From e174ef53caafbcee1e8a2ee83d6195f97afb9388 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Jun 2023 12:50:53 +0200 Subject: flake: init --- krebs/0tests/data/secrets/radicale.id_ed25519 | 0 krebs/1systems/arcadeomat/config.nix | 14 +++---- krebs/1systems/filebitch/config.nix | 20 ++++----- krebs/1systems/hotdog/config.nix | 28 ++++++------- krebs/1systems/news/config.nix | 12 +++--- krebs/2configs/backup.nix | 2 +- krebs/2configs/buildbot-stockholm.nix | 4 +- krebs/2configs/cal.nix | 7 ++-- krebs/2configs/default.nix | 2 +- krebs/2configs/exim-smarthost.nix | 5 ++- krebs/2configs/go.nix | 1 - krebs/2configs/hw/x220.nix | 1 - krebs/2configs/reaktor2.nix | 44 ++++++++++---------- krebs/2configs/repo-sync.nix | 3 +- krebs/2configs/secret-passwords.nix | 3 +- krebs/2configs/shack/drivedroid.nix | 4 +- krebs/2configs/shack/mqtt_sub.nix | 2 +- krebs/2configs/shack/muell_caller.nix | 2 +- krebs/2configs/shack/nix-cacher.nix | 2 +- krebs/2configs/shack/radioactive.nix | 2 +- krebs/2configs/shack/worlddomination.nix | 2 +- krebs/2configs/stats/shack-debugging.nix | 2 +- krebs/2configs/syncthing.nix | 4 +- krebs/2configs/wiki.nix | 8 ++-- krebs/3modules/airdcpp.nix | 7 ++-- krebs/3modules/announce-activation.nix | 47 +++++++++++----------- krebs/3modules/apt-cacher-ng.nix | 2 +- krebs/3modules/backup.nix | 2 +- krebs/3modules/bepasty-server.nix | 2 +- krebs/3modules/bindfs.nix | 4 +- krebs/3modules/brockman.nix | 7 ++-- krebs/3modules/build.nix | 4 +- krebs/3modules/ci/default.nix | 7 ++-- krebs/3modules/current.nix | 2 +- krebs/3modules/default.nix | 3 +- krebs/3modules/dns.nix | 6 +-- krebs/3modules/exim-retiolum.nix | 4 +- krebs/3modules/exim-smarthost.nix | 2 +- krebs/3modules/exim.nix | 2 +- krebs/3modules/fetchWallpaper.nix | 2 +- krebs/3modules/git.nix | 8 ++-- krebs/3modules/github/hosts-sync.nix | 2 +- krebs/3modules/go.nix | 2 +- krebs/3modules/hidden-ssh.nix | 2 +- krebs/3modules/hosts.nix | 14 ++++--- krebs/3modules/htgen.nix | 2 +- krebs/3modules/iana-etc.nix | 4 +- krebs/3modules/iptables.nix | 2 +- krebs/3modules/kapacitor.nix | 2 +- krebs/3modules/konsens.nix | 5 +-- krebs/3modules/krebs-pages.nix | 5 +-- krebs/3modules/monit.nix | 2 +- krebs/3modules/nixpkgs.nix | 2 +- krebs/3modules/on-failure.nix | 2 +- krebs/3modules/os-release.nix | 6 +-- krebs/3modules/per-user.nix | 4 +- krebs/3modules/permown.nix | 4 +- krebs/3modules/reaktor2.nix | 4 +- krebs/3modules/realwallpaper.nix | 2 +- krebs/3modules/repo-sync.nix | 2 +- krebs/3modules/retiolum-bootstrap.nix | 4 +- krebs/3modules/secret.nix | 6 +-- krebs/3modules/setuid.nix | 5 ++- krebs/3modules/shadow.nix | 7 ++-- krebs/3modules/sitemap.nix | 5 +-- krebs/3modules/sync-containers.nix | 5 ++- krebs/3modules/sync-containers3.nix | 2 +- krebs/3modules/systemd.nix | 15 +++---- krebs/3modules/tinc.nix | 4 +- krebs/3modules/tinc_graphs.nix | 2 +- krebs/3modules/upstream/default.nix | 5 ++- krebs/3modules/upstream/desktop-managers/coma.nix | 5 ++- krebs/3modules/upstream/desktop-managers/none.nix | 6 +-- .../3modules/upstream/window-managers/default.nix | 4 +- krebs/3modules/urlwatch.nix | 2 +- krebs/3modules/users.nix | 6 +-- krebs/3modules/zones.nix | 4 +- krebs/5pkgs/default.nix | 9 +++-- krebs/5pkgs/simple/reaktor2-plugins.nix | 16 ++++---- krebs/default.nix | 4 +- 80 files changed, 239 insertions(+), 230 deletions(-) create mode 100644 krebs/0tests/data/secrets/radicale.id_ed25519 (limited to 'krebs') diff --git a/krebs/0tests/data/secrets/radicale.id_ed25519 b/krebs/0tests/data/secrets/radicale.id_ed25519 new file mode 100644 index 00000000..e69de29b diff --git a/krebs/1systems/arcadeomat/config.nix b/krebs/1systems/arcadeomat/config.nix index cdeaae18..7439e687 100644 --- a/krebs/1systems/arcadeomat/config.nix +++ b/krebs/1systems/arcadeomat/config.nix @@ -9,15 +9,15 @@ in { imports = [ ./hw.nix - - + ../../../krebs + ../../../krebs/2configs - # - # + #../../../krebs/2configs/binary-cache/nixos.nix + #../../../krebs/2configs/binary-cache/prism.nix - - - + ../../../krebs/2configs/shack/ssh-keys.nix + ../../../krebs/2configs/save-diskspace.nix + ../../../krebs/2configs/shack/prometheus/node.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix index e27d036c..1514d37a 100644 --- a/krebs/1systems/filebitch/config.nix +++ b/krebs/1systems/filebitch/config.nix @@ -5,16 +5,16 @@ in { imports = [ ./hardware-configuration.nix - - - # + ../../../krebs + ../../../krebs/2configs + # ../../../krebs/2configs/secret-passwords.nix - # - # - - + # ../../../krebs/2configs/binary-cache/nixos.nix + # ../../../krebs/2configs/binary-cache/prism.nix + ../../../krebs/2configs/shack/ssh-keys.nix + ../../../krebs/2configs/shack/prometheus/node.nix # provides access to /home/share for smbuser via smb - + ../../../krebs/2configs/shack/share.nix { fileSystems."