colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: colin:wip/less-disable-flakey-tests
Branches Tags
colin:master colin:2025-03-02-pure colin:2025-02-23-nixpkgs-update colin:2025-02-17-nixpkgs-update-2 colin:2025-02-17-nixpkgs-update colin:2025-01-30-wip-blanket colin:2025-01-30-wip-sane-vpn-up-bind-fix colin:2024-12-29-bind colin:2024-12-26-nixpkgs-update colin:2024-09-25-ppp-kernel colin:2024-09-20-megapixels colin:2024-08-14-wip-sandbox-share colin:2024-08-12-wip-flatpak colin:2024-08-11-wip-firefox-xdg-open colin:wip-2024-08-01-nixpkgs-bump colin:wip-secure-mounts colin:wip-login-gocryptfs-rework2 colin:dev colin:save-geoclue-polkit-override colin:wip-doofnet colin:tx-to-desko colin:wip-nm-systemd-sandbox colin:test-nm-nixpkgs-refactor colin:wip-polyunfill-pam colin:wip-trust-dns colin:wip-mpv-sysvol colin:wip-s6-2 colin:wip-nix-fast-build colin:wg-dev colin:wip-mootube colin:wip-swaync-update colin:wip-sxmo-suspend colin:sxmo-sway-merge colin:dev-export colin:wip-proot3 colin:wip-emulate-builder3 colin:wip-emulate-builder2 colin:wip-emulate-builder colin:staging/nixpkgs-2023-07-29 colin:staging/nixpkgs-2023-07-25 colin:wip/koreader colin:staging/gtk-theme colin:staging/nixpkgs-2023-06-27 colin:staging/nixpkgs-2023-06-23 colin:staging/nixpkgs-2023-06-22 colin:wip/sxmo-as-pkg2 colin:wip/sxmo-as-pkg colin:staging/nixpkgs-2023-06-10 colin:staging/nixpkgs-2023-06-07 colin:staging/jellyfin-cross colin:staging/dns-refactor colin:staging/nixpkgs-2023-05-24 colin:staging/nixpkgs-2023-05-22 colin:staging/librewolf-ext colin:staging/nixpkgs-2023-05-14 colin:staging/nur colin:staging/nixpkgs-2023-04-28 colin:staging/nixpkgs-2023-04-24-staging-next colin:staging/nixpkgs-2023-04-19-staging-next colin:staging/nixpkgs-2023-04-11 colin:staging/nixpkgs-2023-04-08 colin:wip/less-disable-flakey-tests colin:staging/nixpkgs-next-2023-03-28 colin:staging/nixpkgs-next-2023-03-11 colin:staging/nixpkgs-2023-03-09 colin:staging/nixpkgs-2023-03-08 colin:staging/nixpkgs-2023-03-04 colin:staging/ccache colin:wip/ccache colin:staging/mesa-downgrade-10 colin:staging/mesa-downgrade-12 colin:staging/nixpkgs-2023-02-25 colin:staging/mesa-downgrade-9 colin:staging/mesa-downgrade-8 colin:staging/nixpkgs-2023-02-09 colin:staging/mesa-downgrade-7 colin:staging/mesa-downgrade-6 colin:staging/mesa-downgrade-5 colin:staging/mesa-downgrade-4 colin:staging/mesa-downgrade-3 colin:staging/mesa-downgrade-2 colin:staging/nixpkgs-2023-02-01 colin:staging/mesa-downgrade colin:wip/packages2 colin:wip/packages colin:archive/dovecot-sieve colin:historic/fix-handbrake colin:wip/sway3-dbg colin:wip/sway2 colin:wip/sway colin:staging/nixpkgs-2023-01-25 colin:staging/linux-6.2 colin:staging/nixpkgs-2023-01-23 colin:wip/hosts colin:staging/nixpkgs-2023-01-15 colin:wip/signal colin:wip/mx-signal colin:wip/flake-std-uri colin:stable colin:staging/master colin:wip/moby-kernel colin:wip/feeds3 colin:wip/feeds2 colin:wip/overlays colin:wip/feeds colin:staging/merge colin:staging/nixpkgs-2023-01-04 colin:staging/impermanence-stores colin:wip/impermanence-fs colin:staging/impermanence-encrypt2 colin:staging/impermanence-encrypt colin:staging/nixpkgs-2022-12-22 colin:staging/nixpkgs-2022-12-18 colin:staging/nixpkgs-2022-12-02 colin:staging/moby-6.1.0-rc7 colin:staging/nixpkgs-2022-11-27 colin:ryzen-servo colin:staging/nixpkgs-2022-11-21 colin:staging/nixpkgs-2022-11-09 colin:staging/lightdm-mobile-upstream colin:staging/nixpkgs-2022-10-31 colin:stacking/nixpkgs-2022-10-30 colin:staging/nixpkgs-2022-10-29 colin:wip/tokodon colin:staging/pleroma-update colin:staging/nixpkgs-2022-10-22 colin:testing/munin colin:staging/nixpkgs-2022-10-20 colin:staging/phosh-lightdm colin:archive/2022-10-14-matrix-appservice-discord colin:staging/nixpkgs-2022-10-08 colin:wip/arm-flutter colin:staging/2022-10-08-flutter-update colin:staging/phosh-mobile-settings-2 colin:staging/phosh-mobile-settings colin:fork/alsa-pinephone-patch colin:wip.fluffychat.2022.09.20 colin:wip/fluffychat colin:wip-vulkan colin:wip-servoimg colin:wip-kaiteki
colin:test-tag
..
compare: colin:staging/mesa-downgrade-9
Branches Tags
colin:master colin:2025-03-02-pure colin:2025-02-23-nixpkgs-update colin:2025-02-17-nixpkgs-update-2 colin:2025-02-17-nixpkgs-update colin:2025-01-30-wip-blanket colin:2025-01-30-wip-sane-vpn-up-bind-fix colin:2024-12-29-bind colin:2024-12-26-nixpkgs-update colin:2024-09-25-ppp-kernel colin:2024-09-20-megapixels colin:2024-08-14-wip-sandbox-share colin:2024-08-12-wip-flatpak colin:2024-08-11-wip-firefox-xdg-open colin:wip-2024-08-01-nixpkgs-bump colin:wip-secure-mounts colin:wip-login-gocryptfs-rework2 colin:dev colin:save-geoclue-polkit-override colin:wip-doofnet colin:tx-to-desko colin:wip-nm-systemd-sandbox colin:test-nm-nixpkgs-refactor colin:wip-polyunfill-pam colin:wip-trust-dns colin:wip-mpv-sysvol colin:wip-s6-2 colin:wip-nix-fast-build colin:wg-dev colin:wip-mootube colin:wip-swaync-update colin:wip-sxmo-suspend colin:sxmo-sway-merge colin:dev-export colin:wip-proot3 colin:wip-emulate-builder3 colin:wip-emulate-builder2 colin:wip-emulate-builder colin:staging/nixpkgs-2023-07-29 colin:staging/nixpkgs-2023-07-25 colin:wip/koreader colin:staging/gtk-theme colin:staging/nixpkgs-2023-06-27 colin:staging/nixpkgs-2023-06-23 colin:staging/nixpkgs-2023-06-22 colin:wip/sxmo-as-pkg2 colin:wip/sxmo-as-pkg colin:staging/nixpkgs-2023-06-10 colin:staging/nixpkgs-2023-06-07 colin:staging/jellyfin-cross colin:staging/dns-refactor colin:staging/nixpkgs-2023-05-24 colin:staging/nixpkgs-2023-05-22 colin:staging/librewolf-ext colin:staging/nixpkgs-2023-05-14 colin:staging/nur colin:staging/nixpkgs-2023-04-28 colin:staging/nixpkgs-2023-04-24-staging-next colin:staging/nixpkgs-2023-04-19-staging-next colin:staging/nixpkgs-2023-04-11 colin:staging/nixpkgs-2023-04-08 colin:wip/less-disable-flakey-tests colin:staging/nixpkgs-next-2023-03-28 colin:staging/nixpkgs-next-2023-03-11 colin:staging/nixpkgs-2023-03-09 colin:staging/nixpkgs-2023-03-08 colin:staging/nixpkgs-2023-03-04 colin:staging/ccache colin:wip/ccache colin:staging/mesa-downgrade-10 colin:staging/mesa-downgrade-12 colin:staging/nixpkgs-2023-02-25 colin:staging/mesa-downgrade-9 colin:staging/mesa-downgrade-8 colin:staging/nixpkgs-2023-02-09 colin:staging/mesa-downgrade-7 colin:staging/mesa-downgrade-6 colin:staging/mesa-downgrade-5 colin:staging/mesa-downgrade-4 colin:staging/mesa-downgrade-3 colin:staging/mesa-downgrade-2 colin:staging/nixpkgs-2023-02-01 colin:staging/mesa-downgrade colin:wip/packages2 colin:wip/packages colin:archive/dovecot-sieve colin:historic/fix-handbrake colin:wip/sway3-dbg colin:wip/sway2 colin:wip/sway colin:staging/nixpkgs-2023-01-25 colin:staging/linux-6.2 colin:staging/nixpkgs-2023-01-23 colin:wip/hosts colin:staging/nixpkgs-2023-01-15 colin:wip/signal colin:wip/mx-signal colin:wip/flake-std-uri colin:stable colin:staging/master colin:wip/moby-kernel colin:wip/feeds3 colin:wip/feeds2 colin:wip/overlays colin:wip/feeds colin:staging/merge colin:staging/nixpkgs-2023-01-04 colin:staging/impermanence-stores colin:wip/impermanence-fs colin:staging/impermanence-encrypt2 colin:staging/impermanence-encrypt colin:staging/nixpkgs-2022-12-22 colin:staging/nixpkgs-2022-12-18 colin:staging/nixpkgs-2022-12-02 colin:staging/moby-6.1.0-rc7 colin:staging/nixpkgs-2022-11-27 colin:ryzen-servo colin:staging/nixpkgs-2022-11-21 colin:staging/nixpkgs-2022-11-09 colin:staging/lightdm-mobile-upstream colin:staging/nixpkgs-2022-10-31 colin:stacking/nixpkgs-2022-10-30 colin:staging/nixpkgs-2022-10-29 colin:wip/tokodon colin:staging/pleroma-update colin:staging/nixpkgs-2022-10-22 colin:testing/munin colin:staging/nixpkgs-2022-10-20 colin:staging/phosh-lightdm colin:archive/2022-10-14-matrix-appservice-discord colin:staging/nixpkgs-2022-10-08 colin:wip/arm-flutter colin:staging/2022-10-08-flutter-update colin:staging/phosh-mobile-settings-2 colin:staging/phosh-mobile-settings colin:fork/alsa-pinephone-patch colin:wip.fluffychat.2022.09.20 colin:wip/fluffychat colin:wip-vulkan colin:wip-servoimg colin:wip-kaiteki
colin:test-tag

27 Commits
wip/less-d ... staging/me

Author SHA1 Message Date
Colin
790adeee5f cross compilation: build webp-pixbuf-loader without emulation 2023-02-21 00:05:37 +00:00
Colin
72c6f34043 cross: compile appstream, colord without emulation 2023-02-20 20:24:37 +00:00
Colin
6108c12631 pins: disable failing python310Packages.ipython tests 2023-02-20 20:23:32 +00:00
Colin
ba93870b51 pins: disable failing python310Packages.pytest-xdist tests 2023-02-19 21:42:27 +00:00
Colin
a871d4eb3d WIP: reduce emulated cross pkgset; aborted x86-x86 cross compilation 2023-02-18 11:58:04 +00:00
Colin
567b20ddde moby: ship the full recommended guiApps again 2023-02-18 11:57:16 +00:00
Colin
556cb1a2d0 phosh: disable konsole. it drags in a large closure, especially qt stuff which doesn't cross compile well 2023-02-18 11:57:16 +00:00
Colin
f40427245f cross packages: full moby build can cross compile (except konsole is untested) 2023-02-18 11:57:16 +00:00
Colin
ce1ba59413 programs: split the guiApps category into slightly smaller bits 2023-02-18 11:57:16 +00:00
Colin
691a6ef045 moby: ship some of the base apps 2023-02-18 11:57:16 +00:00
Colin
2fc99d8b5a cross packages: cross compile more stuff 2023-02-18 11:57:16 +00:00
Colin
80de7248ed gpodder: fix makeWrapper to be a nativeBuildInput 2023-02-18 11:57:16 +00:00
Colin
2fd16348e1 phosh-mobile-settings: cross compile 2023-02-18 11:57:16 +00:00
Colin
fcc1cb20d5 cross packages: cross compile more gnome packages 2023-02-18 11:57:16 +00:00
Colin
10be547077 working moby cross compilation 2023-02-18 11:57:16 +00:00
Colin
db1c5d16b5 cross packages: get more things to build and further reduce the emulated closure 2023-02-18 11:57:16 +00:00
Colin
a52f3d723a cross packages: get more things to build and further reduce the emulated closure 2023-02-18 11:57:16 +00:00
Colin
5a09f7a89d cross packages: reduce the emulated package set 2023-02-18 11:57:16 +00:00
Colin
f979dff5aa phosh: disable gvfs service 2023-02-18 11:57:16 +00:00
Colin
fd015f61b7 phosh: enable fewer gnome services/packages 2023-02-18 11:57:16 +00:00
Colin
7e5d86f931 programs: re-enable cdrtools, fwupd; disable duplicity/backblaze 2023-02-18 11:57:16 +00:00
Colin
b920b4713c tune emulated package set (e.g. only emulate one of gvfs' deps; not the WHOLE thing 2023-02-18 11:57:16 +00:00
Colin
7e58e39a5f WIP: moby: partially working cross compilation for phosh w/o apps (webkitgtk build OOMs) 2023-02-18 11:57:16 +00:00
Colin
98de5043cf moby: get working cross compilation for the base image (i.e. no GUI) 2023-02-18 11:57:16 +00:00
Colin
cda319b07a WIP: moby-cross: is cross-by-default instead of opt-in 2023-02-18 11:57:16 +00:00
Colin
0a0640cc43 gjs, libadwaita, libsecret: skip flakey check phase 2023-02-18 11:57:16 +00:00
Colin
035c4d65f8 mesa: downgrade from 22.3.4 -> 22.3.2 to address a memory leak 2023-02-18 11:57:14 +00:00
86 changed files with 1579 additions and 3760 deletions
Expand all files Collapse all files

84
flake.lock generated
View File

@@ -2,11 +2,11 @@
"nodes": {
"flake-utils": {
"locked": {
"lastModified": 1678901627,
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
@@ -18,11 +18,11 @@
"mobile-nixos": {
"flake": false,
"locked": {
"lastModified": 1679516998,
"narHash": "sha256-w4baQlS84X8Lf0E5RN0nGkx03luDuV1X0+jWMAXm6fs=",
"lastModified": 1676240485,
"narHash": "sha256-bef1Zrfpo9cxaf19QhqfTwaagpeoNc08sc8OjYDjSnQ=",
"owner": "nixos",
"repo": "mobile-nixos",
"rev": "7a6e97e3af73c4cca87e12c83abcb4913dac7dbc",
"rev": "8701fcb1448f1eb67c0d47631ec2bdb613bd6a38",
"type": "github"
},
"original": {
@@ -31,46 +31,30 @@
"type": "github"
}
},
"nix-serve": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1678202930,
"narHash": "sha256-SF82/tTnagdazlETJLzXD9kjZ6lyk38agdLbmMx1UZE=",
"owner": "edolstra",
"repo": "nix-serve",
"rev": "3b6d30016d910a43e0e16f94170440a3e0b8fa8d",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "nix-serve",
"type": "github"
}
},
"nixpkgs": {
"inputs": {
"nixpkgs": [
"nixpkgs-unpatched"
]
},
"locked": {
"lastModified": 1606086654,
"narHash": "sha256-VFl+3eGIMqNp7cyOMJ6TjM/+UcsLKtodKoYexrlTJMI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "19db3e5ea2777daa874563b5986288151f502e27",
"type": "github"
"lastModified": 1,
"narHash": "sha256-AJlQHunLsnhZ8LdYirwIcqD1iojYJEQAdxGfJn9siPs=",
"path": "/nix/store/7s2pgwqd5ch6n53mh2v8hw7d1zp1r654-source/nixpatches",
"type": "path"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-20.09",
"type": "indirect"
"path": "/nix/store/7s2pgwqd5ch6n53mh2v8hw7d1zp1r654-source/nixpatches",
"type": "path"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1680390120,
"narHash": "sha256-RyDJcG/7mfimadlo8vO0QjW22mvYH1+cCqMuigUntr8=",
"lastModified": 1676162277,
"narHash": "sha256-GK3cnvKNo1l0skGYXXiLJ/TLqdKyIYXd7jOlo0gN+Qw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c1e2efaca8d8a3db6a36f652765d6c6ba7bb8fae",
"rev": "d863ca850a06d91365c01620dcac342574ecf46f",
"type": "github"
},
"original": {
@@ -82,16 +66,16 @@
},
"nixpkgs-unpatched": {
"locked": {
"lastModified": 1680415272,
"narHash": "sha256-S2J9n+sSeAAdXWHrz/s9pyS5fhbQilfNqYrs6RCUyN8=",
"lastModified": 1676569297,
"narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "66f60deb8aa348ca81d60d0639ae420c667ff92a",
"rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "staging-next",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
@@ -99,7 +83,7 @@
"root": {
"inputs": {
"mobile-nixos": "mobile-nixos",
"nix-serve": "nix-serve",
"nixpkgs": "nixpkgs",
"nixpkgs-unpatched": "nixpkgs-unpatched",
"sops-nix": "sops-nix",
"uninsane-dot-org": "uninsane-dot-org"
@@ -108,16 +92,16 @@
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs-unpatched"
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1680404136,
"narHash": "sha256-06D8HJmRv4DdpEQGblMhx2Vm81SBWM61XBBIx7QQfo0=",
"lastModified": 1676171095,
"narHash": "sha256-2laeSjBAAJ9e/C3uTIPb287iX8qeVLtWiilw1uxqG+A=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "b93eb910f768f9788737bfed596a598557e5625d",
"rev": "c5dab21d8706afc7ceb05c23d4244dcb48d6aade",
"type": "github"
},
"original": {
@@ -130,15 +114,15 @@
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs-unpatched"
"nixpkgs"
]
},
"locked": {
"lastModified": 1680086409,
"narHash": "sha256-Q2QcVgKvTj/LLuZX9dP8ImySWD5sTn8DDI5+EggRn2c=",
"lastModified": 1675131883,
"narHash": "sha256-yBgJDG72YqIr1bltasqHD1E/kHc9uRFgDjxDmy6kI8M=",
"ref": "refs/heads/master",
"rev": "068f176a64f0e26dc8c1f0eccf28cbd05be4909b",
"revCount": 182,
"rev": "b099c24091cc192abf3997b94342d4b31cc5757b",
"revCount": 170,
"type": "git",
"url": "https://git.uninsane.org/colin/uninsane"
},

178
flake.nix
View File

@@ -12,11 +12,6 @@
# - Flake RFC: <https://github.com/tweag/rfcs/blob/flakes/rfcs/0049-flakes.md>
# - Discussion: <https://github.com/NixOS/rfcs/pull/49>
# - <https://serokell.io/blog/practical-nix-flakes>
#
#
# COMMON OPERATIONS:
# - update a specific flake input:
# - `nix flake lock --update-input nixpkgs`
{
# XXX: use the `github:` scheme instead of the more readable git+https: because it's *way* more efficient
@@ -27,14 +22,11 @@
# nixpkgs-stable.url = "github:nixos/nixpkgs?ref=nixos-22.11";
# <https://github.com/nixos/nixpkgs/tree/nixos-unstable>
# nixpkgs-unpatched.url = "github:nixos/nixpkgs?ref=nixos-unstable";
nixpkgs-unpatched.url = "github:nixos/nixpkgs?ref=staging-next";
# nixpkgs = {
# url = "./nixpatches";
# inputs.nixpkgs.follows = "nixpkgs-unpatched";
# };
nixpkgs-unpatched.url = "github:nixos/nixpkgs?ref=nixos-unstable";
nixpkgs = {
url = "./nixpatches";
inputs.nixpkgs.follows = "nixpkgs-unpatched";
};
mobile-nixos = {
# <https://github.com/nixos/mobile-nixos>
url = "github:nixos/mobile-nixos";
@@ -43,43 +35,24 @@
sops-nix = {
# <https://github.com/Mic92/sops-nix>
url = "github:Mic92/sops-nix";
# inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs-unpatched";
inputs.nixpkgs.follows = "nixpkgs";
};
uninsane-dot-org = {
url = "git+https://git.uninsane.org/colin/uninsane";
# inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs-unpatched";
};
nix-serve = {
# <https://github.com/edolstra/nix-serve>
url = "github:edolstra/nix-serve";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
self,
nixpkgs,
nixpkgs-unpatched,
mobile-nixos,
sops-nix,
uninsane-dot-org,
nix-serve,
...
}@inputs:
let
inherit (builtins) attrNames elem listToAttrs map mapAttrs;
mapAttrs' = f: set:
listToAttrs (map (attr: f attr set.${attr}) (attrNames set));
# mapAttrs but without the `name` argument
mapAttrValues = f: mapAttrs (_: f);
# rather than apply our nixpkgs patches as a flake input, do that here instead.
# this (temporarily?) resolves the bad UX wherein a subflake residing in the same git
# repo as the main flake causes the main flake to have an unstable hash.
nixpkgs = (import ./nixpatches/flake.nix).outputs {
self = nixpkgs;
nixpkgs = nixpkgs-unpatched;
};
nixpkgsCompiledBy = local: nixpkgs.legacyPackages."${local}";
evalHost = { name, local, target }:
@@ -92,58 +65,40 @@
nixosSystem = import ((nixpkgsCompiledBy target).path + "/nixos/lib/eval-config.nix");
in
(nixosSystem {
# we use pkgs built for and *by* the target, i.e. emulation, by default.
# cross compilation only happens on explicit access to `pkgs.cross`
# system = target;
# localSystem = local;
# crossSystem = target;
modules = [
(import ./hosts/instantiate.nix { localSystem = local; hostName = name; })
self.nixosModules.default
self.nixosModules.passthru
{
nixpkgs.overlays = [
self.overlays.disable-flakey-tests
self.overlays.default
self.overlays.passthru
self.overlays.pins
self.overlays.pkgs
# self.overlays.optimizations
];
# nixpkgs.crossSystem = target;
nixpkgs.hostPlatform = target;
# nixpkgs.buildPlatform = local; # set by instantiate.nix instead
# nixpkgs.config.replaceStdenv = { pkgs }: pkgs.ccacheStdenv;
nixpkgs.buildPlatform = local;
}
];
});
in {
nixosConfigurations =
let
hosts = {
servo = { name = "servo"; local = "x86_64-linux"; target = "x86_64-linux"; };
desko = { name = "desko"; local = "x86_64-linux"; target = "x86_64-linux"; };
lappy = { name = "lappy"; local = "x86_64-linux"; target = "x86_64-linux"; };
moby = { name = "moby"; local = "x86_64-linux"; target = "aarch64-linux"; };
rescue = { name = "rescue"; local = "x86_64-linux"; target = "x86_64-linux"; };
};
# cross-compiled builds: instead of emulating the host, build using a cross-compiler.
# - these are faster to *build* than the emulated variants (useful when tweaking packages),
# - but fewer of their packages can be found in upstream caches.
cross = mapAttrValues evalHost hosts;
emulated = mapAttrValues
({name, local, target}: evalHost {
inherit name target;
local = null;
})
hosts;
prefixAttrs = prefix: attrs: mapAttrs'
(name: value: {
name = prefix + name;
inherit value;
})
attrs;
in
(prefixAttrs "cross-" cross) //
(prefixAttrs "emulated-" emulated) // {
# prefer native builds for these machines:
inherit (emulated) servo desko lappy rescue;
# prefer cross-compiled builds for these machines:
inherit (cross) moby;
};
nixosConfigurations = {
servo = evalHost { name = "servo"; local = "x86_64-linux"; target = "x86_64-linux"; };
desko = evalHost { name = "desko"; local = "x86_64-linux"; target = "x86_64-linux"; };
lappy = evalHost { name = "lappy"; local = "x86_64-linux"; target = "x86_64-linux"; };
moby = evalHost { name = "moby"; local = "aarch64-linux"; target = "aarch64-linux"; };
# special cross-compiled variant, to speed up deploys from an x86 box to the arm target
# note that these *do* produce different store paths, because the closure for the tools used to cross compile
# v.s. emulate differ.
# so deploying foo-cross and then foo incurs some rebuilding.
moby-cross = evalHost { name = "moby"; local = "x86_64-linux"; target = "aarch64-linux"; };
rescue = evalHost { name = "rescue"; local = "x86_64-linux"; target = "x86_64-linux"; };
};
# unofficial output
# this produces a EFI-bootable .img file (GPT with a /boot partition and a system (/ or /nix) partition).
@@ -159,42 +114,27 @@
# - if fs wasn't resized automatically, then `sudo btrfs filesystem resize max /`
# - checkout this flake into /etc/nixos AND UPDATE THE FS UUIDS.
# - `nixos-rebuild --flake './#<host>' switch`
imgs = mapAttrValues (host: host.config.system.build.img) self.nixosConfigurations;
imgs = builtins.mapAttrs (_: host-dfn: host-dfn.config.system.build.img) self.nixosConfigurations;
# unofficial output
host-pkgs = mapAttrValues (host: host.config.system.build.pkgs) self.nixosConfigurations;
host-pkgs = builtins.mapAttrs (_: host-dfn: host-dfn.config.system.build.pkgs) self.nixosConfigurations;
overlays = {
# N.B.: `nix flake check` requires every overlay to take `final: prev:` at defn site,
# hence the weird redundancy.
default = final: prev: self.overlays.pkgs final prev;
disable-flakey-tests = final: prev: import ./overlays/disable-flakey-tests.nix final prev;
pkgs = final: prev: import ./overlays/pkgs.nix final prev;
pins = final: prev: import ./overlays/pins.nix final prev;
optimizations = final: prev: import ./overlays/optimizations.nix final prev;
passthru = final: prev:
overlays = rec {
default = pkgs;
pkgs = import ./overlays/pkgs.nix;
pins = import ./overlays/pins.nix; # TODO: move to `nixpatches/` input
passthru =
let
stable =
if inputs ? "nixpkgs-stable" then (
final': prev': {
stable = inputs.nixpkgs-stable.legacyPackages."${prev'.stdenv.hostPlatform.system}";
next: prev: {
stable = inputs.nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform.system}";
}
) else (final': prev': {});
) else (next: prev: {});
mobile = (import "${mobile-nixos}/overlay/overlay.nix");
uninsane = uninsane-dot-org.overlay;
# nix-serve' = nix-serve.overlay;
nix-serve' = next: prev: {
# XXX(2023/03/02): upstream isn't compatible with modern `nix`. probably the perl bindings.
# - we use the package built against `nixpkgs` specified in its flake rather than use its overlay,
# to get around this.
inherit (nix-serve.packages."${next.system}") nix-serve;
};
in
(stable final prev)
// (mobile final prev)
// (uninsane final prev)
// (nix-serve' final prev)
;
next: prev:
(stable next prev) // (mobile next prev) // (uninsane next prev);
};
nixosModules = rec {
@@ -218,33 +158,14 @@
aarch64-linux = allPkgsFor "aarch64-linux";
};
# extract only our own packages from the full set.
# because of `nix flake check`, we flatten the package set and only surface x86_64-linux packages.
packages = mapAttrs
(system: allPkgs:
allPkgs.lib.filterAttrs (name: pkg:
# keep only packages which will pass `nix flake check`, i.e. keep only:
# - derivations (not package sets)
# - packages that build for the given platform
(! elem name [ "feeds" "pythonPackagesExtensions" ])
&& (allPkgs.lib.meta.availableOn allPkgs.stdenv.hostPlatform pkg)
)
(allPkgs.sane // {
inherit (allPkgs) uninsane-dot-org;
})
)
# self.legacyPackages;
{ inherit (self.legacyPackages) x86_64-linux; }
;
# extract only our own packages from the full set
packages = builtins.mapAttrs
(_: full: full.sane // { inherit (full) sane uninsane-dot-org; })
self.legacyPackages;
apps."x86_64-linux" =
let
pkgs = self.legacyPackages."x86_64-linux";
deployScript = action: pkgs.writeShellScript "deploy-moby" ''
nixos-rebuild --flake '.#cross-moby' build
sudo nix sign-paths -r -k /run/secrets/nix_serve_privkey $(readlink ./result)
nixos-rebuild --flake '.#cross-moby' ${action} --target-host colin@moby --use-remote-sudo
'';
in {
update-feeds = {
type = "app";
@@ -256,17 +177,6 @@
type = "app";
program = "${pkgs.feeds.passthru.initFeedScript}";
};
deploy-moby-test = {
# `nix run '.#deploy-moby-test'`
type = "app";
program = ''${deployScript "test"}'';
};
deploy-moby-switch = {
# `nix run '.#deploy-moby-switch'`
type = "app";
program = ''${deployScript "switch"}'';
};
};
templates = {

6
hosts/by-name/desko/default.nix
View File

@@ -4,15 +4,15 @@
./fs.nix
];
sane.roles.build-machine.enable = true;
sane.roles.client = true;
sane.services.wg-home.enable = true;
sane.services.wg-home.ip = config.sane.hosts.by-name."desko".wg-home.ip;
sane.services.duplicity.enable = true;
sane.services.nixserve.enable = true;
sane.services.nixserve.sopsFile = ../../../secrets/desko.yaml;
sane.persist.enable = true;
sane.gui.sway.enable = true;
sane.programs.iphoneUtils.enableFor.user.colin = true;
sane.programs.guiApps.suggestedPrograms = [ "desktopGuiApps" ];
@@ -49,7 +49,7 @@
};
programs.steam = {
enable = true;
# enable = true;
# not sure if needed: stole this whole snippet from the wiki
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server

9
hosts/by-name/lappy/default.nix
View File

@@ -4,21 +4,18 @@
./fs.nix
];
sane.yggdrasil.enable = true;
sane.roles.client = true;
sane.services.wg-home.enable = true;
sane.services.wg-home.ip = config.sane.hosts.by-name."lappy".wg-home.ip;
# sane.guest.enable = true;
sane.gui.sway.enable = true;
sane.persist.enable = true;
sane.nixcache.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
sane.image.extraBootFiles = [ pkgs.bootpart-uefi-x86_64 ];
sane.programs.guiApps.suggestedPrograms = [
"desktopGuiApps"
"stepmania"
];
sane.programs.guiApps.suggestedPrograms = [ "desktopGuiApps" ];
sops.secrets.colin-passwd = {
sopsFile = ../../../secrets/lappy.yaml;

13
hosts/by-name/moby/default.nix
View File

@@ -10,6 +10,13 @@
sane.services.wg-home.enable = true;
sane.services.wg-home.ip = config.sane.hosts.by-name."moby".wg-home.ip;
# cross-compiled documentation is *slow*.
# no obvious way to natively compile docs (2022/09/29).
# entrypoint is nixos/modules/misc/documentation.nix
# doc building happens in nixos/doc/manual/default.nix
# TODO: we could *maybe* inject pkgs.buildPackages.xyz = cross.buildPackages.xyz?
documentation.nixos.enable = false;
# XXX colin: phosh doesn't work well with passwordless login,
# so set this more reliable default password should anything go wrong
users.users.colin.initialPassword = "147147";
@@ -34,11 +41,9 @@
".config/pulse" # persist pulseaudio volume
];
sane.nixcache.enable = true;
sane.persist.enable = true;
sane.gui.phosh.enable = true;
# sane.programs.consoleUtils.enableFor.user.colin = false;
# sane.programs.guiApps.enableFor.user.colin = false;
sane.programs.sequoia.enableFor.user.colin = false;
sane.programs.tuiApps.enableFor.user.colin = false; # visidata, others, don't compile well
boot.loader.efi.canTouchEfiVariables = false;
# /boot space is at a premium. default was 20.

