Compare commits
65 Commits
historic/f
...
staging/me
Author | SHA1 | Date | |
---|---|---|---|
a6470aec95 | |||
d1d4509d7a | |||
3ce78a1996 | |||
3fc0233d42 | |||
9a44b96f57 | |||
690307e198 | |||
3da6e1fb41 | |||
67c561cf8e | |||
f387a21dee | |||
172a1ed5a6 | |||
60e30c643d | |||
cba200efb4 | |||
77ecde7289 | |||
8390e3d280 | |||
2631d6f590 | |||
fe16b72081 | |||
a3fb2f06a5 | |||
e8ac4fee7a | |||
fcf6f9f6f3 | |||
398c07ea9f | |||
39edaabcc7 | |||
3a14a44483 | |||
bcfd8e1725 | |||
e0a6f8ea4a | |||
80f3d0472b | |||
b6685c9e6c | |||
0c2d8af448 | |||
7ce0c34f43 | |||
f2e8be3bd1 | |||
9b2e7b02cc | |||
1b3e0b95be | |||
f78968c73a | |||
d5d755a4b2 | |||
e08281c380 | |||
afb006f6ec | |||
a76cf03232 | |||
9c24f24306 | |||
736999eea6 | |||
979ed38506 | |||
46285852d0 | |||
0e756d5064 | |||
a52ead5aec | |||
c0377ff1a0 | |||
062ef20d05 | |||
a0861edc5f | |||
eae075acb5 | |||
ef2ba01141 | |||
2756e15bab | |||
940aac3a22 | |||
5f24e029af | |||
98b542332b | |||
70b62e9f76 | |||
7c81df00df | |||
f288f34d1e | |||
854977c3aa | |||
3653776399 | |||
e4bff9b5ef | |||
ec22c128e0 | |||
77cc560052 | |||
c1f3fc502d | |||
4d3248d315 | |||
45a1c07210 | |||
a1a711190f | |||
ee9a2b320d | |||
870afec07e |
51
flake.lock
generated
51
flake.lock
generated
@@ -39,38 +39,22 @@
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1,
|
||||
"narHash": "sha256-arp7Uy7ct5ryTcmSY032eN7hr33i7D2XvjTRLliCFDc=",
|
||||
"path": "/nix/store/rk489311m97gs49qid05c1xra05h64sm-source/nixpatches",
|
||||
"narHash": "sha256-rkVbviFmYYmbbVfvFRtOM95IjETbNu3I517Hrxp8EF4=",
|
||||
"path": "/nix/store/8azr0ivnzf0y1sh2r7alxaxab3w49ggx-source/nixpatches",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/nix/store/rk489311m97gs49qid05c1xra05h64sm-source/nixpatches",
|
||||
"path": "/nix/store/8azr0ivnzf0y1sh2r7alxaxab3w49ggx-source/nixpatches",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1674868155,
|
||||
"narHash": "sha256-eFNm2h6fNbgD7ZpO4MHikCB5pSnCJ7DTmwPisjetmwc=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ce20e9ebe1903ea2ba1ab006ec63093020c761cb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-22.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1674352297,
|
||||
"narHash": "sha256-OkAnJPrauEcUCrst4/3DKoQfUn2gXKuU6CFvhtMrLgg=",
|
||||
"lastModified": 1675265860,
|
||||
"narHash": "sha256-PZNqc4ZnTRT34NsHJYbXn+Yhghh56l8HEXn39SMpGNc=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "918b760070bb8f48cb511300fcd7e02e13058a2e",
|
||||
"rev": "a3a1400571e3b9ccc270c2e8d36194cf05aab6ce",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -82,11 +66,11 @@
|
||||
},
|
||||
"nixpkgs-unpatched": {
|
||||
"locked": {
|
||||
"lastModified": 1674641431,
|
||||
"narHash": "sha256-qfo19qVZBP4qn5M5gXc/h1MDgAtPA5VxJm9s8RUAkVk=",
|
||||
"lastModified": 1675273418,
|
||||
"narHash": "sha256-tpYc4TEGvDzh9uRf44QemyQ4TpVuUbxb07b2P99XDbM=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9b97ad7b4330aacda9b2343396eb3df8a853b4fc",
|
||||
"rev": "4d7c2644dbac9cf8282c0afe68fca8f0f3e7b2db",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -100,7 +84,6 @@
|
||||
"inputs": {
|
||||
"mobile-nixos": "mobile-nixos",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-stable": "nixpkgs-stable",
|
||||
"nixpkgs-unpatched": "nixpkgs-unpatched",
|
||||
"sops-nix": "sops-nix",
|
||||
"uninsane-dot-org": "uninsane-dot-org"
|
||||
@@ -111,14 +94,14 @@
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": "nixpkgs-stable_2"
|
||||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1674546403,
|
||||
"narHash": "sha256-vkyNv0xzXuEnu9v52TUtRugNmQWIti8c2RhYnbLG71w=",
|
||||
"lastModified": 1675288837,
|
||||
"narHash": "sha256-76s8TLENa4PzWDeuIpEF78gqeUrXi6rEJJaKEAaJsXw=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "b6ab3c61e2ca5e07d1f4eb1b67304e2670ea230c",
|
||||
"rev": "a81ce6c961480b3b93498507074000c589bd9d60",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@@ -135,11 +118,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1666870107,
|
||||
"narHash": "sha256-b9eXZxSwhzdJI5uQgfrMhu4SY2POrPkinUg7F5gQVYo=",
|
||||
"lastModified": 1675131883,
|
||||
"narHash": "sha256-yBgJDG72YqIr1bltasqHD1E/kHc9uRFgDjxDmy6kI8M=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "80c6ec95bd430e29d231cf745f19279bb76fb382",
|
||||
"revCount": 164,
|
||||
"rev": "b099c24091cc192abf3997b94342d4b31cc5757b",
|
||||
"revCount": 170,
|
||||
"type": "git",
|
||||
"url": "https://git.uninsane.org/colin/uninsane"
|
||||
},
|
||||
|
22
flake.nix
22
flake.nix
@@ -19,7 +19,7 @@
|
||||
# but `inputs` is required to be a strict attrset: not an expression.
|
||||
inputs = {
|
||||
# <https://github.com/nixos/nixpkgs/tree/nixos-22.11>
|
||||
nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-22.11";
|
||||
# nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-22.11";
|
||||
|
||||
# <https://github.com/nixos/nixpkgs/tree/nixos-unstable>
|
||||
nixpkgs-unpatched.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
||||
@@ -46,12 +46,12 @@
|
||||
outputs = {
|
||||
self,
|
||||
nixpkgs,
|
||||
nixpkgs-stable,
|
||||
nixpkgs-unpatched,
|
||||
mobile-nixos,
|
||||
sops-nix,
|
||||
uninsane-dot-org
|
||||
}:
|
||||
uninsane-dot-org,
|
||||
...
|
||||
}@inputs:
|
||||
let
|
||||
nixpkgsCompiledBy = local: nixpkgs.legacyPackages."${local}";
|
||||
|
||||
@@ -78,6 +78,9 @@
|
||||
self.overlays.passthru
|
||||
self.overlays.pins
|
||||
];
|
||||
# nixpkgs.crossSystem = target;
|
||||
nixpkgs.hostPlatform = target;
|
||||
nixpkgs.buildPlatform = local;
|
||||
}
|
||||
];
|
||||
});
|
||||
@@ -111,15 +114,20 @@
|
||||
# - `nixos-rebuild --flake './#<host>' switch`
|
||||
imgs = builtins.mapAttrs (_: host-dfn: host-dfn.config.system.build.img) self.nixosConfigurations;
|
||||
|
||||
host-pkgs = builtins.mapAttrs (_: host-dfn: host-dfn.config.system.build.pkgs) self.nixosConfigurations;
|
||||
|
||||
overlays = rec {
|
||||
default = pkgs;
|
||||
pkgs = import ./overlays/pkgs.nix;
|
||||
pins = import ./overlays/pins.nix; # TODO: move to `nixpatches/` input
|
||||
passthru =
|
||||
let
|
||||
stable = next: prev: {
|
||||
stable = nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform.system}";
|
||||
};
|
||||
stable =
|
||||
if inputs ? "nixpkgs-stable" then (
|
||||
next: prev: {
|
||||
stable = inputs.nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform.system}";
|
||||
}
|
||||
) else (next: prev: {});
|
||||
mobile = (import "${mobile-nixos}/overlay/overlay.nix");
|
||||
uninsane = uninsane-dot-org.overlay;
|
||||
in
|
||||
|
@@ -4,8 +4,6 @@
|
||||
./fs.nix
|
||||
];
|
||||
|
||||
# sane.packages.enableDevPkgs = true;
|
||||
|
||||
sane.roles.client = true;
|
||||
sane.services.wg-home.enable = true;
|
||||
sane.services.wg-home.ip = config.sane.hosts.by-name."desko".wg-home.ip;
|
||||
@@ -16,6 +14,8 @@
|
||||
|
||||
sane.gui.sway.enable = true;
|
||||
|
||||
sane.programs.guiApps.suggestedPrograms = [ "desktopGuiApps" ];
|
||||
|
||||
boot.loader.efi.canTouchEfiVariables = false;
|
||||
sane.image.extraBootFiles = [ pkgs.bootpart-uefi-x86_64 ];
|
||||
|
||||
@@ -54,7 +54,7 @@
|
||||
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
|
||||
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
|
||||
};
|
||||
sane.persist.home.plaintext = [
|
||||
sane.user.persist.plaintext = [
|
||||
".steam"
|
||||
".local/share/Steam"
|
||||
];
|
||||
|
@@ -8,15 +8,15 @@
|
||||
sane.services.wg-home.enable = true;
|
||||
sane.services.wg-home.ip = config.sane.hosts.by-name."lappy".wg-home.ip;
|
||||
|
||||
# sane.packages.enableDevPkgs = true;
|
||||
|
||||
# sane.users.guest.enable = true;
|
||||
# sane.guest.enable = true;
|
||||
sane.gui.sway.enable = true;
|
||||
sane.persist.enable = true;
|
||||
sane.nixcache.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = false;
|
||||
sane.image.extraBootFiles = [ pkgs.bootpart-uefi-x86_64 ];
|
||||
|
||||
sane.programs.guiApps.suggestedPrograms = [ "desktopGuiApps" ];
|
||||
|
||||
sops.secrets.colin-passwd = {
|
||||
sopsFile = ../../../secrets/lappy.yaml;
|
||||
neededForUsers = true;
|
||||
|
@@ -37,15 +37,10 @@
|
||||
# addons.sideberry.enable = false;
|
||||
};
|
||||
|
||||
sane.persist.home.plaintext = [
|
||||
sane.user.persist.plaintext = [
|
||||
".config/pulse" # persist pulseaudio volume
|
||||
];
|
||||
|
||||
# sane.packages.enableGuiPkgs = false; # XXX faster builds/imaging for debugging
|
||||
sane.packages.extraUserPkgs = [
|
||||
pkgs.plasma5Packages.konsole # terminal
|
||||
];
|
||||
|
||||
sane.nixcache.enable = true;
|
||||
sane.persist.enable = true;
|
||||
sane.gui.phosh.enable = true;
|
||||
|
@@ -8,12 +8,13 @@
|
||||
./services
|
||||
];
|
||||
|
||||
sane.packages.extraUserPkgs = with pkgs; [
|
||||
sane.programs = {
|
||||
# for administering services
|
||||
freshrss
|
||||
matrix-synapse
|
||||
signaldctl
|
||||
];
|
||||
freshrss.enableFor.user.colin = true;
|
||||
matrix-synapse.enableFor.user.colin = true;
|
||||
signaldctl.enableFor.user.colin = true;
|
||||
};
|
||||
|
||||
sane.persist.enable = true;
|
||||
sane.services.dyn-dns.enable = true;
|
||||
sane.services.wg-home.enable = true;
|
||||
|
@@ -1,3 +1,6 @@
|
||||
# DOCS:
|
||||
# - dovecot config: <https://doc.dovecot.org/configuration_manual/>
|
||||
|
||||
{ config, lib, ... }:
|
||||
|
||||
let
|
||||
@@ -143,6 +146,25 @@ in
|
||||
|
||||
# inspired by https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/
|
||||
services.dovecot2.enable = true;
|
||||
services.dovecot2.mailboxes = {
|
||||
# special-purpose mailboxes: "All" "Archive" "Drafts" "Flagged" "Junk" "Sent" "Trash"
|
||||
# RFC6154 describes these special mailboxes: https://www.ietf.org/rfc/rfc6154.html
|
||||
# how these boxes are treated is 100% up to the client and server to decide.
|
||||
# client behavior:
|
||||
# iOS
|
||||
# - Drafts: ?
|
||||
# - Sent: works
|
||||
# - Trash: works
|
||||
# aerc
|
||||
# - Drafts: works
|
||||
# - Sent: works
|
||||
# - Trash: no; deleted messages are actually deleted
|
||||
# use `:move trash` instead
|
||||
# Sent mailbox: all sent messages are copied to it. unclear if this happens server-side or client-side.
|
||||
Drafts = { specialUse = "Drafts"; auto = "create"; };
|
||||
Sent = { specialUse = "Sent"; auto = "create"; };
|
||||
Trash = { specialUse = "Trash"; auto = "create"; };
|
||||
};
|
||||
services.dovecot2.sslServerCert = "/var/lib/acme/imap.uninsane.org/fullchain.pem";
|
||||
services.dovecot2.sslServerKey = "/var/lib/acme/imap.uninsane.org/key.pem";
|
||||
services.dovecot2.enablePAM = false;
|
||||
|
@@ -1,22 +1,826 @@
|
||||
{ config, ... }:
|
||||
# cross compiling
|
||||
|
||||
# - for edge-casey things, see in nixpkgs:
|
||||
# - `git show da9a9a440415b236f22f57ba67a24ab3fb53f595`
|
||||
# - e.g. `mesonEmulatorHook`, `depsBuildBuild`, `python3.pythonForBuild`
|
||||
# - <doc/stdenv/cross-compilation.chapter.md>
|
||||
# - e.g. `makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];`
|
||||
#
|
||||
# build a particular package as evaluated here with:
|
||||
# - toplevel: `nix build '.#host-pkgs.moby-cross.xdg-utils'`
|
||||
# - scoped: `nix build '.#host-pkgs.moby-cross.gnome.mutter'`
|
||||
# - python: `nix build '.#host-pkgs.moby-cross.python310Packages.pandas'`
|
||||
# - perl: `nix build '.#host-pkgs.moby-cross.perl536Packages.ModuleBuild'`
|
||||
# - qt: `nix build '.#host-pkgs.moby-cross.qt5.qtbase'`
|
||||
# - qt: `nix build '.#host-pkgs.moby-cross.libsForQt5.phonon'`
|
||||
# most of these can be built in a nixpkgs source root like:
|
||||
# - `nix build '.#pkgsCross.aarch64-multiplatform.xdg-utils'`
|
||||
#
|
||||
# tracking issues, PRs:
|
||||
# - libuv tests fail: <https://github.com/NixOS/nixpkgs/issues/190807>
|
||||
# - last checked: 2023-02-07
|
||||
# - opened: 2022-09-11
|
||||
# - perl Module Build broken: <https://github.com/NixOS/nixpkgs/issues/66741>
|
||||
# - last checked: 2023-02-07
|
||||
# - opened: 2019-08
|
||||
# - perl536Packages.Testutf8 fails to cross: <https://github.com/NixOS/nixpkgs/issues/198548>
|
||||
# - last checked: 2023-02-07
|
||||
# - opened: 2022-10
|
||||
# - python310Packages.psycopg2: <https://github.com/NixOS/nixpkgs/issues/210265>
|
||||
# - last checked: 2023-02-06
|
||||
# - i have a potential fix:
|
||||
# """
|
||||
# i was able to just add `postgresql` to the `buildInputs` (so that it's in both `buildInputs` and `nativeBuildInputs`):
|
||||
# it fixed the build for `pkgsCross.aarch64-multiplatform.python310Packages.psycopg2` but not for `armv7l-hf-multiplatform` that this issue description calls out.
|
||||
#
|
||||
# also i haven't deployed it yet to make sure this doesn't cause anything funky at runtime though.
|
||||
# """
|
||||
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
mkCrossFrom = localSystem: pkgs: import pkgs.path {
|
||||
inherit localSystem;
|
||||
crossSystem = pkgs.stdenv.hostPlatform.system;
|
||||
inherit (config.nixpkgs) config overlays;
|
||||
};
|
||||
# these are the overlays which we *also* pass through to the cross and emulated package sets.
|
||||
# TODO: refactor to not specify same overlay in multiple places (here and flake.nix).
|
||||
overlays = [
|
||||
(import ./../../overlays/pkgs.nix)
|
||||
(import ./../../overlays/pins.nix)
|
||||
];
|
||||
mkCrossFrom = localSystem: pkgs:
|
||||
import pkgs.path {
|
||||
inherit localSystem; # localSystem is equivalent to buildPlatform
|
||||
crossSystem = pkgs.stdenv.hostPlatform.system;
|
||||
inherit (config.nixpkgs) config;
|
||||
inherit overlays;
|
||||
};
|
||||
mkEmulated = pkgs:
|
||||
import pkgs.path {
|
||||
localSystem = pkgs.stdenv.hostPlatform.system;
|
||||
inherit (config.nixpkgs) config;
|
||||
inherit overlays;
|
||||
};
|
||||
in
|
||||
{
|
||||
# the configuration of which specific package set `pkgs.cross` refers to happens elsewhere;
|
||||
# here we just define them all.
|
||||
nixpkgs.overlays = [
|
||||
(next: prev: {
|
||||
# non-emulated packages build *from* local *for* target.
|
||||
# for large packages like the linux kernel which are expensive to build under emulation,
|
||||
# the config can explicitly pull such packages from `pkgs.cross` to do more efficient cross-compilation.
|
||||
crossFrom."x86_64-linux" = mkCrossFrom "x86_64-linux" next;
|
||||
crossFrom."aarch64-linux" = mkCrossFrom "aarch64-linux" next;
|
||||
})
|
||||
];
|
||||
# options = {
|
||||
# perlPackageOverrides = lib.mkOption {
|
||||
# };
|
||||
# };
|
||||
|
||||
config = {
|
||||
# the configuration of which specific package set `pkgs.cross` refers to happens elsewhere;
|
||||
# here we just define them all.
|
||||
nixpkgs.overlays = [
|
||||
(next: prev: {
|
||||
# non-emulated packages build *from* local *for* target.
|
||||
# for large packages like the linux kernel which are expensive to build under emulation,
|
||||
# the config can explicitly pull such packages from `pkgs.cross` to do more efficient cross-compilation.
|
||||
crossFrom."x86_64-linux" = mkCrossFrom "x86_64-linux" prev;
|
||||
crossFrom."aarch64-linux" = mkCrossFrom "aarch64-linux" prev;
|
||||
|
||||
emulated = mkEmulated prev;
|
||||
})
|
||||
(next: prev:
|
||||
let
|
||||
emulated = prev.emulated;
|
||||
in {
|
||||
# packages which don't cross compile
|
||||
inherit (emulated)
|
||||
# adwaita-qt # psqlodbc
|
||||
apacheHttpd_2_4 # `configure: error: Size of "void *" is less than size of "long"`
|
||||
appstream # meson.build:139:0: ERROR: Program 'gperf' not found or not executable
|
||||
colord # (meson) ERROR: An exe_wrapper is needed but was not found. Please define one in cross file and check the command and/or add it to PATH.
|
||||
# duplicity # python3.10-s3transfer
|
||||
flatpak # No package 'libxml-2.0' found
|
||||
fwupd-efi # efi/meson.build:162:0: ERROR: Program or command 'gcc' not found or not executable
|
||||
gmime3 # "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
|
||||
# gnome-tour
|
||||
# XXX: gnustep members aren't individually overridable, because the "scope" uses `rec` such that members don't see overrides
|
||||
gnustep # gnustep.base: "configure: error: Your compiler does not appear to implement the -fconstant-string-class option needed for support of strings."
|
||||
# grpc
|
||||
gvfs # meson.build:312:2: ERROR: Assert failed: http required but libxml-2.0 not found
|
||||
# hdf5 # configure: error: cannot run test program while cross compiling
|
||||
# http2
|
||||
ibus # configure.ac:152: error: possibly undefined macro: AM_PATH_GLIB_2_0
|
||||
kitty # "FileNotFoundError: [Errno 2] No such file or directory: 'pkg-config'"
|
||||
libchamplain # "failed to produce output path for output 'devdoc'"
|
||||
libgccjit # "../../gcc-9.5.0/gcc/jit/jit-result.c:52:3: error: 'dlclose' was not declared in this scope"
|
||||
libgweather # "Run-time dependency vapigen found: NO (tried pkgconfig)"
|
||||
libjcat # data/tests/meson.build:10:0: ERROR: Program 'gnutls-certtool certtool' not found or not executable
|
||||
# libsForQt5 # qtbase # make: g++: No such file or directory
|
||||
libtiger # "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
|
||||
notmuch # "Error: The dependencies of notmuch could not be satisfied" (xapian, gmime, glib, talloc)
|
||||
perlInterpreters # perl5.36.0-Module-Build perl5.36.0-Test-utf8 (see tracking issues ^)
|
||||
phosh # libadwaita-1 not found
|
||||
# qgnomeplatform
|
||||
# qtbase
|
||||
qt5 # qt5.qtx11extras fails, but we can't selectively emulate it
|
||||
qt6 # "You need to set QT_HOST_PATH to cross compile Qt."
|
||||
sequoia # "/nix/store/q8hg17w47f9xr014g36rdc2gi8fv02qc-clang-aarch64-unknown-linux-gnu-12.0.1-lib/lib/libclang.so.12: cannot open shared object file: No such file or directory"', /build/sequoia-0.27.0-vendor.tar.gz/bindgen/src/lib.rs:1975:31"
|
||||
# splatmoji
|
||||
squeekboard # meson.build:1:0: ERROR: 'rust' compiler binary not defined in cross or native file
|
||||
twitter-color-emoji # /nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 1: pkg-config: command not found
|
||||
# unar has multiple failures:
|
||||
# - "configure: error: Your compiler does not appear to implement the -fconstant-string-class option needed for support of strings. Please check for a more recent version or consider using --enable-nxconstantstring"
|
||||
# - "/nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 1: ar: command not found"
|
||||
unar
|
||||
visidata # python3.10-psycopg2 python3.10-pandas python3.10-h5py
|
||||
webp-pixbuf-loader # install phase: "Builder called die: Cannot wrap '/nix/store/kpp8qhzdjqgvw73llka5gpnsj0l4jlg8-gdk-pixbuf-aarch64-unknown-linux-gnu-2.42.10/bin/gdk-pixbuf-thumbnailer' because it is not an executable file"
|
||||
# webkitgtk_4_1 # requires nativeBuildInputs = perl.pkgs.FileCopyRecursive => perl5.36.0-Test-utf8
|
||||
# xdg-utils # perl5.36.0-File-BaseDir / perl5.36.0-Module-Build
|
||||
;
|
||||
|
||||
# apacheHttpd_2_4 = prev.apacheHttpd_2_4.override {
|
||||
# # fixes original error
|
||||
# # new failure mode: "/nix/store/czvaa9y9ch56z53c0b0f5bsjlgh14ra6-apr-aarch64-unknown-linux-gnu-1.7.0-dev/share/build/libtool: line 1890: aarch64-unknown-linux-gnu-ar: command not found"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
# mod_dnssd = prev.mod_dnssd.override {
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
apacheHttpdPackagesFor = apacheHttpd: self:
|
||||
let
|
||||
prevHttpdPkgs = prev.apacheHttpdPackagesFor apacheHttpd self;
|
||||
in prevHttpdPkgs // {
|
||||
# fixes "configure: error: *** Sorry, could not find apxs ***"
|
||||
mod_dnssd = prevHttpdPkgs.mod_dnssd.override {
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
};
|
||||
# apacheHttpdPackagesFor = apacheHttpd: self:
|
||||
# let
|
||||
# prevHttpdPkgs = lib.fix (emulated.apacheHttpdPackagesFor apacheHttpd);
|
||||
# in
|
||||
# (prev.apacheHttpdPackagesFor apacheHttpd self) // {
|
||||
# # inherit (prevHttpdPkgs) mod_dnssd;
|
||||
# mod_dnssd = prevHttpdPkgs.mod_dnssd.override {
|
||||
# inherit (self) apacheHttpd;
|
||||
# };
|
||||
# };
|
||||
# appstream = prev.appstream.override {
|
||||
# # doesn't fix: "ld: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# appstream = prev.appstream.overrideAttrs (orig: {
|
||||
# # fixes "Program 'gperf' not found or not executable"
|
||||
# # does not fix "ERROR: An exe_wrapper is needed but was not found. Please define one in cross file and check the command and/or add it to PATH."
