/include ""
|
||||||
|
substituteInPlace tsja.c --replace /usr/local/lib/mecab ${mecab}/lib/mecab
|
||||||
|
'';
|
||||||
|
|
||||||
|
buildInputs = [ postgresql mecab ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/lib $out/share/postgresql/extension
|
||||||
|
cp libtsja.so $out/lib
|
||||||
|
cp dbinit_libtsja.txt $out/share/postgresql/extension/libtsja_dbinit.sql
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "PostgreSQL extension implementing Japanese text search";
|
||||||
|
homepage = "https://www.amris.jp/tsja/index.html";
|
||||||
|
maintainers = with maintainers; [ chayleaf ];
|
||||||
|
platforms = postgresql.meta.platforms;
|
||||||
|
license = licenses.postgresql;
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,91 +0,0 @@
|
||||||
{ lib
|
|
||||||
, fetchFromGitHub
|
|
||||||
, buildNpmPackage
|
|
||||||
, fetchNpmDeps
|
|
||||||
, nodejs
|
|
||||||
}:
|
|
||||||
|
|
||||||
let
|
|
||||||
version = "2.27.0";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "sbs20";
|
|
||||||
repo = "scanservjs";
|
|
||||||
rev = "v${version}";
|
|
||||||
hash = "sha256-GFpfH7YSXFRNRmx8F2bUJsGdPW1ECT7AQquJRxiRJEU=";
|
|
||||||
};
|
|
||||||
|
|
||||||
depsHashes = {
|
|
||||||
server = "sha256-V4w4euMl67eS4WNIFM8j06/JAEudaq+4zY9pFVgTmlY=";
|
|
||||||
client = "sha256-r/uYaXpQnlI90Yn6mo2KViKDMHE8zaCAxNFnEZslnaY=";
|
|
||||||
};
|
|
||||||
|
|
||||||
serverDepsForClient = fetchNpmDeps {
|
|
||||||
inherit src nodejs;
|
|
||||||
sourceRoot = "${src.name}/packages/server";
|
|
||||||
name = "scanservjs-server";
|
|
||||||
hash = depsHashes.server or lib.fakeHash;
|
|
||||||
};
|
|
||||||
|
|
||||||
# static client files
|
|
||||||
client = buildNpmPackage ({
|
|
||||||
pname = "scanservjs-static";
|
|
||||||
inherit version src nodejs;
|
|
||||||
|
|
||||||
sourceRoot = "${src.name}/packages/client";
|
|
||||||
npmDepsHash = depsHashes.client or lib.fakeHash;
|
|
||||||
|
|
||||||
preBuild = ''
|
|
||||||
cd ../server
|
|
||||||
chmod +w package-lock.json . /build/source/
|
|
||||||
npmDeps=${serverDepsForClient} npmConfigHook
|
|
||||||
cd ../client
|
|
||||||
'';
|
|
||||||
|
|
||||||
env.NODE_OPTIONS = "--openssl-legacy-provider";
|
|
||||||
|
|
||||||
dontNpmInstall = true;
|
|
||||||
installPhase = ''
|
|
||||||
mv /build/source/dist/client $out
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
|
|
||||||
in buildNpmPackage {
|
|
||||||
pname = "scanservjs";
|
|
||||||
inherit version src nodejs;
|
|
||||||
|
|
||||||
sourceRoot = "${src.name}/packages/server";
|
|
||||||
npmDepsHash = depsHashes.server or lib.fakeHash;
|
|
||||||
|
|
||||||
preBuild = ''
|
|
||||||
chmod +w /build/source
|
|
||||||
substituteInPlace src/server.js --replace "express.static('client')" "express.static('${client}')"
|
|
||||||
substituteInPlace src/api.js --replace \
|
|
||||||
'`''${config.previewDirectory}/default.jpg`' \
|
|
||||||
"'$out/lib/node_modules/scanservjs-api/data/preview/default.jpg'"
|
|
||||||
substituteInPlace src/application.js --replace \
|
|
||||||
"'../../config/config.local.js'" \
|
|
||||||
"process.env.NIX_SCANSERVJS_CONFIG_PATH"
|
|
||||||
substituteInPlace src/classes/user-options.js --replace \
|
|
||||||
"const localPath = path.join(__dirname, localConfigPath);" \
|
|
||||||
"const localPath = localConfigPath;"
|
|
||||||
substituteInPlace src/configure.js --replace \
|
|
||||||
"fs.mkdirSync(config.outputDirectory, { recursive: true });" \
|
|
||||||
"fs.mkdirSync(config.outputDirectory, { recursive: true }); fs.mkdirSync(config.previewDirectory, { recursive: true });"
|
|
||||||
'';
|
|
||||||
|
|
||||||
postInstall = ''
|
|
||||||
mkdir -p $out/bin
|
|
||||||
makeWrapper ${nodejs}/bin/node $out/bin/scanservjs \
|
|
||||||
--set NODE_ENV production \
|
|
||||||
--add-flags "'$out/lib/node_modules/scanservjs-api/src/server.js'"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "SANE scanner nodejs web ui";
|
|
||||||
longDescription = "scanservjs is a simple web-based UI for SANE which allows you to share a scanner on a network without the need for drivers or complicated installation.";
|
|
||||||
homepage = "https://github.com/sbs20/scanservjs";
|
|
||||||
license = licenses.gpl2Only;
|
|
||||||
mainProgram = "scanservjs";
|
|
||||||
maintainers = with maintainers; [ chayleaf ];
|
|
||||||
};
|
|
||||||
}
|
|
46
pkgs/scanservjs/default.nix
Normal file
46
pkgs/scanservjs/default.nix
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
{ lib
|
||||||
|
, fetchFromGitHub
|
||||||
|
, buildNpmPackage
|
||||||
|
, nodejs
|
||||||
|
}:
|
||||||
|
|
||||||
|
buildNpmPackage {
|
||||||
|
pname = "scanservjs";
|
||||||
|
version = "3.0.3";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
# owner = "sbs20";
|
||||||
|
owner = "chayleaf";
|
||||||
|
repo = "scanservjs";
|
||||||
|
# rev = "v${version}";
|
||||||
|
rev = "bf41a95c9cd6bd924d6e14a28da6d33ddc64ef2e";
|
||||||
|
hash = "sha256-ePg8spI1rlWYcpjtax7gaZp2wUX4beHzMd71b8XKNG8=";
|
||||||
|
};
|
||||||
|
|
||||||
|
inherit nodejs;
|
||||||
|
|
||||||
|
npmDepsHash = "sha256-bigIFAQ2RLk6yxbUcMnmXwgaEkzFFUYn+hE7RIiFm8Y=";
|
||||||
|
|
||||||
|
preBuild = ''
|
||||||
|
npm run build
|
||||||
|
'';
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
mv $out/lib/node_modules/scanservjs/node_modules dist/
|
||||||
|
rm -rf $out/lib/node_modules/scanservjs
|
||||||
|
mv dist $out/lib/node_modules/scanservjs
|
||||||
|
mkdir -p $out/bin
|
||||||
|
makeWrapper ${nodejs}/bin/node $out/bin/scanservjs \
|
||||||
|
--set NODE_ENV production \
|
||||||
|
--add-flags "'$out/lib/node_modules/scanservjs/server/server.js'"
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "SANE scanner nodejs web ui";
|
||||||
|
longDescription = "scanservjs is a simple web-based UI for SANE which allows you to share a scanner on a network without the need for drivers or complicated installation.";
|
||||||
|
homepage = "https://github.com/sbs20/scanservjs";
|
||||||
|
license = licenses.gpl2Only;
|
||||||
|
mainProgram = "scanservjs";
|
||||||
|
maintainers = with maintainers; [ chayleaf ];
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,65 +0,0 @@
|
||||||
{ lib
|
|
||||||
, fetchFromGitHub
|
|
||||||
, writeText
|
|
||||||
, rustPlatform
|
|
||||||
, pkg-config
|
|
||||||
, dbus
|
|
||||||
, bcc
|
|
||||||
}:
|
|
||||||
|
|
||||||
rustPlatform.buildRustPackage {
|
|
||||||
pname = "system76-scheduler";
|
|
||||||
version = "unstable-2022-11-08";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "pop-os";
|
|
||||||
repo = "system76-scheduler";
|
|
||||||
rev = "0fe4d8dfc4275fd856aee28ca942b9fa53229fc9";
|
|
||||||
sha256 = "sha256-uFFJkuMxqcGj6OQShF0zh/FGwX4/ln1l6NwGonkUsNI=";
|
|
||||||
};
|
|
||||||
cargoPatches = [(writeText "ron-rev.diff" ''