4
hosts/by-name/rescue/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }:
{ config, pkgs, ... }:
{
imports = [
./fs.nix
@@ -7,8 +7,6 @@
boot.loader.generic-extlinux-compatible.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
sane.image.extraBootFiles = [ pkgs.bootpart-uefi-x86_64 ];
# sane.persist.enable = false; # TODO: disable (but run `nix flake check` to ensure it works!)
sane.nixcache.enable = false; # don't want to be calling out to dead machines that we're *trying* to rescue
# docs: https://nixos.org/manual/nixos/stable/options.html#opt-system.stateVersion
system.stateVersion = "21.05";

4
hosts/by-name/servo/default.nix
View File

@@ -15,9 +15,7 @@
signaldctl.enableFor.user.colin = true;
};
sane.roles.build-machine.enable = true;
sane.roles.build-machine.emulation = false;
sane.zsh.showDeadlines = false; # ~/knowledge doesn't always exist
sane.persist.enable = true;
sane.services.dyn-dns.enable = true;
sane.services.wg-home.enable = true;
sane.services.wg-home.ip = config.sane.hosts.by-name."servo".wg-home.ip;

1
hosts/by-name/servo/secrets.nix
View File

@@ -25,7 +25,6 @@
};
sops.secrets."mautrix_signal_env" = {
sopsFile = ../../../secrets/servo/mautrix_signal_env.bin;
format = "binary";
};
sops.secrets."mediawiki_pw" = {

4
hosts/by-name/servo/services/ejabberd.nix
View File

@@ -38,11 +38,11 @@
];
networking.firewall.allowedTCPPortRanges = [{
from = 49152; # TURN
to = 49408;
to = 65535;
}];
networking.firewall.allowedUDPPortRanges = [{
from = 49152; # TURN
to = 49408;
to = 65535;
}];
# provide access to certs

59
hosts/by-name/servo/services/jellyfin.nix
View File

@@ -1,63 +1,16 @@
# configuration options (today i don't store my config in nix):
#
# - jellyfin-web can be statically configured (result/share/jellyfin-web/config.json)
# - <https://jellyfin.org/docs/general/clients/web-config>
# - configure server list, plugins, "menuLinks", colors
#
# - jellfyin server is configured in /var/lib/jellfin/
# - root/default/<LibraryType>/
# - <LibraryName>.mblink: contains the directory name where this library lives
# - options.xml: contains preferences which were defined in the web UI during import
# - e.g. `EnablePhotos`, `EnableChapterImageExtraction`, etc.
# - config/encoding.xml: transcoder settings
# - config/system.xml: misc preferences like log file duration, audiobook resume settings, etc.
# - data/jellyfin.db: maybe account definitions? internal state?
{ config, lib, ... }:
# TODO: re-enable after migrating media dir to /var/lib/uninsane/media
# else it's too spammy
lib.mkIf false
{
# identical to:
# services.jellyfin.openFirewall = true;
networking.firewall.allowedUDPPorts = [
# https://jellyfin.org/docs/general/networking/index.html
1900 # UPnP service discovery
7359 # Jellyfin-specific (?) client discovery
];
networking.firewall.allowedTCPPorts = [
8096 # HTTP (for the LAN)
8920 # HTTPS (for the LAN)
1900 7359 # DLNA: https://jellyfin.org/docs/general/networking/index.html
];
sane.persist.sys.plaintext = [
{ user = "jellyfin"; group = "jellyfin"; mode = "0700"; directory = "/var/lib/jellyfin"; }
# TODO: mode? could be more granular
{ user = "jellyfin"; group = "jellyfin"; directory = "/var/lib/jellyfin"; }
];
sane.fs."/var/lib/jellyfin/config/logging.json" = {
# "Emby.Dlna" logging: <https://jellyfin.org/docs/general/networking/dlna>
symlink.text = ''
{
"Serilog": {
"MinimumLevel": {
"Default": "Information",
"Override": {
"Microsoft": "Warning",
"System": "Warning",
"Emby.Dlna": "Debug",
"Emby.Dlna.Eventing": "Debug"
}
},
"WriteTo": [
{
"Name": "Console",
"Args": {
"outputTemplate": "[{Timestamp:HH:mm:ss}] [{Level:u3}] [{ThreadId}] {SourceContext}: {Message:lj}{NewLine}{Exception}"
}
}
],
"Enrich": [ "FromLogContext", "WithThreadId" ]
}
}
'';
wantedBeforeBy = [ "jellyfin.service" ];
};
# Jellyfin multimedia server
# this is mostly taken from the official jellfin.org docs

6
hosts/by-name/servo/services/matrix/default.nix
View File

@@ -6,10 +6,12 @@
imports = [
./discord-puppet.nix
# ./irc.nix
# TODO(2023/03/10): disabled because it's not bridging and mautrix_signal is hogging CPU
# ./signal.nix
./signal.nix
];
# allow synapse to read the registration files of its appservices
users.users.matrix-synapse.extraGroups = [ "mautrix-signal" ];
sane.persist.sys.plaintext = [
{ user = "matrix-synapse"; group = "matrix-synapse"; directory = "/var/lib/matrix-synapse"; }
];

4
hosts/by-name/servo/services/matrix/signal.nix
View File

@@ -7,9 +7,6 @@
{ user = "signald"; group = "signald"; directory = "/var/lib/signald"; }
];
# allow synapse to read the registration file
users.users.matrix-synapse.extraGroups = [ "mautrix-signal" ];
services.signald.enable = true;
services.mautrix-signal.enable = true;
services.mautrix-signal.environmentFile =
@@ -30,6 +27,7 @@
};
sops.secrets."mautrix_signal_env" = {
format = "binary";
mode = "0440";
owner = config.users.users.mautrix-signal.name;
group = config.users.users.matrix-synapse.name;

9
hosts/by-name/servo/services/postfix.nix
View File

@@ -30,14 +30,11 @@ in
];
networking.firewall.allowedTCPPorts = [
# exposed over non-vpn imap.uninsane.org
143 # IMAP
993 # IMAPS
# exposed over vpn mx.uninsane.org
25 # SMTP
143 # IMAP
465 # SMTPS
587 # SMTPS/submission
993 # IMAPS
];
# exists only to manage certs for dovecot
@@ -65,7 +62,7 @@ in
# DKIM public key:
TXT."mx._domainkey" =
"v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkSyMufc2KrRx3j17e/LyB+3eYSBRuEFT8PUka8EDX04QzCwDPdkwgnj3GNDvnB5Ktb05Cf2SJ/S1OLqNsINxJRWtkVfZd/C339KNh9wrukMKRKNELL9HLUw0bczOI4gKKFqyrRE9qm+4csCMAR79Te9FCjGV/jVnrkLdPT0GtFwIDAQAB"
"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkSyMufc2KrRx3j17e/LyB+3eYSBRuEFT8PUka8EDX04QzCwDPdkwgnj3GNDvnB5Ktb05Cf2SJ/S1OLqNsINxJRWtkVfZd/C339KNh9wrukMKRKNELL9HLUw0bczOI4gKKFqyrRE9qm+4csCMAR79Te9FCjGV/jVnrkLdPT0GtFwIDAQAB"
;
# DMARC fields <https://datatracker.ietf.org/doc/html/rfc7489>:

2
hosts/by-name/servo/services/trust-dns.nix
View File

@@ -6,7 +6,7 @@
sane.services.trust-dns.listenAddrsIPv4 = [
# specify each address explicitly, instead of using "*".
# this ensures responses are sent from the address at which the request was received.
config.sane.hosts.by-name."servo".lan-ip
"192.168.0.5"
"10.0.1.5"
];
sane.services.trust-dns.quiet = true;

