Merge remote-tracking branch 'ni/master'
This commit is contained in:
commit
04f48503a4
@ -26,9 +26,8 @@ with import <stockholm/lib>;
|
|||||||
Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
|
Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
|
||||||
${tinc.config.extraConfig}
|
${tinc.config.extraConfig}
|
||||||
'';
|
'';
|
||||||
"tinc-up" = pkgs.writeScript "${netname}-tinc-up" ''
|
"tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
|
||||||
#!/bin/sh
|
${tinc.config.iproutePackage}/sbin/ip link set ${netname} up
|
||||||
ip link set ${netname} up
|
|
||||||
${tinc.config.tincUp}
|
${tinc.config.tincUp}
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
@ -60,14 +59,15 @@ with import <stockholm/lib>;
|
|||||||
type = types.str;
|
type = types.str;
|
||||||
default = let
|
default = let
|
||||||
net = tinc.config.host.nets.${netname};
|
net = tinc.config.host.nets.${netname};
|
||||||
|
iproute = tinc.config.iproutePackage;
|
||||||
in ''
|
in ''
|
||||||
${optionalString (net.ip4 != null) /* sh */ ''
|
${optionalString (net.ip4 != null) /* sh */ ''
|
||||||
ip -4 addr add ${net.ip4.addr} dev ${netname}
|
${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname}
|
||||||
ip -4 route add ${net.ip4.prefix} dev ${netname}
|
${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname}
|
||||||
''}
|
''}
|
||||||
${optionalString (net.ip6 != null) /* sh */ ''
|
${optionalString (net.ip6 != null) /* sh */ ''
|
||||||
ip -6 addr add ${net.ip6.addr} dev ${netname}
|
${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname}
|
||||||
ip -6 route add ${net.ip6.prefix} dev ${netname}
|
${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname}
|
||||||
''}
|
''}
|
||||||
${tinc.config.tincUpExtra}
|
${tinc.config.tincUpExtra}
|
||||||
'';
|
'';
|
||||||
@ -238,39 +238,41 @@ with import <stockholm/lib>;
|
|||||||
description = "Tinc daemon for ${netname}";
|
description = "Tinc daemon for ${netname}";
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
path = [
|
# Restart the service in a single step in order to prevent potential
|
||||||
cfg.iproutePackage
|
# connection timeouts and subsequent issues while deploying via tinc.
|
||||||
cfg.tincPackage
|
stopIfChanged = false;
|
||||||
];
|
|
||||||
reloadIfChanged = true;
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
LoadCredential = filter (x: x != "") [
|
LoadCredential = filter (x: x != "") [
|
||||||
(optionalString (cfg.privkey_ed25519 != null)
|
(optionalString (cfg.privkey_ed25519 != null)
|
||||||
"ed25519_key:${cfg.privkey_ed25519}"
|
"ed25519_key.priv:${cfg.privkey_ed25519}"
|
||||||
)
|
)
|
||||||
"rsa_key:${cfg.privkey}"
|
"rsa_key.priv:${cfg.privkey}"
|
||||||
];
|
];
|
||||||
ExecStartPre = pkgs.writers.writeDash "init-tinc-${netname}" ''
|
ExecStartPre = pkgs.writers.writeDash "init-tinc-${netname}" ''
|
||||||
|
set -efu
|