|
|
||||||
diff --git i/daemon/Cargo.toml w/daemon/Cargo.toml
|
|
||||||
index 0397788..fbd6202 100644
|
|
||||||
--- i/daemon/Cargo.toml
|
|
||||||
+++ w/daemon/Cargo.toml
|
|
||||||
@@ -33,7 +33,7 @@ clap = { version = "3.1.18", features = ["cargo"] }
|
|
||||||
# Necessary for deserialization of untagged enums in assignments.
|
|
||||||
[dependencies.ron]
|
|
||||||
git = "https://github.com/MomoLangenstein/ron"
|
|
||||||
-branch = "253-untagged-enums"
|
|
||||||
+rev = "afb960bb8b0402a79260533aa3b9d87a8abae72b"
|
|
||||||
|
|
||||||
[dependencies.tracing-subscriber]
|
|
||||||
version = "0.3.11"
|
|
||||||
diff --git i/Cargo.lock w/Cargo.lock
|
|
||||||
index a782756..fe56c1f 100644
|
|
||||||
--- i/Cargo.lock
|
|
||||||
+++ w/Cargo.lock
|
|
||||||
@@ -788,7 +788,7 @@ dependencies = [
|
|
||||||
[[package]]
|
|
||||||
name = "ron"
|
|
||||||
version = "0.8.0"
|
|
||||||
-source = "git+https://github.com/MomoLangenstein/ron?branch=253-untagged-enums#afb960bb8b0402a79260533aa3b9d87a8abae72b"
|
|
||||||
+source = "git+https://github.com/MomoLangenstein/ron?rev=afb960bb8b0402a79260533aa3b9d87a8abae72b#afb960bb8b0402a79260533aa3b9d87a8abae72b"
|
|
||||||
dependencies = [
|
|
||||||
"base64",
|
|
||||||
"bitflags",
|
|
||||||
'')];
|
|
||||||
cargoSha256 = "sha256-tY7o09Nu1/Lbn//5+iecUmV67Aw1QvVLdUaD8DDgKi0=";
|
|
||||||
cargoLock.lockFile = ./Cargo.lock;
|
|
||||||
cargoLock.outputHashes."ron-0.8.0" = "sha256-k+LuTEq97/DohcsulXoLXWqFLzPUzIR1D5pGru+M5Ew=";
|
|
||||||
nativeBuildInputs = [ pkg-config ];
|
|
||||||
buildInputs = [ dbus ];
|
|
||||||
EXECSNOOP_PATH = "${bcc}/bin/execsnoop";
|
|
||||||
postInstall = ''
|
|
||||||
install -D -m 0644 data/com.system76.Scheduler.conf $out/etc/dbus-1/system.d/com.system76.Scheduler.conf
|
|
||||||
mkdir -p $out/etc/system76-scheduler
|
|
||||||
install -D -m 0644 data/*.ron $out/etc/system76-scheduler/
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
description = "System76 Scheduler";
|
|
||||||
homepage = "https://github.com/pop-os/system76-scheduler";
|
|
||||||
license = lib.licenses.mpl20;
|
|
||||||
platforms = [ "i686-linux" "x86_64-linux" ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,6 +1,6 @@
|
||||||
# copy a path to store (needed because I don't copy the secrets to store by default)
|
# copy a path to store (needed because I don't copy the secrets to store by default)
|
||||||
# arg must be a string because of how nix handles relative paths as absolute
|
# arg must be a string because of how nix handles relative paths as absolute
|
||||||
{ copyToStore ? (pkgs: name: x: ./. + x)
|
{ copyToStore ? (pkgs: name: x: ./${x})
|
||||||
, ... }: {
|
, ... }: {
|
||||||
nixmsi = {
|
nixmsi = {
|
||||||
system = { pkgs, ... }: {
|
system = { pkgs, ... }: {
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ hardware
|
{ hardware
|
||||||
|
, pkgs
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
@ -12,6 +13,7 @@
|
||||||
common.resolution = "1920x1080";
|
common.resolution = "1920x1080";
|
||||||
vfio.pciIDs = [ "1002:73df" "1002:ab28" ];
|
vfio.pciIDs = [ "1002:73df" "1002:ab28" ];
|
||||||
boot = {
|
boot = {
|
||||||
|
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
||||||
initrd.availableKernelModules = [ "nvme" "xhci_pci" ];
|
initrd.availableKernelModules = [ "nvme" "xhci_pci" ];
|
||||||
kernelParams = [
|
kernelParams = [
|
||||||
# disable PSR to *hopefully* avoid random hangs
|
# disable PSR to *hopefully* avoid random hangs
|
||||||
|
@ -51,4 +53,19 @@
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
specialisation.no_patches.configuration = {
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(final: prev: {
|
||||||
|
amd-ucode = prev.amd-ucode.override { inherit (final) linux-firmware; };
|
||||||
|
linux-firmware = prev.stdenvNoCC.mkDerivation {
|
||||||
|
inherit (prev.linux-firmware) pname version meta src;
|
||||||
|
dontFixup = true;
|
||||||
|
passthru = { inherit (prev.linux-firmware) version; };
|
||||||
|
installFlags = [ "DESTDIR=$(out)" ];
|
||||||
|
patches = [ ];
|
||||||
|
postPatch = "";
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,8 +6,44 @@
|
||||||
boot.initrd.availableKernelModules = [ "ahci" "usbhid" "usb_storage" ];
|
boot.initrd.availableKernelModules = [ "ahci" "usbhid" "usb_storage" ];
|
||||||
|
|
||||||
# TODO: switch to upstream when PCIe support works
|
# TODO: switch to upstream when PCIe support works
|
||||||
# boot.kernelPackages = pkgs.linuxPackages_testing;
|
boot.kernelPackages = pkgs.linuxPackages_testing;
