shelvacu/nix-stuff
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of git.uninsane.org:shelvacu/nix-stuff

Browse Source
This commit is contained in:
Shelvacu
2024-12-02 16:16:42 -08:00
committed by Shelvacu on fw
parent 99e455899c ecae5207e8
commit f653c8099c
15 changed files with 427 additions and 362 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
common/default.nix
View File

@@ -119,14 +119,38 @@ else
gc.reflogExpire = "never";
gc.reflogExpireUnreachable = "never";
url."https://github.com/".insteadOf = [ "hgh:" "github-http:" "github-https:" ];
url."git@github.com:".insteadOf = [ "sgh:" "gh:" "github-ssh:" ];
url."https://github.com/".insteadOf = [
"hgh:"
"github-http:"
"github-https:"
];
url."git@github.com:".insteadOf = [
"sgh:"
"gh:"
"github-ssh:"
];
url."git@github.com:shelvacu/".insteadOf = [ "vgh:" ];
url."https://gitlab.com/".insteadOf = [ "hgl:" "gitlab-http:" "gitlab-https:" ];
url."git@gitlab.com:".insteadOf = [ "sgl:" "gl:" "gitlab-ssh:" ];
url."https://gitlab.com/".insteadOf = [
"hgl:"
"gitlab-http:"
"gitlab-https:"
];
url."git@gitlab.com:".insteadOf = [
"sgl:"
"gl:"
"gitlab-ssh:"
];
url."git@gitlab.com:shelvacu/".insteadOf = [ "vgl:" ];
url."https://git.uninsane.org/".insteadOf = [ "hu:" "uninsane-http:" "uninsane-https:" ];
url."git@git.uninsane.org:".insteadOf = [ "u:" "su:" "uninsane-ssh" ];
url."https://git.uninsane.org/".insteadOf = [
"hu:"
"uninsane-http:"
"uninsane-https:"
];
url."git@git.uninsane.org:".insteadOf = [
"u:"
"su:"
"uninsane-ssh"
];
url."git@git.uninsane.org:shelvacu/".insteadOf = [ "vu:" ];
};
vacu.vnopnCA = ''

110
common/defaultPackages.nix
View File

@@ -27,59 +27,61 @@ lib.mkMerge [
];
})
{
vacu.packages = (with pkgs; [
nixos-rebuild
which
nano
vim
wget
screen
tmux
lsof
htop
mosh
dnsutils
iperf3
rsync
ethtool
sshfs
ddrescue
pciutils
ncdu
pv
unzip
file
ripgrep
jq
tree
iputils
ssh-to-age
sops
inetutils
diffutils
findutils
util-linux
tzdata
hostname
gnugrep
gnused
gnutar
bzip2
gzip
xz
zip
unzip
openssh
dig
bash
usbutils
psutils
killall
git
curl
gnutls
]) ++ [
(config.vacu.units.finalPackage)
];
vacu.packages =
(with pkgs; [
nixos-rebuild
which
nano
vim
wget
screen
tmux
lsof
htop
mosh
dnsutils
iperf3
rsync
ethtool
sshfs
ddrescue
pciutils
ncdu
pv
unzip
file
ripgrep
jq
tree
iputils
ssh-to-age
sops
inetutils
diffutils
findutils
util-linux
tzdata
hostname
gnugrep
gnused
gnutar
bzip2
gzip
xz
zip
unzip
openssh
dig
bash
usbutils
psutils
killall
git
curl
gnutls
])
++ [
(config.vacu.units.finalPackage)
];
}
]

10
common/desktopApps.nix Normal file
View File

@@ -0,0 +1,10 @@
{
pkgs,
lib,
vacuModuleType,
...
}:
lib.optionalAttrs (vacuModuleType == "nixos") {
options.vacu.desktopApps = lib.mkEnableOption "asdf";
#todo
}