||||||
${pkgs.coreutils}/bin/mkdir -p /etc/tinc
|
${pkgs.coreutils}/bin/mkdir -p /etc/tinc
|
||||||
${pkgs.rsync}/bin/rsync -vaL --delete \
|
${pkgs.rsync}/bin/rsync -Lacv --delete \
|
||||||
--chown ${cfg.user.name} \
|
--chown ${cfg.user.name} \
|
||||||
--chmod u=rwX,g=rX \
|
--chmod u=rwX,g=rX \
|
||||||
|
--exclude='/*.priv' \
|
||||||
${cfg.confDir}/ /etc/tinc/${netname}/
|
${cfg.confDir}/ /etc/tinc/${netname}/
|
||||||
|
${optionalString (cfg.privkey_ed25519 != null) /* sh */ ''
|
||||||
|
${pkgs.coreutils}/bin/ln -fns \
|
||||||
|
"$CREDENTIALS_DIRECTORY"/ed25519_key.priv \
|
||||||
|
/etc/tinc/${netname}/
|
||||||
|
''}
|
||||||
|
${pkgs.coreutils}/bin/ln -fns \
|
||||||
|
"$CREDENTIALS_DIRECTORY"/rsa_key.priv \
|
||||||
|
/etc/tinc/${netname}/
|
||||||
'';
|
'';
|
||||||
ExecStart = toString [
|
ExecStart = toString [
|
||||||
"${cfg.tincPackage}/sbin/tincd"
|
"${cfg.tincPackage}/sbin/tincd"
|
||||||
"-D"
|
"-D"
|
||||||
"-U ${cfg.user.name}"
|
"-U ${cfg.user.name}"
|
||||||
"-c /etc/tinc/${netname}"
|
|
||||||
"-d 0"
|
"-d 0"
|
||||||
(optionalString (cfg.privkey_ed25519 != null)
|
"-n ${netname}"
|
||||||
"-o Ed25519PrivateKeyFile=\${CREDENTIALS_DIRECTORY}/ed25519_key"
|
|
||||||
)
|
|
||||||
"-o PrivateKeyFile=\${CREDENTIALS_DIRECTORY}/rsa_key"
|
|
||||||
"--pidfile=/var/run/tinc.${netname}.pid"
|
|
||||||
];
|
];
|
||||||
ExecReload = "${cfg.tincPackage}/sbin/tinc -n ${netname} restart";
|
|
||||||
SyslogIdentifier = netname;
|
SyslogIdentifier = netname;
|
||||||
};
|
};
|
||||||
}) config.krebs.tinc;
|
}) config.krebs.tinc;
|
||||||
|
@ -6,9 +6,9 @@ with import <stockholm/lib>;
|
|||||||
krebs.tinc.retiolum = {
|
krebs.tinc.retiolum = {
|
||||||
enable = true;
|
enable = true;
|
||||||
connectTo = filter (ne config.krebs.build.host.name) [
|
connectTo = filter (ne config.krebs.build.host.name) [
|
||||||
"gum"
|
|
||||||
"ni"
|
"ni"
|
||||||
"prism"
|
"prism"
|
||||||
|
"eve"
|
||||||
];
|
];
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
LocalDiscovery = yes
|
LocalDiscovery = yes
|
||||||
|
@ -1,47 +1,20 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
pushBack = x: xs:
|
||||||
|
if elem x xs then
|
||||||
|
remove x xs ++ [ x ]
|
||||||
|
else
|
||||||
|
names;
|
||||||
|
in
|
||||||
|
|
||||||
self: super:
|
self: super:
|
||||||
|
|
||||||
# Import files and subdirectories like they are overlays.
|
# Import files and subdirectories like they are overlays.
|
||||||
foldl' mergeAttrs {}
|
fix
|
||||||
(map
|
(foldl' (flip extends) (_: super)
|
||||||
(name: import (./. + "/${name}") self super)
|
(map
|
||||||
(filter
|
(name: import (./. + "/${name}"))
|
||||||
(name: name != "default.nix" && !hasPrefix "." name)
|
(filter
|
||||||
(attrNames (readDir ./.))))
|
(name: name != "default.nix" && !hasPrefix "." name)
|
||||||
|
(pushBack "override"
|
||||||
//
|
(attrNames (readDir ./.))))))