|
||||||
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinux {
|
# not sure whether they are needed anymore, but it won't hurt, right?
|
||||||
|
boot.kernelPatches = [
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/fab08a275f328e2e0a6fef73226e45eb1d4bb108.patch"; sha256 = "1rw9n9if9xh91k05284vwbarmhpscspvl4cg7qrfd99myd2z3dql"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/967c218122840e468981031fd8888846727f5282.patch"; sha256 = "1i0bxsmpxpykxychcaww5schilngk1whh8wrmvh5rng84nmn8bn4"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/5747896098cee178de4bed1eb0052893690eb40e.patch"; sha256 = "1lmgj0azkc1jbjmay5swdikicvqgjzz80qwxlk8i932rkih1snjs"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/a2439d839c103c029294042b5b3d4a065e5073d0.patch"; sha256 = "1vga1vj3b0zgyla8qfjgwgxgrcffmvzrhhk75rlfd0x42xjfj011"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/292226fcc7af3e6d5e3b1587459146042fb8a2cf.patch"; sha256 = "1k0mfw9gzqzpn449rk2jd9db6py470q95r1kb4yi6vh2slg52img"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/b53d373e700628a5126a49a8a73028cb553e5083.patch"; sha256 = "1lrwlymaa5wrv6lgns6ciadlg8hbkq16g9y0bnf9mwxkmm2bkf7j"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/5e036b1a0c501beec312c2aa362b265a84a09076.patch"; sha256 = "182xyd069fzpf3gql9kjj1707kfm3ziwav7p2px5c3p6rz06fmfc"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/d51dcd5c602d78fadc4cc8f83b851264c4ac18db.patch"; sha256 = "0lbk2b08pv593gng4h32jw6cbgfq524y510p4gv5cnv8l7w7p3ra"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/b3b601dd3a6d35779385b716a898e43071f802e5.patch"; sha256 = "176w6k0fbawm9svhfdh3yh1s4dmnk6gjvafwhv79dsqy2c0n88w8"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/5c34bb1e195fbbcaccf42a04f56e8d035d0864bb.patch"; sha256 = "09b9f3bh80jxpj0rry19s0c6j01636lc66xmyrsin8ajga26d77x"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/27a37c0495193fcfef1787086821c57f20b759bc.patch"; sha256 = "1kwll337nayzr0yv5pl7h6m85fyf227l501xa7ph44d2p7z2kjl0"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/acb101c5f99c54d083427b2a07f8a9610a468bef.patch"; sha256 = "0qav04ld4h6mq081fff50gr2354kmcplya9bfdxyp35mw3m3h1g0"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/479c1ae8a93f901a5898e2ed204b931c68de63fd.patch"; sha256 = "1w6wf0p5480qny69wkvsjdydz2xhax0ifgshsp5hp5mwpliqvgnq"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/ddb788db4d8b352742a6efcc8559f4c32c38925c.patch"; sha256 = "1djrn683p5q7wkd9j8lrmfvjj43pkgg0njp7gs7lb51fm9fq4khk"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/0080918c3a50cad588fba468fb7934c80777aa07.patch"; sha256 = "09iyrybgw1y9mqaw2fz3yv32hjxnh58gqpv6fd5ws16n26qr4yc8"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/5afa85f867c29153afc1b801a31f55cd3021f3a6.patch"; sha256 = "0azzj4vnkc4l6bxkwav3xjbm78zlprqf54lfq31n2nlbv59rhmmg"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/8f64d6bcf306fa5b5de66fdee2458cb584a78b2e.patch"; sha256 = "1w1yccwr487nm4zi0prgjzqaxasvfxnfl81a7xhgza69ahslc8f4"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/aa4d816546e1bf38077df0b2ca367abc5ff6601c.patch"; sha256 = "1vx6dc6xrpb3zlg7sr1gimfa918p3flcyixnfy9xb2k1y6qjlmh8"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/8baebef8be9691a28f8efa284dfce9a5b9395130.patch"; sha256 = "1kk6d3g3silsjbjz6ckhvi9jvmcw1pxswp20xz9krdcmnagp65fl"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/f542d93ac2d5c4b6458599494f90bd4021d34b2c.patch"; sha256 = "1xzdylb4bbrbi0is50yyc6a3zg6mdhcjwzi0hxar2vr1zdz82v4h"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/e84f55d8a9d849eac51f73c47cdb90eb7dbac90f.patch"; sha256 = "1fz70l7qwsqh81a3bdw7parn2s9y59c38xlpcm2gc53ka1mfkml5"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/643d555335b4c0dc228111a74cfa5189e17616df.patch"; sha256 = "05svkfpla9la94dz8vlis7kwq8sa32zvbdgydq3wnz979s91k8aq"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/c8bd3a53671c48ccf642bbc6453fdb0274022bad.patch"; sha256 = "0j8faqv066vwy41m0wqk3qlwrj1va6dndkrq5avlqqrqkm2hkabv"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/1066dd8203fdb05902b963968e8a29292dc1f2a8.patch"; sha256 = "0w08x9658c4j63lmjdg7ahpcgxnz661fcmfzv6sgqp6208jp6x2a"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/e4e39588f8b46db104817795a703b1f701da9c36.patch"; sha256 = "0drdi61f0dnf3ya63is6sq8mky13kkqkb36lqk4plspckg6jx8ik"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/7ec0cb44173dd1a5357a66afa7f3b5de956df7ee.patch"; sha256 = "1ll2clz0x7znn9d3rvijfl72647lnj3f3j7acbmp5aqhd766f1ib"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/171fd53717525f0f6dc56e90e6f38a9038c5c779.patch"; sha256 = "0vv8z9rcbyf3ynm46974ajff1i7mpbvh68pw19wpvnj8lvyyf8mb"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/140267c1c11d90f4889e57ae6d58280b261081c0.patch"; sha256 = "1wsy7w5bl3hyqr3rf54xzi9akz2ccn1cqzjy6d17p6nywsd0s9cf"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/94b6bcb0b87d896e764615f9c1601ac270300ce8.patch"; sha256 = "137fjvnr4i3z4b14x945zhxgfpl5xagcqr2nl08b1xc5j2pniqx0"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/5760547fa8739f1185b4b2523fb801fd678cfbde.patch"; sha256 = "03asnrwini33xfc8aq2arfazvyn8c1qfxzinmq6h4pr5vlfincry"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/3b1edb31f3ac2f55d62968f2fd7d9b5d430cd3ec.patch"; sha256 = "0azsmjzjh1b407vqzp597l11h367qac82bffmy1kyhh4qv3i7a84"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/3e33bc702048b524d4faaa7d8f151bfe4a48fd2b.patch"; sha256 = "0playww4l3b0w2q0wkydqfvdj7bcr3faw94hbmnqxqs26fm8yam3"; })
|
||||||
|
(pkgs.fetchPatch { url = "https://gitlab.collabora.com/hardware-enablement/rockchip-3588/linux/-/commit/f41b3e9a9d7f22bef0735b4fe0007321ce6b6d6b.patch"; sha256 = "02ppav6iwg8f00458r1rah0yj2khvayhr5xadh2pw33jlgp9i7im"; })
|
||||||
|
];
|
||||||
|
/*boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinux {
|
||||||
version = "6.6.0-rc1";
|
version = "6.6.0-rc1";
|
||||||
kernelPatches = [ ];
|
kernelPatches = [ ];
|
||||||
src = pkgs.fetchFromGitLab {
|
src = pkgs.fetchFromGitLab {
|
||||||
|
@ -18,7 +54,7 @@
|
||||||
rev = "f04271158aee35d270748301c5077231a75bc589";
|
rev = "f04271158aee35d270748301c5077231a75bc589";
|
||||||
hash = "sha256-B85162plbt92p51f/M82y2zOg3/TqrBWqgw80ksJVGc=";
|
hash = "sha256-B85162plbt92p51f/M82y2zOg3/TqrBWqgw80ksJVGc=";
