foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-30 22:57:55 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

chore: reformat codebase

Browse Source
This commit is contained in:
Gabriel Arazas 2022-11-19 11:05:31 +08:00
parent 5ea8fcb0cf
commit 3a7816a901
26 changed files with 480 additions and 412 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
default.nix
View File

@ -3,7 +3,8 @@
let
lib' = pkgs.lib.extend (final: prev:
import ./lib { lib = prev; } // import ./lib/private.nix { lib = final; });
in {
in
{
lib = import ./lib { lib = pkgs.lib; };
modules = lib'.importModules (lib'.filesToAttr ./modules/nixos);
overlays.foo-dogsquared-pkgs = final: prev: import ./pkgs { pkgs = prev; };

20
flake.nix
View File

@ -395,15 +395,17 @@
# Take note for automatically imported nodes, various options should be
# overridden in the deploy utility considering that most have only
# certain values and likely not work if run with the intended value.
deploy.nodes = (lib'.mapAttrs' (name: value:
lib'.nameValuePair name {
hostname = name;
profiles.system = {
sshUser = "admin";
user = "root";
path = inputs.deploy.lib.${defaultSystem}.activate.nixos value;
};
}) self.nixosConfigurations);
deploy.nodes = (lib'.mapAttrs'
(name: value:
lib'.nameValuePair name {
hostname = name;
profiles.system = {
sshUser = "admin";
user = "root";
path = inputs.deploy.lib.${defaultSystem}.activate.nixos value;
};
})
self.nixosConfigurations);
# How to make yourself slightly saner than before. So far the main checks
# are for deploy nodes.

20
lib/default.nix
View File

@ -31,17 +31,19 @@ rec {
collect = file: type: {
name = lib.removeSuffix ".nix" file;
value = let path = dirPath + "/${file}";
in if (type == "regular")
|| (type == "directory" && lib.pathExists (path + "/default.nix")) then
path
else
filesToAttr path;
value =
let path = dirPath + "/${file}";
in if (type == "regular")
|| (type == "directory" && lib.pathExists (path + "/default.nix")) then
path
else
filesToAttr path;
};
files = lib.filterAttrs isModule (builtins.readDir dirPath);
in lib.filterAttrs (name: value: value != { })
(lib.mapAttrs' collect files);
in
lib.filterAttrs (name: value: value != { })
(lib.mapAttrs' collect files);
/* Collect all modules (results from `filesToAttr`) into a list.
@ -71,5 +73,5 @@ rec {
*/
countAttrs = pred: attrs:
lib.count (attr: pred attr.name attr.value)
(lib.mapAttrsToList lib.nameValuePair attrs);
(lib.mapAttrsToList lib.nameValuePair attrs);
}

36
lib/private.nix
View File

@ -14,12 +14,13 @@ rec {
# TODO: Effectively override the option.
# We assume all users set with this module are normal users.
absoluteOverrides = { isNormalUser = true; };
in {
in
{
home-manager.users."${user}" = { ... }: {
imports = [ (getUser "home-manager" user) ];
};
users.users."${user}" = defaultUserConfig // settings // absoluteOverrides;
};
};
getSecret = path: ../secrets/${path};
@ -32,25 +33,28 @@ rec {
userList = lib.attrNames users';
nonExistentUsers = lib.filter (name: !lib.elem name userList) users;
in lib.trivial.throwIfNot ((lib.length nonExistentUsers) == 0)
in
lib.trivial.throwIfNot ((lib.length nonExistentUsers) == 0)
"there are no users ${lib.concatMapStringsSep ", " (u: "'${u}'") nonExistentUsers} from ${type}"
(r: r) users';
(r: r)
users';
getUser = type: user:
lib.getAttr user (getUsers type [ user ]);
# Import modules with a set blocklist.
importModules = attrs: let
blocklist = [
# The modules under this attribute are often incomplete and needing
# very specific requirements that is 99% going to be absent from the
# outside so we're not going to export it.
"tasks"
importModules = attrs:
let
blocklist = [
# The modules under this attribute are often incomplete and needing
# very specific requirements that is 99% going to be absent from the
# outside so we're not going to export it.
"tasks"
# Profiles are often specific to this project so there's not much point
# in exporting these.
"profiles"
];
in
lib.filterAttrs (n: v: !lib.elem n blocklist) (lib.mapAttrsRecursive (_: path: import path) attrs);
# Profiles are often specific to this project so there's not much point
# in exporting these.
"profiles"
];
in
lib.filterAttrs (n: v: !lib.elem n blocklist) (lib.mapAttrsRecursive (_: path: import path) attrs);
}