|
||||||
|
|
||||||
{
|
|
||||||
cr = self.writeDashBin "cr" ''
|
|
||||||
set -efu
|
|
||||||
if test -n "''${XDG_RUNTIME_DIR-}"; then
|
|
||||||
cache_dir=$XDG_RUNTIME_DIR/chromium-disk-cache
|
|
||||||
else
|
|
||||||
cache_dir=/tmp/chromium-disk-cache_$LOGNAME
|
|
||||||
fi
|
|
||||||
export LC_TIME=de_DE.utf8
|
|
||||||
exec ${self.chromium}/bin/chromium \
|
|
||||||
--ssl-version-min=tls1 \
|
|
||||||
--disk-cache-dir="$cache_dir" \
|
|
||||||
--disk-cache-size=50000000 \
|
|
||||||
"$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
dhcpcd = overrideDerivation super.dhcpcd (old: {
|
|
||||||
configureFlags = old.configureFlags ++ [
|
|
||||||
"--dbdir=/var/lib/dhcpcd"
|
|
||||||
];
|
|
||||||
});
|
|
||||||
|
|
||||||
gitAndTools = super.gitAndTools // {
|
|
||||||
inherit (self) diff-so-fancy;
|
|
||||||
};
|
|
||||||
|
|
||||||
ff = self.writeDashBin "ff" ''
|
|
||||||
exec ${self.firefoxWrapper}/bin/firefox "$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
gnupg = self.gnupg22;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
72
tv/5pkgs/override/anbox.nix
Normal file
72
tv/5pkgs/override/anbox.nix
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
self: super:
|
||||||
|
|
||||||
|
# https://github.com/NixOS/nixpkgs/pull/125600
|
||||||
|
super.anbox.overrideAttrs (old:
|
||||||
|
assert old.version == "unstable-2020-11-29";
|
||||||
|
rec {
|
||||||
|
version = "unstable-2021-05-26";
|
||||||
|
|
||||||
|
src = self.fetchFromGitHub {
|
||||||
|
owner = old.pname;
|
||||||
|
repo = old.pname;
|
||||||
|
rev = "ad377ff25354d68b76e2b8da24a404850f8514c6";
|
||||||
|
sha256 = "1bj07ixwbkli4ycjh41mnqdbsjz9haiwg2nhf9anbi29z1d0819w";
|
||||||
|
fetchSubmodules = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
postPatch = old.patchPhase;
|
||||||
|
|
||||||
|
# patchPhase() from <nixpkgs/pkgs/stdenv/generic/setup.sh>
|
||||||
|
# TODO patchPhase = default.patchPhase; or something
|
||||||
|
patchPhase = ''
|
||||||
|
runHook prePatch
|
||||||
|
|
||||||
|
for i in ''${patches:-}; do
|
||||||
|
header "applying patch $i" 3
|
||||||
|
local uncompress=cat
|
||||||
|
case "$i" in
|
||||||
|
*.gz)
|
||||||
|
uncompress="gzip -d"
|
||||||
|
;;
|
||||||
|
*.bz2)
|
||||||
|
uncompress="bzip2 -d"
|
||||||
|
;;
|
||||||
|
*.xz)
|
||||||
|
uncompress="xz -d"
|
||||||
|
;;
|
||||||
|
*.lzma)