|
||||||
};
|
};
|
||||||
});
|
});*/
|
||||||
|
|
||||||
boot.kernelParams = [ "dtb=/${config.hardware.deviceTree.name}" ];
|
boot.kernelParams = [ "dtb=/${config.hardware.deviceTree.name}" ];
|
||||||
hardware.deviceTree.enable = true;
|
hardware.deviceTree.enable = true;
|
||||||
|
|
|
@ -282,6 +282,7 @@ in {
|
||||||
];
|
];
|
||||||
router-settings.dhcp6Reservations = [
|
router-settings.dhcp6Reservations = [
|
||||||
{ ipAddress = serverAddress6;
|
{ ipAddress = serverAddress6;
|
||||||
|
duid = cfg.serverDuid;
|
||||||
macAddress = cfg.serverMac; }
|
macAddress = cfg.serverMac; }
|
||||||
{ ipAddress = vacuumAddress6;
|
{ ipAddress = vacuumAddress6;
|
||||||
macAddress = cfg.vacuumMac; }
|
macAddress = cfg.vacuumMac; }
|
||||||
|
@ -434,11 +435,11 @@ in {
|
||||||
gateways = [ netAddresses.lan6 ];
|
gateways = [ netAddresses.lan6 ];
|
||||||
radvdSettings.AdvAutonomous = true;
|
radvdSettings.AdvAutonomous = true;
|
||||||
coreradSettings.autonomous = true;
|
coreradSettings.autonomous = true;
|
||||||
# don't autoallocate addresses, keep autonomous ones
|
# don't allocate addresses for most devices
|
||||||
keaSettings.pools = [ ];
|
keaSettings.pools = [ ];
|
||||||
# just assign the reservations
|
# just assign the reservations
|
||||||
keaSettings.reservations = map (res: {
|
keaSettings.reservations = map (res:
|
||||||
hw-address = res.macAddress;
|
(if res.duid != null then { duid = res.duid; } else { hw-address = res.macAddress; }) // {
|
||||||
ip-addresses = [ res.ipAddress ];
|
ip-addresses = [ res.ipAddress ];
|
||||||
}) cfg.dhcp6Reservations;
|
}) cfg.dhcp6Reservations;
|
||||||
});
|
});
|
||||||
|
@ -904,6 +905,9 @@ in {
|
||||||
extraOptions = "-i ${netAddresses.lan4} -p 6969 -P 6969 -p 80";
|
extraOptions = "-i ${netAddresses.lan4} -p 6969 -P 6969 -p 80";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# I only have 2GB RAM, so Unbound is killed during peak system load without this option
|
||||||
|
zramSwap.enable = true;
|
||||||
|
|
||||||
impermanence.directories = [
|
impermanence.directories = [
|
||||||
# for wireguard key
|
# for wireguard key
|
||||||
{ directory = /secrets; mode = "0000"; }
|
{ directory = /secrets; mode = "0000"; }
|
||||||
|
|
|
@ -52,7 +52,7 @@ in {
|
||||||
in {
|
in {
|
||||||
ipv4.kea.settings = {
|
ipv4.kea.settings = {
|
||||||
control-socket = {
|
control-socket = {
|
||||||
socket-name = "/run/kea/kea-dhcp4-ctrl.sock";
|
socket-name = "/run/kea4-br0/kea.sock";
|
||||||
socket-type = "unix";
|
socket-type = "unix";
|
||||||
};
|
};
|
||||||
loggers = lib.toList {
|
loggers = lib.toList {
|
||||||
|
@ -67,7 +67,7 @@ in {
|
||||||
};
|
};
|
||||||
ipv6.kea.settings = {
|
ipv6.kea.settings = {
|
||||||
control-socket = {
|
control-socket = {
|
||||||
socket-name = "/run/kea/kea-dhcp6-ctrl.sock";
|
socket-name = "/run/kea6-br0/kea.sock";
|
||||||
socket-type = "unix";
|
socket-type = "unix";
|
||||||
};
|
};
|
||||||
loggers = lib.toList {
|
loggers = lib.toList {
|
||||||
|
|
|
@ -13,6 +13,11 @@
|
||||||
description = "server's mac address";
|
description = "server's mac address";
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
};
|
};
|
||||||
|
serverDuid = lib.mkOption {
|
||||||
|
description = "server's duid";
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
serverInitrdMac = lib.mkOption {
|
serverInitrdMac = lib.mkOption {
|
||||||
description = "server's mac address in initrd";
|
description = "server's mac address in initrd";
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
|
@ -92,9 +97,15 @@
|
||||||
description = "device's ip address";
|
description = "device's ip address";
|
||||||
};
|
};
|
||||||
options.macAddress = lib.mkOption {
|
options.macAddress = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = with lib.types; nullOr str;
|
||||||
|
default = null;
|
||||||
description = "device's mac address";
|
description = "device's mac address";
|
||||||
};
|
};
|
||||||
|
options.duid = lib.mkOption {
|
||||||
|
type = with lib.types; nullOr str;
|
||||||
|
default = null;
|
||||||
|
description = "device's duid";
|
||||||
|
};
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
dnatRules = lib.mkOption {
|
dnatRules = lib.mkOption {
|
||||||
|
|
84
system/hosts/server/akkoma.nix
Normal file
84
system/hosts/server/akkoma.nix
Normal file
|
@ -0,0 +1,84 @@
|
||||||
|
{ config
|
||||||
|
, pkgs
|
||||||
|
, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.server;
|
||||||
|
in {
|
||||||
|
# TODO: remove this in 2024
|
||||||
|
services.nginx.virtualHosts."pleroma.${cfg.domainName}" = {
|
||||||
|
quic = true;
|
||||||
|
enableACME = true;
|
||||||
|
addSSL = true;
|
||||||
|
serverAliases = [ "akkoma.${cfg.domainName}" ];
|
||||||
|
locations."/".return = "301 https://fedi.${cfg.domainName}$request_uri";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.postgresql.extraPlugins = with config.services.postgresql.package.pkgs; [ tsja ];
|
||||||
|
|
||||||
|
services.akkoma = let
|
||||||
|
inherit ((pkgs.formats.elixirConf { }).lib) mkRaw;
|
||||||
|
in {
|
||||||
|
enable = true;
|
||||||
|
dist.extraFlags = [
|
||||||
|
"+sbwt" "none"
|
||||||
|
"+sbwtdcpu" "none"
|
||||||
|
"+sbwtdio" "none"
|
||||||
|
];
|
||||||
|
config.":pleroma"."Pleroma.Web.Endpoint" = {
|
||||||
|
url = {
|
||||||
|
scheme = "https";
|
||||||
|
host = "fedi.${cfg.domainName}";
|
||||||
|
port = 443;
|
||||||
|
};
|
||||||
|
secret_key_base._secret = "/secrets/akkoma/secret_key_base";
|
||||||
|
signing_salt._secret = "/secrets/akkoma/signing_salt";
|
||||||
|
live_view.signing_salt._secret = "/secrets/akkoma/live_view_signing_salt";
|
||||||
|
};
|
||||||
|
initDb = {
|
||||||
|
enable = false;
|
||||||
|
username = "akkoma";
|
||||||
|
password._secret = "/secrets/akkoma/postgres_password";
|
||||||
|
};
|
||||||
|
config.":pleroma".":instance" = {
|
||||||
|
name = cfg.domainName;
|
||||||
|
description = "Insert instance description here";
|
||||||
|
email = "webmaster-akkoma@${cfg.domainName}";
|
||||||
|
notify_email = "noreply@${cfg.domainName}";
|
||||||
|
limit = 5000;
|
||||||
|
registrations_open = true;
|
||||||
|
account_approval_required = true;
|
||||||
|
};
|
||||||
|
config.":pleroma"."Pleroma.Repo" = {
|
||||||
|