10
modules/home-manager/programs/pop-launcher.nix
View File

@ -15,9 +15,11 @@ let
# Some plugins may be packaged ala-busybox with multiple plugins coming from
# the same binary. Similar reasons as to why we don't want to rewrite
# symlinks with the main package.
plugins = lib.map (p: p.overrideAttrs (prev: {
dontRewriteSymlinks = true;
})) cfg.plugins;
plugins = lib.map
(p: p.overrideAttrs (prev: {
dontRewriteSymlinks = true;
}))
cfg.plugins;
# Plugins and scripts are assumed to be packaged at
# `$out/share/pop-launcher`.
@ -57,7 +59,7 @@ in
List of packages containing Pop launcher plugins and scripts to be
installed as system-wide plugins.
'';
default = [];
default = [ ];
defaultText = "[]";
example = lib.literalExpression ''
with pkgs; [

141
modules/home-manager/services/archivebox.nix
View File

@ -40,7 +40,8 @@ let
};
};
};
in {
in
{
options.services.archivebox = {
enable = lib.mkEnableOption "Archivebox service";
@ -92,81 +93,89 @@ in {
};
};
config = let
pkgSet = [ pkgs.archivebox ] ++ (lib.optionals cfg.withDependencies
(with pkgs; [ chromium nodejs_latest wget curl youtube-dl ]));
in lib.mkIf cfg.enable {
assertions = [
(lib.hm.assertions.assertPlatform "services.archivebox" pkgs
lib.platforms.linux)
];
config =
let
pkgSet = [ pkgs.archivebox ] ++ (lib.optionals cfg.withDependencies
(with pkgs; [ chromium nodejs_latest wget curl youtube-dl ]));
in
lib.mkIf cfg.enable {
assertions = [
(lib.hm.assertions.assertPlatform "services.archivebox" pkgs
lib.platforms.linux)
];
home.packages = pkgSet;
home.packages = pkgSet;
systemd.user.services = lib.mkMerge [
(lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description =
"Archivebox archive group '${name}' for ${cfg.archivePath}";
After = "network.target";
Documentation = [ "https://docs.archivebox.io/" ];
};
systemd.user.services = lib.mkMerge [
(lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description =
"Archivebox archive group '${name}' for ${cfg.archivePath}";
After = "network.target";
Documentation = [ "https://docs.archivebox.io/" ];
};
Service = let
scriptName = "archivebox-job-${config.home.username}-${name}";
script = pkgs.writeShellApplication {
name = scriptName;
runtimeInputs = with pkgs;
[ ripgrep coreutils ] ++ pkgSet
++ [ config.programs.git.package ];
text = ''
echo "${lib.concatStringsSep "\n" value.links}" \
| archivebox add ${lib.concatStringsSep " " value.extraArgs}
'';
Service =
let
scriptName = "archivebox-job-${config.home.username}-${name}";
script = pkgs.writeShellApplication {
name = scriptName;
runtimeInputs = with pkgs;
[ ripgrep coreutils ] ++ pkgSet
++ [ config.programs.git.package ];
text = ''
echo "${lib.concatStringsSep "\n" value.links}" \
| archivebox add ${lib.concatStringsSep " " value.extraArgs}
'';
};
in
{
ExecStart = "${script}/bin/${scriptName}";
WorkingDirectory = cfg.archivePath;
};
})
cfg.jobs)
(lib.mkIf cfg.webserver.enable {
archivebox-server = {
Unit = {
Description = "Archivebox server for ${cfg.archivePath}";
After = "network.target";
Documentation = [ "https://docs.archivebox.io/" ];
};
in {
ExecStart = "${script}/bin/${scriptName}";
WorkingDirectory = cfg.archivePath;
};
}) cfg.jobs)
(lib.mkIf cfg.webserver.enable {
archivebox-server = {
Unit = {
Description = "Archivebox server for ${cfg.archivePath}";
After = "network.target";
Documentation = [ "https://docs.archivebox.io/" ];
};
Install.WantedBy = [ "graphical-session.target" ];
Install.WantedBy = [ "graphical-session.target" ];
Service = {
ExecStart = "${pkgs.archivebox}/bin/archivebox server localhost:${
Service = {
ExecStart = "${pkgs.archivebox}/bin/archivebox server localhost:${
toString cfg.webserver.port
}";
WorkingDirectory = cfg.archivePath;
Restart = "on-failure";
WorkingDirectory = cfg.archivePath;
Restart = "on-failure";
};
};
};
})
];
})
];
systemd.user.timers = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "Archivebox additions for ${cfg.archivePath}";
After = "network.target";
Documentation = [ "https://docs.archivebox.io/" ];
};
systemd.user.timers = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "Archivebox additions for ${cfg.archivePath}";
After = "network.target";
Documentation = [ "https://docs.archivebox.io/" ];
};
Timer = {
Persistent = true;
OnCalendar = value.startAt;
RandomizedDelaySec = 120;
};
Timer = {
Persistent = true;
OnCalendar = value.startAt;
RandomizedDelaySec = 120;
};
Install.WantedBy = [ "timers.target" ];
}) cfg.jobs;
};
Install.WantedBy = [ "timers.target" ];
})
cfg.jobs;
};
}