/home/share" = { device = "/serve"; @@ -23,8 +23,8 @@ in } ## Collect local statistics via collectd and send to collectd - # - # + # ../../../krebs/2configs/stats/shack-client.nix + # ../../../krebs/2configs/stats/shack-debugging.nix ]; krebs.build.host = config.krebs.hosts.filebitch; diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 68355608..e5cfad56 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -2,23 +2,23 @@ { imports = [ - - + ../../../krebs + ../../../krebs/2configs - - - - - - - - + ../../../krebs/2configs/buildbot-stockholm.nix + ../../../krebs/2configs/binary-cache/nixos.nix + ../../../krebs/2configs/ircd.nix + ../../../krebs/2configs/reaktor2.nix + ../../../krebs/2configs/wiki.nix + ../../../krebs/2configs/acme.nix + ../../../krebs/2configs/mud.nix + ../../../krebs/2configs/repo-sync.nix - - + ../../../krebs/2configs/cal.nix + ../../../krebs/2configs/mastodon.nix - ## shackie irc bot - + ## (shackie irc bot + ../../../krebs/2configs/shack/reaktor.nix ]; krebs.build.host = config.krebs.hosts.hotdog; diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix index b27fc373..b5a2b21b 100644 --- a/krebs/1systems/news/config.nix +++ b/krebs/1systems/news/config.nix @@ -2,15 +2,15 @@ { imports = [ - - + ../../../krebs + ../../../krebs/2configs - - + ../../../krebs/2configs/ircd.nix + ../../../krebs/2configs/go.nix #### NEWS #### - - + ../../../krebs/2configs/ircd.nix + ../../../krebs/2configs/news.nix ]; krebs.build.host = config.krebs.hosts.news; diff --git a/krebs/2configs/backup.nix b/krebs/2configs/backup.nix index 7ee43878..83dbf66f 100644 --- a/krebs/2configs/backup.nix +++ b/krebs/2configs/backup.nix @@ -1,5 +1,5 @@ { config, lib, ... }: -with import ; +with lib; { krebs.backup.plans = { } // mapAttrs (_: recursiveUpdate { diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index f0b6c324..32452e01 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -1,5 +1,5 @@ -{ config, ... }: with import ; - +{ config, lib, ... }: +with import ../../lib/pure.nix { inherit lib; }; { networking.firewall.allowedTCPPorts = [ 80 ]; services.nginx = { diff --git a/krebs/2configs/cal.nix b/krebs/2configs/cal.nix index 15f0027b..a1fe47b5 100644 --- a/krebs/2configs/cal.nix +++ b/krebs/2configs/cal.nix @@ -1,4 +1,5 @@ { config, lib, pkgs, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; setupGit = '' export PATH=${lib.makeBinPath [ @@ -23,13 +24,13 @@ git add .gitignore ''; - pushCal = pkgs.writeDash "push_cal" '' + pushCal = pkgs.writers.writeDash "push_cal" '' ${setupGit} git fetch origin git merge --ff-only origin/master || : ''; - pushCgit = pkgs.writeDash "push_cgit" '' + pushCgit = pkgs.writers.writeDash "push_cgit" '' ${setupGit} git push origin master ''; @@ -73,7 +74,7 @@ in { cgit.settings = { root-title = "krebs repos"; }; - rules = with pkgs.stockholm.lib.git; [ + rules = with slib.git; [ { user = [ { diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index eda03cc1..bd4f36cb 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; { imports = [ ./backup.nix diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix index 01597f49..c2f6b4dc 100644 --- a/krebs/2configs/exim-smarthost.nix +++ b/krebs/2configs/exim-smarthost.nix @@ -1,5 +1,6 @@ -with import ; -{ config, ... }: let +{ config, lib, ... }: +with import ../../lib/pure.nix { inherit lib; }; +let format = from: to: { inherit from; diff --git a/krebs/2configs/go.nix b/krebs/2configs/go.nix index ce5db62d..ea3258b9 100644 --- a/krebs/2configs/go.nix +++ b/krebs/2configs/go.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with import ; { krebs.go = { enable = true; diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix index bb273652..980c2c9a 100644 --- a/krebs/2configs/hw/x220.nix +++ b/krebs/2configs/hw/x220.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with import ; { networking.wireless.enable = lib.mkDefault true; diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 45ff61ba..231c3d46 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: +with import ../../lib/pure.nix { inherit lib; }; let #for shared state directory @@ -22,7 +22,7 @@ let # TODO; get state as argument state_file = "${stateDir}/ledger"; }; - filename = pkgs.writeDash "bedger-add" '' + filename = pkgs.writers.writeDash "bedger-add" '' set -x tonick=$1 amt=$2 @@ -42,7 +42,7 @@ let env = { state_file = "${stateDir}/ledger"; }; - filename = pkgs.writeDash "bedger-balance" '' + filename = pkgs.writers.writeDash "bedger-balance" '' ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \ | ${pkgs.coreutils}/bin/tail +2 \ | ${pkgs.miller}/bin/mlr --icsv --opprint cat \ @@ -57,7 +57,7 @@ let arguments = [1]; timeoutSec = 1337; command = { - filename = pkgs.writeDash "bing" '' + filename = pkgs.writers.writeDash "bing" '' set -efu report_error() { printf '%s' "$*" | @@ -97,7 +97,7 @@ let arguments = [1]; timeoutSec = 1337; command = { - filename = pkgs.writeDash "bing-img" '' + filename = pkgs.writers.writeDash "bing-img" '' set -efu report_error() { printf '%s' "$*" | @@ -142,7 +142,7 @@ let activate = "match"; arguments = [1]; command = { - filename = pkgs.writeDash "confuse" '' + filename = pkgs.writers.writeDash "confuse" '' set -efux export PATH=${makeBinPath [ @@ -164,7 +164,7 @@ let activate = "match"; arguments = [1]; command = { - filename = pkgs.writeDash "interrogate" '' + filename = pkgs.writers.writeDash "interrogate" '' set -efux export PATH=${makeBinPath [ @@ -181,7 +181,7 @@ let activate = "match"; arguments = [1]; command = { - filename = pkgs.writeDash "confuse" '' + filename = pkgs.writers.writeDash "confuse" '' set -efu export PATH=${makeBinPath [ pkgs.coreutils @@ -204,7 +204,7 @@ let activate = "match"; arguments = [1]; command = { - filename = pkgs.writeDash "say" '' + filename = pkgs.writers.writeDash "say" '' set -efu export PATH=${makeBinPath [ @@ -234,20 +234,20 @@ let arguments = [2]; env.TASKDATA = "${stateDir}/${name}"; commands = rec { - add.filename = pkgs.writeDash "${name}-task-add" '' + add.filename = pkgs.writers.writeDash "${name}-task-add" '' ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} add "$1" ''; - list.filename = pkgs.writeDash "${name}-task-list" '' + list.filename = pkgs.writers.writeDash "${name}-task-list" '' ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} export \ | ${pkgs.jq}/bin/jq -r ' .