diff options
-rw-r--r-- | jeschli/source.nix | 6 | ||||
-rw-r--r-- | krebs/3modules/os-release.nix | 6 | ||||
-rw-r--r-- | krebs/3modules/repo-sync.nix | 6 | ||||
-rw-r--r-- | krebs/5pkgs/simple/populate/default.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/simple/stockholm/default.nix | 2 | ||||
-rw-r--r-- | krebs/5pkgs/simple/urlwatch/default.nix | 4 | ||||
-rw-r--r-- | krebs/source.nix | 6 | ||||
-rw-r--r-- | lass/1systems/mors/config.nix | 2 | ||||
-rw-r--r-- | lass/2configs/baseX.nix | 8 | ||||
-rw-r--r-- | lass/2configs/exim-smarthost.nix | 10 | ||||
-rw-r--r-- | lass/2configs/mail.nix | 34 | ||||
-rw-r--r-- | lass/5pkgs/custom/xmonad-lass/default.nix (renamed from lass/5pkgs/xmonad-lass.nix) | 9 | ||||
-rw-r--r-- | lass/5pkgs/default.nix | 63 | ||||
-rw-r--r-- | lass/5pkgs/xephyrify/default.nix | 42 | ||||
-rw-r--r-- | lass/default.nix | 4 | ||||
-rw-r--r-- | lass/source.nix | 6 | ||||
-rw-r--r-- | lib/types.nix | 115 | ||||
-rw-r--r-- | makefu/2configs/deployment/owncloud.nix | 50 | ||||
-rw-r--r-- | makefu/source.nix | 6 | ||||
-rw-r--r-- | mv/source.nix | 6 | ||||
-rw-r--r-- | nin/source.nix | 6 | ||||
-rw-r--r-- | tv/2configs/gitrepos.nix | 3 | ||||
-rw-r--r-- | tv/source.nix | 6 |
23 files changed, 289 insertions, 115 deletions
diff --git a/jeschli/source.nix b/jeschli/source.nix index 382dd61bc..fe1de8fd1 100644 --- a/jeschli/source.nix +++ b/jeschli/source.nix @@ -4,6 +4,11 @@ host@{ name, secure ? false, override ? {} }: let then "buildbot" else "jeschli"; _file = <stockholm> + "/jeschli/1systems/${name}/source.nix"; + pkgs = import <nixpkgs> { + overlays = map import [ + <stockholm/krebs/5pkgs> + ]; + }; in evalSource (toString _file) [ { @@ -17,6 +22,7 @@ in jeschli = "${getEnv "HOME"}/secrets/${name}"; }; stockholm.file = toString <stockholm>; + stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; } override ] diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix index 0779feede..8f71a357f 100644 --- a/krebs/3modules/os-release.nix +++ b/krebs/3modules/os-release.nix @@ -5,7 +5,11 @@ let nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})"; nixos-pretty-name = "NixOS ${nixos-version}"; - stockholm-version-id = maybeEnv "STOCKHOLM_VERSION" "unknown"; + stockholm-version-id = let + eval = tryEval (removeSuffix "\n" (readFile <stockholm-version>)); + in + if eval.success then eval.value else "unknown"; + stockholm-version = "${stockholm-version-id}"; stockholm-pretty-name = "stockholm ${stockholm-version}"; diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index b2e3aa7c5..45d9d81c3 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -18,10 +18,10 @@ let type = types.attrsOf (types.submodule ({ config, ... }: { options = { origin = mkOption { - type = types.git-source; + type = types.source-types.git; }; mirror = mkOption { - type = types.git-source; + type = types.source-types.git; }; }; config = { @@ -31,7 +31,7 @@ let })); }; latest = mkOption { - type = types.nullOr types.git-source; + type = types.nullOr types.source-types.git; default = null; }; timerConfig = mkOption { diff --git a/krebs/5pkgs/simple/populate/default.nix b/krebs/5pkgs/simple/populate/default.nix index 62e3ab216..e35423b49 100644 --- a/krebs/5pkgs/simple/populate/default.nix +++ b/krebs/5pkgs/simple/populate/default.nix @@ -16,12 +16,12 @@ in stdenv.mkDerivation rec { name = "populate"; - version = "2.1.0"; + version = "2.3.0"; src = fetchgit { url = http://cgit.ni.krebsco.de/populate; rev = "refs/tags/v${version}"; - sha256 = "0cr50y6h6nps0qgpmi01h0z9wzpv2704y5zgx2salk1grkmvcfmh"; + sha256 = "05zr132k1s3a1cc879lvhb83hax7dbfmsbrnxmh7dxjcdg3yhxd7"; }; phases = [ diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 53c1ca5ba..4d15e7ac2 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -216,7 +216,6 @@ init.env = pkgs.writeText "init.env" /* sh */ '' export HOSTNAME="$(${pkgs.nettools}/bin/hostname)" - export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${cmds.get-version})}" export quiet export system @@ -251,7 +250,6 @@ "$target_user@$target_host" -p "$target_port" \ cd "$target_path/stockholm" \; \ NIX_PATH=$(${pkgs.quote}/bin/quote "$target_path") \ - STOCKHOLM_VERSION=$(${pkgs.quote}/bin/quote "$STOCKHOLM_VERSION") \ nix-shell --run "$(${pkgs.quote}/bin/quote " ${lib.concatStringsSep " " (lib.mapAttrsToList (name: opt: /* sh */ diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix index ebf872568..64f3ad1ac 100644 --- a/krebs/5pkgs/simple/urlwatch/default.nix +++ b/krebs/5pkgs/simple/urlwatch/default.nix @@ -2,13 +2,13 @@ python3Packages.buildPythonApplication rec { name = "urlwatch-${version}"; - version = "2.7"; + version = "2.8"; src = fetchFromGitHub { owner = "thp"; repo = "urlwatch"; rev = version; - sha256 = "0fx964z73yv08b1lpymmjsigf6929zx9ax5bp34rcf2c5gk11l5m"; + sha256 = "1nja7n6pc45azd3l1xyvav89855lvcgwabrvf34rps81dbl8cnl4"; }; propagatedBuildInputs = with python3Packages; [ diff --git a/krebs/source.nix b/krebs/source.nix index b22ef3574..7e0ea7e47 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -4,6 +4,11 @@ host@{ name, secure ? false, override ? {} }: let then "buildbot" else "krebs"; _file = <stockholm> + "/krebs/1systems/${name}/source.nix"; + pkgs = import <nixpkgs> { + overlays = map import [ + <stockholm/krebs/5pkgs> + ]; + }; in evalSource (toString _file) [ { @@ -16,6 +21,7 @@ in }; }; stockholm.file = toString <stockholm>; + stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; ref = "c5bc83b503dfb29eb27c1deb0268f15c1858e7ce"; # nixos-17.09 @ 2018-02-27 diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 6ca980155..cbb71ab24 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -182,7 +182,7 @@ with import <stockholm/lib>; echo 'secrets are crypted' >&2 exit 23 else - exec nix-shell -I stockholm="$PWD" --run 'deploy --diff --system="$SYSTEM"' + exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"' fi ''; predeploy = pkgs.writeDash "predeploy" '' diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 2b7a5c924..ed179ded6 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -2,6 +2,7 @@ with import <stockholm/lib>; let user = config.krebs.build.user; + xmonad-lass = pkgs.callPackage <stockholm/lass/5pkgs/custom/xmonad-lass> { inherit config; }; in { imports = [ ./mpv.nix @@ -84,7 +85,6 @@ in { powertop push rxvt_unicode_with-plugins - screengrab slock sxiv timewarrior @@ -99,6 +99,7 @@ in { zathura cabal2nix + xephyrify ]; fonts.fonts = with pkgs; [ @@ -129,7 +130,6 @@ in { }; systemd.user.services.xmonad = { - #wantedBy = [ "graphical-session.target" ]; environment = { DISPLAY = ":${toString config.services.xserver.display}"; RXVT_SOCKET = "%t/urxvtd-socket"; @@ -137,8 +137,8 @@ in { }; serviceConfig = { SyslogIdentifier = "xmonad"; - ExecStart = "${pkgs.xmonad-lass}/bin/xmonad"; - ExecStop = "${pkgs.xmonad-lass}/bin/xmonad --shutdown"; + ExecStart = "${xmonad-lass}/bin/xmonad"; + ExecStop = "${xmonad-lass}/bin/xmonad --shutdown"; }; restartIfChanged = false; }; diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 4335c7cab..ae652722a 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -11,7 +11,6 @@ with import <stockholm/lib>; primary_hostname = "lassul.us"; sender_domains = [ "lassul.us" - "aidsballs.de" ]; relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [ config.krebs.hosts.mors @@ -70,6 +69,15 @@ with import <stockholm/lib>; { from = "aws@lassul.us"; to = lass.mail; } { from = "reddit@lassul.us"; to = lass.mail; } { from = "banggood@lassul.us"; to = lass.mail; } + { from = "immoscout@lassul.us"; to = lass.mail; } + { from = "gmail@lassul.us"; to = lass.mail; } + { from = "amazon@lassul.us"; to = lass.mail; } + { from = "humblebundle@lassul.us"; to = lass.mail; } + { from = "meetup@lassul.us"; to = lass.mail; } + { from = "gebfrei@lassul.us"; to = lass.mail; } + { from = "github@lassul.us"; to = lass.mail; } + { from = "ovh@lassul.us"; to = lass.mail; } + { from = "hetzner@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index c6866c69d..03d39ef75 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -22,20 +22,45 @@ let mailboxes = { c-base = [ "to:c-base.org" ]; + coins = [ + "to:btce@lassul.us" + "to:coinbase@lassul.us" + "to:polo@lassul.us" + "to:bitwala@lassul.us" + "to:payeer@lassul.us" + "to:gatehub@lassul.us" + "to:bitfinex@lassul.us" + "to:binance@lassul.us" + "to:bitcoin.de@lassul.us" + "to:robinhood@lassul.us" + ]; dezentrale = [ "to:dezentrale.space" ]; - kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" ]; + dhl = [ "to:dhl@lassul.us" ]; + github = [ "to:github@lassul.us" ]; + gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ]; + kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ]; nix-devel = [ "to:nix-devel@googlegroups.com" ]; patreon = [ "to:patreon@lassul.us" ]; - security = [ "to:seclists.org" "to:security" "to:bugtraq" ]; + paypal = [ "to:paypal@lassul.us" ]; + ptl = [ "to:ptl@posttenebraslab.ch" ]; + retiolum = [ "to:lass@mors.r" ]; + security = [ "to:seclists.org" "to:bugtraq" "to:securityfocus@lassul.us" ]; shack = [ "to:shackspace.de" ]; + steam = [ "to:steam@lassul.us" ]; + tinc = [ "to:tinc@tinc-vpn.org" "to:tinc-devel@tinc-vpn.org" ]; wireguard = [ "to:wireguard@lists.zx2c4" ]; + zzz = [ "to:pizza@lassul.us" "to:spam@krebsco.de" ]; }; - tag-mails = pkgs.writeDashBin "nm-init-tag" '' + tag-new-mails = pkgs.writeDashBin "nm-tag-init" '' ${pkgs.notmuch}/bin/notmuch new ${concatMapStringsSep "\n" (i: ''${pkgs.notmuch}/bin/notmuch tag -inbox +${i.name} -- tag:inbox ${concatMapStringsSep " or " (f: "${f}") i.value}'') (mapAttrsToList nameValuePair mailboxes)} ''; + tag-old-mails = pkgs.writeDashBin "nm-tag-old" '' + ${concatMapStringsSep "\n" (i: ''${pkgs.notmuch}/bin/notmuch tag -inbox -archive +${i.name} -- ${concatMapStringsSep " or " (f: "${f}") i.value}'') (mapAttrsToList nameValuePair mailboxes)} + ''; + muttrc = pkgs.writeText "muttrc" '' # gpg source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc @@ -170,6 +195,7 @@ in { mutt pkgs.much pkgs.notmuch - tag-mails + tag-new-mails + tag-old-mails ]; } diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 59c95cff7..e658897da 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -143,12 +143,21 @@ myKeyMap = , ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show") + , ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" '' + export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin + exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" + ''}") + , ("M4-<F5>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 1") , ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10") , ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33") , ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100") , ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter") + + --, ("M4-w", screenWorkspace 0 >>= (windows . W.greedyView)) + --, ("M4-e", screenWorkspace 1 >>= (windows . W.greedyView)) + --, ("M4-r", screenWorkspace 2 >>= (windows . W.greedyView)) ] forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X () diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index a158cd3c6..28482eb91 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -1,40 +1,39 @@ -{ config, pkgs, ... }@args: +with import <stockholm/lib>; +self: super: let -{ - nixpkgs.config.packageOverrides = rec { - acronym = pkgs.callPackage ./acronym/default.nix {}; - dpass = pkgs.callPackage ./dpass {}; - firefoxPlugins = { - noscript = pkgs.callPackage ./firefoxPlugins/noscript.nix {}; - ublock = pkgs.callPackage ./firefoxPlugins/ublock.nix {}; - vimperator = pkgs.callPackage ./firefoxPlugins/vimperator.nix {}; - }; - init = pkgs.callPackage ./init/default.nix args; - logify = pkgs.callPackage ./logify/default.nix {}; - mk_sql_pair = pkgs.callPackage ./mk_sql_pair/default.nix {}; - mpv-poll = pkgs.callPackage ./mpv-poll/default.nix {}; - pop = pkgs.callPackage ./pop/default.nix {}; - q = pkgs.callPackage ./q {}; - rs = pkgs.callPackage ./rs/default.nix {}; - urban = pkgs.callPackage ./urban/default.nix {}; - xml2json = pkgs.callPackage ./xml2json/default.nix {}; - xmonad-lass = import ./xmonad-lass.nix { inherit config pkgs; }; - yt-next = pkgs.callPackage ./yt-next/default.nix {}; + # This callPackage will try to detect obsolete overrides. + callPackage = path: args: let + override = super.callPackage path args; + upstream = optionalAttrs (override ? "name") + (super.${(parseDrvName override.name).name} or {}); + in if upstream ? "name" && + override ? "name" && + compareVersions upstream.name override.name != -1 + then + trace + "Upstream `${upstream.name}' gets overridden by `${override.name}'." + override + else override; - bank = pkgs.writeDashBin "bank" '' + subdirsOf = path: + mapAttrs (name: _: path + "/${name}") + (filterAttrs (_: eq "directory") (readDir path)); + +in { + bank = self.writeDashBin "bank" '' tmp=$(mktemp) - ${pkgs.pass}/bin/pass show hledger > $tmp - ${pkgs.hledger}/bin/hledger --file=$tmp "$@" - ${pkgs.pass}/bin/pass show hledger | if ${pkgs.diffutils}/bin/diff $tmp -; then + ${self.pass}/bin/pass show hledger > $tmp + ${self.hledger}/bin/hledger --file=$tmp "$@" + ${self.pass}/bin/pass show hledger | if ${self.diffutils}/bin/diff $tmp -; then exit 0 else - ${pkgs.coreutils}/bin/cat $tmp | ${pkgs.pass}/bin/pass insert -m hledger + ${self.coreutils}/bin/cat $tmp | ${self.pass}/bin/pass insert -m hledger fi - ${pkgs.coreutils}/bin/rm $tmp - ''; - screengrab = pkgs.writeDashBin "screengrab" '' - resolution="$(${pkgs.xorg.xrandr}/bin/xrandr | ${pkgs.gnugrep}/bin/grep '*' | ${pkgs.gawk}/bin/awk '{print $1}')" - ${pkgs.ffmpeg}/bin/ffmpeg -f x11grab -r 25 -i :${toString config.services.xserver.display} -s $resolution -c:v huffyuv $1 + ${self.coreutils}/bin/rm $tmp ''; - }; + rtl8814au = callPackage ./custom/rtl8814au { kernel = self.linux; }; } + +// mapAttrs (_: flip callPackage {}) + (filterAttrs (_: dir: pathExists (dir + "/default.nix")) + (subdirsOf ./.)) diff --git a/lass/5pkgs/xephyrify/default.nix b/lass/5pkgs/xephyrify/default.nix new file mode 100644 index 000000000..8b18ea949 --- /dev/null +++ b/lass/5pkgs/xephyrify/default.nix @@ -0,0 +1,42 @@ +{ writeDashBin, writeHaskell, coreutils, xorg, virtualgl, ... }: + +let + + minimalXmonad = writeHaskell "minimalXmonad" { + executables.xmonad = { + extra-depends = [ + "containers" + "xmonad" + ]; + text = /* haskell */ '' + module Main where + import XMonad + import qualified Data.Map as Map + + main :: IO () + main = do + xmonad def + { workspaces = [ "1" ] + , layoutHook = myLayoutHook + , keys = myKeys + , normalBorderColor = "#000000" + , focusedBorderColor = "#000000" + } + + myLayoutHook = Full + myKeys _ = Map.fromList [] + ''; + }; + }; + +in writeDashBin "xephyrify" '' + NDISPLAY=:$(${coreutils}/bin/shuf -i 100-65536 -n 1) + echo "using DISPLAY $NDISPLAY" + ${xorg.xorgserver}/bin/Xephyr -br -ac -reset -terminate -resizeable $NDISPLAY & + XEPHYR_PID=$! + DISPLAY=$NDISPLAY ${minimalXmonad}/bin/xmonad & + XMONAD_PID=$! + DISPLAY=$NDISPLAY ${virtualgl}/bin/vglrun "$@" + kill $XMONAD_PID + kill $XEPHYR_PID +'' diff --git a/lass/default.nix b/lass/default.nix index b1c7c1be8..d077cc09f 100644 --- a/lass/default.nix +++ b/lass/default.nix @@ -1,9 +1,9 @@ -_: +{ pkgs, ... }: { imports = [ ../krebs ./2configs ./3modules - ./5pkgs ]; + nixpkgs.config.packageOverrides = import ./5pkgs pkgs; } diff --git a/lass/source.nix b/lass/source.nix index e3332c5de..1d840f38f 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -4,6 +4,11 @@ host@{ name, secure ? false, override ? {} }: let then "buildbot" else "lass"; _file = <stockholm> + "/lass/1systems/${name}/source.nix"; + pkgs = import <nixpkgs> { + overlays = map import [ + <stockholm/krebs/5pkgs> + ]; + }; in evalSource (toString _file) [ { @@ -17,6 +22,7 @@ in }; }; stockholm.file = toString <stockholm>; + stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; } override ] diff --git a/lib/types.nix b/lib/types.nix index b85794925..1cf2d96c9 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -2,7 +2,7 @@ let inherit (lib) - all any concatMapStringsSep concatStringsSep const filter flip + all any attrNames concatMapStringsSep concatStringsSep const filter flip genid hasSuffix head isInt isString length mergeOneOption mkOption mkOptionType optional optionalAttrs optionals range splitString stringLength substring test testString typeOf; @@ -231,90 +231,93 @@ rec { source = submodule ({ config, ... }: { options = { type = let - types = [ - "file" - "git" - "pass" - "symlink" - ]; + known-types = attrNames source-types; + type-candidates = filter (k: config.${k} != null) known-types; in mkOption { - type = enum types; - default = let - cands = filter (k: config.