7
modules/home-manager/services/bleachbit.nix
View File

@ -47,7 +47,8 @@ let
"thunderbird.passwords"
"thunderbird.sessionjson"
];
in {
in
{
options.services.bleachbit = {
enable = lib.mkEnableOption "automated cleanup with Bleachbit";
startAt = lib.mkOption {
@ -81,7 +82,7 @@ in {
cleaners = lib.mkOption {
type = with lib.types; listOf str;
description = "List of cleaners to be used when cleaning.";
default = [];
default = [ ];
example = lib.literalExpression ''
[
"bash.history"
@ -111,7 +112,7 @@ in {
};
Service.ExecStart = ''
${cfg.package}/bin/bleachbit --clean ${lib.escapeShellArgs cleaners}
${cfg.package}/bin/bleachbit --clean ${lib.escapeShellArgs cleaners}
'';
};

87
modules/home-manager/services/gallery-dl.nix
View File

@ -8,7 +8,7 @@ let
settingsFormat = pkgs.formats.json { };
settingsFormatFile =
settingsFormat.generate "gallery-dl-service-config-${config.home.username}"
cfg.settings;
cfg.settings;
jobType = { name, config, options, ... }: {
options = {
@ -82,7 +82,8 @@ let
};
};
};
in {
in
{
options.services.gallery-dl = {
enable = lib.mkEnableOption "archiving services with gallery-dl";
@ -163,47 +164,53 @@ in {
config = lib.mkIf cfg.enable {
home.packages = [ cfg.package ];
systemd.user.services = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "gallery-dl archive job for group '${name}'";
After = [ "default.target" ];
Documentation = "man:gallery-dl(1)";
};
systemd.user.services = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "gallery-dl archive job for group '${name}'";
After = [ "default.target" ];
Documentation = "man:gallery-dl(1)";
};
Service.ExecStart = let
scriptName = "gallery-dl-service-${config.home.username}-${name}";
jobSpecificSettingsFile =
settingsFormat.generate "gallery-dl-service-job-${name}-settings"
value.settings;
archiveScript = pkgs.writeShellScriptBin scriptName ''
${cfg.package}/bin/gallery-dl ${
lib.escapeShellArgs cfg.extraArgs
} ${
lib.optionalString (cfg.settings != null)
"--config ${settingsFormatFile}"
} ${lib.escapeShellArgs value.extraArgs} ${
lib.optionalString (value.settings != null)
"--config ${jobSpecificSettingsFile}"
} --destination ${cfg.archivePath} ${lib.escapeShellArgs value.urls}
'';
in "${archiveScript}/bin/${scriptName}";
}) cfg.jobs;
Service.ExecStart =
let
scriptName = "gallery-dl-service-${config.home.username}-${name}";
jobSpecificSettingsFile =
settingsFormat.generate "gallery-dl-service-job-${name}-settings"
value.settings;
archiveScript = pkgs.writeShellScriptBin scriptName ''
${cfg.package}/bin/gallery-dl ${
lib.escapeShellArgs cfg.extraArgs
} ${
lib.optionalString (cfg.settings != null)
"--config ${settingsFormatFile}"
} ${lib.escapeShellArgs value.extraArgs} ${
lib.optionalString (value.settings != null)
"--config ${jobSpecificSettingsFile}"
} --destination ${cfg.archivePath} ${lib.escapeShellArgs value.urls}
'';
in
"${archiveScript}/bin/${scriptName}";
})
cfg.jobs;
systemd.user.timers = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "gallery-dl archive job for group '${name}'";
Documentation = "man:gallery-dl(1)";
};
systemd.user.timers = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "gallery-dl archive job for group '${name}'";
Documentation = "man:gallery-dl(1)";
};
Timer = {
OnCalendar = value.startAt;
Persistent = value.persistent;
RandomizedDelaySec = "2min";
};
Timer = {
OnCalendar = value.startAt;
Persistent = value.persistent;
RandomizedDelaySec = "2min";
};
Install.WantedBy = [ "timers.target" ];
}) cfg.jobs;
Install.WantedBy = [ "timers.target" ];
})
cfg.jobs;
};
}