153
common/git.nix
View File

@@ -1,4 +1,4 @@
{
{
lib,
config,
pkgs,
@@ -9,69 +9,96 @@ let
inherit (lib) types;
cfg = config.vacu.git;
in
{ imports = [
{
# https://github.com/NixOS/nixpkgs/blob/e8c38b73aeb218e27163376a2d617e61a2ad9b59/nixos/modules/programs/git.nix#L16
options.vacu.git = {
package = lib.mkPackageOption pkgs "git" {};
enable = lib.mkEnableOption "git";
config = lib.mkOption {
type =
let
gitini = types.attrsOf (types.attrsOf types.anything);
in
types.either gitini (types.listOf gitini) // {
merge = loc: defs:
let
config = builtins.foldl'
(acc: { value, ... }@x: acc // (if builtins.isList value then {
ordered = acc.ordered ++ value;
} else {
unordered = acc.unordered ++ [ x ];
}))
{
ordered = [ ];
unordered = [ ];
}
defs;
in
[ (gitini.merge loc config.unordered) ] ++ config.ordered;
};
default = [];
};
lfs.enable = lib.mkEnableOption "git lfs";
lfs.package = lib.mkPackageOption pkgs "git-lfs" {};
configText = lib.mkOption {
readOnly = true;
type = types.str;
};
};
config.vacu.git.configText = lib.concatMapStringsSep "\n" lib.generators.toGitINI cfg.config;
}
(lib.mkIf cfg.enable { vacu.packages.git = { enable = true; package = cfg.package; }; })
(lib.mkIf (cfg.enable && cfg.lfs.enable) {
vacu.packages.git-lfs = { enable = true; package = cfg.lfs.package; };
vacu.git.config = let bin = lib.getExe cfg.lfs.package; in {
filter.lfs = {
clean = "${bin} clean -- %f";
smudge = "${bin} smudge -- %f";
process = "${bin} filter-process";
required = true;
};
};
})
(lib.optionalAttrs (vacuModuleType == "nixos") {
vacu.assertions = [
imports = [
{
assertion = !(cfg.enable && config.programs.git.enable);
message = "vacu.git and programs.git should not both be enabled";
# https://github.com/NixOS/nixpkgs/blob/e8c38b73aeb218e27163376a2d617e61a2ad9b59/nixos/modules/programs/git.nix#L16
options.vacu.git = {
package = lib.mkPackageOption pkgs "git" { };
enable = lib.mkEnableOption "git";
config = lib.mkOption {
type =
let
gitini = types.attrsOf (types.attrsOf types.anything);
in
types.either gitini (types.listOf gitini)
// {
merge =
loc: defs:
let
config =
builtins.foldl'
(
acc:
{ value, ... }@x:
acc
// (
if builtins.isList value then
{
ordered = acc.ordered ++ value;
}
else
{
unordered = acc.unordered ++ [ x ];
}
)
)
{
ordered = [ ];
unordered = [ ];
}
defs;
in
[ (gitini.merge loc config.unordered) ] ++ config.ordered;
};
default = [ ];
};
lfs.enable = lib.mkEnableOption "git lfs";
lfs.package = lib.mkPackageOption pkgs "git-lfs" { };
configText = lib.mkOption {
readOnly = true;
type = types.str;
};
};
config.vacu.git.configText = lib.concatMapStringsSep "\n" lib.generators.toGitINI cfg.config;
}
(lib.mkIf cfg.enable {
vacu.packages.git = {
enable = true;
package = cfg.package;
};
})
(lib.mkIf (cfg.enable && cfg.lfs.enable) {
vacu.packages.git-lfs = {
enable = true;
package = cfg.lfs.package;
};
vacu.git.config =
let
bin = lib.getExe cfg.lfs.package;
in
{
filter.lfs = {
clean = "${bin} clean -- %f";
smudge = "${bin} smudge -- %f";
process = "${bin} filter-process";
required = true;
};
};
})
(lib.optionalAttrs (vacuModuleType == "nixos") {
vacu.assertions = [
{
assertion = !(cfg.enable && config.programs.git.enable);
message = "vacu.git and programs.git should not both be enabled";
}
];
})
(lib.optionalAttrs (vacuModuleType == "nixos" || vacuModuleType == "nix-on-droid") {
environment = lib.mkIf (cfg.enable && cfg.config != [ ]) {
etc.gitconfig.text = cfg.configText;
};
})
];
})
(lib.optionalAttrs (vacuModuleType == "nixos" || vacuModuleType == "nix-on-droid") {
environment = lib.mkIf (cfg.enable && cfg.config != []) {
etc.gitconfig.text = cfg.configText;
};
})
]; }
}