996
hosts/common/cross.nix Normal file
View File

@@ -0,0 +1,996 @@
# cross compiling
# - for edge-casey things, see in nixpkgs:
# - `git show da9a9a440415b236f22f57ba67a24ab3fb53f595`
# - e.g. `mesonEmulatorHook`, `depsBuildBuild`, `python3.pythonForBuild`
# - <doc/stdenv/cross-compilation.chapter.md>
# - e.g. `makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];`
#
# build a particular package as evaluated here with:
# - toplevel: `nix build '.#host-pkgs.moby-cross.xdg-utils'`
# - scoped: `nix build '.#host-pkgs.moby-cross.gnome.mutter'`
# - python: `nix build '.#host-pkgs.moby-cross.python310Packages.pandas'`
# - perl: `nix build '.#host-pkgs.moby-cross.perl536Packages.ModuleBuild'`
# - qt: `nix build '.#host-pkgs.moby-cross.qt5.qtbase'`
# - qt: `nix build '.#host-pkgs.moby-cross.libsForQt5.phonon'`
# most of these can be built in a nixpkgs source root like:
# - `nix build '.#pkgsCross.aarch64-multiplatform.xdg-utils'`
# - `nix build '.#pkgsCross.gnu64.xdg-utils'` # for x86_64-linux
#
# tracking issues, PRs:
# - libuv tests fail: <https://github.com/NixOS/nixpkgs/issues/190807>
# - last checked: 2023-02-07
# - opened: 2022-09-11
# - perl Module Build broken: <https://github.com/NixOS/nixpkgs/issues/66741>
# - last checked: 2023-02-07
# - opened: 2019-08
# - ModuleBuild needs access to `Scalar/Utils.pm`, which doesn't *seem* to exist in the cross builds
# - this can be fixed by adding `nativeBuildInputs = [ perl ]` to it
# - alternatively, there's some "stubbing" method mentioned in <pkgs/development/interpreters/perl/default.nix>
# - stubbing documented at bottom: <nixpkgs:doc/languages-frameworks/perl.section.md>
#
# - perl536Packages.Testutf8 fails to cross: <https://github.com/NixOS/nixpkgs/issues/198548>
# - last checked: 2023-02-07
# - opened: 2022-10
# - python310Packages.psycopg2: <https://github.com/NixOS/nixpkgs/issues/210265>
# - last checked: 2023-02-06
# - i have a potential fix:
# """
# i was able to just add `postgresql` to the `buildInputs` (so that it's in both `buildInputs` and `nativeBuildInputs`):
# it fixed the build for `pkgsCross.aarch64-multiplatform.python310Packages.psycopg2` but not for `armv7l-hf-multiplatform` that this issue description calls out.
#
# also i haven't deployed it yet to make sure this doesn't cause anything funky at runtime though.
# """
# TODO:
# - ??.llvmPackages_14.llvm: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/MCJITMultipleModuleTest.two_module_global_variables_case (43769 of 46988)"
# - nix log /nix/store/ib2yw6sajnhlmibxkrn7lj7chllbr85h-llvm-14.0.6.drv
# - wanted by clang-11-12-LLVMgold-path, compiler-rt-libc-12.0.1, clang-wrapper-12.0.1
# - ?..llvmPackages_12.llvm: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/MCJITTest.return_global (2857 of 42084)"
# - nix log /nix/store/6vydavlxh1gvs0vmrkcx9qp67g3h7kcz-llvm-12.0.1.drv
# - wanted by sequoia, rav1e, rustc-1.66.1
# - `host-pkgs.desko.stdenv` fails build:
# - #cross-compiling:nixos.org says pkgsCross.gnu64 IS KNOWN TO NOT COMPILE. let this go for now:
# - make a `<machine>` (don't specifiy local/targetSystem) and `<machine>-cross` target.
# - `desko-cross` will be broken but `desko` can work
# - see <nixpkgs:pkgs/stdenv/linux/default.nix>
# - disallowedRequisites = [ bootstrapTools.out ];
# """
# error: output '/nix/store/w2vgzyvs2jzf7yr6qqqrjbvrqxxmhwy0-stdenv-linux' is not allowed to refer to the following paths:
# /nix/store/2qbgchkjj1hqi1c8raznwml94pkm3k7q-libunistring-1.0
# /nix/store/4j425ybkjxcdj89352l5gpdl3nmxq4zn-libidn2-2.3.2
# /nix/store/c35hf8g5b9vksadym9dbjrd6p2y11m8h-glibc-2.35-224
# /nix/store/qbgfsaviwqi2p6jr7an1g2754sv3xqhn-gcc-11.3.0-lib
# """
# - rg doesn't reveal any such references in the output though...
# - nor references to bootstrapTools
# - HOWEVER, IT DOES CONTAIN A REFERENCE TO THE PREVIOUS STAGE'S BASH:
# - /nix/store/w2vgzyvs2jzf7yr6qqqrjbvrqxxmhwy0-stdenv-linux/setup
# - export SHELL=/nix/store/qqa28hmysc23yy081d178jfd9a1yk8aw-bash-5.2-p15/bin/bash
# - not clear if that matters? but maybe it reaches bootstrapTools transitively?
# - yeah: that bash specifies the above `glibc` as its loader
# - so we probably can't `inherit` the emulated bash like that.
# - try building `.#host-pkgs.desko.stdenv.shellPackage` or `.#host-pkgs.desko.stdenv.bootstrapTools`
# - `file result/bin/bash` does show that it uses the interpreter for the glibc, above
{ config, lib, pkgs, ... }:
let
# these are the overlays which we *also* pass through to the cross and emulated package sets.
# TODO: refactor to not specify same overlay in multiple places (here and flake.nix).
overlays = [
(import ./../../overlays/pkgs.nix)
(import ./../../overlays/pins.nix)
];
mkCrossFrom = localSystem: pkgs:
import pkgs.path {
inherit localSystem; # localSystem is equivalent to buildPlatform
crossSystem = pkgs.stdenv.hostPlatform.system;
inherit (config.nixpkgs) config;
inherit overlays;
};
mkEmulated = pkgs:
import pkgs.path {
# system = pkgs.stdenv.hostPlatform.system;
localSystem = pkgs.stdenv.hostPlatform.system;
inherit (config.nixpkgs) config;
inherit overlays;
};
in
{
# options = {
# perlPackageOverrides = lib.mkOption {
# };
# };
config = {
# the configuration of which specific package set `pkgs.cross` refers to happens elsewhere;
# here we just define them all.
nixpkgs.config.perlPackageOverrides = pkgs: (with pkgs; with pkgs.perlPackages; {
# these are the upstream nixpkgs perl modules, but with `nativeBuildInputs = [ perl ]`
# to fix cross compilation errors
ModuleBuild = buildPerlPackage {
pname = "Module-Build";
version = "0.4231";
src = fetchurl {
url = "mirror://cpan/authors/id/L/LE/LEONT/Module-Build-0.4231.tar.gz";
hash = "sha256-fg9MaSwXQMGshOoU1+o9i8eYsvsmwJh3Ip4E9DCytxc=";
};
# support cross-compilation by removing unnecessary File::Temp version check
# postPatch = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) ''
# sed -i '/File::Temp/d' Build.PL
# '';
nativeBuildInputs = [ perl ];
meta = {
description = "Build and install Perl modules";
license = with lib.licenses; [ artistic1 gpl1Plus ];
mainProgram = "config_data";
};
};
FileBaseDir = buildPerlModule {
version = "0.08";
pname = "File-BaseDir";
src = fetchurl {
url = "mirror://cpan/authors/id/K/KI/KIMRYAN/File-BaseDir-0.08.tar.gz";
hash = "sha256-wGX80+LyKudpk3vMlxuR+AKU1QCfrBQL+6g799NTBeM=";
};
configurePhase = ''
runHook preConfigure
perl Build.PL PREFIX="$out" prefix="$out"
'';
nativeBuildInputs = [ perl ];
propagatedBuildInputs = [ IPCSystemSimple ];
buildInputs = [ FileWhich ];
meta = {
description = "Use the Freedesktop.org base directory specification";
license = with lib.licenses; [ artistic1 gpl1Plus ];
};
};
# fixes: "FAILED IPython/terminal/tests/test_debug_magic.py::test_debug_magic_passes_through_generators - pexpect.exceptions.TIMEOUT: Timeout exceeded."
Testutf8 = buildPerlPackage {
pname = "Test-utf8";
version = "1.02";
src = fetchurl {
url = "mirror://cpan/authors/id/M/MA/MARKF/Test-utf8-1.02.tar.gz";
hash = "sha256-34LwnFlAgwslpJ8cgWL6JNNx5gKIDt742aTUv9Zri9c=";
};
nativeBuildInputs = [ perl ];
meta = {
description = "Handy utf8 tests";
homepage = "https://github.com/2shortplanks/Test-utf8/tree";
license = with lib.licenses; [ artistic1 gpl1Plus ];
};
};
# inherit (pkgs.emulated.perl.pkgs)
# Testutf8
# ;
});
nixpkgs.overlays = [
(next: prev: {
# non-emulated packages build *from* local *for* target.
# for large packages like the linux kernel which are expensive to build under emulation,
# the config can explicitly pull such packages from `pkgs.cross` to do more efficient cross-compilation.
# crossFrom."x86_64-linux" = mkCrossFrom "x86_64-linux" prev;
# crossFrom."aarch64-linux" = mkCrossFrom "aarch64-linux" prev;
emulated = mkEmulated prev;
})
# (next: prev:
# let
# emulated = prev.emulated;
# in {
# # packages which don't "cross compile" from x86_64 -> x86_64
# inherit (emulated)
# # aws-crt-cpp # "/build/source/include/aws/crt/Optional.h:6:10: fatal error: utility: No such file or directory"
# # # bash # "configure: error: C compiler cannot create executables"
# # boehmgc # "gc_badalc.cc:29:10: fatal error: new: No such file or directory <new>"
# # c-ares # dns-proto.h:11:10: fatal error: memory: No such file or directory
# # db48 # "./db_cxx.h:59:10: fatal error: iostream.h: No such file or directory"
# # # kexec-tools # "configure: error: C compiler cannot create executables"
# # gmp6 # "configure: error: could not find a working compiler"
# # gtest # "/build/source/googletest/src/gtest_main.cc:30:10: fatal error: cstdio: No such file or directory"
# # icu72 # "../common/unicode/localpointer.h:45:10: fatal error: memory: No such file or directory"
# # # libidn2 # "configure: error: C compiler cannot create executables"
# # ncurses # "configure: error: C compiler cannot create executables"
# ;
# bash = prev.bash.overrideAttrs (orig: {
# # configure doesn't know how to build because it doesn't know where to find crt1.o.
# # some parts of nixpkgs specify the path to it explicitly:
# # - <nixpkgs:pkgs/development/libraries/gcc/libstdc++/5.nix>
# # - <nixpkgs:pkgs/build-support/cc-wrapper/add-flags.sh>
# # alternatively, the wrapper gcc (first item on PATH if we look at a failed bash's env-vars)
# # adds these flags automatically. so we can probably just tell `configure` to *not* use any special gcc other than the wrapper.
# # TESTING IN PROGRESS:
# # - N.B.: BUILDCC is a vlc-ism!
# # BUILDCC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc"; # has illegal requisites
# CC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc"; # XXX: tested in nixpkgs: FAILS WITH SAME SIGNATURE. env-vars doesn't show our CC though :-(
# # ^ env vars set here are making their way through, but something else (build script?) is overwriting it
# SANE_CC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc";
# # CC = "gcc" # bash configure.ac
# # CC_FOR_BUILD = "gcc" # bash configure.ac
# # BUILDCC = "gcc"; # VLC
# });
# }
# )
(nativeSelf: nativeSuper: {
pkgsi686Linux = nativeSuper.pkgsi686Linux.extend (i686Self: i686Super: {
# fixes eval-time error: "Unsupported cross architecture"
# it happens even on a x86_64 -> x86_64 build:
# - defining `config.nixpkgs.buildPlatform` to the non-default causes that setting to be inherited by pkgsi686.
# - hence, `pkgsi686` on a non-cross build is ordinarily *emulated*:
# defining a cross build causes it to also be cross (but to the right hostPlatform)
# this has no inputs other than stdenv, and fetchurl, so emulating it is fine.
tbb = nativeSuper.emulated.pkgsi686Linux.tbb;
# tbb = i686Super.tbb.overrideAttrs (orig: (with i686Self; {
# makeFlags = lib.optionals stdenv.cc.isClang [
# "compiler=clang"
# ] ++ (lib.optional (stdenv.buildPlatform != stdenv.hostPlatform)
# (if stdenv.hostPlatform.isAarch64 then "arch=arm64"
# else if stdenv.hostPlatform.isx86_64 then "arch=intel64"
# else throw "Unsupported cross architecture: ${stdenv.buildPlatform.system} -> ${stdenv.hostPlatform.system}"));
# }));
});
})
(next: prev:
let
emulated = prev.emulated;
# emulated = if prev.stdenv.buildPlatform.system == prev.stdenv.hostPlatform.system then
# prev
# else
# prev.emulated;
in {
# packages which don't cross compile
inherit (emulated)
# adwaita-qt # psqlodbc
apacheHttpd_2_4 # `configure: error: Size of "void *" is less than size of "long"`
# duplicity # python3.10-s3transfer
flatpak # No package 'libxml-2.0' found
fwupd-efi # efi/meson.build:162:0: ERROR: Program or command 'gcc' not found or not executable
# gdk-pixbuf # cross-compiled version doesn't output bin/gdk-pixbuf-thumbnailer (used by webp-pixbuf-loader
gmime3 # "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
# gnome-tour
# XXX: gnustep members aren't individually overridable, because the "scope" uses `rec` such that members don't see overrides
gnustep # gnustep.base: "configure: error: Your compiler does not appear to implement the -fconstant-string-class option needed for support of strings."
# grpc
gvfs # meson.build:312:2: ERROR: Assert failed: http required but libxml-2.0 not found
# hdf5 # configure: error: cannot run test program while cross compiling
# http2
ibus # configure.ac:152: error: possibly undefined macro: AM_PATH_GLIB_2_0
kitty # "FileNotFoundError: [Errno 2] No such file or directory: 'pkg-config'"
libchamplain # "failed to produce output path for output 'devdoc'"
libgccjit # "../../gcc-9.5.0/gcc/jit/jit-result.c:52:3: error: 'dlclose' was not declared in this scope"
libgweather # "Run-time dependency vapigen found: NO (tried pkgconfig)"
libjcat # data/tests/meson.build:10:0: ERROR: Program 'gnutls-certtool certtool' not found or not executable
# libsForQt5 # qtbase # make: g++: No such file or directory
libtiger # "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
notmuch # "Error: The dependencies of notmuch could not be satisfied" (xapian, gmime, glib, talloc)
# perlInterpreters # perl5.36.0-Module-Build perl5.36.0-Test-utf8 (see tracking issues ^)
phosh # libadwaita-1 not found
# qgnomeplatform
# qtbase
qt5 # qt5.qtx11extras fails, but we can't selectively emulate it
qt6 # "You need to set QT_HOST_PATH to cross compile Qt."
sequoia # "/nix/store/q8hg17w47f9xr014g36rdc2gi8fv02qc-clang-aarch64-unknown-linux-gnu-12.0.1-lib/lib/libclang.so.12: cannot open shared object file: No such file or directory"', /build/sequoia-0.27.0-vendor.tar.gz/bindgen/src/lib.rs:1975:31"
# splatmoji
squeekboard # meson.build:1:0: ERROR: 'rust' compiler binary not defined in cross or native file
twitter-color-emoji # /nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 1: pkg-config: command not found
# unar has multiple failures:
# - "configure: error: Your compiler does not appear to implement the -fconstant-string-class option needed for support of strings. Please check for a more recent version or consider using --enable-nxconstantstring"
# - "/nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 1: ar: command not found"
unar
visidata # python3.10-psycopg2 python3.10-pandas python3.10-h5py
# webkitgtk_4_1 # requires nativeBuildInputs = perl.pkgs.FileCopyRecursive => perl5.36.0-Test-utf8
# xdg-utils # perl5.36.0-File-BaseDir / perl5.36.0-Module-Build
;
# apacheHttpd_2_4 = prev.apacheHttpd_2_4.override {
# # fixes original error
# # new failure mode: "/nix/store/czvaa9y9ch56z53c0b0f5bsjlgh14ra6-apr-aarch64-unknown-linux-gnu-1.7.0-dev/share/build/libtool: line 1890: aarch64-unknown-linux-gnu-ar: command not found"
# inherit (emulated) stdenv;
# };
# mod_dnssd = prev.mod_dnssd.override {
# inherit (emulated) stdenv;
# };
apacheHttpdPackagesFor = apacheHttpd: self:
let
prevHttpdPkgs = prev.apacheHttpdPackagesFor apacheHttpd self;
in prevHttpdPkgs // {
# fixes "configure: error: *** Sorry, could not find apxs ***"
mod_dnssd = prevHttpdPkgs.mod_dnssd.override {
inherit (emulated) stdenv;
};
};
# apacheHttpdPackagesFor = apacheHttpd: self:
# let
# prevHttpdPkgs = lib.fix (emulated.apacheHttpdPackagesFor apacheHttpd);
# in
# (prev.apacheHttpdPackagesFor apacheHttpd self) // {
# # inherit (prevHttpdPkgs) mod_dnssd;
# mod_dnssd = prevHttpdPkgs.mod_dnssd.override {
# inherit (self) apacheHttpd;
# };
# };
# appstream = prev.appstream.override {
# # doesn't fix: "ld: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
# appstream = prev.appstream.overrideAttrs (orig: {
# # fixes "Program 'gperf' not found or not executable"
# # does not fix "ERROR: An exe_wrapper is needed but was not found. Please define one in cross file and check the command and/or add it to PATH."
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gperf ];
# });
# appstream = prev.appstream.overrideAttrs (upstream: {
# # does not fix "Program 'gperf' not found or not executable"
# nativeBuildInputs = upstream.nativeBuildInputs ++ lib.optionals (!prev.stdenv.buildPlatform.canExecute prev.stdenv.hostPlatform) [
# next.mesonEmulatorHook
# ];
# });
appstream = prev.appstream.overrideAttrs (upstream: {
# fixes "Program 'gperf' not found or not executable"
nativeBuildInputs = upstream.nativeBuildInputs ++ lib.optionals (!prev.stdenv.buildPlatform.canExecute prev.stdenv.hostPlatform) [
next.mesonEmulatorHook
] ++ [
next.gperf
];
});
blueman = prev.blueman.overrideAttrs (orig: {
# configure: error: ifconfig or ip not found, install net-tools or iproute2
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.iproute2 ];
});
brltty = prev.brltty.override {
# configure: error: no acceptable C compiler found in $PATH
inherit (emulated) stdenv;
};
browserpass = prev.browserpass.override {
# fixes "qemu-aarch64: Could not open '/lib/ld-linux-aarch64.so.1': No such file or directory"
inherit (emulated) buildGoModule; # buildGoModule holds the stdenv
};
cantarell-fonts = prev.cantarell-fonts.override {
# fixes error where python3.10-skia-pathops dependency isn't available for the build platform
inherit (emulated) stdenv;
};
cdrtools = prev.cdrtools.override {
# "configure: error: installation or configuration problem: C compiler cc not found."
inherit (emulated) stdenv;
};
# colord = prev.colord.override {
# # doesn't fix: "ld: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
colord = prev.colord.overrideAttrs (upstream: {
# fixes: (meson) ERROR: An exe_wrapper is needed but was not found. Please define one in cross file and check the command and/or add it to PATH.
nativeBuildInputs = upstream.nativeBuildInputs ++ lib.optionals (!prev.stdenv.buildPlatform.canExecute prev.stdenv.hostPlatform) [
next.mesonEmulatorHook
];
});
dante = prev.dante.override {
# fixes: "configure: error: error: getaddrinfo() error value count too low"
inherit (emulated) stdenv;
};
emacs = prev.emacs.override {
# fixes "configure: error: cannot run test program while cross compiling"
inherit (emulated) stdenv;
};
# flatpak = prev.flatpak.override {
# # doesn't fix: "ld: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
fuzzel = prev.fuzzel.override {
# meson.build:100:0: ERROR: Dependency lookup for wayland-scanner with method 'pkgconfig' failed: Pkg-config binary for machine 0 not found. Giving up.
inherit (emulated) stdenv;
};
# fwupd-efi = prev.fwupd-efi.override {
# # efi/meson.build:33:2: ERROR: Problem encountered: gnu-efi support requested, but headers were not found
# inherit (emulated) stdenv;
# };
fwupd = prev.fwupd.overrideAttrs (orig: {
# solves (meson) "Run-time dependency libgcab-1.0 found: NO (tried pkgconfig and cmake)", and others.
buildInputs = orig.buildInputs ++ [ next.gcab next.gnutls ];
mesonFlags = (lib.remove "-Ddocs=enabled" orig.mesonFlags) ++ [ "-Ddocs=disabled" ];
outputs = lib.remove "devdoc" orig.outputs;
});
# fwupd = prev.fwupd.override {
# # solves missing libgcab-1.0;
# # new error: "meson.build:449:4: ERROR: Command "/nix/store/n7xrj3pnrgcr8igx7lfhz8197y67bk7k-python3-aarch64-unknown-linux-gnu-3.10.9-env/bin/python3 po/test-deps" failed with status 1."
# inherit (emulated) stdenv;
# };
gcr_4 = prev.gcr_4.overrideAttrs (orig: {
# fixes (meson): "ERROR: Program 'gpg2 gpg' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gnupg next.openssh ];
});
gthumb = prev.gthumb.overrideAttrs (orig: {
# fixes (meson) "Program 'glib-mkenums mkenums' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
gmime = prev.gmime.overrideAttrs (orig: {
# "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
configureFlags = orig.configureFlags ++ [ "ac_cv_have_iconv_detect_h=no" ];
});
# gmime3 = prev.gmime3.overrideAttrs (orig: {
# # "checking preferred charset formats for system iconv... cannot run test program while cross compiling"
# # unsolved: "ImportError: /nix/store/c190src4bjkfp7bdgc5sadnmvgzv7kxb-gobject-introspection-aarch64-unknown-linux-gnu-1.74.0/lib/gobject-introspection/giscanner/_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
# configureFlags = orig.configureFlags ++ [ "ac_cv_have_iconv_detect_h=no" ];
# });
# gmime3 = prev.gmime3.override {
# # doesn't fix
# inherit (emulated) stdenv;
# };
gnome = prev.gnome.overrideScope' (self: super: {
inherit (emulated.gnome)
dconf-editor # "error: Package `dconf' not found in specified Vala API directories or GObject-Introspection GIR directories"
evolution-data-server # "The 'perl' not found, not installing csv2vcard"
gnome-shell # "meson.build:128:0: ERROR: Program 'gjs' not found or not executable"
gnome-settings-daemon # subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable
mutter # meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)
;
# dconf-editor = super.dconf-editor.override {
# # fails to fix original error
# inherit (emulated) stdenv;
# };
# dconf-editor = super.dconf-editor.overrideAttrs (orig: {
# # fails to fix original error
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.dconf ];
# });
evince = super.evince.overrideAttrs (orig: {
# fixes (meson) "Run-time dependency gi-docgen found: NO (tried pkgconfig and cmake)"
# inspired by gupnp
outputs = [ "out" "dev" ]
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
mesonFlags = orig.mesonFlags ++ [
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
];
});
# evolution-data-server = super.evolution-data-server.override {
# inherit (next) stdenv;
# };
# evolution-data-server = super.evolution-data-server.overrideAttrs (orig: {
# # fixes "The 'perl' not found, not installing csv2vcard"
# # doesn't fix "CMake Error: try_run() invoked in cross-compiling mode, please set the following cache variables appropriately"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
# });
file-roller = super.file-roller.override {
# fixes "src/meson.build:106:0: ERROR: Program 'glib-compile-resources' not found or not executable"
inherit (emulated) stdenv;
};
gnome-color-manager = super.gnome-color-manager.overrideAttrs (orig: {
# fixes: "src/meson.build:3:0: ERROR: Program 'glib-compile-resources' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
gnome-control-center = super.gnome-control-center.overrideAttrs (orig: {
# fixes "subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# gnome-control-center = super.gnome-control-center.override {
# inherit (next) stdenv;
# };
# gnome-keyring = super.gnome-keyring.override {
# # does not fix original error
# inherit (next) stdenv;
# };
gnome-keyring = super.gnome-keyring.overrideAttrs (orig: {
# fixes "configure.ac:374: error: possibly undefined macro: AM_PATH_LIBGCRYPT"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libgcrypt next.openssh next.glib ];
});
gnome-remote-desktop = super.gnome-remote-desktop.overrideAttrs (orig: {
# TODO: remove gnome-remote-desktop (wanted by gnome-control-center)
# fixes: "Program gdbus-codegen found: NO"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# gnome-shell = super.gnome-shell.overrideAttrs (orig: {
# # fixes "meson.build:128:0: ERROR: Program 'gjs' not found or not executable"
# # does not fix "_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory" (python import failure)
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gjs next.gobject-introspection ];
# # try to reduce gobject-introspection/shew dependencies
# mesonFlags = [
# "-Dextensions_app=false"
# "-Dextensions_tool=false"
# "-Dman=false"
# ];
# # fixes "gvc| Build-time dependency gobject-introspection-1.0 found: NO"
# # inspired by gupnp_1_6
# # outputs = [ "out" "dev" ]
# # ++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
# # mesonFlags = [
# # "-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
# # ];
# });
# gnome-shell = super.gnome-shell.override {
# inherit (next) stdenv;
# };
# gnome-shell = super.gnome-shell.overrideAttrs (orig: {
# # does not solve original error
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.mesonEmulatorHook ];
# });
# gnome-settings-daemon = super.gnome-settings-daemon.overrideAttrs (orig: {
# # fixes "subprojects/gvc/meson.build:30:0: ERROR: Program 'glib-mkenums mkenums' not found or not executable"
# # new error: "plugins/power/meson.build:22:0: ERROR: Dependency lookup for glib-2.0 with method 'pkgconfig' failed: Pkg-config binary for machine 0 not found. Giving up."
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
# });
# gnome-settings-daemon = super.gnome-settings-daemon.overrideAttrs (orig: {
# # does not fix original error
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.mesonEmulatorHook ];
# });
gnome-session = super.gnome-session.overrideAttrs (orig: {
# fixes: "gdbus-codegen not found or executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# gnome-terminal = super.gnome-terminal.override {
# # fixes: "meson.build:343:0: ERROR: Dependency "libpcre2-8" not found, tried pkgconfig"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
gnome-terminal = super.gnome-terminal.overrideAttrs (orig: {
# fixes "meson.build:343:0: ERROR: Dependency "libpcre2-8" not found, tried pkgconfig"
buildInputs = orig.buildInputs ++ [ next.pcre2 ];
});
gnome-user-share = super.gnome-user-share.overrideAttrs (orig: {
# fixes: meson.build:111:6: ERROR: Program 'glib-compile-schemas' not found or not executable
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# mutter = super.mutter.override {
# # DOES NOT FIX: "meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)"
# inherit (next) stdenv;
# };
# mutter = super.mutter.overrideAttrs (orig: {
# # fixes "meson.build:237:2: ERROR: Dependency "gbm" not found, tried pkgconfig (it's provided by mesa)"
# # new error: "/nix/store/c190src4bjkfp7bdgc5sadnmvgzv7kxb-gobject-introspection-aarch64-unknown-linux-gnu-1.74.0/lib/gobject-introspection/giscanner/_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gobject-introspection next.wayland-scanner ];
# buildInputs = orig.buildInputs ++ [ next.mesa ];
# # disable docs building
# mesonFlags = lib.remove "-Ddocs=true" orig.mesonFlags;
# });
# mutter = super.mutter.overrideAttrs (orig: {
# # TODO: something seems to be propagating an *emulated* version of gobject-introspection into the build
# nativeBuildInputs =
# (lib.remove next.python3
# (lib.remove next.mesa orig.nativeBuildInputs)
# )
# ++ [
# next.gobject-introspection
# next.mesonEmulatorHook
# next.python3.pythonForBuild
# next.wayland-scanner
# ];
# buildInputs = (lib.remove next.gobject-introspection orig.buildInputs)
# ++ [ next.mesa ];
# # disable docs building
# mesonFlags = lib.remove "-Ddocs=true" orig.mesonFlags;
# });
# nautilus = super.nautilus.override {
# # fixes: "meson.build:123:0: ERROR: Dependency "libxml-2.0" not found, tried pkgconfig"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
nautilus = super.nautilus.overrideAttrs (orig: {
# fixes: "meson.build:123:0: ERROR: Dependency "libxml-2.0" not found, tried pkgconfig"
buildInputs = orig.buildInputs ++ [ next.libxml2 ];
});
});
gocryptfs = prev.gocryptfs.override {
# fixes "error: hash mismatch in fixed-output derivation" (vendorSha256)
inherit (emulated) buildGoModule; # equivalent to stdenv
};
gupnp_1_6 = prev.gupnp_1_6.overrideAttrs (orig: {
# fixes "subprojects/gi-docgen/meson.build:10:0: ERROR: python3 not found"
# this patch is copied from the default gupnp.
# TODO: upstream
outputs = [ "out" "dev" ]
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
mesonFlags = [
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
"-Dintrospection=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
];
});
gst_all_1 = prev.gst_all_1 // {
# gst-editing-services = prev.gst_all_1.gst-editing-services.override {
# # fixes "Run-time dependency gst-validate-1.0 found: NO"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgobject-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
# XXX this feels risky; it propagates a (conflicting) gst-plugins to all consumers
# gst-editing-services = emulated.gst_all_1.gst-editing-services;
gst-editing-services = prev.gst_all_1.gst-editing-services.overrideAttrs (orig: {
# fixes "Run-time dependency gst-validate-1.0 found: NO"
buildInputs = orig.buildInputs ++ [ next.gst_all_1.gst-devtools ];
mesonFlags = orig.mesonFlags ++ [
# disable "python formatters" to avoid undefined references to Py_Initialize, etc.
"-Dpython=disabled"
];
});
inherit (emulated.gst_all_1) gst-plugins-good;
# gst-plugins-good = prev.gst_all_1.gst-plugins-good.override {
# # when invoked with `qt5Support = true`, qtbase shows up in both buildInputs and nativeBuildInputs
# # if these aren't identical, then qt complains: "Error: detected mismatched Qt dependencies"
# # doesn't fix the original error.
# inherit (emulated) stdenv;
# # qt5Support = true;
# };
};
# gvfs = prev.gvfs.overrideAttrs (orig: {
# # meson.build:312:2: ERROR: Assert failed: http required but libxml-2.0 not found
# # nativeBuildInputs = orig.nativeBuildInputs ++ [ prev.libxml2 prev.mesonEmulatorHook ];
# # TODO: gvfs 1.50.2 -> 1.50.3 upgrade is upstreamed, and fixed cross compilation
# version = "1.50.3";
# src = next.fetchurl {
# url = "mirror://gnome/sources/gvfs/1.50/gvfs-1.50.3.tar.xz";
# sha256 = "aJcRnpe7FgKdJ3jhpaVKamWSYx+LLzoqHepO8rAYA/0=";
# };
# patches = [
# # Hardcode the ssh path again.
# # https://gitlab.gnome.org/GNOME/gvfs/-/issues/465
# (next.fetchpatch2 {
# url = "https://gitlab.gnome.org/GNOME/gvfs/-/commit/8327383e262e1e7f32750a8a2d3dd708195b0f53.patch";
# hash = "sha256-ReD7qkezGeiJHyo9jTqEQNBjECqGhV9nSD+dYYGZWJ8=";
# revert = true;
# })
# ];
# });
# gvfs = prev.gvfs.override {
# # solves original config-time problem
# # new failure: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/3n0n1s5gb34lkckkr8ix5b7s5hz4n48v-libxml2-2.10.3/lib/libxml2.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
hdf5 = prev.hdf5.override {
inherit (emulated) stdenv;
};
# ibus = prev.ibus.override {
# # "_giscanner.cpython-310-x86_64-linux-gnu.so: cannot open shared object file: No such file or directory"
# inherit (emulated) stdenv;
# };
iio-sensor-proxy = prev.iio-sensor-proxy.overrideAttrs (orig: {
# fixes "./autogen.sh: line 26: gtkdocize: not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib next.gtk-doc ];
});
# kitty = prev.kitty.override {
# # does not solve original error
# inherit (emulated) stdenv;
# };
# libchamplain = prev.libchamplain.override {
# # fails: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libglib-2.0.so: error adding symbols: file in wrong format";
# inherit (emulated) stdenv;
# };
# libgweather = prev.libgweather.override {
# # solves original problem
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgio-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
libHX = prev.libHX.overrideAttrs (orig: {
# "Can't exec "libtoolize": No such file or directory at /nix/store/r4fvx9hazsm0rdm7s393zd5v665dsh1c-autoconf-2.71/share/autoconf/Autom4te/FileUtils.pm line 294."
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libtool ];
});
# libjcat = prev.libjcat.override {
# # fixes original error
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/f7yr5z123d162p5457jh3wzkqm7x8yah-glib-2.74.3/lib/libgio-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
librest = prev.librest.overrideAttrs (orig: {
# fixes "You must have gtk-doc >= 1.13 installed to build documentation"
# by removing the "--enable-gtk-doc" flag
configureFlags = [ "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt" ];
});
librest_1_0 = prev.librest_1_0.overrideAttrs (orig: {
# fixes (meson) "Run-time dependency gi-docgen found: NO (tried pkgconfig and cmake)"
# inspired by gupnp
outputs = [ "out" "dev" ]
++ lib.optionals (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform) [ "devdoc" ];
mesonFlags = orig.mesonFlags ++ [
"-Dgtk_doc=${lib.boolToString (prev.stdenv.buildPlatform == prev.stdenv.hostPlatform)}"
];
});
libsForQt5 = prev.libsForQt5.overrideScope' (self: super: {
qgpgme = super.qgpgme.overrideAttrs (orig: {
# fix so it can find the MOC compiler
# it looks like it might not *need* to propagate qtbase, but so far unclear
nativeBuildInputs = orig.nativeBuildInputs ++ [ self.qtbase ];
propagatedBuildInputs = lib.remove self.qtbase orig.propagatedBuildInputs;
});
phonon = super.phonon.overrideAttrs (orig: {
# fixes "ECM (required version >= 5.60), Extra CMake Modules"
buildInputs = orig.buildInputs ++ [ next.extra-cmake-modules ];
});
});
# libtiger = prev.libtiger.override {
# # fails to fix: "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
# inherit (emulated) stdenv;
# };
# libtiger = prev.libtiger.overrideAttrs (orig: {
# # fails to fix: "src/tiger_internal.h:24:10: fatal error: pango/pango.h: No such file or directory"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.libkate next.cairo next.pango ];
# });
ncftp = prev.ncftp.override {
# fixes: "ar: No such file or directory"
inherit (emulated) stdenv;
};
networkmanager-fortisslvpn = prev.networkmanager-fortisslvpn.overrideAttrs (orig: {
# fixes "gdbus-codegen: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
# networkmanager-iodine = prev.networkmanager-iodine.overrideAttrs (orig: {
# # fails to fix "configure.ac:58: error: possibly undefined macro: AM_GLIB_GNU_GETTEXT"
# nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gettext ];
# });
networkmanager-iodine = prev.networkmanager-iodine.override {
# fixes "configure.ac:58: error: possibly undefined macro: AM_GLIB_GNU_GETTEXT"
inherit (emulated) stdenv;
};
networkmanager-l2tp = prev.networkmanager-l2tp.overrideAttrs (orig: {
# fixes "gdbus-codegen: command not found"
# fixes "gtk4-builder-tool: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib next.gtk4 ];
});
networkmanager-openconnect = prev.networkmanager-openconnect.overrideAttrs (orig: {
# fixes "properties/gresource.xml: Permission denied"
# - by providing glib-compile-resources
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
networkmanager-openvpn = prev.networkmanager-openvpn.overrideAttrs (orig: {
# fixes "properties/gresource.xml: Permission denied"
# - by providing glib-compile-resources
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
networkmanager-sstp = prev.networkmanager-sstp.overrideAttrs (orig: {
# fixes "gdbus-codegen: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
networkmanager-vpnc = prev.networkmanager-vpnc.overrideAttrs (orig: {
# fixes "properties/gresource.xml: Permission denied"
# - by providing glib-compile-resources
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
nheko = prev.nheko.overrideAttrs (orig: {
# fixes "fatal error: lmdb++.h: No such file or directory
buildInputs = orig.buildInputs ++ [ next.lmdbxx ];
});
# notmuch = prev.notmuch.override {
# # fails to solve original error
# inherit (emulated) stdenv;
# };
obex_data_server = prev.obex_data_server.override {
# fixes "/nix/store/0wk6nr1mryvylf5g5frckjam7g7p9gpi-bash-5.2-p15/bin/bash: line 2: --prefix=ods_manager: command not found"
inherit (emulated) stdenv;
};
openfortivpn = prev.openfortivpn.override {
# fixes "checking for /proc/net/route... configure: error: cannot check for file existence when cross compiling"
inherit (emulated) stdenv;
};
ostree = prev.ostree.override {
# fixes "configure: error: Need GPGME_PTHREAD version 1.1.8 or later"
inherit (emulated) stdenv;
};
pam_mount = prev.pam_mount.overrideAttrs (orig: {
# fixes: "perl: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
});
phoc = prev.phoc.override {
# fixes "Program wayland-scanner found: NO"
inherit (emulated) stdenv;
};
# phosh = prev.phosh.override {
# # fixes original error.
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/2bzd39fbsifidd667s7x930d0b7pm3qx-pango-1.50.12/lib/libpangocairo-1.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
phosh-mobile-settings = prev.phosh-mobile-settings.override {
# fixes "meson.build:26:0: ERROR: Dependency "phosh-plugins" not found, tried pkgconfig"
inherit (emulated) stdenv;
};
pipewire = prev.pipewire.overrideAttrs (orig: {
# fix `spa/plugins/bluez5/meson.build:41:0: ERROR: Program 'gdbus-codegen' not found or not executable`
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
psqlodbc = prev.psqlodbc.override {
# fixes "configure: error: odbc_config not found (required for unixODBC build)"
inherit (emulated) stdenv;
};
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
(py-next: py-prev: {
defcon = py-prev.defcon.overridePythonAttrs (orig: {
# TODO: diagnose and upstream
nativeBuildInputs = orig.nativeBuildInputs ++ orig.nativeCheckInputs;
});
executing = py-prev.executing.overridePythonAttrs (orig: {
# TODO: confirm & upstream
# test has an assertion that < 1s of CPU time elapsed => flakey
disabledTestPaths = orig.disabledTestPaths or [] ++ [
# "tests/test_main.py::TestStuff::test_many_source_for_filename_calls"
"tests/test_main.py"
];
});
# h5py = py-prev.h5py.overridePythonAttrs (orig: {
# # XXX: can't upstream until its dependency, hdf5, is fixed. that looks TRICKY.
# # - the `setup_configure.py` in h5py tries to dlopen (and call into) the hdf5 lib to query the version and detect features like MPI
# # - it could be patched with ~10 LoC in the HDF5LibWrapper class.
# #
# # expose numpy and hdf5 as available at build time
# nativeBuildInputs = orig.nativeBuildInputs ++ orig.propagatedBuildInputs ++ orig.buildInputs;
# buildInputs = [];
# # HDF5_DIR = "${hdf5}";
# });
ipython = py-prev.ipython.overridePythonAttrs (orig: {
# fixes "FAILED IPython/terminal/tests/test_debug_magic.py::test_debug_magic_passes_through_generators - pexpect.exceptions.TIMEOUT: Timeout exceeded."
disabledTests = orig.disabledTests ++ [ "test_debug_magic_passes_through_generator" ];
});
mutatormath = py-prev.mutatormath.overridePythonAttrs (orig: {
# TODO: diagnose and upstream
nativeBuildInputs = orig.nativeBuildInputs or [] ++ orig.nativeCheckInputs;
});
pandas = py-prev.pandas.overridePythonAttrs (orig: {
# TODO: upstream
# XXX: we only actually need numpy when building in ~/nixpkgs repo: not sure why we need all the propagatedBuildInputs here.
# nativeBuildInputs = orig.nativeBuildInputs ++ [ py-next.numpy ];
nativeBuildInputs = orig.nativeBuildInputs ++ orig.propagatedBuildInputs;
});
psycopg2 = py-prev.psycopg2.overridePythonAttrs (orig: {
# TODO: upstream (see tracking issue)
#
# psycopg2 *links* against libpg, so we need the host postgres available at build time!
# present-day nixpkgs only includes it in nativeBuildInputs
buildInputs = orig.buildInputs ++ [ next.postgresql ];
});
s3transfer = py-prev.s3transfer.overridePythonAttrs (orig: {
# tests explicitly expect host CPU == build CPU
# Bail out! ERROR:../plugins/core.c:221:qemu_plugin_vcpu_init_hook: assertion failed: (success)
# Bail out! ERROR:../accel/tcg/cpu-exec.c:954:cpu_exec: assertion failed: (cpu == current_cpu)
disabledTestPaths = orig.disabledTestPaths ++ [
# "tests/functional/test_processpool.py::TestProcessPoolDownloader::test_cleans_up_tempfile_on_failure"
"tests/functional/test_processpool.py"
# "tests/unit/test_compat.py::TestBaseManager::test_can_provide_signal_handler_initializers_to_start"
"tests/unit/test_compat.py"
];
});
# skia-pathops = ?
# it tries to call `cc` during the build, but can't find it.
})
];
# qt5 = prev.qt5.overrideScope' (self: super: {
# qtbase = super.qtbase.override {
# inherit (emulated) stdenv;
# };
# qtx11extras = super.qtx11extras.override {
# # "Project ERROR: Cannot run compiler 'g++'";
# # this fails an assert though, where the cross qt now references the emulated qt.
# inherit (emulated.qt5) qtModule;
# };
# });
# qt6 = prev.qt6.overrideScope' (self: super: {
# qtbase = super.qtbase.override {
# # fixes: "You need to set QT_HOST_PATH to cross compile Qt."
# inherit (emulated) stdenv;
# };
# });
rapidfuzz-cpp = prev.rapidfuzz-cpp.overrideAttrs (orig: {
# fixes "error: could not find git for clone of catch2-populate"
buildInputs = orig.buildInputs or [] ++ [ next.catch2_3 ];
});
re2 = (prev.re2.override {
# fixes: "FAILED: CMakeFiles/test.util"
inherit (emulated) stdenv;
}).overrideAttrs (orig: {
# exhaustive{,1,2}_test times out after 1500s.
# this is after exhaustive3_test takes 600s to pass.
doCheck = false;
});
rmlint = prev.rmlint.override {
# fixes "Checking whether the C compiler works... no"
inherit (emulated) stdenv;
};
# sequoia = prev.sequoia.override {
# # fails to fix original error
# inherit (emulated) stdenv;
# };
# squeekboard = prev.squeekboard.overrideAttrs (orig: {
# # fixes: "meson.build:1:0: ERROR: 'rust' compiler binary not defined in cross or native file"
# # new error: "meson.build:1:0: ERROR: Rust compiler rustc --target aarch64-unknown-linux-gnu -C linker=aarch64-unknown-linux-gnu-gcc can not compile programs."
# mesonFlags =
# let
# # ERROR: 'rust' compiler binary not defined in cross or native file
# crossFile = next.writeText "cross-file.conf" ''
# [binaries]
# rust = [ 'rustc', '--target', '${next.rust.toRustTargetSpec next.stdenv.hostPlatform}' ]
# '';
# in
# orig.mesonFlags or [] ++ lib.optionals (next.stdenv.hostPlatform != next.stdenv.buildPlatform) [ "--cross-file=${crossFile}" ];
# });
# squeekboard = prev.squeekboard.override {
# # new error: "gcc: error: unrecognized command line option '-m64'"
# inherit (emulated) stdenv;
# };
sysprof = prev.sysprof.overrideAttrs (orig: {
# fixes: "src/meson.build:12:2: ERROR: Program 'gdbus-codegen' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
tpm2-abrmd = prev.tpm2-abrmd.overrideAttrs (orig: {
# fixes "configure: error: *** gdbus-codegen is required to build tpm2-abrmd; No package 'gio-unix-2.0' found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.glib ];
});
tracker-miners = prev.tracker-miners.override {
# fixes "meson.build:183:0: ERROR: Can not run test applications in this cross environment."
inherit (emulated) stdenv;
};
# twitter-color-emoji = prev.twitter-color-emoji.override {
# # fails to fix original error
# inherit (emulated) stdenv;
# };
# unar = (prev.unar.override {
# # fixes "ar: command not found"
# # new error: "gcc: error: unrecognized command line option '-fobjc-runtime=gnustep-2.0'"
# inherit (emulated) stdenv;
# });
unixODBCDrivers = prev.unixODBCDrivers // {
# TODO: should this package be deduped with toplevel psqlodbc in upstream nixpkgs?
psql = prev.unixODBCDrivers.psql.override {
# fixes "configure: error: odbc_config not found (required for unixODBC build)"
inherit (emulated) stdenv;
};
# psql = prev.unixODBCDrivers.psql.overrideAttrs (orig: {
# # fixes "configure: error: odbc_config not found (required for unixODBC build)"
# # new error: "/nix/store/h3ms3h95rbj5p8yhxfhbsbnxgvpnb8w0-aarch64-unknown-linux-gnu-binutils-2.39/bin/aarch64-unknown-linux-gnu-ld: /nix/store/6h6z98qvg5k8rsqpivi42r5008zjfp2v-unixODBC-2.3.11/lib/libodbcinst.so: error adding symbols: file in wrong format"
# nativeBuildInputs = orig.nativeBuildInputs or [] ++ orig.buildInputs;
# });
};
vlc = prev.vlc.overrideAttrs (orig: {
# fixes: "configure: error: could not find the LUA byte compiler"
# fixes: "configure: error: protoc compiler needed for chromecast was not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.lua5 next.protobuf ];
# fix that it can't find the c compiler
# makeFlags = orig.makeFlags or [] ++ [ "CC=${prev.stdenv.cc.targetPrefix}cc" ];
BUILDCC = "${prev.stdenv.cc}/bin/${prev.stdenv.cc.targetPrefix}cc";
});
vpnc = prev.vpnc.overrideAttrs (orig: {
# fixes "perl: command not found"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.perl ];
});
xdg-desktop-portal-gtk = prev.xdg-desktop-portal-gtk.overrideAttrs (orig: {
# fixes "No package 'xdg-desktop-portal' found"
buildInputs = orig.buildInputs ++ [ next.xdg-desktop-portal ];
});
xdg-desktop-portal-gnome = prev.xdg-desktop-portal-gnome.overrideAttrs (orig: {
# fixes: "data/meson.build:33:5: ERROR: Program 'msgfmt' not found or not executable"
# fixes: "src/meson.build:25:0: ERROR: Program 'gdbus-codegen' not found or not executable"
nativeBuildInputs = orig.nativeBuildInputs ++ [ next.gettext next.glib ];
});
# webp-pixbuf-loader = prev.webp-pixbuf-loader.override {
# # fixes "Builder called die: Cannot wrap '/nix/store/kpp8qhzdjqgvw73llka5gpnsj0l4jlg8-gdk-pixbuf-aarch64-unknown-linux-gnu-2.42.10/bin/gdk-pixbuf-thumbnailer' because it is not an executable file"
# # new failure mode: "/nix/store/grqh2wygy9f9wp5bgvqn4im76v82zmcx-binutils-2.39/bin/ld: /nix/store/2syg6jxk8zi1zkpqvkxkz87x8sl27c6b-gdk-pixbuf-2.42.10/lib/libgdk_pixbuf-2.0.so: error adding symbols: file in wrong format"
# inherit (emulated) stdenv;
# };
webp-pixbuf-loader = prev.webp-pixbuf-loader.overrideAttrs (upstream: {
# fixes: "Builder called die: Cannot wrap '/nix/store/kpp8qhzdjqgvw73llka5gpnsj0l4jlg8-gdk-pixbuf-aarch64-unknown-linux-gnu-2.42.10/bin/gdk-pixbuf-thumbnailer' because it is not an executable file"
# gdk-pixbuf doesn't create a `bin/` directory when cross-compiling, breaks some thumbnailing stuff.
# see `librsvg` for a more bullet-proof cross-compilation approach
postInstall = "";
});
})
];
};
}