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gperf ];
|
||||
# });
|
||||
|
||||
blueman = prev.blueman.overrideAttrs (orig: {
|
||||
# configure: error: ifconfig or ip not found, install net-tools or iproute2
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.iproute2 ];
|
||||
});
|
||||
brltty = prev.brltty.override {
|
||||
# configure: error: no acceptable C compiler found in $PATH
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
browserpass = prev.browserpass.override {
|
||||
# fixes "qemu-aarch64: Could not open '/lib/ld-linux-aarch64.so.1': No such file or directory"
|
||||
inherit (emulated) buildGoModule; # buildGoModule holds the stdenv
|
||||
};
|
||||
cantarell-fonts = prev.cantarell-fonts.override {
|
||||
# fixes error where python3.10-skia-pathops dependency isn't available for the build platform
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
cdrtools = prev.cdrtools.override {
|
||||
# "configure: error: installation or configuration problem: C compiler cc not found."
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
|
||||
# colord = prev.colord.override {
|
||||
# # doesn't fix: "ld: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
dante = prev.dante.override {
|
||||
# fixes: "configure: error: error: getaddrinfo() error value count too low"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
|
||||
emacs = prev.emacs.override {
|
||||
# fixes "configure: error: cannot run test program while cross compiling"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
|
||||
# flatpak = prev.flatpak.override {
|
||||
# # doesn't fix: "ld: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
fuzzel = prev.fuzzel.override {
|
||||
# meson.build:100:0: ERROR: Dependency lookup for wayland-scanner with method 'pkgconfig' failed: Pkg-config binary for machine 0 not found. Giving up.
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
|
||||
# fwupd-efi = prev.fwupd-efi.override {
|
||||
# # efi/meson.build:33:2: ERROR: Problem encountered: gnu-efi support requested, but headers were not found
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
fwupd = prev.fwupd.overrideAttrs (orig: {
|
||||
# solves (meson) "Run-time dependency libgcab-1.0 found: NO (tried pkgconfig and cmake)", and others.
|
||||
buildInputs = orig.buildInputs ++ [ next.gcab next.gnutls ];
|
||||
mesonFlags = (lib.remove "-Ddocs=enabled" orig.mesonFlags) ++ [ "-Ddocs=disabled" ];
|
||||
outputs = lib.remove "devdoc" orig.outputs;
|
||||
});
|
||||
# fwupd = prev.fwupd.override {
|
||||
# # solves missing libgcab-1.0;
|
||||
# # new error: "meson.build:449:4: ERROR: Command "/nix/store/n7xrj3pnrgcr8igx7lfhz8197y67bk7k-python3-aarch64-unknown-linux-gnu-3.10.9-env/bin/python3 po/test-deps" failed with status 1."
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
gcr_4 = prev.gcr_4.overrideAttrs (orig: {
|
||||
# fixes (meson): "ERROR: Program 'gpg2 gpg' not found or not executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gnupg next.openssh ];
|
||||
});
|
||||
gthumb = prev.gthumb.overrideAttrs (orig: {
|
||||
# fixes (meson) "Program 'glib-mkenums mkenums' not found or not executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
gmime = prev.gmime.overrideAttrs (orig: {
|
||||
# "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
|
||||
configureFlags = orig.configureFlags ++ [ "ac_cv_have_iconv_detect_h=no" ];
|
||||
});
|
||||
|
||||
# gmime3 = prev.gmime3.overrideAttrs (orig: {
|
||||
# # "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
|
||||
# # unsolved: "ImportError: /nix/store/c190src4bjkfp7bdgc5sadnmvgzv7kxb-gobject-introspection-aarch64-unknown-linux-gnu-1.74.0/lib/gobject-introspection/giscanner/_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
|
||||
# configureFlags = orig.configureFlags ++ [ "ac_cv_have_iconv_detect_h=no" ];
|
||||
# });
|
||||
# gmime3 = prev.gmime3.override {
|
||||
# # doesn't fix
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
gnome = prev.gnome.overrideScope' (self: super: {
|
||||
inherit (emulated.gnome)
|
||||
dconf-editor # "error: Package `dconf' not found in specified Vala API directories or GObject-Introspection GIR directories"
|
||||
evolution-data-server # "The 'perl' not found, not installing csv2vcard"
|
||||
gnome-shell # "meson.build:128:0: ERROR: Program 'gjs' not found or not executable"
|
||||
gnome-settings-daemon # subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable
|
||||
mutter # meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)
|
||||
;
|
||||
# dconf-editor = super.dconf-editor.override {
|
||||
# # fails to fix original error
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# dconf-editor = super.dconf-editor.overrideAttrs (orig: {
|
||||
# # fails to fix original error
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.dconf ];
|
||||
# });
|
||||
evince = super.evince.overrideAttrs (orig: {
|
||||
# fixes (meson) "Run-time dependency gi-docgen found: NO (tried pkgconfig and cmake)"
|
||||
# inspired by gupnp
|
||||
outputs = [ "out" "dev" ]
|
||||
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
|
||||
mesonFlags = orig.mesonFlags ++ [
|
||||
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
|
||||
];
|
||||
});
|
||||
# evolution-data-server = super.evolution-data-server.override {
|
||||
# inherit (next) stdenv;
|
||||
# };
|
||||
# evolution-data-server = super.evolution-data-server.overrideAttrs (orig: {
|
||||
# # fixes "The 'perl' not found, not installing csv2vcard"
|
||||
# # doesn't fix "CMake Error: try_run() invoked in cross-compiling mode, please set the following cache variables appropriately"
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
|
||||
# });
|
||||
file-roller = super.file-roller.override {
|
||||
# fixes "src/meson.build:106:0: ERROR: Program 'glib-compile-resources' not found or not executable"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
gnome-color-manager = super.gnome-color-manager.overrideAttrs (orig: {
|
||||
# fixes: "src/meson.build:3:0: ERROR: Program 'glib-compile-resources' not found or not executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
gnome-control-center = super.gnome-control-center.overrideAttrs (orig: {
|
||||
# fixes "subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
# gnome-control-center = super.gnome-control-center.override {
|
||||
# inherit (next) stdenv;
|
||||
# };
|
||||
# gnome-keyring = super.gnome-keyring.override {
|
||||
# # does not fix original error
|
||||
# inherit (next) stdenv;
|
||||
# };
|
||||
gnome-keyring = super.gnome-keyring.overrideAttrs (orig: {
|
||||
# fixes "configure.ac:374: error: possibly undefined macro: AM_PATH_LIBGCRYPT"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libgcrypt next.openssh next.glib ];
|
||||
});
|
||||
gnome-remote-desktop = super.gnome-remote-desktop.overrideAttrs (orig: {
|
||||
# TODO: remove gnome-remote-desktop (wanted by gnome-control-center)
|
||||
# fixes: "Program gdbus-codegen found: NO"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
# gnome-shell = super.gnome-shell.overrideAttrs (orig: {
|
||||
# # fixes "meson.build:128:0: ERROR: Program 'gjs' not found or not executable"
|
||||
# # does not fix "_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory" (python import failure)
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gjs next.gobject-introspection ];
|
||||
# # try to reduce gobject-introspection/shew dependencies
|
||||
# mesonFlags = [
|
||||
# "-Dextensions_app=false"
|
||||
# "-Dextensions_tool=false"
|
||||
# "-Dman=false"
|
||||
# ];
|
||||
# # fixes "gvc| Build-time dependency gobject-introspection-1.0 found: NO"
|
||||
# # inspired by gupnp_1_6
|
||||
# # outputs = [ "out" "dev" ]
|
||||
# # ++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
|
||||
# # mesonFlags = [
|
||||
# # "-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
|
||||
# # ];
|
||||
# });
|
||||
# gnome-shell = super.gnome-shell.override {
|
||||
# inherit (next) stdenv;
|
||||
# };
|
||||
# gnome-shell = super.gnome-shell.overrideAttrs (orig: {
|
||||
# # does not solve original error
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.mesonEmulatorHook ];
|
||||
# });
|
||||
# gnome-settings-daemon = super.gnome-settings-daemon.overrideAttrs (orig: {
|
||||
# # fixes "subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable"
|
||||
# # new error: "plugins/power/meson.build:22:0: ERROR: Dependency lookup for glib-2.0 with method 'pkgconfig' failed: Pkg-config binary for machine 0 not found. Giving up."
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
# });
|
||||
# gnome-settings-daemon = super.gnome-settings-daemon.overrideAttrs (orig: {
|
||||
# # does not fix original error
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.mesonEmulatorHook ];
|
||||
# });
|
||||
gnome-session = super.gnome-session.overrideAttrs (orig: {
|
||||
# fixes: "gdbus-codegen not found or executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
# gnome-terminal = super.gnome-terminal.override {
|
||||
# # fixes: "meson.build:343:0: ERROR: Dependency "libpcre2-8" not found, tried pkgconfig"
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
gnome-terminal = super.gnome-terminal.overrideAttrs (orig: {
|
||||
# fixes "meson.build:343:0: ERROR: Dependency "libpcre2-8" not found, tried pkgconfig"
|
||||
buildInputs = orig.buildInputs ++ [ next.pcre2 ];
|
||||
});
|
||||
gnome-user-share = super.gnome-user-share.overrideAttrs (orig: {
|
||||
# fixes: meson.build:111:6: ERROR: Program 'glib-compile-schemas' not found or not executable
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
# mutter = super.mutter.override {
|
||||
# # DOES NOT FIX: "meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)"
|
||||
# inherit (next) stdenv;
|
||||
# };
|
||||
# mutter = super.mutter.overrideAttrs (orig: {
|
||||
# # fixes "meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)"
|
||||
# # new error: "/nix/store/c190src4bjkfp7bdgc5sadnmvgzv7kxb-gobject-introspection-aarch64-unknown-linux-gnu-1.74.0/lib/gobject-introspection/giscanner/_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gobject-introspection next.wayland-scanner ];
|
||||
# buildInputs = orig.buildInputs ++ [ next.mesa ];
|
||||
# # disable docs building
|
||||
# mesonFlags = lib.remove "-Ddocs=true" orig.mesonFlags;
|
||||
# });
|
||||
# mutter = super.mutter.overrideAttrs (orig: {
|
||||
# # TODO: something seems to be propagating an *emulated* version of gobject-introspection into the build
|
||||
# nativeBuildInputs =
|
||||
# (lib.remove next.python3
|
||||
# (lib.remove next.mesa orig.nativeBuildInputs)
|
||||
# )
|
||||
# ++ [
|
||||
# next.gobject-introspection
|
||||
# next.mesonEmulatorHook
|
||||
# next.python3.pythonForBuild
|
||||
# next.wayland-scanner
|
||||
# ];
|
||||
# buildInputs = (lib.remove next.gobject-introspection orig.buildInputs)
|
||||
# ++ [ next.mesa ];
|
||||
# # disable docs building
|
||||
# mesonFlags = lib.remove "-Ddocs=true" orig.mesonFlags;
|
||||
# });
|
||||
# nautilus = super.nautilus.override {
|
||||
# # fixes: "meson.build:123:0: ERROR: Dependency "libxml-2.0" not found, tried pkgconfig"
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
nautilus = super.nautilus.overrideAttrs (orig: {
|
||||
# fixes: "meson.build:123:0: ERROR: Dependency "libxml-2.0" not found, tried pkgconfig"
|
||||
buildInputs = orig.buildInputs ++ [ next.libxml2 ];
|
||||
});
|
||||
});
|
||||
|
||||
gocryptfs = prev.gocryptfs.override {
|
||||
# fixes "error: hash mismatch in fixed-output derivation" (vendorSha256)
|
||||
inherit (emulated) buildGoModule; # equivalent to stdenv
|
||||
};
|
||||
gupnp_1_6 = prev.gupnp_1_6.overrideAttrs (orig: {
|
||||
# fixes "subprojects/gi-docgen/meson.build:10:0: ERROR: python3 not found"
|
||||
# this patch is copied from the default gupnp.
|
||||
# TODO: upstream
|
||||
outputs = [ "out" "dev" ]
|
||||
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
|
||||
mesonFlags = [
|
||||
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
|
||||
"-Dintrospection=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
|
||||
];
|
||||
});
|
||||
|
||||
gst_all_1 = prev.gst_all_1 // {
|
||||
# gst-editing-services = prev.gst_all_1.gst-editing-services.override {
|
||||
# # fixes "Run-time dependency gst-validate-1.0 found: NO"
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgobject-2.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# XXX this feels risky; it propagates a (conflicting) gst-plugins to all consumers
|
||||
# gst-editing-services = emulated.gst_all_1.gst-editing-services;
|
||||
gst-editing-services = prev.gst_all_1.gst-editing-services.overrideAttrs (orig: {
|
||||
# fixes "Run-time dependency gst-validate-1.0 found: NO"
|
||||
buildInputs = orig.buildInputs ++ [ next.gst_all_1.gst-devtools ];
|
||||
mesonFlags = orig.mesonFlags ++ [
|
||||
# disable "python formatters" to avoid undefined references to Py_Initialize, etc.
|
||||
"-Dpython=disabled"
|
||||
];
|
||||
});
|
||||
inherit (emulated.gst_all_1) gst-plugins-good;
|
||||
# gst-plugins-good = prev.gst_all_1.gst-plugins-good.override {
|
||||
# # when invoked with `qt5Support = true`, qtbase shows up in both buildInputs and nativeBuildInputs
|
||||
# # if these aren't identical, then qt complains: "Error: detected mismatched Qt dependencies"
|
||||
# # doesn't fix the original error.
|
||||
# inherit (emulated) stdenv;
|
||||
# # qt5Support = true;
|
||||
# };
|
||||
};
|
||||
# gvfs = prev.gvfs.overrideAttrs (orig: {
|
||||
# # meson.build:312:2: ERROR: Assert failed: http required but libxml-2.0 not found
|
||||
# # nativeBuildInputs = orig.nativeBuildInputs ++ [ prev.libxml2 prev.mesonEmulatorHook ];
|
||||
# # TODO: gvfs 1.50.2 -> 1.50.3 upgrade is upstreamed, and fixed cross compilation
|
||||
# version = "1.50.3";
|
||||
# src = next.fetchurl {
|
||||
# url = "mirror://gnome/sources/gvfs/1.50/gvfs-1.50.3.tar.xz";
|
||||
# sha256 = "aJcRnpe7FgKdJ3jhpaVKamWSYx+LLzoqHepO8rAYA/0=";
|
||||
# };
|
||||
# patches = [
|
||||
# # Hardcode the ssh path again.
|
||||
# # https://gitlab.gnome.org/GNOME/gvfs/-/issues/465
|
||||
# (next.fetchpatch2 {
|
||||
# url = "https://gitlab.gnome.org/GNOME/gvfs/-/commit/8327383e262e1e7f32750a8a2d3dd708195b0f53.patch";
|
||||
# hash = "sha256-ReD7qkezGeiJHyo9jTqEQNBjECqGhV9nSD+dYYGZWJ8=";
|
||||
# revert = true;
|
||||
# })
|
||||
# ];
|
||||
# });
|
||||
# gvfs = prev.gvfs.override {
|
||||
# # solves original config-time problem
|
||||
# # new failure: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/3n0n1s5gb34lkckkr8ix5b7s5hz4n48v-libxml2-2.10.3/lib/libxml2.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
hdf5 = prev.hdf5.override {
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
|
||||
# ibus = prev.ibus.override {
|
||||
# # "_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
iio-sensor-proxy = prev.iio-sensor-proxy.overrideAttrs (orig: {
|
||||
# fixes "./autogen.sh: line 26: gtkdocize: not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib next.gtk-doc ];
|
||||
});
|
||||
|
||||
# kitty = prev.kitty.override {
|
||||
# # does not solve original error
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
# libchamplain = prev.libchamplain.override {
|
||||
# # fails: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format";
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# libgweather = prev.libgweather.override {
|
||||
# # solves original problem
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgio-2.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
libHX = prev.libHX.overrideAttrs (orig: {
|
||||
# "Can't exec "libtoolize": No such file or directory at /nix/store/r4fvx9hazsm0rdm7s393zd5v665dsh1c-autoconf-2.71/share/autoconf/Autom4te/FileUtils.pm line 294."
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libtool ];
|
||||
});
|
||||
# libjcat = prev.libjcat.override {
|
||||
# # fixes original error
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgio-2.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
librest = prev.librest.overrideAttrs (orig: {
|
||||
# fixes "You must have gtk-doc >= 1.13 installed to build documentation"
|
||||
# by removing the "--enable-gtk-doc" flag
|
||||
configureFlags = [ "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt" ];
|
||||
});
|
||||
librest_1_0 = prev.librest_1_0.overrideAttrs (orig: {
|
||||
# fixes (meson) "Run-time dependency gi-docgen found: NO (tried pkgconfig and cmake)"
|
||||
# inspired by gupnp
|
||||
outputs = [ "out" "dev" ]
|
||||
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
|
||||
mesonFlags = orig.mesonFlags ++ [
|
||||
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
|
||||
];
|
||||
});
|
||||
libsForQt5 = prev.libsForQt5.overrideScope' (self: super: {
|
||||
qgpgme = super.qgpgme.overrideAttrs (orig: {
|
||||
# fix so it can find the MOC compiler
|
||||
# it looks like it might not *need* to propagate qtbase, but so far unclear
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ self.qtbase ];
|
||||
propagatedBuildInputs = lib.remove self.qtbase orig.propagatedBuildInputs;
|
||||
});
|
||||
phonon = super.phonon.overrideAttrs (orig: {
|
||||
# fixes "ECM (required version >= 5.60), Extra CMake Modules"
|
||||
buildInputs = orig.buildInputs ++ [ next.extra-cmake-modules ];
|
||||
});
|
||||
});
|
||||
|
||||
# libtiger = prev.libtiger.override {
|
||||
# # fails to fix: "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# libtiger = prev.libtiger.overrideAttrs (orig: {
|
||||
# # fails to fix: "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libkate next.cairo next.pango ];
|
||||
# });
|
||||
|
||||
libuv = prev.libuv.overrideAttrs (orig: {
|
||||
# 2 tests fail:
|
||||
# - not ok 261 - tcp_bind6_error_addrinuse
|
||||
# - not ok 267 - tcp_bind_error_addrinuse_listen
|
||||
doCheck = false;
|
||||
});
|
||||
|
||||
ncftp = prev.ncftp.override {
|
||||
# fixes: "ar: No such file or directory"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
networkmanager-fortisslvpn = prev.networkmanager-fortisslvpn.overrideAttrs (orig: {
|
||||
# fixes "gdbus-codegen: command not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
# networkmanager-iodine = prev.networkmanager-iodine.overrideAttrs (orig: {
|
||||
# # fails to fix "configure.ac:58: error: possibly undefined macro: AM_GLIB_GNU_GETTEXT"
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gettext ];
|
||||
# });
|
||||
networkmanager-iodine = prev.networkmanager-iodine.override {
|
||||
# fixes "configure.ac:58: error: possibly undefined macro: AM_GLIB_GNU_GETTEXT"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
networkmanager-l2tp = prev.networkmanager-l2tp.overrideAttrs (orig: {
|
||||
# fixes "gdbus-codegen: command not found"
|
||||
# fixes "gtk4-builder-tool: command not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib next.gtk4 ];
|
||||
});
|
||||
networkmanager-openconnect = prev.networkmanager-openconnect.overrideAttrs (orig: {
|
||||
# fixes "properties/gresource.xml: Permission denied"
|
||||
# - by providing glib-compile-resources
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
networkmanager-openvpn = prev.networkmanager-openvpn.overrideAttrs (orig: {
|
||||
# fixes "properties/gresource.xml: Permission denied"
|
||||
# - by providing glib-compile-resources
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
networkmanager-sstp = prev.networkmanager-sstp.overrideAttrs (orig: {
|
||||
# fixes "gdbus-codegen: command not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
networkmanager-vpnc = prev.networkmanager-vpnc.overrideAttrs (orig: {
|
||||
# fixes "properties/gresource.xml: Permission denied"
|
||||
# - by providing glib-compile-resources
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
nheko = prev.nheko.overrideAttrs (orig: {
|
||||
# fixes "fatal error: lmdb++.h: No such file or directory
|
||||
buildInputs = orig.buildInputs ++ [ next.lmdbxx ];
|
||||
});
|
||||
# notmuch = prev.notmuch.override {
|
||||
# # fails to solve original error
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
obex_data_server = prev.obex_data_server.override {
|
||||
# fixes "/nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 2: --prefix=ods_manager: command not found"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
openfortivpn = prev.openfortivpn.override {
|
||||
# fixes "checking for /proc/net/route... configure: error: cannot check for file existence when cross compiling"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
ostree = prev.ostree.override {
|
||||
# fixes "configure: error: Need GPGME_PTHREAD version 1.1.8 or later"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
pam_mount = prev.pam_mount.overrideAttrs (orig: {
|
||||
# fixes: "perl: command not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
|
||||
});