10
common/lix.nix
View File

@@ -2,6 +2,10 @@
inputs,
vacuModuleType,
...
}: if vacuModuleType == "nixos" then {
imports = [ inputs.lix-module.nixosModules.default ];
} else {}
}:
if vacuModuleType == "nixos" then
{
imports = [ inputs.lix-module.nixosModules.default ];
}
else
{ }

2
common/ssh.nix
View File

@@ -41,7 +41,7 @@ in
default = { };
};
vacu.ssh.config = mkOption { type = types.lines; };
# Straight copied from nixpkgs
# Straight copied from nixpkgs
# https://github.com/NixOS/nixpkgs/blob/46397778ef1f73414b03ed553a3368f0e7e33c2f/nixos/modules/programs/ssh.nix
vacu.ssh.knownHosts = mkOption {
default = { };

47
common/units-impl.nix
View File

@@ -7,27 +7,33 @@
}:
let
inherit (lib) mkOption types;
unitNameRegex = let
# Unit names cannot begin or end with an underscore (_), a comma (,) or a decimal point (.). Names must not contain any of the operator characters +, -, *, /, |, ^, ;, ~, the comment character #, or parentheses. To facilitate copying and pasting from documents, several typographical characters are converted to operators: the figure dash (U+2012), minus (-; U+2212), and en dash (; U+2013) are converted to the operator -; the multiplication sign (×; U+00D7), N-ary times operator (U+2A09), dot operator (‘⋅’; U+22C5), and middle dot (‘·’; U+00B7) are converted to the operator *; the division sign (‘÷’; U+00F7) is converted to the operator /; and the fraction slash (U+2044) is converted to the operator |; accordingly, none of these characters can appear in unit names.
disallowedAnywhere = "+*/|^;~#()" + (builtins.fromJSON ''"\u2012\u2212\u2013\u00d7\u2a09\u22c5\u00b7\u00f7\u2044"'');
disallowedMiddle = "-" + disallowedAnywhere;
disallowedAtEnd = "23456789_,." + disallowedAnywhere;
disallowedAtBegin = "-01" + disallowedAtEnd;
anyExcept = chars: ''[^${lib.escapeRegex chars}]'';
singleChar = anyExcept disallowedAtBegin;
multiChar = ''${anyExcept disallowedAtBegin}${anyExcept disallowedMiddle}*${anyExcept disallowedAtEnd}'';
numberSuffix = regex: ''${regex}_[0-9\.,]+'';
fullRegex = ''${singleChar}|${multiChar}|${numberSuffix singleChar}|${numberSuffix multiChar}'';
in fullRegex;
unitsAttrsType = types.addCheck (types.attrsOf types.str) (attrs:
builtins.all (name: (builtins.match unitNameRegex name) != null) (builtins.attrNames attrs)
unitNameRegex =
let
# Unit names cannot begin or end with an underscore (_), a comma (,) or a decimal point (.). Names must not contain any of the operator characters +, -, *, /, |, ^, ;, ~, the comment character #, or parentheses. To facilitate copying and pasting from documents, several typographical characters are converted to operators: the figure dash (U+2012), minus (-; U+2212), and en dash (; U+2013) are converted to the operator -; the multiplication sign (×; U+00D7), N-ary times operator (U+2A09), dot operator (‘⋅’; U+22C5), and middle dot (‘·’; U+00B7) are converted to the operator *; the division sign (‘÷’; U+00F7) is converted to the operator /; and the fraction slash (U+2044) is converted to the operator |; accordingly, none of these characters can appear in unit names.
disallowedAnywhere =
"+*/|^;~#()" + (builtins.fromJSON ''"\u2012\u2212\u2013\u00d7\u2a09\u22c5\u00b7\u00f7\u2044"'');
disallowedMiddle = "-" + disallowedAnywhere;
disallowedAtEnd = "23456789_,." + disallowedAnywhere;
disallowedAtBegin = "-01" + disallowedAtEnd;
anyExcept = chars: ''[^${lib.escapeRegex chars}]'';
singleChar = anyExcept disallowedAtBegin;
multiChar = ''${anyExcept disallowedAtBegin}${anyExcept disallowedMiddle}*${anyExcept disallowedAtEnd}'';
numberSuffix = regex: ''${regex}_[0-9\.,]+'';
fullRegex = ''${singleChar}|${multiChar}|${numberSuffix singleChar}|${numberSuffix multiChar}'';
in
fullRegex;
unitsAttrsType = types.addCheck (types.attrsOf types.str) (
attrs: builtins.all (name: (builtins.match unitNameRegex name) != null) (builtins.attrNames attrs)
);
unitsDir = pkgs.stdenvNoCC.mkDerivation {
name = "vacu-units-files";
src = pkgs.units.src;
phases = [ "unpackPhase" "installPhase" ];
phases = [
"unpackPhase"
"installPhase"
];
installPhase = ''
mkdir -p $out
@@ -66,7 +72,7 @@ in
};
extraUnits = mkOption {
type = unitsAttrsType;
default = {};
default = { };
};
};
config = lib.mkMerge [
@@ -76,13 +82,14 @@ in
original = config.vacu.units.originalPackage;
new = "units";
prepend_flags = [
"--file" config.vacu.units.generatedConfigFile
"--file"
config.vacu.units.generatedConfigFile
];
};
check = pkgs.runCommand "check-units" { } ''
# `units --check` returns success (exit code 0) regardless of success >:(
# example output:
# $ result/bin/units --check
# Currency exchange rates from exchangerate-api.com (USD base) on 2024-11-14
# Consumer price index data from US BLS, 2024-02-18
@@ -111,7 +118,9 @@ in
};
}
{
vacu.units.lines = lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value: "+${name}\t${value}") config.vacu.units.extraUnits);
vacu.units.lines = lib.concatStringsSep "\n" (
lib.mapAttrsToList (name: value: "+${name}\t${value}") config.vacu.units.extraUnits
);
}
];
}