1611
hosts/common/cross/default.nix
View File

File diff suppressed because it is too large Load Diff

22
hosts/common/cross/kitty-no-docs.patch
View File

@@ -1,22 +0,0 @@
diff --git a/setup.py b/setup.py
index 2b9d240e..770bc5e7 100755
--- a/setup.py
+++ b/setup.py
@@ -1092,11 +1092,12 @@ def c(base_path: str, **kw: object) -> None:
def create_linux_bundle_gunk(ddir: str, libdir_name: str) -> None:
- if not os.path.exists('docs/_build/html'):
- make = 'gmake' if is_freebsd else 'make'
- run_tool([make, 'docs'])
- copy_man_pages(ddir)
- copy_html_docs(ddir)
+ if not os.getenv('KITTY_NO_DOCS'):
+ if not os.path.exists('docs/_build/html'):
+ make = 'gmake' if is_freebsd else 'make'
+ run_tool([make, 'docs'])
+ copy_man_pages(ddir)
+ copy_html_docs(ddir)
for (icdir, ext) in {'256x256': 'png', 'scalable': 'svg'}.items():
icdir = os.path.join(ddir, 'share', 'icons', 'hicolor', icdir, 'apps')
safe_makedirs(icdir)

33
hosts/common/default.nix
View File

@@ -1,7 +1,7 @@
{ lib, pkgs, ... }:
{ pkgs, ... }:
{
imports = [
./cross
./cross.nix
./feeds.nix
./fs.nix
./hardware.nix
@@ -19,10 +19,8 @@
];
sane.nixcache.enable-trusted-keys = true;
sane.nixcache.enable = lib.mkDefault true;
sane.persist.enable = lib.mkDefault true;
sane.programs.sysadminUtils.enableFor.system = lib.mkDefault true;
sane.programs.consoleUtils.enableFor.user.colin = lib.mkDefault true;
sane.programs.sysadminUtils.enableFor.system = true;
sane.programs.consoleUtils.enableFor.user.colin = true;
# some services which use private directories error if the parent (/var/lib/private) isn't 700.
sane.fs."/var/lib/private".dir.acl.mode = "0700";
@@ -33,7 +31,6 @@
time.timeZone = "Etc/UTC"; # DST is too confusing for me => use a stable timezone
# allow `nix flake ...` command
# TODO: is this still required?
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
@@ -42,37 +39,19 @@
"nixpkgs=${pkgs.path}"
"nixpkgs-overlays=${../..}/overlays"
];
# hardlinks identical files in the nix store to save 25-35% disk space.
# unclear _when_ this occurs. it's not a service.
# does the daemon continually scan the nix store?
# does the builder use some content-addressed db to efficiently dedupe?
nix.settings.auto-optimise-store = true;
fonts = {
enableDefaultFonts = true;
fonts = with pkgs; [ font-awesome noto-fonts-emoji hack-font ];
fonts = with pkgs; [ font-awesome twitter-color-emoji hack-font ];
fontconfig.enable = true;
fontconfig.defaultFonts = {
emoji = [ "Font Awesome 6 Free" "Noto Color Emoji" ];
emoji = [ "Font Awesome 6 Free" "Twitter Color Emoji" ];
monospace = [ "Hack" ];
serif = [ "DejaVu Serif" ];
sansSerif = [ "DejaVu Sans" ];
};
};
# XXX: twitter-color-emoji doesn't cross-compile; but not-fonts-emoji does
# fonts = {
# enableDefaultFonts = true;
# fonts = with pkgs; [ font-awesome twitter-color-emoji hack-font ];
# fontconfig.enable = true;
# fontconfig.defaultFonts = {
# emoji = [ "Font Awesome 6 Free" "Twitter Color Emoji" ];
# monospace = [ "Hack" ];
# serif = [ "DejaVu Serif" ];
# sansSerif = [ "DejaVu Sans" ];
# };
# };
# disable non-required packages like nano, perl, rsync, strace
environment.defaultPackages = [];

33
hosts/common/feeds.nix
View File

@@ -1,9 +1,3 @@
# candidates:
# - The Nonlinear Library (podcast): <https://forum.effectivealtruism.org/posts/JTZTBienqWEAjGDRv/listen-to-more-ea-content-with-the-nonlinear-library>
# - has ~10 posts per day, text-to-speech; i would need better tagging before adding this
# - <https://www.metaculus.com/questions/11102/introducing-the-metaculus-journal-podcast/>
# - dead since 2022/10 - 2023/03
{ lib, sane-data, ... }:
let
hourly = { freq = "hourly"; };
@@ -56,29 +50,18 @@ let
(fromDb "lexfridman.com/podcast" // rat)
## Astral Codex Ten
(fromDb "sscpodcast.libsyn.com" // rat)
## Less Wrong Curated
(fromDb "feeds.libsyn.com/421877" // rat)
## Econ Talk
(fromDb "feeds.simplecast.com/wgl4xEgL" // rat)
## Cory Doctorow -- both podcast & text entries
(fromDb "craphound.com" // pol)
## Maggie Killjoy -- referenced by Cory Doctorow
(fromDb "omny.fm/shows/cool-people-who-did-cool-stuff" // pol)
(fromDb "congressionaldish.libsyn.com" // pol)
(mkPod "https://podcasts.la.utexas.edu/this-is-democracy/feed/podcast/" // pol // weekly)
## Civboot -- https://anchor.fm/civboot
(fromDb "anchor.fm/s/34c7232c/podcast/rss" // tech)
## Emerge: making sense of what's next -- <https://www.whatisemerging.com/emergepodcast>
(mkPod "https://anchor.fm/s/21bc734/podcast/rss" // pol // infrequent)
(fromDb "feeds.feedburner.com/80000HoursPodcast" // rat)
## Daniel Huberman on sleep
(fromDb "feeds.megaphone.fm/hubermanlab" // uncat)
## Multidisciplinary Association for Psychedelic Studies
(fromDb "mapspodcast.libsyn.com" // uncat)
(fromDb "allinchamathjason.libsyn.com" // pol)
(fromDb "acquired.libsyn.com" // tech)
## ACQ2 - more "Acquired" episodes
(fromDb "acquiredlpbonussecretsecret.libsyn.com" // tech)
# The Intercept - Deconstructed; also available: <rss.acast.com/deconstructed>
(fromDb "rss.prod.firstlook.media/deconstructed/podcast.rss" // pol)
## The Daily
@@ -107,8 +90,6 @@ let
(fromDb "seattlenice.buzzsprout.com" // pol)
## Sci-Fi? has Peter Watts; author of No Moods, Ads or Cutesy Fucking Icons (rifters.com)
(fromDb "talesfromthebridge.buzzsprout.com" // tech)
## UnNamed Reverse Engineering Podcast
(fromDb "reverseengineering.libsyn.com/rss" // tech)
];
texts = [
@@ -123,10 +104,6 @@ let
(fromDb "semiaccurate.com" // tech)
(mkText "https://linuxphoneapps.org/blog/atom.xml" // tech // infrequent)
(fromDb "spectrum.ieee.org" // tech)
(fromDb "thisweek.gnome.org" // tech)
# more nixos stuff here, but unclear how to subscribe: <https://nixos.org/blog/categories.html>
(mkText "https://nixos.org/blog/announcements-rss.xml" // tech // infrequent)
(mkText "https://nixos.org/blog/stories-rss.xml" // tech // weekly)
## n.b.: quality RSS list here: <https://forum.merveilles.town/thread/57/share-your-rss-feeds%21-6/>
(mkText "https://forum.merveilles.town/rss.xml" // pol // infrequent)
@@ -135,8 +112,6 @@ let
# DEVELOPERS
(fromDb "uninsane.org" // tech)
(fromDb "ascii.textfiles.com" // tech) # Jason Scott
(fromDb "xn--gckvb8fzb.com" // tech)
(fromDb "mg.lol" // tech)
(fromDb "drewdevault.com" // tech)
## Ken Shirriff
@@ -156,10 +131,6 @@ let
(mkText "https://anish.lakhwara.com/home.html" // tech // weekly)
(fromDb "jefftk.com" // tech)
(fromDb "pomeroyb.com" // tech)
(mkText "https://til.simonwillison.net/tils/feed.atom" // tech // weekly)
# TECH PROJECTS
(fromDb "blog.rust-lang.org" // tech)
# (TECH; POL) COMMENTATORS
## Matt Webb -- engineering-ish, but dreamy
@@ -176,8 +147,7 @@ let
(fromDb "lynalden.com" // pol)
(fromDb "austinvernon.site" // tech)
(mkSubstack "oversharing" // pol // daily)
(mkSubstack "byrnehobart" // pol // infrequent)
# (mkSubstack "doomberg" // tech // weekly) # articles are all pay-walled
(mkSubstack "doomberg" // tech // weekly)
## David Rosenthal
(fromDb "blog.dshr.org" // pol)
## Matt Levine
@@ -216,7 +186,6 @@ let
(fromDb "xkcd.com" // img // humor)
(fromDb "pbfcomics.com" // img // humor)
# (mkImg "http://dilbert.com/feed" // humor // daily)
(fromDb "poorlydrawnlines.com/feed" // img // humor)
# ART
(fromDb "miniature-calendar.com" // img // art // daily)

4
hosts/common/home/default.nix
View File

@@ -7,14 +7,12 @@
./git.nix
./gpodder.nix
./keyring.nix
./kitty
./kitty.nix
./libreoffice.nix
./mime.nix
./mpv.nix
./neovim.nix
./newsflash.nix
./offlineimap.nix
./ripgrep.nix
./splatmoji.nix
./ssh.nix
./sublime-music.nix

2
hosts/common/home/firefox.nix
View File

@@ -132,7 +132,7 @@ in
sidebery.package = addon "sidebery" "{3c078156-979c-498b-8990-85f7987dd929}" "sha256-YONfK/rIjlsrTgRHIt3km07Q7KnpIW89Z9r92ZSCc6w=";
sponsorblock.package = addon "sponsorblock" "sponsorBlocker@ajay.app" "sha256-hRsvLaAsVm3dALsTrJqHTNgRFAQcU7XSaGhr5G6+mFs=";
ublacklist.package = addon "ublacklist" "@ublacklist" "sha256-RqY5iHzbL2qizth7aguyOKWPyINXmrwOlf/OsfqAS48=";
ublock-origin.package = addon "ublock-origin" "uBlock0@raymondhill.net" "sha256-eHlQrU/b9X/6sTbHBpGAd+0VsLT7IrVCnd0AQ948lyA=";
ublock-origin.package = addon "ublock-origin" "uBlock0@raymondhill.net" "sha256-52lYqMjrS3GVTaybDrH1p6VF90YVkifguCGxobI/fNQ=";
browserpass-extension.enable = lib.mkDefault true;
# bypass-paywalls-clean.enable = lib.mkDefault true;

6
hosts/common/home/kitty/default.nix → hosts/common/home/kitty.nix
View File

@@ -7,11 +7,9 @@
enable_audio_bell no
map ctrl+n new_os_window_with_cwd
include ${./PaperColor_dark.conf}
include ${pkgs.kitty-themes}/themes/PaperColor_dark.conf
'';
# include ${pkgs.kitty-themes}/themes/PaperColor_dark.conf
# THEME CHOICES:
# docs: https://github.com/kovidgoyal/kitty-themes
# theme = "1984 Light"; # dislike: awful, harsh blues/teals

47
hosts/common/home/kitty/PaperColor_dark.conf
View File

@@ -1,47 +0,0 @@
# vim:ft=kitty
## name: PaperColor Dark
## author: Nikyle Nguyen
## license: MIT
## blurb: Dark color scheme inspired by Google's Material Design
# special
foreground #d0d0d0
background #1c1c1c
cursor #d0d0d0
cursor_text_color background
# black
color0 #1c1c1c
color8 #585858
# red
color1 #af005f
color9 #5faf5f
# green
# "color2" is the green color used by ls to indicate executability
# both as text color
# or as bg color when the text is blue (color4)
color2 #246a28
color10 #2df200
# yellow
color3 #d7af5f
color11 #af87d7
# blue
color4 #78c6ef
color12 #ffaf00
# magenta
color5 #808080
color13 #ff5faf
# cyan
color6 #d7875f
color14 #00afaf
# white
color7 #d0d0d0
color15 #5f8787

17
hosts/common/home/offlineimap.nix
View File

@@ -1,17 +0,0 @@
# mail archiving/synchronization tool.
#
# manually download all emails for an account with
# - `offlineimap -a <accountname>`
#
# view account names inside the secrets file, listed below.
{ config, sane-lib, ... }:
{
sops.secrets."offlineimaprc" = {
owner = config.users.users.colin.name;
sopsFile = ../../../secrets/universal/offlineimaprc.bin;
format = "binary";
};
sane.user.fs.".config/offlineimap/config" = sane-lib.fs.wantedSymlinkTo config.sops.secrets.offlineimaprc.path;
}

9
hosts/common/home/ripgrep.nix
View File

@@ -1,9 +0,0 @@
{ sane-lib, ... }:
{
# .ignore file is read by ripgrep (rg), silver searcher (ag), maybe others.
# ignore translation files by default when searching, as they tend to have
# a LOT of duplicate text.
sane.user.fs.".ignore" = sane-lib.fs.wantedText ''
po/
'';
}

3
hosts/common/home/splatmoji.nix
View File

@@ -6,8 +6,7 @@
{
sane.user.persist.plaintext = [ ".local/state/splatmoji" ];
sane.user.fs.".config/splatmoji/splatmoji.config" = sane-lib.fs.wantedText ''
# XXX doesn't seem to understand ~ as shorthand for `$HOME`
history_file=/home/colin/.local/state/splatmoji/history
history_file=~/.local/state/splatmoji/history
history_length=5
# TODO: wayland equiv
paste_command=xdotool key ctrl+v

6
hosts/common/home/ssh.nix
View File

@@ -3,8 +3,7 @@
with lib;
let
host = config.networking.hostName;
user-pubkey-full = config.sane.ssh.pubkeys."colin@${host}" or {};
user-pubkey = user-pubkey-full.asUserKey or null;
user-pubkey = config.sane.ssh.pubkeys."colin@${host}".asUserKey;
host-keys = filter (k: k.user == "root") (attrValues config.sane.ssh.pubkeys);
known-hosts-text = concatStringsSep
"\n"
@@ -14,8 +13,7 @@ in
{
# ssh key is stored in private storage
sane.user.persist.private = [ ".ssh/id_ed25519" ];
sane.user.fs.".ssh/id_ed25519.pub" =
mkIf (user-pubkey != null) (sane-lib.fs.wantedText user-pubkey);
sane.user.fs.".ssh/id_ed25519.pub" = sane-lib.fs.wantedText user-pubkey;
sane.user.fs.".ssh/known_hosts" = sane-lib.fs.wantedText known-hosts-text;
users.users.colin.openssh.authorizedKeys.keys =

243
hosts/common/home/zsh/default.nix
View File

@@ -1,8 +1,6 @@
{ config, lib, pkgs, sane-lib, ... }:
{ pkgs, sane-lib, ... }:
let
inherit (lib) mkOption types;
cfg = config.sane.zsh;
# powerlevel10k prompt config
# p10k.zsh is the auto-generated config, and i overwrite those defaults here, below.
p10k-overrides = ''
@@ -28,134 +26,123 @@ let
'';
in
{
options = {
sane.zsh = {
showDeadlines = mkOption {
type = types.bool;
default = true;
description = "show upcoming deadlines (frommy PKM) upon shell init";
};
};
};
sane.user.persist.plaintext = [
# we don't need to full zsh dir -- just the history file --
# but zsh will sometimes backup the history file and we get fewer errors if we do proper mounts instead of symlinks.
# TODO: should be private?
".local/share/zsh"
# cache gitstatus otherwise p10k fetched it from the net EVERY BOOT
".cache/gitstatus"
];
config = {
sane.user.persist.plaintext = [
# we don't need to full zsh dir -- just the history file --
# but zsh will sometimes backup the history file and we get fewer errors if we do proper mounts instead of symlinks.
# TODO: should be private?
".local/share/zsh"
# cache gitstatus otherwise p10k fetched it from the net EVERY BOOT
".cache/gitstatus"
# zsh/prezto complains if zshrc doesn't exist; but it does allow an "empty" file.
sane.user.fs.".config/zsh/.zshrc" = sane-lib.fs.wantedText "# ";
# enable zsh completions
environment.pathsToLink = [ "/share/zsh" ];
programs.zsh = {
enable = true;
histFile = "$HOME/.local/share/zsh/history";
shellAliases = {
":q" = "exit";
# common typos
"cd.." = "cd ..";
"cd../" = "cd ../";
};
setOptions = [
# defaults:
"HIST_IGNORE_DUPS"
"SHARE_HISTORY"
"HIST_FCNTL_LOCK"
# disable `rm *` confirmations
"rmstarsilent"
];
# zsh/prezto complains if zshrc doesn't exist; but it does allow an "empty" file.
sane.user.fs.".config/zsh/.zshrc" = sane-lib.fs.wantedText "# ";
# enable zsh completions
environment.pathsToLink = [ "/share/zsh" ];
programs.zsh = {
enable = true;
histFile = "$HOME/.local/share/zsh/history";
shellAliases = {
":q" = "exit";
# common typos
"cd.." = "cd ..";
"cd../" = "cd ../";
};
setOptions = [
# defaults:
"HIST_IGNORE_DUPS"
"SHARE_HISTORY"
"HIST_FCNTL_LOCK"
# disable `rm *` confirmations
"rmstarsilent"
];
# .zshenv config:
shellInit = ''
ZDOTDIR=$HOME/.config/zsh
'';
# .zshrc config:
interactiveShellInit =
(builtins.readFile ./p10k.zsh)
+ p10k-overrides
+ prezto-init
+ ''
# zmv is a way to do rich moves/renames, with pattern matching/substitution.
# see for an example: <https://filipe.kiss.ink/zmv-zsh-rename/>
autoload -Uz zmv
HISTORY_IGNORE='(sane-shutdown *|sane-reboot *|rm *|nixos-rebuild.* switch)'
# extra aliases
# TODO: move to `shellAliases` config?
function nd() {
mkdir -p "$1";
pushd "$1";
}
''
+ lib.optionalString cfg.showDeadlines ''
${pkgs.sane-scripts}/bin/sane-deadlines
''
+ ''
# auto-cd into any of these dirs by typing them and pressing 'enter':
hash -d 3rd="/home/colin/dev/3rd"
hash -d dev="/home/colin/dev"
hash -d knowledge="/home/colin/knowledge"
hash -d nixos="/home/colin/nixos"
hash -d nixpkgs="/home/colin/dev/3rd/nixpkgs"
hash -d ref="/home/colin/ref"
hash -d secrets="/home/colin/knowledge/secrets"
hash -d tmp="/home/colin/tmp"
hash -d uninsane="/home/colin/dev/uninsane"
hash -d Videos="/home/colin/Videos"
'';
syntaxHighlighting.enable = true;
vteIntegration = true;
};
# enable a command-not-found hook to show nix packages that might provide the binary typed.
programs.nix-index.enable = true;
programs.command-not-found.enable = false; #< mutually exclusive with nix-index
# prezto = oh-my-zsh fork; controls prompt, auto-completion, etc.
# see: https://github.com/sorin-ionescu/prezto
# i believe this file is auto-sourced by the prezto init.zsh script.
sane.user.fs.".config/zsh/.zpreztorc" = sane-lib.fs.wantedText ''
zstyle ':prezto:*:*' color 'yes'
# modules (they ship with prezto):
# ENVIRONMENT: configures jobs to persist after shell exit; other basic niceties
# TERMINAL: auto-titles terminal (e.g. based on cwd)
# EDITOR: configures shortcuts like Ctrl+U=undo, Ctrl+L=clear
# HISTORY: `history-stat` alias, setopts for good history defaults
# DIRECTORY: sets AUTO_CD, adds `d` alias to list directory stack, and `1`-`9` to cd that far back the stack
# SPECTRUM: helpers for term colors and styling. used by prompts? might be unnecessary
# UTILITY: configures aliases like `ll`, `la`, disables globbing for things like rsync
# adds aliases like `get` to fetch a file. also adds `http-serve` alias??
# COMPLETION: tab completion. requires `utility` module prior to loading
# TODO: enable AUTO_PARAM_SLASH
zstyle ':prezto:load' pmodule \
'environment' \
'terminal' \
'editor' \
'history' \
'directory' \
'spectrum' \
'utility' \
'completion' \
'prompt'
# default keymap. try also `vicmd` (vim normal mode, AKA "cmd mode") or `vi`.
zstyle ':prezto:module:editor' key-bindings 'emacs'
zstyle ':prezto:module:prompt' theme 'powerlevel10k'
# disable `mv` confirmation (and `rm`, too, unfortunately)
zstyle ':prezto:module:utility' safe-ops 'no'
# .zshenv config:
shellInit = ''
ZDOTDIR=$HOME/.config/zsh
'';
# .zshrc config:
interactiveShellInit =
(builtins.readFile ./p10k.zsh)
+ p10k-overrides
+ prezto-init
+ ''
# zmv is a way to do rich moves/renames, with pattern matching/substitution.
# see for an example: <https://filipe.kiss.ink/zmv-zsh-rename/>
autoload -Uz zmv
HISTORY_IGNORE='(sane-shutdown *|sane-reboot *|rm *)'
# extra aliases
# TODO: move to `shellAliases` config?
function nd() {
mkdir -p "$1";
pushd "$1";
}
expiration=$(date -d "6 Mar" +%s)
today=$(date +%s)
days_until=$(( ($expiration - $today) / (24*60*60) ))
echo "You have $days_until days to renew your driver's license"
# auto-cd into any of these dirs by typing them and pressing 'enter':
hash -d 3rd="/home/colin/dev/3rd"
hash -d dev="/home/colin/dev"
hash -d knowledge="/home/colin/knowledge"
hash -d nixos="/home/colin/nixos"
hash -d nixpkgs="/home/colin/dev/3rd/nixpkgs"
hash -d ref="/home/colin/ref"
hash -d secrets="/home/colin/knowledge/secrets"
hash -d tmp="/home/colin/tmp"
hash -d uninsane="/home/colin/dev/uninsane"
hash -d Videos="/home/colin/Videos"
'';
syntaxHighlighting.enable = true;
vteIntegration = true;
};
# enable a command-not-found hook to show nix packages that might provide the binary typed.
programs.nix-index.enable = true;
programs.command-not-found.enable = false; #< mutually exclusive with nix-index
# prezto = oh-my-zsh fork; controls prompt, auto-completion, etc.
# see: https://github.com/sorin-ionescu/prezto
# i believe this file is auto-sourced by the prezto init.zsh script.
sane.user.fs.".config/zsh/.zpreztorc" = sane-lib.fs.wantedText ''
zstyle ':prezto:*:*' color 'yes'
# modules (they ship with prezto):
# ENVIRONMENT: configures jobs to persist after shell exit; other basic niceties
# TERMINAL: auto-titles terminal (e.g. based on cwd)
# EDITOR: configures shortcuts like Ctrl+U=undo, Ctrl+L=clear
# HISTORY: `history-stat` alias, setopts for good history defaults
# DIRECTORY: sets AUTO_CD, adds `d` alias to list directory stack, and `1`-`9` to cd that far back the stack
# SPECTRUM: helpers for term colors and styling. used by prompts? might be unnecessary
# UTILITY: configures aliases like `ll`, `la`, disables globbing for things like rsync
# adds aliases like `get` to fetch a file. also adds `http-serve` alias??
# COMPLETION: tab completion. requires `utility` module prior to loading
# TODO: enable AUTO_PARAM_SLASH
zstyle ':prezto:load' pmodule \
'environment' \
'terminal' \
'editor' \
'history' \
'directory' \
'spectrum' \
'utility' \
'completion' \
'prompt'
# default keymap. try also `vicmd` (vim normal mode, AKA "cmd mode") or `vi`.
zstyle ':prezto:module:editor' key-bindings 'emacs'
zstyle ':prezto:module:prompt' theme 'powerlevel10k'
# disable `mv` confirmation (and `rm`, too, unfortunately)
zstyle ':prezto:module:utility' safe-ops 'no'
'';
}

2
hosts/common/i2p.nix
View File

@@ -1,4 +1,4 @@
{ ... }:
{
services.i2p.enable = true;
# services.i2p.enable = true;
}

