shelvacu/nix-stuff
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stuff

Browse Source
This commit is contained in:
Shelvacu
2025-05-16 14:16:47 -07:00
committed by Shelvacu on fw
parent dc3a8d060d
commit b0013e5cf2
10 changed files with 233 additions and 250 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
common/default.nix
View File

@@ -4,6 +4,8 @@
lib,
inputs,
vacuModuleType,
vacuModules,
vaculib,
...
}:
let
@@ -22,33 +24,34 @@ if !builtins.elem vacuModuleType expectedModuleTypes then
else
{
imports = [
./package-set.nix
./shell
./nixvim.nix
./ssh.nix
./nix.nix
./verify-system
./defaultPackages.nix
./lib
./sops.nix
vacuModules.packageSet
vacuModules.systemKind
../dns
./assertions.nix
./common-but-not.nix
./nixos.nix
./nix-on-droid.nix
./nixos-rebuild.nix
./minimal-nixos.nix
./acmeDependencies.nix
./nix-on-droid.nix
./remapCapsLock.nix
./sourceTree.nix
./units-impl.nix
./units-config.nix
./lix.nix
./assertions.nix
./checks.nix
./common-but-not.nix
./defaultPackages.nix
./git.nix
./hpn.nix
./checks.nix
./lib
./lix.nix
./minimal-nixos.nix
./nixos.nix
./nixos-rebuild.nix
./nixvim.nix
./nix.nix
./nix-on-droid.nix
./remapCapsLock.nix
./shell
./sops.nix
./sourceTree.nix
./ssh.nix
./staticNames.nix
./units-config.nix
./units-impl.nix
./verify-system
];
options = {
vacu.rootCAs = mkOption { type = types.listOf types.str; };
@@ -65,14 +68,6 @@ else
type = types.nullOr types.str;
default = config.vacu.hostName;
};
vacu.systemKind = mkOption {
type = types.enum [
"minimal"
"desktop" # need a better name for this; should include laptops; everything I intend to get computery-stuff done on.
"container"
"server"
];
};
vacu.vnopnCA = mkOption {
readOnly = true;
type = types.str;
@@ -112,59 +107,6 @@ else
keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
};
# vacu.ssh-hpn.enable = true;
vacu.git.enable = config.vacu.systemKind == "server" || config.vacu.systemKind == "desktop";
vacu.git.config = {
init.defaultBranch = "master";
pull.rebase = false;
user.name = "Shelvacu";
user.email = "git@shelvacu.com";
author.name = "Shelvacu";
author.email = "git@shelvacu.com";
committer.name = "Shelvacu on ${config.vacu.hostName}";
committer.email = "git@shelvacu.com";
user.useConfigOnly = true;
checkout.workers = 0;
# We *could* use atomic writes, but those are slowwwwww! Are you sure????? - git, still living in the 90s
# Yes git, I'm sure
core.fsync = "all";
diff.mnemonicPrefix = true;
gc.reflogExpire = "never";
gc.reflogExpireUnreachable = "never";
url."https://github.com/".insteadOf = [
"hgh:"
"github-http:"
"github-https:"
];
url."git@github.com:".insteadOf = [
"sgh:"
"gh:"
"github-ssh:"
];
url."git@github.com:shelvacu/".insteadOf = [ "vgh:" ];
url."https://gitlab.com/".insteadOf = [
"hgl:"
"gitlab-http:"
"gitlab-https:"
];
url."git@gitlab.com:".insteadOf = [
"sgl:"
"gl:"
"gitlab-ssh:"
];
url."git@gitlab.com:shelvacu/".insteadOf = [ "vgl:" ];
url."https://git.uninsane.org/".insteadOf = [
"hu:"
"uninsane-http:"
"uninsane-https:"
];
url."git@git.uninsane.org:".insteadOf = [
"u:"
"su:"
"uninsane-ssh"
];
url."git@git.uninsane.org:shelvacu/".insteadOf = [ "vu:" ];
};
vacu.vnopnCA = ''
-----BEGIN CERTIFICATE-----
MIIBnjCCAUWgAwIBAgIBBTAKBggqhkjOPQQDAjAgMQswCQYDVQQGEwJVUzERMA8G