26
modules/home-manager/services/plover.nix
View File

@ -5,24 +5,26 @@ let
toPloverINI = with lib;
generators.toINI {
mkKeyValue = generators.mkKeyValueDefault {
mkValueString = v:
if v == true then
"True"
else if v == false then
"False"
else
generators.mkValueStringDefault { } v;
} " = ";
mkKeyValue = generators.mkKeyValueDefault
{
mkValueString = v:
if v == true then
"True"
else if v == false then
"False"
else
generators.mkValueStringDefault { } v;
} " = ";
};
ploverIniFormat = { }: {
ploverIniFormat = {}: {
type = (pkgs.formats.ini { }).type;
generate = name: value: pkgs.writeText name (toPloverINI value);
};
settingsFormat = ploverIniFormat { };
in {
in
{
options.services.plover = {
enable = lib.mkEnableOption "Plover stenography engine service";
@ -74,7 +76,7 @@ in {
xdg.configFile."plover/plover.cfg".source =
settingsFormat.generate "plover-config-${config.home.username}"
cfg.settings;
cfg.settings;
systemd.user.services.plover = {
Unit = {

87
modules/home-manager/services/yt-dlp.nix
View File

@ -63,7 +63,8 @@ let
};
};
};
in {
in
{
options.services.yt-dlp = {
enable = lib.mkEnableOption "archiving service with yt-dlp";
@ -135,49 +136,55 @@ in {
};
config = lib.mkIf cfg.enable {
systemd.user.services = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "yt-dlp archive job for group '${name}'";
After = [ "default.target" ];
Documentation = "man:yt-dlp(1)";
};
systemd.user.services = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "yt-dlp archive job for group '${name}'";
After = [ "default.target" ];
Documentation = "man:yt-dlp(1)";
};
Service = {
ExecStartPre = ''
${pkgs.bash}/bin/bash -c "${pkgs.coreutils}/bin/mkdir -p ${
lib.escapeShellArg cfg.archivePath
}"
'';
ExecStart = let
scriptName =
"yt-dlp-archive-service-${config.home.username}-${name}";
jobLevelArgs = lib.escapeShellArgs value.extraArgs;
urls = lib.escapeShellArgs urls;
archiveScript = pkgs.writeShellScriptBin scriptName ''
${cfg.package}/bin/yt-dlp ${serviceLevelArgs} ${jobLevelArgs} \
${urls} --paths ${lib.escapeShellArg cfg.archivePath}
Service = {
ExecStartPre = ''
${pkgs.bash}/bin/bash -c "${pkgs.coreutils}/bin/mkdir -p ${
lib.escapeShellArg cfg.archivePath
}"
'';
in "${archiveScript}/bin/${scriptName}";
StandardOutput = "journal";
StandardError = "journal";
};
}) cfg.jobs;
ExecStart =
let
scriptName =
"yt-dlp-archive-service-${config.home.username}-${name}";
jobLevelArgs = lib.escapeShellArgs value.extraArgs;
urls = lib.escapeShellArgs urls;
archiveScript = pkgs.writeShellScriptBin scriptName ''
${cfg.package}/bin/yt-dlp ${serviceLevelArgs} ${jobLevelArgs} \
${urls} --paths ${lib.escapeShellArg cfg.archivePath}
'';
in
"${archiveScript}/bin/${scriptName}";
StandardOutput = "journal";
StandardError = "journal";
};
})
cfg.jobs;
systemd.user.timers = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "yt-dlp archive job for group '${name}'";
Documentation = "man:yt-dlp(1)";
};
systemd.user.timers = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
Unit = {
Description = "yt-dlp archive job for group '${name}'";
Documentation = "man:yt-dlp(1)";
};
Timer = {
OnCalendar = value.startAt;
RandomizedDelaySec = "2min";
Persistent = value.persistent;
};
Timer = {
OnCalendar = value.startAt;
RandomizedDelaySec = "2min";
Persistent = value.persistent;
};
Install.WantedBy = [ "timers.target" ];
}) cfg.jobs;
Install.WantedBy = [ "timers.target" ];
})
cfg.jobs;
};
}

