refactor: use lib.getExe where applicable
This commit is contained in:
@@ -22,7 +22,7 @@ let
|
|||||||
_bitcoindWithExternalIp = pkgs.writeShellScriptBin "bitcoind" ''
|
_bitcoindWithExternalIp = pkgs.writeShellScriptBin "bitcoind" ''
|
||||||
set -xeu
|
set -xeu
|
||||||
externalip="$(cat /var/lib/tor/onion/bitcoind/hostname)"
|
externalip="$(cat /var/lib/tor/onion/bitcoind/hostname)"
|
||||||
exec ${bitcoind}/bin/bitcoind "-externalip=$externalip" "$@"
|
exec ${lib.getExe' bitcoind "bitcoind"} "-externalip=$externalip" "$@"
|
||||||
'';
|
'';
|
||||||
# the package i provide to services.bitcoind ends up on system PATH, and used by other tools like clightning.
|
# the package i provide to services.bitcoind ends up on system PATH, and used by other tools like clightning.
|
||||||
# therefore, even though services.bitcoind only needs `bitcoind` binary, provide all the other bitcoin-related binaries (notably `bitcoin-cli`) as well:
|
# therefore, even though services.bitcoind only needs `bitcoind` binary, provide all the other bitcoin-related binaries (notably `bitcoin-cli`) as well:
|
||||||
|
@@ -124,7 +124,7 @@
|
|||||||
# peerswap:
|
# peerswap:
|
||||||
# - config example: <https://github.com/fort-nix/nix-bitcoin/pull/462/files#diff-b357d832705b8ce8df1f41934d613f79adb77c4cd5cd9e9eb12a163fca3e16c6>
|
# - config example: <https://github.com/fort-nix/nix-bitcoin/pull/462/files#diff-b357d832705b8ce8df1f41934d613f79adb77c4cd5cd9e9eb12a163fca3e16c6>
|
||||||
# XXX: peerswap crashes clightning on launch. stacktrace is useless.
|
# XXX: peerswap crashes clightning on launch. stacktrace is useless.
|
||||||
# plugin={pkgs.peerswap}/bin/peerswap
|
# plugin={lib.getExe' pkgs.peerswap "peerswap"}
|
||||||
# peerswap-db-path=/var/lib/clightning/peerswap/swaps
|
# peerswap-db-path=/var/lib/clightning/peerswap/swaps
|
||||||
# peerswap-policy-path=...
|
# peerswap-policy-path=...
|
||||||
'';
|
'';
|
||||||
|
@@ -457,13 +457,12 @@ lib.mkIf false
|
|||||||
mod_version = {};
|
mod_version = {};
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
sed = "${pkgs.gnused}/bin/sed";
|
|
||||||
in ''
|
in ''
|
||||||
ip=$(cat '${config.sane.services.dyn-dns.ipPath}')
|
ip=$(cat '${config.sane.services.dyn-dns.ipPath}')
|
||||||
# config is 444 (not 644), so we want to write out-of-place and then atomically move
|
# config is 444 (not 644), so we want to write out-of-place and then atomically move
|
||||||
# TODO: factor this out into `sane-woop` helper?
|
# TODO: factor this out into `sane-woop` helper?
|
||||||
rm -f /var/lib/ejabberd/ejabberd.yaml.new
|
rm -f /var/lib/ejabberd/ejabberd.yaml.new
|
||||||
${sed} "s/%ANATIVE%/$ip/g" ${config-in} > /var/lib/ejabberd/ejabberd.yaml.new
|
${lib.getExe pkgs.gnused} "s/%ANATIVE%/$ip/g" ${config-in} > /var/lib/ejabberd/ejabberd.yaml.new
|
||||||
mv /var/lib/ejabberd/ejabberd.yaml{.new,}
|
mv /var/lib/ejabberd/ejabberd.yaml{.new,}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
@@ -141,7 +141,7 @@ in
|
|||||||
};
|
};
|
||||||
data_provider = {
|
data_provider = {
|
||||||
driver = "memory";
|
driver = "memory";
|
||||||
external_auth_hook = "${external_auth_hook}/bin/external_auth_hook";
|
external_auth_hook = lib.getExe external_auth_hook;
|
||||||
# track_quota:
|
# track_quota:
|
||||||
# - 0: disable quota tracking
|
# - 0: disable quota tracking
|
||||||
# - 1: quota is updated on every upload/delete, even if user has no quota restriction
|
# - 1: quota is updated on every upload/delete, even if user has no quota restriction
|
||||||
|
@@ -86,7 +86,7 @@
|
|||||||
ENABLED = true;
|
ENABLED = true;
|
||||||
FROM = "notify.git@uninsane.org";
|
FROM = "notify.git@uninsane.org";
|
||||||
PROTOCOL = "sendmail";
|
PROTOCOL = "sendmail";
|
||||||
SENDMAIL_PATH = "${pkgs.postfix}/bin/sendmail";
|
SENDMAIL_PATH = lib.getExe' pkgs.postfix "sendmail";
|
||||||
SENDMAIL_ARGS = "--"; # most "sendmail" programs take options, "--" will prevent an email address being interpreted as an option.
|
SENDMAIL_ARGS = "--"; # most "sendmail" programs take options, "--" will prevent an email address being interpreted as an option.
|
||||||
};
|
};
|
||||||
time = {
|
time = {
|
||||||
|
@@ -11,7 +11,7 @@ lib.mkIf false #< 2024/09/30: disabled because i haven't used it in several mon
|
|||||||
description = "GoAccess server monitoring";
|
description = "GoAccess server monitoring";
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = ''
|
ExecStart = ''
|
||||||
${pkgs.goaccess}/bin/goaccess \
|
${lib.getExe pkgs.goaccess} \
|
||||||
-f /var/log/nginx/public.log \
|
-f /var/log/nginx/public.log \
|
||||||
--log-format=VCOMBINED \
|
--log-format=VCOMBINED \
|
||||||
--real-time-html \
|
--real-time-html \
|
||||||
@@ -23,7 +23,7 @@ lib.mkIf false #< 2024/09/30: disabled because i haven't used it in several mon
|
|||||||
--port=7890 \
|
--port=7890 \
|
||||||
-o /var/lib/goaccess/index.html
|
-o /var/lib/goaccess/index.html
|
||||||
'';
|
'';
|
||||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
ExecReload = "${lib.getExe' pkgs.coreutils "kill"} -HUP $MAINPID";
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
RestartSec = "10s";
|
RestartSec = "10s";
|
||||||
|
@@ -18,7 +18,7 @@ in
|
|||||||
serviceConfig.ExecStartPre = [ "${lib.getExe pkgs.sane-scripts.ip-check} --no-upnp --expect ${config.sane.netns.ovpns.netnsPubIpv4}" ]; # abort if public IP is not as expected
|
serviceConfig.ExecStartPre = [ "${lib.getExe pkgs.sane-scripts.ip-check} --no-upnp --expect ${config.sane.netns.ovpns.netnsPubIpv4}" ]; # abort if public IP is not as expected