${k} != null) types; - in - if length cands == 1 - then head cands - else throw "cannot determine type"; - }; - file = let - file-path = (file-source.getSubOptions "FIXME").path.type; - in mkOption { - type = nullOr (either file-source file-path); - default = null; + default = if length type-candidates == 1 + then head type-candidates + else throw "cannot determine type"; + type = enum known-types; + }; + file = mkOption { apply = x: - if file-path.check x + if absolute-pathname.check x then { path = x; } else x; + default = null; + type = nullOr (either absolute-pathname source-types.file); }; git = mkOption { - type = nullOr git-source; default = null; + type = nullOr source-types.git; }; pass = mkOption { - type = nullOr pass-source; default = null; + type = nullOr source-types.pass; }; - symlink = let - symlink-target = (symlink-source.getSubOptions "FIXME").target.type; - in mkOption { - type = nullOr (either symlink-source symlink-target); + pipe = mkOption { + apply = x: + if absolute-pathname.check x + then { command = x; } + else x; + default = null; + type = nullOr (either absolute-pathname source-types.pipe); + }; + symlink = mkOption { + type = nullOr (either pathname source-types.symlink); default = null; apply = x: - if symlink-target.check x + if pathname.check x then { target = x; } else x; }; }; }); - file-source = submodule { - options = { - path = mkOption { - type = absolute-pathname; + source-types = { + file = submodule { + options = { + path = mkOption { + type = absolute-pathname; + }; }; }; - }; - - git-source = submodule { - options = { - ref = mkOption { - type = str; # TODO types.git.ref - }; - url = mkOption { - type = str; # TODO types.git.url + git = submodule { + options = { + ref = mkOption { + type = str; # TODO types.git.ref + }; + url = mkOption { + type = str; # TODO types.git.url + }; }; }; - }; - - pass-source = submodule { - options = { - dir = mkOption { - type = absolute-pathname; + pass = submodule { + options = { + dir = mkOption { + type = absolute-pathname; + }; + name = mkOption { + type = pathname; # TODO relative-pathname + }; }; - name = mkOption { - type = pathname; # TODO relative-pathname + }; + pipe = submodule { + options = { + command = mkOption { + type = absolute-pathname; + }; }; }; - }; - - symlink-source = submodule { - options = { - target = mkOption { - type = pathname; # TODO relative-pathname + symlink = submodule { + options = { + target = mkOption { + type = pathname; # TODO relative-pathname + }; }; }; - }; + }; suffixed-str = suffs: mkOptionType { diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index 3a9d57dbb..e9d4b18e0 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -1,6 +1,18 @@ { lib, pkgs, config, ... }: with lib; +# imperative in config.php: +# #local memcache: +# 'memcache.local' => '\\OC\\Memcache\\APCu', +# #local locking: +# 'memcache.locking' => '\\OC\\Memcache\\Redis', +# 'redis' => +# array ( +# 'host' => 'localhost', +# 'port' => 6379, +# ), + + let # TODO: copy-paste from lass/2/websites/util.nix serveCloud = domains: @@ -124,20 +136,48 @@ let env[PATH] = ${lib.makeBinPath [ pkgs.php ]} catch_workers_output = yes ''; + services.phpfpm.phpOptions = '' + opcache.enable=1 + opcache.enable_cli=1 + opcache.interned_strings_buffer=8 + opcache.max_accelerated_files=10000 + opcache.memory_consumption=128 + opcache.save_comments=1 + opcache.revalidate_freq=1 + + display_errors = on + display_startup_errors = on + always_populate_raw_post_data = -1 + error_reporting = E_ALL | E_STRICT + html_errors = On + date.timezone = "Europe/Berlin" + # extension=${pkgs.phpPackages.memcached}/lib/php/extensions/memcached.so + extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so + extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so + ''; }; in { imports = [ ( serveCloud [ "o.euer.krebsco.de" ] ) ]; - services.mysql = { # TODO: currently nextcloud uses sqlite + services.redis.enable = true; + services.mysql = { enable = false; package = pkgs.mariadb; rootPassword = config.krebs.secret.files.mysql_rootPassword.path; - }; - services.mysqlBackup = { - enable = false; - databases = [ "nextcloud" ]; + initialDatabases = [ + # Or use writeText instead of literalExample? + #{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; } + { + name = "nextcloud"; + schema = pkgs.writeText "nextcloud.sql" + '' + create user if not exists 'nextcloud'@'localhost' identified by 'password'; + grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password'; + ''; + } + ]; }; # dataDir is only defined after mysql is enabled # krebs.secret.files.mysql_rootPassword = { diff --git a/makefu/source.nix b/makefu/source.nix index 708f0d20c..79a2c535f 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,6 +13,11 @@ let then "buildbot" else "makefu"; _file = <stockholm> + "/makefu/1systems/${name}/source.nix"; + pkgs = import <nixpkgs> { + overlays = map import [ + <stockholm/krebs/5pkgs> + ]; + }; # TODO: automate updating of this ref + cherry-picks ref = "51810e0"; # nixos-17.09 @ 2018-02-14 # + do_sqlite3 ruby: 55a952be5b5 @@ -42,6 +47,7 @@ in }; stockholm.file = toString <stockholm>; + stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; } (mkIf ( musnix ) { musnix.git = { diff --git a/mv/source.nix b/mv/source.nix index 5f6b2fe36..1a7b83961 100644 --- a/mv/source.nix +++ b/mv/source.nix @@ -4,6 +4,11 @@ host@{ name, override ? {} }: let then "buildbot" else "mv"; _file = <stockholm> + "/mv/1systems/${name}/source.nix"; + pkgs = import <nixpkgs> { + overlays = map import [ + <stockholm/krebs/5pkgs> + ]; + }; in evalSource (toString _file) [ { @@ -18,6 +23,7 @@ in mv = "/home/mv/secrets/${name}"; }; stockholm.file = toString <stockholm>; + stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; } override ] diff --git a/nin/source.nix b/nin/source.nix index ce1879357..9fb2cb390 100644 --- a/nin/source.nix +++ b/nin/source.nix @@ -4,6 +4,11 @@ host@{ name, secure ? false }: let then "buildbot" else "nin"; _file = <stockholm> + "/nin/1systems/${name}/source.nix"; + pkgs = import <nixpkgs> { + overlays = map import [ + <stockholm/krebs/5pkgs> + ]; + }; in evalSource (toString _file) { nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix"; @@ -12,5 +17,6 @@ in nin = "/home/nin/secrets/${name}"; }; stockholm.file = toString <stockholm>; + stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; nixpkgs = (import <stockholm/krebs/source.nix> host).nixpkgs; } diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index dc50be4f1..c3418e7ee 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -42,6 +42,9 @@ let { kirk = { cgit.desc = "IRC tools"; }; + kops = { + cgit.desc = "deployment tools"; + }; load-env = {}; loldns = { cgit.desc = "toy DNS server"; diff --git a/tv/source.nix b/tv/source.nix index b5e3f7cd7..e5e5e0413 100644 --- a/tv/source.nix +++ b/tv/source.nix @@ -6,6 +6,11 @@ with import <stockholm/lib>; }@host: let builder = if dummy_secrets then "buildbot" else "tv"; _file = <stockholm> + "/tv/1systems/${name}/source.nix"; + pkgs = import <nixpkgs |