adapter = mkRaw "Ecto.Adapters.Postgres";
|
||||||
|
username = "akkoma";
|
||||||
|
password._secret = "/secrets/akkoma/postgres_password";
|
||||||
|
database = "akkoma";
|
||||||
|
hostname = "localhost";
|
||||||
|
prepare = mkRaw ":named";
|
||||||
|
parameters.plan_cache_mode = "force_custom_plan";
|
||||||
|
timeout = 30000;
|
||||||
|
connect_timeout = 10000;
|
||||||
|
};
|
||||||
|
config.":web_push_encryption".":vapid_details" = {
|
||||||
|
subject = "mailto:webmaster-akkoma@${cfg.domainName}";
|
||||||
|
public_key._secret = "/secrets/akkoma/push_public_key";
|
||||||
|
private_key._secret = "/secrets/akkoma/push_private_key";
|
||||||
|
};
|
||||||
|
config.":joken".":default_signer"._secret = "/secrets/akkoma/joken_signer";
|
||||||
|
# config.":logger".":ex_syslogger".level = ":debug";
|
||||||
|
nginx = {
|
||||||
|
quic = true;
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
systemd.services.akkoma = {
|
||||||
|
path = [ pkgs.exiftool pkgs.gawk ];
|
||||||
|
serviceConfig.Restart = "on-failure";
|
||||||
|
unitConfig = {
|
||||||
|
StartLimitIntervalSec = 60;
|
||||||
|
StartLimitBurst = 3;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
44
system/hosts/server/certspotter.nix
Normal file
44
system/hosts/server/certspotter.nix
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
{ config
|
||||||
|
, lib
|
||||||
|
, pkgs
|
||||||
|
, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.server;
|
||||||
|
in {
|
||||||
|
security.acme.certs = lib.flip builtins.mapAttrs (lib.filterAttrs (k: v: v.enableACME) config.services.nginx.virtualHosts) (k: v: {
|
||||||
|
postRun = let
|
||||||
|
python = pkgs.python3.withPackages (p: with p; [ cryptography pyasn1 pyasn1-modules ]);
|
||||||
|
tbs-hash = pkgs.writeScript "tbs-hash.py" ''
|
||||||
|
#!${python}/bin/python3
|
||||||
|
import hashlib
|
||||||
|
from pyasn1.codec.der.decoder import decode
|
||||||
|
from pyasn1.codec.der.encoder import encode
|
||||||
|
from pyasn1_modules import rfc5280
|
||||||
|
from cryptography import x509
|
||||||
|
|
||||||
|
with open('full.pem', 'rb') as f:
|
||||||
|
cert = x509.load_pem_x509_certificate(f.read())
|
||||||
|
tbs, _leftover = decode(cert.tbs_certificate_bytes, asn1Spec=rfc5280.TBSCertificate())
|
||||||
|
precert_exts = [v.dotted_string for k, v in x509.ExtensionOID.__dict__.items() if k.startswith('PRECERT_')]
|
||||||
|
exts = [ext for ext in tbs["extensions"] if str(ext["extnID"]) not in precert_exts]
|
||||||
|
tbs["extensions"].clear()
|
||||||
|
tbs["extensions"].extend(exts)
|
||||||
|
print(hashlib.sha256(encode(tbs)).hexdigest())
|
||||||
|
'';
|
||||||
|
in ''
|
||||||
|
${tbs-hash} > "/var/lib/certspotter/tbs-hashes/${k}"
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
services.certspotter = {
|
||||||
|
enable = true;
|
||||||
|
extraFlags = [ ];
|
||||||
|
watchlist = [ ".pavluk.org" ];
|
||||||
|
hooks = lib.toList (pkgs.writeShellScript "certspotter-hook" ''
|
||||||
|
if [[ "$EVENT" == discovered_cert ]]; then
|
||||||
|
${pkgs.gnugrep}/bin/grep -r "$TBS_SHA256" /var/lib/certspotter/tbs-hashes/ && exit
|
||||||
|
fi
|
||||||
|
(echo "Subject: $SUMMARY" && echo && cat "$TEXT_FILENAME") | /run/wrappers/bin/sendmail -i webmaster-certspotter@${cfg.domainName}
|
||||||
|
'');
|
||||||
|
};
|
||||||
|
}
|
|
@ -6,7 +6,7 @@
|
||||||
let
|
let
|
||||||
cfg = config.server;
|
cfg = config.server;
|
||||||
|
|
||||||
hosted-domains =
|
hostedDomains =
|
||||||
builtins.concatLists
|
builtins.concatLists
|
||||||
(builtins.attrValues
|
(builtins.attrValues
|
||||||
(builtins.mapAttrs
|
(builtins.mapAttrs
|
||||||
|
@ -15,12 +15,16 @@ let
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
./options.nix
|
./options.nix
|
||||||
./matrix.nix
|
./akkoma.nix
|
||||||
|
./certspotter.nix
|
||||||
./fdroid.nix
|
./fdroid.nix
|
||||||
./mumble.nix
|
./files.nix
|
||||||
./mailserver.nix
|
|
||||||
./home.nix
|
./home.nix
|
||||||
./keycloak.nix
|
./keycloak.nix
|
||||||
|
./mailserver.nix
|
||||||
|
./matrix.nix
|
||||||
|
./mumble.nix
|
||||||
|
./searxng.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
system.stateVersion = "22.11";
|
system.stateVersion = "22.11";
|
||||||
|
@ -77,8 +81,8 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
# just in case
|
# just in case
|
||||||
networking.hosts."127.0.0.1" = hosted-domains;
|
networking.hosts."127.0.0.1" = hostedDomains;
|
||||||
networking.hosts."::1" = hosted-domains;
|
networking.hosts."::1" = hostedDomains;
|
||||||
|
|
||||||
services.postgresql.enable = true;
|
services.postgresql.enable = true;
|
||||||
services.postgresql.package = pkgs.postgresql_13;
|
services.postgresql.package = pkgs.postgresql_13;
|
||||||
|
@ -96,56 +100,6 @@ in {
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# SEARXNG
|
|
||||||
services.searx.enable = true;
|
|
||||||
services.searx.package = pkgs.searxng;
|
|
||||||
services.searx.runInUwsgi = true;
|
|
||||||
services.searx.uwsgiConfig = let inherit (config.services.searx) settings; in {
|
|
||||||
socket = "${lib.quoteListenAddr settings.server.bind_address}:${toString settings.server.port}";
|
|
||||||
};
|
|
||||||
services.searx.environmentFile = /var/lib/searx/searx.env;
|
|
||||||
services.searx.settings = {
|
|
||||||
use_default_settings = true;
|
|
||||||
search = {
|
|
||||||
safe_search = 0;
|
|
||||||
autocomplete = "duckduckgo"; # dbpedia, duckduckgo, google, startpage, swisscows, qwant, wikipedia - leave blank to turn off
|
|
||||||
default_lang = ""; # leave blank to detect from browser info or use codes from languages.py
|
|
||||||
};
|
|
||||||
|
|
||||||
server = {
|
|
||||||
port = 8888;
|
|
||||||
bind_address = "::1";
|
|
||||||
secret_key = "@SEARX_SECRET_KEY@";
|
|
||||||
base_url = "https://search.${cfg.domainName}/";
|
|
||||||
image_proxy = true;
|
|
||||||
default_http_headers = {
|
|
||||||
X-Content-Type-Options = "nosniff";
|
|
||||||
X-XSS-Protection = "1; mode=block";
|
|
||||||
X-Download-Options = "noopen";
|
|
||||||
X-Robots-Tag = "noindex, nofollow";
|
|
||||||
Referrer-Policy = "no-referrer";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
outgoing = {
|
|
||||||
request_timeout = 5.0; # default timeout in seconds, can be override by engine
|
|
||||||