4
hosts/common/ids.nix
View File

@@ -1,6 +1,4 @@
# TODO: migrate to nixpkgs `config.ids.uids`
# - note that nixpkgs' `config.ids.uids` is strictly a database: it doesn't set anything by default
# whereas our impl sets the gid/uid of the user/group specified if they exist.
{ ... }:
{
@@ -38,7 +36,7 @@
sane.ids.sshd.uid = 2001; # 997
sane.ids.sshd.gid = 2001; # 997
sane.ids.polkituser.gid = 2002; # 998
sane.ids.systemd-coredump.gid = 2003; # 996 # 2023/02/12-2023/02/28: upstream temporarily specified this as 151
# sane.ids.systemd-coredump.gid = 2003; # 996 # 2023/02/12: upstream now specifies this as 151
sane.ids.nscd.uid = 2004;
sane.ids.nscd.gid = 2004;
sane.ids.systemd-oom.uid = 2005;

116
hosts/common/programs.nix
View File

@@ -16,7 +16,6 @@ let
"gnome.gnome-system-monitor" = gnome.gnome-system-monitor;
"gnome.gnome-terminal" = gnome.gnome-terminal;
"gnome.gnome-weather" = gnome.gnome-weather;
"gnome.totem" = gnome.totem;
"libsForQt5.plasmatube" = libsForQt5.plasmatube;
});
@@ -56,45 +55,23 @@ let
smartmontools
socat
strace
subversion
tcpdump
tree
usbutils
wget
;
};
sysadminExtraPkgs = {
# application-specific packages
inherit (pkgs)
backblaze-b2
duplicity
sqlite # to debug sqlite3 databases
;
};
iphonePkgs = {
inherit (pkgs)
ifuse
ipfs
libimobiledevice
;
};
tuiPkgs = {
inherit (pkgs)
aerc # email client
offlineimap # email mailox sync
visidata # TUI spreadsheet viewer/editor
w3m
;
};
# TODO: split these into smaller groups.
# - transcoders (ffmpeg, imagemagick) only wanted on desko/lappy ("powerutils"?)
# - iphone utils (libimobiledevice, ifuse) only wanted on desko, maybe lappy
# - transcoders (ffmpeg, imagemagick) only wanted on desko/lappy
consolePkgs = {
inherit (pkgs)
aerc # email client
# backblaze-b2 # TODO: put into the same package set as duplicity
cdrtools
dmidecode
# duplicity # TODO: enable as part of some smaller package set
efivar
flashrom
fwupd
@@ -103,14 +80,17 @@ let
gocryptfs
gopass
gopass-jsonapi
ifuse
imagemagick
ipfs
kitty # TODO: move to GUI, but `ssh servo` from kitty sets `TERM=xterm-kitty` in the remove and breaks things
libimobiledevice
libsecret # for managing user keyrings
lm_sensors # for sensors-detect
lshw
ffmpeg
memtester
# networkmanager
networkmanager
nixpkgs-review
# nixos-generators
# nettools
@@ -127,10 +107,13 @@ let
sops
sox
speedtest-cli
sqlite # to debug sqlite3 databases
ssh-to-age
sudo
# tageditor # music tagging
unar
visidata
w3m
wireguard-tools
xdg-utils # for xdg-open
# youtube-dl
@@ -163,7 +146,7 @@ let
"gnome.nautilus"
# gnome-podcasts
"gnome.gnome-system-monitor"
# "gnome.gnome-terminal" # works on phosh
"gnome.gnome-terminal" # works on phosh
"gnome.gnome-weather"
gpodder-configured
gthumb
@@ -194,7 +177,6 @@ let
desktopGuiPkgs = {
inherit (flattenedPkgs)
audacity
brave # for the integrated wallet -- as a backup
chromium
dino
electrum
@@ -203,16 +185,11 @@ let
gajim # XMPP client
gimp # broken on phosh
"gnome.gnome-disk-utility"
# "gnome.totem" # video player, supposedly supports UPnP
handbrake
hase
inkscape
jellyfin-media-player # TODO: try on moby!
kdenlive
kid3 # audio tagging
krita
libreoffice-fresh # XXX colin: maybe don't want this on mobile
mumble
obsidian
;
};
@@ -224,6 +201,9 @@ let
# gnome.zenity # for kaiteki (it will use qarma, kdialog, or zenity)
# gpt2tc # XXX: unreliable mirror
# TODO(unpin): handbrake is broken on aarch64-linux 2023/01/29
handbrake
logseq
losslesscut-bin
makemkv
@@ -235,13 +215,6 @@ let
;
};
# packages not part of any package set
otherPkgs = {
inherit (pkgs)
stepmania
;
};
# define -- but don't enable -- the packages in some attrset.
# use `mkDefault` for the package here so we can customize some of them further down this file
declarePkgs = pkgsAsAttrs: mapAttrs (_n: p: {
@@ -251,46 +224,29 @@ in
{
config = {
sane.programs = mkMerge [
(declarePkgs consolePkgs)
(declarePkgs desktopGuiPkgs)
(declarePkgs guiPkgs)
(declarePkgs iphonePkgs)
(declarePkgs sysadminPkgs)
(declarePkgs sysadminExtraPkgs)
(declarePkgs tuiPkgs)
(declarePkgs consolePkgs)
(declarePkgs guiPkgs)
(declarePkgs desktopGuiPkgs)
(declarePkgs x86GuiPkgs)
(declarePkgs otherPkgs)
{
# link the various package sets into their own meta packages
consoleUtils = {
package = null;
suggestedPrograms = attrNames consolePkgs;
};
desktopGuiApps = {
package = null;
suggestedPrograms = attrNames desktopGuiPkgs;
};
guiApps = {
package = null;
suggestedPrograms = (attrNames guiPkgs)
++ [ "tuiApps" ]
++ optional (pkgs.system == "x86_64-linux") "x86GuiApps";
};
iphoneUtils = {
package = null;
suggestedPrograms = attrNames iphonePkgs;
};
sysadminUtils = {
package = null;
suggestedPrograms = attrNames sysadminPkgs;
};
sysadminExtraUtils = {
consoleUtils = {
package = null;
suggestedPrograms = attrNames sysadminExtraPkgs;
suggestedPrograms = attrNames consolePkgs;
};
tuiApps = {
guiApps = {
package = null;
suggestedPrograms = attrNames tuiPkgs;
suggestedPrograms = (attrNames guiPkgs)
++ optional (pkgs.system == "x86_64-linux") "x86GuiApps";
};
desktopGuiApps = {
package = null;
suggestedPrograms = attrNames desktopGuiPkgs;
};
x86GuiApps = {
package = null;
@@ -306,7 +262,14 @@ in
dino.private = [ ".local/share/dino" ];
# creds, but also 200 MB of node modules, etc
discord.private = [ ".config/discord" ];
discord = {
package = pkgs.discord.override {
# XXX 2022-07-31: fix to allow links to open in default web-browser:
# https://github.com/NixOS/nixpkgs/issues/78961
nss = pkgs.nss_latest;
};
private = [ ".config/discord" ];
};
# creds/session keys, etc
element-desktop.private = [ ".config/Element" ];
@@ -320,19 +283,12 @@ in
# then startup is SLOW during feed import, and we might end up with zombie eps in the dl dir.
gpodder-configured.dir = [ "gPodder" ];
# jellyfin stores things in a bunch of directories: this one persists auth info.
# it *might* be possible to populate this externally (it's Qt stuff), but likely to
# be fragile and take an hour+ to figure out.
jellyfin-media-player.dir = [ ".local/share/Jellyfin Media Player" ];
# actual monero blockchain (not wallet/etc; safe to delete, just slow to regenerate)
# XXX: is it really safe to persist this? it doesn't have info that could de-anonymize if captured?
monero-gui.dir = [ ".bitmonero" ];
mpv.dir = [ ".config/mpv/watch_later" ];
mumble.private = [ ".local/share/Mumble" ];
# not strictly necessary, but allows caching articles; offline use, etc.
newsflash.dir = [ ".local/share/news-flash" ];
nheko.private = [

7
hosts/common/secrets.nix
View File

@@ -55,9 +55,6 @@
sops.secrets."router_passwd" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."transmission_passwd" = {
sopsFile = ../../secrets/universal.yaml;
};
sops.secrets."wg_ovpnd_us_privkey" = {
sopsFile = ../../secrets/universal.yaml;
};
@@ -106,10 +103,6 @@
sopsFile = ../../secrets/universal/net/home-shared.psk.bin;
format = "binary";
};
sops.secrets."iwd/makespace-south.psk" = {
sopsFile = ../../secrets/universal/net/makespace-south.psk.bin;
format = "binary";
};
sops.secrets."iwd/archive-2023-02-home-bedroom.psk" = {
sopsFile = ../../secrets/universal/net/archive/2023-02-home-bedroom.psk.bin;
format = "binary";

1
hosts/common/users.nix
View File

@@ -97,7 +97,6 @@ in
# convenience
sane.user.fs."knowledge" = fs.wantedSymlinkTo "private/knowledge";
sane.user.fs."nixos" = fs.wantedSymlinkTo "dev/nixos";
sane.user.fs."Books/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Books";
sane.user.fs."Videos/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Videos";
sane.user.fs."Videos/servo-incomplete" = fs.wantedSymlinkTo "/mnt/servo-media/incomplete";
sane.user.fs."Music/servo" = fs.wantedSymlinkTo "/mnt/servo-media/Music";

4
hosts/instantiate.nix
View File

@@ -4,7 +4,7 @@
{ hostName, localSystem }:
# module args
{ config, lib, ... }:
{ config, ... }:
{
imports = [
@@ -14,8 +14,6 @@
];
networking.hostName = hostName;
nixpkgs.buildPlatform = lib.mkIf (localSystem != null) localSystem;
sane.cross.enablePatches = localSystem != null;
# nixpkgs.overlays = [
# (next: prev: {

1
hosts/modules/default.nix
View File

@@ -11,6 +11,5 @@
./roles
./services
./wg-home.nix
./yggdrasil.nix
];
}

11
hosts/modules/gui/phosh.nix
View File

@@ -28,7 +28,6 @@ in
"guiApps"
# TODO: see about removing gnome-bluetooth if the in-built gnome-settings bluetooth manager can work
"gnome.gnome-bluetooth"
"gnome.gnome-terminal"
"phosh-mobile-settings"
# "plasma5Packages.konsole" # more reliable terminal
];
@@ -38,13 +37,11 @@ in
sane.programs = {
inherit (pkgs // {
"gnome.gnome-bluetooth" = pkgs.gnome.gnome-bluetooth;
"gnome.gnome-terminal" = pkgs.gnome.gnome-terminal;
"plasma5Packages.konsole" = pkgs.plasma5Packages.konsole;
})
phosh-mobile-settings
"plasma5Packages.konsole"
# "gnome.gnome-bluetooth"
"gnome.gnome-terminal"
;
};
}
@@ -52,12 +49,6 @@ in
(mkIf cfg.enable {
sane.programs.phoshApps.enableFor.user.colin = true;
# TODO(2023/02/28): remove this qt.style = "gtk2" override.
# gnome by default tells qt to stylize its apps similar to gnome.
# but the package needed for that doesn't cross-compile, hence i disable that here.
# qt.platformTheme = "gtk2";
# qt.style = "gtk2";
# docs: https://github.com/NixOS/nixpkgs/blob/nixos-22.05/nixos/modules/services/x11/desktop-managers/phosh.nix
services.xserver.desktopManager.phosh = {
enable = true;
@@ -91,6 +82,8 @@ in
# gnome doesn't use mkDefault for these -- unclear why not
services.gnome.evolution-data-server.enable = mkForce false;
services.gnome.gnome-online-miners.enable = mkForce false;
# TODO: re-enable this once we can cross-compile gvfs
services.gvfs.enable = mkForce false;
# XXX: phosh enables networkmanager by default; can probably disable these lines
networking.useDHCP = false;

3
hosts/modules/gui/sway.nix
View File

@@ -133,7 +133,6 @@ in
# # "pavucontrol"
"gnome.gnome-bluetooth"
"gnome.gnome-control-center"
"sway-contrib.grimshot"
];
};
}
@@ -142,7 +141,6 @@ in
inherit (pkgs // {
"gnome.gnome-bluetooth" = pkgs.gnome.gnome-bluetooth;
"gnome.gnome-control-center" = pkgs.gnome.gnome-control-center;
"sway-contrib.grimshot" = pkgs.sway-contrib.grimshot;
})
swaylock
swayidle
@@ -150,7 +148,6 @@ in
mako
"gnome.gnome-bluetooth"
"gnome.gnome-control-center"
"sway-contrib.grimshot"
;
};
}

5
hosts/modules/hardware/x86_64.nix
View File

@@ -9,6 +9,11 @@
# efi_pstore evivars
];
# enable cross compilation
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
# nixpkgs.config.allowUnsupportedSystem = true;
# nixpkgs.crossSystem.system = "aarch64-linux";
powerManagement.cpuFreqGovernor = "powersave";
hardware.cpu.amd.updateMicrocode = true; # desktop
hardware.cpu.intel.updateMicrocode = true; # laptop

8
hosts/modules/hosts.nix
View File

@@ -69,7 +69,7 @@ in
ssh.host_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFw9NoRaYrM6LbDd3aFBc4yyBlxGQn8HjeHd/dZ3CfHk";
wg-home.pubkey = "17PMZssYi0D4t2d0vbmhjBKe1sGsE8kT8/dod0Q2CXc=";
wg-home.ip = "10.0.10.22";
lan-ip = "192.168.15.25";
lan-ip = "192.168.0.22";
};
sane.hosts.by-name."lappy" = {
@@ -77,7 +77,7 @@ in
ssh.host_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILSJnqmVl9/SYQ0btvGb0REwwWY8wkdkGXQZfn/1geEc";
wg-home.pubkey = "FTUWGw2p4/cEcrrIE86PWVnqctbv8OYpw8Gt3+dC/lk=";
wg-home.ip = "10.0.10.20";
lan-ip = "192.168.15.13";
lan-ip = "192.168.0.20";
};
sane.hosts.by-name."moby" = {
@@ -85,7 +85,7 @@ in
ssh.host_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1N/IT3nQYUD+dBlU1sTEEVMxfOyMkrrDeyHcYgnJvw";
wg-home.pubkey = "I7XIR1hm8bIzAtcAvbhWOwIAabGkuEvbWH/3kyIB1yA=";
wg-home.ip = "10.0.10.48";
lan-ip = "192.168.15.28";
lan-ip = "192.168.0.48";
};
sane.hosts.by-name."servo" = {
@@ -94,7 +94,7 @@ in
wg-home.pubkey = "roAw+IUFVtdpCcqa4khB385Qcv9l5JAB//730tyK4Wk=";
wg-home.ip = "10.0.10.5";
wg-home.endpoint = "uninsane.org:51820";
lan-ip = "192.168.15.24";
lan-ip = "192.168.0.5";
};
};
}

19
hosts/modules/nixcache.nix
View File

@@ -13,7 +13,6 @@
with lib;
let
cfg = config.sane.nixcache;
hostName = config.networking.hostName;
in
{
options = {
@@ -25,17 +24,6 @@ in
default = config.sane.nixcache.enable;
type = types.bool;
};
sane.nixcache.substituters = mkOption {
type = types.listOf types.string;
default =
# TODO: make these blacklisted entries injectable
(lib.optional (hostName != "servo") "https://nixcache.uninsane.org")
++ (lib.optional (hostName != "servo" && hostName != "desko") "http://desko:5000")
++ [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
};
};
config = {
@@ -43,7 +31,12 @@ in
# to explicitly build from a specific cache (in case others are down):
# - `nixos-rebuild ... --option substituters https://cache.nixos.org`
# - `nix build ... --substituters http://desko:5000`
nix.settings.substituters = mkIf cfg.enable cfg.substituters;
nix.settings.substituters = mkIf cfg.enable [
"https://nixcache.uninsane.org"
"http://desko:5000"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
# always trust our keys (so one can explicitly use a substituter even if it's not the default
nix.settings.trusted-public-keys = mkIf cfg.enable-trusted-keys [
"nixcache.uninsane.org:r3WILM6+QrkmsLgqVQcEdibFD7Q/4gyzD9dGT33GP70="

82
hosts/modules/roles/build-machine.nix
View File

@@ -1,82 +0,0 @@
{ config, lib, pkgs, sane-lib, ... }:
let
inherit (lib) mkIf mkMerge mkOption types;
inherit (config.programs.ccache) cacheDir;
cfg = config.sane.roles.build-machine;
in
{
options.sane.roles.build-machine = {
enable = mkOption {
type = types.bool;
default = false;
};
emulation = mkOption {
type = types.bool;
default = true;
};
ccache = mkOption {
type = types.bool;
default = true;
};
};
config = mkMerge [
({
sane.programs.qemu = pkgs.qemu;
})
(mkIf cfg.enable {
# enable opt-in emulation of any package at runtime.
# i.e. `nix build '.#host-pkgs.moby.bash' ; qemu-aarch64 ./result/bin/bash`.
sane.programs.qemu.enableFor.user.colin = true;
# serve packages to other machines that ask for them
sane.services.nixserve.enable = true;
# enable cross compilation
# TODO: do this via stdenv injection, linking into /run/binfmt the stuff in <nixpkgs:nixos/modules/system/boot/binfmt.nix>
boot.binfmt.emulatedSystems = lib.optionals cfg.emulation [
"aarch64-linux"
# "aarch64-darwin" # not supported
# "x86_64-darwin" # not supported
];
# corresponds to env var: NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1
# nixpkgs.config.allowUnsupportedSystem = true;
})
(mkIf (cfg.enable && cfg.ccache) {
# programs.ccache.cacheDir = "/var/cache/ccache"; # nixos default
# programs.ccache.cacheDir = "/homeless-shelter/.ccache"; # ccache default (~/.ccache)
# if the cache doesn't reside at ~/.ccache, then CCACHE_DIR has to be set.
# we can do that manually as commented out below, or let nixos do it for us by telling it to use ccache on a dummy package:
programs.ccache.packageNames = [ "dummy-pkg-to-force-ccache-config" ];
# nixpkgs.overlays = [
# (self: super: {
# # XXX: if the cache resides not at ~/.ccache (i.e. /homeless-shelter/.ccache)
# # then we need to explicitly tell ccache where that is.
# ccacheWrapper = super.ccacheWrapper.override {
# extraConfig = ''
# export CCACHE_DIR="${cacheDir}"
# '';
# };
# })
# ];
# granular compilation cache
# docs: <https://nixos.wiki/wiki/CCache>
# investigate the cache with:
# - `nix-ccache --show-stats`
# - `build '.#ccache'
# - `sudo CCACHE_DIR=/var/cache/ccache ./result/bin/ccache --show-stats -v`
# TODO: whitelist `--verbose` in <nixpkgs:nixos/modules/programs/ccache.nix>
# TODO: configure without compression (leverage fs-level compression), and enable file-clone (i.e. hardlinks)
programs.ccache.enable = true;
nix.settings.extra-sandbox-paths = [ cacheDir ];
sane.persist.sys.plaintext = [
{ group = "nixbld"; mode = "0775"; directory = config.programs.ccache.cacheDir; }
];
sane.fs."${cacheDir}/ccache.conf" = sane-lib.fs.wantedText ''
max_size = 50G
'';
})
];
}

1
hosts/modules/roles/default.nix
View File

@@ -1,7 +1,6 @@
{ ... }:
{
imports = [
./build-machine.nix
./client
];
}

30
hosts/modules/yggdrasil.nix
View File

@@ -1,30 +0,0 @@
# docs: <nixpkgs:nixos/modules/services/networking/yggdrasil.md>
# - or message CW/0x00
{ config, lib, ... }:
let
inherit (lib) mkIf mkOption types;
cfg = config.sane.yggdrasil;
in
{
options.sane.yggdrasil = {
enable = mkOption {
type = types.bool;
default = false;
};
};
config = mkIf cfg.enable {
services.yggdrasil = {
enable = true;
persistentKeys = true;
config = {
IFName = "ygg0";
Peers = [
"tls://longseason.1200bps.xyz:13122"
];
};
};
};
}

21
modules/data/feeds/sources/acquiredlpbonussecretsecret.libsyn.com/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 443732,
"content_type": "application/rss+xml; charset=utf-8",
"description": "Ben and David are joined by expert founders and investors \u2014 writing the next generation of great company stories in real-time.\n\nWe go behind the scenes on their journeys and bring back emerging insights and lessons that are useful for anyone in the tech and investing ecosystems.\n\nAcquired covers yesterday. ACQ2 covers tomorrow.",
"favicon": "",
"favicon_data_uri": "",
"hubs": [],
"is_podcast": true,
"is_push": false,
"item_count": 92,
"last_updated": "2023-03-02T17:03:15+00:00",
"score": 10,
"self_url": "https://acquiredlpbonussecretsecret.libsyn.com/",
"site_name": "ACQ2 by Acquired",
"site_url": "https://acquiredlpbonussecretsecret.libsyn.com",
"title": "ACQ2 by Acquired",
"url": "https://acquiredlpbonussecretsecret.libsyn.com",
"velocity": 0.057,
"version": "rss20"
}

21
modules/data/feeds/sources/ascii.textfiles.com/default.json
View File

File diff suppressed because one or more lines are too long

21
modules/data/feeds/sources/blog.rust-lang.org/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 76362,
"content_type": "application/xml; charset=utf-8",
"description": "Empowering everyone to build reliable and efficient software.",
"favicon": "https://blog.rust-lang.org/images/favicon-16x16.png",
"favicon_data_uri": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAA3XAAAN1wFCKJt4AAAAB3RJTUUH4gseBBkAzEcAUAAAAWlJREFUOMul079L1WEUBvCPdhPUzbhC3JYQwn6MLTU4CA5C/QMJimQS2NDiZpM0NDoZ0iK4+SdIV5ykpgKtIYyiqCBSuKBBibflufBiVxt64eV73uc855z3fb7ndPh7daMPU/gR7ByeYRc/nbJGMI8GjvAKb2M34hspA84U9jgeYAIv8Bi9+IxFnMcYLqCJ12WiYTzHL0wee05Xcb6H3+EOt8CeXK0Z526b/R1ruIL74c4nVi3v+4BvOAxhHzv4lHMTb3A1WAO1zqjdhRU8SjWpOIBBvAx2hFEsRZ8pmEn28ZC+FhXLvY9L4UwHm+ksBNo79kvf4QlWC61uxR5qkSqoJttkROqN7wDvk+Q6LuIh+nEnMdVSxOYJ+zKetsEbqFVy9QXMpYE28TE3gC+YxXaKDeFGYvYqIa7jZppjI/2w1GZGzia4npiDSpz1tCjcjg5VbAW7hrtpqjqW8/3nMLXee+IwdfzvOP8BuzB3onylpecAAAAASUVORK5CYII=",
"hubs": [],
"is_podcast": false,
"is_push": false,
"item_count": 10,
"last_updated": "2023-03-09T00:00:00+00:00",
"score": 20,
"self_url": "https://blog.rust-lang.org/feed.xml",
"site_name": "The Rust Programming Language Blog",
"site_url": "https://blog.rust-lang.org",
"title": "Rust Blog",
"url": "https://blog.rust-lang.org/feed.xml",
"velocity": 0.096,
"version": "atom10"
}

23
modules/data/feeds/sources/feeds.libsyn.com/421877/default.json
View File

@@ -1,23 +0,0 @@
{
"bozo": 0,
"content_length": 272569,
"content_type": "text/xml; charset=utf-8",
"description": "Audio version of the posts shared in the LessWrong Curated newsletter.",
"favicon": "",
"favicon_data_uri": "",
"hubs": [
"https://pubsubhubbub.appspot.com/"
],
"is_podcast": true,
"is_push": true,
"item_count": 56,
"last_updated": "2023-03-08T08:00:00+00:00",
"score": 32,
"self_url": "https://feeds.buzzsprout.com/2037297.rss",
"site_name": "",
"site_url": "",
"title": "LessWrong Curated Podcast",
"url": "https://feeds.buzzsprout.com/2037297.rss",
"velocity": 0.192,
"version": "rss20"
}

21
modules/data/feeds/sources/feeds.megaphone.fm/hubermanlab/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 1377252,
"content_type": "application/xml; charset=utf-8",
"description": "Andrew Huberman, Ph.D.",
"favicon": "",
"favicon_data_uri": "",
"hubs": [],
"is_podcast": true,
"is_push": false,
"item_count": 129,
"last_updated": "2023-03-06T09:00:00+00:00",
"score": 14,
"self_url": "https://feeds.megaphone.fm/hubermanlab",
"site_name": "",
"site_url": "",
"title": "Huberman Lab",
"url": "https://feeds.megaphone.fm/hubermanlab",
"velocity": 0.159,
"version": "rss20"
}

21
modules/data/feeds/sources/mapspodcast.libsyn.com/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 256360,
"content_type": "application/rss+xml; charset=utf-8",
"description": "Hosted by Zach Leary, the intent of the podcast is to bring you the listener an easily accessible resource for a variety of topics all related to psychedelic research. There is a lot to learn about new research into the therapeutic potential of psychedelics and marijuana. Over the years, the Multidisciplinary Association for Psychedelic Studies (MAPS) has amassed an incredible treasure trove of audio archives sourced from the amazing talks, presentations and panels that have taken place at past Psychedelic Science conferences and other unique events. By selecting some of that content and then bringing it to you in a podcast we hope to create a centralized location for the greater MAPS community. If you're a researcher, scientist, medical professional or just a curiosity seeker we hope that you'll find this content a valuable resource tool.\n\nPlease visit the MAPS website at https://maps.org",
"favicon": "",
"favicon_data_uri": "",
"hubs": [],
"is_podcast": true,
"is_push": false,
"item_count": 62,
"last_updated": "2023-03-06T20:20:00+00:00",
"score": 0,
"self_url": "https://feeds.libsyn.com/95610/rss",
"site_name": "",
"site_url": "",
"title": "MAPS Podcast",
"url": "https://feeds.libsyn.com/95610/rss",
"velocity": 0.028,
"version": "rss20"
}

21
modules/data/feeds/sources/omny.fm/shows/cool-people-who-did-cool-stuff/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 242702,
"content_type": "application/xml; charset=utf-8",
"description": "<p>As long as there&rsquo;s been oppression, there&rsquo;ve been people fighting it. This weekly podcast dives into history to drag up the wildest rebels, the most beautiful revolts, and all the people who long to be&mdash;and fight to be&mdash;free. It explores complex stories of resistance that offer lessons and inspiration for us today, focusing on the ensemble casts that make up each act of history. That is to say, this podcast focuses on Cool People Who Did Cool Stuff.</p>",
"favicon": "",
"favicon_data_uri": "",
"hubs": [],
"is_podcast": true,
"is_push": false,
"item_count": 86,
"last_updated": "2023-03-20T04:01:00+00:00",
"score": -12,
"self_url": "https://www.omnycontent.com/d/playlist/e73c998e-6e60-432f-8610-ae210140c5b1/45bcda9a-4724-45c0-82ca-ae7f00e1dd18/f21245f2-a297-42f7-a016-ae7f00e390c4/podcast.rss",
"site_name": "",
"site_url": "",
"title": "Cool People Who Did Cool Stuff",
"url": "https://www.omnycontent.com/d/playlist/e73c998e-6e60-432f-8610-ae210140c5b1/45bcda9a-4724-45c0-82ca-ae7f00e1dd18/f21245f2-a297-42f7-a016-ae7f00e390c4/podcast.rss",
"velocity": 0.256,
"version": "rss20"
}