[] | select(.id != 0) | "\(.id) \(.description)" ' ''; - delete.filename = pkgs.writeDash "${name}-task-delete" '' + delete.filename = pkgs.writers.writeDash "${name}-task-delete" '' ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} delete "$1" ''; del = delete; - done.filename = pkgs.writeDash "${name}-task-done" '' + done.filename = pkgs.writers.writeDash "${name}-task-done" '' ${pkgs.taskwarrior}/bin/task rc:${taskRcFile} done "$1" ''; }; @@ -293,8 +293,7 @@ let { activate = "always"; command = { - filename = - ; + filename = ../5pkgs/simple/Reaktor/scripts/tell-on_join.sh; env = { PATH = makeBinPath [ pkgs.coreutils # XXX env, touch @@ -311,7 +310,7 @@ let pattern = "^list-locations"; activate = "match"; command = { - filename = pkgs.writeDash "list-locations" '' + filename = pkgs.writers.writeDash "list-locations" '' export PATH=${makeBinPath [ pkgs.curl pkgs.jq @@ -328,7 +327,7 @@ let activate = "match"; arguments = [1 2 3]; command = { - filename = pkgs.writeDash "add-location" '' + filename = pkgs.writers.writeDash "add-location" '' export PATH=${makeBinPath [ pkgs.curl pkgs.jq @@ -345,7 +344,7 @@ let activate = "match"; arguments = [1]; command = { - filename = pkgs.writeDash "add-location" '' + filename = pkgs.writers.writeDash "add-location" '' export PATH=${makeBinPath [ pkgs.curl pkgs.jq @@ -374,7 +373,7 @@ let sha256 = "sha256-J7jGWZeAULDA1EkO50qx+hjl+5IsUj389pUUMreKeNE="; }; osm-restaurants = pkgs.callPackage "${osm-restaurants-src}/osm-restaurants" {}; - in pkgs.writeDash "krebsfood" '' + in pkgs.writers.writeDash "krebsfood" '' set -efu export PATH=${makeBinPath [ osm-restaurants @@ -417,8 +416,7 @@ let (generators.command_hook { inherit (commands) dance random-emoji nixos-version; tell = { - filename = - ; + filename = ../5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh; env = { PATH = makeBinPath [ pkgs.coreutils # XXX date, env @@ -452,7 +450,7 @@ in { name = "reaktor2"; home = stateDir; }; - script = ''. ${pkgs.writeDash "agenda" '' + script = ''. ${pkgs.writers.writeDash "agenda" '' echo "$Method $Request_URI" >&2 case "$Method" in "GET") diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix index 9f129d81..1b72924a 100644 --- a/krebs/2configs/repo-sync.nix +++ b/krebs/2configs/repo-sync.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: - -with import ; +with import ../../lib/pure.nix { inherit lib; }; let konsens-user = { diff --git a/krebs/2configs/secret-passwords.nix b/krebs/2configs/secret-passwords.nix index 5d265eba..0f0d068a 100644 --- a/krebs/2configs/secret-passwords.nix +++ b/krebs/2configs/secret-passwords.nix @@ -1,4 +1,5 @@ -{ ... }: with import ; +{ lib, ... }: +with lib; { users.extraUsers = mapAttrs (_: h: { hashedPassword = h; }) diff --git a/krebs/2configs/shack/drivedroid.nix b/krebs/2configs/shack/drivedroid.nix index 12e4a39c..e00db8b8 100644 --- a/krebs/2configs/shack/drivedroid.nix +++ b/krebs/2configs/shack/drivedroid.nix @@ -1,5 +1,5 @@ -{ config, pkgs, ... }: -with import ; +{ config, lib, pkgs, ... }: +with import ../../../lib/pure.nix { inherit lib; }; let root = "/var/srv/drivedroid"; in diff --git a/krebs/2configs/shack/mqtt_sub.nix b/krebs/2configs/shack/mqtt_sub.nix index af2bc1e6..45065cfc 100644 --- a/krebs/2configs/shack/mqtt_sub.nix +++ b/krebs/2configs/shack/mqtt_sub.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let pkg = pkgs.stdenv.mkDerivation { name = "mqtt2graphite-2017-05-29"; diff --git a/krebs/2configs/shack/muell_caller.nix b/krebs/2configs/shack/muell_caller.nix index 33f6b8c8..f3007dd1 100644 --- a/krebs/2configs/shack/muell_caller.nix +++ b/krebs/2configs/shack/muell_caller.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let pkg = pkgs.stdenv.mkDerivation { name = "muell_caller-2017-06-01"; diff --git a/krebs/2configs/shack/nix-cacher.nix b/krebs/2configs/shack/nix-cacher.nix index 8feeca9a..131525a3 100644 --- a/krebs/2configs/shack/nix-cacher.nix +++ b/krebs/2configs/shack/nix-cacher.nix @@ -1,5 +1,5 @@ { config, pkgs, ... }: -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.apt-cacher-ng; in diff --git a/krebs/2configs/shack/radioactive.nix b/krebs/2configs/shack/radioactive.nix index 286a73aa..e2412103 100644 --- a/krebs/2configs/shack/radioactive.nix +++ b/krebs/2configs/shack/radioactive.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let pkg = pkgs.stdenv.mkDerivation { name = "radioactive-2017-06-01"; diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix index e339d317..b7a8f18d 100644 --- a/krebs/2configs/shack/worlddomination.nix +++ b/krebs/2configs/shack/worlddomination.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let pkg = pkgs.stdenv.mkDerivation { name = "worlddomination-2020-12-01"; diff --git a/krebs/2configs/stats/shack-debugging.nix b/krebs/2configs/stats/shack-debugging.nix index b5a0cf05..79730ada 100644 --- a/krebs/2configs/stats/shack-debugging.nix +++ b/krebs/2configs/stats/shack-debugging.