max_request_timeout = 15.0; # the maximum timeout in seconds
|
|
||||||
pool_connections = 100; # Maximum number of allowable connections, or null
|
|
||||||
pool_maxsize = 10; # Number of allowable keep-alive connections, or null
|
|
||||||
enable_http2 = true; # See https://www.python-httpx.org/http2/
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.nginx.virtualHosts."search.${cfg.domainName}" = let inherit (config.services.searx) settings; in {
|
|
||||||
quic = true;
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
# locations."/".proxyPass = "http://${lib.quoteListenAddr settings.server.bind_address}:${toString settings.server.port}";
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
uwsgi_pass "${lib.quoteListenAddr settings.server.bind_address}:${toString settings.server.port}";
|
|
||||||
include ${config.services.nginx.package}/conf/uwsgi_params;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
# NGINX
|
# NGINX
|
||||||
services.nginx.enable = true;
|
services.nginx.enable = true;
|
||||||
services.nginx.enableReload = true;
|
services.nginx.enableReload = true;
|
||||||
|
@ -211,129 +165,6 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# GITEA
|
|
||||||
services.nginx.virtualHosts."git.${cfg.domainName}" = let inherit (config.services.gitea) settings; in {
|
|
||||||
quic = true;
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
locations."/".proxyPass = "http://${lib.quoteListenAddr settings.server.HTTP_ADDR}:${toString settings.server.HTTP_PORT}";
|
|
||||||
};
|
|
||||||
services.gitea = {
|
|
||||||
enable = true;
|
|
||||||
database = {
|
|
||||||
createDatabase = false;
|
|
||||||
passwordFile = "/var/lib/gitea/db_password";
|
|
||||||
type = "postgres";
|
|
||||||
};
|
|
||||||
settings = {
|
|
||||||
mailer = {
|
|
||||||
ENABLED = true;
|
|
||||||
FROM = "Gitea <noreply@${cfg.domainName}>";
|
|
||||||
MAILER_TYPE = "smtp";
|
|
||||||
HOST = "mail.${cfg.domainName}:587";
|
|
||||||
USER = "noreply@${cfg.domainName}";
|
|
||||||
PASSWD = cfg.unhashedNoreplyPassword;
|
|
||||||
SKIP_VERIFY = true;
|
|
||||||
};
|
|
||||||
session = {
|
|
||||||
COOKIE_SECURE = true;
|
|
||||||
};
|
|
||||||
server = {
|
|
||||||
ROOT_URL = "https://git.${cfg.domainName}";
|
|
||||||
HTTP_ADDR = "::1";
|
|
||||||
HTTP_PORT = 3310;
|
|
||||||
DOMAIN = "git.${cfg.domainName}";
|
|
||||||
# START_SSH_SERVER = true;
|
|
||||||
# SSH_PORT = 2222;
|
|
||||||
};
|
|
||||||
service = {
|
|
||||||
DISABLE_REGISTRATION = true;
|
|
||||||
REGISTER_EMAIL_CONFIRM = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# NEXTCLOUD
|
|
||||||
services.nginx.virtualHosts."cloud.${cfg.domainName}" = {
|
|
||||||
quic = true;
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
};
|
|
||||||
services.nextcloud = {
|
|
||||||
enable = true;
|
|
||||||
enableBrokenCiphersForSSE = false;
|
|
||||||
package = pkgs.nextcloud27;
|
|
||||||
autoUpdateApps.enable = true;
|
|
||||||
# TODO: use socket auth and remove the next line
|
|
||||||
database.createLocally = false;
|
|
||||||
config = {
|
|
||||||
adminpassFile = "/var/lib/nextcloud/admin_password";
|
|
||||||
dbpassFile = "/var/lib/nextcloud/db_password";
|
|
||||||
dbtype = "pgsql";
|
|
||||||
dbhost = "/run/postgresql";
|
|
||||||
overwriteProtocol = "https";
|
|
||||||
};
|
|
||||||
hostName = "cloud.${cfg.domainName}";
|
|
||||||
https = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.akkoma = {
|
|
||||||
enable = true;
|
|
||||||
config.":pleroma"."Pleroma.Web.Endpoint" = {
|
|
||||||
url = {
|
|
||||||
scheme = "https";
|
|
||||||
host = "pleroma.${cfg.domainName}";
|
|
||||||
port = 443;
|
|
||||||
};
|
|
||||||
secret_key_base._secret = "/secrets/akkoma/secret_key_base";
|
|
||||||
signing_salt._secret = "/secrets/akkoma/signing_salt";
|
|
||||||
live_view.signing_salt._secret = "/secrets/akkoma/live_view_signing_salt";
|
|
||||||
};
|
|
||||||
extraStatic."static/terms-of-service.html" = pkgs.writeText "terms-of-service.html" ''
|
|
||||||
no bigotry kthx
|
|
||||||
'';
|
|
||||||
initDb = {
|
|
||||||
enable = false;
|
|
||||||
username = "pleroma";
|
|
||||||
password._secret = "/secrets/akkoma/postgres_password";
|
|
||||||
};
|
|
||||||
config.":pleroma".":instance" = {
|
|
||||||
name = cfg.domainName;
|
|
||||||
description = "Insert instance description here";
|
|
||||||
email = "webmaster-akkoma@${cfg.domainName}";
|
|
||||||
notify_email = "noreply@${cfg.domainName}";
|
|
||||||
limit = 5000;
|
|
||||||
registrations_open = true;
|
|
||||||
};
|
|
||||||
config.":pleroma"."Pleroma.Repo" = {
|
|
||||||
adapter = (pkgs.formats.elixirConf { }).lib.mkRaw "Ecto.Adapters.Postgres";
|
|
||||||
username = "pleroma";
|
|
||||||
password._secret = "/secrets/akkoma/postgres_password";
|
|
||||||
database = "pleroma";
|
|
||||||
hostname = "localhost";
|
|
||||||
};
|
|
||||||
config.":web_push_encryption".":vapid_details" = {
|
|
||||||
subject = "mailto:webmaster-akkoma@${cfg.domainName}";
|
|
||||||
public_key._secret = "/secrets/akkoma/push_public_key";
|
|
||||||
private_key._secret = "/secrets/akkoma/push_private_key";
|
|
||||||
};
|
|
||||||
config.":joken".":default_signer"._secret = "/secrets/akkoma/joken_signer";
|
|
||||||
nginx = {
|
|
||||||
serverAliases = [ "akkoma.${cfg.domainName}" ];
|
|
||||||
quic = true;
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
systemd.services.akkoma.path = [ pkgs.exiftool pkgs.gawk ];
|
|
||||||
systemd.services.akkoma.serviceConfig = {
|
|
||||||
Restart = "on-failure";
|
|
||||||
};
|
|
||||||
systemd.services.akkoma.unitConfig = {
|
|
||||||
StartLimitIntervalSec = 60;
|
|
||||||
StartLimitBurst = 3;
|
|
||||||
};
|
|
||||||
|
|
||||||
/*locations."/dns-query".extraConfig = ''
|
/*locations."/dns-query".extraConfig = ''
|
||||||
grpc_pass grpc://127.0.0.1:53453;
|
grpc_pass grpc://127.0.0.1:53453;
|
||||||
'';*/
|
'';*/
|
||||||
|
|
82
system/hosts/server/files.nix
Normal file
82
system/hosts/server/files.nix
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
{ config
|
||||||
|
, lib
|
||||||
|
, pkgs
|
||||||
|
, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.server;
|
||||||
|
in {
|
||||||
|
services.nginx.virtualHosts."git.${cfg.domainName}" = let inherit (config.services.forgejo) settings; in {