|
||||
|
||||
# perlPackageOverrides = _perl: {
|
||||
# inherit (pkgs.emulated.perl.pkgs)
|
||||
# Testutf8
|
||||
# ;
|
||||
# };
|
||||
|
||||
phoc = prev.phoc.override {
|
||||
# fixes "Program wayland-scanner found: NO"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
# phosh = prev.phosh.override {
|
||||
# # fixes original error.
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/2bzd39fbsifidd667s7x930d0b7pm3qx-pango-1.50.12/lib/libpangocairo-1.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
phosh-mobile-settings = prev.phosh-mobile-settings.override {
|
||||
# fixes "meson.build:26:0: ERROR: Dependency "phosh-plugins" not found, tried pkgconfig"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
pipewire = prev.pipewire.overrideAttrs (orig: {
|
||||
# fix `spa/plugins/bluez5/meson.build:41:0: ERROR: Program 'gdbus-codegen' not found or not executable`
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
psqlodbc = prev.psqlodbc.override {
|
||||
# fixes "configure: error: odbc_config not found (required for unixODBC build)"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
|
||||
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
|
||||
(py-next: py-prev: {
|
||||
defcon = py-prev.defcon.overridePythonAttrs (orig: {
|
||||
# TODO: diagnose and upstream
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ orig.nativeCheckInputs;
|
||||
});
|
||||
executing = py-prev.executing.overridePythonAttrs (orig: {
|
||||
# TODO: confirm & upstream
|
||||
# test has an assertion that < 1s of CPU time elapsed => flakey
|
||||
disabledTestPaths = orig.disabledTestPaths or [] ++ [
|
||||
# "tests/test_main.py::TestStuff::test_many_source_for_filename_calls"
|
||||
"tests/test_main.py"
|
||||
];
|
||||
});
|
||||
# h5py = py-prev.h5py.overridePythonAttrs (orig: {
|
||||
# # XXX: can't upstream until its dependency, hdf5, is fixed. that looks TRICKY.
|
||||
# # - the `setup_configure.py` in h5py tries to dlopen (and call into) the hdf5 lib to query the version and detect features like MPI
|
||||
# # - it could be patched with ~10 LoC in the HDF5LibWrapper class.
|
||||
# #
|
||||
# # expose numpy and hdf5 as available at build time
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ orig.propagatedBuildInputs ++ orig.buildInputs;
|
||||
# buildInputs = [];
|
||||
# # HDF5_DIR = "${hdf5}";
|
||||
# });
|
||||
mutatormath = py-prev.mutatormath.overridePythonAttrs (orig: {
|
||||
# TODO: diagnose and upstream
|
||||
nativeBuildInputs = orig.nativeBuildInputs or [] ++ orig.nativeCheckInputs;
|
||||
});
|
||||
pandas = py-prev.pandas.overridePythonAttrs (orig: {
|
||||
# TODO: upstream
|
||||
# XXX: we only actually need numpy when building in ~/nixpkgs repo: not sure why we need all the propagatedBuildInputs here.
|
||||
# nativeBuildInputs = orig.nativeBuildInputs ++ [ py-next.numpy ];
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ orig.propagatedBuildInputs;
|
||||
});
|
||||
psycopg2 = py-prev.psycopg2.overridePythonAttrs (orig: {
|
||||
# TODO: upstream (see tracking issue)
|
||||
#
|
||||
# psycopg2 *links* against libpg, so we need the host postgres available at build time!
|
||||
# present-day nixpkgs only includes it in nativeBuildInputs
|
||||
buildInputs = orig.buildInputs ++ [ next.postgresql ];
|
||||
});
|
||||
s3transfer = py-prev.s3transfer.overridePythonAttrs (orig: {
|
||||
# tests explicitly expect host CPU == build CPU
|
||||
# Bail out! ERROR:../plugins/core.c:221:qemu_plugin_vcpu_init_hook: assertion failed: (success)
|
||||
# Bail out! ERROR:../accel/tcg/cpu-exec.c:954:cpu_exec: assertion failed: (cpu == current_cpu)
|
||||
disabledTestPaths = orig.disabledTestPaths ++ [
|
||||
# "tests/functional/test_processpool.py::TestProcessPoolDownloader::test_cleans_up_tempfile_on_failure"
|
||||
"tests/functional/test_processpool.py"
|
||||
# "tests/unit/test_compat.py::TestBaseManager::test_can_provide_signal_handler_initializers_to_start"
|
||||
"tests/unit/test_compat.py"
|
||||
];
|
||||
});
|
||||
# skia-pathops = ?
|
||||
# it tries to call `cc` during the build, but can't find it.
|
||||
})
|
||||
];
|
||||
# qt5 = prev.qt5.overrideScope' (self: super: {
|
||||
# qtbase = super.qtbase.override {
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# qtx11extras = super.qtx11extras.override {
|
||||
# # "Project ERROR: Cannot run compiler 'g++'";
|
||||
# # this fails an assert though, where the cross qt now references the emulated qt.
|
||||
# inherit (emulated.qt5) qtModule;
|
||||
# };
|
||||
# });
|
||||
# qt6 = prev.qt6.overrideScope' (self: super: {
|
||||
# qtbase = super.qtbase.override {
|
||||
# # fixes: "You need to set QT_HOST_PATH to cross compile Qt."
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
# });
|
||||
rapidfuzz-cpp = prev.rapidfuzz-cpp.overrideAttrs (orig: {
|
||||
# fixes "error: could not find git for clone of catch2-populate"
|
||||
buildInputs = orig.buildInputs or [] ++ [ next.catch2_3 ];
|
||||
});
|
||||
re2 = (prev.re2.override {
|
||||
# fixes: "FAILED: CMakeFiles/test.util"
|
||||
inherit (emulated) stdenv;
|
||||
}).overrideAttrs (orig: {
|
||||
# exhaustive{,1,2}_test times out after 1500s.
|
||||
# this is after exhaustive3_test takes 600s to pass.
|
||||
doCheck = false;
|
||||
});
|
||||
rmlint = prev.rmlint.override {
|
||||
# fixes "Checking whether the C compiler works... no"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
# sequoia = prev.sequoia.override {
|
||||
# # fails to fix original error
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
# squeekboard = prev.squeekboard.overrideAttrs (orig: {
|
||||
# # fixes: "meson.build:1:0: ERROR: 'rust' compiler binary not defined in cross or native file"
|
||||
# # new error: "meson.build:1:0: ERROR: Rust compiler rustc --target aarch64-unknown-linux-gnu -C linker=aarch64-unknown-linux-gnu-gcc can not compile programs."
|
||||
# mesonFlags =
|
||||
# let
|
||||
# # ERROR: 'rust' compiler binary not defined in cross or native file
|
||||
# crossFile = next.writeText "cross-file.conf" ''
|
||||
# [binaries]
|
||||
# rust = [ 'rustc', '--target', '${next.rust.toRustTargetSpec next.stdenv.hostPlatform}' ]
|
||||
# '';
|
||||
# in
|
||||
# orig.mesonFlags or [] ++ lib.optionals (next.stdenv.hostPlatform != next.stdenv.buildPlatform) [ "--cross-file=${crossFile}" ];
|
||||
# });
|
||||
# squeekboard = prev.squeekboard.override {
|
||||
# # new error: "gcc: error: unrecognized command line option '-m64'"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
strp = prev.srtp.overrideAttrs (orig: {
|
||||
# roc_driver test times out after 30s
|
||||
doCheck = false;
|
||||
});
|
||||
sysprof = prev.sysprof.overrideAttrs (orig: {
|
||||
# fixes: "src/meson.build:12:2: ERROR: Program 'gdbus-codegen' not found or not executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
tpm2-abrmd = prev.tpm2-abrmd.overrideAttrs (orig: {
|
||||
# fixes "configure: error: *** gdbus-codegen is required to build tpm2-abrmd; No package 'gio-unix-2.0' found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
|
||||
});
|
||||
tracker-miners = prev.tracker-miners.override {
|
||||
# fixes "meson.build:183:0: ERROR: Can not run test applications in this cross environment."
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
# twitter-color-emoji = prev.twitter-color-emoji.override {
|
||||
# # fails to fix original error
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
|
||||
# unar = (prev.unar.override {
|
||||
# # fixes "ar: command not found"
|
||||
# # new error: "gcc: error: unrecognized command line option '-fobjc-runtime=gnustep-2.0'"
|
||||
# inherit (emulated) stdenv;
|
||||
# });
|
||||
unixODBCDrivers = prev.unixODBCDrivers // {
|
||||
# TODO: should this package be deduped with toplevel psqlodbc in upstream nixpkgs?
|
||||
psql = prev.unixODBCDrivers.psql.override {
|
||||
# fixes "configure: error: odbc_config not found (required for unixODBC build)"
|
||||
inherit (emulated) stdenv;
|
||||
};
|
||||
# psql = prev.unixODBCDrivers.psql.overrideAttrs (orig: {
|
||||
# # fixes "configure: error: odbc_config not found (required for unixODBC build)"
|
||||
# # new error: "/nix/store/h3ms3h95rbj5p8yhxfhbsbnxgvpnb8w0-aarch64-unknown-linux-gnu-binutils-2.39/bin/aarch64-unknown-linux-gnu-ld: /nix/store/6h6z98qvg5k8rsqpivi42r5008zjfp2v-unixODBC-2.3.11/lib/libodbcinst.so: error adding symbols: file in wrong format"
|
||||
# nativeBuildInputs = orig.nativeBuildInputs or [] ++ orig.buildInputs;
|
||||
# });
|
||||
};
|
||||
|
||||
vlc = prev.vlc.overrideAttrs (orig: {
|
||||
# fixes: "configure: error: could not find the LUA byte compiler"
|
||||
# fixes: "configure: error: protoc compiler needed for chromecast was not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.lua5 next.protobuf ];
|
||||
# fix that it can't find the c compiler
|
||||
# makeFlags = orig.makeFlags or [] ++ [ "CC=${prev.stdenv.cc.targetPrefix}cc" ];
|
||||
BUILDCC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc";
|
||||
});
|
||||
vpnc = prev.vpnc.overrideAttrs (orig: {
|
||||
# fixes "perl: command not found"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
|
||||
});
|
||||
xdg-desktop-portal-gtk = prev.xdg-desktop-portal-gtk.overrideAttrs (orig: {
|
||||
# fixes "No package 'xdg-desktop-portal' found"
|
||||
buildInputs = orig.buildInputs ++ [ next.xdg-desktop-portal ];
|
||||
});
|
||||
xdg-desktop-portal-gnome = prev.xdg-desktop-portal-gnome.overrideAttrs (orig: {
|
||||
# fixes: "data/meson.build:33:5: ERROR: Program 'msgfmt' not found or not executable"
|
||||
# fixes: "src/meson.build:25:0: ERROR: Program 'gdbus-codegen' not found or not executable"
|
||||
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gettext next.glib ];
|
||||
});
|
||||
# webp-pixbuf-loader = prev.webp-pixbuf-loader.override {
|
||||
# # fixes "Builder called die: Cannot wrap '/nix/store/kpp8qhzdjqgvw73llka5gpnsj0l4jlg8-gdk-pixbuf-aarch64-unknown-linux-gnu-2.42.10/bin/gdk-pixbuf-thumbnailer' because it is not an executable file"
|
||||
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/2syg6jxk8zi1zkpqvkxkz87x8sl27c6b-gdk-pixbuf-2.42.10/lib/libgdk_pixbuf-2.0.so: error adding symbols: file in wrong format"
|
||||
# inherit (emulated) stdenv;
|
||||
# };
|
||||
})
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@@ -10,6 +10,8 @@
|
||||
./ids.nix
|
||||
./machine-id.nix
|
||||
./net.nix
|
||||
./persist.nix
|
||||
./programs.nix
|
||||
./secrets.nix
|
||||
./ssh.nix
|
||||
./users.nix
|
||||
@@ -17,17 +19,8 @@
|
||||
];
|
||||
|
||||
sane.nixcache.enable-trusted-keys = true;
|
||||
sane.packages.enableConsolePkgs = true;
|
||||
sane.packages.enableSystemPkgs = true;
|
||||
|
||||
sane.persist.sys.plaintext = [
|
||||
"/var/log"
|
||||
"/var/backup" # for e.g. postgres dumps
|
||||
# TODO: move elsewhere
|
||||
"/var/lib/alsa" # preserve output levels, default devices
|
||||
"/var/lib/colord" # preserve color calibrations (?)
|
||||
"/var/lib/machines" # maybe not needed, but would be painful to add a VM and forget.
|
||||
];
|
||||
sane.programs.sysadminUtils.enableFor.system = true;
|
||||
sane.programs.consoleUtils.enableFor.user.colin = true;
|
||||
|
||||
# some services which use private directories error if the parent (/var/lib/private) isn't 700.
|
||||
sane.fs."/var/lib/private".dir.acl.mode = "0700";
|
||||
|
@@ -7,5 +7,5 @@
|
||||
sopsFile = ../../../secrets/universal/aerc_accounts.conf;
|
||||
format = "binary";
|
||||
};
|
||||
sane.fs."/home/colin/.config/aerc/accounts.conf" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.aerc_accounts.path;
|
||||
sane.user.fs.".config/aerc/accounts.conf" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.aerc_accounts.path;
|
||||
}
|
||||
|
@@ -125,11 +125,11 @@ in
|
||||
# `wget ...xpi`; `unar ...xpi`; `cat */manifest.json | jq '.browser_specific_settings.gecko.id'`
|
||||
# browserpass-ce.package = addon "browserpass-ce" "browserpass@maximbaz.com" "sha256-sXgUBbRvMnRpeIW1MTkmTcoqtW/8RDXAkxAq1evFkpc=";
|
||||
browserpass-extension.package = localAddon pkgs.browserpass-extension;
|
||||
bypass-paywalls-clean.package = addon "bypass-paywalls-clean" "{d133e097-46d9-4ecc-9903-fa6a722a6e0e}" "sha256-JOj5P7c2JTTReHCRZXm4BscaGr3i+9Y4Ey/y621x8PI=";
|
||||
bypass-paywalls-clean.package = addon "bypass-paywalls-clean" "{d133e097-46d9-4ecc-9903-fa6a722a6e0e}" "sha256-oUwdqdAwV3DezaTtOMx7A/s4lzIws+t2f08mwk+325k=";
|
||||
ether-metamask.package = addon "ether-metamask" "webextension@metamask.io" "sha256-G+MwJDOcsaxYSUXjahHJmkWnjLeQ0Wven8DU/lGeMzA=";
|
||||
i2p-in-private-browsing.package = addon "i2p-in-private-browsing" "i2ppb@eyedeekay.github.io" "sha256-dJcJ3jxeAeAkRvhODeIVrCflvX+S4E0wT/PyYzQBQWs=";
|
||||
sidebery.package = addon "sidebery" "{3c078156-979c-498b-8990-85f7987dd929}" "sha256-YONfK/rIjlsrTgRHIt3km07Q7KnpIW89Z9r92ZSCc6w=";
|
||||
sponsorblock.package = addon "sponsorblock" "sponsorBlocker@ajay.app" "sha256-d2K3ufvurWnYVzqLbyR//MgejybkY9exitAf9RdLNRo=";
|
||||
sponsorblock.package = addon "sponsorblock" "sponsorBlocker@ajay.app" "sha256-hRsvLaAsVm3dALsTrJqHTNgRFAQcU7XSaGhr5G6+mFs=";
|
||||
ublacklist.package = addon "ublacklist" "@ublacklist" "sha256-RqY5iHzbL2qizth7aguyOKWPyINXmrwOlf/OsfqAS48=";
|
||||
ublock-origin.package = addon "ublock-origin" "uBlock0@raymondhill.net" "sha256-a/ivUmY1P6teq9x0dt4CbgHt+3kBsEMMXlOfZ5Hx7cg=";
|
||||
|
||||
@@ -146,6 +146,11 @@ in
|
||||
};
|
||||
|
||||
config = {
|
||||
sane.programs.web-browser = {
|
||||
inherit package;
|
||||
# TODO: define the persistence & fs config here
|
||||
};
|
||||
sane.programs.guiApps.suggestedPrograms = [ "web-browser" ];
|
||||
|
||||
# uBlock filter list configuration.
|
||||
# specifically, enable the GDPR cookie prompt blocker.
|
||||
@@ -155,7 +160,7 @@ in
|
||||
# the specific attribute path is found via scraping ublock code here:
|
||||
# - <https://github.com/gorhill/uBlock/blob/master/src/js/storage.js>
|
||||
# - <https://github.com/gorhill/uBlock/blob/master/assets/assets.json>
|
||||
sane.fs."/home/colin/${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs."${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText ''
|
||||
{
|
||||
"name": "uBlock0@raymondhill.net",
|
||||
"description": "ignored",
|
||||
@@ -165,26 +170,24 @@ in
|
||||
}
|
||||
}
|
||||
'';
|
||||
sane.fs."/home/colin/${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs."${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText ''
|
||||
// if we can't query the revocation status of a SSL cert because the issuer is offline,
|
||||
// treat it as unrevoked.
|
||||
// see: <https://librewolf.net/docs/faq/#im-getting-sec_error_ocsp_server_error-what-can-i-do>
|
||||
defaultPref("security.OCSP.require", false);
|
||||
'';
|
||||
|
||||
sane.packages.extraGuiPkgs = [ package ];
|
||||
# flush the cache to disk to avoid it taking up too much tmp
|
||||
sane.persist.home.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) {
|
||||
sane.user.persist.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) {
|
||||
store = cfg.persistCache;
|
||||
};
|
||||
|
||||
sane.persist.home.byPath."${cfg.browser.dotDir}/default" = lib.mkIf (cfg.persistData != null) {
|
||||
sane.user.persist.byPath."${cfg.browser.dotDir}/default" = lib.mkIf (cfg.persistData != null) {
|
||||
store = cfg.persistData;
|
||||
};
|
||||
sane.fs."/home/colin/${cfg.browser.dotDir}/default" = sane-lib.fs.wantedDir;
|
||||
sane.user.fs."${cfg.browser.dotDir}/default" = sane-lib.fs.wantedDir;
|
||||
# instruct Firefox to put the profile in a predictable directory (so we can do things like persist just it).
|
||||
# XXX: the directory *must* exist, even if empty; Firefox will not create the directory itself.
|
||||
sane.fs."/home/colin/${cfg.browser.dotDir}/profiles.ini" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs."${cfg.browser.dotDir}/profiles.ini" = sane-lib.fs.wantedText ''
|
||||
[Profile0]
|
||||
Name=default
|
||||
IsRelative=1
|
||||
|
@@ -6,7 +6,7 @@ let
|
||||
all-feeds = config.sane.feeds;
|
||||
wanted-feeds = feeds.filterByFormat ["text" "image"] all-feeds;
|
||||
in {
|
||||
sane.fs."/home/colin/.config/org.gabmus.gfeeds.json" = sane-lib.fs.wantedText (
|
||||
sane.user.fs.".config/org.gabmus.gfeeds.json" = sane-lib.fs.wantedText (
|
||||
builtins.toJSON {
|
||||
# feed format is a map from URL to a dict,
|
||||
# with dict["tags"] a list of string tags.
|
||||
|
@@ -4,7 +4,7 @@ let
|
||||
mkCfg = lib.generators.toINI { };
|
||||
in
|
||||
{
|
||||
sane.fs."/home/colin/.config/git/config" = sane-lib.fs.wantedText (mkCfg {
|
||||
sane.user.fs.".config/git/config" = sane-lib.fs.wantedText (mkCfg {
|
||||
user.name = "Colin";
|
||||
user.email = "colin@uninsane.org";
|
||||
alias.co = "checkout";
|
||||
|
@@ -6,7 +6,7 @@ let
|
||||
all-feeds = config.sane.feeds;
|
||||
wanted-feeds = feeds.filterByFormat ["podcast"] all-feeds;
|
||||
in {
|
||||
sane.fs."/home/colin/.config/gpodderFeeds.opml" = sane-lib.fs.wantedText (
|
||||
sane.user.fs.".config/gpodderFeeds.opml" = sane-lib.fs.wantedText (
|
||||
feeds.feedsToOpml wanted-feeds
|
||||
);
|
||||
}
|
||||
|
@@ -1,10 +1,11 @@
|
||||
{ config, sane-lib, ... }:
|
||||
|
||||
{
|
||||
sane.persist.home.private = [ ".local/share/keyrings" ];
|
||||
sane.user.persist.private = [ ".local/share/keyrings" ];
|
||||
|
||||
sane.fs."/home/colin/private/.local/share/keyrings/default" = {
|
||||
sane.user.fs."private/.local/share/keyrings/default" = {
|
||||
generated.script.script = builtins.readFile ../../../scripts/init-keyring;
