diff options
Diffstat (limited to 'krebs')
22 files changed, 56 insertions, 1061 deletions
diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix index 254306ecb..44c14674e 100644 --- a/krebs/1systems/filebitch/config.nix +++ b/krebs/1systems/filebitch/config.nix @@ -28,7 +28,6 @@ in ]; krebs.build.host = config.krebs.hosts.filebitch; - sound.enable = false; services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="60:a4:4c:3d:52:cf", NAME="et0" diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix deleted file mode 100644 index 290870fce..000000000 --- a/krebs/1systems/news/config.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ../../../krebs - ../../../krebs/2configs - - ../../../krebs/2configs/ircd.nix - ../../../krebs/2configs/go.nix - - #### NEWS #### - ../../../krebs/2configs/ircd.nix - ../../../krebs/2configs/news.nix - ]; - - krebs.build.host = config.krebs.hosts.news; - krebs.hosts.news.ssh.privkey.path = "${config.krebs.secret.directory}/ssh.id_ed25519"; - - boot.isContainer = true; - networking.useDHCP = lib.mkForce true; - krebs.sync-containers3.inContainer = { - enable = true; - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBVZomw68WDQy0HsHhNbWK1KpzaR5aRUG1oioE7IgCv"; - }; -} diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index d3891af82..542106d5f 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -2,51 +2,52 @@ { imports = [ ./net.nix - <stockholm/krebs> - <stockholm/krebs/2configs> - <stockholm/krebs/2configs/secret-passwords.nix> - <stockholm/krebs/2configs/hw/x220.nix> + ../../../krebs + ../../../krebs/2configs + ../../2configs/secret-passwords.nix + ../../2configs/hw/x220.nix # see documentation in included getty-for-esp.nix: # brain hosts/puyak/root - <stockholm/krebs/2configs/hw/getty-for-esp.nix> + ../../2configs/hw/getty-for-esp.nix + ../../2configs/buildbot/worker.nix ## initrd unlocking - # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase' - <stockholm/krebs/2configs/tor/initrd.nix> + # (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat /crypt-ramfs/passphrase' + ../../2configs/tor/initrd.nix - <stockholm/krebs/2configs/binary-cache/nixos.nix> - <stockholm/krebs/2configs/binary-cache/prism.nix> + ../../2configs/binary-cache/nixos.nix + ../../2configs/binary-cache/prism.nix ## news host - <stockholm/krebs/2configs/container-networking.nix> - <stockholm/krebs/2configs/syncthing.nix> + ../../2configs/container-networking.nix + ../../2configs/syncthing.nix ### shackspace ### # handle the worlddomination map via coap - <stockholm/krebs/2configs/shack/worlddomination.nix> - <stockholm/krebs/2configs/shack/ssh-keys.nix> + ../../2configs/shack/worlddomination.nix + ../../2configs/shack/ssh-keys.nix # drivedroid.shack for shackphone - <stockholm/krebs/2configs/shack/drivedroid.nix> - # <stockholm/krebs/2configs/shack/nix-cacher.nix> + ../../2configs/shack/drivedroid.nix + # ../../2configs/shack/nix-cacher.nix # Say if muell will be collected - <stockholm/krebs/2configs/shack/muell_caller.nix> + ../../2configs/shack/muell_caller.nix # provide muellshack api: muell.shack - <stockholm/krebs/2configs/shack/muellshack.nix> + ../../2configs/shack/muellshack.nix # send mail if muell was not handled - <stockholm/krebs/2configs/shack/muell_mail.nix> + ../../2configs/shack/muell_mail.nix # provide light control api - <stockholm/krebs/2configs/shack/node-light.nix> # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack + ../../2configs/shack/node-light.nix # light.shack lounge.light.shack power.light.shack openhab.shack lightapi.shack # light.shack web-ui - <stockholm/krebs/2configs/shack/light.shack.nix> #light.shack + ../../2configs/shack/light.shack.nix #light.shack # fetch the u300 power stats - <stockholm/krebs/2configs/shack/power/u300-power.nix> + ../../2configs/shack/power/u300-power.nix { # do not log to /var/spool/log @@ -66,56 +67,55 @@ } # create samba