21
modules/data/feeds/sources/poorlydrawnlines.com/feed/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 13524,
"content_type": "application/rss+xml; charset=utf-8",
"description": "A Comic",
"favicon": "http://www.poorlydrawnlines.com/wp-content/themes/PoorlyDrawnLines/images/favicon.ico",
"favicon_data_uri": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAK6wAACusBgosNWgAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNXG14zYAAAE+SURBVDiNnZO9rgFRFIW/Yy4KCldDN4VCQ63STTyAR0BU3kEy8SQeYiIRKq+gkFytZAo/0VBZtxC5Y85McFdymr2Sb6+z9zlG0g/wTUyHwwGAcrkct6I6IumsiHa7nTqdjkqlknK5nBqNhsbjsU6nkxJ0RtI+WgmCQICMMWq323JdV4BarZbCMIwD9hZgNpsJ0Gg0kiRdr1f1+30B6vV6FiATv5TjOABUKhUA8vk8w+EQgPV6bQ3BAki6G5k/KwxDADzPswBfaYDNZsNyuWS73TKZTCgWiwwGA3sP8RnM53MBT6dQKGg6nSZtYW8leER3XZd6vY7neXS7XWq1mt09KcFisRAg3/eTOr7ewkO32y3Nek6cZjyG+W/Au0p9B58kyEYLxpi7kXkrXNYo9p0vlwur1Ypms0m1Wn0FOP4CBWA38rLJ0EUAAAAASUVORK5CYII=",
"hubs": [],
"is_podcast": false,
"is_push": false,
"item_count": 10,
"last_updated": "2023-03-22T17:51:01+00:00",
"score": 12,
"self_url": "https://poorlydrawnlines.com/feed/",
"site_name": "Poorly Drawn Lines",
"site_url": "https://poorlydrawnlines.com",
"title": "Poorly Drawn Lines",
"url": "https://poorlydrawnlines.com/feed/",
"velocity": 0.272,
"version": "rss20"
}

21
modules/data/feeds/sources/reverseengineering.libsyn.com/rss/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 560867,
"content_type": "application/rss+xml; charset=utf-8",
"description": "Listen and learn about different reverse engineering hardware projects and methods as Alvaro (@alvaroprieto) and Jen(@rebelbotjen) talk with guests about their work.",
"favicon": "",
"favicon_data_uri": "",
"hubs": [],
"is_podcast": true,
"is_push": false,
"item_count": 63,
"last_updated": "2022-12-30T15:42:48+00:00",
"score": 18,
"self_url": "https://reverseengineering.libsyn.com/rss",
"site_name": "",
"site_url": "",
"title": "Unnamed Reverse Engineering Podcast",
"url": "https://reverseengineering.libsyn.com/rss",
"velocity": 0.032,
"version": "rss20"
}

21
modules/data/feeds/sources/thisweek.gnome.org/default.json
View File

@@ -1,21 +0,0 @@
{
"bozo": 0,
"content_length": 1250267,
"content_type": "text/xml; charset=utf-8",
"description": "Recent content on This Week in GNOME",
"favicon": "https://thisweek.gnome.org/images/favicon-32x32.png",
"favicon_data_uri": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAABYAAAAWABINkT2gAAABl0RVh0U29mdHdhcmUAd3d3Lmlua3NjYXBlLm9yZ5vuPBoAAAI5SURBVFiFvdZPiE1RHAfwz/xBxhSTISxYaJSiJAklioWNjYWVhYWUtYRMslEWSv7WkPybsbHSGMmGDUmhyEKihMgsjMQsnjEW597emdt7z7vvvplvnTr3d3/n9/3ec8/vd35MHVqnkAu0YR+eoYQxPMWyZhEswH0M43DmXTuGMF5hXGyWgMEo6A8Tt/h0FfJxnGmEbA160ZU8twvbGgeenrxbgj81BKzNS746IhtIbB2ZoJ8j/6M1yIfyksORKMB3tCT2T5H9cuR/qwr5NyzMBq8nNYaj+Zxonu5GSfjnKdoqxBjBdnypg08XruFA8jwfv5W/IkUH+rAzs77XxC9/g1X1EKc4Fy3enNj2Cnl8qY71nejHk0TMzDzkcCUScCGy92BG3mD/Q3sF2w3sTuZLI/vbaN6NbVgnpN28xFYSDudjYRfiNblwTNiBqxn7VtxRO8/TUcL+RgXACsxN5otxtw7S7PiLlUVEwAbh9OclT8euIuTLheLTKPm4cE4aQgseFSR/qFw5c2NjQfJ3WNQoOZwoQH5PSMtCGGiAeBSHNKn96stJ/kAT2y3YUyfxLxw0CU1nj1BIapG/EErxpCHu+7Ljo3KlTNGNs/iQ+PzE8SIC1qu+C6cq+Fcq1yNFBMDJKgKeY1rG93UFv9tFBUwXrtdKIgaV832T0LRkfbYUFQCzVS/Lo3il8hXd3wzyFJ24WUVEtXtgVjMFpNiB9zWIx4RWLncvmAetQkt2XTh4X/ES5zWhAZlS/AMHdE5EpHwlOQAAAABJRU5ErkJggg==",
"hubs": [],
"is_podcast": false,
"is_push": false,
"item_count": 86,
"last_updated": "2023-03-10T00:00:00+00:00",
"score": 46,
"self_url": "https://thisweek.gnome.org/index.xml",
"site_name": "This Week in GNOME",
"site_url": "https://thisweek.gnome.org",
"title": "This Week in GNOME",
"url": "https://thisweek.gnome.org/index.xml",
"velocity": 0.141,
"version": "rss20"
}

21
modules/data/feeds/sources/xn--gckvb8fzb.com/default.json
View File

File diff suppressed because one or more lines are too long

2
modules/fs/default.nix
View File

@@ -189,7 +189,7 @@ let
serviceConfig.Type = "oneshot";
script = wrapper.script;
scriptArgs = escapeShellArgs wrapper.scriptArgs;
scriptArgs = builtins.concatStringsSep " " wrapper.scriptArgs;
after = gen-opt.depends;
wants = gen-opt.depends;

3
modules/persist/default.nix
View File

@@ -124,9 +124,6 @@ let
# <option>.private.".cache/vim" = { mode = "0700"; };
# to place ".cache/vim" into the private store and create with the appropriate mode
dirsSubModule = types.submodule ({ config, ... }: {
# TODO: this should be a plain-old `attrsOf (convertInlineAcl entryInStoreOrShorthand)` with downstream checks,
# rather than being filled in based on *other* settings.
# otherwise, it behaves poorly when `sane.persist.enable = false`
options = lib.attrsets.unionOfDisjoint
(mapAttrs (store: store-cfg: mkOption {
default = [];

7
modules/services/dyn-dns.nix
View File

@@ -3,11 +3,6 @@
with lib;
let
cfg = config.sane.services.dyn-dns;
getIp = pkgs.writeShellScript "dyn-dns-query-wan" ''
# preferred method and fallback
${pkgs.sane-scripts}/bin/sane-ip-check-router-wan || \
${pkgs.sane-scripts}/bin/sane-ip-check
'';
in
{
options = {
@@ -24,7 +19,7 @@ in
};
ipCmd = mkOption {
default = "${getIp}";
default = "${pkgs.sane-scripts}/bin/sane-ip-check-router-wan";
type = types.path;
description = "command to run to query the current WAN IP";
};

15
modules/services/trust-dns.nix
View File

@@ -7,20 +7,7 @@ with lib;
let
cfg = config.sane.services.trust-dns;
toml = pkgs.formats.toml { };
recordFormatters = {
# quote rules for zone files:
# - any character may be encoded by `\DDD`, where `DDD` represents its ascii value in base 8.
# - any non-digit `X` may be encoded by `\X`.
# - stated in: <https://www.ietf.org/rfc/rfc1035.txt>: 5.1 Format
# - visible in <trust-dns:crates/proto/src/serialize/txt/zone_lex.rs:escape_seq>
# for us, we can just replace `\` => `\\ and `"` -> `\"`
TXT = value: "\"" + (lib.escape [ "\\" "\"" ] value) + "\"";
};
fmtRecord = proto: rrtype: name: value:
let
formatter = recordFormatters."${rrtype}" or lib.id;
in
"${name}\t${proto}\t${rrtype}\t${formatter value}";
fmtRecord = proto: rrtype: name: value: "${name}\t${proto}\t${rrtype}\t${value}";
fmtRecordList = proto: rrtype: name: values: concatStringsSep
"\n"
(map (fmtRecord proto rrtype name) values)

23
nixpatches/2023-02-28-mesa-22.3.6.patch
View File

@@ -1,23 +0,0 @@
diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix
index 52633a6d21649..20d839b74c2ea 100644
--- a/pkgs/development/libraries/mesa/default.nix
+++ b/pkgs/development/libraries/mesa/default.nix
@@ -88,7 +88,7 @@
let
# Release calendar: https://www.mesa3d.org/release-calendar.html
# Release frequency: https://www.mesa3d.org/releasing.html#schedule
- version = "22.3.5";
+ version = "22.3.6";
branch = lib.versions.major version;
withLibdrm = lib.meta.availableOn stdenv.hostPlatform libdrm;
@@ -120,7 +120,7 @@ self = stdenv.mkDerivation {
"ftp://ftp.freedesktop.org/pub/mesa/${version}/mesa-${version}.tar.xz"
"ftp://ftp.freedesktop.org/pub/mesa/older-versions/${branch}.x/${version}/mesa-${version}.tar.xz"
];
- sha256 = "3eed2ecae2bc674494566faab9fcc9beb21cd804c7ba2b59a1694f3d7236e6a9";
+ hash = "sha256-TsjsZdvbHulETbpylwiQEooZVDpYzwWTG9b1TxJOEX8=";
};
# TODO:

34
nixpatches/2023-03-03-qtbase-cross-compile.patch
View File

@@ -1,34 +0,0 @@
diff --git a/pkgs/development/libraries/qt-6/modules/qtbase.nix b/pkgs/development/libraries/qt-6/modules/qtbase.nix
index e71b0a7613d..72779ac57a5 100644
--- a/pkgs/development/libraries/qt-6/modules/qtbase.nix
+++ b/pkgs/development/libraries/qt-6/modules/qtbase.nix
@@ -5,6 +5,7 @@
, version
, coreutils
, bison
+, buildPackages
, flex
, gdb
, gperf
@@ -224,6 +225,8 @@ stdenv.mkDerivation rec {
] ++ lib.optionals stdenv.isDarwin [
# error: 'path' is unavailable: introduced in macOS 10.15
"-DQT_FEATURE_cxx17_filesystem=OFF"
+ ] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
+ "-DQT_HOST_PATH=${buildPackages.qt6.full}"
];
NIX_LDFLAGS = toString (lib.optionals stdenv.isDarwin [
diff --git a/pkgs/development/libraries/qt-6/qtModule.nix b/pkgs/development/libraries/qt-6/qtModule.nix
index 28180d3b0ca..f14c73b10ee 100644
--- a/pkgs/development/libraries/qt-6/qtModule.nix
+++ b/pkgs/development/libraries/qt-6/qtModule.nix
@@ -61,7 +61,7 @@ stdenv.mkDerivation (args // {
if [[ -z "$dontSyncQt" && -f sync.profile ]]; then
# FIXME: this probably breaks crosscompiling as it's not from nativeBuildInputs
# I don't know how to get /libexec from nativeBuildInputs to work, it's not under /bin
- ${lib.getDev self.qtbase}/libexec/syncqt.pl -version "''${version%%-*}"
+ perl ${lib.getDev self.qtbase}/libexec/syncqt.pl -version "''${version%%-*}"
fi
'';

65
nixpatches/2023-03-04-ccache-cross-fix.patch
View File

@@ -1,65 +0,0 @@
diff --git a/pkgs/development/tools/misc/ccache/default.nix b/pkgs/development/tools/misc/ccache/default.nix
index cad25a942d6..9130097ab07 100644
--- a/pkgs/development/tools/misc/ccache/default.nix
+++ b/pkgs/development/tools/misc/ccache/default.nix
@@ -2,7 +2,7 @@
, stdenv
, fetchFromGitHub
, substituteAll
-, binutils
+, buildPackages
, asciidoctor
, cmake
, perl
@@ -33,7 +33,7 @@ let ccache = stdenv.mkDerivation rec {
# Darwin.
(substituteAll {
src = ./force-objdump-on-darwin.patch;
- objdump = "${binutils.bintools}/bin/objdump";
+ objdump = "${buildPackages.binutils.bintools}/bin/objdump";
})
];
@@ -71,11 +71,12 @@ let ccache = stdenv.mkDerivation rec {
passthru = {
# A derivation that provides gcc and g++ commands, but that
# will end up calling ccache for the given cacheDir
- links = {unwrappedCC, extraConfig}: stdenv.mkDerivation {
+ links = {unwrappedCC, extraConfig, targetPrefix ? ""}: stdenv.mkDerivation {
name = "ccache-links";
passthru = {
isClang = unwrappedCC.isClang or false;
isGNU = unwrappedCC.isGNU or false;
+ cc = unwrappedCC;
};
inherit (unwrappedCC) lib;
nativeBuildInputs = [ makeWrapper ];
@@ -83,7 +84,7 @@ let ccache = stdenv.mkDerivation rec {
mkdir -p $out/bin
wrap() {
- local cname="$1"
+ local cname="${targetPrefix}$1"
if [ -x "${unwrappedCC}/bin/$cname" ]; then
makeWrapper ${ccache}/bin/ccache $out/bin/$cname \
--run ${lib.escapeShellArg extraConfig} \
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index cb6fd2f0c4d..da4aadff3cb 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -17383,10 +17383,12 @@ with pkgs;
# should be owned by user root, group nixbld with permissions 0770.
ccacheWrapper = makeOverridable ({ extraConfig, cc }:
cc.override {
- cc = ccache.links {
+ cc = ccache.links ({
inherit extraConfig;
unwrappedCC = cc.cc;
- };
+ } // lib.optionalAttrs (cc ? targetPrefix) {
+ inherit (cc) targetPrefix;
+ });
}) {
extraConfig = "";
inherit (stdenv) cc;

178
nixpatches/2023-03-10-hase.patch
View File

@@ -1,178 +0,0 @@
diff --git a/pkgs/development/libraries/sparrow3d/default.nix b/pkgs/development/libraries/sparrow3d/default.nix
new file mode 100644
index 00000000000..331a02efc5f
--- /dev/null
+++ b/pkgs/development/libraries/sparrow3d/default.nix
@@ -0,0 +1,53 @@
+{ lib
+, fetchFromGitHub
+, pkg-config
+, SDL
+, SDL_image
+, SDL_mixer
+, SDL_net
+, SDL_ttf
+, stdenv
+}:
+
+stdenv.mkDerivation (finalAttrs: {
+ pname = "sparrow3d";
+ version = "2020-10-06";
+
+ src = fetchFromGitHub {
+ owner = "theZiz";
+ repo = "sparrow3d";
+ rev = "2033349d7adeba34bda2c442e1fec22377471134";
+ hash = "sha256-28j5nbTYBrMN8BQ6XrTlO1D8Viw+RiT3MAl99BAbhR4=";
+ };
+
+ nativeBuildInputs = [
+ pkg-config
+ ];
+
+ propagatedBuildInputs = [
+ SDL.dev
+ SDL_image
+ SDL_ttf
+ SDL_mixer
+ SDL_net
+ ];
+
+ postConfigure = ''
+ NIX_CFLAGS_COMPILE=$(pkg-config --cflags SDL_image SDL_ttf SDL_mixer SDL_net)
+ '';
+
+ installPhase = ''
+ mkdir -p $out/{include,lib/pkgconfig}
+ cp sparrow*.h $out/include
+ cp libsparrow{3d,Net,Sound}.so $out/lib
+ substituteAll ${./sparrow3d.pc.in} $out/lib/pkgconfig/sparrow3d.pc
+ '';
+
+ meta = with lib; {
+ description = "a software renderer for different open handhelds like the gp2x, wiz, caanoo and pandora";
+ homepage = "https://github.com/theZiz/sparrow3d";
+ license = licenses.lgpl21;
+ maintainers = with maintainers; [ colinsane ];
+ platforms = [ "x86_64-linux" ];
+ };
+})
diff --git a/pkgs/development/libraries/sparrow3d/sparrow3d.pc.in b/pkgs/development/libraries/sparrow3d/sparrow3d.pc.in
new file mode 100644
index 00000000000..046e174ea97
--- /dev/null
+++ b/pkgs/development/libraries/sparrow3d/sparrow3d.pc.in
@@ -0,0 +1,17 @@
+prefix=@out@
+includedir=${prefix}/include
+libdir=${prefix}/lib
+
+Name: sparrow3d
+Description: a software renderer for different open handhelds like the gp2x, wiz, caanoo and pandora
+URL: https://github.com/theZiz/sparrow3d
+Version: @version@
+Requires: \
+ sdl \
+ SDL_image \
+ SDL_ttf \
+ SDL_mixer \
+ SDL_net
+Cflags: -isystem${includedir}
+Libs: -L${libdir} -lsparrow3d -lsparrowNet -lsparrowSound
+
diff --git a/pkgs/games/hase/default.nix b/pkgs/games/hase/default.nix
new file mode 100644
index 00000000000..794b6d017ae
--- /dev/null
+++ b/pkgs/games/hase/default.nix
@@ -0,0 +1,49 @@
+{ lib
+, fetchFromGitHub
+, pkg-config
+, stdenv
+, sparrow3d
+, zlib
+}:
+
+stdenv.mkDerivation {
+ pname = "hase";
+ version = "2020-10-06";
+
+ src = fetchFromGitHub {
+ owner = "theZiz";
+ repo = "hase";
+ rev = "31d6840cdf0c72fc459f10402dae7726096b2974";
+ hash = "sha256-d9So3E8nCQJ1/BdlwMkGbaFPT9mkX1VzlDGKp71ptEE=";
+ };
+ patches = [ ./prefer-dynamic.patch ];
+
+ nativeBuildInputs = [
+ pkg-config
+ ];
+
+ buildInputs = [
+ sparrow3d
+ zlib
+ ];
+
+ buildPhase = ''
+ NIX_CFLAGS_COMPILE=$(pkg-config --cflags sparrow3d zlib)
+ mkdir -p $out/{bin,share/applications,share/pixmaps}
+ # build and install are one step, and inseparable without patching
+ ./install.sh $out
+ '';
+
+ postFixup = ''
+ substituteInPlace "$out/share/applications/hase.desktop" \
+ --replace "Exec=hase" "Exec=$out/bin/hase"
+ '';
+
+ meta = with lib; {
+ description = "Hase is an open source gravity based artillery shooter. It is similar to Worms, Hedgewars or artillery, but the gravity force and direction depends on the mass nearby. It is optimized for mobile game consoles like the GP2X, Open Pandora or GCW Zero";
+ homepage = "http://ziz.gp2x.de/hase/";
+ license = licenses.gpl3;
+ maintainers = with maintainers; [ colinsane ];
+ platforms = [ "x86_64-linux" ];
+ };
+}
diff --git a/pkgs/games/hase/prefer-dynamic.patch b/pkgs/games/hase/prefer-dynamic.patch
new file mode 100644
index 00000000000..ab36e6b2b3d
--- /dev/null
+++ b/pkgs/games/hase/prefer-dynamic.patch
@@ -0,0 +1,13 @@
+diff --git a/Makefile b/Makefile
+index 95d894e..3c561c1 100644
+--- a/Makefile
++++ b/Makefile
+@@ -35,7 +35,7 @@ endif
+ LIB += -L$(SPARROW_LIB)
+ INCLUDE += -I$(SPARROW_FOLDER)
+
+-HASE_STATIC = $(SPARROW_LIB)/$(SPARROW3D_STATIC_LIB) $(SPARROW_LIB)/$(SPARROWSOUND_STATIC_LIB) $(SPARROW_LIB)/$(SPARROWNET_STATIC_LIB) $(STATIC)
++DYNAMIC += -lsparrow3d -lsparrowSound -lsparrowNet
+
+ ifneq ($(TARGET),win32)
+ DYNAMIC += -lz
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 521b00eb5f5..31052251314 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -23550,6 +23550,8 @@ with pkgs;
spaceship-prompt = callPackage ../shells/zsh/spaceship-prompt {};
+ sparrow3d = callPackage ../development/libraries/sparrow3d {};
+
spdk = callPackage ../development/libraries/spdk { };
speechd = callPackage ../development/libraries/speechd { };
@@ -35570,6 +35572,8 @@ with pkgs;
harmonist = callPackage ../games/harmonist { };
+ hase = callPackage ../games/hase { };
+
hedgewars = libsForQt5.callPackage ../games/hedgewars {
inherit (haskellPackages) ghcWithPackages;
};

31
nixpatches/list.nix
View File

@@ -13,6 +13,14 @@
hash = "sha256-IvsIcd2wPdz4b/7FMrDrcVlIZjFecCQ9uiL0Umprbx0=";
})
# fix handbrake build by: handbrake: 1.5.1 -> 1.6.1
# PR opened 2023/01/23
# (fetchpatch {
# # see alternate fix: <https://github.com/NixOS/nixpkgs/pull/211834>
# url = "https://github.com/NixOS/nixpkgs/pull/212306.diff";
# hash = "sha256-PnPzvJymafa+zjkauQW0LzFsJC7S+7D9JRszTE3in+w=";
# })
# (fetchpatch {
# # stdenv: fix cc for pseudo-crosscompilation
# # closed because it breaks pkgsStatic (as of 2023/02/12)
@@ -23,30 +31,9 @@
./2022-12-19-i2p-aarch64.patch
# fix for CMA memory leak in mesa: <https://gitlab.freedesktop.org/mesa/mesa/-/issues/8198>
# fixed in mesa 22.3.6: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/21330/diffs>
# only necessary on aarch64.
# it's a revert of nixpkgs commit dcf630c172df2a9ecaa47c77f868211e61ae8e52
# ./2023-01-30-mesa-cma-leak.patch
# upgrade to 22.3.6 instead
# ./2023-02-28-mesa-22.3.6.patch
# fix qt6.qtbase and qt6.qtModule to cross-compile.
# unfortunately there's some tangle that makes that difficult to do via the normal `override` facilities
./2023-03-03-qtbase-cross-compile.patch
# let ccache cross-compile
# TODO: why doesn't this apply?
# ./2023-03-04-ccache-cross-fix.patch
# TODO: point to upstream PR
./2023-03-10-hase.patch
# 2023-03-28: jellyfin-media-player: 1.8.1 -> 1.9.0
# TODO: i should review/approve this PR if it works
(fetchpatch {
url = "https://github.com/NixOS/nixpkgs/pull/220974.diff";
hash = "sha256-AK/l0vteCEg/ae4E0dS1oWnlLI4xyeyLFJcqMgCQ4RI=";
})
./2023-01-30-mesa-cma-leak.patch
# # kaiteki: init at 2022-09-03
# vendorHash changes too frequently (might not be reproducible).

201
overlays/disable-flakey-tests.nix
View File

@@ -1,201 +0,0 @@
# disable tests for packages which flake.
# tests will fail for a variety of reasons:
# - they were coded with timeouts that aren't reliable under heavy load.
# - they assume a particular architecture (e.g. x86) whereas i compile on multiple archs.
# - they assume too much about their environment and fail under qemu.
#
(next: prev: {
# ell = prev.ell.overrideAttrs (_upstream: {
# # 2023/02/11
# # fixes "TEST FAILED in get_random_return_callback at unit/test-dbus-message-fds.c:278: !l_dbus_message_get_error(message, ((void *)0), ((void *)0))"
# # unclear *why* this test fails.
# doCheck = false;
# });
# fish = prev.fish.overrideAttrs (_upstream: {
# # 2023/02/28
# # The following tests FAILED:
# # 177 - sigint.fish (Failed)
# # 241 - torn_escapes.py (Failed)
# doCheck = false;
# });
# gjs = prev.gjs.overrideAttrs (_upstream: {
# # 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
# doCheck = false;
# });
# gssdp = prev.gssdp.overrideAttrs (_upstream: {
# # 2023/02/11
# # fixes "ERROR:../tests/test-regression.c:429:test_ggo_7: assertion failed (error == NULL): Failed to set multicast interfaceProtocol not available (gssdp-error, 1)"
# doCheck = false;
# });
# gupnp = prev.gupnp.overrideAttrs (_upstream: {
# # 2023/02/22
# # fixes "Bail out! ERROR:../tests/test-bugs.c:205:test_bgo_696762: assertion failed (error == NULL): Failed to set multicast interfaceProtocol not available (gssdp-erro>"
# doCheck = false;
# });
# json-glib = prev.json-glib.overrideAttrs (_upstream: {
# # 2023/02/11
# # fixes: "15/15 json-glib:docs / doc-check TIMEOUT 30.52s killed by signal 15 SIGTERM"
# doCheck = false;
# });
# lapack-reference = prev.lapack-reference.overrideAttrs (_upstream: {
# # 2023/02/11: test timeouts
# # > The following tests FAILED:
# # > 93 - LAPACK-xlintstz_ztest_in (Timeout)
# # > 98 - LAPACK-xeigtstz_svd_in (Timeout)
# # > 99 - LAPACK-xeigtstz_zec_in (Timeout)
# doCheck = false;
# });
# libadwaita = prev.libadwaita.overrideAttrs (_upstream: {
# # 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
# doCheck = false;
# });
# libsecret = prev.libsecret.overrideAttrs (_upstream: {
# # 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
# doCheck = false;
# });
# libuv = prev.libuv.overrideAttrs (_upstream: {
# # 2023/02/11
# # 2 tests fail:
# # - not ok 261 - tcp_bind6_error_addrinuse
# # - not ok 267 - tcp_bind_error_addrinuse_listen
# doCheck = false;
# });
libwacom = prev.libwacom.overrideAttrs (_upstream: {
# 2023/03/30
# "libwacom:all / pytest TIMEOUT"
doCheck = false;
mesonFlags = [ "-Dtests=disabled" ];
});
# llvmPackages_12 =
# let
# tools = prev.llvmPackages_12.tools.extend (self: super: {
# libllvm = super.libllvm.overrideAttrs (upstream: {
# # 2023/02/21: fix: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/MCJITTest.return_global (2857 of 42084)"
# # - nix log /nix/store/6vydavlxh1gvs0vmrkcx9qp67g3h7kcz-llvm-12.0.1.drv
# # - wanted by sequoia, rav1e, rustc-1.66.1 (is this right?)
# doCheck = false;
# # upstream sets this with `rec`; TODO: have upstream refer to the final overrideAttrs version of the derivation instead of using rec.
# cmakeFlags = next.lib.remove "-DLLVM_BUILD_TESTS=ON" upstream.cmakeFlags;
# });
# });
# in
# # see <nixpkgs:pkgs/development/compilers/llvm/12/default.nix>
# # - we copy their strategy / attrset mutilation
# prev.llvmPackages_12 // { inherit tools; } // tools;
# llvmPackages_14 =
# let
# tools = prev.llvmPackages_14.tools.extend (self: super: {
# libllvm = super.libllvm.overrideAttrs (upstream: {
# # 2023/02/21: fix: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/MCJITMultipleModuleTest.two_module_global_variables_case (43769 of 46988)"
# # - nix log /nix/store/ib2yw6sajnhlmibxkrn7lj7chllbr85h-llvm-14.0.6.drv
# # - wanted by clang-11-12-LLVMgold-path, compiler-rt-libc-12.0.1, clang-wrapper-12.0.1 (is this right?)
# doCheck = false;
# # upstream sets this with `rec`; TODO: have upstream refer to the final overrideAttrs version of the derivation instead of using rec.
# cmakeFlags = next.lib.remove "-DLLVM_BUILD_TESTS=ON" upstream.cmakeFlags;
# });
# });
# in
# # see <nixpkgs:pkgs/development/compilers/llvm/14/default.nix>
# # - we copy their strategy / attrset mutilation
# prev.llvmPackages_14 // { inherit tools; } // tools;
# llvmPackages_15 =
# let
# tools = prev.llvmPackages_15.tools.extend (self: super: {
# libllvm = super.libllvm.override {
# # 2023/02/21: fix: "FAIL: LLVM-Unit :: ExecutionEngine/MCJIT/./MCJITTests/..."
# # llvm15 passes doCheck as a call arg, so we don't need to set cmakeFlags explicitly as in previous versions
# doCheck = false;
# };
# });
# in
# prev.llvmPackages_15 // { inherit tools; } // tools;
# modemmanager = prev.modemmanager.overrideAttrs (_upstream: {
# # 2023/02/25
# # "ERROR:test-modem-helpers.c:257:test_cmgl_response: assertion failed: (list != NULL)"
# doCheck = false;
# doInstallCheck = false; # tests are run during install check??
# });
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
(py-next: py-prev: {
# ipython = py-prev.ipython.overridePythonAttrs (upstream: {
# # > FAILED IPython/core/tests/test_debugger.py::test_xmode_skip - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# # > FAILED IPython/core/tests/test_debugger.py::test_decorator_skip - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# # > FAILED IPython/core/tests/test_debugger.py::test_decorator_skip_disabled - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# # > FAILED IPython/core/tests/test_debugger.py::test_decorator_skip_with_breakpoint - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# # > FAILED IPython/core/tests/test_debugger.py::test_where_erase_value - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# # > FAILED IPython/terminal/tests/test_debug_magic.py::test_debug_magic_passes_through_generators - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# # > FAILED IPython/terminal/tests/test_embed.py::test_nest_embed - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# disabledTestPaths = upstream.disabledTestPaths or [] ++ [
# "IPython/core/tests/test_debugger.py"
# "IPython/terminal/tests/test_debug_magic.py"
# "IPython/terminal/tests/test_embed.py"
# ];
# });
pyarrow = py-prev.pyarrow.overridePythonAttrs (upstream: {
# 2023/04/02
# disabledTests = upstream.disabledTests ++ [ "test_generic_options" ];
disabledTestPaths = upstream.disabledTestPaths or [] ++ [
"pyarrow/tests/test_flight.py"
];
});
# pytest-xdist = py-prev.pytest-xdist.overridePythonAttrs (upstream: {
# # 2023/02/19
# # 4 tests fail:
# # - FAILED: testing/test_remote.py::TestWorkInteractor::* - execnet.gateway_base.TimeoutError: no item after 10.0 seconds
# # doCheck = false;
# disabledTestPaths = upstream.disabledTestPaths or [] ++ [
# "testing/test_remote.py"
# ];
# # disabledTests = upstream.disabledTests or [] ++ [
# # "test_basic_collect_and_runtests"
# # "test_remote_collect_fail"
# # "test_remote_collect_skip"
# # "test_runtests_all"
# # ];
# });
# twisted = py-prev.twisted.overridePythonAttrs (upstream: {
# # 2023/02/25
# # ```
# # [ERROR]
# # Traceback (most recent call last):
# # File "/nix/store/dcnsxrn8rsfk1dghah7md5glbbnfysq3-python3.10-twisted-22.10.0/lib/python3.10/site-packages/twisted/test/test_udp.py", line 645, in test_interface
# # self.assertEqual(self.client.transport.getOutgoingInterface(), "0.0.0.0")
# # File "/nix/store/dcnsxrn8rsfk1dghah7md5glbbnfysq3-python3.10-twisted-22.10.0/lib/python3.10/site-packages/twisted/internet/udp.py", line 449, in getOutgoingInterface
# # i = self.socket.getsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_IF)
# # builtins.OSError: [Errno 92] Protocol not available
# #
# # twisted.test.test_udp.MulticastTests.test_interface
# # ```
# postPatch = upstream.postPatch + ''
# echo 'MulticastTests.test_interface.skip = "Protocol not available"'>> src/twisted/test/test_udp.py
# '';
# });
})
];
# strp = prev.srtp.overrideAttrs (_upstream: {
# # 2023/02/11
# # roc_driver test times out after 30s
# doCheck = false;
# });
tracker = prev.tracker.overrideAttrs (_upstream: {
# 2023/02/22
# "27/37 tracker:core / service TIMEOUT 60.37s killed by signal 15 SIGTERM"
doCheck = false;
});
# udisks2 = prev.udisks2.overrideAttrs (_upstream: {
# # 2023/02/25
# # "udisks-test:ERROR:test.c:61:on_completed_expect_failure: assertion failed (message == expected_message): ("Command-line `./udisks-test-helper 4' was signaled with signal SIGSEGV (11):\nstdout: `OK, deliberately causing a segfault\n'\nstderr: `qemu: uncaught target signal 11 (Segmentation fault) - core dumped\n'" == "Command-line `./udisks-test-helper 4' was signaled with signal SIGSEGV (11): OK, deliberately causing a segfault\n")"
# doCheck = false;
# });
# upower = prev.upower.overrideAttrs (_upstream: {
# # 2023/02/25
# # "Tests.test_battery_state_guessing TIMEOUT 60.80s killed by signal 15 SIGTERM"
# doCheck = false;
# });
})