150
common/git.nix
View File

@@ -1,100 +1,58 @@
{ config, vacuModules, ... }:
{
lib,
config,
pkgs,
vacuModuleType,
...
}:
let
inherit (lib) types;
cfg = config.vacu.git;
in
{
imports = [
{
# https://github.com/NixOS/nixpkgs/blob/e8c38b73aeb218e27163376a2d617e61a2ad9b59/nixos/modules/programs/git.nix#L16
options.vacu.git = {
package = lib.mkPackageOption pkgs "git" { };
enable = lib.mkEnableOption "git";
config = lib.mkOption {
type =
let
gitini = types.attrsOf (types.attrsOf types.anything);
in
types.either gitini (types.listOf gitini)
// {
merge =
loc: defs:
let
config =
builtins.foldl'
(
acc:
{ value, ... }@x:
acc
// (
if builtins.isList value then
{ ordered = acc.ordered ++ value; }
else
{ unordered = acc.unordered ++ [ x ]; }
)
)
{
ordered = [ ];
unordered = [ ];
}
defs;
in
[ (gitini.merge loc config.unordered) ] ++ config.ordered;
};
default = [ ];
};
lfs.enable = lib.mkEnableOption "git lfs";
lfs.package = lib.mkPackageOption pkgs "git-lfs" { };
configText = lib.mkOption {
readOnly = true;
type = types.str;
};
};
imports = [ vacuModules.git ];
config.vacu.git.configText = lib.concatMapStringsSep "\n" lib.generators.toGitINI cfg.config;
}
(lib.mkIf cfg.enable {
vacu.packages.git = {
enable = true;
package = cfg.package;
};
})
(lib.mkIf (cfg.enable && cfg.lfs.enable) {
vacu.packages.git-lfs = {
enable = true;
package = cfg.lfs.package;
};
vacu.git.config =
let
bin = lib.getExe cfg.lfs.package;
in
{
filter.lfs = {
clean = "${bin} clean -- %f";
smudge = "${bin} smudge -- %f";
process = "${bin} filter-process";
required = true;
};
};
})
(lib.optionalAttrs (vacuModuleType == "nixos") {
vacu.assertions = [
{
assertion = !(cfg.enable && config.programs.git.enable);
message = "vacu.git and programs.git should not both be enabled";
}
];
vacu.git.enable = config.vacu.systemKind == "server" || config.vacu.systemKind == "desktop";
vacu.git.config = {
init.defaultBranch = "master";
pull.rebase = false;
user.name = "Shelvacu";
user.email = "git@shelvacu.com";
author.name = "Shelvacu";
author.email = "git@shelvacu.com";
committer.name = "Shelvacu on ${config.vacu.hostName}";
committer.email = "git@shelvacu.com";
user.useConfigOnly = true;
checkout.workers = 0;
# "We *could* use atomic writes, but those are slowwwwww! Are you sure?????" - git, still living in the 90s
# Yes git, I'm sure
core.fsync = "all";
diff.mnemonicPrefix = true;
gc.reflogExpire = "never";
gc.reflogExpireUnreachable = "never";
programs.git.enable = lib.mkIf cfg.enable false;
})
(lib.optionalAttrs (vacuModuleType == "nixos" || vacuModuleType == "nix-on-droid") {
environment = lib.mkIf (cfg.enable && cfg.config != [ ]) { etc.gitconfig.text = cfg.configText; };
})
];
url."https://github.com/".insteadOf = [
"hgh:"
"github-http:"
"github-https:"
];
url."git@github.com:".insteadOf = [
"sgh:"
"gh:"
"github-ssh:"
];
url."git@github.com:shelvacu/".insteadOf = [ "vgh:" ];
url."https://gitlab.com/".insteadOf = [
"hgl:"
"gitlab-http:"
"gitlab-https:"
];
url."git@gitlab.com:".insteadOf = [
"sgl:"
"gl:"
"gitlab-ssh:"
];
url."git@gitlab.com:shelvacu/".insteadOf = [ "vgl:" ];
url."https://git.uninsane.org/".insteadOf = [
"hu:"
"uninsane-http:"
"uninsane-https:"
];
url."git@git.uninsane.org:".insteadOf = [
"u:"
"su:"
"uninsane-ssh"
];
url."git@git.uninsane.org:shelvacu/".insteadOf = [ "vu:" ];
};
}

1
common/nixos.nix
View File

@@ -24,7 +24,6 @@ lib.optionalAttrs (vacuModuleType == "nixos") {
enable = config.services.xserver.enable;
package = pkgs.xorg.xev;
};
environment.systemPackages = config.vacu.packageList;
programs.nix-ld.enable = true;
system.nixos.tags = [
"vacu${config.vacu.versionId}"