|
||||||
|
uncompress="lzma -d"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
# "2>&1" is a hack to make patch fail if the decompressor fails (nonexistent patch, etc.)
|
||||||
|
# shellcheck disable=SC2086
|
||||||
|
$uncompress < "$i" 2>&1 | patch ''${patchFlags:--p1}
|
||||||
|
done
|
||||||
|
|
||||||
|
runHook postPatch
|
||||||
|
'';
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# Fixes compatibility with lxc 4
|
||||||
|
(self.fetchpatch {
|
||||||
|
url = "https://git.alpinelinux.org/aports/plain/community/anbox/lxc4.patch?id=64243590a16aee8d4e72061886fc1b15256492c3";
|
||||||
|
sha256 = "1da5xyzyjza1g2q9nbxb4p3njj2sf3q71vkpvmmdphia5qnb0gk5";
|
||||||
|
})
|
||||||
|
# Wait 10× more time when starting
|
||||||
|
# Not *strictly* needed, but helps a lot on slower hardware
|
||||||
|
(self.fetchpatch {
|
||||||
|
url = "https://git.alpinelinux.org/aports/plain/community/anbox/give-more-time-to-start.patch?id=058b56d4b332ef3379551b343bf31e0f2004321a";
|
||||||
|
sha256 = "0iiz3c7fgfgl0dvx8sf5hv7a961xqnihwpz6j8r0ib9v8piwxh9a";
|
||||||
|
})
|
||||||
|
# Ensures generated desktop files work on store path change
|
||||||
|
(self.fetchpatch {
|
||||||
|
url = "https://raw.githubusercontent.com/NixOS/nixpkgs/fdf7b4be1a659ed8b96586c2fc8ff90850e25feb/pkgs/os-specific/linux/anbox/0001-NixOS-Use-anbox-from-PATH-in-desktop-files.patch";
|
||||||
|
sha256 = "173z84g1r8h367a2dgk6945is6vxg4j1hs2hkfd3m3bbpwfw9221";
|
||||||
|
})
|
||||||
|
# Provide window icons
|
||||||
|
(self.fetchpatch {
|
||||||
|
url = "https://github.com/samueldr/anbox/commit/2387f4fcffc0e19e52e58fb6f8264fbe87aafe4d.patch";
|
||||||
|
sha256 = "12lmr0kxw1n68g3abh1ak5awmpczfh75c26f53jc8qpvdvv1ywha";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
})
|
@ -1,24 +1,4 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
self: super: {
|
self: super:
|
||||||
fzf = super.fzf.overrideAttrs (old: {
|
|
||||||
# XXX cannot use `patches` because fzf has a custom patchPhase
|
|
||||||
patchPhase = ''
|
|
||||||
patch -Np1 < ${./fzf.complete1.patch}
|
|
||||||
${old.patchPhase or ""}
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
input-fonts = super.input-fonts.overrideAttrs (old: rec {
|
|
||||||
src = self.fetchzip {
|
|
||||||
url = "http://xu.r/~tv/mirrors/input-fonts/Input-Font-2.zip";
|
|
||||||
sha256 = "1q58x92nm7dk9ylp09pvgj74nxkywvqny3xmfighnsl30dv42fcr";
|
|
||||||
stripRoot = false;
|
|
||||||
};
|
|
||||||
sourceRoot = null;
|
|
||||||
outputHash = null;
|
|
||||||
outputHashAlgo = null;
|
|
||||||
outputHashMode = null;
|
|
||||||
});
|
|
||||||
|
|
||||||
nix-prefetch-github =
|
mapNixDir (path: import path self super) ./.
|
||||||
self.python3Packages.callPackage ./nix-prefetch-github.nix {};
|
|
||||||
}
|
|
||||||
|
7
tv/5pkgs/override/dhcpcd.nix
Normal file
7
tv/5pkgs/override/dhcpcd.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
self: super:
|
||||||
|
|
||||||
|
self.lib.overrideDerivation super.dhcpcd (old: {
|
||||||
|
configureFlags = old.configureFlags ++ [
|
||||||
|
"--dbdir=/var/lib/dhcpcd"
|
||||||
|
];
|
||||||
|
})
|
9
tv/5pkgs/override/fzf/default.nix
Normal file
9
tv/5pkgs/override/fzf/default.nix
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
self: super:
|
||||||
|
|
||||||
|
super.fzf.overrideAttrs (old: {
|
||||||
|