32
overlays/optimizations.nix
View File

@@ -1,32 +0,0 @@
(self: super:
with self;
let
# ccache-able = drv: drv.override { stdenv = builtins.trace "with ccache ${drv.name}" ccacheStdenv; };
ccache-able = drv: drv.override { stdenv = builtins.trace "with ccache: ${drv.name}" ccacheStdenv; };
in {
# TODO: if we link /homeless-shelter/.ccache into the nix environment,
# then maybe we get better use of upstream caches?
# ccacheWrapper = super.ccacheWrapper.override {
# extraConfig = ''
# export CCACHE_DIR="/var/cache/ccache"
# '';
# };
# ccacheStdenv = super.ccacheStdenv.override {
# extraConfig = ''
# export CCACHE_DIR="/homeless-shelter/.ccache"
# '';
# };
# firefox-esr = ccache-able super.firefox-esr;
# firefox/librewolf distribution is wacky: it grabs the stdenv off of `rustc.llvmPackages`, and really wants those to match.
# buildMozillaMach = opts: ccache-able (super.buildMozillaMach opts);
# webkitgtk = ccache-able super.webkitgtk;
# mesa = ccache-able super.mesa;
webkitgtk = super.webkitgtk.overrideAttrs (_upstream: {
# means we drop debug info when linking.
# this is a trade-off to require less memory when linking, since
# building `webkitgtk` otherwise requires about 40G+ of RAM.
# <https://github.com/NixOS/nixpkgs/issues/153528>
separateDebugInfo = false;
});
})

85
overlays/pins.nix
View File

@@ -15,7 +15,86 @@
# so just forward the unstable packages.
inherit (next.stable or prev)
;
# chromium can take 4 hours to build from source, with no signs of progress.
# disable it if you're in a rush.
# chromium = next.emptyDirectory;
ell = prev.ell.overrideAttrs (_upstream: {
# 2023/02/11
# fixes "TEST FAILED in get_random_return_callback at unit/test-dbus-message-fds.c:278: !l_dbus_message_get_error(message, ((void *)0), ((void *)0))"
# unclear *why* this test fails.
doCheck = false;
});
gjs = prev.gjs.overrideAttrs (_upstream: {
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
doCheck = false;
});
gssdp = prev.gssdp.overrideAttrs (_upstream: {
# 2023/02/11
# fixes "ERROR:../tests/test-regression.c:429:test_ggo_7: assertion failed (error == NULL): Failed to set multicast interfaceProtocol not available (gssdp-error, 1)"
doCheck = false;
});
json-glib = prev.json-glib.overrideAttrs (_upstream: {
# 2023/02/11
# fixes: "15/15 json-glib:docs / doc-check TIMEOUT 30.52s killed by signal 15 SIGTERM"
doCheck = false;
});
lapack-reference = prev.lapack-reference.overrideAttrs (_upstream: {
# 2023/02/11: test timeouts
# > The following tests FAILED:
# > 93 - LAPACK-xlintstz_ztest_in (Timeout)
# > 98 - LAPACK-xeigtstz_svd_in (Timeout)
# > 99 - LAPACK-xeigtstz_zec_in (Timeout)
doCheck = false;
});
libadwaita = prev.libadwaita.overrideAttrs (_upstream: {
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
doCheck = false;
});
libsecret = prev.libsecret.overrideAttrs (_upstream: {
# 2023/01/30: one test times out. probably flakey test that only got built because i patched mesa.
doCheck = false;
});
libuv = prev.libuv.overrideAttrs (_upstream: {
# 2023/02/11
# 2 tests fail:
# - not ok 261 - tcp_bind6_error_addrinuse
# - not ok 267 - tcp_bind_error_addrinuse_listen
doCheck = false;
});
pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
(py-next: py-prev: {
ipython = py-prev.ipython.overridePythonAttrs (upstream: {
# > FAILED IPython/core/tests/test_debugger.py::test_xmode_skip - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# > FAILED IPython/core/tests/test_debugger.py::test_decorator_skip - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# > FAILED IPython/core/tests/test_debugger.py::test_decorator_skip_disabled - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# > FAILED IPython/core/tests/test_debugger.py::test_decorator_skip_with_breakpoint - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# > FAILED IPython/core/tests/test_debugger.py::test_where_erase_value - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# > FAILED IPython/terminal/tests/test_debug_magic.py::test_debug_magic_passes_through_generators - pexpect.exceptions.TIMEOUT: Timeout exceeded.
# > FAILED IPython/terminal/tests/test_embed.py::test_nest_embed - pexpect.exceptions.TIMEOUT: Timeout exceeded.
disabledTestPaths = upstream.disabledTestPaths or [] ++ [
"IPython/core/tests/test_debugger.py"
"IPython/terminal/tests/test_debug_magic.py"
"IPython/terminal/tests/test_embed.py"
];
});
pytest-xdist = py-prev.pytest-xdist.overridePythonAttrs (upstream: {
# 2023/02/19
# 4 tests fail:
# - FAILED: testing/test_remote.py::TestWorkInteractor::* - execnet.gateway_base.TimeoutError: no item after 10.0 seconds
# doCheck = false;
disabledTestPaths = upstream.disabledTestPaths or [] ++ [
"testing/test_remote.py"
];
# disabledTests = upstream.disabledTests or [] ++ [
# "test_basic_collect_and_runtests"
# "test_remote_collect_fail"
# "test_remote_collect_skip"
# "test_runtests_all"
# ];
});
})
];
strp = prev.srtp.overrideAttrs (_upstream: {
# 2023/02/11
# roc_driver test times out after 30s
doCheck = false;
});
})

54
overlays/pkgs.nix
View File

@@ -1,42 +1,46 @@
(next: prev:
with next;
let
sane = rec {
#### my own, non-upstreamable packages:
static-nix-shell = callPackages ../pkgs/static-nix-shell { };
sane-scripts = callPackage ../pkgs/sane-scripts { };
feeds = recurseIntoAttrs (callPackage ../pkgs/feeds { });
tow-boot-pinephone = callPackage ../pkgs/tow-boot-pinephone { };
tow-boot-rpi4 = callPackage ../pkgs/tow-boot-rpi4 { };
bootpart-uefi-x86_64 = callPackage ../pkgs/bootpart-uefi-x86_64 { };
bootpart-tow-boot-rpi-aarch64 = callPackage ../pkgs/bootpart-tow-boot-rpi-aarch64 { };
bootpart-u-boot-rpi-aarch64 = callPackage ../pkgs/bootpart-u-boot-rpi-aarch64 { };
rtl8723cs-firmware = callPackage ../pkgs/rtl8723cs-firmware { };
linux-megous = callPackage ../pkgs/linux-megous {
sane-scripts = prev.callPackage ../pkgs/sane-scripts { };
feeds = prev.callPackage ../pkgs/feeds { };
tow-boot-pinephone = prev.callPackage ../pkgs/tow-boot-pinephone { };
tow-boot-rpi4 = prev.callPackage ../pkgs/tow-boot-rpi4 { };
bootpart-uefi-x86_64 = prev.callPackage ../pkgs/bootpart-uefi-x86_64 { };
bootpart-tow-boot-rpi-aarch64 = prev.callPackage ../pkgs/bootpart-tow-boot-rpi-aarch64 {
# not sure why i can't just do `next.callPackage` instead
inherit tow-boot-rpi4;
};
bootpart-u-boot-rpi-aarch64 = prev.callPackage ../pkgs/bootpart-u-boot-rpi-aarch64 {
# not sure why i can't just do `next.callPackage` instead
inherit ubootRaspberryPi4_64bit;
};
rtl8723cs-firmware = prev.callPackage ../pkgs/rtl8723cs-firmware { };
linux-megous = prev.callPackage ../pkgs/linux-megous {
kernelPatches = [
prev.kernelPatches.bridge_stp_helper
prev.kernelPatches.request_key_helper
];
};
sublime-music-mobile = callPackage ../pkgs/sublime-music-mobile { };
sublime-music-mobile = prev.callPackage ../pkgs/sublime-music-mobile { };
#### customized packages
fluffychat-moby = callPackage ../pkgs/fluffychat-moby { };
gpodder-configured = callPackage ../pkgs/gpodder-configured { };
fluffychat-moby = prev.callPackage ../pkgs/fluffychat-moby { };
gpodder-configured = prev.callPackage ../pkgs/gpodder-configured { };
# jackett doesn't allow customization of the bind address: this will probably always be here.
jackett = callPackage ../pkgs/jackett { inherit (prev) jackett; };
jackett = prev.callPackage ../pkgs/jackett { inherit (prev) jackett; };
# mozilla keeps nerfing itself and removing configuration options
firefox-unwrapped = callPackage ../pkgs/firefox-unwrapped { inherit (prev) firefox-unwrapped; };
firefox-unwrapped = next.callPackage ../pkgs/firefox-unwrapped { inherit (prev) firefox-unwrapped; };
# patch rpi uboot with something that fixes USB HDD boot
ubootRaspberryPi4_64bit = callPackage ../pkgs/ubootRaspberryPi4_64bit { };
ubootRaspberryPi4_64bit = prev.callPackage ../pkgs/ubootRaspberryPi4_64bit { };
gocryptfs = callPackage ../pkgs/gocryptfs { inherit (prev) gocryptfs; };
gocryptfs = prev.callPackage ../pkgs/gocryptfs { inherit (prev) gocryptfs; };
browserpass = callPackage ../pkgs/browserpass { inherit (prev) browserpass; };
browserpass = prev.callPackage ../pkgs/browserpass { inherit (prev) browserpass; inherit sane-scripts; };
fractal-latest = callPackage ../pkgs/fractal-latest { };
fractal-latest = prev.callPackage ../pkgs/fractal-latest { };
#### TEMPORARY: PACKAGES WAITING TO BE UPSTREAMED
@@ -46,14 +50,14 @@
})
];
kaiteki = callPackage ../pkgs/kaiteki { };
lightdm-mobile-greeter = callPackage ../pkgs/lightdm-mobile-greeter { };
browserpass-extension = callPackage ../pkgs/browserpass-extension { };
gopass-native-messaging-host = callPackage ../pkgs/gopass-native-messaging-host { };
kaiteki = prev.callPackage ../pkgs/kaiteki { };
lightdm-mobile-greeter = prev.callPackage ../pkgs/lightdm-mobile-greeter { };
browserpass-extension = prev.callPackage ../pkgs/browserpass-extension { };
gopass-native-messaging-host = prev.callPackage ../pkgs/gopass-native-messaging-host { };
tokodon = prev.libsForQt5.callPackage ../pkgs/tokodon { };
# provided by nixpkgs patch or upstream preview
# splatmoji = callPackage ../pkgs/splatmoji { };
# splatmoji = prev.callPackage ../pkgs/splatmoji { };
};
in sane // { inherit sane; }
)

4
pkgs/browserpass/default.nix
View File

@@ -32,8 +32,8 @@ in
owner = "colin";
repo = "browserpass-native";
# don't forcibly append '.gpg'
rev = "d3ef88e12cb127914fb0ead762b7baee6913592f";
hash = "sha256-FRnFmCJI/1f92DOI1VXSPivSBzIR372gmgLUfLLiuPc=";
rev = "85bdb08379c03297c1236f66e8764160c922d397";
hash = "sha256-SEfihU+GreWhYfLVr7tTnMCo6Iq20a78F8iVbycOQUQ=";
};
installPhase = ''
make install

90
pkgs/feeds/default.nix
View File

@@ -1,58 +1,42 @@
{ lib
, callPackage
, python3
, static-nix-shell
, writeShellScript
, pkgs
}:
let
# TODO: dependency-inject this.
sane-data = import ../../modules/data { inherit lib; };
template = callPackage ./template.nix;
feed-pkgs = lib.mapAttrs
(name: feed-details: template {
feedName = name;
jsonPath = "modules/data/feeds/sources/${name}/default.json";
inherit (feed-details) url;
})
sane-data.feeds;
update-scripts = lib.mapAttrsToList
(name: feed: builtins.concatStringsSep " " feed.passthru.updateScript)
feed-pkgs;
in rec { # TODO: make this a scope
inherit feed-pkgs;
update = static-nix-shell.mkPython3Bin {
pname = "update";
src = ./.;
pyPkgs = [ "feedsearch-crawler" ];
srcPath = "update.py";
};
init-feed = writeShellScript
"init-feed"
''
# this is the `nix run '.#init-feed' <url>` script`
sources_dir=modules/data/feeds/sources
# prettify the URL, by default
name=$( \
echo "$1" \
| sed 's|^https://||' \
| sed 's|^http://||' \
| sed 's|^www\.||' \
| sed 's|/+$||' \
)
json_path="$sources_dir/$name/default.json"
(lib.makeScope pkgs.newScope (self:
let
# TODO: dependency-inject this.
sane-data = import ../../modules/data { inherit lib; };
template = self.callPackage ./template.nix;
feed-pkgs = lib.mapAttrs
(name: feed-details: template {
feedName = name;
jsonPath = "modules/data/feeds/sources/${name}/default.json";
inherit (feed-details) url;
})
sane-data.feeds;
update-scripts = lib.mapAttrsToList
(name: feed: builtins.concatStringsSep " " feed.passthru.updateScript)
feed-pkgs;
in
feed-pkgs // {
passthru.updateScript = pkgs.writeShellScript
"feeds-update"
(builtins.concatStringsSep "\n" update-scripts);
# the name could have slashes in it, so we want to mkdir -p that
# but in a way where the least could go wrong.
pushd "$sources_dir"; mkdir -p "$name"; popd
passthru.initFeedScript = pkgs.writeShellScript
"init-feed"
''
sources_dir=modules/data/feeds/sources
name="$1"
url="https://$name"
json_path="$sources_dir/$name/default.json"
${update}/bin/update.py "$name" "$json_path"
cat "$json_path"
'';
passthru = {
updateScript = writeShellScript
"feeds-update"
(builtins.concatStringsSep "\n" update-scripts);
initFeedScript = init-feed;
};
}
# the name could have slashes in it, so we want to mkdir -p that
# but in a way where the least could go wrong.
pushd "$sources_dir"; mkdir -p "$name"; popd
${./update.py} "$url" "$json_path"
cat "$json_path"
'';
}
))

10
pkgs/feeds/update.py
View File

@@ -13,13 +13,9 @@ logging.getLogger().setLevel(logging.DEBUG)
logging.getLogger().addHandler(logging.StreamHandler(sys.stdout))
logging.getLogger(__name__).debug("logging enabled")
def try_scheme(url: str, scheme: str):
url = coerce_url(url, default_scheme=scheme)
print(f"trying {url}")
items = search(url, total_timeout=180, request_timeout=90, max_content_length=100*1024*1024)
return sort_urls(items)
items = try_scheme(url, "https") or try_scheme(url, "http")
url = coerce_url(url, default_scheme="https")
items = search(url, total_timeout=180, request_timeout=90, max_content_length=100*1024*1024)
items = sort_urls(items)
# print all results
serialized = [item.serialize() for item in items]

30
pkgs/gpodder-configured/default.nix
View File

@@ -1,29 +1,13 @@
{ stdenv
, gnome-feeds
{ makeWrapper
, gpodder
, makeWrapper
, python3
, linkFarm
, symlinkJoin
}:
let
pyEnv = python3.withPackages (_ps: [ gnome-feeds.listparser ]);
remove-extra = stdenv.mkDerivation {
pname = "gpodder-remove-extra";
version = "0.1.0";
src = ./.;
patchPhase = ''
substituteInPlace ./remove_extra.py \
--replace "#!/usr/bin/env nix-shell" "#!${pyEnv.interpreter}"
'';
installPhase = ''
mkdir -p $out/bin
mv remove_extra.py $out/bin/gpodder-remove-extra
'';
};
remove-extra = linkFarm "gpodder-remove-extra" [
{ name = "bin/gpodder-remove-extra"; path = ./remove_extra.py; }
];
in
# we use a symlinkJoin so that we can inherit the .desktop and icon files from the original gPodder
(symlinkJoin {
@@ -45,8 +29,4 @@ in
unlink $out/share/applications/gpodder.desktop
sed "s:Exec=.*:Exec=$out/bin/gpodder-configured:" $orig_desktop > $out/share/applications/gpodder.desktop
'';
passthru = {
remove-extra = remove-extra;
};
})

207
pkgs/sane-scripts/default.nix
View File

@@ -1,131 +1,108 @@
{ lib
, pkgs
, resholve
, static-nix-shell
, symlinkJoin
}:
let
shell-scripts = resholve.mkDerivation {
# resholve documentation:
# - nix: https://github.com/nixos/nixpkgs/blob/master/pkgs/development/misc/resholve/README.md
# - generic: https://github.com/abathur/resholve
pname = "sane-scripts";
version = "0.1.0";
# resholve documentation:
# - nix: https://github.com/nixos/nixpkgs/blob/master/pkgs/development/misc/resholve/README.md
# - generic: https://github.com/abathur/resholve
resholve.mkDerivation {
pname = "sane-scripts";
version = "0.1.0";
src = ./src;
src = ./src;
solutions = {
default = {
# note: `scripts` refers to the store path here
scripts = [ "bin/*" ];
interpreter = "${pkgs.bash}/bin/bash";
inputs = with pkgs; [
# string is interpreted as relative path from @OUT@.
# this lets our scripts reference eachother.
# see: <https://github.com/abathur/resholve/issues/26>
"bin"
coreutils-full
curl
duplicity
file
findutils
git
gnugrep
gnused
gocryptfs
ifuse
inetutils
inotify-tools
iwd
jq
ncurses
oath-toolkit
openssh
openssl
rmlint
rsync
ssh-to-age
sops
sudo
systemd
transmission
util-linux
which
];
keep = {
"/run/secrets/duplicity_passphrase" = true;
# we write here: keep it
"/tmp/rmlint.sh" = true;
# intentionally escapes (into user code)
"$external_cmd" = true;
"$maybe_sudo" = true;
};
fake = {
external = [
# https://github.com/abathur/resholve/issues/29
# "umount"
# "/run/wrappers/bin/sudo"
"sudo"
];
};
fix = {
# this replaces umount with the non-setuid-wrapper umount.
# not sure if/where that lack of suid causes problems.
umount = true;
};
prologue = "bin/sane-resholve-prologue";
# list of programs which *can* or *cannot* exec their arguments
execer = with pkgs; [
"cannot:${duplicity}/bin/duplicity"
"cannot:${git}/bin/git"
"cannot:${gocryptfs}/bin/gocryptfs"
"cannot:${ifuse}/bin/ifuse"
"cannot:${iwd}/bin/iwctl"
"cannot:${oath-toolkit}/bin/oathtool"
"cannot:${openssh}/bin/ssh-keygen"
"cannot:${rmlint}/bin/rmlint"
"cannot:${rsync}/bin/rsync"
"cannot:${sops}/bin/sops"
"cannot:${ssh-to-age}/bin/ssh-to-age"
"cannot:${systemd}/bin/systemctl"
"cannot:${transmission}/bin/transmission-remote"
solutions = {
default = {
# note: `scripts` refers to the store path here
scripts = [ "bin/*" ];
interpreter = "${pkgs.bash}/bin/bash";
inputs = with pkgs; [
# string is interpreted as relative path from @OUT@.
# this lets our scripts reference eachother.
# see: <https://github.com/abathur/resholve/issues/26>
"bin"
coreutils-full
curl
duplicity
file
findutils
git
gnugrep
gnused
gocryptfs
ifuse
inetutils
inotify-tools
iwd
jq
ncurses
oath-toolkit
openssh
openssl
rmlint
rsync
ssh-to-age
sops
sudo
systemd
util-linux
which
];
keep = {
"/run/secrets/duplicity_passphrase" = true;
# we write here: keep it
"/tmp/rmlint.sh" = true;
# intentionally escapes (into user code)
"$external_cmd" = true;
"$maybe_sudo" = true;
};
fake = {
external = [
# https://github.com/abathur/resholve/issues/29
# "umount"
# "/run/wrappers/bin/sudo"
"sudo"
];
};
fix = {
# this replaces umount with the non-setuid-wrapper umount.
# not sure if/where that lack of suid causes problems.
umount = true;
};
prologue = "bin/sane-resholve-prologue";
# list of programs which *can* or *cannot* exec their arguments
execer = with pkgs; [
"cannot:${duplicity}/bin/duplicity"
"cannot:${git}/bin/git"
"cannot:${gocryptfs}/bin/gocryptfs"
"cannot:${ifuse}/bin/ifuse"
"cannot:${iwd}/bin/iwctl"
"cannot:${oath-toolkit}/bin/oathtool"
"cannot:${openssh}/bin/ssh-keygen"
"cannot:${rmlint}/bin/rmlint"
"cannot:${rsync}/bin/rsync"
"cannot:${sops}/bin/sops"
"cannot:${ssh-to-age}/bin/ssh-to-age"
"cannot:${systemd}/bin/systemctl"
];
};
patchPhase = ''
# remove python scripts (we package them further below)
rm sane-bt-search
rm sane-date-math
rm sane-reclaim-boot-space
'';
installPhase = ''
mkdir -p $out/bin
cp -R * $out/bin/
'';
};
bt-search = static-nix-shell.mkPython3Bin {
pname = "sane-bt-search";
src = ./src;
pyPkgs = [ "natsort" "requests" ];
};
date-math = static-nix-shell.mkPython3Bin {
pname = "sane-date-math";
src = ./src;
};
reclaim-boot-space = static-nix-shell.mkPython3Bin {
pname = "sane-reclaim-boot-space";
src = ./src;
};
patchPhase = ''
# remove python scripts
# TODO: figure out how to make resholve process only shell scripts
rm sane-bt-search
rm sane-date-math
rm sane-reclaim-boot-space
'';
installPhase = ''
mkdir -p $out/bin
cp -R * $out/bin/
'';
in
symlinkJoin {
name = "sane-scripts";
paths = [ shell-scripts bt-search date-math reclaim-boot-space ];
meta = {
description = "collection of scripts associated with uninsane systems";
homepage = "https://git.uninsane.org";

46
pkgs/sane-scripts/src/sane-bt-add
View File

@@ -1,46 +0,0 @@
#!/usr/bin/env bash
set -e
endpoint=https://bt.uninsane.org/transmission/rpc
PASS=$(sudo cat /run/secrets/transmission_passwd)
options=$(getopt -l film,series:,prefix: -- "" "${@}")
eval "set -- ${options}"
prefix=
while true; do
case "$1" in
(--prefix)
shift
prefix="$1"
shift
;;
(--film)
prefix=Videos/Film/
shift
;;
(--series)
shift
prefix=Videos/Shows/"$1"/
shift
;;
(--)
shift
if [ $# -eq 1 ]; then
break
fi
;;
(*)
echo "invalid arguments"
exit 1
;;
esac
done
# positional ("non-option") parameters
torrent="$1"
transmission-remote "$endpoint" \
--auth "colin:$PASS" \
--download-dir "/var/lib/uninsane/media/$prefix" \
--add "$torrent"

7
pkgs/sane-scripts/src/sane-bt-search
View File

@@ -1,6 +1,5 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p "python3.withPackages (ps: [ ps.natsort ps.requests ])"
# vim: set filetype=python :
"""
usage: sane-bt-search <query_string>
@@ -20,7 +19,7 @@ ENDPOINTS = dict(
results="api/v2.0/indexers/all/results"
)
@dataclass(eq=True, order=True, unsafe_hash=True)
@dataclass(eq=True, order=True)
class Torrent:
seeders: int
pub_date: datetime
@@ -64,12 +63,12 @@ class Client:
return resp.json()
def query(self, q: str) -> list:
torrents = set()
torrents = []
api_res = self.api_call("results", dict(Query=q))
for r in api_res["Results"]:
t = Torrent.from_dict(r)
if t is not None:
torrents.add(t)
torrents.append(t)
return sorted(torrents, reverse=True)

