Merge pull request 'Remove digga from b12f branch' (#257) from remove-digga/b12f into b12f
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Reviewed-on: #257
This commit is contained in:
commit
516e028a0c
112
CHANGELOG.md
112
CHANGELOG.md
|
@ -1,112 +0,0 @@
|
||||||
# Changelog
|
|
||||||
|
|
||||||
## [v0.10.0](https://github.com/divnix/devos/tree/v0.10.0) (2021-05-24)
|
|
||||||
|
|
||||||
**Implemented enhancements:**
|
|
||||||
|
|
||||||
- Providing an interface to nixpkgs.config [\#237](https://github.com/divnix/devos/issues/237)
|
|
||||||
- Making the user available in profiles [\#230](https://github.com/divnix/devos/issues/230)
|
|
||||||
- copy evaluation store paths to iso [\#195](https://github.com/divnix/devos/issues/195)
|
|
||||||
- Extract custom system builds from devosSystem out of lib [\#170](https://github.com/divnix/devos/issues/170)
|
|
||||||
- Allow setting of channel host-wide [\#117](https://github.com/divnix/devos/issues/117)
|
|
||||||
- alacritty: CSIu support [\#51](https://github.com/divnix/devos/issues/51)
|
|
||||||
|
|
||||||
**Fixed bugs:**
|
|
||||||
|
|
||||||
- Cachix timeouts + how to disable nrdxp cachix \(if needed\) [\#294](https://github.com/divnix/devos/issues/294)
|
|
||||||
- default.nix flake-compat is broken [\#285](https://github.com/divnix/devos/issues/285)
|
|
||||||
- All suites return "attribute missing" [\#282](https://github.com/divnix/devos/issues/282)
|
|
||||||
- nix is built two times [\#203](https://github.com/divnix/devos/issues/203)
|
|
||||||
- fix lib docs [\#166](https://github.com/divnix/devos/issues/166)
|
|
||||||
|
|
||||||
**Closed issues:**
|
|
||||||
|
|
||||||
- eliminate userFlakeNixOS [\#257](https://github.com/divnix/devos/issues/257)
|
|
||||||
- devos-as-library [\#214](https://github.com/divnix/devos/issues/214)
|
|
||||||
|
|
||||||
**Merged pull requests:**
|
|
||||||
|
|
||||||
- Update evalArgs to match the new planned API [\#239](https://github.com/divnix/devos/pull/239)
|
|
||||||
|
|
||||||
## [v0.9.0](https://github.com/divnix/devos/tree/v0.9.0) (2021-04-19)
|
|
||||||
|
|
||||||
**Implemented enhancements:**
|
|
||||||
|
|
||||||
- pin inputs into iso live registry [\#190](https://github.com/divnix/devos/issues/190)
|
|
||||||
- Pass 'self' to lib [\#169](https://github.com/divnix/devos/issues/169)
|
|
||||||
- doc: quickstart "ISO. What next?" [\#167](https://github.com/divnix/devos/issues/167)
|
|
||||||
- Integrate Android AOSP putting mobile under control [\#149](https://github.com/divnix/devos/issues/149)
|
|
||||||
- Inoculate host identity on first use [\#132](https://github.com/divnix/devos/issues/132)
|
|
||||||
- kubenix support [\#130](https://github.com/divnix/devos/issues/130)
|
|
||||||
- Improve Home Manager support: profiles/suites, modules, extern, flake outputs [\#119](https://github.com/divnix/devos/issues/119)
|
|
||||||
- Local CA \(between hosts\) [\#104](https://github.com/divnix/devos/issues/104)
|
|
||||||
- Q5: git annex for machine state [\#68](https://github.com/divnix/devos/issues/68)
|
|
||||||
- name space ./pkgs overlays [\#60](https://github.com/divnix/devos/issues/60)
|
|
||||||
- remap global keys easily [\#57](https://github.com/divnix/devos/issues/57)
|
|
||||||
- make pass state part of this repo's structure [\#56](https://github.com/divnix/devos/issues/56)
|
|
||||||
- Incorporate ./shells [\#38](https://github.com/divnix/devos/issues/38)
|
|
||||||
- Encrypt with \(r\)age [\#37](https://github.com/divnix/devos/issues/37)
|
|
||||||
|
|
||||||
**Fixed bugs:**
|
|
||||||
|
|
||||||
- `pathsToImportedAttrs` does not accept directories [\#221](https://github.com/divnix/devos/issues/221)
|
|
||||||