18
modules/nixos/profiles/dev.nix
View File

@ -47,7 +47,7 @@ in {
# Also, this config is based from this tip.
# https://lists.reproducible-builds.org/pipermail/diffoscope/2016-April/000193.html
config.difftool."diffoscope".cmd = ''
"if [ $LOCAL = /dev/null ]; then diffoscope --new-file $REMOTE; else diffoscope $LOCAL $REMOTE; fi"
"if [ $LOCAL = /dev/null ]; then diffoscope --new-file $REMOTE; else diffoscope $LOCAL $REMOTE; fi"
'';
config.difftool."diffoscope-html".cmd = ''
@ -87,15 +87,15 @@ in {
moreutils # Less is more but more utilities, the merrier.
valgrind # Making sure your applications don't pee as much.
]
# Finally, a local environment for testing out GitHub workflows without
# embarassing yourself pushing a bunch of commits.
++ (lib.optional config.virtualisation.docker.enable pkgs.act)
# Finally, a local environment for testing out GitHub workflows without
# embarassing yourself pushing a bunch of commits.
++ (lib.optional config.virtualisation.docker.enable pkgs.act)
# Enable all of the gud things.
++ (lib.optionals config.programs.git.enable [
github-cli # Client for GitHub.
hut # And one for Sourcehut.
]);
# Enable all of the gud things.
++ (lib.optionals config.programs.git.enable [
github-cli # Client for GitHub.
hut # And one for Sourcehut.
]);
systemd.user.services.nix-upgrade-profile = {
description = ''

3
modules/nixos/profiles/filesystem.nix
View File

@ -2,7 +2,8 @@
let
cfg = config.profiles.filesystem;
in {
in
{
options.profiles.filesystem = {
archive.enable = lib.mkOption {
type = lib.types.bool;

3
modules/nixos/profiles/system.nix
View File

@ -217,7 +217,8 @@ in {
};
dates = "weekly";
flags = [
"--update-input" "nixpkgs"
"--update-input"
"nixpkgs"
"--commit-lock-file"
"--no-write-lock-file"
];

7
modules/nixos/programs/cardboard-wm.nix
View File

@ -6,7 +6,8 @@ let
cardboardPackage = cfg.package.overrideAttrs (super: rec {
passthru.providedSessions = [ "cardboard" ];
});
in {
in
{
options.programs.cardboard-wm = {
enable =
lib.mkEnableOption "Cardboard, a scrollable tiling Wayland compositor";
@ -23,13 +24,13 @@ in {
extraOptions = lib.mkOption {
type = with lib.types; listOf str;
default = [];
default = [ ];
description = "Command-line arguments to be passed to Cardboard.";
};
extraPackages = lib.mkOption {
type = with lib.types; listOf package;
default = [];
default = [ ];
description = ''
Extra packages to be installed with this program.
'';

3
modules/nixos/programs/kiwmi.nix
View File

@ -4,7 +4,8 @@ let
cfg = config.programs.kiwmi;
package = cfg.package.override { extraOptions = cfg.extraOptions; };
in {
in
{
options.programs.kiwmi = {
enable = lib.mkEnableOption "Kiwmi, a fully programmable Wayland compositor";
package = lib.mkOption {

10
modules/nixos/programs/pop-launcher.nix
View File

@ -14,9 +14,11 @@ let
# Some plugins may be packaged busybox-style with multiple plugins in one
# binary.
plugins = lib.lists.map (p: p.overrideAttrs (prev: {
dontRewriteSymlinks = true;
})) cfg.plugins;
plugins = lib.lists.map
(p: p.overrideAttrs (prev: {
dontRewriteSymlinks = true;
}))
cfg.plugins;
# Plugins and scripts are assumed to be packaged at
# `$out/share/pop-launcher`.
@ -58,7 +60,7 @@ in
List of packages containing Pop launcher plugins and scripts to be
installed as system-wide plugins.
'';
default = [];
default = [ ];
defaultText = "[]";
example = lib.literalExpression ''
with pkgs; [

