derped/nixos
1
0
Fork 0
Code Releases Activity

Format the entire project.

Browse source
This commit is contained in:
Kevin Baensch 2023-09-11 20:23:04 +02:00
parent 1dc50ae17d
commit 6f9db5e3a4
Signed by: derped
GPG key ID: C0F1D326C7626543
115 changed files with 3451 additions and 2901 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
config/etc.nix
View file

@ -1,10 +1,12 @@
{ config, lib, pkgs, ... }:
with lib;
{
config,
lib,
pkgs,
...
}:
with lib; {
environment.etc = mkIf (elem "etcfiles" config.machine.conffiles) {
"rofi.rasi".source = (import ./etc/rofi.rasi.nix { inherit pkgs; });
"rofi.rasi".source = import ./etc/rofi.rasi.nix {inherit pkgs;};
"i3/py3status".source = ./etc/i3/py3status;
"sway/config".source = mkDefault ./etc/sway/config;
"mpv/input.conf".source = ./etc/mpv/input.conf;

4
config/etc/i3/config.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
(pkgs.writeText "config" ''
{pkgs, ...}: (pkgs.writeText "config" ''
# i3 config file (v4)
#
# Please see http://i3wm.org/docs/userguide.html for a complete reference!

4
config/etc/rofi.rasi.nix
View file

@ -1,6 +1,4 @@
{ pkgs }:
let
{pkgs}: let
tabMode = pkgs.writeScript "tab-finder.sh" (with pkgs; ''
#!/usr/bin/env bash
if [ -z ''${1} ]; then

9
config/fonts.nix
View file

@ -1,7 +1,10 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
with lib;
mkIf (elem "fonts" config.machine.conffiles) {
fonts = {
fontDir.enable = true;

11
config/locale.nix
View file

@ -1,12 +1,17 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
console.keyMap = "de";
i18n = {
defaultLocale = "en_US.UTF-8";
supportedLocales = ["all"];
inputMethod = {
enabled = if config.services.xserver.enable then "fcitx5" else null;
enabled =
if config.services.xserver.enable
then "fcitx5"
else null;
fcitx5.addons = with pkgs; [fcitx5-chinese-addons fcitx5-mozc fcitx5-table-extra];
};
};

14
config/networking.nix
View file

@ -1,8 +1,9 @@
{ config, lib, ... }:
with lib;
let
{
config,
lib,
...
}:
with lib; let
networkD = config.machine.networkD;
in {
networking = {
@ -58,7 +59,8 @@ in{
systemd.services."systemd-networkd-wait-online" = {
enable = mkForce networkD.waitOnline;
serviceConfig.ExecStart = [
"" "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online --any"
""
"${config.systemd.package}/lib/systemd/systemd-networkd-wait-online --any"
];
};
}

24
config/nix.nix
View file

@ -1,6 +1,12 @@
{ nixpkgs, nixpkgs-git, nixpkgs-stable, pkgs, config, lib, ... }:
let
{
nixpkgs,
nixpkgs-git,
nixpkgs-stable,
pkgs,
config,
lib,
...
}: let
cfg = config.machine;
emptyGlobalRegistry = pkgs.writeText "registry.json" ''{ "flakes": [], "version": 2 }'';
in {
@ -16,14 +22,18 @@ in {
cores = 1;
sandbox = true;
auto-optimise-store = true;
trusted-substituters = [
trusted-substituters =
[
"https://cache.nixos.org"
] ++ cfg.binaryCaches;
]
++ cfg.binaryCaches;
# TODO: integrate into sops
# trusted-public-keys = [ (lib.fileContents "${cfg.secretPath}/hydra_cache.pub") ];
substituters = [
substituters =
[
"https://cache.nixos.org"
] ++ cfg.binaryCaches;
]
++ cfg.binaryCaches;
allowed-users = ["root"] ++ (map (n: n.name) cfg.administrators);
};
extraOptions = ''

8
config/security.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "security" config.machine.conffiles) {
security = {
audit.enable = true;

31
config/users.nix
View file

@ -1,8 +1,11 @@
{ config, lib, fn, pkgs, ... }:
with lib;
let
{
config,
lib,
fn,
pkgs,
...
}:
with lib; let
withDocker = config.virtualisation.docker.enable;
withPodman = config.virtualisation.podman.enable;
administrators = user: {
@ -14,13 +17,20 @@ let
isNormalUser = true;
name = user.name;
uid = user.id;
subUidRanges = (optional withPodman { startUid = 100000; count = 65536; });
subGidRanges = (optional withPodman { startGid = 100000; count = 65536; });
subUidRanges = optional withPodman {
startUid = 100000;
count = 65536;
};
subGidRanges = optional withPodman {
startGid = 100000;
count = 65536;
};
home = builtins.toPath "/home/${user.name}";
createHome = true;
description = "Administrative user ${user.name}.";
group = user.name;
extraGroups = [ "audio" "wheel" "network" ]
extraGroups =
["audio" "wheel" "network"]
++ (optionals cfg.xserver.enable ["input" "video"])
++ (optionals cfg.printing.enable ["cups" "lp"])
++ (optional (withDocker && !withPodman) "docker")
@ -39,10 +49,11 @@ let
};
};
in {
sops.secrets = (fn.sopsHelper
sops.secrets =
fn.sopsHelper
(user: "users/${user.name}/password")
config.machine.administrators
{ neededForUsers = true; });
{neededForUsers = true;};
users = {
mutableUsers = false;
users = listToAttrs (map administrators config.machine.administrators);

8
config/zsh.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "zsh" config.machine.conffiles) {
programs.zsh = {
enable = true;

44
configuration.nix
View file

@ -1,32 +1,46 @@
{lib, ...}:
with builtins;
with lib;
let
with lib; let
fn = import (toString ./fn.nix) {inherit lib;};
# Cannot use <hostName> here as those evaluations only work with existing paths >.<
# hostName and secretPtah can be set with -I hostName=$HOSTNAME and -I secretPath=$SECRETPATH respectively
# , defaults to the contents of /secret/hostName
secretPath = fn.ifelse ((tryEval (toString <secretPath>)).value != false)
secretPath =
fn.ifelse ((tryEval (toString <secretPath>)).value != false)
(toString <secretPath>)
(toString /secret);
hostName = (
hostName =
(
findFirst
(elem: elem.prefix == "hostName")
{ path = (fileContents "${secretPath}/hostName"); }
{path = fileContents "${secretPath}/hostName";}
nixPath
).path;
machinePath = (builtins.toPath (./machines + ("/" + hostName)));
machineFiles = fn.lst { p = machinePath; b = true; };
configFiles = fn.lst { p = (toString ./config); b = true; };
pkgsFiles = fn.lst { p = (toString ./pkgs); b = true; };
serviceFiles = fn.lst { p = (toString ./services); b = true; };
)
.path;
machinePath = builtins.toPath (./machines + ("/" + hostName));
machineFiles = fn.lst {
p = machinePath;
b = true;
};
configFiles = fn.lst {
p = toString ./config;
b = true;
};
pkgsFiles = fn.lst {
p = toString ./pkgs;
b = true;
};
serviceFiles = fn.lst {
p = toString ./services;
b = true;
};
in {
imports = [
imports =
[
./options/machine.nix
./services/mailserver/default.nix
] ++ machineFiles
]
++ machineFiles
++ configFiles
++ pkgsFiles
++ serviceFiles;