|
||||||
|
quic = true;
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
locations."/".proxyPass = "http://${lib.quoteListenAddr settings.server.HTTP_ADDR}:${toString settings.server.HTTP_PORT}";
|
||||||
|
};
|
||||||
|
services.forgejo = {
|
||||||
|
enable = true;
|
||||||
|
database = {
|
||||||
|
createDatabase = false;
|
||||||
|
type = "postgres";
|
||||||
|
user = "gitea";
|
||||||
|
name = "gitea";
|
||||||
|
passwordFile = "/secrets/forgejo_db_password";
|
||||||
|
};
|
||||||
|
lfs.enable = true;
|
||||||
|
settings = {
|
||||||
|
federation.ENABLED = true;
|
||||||
|
"git.timeout" = {
|
||||||
|
DEFAULT = 6000;
|
||||||
|
MIGRATE = 60000;
|
||||||
|
MIRROR = 60000;
|
||||||
|
GC = 120;
|
||||||
|
};
|
||||||
|
mailer = {
|
||||||
|
ENABLED = true;
|
||||||
|
FROM = "Forgejo <noreply@${cfg.domainName}>";
|
||||||
|
PROTOCOL = "smtp";
|
||||||
|
SMTP_ADDR = "mail.${cfg.domainName}";
|
||||||
|
SMTP_PORT = 587;
|
||||||
|
USER = "noreply@${cfg.domainName}";
|
||||||
|
PASSWD = cfg.unhashedNoreplyPassword;
|
||||||
|
FORCE_TRUST_SERVER_CERT = true;
|
||||||
|
};
|
||||||
|
session = {
|
||||||
|
COOKIE_SECURE = true;
|
||||||
|
};
|
||||||
|
server = {
|
||||||
|
ROOT_URL = "https://git.${cfg.domainName}";
|
||||||
|
HTTP_ADDR = "::1";
|
||||||
|
HTTP_PORT = 3310;
|
||||||
|
DOMAIN = "git.${cfg.domainName}";
|
||||||
|
# START_SSH_SERVER = true;
|
||||||
|
# SSH_PORT = 2222;
|
||||||
|
};
|
||||||
|
service = {
|
||||||
|
DISABLE_REGISTRATION = true;
|
||||||
|
REGISTER_EMAIL_CONFIRM = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."cloud.${cfg.domainName}" = {
|
||||||
|
quic = true;
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
};
|
||||||
|
services.nextcloud = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.nextcloud27;
|
||||||
|
autoUpdateApps.enable = true;
|
||||||
|
# TODO: use socket auth and remove the next line
|
||||||
|
database.createLocally = false;
|
||||||
|
config = {
|
||||||
|
adminpassFile = "/var/lib/nextcloud/admin_password";
|
||||||
|
dbpassFile = "/var/lib/nextcloud/db_password";
|
||||||
|
dbtype = "pgsql";
|
||||||
|
dbhost = "/run/postgresql";
|
||||||
|
overwriteProtocol = "https";
|
||||||
|
};
|
||||||
|
hostName = "cloud.${cfg.domainName}";
|
||||||
|
https = true;
|
||||||
|
};
|
||||||
|
}
|
|
@ -61,9 +61,7 @@ in {
|
||||||
translate
|
translate
|
||||||
rss
|
rss
|
||||||
];
|
];
|
||||||
services.maubot.pythonPackages = [
|
services.maubot.pythonPackages = (with pkgs.python3.pkgs; [
|
||||||
(pkgs.pineapplebot.override { magic = cfg.pizzabotMagic; })
|
|
||||||
] ++ (with pkgs.python3.pkgs; [
|
|
||||||
levenshtein
|
levenshtein
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,7 +23,7 @@ in {
|
||||||
# Allow murmur to read the certificate
|
# Allow murmur to read the certificate
|
||||||
security.acme.certs."mumble.${cfg.domainName}" = {
|
security.acme.certs."mumble.${cfg.domainName}" = {
|
||||||
group = "nginxandmurmur";
|
group = "nginxandmurmur";
|
||||||
postRun = "systemctl try-reload-or-restart murmur";
|
reloadServices = [ "murmur" ];
|
||||||
};
|
};
|
||||||
users.groups.nginxandmurmur.members = [ "murmur" "nginx" ];
|
users.groups.nginxandmurmur.members = [ "murmur" "nginx" ];
|
||||||
|
|
||||||
|
|
|
@ -57,10 +57,6 @@
|
||||||
description = "unhashed noreply password for internal access only. \
|
description = "unhashed noreply password for internal access only. \
|
||||||
This should be different from the password that is hashed for better security";
|
This should be different from the password that is hashed for better security";
|
||||||
};
|
};
|
||||||
pizzabotMagic = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "<PIZZABOT_MAGIC_SEP>";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
description = "server settings";
|
description = "server settings";
|
||||||
|
|
57
system/hosts/server/searxng.nix
Normal file
57
system/hosts/server/searxng.nix
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
{ config
|
||||||
|
, lib
|
||||||
|
, pkgs
|
||||||
|
, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.server;
|
||||||
|
in {
|
||||||
|
services.nginx.virtualHosts."search.${cfg.domainName}" = let inherit (config.services.searx) settings; in {
|
||||||
|
quic = true;
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
# locations."/".proxyPass = "http://${lib.quoteListenAddr settings.server.bind_address}:${toString settings.server.port}";
|
||||||
|
locations."/".extraConfig = ''
|
||||||
|
uwsgi_pass "${lib.quoteListenAddr settings.server.bind_address}:${toString settings.server.port}";
|
||||||
|
include ${config.services.nginx.package}/conf/uwsgi_params;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
services.searx.enable = true;
|
||||||
|
services.searx.package = pkgs.searxng;
|
||||||
|
services.searx.runInUwsgi = true;
|
||||||
|
services.searx.uwsgiConfig = let inherit (config.services.searx) settings; in {
|
||||||
|
socket = "${lib.quoteListenAddr settings.server.bind_address}:${toString settings.server.port}";
|
||||||
|
};
|
||||||
|
services.searx.environmentFile = /var/lib/searx/searx.env;
|
||||||
|
services.searx.settings = {
|
||||||
|
use_default_settings = true;
|
||||||
|
search = {
|
||||||
|
safe_search = 0;
|
||||||
|
autocomplete = "duckduckgo"; # dbpedia, duckduckgo, google, startpage, swisscows, qwant, wikipedia - leave blank to turn off
|
||||||
|
default_lang = ""; # leave blank to detect from browser info or use codes from languages.py
|
||||||
|
};
|
||||||
|
|
||||||
|
server = {
|
||||||
|
port = 8888;
|
||||||
|
bind_address = "::1";
|
||||||
|
secret_key = "@SEARX_SECRET_KEY@";
|
||||||
|
base_url = "https://search.${cfg.domainName}/";
|
||||||
|
image_proxy = true;
|
||||||
|
default_http_headers = {
|
||||||
|
X-Content-Type-Options = "nosniff";
|
||||||
|
X-XSS-Protection = "1; mode=block";
|
||||||
|
X-Download-Options = "noopen";
|
||||||
|
X-Robots-Tag = "noindex, nofollow";
|
||||||
|
Referrer-Policy = "no-referrer";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
outgoing = {
|
||||||
|
request_timeout = 5.0; # default timeout in seconds, can be override by engine
|
||||||
|
max_request_timeout = 15.0; # the maximum timeout in seconds
|
||||||
|
