diff options
-rw-r--r-- | tv/1systems/mu/config.nix | 3 | ||||
-rw-r--r-- | tv/2configs/default.nix | 6 | ||||
-rw-r--r-- | tv/2configs/urlwatch.nix | 2 | ||||
-rw-r--r-- | tv/3modules/ejabberd/default.nix | 46 |
4 files changed, 40 insertions, 17 deletions
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix index 501200c1f..10d7b2197 100644 --- a/tv/1systems/mu/config.nix +++ b/tv/1systems/mu/config.nix @@ -52,9 +52,6 @@ with import <stockholm/lib>; networking.networkmanager.enable = true; environment.systemPackages = with pkgs; [ - (pkgs.kdeApplications.callPackage - (import <nixpkgs/pkgs/applications/kde/kde-locale-5.nix> "de" {}) - {}) chromium firefoxWrapper gimp diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 9ad0253a3..f418b9ff0 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -80,6 +80,12 @@ with import <stockholm/lib>; dmesg = "dmesg -L --reltime"; view = "vim -R"; + deploy = pkgs.writeDash "deploy" '' + set -eu + cd ~/stockholm + export SYSTEM="$1" + exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"' + ''; reload = "systemctl reload"; restart = "systemctl restart"; start = "systemctl start"; diff --git a/tv/2configs/urlwatch.nix b/tv/2configs/urlwatch.nix index 5779240ba..515f8996f 100644 --- a/tv/2configs/urlwatch.nix +++ b/tv/2configs/urlwatch.nix @@ -31,7 +31,7 @@ with import <stockholm/lib>; ## other - https://nixos.org/channels/nixos-17.03/git-revision + https://nixos.org/channels/nixos-17.09/git-revision https://nixos.org/channels/nixos-unstable/git-revision ## 2014-10-17 diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix index d7b8deb7e..e99b94ff9 100644 --- a/tv/3modules/ejabberd/default.nix +++ b/tv/3modules/ejabberd/default.nix @@ -34,18 +34,24 @@ in { hosts = mkOption { type = with types; listOf str; }; - pkgs.ejabberdctl = mkOption { + pkgs.ejabberd = mkOption { type = types.package; - default = pkgs.writeDashBin "ejabberdctl" '' - exec ${pkgs.ejabberd}/bin/ejabberdctl \ - --config ${toFile "ejabberd.yaml" (import ./config.nix { - inherit pkgs; - config = cfg; - })} \ - --logs ${shell.escape cfg.user.home} \ - --spool ${shell.escape cfg.user.home} \ - "$@" - ''; + default = pkgs.symlinkJoin { + name = "ejabberd-wrapper"; + paths = [ + (pkgs.writeDashBin "ejabberdctl" '' + exec ${pkgs.ejabberd}/bin/ejabberdctl \ + --config ${toFile "ejabberd.yaml" (import ./config.nix { + inherit pkgs; + config = cfg; + })} \ + --logs ${shell.escape cfg.user.home} \ + --spool ${shell.escape cfg.user.home} \ + "$@" + '') + pkgs.ejabberd + ]; + }; }; registration_watchers = mkOption { type = types.listOf types.str; @@ -66,7 +72,21 @@ in { }; }; config = lib.mkIf cfg.enable { - environment.systemPackages = [ cfg.pkgs.ejabberdctl ]; + environment.systemPackages = [ + (pkgs.symlinkJoin { + name = "ejabberd-sudo-wrapper"; + paths = [ + (pkgs.writeDashBin "ejabberdctl" '' + set -efu + cd ${shell.escape cfg.user.home} + exec /run/wrappers/bin/sudo \ + -u ${shell.escape cfg.user.name} \ + ${cfg.pkgs.ejabberd}/bin/ejabberdctl "$@" + '') + cfg.pkgs.ejabberd + ]; + }) + ]; krebs.secret.files = { ejabberd-certfile = cfg.certfile; @@ -79,7 +99,7 @@ in { after = [ "network.target" "secret.service" ]; serviceConfig = { ExecStartPre = "${gen-dhparam} ${cfg.dhfile.path}"; - ExecStart = "${cfg.pkgs.ejabberdctl}/bin/ejabberdctl foreground"; + ExecStart = "${cfg.pkgs.ejabberd}/bin/ejabberdctl foreground"; PermissionsStartOnly = true; SyslogIdentifier = "ejabberd"; User = cfg.user.name; |