44
flake.nix
View file

@ -15,27 +15,53 @@
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, alejandra, mailserver, sops-nix, ... }@attrs: let
outputs = {
self,
nixpkgs,
alejandra,
mailserver,
sops-nix,
...
} @ attrs: let
lib = nixpkgs.lib;
fn = import ./fn.nix {inherit lib;};
mappedFormatter = builtins.mapAttrs (arch: packages: packages.default) alejandra.packages;
system = "x86_64-linux";
machineList = fn.lst { p = (toString ./machines); t = "directory"; b = false; };
configFiles = fn.lst { p = (toString ./config); b = true; };
pkgsFiles = fn.lst { p = (toString ./pkgs); b = true; };
serviceFiles = fn.lst { p = (toString ./services); b = true; };
machineList = fn.lst {
p = toString ./machines;
t = "directory";
b = false;
};
configFiles = fn.lst {
p = toString ./config;
b = true;
};
pkgsFiles = fn.lst {
p = toString ./pkgs;
b = true;
};
serviceFiles = fn.lst {
p = toString ./services;
b = true;
};
nixosSystemFor = machine: {
name = machine;
value = let
machinePath = lib.concatStringsSep "/" [(toString ./.) "machines" machine];
machineFiles = lib.filter (name: lib.strings.hasSuffix ".nix" name) (fn.lst { p = machinePath; b = true; });
in nixpkgs.lib.nixosSystem {
machineFiles = lib.filter (name: lib.strings.hasSuffix ".nix" name) (fn.lst {
p = machinePath;
b = true;
});
in
nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs // {fn = fn;};
modules = [
modules =
[
(toString ./options/machine.nix)
sops-nix.nixosModules.sops
] ++ machineFiles
]
++ machineFiles
++ configFiles
++ pkgsFiles
++ serviceFiles;

87
fn.nix
View file

@ -1,27 +1,40 @@
{lib}:
with builtins;
with lib;
rec {
ifelse = a: b: c: if a then b else c;
with lib; rec {
ifelse = a: b: c:
if a
then b
else c;
fileContentsOr = a: b: (ifelse
(pathIsRegularFile a)
a b);
a
b);
cwd = builtins.getEnv "PWD";
# lst (string PATH) (string FILETYPE) (bool RETURNFULLPATH)
lst = { p ? cwd, t ? "regular", b ? false }: (lists.forEach
lst = {
p ? cwd,
t ? "regular",
b ? false,
}: (lists.forEach
(attrNames
(filterAttrs (n: v: v == t)
(readDir p)))
(v: ((optionalString b "${p}/") + v)));
lsf = p: (lst {p = p;});
lsd = p: (lst { p = p; t = "directory"; b = true; });
lsfRec = p: b: flatten ((map (np: lsfRec np b) (lsd p)) ++ (lst { p = p; b = b; }));
lsd = p: (lst {
p = p;
t = "directory";
b = true;
});
lsfRec = p: b:
flatten ((map (np: lsfRec np b) (lsd p))
++ (lst {
p = p;
b = b;
}));
hasAttrs = aList: d: (map
(a:
(ifelse (isList a)
(a: (ifelse (isList a)
(hasAttrByPath a d)
(hasAttr a d)))
aList);
@ -30,36 +43,59 @@ rec {
# This might be a tad bit inefficient.
# TODO: look for better implementation (map is a builtin function so checking that probably won't help)
# Sequentially checks elements of list (l) for condition (cond) and executes do on first match.
meetsConDo = cond: do: l: ifelse (l == []) false
meetsConDo = cond: do: l:
ifelse (l == []) false
(let
h = (head l);
t = (tail l);
in ifelse (cond h) (do h)
(meetsConDo (cond) (do) (t)));
deps = p: ifelse (isAttrs p) (filter (p: isAttrs p)
h = head l;
t = tail l;
in
ifelse (cond h) (do h)
(meetsConDo cond do t));
deps = p:
ifelse (isAttrs p) (
filter (p: isAttrs p)
(p.buildInputs ++ p.nativeBuildInputs ++ p.propagatedBuildInputs ++ p.propagatedNativeBuildInputs)
) [];
importFilter = l: p: filter (n: elem (nameFromURL (toString n) ".") l) p;
depsRec = ld: ifelse (ld == []) [] ((toList ld) ++ (depsRec (lists.unique (lists.flatten (map (d: deps d) (toList ld))))));
isBroken = p: meetsConDo (s: ((hasAttrByPath s.path p) && (s.check (getAttrFromPath s.path p)))) (s: s.msg)
isBroken = p:
meetsConDo (s: ((hasAttrByPath s.path p) && (s.check (getAttrFromPath s.path p)))) (s: s.msg)
[
{ path = ["meta" "broken"]; msg = (warn "Package ${p.name} is marked as broken." true); check = m: m; }
{ path = ["meta" "knownVulnerabilities" ]; msg = (warn "Package ${p.name} has known Vulnerabilities.." true); check = m: m != []; }
{ path = ["name"]; msg = (warn "${p.name}: python2 is depricated." false); check = m: (strings.hasInfix "python2" m) || (strings.hasInfix "python-2" m); }
{
path = ["meta" "broken"];
msg = warn "Package ${p.name} is marked as broken." true;
check = m: m;
}
{
path = ["meta" "knownVulnerabilities"];
msg = warn "Package ${p.name} has known Vulnerabilities.." true;
check = m: m != [];
}
{
path = ["name"];
msg = warn "${p.name}: python2 is depricated." false;
check = m: (strings.hasInfix "python2" m) || (strings.hasInfix "python-2" m);
}
# not sure if the following test creates false positives (AFAIK every derivation/package needs to have an outPath)
# , definitely should catch all corner cases/everything that fails to evaluate.
{ path = [ "outPath" ]; msg = (warn "Package ${p.name} has no outPath" true); check = m: !(tryEval m).success; }
{
path = ["outPath"];
msg = warn "Package ${p.name} has no outPath" true;
check = m: !(tryEval m).success;
}
];
depsBroken = p: lists.any (p: (isBroken p)) (deps p);
# No more magic 🧙 here 😢
# But at least it now (hopefully) checks ONLY dependencies (and all of them at that).
depsBrokenRec = p: (meetsConDo
depsBrokenRec = p: (
meetsConDo
(p: ifelse (depsBroken p) true (depsBrokenRec (deps p)))
(p: true) (deps p)
);
sopsHelper = template: names: options: let
optionsIsFunction = (typeOf options) == "lambda";
in listToAttrs (map
in
listToAttrs (map
(name: {
name = template name;
value = ifelse optionsIsFunction (options name) options;
@ -74,7 +110,8 @@ rec {
true)
))
ld);
makeOptionTypeList = path: (lists.forEach
makeOptionTypeList = path: (
lists.forEach
# get a list of all files ending in .nix in path
(filter (filePath: hasSuffix ".nix" filePath)
(lsfRec path true))

34
machines/Lilim/configuration.nix
View file

@ -1,6 +1,8 @@
{ pkgs, lib, ... }:
{
pkgs,
lib,
...
}: {
services.cron.enable = false;
networking.dhcpcd.extraConfig = "noarp";
@ -8,10 +10,30 @@
# low latency audio stuff
security.pam.loginLimits = [
{ domain = "@audio"; item = "memlock"; type = "-"; value = "unlimited"; }
{ domain = "@audio"; item = "rtprio"; type = "-"; value = "99"; }
{ domain = "@audio"; item = "nofile"; type = "soft"; value = "99999"; }
{ domain = "@audio"; item = "nofile"; type = "hard"; value = "99999"; }
{
domain = "@audio";
item = "memlock";
type = "-";
value = "unlimited";
}
{
domain = "@audio";
item = "rtprio";
type = "-";
value = "99";
}
{
domain = "@audio";
item = "nofile";
type = "soft";
value = "99999";
}
{
domain = "@audio";
item = "nofile";
type = "hard";
value = "99999";
}
];
environment = {
etc = {

17
machines/Lilim/hardware-configuration.nix
View file

@ -1,6 +1,9 @@
{ nixpkgs, config, pkgs, ... }:
let
{
nixpkgs,
config,
pkgs,
...
}: let
cfg = config.machine;
in {
imports = ["${nixpkgs}/nixos/modules/installer/scan/not-detected.nix"];
@ -37,13 +40,13 @@ in {
};
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/b37b48a8-5dcb-4f4d-ad71-1b26500b3e5f";
fileSystems."/" = {
device = "/dev/disk/by-uuid/b37b48a8-5dcb-4f4d-ad71-1b26500b3e5f";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/546A-A3D1";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/546A-A3D1";
fsType = "vfat";
};

33
machines/Lilim/options.nix
View file

@ -1,8 +1,9 @@
{ pkgs, lib, ... }:
with lib;
{
pkgs,
lib,
...
}:
with lib; {
imports = [
../../options/copySysConf.nix
];
@ -13,7 +14,12 @@ with lib;
enable = true;
waitOnline = false;
};
administrators = [ { name = "derped"; id = 1337; } ];
administrators = [
{
name = "derped";
id = 1337;
}
];
conffiles = [
"etcfiles"
"etcvars"
@ -59,15 +65,26 @@ with lib;
"cups"
"mullvad"
"mariaDB"
"docker" "podman"
"docker"
"podman"
];
firewall = {
enable = true;
allowPing = true;
allowedUDPPorts = [24642];
allowedTCPPorts = [24642];
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
};
};