15
pkgs/sane-scripts/src/sane-bt-show
View File

@@ -1,15 +0,0 @@
#!/usr/bin/env bash
endpoint=https://bt.uninsane.org/transmission/rpc
PASS=$(sudo cat /run/secrets/transmission_passwd)
if [ "$#" -eq 0 ]; then
# no specific torrents we want to show, so show all of them.
# to query specific torrents, note the index and re-invoke this script with that.
transmission-remote "$endpoint" --auth "colin:$PASS" --list
else
for id in $@; do
transmission-remote "$endpoint" --auth "colin:$PASS" -t "$id" -i
done
fi

3
pkgs/sane-scripts/src/sane-date-math
View File

@@ -1,5 +1,4 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p "python3.withPackages (ps: [ ])"
#!/usr/bin/env python3
# i just went overboard playing around with parsers, is all.
# use this like `./sane-date-math 'today - 5d'`

43
pkgs/sane-scripts/src/sane-deadlines
View File

@@ -1,43 +0,0 @@
#!/usr/bin/env bash
# processes a tab-separated "deadlines" file and alerts for any upcoming events.
#
# deadlines.tsv file format:
# - <date>\t<reminder-interval>\t<event>
# - no header
# - one line per entry
# - <event> may contain any non-newline and non-tab characters
# - <notice-interval> is the number of days before the event to start alerting, followed by 'd', e.g. `14d`
# - <date> should be lexicographically orderable and machine-parsable, e.g. `2023-03-14`
#
# example `deadlines.tsv`
# 2023-03-14 1d celebrate pi day!
# 2023-04-18 14d taxes due
# 2023-04-01 7d the other pie day :o
# configurables:
deadlines=~/knowledge/planner/deadlines.tsv
if ! test -f "$deadlines"; then
echo "WARNING: $deadlines sane-deadlines file not found"
exit 1
fi
now=$(date +%s)
sort "$deadlines" | while read line; do
# parse line
deadline_field=$(echo "$line" | cut -f 1)
threshold_field=$(echo "$line" | cut -f 2)
description_field=$(echo "$line" | cut -f 3)
# normalize dates into seconds since unix epoch
deadline=$(date -d "$deadline_field" +%s)
threshold=$(echo "$threshold_field" | sed 's/d/day /g')
birthtime=$(date -d "$deadline_field - ($threshold)" +%s)
# show the event iff it's near
if test "$now" -ge "$birthtime"; then
days_until=$(( ($deadline - $now) / (24*60*60) ))
echo "in $days_until day(s): $description_field"
fi
done

5
pkgs/sane-scripts/src/sane-ip-check
View File

@@ -1,4 +1,3 @@
#!/usr/bin/env bash
ip=$(curl --silent https://ipinfo.io/ip)
echo "$ip" | grep -P " *^\d+\.\d+\.\d+\.\d+ *$"
exit $?
curl https://ipinfo.io/ip
echo

9
pkgs/sane-scripts/src/sane-ip-check-router-wan
View File

@@ -3,16 +3,13 @@
# requires creds
passwd=$(sudo cat /run/secrets/router_passwd)
cookie=$(mktemp)
curlflags="curl --silent --insecure --cookie-jar $cookie --connect-timeout 5"
# authenticate
curl $curlflags \
curl -s --insecure --cookie-jar $cookie \
--data "username=admin&password=$passwd" \
https://192.168.0.1
# query the WAN IP
ip=$(curl $curlflags \
curl -s --insecure --cookie $cookie \
-H "X-Requested-With: XMLHttpRequest" \
"https://192.168.0.1/cgi/cgi_action?Action=GetConnectionStatus" \
| jq -r .wan_status.ipaddr)
echo "$ip" | grep -P " *^\d+\.\d+\.\d+\.\d+ *$"
exit $?
| jq -r .wan_status.ipaddr

3
pkgs/sane-scripts/src/sane-reclaim-boot-space
View File

@@ -1,5 +1,4 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p "python3.withPackages (ps: [ ])"
#!/usr/bin/env python3
import os
import os.path

51
pkgs/sane-scripts/src/sane-reclaim-disk-space
View File

@@ -1,52 +1,23 @@
#!/usr/bin/env bash
# script to reclaim some hard drive space
# some of this is documented here:
# - <https://nixos.wiki/wiki/Storage_optimization>
set -e
options=$(getopt -l "gc,rmlint,all" -- "" "$@")
eval "set -- ${options}"
do_rmlint=false
do_gc=false
while true; do
case "$1" in
(--all)
shift
do_gc=true
do_rmlint=true
;;
(--gc)
shift
do_gc=true
;;
(--rmlint)
shift
do_rmlint=true
;;
(--)
shift
if [ $# -eq 0 ]; then
break
fi
;;
(*)
echo "invalid arguments"
exit 1
;;
options=$(getopt -l "fast" -o "f" -- "$@")
do_rmlint=true
for arg in $options; do
case $arg in
-f|--fast)
do_rmlint=false
;;
--)
;;
esac
done
set -x
# scan the store and hard-link identical files
# nix-store --optimise
if [ $do_gc = true ]
then
# TODO: do we need `sudo` here?
# TODO: `nix-store --gc`?
sudo nix-collect-garbage
fi
# always claim nix garbage
sudo nix-collect-garbage
if [ $do_rmlint = true ]
then

30
pkgs/static-nix-shell/default.nix
View File

@@ -1,30 +0,0 @@
{ stdenv
, python3
}:
{
# transform a file which uses `#!/usr/bin/env nix-shell` shebang with a `python3` interpreter
# into a derivation that can be built statically
mkPython3Bin = { pname, pyPkgs ? [], srcPath ? pname, ... }@attrs: stdenv.mkDerivation (
let
evalPyPkgs = ps: builtins.map (name: ps."${name}") pyPkgs;
pyEnv = python3.withPackages evalPyPkgs;
pyPkgsStr = builtins.concatStringsSep " " (builtins.map (p: "ps.${p}") pyPkgs);
in {
version = "0.1.0"; # default version
patchPhase = ''
substituteInPlace ${srcPath} \
--replace '#!/usr/bin/env nix-shell' '#!${pyEnv.interpreter}' \
--replace \
'#!nix-shell -i python3 -p "python3.withPackages (ps: [ ${pyPkgsStr} ])"' \
'# nix deps evaluated statically'
'';
installPhase = ''
mkdir -p $out/bin
mv ${srcPath} $out/bin/${srcPath}
# ensure that all nix-shell references were substituted
! grep nix-shell $out/bin/${srcPath}
'';
} // attrs
);
}

13
readme.md
View File

@@ -32,13 +32,6 @@ this can then be `dd`'d onto a disk and directly booted from a EFI system.
there's some post-processing to do before running a rebuild on the deployed system (deploying ssh keys, optionally changing fs UUIDs, etc).
refer to flake.nix for more details.
## remote deployment
some of my systems support cross compilation (i.e. building from x86-64 for an aarch64 host without using emulation).
- `nixos-rebuild --flake '.#cross-moby' build`
- `sudo nix sign-paths -r -k /run/secrets/nix_serve_privkey $(readlink ./result)`
- `nixos-rebuild --flake '.#cross-moby' switch --target-host colin@moby --use-remote-sudo`
## building packages
build anything with
@@ -52,15 +45,11 @@ on the other hand the `packages` output contains only my own packages.
in addition, my packages are placed into both the global scope and a `sane` scope.
so use the scoped path when you want to be explicit.
```
nix build sane.linux-megous
```
to build a package precisely how a specific host would see it (in case the host's config customizes it):
```
nix build '.#host-pkgs.moby-cross.xdg-utils'
```
## using this repo in your own config
this should be a pretty "standard" flake. just reference it, and import either

5
secrets/universal.yaml
View File

@@ -12,7 +12,6 @@ wg_ovpnd_ukr_privkey: ENC[AES256_GCM,data:5zfhsZnBk0Kb9Nb/3igsV/fN0ZDjwTAGTKyMLM
#ENC[AES256_GCM,data:qlF8rpSMUv6Z/YrOTp7WYs0lcpmSIi/r+gCuiw==,iv:cneNp/0av/ttQvnW4JVX9mj3261QFAzkLIzEMwiKwE8=,tag:FFsPUQBsSeImtymawY4eSg==,type:comment]
router_passwd: ENC[AES256_GCM,data:Tya3Pd75Yu4=,iv:lqi7SavFnymL+uOQXDEzGxgikB6/ckNOBifjhyjXn1Q=,tag:HG3kf6e2g53uNUGI9FXyqQ==,type:str]
jackett_apikey: ENC[AES256_GCM,data:2oGczau3f/w/5iCx3aft0V/t0tO5zsr5Xi/HQ1koTTo=,iv:33VPT8GYCPPJ2RUBP6yuLep9YX/VMW9Kt3MyQPmZuO0=,tag:TUIbutJKV5e3Kc9INk5VUA==,type:str]
transmission_passwd: ENC[AES256_GCM,data:wY9kBcfJCvoPc5YXMgrFxBM=,iv:kjHK30mtcJ8O82Ve1Y4YIFVxaNIoWBWUYB2Zmm0fNMY=,tag:5HjjXP2az22PfkahoMEVwA==,type:str]
sops:
kms: []
gcp_kms: []
@@ -91,8 +90,8 @@ sops:
YmhsY0FaSW5oWVNJMlhUSDRCeWQ4KzAKaQp321XYtAZ98f4QMl5PxivAYm6VMF43
wCThiQgvYAP59jvVDTZngvfWAD5PyWVVvMNbjHGvAzK5WnsTPmxlsg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-03-22T22:24:25Z"
mac: ENC[AES256_GCM,data:JJiPwkMCchOAgQ8p6Xnkpov/SJWDuhIzbHCxhEkqQeiFqpTzGPb9RayWElnGyMeyPpM/CVFfqiRhX96RX2q8+8Bp9uPMfKbt+xt521Wo/JnC3QiwChV72gswjNLYzwZx0kNhjCkoVhjITsv7S02XHV8ky1WpBA/JuvBtQcfZZbg=,iv:QwLN4ZNJIyt0XbvbuqB227WgrfkyX3u/gqdNuUYhbq0=,tag:+vwDS62V+GRrw4nDRBgoWA==,type:str]
lastmodified: "2023-01-20T06:57:29Z"
mac: ENC[AES256_GCM,data:J/yLlcmlX6st/d6c8eL/6DKZiHAELb0/zj+5qOjoE2uAgTTFnojaP4ssrmt7BaLQF1MQNnvkchvuwRv+dAVTXkuYPuDWS3YriAKQIXUx9sHIEoY6Aqa37eBwUNUBuxoR6FvfOGtXrIZuS0f7hZr+ddBZgCSBBE54yeH68Va1tZk=,iv:Y/T8qykrqRVQ8eMkNH2DZa6XoGd5nL18h/2SJucVAD8=,tag:OwZfOyLc29c1bJJIA9IW3Q==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3

48
secrets/universal/net/makespace-south.psk.bin
View File

@@ -1,48 +0,0 @@
{
"data": "ENC[AES256_GCM,data:tNQEuMx+Cp8vRELzeQoWLQail2jy5TEBSqJM1o+tV5mSStTLQFMR+L/cnKQYqEpNWJgZ3kSaqkAUqvY5yG/y7TIUZDWqeLLnOJDrmahku0CFPmC3BC8yjrTaISaDRT0FlLH7Osdk2pbDlmcerPwRaEtptovgHvMeJC9cMrfFUOF6LXdNIh7zslWyYvEzrAPtnxKiyIA7pan8sua2FG6AIfMj10c+p/ck29pqhtxAGJvmMMCjMBB1XNjaYjzRzEddbry84cJjhF2Hyr0j/W4U0SLDdD9cfh8idwmrBAP9zI1/nlHjO1labI+U9WGdyyeoPFY+Phm8qm7WxpFsDZnk4B5IGaN1yB9I7KP4tneSw8VOmz5L7BBJszJRUEOQ95Q7D7gos+ytfbnzIBeHh55eSuRzj5xSqG4dPSp8biBGEC9Y4gShCvxNa7r7tGF82jrI32Xe3MFz5zRsx5HvbpB/xytBS0fguxgtnFm8OJf7j3vyGwQoCCJT4pLpHmhei0JpmicbAIgKCcmz//sSUZKXNMV+rb58ntjvNu/Cy9TgOaNTpmeIpe60Gg5ONXypM8Zdmv+cY3NATg9ukdXpdtjW0+SMTTOC+Ug2z9D0Wy4NUQOsNevVUr/22155v+SGcSImVJtiOZ3xYgjND1n/smoUs7tvOVxb1Qjwty40VLwHi+Od3w==,iv:cBgkFEs/bUBRdQnmxqYiJwqQWMXoJ61lHEnMwkfQ6YQ=,tag:E/Vj1nwF1VrxjSyo55W/Ag==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBieFRHNnN3L2FzMGcraHds\ndDFYU2dwUUU1OVh3WnhtWWk5QlZJNmFLd1Q4CkVaNTYreVRGOXdLWitSc2pleDly\nQjRBbERydFFZbkRpekN5T2xCM2x0bkEKLS0tIFhvNnc5M2x0Q2FvUkRXUVNHOXR5\ncThGazRYaHhrdjlCSFE3TWJ6L09jR2cK50dHVdb6XAsgB9WGlfnbIeYluFNFcfSb\n1m+ElNfsE9VOdEzeEI8sNHvfNtleEv0i1CwdRA48mmMc1LetiDgV+g==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhOStKYTkvYTFZWkFJZk9F\nbW55RTZLWHJXK1lwSE9OSERrdlRQZWdzbDFzCjcycDdsaVNtVTlPYkh5QVZScExl\nbjNzaVRHaVdlU0dHOTRxS1VvSkRjS1kKLS0tIE1zZkJ2K2FxZFpmeEVxdGVkSXEv\nSklmYmJ0TWx6K0FGc2FqejRQQjNmM1UKwInOj1HG+4zKMkocVI7japkdc1FHNORF\nAMfAlEaB36alown3NmxBVD7zZexEU6Stsvv9eKE6clX/vj7Ny+dKgA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTby9zMm5UTmpGS0JMNlNj\nYVlES0RpVWxsV1ZQZm5NTHZzV0pzdjZFS3o4CkRLWVJGU2g5WjN0eWdDMTIvTzE5\naDJnNjJNNitIaDZaaURxVnhacldtODAKLS0tIDNnRWhlN3ZJNklWUVFkOXdCVjVl\nRkdLcTVsb09oemhxWWZEWENsTlFZM00KQRYOR6rD7pOFSWl9KfNRxbWPVwLnMMXW\nLYRReL1xvK+UdYpae/rKbmExoo94W6IZSxoxeB2BFR9Bna5obbFNjA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1zsrsvd7j6l62fjxpfd2qnhqlk8wk4p8r0dtxpe4sdgnh2474095qdu7xj9",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQU2k1WkRVZW1paS9id0hw\ncXhucTlCeThjYm5Fb3A1RnNzREN4eFA5OGh3Cmg2Ym9nOEF3Y0FGYVlra0RuTXh3\nZFVKUnVlSEZGaXlMdVJuZno5K3RTL00KLS0tIHNDV3FJOVhybWpGZ1h3TTZDWGtj\nNEhQQ1A0SGFYNnVzQUhFa25tOW82NWcKTX/QwhOVAWL9tgfzopMAdWuBmzCni1mg\nTfI9R6ZP6gdBESUk7+kLc8uiEJIxuiWCivp9gWr7Xletbm00Pnkglg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vnw7lnfpdpjn62l3u5nyv5xt2c965k96p98kc43mcnyzpetrts9q54mc9v",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZVjN6Q2gvNVFwQ3hjOElE\ndXVUVDdQQWNCdTB0Y1VuVnlsNjg3UlhyMWdRCmpEQ3pZUyswditHd2s2dUlMRmFa\nY3lFc0FwdzNrZzdyZ2hOYzJXdWVXUUUKLS0tIHV4dWcyb0dnWVJnY1pudUxUK1Y0\nbWVhRzdLMjNpc2xxaWQ5U2x0SVdHck0K2gB1itweNVt0kKZj2gO+ek7hlJoxfkoY\ndMCEH+kWxhtXuXHznCZb+Itrm7vGgqWQdXlqilMEYuhLbPHvs5jXMw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1w7mectcjku6x3sd8plm8wkn2qfrhv9n6zhzlf329e2r2uycgke8qkf9dyn",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxNVhjK3hWSVNnb1Y5SUFy\nRWt6TDByWFphNnhNbThubnpIaHc0RERpTlhFCk5reUIzanIvVUxuSEg3RWhZNTBL\nUlNMc2hvejZSUUtXZFFDQ0M0QzBiTjQKLS0tIHhtUjd6ZUVpM2JXaXdsejU3bmFE\nQklLL0NwNjFzOGpGUHoxd2drNUVyTnMKGOEhPALGhyvDBPpuib1R425JBih3cBzs\nofk+eL5cRTwfLe7a/kOeNudNtamKLR8IEfJKgokjtBEaYBNo1P+Vuw==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPOVVwZUM5ODNsNFFzOWdo\nS2RiejlsQVVrSmJ2SVFGbklsSUpCckVnSlZ3CjlmSTJZaE9pMlRiamNtUmxyK3Na\nMFljczFnNktCaUs0eC90M0c1akNxdWcKLS0tIDFoRlNyZVo2R243WGNHR3B3cDI5\nRHZYK2lBM1ZLZWFWM3hzdnR2cTM4aTgK67Ik3qwQEuOuL60BRRGmpmVgdIv/Bavi\njeC4BTwBanXxbhZodFfdtHmgxkqE3w2Eu5ojwFje+obUagj8B3PmNA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age18vq5ktwgeaysucvw9t67drqmg5zd5c5k3le34yqxckkfj7wqdqgsd4ejmt",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEcndDbG03cW0ycTlNeFBT\nbEhxcWVDb2N0MkwxNlN5Tjk0T2NTaEw3bFdFCmJYZnZXZ2xYblBtTi9MWEN5amVa\neDFEN01sTHgxLzNrcVB5OC9TU0ViYUEKLS0tIG8rQ21kU0xlcUEvZkVObFJhRUdp\nNG1EYXBZNVpKUGUxK2xXdFpieVBNZ3MK+bGQrmaY1bE23iuKu1UPoChOOnuSBl9d\ncQlr+Wh4CoKp8YTnTTkFAVrWoXcM0eAVapR7f89GqO2vgefo6bnFHg==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2023-02-27T01:05:22Z",
"mac": "ENC[AES256_GCM,data:QWj5rcyT9xBLdVCkf1mo0lnpeNR3o+HK6MP1n/XWwSWzMM794+byWDWEfjJIq5EuNL3YirbB5ANrGjdWTzL3UU1WsW3kr0pan2dSrBs9wR4d9RNS1TcFXvxhC0WEEVP1n3wwfOb/TKd9irpv8n2M973atQKJXSTecqOFgDxDa0M=,iv:TcjQuwW9SZlMbHtEj2O+76qnvPsvhrJ3mNmsobEA6rU=,tag:GeVf5bPecUNn8TQ1C12aFA==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.7.3"
}
}

48
secrets/universal/offlineimaprc.bin
View File

@@ -1,48 +0,0 @@
{
"data": "ENC[AES256_GCM,data:YQ3g+zqZoOv6+cjsxahFLlzzJsyNmIzOf0UW/V5Q8WJ5BlfJem/u9SJd9HbYfAZuTGkSzRVTvC3woivV0WOCf+EZ1SPSOLwCFtNKh0kgIsSbZRHJqfMQPzZkd93tAARXj7Gtgi2yGGvIhW9MTDvUDDW1umho46fP61f9JRPflAXRu9JwEDpwVIIkAqk4Jdq3G3wnrkjK7fNQkpULAYqDJzH7IeUUNFbt1/tsI8uj1bzpYzjLkZ9r8grgSO7mpt2h4vPdGrd+XVRT0WG/MLZnukN9rXDfHkrqFtn4XBkp+biQj4RFflNr9/FyZUEqb5wvB5pMMatRdv+PUdgtuSQubfKPHdYXic0Bi+Lgm3gA8FlYnel6dP5I8DXgo4Jupyhw/KMTySn3nhHrhFieSmTItZZ1KKtaQxFGNdnYVcCJCUkwKNM6M5nX+LryxD9MkAn+L2o11QYW6q9HhxO+hXi0IWfq9aRRtU/mw2Og7nA9oesoJqmid7zXVsErsRhnFlEHt7Z6qCbnhcC9lyT/KhK4E0+sJpeukyDVmNAb31040zIKEOQMFyMHw1nRFHxth4Kw2AGIRA/UiB1JxR/QW+1tZSB8MPS6GtklXE6GAlphAnssrkIc+5L+bWJTOwSYsw6T6SYCMO5I/0OEgZTys6/dYVLSl6GVmYb5Ck8GEzOx7W1fnFQt7KepZUTGstMQ0CsI1zktmXzJel1C+MBga7IC6+P8mB42GZv1mBRiEGs8fjo3HqaoF3omC/7FUrc6UlQnExMEXqgm7jbENL5mfk04zS1YzbMHR6JZapVSD8ykHMkGSYbpqhzgcam0c6aQLD7mGcMZ4L+2FZtgnSPmmfjKxlZJIQE66NWq586N7e+7SWSi9rqEstXGhAahM1RWIog4EW3npOUmNBbz152QaYZeNNTYE+L/9n+oVeWT0evlHxiCpATxgo+DoR6z66U5QYN5EFXcsR/I1s2UUc8xTwwjgEfXkM/IEZUkEHH/kZNJPdmqtpA=,iv:HYjtUSGs1JgxE8HzZ+xYUZoPYanOC6HAVlIdJR8O77o=,tag:teJOFIMtHLs9yzDQIPV0oA==,type:str]",
"sops": {
"kms": null,
"gcp_kms": null,
"azure_kv": null,
"hc_vault": null,
"age": [
{
"recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4Wmx4QUZSZVFYM1NjRGxO\nRzhmSGV1RTViTjljM0kyaitsV05Jc1dQcXpNCjdFR1FWTFY0L1NkclVJQ2t2bk1P\nNk1WeDA4TE9Zcjc2MkNTeDltQk5TSW8KLS0tIGIvcmNVdDN6eldMamxrWUJ0ekZF\nWlcyN0haZFpmQVcyWS9vOFBHVmFiamMKwROo4FD5Y6TiSDK8byxAq4T9Rtvy1Dr+\nExZFzLeJxXBukLJgzxV8UpBNbcGejetyOZiH+GPwdwO4QKlMGiCsog==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBEYzhiZjFVWEZidGJpRkpl\nOSszdUNiWDlIMVVTaGFVdi9oZjFoYVhwOFM0CjFNR0ZadExxZDBnOEU1eEJXaHda\nK0NyWmhHZzdSOHFHbEYrQnhwMTcxdVUKLS0tIGd0WjFOczRCSkpkZFpOSDdlTFhG\nQUFQMlRDa1YwM0F0N2U2ZFdxa3YrMFEKXNdULEzPEh3Wk+PxgRt0fypVNAaa682u\nMZBfQbNnAOVU5xlM66+YGWXY/ENWwr3nEauNKq7pWLZqQOCA9RnvvQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1TFcvWll5RGZDeU5RYnpS\nb1hHcG4vbzBxL3RiRjl2eUhGbHFjSTJYZ0hBCkhyQUtacktuR0ZZNkM3cEdyMTd1\nVnpMZlNPL1NzcUZzWnd0VC9veW1jL0UKLS0tIHdQalI4N3ZRVFdsMEtCUllBREZG\nUmdQYVVqUGZ0QXJKODFvblgvYnRnZTgKKMmEswejP1HdEtg9hK10pRlt89Iz2iF8\npcZTBFjMnahLvxI4M8HCF7ESxI46jebyna43ZzELQQLPGLuZG0n3Bg==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1zsrsvd7j6l62fjxpfd2qnhqlk8wk4p8r0dtxpe4sdgnh2474095qdu7xj9",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBScXJpV2NkMFhJaDNGVHRZ\nVlRCZVkzSWFyTFRCUktYNFNYekwrNkpITUMwCkZlZm14Q2dZVGlFd2VZZWpmSFU4\nelhNVmE1b015YWYzcGRRa2VMS1ErMDQKLS0tIHFxaEJ4M3cxSHlNV2ppaFUzcTlk\nZWVuN085TnRES0ZGZko3Ym9vOXRhSEEKU8YZFKtDzokS1OXlqA3vBe2C5N7Em+Oq\nDh5N+2qrvqKUzT/YVg9j/YIPswrn2WMJ2xgMgT5VVK+2kn38fk4n4A==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1vnw7lnfpdpjn62l3u5nyv5xt2c965k96p98kc43mcnyzpetrts9q54mc9v",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZWWFFZGVPTEVlc1hvQ3Qy\nUTNrc1Y0ek9ONlQ0RzlkbTNWangrdnFVZ0hNCkovNCtkaG9JUlpnRFJBMFE0Nmkz\nNXByUjlLRUd6RUV1OU53UjBEZnNjTUUKLS0tIDd4S3VrVDkvanlzZStkYllQT3NN\nYWxyYW1pVmt3djIyWVhtdEZCVlducmMKI94q+UTXpUGa/up0lVbWqmBYcPpuoLZD\neW2KbX2MTzotJVXlJyckYvaylEyyN1pKO37OViPnzik2cJYCyD8QSQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1w7mectcjku6x3sd8plm8wkn2qfrhv9n6zhzlf329e2r2uycgke8qkf9dyn",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhN2ZkbzB1K0g4V0NPQ21x\nckQ3MFVwZzBwNDMzVk9mb0YvVmJxYm5hTTB3CkgzWTR1dUkrdkFKeDBjNWpCcnl2\nY2lCU0dPcUh1VXdWbExST29nRFFQcHMKLS0tIEFucEpGc2s4VGhGYWlQQW9Kd1pt\nTGY5YURVa1NYUit1UHpPVm4zTHNTVVUKTyKPabMpXBkiV9MSfoJr41DfJjzW6FVP\nHWVfUwoVeKEYVJEPYIcso4kywroBWJ5tBpeOdsbth9en3TOHHlBXCQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvN2dvUDRXUWc2eVVoQ2xK\ndXc2anJZVjhobjJrODVlbXNuZjNhZ2lpNERnCkN6V0Y2QmlGNHVJM3JoQ3hwbHJo\nTncrVVN3R0wvQVAzb293WFpCV29BNUEKLS0tIFdhV3RSbkZQVVBxVWpuYzk4bzZt\nekhxSEFFMHRBZWZaOWxUVnFUbkluUFUK53HBDttykEO7lB/86d/ey4I4AZsLrvLm\n7J/rItqQeNJ1qYp/J3HSilbDZmQBI8jM95SP75tUPsmWndK1i9gHlA==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age18vq5ktwgeaysucvw9t67drqmg5zd5c5k3le34yqxckkfj7wqdqgsd4ejmt",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHNXB2dkJoMzlJRlJxbGRS\nNTl2YmRUb3YxdEcwRnhuT1RHMTJMNm1MQUZjCkMrNGEzV05sdWc1OUROU2V2UVlJ\nSGl1bGxNSzBZalRZd0YyMElEbGlXZWsKLS0tIFRVQmpqRGNmTW9YaTN2Y0JtNHp6\nbkw0dTlmNVFwQkl6Q1ZIcUNxTGp2TzAKaZawNzF3mYl/m0X/IbfWL8WhLllF6fkT\nl5BQg3uMLC4pTnRcZHmBLrzRHhoOy9qLLkiimkQaseUhI+hAUt9bAQ==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2023-03-03T08:41:07Z",
"mac": "ENC[AES256_GCM,data:cxu1p3O0CLiIrqD7HrFUiDPrbF7N3puR3C6VKLfmWa0liHIrkwylOHhyP2WYL1GnbXrMdSZEZ9W487yqsFMiVLyVYmvrg6/TB0I936+PdPgb3miBlb1aE+g23FHQNbpTthbdLJow2tbw1n152ZwtjHPZ+swQhoexeZrpNJipBZ4=,iv:/uua9R2uXvJISgETRBaAREFW3+DsAi+dN4DoMMYHKi8=,tag:wUITr1eIhndhK6EVEyOmog==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
"version": "3.7.3"
}
}