|
||||||
# patch in `--ListenPublic` so that it's reachable from the netns veth.
|
# patch in `--ListenPublic` so that it's reachable from the netns veth.
|
||||||
# this also makes it reachable from the VPN pub address. oh well.
|
# this also makes it reachable from the VPN pub address. oh well.
|
||||||
serviceConfig.ExecStart = lib.mkForce "${cfg.package}/bin/Jackett --ListenPublic --NoUpdates --DataFolder '${cfg.dataDir}'";
|
serviceConfig.ExecStart = lib.mkForce "${lib.getExe' cfg.package "Jackett"} --ListenPublic --NoUpdates --DataFolder '${cfg.dataDir}'";
|
||||||
serviceConfig.RestartSec = "30s";
|
serviceConfig.RestartSec = "30s";
|
||||||
|
|
||||||
# hardening (systemd-analyze security jackett)
|
# hardening (systemd-analyze security jackett)
|
||||||
|
@@ -144,7 +144,7 @@ in {
|
|||||||
# CLI args: <https://git.asonix.dog/asonix/pict-rs#user-content-running>
|
# CLI args: <https://git.asonix.dog/asonix/pict-rs#user-content-running>
|
||||||
systemd.services.pict-rs = {
|
systemd.services.pict-rs = {
|
||||||
serviceConfig.ExecStart = lib.mkForce (lib.concatStringsSep " " [
|
serviceConfig.ExecStart = lib.mkForce (lib.concatStringsSep " " [
|
||||||
"${lib.getBin pict-rs}/bin/pict-rs run"
|
(lib.getExe pict-rs)
|
||||||
"--media-video-max-frame-count" (builtins.toString (30*60*60))
|
"--media-video-max-frame-count" (builtins.toString (30*60*60))
|
||||||
"--media-process-timeout 120"
|
"--media-process-timeout 120"
|
||||||
"--media-video-allow-audio" # allow audio
|
"--media-video-allow-audio" # allow audio
|
||||||
|
@@ -71,20 +71,20 @@ in
|
|||||||
];
|
];
|
||||||
|
|
||||||
systemd.services.matrix-synapse.postStart = lib.optionalString ntfy ''
|
systemd.services.matrix-synapse.postStart = lib.optionalString ntfy ''
|
||||||
ACCESS_TOKEN=$(${pkgs.coreutils}/bin/cat ${config.sops.secrets.matrix_access_token.path})
|
ACCESS_TOKEN=$(${lib.getExe' pkgs.coreutils "cat"} ${config.sops.secrets.matrix_access_token.path})
|
||||||
TOPIC=$(${pkgs.coreutils}/bin/cat ${config.sops.secrets.ntfy-sh-topic.path})
|
TOPIC=$(${lib.getExe' pkgs.coreutils "cat"} ${config.sops.secrets.ntfy-sh-topic.path})
|
||||||
|
|
||||||
echo "ensuring ntfy push gateway"
|
echo "ensuring ntfy push gateway"
|
||||||
${pkgs.curl}/bin/curl \
|
${lib.getExe pkgs.curl} \
|
||||||
--header "Authorization: Bearer $ACCESS_TOKEN" \
|
--header "Authorization: Bearer $ACCESS_TOKEN" \
|
||||||
--data "{ \"app_display_name\": \"ntfy-adapter\", \"app_id\": \"ntfy.uninsane.org\", \"data\": { \"url\": \"https://ntfy.uninsane.org/_matrix/push/v1/notify\", \"format\": \"event_id_only\" }, \"device_display_name\": \"ntfy-adapter\", \"kind\": \"http\", \"lang\": \"en-US\", \"profile_tag\": \"\", \"pushkey\": \"$TOPIC\" }" \
|
--data "{ \"app_display_name\": \"ntfy-adapter\", \"app_id\": \"ntfy.uninsane.org\", \"data\": { \"url\": \"https://ntfy.uninsane.org/_matrix/push/v1/notify\", \"format\": \"event_id_only\" }, \"device_display_name\": \"ntfy-adapter\", \"kind\": \"http\", \"lang\": \"en-US\", \"profile_tag\": \"\", \"pushkey\": \"$TOPIC\" }" \
|
||||||
localhost:8008/_matrix/client/v3/pushers/set
|
localhost:8008/_matrix/client/v3/pushers/set
|
||||||
|
|
||||||
echo "registered push gateways:"
|
echo "registered push gateways:"
|
||||||
${pkgs.curl}/bin/curl \
|
${lib.getExe pkgs.curl} \
|
||||||
--header "Authorization: Bearer $ACCESS_TOKEN" \
|
--header "Authorization: Bearer $ACCESS_TOKEN" \
|
||||||
localhost:8008/_matrix/client/v3/pushers \
|
localhost:8008/_matrix/client/v3/pushers \
|
||||||
| ${pkgs.jq}/bin/jq .
|
| ${lib.getExe pkgs.jq} .
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
||||||
|
@@ -235,7 +235,7 @@ in
|
|||||||
# to accept it.
|
# to accept it.
|
||||||
system.activationScripts.generate-x509-self-signed.text = ''
|
system.activationScripts.generate-x509-self-signed.text = ''
|
||||||
mkdir -p /var/www/certs/wildcard
|
mkdir -p /var/www/certs/wildcard
|
||||||
test -f /var/www/certs/wildcard/key.pem || ${pkgs.openssl}/bin/openssl \
|
test -f /var/www/certs/wildcard/key.pem || ${lib.getExe pkgs.openssl} \
|
||||||
req -x509 -newkey rsa:4096 \
|
req -x509 -newkey rsa:4096 \
|
||||||
-keyout /var/www/certs/wildcard/key.pem \
|
-keyout /var/www/certs/wildcard/key.pem \
|
||||||
-out /var/www/certs/wildcard/cert.pem \
|
-out /var/www/certs/wildcard/cert.pem \
|
||||||
|
@@ -59,7 +59,7 @@ lib.mkIf false #< 2024/09/30: disabled because i haven't used it in several mon