3
modules/nixos/programs/wezterm.nix
View File

@ -2,7 +2,8 @@
let
cfg = config.programs.wezterm;
in {
in
{
options.programs.wezterm = {
enable = lib.mkEnableOption "Wezterm terminal emulator";
package = lib.mkOption {

165
modules/nixos/services/archivebox.nix
View File

@ -42,7 +42,8 @@ let
persistent = lib.mkEnableOption "service persistence for this job";
};
};
in {
in
{
options.services.archivebox = {
enable = lib.mkEnableOption "Archivebox service";
@ -96,87 +97,93 @@ in {
};
};
config = let
pkgSet = [ pkgs.archivebox ] ++ (lib.optionals cfg.withDependencies
(with pkgs; [ chromium nodejs_latest wget curl youtube-dl ]));
in lib.mkIf cfg.enable {
systemd.services = lib.mkMerge [
(lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
description =
"Archivebox archive group '${name}' for ${cfg.archivePath}";
after = [ "network.target" ];
documentation = [ "https://docs.archivebox.io/" ];
path = with pkgs;
[ ripgrep coreutils ] ++ pkgSet ++ [ config.programs.git.package ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
script = ''
echo "${lib.concatStringsSep "\n" value.urls}" \
| archivebox add ${lib.concatStringsSep " " value.extraArgs}
'';
serviceConfig = {
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
WorkingDirectory = cfg.archivePath;
};
}) cfg.jobs)
config =
let
pkgSet = [ pkgs.archivebox ] ++ (lib.optionals cfg.withDependencies
(with pkgs; [ chromium nodejs_latest wget curl youtube-dl ]));
in
lib.mkIf cfg.enable {
systemd.services = lib.mkMerge [
(lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
description =
"Archivebox archive group '${name}' for ${cfg.archivePath}";
after = [ "network.target" ];
documentation = [ "https://docs.archivebox.io/" ];
path = with pkgs;
[ ripgrep coreutils ] ++ pkgSet ++ [ config.programs.git.package ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
script = ''
echo "${lib.concatStringsSep "\n" value.urls}" \
| archivebox add ${lib.concatStringsSep " " value.extraArgs}
'';
serviceConfig = {
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
WorkingDirectory = cfg.archivePath;
};
})
cfg.jobs)
(lib.mkIf cfg.webserver.enable {
archivebox-server = {
description = "Archivebox server for ${cfg.archivePath}";
after = [ "network.target" ];
documentation = [ "https://docs.archivebox.io/" ];
wantedBy = [ "graphical-session.target" ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
serviceConfig = {
ExecStart = "${pkgs.archivebox}/bin/archivebox server localhost:${
(lib.mkIf cfg.webserver.enable {
archivebox-server = {
description = "Archivebox server for ${cfg.archivePath}";
after = [ "network.target" ];
documentation = [ "https://docs.archivebox.io/" ];
wantedBy = [ "graphical-session.target" ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
serviceConfig = {
ExecStart = "${pkgs.archivebox}/bin/archivebox server localhost:${
toString cfg.webserver.port
}";
Restart = "on-failure";
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
WorkingDirectory = cfg.archivePath;
Restart = "on-failure";
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
WorkingDirectory = cfg.archivePath;
};
};
};
})
];
})
];
systemd.timers = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
description =
"Archivebox archive group '${name}' for ${cfg.archivePath}";
after = [ "network.target" ];
documentation = [ "https://docs.archivebox.io/" ];
timerConfig = {
Persistent = value.persistent;
OnCalendar = value.startAt;
RandomizedDelaySec = 120;
};
wantedBy = [ "timers.target" ];
}) cfg.jobs;
};
systemd.timers = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
description =
"Archivebox archive group '${name}' for ${cfg.archivePath}";
after = [ "network.target" ];
documentation = [ "https://docs.archivebox.io/" ];
timerConfig = {
Persistent = value.persistent;
OnCalendar = value.startAt;
RandomizedDelaySec = 120;
};
wantedBy = [ "timers.target" ];
})
cfg.jobs;
};
}