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: # TODO: krebs.collectd.plugins -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let connect-time-cfg = with pkgs; writeText "collectd-connect-time.conf" '' LoadPlugin python diff --git a/krebs/2configs/syncthing.nix b/krebs/2configs/syncthing.nix index d6d42ca1..59178516 100644 --- a/krebs/2configs/syncthing.nix +++ b/krebs/2configs/syncthing.nix @@ -1,4 +1,6 @@ -{ options, config, pkgs, ... }: with import ; let +{ config, lib, options, pkgs, ... }: +with import ../../lib/pure.nix { inherit lib; }; +let mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; diff --git a/krebs/2configs/wiki.nix b/krebs/2configs/wiki.nix index 40d946f7..a227ceb4 100644 --- a/krebs/2configs/wiki.nix +++ b/krebs/2configs/wiki.nix @@ -1,5 +1,5 @@ -{ config, pkgs, ... }: -with import ; +{ config, lib, pkgs, ... }: +with import ../../lib/pure.nix { inherit lib; }; let setupGit = '' @@ -14,13 +14,13 @@ let fi ''; - pushGollum = pkgs.writeDash "push_gollum" '' + pushGollum = pkgs.writers.writeDash "push_gollum" '' ${setupGit} git fetch origin git merge --ff-only origin/master ''; - pushCgit = pkgs.writeDash "push_cgit" '' + pushCgit = pkgs.writers.writeDash "push_cgit" '' ${setupGit} git push origin master ''; diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index 259f613c..acd007cb 100644 --- a/krebs/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -1,6 +1,7 @@ { config, lib, pkgs, ... }: -with import ; #genid +with lib; let + slib = import ../../lib/pure.nix { inherit lib; }; cfg = config.krebs.airdcpp; out = { @@ -265,14 +266,14 @@ let }; users = lib.mkIf (cfg.user == "airdcpp") { users.airdcpp = { - uid = genid "airdcpp"; + uid = slib.genid "airdcpp"; home = cfg.stateDir; createHome = true; isSystemUser = true; group = "airdcpp"; inherit (cfg) extraGroups; }; - groups.airdcpp.gid = genid "airdcpp"; + groups.airdcpp.gid = slib.genid "airdcpp"; }; }; in diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix index a40ae8ce..fa0f1530 100644 --- a/krebs/3modules/announce-activation.nix +++ b/krebs/3modules/announce-activation.nix @@ -1,20 +1,21 @@ -with import ; -{ config, pkgs, ... }: let +{ config, pkgs, lib, ... }: +let + slib = import ../../lib/pure.nix { inherit lib; }; cfg = config.krebs.announce-activation; announce-activation = pkgs.writeDash "announce-activation" '' set -efu message=$(${cfg.get-message}) exec ${pkgs.irc-announce}/bin/irc-announce \ - ${shell.escape cfg.irc.server} \ - ${shell.escape (toString cfg.irc.port)} \ - ${shell.escape cfg.irc.nick} \ - ${shell.escape cfg.irc.channel} \ - ${escapeShellArg cfg.irc.tls} \ + ${slib.shell.escape cfg.irc.server} \ + ${slib.shell.escape (toString cfg.irc.port)} \ + ${slib.shell.escape cfg.irc.nick} \ + ${slib.shell.escape cfg.irc.channel} \ + ${lib.escapeShellArg cfg.irc.tls} \ "$message" ''; default-get-message = pkgs.writeDash "announce-activation-get-message" '' set -efu - PATH=${makeBinPath [ + PATH=${lib.makeBinPath [ pkgs.coreutils pkgs.gawk pkgs.gnused @@ -28,37 +29,37 @@ with import ; ''; in { options.krebs.announce-activation = { - enable = mkEnableOption "announce-activation"; - get-message = mkOption { + enable = lib.mkEnableOption "announce-activation"; + get-message = lib.mkOption { default = default-get-message; - type = types.package; + type = lib.types.package; }; irc = { # TODO rename channel to target? - channel = mkOption { + channel = lib.mkOption { default = "#xxx"; - type = types.str; # TODO types.irc-channel + type = lib.types.str; # TODO types.irc-channel }; - nick = mkOption { + nick = lib.mkOption { default = config.krebs.build.host.name; - type = types.label; + type = slib.types.label; }; - port = mkOption { + port = lib.mkOption { default = 6667; - type = types.int; + type = lib.types.int; }; - server = mkOption { + server = lib.mkOption { default = "irc.r"; - type = types.hostname; + type = slib.types.hostname; }; - tls = mkOption { + tls = lib.mkOption { default = false; - type = types.bool; + type = lib.types.bool; }; }; }; - config = mkIf cfg.enable { - system.activationScripts.announce-activation = stringAfter [ "etc" ] '' + config = lib.mkIf cfg.enable { + system.activationScripts.announce-activation = lib.stringAfter [ "etc" ] '' ${announce-activation} ''; }; diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix index f3c8ff0c..0efe9ed4 100644 --- a/krebs/3modules/apt-cacher-ng.nix +++ b/krebs/3modules/apt-cacher-ng.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with lib; let acng-config = pkgs.writeTextFile { name = "acng-configuration"; diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index c1d4d721..900be513 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let out = { options.krebs.backup = api; diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index c374aa9a..33c825a8 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with lib; let gunicorn = pkgs.python3Packages.gunicorn; bepasty = pkgs.bepasty; diff --git a/krebs/3modules/bindfs.nix b/krebs/3modules/bindfs.nix index 7e3730e8..60736710 100644 --- a/krebs/3modules/bindfs.nix +++ b/krebs/3modules/bindfs.