|
|||||||
# note that this will fail upon first run, i.e. before ntfy has created its db.
|
# note that this will fail upon first run, i.e. before ntfy has created its db.
|
||||||
# just restart the service.
|
# just restart the service.
|
||||||
topic=$(cat ${config.sops.secrets.ntfy-sh-topic.path})
|
topic=$(cat ${config.sops.secrets.ntfy-sh-topic.path})
|
||||||
${pkgs.ntfy-sh}/bin/ntfy access everyone "$topic" read-write
|
${lib.getExe' pkgs.ntfy-sh "ntfy"} access everyone "$topic" read-write
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
||||||
|
@@ -14,7 +14,7 @@ let
|
|||||||
silence = port - portLow;
|
silence = port - portLow;
|
||||||
flags = lib.optional cfg.verbose "--verbose";
|
flags = lib.optional cfg.verbose "--verbose";
|
||||||
cli = [
|
cli = [
|
||||||
"${cfg.package}/bin/ntfy-waiter"
|
(lib.getExe cfg.package)
|
||||||
"--port"
|
"--port"
|
||||||
"${builtins.toString port}"
|
"${builtins.toString port}"
|
||||||
"--silence"
|
"--silence"
|
||||||
|
@@ -46,7 +46,7 @@ in
|
|||||||
config :pleroma, Pleroma.Emails.Mailer,
|
config :pleroma, Pleroma.Emails.Mailer,
|
||||||
enabled: true,
|
enabled: true,
|
||||||
adapter: Swoosh.Adapters.Sendmail,
|
adapter: Swoosh.Adapters.Sendmail,
|
||||||
cmd_path: "${pkgs.postfix}/bin/sendmail"
|
cmd_path: "${lib.getExe' pkgs.postfix "sendmail"}"
|
||||||
|
|
||||||
config :pleroma, Pleroma.User,
|
config :pleroma, Pleroma.User,
|
||||||
restricted_nicknames: [ "admin", "uninsane", "root" ]
|
restricted_nicknames: [ "admin", "uninsane", "root" ]
|
||||||
|
@@ -279,7 +279,7 @@ in
|
|||||||
-- s2s_require_encryption = true
|
-- s2s_require_encryption = true
|
||||||
-- c2s_require_encryption = true
|
-- c2s_require_encryption = true
|
||||||
'' + lib.optionalString config.services.ntfy-sh.enable ''
|
'' + lib.optionalString config.services.ntfy-sh.enable ''
|
||||||
ntfy_binary = "${pkgs.ntfy-sh}/bin/ntfy"
|
ntfy_binary = "${lib.getExe' pkgs.ntfy-sh "ntfy"}"
|
||||||
ntfy_topic = readAll("/run/secrets/ntfy-sh-topic")
|
ntfy_topic = readAll("/run/secrets/ntfy-sh-topic")
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
@@ -104,7 +104,7 @@ in
|
|||||||
# - TR_TORRENT_NAME - Name of torrent (not filename)
|
# - TR_TORRENT_NAME - Name of torrent (not filename)
|
||||||
# - TR_TORRENT_TRACKERS - A comma-delimited list of the torrent's trackers' announce URLs
|
# - TR_TORRENT_TRACKERS - A comma-delimited list of the torrent's trackers' announce URLs
|
||||||
script-torrent-done-enabled = true;
|
script-torrent-done-enabled = true;
|
||||||
script-torrent-done-filename = "${torrent-done}/bin/torrent-done";
|
script-torrent-done-filename = lib.getExe torrent-done;
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.transmission = {
|
systemd.services.transmission = {
|
||||||
@@ -138,7 +138,7 @@ in
|
|||||||
systemd.services.backup-torrents = {
|
systemd.services.backup-torrents = {
|
||||||
description = "archive torrents to storage not owned by transmission";
|
description = "archive torrents to storage not owned by transmission";
|
||||||
script = ''
|
script = ''
|
||||||
${pkgs.rsync}/bin/rsync -arv /var/lib/transmission/.config/transmission-daemon/torrents/ /var/backup/torrents/
|
${lib.getExe pkgs.rsync} -arv /var/lib/transmission/.config/transmission-daemon/torrents/ /var/backup/torrents/
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
systemd.timers.backup-torrents = {
|
systemd.timers.backup-torrents = {
|
||||||
|
@@ -3,13 +3,12 @@
|
|||||||
boot.initrd.supportedFilesystems = [ "ext4" "btrfs" "ext2" "ext3" "vfat" ];
|
boot.initrd.supportedFilesystems = [ "ext4" "btrfs" "ext2" "ext3" "vfat" ];
|
||||||
# useful emergency utils
|
# useful emergency utils
|
||||||
boot.initrd.extraUtilsCommands = ''
|
boot.initrd.extraUtilsCommands = ''
|
||||||
copy_bin_and_libs ${pkgs.btrfs-progs}/bin/btrfstune
|
copy_bin_and_libs ${lib.getExe' pkgs.btrfs-progs "btrfstune"}
|
||||||
copy_bin_and_libs ${pkgs.util-linux}/bin/{cfdisk,lsblk,lscpu}
|
copy_bin_and_libs ${lib.getExe' pkgs.util-linux "{cfdisk,lsblk,lscpu}"}
|
||||||
copy_bin_and_libs ${pkgs.gptfdisk}/bin/{cgdisk,gdisk}
|
copy_bin_and_libs ${lib.getExe' pkgs.gptfdisk "{cgdisk,gdisk}"}
|
||||||
copy_bin_and_libs ${pkgs.smartmontools}/bin/smartctl
|
copy_bin_and_libs ${lib.getExe' pkgs.smartmontools "smartctl"}
|
||||||
copy_bin_and_libs ${pkgs.e2fsprogs}/bin/resize2fs
|
copy_bin_and_libs ${lib.getExe' pkgs.e2fsprogs "resize2fs"}
|
||||||
'' + lib.optionalString pkgs.stdenv.hostPlatform.isx86_64 ''
|
copy_bin_and_libs ${lib.getExe pkgs.nvme-cli}
|
||||||
copy_bin_and_libs ${pkgs.nvme-cli}/bin/nvme # doesn't cross compile
|
|
||||||
'';
|
'';
|
||||||
boot.kernelParams = [
|
boot.kernelParams = [
|
||||||
"boot.shell_on_fail"
|
"boot.shell_on_fail"
|
||||||
|
@@ -58,14 +58,14 @@ let
|
|||||||
mkdir -p $out/share/applications
|
mkdir -p $out/share/applications
|
||||||
for i in $(cat $pathsPath); do
|
for i in $(cat $pathsPath); do
|
||||||
if [ -e "$i/share/applications" ]; then
|
if [ -e "$i/share/applications" ]; then
|
||||||
${pkgs.buildPackages.xorg.lndir}/bin/lndir -silent $i/share/applications $out/share/applications
|
${lib.getExe pkgs.buildPackages.xorg.lndir} -silent $i/share/applications $out/share/applications
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
runHook postBuild
|
runHook postBuild
|
||||||
'';
|
'';
|
||||||
postBuild = ''
|
postBuild = ''
|
||||||
# rebuild `mimeinfo.cache`, used by file openers to show the list of *all* apps, not just the user's defaults.
|
# rebuild `mimeinfo.cache`, used by file openers to show the list of *all* apps, not just the user's defaults.
|
||||||
${pkgs.buildPackages.desktop-file-utils}/bin/update-desktop-database $out/share/applications
|
${lib.getExe' pkgs.buildPackages.desktop-file-utils "update-desktop-database"} $out/share/applications
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@@ -59,13 +59,13 @@ in
|
|||||||
networking.firewall.extraCommands = lib.mkIf cfg.enabled (with pkgs; ''
|
networking.firewall.extraCommands = lib.mkIf cfg.enabled (with pkgs; ''