123
modules/nixos/services/gallery-dl.nix
View File

@ -80,7 +80,8 @@ let
};
};
};
in {
in
{
options.services.gallery-dl = {
enable = lib.mkEnableOption "archiving services with gallery-dl";
@ -157,64 +158,70 @@ in {
};
config = lib.mkIf cfg.enable {
systemd.services = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
wantedBy = [ "multi-user.target" ];
description = "gallery-dl archive job for group '${name}'";
documentation = [ "man:gallery-dl(1)" ];
enable = true;
path = with pkgs; [ brotli coreutils ffmpeg cfg.package ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
systemd.services = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
wantedBy = [ "multi-user.target" ];
description = "gallery-dl archive job for group '${name}'";
documentation = [ "man:gallery-dl(1)" ];
enable = true;
path = with pkgs; [ brotli coreutils ffmpeg cfg.package ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
# Order matters here. We're letting service-level arguments and
# settings to be overridden with job-specific things as much as
# possible especially with the settings.
#
# Regarding to settings (`settings`) and extra arguments
# (`extraArgs`), the settings is the last applied argument with
# `--config` option. This means that it will cascade resultings
# settings from `extraArgs` if there's any related option that is
# given like another `--config` for example.
script = let
jobLevelSettingsFile =
settingsFormat.generate "gallery-dl-job-${name}-settings"
value.settings;
in ''
gallery-dl ${lib.escapeShellArgs cfg.extraArgs} ${
lib.optionalString (cfg.settings != null)
"--config ${settingsFormatFile}"
} ${lib.escapeShellArgs value.extraArgs} ${
lib.optionalString (value.settings != null)
"--config ${jobLevelSettingsFile}"
} --destination ${lib.escapeShellArg cfg.archivePath} ${
lib.escapeShellArgs value.urls
}
'';
startAt = value.startAt;
serviceConfig = {
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
};
}) cfg.jobs;
# Order matters here. We're letting service-level arguments and
# settings to be overridden with job-specific things as much as
# possible especially with the settings.
#
# Regarding to settings (`settings`) and extra arguments
# (`extraArgs`), the settings is the last applied argument with
# `--config` option. This means that it will cascade resultings
# settings from `extraArgs` if there's any related option that is
# given like another `--config` for example.
script =
let
jobLevelSettingsFile =
settingsFormat.generate "gallery-dl-job-${name}-settings"
value.settings;
in
''
gallery-dl ${lib.escapeShellArgs cfg.extraArgs} ${
lib.optionalString (cfg.settings != null)
"--config ${settingsFormatFile}"
} ${lib.escapeShellArgs value.extraArgs} ${
lib.optionalString (value.settings != null)
"--config ${jobLevelSettingsFile}"
} --destination ${lib.escapeShellArg cfg.archivePath} ${
lib.escapeShellArgs value.urls
}
'';
startAt = value.startAt;
serviceConfig = {
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
};
})
cfg.jobs;
systemd.timers = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
timerConfig = {
Persistent = value.persistent;
RandomizedDelaySec = "2min";
};
}) cfg.jobs;
systemd.timers = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
timerConfig = {
Persistent = value.persistent;
RandomizedDelaySec = "2min";
};
})
cfg.jobs;
};
}