- Cachix caches aren't added to the configuration [\#208](https://github.com/divnix/devos/issues/208)
|
|
||||||
- Issues with current changelog workflow [\#205](https://github.com/divnix/devos/issues/205)
|
|
||||||
- iso: systemd service startup [\#194](https://github.com/divnix/devos/issues/194)
|
|
||||||
- Help adding easy-hls-nix to devos [\#174](https://github.com/divnix/devos/issues/174)
|
|
||||||
- `flk update` fails because of obsolete flag [\#159](https://github.com/divnix/devos/issues/159)
|
|
||||||
- Expected that not all packages are exported? [\#151](https://github.com/divnix/devos/issues/151)
|
|
||||||
- Segmentation fault when generating iso [\#150](https://github.com/divnix/devos/issues/150)
|
|
||||||
|
|
||||||
**Documentation:**
|
|
||||||
|
|
||||||
- doc: split iso [\#193](https://github.com/divnix/devos/issues/193)
|
|
||||||
- lib: can depend on pkgs \(a la nixpkgs\#pkgs/pkgs-lib\) [\#147](https://github.com/divnix/devos/pull/147)
|
|
||||||
|
|
||||||
**Closed issues:**
|
|
||||||
|
|
||||||
- FRRouting router implementation [\#154](https://github.com/divnix/devos/issues/154)
|
|
||||||
- ARM aarch64 Support [\#72](https://github.com/divnix/devos/issues/72)
|
|
||||||
|
|
||||||
## [v0.8.0](https://github.com/divnix/devos/tree/v0.8.0) (2021-03-02)
|
|
||||||
|
|
||||||
**Implemented enhancements:**
|
|
||||||
|
|
||||||
- semi automatic update for /pkgs [\#118](https://github.com/divnix/devos/issues/118)
|
|
||||||
- Home-manager external modules from flakes [\#106](https://github.com/divnix/devos/issues/106)
|
|
||||||
|
|
||||||
**Fixed bugs:**
|
|
||||||
|
|
||||||
- My emacsGcc overlay is not working [\#146](https://github.com/divnix/devos/issues/146)
|
|
||||||
- local flake registry freezes branches [\#142](https://github.com/divnix/devos/issues/142)
|
|
||||||
- nixos-option no longer works after collect garbage [\#138](https://github.com/divnix/devos/issues/138)
|
|
||||||
- Profiles imports are brittle, causing failure if imported twice [\#136](https://github.com/divnix/devos/issues/136)
|
|
||||||
|
|
||||||
## [0.7.0](https://github.com/divnix/devos/tree/0.7.0) (2021-02-20)
|
|
||||||
|
|
||||||
**Implemented enhancements:**
|
|
||||||
|
|
||||||
- add zoxide [\#53](https://github.com/divnix/devos/issues/53)
|
|
||||||
- Multiarch support? [\#17](https://github.com/divnix/devos/issues/17)
|
|
||||||
- initial multiArch support [\#18](https://github.com/divnix/devos/pull/18)
|
|
||||||
|
|
||||||
**Fixed bugs:**
|
|
||||||
|
|
||||||
- Missing shebang from flk.sh [\#131](https://github.com/divnix/devos/issues/131)
|
|
||||||
- Rename Meta Issue [\#128](https://github.com/divnix/devos/issues/128)
|
|
||||||
- specialisations break the `system` argument [\#46](https://github.com/divnix/devos/issues/46)
|
|
||||||
- Revert "Add extraArgs to lib.nixosSystem call to add system args." [\#47](https://github.com/divnix/devos/pull/47)
|
|
||||||
|
|
||||||
**Documentation:**
|
|
||||||
|
|
||||||
- update home-manager urls [\#62](https://github.com/divnix/devos/pull/62)
|
|
||||||
|
|
||||||
**Closed issues:**
|
|
||||||
|
|
||||||
- add github action for cachix build ci [\#59](https://github.com/divnix/devos/issues/59)
|
|
||||||
|
|
||||||
## [12052020](https://github.com/divnix/devos/tree/12052020) (2020-12-06)
|
|
||||||
|
|
||||||
## [07092020](https://github.com/divnix/devos/tree/07092020) (2020-07-09)
|
|
||||||
|
|
||||||
\* _This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)_
|
|
|
@ -1,33 +0,0 @@
|
||||||
# Quick branch overview
|
|
||||||
|
|
||||||
We work with several branches in this repo. This document aims to explain how
|
|
||||||
to contribute changes to the existing branches.