|
||||||
# after an outgoing mDNS query to the multicast address, open FW for incoming responses.
|
# after an outgoing mDNS query to the multicast address, open FW for incoming responses.
|
||||||
# ipset -! means "don't fail if set already exists"
|
# ipset -! means "don't fail if set already exists"
|
||||||
${ipset}/bin/ipset create -! mdns hash:ip,port timeout 10
|
${lib.getExe' ipset "ipset"} create -! mdns hash:ip,port timeout 10
|
||||||
${iptables}/bin/iptables -A OUTPUT -d 239.255.255.250/32 -p udp -m udp --dport 5353 -j SET --add-set mdns src,src --exist
|
${lib.getExe' iptables "iptables"} -A OUTPUT -d 239.255.255.250/32 -p udp -m udp --dport 5353 -j SET --add-set mdns src,src --exist
|
||||||
${iptables}/bin/iptables -A INPUT -p udp -m set --match-set mdns dst,dst -j ACCEPT
|
${lib.getExe' iptables "iptables"} -A INPUT -p udp -m set --match-set mdns dst,dst -j ACCEPT
|
||||||
# IPv6 ruleset. ff02::/16 means *any* link-local multicast group (so this is probably more broad than it needs to be)
|
# IPv6 ruleset. ff02::/16 means *any* link-local multicast group (so this is probably more broad than it needs to be)
|
||||||
${ipset}/bin/ipset create -! mdns6 hash:ip,port timeout 10 family inet6
|
${lib.getExe' ipset "ipset"} create -! mdns6 hash:ip,port timeout 10 family inet6
|
||||||
${iptables}/bin/ip6tables -A OUTPUT -d ff02::/16 -p udp -m udp --dport 5353 -j SET --add-set mdns6 src,src --exist
|
${lib.getExe' iptables "ip6tables"} -A OUTPUT -d ff02::/16 -p udp -m udp --dport 5353 -j SET --add-set mdns6 src,src --exist
|
||||||
${iptables}/bin/ip6tables -A INPUT -p udp -m set --match-set mdns6 dst,dst -j ACCEPT
|
${lib.getExe' iptables "ip6tables"} -A INPUT -p udp -m set --match-set mdns6 dst,dst -j ACCEPT
|
||||||
'');
|
'');
|
||||||
|
|
||||||
systemd.services.avahi-daemon = lib.mkIf cfg.enabled {
|
systemd.services.avahi-daemon = lib.mkIf cfg.enabled {
|
||||||
|
@@ -13,8 +13,8 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
services.udev.extraRules = let
|
services.udev.extraRules = let
|
||||||
chmod = "${pkgs.coreutils}/bin/chmod";
|
chmod = lib.getExe' pkgs.coreutils "chmod";
|
||||||
chown = "${pkgs.coreutils}/bin/chown";
|
chown = lib.getExe' pkgs.coreutils "chown";
|
||||||
in lib.mkIf cfg.enabled ''
|
in lib.mkIf cfg.enabled ''
|
||||||
# make backlight controllable by members of `video`
|
# make backlight controllable by members of `video`
|
||||||
SUBSYSTEM=="backlight", RUN+="${chown} :video $sys$devpath/brightness", RUN+="${chmod} g+w $sys$devpath/brightness"
|
SUBSYSTEM=="backlight", RUN+="${chown} :video $sys$devpath/brightness", RUN+="${chmod} g+w $sys$devpath/brightness"
|
||||||
|
@@ -49,7 +49,7 @@ in
|
|||||||
# - eg25-control-gps: moves new/<agps> into cache/
|
# - eg25-control-gps: moves new/<agps> into cache/
|
||||||
# - but it moved the result (possibly incomplete) of eg25-control-freshen-agps, incorrectly
|
# - but it moved the result (possibly incomplete) of eg25-control-freshen-agps, incorrectly
|
||||||
# in practice, i don't expect much issue from this.
|
# in practice, i don't expect much issue from this.
|
||||||
ExecStart = "${cfg.package}/bin/eg25-control --ensure-agps-cache --verbose";
|
ExecStart = "${lib.getExe cfg.package} --ensure-agps-cache --verbose";
|
||||||
Restart = "no";
|
Restart = "no";
|
||||||
|
|
||||||
User = "colin";
|
User = "colin";
|
||||||
@@ -61,8 +61,8 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
services.udev.extraRules = let
|
services.udev.extraRules = let
|
||||||
chmod = "${pkgs.coreutils}/bin/chmod";
|
chmod = lib.getExe' pkgs.coreutils "chmod";
|
||||||
chown = "${pkgs.coreutils}/bin/chown";
|
chown = lib.getExe' pkgs.coreutils "chown";
|
||||||
in lib.optionalString cfg.enabled ''
|
in lib.optionalString cfg.enabled ''
|
||||||
# make Modem controllable by user
|
# make Modem controllable by user
|
||||||
DRIVER=="modem-power", RUN+="${chmod} g+w /sys%p/powered", RUN+="${chown} :networkmanager /sys%p/powered"
|
DRIVER=="modem-power", RUN+="${chmod} g+w /sys%p/powered", RUN+="${chown} :networkmanager /sys%p/powered"
|
||||||
|
@@ -91,7 +91,7 @@ let
|
|||||||
|
|
||||||
echo "unzipping omni.ja"
|
echo "unzipping omni.ja"
|
||||||
# N.B. `zip` exits non-zero even on successful extraction, if the file didn't 100% obey spec
|
# N.B. `zip` exits non-zero even on successful extraction, if the file didn't 100% obey spec
|
||||||
${pkgs.buildPackages.unzip}/bin/unzip $out/lib/${cfg.browser.libName}/browser/omni.ja -d omni || true
|
${lib.getExe pkgs.buildPackages.unzip} $out/lib/${cfg.browser.libName}/browser/omni.ja -d omni || true
|
||||||
|
|
||||||
echo "removing old omni.ja"
|
echo "removing old omni.ja"
|
||||||
rm $out/lib/${cfg.browser.libName}/browser/omni.ja
|
rm $out/lib/${cfg.browser.libName}/browser/omni.ja
|
||||||
@@ -105,7 +105,7 @@ let
|
|||||||
${lib.getExe pkgs.buildPackages.gnused} -i s'/command="cmd_close" modifiers="accel"/command="cmd_close" modifiers="accel,shift"/' omni/chrome/browser/content/browser/browser.xhtml
|
${lib.getExe pkgs.buildPackages.gnused} -i s'/command="cmd_close" modifiers="accel"/command="cmd_close" modifiers="accel,shift"/' omni/chrome/browser/content/browser/browser.xhtml
|
||||||
|
|
||||||
echo "re-zipping omni.ja"
|
echo "re-zipping omni.ja"
|
||||||
pushd omni; ${pkgs.buildPackages.zip}/bin/zip $out/lib/${cfg.browser.libName}/browser/omni.ja -r ./*; popd
|
pushd omni; ${lib.getExe pkgs.buildPackages.zip} $out/lib/${cfg.browser.libName}/browser/omni.ja -r ./*; popd
|
||||||
|
|
||||||
echo "omni.ja AFTER:"
|
echo "omni.ja AFTER:"
|
||||||
ls -l $out/lib/${cfg.browser.libName}/browser/omni.ja
|
ls -l $out/lib/${cfg.browser.libName}/browser/omni.ja
|
||||||
|
@@ -40,7 +40,7 @@ let
|
|||||||
cache = (pkgs.makeFontsCache { fontDirectories = config.fonts.packages; }).overrideAttrs (upstream: {
|
cache = (pkgs.makeFontsCache { fontDirectories = config.fonts.packages; }).overrideAttrs (upstream: {
|
||||||
buildCommand = lib.replaceStrings
|
buildCommand = lib.replaceStrings
|
||||||
[ "fc-cache" ]
|
[ "fc-cache" ]
|
||||||
[ "${pkgs.stdenv.hostPlatform.emulator pkgs.buildPackages} ${pkgs.fontconfig.bin}/bin/fc-cache" ]
|
[ "${pkgs.stdenv.hostPlatform.emulator pkgs.buildPackages} ${lib.getExe' pkgs.fontconfig.bin "fc-cache"}" ]
|
||||||
upstream.buildCommand