90
modules/nixos/services/yt-dlp.nix
View File

@ -62,7 +62,8 @@ let
};
};
};
in {
in
{
options.services.yt-dlp = {
enable = lib.mkEnableOption "archiving service with yt-dlp";
@ -130,47 +131,52 @@ in {
# There's no need to go to the working directory since yt-dlp has the
# `--paths` flag.
config = lib.mkIf cfg.enable {
systemd.services = lib.mapAttrs' (name: value: let
jobLevelArgs = lib.escapeShellArgs value.extraArgs;
in
lib.nameValuePair (jobUnitName name) {
wantedBy = [ "multi-user.target" ];
description = "yt-dlp archive job for group '${name}'";
documentation = [ "man:yt-dlp(1)" ];
enable = true;
path = [ cfg.package pkgs.coreutils ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
script = ''
yt-dlp ${serviceLevelArgs} ${jobLevelArgs} \
${lib.escapeShellArgs value.urls} --paths ${lib.escapeShellArg cfg.archivePath}
'';
startAt = value.startAt;
serviceConfig = {
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
StandardOutput = "journal";
StandardError = "journal";
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
};
}) cfg.jobs;
systemd.services = lib.mapAttrs'
(name: value:
let
jobLevelArgs = lib.escapeShellArgs value.extraArgs;
in
lib.nameValuePair (jobUnitName name) {
wantedBy = [ "multi-user.target" ];
description = "yt-dlp archive job for group '${name}'";
documentation = [ "man:yt-dlp(1)" ];
enable = true;
path = [ cfg.package pkgs.coreutils ];
preStart = ''
mkdir -p ${lib.escapeShellArg cfg.archivePath}
'';
script = ''
yt-dlp ${serviceLevelArgs} ${jobLevelArgs} \
${lib.escapeShellArgs value.urls} --paths ${lib.escapeShellArg cfg.archivePath}
'';
startAt = value.startAt;
serviceConfig = {
LockPersonality = true;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateUsers = true;
PrivateDevices = true;
ProtectControlGroups = true;
ProtectClock = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
StandardOutput = "journal";
StandardError = "journal";
SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM";
};
})
cfg.jobs;
systemd.timers = lib.mapAttrs' (name: value:
lib.nameValuePair (jobUnitName name) {
timerConfig = {
Persistent = value.persistent;
RandomizedDelaySec = "2min";
};
}) cfg.jobs;
systemd.timers = lib.mapAttrs'
(name: value:
lib.nameValuePair (jobUnitName name) {
timerConfig = {
Persistent = value.persistent;
RandomizedDelaySec = "2min";
};
})
cfg.jobs;
};
}

6
modules/nixos/workflows/a-happy-gnome/default.nix
View File

@ -13,7 +13,7 @@ let
};
# We're combining all of the custom dconf database into a package to be installed.
dconfConfig = pkgs.runCommand "install-a-happy-gnome-dconf-keyfiles" {} ''
dconfConfig = pkgs.runCommand "install-a-happy-gnome-dconf-keyfiles" { } ''
install -Dm644 ${./config/dconf}/*.conf -t $out/etc/dconf/db/${name}-conf.d
install -Dm644 ${enabledExtensions} $out/etc/dconf/db/${name}-conf.d/90-enabled-extensions.conf
'';
@ -132,8 +132,8 @@ in
profiles.user = pkgs.writeTextFile {
name = "a-happy-gnome";
text = ''
user-db:user
system-db:${name}-conf
user-db:user
system-db:${name}-conf
'';
};
};

3
modules/nixos/workflows/knome/default.nix
View File

@ -2,7 +2,8 @@
let
cfg = config.workflows.workflows.knome;
in {
in
{
options.workflows.workflows.knome.enable = lib.mkEnableOption "KNOME, an attempt to bring as much GNOME to KDE Plasma";
config = lib.mkIf cfg.enable {

6
pkgs/software-heritage/default.nix
View File

@ -1,8 +1,10 @@
{ lib, callPackage, newScope, python3Packages, ... }:
lib.fix' (self: let
lib.fix' (self:
let
callPackage = newScope self;
in lib.recurseIntoAttrs {
in
lib.recurseIntoAttrs {
attrs-strict = callPackage ./attrs-strict.nix { inherit python3Packages; };
aiohttp-utils = callPackage ./aiohttp-utils.nix { inherit python3Packages; };

10
pkgs/tic-80/default.nix
View File

@ -73,11 +73,11 @@ stdenv.mkDerivation rec {
valgrind
sndio
] ++ lib.optional pulseaudioSupport libpulseaudio
++ lib.optional jackSupport jack2 ++ lib.optional esoundSupport espeak
++ lib.optionals (stdenv.isLinux && waylandSupport) [
wayland
libxkbcommon
];
++ lib.optional jackSupport jack2 ++ lib.optional esoundSupport espeak
++ lib.optionals (stdenv.isLinux && waylandSupport) [
wayland
libxkbcommon
];
# TODO: Replace SOKOL-built version with SDL.
cmakeFlags = [ "-DBUILD_PRO=ON" ];

2
templates/basic-overlay-flake/flake.nix
View File

@ -27,6 +27,6 @@
}) // {
overlays.default = final: prev: import ./pkgs { pkgs = prev; };
nixosModules = {};
nixosModules = { };
};
}

3
users/home-manager/foo-dogsquared/default.nix
View File

@ -24,7 +24,8 @@ let
musicDir = config.xdg.userDirs.music;
playlistsDir = "${musicDir}/playlists";
in {
in
{
home.packages = with pkgs; [
songrec
vscodium-fhs