|
||||
# TODO: is this `wantedBy` needed? can we inherit it?
|
||||
wantedBy = [ config.sane.fs."/home/colin/private".unit ];
|
||||
};
|
||||
}
|
||||
|
@@ -1,7 +1,7 @@
|
||||
{ pkgs, sane-lib, ... }:
|
||||
|
||||
{
|
||||
sane.fs."/home/colin/.config/kitty/kitty.conf" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs.".config/kitty/kitty.conf" = sane-lib.fs.wantedText ''
|
||||
# docs: https://sw.kovidgoyal.net/kitty/conf/
|
||||
# disable terminal bell (when e.g. you backspace too many times)
|
||||
enable_audio_bell no
|
||||
|
@@ -2,7 +2,7 @@
|
||||
|
||||
{
|
||||
# libreoffice: disable first-run stuff
|
||||
sane.fs."/home/colin/.config/libreoffice/4/user/registrymodifications.xcu" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs.".config/libreoffice/4/user/registrymodifications.xcu" = sane-lib.fs.wantedText ''
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<oor:items xmlns:oor="http://openoffice.org/2001/registry" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<item oor:path="/org.openoffice.Office.Common/Misc"><prop oor:name="FirstRun" oor:op="fuse"><value>false</value></prop></item>
|
||||
|
@@ -2,7 +2,7 @@
|
||||
|
||||
{
|
||||
# format is <key>=%<length>%<value>
|
||||
sane.fs."/home/colin/.config/mpv/mpv.conf" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs.".config/mpv/mpv.conf" = sane-lib.fs.wantedText ''
|
||||
save-position-on-quit=%3%yes
|
||||
keep-open=%3%yes
|
||||
'';
|
||||
|
@@ -72,7 +72,7 @@ let
|
||||
in
|
||||
{
|
||||
# private because there could be sensitive things in the swap
|
||||
sane.persist.home.private = [ ".cache/vim-swap" ];
|
||||
sane.user.persist.private = [ ".cache/vim-swap" ];
|
||||
|
||||
programs.neovim = {
|
||||
# neovim: https://github.com/neovim/neovim
|
||||
|
@@ -6,7 +6,7 @@ let
|
||||
all-feeds = config.sane.feeds;
|
||||
wanted-feeds = feeds.filterByFormat ["text" "image"] all-feeds;
|
||||
in {
|
||||
sane.fs."/home/colin/.config/newsflashFeeds.opml" = sane-lib.fs.wantedText (
|
||||
sane.user.fs.".config/newsflashFeeds.opml" = sane-lib.fs.wantedText (
|
||||
feeds.feedsToOpml wanted-feeds
|
||||
);
|
||||
}
|
||||
|
@@ -4,9 +4,9 @@
|
||||
{ pkgs, sane-lib, ... }:
|
||||
|
||||
{
|
||||
sane.persist.home.plaintext = [ ".local/state/splatmoji" ];
|
||||
sane.fs."/home/colin/.config/splatmoji/splatmoji.config" = sane-lib.fs.wantedText ''
|
||||
history_file=/home/colin/.local/state/splatmoji/history
|
||||
sane.user.persist.plaintext = [ ".local/state/splatmoji" ];
|
||||
sane.user.fs.".config/splatmoji/splatmoji.config" = sane-lib.fs.wantedText ''
|
||||
history_file=~/.local/state/splatmoji/history
|
||||
history_length=5
|
||||
# TODO: wayland equiv
|
||||
paste_command=xdotool key ctrl+v
|
||||
|
@@ -12,9 +12,9 @@ let
|
||||
in
|
||||
{
|
||||
# ssh key is stored in private storage
|
||||
sane.persist.home.private = [ ".ssh/id_ed25519" ];
|
||||
sane.fs."/home/colin/.ssh/id_ed25519.pub" = sane-lib.fs.wantedText user-pubkey;
|
||||
sane.fs."/home/colin/.ssh/known_hosts" = sane-lib.fs.wantedText known-hosts-text;
|
||||
sane.user.persist.private = [ ".ssh/id_ed25519" ];
|
||||
sane.user.fs.".ssh/id_ed25519.pub" = sane-lib.fs.wantedText user-pubkey;
|
||||
sane.user.fs.".ssh/known_hosts" = sane-lib.fs.wantedText known-hosts-text;
|
||||
|
||||
users.users.colin.openssh.authorizedKeys.keys =
|
||||
let
|
||||
|
@@ -7,5 +7,5 @@
|
||||
sopsFile = ../../../secrets/universal/sublime_music_config.json.bin;
|
||||
format = "binary";
|
||||
};
|
||||
sane.fs."/home/colin/.config/sublime-music/config.json" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.sublime_music_config.path;
|
||||
sane.user.fs.".config/sublime-music/config.json" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.sublime_music_config.path;
|
||||
}
|
||||
|
@@ -9,7 +9,7 @@ let
|
||||
);
|
||||
in
|
||||
{
|
||||
sane.fs."/home/colin/.config/vlc/vlcrc" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs.".config/vlc/vlcrc" = sane-lib.fs.wantedText ''
|
||||
[podcast]
|
||||
podcast-urls=${podcast-urls}
|
||||
[core]
|
||||
|
@@ -3,7 +3,7 @@
|
||||
{
|
||||
# XDG defines things like ~/Desktop, ~/Downloads, etc.
|
||||
# these clutter the home, so i mostly don't use them.
|
||||
sane.fs."/home/colin/.config/user-dirs.dirs" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs.".config/user-dirs.dirs" = sane-lib.fs.wantedText ''
|
||||
XDG_DESKTOP_DIR="$HOME/.xdg/Desktop"
|
||||
XDG_DOCUMENTS_DIR="$HOME/dev"
|
||||
XDG_DOWNLOAD_DIR="$HOME/tmp"
|
||||
@@ -16,5 +16,5 @@
|
||||
|
||||
# prevent `xdg-user-dirs-update` from overriding/updating our config
|
||||
# see <https://manpages.ubuntu.com/manpages/bionic/man5/user-dirs.conf.5.html>
|
||||
sane.fs."/home/colin/.config/user-dirs.conf" = sane-lib.fs.wantedText "enabled=False";
|
||||
sane.user.fs.".config/user-dirs.conf" = sane-lib.fs.wantedText "enabled=False";
|
||||
}
|
||||
|
@@ -26,7 +26,7 @@ let
|
||||
'';
|
||||
in
|
||||
{
|
||||
sane.persist.home.plaintext = [
|
||||
sane.user.persist.plaintext = [
|
||||
# we don't need to full zsh dir -- just the history file --
|
||||
# but zsh will sometimes backup the history file and we get fewer errors if we do proper mounts instead of symlinks.
|
||||
# TODO: should be private?
|
||||
@@ -36,7 +36,7 @@ in
|
||||
];
|
||||
|
||||
# zsh/prezto complains if zshrc doesn't exist; but it does allow an "empty" file.
|
||||
sane.fs."/home/colin/.config/zsh/.zshrc" = sane-lib.fs.wantedText "# ";
|
||||
sane.user.fs.".config/zsh/.zshrc" = sane-lib.fs.wantedText "# ";
|
||||
|
||||
# enable zsh completions
|
||||
environment.pathsToLink = [ "/share/zsh" ];
|
||||
@@ -107,7 +107,7 @@ in
|
||||
# prezto = oh-my-zsh fork; controls prompt, auto-completion, etc.
|
||||
# see: https://github.com/sorin-ionescu/prezto
|
||||
# i believe this file is auto-sourced by the prezto init.zsh script.
|
||||
sane.fs."/home/colin/.config/zsh/.zpreztorc" = sane-lib.fs.wantedText ''
|
||||
sane.user.fs.".config/zsh/.zpreztorc" = sane-lib.fs.wantedText ''
|
||||
zstyle ':prezto:*:*' color 'yes'
|
||||
|
||||
# modules (they ship with prezto):
|
||||
|
18
hosts/common/persist.nix
Normal file
18
hosts/common/persist.nix
Normal file
@@ -0,0 +1,18 @@
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
sane.persist.stores.private.origin = "/home/colin/private";
|
||||
# store /home/colin/a/b in /home/private/a/b instead of /home/private/home/colin/a/b
|
||||
sane.persist.stores.private.prefix = "/home/colin";
|
||||
|
||||
sane.persist.sys.plaintext = [
|
||||
"/var/log"
|
||||
"/var/backup" # for e.g. postgres dumps
|
||||
# TODO: move elsewhere
|
||||
"/var/lib/alsa" # preserve output levels, default devices
|
||||
"/var/lib/colord" # preserve color calibrations (?)
|
||||
"/var/lib/machines" # maybe not needed, but would be painful to add a VM and forget.
|
||||
"/var/lib/systemd/backlight" # backlight brightness
|
||||
"/var/lib/systemd/coredump"
|
||||
];
|
||||
}
|
340
hosts/common/programs.nix
Normal file
340
hosts/common/programs.nix
Normal file
@@ -0,0 +1,340 @@
|
||||
{ lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (builtins) attrNames concatLists;
|
||||
inherit (lib) mapAttrs mapAttrsToList mkDefault mkMerge optional;
|
||||
|
||||
flattenedPkgs = pkgs // (with pkgs; {
|
||||
# XXX can't `inherit` a nested attr, so we move them to the toplevel
|
||||
"cacert.unbundled" = pkgs.cacert.unbundled;
|
||||
"gnome.cheese" = gnome.cheese;
|
||||
"gnome.dconf-editor" = gnome.dconf-editor;
|
||||
"gnome.file-roller" = gnome.file-roller;
|
||||
"gnome.gnome-disk-utility" = gnome.gnome-disk-utility;
|
||||
"gnome.gnome-maps" = gnome.gnome-maps;
|
||||
"gnome.nautilus" = gnome.nautilus;
|
||||
"gnome.gnome-system-monitor" = gnome.gnome-system-monitor;
|
||||
"gnome.gnome-terminal" = gnome.gnome-terminal;
|
||||
"gnome.gnome-weather" = gnome.gnome-weather;
|
||||
"libsForQt5.plasmatube" = libsForQt5.plasmatube;
|
||||
});
|
||||
|
||||
sysadminPkgs = {
|
||||
inherit (flattenedPkgs)
|
||||
btrfs-progs
|
||||
"cacert.unbundled" # some services require unbundled /etc/ssl/certs
|
||||
cryptsetup
|
||||
dig
|
||||
efibootmgr
|
||||
fatresize
|
||||
fd
|
||||
file
|
||||
gawk
|
||||
git
|
||||
gptfdisk
|
||||
hdparm
|
||||
htop
|
||||
iftop
|
||||
inetutils # for telnet
|
||||
iotop
|
||||
iptables
|
||||
jq
|
||||
killall
|
||||
lsof
|
||||
nano
|
||||
netcat
|
||||
nethogs
|
||||
nmap
|
||||
openssl
|
||||
parted
|
||||
pciutils
|
||||
powertop
|
||||
pstree
|
||||
ripgrep
|
||||
screen
|
||||
smartmontools
|
||||
socat
|
||||
strace
|
||||
tcpdump
|
||||
tree
|
||||
usbutils
|
||||
wget
|
||||
;
|
||||
};
|
||||
|
||||
# TODO: split these into smaller groups.
|
||||
# - iphone utils (libimobiledevice, ifuse) only wanted on desko, maybe lappy
|
||||
# - transcoders (ffmpeg, imagemagick) only wanted on desko/lappy
|
||||
consolePkgs = {
|
||||
inherit (pkgs)
|
||||
aerc # email client
|
||||
# backblaze-b2 # TODO: put into the same package set as duplicity
|
||||
cdrtools
|
||||
dmidecode
|
||||
# duplicity # TODO: enable as part of some smaller package set
|
||||
efivar
|
||||
flashrom
|
||||
fwupd
|
||||
ghostscript # TODO: imagemagick wrapper should add gs to PATH
|
||||
gnupg
|
||||
gocryptfs
|
||||
gopass
|
||||
gopass-jsonapi
|
||||
ifuse
|
||||
imagemagick
|
||||
ipfs
|
||||
kitty # TODO: move to GUI, but `ssh servo` from kitty sets `TERM=xterm-kitty` in the remove and breaks things
|
||||
libimobiledevice
|
||||
libsecret # for managing user keyrings
|
||||
lm_sensors # for sensors-detect
|
||||
lshw
|
||||
ffmpeg
|
||||
memtester
|
||||
networkmanager
|
||||
nixpkgs-review
|
||||
# nixos-generators
|
||||
# nettools
|
||||
nmon
|
||||
oathToolkit # for oathtool
|
||||
# ponymix
|
||||
pulsemixer
|
||||
python3
|
||||
rsync
|
||||
# python3Packages.eyeD3 # music tagging
|
||||
sane-scripts
|
||||
sequoia
|
||||
snapper
|
||||
sops
|
||||
sox
|
||||
speedtest-cli
|
||||
sqlite # to debug sqlite3 databases
|
||||
ssh-to-age
|
||||
sudo
|
||||
# tageditor # music tagging
|
||||
unar
|
||||
visidata
|
||||
w3m
|
||||
wireguard-tools
|
||||
xdg-utils # for xdg-open
|
||||
# youtube-dl
|
||||
yt-dlp
|
||||
;
|
||||
};
|
||||
|
||||
guiPkgs = {
|
||||
inherit (flattenedPkgs)
|
||||
celluloid # mpv frontend
|
||||
clinfo
|
||||
emote
|
||||
evince # works on phosh
|
||||
|
||||
# { pkg = fluffychat-moby; dir = [ ".local/share/chat.fluffy.fluffychat" ]; } # TODO: ship normal fluffychat on non-moby?
|
||||
|
||||
# foliate # e-book reader
|
||||
|
||||
# XXX by default fractal stores its state in ~/.local/share/<UUID>.
|
||||
# after logging in, manually change ~/.local/share/keyrings/... to point it to some predictable subdir.
|
||||
# then reboot (so that libsecret daemon re-loads the keyring...?)
|
||||
# { pkg = fractal-latest; private = [ ".local/share/fractal" ]; }
|
||||
# { pkg = fractal-next; private = [ ".local/share/fractal" ]; }
|
||||
|
||||
# "gnome.cheese"
|
||||
"gnome.dconf-editor"
|
||||
gnome-feeds # RSS reader (with claimed mobile support)
|
||||
"gnome.file-roller"
|
||||
# "gnome.gnome-maps" # works on phosh
|
||||
"gnome.nautilus"
|
||||
# gnome-podcasts
|
||||
"gnome.gnome-system-monitor"
|
||||
"gnome.gnome-terminal" # works on phosh
|
||||
"gnome.gnome-weather"
|
||||
gpodder-configured
|
||||
gthumb
|
||||
# lollypop
|
||||
mpv
|
||||
networkmanagerapplet
|
||||
# newsflash
|
||||
nheko
|
||||
pavucontrol
|
||||
# picard # music tagging
|
||||
playerctl
|
||||
# "libsForQt5.plasmatube" # Youtube player
|
||||
soundconverter
|
||||
# sublime music persists any downloaded albums here.
|
||||
# it doesn't obey a conventional ~/Music/{Artist}/{Album}/{Track} notation, so no symlinking
|
||||
# config (e.g. server connection details) is persisted in ~/.config/sublime-music/config.json
|
||||
# possible to pass config as a CLI arg (sublime-music -c config.json)
|
||||
# { pkg = sublime-music; dir = [ ".local/share/sublime-music" ]; }
|
||||
sublime-music-mobile
|
||||
# tdesktop # broken on phosh
|
||||
# tokodon
|
||||
vlc
|
||||
# pleroma client (Electron). input is broken on phosh. TODO(2023/02/02): fix electron19 input (insecure)
|
||||
# whalebird
|
||||
xterm # broken on phosh
|
||||
;
|
||||
};
|
||||
desktopGuiPkgs = {
|
||||
inherit (flattenedPkgs)
|
||||
audacity
|
||||
chromium
|
||||
dino
|
||||
electrum
|
||||
element-desktop
|
||||
font-manager
|
||||
gajim # XMPP client
|
||||
gimp # broken on phosh
|
||||
"gnome.gnome-disk-utility"
|
||||
inkscape
|
||||
kdenlive
|
||||
kid3 # audio tagging
|
||||
krita
|
||||
libreoffice-fresh # XXX colin: maybe don't want this on mobile
|
||||
obsidian
|
||||
;
|
||||
};
|
||||
x86GuiPkgs = {
|
||||
inherit (pkgs)
|
||||
discord
|
||||
|
||||
# kaiteki # Pleroma client
|
||||
# gnome.zenity # for kaiteki (it will use qarma, kdialog, or zenity)
|
||||
# gpt2tc # XXX: unreliable mirror
|
||||
|
||||
# TODO(unpin): handbrake is broken on aarch64-linux 2023/01/29
|
||||
handbrake
|
||||
|
||||
logseq
|
||||
losslesscut-bin
|
||||
makemkv
|
||||
monero-gui
|
||||
signal-desktop
|
||||
spotify
|
||||
tor-browser-bundle-bin
|
||||
zecwallet-lite
|
||||
;
|
||||
};
|
||||
|
||||
# define -- but don't enable -- the packages in some attrset.
|
||||
# use `mkDefault` for the package here so we can customize some of them further down this file
|
||||
declarePkgs = pkgsAsAttrs: mapAttrs (_n: p: {
|
||||
package = mkDefault p;
|
||||
}) pkgsAsAttrs;
|
||||
in
|
||||
{
|
||||
config = {
|
||||
sane.programs = mkMerge [
|
||||
(declarePkgs sysadminPkgs)
|
||||
(declarePkgs consolePkgs)
|
||||
(declarePkgs guiPkgs)
|
||||
(declarePkgs desktopGuiPkgs)
|
||||
(declarePkgs x86GuiPkgs)
|
||||
{
|
||||
# link the various package sets into their own meta packages
|
||||
sysadminUtils = {
|
||||
package = null;
|
||||
suggestedPrograms = attrNames sysadminPkgs;
|
||||
};
|
||||
consoleUtils = {
|
||||
package = null;
|
||||
suggestedPrograms = attrNames consolePkgs;
|
||||
};
|
||||
guiApps = {
|
||||
package = null;
|
||||
suggestedPrograms = (attrNames guiPkgs)
|
||||
++ optional (pkgs.system == "x86_64-linux") "x86GuiApps";
|
||||
};
|
||||
desktopGuiApps = {
|
||||
package = null;
|
||||
suggestedPrograms = attrNames desktopGuiPkgs;
|
||||
};
|
||||
x86GuiApps = {
|
||||
package = null;
|
||||
suggestedPrograms = attrNames x86GuiPkgs;
|
||||
};
|
||||
}
|
||||
{
|
||||
# nontrivial package definitions
|
||||
imagemagick.package = pkgs.imagemagick.override {
|
||||
ghostscriptSupport = true;
|
||||
};
|
||||
|
||||
dino.private = [ ".local/share/dino" ];
|
||||
|
||||
# creds, but also 200 MB of node modules, etc
|
||||
discord = {
|
||||
package = pkgs.discord.override {
|
||||
# XXX 2022-07-31: fix to allow links to open in default web-browser:
|
||||
# https://github.com/NixOS/nixpkgs/issues/78961
|
||||
nss = pkgs.nss_latest;
|
||||
};
|
||||
private = [ ".config/discord" ];
|
||||
};
|
||||
|
||||
# creds/session keys, etc
|
||||
element-desktop.private = [ ".config/Element" ];
|
||||
|
||||
# `emote` will show a first-run dialog based on what's in this directory.
|
||||
# mostly, it just keeps a LRU of previously-used emotes to optimize display order.
|
||||
# TODO: package [smile](https://github.com/mijorus/smile) for probably a better mobile experience.
|
||||
emote.dir = [ ".local/share/Emote" ];
|
||||
|
||||
# XXX: we preserve the whole thing because if we only preserve gPodder/Downloads
|
||||
# then startup is SLOW during feed import, and we might end up with zombie eps in the dl dir.
|
||||
gpodder-configured.dir = [ "gPodder" ];
|
||||
|
||||
# actual monero blockchain (not wallet/etc; safe to delete, just slow to regenerate)
|
||||
# XXX: is it really safe to persist this? it doesn't have info that could de-anonymize if captured?
|
||||
monero-gui.dir = [ ".bitmonero" ];
|
||||
|
||||
mpv.dir = [ ".config/mpv/watch_later" ];
|
||||
|
||||
# not strictly necessary, but allows caching articles; offline use, etc.
|
||||
newsflash.dir = [ ".local/share/news-flash" ];
|
||||
nheko.private = [
|
||||
".config/nheko" # config file (including client token)
|
||||
".cache/nheko" # media cache
|
||||
".local/share/nheko" # per-account state database
|
||||
];
|
||||
|
||||
# settings (electron app)
|
||||
obsidian.dir = [ ".config/obsidian" ];
|
||||
|
||||
# creds, media
|
||||
signal-desktop.private = [ ".config/Signal" ];
|
||||
|
||||
|
||||
# creds, widevine .so download. TODO: could easily manage these statically.
|
||||
spotify.dir = [ ".config/spotify" ];
|
||||
|
||||
# sublime music persists any downloaded albums here.
|
||||
# it doesn't obey a conventional ~/Music/{Artist}/{Album}/{Track} notation, so no symlinking
|
||||
# config (e.g. server connection details) is persisted in ~/.config/sublime-music/config.json
|
||||
# possible to pass config as a CLI arg (sublime-music -c config.json)
|
||||
# { pkg = sublime-music; dir = [ ".local/share/sublime-music" ]; }
|
||||
sublime-music-mobile.dir = [ ".local/share/sublime-music" ];
|
||||
|
||||
tdesktop.private = [ ".local/share/TelegramDesktop" ];
|
||||
|
||||
tokodon.private = [ ".cache/KDE/tokodon" ];
|
||||
|
||||
# hardenedMalloc solves a crash at startup
|
||||
# TODO 2023/02/02: is this safe to remove yet?
|
||||
tor-browser-bundle-bin.package = pkgs.tor-browser-bundle-bin.override {
|
||||
useHardenedMalloc = false;
|
||||
};
|
||||
|
||||
# vlc remembers play position in ~/.config/vlc/vlc-qt-interface.conf
|
||||
vlc.dir = [ ".config/vlc" ];
|
||||
|
||||
whalebird.private = [ ".config/Whalebird" ];
|
||||
|
||||
# zcash coins. safe to delete, just slow to regenerate (10-60 minutes)
|
||||
zecwallet-lite.private = [ ".zcash" ];
|
||||
}
|
||||
];
|
||||
|
||||
# XXX: this might not be necessary. try removing this and cacert.unbundled (servo)?
|
||||
environment.etc."ssl/certs".source = "${pkgs.cacert.unbundled}/etc/ssl/certs/*";
|
||||
};
|
||||
}
|
@@ -3,12 +3,12 @@
|
||||
# installer docs: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix
|
||||
with lib;
|
||||
let
|
||||
cfg = config.sane.users;
|
||||
cfg = config.sane.guest;
|
||||
fs = sane-lib.fs;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
sane.users.guest.enable = mkOption {
|
||||
sane.guest.enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
@@ -49,8 +49,6 @@ in
|
||||
|
||||
shell = pkgs.zsh;
|
||||
|
||||
packages = builtins.map (p: p.pkg) config.sane.packages.enabledUserPkgs;
|
||||
|
||||
# mount encrypted stuff at login
|
||||
# some other nix pam users:
|
||||
# - <https://github.com/g00pix/nixconf/blob/32c04f6fa843fed97639dd3f09e157668d3eea1f/profiles/sshfs.nix>
|
||||
@@ -68,6 +66,7 @@ in
|
||||
|
||||
security.pam.mount.enable = true;
|
||||
|
||||
sane.users.colin.default = true;