|
upstream.buildCommand
|
||||||
;
|
;
|
||||||
});
|
});
|
||||||
|
@@ -54,7 +54,7 @@ in
|
|||||||
# - <https://difftastic.wilfred.me.uk/git.html>
|
# - <https://difftastic.wilfred.me.uk/git.html>
|
||||||
diff.tool = "difftastic";
|
diff.tool = "difftastic";
|
||||||
difftool.prompt = false;
|
difftool.prompt = false;
|
||||||
"difftool \"difftastic\"".cmd = ''${pkgs.difftastic}/bin/difft "$LOCAL" "$REMOTE"'';
|
"difftool \"difftastic\"".cmd = ''${lib.getExe pkgs.difftastic} "$LOCAL" "$REMOTE"'';
|
||||||
# now run `git difftool` to use difftastic git
|
# now run `git difftool` to use difftastic git
|
||||||
|
|
||||||
# render dates as YYYY-MM-DD HH:MM:SS +TZ
|
# render dates as YYYY-MM-DD HH:MM:SS +TZ
|
||||||
|
@@ -1,5 +1,5 @@
|
|||||||
# TODO: gnome-keyring has portal integration? ($out/share/xdg-desktop-portal)
|
# TODO: gnome-keyring has portal integration? ($out/share/xdg-desktop-portal)
|
||||||
{ pkgs, ... }:
|
{ lib, pkgs, ... }:
|
||||||
{
|
{
|
||||||
sane.programs.gnome-keyring = {
|
sane.programs.gnome-keyring = {
|
||||||
packageUnwrapped = pkgs.rmDbusServices pkgs.gnome-keyring;
|
packageUnwrapped = pkgs.rmDbusServices pkgs.gnome-keyring;
|
||||||
@@ -53,7 +53,7 @@
|
|||||||
mkdir -m 0700 -p $XDG_RUNTIME_DIR/keyring
|
mkdir -m 0700 -p $XDG_RUNTIME_DIR/keyring
|
||||||
exec gnome-keyring-daemon --start --foreground --components=secrets
|
exec gnome-keyring-daemon --start --foreground --components=secrets
|
||||||
'';
|
'';
|
||||||
in "${gkr-start}/bin/gnome-keyring-daemon-start";
|
in lib.getExe gkr-start;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@@ -54,7 +54,7 @@
|
|||||||
services.mako = {
|
services.mako = {
|
||||||
description = "mako desktop notification daemon";
|
description = "mako desktop notification daemon";
|
||||||
partOf = [ "graphical-session" ];
|
partOf = [ "graphical-session" ];
|
||||||
command = "${config.sane.programs.mako.package}/bin/mako";
|
command = lib.getExe config.sane.programs.mako.package;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@@ -22,7 +22,7 @@ let
|
|||||||
enabledPrograms;
|
enabledPrograms;
|
||||||
|
|
||||||
fmtAssoc = regex: desktop: ''
|
fmtAssoc = regex: desktop: ''
|
||||||
${mimeo-open-desktop}/bin/mimeo-open-desktop ${desktop} %U
|
${lib.getExe mimeo-open-desktop} ${desktop} %U
|
||||||
${regex}
|
${regex}
|
||||||
'';
|
'';
|
||||||
assocs = builtins.map
|
assocs = builtins.map
|
||||||
@@ -31,10 +31,10 @@ let
|
|||||||
assocs' = lib.flatten assocs;
|
assocs' = lib.flatten assocs;
|
||||||
|
|
||||||
fmtFallbackAssoc = mimeType: desktop: if mimeType == "x-scheme-handler/http" then ''
|
fmtFallbackAssoc = mimeType: desktop: if mimeType == "x-scheme-handler/http" then ''
|
||||||
${mimeo-open-desktop}/bin/mimeo-open-desktop ${desktop} %U
|
${lib.getExe mimeo-open-desktop} ${desktop} %U
|
||||||
^http://.*
|
^http://.*
|
||||||
'' else if mimeType == "x-scheme-handler/https" then ''
|
'' else if mimeType == "x-scheme-handler/https" then ''
|
||||||
${mimeo-open-desktop}/bin/mimeo-open-desktop ${desktop} %U
|
${lib.getExe mimeo-open-desktop} ${desktop} %U
|
||||||
^https://.*
|
^https://.*
|
||||||
'' else "";
|
'' else "";
|
||||||
fmtFallbackAssoc' = mimeType: desktop:
|
fmtFallbackAssoc' = mimeType: desktop:
|
||||||
|
@@ -22,7 +22,7 @@ let
|
|||||||
pathsToLink = [ "/${mopidyPackages.python.sitePackages}" ];
|
pathsToLink = [ "/${mopidyPackages.python.sitePackages}" ];
|
||||||
nativeBuildInputs = [ makeWrapper ];
|
nativeBuildInputs = [ makeWrapper ];
|
||||||
postBuild = ''
|
postBuild = ''
|
||||||
makeWrapper ${mopidy}/bin/mopidy $out/bin/mopidy \
|
makeWrapper ${lib.getExe mopidy} $out/bin/mopidy \
|
||||||
--prefix PYTHONPATH : $out/${mopidyPackages.python.sitePackages}
|
--prefix PYTHONPATH : $out/${mopidyPackages.python.sitePackages}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
@@ -32,7 +32,7 @@ in
|
|||||||
topic=$(cat ~/.config/ntfy-sh/topic)
|
topic=$(cat ~/.config/ntfy-sh/topic)
|
||||||
exec ntfy sub "https://ntfy.uninsane.org:2587/$topic"
|
exec ntfy sub "https://ntfy.uninsane.org:2587/$topic"
|
||||||
'';
|
'';
|
||||||
in "${sub}/bin/ntfy-sub";
|
in lib.getExe sub;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@@ -117,7 +117,7 @@ in
|
|||||||
# after = [ "graphical-session.target" ];
|
# after = [ "graphical-session.target" ];
|
||||||
# wantedBy = [ "graphical-session.target" ];
|
# wantedBy = [ "graphical-session.target" ];
|
||||||
|
|
||||||
# serviceConfig.ExecStart = "${config.sane.programs.actkbd.package}/bin/actkbd -c /home/colin/.config/actkbd/actkbd.conf";
|
# serviceConfig.ExecStart = "${lib.getExe config.sane.programs.actkbd.package} -c /home/colin/.config/actkbd/actkbd.conf";
|
||||||
# };
|
# };
|
||||||
# };
|
# };
|
||||||
|
|
||||||
|
@@ -54,7 +54,7 @@ lib.mkMerge [
|
|||||||
restartIfChanged = false;
|
restartIfChanged = false;
|
||||||
|
|
||||||
serviceConfig.Type = "simple";
|
serviceConfig.Type = "simple";
|
||||||
serviceConfig.ExecStart = "${cfg.package}/bin/seatd -g seat --bunpen-debug=4";
|
serviceConfig.ExecStart = "${lib.getExe cfg.package} -g seat --bunpen-debug=4";
|
||||||
serviceConfig.Group = "seat";
|
serviceConfig.Group = "seat";
|
||||||
# serviceConfig.AmbientCapabilities = [
|
# serviceConfig.AmbientCapabilities = [
|
||||||
# "CAP_DAC_OVERRIDE"
|
# "CAP_DAC_OVERRIDE"
|
||||||
|
@@ -10,7 +10,7 @@ in
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
(lib.mkIf cfg.enabled {
|
(lib.mkIf cfg.enabled {
|
||||||
services.getty.loginProgram = "${cfg.package}/bin/login";
|
services.getty.loginProgram = lib.getExe' cfg.package "login";
|
||||||
security.pam.services.login.startSession = lib.mkForce false; #< disable systemd integration
|
security.pam.services.login.startSession = lib.mkForce false; #< disable systemd integration
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
@@ -1,7 +1,7 @@
|
|||||||
# borrows from:
|
# borrows from:
|
||||||
# - default config: <https://github.com/cspeterson/splatmoji/blob/master/splatmoji.config>
|
# - default config: <https://github.com/cspeterson/splatmoji/blob/master/splatmoji.config>
|
||||||
# - wayland: <https://github.com/cspeterson/splatmoji/issues/32#issuecomment-830862566>
|
# - wayland: <https://github.com/cspeterson/splatmoji/issues/32#issuecomment-830862566>
|
||||||
{ pkgs, ... }:
|
{ lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
sane.programs.splatmoji = {
|
sane.programs.splatmoji = {
|
||||||
@@ -33,9 +33,9 @@
|
|||||||
# XXX: hardcode the package paths here. all these packages are sandboxed identically
|
# XXX: hardcode the package paths here. all these packages are sandboxed identically
|
||||||
# to `splatmoji` itself, so there's zero benefit to acquiring them via the environment;
|
# to `splatmoji` itself, so there's zero benefit to acquiring them via the environment;
|
||||||
# doing so would in fact be costlier.
|
# doing so would in fact be costlier.
|
||||||
paste_command=${pkgs.wtype}/bin/wtype -M Ctrl -k v
|
paste_command=${lib.getExe pkgs.wtype} -M Ctrl -k v
|
||||||
xdotool_command=${pkgs.wtype}/bin/wtype
|
xdotool_command=${lib.getExe pkgs.wtype}
|
||||||
xsel_command=${pkgs.findutils}/bin/xargs ${pkgs.wl-clipboard}/bin/wl-copy
|
xsel_command=${lib.getExe' pkgs.findutils "xargs"} ${lib.getExe' pkgs.wl-clipboard "wl-copy"}
|
||||||
'';
|
'';
|
||||||
# alternative tweaks:
|
# alternative tweaks:
|
||||||
# rofi_command=${pkgs.wofi}/bin/wofi --dmenu --insensitive --cache-file /dev/null
|
# rofi_command=${pkgs.wofi}/bin/wofi --dmenu --insensitive --cache-file /dev/null
|
||||||
|
@@ -18,7 +18,7 @@ let
|
|||||||
# (consider: nested sway sessions, where sway actually has a reason to read these)
|
# (consider: nested sway sessions, where sway actually has a reason to read these)
|
||||||
exec env -u DISPLAY -u WAYLAND_DISPLAY \
|
exec env -u DISPLAY -u WAYLAND_DISPLAY \
|
||||||
"DESIRED_WAYLAND_DISPLAY=$WAYLAND_DISPLAY" \
|
"DESIRED_WAYLAND_DISPLAY=$WAYLAND_DISPLAY" \
|
||||||
${configuredSway}/bin/sway \
|
${lib.getExe configuredSway} \
|
||||||
2>&1
|
2>&1
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
|
@@ -69,7 +69,7 @@ in
|
|||||||
# XXX: this turns the screen/touch off, and then there's no way to turn it back ON
|
# XXX: this turns the screen/touch off, and then there's no way to turn it back ON
|
||||||
# unless you've configured that elsewhere (e.g. sane-input-handler)
|
# unless you've configured that elsewhere (e.g. sane-input-handler)
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
command = "${screenOff}/bin/screen-off";
|
command = lib.getExe screenOff;
|
||||||
delay = lib.mkDefault 1500; # 1500s = 25min
|
delay = lib.mkDefault 1500; # 1500s = 25min
|
||||||
};
|
};
|
||||||
config.actions.lock = {
|
config.actions.lock = {
|
||||||
|
@@ -39,7 +39,7 @@ in
|
|||||||
#
|
#
|
||||||
# N.B.: for this to behave well with multiple MPRIS clients,
|
# N.B.: for this to behave well with multiple MPRIS clients,
|
||||||
# `playerctld` must be enabled. see: <https://github.com/altdesktop/playerctl/issues/161>
|
# `playerctld` must be enabled. see: <https://github.com/altdesktop/playerctl/issues/161>
|
||||||
exec = "${waybar-media}/bin/waybar-media";
|
exec = lib.getExe waybar-media;
|
||||||
return-type = "json";
|
return-type = "json";
|
||||||
interval = 2;
|
interval = 2;
|
||||||
format = "{icon}{}";
|
format = "{icon}{}";
|
||||||
|
@@ -18,7 +18,7 @@ let
|
|||||||
in {
|
in {
|
||||||
sane.programs.zsh.fs = lib.mkIf enabled {
|
sane.programs.zsh.fs = lib.mkIf enabled {
|
||||||
".config/zsh/.zshrc".symlink.text = ''
|
".config/zsh/.zshrc".symlink.text = ''
|
||||||
eval "$(${pkgs.starship}/bin/starship init zsh)"
|
eval "$(${lib.getExe pkgs.starship} init zsh)"
|
||||||
'';
|
'';
|
||||||
".config/starship.toml".symlink.target = let
|
".config/starship.toml".symlink.target = let
|
||||||
x1b = builtins.fromJSON '' "\u001b" ''; # i.e `^[`
|
x1b = builtins.fromJSON '' "\u001b" ''; # i.e `^[`
|
||||||
|
@@ -123,8 +123,8 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
services.udev.extraRules = let
|
services.udev.extraRules = let
|
||||||
chmod = "${pkgs.coreutils}/bin/chmod";
|
chmod = lib.getExe' pkgs.coreutils "chmod";
|
||||||
chown = "${pkgs.coreutils}/bin/chown";
|
chown = lib.getExe' pkgs.coreutils "chown";
|
||||||
in ''
|
in ''
|
||||||
# make Pinephone flashlight writable by user.
|
# make Pinephone flashlight writable by user.
|
||||||
# taken from postmarketOS: <repo:postmarketOS/pmaports:device/main/device-pine64-pinephone/60-flashlight.rules>
|
# taken from postmarketOS: <repo:postmarketOS/pmaports:device/main/device-pine64-pinephone/60-flashlight.rules>
|
||||||
@@ -135,9 +135,9 @@ in
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
systemd.services.unl0kr.preStart = let
|
systemd.services.unl0kr.preStart = let
|
||||||
dmesg = "${pkgs.util-linux}/bin/dmesg";
|
dmesg = lib.getExe' pkgs.util-linux "dmesg";
|
||||||
grep = "${pkgs.gnugrep}/bin/grep";
|
grep = lib.getExe pkgs.gnugrep;
|
||||||
modprobe = "${pkgs.kmod}/bin/modprobe";
|
modprobe = lib.getExe' pkgs.kmod "modprobe";
|
||||||
in ''
|
in ''
|
||||||
# common boot failure:
|
# common boot failure:
|
||||||
# blank screen (no backlight even), with the following log:
|
# blank screen (no backlight even), with the following log:
|
||||||
|
@@ -92,10 +92,10 @@ in
|
|||||||
} // (lib.optionalAttrs cfg.forwardToWan {
|
} // (lib.optionalAttrs cfg.forwardToWan {
|
||||||
# documented here: <https://nixos.wiki/wiki/WireGuard#Server_setup_2>
|
# documented here: <https://nixos.wiki/wiki/WireGuard#Server_setup_2>
|
||||||
postSetup = ''
|
postSetup = ''
|
||||||
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING --source ${cfg.ip}/24 ! --destination ${cfg.ip}/24 -j MASQUERADE
|
${lib.getExe' pkgs.iptables "iptables"} -t nat -A POSTROUTING --source ${cfg.ip}/24 ! --destination ${cfg.ip}/24 -j MASQUERADE
|
||||||
'';
|
'';
|
||||||
postShutdown = ''
|
postShutdown = ''
|
||||||
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING --source ${cfg.ip}/24 ! --destination ${cfg.ip}/24 -j MASQUERADE
|
${lib.getExe' pkgs.iptables "iptables"} -t nat -D POSTROUTING --source ${cfg.ip}/24 ! --destination ${cfg.ip}/24 -j MASQUERADE
|
||||||
'';
|
'';
|
||||||
}));
|
}));
|
||||||
|
|
||||||
|
@@ -49,7 +49,7 @@ let
|
|||||||
RestartSec = "3min";
|
RestartSec = "3min";
|
||||||
ExecStart =
|
ExecStart =
|
||||||
let
|
let
|
||||||
portFwd = "${pkgs.sane-scripts.ip-port-forward}/bin/sane-ip-port-forward";
|
portFwd = lib.getExe pkgs.sane-scripts.ip-port-forward;
|
||||||
forwards = builtins.map (proto: "${proto}:${port}:${portCfg.description}") portCfg.protocol;
|
forwards = builtins.map (proto: "${proto}:${port}:${portCfg.description}") portCfg.protocol;
|
||||||
in ''
|
in ''
|
||||||
${portFwd} -v -d ${builtins.toString cfg.upnpLeaseDuration} \
|
${portFwd} -v -d ${builtins.toString cfg.upnpLeaseDuration} \
|
||||||
|
@@ -149,7 +149,7 @@ in
|
|||||||
requires = [ "bitcoind-${cfg.bitcoindName}.service" ];
|
requires = [ "bitcoind-${cfg.bitcoindName}.service" ];
|
||||||
after = [ "bitcoind-${cfg.bitcoindName}.service" ];
|
after = [ "bitcoind-${cfg.bitcoindName}.service" ];
|
||||||
|
|
||||||
serviceConfig.ExecStart = "${cfg.package}/bin/lightningd --lightning-dir=${cfg.dataDir}";
|
serviceConfig.ExecStart = "${lib.getExe' cfg.package "lightningd"} --lightning-dir=${cfg.dataDir}";
|
||||||
serviceConfig.User = cfg.user;
|
serviceConfig.User = cfg.user;
|
||||||
serviceConfig.Restart = "always";
|
serviceConfig.Restart = "always";
|
||||||
serviceConfig.RestartSec = "30s";
|
serviceConfig.RestartSec = "30s";
|
||||||
|
@@ -31,7 +31,7 @@ in
|
|||||||
serviceConfig.Type = "simple";
|
serviceConfig.Type = "simple";