6
machines/Lilim/sops.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
sops = {
defaultSopsFile = ./secrets.yaml;
age = {

4
machines/Marid/configuration.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.cron.enable = false;
security.pki.certificateFiles = [
./certs/proxy

17
machines/Marid/hardware-configuration.nix
View file

@ -1,6 +1,9 @@
{ config, pkgs, modulesPath, ... }:
let
{
config,
pkgs,
modulesPath,
...
}: let
cfg = config.machine;
in {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
@ -29,13 +32,13 @@ in {
};
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/cf8db7d5-5da7-4fb9-818d-ed5dd2815f0d";
fileSystems."/" = {
device = "/dev/disk/by-uuid/cf8db7d5-5da7-4fb9-818d-ed5dd2815f0d";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/96E4-9DF3";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/96E4-9DF3";
fsType = "vfat";
};

16
machines/Marid/options.nix
View file

@ -1,15 +1,21 @@
{ pkgs, lib, ... }:
with lib;
{
pkgs,
lib,
...
}:
with lib; {
imports = [
../../options/copySysConf.nix
];
config.machine = {
allowUnfree = true;
hostName = "Marid";
administrators = [ { name = "derped"; id = 1337; } ];
administrators = [
{
name = "derped";
id = 1337;
}
];
conffiles = [
"etcfiles"
"etcvars"

6
machines/Marid/sops.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
sops = {
defaultSopsFile = ./secrets.yaml;
age = {

1
machines/Ophanim/configuration.nix
View file

@ -1,7 +1,6 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
system.autoUpgrade.enable = false;

14
machines/Ophanim/hardware-configuration.nix
View file

@ -1,8 +1,10 @@
{ nixpkgs, pkgs, ... }:
{
imports =
[ "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
nixpkgs,
pkgs,
...
}: {
imports = [
"${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
];
boot = {
@ -18,8 +20,8 @@
time.timeZone = "Europe/Berlin";
fileSystems."/" =
{ device = "/dev/disk/by-uuid/fa0c2ff3-59f9-4c00-8153-c2c2ef0f0e84";
fileSystems."/" = {
device = "/dev/disk/by-uuid/fa0c2ff3-59f9-4c00-8153-c2c2ef0f0e84";
fsType = "ext4";
};

51
machines/Ophanim/options.nix
View file

@ -1,15 +1,26 @@
{ config, lib, ... }:
with lib;
let
{
config,
lib,
...
}:
with lib; let
cfg = config.machine;
in {
config.machine = rec {
hostName = "Ophanim";
domain = "ophanim.de";
administrators = [ { name = "derped"; id = 1337; } ];
mailAccounts = [ { name = "derped"; aliases = [ "postmaster" "baensch" ]; } ];
administrators = [
{
name = "derped";
id = 1337;
}
];
mailAccounts = [
{
name = "derped";
aliases = ["postmaster" "baensch"];
}
];
allowUnfree = true;
conffiles = [
"etcvars"
@ -30,14 +41,28 @@ in {
"nginx"
"openssh"
];
vHosts = (let base = domain; in [
{ domain = base; service = "simple"; }
vHosts = let
base = domain;
in [
{
domain = base;
service = "simple";
}
# { domain = "builder.${base}"; service = "hydra"; }
# { domain = "cache.${base}"; service = "cache"; }
{ domain = "storage.${base}"; service = "nextcloud"; }
{ domain = "mail.${base}"; service = "mail"; }
{ domain = "git.${base}"; service = "gitea"; }
]);
{
domain = "storage.${base}";
service = "nextcloud";
}
{
domain = "mail.${base}";
service = "mail";
}
{
domain = "git.${base}";
service = "gitea";
}
];
firewall = {
enable = true;
allowPing = false;

6
machines/Ophanim/sops.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
sops = {
defaultSopsFile = ./secrets.yaml;
age = {

21
options/copySysConf.nix
View file

@ -1,11 +1,16 @@
{ config, pkgs, lib, ... }:
with lib;
let
{
config,
pkgs,
lib,
...
}:
with lib; let
cfg = config.system.copySysConf;
cfgPath = ../.;
copySysConf = if !(isStorePath cfgPath) then pkgs.stdenv.mkDerivation rec {
copySysConf =
if !(isStorePath cfgPath)
then
pkgs.stdenv.mkDerivation rec {
name = "NixOS_Configuration-${version}";
version = commitIdFromGitRepo (cfgPath + "/.git");
@ -14,8 +19,8 @@ let
installPhase = ''
cp -R ./. $out
'';
} else (builtins.toPath ../.);
}
else (builtins.toPath ../.);
in {
options.system.copySysConf = {
enable = mkOption {

11
options/emacs-init-defaults.nix
View file

@ -1,20 +1,15 @@
# Original Source:
# https://gitlab.com/rycee/nur-expressions/raw/master/hm-modules/emacs-init-defaults.nix (49ff2d63e867c09e658c959c0d8a73d641061c30)
# MIT License
# Copyright (c) 2019 Robert Helgesson
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -22,11 +17,7 @@
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.emacs.init.usePackage = {
deadgrep = {
config = ''

81
options/emacs-init.nix
View file

@ -1,20 +1,15 @@
# Original Source:
# https://gitlab.com/rycee/nur-expressions/raw/master/hm-modules/emacs-init.nix (d27525db3358b9463fab1b4a7739cb77e27b768c)
# MIT License
# Copyright (c) 2019 Robert Helgesson
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -22,14 +17,13 @@
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
{ config, lib, pkgs, ... }:
with lib;
let
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.programs.emacs.init;
packageFunctionType = mkOptionType {
@ -39,7 +33,11 @@ let
merge = mergeOneOption;
};
usePackageType = types.submodule ({ name, config, ... }: {
usePackageType = types.submodule ({
name,
config,
...
}: {
options = {
enable = mkEnableOption "Emacs package ${name}";
@ -83,7 +81,10 @@ let
chords = mkOption {
type = types.attrsOf types.str;
default = {};
example = { "jj" = "ace-jump-char-mode"; "jk" = "ace-jump-word-mode"; };
example = {
"jj" = "ace-jump-char-mode";
"jk" = "ace-jump-word-mode";
};
description = ''
The entries to use for <option>:chords</option>.
'';
@ -108,7 +109,10 @@ let
bind = mkOption {
type = types.attrsOf types.str;
default = {};
example = { "M-<up>" = "drag-stuff-up"; "M-<down>" = "drag-stuff-down"; };
example = {
"M-<up>" = "drag-stuff-up";
"M-<down>" = "drag-stuff-down";
};
description = ''
The entries to use for <option>:bind</option>.
'';
@ -181,8 +185,7 @@ let
};
config = mkIf config.enable {
assembly =
let
assembly = let
quoted = v: ''"${escape ["\""] v}"'';
mkBindHelper = cmd: prefix: bs:
optionals (bs != {}) (
@ -196,8 +199,7 @@ let
mkDiminish = vs: optional (vs != []) ":diminish (${toString vs})";
mkMode = map (v: ":mode ${v}");
mkBind = mkBindHelper "bind" "";
mkBindLocal = bs:
let
mkBindLocal = bs: let
mkMap = n: v: mkBindHelper "bind" ":map ${n}" v;
in
flatten (mapAttrsToList mkMap bs);
@ -205,7 +207,8 @@ let
mkChords = mkBindHelper "chords" "";
mkHook = map (v: ":hook ${v}");
mkDefer = v:
if isBool v then optional v ":defer t"
if isBool v
then optional v ":defer t"
else [":defer ${toString v}"];
mkDemand = v: optional v ":demand t";
in
@ -225,7 +228,8 @@ let
++ optionals (config.init != "") [":init" config.init]
++ optionals (config.config != "") [":config" config.config]
++ optional (config.extraConfig != "") config.extraConfig
) + ")";
)
+ ")";
};
});
@ -234,13 +238,16 @@ let
${pkgConfStr})
'';
mkRecommendedOption = type: extraDescription: mkOption {
mkRecommendedOption = type: extraDescription:
mkOption {
type = types.bool;
default = false;
example = true;
description = ''
description =
''
Whether to enable recommended ${type} settings.
'' + optionalString (extraDescription != "") ''
''
+ optionalString (extraDescription != "") ''
</para><para>
${extraDescription}
'';
@ -300,7 +307,9 @@ let
;; To help fixing issues during startup.
(setq use-package-verbose ${
if cfg.usePackageVerbose then "t" else "nil"
if cfg.usePackageVerbose
then "t"
else "nil"
}))
''
+ optionalString hasDiminish ''
@ -317,7 +326,8 @@ let
:config (key-chord-mode 1))
'';
initFile = ''
initFile =
''
;;; hm-init.el --- Emacs configuration à la Home Manager.
;;
;; -*- lexical-binding: t; -*-
@ -359,10 +369,7 @@ let
(provide 'hm-init)
;; hm-init.el ends here
'';
in
{
in {
imports = [./emacs-init-defaults.nix];
options.programs.emacs.init = {
@ -412,10 +419,10 @@ in
};
config = mkIf cfg.enable {
machine.pkgsets.emacs.pkgs = epkgs:
let
machine.pkgsets.emacs.pkgs = epkgs: let
getPkg = v:
if isFunction v then [ (v epkgs) ]
if isFunction v
then [(v epkgs)]
else optional (isString v && hasAttr v epkgs) epkgs.${v};
in
[epkgs.use-package]
@ -430,11 +437,13 @@ in
# use lucid as toolkit; emacs will otherwise crash quite frequently when run in daemon mode
# https://gitlab.gnome.org/GNOME/gtk/issues/221
machine.pkgsets.emacs.pkgwrap = let
emacsWithPackages = (pkgs.emacsPackagesFor
emacsWithPackages =
(pkgs.emacsPackagesFor
(pkgs.emacs.override {
withGTK2 = false;
withGTK3 = false;
})).emacsWithPackages;
}))
.emacsWithPackages;
in (emacsWithPackages config.machine.pkgsets.emacs.pkgs);
environment.systemPackages = [