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: +with lib; let cfg = config.krebs.bindfs; in { diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index 8427ca50..3f0dd086 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -1,6 +1,7 @@ -{ pkgs, config, ... }: -with import ; +{ pkgs, config, lib, ... }: +with lib; let + slib = import ../../lib/pure.nix { inherit lib; }; cfg = config.krebs.brockman; in { options.krebs.brockman = { @@ -14,7 +15,7 @@ in { group = "brockman"; createHome = true; isSystemUser = true; - uid = genid_uint31 "brockman"; + uid = slib.genid_uint31 "brockman"; }; users.groups.brockman = {}; diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index 5f961617..bf20cb09 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -1,6 +1,6 @@ -{ config, ... }: +{ config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; { options.krebs.build = { diff --git a/krebs/3modules/ci/default.nix b/krebs/3modules/ci/default.nix index 022da588..5035a11a 100644 --- a/krebs/3modules/ci/default.nix +++ b/krebs/3modules/ci/default.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: - -with import ; +with import ../../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.ci; @@ -25,7 +24,7 @@ let }; hostname = config.networking.hostName; - getJobs = pkgs.writeDash "get_jobs" '' + getJobs = pkgs.writers.writeDash "get_jobs" '' set -efu ${pkgs.nix}/bin/nix-build --no-out-link --quiet --show-trace -Q ./ci.nix >&2 json="$(${pkgs.nix}/bin/nix-instantiate --quiet -Q --eval --strict --json ./ci.nix)" @@ -116,7 +115,7 @@ let build_script = stages[stage], ), timeout = 3600, - command="${pkgs.writeDash "build.sh" '' + command="${pkgs.writers.writeDash "build.sh" '' set -xefu profile=${shell.escape profileRoot}/$build_name result=$("$build_script") diff --git a/krebs/3modules/current.nix b/krebs/3modules/current.nix index e97e5347..5c32203f 100644 --- a/krebs/3modules/current.nix +++ b/krebs/3modules/current.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with lib; let cfg = config.krebs.current; diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 6d763afe..4a127fbb 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -1,13 +1,12 @@ { config, lib, ... }: -with import ; +with lib; let cfg = config.krebs; out = { imports = [ ../../kartei - ../../submodules/disko/module.nix ./acl.nix ./airdcpp.nix ./announce-activation.nix diff --git a/krebs/3modules/dns.nix b/krebs/3modules/dns.nix index 8a74d306..a268b931 100644 --- a/krebs/3modules/dns.nix +++ b/krebs/3modules/dns.nix @@ -1,5 +1,5 @@ -with import ; -{ config, ... }: { +{ config, lib, pkgs, ... }: +with import ../../lib/pure.nix { inherit lib; }; { options = { krebs.dns.providers = mkOption { type = types.attrsOf types.str; @@ -8,7 +8,7 @@ with import ; type = types.nullOr types.hostname; }; }; - config = mkIf config.krebs.enable { + config = lib.mkIf config.krebs.enable { krebs.dns.providers = { "krebsco.de" = "zones"; shack = "hosts"; diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix index a16661c9..f78f1746 100644 --- a/krebs/3modules/exim-retiolum.nix +++ b/krebs/3modules/exim-retiolum.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, lib, ... }: let +{ config, pkgs, lib, ... }: +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.exim-retiolum; # Due to improvements to the JSON notation, braces around top-level objects diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 62f15027..7b3dace6 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.exim-smarthost; diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix index 0f0aa67f..917a8e5a 100644 --- a/krebs/3modules/exim.nix +++ b/krebs/3modules/exim.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with import ; let +{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.exim; in { options.krebs.exim = { diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index dc0133a6..79187adf 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.fetchWallpaper; diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 02c673e4..1ec216f6 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -6,14 +6,14 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.git; out = { options.krebs.git = api; - config = with lib; mkIf cfg.enable (mkMerge [ - (mkIf cfg.cgit.enable cgit-imp) + config = with lib; lib.mkIf cfg.enable (mkMerge [ + (lib.mkIf cfg.cgit.enable cgit-imp) git-imp ]); }; @@ -446,7 +446,7 @@ let ]; locations."/".extraConfig = '' include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_param SCRIPT_FILENAME ${pkgs.writeDash "cgit-wrapper" '' + fastcgi_param SCRIPT_FILENAME ${pkgs.writers.writeDash "cgit-wrapper" '' set -efu exec 3>&1 ${pkgs.cgit}/cgit/cgit.cgi "$@" 2>&1 >&3 3>&- \ diff --git a/krebs/3modules/github/hosts-sync.nix b/krebs/3modules/github/hosts-sync.nix index 71eed6c6..6f9aee0c 100644 --- a/krebs/3modules/github/hosts-sync.nix +++ b/krebs/3modules/github/hosts-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with lib; let cfg = config.krebs.github-hosts-sync; diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 80cd90e2..9dc8fe6d 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with lib; let cfg = config.krebs.go; diff --git a/krebs/3modules/hidden-ssh.nix b/krebs/3modules/hidden-ssh.nix index acbe717d..9ee4409e 100644 --- a/krebs/3modules/hidden-ssh.nix +++ b/krebs/3modules/hidden-ssh.