100
flake.lock generated
View File

@@ -83,11 +83,11 @@
]
},
"locked": {
"lastModified": 1732284644,
"narHash": "sha256-REGLarOB5McRMmFtOgNihEXXQILY6+2UBAY8lw8CJCI=",
"lastModified": 1732988076,
"narHash": "sha256-2uMaVAZn7fiyTUGhKgleuLYe5+EAAYB/diKxrM7g3as=",
"owner": "nix-community",
"repo": "disko",
"rev": "abc8baff333ac9dca930fc4921a26a8fc248e442",
"rev": "2814a5224a47ca19e858e027f7e8bff74a8ea9f1",
"type": "github"
},
"original": {
@@ -323,11 +323,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@@ -341,11 +341,11 @@
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@@ -531,11 +531,11 @@
]
},
"locked": {
"lastModified": 1732397793,
"narHash": "sha256-2jaf/zkug22hzlldm1PKdKJLVKgdjVXbf47SF+5mroU=",
"lastModified": 1733133928,
"narHash": "sha256-gU40r9AfpIr4eq+0noM8yH1Hxf+EA3dqfIpFtQl8Y1E=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "92fef254a9071fa41a13908281284e6a62b9c92e",
"rev": "873e39d5f4437d2f3ab06881fea8e63e45e1d011",
"type": "github"
},
"original": {
@@ -580,11 +580,11 @@
]
},
"locked": {
"lastModified": 1732432618,
"narHash": "sha256-7MzATSBJcR9JUkaDgIJ3jEkQLXIbOjt0lqbmlGkcLDg=",
"lastModified": 1732739177,
"narHash": "sha256-iL32+TA/8geCzcL1r3uthrH/GPvbUak5QE++WJUkaiI=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "98a61cf0708885abddebc6938ca7282928981d5e",
"rev": "8d7b2149e618696d5100c2683af1ffa893f02a75",
"type": "github"
},
"original": {
@@ -617,11 +617,11 @@
]
},
"locked": {
"lastModified": 1729360442,
"narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
"lastModified": 1732605668,
"narHash": "sha256-DN5/166jhiiAW0Uw6nueXaGTueVxhfZISAkoxasmz/g=",
"ref": "stable",
"rev": "2bbdcd73b9a464f8acf45a7100feb979883ba485",
"revCount": 110,
"rev": "96824d606a6656650bbe436366bc89d5ee3a6573",
"revCount": 113,
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module.git"
},
@@ -641,11 +641,11 @@
]
},
"locked": {
"lastModified": 1729360442,
"narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
"lastModified": 1732605668,
"narHash": "sha256-DN5/166jhiiAW0Uw6nueXaGTueVxhfZISAkoxasmz/g=",
"ref": "stable",
"rev": "2bbdcd73b9a464f8acf45a7100feb979883ba485",
"revCount": 110,
"rev": "96824d606a6656650bbe436366bc89d5ee3a6573",
"revCount": 113,
"type": "git",
"url": "https://git.lix.systems/lix-project/nixos-module.git"
},
@@ -807,11 +807,11 @@
]
},
"locked": {
"lastModified": 1732324260,
"narHash": "sha256-0xzQvoId/P008QkTSAdFVv465P9rL9nYkIOWXL5pdsY=",
"lastModified": 1733105089,
"narHash": "sha256-Qs3YmoLYUJ8g4RkFj2rMrzrP91e4ShAioC9s+vG6ENM=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "698a62c628c2ec423aa770d8ec0e1d0bcf4fca1a",
"rev": "c6b65d946097baf3915dd51373251de98199280d",
"type": "github"
},
"original": {
@@ -1028,11 +1028,11 @@
"rust-overlay": "rust-overlay_3"
},
"locked": {
"lastModified": 1731473366,
"narHash": "sha256-sE2WfD3YyNrCROfRZKqMDR77g3KV4FXUaJ7NWe+A7ro=",
"lastModified": 1732994859,
"narHash": "sha256-5s1l2r+txJhmPfRjdV0oOnEDC43qsKTWej3eLgMcMfg=",
"owner": "tpwrules",
"repo": "nixos-apple-silicon",