|
||||
# ensure ~ perms are known to sane.fs module.
|
||||
# TODO: this is generic enough to be lifted up into sane.fs itself.
|
||||
sane.fs."/home/colin".dir.acl = {
|
||||
@@ -76,7 +75,7 @@ in
|
||||
mode = config.users.users.colin.homeMode;
|
||||
};
|
||||
|
||||
sane.persist.home.plaintext = [
|
||||
sane.user.persist.plaintext = [
|
||||
"archive"
|
||||
"dev"
|
||||
# TODO: records should be private
|
||||
@@ -90,25 +89,26 @@ in
|
||||
|
||||
".cache/nix"
|
||||
".cache/nix-index"
|
||||
".cargo"
|
||||
".rustup"
|
||||
|
||||
# ".cargo"
|
||||
# ".rustup"
|
||||
];
|
||||
|
||||
# convenience
|
||||
sane.fs."/home/colin/knowledge" = fs.wantedSymlinkTo "/home/colin/private/knowledge";
|
||||
sane.fs."/home/colin/nixos" = fs.wantedSymlinkTo "/home/colin/dev/nixos";
|
||||
sane.fs."/home/colin/Videos/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Videos";
|
||||
sane.fs."/home/colin/Videos/servo-incomplete" = fs.wantedSymlinkTo "/mnt/servo-media/incomplete";
|
||||
sane.fs."/home/colin/Music/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Music";
|
||||
sane.user.fs."knowledge" = fs.wantedSymlinkTo "private/knowledge";
|
||||
sane.user.fs."nixos" = fs.wantedSymlinkTo "dev/nixos";
|
||||
sane.user.fs."Videos/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Videos";
|
||||
sane.user.fs."Videos/servo-incomplete" = fs.wantedSymlinkTo "/mnt/servo-media/incomplete";
|
||||
sane.user.fs."Music/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Music";
|
||||
|
||||
# used by password managers, e.g. unix `pass`
|
||||
sane.fs."/home/colin/.password-store" = fs.wantedSymlinkTo "/home/colin/knowledge/secrets/accounts";
|
||||
sane.user.fs.".password-store" = fs.wantedSymlinkTo "knowledge/secrets/accounts";
|
||||
|
||||
sane.persist.sys.plaintext = mkIf cfg.guest.enable [
|
||||
sane.persist.sys.plaintext = mkIf cfg.enable [
|
||||
# intentionally allow other users to write to the guest folder
|
||||
{ directory = "/home/guest"; user = "guest"; group = "users"; mode = "0775"; }
|
||||
];
|
||||
users.users.guest = mkIf cfg.guest.enable {
|
||||
users.users.guest = mkIf cfg.enable {
|
||||
isNormalUser = true;
|
||||
home = "/home/guest";
|
||||
subUidRanges = [
|
||||
|
@@ -21,7 +21,7 @@
|
||||
# provide a `pkgs.cross.<pkg>` alias that consumers can use instead of `pkgs.<foo>`
|
||||
# to explicitly opt into non-emulated cross compilation for any specific package.
|
||||
# this is most beneficial for large packages with few pre-requisites -- like Linux.
|
||||
cross = next.crossFrom."${localSystem}";
|
||||
cross = prev.crossFrom."${localSystem}";
|
||||
})
|
||||
];
|
||||
}
|
||||
|
@@ -7,7 +7,9 @@
|
||||
./hardware
|
||||
./hostnames.nix
|
||||
./hosts.nix
|
||||
./nixcache.nix
|
||||
./roles
|
||||
./services
|
||||
./wg-home.nix
|
||||
];
|
||||
}
|
||||
|
@@ -12,24 +12,4 @@ in
|
||||
./plasma-mobile.nix
|
||||
./sway.nix
|
||||
];
|
||||
|
||||
options = {
|
||||
sane.gui.enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
enables config used by any GUI, like display management or select packages.
|
||||
the user should prefer to interact with specific GUIs like `sane.gui.sway`
|
||||
and let those modules auto-set this flag when necessary.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
sane.packages.enableGuiPkgs = mkDefault true;
|
||||
|
||||
# preserve backlight brightness across power cycles
|
||||
# see `man systemd-backlight`
|
||||
sane.persist.sys.plaintext = [ "/var/lib/systemd/backlight" ];
|
||||
};
|
||||
}
|
||||
|
@@ -13,7 +13,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
sane.gui.enable = true;
|
||||
sane.programs.guiApps.enableFor.user.colin = true;
|
||||
|
||||
# start gnome/gdm on boot
|
||||
services.xserver.enable = true;
|
||||
|
@@ -20,9 +20,34 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable (mkMerge [
|
||||
config = mkMerge [
|
||||
{
|
||||
sane.gui.enable = true;
|
||||
sane.programs.phoshApps = {
|
||||
package = null;
|
||||
suggestedPrograms = [
|
||||
"guiApps"
|
||||
# TODO: see about removing gnome-bluetooth if the in-built gnome-settings bluetooth manager can work
|
||||
"gnome.gnome-bluetooth"
|
||||
"phosh-mobile-settings"
|
||||
# "plasma5Packages.konsole" # more reliable terminal
|
||||
];
|
||||
};
|
||||
}
|
||||
{
|
||||
sane.programs = {
|
||||
inherit (pkgs // {
|
||||
"gnome.gnome-bluetooth" = pkgs.gnome.gnome-bluetooth;
|
||||
"plasma5Packages.konsole" = pkgs.plasma5Packages.konsole;
|
||||
})
|
||||
phosh-mobile-settings
|
||||
"plasma5Packages.konsole"
|
||||
# "gnome.gnome-bluetooth"
|
||||
;
|
||||
};
|
||||
}
|
||||
|
||||
(mkIf cfg.enable {
|
||||
sane.programs.phoshApps.enableFor.user.colin = true;
|
||||
|
||||
# docs: https://github.com/NixOS/nixpkgs/blob/nixos-22.05/nixos/modules/services/x11/desktop-managers/phosh.nix
|
||||
services.xserver.desktopManager.phosh = {
|
||||
@@ -38,6 +63,28 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
# phosh enables `services.gnome.{core-os-services, core-shell}`
|
||||
# and this in turn enables some default apps we don't really care about.
|
||||
# see <nixos/modules/services/x11/desktop-managers/gnome.nix>
|
||||
environment.gnome.excludePackages = with pkgs; [
|
||||
# gnome.gnome-menus # unused outside gnome classic, but probably harmless
|
||||
gnome-tour
|
||||
];
|
||||
services.dleyna-renderer.enable = false;
|
||||
services.dleyna-server.enable = false;
|
||||
services.gnome.gnome-browser-connector.enable = false;
|
||||
services.gnome.gnome-initial-setup.enable = false;
|
||||
services.gnome.gnome-online-accounts.enable = false;
|
||||
services.gnome.gnome-remote-desktop.enable = false;
|
||||
services.gnome.gnome-user-share.enable = false;
|
||||
services.gnome.rygel.enable = false;
|
||||
|
||||
# gnome doesn't use mkDefault for these -- unclear why not
|
||||
services.gnome.evolution-data-server.enable = mkForce false;
|
||||
services.gnome.gnome-online-miners.enable = mkForce false;
|
||||
# TODO: re-enable this once we can cross-compile gvfs
|
||||
services.gvfs.enable = mkForce false;
|
||||
|
||||
# XXX: phosh enables networkmanager by default; can probably disable these lines
|
||||
networking.useDHCP = false;
|
||||
networking.networkmanager.enable = true;
|
||||
@@ -60,6 +107,7 @@ in
|
||||
};
|
||||
|
||||
programs.dconf.packages = [
|
||||
# org.kde.konsole.desktop
|
||||
(pkgs.writeTextFile {
|
||||
name = "dconf-phosh-settings";
|
||||
destination = "/etc/dconf/db/site.d/00_phosh_settings";
|
||||
@@ -72,19 +120,13 @@ in
|
||||
sleep-inactive-battery-timeout=5400
|
||||
|
||||
[sm/puri/phosh]
|
||||
favorites=['gpodder.desktop', 'nheko.desktop', 'sublime-music.desktop', 'firefox.desktop', 'org.kde.konsole.desktop']
|
||||
favorites=['gpodder.desktop', 'nheko.desktop', 'sublime-music.desktop', 'firefox.desktop', 'org.gnome.Terminal.desktop']
|
||||
'';
|
||||
})
|
||||
];
|
||||
})
|
||||
|
||||
sane.packages.extraUserPkgs = with pkgs; [
|
||||
phosh-mobile-settings
|
||||
|
||||
# TODO: see about removing this if the in-built gnome-settings bluetooth manager can work
|
||||
gnome.gnome-bluetooth
|
||||
];
|
||||
}
|
||||
(mkIf cfg.useGreeter {
|
||||
(mkIf (cfg.enable && cfg.useGreeter) {
|
||||
services.xserver.enable = true;
|
||||
# NB: setting defaultSession has the critical side-effect that it lets org.freedesktop.AccountsService
|
||||
# know that our user exists. this ensures lightdm succeeds when calling /org/freedesktop/AccountsServices ListCachedUsers
|
||||
@@ -110,5 +152,5 @@ in
|
||||
|
||||
systemd.services.phosh.wantedBy = lib.mkForce []; # disable auto-start
|
||||
})
|
||||
]);
|
||||
];
|
||||
}
|
||||
|
@@ -13,7 +13,8 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
sane.gui.enable = true;
|
||||
sane.programs.guiApps.enableFor.user.colin = true;
|
||||
|
||||
# start plasma-mobile on boot
|
||||
services.xserver.enable = true;
|
||||
services.xserver.desktopManager.plasma5.mobile.enable = true;
|
||||
|
@@ -13,7 +13,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
sane.gui.enable = true;
|
||||
sane.programs.guiApps.enableFor.user.colin = true;
|
||||
|
||||
# start plasma on boot
|
||||
services.xserver.enable = true;
|
||||
|
@@ -120,523 +120,543 @@ in
|
||||
type = types.bool;
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
sane.gui.enable = true;
|
||||
|
||||
# swap in these lines to use SDDM instead of `services.greetd`.
|
||||
# services.xserver.displayManager.sddm.enable = true;
|
||||
# services.xserver.enable = true;
|
||||
services.greetd = {
|
||||
# greetd source/docs:
|
||||
# - <https://git.sr.ht/~kennylevinsen/greetd>
|
||||
enable = true;
|
||||
settings = {
|
||||
default_session = if cfg.useGreeter then greeter-session else greeterless-session;
|
||||
config = mkMerge [
|
||||
{
|
||||
sane.programs.swayApps = {
|
||||
package = null;
|
||||
suggestedPrograms = [
|
||||
"guiApps"
|
||||
"swaylock"
|
||||
"swayidle"
|
||||
"wl-clipboard"
|
||||
"mako" # notification daemon
|
||||
# # "pavucontrol"
|
||||
"gnome.gnome-bluetooth"
|
||||
"gnome.gnome-control-center"
|
||||
];
|
||||
};
|
||||
};
|
||||
# we need the greeter's command to be on our PATH
|
||||
users.users.colin.packages = [ sway-launcher ];
|
||||
}
|
||||
{
|
||||
sane.programs = {
|
||||
inherit (pkgs // {
|
||||
"gnome.gnome-bluetooth" = pkgs.gnome.gnome-bluetooth;
|
||||
"gnome.gnome-control-center" = pkgs.gnome.gnome-control-center;
|
||||
})
|
||||
swaylock
|
||||
swayidle
|
||||
wl-clipboard
|
||||
mako
|
||||
"gnome.gnome-bluetooth"
|
||||
"gnome.gnome-control-center"
|
||||
;
|
||||
};
|
||||
}
|
||||
|
||||
# some programs (e.g. fractal) **require** a "Secret Service Provider"
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
(mkIf cfg.enable {
|
||||
sane.programs.swayApps.enableFor.user.colin = true;
|
||||
|
||||
# unlike other DEs, sway configures no audio stack
|
||||
# administer with pw-cli, pw-mon, pw-top commands
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true; # ??
|
||||
pulse.enable = true;
|
||||
};
|
||||
# swap in these lines to use SDDM instead of `services.greetd`.
|
||||
# services.xserver.displayManager.sddm.enable = true;
|
||||
# services.xserver.enable = true;
|
||||
services.greetd = {
|
||||
# greetd source/docs:
|
||||
# - <https://git.sr.ht/~kennylevinsen/greetd>
|
||||
enable = true;
|
||||
settings = {
|
||||
default_session = if cfg.useGreeter then greeter-session else greeterless-session;
|
||||
};
|
||||
};
|
||||
# we need the greeter's command to be on our PATH
|
||||
users.users.colin.packages = [ sway-launcher ];
|
||||
|
||||
networking.useDHCP = false;
|
||||
networking.networkmanager.enable = true;
|
||||
networking.wireless.enable = lib.mkForce false;
|
||||
# some programs (e.g. fractal) **require** a "Secret Service Provider"
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
services.blueman.enable = true;
|
||||
# gsd provides Rfkill, which is required for the bluetooth pane in gnome-control-center to work
|
||||
services.gnome.gnome-settings-daemon.enable = true;
|
||||
# start the components of gsd we need at login
|
||||
systemd.user.targets."org.gnome.SettingsDaemon.Rfkill".wantedBy = [ "graphical-session.target" ];
|
||||
# go ahead and `systemctl --user cat gnome-session-initialized.target`. i dare you.
|
||||
# the only way i can figure out how to get Rfkill to actually load is to just disable all the shit it depends on.
|
||||
# it doesn't actually seem to need ANY of them in the first place T_T
|
||||
systemd.user.targets."gnome-session-initialized".enable = false;
|
||||
# bluez can't connect to audio devices unless pipewire is running.
|
||||
# a system service can't depend on a user service, so just launch it at graphical-session
|
||||
systemd.user.services."pipewire".wantedBy = [ "graphical-session.target" ];
|
||||
# unlike other DEs, sway configures no audio stack
|
||||
# administer with pw-cli, pw-mon, pw-top commands
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true; # ??
|
||||
pulse.enable = true;
|
||||
};
|
||||
|
||||
programs.sway = {
|
||||
enable = true;
|
||||
wrapperFeatures.gtk = true;
|
||||
};
|
||||
sane.fs."/home/colin/.config/sway/config" =
|
||||
let
|
||||
fuzzel = "${pkgs.fuzzel}/bin/fuzzel";
|
||||
sed = "${pkgs.gnused}/bin/sed";
|
||||
wtype = "${pkgs.wtype}/bin/wtype";
|
||||
kitty = "${pkgs.kitty}/bin/kitty";
|
||||
launcher-cmd = fuzzel;
|
||||
terminal-cmd = kitty;
|
||||
lock-cmd = "${pkgs.swaylock}/bin/swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
|
||||
vol-up-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume +5";
|
||||
vol-down-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume -5";
|
||||
mute-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --toggle-mute";
|
||||
brightness-up-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set +2%";
|
||||
brightness-down-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set 2%-";
|
||||
screenshot-cmd = "${pkgs.sway-contrib.grimshot}/bin/grimshot copy area";
|
||||
# "bookmarking"/snippets inspired by Luke Smith:
|
||||
# - <https://www.youtube.com/watch?v=d_11QaTlf1I>
|
||||
snip-file = ./snippets.txt;
|
||||
# TODO: querying sops here breaks encapsulation
|
||||
list-snips = "cat ${snip-file} ${config.sops.secrets.snippets.path}";
|
||||
strip-comments = "${sed} 's/ #.*$//'";
|
||||
snip-cmd = "${wtype} $(${list-snips} | ${fuzzel} -d -i -w 60 | ${strip-comments})";
|
||||
# TODO: next splatmoji release should allow `-s none` to disable skin tones
|
||||
emoji-cmd = "${pkgs.splatmoji}/bin/splatmoji -s medium-light type";
|
||||
in sane-lib.fs.wantedText ''
|
||||
### default font
|
||||
font pango:monospace 8
|
||||
networking.useDHCP = false;
|
||||
networking.networkmanager.enable = true;
|
||||
networking.wireless.enable = lib.mkForce false;
|
||||
|
||||
### pixel boundary between windows
|
||||
default_border pixel 3
|
||||
default_floating_border pixel 2
|
||||
hide_edge_borders smart
|
||||
hardware.bluetooth.enable = true;
|
||||
services.blueman.enable = true;
|
||||
# gsd provides Rfkill, which is required for the bluetooth pane in gnome-control-center to work
|
||||
services.gnome.gnome-settings-daemon.enable = true;
|
||||
# start the components of gsd we need at login
|
||||
systemd.user.targets."org.gnome.SettingsDaemon.Rfkill".wantedBy = [ "graphical-session.target" ];
|
||||
# go ahead and `systemctl --user cat gnome-session-initialized.target`. i dare you.
|
||||
# the only way i can figure out how to get Rfkill to actually load is to just disable all the shit it depends on.
|
||||
# it doesn't actually seem to need ANY of them in the first place T_T
|
||||
systemd.user.targets."gnome-session-initialized".enable = false;
|
||||
# bluez can't connect to audio devices unless pipewire is running.
|
||||
# a system service can't depend on a user service, so just launch it at graphical-session
|
||||
systemd.user.services."pipewire".wantedBy = [ "graphical-session.target" ];
|
||||
|
||||
### defaults
|
||||
focus_wrapping no
|
||||
focus_follows_mouse yes
|
||||
focus_on_window_activation smart
|
||||
mouse_warping output
|
||||
workspace_layout default
|
||||
workspace_auto_back_and_forth no
|
||||
programs.sway = {
|
||||
enable = true;
|
||||
wrapperFeatures.gtk = true;
|
||||
};
|
||||
sane.user.fs.".config/sway/config" =
|
||||
let
|
||||
fuzzel = "${pkgs.fuzzel}/bin/fuzzel";
|
||||
sed = "${pkgs.gnused}/bin/sed";
|
||||
wtype = "${pkgs.wtype}/bin/wtype";
|
||||
kitty = "${pkgs.kitty}/bin/kitty";
|
||||
launcher-cmd = fuzzel;
|
||||
terminal-cmd = kitty;
|
||||
lock-cmd = "${pkgs.swaylock}/bin/swaylock --indicator-idle-visible --indicator-radius 100 --indicator-thickness 30";
|
||||
vol-up-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume +5";
|
||||
vol-down-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --change-volume -5";
|
||||
mute-cmd = "${pkgs.pulsemixer}/bin/pulsemixer --toggle-mute";
|
||||
brightness-up-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set +2%";
|
||||
brightness-down-cmd = "${pkgs.brightnessctl}/bin/brightnessctl set 2%-";
|
||||
screenshot-cmd = "${pkgs.sway-contrib.grimshot}/bin/grimshot copy area";
|
||||
# "bookmarking"/snippets inspired by Luke Smith:
|
||||
# - <https://www.youtube.com/watch?v=d_11QaTlf1I>
|
||||
snip-file = ./snippets.txt;
|
||||
# TODO: querying sops here breaks encapsulation
|
||||
list-snips = "cat ${snip-file} ${config.sops.secrets.snippets.path}";
|
||||
strip-comments = "${sed} 's/ #.*$//'";
|
||||
snip-cmd = "${wtype} $(${list-snips} | ${fuzzel} -d -i -w 60 | ${strip-comments})";
|
||||
# TODO: next splatmoji release should allow `-s none` to disable skin tones
|
||||
emoji-cmd = "${pkgs.splatmoji}/bin/splatmoji -s medium-light type";
|
||||
in sane-lib.fs.wantedText ''
|
||||
### default font
|
||||
font pango:monospace 8
|
||||
|
||||
### default colors (#border #background #text #indicator #childBorder)
|
||||
client.focused #4c7899 #285577 #ffffff #2e9ef4 #285577
|
||||
client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a
|
||||
client.unfocused #333333 #222222 #888888 #292d2e #222222
|
||||
client.urgent #2f343a #900000 #ffffff #900000 #900000
|
||||
client.placeholder #000000 #0c0c0c #ffffff #000000 #0c0c0c
|
||||
client.background #ffffff
|
||||
### pixel boundary between windows
|
||||
default_border pixel 3
|
||||
default_floating_border pixel 2
|
||||
hide_edge_borders smart
|
||||
|
||||
### key bindings
|
||||
floating_modifier Mod1
|
||||
## media keys
|
||||
bindsym XF86AudioRaiseVolume exec ${vol-up-cmd}
|
||||
bindsym XF86AudioLowerVolume exec ${vol-down-cmd}
|
||||
bindsym Mod1+Page_Up exec ${vol-up-cmd}
|
||||
bindsym Mod1+Page_Down exec ${vol-down-cmd}
|
||||
bindsym XF86AudioMute exec ${mute-cmd}
|
||||
bindsym XF86MonBrightnessUp exec ${brightness-up-cmd}
|
||||
bindsym XF86MonBrightnessDown exec ${brightness-down-cmd}
|
||||
## special functions
|
||||
bindsym Mod1+Print exec ${screenshot-cmd}
|
||||
bindsym Mod1+l exec ${lock-cmd}
|
||||
bindsym Mod1+s exec ${snip-cmd}
|
||||
bindsym Mod1+slash exec ${emoji-cmd}
|
||||
bindsym Mod1+d exec ${launcher-cmd}
|
||||
bindsym Mod1+Return exec ${terminal-cmd}
|
||||
bindsym Mod1+Shift+q kill
|
||||
bindsym Mod1+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'