|
||||||
# N.B.: dropbear ssh key format is incompatible with OpenSSH's.
|
# N.B.: dropbear ssh key format is incompatible with OpenSSH's.
|
||||||
# also, needs to be manually generated on first run (`dropbearkey -t rsa -f /etc/ssh/host_keys/dropbear_rsa_host_key -s 4096`)
|
# also, needs to be manually generated on first run (`dropbearkey -t rsa -f /etc/ssh/host_keys/dropbear_rsa_host_key -s 4096`)
|
||||||
serviceConfig.ExecStart = "${cfg.package}/bin/dropbear -F -p ${builtins.toString cfg.port} -r /etc/ssh/host_keys/dropbear_rsa_host_key -r /etc/ssh/host_keys/dropbear_ed25519_host_key";
|
serviceConfig.ExecStart = "${lib.getExe' cfg.package "dropbear"} -F -p ${builtins.toString cfg.port} -r /etc/ssh/host_keys/dropbear_rsa_host_key -r /etc/ssh/host_keys/dropbear_ed25519_host_key";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@@ -6,8 +6,8 @@ let
|
|||||||
getIp = pkgs.writeShellScript "dyn-dns-query-wan" ''
|
getIp = pkgs.writeShellScript "dyn-dns-query-wan" ''
|
||||||
# preferred method and fallback
|
# preferred method and fallback
|
||||||
# OPNsense router broadcasts its UPnP endpoint every 30s
|
# OPNsense router broadcasts its UPnP endpoint every 30s
|
||||||
timeout 60 ${pkgs.sane-scripts.ip-check}/bin/sane-ip-check --json || \
|
timeout 60 ${lib.getExe pkgs.sane-scripts.ip-check} --json || \
|
||||||
${pkgs.sane-scripts.ip-check}/bin/sane-ip-check --json --no-upnp
|
${lib.getExe pkgs.sane-scripts.ip-check} --json --no-upnp
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
@@ -63,8 +63,8 @@ in
|
|||||||
before = cfg.restartOnChange;
|
before = cfg.restartOnChange;
|
||||||
|
|
||||||
script = let
|
script = let
|
||||||
jq = "${pkgs.jq}/bin/jq";
|
jq = lib.getExe pkgs.jq;
|
||||||
sed = "${pkgs.gnused}/bin/sed";
|
sed = lib.getExe pkgs.gnused;
|
||||||
in ''
|
in ''
|
||||||
mkdir -p "$(dirname '${cfg.ipPath}')"
|
mkdir -p "$(dirname '${cfg.ipPath}')"
|
||||||
mkdir -p "$(dirname '${cfg.upnpPath}')"
|
mkdir -p "$(dirname '${cfg.upnpPath}')"
|
||||||
@@ -113,8 +113,8 @@ in
|
|||||||
description = "react to the system's WAN IP changing";
|
description = "react to the system's WAN IP changing";
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
script = if cfg.restartOnChange != [] then ''
|
script = if cfg.restartOnChange != [] then ''
|
||||||
${pkgs.systemd}/bin/systemctl restart ${toString cfg.restartOnChange}
|
${lib.getExe' pkgs.systemd "systemctl"} restart ${toString cfg.restartOnChange}
|
||||||
'' else "${pkgs.coreutils}/bin/true";
|
'' else lib.getExe' pkgs.coreutils "true";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@@ -27,10 +27,10 @@ in
|
|||||||
systemd.services.eg25-manager = {
|
systemd.services.eg25-manager = {
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = "${cfg.package}/bin/eg25-manager --config ${eg25-config-toml}";
|
ExecStart = "${lib.getExe cfg.package} --config ${eg25-config-toml}";
|
||||||
ExecStartPre = pkgs.writeShellScript "unload-modem-power" ''
|
ExecStartPre = pkgs.writeShellScript "unload-modem-power" ''
|
||||||
# see issue: <https://gitlab.com/mobian1/eg25-manager/-/issues/38>
|
# see issue: <https://gitlab.com/mobian1/eg25-manager/-/issues/38>
|
||||||
${pkgs.kmod}/bin/modprobe -r modem_power && echo "WARNING: kernel configured with CONFIG_MODEM_POWER=y, may be incompatible with eg25-manager" || true
|
${lib.getExe' pkgs.kmod "modprobe"} -r modem_power && echo "WARNING: kernel configured with CONFIG_MODEM_POWER=y, may be incompatible with eg25-manager" || true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
@@ -61,7 +61,7 @@ in
|
|||||||
# wantedBy = [ "eg25-manager.service" ];
|
# wantedBy = [ "eg25-manager.service" ];
|
||||||
# before = [ "eg25-manager.service" ];
|
# before = [ "eg25-manager.service" ];
|
||||||
# script = ''
|
# script = ''
|
||||||
# ${pkgs.kmod}/bin/modprobe -r modem_power && echo "WARNING: kernel configured with CONFIG_MODEM_POWER=y, may be incompatible with eg25-manager" || true
|
# ${lib.getExe' pkgs.kmod "modprobe"} -r modem_power && echo "WARNING: kernel configured with CONFIG_MODEM_POWER=y, may be incompatible with eg25-manager" || true
|
||||||
# '';
|
# '';
|
||||||
# };
|
# };
|
||||||
};
|
};
|
||||||
|
@@ -96,7 +96,7 @@ let
|
|||||||
});
|
});
|
||||||
|
|
||||||
mkSystemdService = flavor: { includes, listenAddrsIpv4, listenAddrsIpv6, port, substitutions, extraConfig, ... }: let
|
mkSystemdService = flavor: { includes, listenAddrsIpv4, listenAddrsIpv6, port, substitutions, extraConfig, ... }: let
|
||||||
sed = "${pkgs.gnused}/bin/sed";
|
sed = lib.getExe pkgs.gnused;
|
||||||
baseConfig = (
|
baseConfig = (
|
||||||
lib.filterAttrsRecursive (_: v: v != null) config.services.hickory-dns.settings
|
lib.filterAttrsRecursive (_: v: v != null) config.services.hickory-dns.settings
|
||||||
) // {
|
) // {
|
||||||
@@ -292,7 +292,7 @@ in
|
|||||||
|
|
||||||
# run a hook whenever networking details change, so the DNS zone can be updated to reflect this
|
# run a hook whenever networking details change, so the DNS zone can be updated to reflect this
|
||||||
environment.etc."NetworkManager/dispatcher.d/60-hickory-dns-nmhook" = lib.mkIf cfg.asSystemResolver {
|
environment.etc."NetworkManager/dispatcher.d/60-hickory-dns-nmhook" = lib.mkIf cfg.asSystemResolver {
|
||||||
source = "${hickory-dns-nmhook}/bin/hickory-dns-nmhook";
|
source = lib.getExe hickory-dns-nmhook;
|
||||||
};
|