18
options/machine.nix
View file

@ -1,9 +1,11 @@
{ config, lib, fn, ... }:
{
config,
lib,
fn,
...
}:
with builtins;
with lib;
let
with lib; let
cfg = config.machine;
pkgsetList = fn.makeOptionTypeList (toString ../pkgsets);
serviceList = fn.makeOptionTypeList (toString ../services);
@ -12,7 +14,7 @@ let
value = rec {
pkgwrap = mkOption {
type = with types; oneOf [package (listOf package)];
default = (fn.pkgFilter cfg.pkgsets."${pname}".pkgs);
default = fn.pkgFilter cfg.pkgsets."${pname}".pkgs;
description = ''
Package Wrapper for packages using a wrapper function (like python, emacs, haskell, ...)
'';
@ -29,7 +31,7 @@ let
in {
options.machine = {
pkgs = mkOption {
type = (types.listOf (types.enum pkgsetList));
type = types.listOf (types.enum pkgsetList);
default = ["base"];
description = ''
The list of metapackages to be installed.
@ -38,7 +40,7 @@ in {
# Package names containing '::' are sub packages and should not have their own pkgset.
pkgsets = listToAttrs (map pkgOption (lists.filter (v: !(strings.hasInfix "::" v)) pkgsetList));
services = mkOption {
type = (types.listOf (types.enum serviceList));
type = types.listOf (types.enum serviceList);
default = [];
description = ''
List of services to be enabled.

34
options/mailman3/core.nix
View file

@ -1,10 +1,29 @@
{ stdenv, buildPythonPackage, fetchgit
, aiosmtpd, alembic, atpublic, click, dnspython, falcon, flufl_bounce, flufl_i18n, flufl_lock
, importlib-resources, lazr_config, passlib, requests, sqlalchemy
, zope_component, zope_configuration, zope_event, zope_interface
{
stdenv,
buildPythonPackage,
fetchgit,
aiosmtpd,
alembic,
atpublic,
click,
dnspython,
falcon,
flufl_bounce,
flufl_i18n,
flufl_lock,
importlib-resources,
lazr_config,
passlib,
requests,
sqlalchemy,
zope_component,
zope_configuration,
zope_event,
zope_interface,
# optional database dependencies
, pymysql, psycopg2 }:
pymysql,
psycopg2,
}:
buildPythonPackage rec {
name = "mailman3_core-${version}";
version = "3.2.2";
@ -33,7 +52,8 @@ buildPythonPackage rec {
zope_configuration
zope_event
zope_interface
pymysql psycopg2
pymysql
psycopg2
];
doCheck = false;

10
options/mailman3/extraPackages/aiosmtpd.nix
View file

@ -1,6 +1,10 @@
{ stdenv, lib, fetchPypi, buildPythonPackage
, atpublic }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
atpublic,
}:
buildPythonPackage rec {
pname = "aiosmtpd";
version = "1.2";

8
options/mailman3/extraPackages/atpublic.nix
View file

@ -1,5 +1,9 @@
{ stdenv, lib, fetchPypi, buildPythonPackage }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
}:
buildPythonPackage rec {
pname = "atpublic";
version = "1.0";

11
options/mailman3/extraPackages/flufl_bounce.nix
View file

@ -1,6 +1,11 @@
{ stdenv, lib, fetchPypi, buildPythonPackage
, atpublic, zope_interface }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
atpublic,
zope_interface,
}:
buildPythonPackage rec {
name = "${pname}-${version}";
pname = "flufl.bounce";

10
options/mailman3/extraPackages/flufl_i18n.nix
View file

@ -1,6 +1,10 @@
{ stdenv, lib, fetchPypi, buildPythonPackage
, atpublic }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
atpublic,
}:
buildPythonPackage rec {
name = "${pname}-${version}";
pname = "flufl.i18n";

10
options/mailman3/extraPackages/flufl_lock.nix
View file

@ -1,6 +1,10 @@
{ stdenv, lib, fetchPypi, buildPythonPackage
, atpublic }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
atpublic,
}:
buildPythonPackage rec {
name = "${pname}-${version}";
pname = "flufl.lock";

10
options/mailman3/extraPackages/lazr_config.nix
View file

@ -1,6 +1,10 @@
{ stdenv, lib, fetchPypi, buildPythonPackage
, lazr_delegates }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
lazr_delegates,
}:
buildPythonPackage rec {
name = "${pname}-${version}";
pname = "lazr.config";

11
options/mailman3/extraPackages/lazr_delegates.nix
View file

@ -1,6 +1,11 @@
{ stdenv, lib, fetchPypi, buildPythonPackage
, nose, zope_interface }:
{
stdenv,
lib,
fetchPypi,
buildPythonPackage,
nose,
zope_interface,
}:
buildPythonPackage rec {
name = "${pname}-${version}";
pname = "lazr.delegates";

25
options/mailman3/options.nix
View file

@ -1,8 +1,10 @@
{ pkgs, lib, config, ... }:
with lib;
let
{
pkgs,
lib,
config,
...
}:
with lib; let
mailman3 = import ./release.nix {};
cfg = config.services.mailman3;
usePostgresql = cfg.database.type == "postgresql";
@ -357,7 +359,6 @@ in {
};
};
config = mkIf cfg.enable {
users = mkIf (cfg.user == "mailman3") {
users.mailman3 = {
@ -374,16 +375,16 @@ in {
services.postfix.mapFiles."local_recipient_maps" = mkIf usePostfix (mkDefault "${cfg.paths.data_dir}/postfix_lmtp");
services.postfix.mapFiles."relay_domains" = mkIf usePostfix (mkDefault "${cfg.paths.data_dir}/postfix_domains");
warnings = optional (cfg.database.password != "")
warnings =
optional (cfg.database.password != "")
'' config.services.mailman3.database.password will be stored as plaintext
in the Nix store. Use database.passwordFile instead.'';
# Create database passwordFile default when password is configured.
services.mailman3.database.passwordFile =
(mkDefault (toString (pkgs.writeTextFile {
services.mailman3.database.passwordFile = mkDefault (toString (pkgs.writeTextFile {
name = "mailman3-database-password";
text = cfg.database.password;
})));
}));
systemd.services.mailman3 = {
description = "GNU Mailing List Manager";
@ -391,8 +392,8 @@ in {
wantedBy = ["multi-user.target"];
preStart = let
dbpass = (fileContents cfg.database.passwordFile);
smtppass = (fileContents cfg.mta.smtp_passFile);
dbpass = fileContents cfg.database.passwordFile;
smtppass = fileContents cfg.mta.smtp_passFile;
in ''
mkdir -p ${cfg.paths.etc_dir}
cp ${configFile} ${cfg.paths.etc_dir}/mailman.cfg