|
||||
bindsym Mod1+Shift+c reload
|
||||
## layout
|
||||
bindsym Mod1+b splith
|
||||
bindsym Mod1+v splitv
|
||||
bindsym Mod1+f fullscreen toggle
|
||||
bindsym Mod1+a focus parent
|
||||
bindsym Mod1+w layout tabbed
|
||||
bindsym Mod1+e layout toggle split
|
||||
bindsym Mod1+Shift+space floating toggle
|
||||
bindsym Mod1+space focus mode_toggle
|
||||
bindsym Mod1+r mode resize
|
||||
## movement
|
||||
bindsym Mod1+Up focus up
|
||||
bindsym Mod1+Down focus down
|
||||
bindsym Mod1+Left focus left
|
||||
bindsym Mod1+Right focus right
|
||||
bindsym Mod1+Shift+Up move up
|
||||
bindsym Mod1+Shift+Down move down
|
||||
bindsym Mod1+Shift+Left move left
|
||||
bindsym Mod1+Shift+Right move right
|
||||
## workspaces
|
||||
bindsym Mod1+1 workspace number 1
|
||||
bindsym Mod1+2 workspace number 2
|
||||
bindsym Mod1+3 workspace number 3
|
||||
bindsym Mod1+4 workspace number 4
|
||||
bindsym Mod1+5 workspace number 5
|
||||
bindsym Mod1+6 workspace number 6
|
||||
bindsym Mod1+7 workspace number 7
|
||||
bindsym Mod1+8 workspace number 8
|
||||
bindsym Mod1+9 workspace number 9
|
||||
bindsym Mod1+Shift+1 move container to workspace number 1
|
||||
bindsym Mod1+Shift+2 move container to workspace number 2
|
||||
bindsym Mod1+Shift+3 move container to workspace number 3
|
||||
bindsym Mod1+Shift+4 move container to workspace number 4
|
||||
bindsym Mod1+Shift+5 move container to workspace number 5
|
||||
bindsym Mod1+Shift+6 move container to workspace number 6
|
||||
bindsym Mod1+Shift+7 move container to workspace number 7
|
||||
bindsym Mod1+Shift+8 move container to workspace number 8
|
||||
bindsym Mod1+Shift+9 move container to workspace number 9
|
||||
## "scratchpad" = ??
|
||||
bindsym Mod1+Shift+minus move scratchpad
|
||||
bindsym Mod1+minus scratchpad show
|
||||
### defaults
|
||||
focus_wrapping no
|
||||
focus_follows_mouse yes
|
||||
focus_on_window_activation smart
|
||||
mouse_warping output
|
||||
workspace_layout default
|
||||
workspace_auto_back_and_forth no
|
||||
|
||||
### defaults
|
||||
mode "resize" {
|
||||
bindsym Down resize grow height 10 px
|
||||
bindsym Escape mode default
|
||||
bindsym Left resize shrink width 10 px
|
||||
bindsym Return mode default
|
||||
bindsym Right resize grow width 10 px
|
||||
bindsym Up resize shrink height 10 px
|
||||
bindsym h resize shrink width 10 px
|
||||
bindsym j resize grow height 10 px
|
||||
bindsym k resize shrink height 10 px
|
||||
bindsym l resize grow width 10 px
|
||||
### default colors (#border #background #text #indicator #childBorder)
|
||||
client.focused #4c7899 #285577 #ffffff #2e9ef4 #285577
|
||||
client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a
|
||||
client.unfocused #333333 #222222 #888888 #292d2e #222222
|
||||
client.urgent #2f343a #900000 #ffffff #900000 #900000
|
||||
client.placeholder #000000 #0c0c0c #ffffff #000000 #0c0c0c
|
||||
client.background #ffffff
|
||||
|
||||
### key bindings
|
||||
floating_modifier Mod1
|
||||
## media keys
|
||||
bindsym XF86AudioRaiseVolume exec ${vol-up-cmd}
|
||||
bindsym XF86AudioLowerVolume exec ${vol-down-cmd}
|
||||
bindsym Mod1+Page_Up exec ${vol-up-cmd}
|
||||
bindsym Mod1+Page_Down exec ${vol-down-cmd}
|
||||
bindsym XF86AudioMute exec ${mute-cmd}
|
||||
bindsym XF86MonBrightnessUp exec ${brightness-up-cmd}
|
||||
bindsym XF86MonBrightnessDown exec ${brightness-down-cmd}
|
||||
## special functions
|
||||
bindsym Mod1+Print exec ${screenshot-cmd}
|
||||
bindsym Mod1+l exec ${lock-cmd}
|
||||
bindsym Mod1+s exec ${snip-cmd}
|
||||
bindsym Mod1+slash exec ${emoji-cmd}
|
||||
bindsym Mod1+d exec ${launcher-cmd}
|
||||
bindsym Mod1+Return exec ${terminal-cmd}
|
||||
bindsym Mod1+Shift+q kill
|
||||
bindsym Mod1+Shift+e exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'
|
||||
bindsym Mod1+Shift+c reload
|
||||
## layout
|
||||
bindsym Mod1+b splith
|
||||
bindsym Mod1+v splitv
|
||||
bindsym Mod1+f fullscreen toggle
|
||||
bindsym Mod1+a focus parent
|
||||
bindsym Mod1+w layout tabbed
|
||||
bindsym Mod1+e layout toggle split
|
||||
bindsym Mod1+Shift+space floating toggle
|
||||
bindsym Mod1+space focus mode_toggle
|
||||
bindsym Mod1+r mode resize
|
||||
## movement
|
||||
bindsym Mod1+Up focus up
|
||||
bindsym Mod1+Down focus down
|
||||
bindsym Mod1+Left focus left
|
||||
bindsym Mod1+Right focus right
|
||||
bindsym Mod1+Shift+Up move up
|
||||
bindsym Mod1+Shift+Down move down
|
||||
bindsym Mod1+Shift+Left move left
|
||||
bindsym Mod1+Shift+Right move right
|
||||
## workspaces
|
||||
bindsym Mod1+1 workspace number 1
|
||||
bindsym Mod1+2 workspace number 2
|
||||
bindsym Mod1+3 workspace number 3
|
||||
bindsym Mod1+4 workspace number 4
|
||||
bindsym Mod1+5 workspace number 5
|
||||
bindsym Mod1+6 workspace number 6
|
||||
bindsym Mod1+7 workspace number 7
|
||||
bindsym Mod1+8 workspace number 8
|
||||
bindsym Mod1+9 workspace number 9
|
||||
bindsym Mod1+Shift+1 move container to workspace number 1
|
||||
bindsym Mod1+Shift+2 move container to workspace number 2
|
||||
bindsym Mod1+Shift+3 move container to workspace number 3
|
||||
bindsym Mod1+Shift+4 move container to workspace number 4
|
||||
bindsym Mod1+Shift+5 move container to workspace number 5
|
||||
bindsym Mod1+Shift+6 move container to workspace number 6
|
||||
bindsym Mod1+Shift+7 move container to workspace number 7
|
||||
bindsym Mod1+Shift+8 move container to workspace number 8
|
||||
bindsym Mod1+Shift+9 move container to workspace number 9
|
||||
## "scratchpad" = ??
|
||||
bindsym Mod1+Shift+minus move scratchpad
|
||||
bindsym Mod1+minus scratchpad show
|
||||
|
||||
### defaults
|
||||
mode "resize" {
|
||||
bindsym Down resize grow height 10 px
|
||||
bindsym Escape mode default
|
||||
bindsym Left resize shrink width 10 px
|
||||
bindsym Return mode default
|
||||
bindsym Right resize grow width 10 px
|
||||
bindsym Up resize shrink height 10 px
|
||||
bindsym h resize shrink width 10 px
|
||||
bindsym j resize grow height 10 px
|
||||
bindsym k resize shrink height 10 px
|
||||
bindsym l resize grow width 10 px
|
||||
}
|
||||
|
||||
### lightly modified bars
|
||||
bar {
|
||||
# TODO: fonts was:
|
||||
# config.fonts.fontconfig.defaultFonts; (monospace ++ emoji)
|
||||
font pango:Hack, Font Awesome 6 Free, Twitter Color Emoji 24.000000
|
||||
mode dock
|
||||
hidden_state hide
|
||||
position top
|
||||
status_command ${pkgs.i3status}/bin/i3status
|
||||
swaybar_command ${pkgs.waybar}/bin/waybar
|
||||
workspace_buttons yes
|
||||
strip_workspace_numbers no
|
||||
tray_output primary
|
||||
colors {
|
||||
background #000000
|
||||
statusline #ffffff
|
||||
separator #666666
|
||||
# #border #background #text
|
||||
focused_workspace #4c7899 #285577 #ffffff
|
||||
active_workspace #333333 #5f676a #ffffff
|
||||
inactive_workspace #333333 #222222 #888888
|
||||
urgent_workspace #2f343a #900000 #ffffff
|
||||
binding_mode #2f343a #900000 #ffffff
|
||||
}
|
||||
}
|
||||
|
||||
### displays
|
||||
## DESKTOP
|
||||
output "Samsung Electric Company S22C300 0x00007F35" {
|
||||
pos 0,0
|
||||
res 1920x1080
|
||||
}
|
||||
output "Goldstar Company Ltd LG ULTRAWIDE 0x00004E94" {
|
||||
pos 1920,0
|
||||
res 3440x1440
|
||||
}
|
||||
|
||||
## LAPTOP
|
||||
# sh/en TV
|
||||
output "Pioneer Electronic Corporation VSX-524 0x00000101" {
|
||||
pos 0,0
|
||||
res 1920x1080
|
||||
}
|
||||
# internal display
|
||||
output "Unknown 0x0637 0x00000000" {
|
||||
pos 1920,0
|
||||
res 1920x1080
|
||||
}
|
||||
'';
|
||||
|
||||
sane.user.fs.".config/waybar/config" = sane-lib.fs.wantedSymlinkTo waybar-config-text;
|
||||
|
||||
# style docs: https://github.com/Alexays/Waybar/wiki/Styling
|
||||
sane.user.fs.".config/waybar/style.css" = sane-lib.fs.wantedText ''
|
||||
* {
|
||||
font-family: monospace;
|
||||
}
|
||||
|
||||
### lightly modified bars
|
||||
bar {
|
||||
# TODO: fonts was:
|
||||
# config.fonts.fontconfig.defaultFonts; (monospace ++ emoji)
|
||||
font pango:Hack, Font Awesome 6 Free, Twitter Color Emoji 24.000000
|
||||
mode dock
|
||||
hidden_state hide
|
||||
position top
|
||||
status_command ${pkgs.i3status}/bin/i3status
|
||||
swaybar_command ${pkgs.waybar}/bin/waybar
|
||||
workspace_buttons yes
|
||||
strip_workspace_numbers no
|
||||
tray_output primary
|
||||
colors {
|
||||
background #000000
|
||||
statusline #ffffff
|
||||
separator #666666
|
||||
# #border #background #text
|
||||
focused_workspace #4c7899 #285577 #ffffff
|
||||
active_workspace #333333 #5f676a #ffffff
|
||||
inactive_workspace #333333 #222222 #888888
|
||||
urgent_workspace #2f343a #900000 #ffffff
|
||||
binding_mode #2f343a #900000 #ffffff
|
||||
}
|
||||
/* defaults below: https://github.com/Alexays/Waybar/blob/master/resources/style.css */
|
||||
window#waybar {
|
||||
background-color: rgba(43, 48, 59, 0.5);
|
||||
border-bottom: 3px solid rgba(100, 114, 125, 0.5);
|
||||
color: #ffffff;
|
||||
transition-property: background-color;
|
||||
transition-duration: .5s;
|
||||
}
|
||||
|
||||
### displays
|
||||
## DESKTOP
|
||||
output "Samsung Electric Company S22C300 0x00007F35" {
|
||||
pos 0,0
|
||||
res 1920x1080
|
||||
}
|
||||
output "Goldstar Company Ltd LG ULTRAWIDE 0x00004E94" {
|
||||
pos 1920,0
|
||||
res 3440x1440
|
||||
window#waybar.hidden {
|
||||
opacity: 0.2;
|
||||
}
|
||||
|
||||
## LAPTOP
|
||||
# sh/en TV
|
||||
output "Pioneer Electronic Corporation VSX-524 0x00000101" {
|
||||
pos 0,0
|
||||
res 1920x1080
|
||||
/*
|
||||
window#waybar.empty {
|
||||
background-color: transparent;
|
||||
}
|
||||
# internal display
|
||||
output "Unknown 0x0637 0x00000000" {
|
||||
pos 1920,0
|
||||
res 1920x1080
|
||||
window#waybar.solo {
|
||||
background-color: #FFFFFF;
|
||||
}
|
||||
'';
|
||||
*/
|
||||
|
||||
sane.fs."/home/colin/.config/waybar/config" = sane-lib.fs.wantedSymlinkTo waybar-config-text;
|
||||
window#waybar.termite {
|
||||
background-color: #3F3F3F;
|
||||
}
|
||||
|
||||
# style docs: https://github.com/Alexays/Waybar/wiki/Styling
|
||||
sane.fs."/home/colin/.config/waybar/style.css" = sane-lib.fs.wantedText ''
|
||||
* {
|
||||
font-family: monospace;
|
||||
}
|
||||
window#waybar.chromium {
|
||||
background-color: #000000;
|
||||
border: none;
|
||||
}
|
||||
|
||||
/* defaults below: https://github.com/Alexays/Waybar/blob/master/resources/style.css */
|
||||
window#waybar {
|
||||
background-color: rgba(43, 48, 59, 0.5);
|
||||
border-bottom: 3px solid rgba(100, 114, 125, 0.5);
|
||||
color: #ffffff;
|
||||
transition-property: background-color;
|
||||
transition-duration: .5s;
|
||||
}
|
||||
#workspaces button {
|
||||
padding: 0 5px;
|
||||
background-color: transparent;
|
||||
color: #ffffff;
|
||||
/* Use box-shadow instead of border so the text isn't offset */
|
||||
box-shadow: inset 0 -3px transparent;
|
||||
/* Avoid rounded borders under each workspace name */
|
||||
border: none;
|
||||
border-radius: 0;
|
||||
}
|
||||
|
||||
window#waybar.hidden {
|
||||
opacity: 0.2;
|
||||
}
|
||||
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
|
||||
#workspaces button:hover {
|
||||
background: rgba(0, 0, 0, 0.2);
|
||||
box-shadow: inset 0 -3px #ffffff;
|
||||
}
|
||||
|
||||
/*
|
||||
window#waybar.empty {
|
||||
background-color: transparent;
|
||||
}
|
||||
window#waybar.solo {
|
||||
background-color: #FFFFFF;
|
||||
}
|
||||
*/
|
||||
#workspaces button.focused {
|
||||
background-color: #64727D;
|
||||
box-shadow: inset 0 -3px #ffffff;
|
||||
}
|
||||
|
||||
window#waybar.termite {
|
||||
background-color: #3F3F3F;
|
||||
}
|
||||
#workspaces button.urgent {
|
||||
background-color: #eb4d4b;
|
||||
}
|
||||
|
||||
window#waybar.chromium {
|
||||
background-color: #000000;
|
||||
border: none;
|
||||
}
|
||||
#mode {
|
||||
background-color: #64727D;
|
||||
border-bottom: 3px solid #ffffff;
|
||||
}
|
||||
|
||||
#workspaces button {
|
||||
padding: 0 5px;
|
||||
background-color: transparent;
|
||||
color: #ffffff;
|
||||
/* Use box-shadow instead of border so the text isn't offset */
|
||||
box-shadow: inset 0 -3px transparent;
|
||||
/* Avoid rounded borders under each workspace name */
|
||||
border: none;
|
||||
border-radius: 0;
|
||||
}
|
||||
#clock,
|
||||
#battery,
|
||||
#cpu,
|
||||
#memory,
|
||||
#disk,
|
||||
#temperature,
|
||||
#backlight,
|
||||
#network,
|
||||
#pulseaudio,
|
||||
#custom-media,
|
||||
#tray,
|
||||
#mode,
|
||||
#idle_inhibitor,
|
||||
#mpd {
|
||||
padding: 0 10px;
|
||||
color: #ffffff;
|
||||
}
|
||||
|
||||
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
|
||||
#workspaces button:hover {
|
||||
background: rgba(0, 0, 0, 0.2);
|
||||
box-shadow: inset 0 -3px #ffffff;
|
||||
}
|
||||
#window,
|
||||
#workspaces {
|
||||
margin: 0 4px;
|
||||
}
|
||||
|
||||
#workspaces button.focused {
|
||||
background-color: #64727D;
|
||||
box-shadow: inset 0 -3px #ffffff;
|
||||
}
|
||||
/* If workspaces is the leftmost module, omit left margin */
|
||||
.modules-left > widget:first-child > #workspaces {
|
||||
margin-left: 0;
|
||||
}
|
||||
|
||||
#workspaces button.urgent {
|
||||
background-color: #eb4d4b;
|
||||
}
|
||||
/* If workspaces is the rightmost module, omit right margin */
|
||||
.modules-right > widget:last-child > #workspaces {
|
||||
margin-right: 0;
|
||||
}
|
||||
|
||||
#mode {
|
||||
background-color: #64727D;
|
||||
border-bottom: 3px solid #ffffff;
|
||||
}
|
||||
#clock {
|
||||
background-color: #64727D;
|
||||
}
|
||||
|
||||
#clock,
|
||||
#battery,
|
||||
#cpu,
|
||||
#memory,
|
||||
#disk,
|
||||
#temperature,
|
||||
#backlight,
|
||||
#network,
|
||||
#pulseaudio,
|
||||
#custom-media,
|
||||
#tray,
|
||||
#mode,
|
||||
#idle_inhibitor,
|
||||
#mpd {
|
||||
padding: 0 10px;
|
||||
color: #ffffff;
|
||||
}
|
||||
|
||||
#window,
|
||||
#workspaces {
|
||||
margin: 0 4px;
|
||||
}
|
||||
|
||||
/* If workspaces is the leftmost module, omit left margin */
|
||||
.modules-left > widget:first-child > #workspaces {
|
||||
margin-left: 0;
|
||||
}
|
||||
|
||||
/* If workspaces is the rightmost module, omit right margin */
|
||||
.modules-right > widget:last-child > #workspaces {
|
||||
margin-right: 0;
|
||||
}
|
||||
|
||||
#clock {
|
||||
background-color: #64727D;
|
||||
}
|
||||
|
||||
#battery {
|
||||
background-color: #ffffff;
|
||||
color: #000000;
|
||||
}
|
||||
|
||||
#battery.charging, #battery.plugged {
|
||||
color: #ffffff;
|
||||
background-color: #26A65B;
|
||||
}
|
||||
|
||||
@keyframes blink {
|
||||
to {
|
||||
#battery {
|
||||
background-color: #ffffff;
|
||||
color: #000000;
|
||||
}
|
||||
}
|
||||
|
||||
#battery.critical:not(.charging) {
|
||||
background-color: #f53c3c;
|
||||
color: #ffffff;
|
||||
animation-name: blink;
|
||||
animation-duration: 0.5s;
|
||||
animation-timing-function: linear;
|
||||
animation-iteration-count: infinite;
|
||||
animation-direction: alternate;
|
||||
}
|
||||
#battery.charging, #battery.plugged {
|
||||
color: #ffffff;
|
||||
background-color: #26A65B;
|
||||
}
|
||||
|
||||
label:focus {
|
||||
background-color: #000000;
|
||||
}
|
||||
@keyframes blink {
|
||||
to {
|
||||
background-color: #ffffff;
|
||||
color: #000000;
|
||||
}
|
||||
}
|
||||
|
||||
#cpu {
|
||||
background-color: #2ecc71;
|
||||
color: #000000;
|
||||
}
|
||||
#battery.critical:not(.charging) {
|
||||
background-color: #f53c3c;
|
||||
color: #ffffff;
|
||||
animation-name: blink;
|
||||
animation-duration: 0.5s;
|
||||
animation-timing-function: linear;
|
||||
animation-iteration-count: infinite;
|
||||
animation-direction: alternate;
|
||||
}
|
||||
|
||||
#memory {
|
||||
background-color: #9b59b6;
|
||||
}
|
||||
label:focus {
|
||||
background-color: #000000;
|
||||
}
|
||||
|
||||
#disk {
|
||||
background-color: #964B00;
|
||||
}
|
||||
#cpu {
|
||||
background-color: #2ecc71;
|
||||
color: #000000;
|
||||
}
|
||||
|
||||
#backlight {
|
||||
background-color: #90b1b1;
|
||||
}
|
||||
#memory {
|
||||
background-color: #9b59b6;
|
||||
}
|
||||
|
||||
#network {
|
||||
background-color: #2980b9;
|
||||
}
|
||||
#disk {
|
||||
background-color: #964B00;
|
||||
}
|
||||
|
||||
#network.disconnected {
|
||||
background-color: #f53c3c;
|
||||
}
|
||||
#backlight {
|
||||
background-color: #90b1b1;
|
||||
}
|
||||
|
||||
#pulseaudio {
|
||||
background-color: #f1c40f;
|
||||
color: #000000;
|
||||
}
|
||||
#network {
|
||||
background-color: #2980b9;
|
||||
}
|
||||
|
||||
#pulseaudio.muted {
|
||||
background-color: #90b1b1;
|
||||
color: #2a5c45;
|
||||
}
|
||||
#network.disconnected {
|
||||
background-color: #f53c3c;
|
||||
}
|
||||
|
||||
#custom-media {
|
||||
background-color: #66cc99;
|
||||
color: #2a5c45;
|
||||
min-width: 100px;
|
||||
}
|
||||
#pulseaudio {
|
||||
background-color: #f1c40f;
|
||||
color: #000000;
|
||||
}
|
||||
|
||||
#custom-media.custom-spotify {
|
||||
background-color: #66cc99;
|
||||
}
|
||||
#pulseaudio.muted {
|
||||
background-color: #90b1b1;
|
||||
color: #2a5c45;
|
||||
}
|
||||
|
||||
#custom-media.custom-vlc {
|
||||
background-color: #ffa000;
|
||||
}
|
||||
#custom-media {
|
||||
background-color: #66cc99;
|
||||
color: #2a5c45;
|
||||
min-width: 100px;
|
||||
}
|
||||
|
||||
#temperature {
|
||||
background-color: #f0932b;
|
||||
}
|
||||
#custom-media.custom-spotify {
|
||||
background-color: #66cc99;
|
||||
}
|
||||
|
||||
#temperature.critical {
|
||||
background-color: #eb4d4b;
|
||||
}
|
||||
#custom-media.custom-vlc {
|
||||
background-color: #ffa000;
|
||||
}
|
||||
|
||||
#tray {
|
||||
background-color: #2980b9;
|
||||
}
|
||||
#temperature {
|
||||
background-color: #f0932b;
|
||||
}
|
||||
|
||||
#tray > .passive {
|
||||
-gtk-icon-effect: dim;
|
||||
}
|
||||
#temperature.critical {
|
||||
background-color: #eb4d4b;
|
||||
}
|
||||
|
||||
#tray > .needs-attention {
|
||||
-gtk-icon-effect: highlight;
|
||||
background-color: #eb4d4b;
|
||||
}
|
||||
#tray {
|
||||
background-color: #2980b9;
|
||||
}
|
||||
|
||||
#idle_inhibitor {
|
||||
background-color: #2d3436;
|
||||
}
|
||||
#tray > .passive {
|
||||
-gtk-icon-effect: dim;
|
||||
}
|
||||
|
||||
#idle_inhibitor.activated {
|
||||
background-color: #ecf0f1;
|
||||
color: #2d3436;
|
||||
}
|
||||
#tray > .needs-attention {
|
||||
-gtk-icon-effect: highlight;
|
||||
background-color: #eb4d4b;
|
||||
}
|
||||
|
||||
#mpd {
|
||||
background-color: #66cc99;
|
||||
color: #2a5c45;
|
||||
}
|
||||
#idle_inhibitor {
|
||||
background-color: #2d3436;
|
||||
}
|
||||
|
||||
#mpd.disconnected {
|
||||
background-color: #f53c3c;
|
||||
}
|
||||
#idle_inhibitor.activated {
|
||||
background-color: #ecf0f1;
|
||||
color: #2d3436;
|
||||
}
|
||||
|
||||
#mpd.stopped {
|
||||
background-color: #90b1b1;
|
||||
}
|
||||
#mpd {
|
||||
background-color: #66cc99;
|
||||
color: #2a5c45;
|
||||
}
|
||||
|
||||
#mpd.paused {
|
||||
background-color: #51a37a;
|
||||
}
|
||||
#mpd.disconnected {
|
||||
background-color: #f53c3c;
|
||||
}
|
||||
|
||||
#language {
|
||||
background: #00b093;
|
||||
color: #740864;
|
||||
padding: 0 5px;
|
||||
margin: 0 5px;
|
||||
min-width: 16px;
|
||||
}
|
||||
#mpd.stopped {
|
||||
background-color: #90b1b1;
|
||||
}
|
||||
|
||||
#keyboard-state {
|
||||
background: #97e1ad;
|
||||
color: #000000;
|
||||
padding: 0 0px;
|
||||
margin: 0 5px;
|
||||
min-width: 16px;
|
||||
}
|
||||
#mpd.paused {
|
||||
background-color: #51a37a;
|
||||
}
|
||||
|
||||
#keyboard-state > label {
|
||||
padding: 0 5px;
|
||||
}
|
||||
#language {
|
||||
background: #00b093;
|
||||
color: #740864;
|
||||
padding: 0 5px;
|
||||
margin: 0 5px;
|
||||
min-width: 16px;
|
||||
}
|
||||
|
||||
#keyboard-state > label.locked {
|
||||
background: rgba(0, 0, 0, 0.2);
|
||||
}
|
||||
'';
|
||||
# style = ''
|
||||
# * {
|
||||
# border: none;
|
||||
# border-radius: 0;
|
||||
# font-family: Source Code Pro;
|
||||
# }
|
||||
# window#waybar {
|
||||
# background: #16191C;
|
||||
# color: #AAB2BF;
|
||||
# }
|
||||
# #workspaces button {
|
||||
# padding: 0 5px;
|
||||
# }
|
||||
# .custom-spotify {
|
||||
# padding: 0 10px;
|
||||
# margin: 0 4px;
|
||||
# background-color: #1DB954;
|
||||
# color: black;
|
||||
# }
|
||||
# '';
|
||||
#keyboard-state {
|
||||
background: #97e1ad;
|
||||
color: #000000;
|
||||
padding: 0 0px;
|
||||
margin: 0 5px;
|
||||
min-width: 16px;
|
||||
}
|
||||
|
||||
sane.packages.extraUserPkgs = with pkgs; [
|
||||
swaylock
|
||||
swayidle # (unused)
|
||||
wl-clipboard
|
||||
mako # notification daemon
|
||||
xdg-utils # for xdg-open
|
||||
# user stuff
|
||||
# pavucontrol
|
||||
sway-contrib.grimshot
|
||||
gnome.gnome-bluetooth
|
||||
gnome.gnome-control-center
|
||||
];
|
||||
};
|
||||
#keyboard-state > label {
|
||||
padding: 0 5px;
|
||||
}
|
||||
|
||||
#keyboard-state > label.locked {
|
||||
background: rgba(0, 0, 0, 0.2);
|
||||
}
|
||||
'';
|
||||
# style = ''
|
||||
# * {
|
||||
# border: none;
|
||||
# border-radius: 0;
|
||||
# font-family: Source Code Pro;
|
||||
# }
|
||||
# window#waybar {
|
||||
# background: #16191C;
|
||||
# color: #AAB2BF;
|
||||
# }
|
||||
# #workspaces button {
|
||||
# padding: 0 5px;
|
||||
# }
|
||||
# .custom-spotify {
|
||||
# padding: 0 10px;
|
||||
# margin: 0 4px;
|
||||
# background-color: #1DB954;
|
||||
# color: black;
|
||||
# }
|
||||
# '';
|
||||
})
|
||||
];
|
||||
}
|
||||
|
||||
|
6
hosts/modules/services/default.nix
Normal file
6
hosts/modules/services/default.nix
Normal file
@@ -0,0 +1,6 @@
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./duplicity.nix
|
||||
];
|
||||
}
|
@@ -5,13 +5,13 @@
|
||||
./feeds.nix
|
||||
./fs
|
||||
./ids.nix
|
||||
./packages.nix
|
||||
./programs.nix
|
||||
./image.nix
|
||||
./nixcache.nix
|
||||
./persist
|
||||
./services
|
||||
./sops.nix
|
||||
./ssh.nix
|
||||
./users.nix
|
||||
];
|
||||
|
||||
_module.args = {
|
||||
|
@@ -20,9 +20,13 @@ sane-lib = rec {
|
||||
isPrefixOfList = p: l: (lib.sublist 0 (lib.length p) l) == p;
|
||||
|
||||
# merges N attrsets
|
||||
# Type: flattenAttrsList :: [AttrSet] -> AttrSet
|
||||
# Type: joinAttrsets :: [AttrSet] -> AttrSet
|
||||
joinAttrsets = l: lib.foldl' lib.attrsets.unionOfDisjoint {} l;
|
||||
|
||||
# merges N attrsets, recursively
|
||||
# Type: joinAttrsetsRecursive :: [AttrSet] -> AttrSet
|
||||
joinAttrsetsRecursive = l: lib.foldl' (lib.attrsets.recursiveUpdateUntil (path: lhs: rhs: false)) {} l;