|
|
||||||
|
|
||||||
### `main` branch
|
|
||||||
|
|
||||||
- Changes to `modules` and `profiles` should go [the main branch](https://git.pub.solar/pub-solar/os/src/branch/main)
|
|
||||||
- Changes can get accepted via: Pull Request
|
|
||||||
- Branch protected from direct `git push`
|
|
||||||
|
|
||||||
### `infra` branch
|
|
||||||
|
|
||||||
- Changes to the [pub.solar](https://pub.solar) infrastructure should be merged [into this branch](https://git.pub.solar/pub-solar/os/src/branch/infra)
|
|
||||||
- Changes can get accepted via: Pull Request
|
|
||||||
- Branch protected from direct `git push`
|
|
||||||
|
|
||||||
### `momo/main` branch
|
|
||||||
|
|
||||||
- Changes to the [Momo](https://momo.koeln) infrastructure should be merged [into this branch](https://git.pub.solar/pub-solar/os/src/branch/momo/main)
|
|
||||||
- Changes can get accepted via: Pull Request
|
|
||||||
- Deployment of changes is [automatic via CI pipeline](https://git.pub.solar/pub-solar/os/src/commit/43bd7421509f7cc9ba06d7c740f3f536a4a2af76/.drone.yml#L20-L38)
|
|
||||||
- Branch protected from direct `git push`
|
|
||||||
|
|
||||||
### `$USER` branches
|
|
||||||
|
|
||||||
- User's custom hosts and changes can be worked on in these branches
|
|
||||||
- Direct `git push` possible
|
|
||||||
- Examples:
|
|
||||||
- [hensoko](https://git.pub.solar/pub-solar/os/src/branch/hensoko)
|
|
||||||
- [b12f](https://git.pub.solar/pub-solar/os/src/branch/b12f)
|
|
||||||
- [axeman](https://git.pub.solar/pub-solar/os/src/branch/axeman)
|
|
||||||
- [teutat3s](https://git.pub.solar/pub-solar/os/src/branch/teutat3s)
|
|
18
COPYING
18
COPYING
|
@ -1,18 +0,0 @@
|
||||||
Permission is hereby granted, free of charge, to any person obtaining
|
|
||||||
a copy of this software and associated documentation files (the
|
|
||||||
"Software"), to deal in the Software without restriction, including
|
|
||||||
without limitation the rights to use, copy, modify, merge, publish,
|
|
||||||
distribute, sublicense, and/or sell copies of the Software, and to
|
|
||||||
permit persons to whom the Software is furnished to do so, subject to
|
|
||||||
the following conditions:
|
|
||||||
|
|
||||||
The above copyright notice and this permission notice shall be
|
|
||||||
included in all copies or substantial portions of the Software.
|
|
||||||
|
|
||||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
||||||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
||||||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
||||||
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
||||||
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
||||||
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
||||||
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
660
LICENSE.md
660
LICENSE.md
|
@ -1,660 +0,0 @@
|
||||||
### GNU AFFERO GENERAL PUBLIC LICENSE
|
|
||||||
|
|
||||||
Version 3, 19 November 2007
|
|
||||||
|
|
||||||
Copyright (C) 2007 Free Software Foundation, Inc.
|
|
||||||
<https://fsf.org/>
|
|
||||||
|
|
||||||
Everyone is permitted to copy and distribute verbatim copies of this
|
|
||||||
license document, but changing it is not allowed.
|
|
||||||
|
|
||||||
### Preamble
|
|
||||||
|
|
||||||
The GNU Affero General Public License is a free, copyleft license for
|
|
||||||
software and other kinds of works, specifically designed to ensure
|
|
||||||
cooperation with the community in the case of network server software.
|
|
||||||
|
|
||||||
The licenses for most software and other practical works are designed
|
|
||||||
to take away your freedom to share and change the works. By contrast,
|
|
||||||
our General Public Licenses are intended to guarantee your freedom to
|
|
||||||
share and change all versions of a program--to make sure it remains
|
|
||||||
free software for all its users.
|
|
||||||
|
|
||||||
When we speak of free software, we are referring to freedom, not
|
|
||||||
price. Our General Public Licenses are designed to make sure that you
|
|
||||||
have the freedom to distribute copies of free software (and charge for
|
|
||||||
them if you wish), that you receive source code or can get it if you
|
|
||||||
want it, that you can change the software or use pieces of it in new
|
|
||||||
free programs, and that you know you can do these things.
|
|
||||||
|
|
||||||
Developers that use our General Public Licenses protect your rights
|
|
||||||
with two steps: (1) assert copyright on the software, and (2) offer
|
|
||||||
you this License which gives you legal permission to copy, distribute
|
|
||||||
and/or modify the software.