10
options/mailman3/release.nix
View file

@ -1,6 +1,7 @@
{ pkgs ? import <nixpkgs> {}, python3Packages ? pkgs.python3Packages }:
let
{
pkgs ? import <nixpkgs> {},
python3Packages ? pkgs.python3Packages,
}: let
mailman3 = {
core = python3Packages.callPackage ./core.nix (with deps; {
inherit aiosmtpd atpublic flufl_bounce flufl_i18n flufl_lock lazr_config;
@ -25,4 +26,5 @@ let
};
lazr_delegates = python3Packages.callPackage ./extraPackages/lazr_delegates.nix {};
};
in mailman3
in
mailman3

7
pkgs/flat-remix/default.nix
View file

@ -1,5 +1,8 @@
{ stdenv, fetchFromGitHub, gtk-engine-murrine }:
{
stdenv,
fetchFromGitHub,
gtk-engine-murrine,
}:
stdenv.mkDerivation {
version = "1.0";
name = "Flat-Remix-GTK";

16
pkgs/nixpkgs.nix
View file

@ -1,14 +1,18 @@
{ config, lib, pkgs,
nixpkgs-unstable, nixpkgs-stable, nixpkgs-git,
... }:
let
{
config,
lib,
pkgs,
nixpkgs-unstable,
nixpkgs-stable,
nixpkgs-git,
...
}: let
callPackage = pkgs.callPackage;
in {
nixpkgs = {
config = {
allowUnfree = true;
mpv.vaapiSupport = (lib.elem "xserver" config.machine.services);
mpv.vaapiSupport = lib.elem "xserver" config.machine.services;
packageOverrides = {
pyluxafor = pkgs.python3Packages.callPackage ./pyluxafor {};

8
pkgs/pyluxafor/default.nix
View file

@ -1,5 +1,9 @@
{ fetchFromGitHub, buildPythonApplication, click, pyusb }:
{
fetchFromGitHub,
buildPythonApplication,
click,
pyusb,
}:
buildPythonApplication rec {
pname = "pyluxafor";
version = "0.1.0";

7
pkgs/sddm_midnight/default.nix
View file

@ -1,5 +1,8 @@
{ stdenv, fetchFromGitHub, qtstyleplugin-kvantum-qt4 }:
{
stdenv,
fetchFromGitHub,
qtstyleplugin-kvantum-qt4,
}:
stdenv.mkDerivation {
name = "sddm_midnight";
version = 1.0;

24
pkgs/systemPackages.nix
View file

@ -1,18 +1,26 @@
{ config, lib, fn, pkgs, ... }:
with lib;
let
{
config,
lib,
fn,
pkgs,
...
}:
with lib; let
cfg = config.machine;
pkgsets = fn.lst { p = (toString ../pkgsets); b = true;};
pkgsets = fn.lst {
p = toString ../pkgsets;
b = true;
};
in {
imports = pkgsets;
environment.systemPackages = flatten
environment.systemPackages =
flatten
(lists.forEach
(attrVals
(filter
(v: !(strings.hasInfix "::" v)) cfg.pkgs)
(v: !(strings.hasInfix "::" v))
cfg.pkgs)
cfg.pkgsets)
(v: v.pkgwrap));

7
pkgs/xdiskusage/default.nix
View file

@ -1,5 +1,8 @@
{ stdenv, fetchurl, fltk }:
{
stdenv,
fetchurl,
fltk,
}:
stdenv.mkDerivation rec {
name = "xdiskusage";
version = "1.51";

12
pkgsets/base.nix
View file

@ -1,9 +1,12 @@
# Programms I'm likely to want on every machine and/or may execute as root
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.base.pkgs = with pkgs; [
age sops
age
sops
bat
ccze
cryptsetup
@ -54,7 +57,8 @@
whois
wirelesstools
wpa_supplicant
zip unzipNLS
zip
unzipNLS
zlib
zsh
];

6
pkgsets/cpp.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.cpp.pkgs = with pkgs; [
clang
cmake

6
pkgsets/dict.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.dict.pkgs = with pkgs; [
translate-shell
(hunspellWithDicts (with pkgs.hunspellDicts; [de-de en-us]))

26
pkgsets/emacs.nix
View file

@ -1,16 +1,24 @@
{ config, lib, fn, pkgs, ... }:
with lib;
let
modefiles = fn.lst { p = (toString ./emacs); b = true; };
{
config,
lib,
fn,
pkgs,
...
}:
with lib; let
modefiles = fn.lst {
p = toString ./emacs;
b = true;
};
in rec {
imports = [
imports =
[
../options/emacs-init.nix
] ++ modefiles;
]
++ modefiles;
programs.emacs.init = {
enable = (elem "emacs" config.machine.pkgs);
enable = elem "emacs" config.machine.pkgs;
recommendedGcSettings = true;
prelude = ''

23
pkgsets/emacs/company.nix
View file

@ -1,8 +1,10 @@
{ config, lib, pkgs, ... }:
with lib;
let
{
config,
lib,
pkgs,
...
}:
with lib; let
# Source: https://github.com/Henry/dot-emacs/blob/master/my-lisp/company-pcomplete.el
company-pcomplete = pkgs.writeText "company-pcomplete.el" ''
;;; company-pcomplete.el --- company-mode pcomplete backend -*- lexical-binding: t -*-
@ -95,13 +97,15 @@ let
(provide 'company-pcomplete)
'';
in mkIf (elem "emacs::company" config.machine.pkgs) {
in
mkIf (elem "emacs::company" config.machine.pkgs) {
programs.emacs.init.usePackage = {
company = {
enable = true;
package = epkgs: [epkgs.company epkgs.company-web];
diminish = ["company-mode"];
hook = [ "(after-init . global-company-mode)" ]
hook =
["(after-init . global-company-mode)"]
++ optional (elem "emacs::rust" config.machine.pkgs)
''(rust-mode . (lambda () (setq company-backends '((company-capf :with company-yasnippet)))))''
++ optional (elem "emacs::web-mode" config.machine.pkgs)
@ -114,7 +118,8 @@ in mkIf (elem "emacs::company" config.machine.pkgs) {
(setq company-idle-delay 0.3
company-show-numbers t)
${optionalString
${
optionalString
(elem "emacs::org" config.machine.pkgs) ''
(load-file "${company-pcomplete}")''
}
@ -164,7 +169,7 @@ in mkIf (elem "emacs::company" config.machine.pkgs) {
};
all-the-icons = {enable = true;};
company-jedi = {
enable = (elem "emacs::elpy" config.machine.pkgs);
enable = elem "emacs::elpy" config.machine.pkgs;
};
};
fonts.packages = pkgs.emacs-all-the-icons-fonts.all;

9
pkgsets/emacs/direnv.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::direnv" config.machine.pkgs) {
programs.emacs.init.usePackage.direnv = {
enable = true;

8
pkgsets/emacs/docker.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::docker" config.machine.pkgs) {
programs.emacs.init.usePackage = {
dockerfile-mode = {

8
pkgsets/emacs/dockerfile.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::dockerfile" config.machine.pkgs) {
programs.emacs.init.usePackage.dockerfile-mode = {
enable = true;

9
pkgsets/emacs/doom-modeline.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::doom-modeline" config.machine.pkgs) {
programs.emacs.init.usePackage.doom-modeline = {
enable = true;

9
pkgsets/emacs/doom-themes.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::doom-themes" config.machine.pkgs) {
programs.emacs.init.usePackage.doom-themes = {
enable = true;

9
pkgsets/emacs/elfeed.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::elfeed" config.machine.pkgs) {
programs.emacs.init.usePackage = {
elfeed = let