|
||||
|
||||
# evaluate a `{ name, value }` pair in the same way that `listToAttrs` does.
|
||||
# Type: nameValueToAttrs :: { name :: String, value :: Any } -> Any
|
||||
nameValueToAttrs = { name, value }: {
|
||||
|
@@ -17,7 +17,7 @@ rec {
|
||||
merged = builtins.map (p: lib.setAttrByPath p (mergeAtPath p discharged)) pathsToMerge;
|
||||
in
|
||||
assert builtins.all (assertNoExtraPaths pathsToMerge) discharged;
|
||||
sane-lib.joinAttrsets merged;
|
||||
sane-lib.joinAttrsetsRecursive merged;
|
||||
|
||||
# `take` is as in mkTypedMerge. this function queries which items `take` is interested in.
|
||||
# for example:
|
||||
|
@@ -1,330 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
with pkgs;
|
||||
let
|
||||
cfg = config.sane.packages;
|
||||
|
||||
imagemagick = pkgs.imagemagick.override {
|
||||
ghostscriptSupport = true;
|
||||
};
|
||||
|
||||
consolePkgs = [
|
||||
backblaze-b2
|
||||
cdrtools
|
||||
dmidecode
|
||||
duplicity
|
||||
efivar
|
||||
flashrom
|
||||
fwupd
|
||||
ghostscript # TODO: imagemagick wrapper should add gs to PATH
|
||||
gnupg
|
||||
gocryptfs
|
||||
gopass
|
||||
gopass-jsonapi
|
||||
ifuse
|
||||
imagemagick
|
||||
ipfs
|
||||
libimobiledevice
|
||||
libsecret # for managing user keyrings
|
||||
lm_sensors # for sensors-detect
|
||||
lshw
|
||||
ffmpeg
|
||||
memtester
|
||||
networkmanager
|
||||
nixpkgs-review
|
||||
# nixos-generators
|
||||
# nettools
|
||||
nmon
|
||||
oathToolkit # for oathtool
|
||||
# ponymix
|
||||
pulsemixer
|
||||
python3
|
||||
rsync
|
||||
# python3Packages.eyeD3 # music tagging
|
||||
sane-scripts
|
||||
sequoia
|
||||
snapper
|
||||
sops
|
||||
speedtest-cli
|
||||
sqlite # to debug sqlite3 databases
|
||||
ssh-to-age
|
||||
sudo
|
||||
# tageditor # music tagging
|
||||
unar
|
||||
visidata
|
||||
w3m
|
||||
wireguard-tools
|
||||
# youtube-dl
|
||||
yt-dlp
|
||||
];
|
||||
|
||||
guiPkgs = [
|
||||
# GUI only
|
||||
aerc # email client
|
||||
audacity
|
||||
celluloid # mpv frontend
|
||||
chromium
|
||||
clinfo
|
||||
{ pkg = dino; private = [ ".local/share/dino" ]; }
|
||||
electrum
|
||||
|
||||
# creds/session keys, etc
|
||||
{ pkg = element-desktop; private = [ ".config/Element" ]; }
|
||||
# `emote` will show a first-run dialog based on what's in this directory.
|
||||
# mostly, it just keeps a LRU of previously-used emotes to optimize display order.
|
||||
# TODO: package [smile](https://github.com/mijorus/smile) for probably a better mobile experience.
|
||||
{ pkg = emote; dir = [ ".local/share/Emote" ]; }
|
||||
evince # works on phosh
|
||||
|
||||
# { pkg = fluffychat-moby; dir = [ ".local/share/chat.fluffy.fluffychat" ]; } # TODO: ship normal fluffychat on non-moby?
|
||||
|
||||
foliate
|
||||
font-manager
|
||||
|
||||
# XXX by default fractal stores its state in ~/.local/share/<UUID>.
|
||||
# after logging in, manually change ~/.local/share/keyrings/... to point it to some predictable subdir.
|
||||
# then reboot (so that libsecret daemon re-loads the keyring...?)
|
||||
# { pkg = fractal-latest; private = [ ".local/share/fractal" ]; }
|
||||
# { pkg = fractal-next; private = [ ".local/share/fractal" ]; }
|
||||
|
||||
gajim # XMPP client
|
||||
gimp # broken on phosh
|
||||
gnome.cheese
|
||||
gnome.dconf-editor
|
||||
gnome-feeds # RSS reader (with claimed mobile support)
|
||||
gnome.file-roller
|
||||
gnome.gnome-disk-utility
|
||||
gnome.gnome-maps # works on phosh
|
||||
gnome.nautilus
|
||||
# gnome-podcasts
|
||||
gnome.gnome-system-monitor
|
||||
gnome.gnome-terminal # works on phosh
|
||||
gnome.gnome-weather
|
||||
|
||||
# XXX: we preserve the whole thing because if we only preserve gPodder/Downloads
|
||||
# then startup is SLOW during feed import, and we might end up with zombie eps in the dl dir.
|
||||
{ pkg = gpodder-configured; dir = [ "gPodder" ]; }
|
||||
|
||||
gthumb
|
||||
inkscape
|
||||
|
||||
kdenlive
|
||||
kid3 # audio tagging
|
||||
kitty
|
||||
krita
|
||||
libreoffice-fresh # XXX colin: maybe don't want this on mobile
|
||||
lollypop
|
||||
|
||||
{ pkg = mpv; dir = [ ".config/mpv/watch_later" ]; }
|
||||
|
||||
networkmanagerapplet
|
||||
|
||||
# not strictly necessary, but allows caching articles; offline use, etc.
|
||||
{ pkg = newsflash; dir = [ ".local/share/news-flash" ]; }
|
||||
|
||||
{ pkg = nheko; private = [
|
||||
".config/nheko" # config file (including client token)
|
||||
".cache/nheko" # media cache
|
||||
".local/share/nheko" # per-account state database
|
||||
]; }
|
||||
|
||||
# settings (electron app)
|
||||
{ pkg = obsidian; dir = [ ".config/obsidian" ]; }
|
||||
|
||||
pavucontrol
|
||||
# picard # music tagging
|
||||
playerctl
|
||||
|
||||
libsForQt5.plasmatube # Youtube player
|
||||
|
||||
soundconverter
|
||||
# sublime music persists any downloaded albums here.
|
||||
# it doesn't obey a conventional ~/Music/{Artist}/{Album}/{Track} notation, so no symlinking
|
||||
# config (e.g. server connection details) is persisted in ~/.config/sublime-music/config.json
|
||||
# possible to pass config as a CLI arg (sublime-music -c config.json)
|
||||
# { pkg = sublime-music; dir = [ ".local/share/sublime-music" ]; }
|
||||
{ pkg = sublime-music-mobile; dir = [ ".local/share/sublime-music" ]; }
|
||||
{ pkg = tdesktop; private = [ ".local/share/TelegramDesktop" ]; } # broken on phosh
|
||||
|
||||
{ pkg = tokodon; private = [ ".cache/KDE/tokodon" ]; }
|
||||
|
||||
# vlc remembers play position in ~/.config/vlc/vlc-qt-interface.conf
|
||||
{ pkg = vlc; dir = [ ".config/vlc" ]; }
|
||||
|
||||
# pleroma client (Electron). input is broken on phosh.
|
||||
{ pkg = whalebird; private = [ ".config/Whalebird" ]; }
|
||||
|
||||
xdg-utils # for xdg-open
|
||||
xterm # broken on phosh
|
||||
]
|
||||
++ (if pkgs.system == "x86_64-linux" then
|
||||
[
|
||||
# x86_64 only
|
||||
|
||||
# creds, but also 200 MB of node modules, etc
|
||||
(let discord = (pkgs.discord.override {
|
||||
# XXX 2022-07-31: fix to allow links to open in default web-browser:
|
||||
# https://github.com/NixOS/nixpkgs/issues/78961
|
||||
nss = pkgs.nss_latest;
|
||||
}); in { pkg = discord; private = [ ".config/discord" ]; })
|
||||
|
||||
# kaiteki # Pleroma client
|
||||
# gnome.zenity # for kaiteki (it will use qarma, kdialog, or zenity)
|
||||
# gpt2tc # XXX: unreliable mirror
|
||||
|
||||
# TODO(unpin): handbrake is broken on aarch64-linux 2023/01/29
|
||||
handbrake
|
||||
|
||||
logseq
|
||||
losslesscut-bin
|
||||
makemkv
|
||||
|
||||
# actual monero blockchain (not wallet/etc; safe to delete, just slow to regenerate)
|
||||
{ pkg = monero-gui; dir = [ ".bitmonero" ]; }
|
||||
|
||||
# creds, media
|
||||
{ pkg = signal-desktop; private = [ ".config/Signal" ]; }
|
||||
|
||||
# creds, widevine .so download. TODO: could easily manage these statically.
|
||||
{ pkg = spotify; dir = [ ".config/spotify" ]; }
|
||||
|
||||
# hardenedMalloc solves a crash at startup
|
||||
(tor-browser-bundle-bin.override { useHardenedMalloc = false; })
|
||||
|
||||
# zcash coins. safe to delete, just slow to regenerate (10-60 minutes)
|
||||
{ pkg = zecwallet-lite; private = [ ".zcash" ]; }
|
||||
] else []);
|
||||
|
||||
# general-purpose utilities that we want any user to be able to access
|
||||
# (specifically: root, in case of rescue)
|
||||
systemPkgs = [
|
||||
btrfs-progs
|
||||
cacert.unbundled # some services require unbundled /etc/ssl/certs
|
||||
cryptsetup
|
||||
dig
|
||||
efibootmgr
|
||||
fatresize
|
||||
fd
|
||||
file
|
||||
gawk
|
||||
git
|
||||
gptfdisk
|
||||
hdparm
|
||||
htop
|
||||
iftop
|
||||
inetutils # for telnet
|
||||
iotop
|
||||
iptables
|
||||
jq
|
||||
killall
|
||||
lsof
|
||||
nano
|
||||
netcat
|
||||
nethogs
|
||||
nmap
|
||||
openssl
|
||||
parted
|
||||
pciutils
|
||||
powertop
|
||||
pstree
|
||||
ripgrep
|
||||
screen
|
||||
smartmontools
|
||||
socat
|
||||
strace
|
||||
tcpdump
|
||||
tree
|
||||
usbutils
|
||||
wget
|
||||
];
|
||||
|
||||
# useful devtools:
|
||||
devPkgs = [
|
||||
bison
|
||||
dtc
|
||||
flex
|
||||
gcc
|
||||
gdb
|
||||
# gcc-arm-embedded
|
||||
# gcc_multi
|
||||
gnumake
|
||||
mercurial
|
||||
mix2nix
|
||||
rustup
|
||||
swig
|
||||
];
|
||||
|
||||
pkgSpec = types.submodule {
|
||||
options = {
|
||||
pkg = mkOption {
|
||||
type = types.package;
|
||||
};
|
||||
dir = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = "list of home-relative paths to persist for this package";
|
||||
};
|
||||
private = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = "list of home-relative paths to persist (in encrypted format) for this package";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
toPkgSpec = types.coercedTo types.package (p: { pkg = p; }) pkgSpec;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
# packages to deploy to the user's home
|
||||
sane.packages.extraUserPkgs = mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf toPkgSpec;
|
||||
};
|
||||
sane.packages.extraGuiPkgs = mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf toPkgSpec;
|
||||
description = "packages to only ship if gui's enabled";
|
||||
};
|
||||
sane.packages.enableConsolePkgs = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
sane.packages.enableGuiPkgs = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
sane.packages.enableDevPkgs = mkOption {
|
||||
description = ''
|
||||
enable packages that are useful for building other software by hand.
|
||||
you should prefer to keep this disabled except when prototyping, e.g. packaging new software.
|
||||
'';
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
sane.packages.enableSystemPkgs = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = "enable system-wide packages";
|
||||
};
|
||||
|
||||
sane.packages.enabledUserPkgs = mkOption {
|
||||
default = cfg.extraUserPkgs
|
||||
++ (if cfg.enableConsolePkgs then consolePkgs else [])
|
||||
++ (if cfg.enableGuiPkgs then guiPkgs ++ cfg.extraGuiPkgs else [])
|
||||
++ (if cfg.enableDevPkgs then devPkgs else [])
|
||||
;
|
||||
type = types.listOf toPkgSpec;
|
||||
description = "generated from other config options";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
environment.systemPackages = mkIf cfg.enableSystemPkgs systemPkgs;
|
||||
sane.persist.home.plaintext = concatLists (map (p: p.dir) cfg.enabledUserPkgs);
|
||||
sane.persist.home.private = concatLists (map (p: p.private) cfg.enabledUserPkgs);
|
||||
# XXX: this might not be necessary. try removing this and cacert.unbundled?
|
||||
environment.etc."ssl/certs".source = mkIf cfg.enableSystemPkgs "${pkgs.cacert.unbundled}/etc/ssl/certs/*";
|
||||
};
|
||||
}
|
@@ -1,18 +0,0 @@
|
||||
{ config, lib, sane-lib, ... }:
|
||||
|
||||
let
|
||||
path = sane-lib.path;
|
||||
cfg = config.sane.persist;
|
||||
|
||||
withPrefix = relativeTo: entries: lib.mapAttrs' (fspath: value: {
|
||||
name = path.concat [ relativeTo fspath ];
|
||||
inherit value;
|
||||
}) entries;
|
||||
in
|
||||
{
|
||||
# merge the `byPath` mappings from both `home` and `sys` into one namespace
|
||||
sane.persist.byPath = lib.mkMerge [
|
||||
(withPrefix "/home/colin" cfg.home.byPath)
|
||||
(withPrefix "/" cfg.sys.byPath)
|
||||
];
|
||||
}
|
@@ -179,23 +179,11 @@ in
|
||||
type = types.bool;
|
||||
description = "define / fs root to be a tmpfs. make sure to mount some other device to /nix";
|
||||
};
|
||||
sane.persist.home = mkOption {
|
||||
description = "directories to persist to disk, relative to a user's home ~";
|
||||
default = {};
|
||||
type = dirsSubModule;
|
||||
};
|
||||
sane.persist.sys = mkOption {
|
||||
description = "directories to persist to disk, relative to the fs root /";
|
||||
default = {};
|
||||
type = dirsSubModule;
|
||||
};
|
||||
sane.persist.byPath = mkOption {
|
||||
type = types.attrsOf (convertInlineAcl entryAtPath);
|
||||
description = ''
|
||||
map of <path> => <path config> for all paths to be persisted.