pool_connections = 100; # Maximum number of allowable connections, or null
|
||||||
|
pool_maxsize = 10; # Number of allowable keep-alive connections, or null
|
||||||
|
enable_http2 = true; # See https://www.python-httpx.org/http2/
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -93,6 +93,7 @@ in {
|
||||||
# ISO-8601
|
# ISO-8601
|
||||||
i18n.extraLocaleSettings.LC_TIME = "en_DK.UTF-8";
|
i18n.extraLocaleSettings.LC_TIME = "en_DK.UTF-8";
|
||||||
environment.systemPackages = with pkgs; ([
|
environment.systemPackages = with pkgs; ([
|
||||||
|
bottom
|
||||||
wget
|
wget
|
||||||
git
|
git
|
||||||
tmux
|
tmux
|
||||||
|
|
|
@ -75,6 +75,8 @@ in {
|
||||||
{ directory = /var/db/dhcpcd; user = "root"; group = "root"; mode = "0755"; }
|
{ directory = /var/db/dhcpcd; user = "root"; group = "root"; mode = "0755"; }
|
||||||
] ++ lib.optionals config.services.gitea.enable [
|
] ++ lib.optionals config.services.gitea.enable [
|
||||||
{ directory = /var/lib/gitea; user = "gitea"; group = "gitea"; mode = "0755"; }
|
{ directory = /var/lib/gitea; user = "gitea"; group = "gitea"; mode = "0755"; }
|
||||||
|
] ++ lib.optionals config.services.forgejo.enable [
|
||||||
|
{ directory = /var/lib/forgejo; user = "forgejo"; group = "forgejo"; mode = "0755"; }
|
||||||
] ++ lib.optionals config.services.matrix-synapse.enable [
|
] ++ lib.optionals config.services.matrix-synapse.enable [
|
||||||
{ directory = /var/lib/matrix-synapse; user = "matrix-synapse"; group = "matrix-synapse"; mode = "0700"; }
|
{ directory = /var/lib/matrix-synapse; user = "matrix-synapse"; group = "matrix-synapse"; mode = "0700"; }
|
||||||
] ++ lib.optionals config.services.heisenbridge.enable [
|
] ++ lib.optionals config.services.heisenbridge.enable [
|
||||||
|
|
|
@ -5,19 +5,13 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.services.scanservjs;
|
cfg = config.services.scanservjs;
|
||||||
/*
|
|
||||||
substituteInPlace src/classes/config.js \
|
|
||||||
--replace '/usr/bin/scanimage' '${sane-backends}/bin/scanimage' \
|
|
||||||
--replace '/usr/bin/convert' '${imagemagick}/bin/convert' \
|
|
||||||
--replace '/usr/bin/tesseract' '${tesseract}/bin/tesseract'
|
|
||||||
*/
|
|
||||||
settings = {
|
settings = {
|
||||||
scanimage = "${pkgs.sane-backends}/bin/scanimage";
|
scanimage = "${pkgs.sane-backends}/bin/scanimage";
|
||||||
convert = "${pkgs.imagemagick}/bin/convert";
|
convert = "${pkgs.imagemagick}/bin/convert";
|
||||||
tesseract = "${pkgs.tesseract}/bin/tesseract";
|
tesseract = "${pkgs.tesseract}/bin/tesseract";
|
||||||
# it defaults to config/devices.json, but "config" dir doesn't exist and scanservjs doesn't create it
|
|
||||||
devicesPath = "devices.json";
|
|
||||||
} // cfg.settings;
|
} // cfg.settings;
|
||||||
|
|
||||||
settingsFormat = pkgs.formats.json { };
|
settingsFormat = pkgs.formats.json { };
|
||||||
|
|
||||||
leafs = attrs:
|
leafs = attrs:
|
||||||
|
@ -58,7 +52,7 @@ let
|
||||||
},
|
},
|
||||||
|
|
||||||
actions: [
|
actions: [
|
||||||
${builtins.concatStringsSep ",\n" cfg.extraActions}
|
${builtins.concatStringsSep ",\n" (map (x: "(${x})") cfg.extraActions)}
|
||||||
],
|
],
|
||||||
};
|
};
|
||||||
'';
|
'';
|
||||||
|
@ -119,6 +113,7 @@ in {
|
||||||
description = "Actions to add to config.local.js's `actions`";
|
description = "Actions to add to config.local.js's `actions`";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
hardware.sane.enable = true;
|
hardware.sane.enable = true;
|
||||||
users.users.scanservjs = {
|
users.users.scanservjs = {
|
||||||
|
@ -126,7 +121,7 @@ in {
|
||||||
extraGroups = [ "scanner" "lp" ];
|
extraGroups = [ "scanner" "lp" ];
|
||||||
home = cfg.stateDir;
|
home = cfg.stateDir;
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
createHome = true;
|
createHome = lib.mkIf (cfg.stateDir != "/var/lib/scanservjs") true;
|
||||||
};
|
};
|
||||||
users.groups.scanservjs = { };
|
users.groups.scanservjs = { };
|
||||||
|
|
||||||
|
@ -136,14 +131,14 @@ in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
# yes, those paths are configurable, but the config option isn't always used...
|
# yes, those paths are configurable, but the config option isn't always used...
|
||||||
path = with pkgs; [ coreutils sane-backends imagemagick tesseract ];
|
path = with pkgs; [ coreutils sane-backends imagemagick tesseract ];
|
||||||
environment.NIX_SCANSERVJS_CONFIG_PATH = configFile;
|
|
||||||
environment.SANE_CONFIG_DIR = "/etc/sane-config";
|
environment.SANE_CONFIG_DIR = "/etc/sane-config";
|
||||||
environment.LD_LIBRARY_PATH = "/etc/sane-libs";
|
environment.LD_LIBRARY_PATH = "/etc/sane-libs";
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = "${package}/bin/scanservjs";
|
ExecStart = "${package}/bin/scanservjs --config ${configFile}";
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
User = "scanservjs";
|
User = "scanservjs";
|
||||||
Group = "scanservjs";
|
Group = "scanservjs";
|
||||||
|
StateDirectory = lib.mkIf (cfg.stateDir == "/var/lib/scanservjs") "scanservjs";
|
||||||
WorkingDirectory = cfg.stateDir;
|
WorkingDirectory = cfg.stateDir;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
12
update.sh
12
update.sh
|
@ -7,9 +7,9 @@ mozilla-addons-to-nix \
|
||||||
./pkgs/firefox-addons/addons.json \
|
./pkgs/firefox-addons/addons.json \
|
||||||
./pkgs/firefox-addons/generated.nix || echo "failed to update firefox addons"
|
./pkgs/firefox-addons/generated.nix || echo "failed to update firefox addons"
|
||||||
nix flake update
|
nix flake update
|
||||||
if [ -z ${SUDO_ASKPASS+x} ]; then
|
#if [ -z ${SUDO_ASKPASS+x} ]; then
|
||||||
sudo nixos-rebuild switch --flake . --option extra-builtins-file "$(pwd)/extra-builtins.nix"
|
# sudo nixos-rebuild switch --flake . --option extra-builtins-file "$(pwd)/extra-builtins.nix"
|
||||||
else
|
#else
|
||||||
sudo -A nixos-rebuild switch --flake . --option extra-builtins-file "$(pwd)/extra-builtins.nix"
|
# sudo -A nixos-rebuild switch --flake . --option extra-builtins-file "$(pwd)/extra-builtins.nix"
|
||||||
fi
|
#fi
|
||||||
home-manager switch --flake . --option extra-builtins-file "$(pwd)/extra-builtins.nix"
|
#home-manager switch --flake . --option extra-builtins-file "$(pwd)/extra-builtins.nix"
|
||||||
|
|
Loading…
Reference in a new issue