};
|
||||||
|
|
||||||
# allow NetworkManager (via hickory-dns-nmhook) to restart hickory-dns when necessary
|
# allow NetworkManager (via hickory-dns-nmhook) to restart hickory-dns when necessary
|
||||||
|
@@ -44,7 +44,7 @@ in
|
|||||||
args = maybeListenAddress ++ ["-p" cfg.port] ++ cfg.zimPaths;
|
args = maybeListenAddress ++ ["-p" cfg.port] ++ cfg.zimPaths;
|
||||||
in {
|
in {
|
||||||
description = "Deliver ZIM file(s) articles via HTTP";
|
description = "Deliver ZIM file(s) articles via HTTP";
|
||||||
serviceConfig.ExecStart = "${cfg.package}/bin/kiwix-serve ${lib.escapeShellArgs args}";
|
serviceConfig.ExecStart = "${lib.getExe' cfg.package "kiwix-serve"} ${lib.escapeShellArgs args}";
|
||||||
serviceConfig.Type = "simple";
|
serviceConfig.Type = "simple";
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
@@ -116,7 +116,7 @@ let
|
|||||||
config = {
|
config = {
|
||||||
readiness.waitCommand = lib.mkMerge [
|
readiness.waitCommand = lib.mkMerge [
|
||||||
(lib.mkIf (config.readiness.waitDbus != null)
|
(lib.mkIf (config.readiness.waitDbus != null)
|
||||||
''${pkgs.systemdMinimal}/bin/busctl --user status "${config.readiness.waitDbus}" > /dev/null''
|
''${lib.getExe' pkgs.systemdMinimal "busctl"} --user status "${config.readiness.waitDbus}" > /dev/null''
|
||||||
)
|
)
|
||||||
(lib.mkIf (config.readiness.waitExists != [])
|
(lib.mkIf (config.readiness.waitExists != [])
|
||||||
# e.g.: test -e /foo -a -e /bar
|
# e.g.: test -e /foo -a -e /bar
|
||||||
|
@@ -35,7 +35,7 @@ stdenv.mkDerivation (finalAttrs: {
|
|||||||
]);
|
]);
|
||||||
|
|
||||||
# postPatch = ''
|
# postPatch = ''
|
||||||
# substituteInPlace Makefile --replace "= lex" '= ${buildPackages.flex}/bin/flex'
|
# substituteInPlace Makefile --replace "= lex" '= ${lib.getExe' buildPackages.flex "flex"}'
|
||||||
# '';
|
# '';
|
||||||
|
|
||||||
env.CROSS_COMPILE = "or1k-elf-";
|
env.CROSS_COMPILE = "or1k-elf-";
|
||||||
|
@@ -1,7 +1,8 @@
|
|||||||
{ lib
|
{
|
||||||
, stdenv
|
lib,
|
||||||
, fetchurl
|
stdenv,
|
||||||
, update-feed
|
fetchurl,
|
||||||
|
update-feed,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
# feed-specific args
|
# feed-specific args
|
||||||
@@ -14,7 +15,7 @@ stdenv.mkDerivation {
|
|||||||
inherit url;
|
inherit url;
|
||||||
};
|
};
|
||||||
passthru.updateScript = [
|
passthru.updateScript = [
|
||||||
"${update-feed}/bin/update.py" url jsonPath
|
(lib.getExe update-feed) url jsonPath
|
||||||
];
|
];
|
||||||
meta = {
|
meta = {
|
||||||
description = "metadata about any feeds available at ${feedName}";
|
description = "metadata about any feeds available at ${feedName}";
|
||||||
|
@@ -436,11 +436,11 @@ stdenv.mkDerivation (finalAttrs: with finalAttrs; let
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
symlinkThirdpartyBins = outdir: ''
|
symlinkThirdpartyBins = outdir: ''
|
||||||
ln -sf "${lib.getBin dropbear}/bin/dropbear" "${outdir}/dropbear"
|
ln -sf ${lib.getExe' dropbear "dropbear"} ${outdir}/dropbear
|
||||||
ln -sf "${lib.getExe gnutar}" "${outdir}/tar"
|
ln -sf ${lib.getExe gnutar} ${outdir}/tar
|
||||||
ln -sf "${lib.getBin openssh}/libexec/sftp-server" "${outdir}/sftp-server"
|
ln -sf ${lib.getBin openssh}/libexec/sftp-server ${outdir}/sftp-server
|
||||||
ln -sf "${lib.getBin sdcv}/bin/sdcv" "${outdir}/sdcv"
|
ln -sf ${lib.getExe sdcv} ${outdir}/sdcv
|
||||||
ln -sf "${lib.getBin zsync}/bin/zsync" "${outdir}/zsync2"
|
ln -sf ${lib.getExe' zsync "zsync"} ${outdir}/zsync2
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
pname = "koreader-from-src";
|
pname = "koreader-from-src";
|
||||||
|
@@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
|
|||||||
|
|
||||||
postPatch = ''
|
postPatch = ''
|
||||||
substituteInPlace src/meson.build \
|
substituteInPlace src/meson.build \
|
||||||
--replace-fail "python.find_installation('python3').full_path()" "'${pythonEnv}/bin/python3'"
|
--replace-fail "python.find_installation('python3').full_path()" "'${lib.getExe pythonEnv}'"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
@@ -70,7 +70,7 @@ stdenv.mkDerivation rec {
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
||||||
mesonFlags = [ "-Dcompositor=${phoc}/bin/phoc" ];
|
mesonFlags = [ "-Dcompositor=${lib.getExe phoc}" ];
|
||||||
|
|
||||||
depsBuildBuild = [
|
depsBuildBuild = [
|
||||||
pkg-config
|
pkg-config
|
||||||
|
@@ -362,7 +362,7 @@ buildNpmPackage rec {
|
|||||||
# electron should auto-detect x11 v.s. wayland: launching with `NIXOS_OZONE_WL=1` is an optional way to force it when debugging.
|
# electron should auto-detect x11 v.s. wayland: launching with `NIXOS_OZONE_WL=1` is an optional way to force it when debugging.
|
||||||
# xdg-utils: needed for ozone-platform-hint=auto to work
|
# xdg-utils: needed for ozone-platform-hint=auto to work
|
||||||
# else `LaunchProcess: failed to execvp: xdg-settings`
|
# else `LaunchProcess: failed to execvp: xdg-settings`
|
||||||
makeShellWrapper ${electron'}/bin/electron $out/bin/signal-desktop \
|
makeShellWrapper ${lib.getExe electron'} $out/bin/signal-desktop \
|
||||||
"''${gappsWrapperArgs[@]}" \
|
"''${gappsWrapperArgs[@]}" \
|
||||||
--add-flags $out/lib/Signal/resources/app.asar \
|
--add-flags $out/lib/Signal/resources/app.asar \
|
||||||
--suffix PATH : ${lib.makeBinPath [ xdg-utils ]} \
|
--suffix PATH : ${lib.makeBinPath [ xdg-utils ]} \
|
||||||
|
Reference in New Issue
Block a user