"rev": "3eee753e4b074790342fadb1c4e7183d037ddac4",
"rev": "455b13ef013b4c0e27d6e2f6572350d4cb83162d",
"type": "github"
},
"original": {
@@ -1043,11 +1043,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1731797098,
"narHash": "sha256-UhWmEZhwJZmVZ1jfHZFzCg+ZLO9Tb/v3Y6LC0UNyeTo=",
"lastModified": 1733139194,
"narHash": "sha256-PVQW9ovo0CJbhuhCsrhFJGGdD1euwUornspKpBIgdok=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "672ac2ac86f7dff2f6f3406405bddecf960e0db6",
"rev": "c6c90887f84c02ce9ebf33b95ca79ef45007bf88",
"type": "github"
},
"original": {
@@ -1058,11 +1058,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1732244845,
"narHash": "sha256-aspop5sCDNpDMS23BplGFtQDadwkSb/sOxpuC3lafvo=",
"lastModified": 1733107608,
"narHash": "sha256-jdX4KeRP2J1Rj7IRWK5xZFvxr8yjw+PQnCc8n2XclVA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "df94f897ffe1af1bcd60cb68697c5d8e6431346e",
"rev": "c1c8d3d0b640adbb35a416e5cf8fbaf2186924d0",
"type": "github"
},
"original": {
@@ -1105,11 +1105,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1732402008,
"narHash": "sha256-Mp9DB8iw2wKKXWgRCELgQUvaXrggZtM35pFVHlgs7UA=",
"lastModified": 1733132332,
"narHash": "sha256-8DTh3irBPko0ooHaeGJ5kPwBD8mOwiMX4eBjFuicLsA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4238856f159ee5ff7c18f21331c9092025dc6898",
"rev": "b9ffe0d2ef589f4d75a62f908f00dfd6344b6b6e",
"type": "github"
},
"original": {
@@ -1165,11 +1165,11 @@
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1732365274,
"narHash": "sha256-78n1Z3+i686w1FHCWEiEimxvwJF/sgtG7Px0RyI9bLE=",
"lastModified": 1733132296,
"narHash": "sha256-fYEf0IgsNJp/hcb+C3FKtJvVabPDQs64hdL0izNBwXc=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "85759f2360faa0464da008b040217183d99fd9d9",
"rev": "e680b367c726e2ae37d541328fe81f8daaf49a6c",
"type": "github"
},
"original": {
@@ -1226,11 +1226,11 @@
]
},
"locked": {
"lastModified": 1731936508,
"narHash": "sha256-z0BSSf78LkxIrrFXZYmCoRRAxAmxMUKpK7CyxQRvkZI=",
"lastModified": 1733006402,
"narHash": "sha256-BC1CecAQISV5Q4LZK72Gx0+faemOwaChiD9rMVfDPoA=",
"owner": "NuschtOS",
"repo": "search",
"rev": "fe07070f811b717a4626d01fab714a87d422a9e1",
"rev": "16307548b7a1247291c84ae6a12c0aacb07dfba2",
"type": "github"
},
"original": {
@@ -1590,11 +1590,11 @@
]
},
"locked": {
"lastModified": 1732186149,
"narHash": "sha256-N9JGWe/T8BC0Tss2Cv30plvZUYoiRmykP7ZdY2on2b0=",
"lastModified": 1733128155,
"narHash": "sha256-m6/qwJAJYcidGMEdLqjKzRIjapK4nUfMq7rDCTmZajc=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "53c853fb1a7e4f25f68805ee25c83d5de18dc699",
"rev": "c6134b6fff6bda95a1ac872a2a9d5f32e3c37856",
"type": "github"
},
"original": {
@@ -1714,11 +1714,11 @@
]
},
"locked": {
"lastModified": 1732292307,
"narHash": "sha256-5WSng844vXt8uytT5djmqBCkopyle6ciFgteuA9bJpw=",
"lastModified": 1732894027,
"narHash": "sha256-2qbdorpq0TXHBWbVXaTqKoikN4bqAtAplTwGuII+oAc=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "705df92694af7093dfbb27109ce16d828a79155f",
"rev": "6209c381904cab55796c5d7350e89681d3b2a8ef",
"type": "github"
},
"original": {