21
pkgsets/emacs/elpy.nix
View file

@ -1,23 +1,30 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::elpy" config.machine.pkgs) {
programs.emacs.init.usePackage.elpy = {
enable = true;
after = ["python"];
command = ["elpy-enable"];
hook = [ ''
hook =
[
''
(elpy-mode
. (lambda ()
(set (make-local-variable 'company-backends)
'((company-dabbrev-code company-yasnippet elpy-company-backend)))))
'' ]
''
]
++ (optional (elem "emacs::flyspell" config.machine.pkgs) "(elpy-mode . (lambda () (flyspell-prog-mode)))")
++ (optional (elem "emacs::flycheck" config.machine.pkgs) "(elpy-mode . (lambda () (flycheck-mode)))");
bindLocal = { elpy-mode-map = {
bindLocal = {
elpy-mode-map = {
"<tab>" = "company-indent-or-complete-common";
};};
};
};
init = ''(with-eval-after-load 'python (elpy-enable))'';
config = ''
(setq elpy-project-root-finder-functions '(elpy-project-find-git-root elpy-project-find-python-root elpy-project-find-hg-root elpy-project-find-svn-root))

8
pkgsets/emacs/fcitx.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::fcitx" config.machine.pkgs) {
programs.emacs.init.usePackage = {
fcitx = {

18
pkgsets/emacs/flycheck.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::flycheck" config.machine.pkgs) {
programs.emacs.init.usePackage.flycheck = {
enable = true;
@ -14,22 +16,22 @@ mkIf (elem "emacs::flycheck" config.machine.pkgs) {
};
programs.emacs.init.usePackage.flycheck-haskell = {
enable = (elem "emacs::haskell" config.machine.pkgs);
enable = elem "emacs::haskell" config.machine.pkgs;
};
programs.emacs.init.usePackage.flycheck-irony = {
enable = (elem "emacs::irony" config.machine.pkgs);
enable = elem "emacs::irony" config.machine.pkgs;
};
programs.emacs.init.usePackage.flycheck-mypy = {
enable = (elem "emacs::elpy" config.machine.pkgs);
enable = elem "emacs::elpy" config.machine.pkgs;
};
programs.emacs.init.usePackage.pylint = {
enable = (elem "emacs::elpy" config.machine.pkgs);
enable = elem "emacs::elpy" config.machine.pkgs;
};
programs.emacs.init.usePackage.flycheck-rust = {
enable = (elem "emacs::rust" config.machine.pkgs);
enable = elem "emacs::rust" config.machine.pkgs;
};
}

8
pkgsets/emacs/flyspell.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::flyspell" config.machine.pkgs) {
programs.emacs.init.usePackage.flyspell = {
enable = true;

9
pkgsets/emacs/latex.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::latex" config.machine.pkgs) {
programs.emacs.init.usePackage = {
latex-mode = {

12
pkgsets/emacs/lsp.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::lsp" config.machine.pkgs) {
programs.emacs.init.usePackage = {
lsp-mode = {
@ -49,7 +52,8 @@ mkIf (elem "emacs::lsp" config.machine.pkgs) {
lsp-ui-flycheck = {
enable = true;
package = epkgs: [epkgs.lsp-ui];
after = [ "lsp-ui" ]
after =
["lsp-ui"]
++ optional (elem "emacs::flycheck" config.machine.pkgs) "flycheck";
};
};

8
pkgsets/emacs/magit.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::magit" config.machine.pkgs) {
programs.emacs.init.usePackage.magit = {
enable = true;

15
pkgsets/emacs/mu4e.nix
View file

@ -1,8 +1,10 @@
{ config, lib, pkgs, ... }:
with lib;
let
{
config,
lib,
pkgs,
...
}:
with lib; let
defaultEncrypt = pkgs.emacsPackages.trivialBuild rec {
pname = "defaultencrypt";
version = "ba07acc8e9fd692534c39c7cdad0a19dc0d897d9";
@ -14,7 +16,8 @@ let
sha256 = "1ln7h1syx7yi7bqvirv90mk4rvwxg4zm1wvfcvhfh64s3hqrbfgl";
};
};
in mkIf (elem "emacs::mu4e" config.machine.pkgs) {
in
mkIf (elem "emacs::mu4e" config.machine.pkgs) {
programs.emacs.init.usePackage.pinentry = {
enable = true;
command = ["pinentry-start"];

8
pkgsets/emacs/nix-mode.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::nix-mode" config.machine.pkgs) {
programs.emacs.init.usePackage.nix-mode = {
enable = true;

36
pkgsets/emacs/org.nix
View file

@ -1,14 +1,20 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::org" config.machine.pkgs) {
programs.emacs.init.usePackage.org = {
enable = true;
package = epkgs: [epkgs.org];
mode = [''("\\.org\\'" . org-mode)''];
command = ["org-mode"];
hook = [ "(org-mode . (lambda () (org-indent-mode)))" ''
hook =
[
"(org-mode . (lambda () (org-indent-mode)))"
''
(org-mode
. (lambda ()
;; Automatic line-wrapping in org-mode
@ -17,7 +23,8 @@ mkIf (elem "emacs::org" config.machine.pkgs) {
(setq completion-at-point-functions
'(org-completion-symbols
ora-cap-filesystem))))
'' ''
''
''
(org-mode
. (lambda ()
"Beautify Org Checkbox Symbol"
@ -26,11 +33,14 @@ mkIf (elem "emacs::org" config.machine.pkgs) {
(push '("[-]" . "" ) prettify-symbols-alist)
(prettify-symbols-mode)))
''
] ++ optional (elem "emacs::flyspell" config.machine.pkgs) "(org-mode . (lambda () (flyspell-mode)))";
]
++ optional (elem "emacs::flyspell" config.machine.pkgs) "(org-mode . (lambda () (flyspell-mode)))";
bind = {
"C-c a" = "org-agenda";
};
bindLocal = { org-mode-map = {
bindLocal = {
org-mode-map =
{
"M-<up>" = "org-metaup";
"M-<down>" = "org-metadown";
"M-." = "org-open-at-point";
@ -39,9 +49,11 @@ mkIf (elem "emacs::org" config.machine.pkgs) {
"M-<return>" = "org-meta-return";
"M-p" = "org-previous-visible-heading";
"M-n" = "org-next-visible-heading";
} // (optionalAttrs (elem "emacs::company" config.machine.pkgs) {
}
// (optionalAttrs (elem "emacs::company" config.machine.pkgs) {
"<M-tab>" = "company-pcomplete";
}); };
});
};
config = ''
;; Insead of "..." show "" when there's hidden folded content
@ -406,10 +418,12 @@ mkIf (elem "emacs::org" config.machine.pkgs) {
after = ["org"];
hook = ["(org-mode . (lambda () (add-hook 'before-save-hook 'org-encrypt-entries nil t)))"];
command = ["org-decrypt-entry" "org-encrypt-entry"];
bindLocal = { org-mode-map = {
bindLocal = {
org-mode-map = {
"C-c d" = "org-decrypt-entry";
"C-c e" = "org-encrypt-entry";
};};
};
};
config = ''
(setq org-tags-exclude-from-inheritance (quote ("crypt")))
;; GPG key to use for encryption

11
pkgsets/emacs/php-mode.nix
View file

@ -1,12 +1,15 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::php-mode" config.machine.pkgs) {
programs.emacs.init.usePackage = {
php-mode = {
enable = true;
hook = lib.optional (elem "emacs::lsp" config.machine.pkgs)
hook =
lib.optional (elem "emacs::lsp" config.machine.pkgs)
''(typescript-mode . (lambda () (lsp)))'';
};
};

8
pkgsets/emacs/powerline.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::powerline" config.machine.pkgs) {
programs.emacs.init.usePackage.powerline = {
enable = true;