# XXX cannot use `patches` because fzf has a custom patchPhase
|
||||||
|
patchPhase = ''
|
||||||
|
patch -Np1 < ${./complete1.patch}
|
||||||
|
${old.patchPhase or ""}
|
||||||
|
'';
|
||||||
|
})
|
5
tv/5pkgs/override/gitAndTools.nix
Normal file
5
tv/5pkgs/override/gitAndTools.nix
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
self: super:
|
||||||
|
|
||||||
|
super.gitAndTools // {
|
||||||
|
inherit (self) diff-so-fancy;
|
||||||
|
}
|
13
tv/5pkgs/override/input-fonts.nix
Normal file
13
tv/5pkgs/override/input-fonts.nix
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
self: super:
|
||||||
|
|
||||||
|
super.input-fonts.overrideAttrs (old: rec {
|
||||||
|
src = self.fetchzip {
|
||||||
|
url = "http://xu.r/~tv/mirrors/input-fonts/Input-Font-2.zip";
|
||||||
|
sha256 = "1q58x92nm7dk9ylp09pvgj74nxkywvqny3xmfighnsl30dv42fcr";
|
||||||
|
stripRoot = false;
|
||||||
|
};
|
||||||
|
sourceRoot = null;
|
||||||
|
outputHash = null;
|
||||||
|
outputHashAlgo = null;
|
||||||
|
outputHashMode = null;
|
||||||
|
})
|
@ -1,47 +0,0 @@
|
|||||||
{ fetchPypi
|
|
||||||
, lib
|
|
||||||
, buildPythonPackage
|
|
||||||
, pythonOlder
|
|
||||||
, attrs
|
|
||||||
, click
|
|
||||||
, effect
|
|
||||||
, jinja2
|
|
||||||
, git
|
|
||||||
, pytestCheckHook
|
|
||||||
, pytest-black
|
|
||||||
, pytestcov
|
|
||||||
, pytest-isort
|
|
||||||
}:
|
|
||||||
|
|
||||||
buildPythonPackage rec {
|
|
||||||
pname = "nix-prefetch-github";
|
|
||||||
version = "3.0";
|
|
||||||
|
|
||||||
src = fetchPypi {
|
|
||||||
inherit pname version;
|
|
||||||
sha256 = "sha256-EN+EbVXUaf+id5UsK4EBm/9k9FYaH79g08kblvW60XA=";
|
|
||||||
};
|
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
|
||||||
attrs
|
|
||||||
click
|
|
||||||
effect
|
|
||||||
jinja2
|
|
||||||
];
|
|
||||||
|
|
||||||
checkInputs = [ pytestCheckHook pytest-black pytestcov pytest-isort git ];
|
|
||||||
checkPhase = ''
|
|
||||||
pytest -m 'not network'
|
|
||||||
'';
|
|
||||||
|
|
||||||
# latest version of isort will cause tests to fail
|
|
||||||
# ignore tests which are impure
|
|
||||||
disabledTests = [ "isort" "life" "outputs" "fetch_submodules" ];
|
|
||||||
|
|
||||||
meta = with lib; {
|
|
||||||
description = "Prefetch sources from github";
|
|
||||||
homepage = "https://github.com/seppeljordan/nix-prefetch-github";
|
|
||||||
license = licenses.gpl3;
|
|
||||||
maintainers = with maintainers; [ seppeljordan ];
|
|
||||||
};
|
|
||||||
}
|
|
16
tv/5pkgs/simple/cr.nix
Normal file
16
tv/5pkgs/simple/cr.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
{ pkgs }:
|
||||||
|
|
||||||
|
pkgs.writeDashBin "cr" ''
|
||||||
|
set -efu
|
||||||
|
if test -n "''${XDG_RUNTIME_DIR-}"; then
|
||||||
|
cache_dir=$XDG_RUNTIME_DIR/chromium-disk-cache
|
||||||
|
else
|
||||||
|
cache_dir=/tmp/chromium-disk-cache_$LOGNAME
|
||||||
|
fi
|
||||||
|
export LC_TIME=de_DE.utf8
|
||||||
|
exec ${pkgs.chromium}/bin/chromium \
|
||||||
|
--ssl-version-min=tls1 \
|
||||||
|
--disk-cache-dir="$cache_dir" \
|
||||||
|
--disk-cache-size=50000000 \
|
||||||
|
"$@"
|
||||||
|
''
|
5
tv/5pkgs/simple/ff.nix
Normal file
5
tv/5pkgs/simple/ff.nix
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
{ pkgs }:
|
||||||
|
|
||||||
|
pkgs.writeDashBin "ff" ''
|
||||||
|
exec ${pkgs.firefoxWrapper}/bin/firefox "$@"
|
||||||
|
''
|
Loading…
Reference in New Issue
Block a user