77
flake.nix
View File

@@ -84,6 +84,7 @@
arm = "aarch64-linux";
lib = import "${nixpkgs}/lib";
overlays = import ./overlays;
vacuModules = import ./modules;
mkPlainInner =
pkgs:
lib.evalModules {
@@ -94,9 +95,10 @@
specialArgs = {
inherit pkgs;
inherit lib;
inherit (inputs) dns;
vacuModuleType = "plain";
inherit inputs;
inherit (inputs) dns;
inherit vacuModules;
vacuModuleType = "plain";
};
};
mkPlain =
@@ -159,6 +161,7 @@
specialArgs = {
inherit inputs;
inherit (inputs) dns;
inherit vacuModules;
vacuModuleType = "nixos";
};
inherit system;
@@ -239,6 +242,7 @@
extraSpecialArgs = {
inputs = mkInputs { };
inherit (inputs) dns;
inherit vacuModules;
vacuModuleType = "nix-on-droid";
};
pkgs = mkPkgs { system = arm; };
@@ -254,8 +258,11 @@
_module.args.inputs = { inherit (inputs) self; };
node.pkgs = pkgs;
node.pkgsReadOnly = true;
node.specialArgs.selfPackages = self.packages.${system};
node.specialArgs.vacuModuleType = "nixos";
node.specialArgs = {
inherit vacuModules;
selfPackages = self.packages.${system};
vacuModuleType = "nixos";
};
};
mkTest =
name:
@@ -349,68 +356,6 @@
];
archival = import ./archive.nix { inherit self pkgs lib; };
# all =
# let
# linksNoContext = removeAttrs self.qb self.brokenBuilds;
# links = builtins.mapAttrs (
# name: val: builtins.addErrorContext "while evaluating link ${name}" val
# ) linksNoContext;
# in
# pkgs.runCommand "nix-stuff-all"
# {
# __structuredAttrs = true;
# inherit links;
# }
# ''
# mkdir $out
# cd $out
# eval "$(${pkgs.jq}/bin/jq '.links | to_entries | map("ln -s "+.value+" "+.key) | join("\n")' /build/.attrs.json -r)"
# '';
# allPure = self.all.overrideAttrs (prev: {
# links = removeAttrs prev.links self.impureBuilds;
# });
# archiveSmall =
# let
# ignoreList = [
# "iso"
# "host-pxe-installer"
# "host-pxe-installer-aarch64"
# "pxe-initrd"
# ];
# # We don't want iso/img derivations here because they de-dupe terribly. Any change anywhere requires generating a new iso/img file.
# isoContents = lib.concatStringsSep "\n" (
# map (
# c: "${c.source} => ${c.target}"
# ) self.nixosConfigurations.shel-installer-iso.config.isoImage.contents
# );
# isoContentsPkg = pkgs.writeText "iso-contents" isoContents;
# pxeConfig = self.nixosConfigurations.shel-installer-pxe.config;
# pxeContents = pkgs.linkFarm "pxe-initrd-contents" {
# inherit (pxeConfig.boot.initrd) compressor;
# inherit (pxeConfig.system.build) initialRamdisk;
# storeContents = pkgs.linkFarmFromDrvs "store-contents" pxeConfig.netboot.storeContents;
# };
# allButImgs = self.all.overrideAttrs (prev: {
# links = (removeAttrs prev.links ignoreList) // {
# iso-contents = isoContentsPkg;
# pxe-contents = pxeContents;
# };
# });
# in
# allButImgs;
#
# archive =
# let
# inherit (self) archiveSmall;
# in
# archiveSmall.overrideAttrs (prev: {
# links = prev.links // {
# build-deps = pkgs.closureInfo { rootPaths = [ archiveSmall.drvPath ]; };
# };
# });
}
// (inputs.flake-utils.lib.eachDefaultSystem (
system:

2
fw/default.nix
View File

@@ -19,7 +19,7 @@
vacu.hostName = "fw";
vacu.shell.color = "magenta";
vacu.verifySystem.expectedMac = "e8:65:38:52:5c:59";
vacu.systemKind = "desktop";
vacu.systemKind = "laptop";
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_12;

2
legtop/default.nix
View File

@@ -11,7 +11,7 @@
vacu.shortHostName = "lt";
vacu.shell.color = "blue";
vacu.verifySystem.expectedMac = "30:9e:90:33:01:07";
vacu.systemKind = "desktop";
vacu.systemKind = "laptop";
system.stateVersion = "24.05";