share for anonymous usage with the laser and 3d printer pc - <stockholm/krebs/2configs/shack/share.nix> + ../../2configs/shack/share.nix # mobile.lounge.mpd.shack - <stockholm/krebs/2configs/shack/mobile.mpd.nix> + ../../2configs/shack/mobile.mpd.nix # hass.shack - <stockholm/krebs/2configs/shack/glados> - <stockholm/krebs/2configs/shack/esphome.nix> + ../../2configs/shack/glados + ../../2configs/shack/esphome.nix # connect to git.shackspace.de as group runner for rz - <stockholm/krebs/2configs/shack/gitlab-runner.nix> + ../../2configs/shack/gitlab-runner.nix # Statistics collection and visualization - # <stockholm/krebs/2configs/shack/graphite.nix> # graphiteApi is broken and unused(hopefully) + # ../../2configs/shack/graphite.nix # graphiteApi is broken and unused(hopefully) ## Collect data from mqtt.shack and store in graphite database - <stockholm/krebs/2configs/shack/mqtt_sub.nix> + ../../2configs/shack/mqtt_sub.nix ## Collect radioactive data and put into graphite - <stockholm/krebs/2configs/shack/radioactive.nix> + ../../2configs/shack/radioactive.nix ## mqtt.shack - <stockholm/krebs/2configs/shack/mqtt.nix> + ../../2configs/shack/mqtt.nix ## influx.shack - <stockholm/krebs/2configs/shack/influx.nix> + ../../2configs/shack/influx.nix ## Collect local statistics via collectd and send to collectd - # <stockholm/krebs/2configs/stats/shack-client.nix> - # <stockholm/krebs/2configs/stats/shack-debugging.nix> + # ../../2configs/stats/shack-client.nix + # ../../2configs/stats/shack-debugging.nix ## netbox.shack: Netbox is disabled as nobody seems to be using it anyway - # <stockholm/krebs/2configs/shack/netbox.nix> + # ../../2configs/shack/netbox.nix # grafana.shack - <stockholm/krebs/2configs/shack/grafana.nix> + ../../2configs/shack/grafana.nix # shackdns.shack # replacement for leases.shack and shackles.shack - <stockholm/krebs/2configs/shack/shackDNS.nix> + ../../2configs/shack/shackDNS.nix # monitoring: prometheus.shack - <stockholm/krebs/2configs/shack/prometheus/node.nix> - <stockholm/krebs/2configs/shack/prometheus/server.nix> - <stockholm/krebs/2configs/shack/prometheus/blackbox.nix> - #<stockholm/krebs/2configs/shack/prometheus/unifi.nix> + ../../2configs/shack/prometheus/node.nix + ../../2configs/shack/prometheus/server.nix + ../../2configs/shack/prometheus/blackbox.nix + #../../2configs/shack/prometheus/unifi.nix # TODO: alertmanager 0.24+ supports telegram - # <stockholm/krebs/2configs/shack/prometheus/alertmanager-telegram.nix> + # ../../2configs/shack/prometheus/alertmanager-telegram.nix ]; krebs.build.host = config.krebs.hosts.puyak; krebs.hosts.puyak.ssh.privkey.path = "${config.krebs.secret.directory}/ssh.id_ed25519"; - sound.enable = false; boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 6ff280f79..9f966ee01 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -73,7 +73,6 @@ in ''; time.timeZone = "Europe/Berlin"; - sound.enable = false; # avahi services.avahi = { diff --git a/krebs/2configs/buildbot/worker.nix b/krebs/2configs/buildbot/worker.nix index e96c6df14..5526a83d3 100644 --- a/krebs/2configs/buildbot/worker.nix +++ b/krebs/2configs/buildbot/worker.nix @@ -1,4 +1,4 @@ -{ buildbot-nix, ... }: +{ config, buildbot-nix, ... }: { imports = [ buildbot-nix.nixosModules.buildbot-worker @@ -6,6 +6,8 @@ services.buildbot-nix.worker = { enable = true; + name = config.krebs.build.host.name; workerPasswordFile = "/var/src/secrets/nix-worker-file"; + masterUrl = "tcp:host=gum:port=9989"; }; } diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 6ca7c732a..e7bf3078f 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -33,7 +33,6 @@ with import ../../lib/pure.nix { inherit lib; }; environment.systemPackages = with pkgs; [ git vim - rxvt_unicode.terminfo ]; console.keyMap = "us"; diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix index 980c2c9aa..a797673c9 100644 --- a/krebs/2configs/hw/x220.nix +++ b/krebs/2configs/hw/x220.