47
flake.nix
View File

@@ -112,19 +112,21 @@
x86 = "x86_64-linux";
arm = "aarch64-linux";
lib = import "${nixpkgs}/lib";
mkPlain = pkgs: lib.evalModules {
modules = [
./common
{ vacu.systemKind = "server"; }
];
specialArgs = {
inherit pkgs;
inherit lib;
inherit (inputs) dns;
vacuModuleType = "plain";
inherit inputs;
mkPlain =
pkgs:
lib.evalModules {
modules = [
./common
{ vacu.systemKind = "server"; }
];
specialArgs = {
inherit pkgs;
inherit lib;
inherit (inputs) dns;
vacuModuleType = "plain";
inherit inputs;
};
};
};
mkPkgs =
arg:
let
@@ -136,10 +138,10 @@
import nixpkgs (argAttr // { inherit config; });
pkgs = mkPkgs x86;
defaultInputs = [
"nix-search-cli"
"nix-inspect"
"nixvim"
"lix-module"
"nix-search-cli"
"nix-inspect"
"nixvim"
"lix-module"
];
mkNixosConfig =
{
@@ -299,6 +301,8 @@
lt = legtop;
mmm = toplevelOf "mmm";
shel-installer = toplevelOf "shel-installer";
toptop = toplevelOf "toptop";
tt = toptop;
iso = self.nixosConfigurations.shel-installer.config.system.build.isoImage;
check-triple-dezert = self.checks.x86_64-linux.trip.driver;
check-trip = check-triple-dezert;
@@ -393,6 +397,17 @@
_plain = mkPlain pkgs-unstable;
plain = _plain.config.vacu.withAsserts _plain;
in
# dnsModule = lib.evalModules {
# modules = [
# {
# config._module.check = false;
# options.vacu.dns = lib.mkOption {
# default = { };
# type = lib.types.attrsOf inputs.dns.lib.types.zone;
# };
# }
# ];
# };
{
formatter = pkgs-unstable.nixfmt-rfc-style;
apps.sops = {