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with lib; let cfg = config.krebs.hidden-ssh; diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix index bd1bb165..2333d0a8 100644 --- a/krebs/3modules/hosts.nix +++ b/krebs/3modules/hosts.nix @@ -1,17 +1,19 @@ -with import ; -{ config, ... }: let +{ config, lib, pkgs, ... }: +with lib; let check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains; - domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers); + domains = attrNames (filterAttrs (_: slib.eq "hosts") config.krebs.dns.providers); + # we need this import because we have infinite recursion otherwise + slib = import ../../lib/pure.nix { inherit lib; }; in { options = { krebs.hosts = mkOption { default = {}; - type = types.attrsOf types.host; + type = types.attrsOf slib.types.host; }; }; - config = mkIf config.krebs.enable { + config = lib.mkIf config.krebs.enable { networking.hosts = filterAttrs (_name: value: value != []) @@ -91,7 +93,7 @@ in { (concatLists (attrValues netAliases)); } // - genAttrs' (attrNames netAliases) (netname: rec { + slib.genAttrs' (attrNames netAliases) (netname: rec { name = "krebs-hosts-${netname}"; value = writeHosts name netAliases.${netname}; }); diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix index b760ea67..334a83cb 100644 --- a/krebs/3modules/htgen.nix +++ b/krebs/3modules/htgen.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let optionalAttr = name: value: if name != null then diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix index 9ed5f29c..3195f71d 100644 --- a/krebs/3modules/iana-etc.nix +++ b/krebs/3modules/iana-etc.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: +with lib; { options.krebs.iana-etc.services = mkOption { default = {}; diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 052dad9c..c1c5b68c 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with lib; let inherit (pkgs) writeText; diff --git a/krebs/3modules/kapacitor.nix b/krebs/3modules/kapacitor.nix index 2ec67c73..89d2e2c1 100644 --- a/krebs/3modules/kapacitor.nix +++ b/krebs/3modules/kapacitor.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: with builtins; -with import ; +with lib; let cfg = config.krebs.kapacitor; diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 81dbb33e..0463de53 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: - -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.konsens; @@ -68,7 +67,7 @@ let serviceConfig = { Type = "simple"; PermissionsStartOnly = true; - ExecStart = pkgs.writeDash "konsens-${name}" '' + ExecStart = pkgs.writers.writeDash "konsens-${name}" '' set -efu git config --global --replace-all safe.directory * if ! test -e ${name}; then diff --git a/krebs/3modules/krebs-pages.nix b/krebs/3modules/krebs-pages.nix index 6dd046a8..face9e3a 100644 --- a/krebs/3modules/krebs-pages.nix +++ b/krebs/3modules/krebs-pages.nix @@ -1,6 +1,5 @@ -{ config, modulesPath, pkgs, ... }: let +{ config, modulesPath, pkgs, lib, ... }: let cfg = config.krebs.pages; - lib = import ../../lib; extraTypes.nginx-vhost = lib.types.submodule ( lib.recursiveUpdate (import (modulesPath + "/services/web-servers/nginx/vhost-options.nix") @@ -11,7 +10,7 @@ in { options.krebs.pages = { enable = lib.mkEnableOption "krebs-pages"; domain = lib.mkOption { - type = lib.types.hostname; + type = pkgs.stockholm.lib.types.hostname; default = "krebsco.de"; }; nginx = lib.mkOption { diff --git a/krebs/3modules/monit.nix b/krebs/3modules/monit.nix index cc4a1b20..71731622 100644 --- a/krebs/3modules/monit.nix +++ b/krebs/3modules/monit.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: with builtins; -with import ; +with lib; let cfg = config.krebs.monit; diff --git a/krebs/3modules/nixpkgs.nix b/krebs/3modules/nixpkgs.nix index 796ee537..e560df51 100644 --- a/krebs/3modules/nixpkgs.nix +++ b/krebs/3modules/nixpkgs.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ; +with lib; let cfg = config.krebs.nixpkgs; diff --git a/krebs/3modules/on-failure.nix b/krebs/3modules/on-failure.nix index 4da303de..11d2b419 100644 --- a/krebs/3modules/on-failure.nix +++ b/krebs/3modules/on-failure.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with import ; let +{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let out = { options.krebs.on-failure = api; config = lib.mkIf cfg.enable imp; diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix index 5fbfe661..bfd35282 100644 --- a/krebs/3modules/os-release.nix +++ b/krebs/3modules/os-release.nix @@ -1,5 +1,5 @@ -{ config, ... }: -with import ; +{ config, lib, ... }: +with lib; let nixos-version-id = if (hasAttr "nixos" config.system) then "${config.system.nixos.version}" else "${config.system.nixosVersion}"; @@ -9,7 +9,7 @@ let nixos-pretty-name = "NixOS ${nixos-version}"; stockholm-version-id = let - eval = tryEval (removeSuffix "\n" (readFile )); + eval = builtins.tryEval (removeSuffix "\n" (readFile )); in if eval.success then eval.value else "unknown"; diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index 5beb859a..c0368ee8 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: let +{ config, pkgs, lib, ... }: +with lib; let cfg = config.krebs.per-user; in { options.krebs.per-user = mkOption { diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix index a4dd4038..3ebbc44f 100644 --- a/krebs/3modules/permown.nix +++ b/krebs/3modules/permown.