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ lib, pkgs, ... }: { networking.wireless.enable = lib.mkDefault true; diff --git a/krebs/2configs/mastodon.nix b/krebs/2configs/mastodon.nix index ebc4207a0..b81c229b6 100644 --- a/krebs/2configs/mastodon.nix +++ b/krebs/2configs/mastodon.nix @@ -14,7 +14,6 @@ localDomain = "social.krebsco.de"; configureNginx = true; streamingProcesses = 3; - trustedProxy = config.krebs.hosts.prism.nets.retiolum.ip6.addr; smtp.createLocally = false; smtp.fromAddress = "derp"; }; diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix deleted file mode 100644 index 9b8627d61..000000000 --- a/krebs/2configs/news-host.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config,lib, ... }: -{ - nixpkgs.config.allowUnfree = true; # "consul-1.18.0" - krebs.sync-containers3.containers.news = { - sshKey = "${config.krebs.secret.directory}/news.sync.key"; - }; -} diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix deleted file mode 100644 index 9d9470727..000000000 --- a/krebs/2configs/news.nix +++ /dev/null @@ -1,207 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.rss-bridge = { - enable = true; - whitelist = [ "*" ]; - }; - services.nginx.virtualHosts = { - rss-bridge = { - serverAliases = [ - "rss.r" - ]; - }; - "brockman.r" = { - serverAliases = [ - "news.r" - ]; - locations."/api".extraConfig = '' - proxy_pass http://127.0.0.1:7777/; - proxy_pass_header Server; - ''; - locations."= /graph.html".extraConfig = '' - alias ${pkgs.fetchurl { - url = "https://raw.githubusercontent.com/kmein/brockman/05d33c8caaaf6255752f9600981974bb58390851/tools/graph.html"; - sha256 = "0iw2vdzj6kzkix1c447ybmc953lns6z4ap6sr9pcib8bany4g43w"; - }}; - ''; - locations."/".extraConfig = '' - root /var/lib/brockman; - index brockman.json; - ''; - extraConfig = '' - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - ''; - }; - }; - systemd.tmpfiles.rules = [ - "d /var/lib/brockman 1750 brockman nginx -" - "d /run/irc-api 1750 brockman nginx -" - ]; - - systemd.services.brockman-graph = { - path = [ - pkgs.graphviz - pkgs.jq - pkgs.inotify-tools - ]; - serviceConfig = { - ExecStart = pkgs.writers.writeDash "brockman-graph" '' - - while :; do - graphviz="$(cat /var/lib/brockman/brockman.json \ - | jq -r ' - .bots | - to_entries | - map(select(.value.extraChannels|length > 1 )) | - .[] | - "\"\(.key)\" -> {\(.value.extraChannels|map("\""+.+"\"")|join(" "))}" - ')" - echo "digraph news { $graphviz }" | circo -Tsvg > /var/lib/brockman/graph.svg - - inotifywait -q -e MODIFY /var/lib/brockman/brockman.json - done - ''; - User = "brockman"; - }; - wantedBy = [ "multi-user.target" ]; - }; - - services.ergochat.openFilesLimit = 16384; - services.ergochat.settings = { - limits.nicklen = 100; - limits.identlen = 100; - history.enabled = false; - }; - systemd.services.brockman.bindsTo = [ "ergochat.service" ]; - systemd.services.brockman.serviceConfig.LimitNOFILE = 16384; - systemd.services.brockman.environment.BROCKMAN_LOG_LEVEL = "DEBUG"; - krebs.brockman = { - enable = true; - config = { - irc.host = "localhost"; - channel = "#all"; - shortener = "http://go.r"; - controller = { - nick = "brockman"; - extraChannels = [ "#all" ]; - }; - statePath = "/var/state/brockman/brockman.json"; - bots = {}; - }; - }; - - krebs.reaktor2.api = { - hostname = "localhost"; - port = "6667"; - nick = "api"; - API.listen = "inet://127.0.0.1:7777"; - plugins = [ - { - plugin = "register"; - config = { - channels = [ - "#all" - ]; - }; - } - ]; - }; - krebs.reaktor2.news = let - name = "candyman"; - in { - hostname = "localhost"; - port = "6667"; - nick = name; - plugins = [ - { - plugin = "register"; - config = { - channels = [ - "#all" - "#aluhut" - "#news" - "#lasstube" - ]; - }; - } - { - plugin = "system"; - config = { - hooks.PRIVMSG = [ - { - activate = "match"; - pattern = "^${name}:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$"; - command = 1; - arguments = [2]; - commands = { - add-reddit.filename = pkgs.writeDash "add-reddit" '' - set -euf - if [ "$#" -ne 1 ]; then - echo 'usage: ${name}: add-reddit $reddit_channel' - exit 1 - fi - reddit_channel=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Reddit&context=single&r=$reddit_channel&format=Atom" - ''; - add-telegram.filename = pkgs.writeDash "add-telegram" '' - set -euf - if [ "$#" -ne 1 ]; then - echo 'usage: ${name}: add-telegram $telegram_user' - exit 1 - fi - telegram_user=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - echo "brockman: add t_$telegram_user http://rss.r/?action=display&bridge=Telegram&username=$telegram_user&format=Mrss" - ''; - add-youtube.filename = pkgs.writeDash "add-youtube" '' - set -euf - if [ "$#" -ne 1 ]; then - echo 'usage: ${name}: add-youtube $nick $channel/video/stream/id' - exit 1 - fi - youtube_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - youtube_url=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][1]') - if [ ''${#youtube_url} -eq 24 ]; then - youtube_id=$youtube_url - else - youtube_id=$(${pkgs.yt-dlp}/bin/yt-dlp --max-downloads 1 -j "$youtube_url" | ${pkgs.jq}/bin/jq -r '.channel_id') - fi - echo "brockman: add yt_$youtube_nick http://rss.r/?action=display&bridge=Youtube&context=By+channel+id&c=$youtube_id&duration_min=&duration_max=&format=Mrss" - ''; - add-twitch.filename = pkgs.writeDash "add-twitch" '' - set -euf - if [ "$#" -ne 1 ]; then - echo 'usage: ${name}: add-twitch $handle' - exit 1 - fi - twitch_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - echo "brockman: add twitch_$twitch_nick http://rss.r/?action=display&bridge=Twitch&channel=$twitch_nick&type=all&format=Atom" - ''; - add-twitter.filename = pkgs.writeDash "add-twitter" '' - set -euf - if [ "$#" -ne 1 ]; then - echo 'usage: ${name}: add-twitter $handle' - exit 1 - fi - twitter_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - echo "brockman: add tw_$twitter_nick http://rss.r/?action=display&bridge=Twitter&context=By+username&u=$twitter_nick&norep=on&noretweet=on&nopinned=on&nopic=on&format=Atom" - ''; - search.filename = pkgs.writeDash "search" '' - set -euf - if [ "$#" -ne 1 ]; then - echo 'usage: ${name}: search $searchterm' - exit 1 - fi - searchterm=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - ${pkgs.curl}/bin/curl -Ss "https://feedsearch.dev/api/v1/search?url=$searchterm&info=true&favicon=false" | - ${pkgs.jq}/bin/jq '.[].url' - ''; - }; - } - ]; - }; - } - ]; - }; -} diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index e84827656..7cc6c7550 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -253,24 +253,6 @@ let }; }; - vicuna = { - pattern = "^!vicuna (.*)$"; - activate = "match"; - arguments = [1]; - timeoutSec = 1337; - command = { - filename = pkgs.writeDash "vicuna" '' - set -efu - - mkdir -p ${stateDir}/vicuna - export CONTEXT=${stateDir}/vicuna/"$_msgtarget".context - ${pkgs.vicuna-chat}/bin/vicuna-chat "$@" | - echo "$_from: $(cat)" | - fold -s -w 426 - ''; - }; - }; - locationsLib = pkgs.writeText "locations.sh" '' ENDPOINT=http://c.r/poi.json get_locations() { @@ -431,7 +413,6 @@ let hooks.sed interrogate say - vicuna (generators.command_hook { inherit (commands) dance random-emoji nixos-version; tell = { diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 0c3f42f1c..1db19e1ca 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -21,15 +21,16 @@ let imp = { services.redis.servers.go.enable = true; + users.users.htgen-go.extraGroups = [ "redis-go" ]; krebs.htgen.go = { port = cfg.port; - script = ''. ${pkgs.writeDash "go" '' + script = ''. ${pkgs.writers.writeDash "go" '' set -x case "$Method $Request_URI" in "GET /"*) - if item=$(${pkgs.redis}/bin/redis-cli --raw get "''${Request_URI#/}"); then + if item=$(${pkgs.redis}/bin/redis-cli -s /run/redis-go/redis.sock --raw get "''${Request_URI#/}"); then printf 'HTTP/1.1 302 Found\r\n' printf 'Content-Type: text/plain\r\n' printf 'Connection: closed\r\n' @@ -54,11 +55,10 @@ let ) sha256=$(echo "$uri" | sha256sum -b | cut -d\ -f1) - base32=$(${pkgs.nixStable}/bin/nix-hash --to-base32 --type sha256 "$sha256") - base32short=$(echo "$base32" | cut -c48-52) - ${pkgs.redis}/bin/redis-cli set "$base32short" "$uri" >/dev/null + short=$(echo "$sha256" | cut -c1-8) + ${pkgs.redis}/bin/redis-cli -s /run/redis-go/redis.sock set "$short" "$uri" >/dev/null - ref="http://$req_host/$base32short" + ref="http://$req_host/$short" printf 'HTTP/1.1 200 OK\r\n' printf 'Content-Type: text/plain; charset=UTF-8\r\n' diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 32a5273a5..16f1f3c84 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -108,12 +108,12 @@ let }) ({ krebs.iptables.tables.filter.INPUT.rules = map - (portRange: { predicate = "-p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) + (portRange: { predicate = "-p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) config.networking.firewall.allowedTCPPortRanges; }) ({ krebs.iptables.tables.filter.INPUT.rules = map - (portRange: { predicate = "-p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; }) + (portRange: { predicate = "-p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; }) config.networking.firewall.allowedUDPPortRanges; }) ({ diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index 978e0c9c0..aa6254786 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -18,7 +18,7 @@ with import ../../lib/pure.nix { inherit lib; }; { }; port = mkOption { default = "6667"; - # TODO type = types.service-name + type = types.str; }; plugins = mkOption { default = []; @@ -70,7 +70,7 @@ with import ../../lib/pure.nix { inherit lib; }; { DynamicUser = true; StateDirectory = cfg.username; ExecStart = let - configFile = pkgs.writeJSON configFileName configValue; + configFile = pkgs.writers.writeJSON configFileName configValue; configFileName = "${cfg.systemd-service-name}.config.json"; configValue = stripAttr ( recursiveUpdate { diff --git a/krebs/5pkgs/simple/flameshot-once/config.nix b/krebs/5pkgs/simple/flameshot-once/config.nix deleted file mode 100644 index 24df403aa..000000000 --- a/krebs/5pkgs/simple/flameshot-once/config.nix +++ /dev/null @@ -1,416 +0,0 @@ -{ config, pkgs, ... }: -with pkgs.stockholm.lib; - -let - # Encode integer to C-escaped string of bytes, little endian / LSB 0 - le = rec { - x1 = i: let - i0 = mod i 16; - i1 = i / 16; - in - if i == 0 then - "\\0" - else if i < 16 then - "\\x${elemAt hexchars i0}" - else - "\\x${elemAt hexchars i1}${elemAt hexchars i0}"; - - x2 = i: let - i0 = mod i 256; - i1 = i / 256; - in - "${x1 i1}${x1 i0}"; - - x4 = i: let - i0 = mod i 65536; - i1 = i / 65536; - in - "${x2 i1}${x2 i0}"; - }; - - toQList = t: xs: - assert t == "int"; - "QList<${t}>${le.x4 0}${le.x1 (length xs)}${concatMapStrings le.x4 xs}"; -in - -{ - options = { - imgur = mkOption { - default = {}; - type = types.submodule { - options = { - enable = mkEnableOption "imgur"; - createUrl = mkOption { - example = "http://p.r/image"; - type = types.str; - }; - deleteUrl = mkOption { - example = "http://p.r/image/delete/%1"; - type = types.str; - }; - xdg-open = mkOption { - default = {}; - type = types.submodule { - options = { - enable = mkEnableOption "imgur.xdg-open" // { - default = true; - }; - browser = mkOption { - default = "${pkgs.coreutils}/bin/false"; - type = types.str; - }; - createPrefix = mkOption { - default = config.imgur.createUrl; - type = types.str; - }; - deletePrefix = mkOption { - default = removeSuffix "/%1" config.imgur.deleteUrl; - type = types.str; - }; - }; - }; - }; - }; - }; - }; - package = mkOption { - type = types.package; - default = import ./flameshot { inherit pkgs; }; - }; - settings = { - # Options without a description are not