2
fw/experiment.nix
View File

@@ -31,7 +31,7 @@ in
vacu.verifySystem.expectedMac = lib.mkForce null;
}
# good:
# good:
# Linux fw 6.6.50 #1-NixOS SMP PREEMPT_DYNAMIC Sun Sep 8 05:54:49 UTC 2024 x86_64 GNU/Linux
# Linux fw 6.8.12 #1-NixOS SMP PREEMPT_DYNAMIC Thu May 30 07:49:53 UTC 2024 x86_64 GNU/Linux
# linux-6.9.12

2
packages/snmp-mibs-downloader.nix
View File

@@ -108,7 +108,7 @@ stdenv.mkDerivation (
# solutions.default = {
# scripts = [ "bin/download-mibs" ];
# interpreter = "${bash}/bin/bash";
# inputs = [ coreutils gzip gnutar unzip wget gnupatch ];
# inputs = [ coreutils gzip gnutar unzip wget gnupatch ];
# keep = {
# "$archive_fetcher" = true;
# source = [ "$CONFDIR/$i.conf" ];

126
toptop/default.nix
View File

@@ -1,16 +1,16 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/EFI";
@@ -21,109 +21,7 @@
vacu.verifySystem.expectedMac = "28:f5:2b:7a:f6:75";
vacu.systemKind = "desktop";
networking.hostName = "toptop"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# services.pipewire = {
# enable = true;
# pulse.enable = true;
# };
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# tree
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
networking.networkmanager.enable = true;
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
system.stateVersion = "24.05";
}

83
toptop/hardware-configuration.nix
View File

@@ -1,50 +1,65 @@
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=root" ];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=root" ];
};
boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/9bc6de32-17c1-42fc-9d14-c32ed55f4a75";
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=home" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=home" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=boot" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
options = [ "subvol=boot" ];
};
fileSystems."/btrfs" =
{ device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
};
fileSystems."/btrfs" = {
device = "/dev/disk/by-uuid/2a7b5b23-9e6a-4169-8e45-07a7a1d57eaa";
fsType = "btrfs";
};
fileSystems."/boot/EFI" =
{ device = "/dev/disk/by-uuid/8371-A7B8";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
fileSystems."/boot/EFI" = {
device = "/dev/disk/by-uuid/8371-A7B8";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
];
};
swapDevices = [ ];

2
triple-dezert/proxied/default.nix
View File

@@ -11,6 +11,7 @@
./services/nix-cache-nginx.nix
./services/static-stuff.nix
./services/vacustore.nix
./services/dufs.nix
];
vacu.proxiedServices = {
@@ -20,6 +21,7 @@
static-stuff.enable = true;
nix-cache.enable = true;
llm.enable = true;
dufs.enable = true;
keycloak.enable = false;
kanidm.enable = false;

59
triple-dezert/proxied/services/dufs.nix Normal file
View File

@@ -0,0 +1,59 @@
{
...
}:
{
vacu.proxiedServices.dufs = {
domain = "dav.shelvacu.com";
fromContainer = "dufs";
port = 80;
};
containers.dufs = {
privateNetwork = true;
hostAddress = "192.168.100.30";
localAddress = "192.168.100.31";
autoStart = true;
ephemeral = true;
restartIfChanged = true;
bindMounts."/trip" = {
hostPath = "/trip";
isReadOnly = true;
};
config =
{ pkgs, lib, ... }:
let
dufsConfig = {
bind = "0.0.0.0";
port = 80;
allow-all = false;
allow-upload = false;
allow-delete = false;
allow-search = true;
allow-symlink = false;
allow-archive = true;
enable-cors = false;
render-try-index = true;
render-spa = true;
serve-path = "/trip";
auth = [
"s:$6$WNI1472ebgQg9zjk$4qeOLarhHJNxNHaAkzztJMN8fzOb6iQm7KTp0SuvYWSvfFORjcNSXNBsKTLRSox2LOSYYwWSyYv/u6lQ9VstF1@/:ro"
];
};
dufsConfigFile = pkgs.writeText "dufs-config.yaml" (builtins.toJSON dufsConfig);
in
{
networking.firewall.allowedTCPPorts = [ 80 ];
systemd.services.dufs = {
enable = true;
wantedBy = [ "multi-user.target" ];
description = "dufs server";
serviceConfig = {
ExecStart = "${lib.getExe pkgs.dufs} --config ${dufsConfigFile}";
};
};
};
};
}