36
pkgsets/emacs/rust.nix
View file

@ -1,24 +1,32 @@
{ config, lib, pkgs, ... }:
with lib;
let
{
config,
lib,
pkgs,
...
}:
with lib; let
rustEnv = pkgs.symlinkJoin {
name = "rustEnv";
paths = config.machine.pkgsets.rustpkgs.pkgwrap;
};
in mkIf (elem "emacs::rust" config.machine.pkgs) {
in
mkIf (elem "emacs::rust" config.machine.pkgs) {
programs.emacs.init.usePackage.rust-mode = {
enable = true;
hook = [ ''(rust-mode . (lambda () (cargo-minor-mode)))'' ]
++ (if (elem "emacs::lsp" config.machine.pkgs)
hook =
[''(rust-mode . (lambda () (cargo-minor-mode)))'']
++ (
if (elem "emacs::lsp" config.machine.pkgs)
then [''(rust-mode . (lambda () (lsp)))'']
else [''(rust-mode . (lambda () (racer-mode)))'']);
else [''(rust-mode . (lambda () (racer-mode)))'']
);
mode = [''("\\.rs\\'" . rust-mode)''];
command = ["rust-mode"];
bindLocal = optionalAttrs (elem "emacs::company" config.machine.pkgs) { rust-mode-map = {
bindLocal = optionalAttrs (elem "emacs::company" config.machine.pkgs) {
rust-mode-map = {
"<tab>" = "company-indent-or-complete-common";
};};
};
};
config = ''
(setq rust-rustfmt-bin "${rustEnv}/bin/rustfmt")
(setq rust-format-on-save t)
@ -33,9 +41,11 @@ in mkIf (elem "emacs::rust" config.machine.pkgs) {
programs.emacs.init.usePackage.racer = {
enable = true;
defer = true;
hook = [
hook =
[
''(racer-mode . (lambda () (eldoc-mode)))''
] ++ optional (elem "emacs::company" config.machine.pkgs) ''(racer-mode . (lambda () (company-mode)))'';
]
++ optional (elem "emacs::company" config.machine.pkgs) ''(racer-mode . (lambda () (company-mode)))'';
config = ''
(setq racer-rust-src-path "${rustEnv}/lib/rustlib/src/rust/src")

8
pkgsets/emacs/solarized-theme.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::solarized-theme" config.machine.pkgs) {
programs.emacs.init.usePackage.solarized-theme = {
enable = true;

8
pkgsets/emacs/telega.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::telega" config.machine.pkgs) {
programs.emacs.init.usePackage.telegram = {
enable = true;

9
pkgsets/emacs/transmission.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::transmission" config.machine.pkgs) {
programs.emacs.init.usePackage = {
transmission = {

8
pkgsets/emacs/undo-tree.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::undo-tree" config.machine.pkgs) {
programs.emacs.init.usePackage.undo-tree = {
enable = true;

14
pkgsets/emacs/web-mode.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "emacs::web-mode" config.machine.pkgs) {
programs.emacs.init.usePackage = {
web-mode = {
@ -60,7 +62,8 @@ mkIf (elem "emacs::web-mode" config.machine.pkgs) {
};
typescript-mode = {
enable = true;
hook = [ "(typescript-mode . (lambda () (subword-mode)))" ]
hook =
["(typescript-mode . (lambda () (subword-mode)))"]
++ lib.optional (elem "emacs::lsp" config.machine.pkgs)
''(typescript-mode . (lambda () (lsp)))'';
mode = [
@ -77,7 +80,7 @@ mkIf (elem "emacs::web-mode" config.machine.pkgs) {
# https://github.com/NixOS/nixpkgs/pull/150239
tree-sitter = {
enable = true;
package = (epkgs: [ epkgs.tree-sitter (epkgs.tree-sitter-langs.withPlugins(p: epkgs.tree-sitter-langs.plugins ++ [ p.tree-sitter-markdown p.tree-sitter-tsx ]))]);
package = epkgs: [epkgs.tree-sitter (epkgs.tree-sitter-langs.withPlugins (p: epkgs.tree-sitter-langs.plugins ++ [p.tree-sitter-markdown p.tree-sitter-tsx]))];
hook = [
"(typescript-mode . tree-sitter-hl-mode)"
"(typescript-tsx-mode . tree-sitter-hl-mode)"
@ -86,7 +89,6 @@ mkIf (elem "emacs::web-mode" config.machine.pkgs) {
(tree-sitter-require 'tsx)
(add-to-list 'tree-sitter-major-mode-language-alist '(typescript-tsx-mode . tsx))
'';
};
impatient-mode = {
enable = true;

9
pkgsets/emacs/yaml-mode.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::yaml-mode" config.machine.pkgs) {
programs.emacs.init.usePackage = {
yaml-mode = {

9
pkgsets/emacs/yasnippet.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "emacs::yasnippet" config.machine.pkgs) {
programs.emacs.init.usePackage = {
yasnippet = {

6
pkgsets/extra.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.extra.pkgs = with pkgs; [
alsaUtils
binutils-unwrapped

6
pkgsets/haskell-tools.nix
View file

@ -1,5 +1,7 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.haskell-tools.pkgs = with pkgs; [cabal-install hlint]; # ghcid
}

10
pkgsets/haskell.nix
View file

@ -1,7 +1,11 @@
{ config, lib, fn, pkgs, ... }:
{
config.machine.pkgsets.haskell.pkgwrap = (pkgs.haskellPackages.ghcWithPackages (pkgs: (fn.pkgFilter config.machine.pkgsets.haskell.pkgs)));
config,
lib,
fn,
pkgs,
...
}: {
config.machine.pkgsets.haskell.pkgwrap = pkgs.haskellPackages.ghcWithPackages (pkgs: (fn.pkgFilter config.machine.pkgsets.haskell.pkgs));
config.machine.pkgsets.haskell.pkgs = with pkgs.haskellPackages; [
hindent
mtl

10
pkgsets/latex.nix
View file

@ -1,8 +1,10 @@
{ config, lib, pkgs, ... }:
with lib;
{
config,
lib,
pkgs,
...
}:
with lib; {
config.machine.pkgsets.latex.pkgs = with pkgs; [
texlive.combined.scheme-full
texlab

6
pkgsets/mail_utils.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.mail_utils.pkgs = with pkgs; [
fetchmail
isync

11
pkgsets/nodejs.nix
View file

@ -1,8 +1,11 @@
{ config, pkgs, ... }:
{
config.machine.pkgsets.nodejs.pkgs = (with pkgs; [ nodejs yarn deno esbuild ]) ++
(with pkgs.nodePackages; [
config,
pkgs,
...
}: {
config.machine.pkgsets.nodejs.pkgs =
(with pkgs; [nodejs yarn deno esbuild])
++ (with pkgs.nodePackages; [
autoprefixer
browserify
create-react-app

16
pkgsets/php.nix
View file

@ -1,8 +1,14 @@
{ config, lib, fn, pkgs, ... }:
{
config.machine.pkgsets.php.pkgwrap = (fn.pkgFilter config.machine.pkgsets.php.pkgs);
config.machine.pkgsets.php.pkgs = (with pkgs.php82Packages; [
config,
lib,
fn,
pkgs,
...
}: {
config.machine.pkgsets.php.pkgwrap = fn.pkgFilter config.machine.pkgsets.php.pkgs;
config.machine.pkgsets.php.pkgs =
(with pkgs.php82Packages; [
composer
]) ++ (with pkgs; [ php82 ]);
])
++ (with pkgs; [php82]);
}

19
pkgsets/python3.nix
View file

@ -1,9 +1,12 @@
{ config, lib, fn, pkgs, ... }:
with lib;
{
config.machine.pkgsets.python3.pkgwrap = (pkgs.python310.withPackages (ps: (fn.pkgFilter config.machine.pkgsets.python3.pkgs)));
config,
lib,
fn,
pkgs,
...
}:
with lib; {
config.machine.pkgsets.python3.pkgwrap = pkgs.python310.withPackages (ps: (fn.pkgFilter config.machine.pkgsets.python3.pkgs));
config.machine.pkgsets.python3.pkgs = with pkgs.python310Packages; [
GitPython
bpython
@ -13,7 +16,8 @@ with lib;
epc
flake8
genanki
matplotlib ipywidgets
matplotlib
ipywidgets
python-docx
mypy
numpy
@ -29,7 +33,8 @@ with lib;
pypdf2
# pygame pygame_sdl2
pylama
pylint toml
pylint
toml
pyopengl
pyproj
pytest