documented in flameshot's README. - # Compare with: - # nix-shell -p flameshot-once.dev --run get-recognizedGeneralOptions - General = mapAttrs (_: recursiveUpdate { default = null; }) { - allowMultipleGuiInstances = mkOption { - description = '' - Allow multiple instances of `flameshot gui` to run at the same time - ''; - type = with types; nullOr bool; - }; - antialiasingPinZoom = mkOption { - description = '' - Anti-aliasing image when zoom the pinned image - ''; - type = with types; nullOr bool; - }; - autoCloseIdleDaemon = mkOption { - description = '' - Automatically close daemon when it's not needed - ''; - type = with types; nullOr bool; - }; - buttons = let - buttonTypes = { - # Generated with: - # nix-shell -p flameshot-once.dev --run get-buttonTypes - TYPE_PENCIL = 0; - TYPE_DRAWER = 1; - TYPE_ARROW = 2; - TYPE_SELECTION = 3; - TYPE_RECTANGLE = 4; - TYPE_CIRCLE = 5; - TYPE_MARKER = 6; - TYPE_SELECTIONINDICATOR = 7; - TYPE_MOVESELECTION = 8; - TYPE_UNDO = 9; - TYPE_COPY = 10; - TYPE_SAVE = 11; - TYPE_EXIT = 12; - TYPE_IMAGEUPLOADER = 13; - TYPE_OPEN_APP = 14; - TYPE_PIXELATE = 15; - TYPE_REDO = 16; - TYPE_PIN = 17; - TYPE_TEXT = 18; - TYPE_CIRCLECOUNT = 19; - TYPE_SIZEINCREASE = 20; - TYPE_SIZEDECREASE = 21; - TYPE_INVERT = 22; - TYPE_ACCEPT = 23; - }; - iterableButtonTypes = [ - # Generated with: - # nix-shell -p flameshot-once.dev --run get-iterableButtonTypes - "TYPE_ACCEPT" - "TYPE_ARROW" - "TYPE_CIRCLE" - "TYPE_CIRCLECOUNT" - "TYPE_COPY" - "TYPE_DRAWER" - "TYPE_EXIT" - "TYPE_IMAGEUPLOADER" - "TYPE_MARKER" - "TYPE_MOVESELECTION" - "TYPE_OPEN_APP" - "TYPE_PENCIL" - "TYPE_PIN" - "TYPE_PIXELATE" - "TYPE_RECTANGLE" - "TYPE_REDO" - "TYPE_SAVE" - "TYPE_SELECTION" - "TYPE_SIZEDECREASE" - "TYPE_SIZEINCREASE" - "TYPE_TEXT" - "TYPE_UNDO" - ]; - in mkOption { - apply = names: - if names != null then let - values = map (name: buttonTypes.${name}) names; - in - ''@Variant(\0\0\0\x7f\0\0\0\v${toQList "int" values})'' - else - null; - description = '' - Configure which buttons to show after drawing a selection - ''; - type = with types; nullOr (listOf (enum iterableButtonTypes)); - }; - checkForUpdates = mkOption { - type = with types; nullOr bool; - }; - contrastOpacity = mkOption { - description = '' - Opacity of area outside selection - ''; - type = with types; nullOr (boundedInt 0 255); - }; - contrastUiColor = mkOption { - description = '' - Contrast UI color - ''; - type = with types; nullOr flameshot.color; - }; - copyAndCloseAfterUpload = mkOption { - type = with types; nullOr bool; - }; - copyOnDoubleClick = mkOption { - type = with types; nullOr bool; - }; - copyPathAfterSave = mkOption { - description = '' - Copy path to image after save - ''; - type = with types; nullOr bool; - }; - copyURLAfterUpload = mkOption { - description = '' - On successful upload, close the dialog and copy URL to clipboard - ''; - type = with types; nullOr bool; - }; - disabledTrayIcon = mkOption { - description = '' - Whether the tray icon is disabled - ''; - type = with types; nullOr bool; - }; - drawColor = mkOption { - description = '' - Last used color - ''; - type = with types; nullOr flameshot.color; - }; - drawFontSize = mkOption { - type = with types; nullOr positive; - }; - drawThickness = mkOption { - description = '' - Last used tool thickness - ''; - type = with types; nullOr positive; - }; - filenamePattern = mkOption { - description = '' - Filename pattern using C++ strftime formatting - ''; - type = - # This is types.filename extended by [%:][%:+]* - with types; - nullOr (addCheck str (test "[%:0-9A-Za-z._][%:+0-9A-Za-z._-]*")); - }; - fontFamily = mkOption { - type = with types; nullOr str; - }; - historyConfirmationToDelete = mkOption { - type = with types; nullOr bool; - }; - ignoreUpdateToVersion = mkOption { - description = '' - Ignore updates to versions less than this value - ''; - type = with types; nullOr str; < |