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: +with lib; { options.krebs.permown = mkOption { default = {}; diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index 26aac5d5..978e0c9c 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: +with import ../../lib/pure.nix { inherit lib; }; { options.krebs.reaktor2 = mkOption { default = {}; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index f2b34e8c..a65a22b2 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.realwallpaper; diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 5b8a53be..a6de3f3f 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.repo-sync; diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix index faa3dd71..c9ea8a61 100644 --- a/krebs/3modules/retiolum-bootstrap.nix +++ b/krebs/3modules/retiolum-bootstrap.nix @@ -1,5 +1,5 @@ -{ config, pkgs, ... }: -with import ; +{ config, pkgs, lib, ... }: +with lib; let cfg = config.krebs.retiolum-bootstrap; in diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix index 0c5e1cdc..90c2f6a6 100644 --- a/krebs/3modules/secret.nix +++ b/krebs/3modules/secret.nix @@ -1,5 +1,5 @@ -with import ; -{ config, lib, pkgs, ... }: let +{ config, lib, pkgs, ... }: +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.secret; in { options.krebs.secret = { @@ -12,7 +12,7 @@ in { readOnly = true; }; files = mkOption { - type = with types; attrsOf secret-file; + type = with pkgs.stockholm.lib.types; attrsOf secret-file; default = {}; }; }; diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index e186478e..53fed0e3 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -1,5 +1,6 @@ -with import ; -{ config, pkgs, ... }: let +{ config, pkgs, lib, ... }: +with import ../../lib/pure.nix { inherit lib; }; +let out = { options.krebs.setuid = api; diff --git a/krebs/3modules/shadow.nix b/krebs/3modules/shadow.nix index f056cfd8..281b446b 100644 --- a/krebs/3modules/shadow.nix +++ b/krebs/3modules/shadow.nix @@ -1,5 +1,6 @@ -with import ; -{ config, pkgs, ... }: let +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.krebs.shadow; @@ -47,7 +48,7 @@ in { default = cfg.overridesFile != null; }; overridesFile = mkOption { - apply = x: if typeOf x == "path" then toString x else x; + apply = x: if builtins.typeOf x == "path" then toString x else x; default = null; description = '' Path to a file containing additional shadow entries, used for adding diff --git a/krebs/3modules/sitemap.nix b/krebs/3modules/sitemap.nix index ec2179db..906d556b 100644 --- a/krebs/3modules/sitemap.nix +++ b/krebs/3modules/sitemap.nix @@ -1,6 +1,5 @@ -let - lib = import ../../lib; -in { +{ lib, ... }: +{ options.krebs.sitemap = lib.mkOption { type = with lib.types; attrsOf sitemap.entry; default = {}; diff --git a/krebs/3modules/sync-containers.nix b/krebs/3modules/sync-containers.nix index 60ca993e..fe64657d 100644 --- a/krebs/3modules/sync-containers.nix +++ b/krebs/3modules/sync-containers.nix @@ -1,5 +1,6 @@ -with import ; -{ config, pkgs, ... }: let +{ config, pkgs, lib, ... }: +with lib; +let cfg = config.krebs.sync-containers; paths = cname: { plain = "/var/lib/containers/${cname}/var/state"; diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index ed147b30..c88dd591 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: let cfg = config.krebs.sync-containers3; - slib = pkgs.stockholm.lib; + slib = import ../../lib/pure.nix { inherit lib; }; in { options.krebs.sync-containers3 = { inContainer = { diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix index 3e524d3b..754b2567 100644 --- a/krebs/3modules/systemd.nix +++ b/krebs/3modules/systemd.nix @@ -1,5 +1,6 @@ -{ config, pkgs, ... }: let { - lib = import ../../lib; +{ config, pkgs, lib, ... }: let { + + slib = import ../../lib/pure.nix { inherit lib; }; body.options.krebs.systemd.services = lib.mkOption { default = {}; @@ -13,14 +14,14 @@ lib.sort lib.lessThan (lib.filter - lib.types.absolute-pathname.check + slib.types.absolute-pathname.check (map - (lib.compose [ lib.maybeHead (lib.match "[^:]*:(.*)") ]) + (slib.compose [ slib.maybeHead (builtins.match "[^:]*:(.*)") ]) (lib.toList cfg.serviceConfig.LoadCredential))); readOnly = true; }; credentialUnitName = lib.mkOption { - default = "trigger-${lib.systemd.encodeName serviceName}"; + default = "trigger-${slib.systemd.encodeName serviceName}"; readOnly = true; }; restartIfCredentialsChange = lib.mkOption { @@ -54,7 +55,7 @@ pkgs.systemd ]} - cache=/var/lib/credentials/${lib.shell.escape serviceName}.sha1sum + cache=/var/lib/credentials/${slib.shell.escape serviceName}.sha1sum tmpfile=$(mktemp -t "$(basename "$cache")".XXXXXXXX) trap 'rm -f "$tmpfile"' EXIT @@ -64,7 +65,7 @@ fi mv "$tmpfile" "$cache" - systemctl restart ${lib.shell.escape serviceName} + systemctl restart ${slib.shell.escape serviceName} ''; }; }; diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 437f3b63..2f9efad4 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: +with import ../../lib/pure.nix { inherit lib; }; { options.krebs.tinc = mkOption { default = {}; description = '' diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index 733db69c..dd132a2d 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.tinc_graphs; internal_dir = "${cfg.workingDir}/internal"; diff --git a/krebs/3modules/upstream/default.nix b/krebs/3modules/upstream/default.nix index ce7bd164..91de6bee 100644 --- a/krebs/3modules/upstream/default.nix +++ b/krebs/3modules/upstream/default.nix @@ -1,4 +1,5 @@ -with import ; +{ pkgs, lib, ... }: +with lib; { imports = @@ -6,5 +7,5 @@ with import ; (name: ./. + "/${name}") (filter (name: name != "default.nix" && !hasPrefix "." name) - (attrNames (readDir ./.))); + (attrNames (builtins.readDir ./.))); } diff --git a/krebs/3modules/upstream/desktop-managers/coma.nix b/krebs/3modules/upstream/desktop-managers/coma.nix index 95db7fb5..e12f4b98 100644 --- a/krebs/3modules/upstream/desktop-managers/coma.nix +++ b/krebs/3modules/upstream/desktop-managers/coma.nix @@ -1,5 +1,6 @@ -with import ; -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: +with lib; +{ options = { services.xserver.desktopManager.coma = { enable = mkEnableOption "sleep as a desktop manager"; diff --git a/krebs/3modules/upstream/desktop-managers/none.nix b/krebs/3modules/upstream/desktop-managers/none.nix index 892def98..77f7ad51 100644 --- a/krebs/3modules/upstream/desktop-managers/none.nix +++ b/krebs/3modules/upstream/desktop-managers/none.nix @@ -1,9 +1,9 @@ +{ lib, ... }: # Replace upstream none desktop-manager by a real none, that doesn't pull in # any dependencies. -with import ; { - disabledModules = singleton "services/x11/desktop-managers/none.nix"; - config.services.xserver.desktopManager.session = singleton { + disabledModules = lib.singleton "services/x11/desktop-managers/none.nix"; + config.services.xserver.desktopManager.session = lib.singleton { name = "none"; bgSupport = true; start = ""; diff --git a/krebs/3modules/upstream/window-managers/default.nix b/krebs/3modules/upstream/window-managers/default.nix index eecadca7..cdd82076 100644 --- a/krebs/3modules/upstream/window-managers/default.nix +++ b/krebs/3modules/upstream/window-managers/default.nix @@ -13,8 +13,8 @@ imports = [ ./xmonad.nix ]; nixpkgs.overlays = [(self: super: { writers = super.writers // { - writeHaskellBin = name: spec: with import ; - super.writers.writeHaskellBin name (removeAttrs spec ["ghcArgs"]); + writeHaskellBin = name: spec: + super.writers.writeHaskellBin name (builtins.removeAttrs spec ["ghcArgs"]); }; })]; } diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 113f6e65..b811b6fa 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -4,7 +4,7 @@ # TODO inform about unused caches # cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}" -with import ; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.urlwatch; diff --git a/krebs/3modules/users.nix b/krebs/3modules/users.nix index c1ad4b44..614e6ab4 100644 --- a/krebs/3modules/users.nix +++ b/krebs/3modules/users.nix @@ -1,8 +1,8 @@ -{ config, ... }: let - lib = import ../../lib; +{ config, lib, pkgs, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; in { options.krebs.users = lib.mkOption { - type = with lib.types; attrsOf user; + type = lib.types.attrsOf slib.types.user; }; config = lib.mkIf config.krebs.enable { krebs.users = { diff --git a/krebs/3modules/zones.nix b/krebs/3modules/zones.nix index 51ced6f9..7771d3b5 100644 --- a/krebs/3modules/zones.nix +++ b/krebs/3modules/zones.nix @@ -1,5 +1,5 @@ -with import ; -{ config, pkgs, ... }: { +{ config, pkgs, lib, ... }: +with lib; { config = { environment.etc = diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index f9ed6439..866796a4 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,8 +1,11 @@ -let - stockholm.lib = import ../../lib; +self: super: let + stockholm = { + lib = import ../../lib/pure.nix { lib = super.lib; }; + outPath = toString ../.; + }; in with stockholm.lib; -self: super: + fix (foldl' (flip extends) (self: super) ( [ (self: super: { inherit stockholm; }) diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix index 052e389a..651062b0 100644 --- a/krebs/5pkgs/simple/reaktor2-plugins.nix +++ b/krebs/5pkgs/simple/reaktor2-plugins.nix @@ -1,5 +1,5 @@ { lib, pkgs, stockholm, ... }: -with stockholm.lib; +with (builtins.trace (lib.attrNames stockholm) stockholm).lib; rec { generators = { @@ -15,27 +15,27 @@ rec { commands = { random-emoji = { - filename = ; + filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh"; env = { PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]); }; }; dance = { - filename = pkgs.writeDash "dance" '' + filename = pkgs.writers.writeDash "dance" '' ${pkgs.krebsdance}/bin/krebsdance --dance "$@"; ''; }; nixos-version = { - filename = pkgs.writeDash "nixos-version" '' + filename = pkgs.writers.writeDash "nixos-version" '' . /etc/os-release echo "$PRETTY_NAME" ''; }; stockholm-issue = { - filename = ; + filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh"; env = { PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]); origin = "http://cgit.gum/stockholm"; @@ -56,10 +56,10 @@ rec { PATH = makeBinPath (with pkgs; [ gnused ]); state_dir = "/tmp"; }; - filename = pkgs.writeDash "sed-plugin" '' + filename = pkgs.writers.writeDash "sed-plugin" '' set -efu exec ${pkgs.python3}/bin/python \ - ${} "$@" + ${stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py"} "$@" ''; }; }; @@ -68,7 +68,7 @@ rec { activate = "match"; pattern = "^(.*Shack.*)$"; arguments = [1]; - command.filename = ; + command.filename = stockholm.outPath + "/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh"; }; diff --git a/krebs/default.nix b/krebs/default.nix index 577cc269..8cfdae48 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -1,4 +1,4 @@ -{ +args: { imports = [ ./3modules @@ -6,7 +6,7 @@ nixpkgs = { overlays = [ - (import ../submodules/nix-writers/pkgs) + (import ((args.nix-writers or ../submodules/nix-writers) + "/pkgs")) (import ./5pkgs) ]; }; -- cgit v1.2.3