25
pkgsets/rustpkgs.nix
View file

@ -1,10 +1,11 @@
{ config, ... }:
let
mozRust = with builtins; (map (p: import ((fetchTarball {
{config, ...}: let
mozRust = with builtins;
(map (p:
import ((fetchTarball {
url = "https://github.com/mozilla/nixpkgs-mozilla/archive/e912ed4.tar.gz";
sha256 = "08fvzb8w80bkkabc1iyhzd15f4sm7ra10jn32kfch5klgl0gj3j3";
}) + p))) [
})
+ p))) [
(toPath "/lib-overlay.nix")
(toPath "/rust-overlay.nix")
];
@ -16,24 +17,28 @@ let
channel = "nightly";
};
rustNightly = {
rustc = nightly.rust.override {
rustc =
nightly.rust.override {
extensions = [
"clippy-preview"
"rls-preview"
"rust-analysis"
"rust-src"
"rustfmt-preview"
]; } // { src = nightly.rust-src; };
];
}
// {src = nightly.rust-src;};
cargo = nightly.cargo;
};
rustPNightly = stablepkgs.recurseIntoAttrs (stablepkgs.makeRustPlatform {
inherit (rustNightly) rustc cargo;
});
in {
config.machine.pkgsets.rustpkgs.pkgs = (with stablepkgs; [
config.machine.pkgsets.rustpkgs.pkgs =
(with stablepkgs; [
diesel-cli
carnix
rustracer
]) ++ (with rustNightly; [ rustc cargo]);
])
++ (with rustNightly; [rustc cargo]);
}

6
pkgsets/server.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.server.pkgs = with pkgs; [
audit
certbot

10
pkgsets/tracking.nix
View file

@ -1,8 +1,10 @@
{ config, lib, pkgs, ... }:
with lib;
{
config,
lib,
pkgs,
...
}:
with lib; {
config.machine.pkgsets.tracking.pkgs = with pkgs; [
aw-qt
aw-server-rust

6
pkgsets/uniProgs.nix
View file

@ -1,5 +1,7 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
config.machine.pkgsets.uniProgs.pkgs = with pkgs; [qucs];
}

12
pkgsets/xpkgs.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
let
{
config,
pkgs,
...
}: let
cfg = config.machine;
in {
config.machine.pkgsets.xpkgs.pkgs = with pkgs; [
@ -13,7 +15,9 @@ in {
gnome3.gvfs
gvfs
oneko
pcmanfm lxmenu-data shared-mime-info
pcmanfm
lxmenu-data
shared-mime-info
pavucontrol
xclip
xorg.xkill

17
services/acme.nix
View file

@ -1,11 +1,16 @@
{ options, config, lib, fn, pkgs, ... }:
{
options,
config,
lib,
fn,
pkgs,
...
}:
with builtins;
with lib;
let
with lib; let
cfg = config.machine;
in mkIf (elem "acme" cfg.services) {
in
mkIf (elem "acme" cfg.services) {
security.acme = {
# see https://letsencrypt.org/repository/
acceptTerms = true;

24
services/bind.nix
View file

@ -1,20 +1,28 @@
# This Configuration is meant for local DNS setups only!
{ options, config, lib, fn, pkgs, ... }:
{
options,
config,
lib,
fn,
pkgs,
...
}:
with builtins;
with lib;
let
with lib; let
cfg = config.machine;
in mkIf (elem "bind" cfg.services) {
in
mkIf (elem "bind" cfg.services) {
services.bind = {
enable = true;
listenOn = ["127.0.0.1"];
forwarders = [
# Cloudflare CDN
"1.1.1.1" "1.0.0.1"
"1.1.1.1"
"1.0.0.1"
#CCC DNS
"204.152.184.76" "159.203.38.175" "207.148.83.241"
"204.152.184.76"
"159.203.38.175"
"207.148.83.241"
];
# TODO: add DNSSEC
extraOptions = ''

11
services/containers.nix
View file

@ -1,14 +1,15 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "containers" config.machine.services) {
containers.CDServer = {
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
config =
{
config = {
imports = [
../machines/CDServer/options.nix
./default.nix

9
services/cups.nix
View file

@ -1,7 +1,10 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "cups" config.machine.services) {
services.printing = {
enable = true;

24
services/desktop.nix
View file

@ -1,13 +1,21 @@
{ config, lib, fn, pkgs, ... }:
with lib;
let
{
config,
lib,
fn,
pkgs,
...
}:
with lib; let
cfg = config.machine;
desktopFiles = fn.lst { p = (toString ./desktop); b = true; };
in {
desktopFiles = fn.lst {
p = toString ./desktop;
b = true;
};
in
{
imports = desktopFiles;
} // mkIf (elem "desktop" cfg.services) {
}
// mkIf (elem "desktop" cfg.services) {
services.gvfs.enable = true;
services.xserver = {
layout = "de";

11
services/desktop/i3.nix
View file

@ -1,13 +1,16 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "desktop::i3" config.machine.services) {
services.xserver = {
enable = true;
windowManager.i3 = {
enable = true;
configFile = (import ../../config/etc/i3/config.nix { inherit pkgs; });
configFile = import ../../config/etc/i3/config.nix {inherit pkgs;};
extraPackages = with pkgs; [
dmenu
file

16
services/desktop/sway.nix
View file

@ -1,15 +1,21 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
mkIf (elem "desktop::sway" config.machine.services) {
programs.sway = {
enable = true;
extraPackages = with pkgs; [
xwayland
file i3status dmenu
file
i3status
dmenu
qt5.qtwayland
grim slurp
grim
slurp
swaylock
swayidle
light

9
services/docker.nix
View file

@ -1,8 +1,11 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
# Note: add privileged users to docker group for access
with lib;
mkIf ((elem "docker" config.machine.services) && !(elem "podman" config.machine.services)) {
virtualisation.docker = {
enable = true;

22
services/fail2ban.nix
View file

@ -1,11 +1,13 @@
{ config, lib, ... }:
with lib;
let
{
config,
lib,
...
}:
with lib; let
cfg = config.machine;
active = name: (elem name cfg.services);
in mkIf (elem "fail2ban" cfg.services) {
in
mkIf (elem "fail2ban" cfg.services) {
services.fail2ban = {
enable = true;
jails = {
@ -61,7 +63,7 @@ in mkIf (elem "fail2ban" cfg.services) {
};
environment.etc."fail2ban/filter.d/sshd-ddos.conf" = {
enable = (active "openssh");
enable = active "openssh";
text = ''
[Definition]
failregex = sshd(?:\[\d+\])?: Did not receive identification string from <HOST>$
@ -70,7 +72,7 @@ in mkIf (elem "fail2ban" cfg.services) {
};
environment.etc."fail2ban/filter.d/postfix-sasl.conf" = {
enable = (active "mailserver");
enable = active "mailserver";
text = ''
# Fail2Ban filter for postfix authentication failures
[INCLUDES]
@ -82,7 +84,7 @@ in mkIf (elem "fail2ban" cfg.services) {
};
environment.etc."fail2ban/filter.d/postfix-ddos.conf" = {
enable = (active "mailserver");
enable = active "mailserver";
text = ''
[Definition]
failregex = lost connection after EHLO from \S+\[<HOST>\]
@ -90,7 +92,7 @@ in mkIf (elem "fail2ban" cfg.services) {
};
environment.etc."fail2ban/filter.d/nginx-req-limit.conf" = {
enable = (active "nginx");
enable = active "nginx";
text = ''
[Definition]
failregex = limiting requests, excess:.* by zone.*client: <HOST>

14
services/fprintd.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "fprintd" config.machine.services) {
security.pam.services = let
unlock = [
@ -10,7 +12,11 @@ mkIf (elem "fprintd" config.machine.services) {
"login"
"lightdm"
];
in listToAttrs (forEach unlock (n: {name = n; value = { fprintAuth = true; }; }));
in
listToAttrs (forEach unlock (n: {
name = n;
value = {fprintAuth = true;};
}));
services.fprintd = {
enable = true;

10
services/gitea.nix
View file

@ -1,7 +1,9 @@
{ config, lib, ... }:
{
config,
lib,
...
}:
with lib;
mkIf (elem "gitea" config.machine.services) {
services = {
gitea = let
@ -34,7 +36,7 @@ mkIf (elem "gitea" config.machine.services) {
};
service = {
DISABLE_REGISTRATION = (lib.mkForce true);
DISABLE_REGISTRATION = lib.mkForce true;
};
session = {

Some files were not shown because too many files have changed in this diff Show more