5
modules/default.nix Normal file
View File

@@ -0,0 +1,5 @@
let
directoryListing = builtins.removeAttrs (builtins.readDir ./.) [ "default.nix" ];
packagePaths = builtins.mapAttrs (k: v: assert v == "directory"; ./${k}/module.nix) directoryListing;
in
packagePaths

101
modules/git/module.nix Normal file
View File

@@ -0,0 +1,101 @@
{
lib,
config,
pkgs,
vacuModuleType,
vacuModules,
...
}:
let
inherit (lib) types;
cfg = config.vacu.git;
in
{
imports = [
{
# https://github.com/NixOS/nixpkgs/blob/e8c38b73aeb218e27163376a2d617e61a2ad9b59/nixos/modules/programs/git.nix#L16
options.vacu.git = {
package = lib.mkPackageOption pkgs "git" { };
enable = lib.mkEnableOption "git";
config = lib.mkOption {
type =
let
gitini = types.attrsOf (types.attrsOf types.anything);
in
types.either gitini (types.listOf gitini)
// {
merge =
loc: defs:
let
config =
builtins.foldl'
(
acc:
{ value, ... }@x:
acc
// (
if builtins.isList value then
{ ordered = acc.ordered ++ value; }
else
{ unordered = acc.unordered ++ [ x ]; }
)
)
{
ordered = [ ];
unordered = [ ];
}
defs;
in
[ (gitini.merge loc config.unordered) ] ++ config.ordered;
};
default = [ ];
};
lfs.enable = lib.mkEnableOption "git lfs";
lfs.package = lib.mkPackageOption pkgs "git-lfs" { };
configText = lib.mkOption {
readOnly = true;
type = types.str;
};
};
config.vacu.git.configText = lib.concatMapStringsSep "\n" lib.generators.toGitINI cfg.config;
}
(lib.mkIf cfg.enable {
vacu.packages.git = {
enable = true;
package = cfg.package;
};
})
(lib.mkIf (cfg.enable && cfg.lfs.enable) {
vacu.packages.git-lfs = {
enable = true;
package = cfg.lfs.package;
};
vacu.git.config =
let
bin = lib.getExe cfg.lfs.package;
in
{
filter.lfs = {
clean = "${bin} clean -- %f";
smudge = "${bin} smudge -- %f";
process = "${bin} filter-process";
required = true;
};
};
})
(lib.optionalAttrs (vacuModuleType == "nixos") {
vacu.assertions = [
{
assertion = !(cfg.enable && config.programs.git.enable);
message = "vacu.git and programs.git should not both be enabled";
}
];
programs.git.enable = lib.mkIf cfg.enable false;
})
(lib.optionalAttrs (vacuModuleType == "nixos" || vacuModuleType == "nix-on-droid") {
environment = lib.mkIf (cfg.enable && cfg.config != [ ]) { etc.gitconfig.text = cfg.configText; };
})
];
}

10
common/package-set.nix → modules/packageSet/module.nix
View File

@@ -2,6 +2,7 @@
config,
pkgs,
lib,
vacuModuleType,
...
}:
let
@@ -70,11 +71,16 @@ in
types.either types.str types.package
)) packageListToSet packagesSetType;
};
vacu.packageList = mkOption {
vacu.finalPackageList = mkOption {
type = types.listOf types.package;
readOnly = true;
};
};
config.vacu.packageList = enabledPkgs;
config = {
vacu.finalPackageList = enabledPkgs;
}
// lib.optionalAttrs (vacuModuleType == "nixos") { environment.systemPackages = config.vacu.finalPackageList; }
// lib.optionalAttrs (vacuModuleType == "nix-on-droid") { environment.packages = config.vacu.finalPackageList; }
;
}

27
modules/systemKind/module.nix Normal file
View File

@@ -0,0 +1,27 @@
{
config,
lib,
vaculib,
...
}:
let
inherit (lib) mkOption types;
inherit (vaculib) mkOutOption;
inherit (config.vacu) systemKind;
in
{
options = {
vacu.systemKind = mkOption {
type = types.enum [
"minimal"
"desktop" # need a better name for this; should include laptops; everything I intend to get computery-stuff done on.
"laptop"
"container"
"server"
];
};
vacu.isMinimal = mkOutOption (systemKind == "minimal" || systemKind == "container");
vacu.isGui = mkOutOption (systemKind == "desktop" || systemKind == "laptop");
vacu.isDev = mkOutOption (systemKind == "desktop" || systemKind == "laptop" || systemKind == "server");
};
}