|
||||
this is computed from the other options, but users can also set it explicitly (useful for overriding)
|
||||
'';
|
||||
};
|
||||
sane.persist.stores = mkOption {
|
||||
type = types.attrsOf storeType;
|
||||
default = {};
|
||||
@@ -206,7 +194,6 @@ in
|
||||
};
|
||||
|
||||
imports = [
|
||||
./computed.nix
|
||||
./root-on-tmpfs.nix
|
||||
./stores
|
||||
];
|
||||
@@ -247,7 +234,7 @@ in
|
||||
);
|
||||
}
|
||||
];
|
||||
configs = lib.mapAttrsToList cfgFor cfg.byPath;
|
||||
configs = lib.mapAttrsToList cfgFor cfg.sys.byPath;
|
||||
take = f: { sane.fs = f.sane.fs; };
|
||||
in mkIf cfg.enable (
|
||||
take (sane-lib.mkTypedMerge take configs)
|
||||
|
@@ -1,14 +1,10 @@
|
||||
{ config, lib, pkgs, utils, ... }:
|
||||
{ config, lib, pkgs, sane-lib, utils, ... }:
|
||||
|
||||
let
|
||||
store = rec {
|
||||
device = "/mnt/persist/crypt/clearedonboot";
|
||||
underlying = {
|
||||
path = "/nix/persist/crypt/clearedonboot";
|
||||
# TODO: consider moving this to /tmp, but that requires tmp be mounted first?
|
||||
key = "/mnt/persist/crypt/clearedonboot.key";
|
||||
};
|
||||
};
|
||||
persist-base = config.sane.persist.stores."plaintext".origin;
|
||||
device = config.sane.persist.stores."cryptClearOnBoot".origin;
|
||||
key = "${device}.key";
|
||||
underlying = sane-lib.path.concat [ persist-base "crypt/clearedonboot" ];
|
||||
in
|
||||
lib.mkIf config.sane.persist.enable
|
||||
{
|
||||
@@ -17,35 +13,35 @@ lib.mkIf config.sane.persist.enable
|
||||
stored to disk, but encrypted to an in-memory key and cleared on every boot
|
||||
so that it's unreadable after power-off
|
||||
'';
|
||||
origin = store.device;
|
||||
origin = lib.mkDefault "/mnt/persist/crypt/clearedonboot";
|
||||
};
|
||||
|
||||
|
||||
fileSystems."${store.device}" = {
|
||||
device = store.underlying.path;
|
||||
fileSystems."${device}" = {
|
||||
device = underlying;
|
||||
fsType = "fuse.gocryptfs";
|
||||
options = [
|
||||
"nodev"
|
||||
"nosuid"
|
||||
"allow_other"
|
||||
"passfile=${store.underlying.key}"
|
||||
"passfile=${key}"
|
||||
"defaults"
|
||||
];
|
||||
noCheck = true;
|
||||
};
|
||||
# let sane.fs know about our fileSystem and automatically add the appropriate dependencies
|
||||
sane.fs."${store.device}".mount = {
|
||||
sane.fs."${device}".mount = {
|
||||
# technically the dependency on the keyfile is extraneous because that *happens* to
|
||||
# be needed to init the store.
|
||||
depends = let
|
||||
cryptfile = config.sane.fs."${store.underlying.path}/gocryptfs.conf";
|
||||
keyfile = config.sane.fs."${store.underlying.key}";
|
||||
cryptfile = config.sane.fs."${underlying}/gocryptfs.conf";
|
||||
keyfile = config.sane.fs."${key}";
|
||||
in [ keyfile.unit cryptfile.unit ];
|
||||
};
|
||||
|
||||
# let sane.fs know how to initialize the gocryptfs store,
|
||||
# and that it MUST do so
|
||||
sane.fs."${store.underlying.path}/gocryptfs.conf".generated = {
|
||||
sane.fs."${underlying}/gocryptfs.conf".generated = {
|
||||
script.script = ''
|
||||
backing="$1"
|
||||
passfile="$2"
|
||||
@@ -54,17 +50,17 @@ lib.mkIf config.sane.persist.enable
|
||||
rm -rf "''${backing:?}"/*
|
||||
${pkgs.gocryptfs}/bin/gocryptfs -quiet -passfile "$passfile" -init "$backing"
|
||||
'';
|
||||
script.scriptArgs = [ store.underlying.path store.underlying.key ];
|
||||
script.scriptArgs = [ underlying key ];
|
||||
# we need the key in order to initialize the store
|
||||
depends = [ config.sane.fs."${store.underlying.key}".unit ];
|
||||
depends = [ config.sane.fs."${key}".unit ];
|
||||
};
|
||||
|
||||
# let sane.fs know how to generate the key for gocryptfs
|
||||
sane.fs."${store.underlying.key}".generated = {
|
||||
sane.fs."${key}".generated = {
|
||||
script.script = ''
|
||||
dd if=/dev/random bs=128 count=1 | base64 --wrap=0 > "$1"
|
||||
'';
|
||||
script.scriptArgs = [ store.underlying.key ];
|
||||
script.scriptArgs = [ key ];
|
||||
# no need for anyone else to be able to read the key
|
||||
acl.mode = "0400";
|
||||
};
|
||||
|
@@ -3,7 +3,7 @@
|
||||
let
|
||||
cfg = config.sane.persist;
|
||||
in lib.mkIf cfg.enable {
|
||||
sane.persist.stores."plaintext" = {
|
||||
sane.persist.stores."plaintext" = lib.mkDefault {
|
||||
origin = "/nix/persist";
|
||||
};
|
||||
# TODO: needed?
|
||||
|
@@ -1,21 +1,23 @@
|
||||
{ config, lib, pkgs, utils, ... }:
|
||||
{ config, lib, pkgs, sane-lib, utils, ... }:
|
||||
|
||||
let
|
||||
persist-base = config.sane.persist.stores."plaintext".origin;
|
||||
private-dir = config.sane.persist.stores."private".origin;
|
||||
private-backing-dir = sane-lib.path.concat [ persist-base private-dir ];
|
||||
in
|
||||
lib.mkIf config.sane.persist.enable
|
||||
{
|
||||
sane.persist.stores."private" = {
|
||||
storeDescription = ''
|
||||
encrypted to the user's password and auto-unlocked at login
|
||||
encrypted store which persists across boots.
|
||||
typical use case is for the user to encrypt this store using their login password so that it
|
||||
can be auto-unlocked at login.
|
||||
'';
|
||||
origin = "/home/colin/private";
|
||||
# files stored under here *must* have the /home/colin prefix.
|
||||
# internally, this prefix is removed so that e.g.
|
||||
# /home/colin/foo/bar when stored in `private` is visible at
|
||||
# /home/colin/private/foo/bar
|
||||
prefix = "/home/colin";
|
||||
origin = lib.mkDefault "/mnt/private";
|
||||
defaultOrdering = let
|
||||
private-unit = config.sane.fs."/home/colin/private".unit;
|
||||
private-unit = config.sane.fs."${private-dir}".unit;
|
||||
in {
|
||||
# auto create only after ~/private is mounted
|
||||
# auto create only after the store is mounted
|
||||
wantedBy = [ private-unit ];
|
||||
# we can't create things in private before local-fs.target
|
||||
wantedBeforeBy = [ ];
|
||||
@@ -23,13 +25,13 @@ lib.mkIf config.sane.persist.enable
|
||||
defaultMethod = "symlink";
|
||||
};
|
||||
|
||||
fileSystems."/home/colin/private" = {
|
||||
device = "/nix/persist/home/colin/private";
|
||||
fileSystems."${private-dir}" = {
|
||||
device = private-backing-dir;
|
||||
fsType = "fuse.gocryptfs";
|
||||
options = [
|
||||
"noauto" # don't try to mount, until the user logs in!
|
||||
"nofail"
|
||||
"allow_other" # root ends up being the user that mounts this, so need to make it visible to `colin`.
|
||||
"allow_other" # root ends up being the user that mounts this, so need to make it visible to other users.
|
||||
"nodev"
|
||||
"nosuid"
|
||||
"quiet"
|
||||
@@ -39,9 +41,9 @@ lib.mkIf config.sane.persist.enable
|
||||
};
|
||||
|
||||
# let sane.fs know about the mount
|
||||
sane.fs."/home/colin/private".mount = {};
|
||||
sane.fs."${private-dir}".mount = {};
|
||||
# it also needs to know that the underlying device is an ordinary folder
|
||||
sane.fs."/nix/persist/home/colin/private".dir = {};
|
||||
sane.fs."${private-backing-dir}".dir = {};
|
||||
|
||||
# TODO: could add this *specifically* to the .mount file for the encrypted fs?
|
||||
system.fsPackages = [ pkgs.gocryptfs ]; # fuse needs to find gocryptfs
|
||||
|
133
modules/programs.nix
Normal file
133
modules/programs.nix
Normal file
@@ -0,0 +1,133 @@
|
||||
{ config, lib, pkgs, sane-lib, ... }:
|
||||
let
|
||||
inherit (builtins) any elem map;
|
||||
inherit (lib)
|
||||
filterAttrs
|
||||
hasAttrByPath
|
||||
getAttrFromPath
|
||||
mapAttrs
|
||||
mapAttrsToList
|
||||
mkDefault
|
||||
mkIf
|
||||
mkMerge
|
||||
mkOption
|
||||
optional
|
||||
optionalAttrs
|
||||
splitString
|
||||
types
|
||||
;
|
||||
inherit (sane-lib) joinAttrsets;
|
||||
cfg = config.sane.programs;
|
||||
pkgSpec = types.submodule ({ name, ... }: {
|
||||
options = {
|
||||
package = mkOption {
|
||||
type = types.nullOr types.package;
|
||||
description = ''
|
||||
package, or `null` if the program is some sort of meta set (in which case it much EXPLICITLY be set null).
|
||||
'';
|
||||
default =
|
||||
let
|
||||
pkgPath = splitString "." name;
|
||||
in
|
||||
# package can be inferred by the attr name, allowing shorthand like
|
||||
# `sane.programs.nano.enable = true;`
|
||||
# this indexing will throw if the package doesn't exist and the user forgets to specify
|
||||
# a valid source explicitly.
|
||||
getAttrFromPath pkgPath pkgs;
|
||||
};
|
||||
enableFor.system = mkOption {
|
||||
type = types.bool;
|
||||
default = any (en: en) (
|
||||
mapAttrsToList
|
||||
(otherName: otherPkg:
|
||||
otherName != name && elem name otherPkg.suggestedPrograms && otherPkg.enableSuggested && otherPkg.enableFor.system
|
||||
)
|
||||
cfg
|
||||
);
|
||||
description = ''
|
||||
place this program on the system PATH
|
||||
'';
|
||||
};
|
||||
enableFor.user = mkOption {
|
||||
type = types.attrsOf types.bool;
|
||||
default = joinAttrsets (mapAttrsToList (otherName: otherPkg:
|
||||
optionalAttrs
|
||||
(otherName != name && elem name otherPkg.suggestedPrograms && otherPkg.enableSuggested)
|
||||
(filterAttrs (user: en: en) otherPkg.enableFor.user)
|
||||
) cfg);
|
||||
description = ''
|
||||
place this program on the PATH for some specified user(s).
|
||||
'';
|
||||
};
|
||||
suggestedPrograms = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = ''
|
||||
list of other programs a user may want to enable alongside this one.
|
||||
for example, the gnome desktop environment would suggest things like its settings app.
|
||||
'';
|
||||
};
|
||||
enableSuggested = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
};
|
||||
dir = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = "list of home-relative paths to persist for this package";
|
||||
};
|
||||
private = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = "list of home-relative paths to persist (in encrypted format) for this package";
|
||||
};
|
||||
};
|
||||
|
||||
});
|
||||
toPkgSpec = types.coercedTo types.package (p: { package = p; }) pkgSpec;
|
||||
|
||||
configs = mapAttrsToList (name: p: {
|
||||
assertions = map (sug: {
|
||||
assertion = cfg ? "${sug}";
|
||||
message = ''program "${sug}" referenced by "${name}", but not defined'';
|
||||
}) p.suggestedPrograms;
|
||||
|
||||
# conditionally add to system PATH
|
||||
environment.systemPackages = optional
|
||||
(p.package != null && p.enableFor.system)
|
||||
p.package;
|
||||
# conditionally add to user(s) PATH
|
||||
users.users = mapAttrs (user: en: {
|
||||
packages = optional (p.package != null && en) p.package;
|
||||
}) p.enableFor.user;
|
||||
# conditionally persist relevant user dirs
|
||||
sane.users = mapAttrs (user: en: optionalAttrs en {
|
||||
persist.plaintext = p.dir;
|
||||
persist.private = p.private;
|
||||
}) p.enableFor.user;
|
||||
}) cfg;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
sane.programs = mkOption {
|
||||
type = types.attrsOf toPkgSpec;
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
take = f: {
|
||||
assertions = f.assertions;
|
||||
environment.systemPackages = f.environment.systemPackages;
|
||||
users.users = f.users.users;
|
||||
sane.users = f.sane.users;
|
||||
};
|
||||
in mkMerge [
|
||||
(take (sane-lib.mkTypedMerge take configs))
|
||||
{
|
||||
# expose the pkgs -- as available to the system -- as a build target.
|
||||
system.build.pkgs = pkgs;
|
||||
}
|
||||
];
|
||||
}
|
@@ -1,7 +1,6 @@
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./duplicity.nix
|
||||
./dyn-dns.nix
|
||||
./kiwix-serve.nix
|
||||
./mautrix-signal.nix
|
||||
|
110
modules/users.nix
Normal file
110
modules/users.nix
Normal file
@@ -0,0 +1,110 @@
|
||||
{ config, lib, options, sane-lib, ... }:
|
||||
|
||||
let
|
||||
inherit (builtins) attrValues;
|
||||
inherit (lib) count mapAttrs' mapAttrsToList mkIf mkMerge mkOption types;
|
||||
sane-user-cfg = config.sane.user;
|
||||
cfg = config.sane.users;
|
||||
path-lib = sane-lib.path;
|
||||
userOptions = {
|
||||
options = {
|
||||
fs = mkOption {
|
||||
type = types.attrs;
|
||||
default = {};
|
||||
description = ''
|
||||
entries to pass onto `sane.fs` after prepending the user's home-dir to the path.
|
||||
e.g. `sane.users.colin.fs."/.config/aerc" = X`
|
||||
=> `sane.fs."/home/colin/.config/aerc" = X;
|
||||
'';
|
||||
};
|
||||
|
||||
persist = mkOption {
|
||||
type = options.sane.persist.sys.type;
|
||||
default = {};
|
||||
description = ''
|
||||
entries to pass onto `sane.persist.sys` after prepending the user's home-dir to the path.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
userModule = types.submodule ({ name, config, ... }: {
|
||||
options = userOptions.options // {
|
||||
default = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
only one default user may exist.
|
||||
this option determines what the `sane.user` shorthand evaluates to.
|
||||
'';
|
||||
};
|
||||
|
||||
home = mkOption {
|
||||
type = types.str;
|
||||
# XXX: we'd prefer to set this to `config.users.users.home`, but that causes infinite recursion...
|
||||
# TODO: maybe assert that this matches the actual home?
|
||||
default = "/home/${name}";
|
||||
};
|
||||
};
|
||||
|
||||
# if we're the default user, inherit whatever settings were routed to the default user
|
||||
config = mkIf config.default sane-user-cfg;
|
||||
});
|
||||
processUser = user: defn:
|
||||
let
|
||||
prefixWithHome = mapAttrs' (path: value: {
|
||||
name = path-lib.concat [ defn.home path ];
|
||||
inherit value;
|
||||
});
|
||||
in
|
||||
{
|
||||
sane.fs = prefixWithHome defn.fs;
|
||||
|
||||
# `byPath` is the actual output here, computed from the other keys.
|
||||
sane.persist.sys.byPath = prefixWithHome defn.persist.byPath;
|
||||
};
|
||||
in
|
||||
{
|
||||
options = {
|
||||
sane.users = mkOption {
|
||||
type = types.attrsOf userModule;
|
||||
default = {};
|
||||
description = ''
|
||||
options to apply to the given user.
|
||||
the user is expected to be created externally.
|
||||
configs applied at this level are simply transformed and then merged
|
||||
into the toplevel `sane` options. it's merely a shorthand.
|
||||
'';
|
||||
};
|
||||
|
||||
sane.user = mkOption {
|
||||
type = types.nullOr (types.submodule userOptions);
|
||||
default = null;
|
||||
description = ''
|
||||
options to pass down to the default user
|
||||
'';
|
||||
};
|
||||
};
|
||||
config =
|
||||
let
|
||||
configs = mapAttrsToList processUser cfg;
|
||||
num-default-users = count (u: u.default) (attrValues cfg);
|
||||
take = f: {
|
||||
sane.fs = f.sane.fs;
|
||||
sane.persist.sys.byPath = f.sane.persist.sys.byPath;
|
||||
};
|
||||
in mkMerge [
|
||||
(take (sane-lib.mkTypedMerge take configs))
|
||||
{
|
||||
assertions = [
|
||||
{
|
||||
assertion = sane-user-cfg == null || num-default-users != 0;
|
||||
message = "cannot set `sane.user` without first setting `sane.users.<user>.default = true` for some user";
|
||||
}
|
||||
{
|
||||
assertion = num-default-users <= 1;
|
||||
message = "cannot set more than one default user";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
22
nixpatches/2023-01-30-mesa-cma-leak.patch
Normal file
22
nixpatches/2023-01-30-mesa-cma-leak.patch
Normal file
@@ -0,0 +1,22 @@
|
||||
diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix
|
||||
index 56fa74e5c0c..3573bb0af49 100644
|
||||
--- a/pkgs/development/libraries/mesa/default.nix
|
||||
+++ b/pkgs/development/libraries/mesa/default.nix
|
||||
@@ -88,7 +88,7 @@
|
||||
let
|
||||
# Release calendar: https://www.mesa3d.org/release-calendar.html
|
||||
# Release frequency: https://www.mesa3d.org/releasing.html#schedule
|
||||
- version = "22.3.4";
|
||||
+ version = "22.3.2";
|
||||
branch = lib.versions.major version;
|
||||
|
||||
withLibdrm = lib.meta.availableOn stdenv.hostPlatform libdrm;
|
||||
@@ -120,7 +120,7 @@ self = stdenv.mkDerivation {
|
||||
"ftp://ftp.freedesktop.org/pub/mesa/${version}/mesa-${version}.tar.xz"
|
||||
"ftp://ftp.freedesktop.org/pub/mesa/older-versions/${branch}.x/${version}/mesa-${version}.tar.xz"
|
||||
];
|
||||
- sha256 = "37a1ddaf03f41919ee3c89c97cff41e87de96e00e9d3247959cc8279d8294593";
|
||||
+ sha256 = "c15df758a8795f53e57f2a228eb4593c22b16dffd9b38f83901f76cd9533140b";
|
||||
};
|
||||
|
||||
# TODO:
|
7
nixpatches/flake.lock
generated
7
nixpatches/flake.lock
generated
@@ -2,16 +2,15 @@
|
||||
"nodes": {
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1673163619,
|
||||
"narHash": "sha256-B33PFBL64ZgTWgMnhFL3jgheAN/DjHPsZ1Ih3z0VE5I=",
|
||||
"lastModified": 1675123384,
|
||||
"narHash": "sha256-RpU+kboEWlIYwbRMGIPBIcztH63CvmqWN1B8GpJogd4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "8c54d842d9544361aac5f5b212ba04e4089e8efe",
|
||||
"rev": "e0fa1ece2f3929726c9b98c539ad14b63ae8e4fd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-22.11",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
|
@@ -13,19 +13,12 @@
|
||||
hash = "sha256-IvsIcd2wPdz4b/7FMrDrcVlIZjFecCQ9uiL0Umprbx0=";
|
||||
})
|
||||
|
||||
# fix libreoffice build by: Revert "mdds: 2.0.3 -> 2.1.0"
|
||||
# merged 2023/01/25
|
||||
(fetchpatch {
|
||||
url = "https://github.com/NixOS/nixpkgs/pull/212583.diff";
|
||||
hash = "sha256-nkXgwQUtxYkJT2OzG6Jc72snizW5wHvR1nmh2KDnaPc=";
|
||||
})
|
||||
|
||||
# fix handbrake build by: handbrake: 1.5.1 -> 1.6.1
|
||||
# PR opened 2023/01/23
|
||||
(fetchpatch {
|
||||
# see alternate fix: <https://github.com/NixOS/nixpkgs/pull/211834>
|
||||
url = "https://github.com/NixOS/nixpkgs/pull/212306.diff";
|
||||
hash = "sha256-iQX2NaZaCzZVRlCM0pgXt0gecNwhXGeh3kXEiY38ZIM=";
|
||||
hash = "sha256-PnPzvJymafa+zjkauQW0LzFsJC7S+7D9JRszTE3in+w=";
|
||||
})
|
||||
|
||||
./2022-12-19-i2p-aarch64.patch
|
||||
@@ -34,6 +27,11 @@
|
||||
# allows to actually run signald
|
||||
./2023-01-25-signald-update.patch
|
||||
|
||||
# fix for CMA memory leak in mesa: <https://gitlab.freedesktop.org/mesa/mesa/-/issues/8198>
|
||||
# only necessary on aarch64.
|
||||
# it's a revert of nixpkgs commit dcf630c172df2a9ecaa47c77f868211e61ae8e52
|
||||
./2023-01-30-mesa-cma-leak.patch
|
||||
|
||||
# # kaiteki: init at 2022-09-03
|
||||
# vendorHash changes too frequently (might not be reproducible).
|
||||
# using local package defn until stabilized
|
||||
|
@@ -8,27 +8,16 @@
|
||||
# XXX: when invoked outside our flake (e.g. via NIX_PATH) there is no `next.stable`,
|
||||
# so just forward the unstable packages.
|
||||
inherit (next.stable or prev)
|
||||
# broken on 2023/01/14 via mtxclient dep, aarch64-only:
|
||||
# fixed on 2023/01/24?
|
||||
# error: builder for '/nix/store/gwidl0c9ksxjgx0dgwnjssix4ikq73v5-mtxclient-0.9.0.drv' failed with exit code 2;
|
||||
# last 10 log lines:
|
||||
# > make[2]: *** [CMakeFiles/matrix_client.dir/build.make:370: CMakeFiles/matrix_client.dir/lib/structs/events/encrypted.cpp.o] Error 1
|
||||
# > In file included from /build/source/include/mtxclient/crypto/client.hpp:17,
|
||||
# > from /build/source/lib/crypto/utils.cpp:17:
|
||||
# > /build/source/include/mtx/identifiers.hpp:12:10: fatal error: compare: No such file or directory
|
||||
# > 12 | #include <compare>
|
||||
# > | ^~~~~~~~~
|
||||
# > compilation terminated.
|
||||
# > make[2]: *** [CMakeFiles/matrix_client.dir/build.make:132: CMakeFiles/matrix_client.dir/lib/crypto/utils.cpp.o] Error 1
|
||||
# > make[1]: *** [CMakeFiles/Makefile2:83: CMakeFiles/matrix_client.dir/all] Error 2
|
||||
# > make: *** [Makefile:136: all] Error 2
|
||||
# For full logs, run 'nix log /nix/store/gwidl0c9ksxjgx0dgwnjssix4ikq73v5-mtxclient-0.9.0.drv'.
|
||||
# error: 1 dependencies of derivation '/nix/store/4i2d1qdh4x6n23h1jbcbhm8q9q2hch9a-nheko-0.11.0.drv' failed to build
|
||||
# error: 1 dependencies of derivation '/nix/store/k4f7k7cvjp8rb7clhlfq3yxgs6lbfmk7-home-manager-path.drv' failed to build
|
||||
# error: 1 dependencies of derivation '/nix/store/67d9k554188lh4ddl4ar6j74mpc3r4sv-home-manager-generation.drv' failed to build
|
||||
# error: 1 dependencies of derivation '/nix/store/5qjxzhsw1jvh2d7jypbcam9409ivb472-user-environment.drv' failed to build
|
||||
# error: 1 dependencies of derivation '/nix/store/hrb3qpdbisqh0lzlyz1g9g4164khmqwn-etc.drv' failed to build
|
||||
# error: 1 dependencies of derivation '/nix/store/ny21xyicbgim5wy7ksg2hibd9gn7i01b-nixos-system-moby-23.05pre-git.drv' failed to build
|
||||
# nheko
|
||||
;
|
||||
|
||||
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
|
||||
gjs = prev.gjs.overrideAttrs (_upstream: {
|
||||
doCheck = false;
|
||||
});
|
||||
libadwaita = prev.libadwaita.overrideAttrs (_upstream: {
|
||||
doCheck = false;
|
||||
});
|
||||
libsecret = prev.libsecret.overrideAttrs (_upstream: {
|
||||
doCheck = false;
|
||||
});
|
||||
})
|
||||
|
@@ -13,7 +13,7 @@ in
|
||||
(symlinkJoin {
|
||||
name = "gpodder-configured";
|
||||
paths = [ gpodder remove-extra ];
|
||||
buildInputs = [ makeWrapper ];
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
# gpodder keeps all its feeds in a sqlite3 database.
|
||||
# we can configure the feeds externally by wrapping gpodder and just instructing it to import
|
||||
|
Reference in New Issue
Block a user