|
|
||||||
|
|
||||||
A secondary benefit of defending all users' freedom is that
|
|
||||||
improvements made in alternate versions of the program, if they
|
|
||||||
receive widespread use, become available for other developers to
|
|
||||||
incorporate. Many developers of free software are heartened and
|
|
||||||
encouraged by the resulting cooperation. However, in the case of
|
|
||||||
software used on network servers, this result may fail to come about.
|
|
||||||
The GNU General Public License permits making a modified version and
|
|
||||||
letting the public access it on a server without ever releasing its
|
|
||||||
source code to the public.
|
|
||||||
|
|
||||||
The GNU Affero General Public License is designed specifically to
|
|
||||||
ensure that, in such cases, the modified source code becomes available
|
|
||||||
to the community. It requires the operator of a network server to
|
|
||||||
provide the source code of the modified version running there to the
|
|
||||||
users of that server. Therefore, public use of a modified version, on
|
|
||||||
a publicly accessible server, gives the public access to the source
|
|
||||||
code of the modified version.
|
|
||||||
|
|
||||||
An older license, called the Affero General Public License and
|
|
||||||
published by Affero, was designed to accomplish similar goals. This is
|
|
||||||
a different license, not a version of the Affero GPL, but Affero has
|
|
||||||
released a new version of the Affero GPL which permits relicensing
|
|
||||||
under this license.
|
|
||||||
|
|
||||||
The precise terms and conditions for copying, distribution and
|
|
||||||
modification follow.
|
|
||||||
|
|
||||||
### TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
#### 0. Definitions.
|
|
||||||
|
|
||||||
"This License" refers to version 3 of the GNU Affero General Public
|
|
||||||
License.
|
|
||||||
|
|
||||||
"Copyright" also means copyright-like laws that apply to other kinds
|
|
||||||
of works, such as semiconductor masks.
|
|
||||||
|
|
||||||
"The Program" refers to any copyrightable work licensed under this
|
|
||||||
License. Each licensee is addressed as "you". "Licensees" and
|
|
||||||
"recipients" may be individuals or organizations.
|
|
||||||
|
|
||||||
To "modify" a work means to copy from or adapt all or part of the work
|
|
||||||
in a fashion requiring copyright permission, other than the making of
|
|
||||||
an exact copy. The resulting work is called a "modified version" of
|
|
||||||
the earlier work or a work "based on" the earlier work.
|
|
||||||
|
|
||||||
A "covered work" means either the unmodified Program or a work based
|
|
||||||
on the Program.
|
|
||||||
|
|
||||||
To "propagate" a work means to do anything with it that, without
|
|
||||||
permission, would make you directly or secondarily liable for
|
|
||||||
infringement under applicable copyright law, except executing it on a
|
|
||||||
computer or modifying a private copy. Propagation includes copying,
|
|
||||||
distribution (with or without modification), making available to the
|
|
||||||
public, and in some countries other activities as well.
|
|
||||||
|
|
||||||
To "convey" a work means any kind of propagation that enables other
|
|
||||||
parties to make or receive copies. Mere interaction with a user
|
|
||||||
through a computer network, with no transfer of a copy, is not
|
|
||||||
conveying.
|
|
||||||
|
|
||||||
An interactive user interface displays "Appropriate Legal Notices" to
|
|
||||||
the extent that it includes a convenient and prominently visible
|
|
||||||
feature that (1) displays an appropriate copyright notice, and (2)
|
|
||||||
tells the user that there is no warranty for the work (except to the
|
|
||||||
extent that warranties are provided), that licensees may convey the
|
|
||||||
work under this License, and how to view a copy of this License. If
|
|
||||||
the interface presents a list of user commands or options, such as a
|
|
||||||
menu, a prominent item in the list meets this criterion.
|
|
||||||
|
|
||||||
#### 1. Source Code.
|
|
||||||
|
|
||||||
The "source code" for a work means the preferred form of the work for
|
|
||||||
making modifications to it. "Object code" means any non-source form of
|
|
||||||
a work.
|
|
||||||
|
|
||||||
A "Standard Interface" means an interface that either is an official
|
|
||||||
standard defined by a recognized standards body, or, in the case of
|
|
||||||
interfaces specified for a particular programming language, one that
|
|
||||||
is widely used among developers working in that language.
|
|
||||||
|
|
||||||
The "System Libraries" of an executable work include anything, other
|
|
||||||
than the work as a whole, that (a) is included in the normal form of
|
|
||||||
packaging a Major Component, but which is not part of that Major
|
|
||||||
Component, and (b) serves only to enable use of the work with that
|
|
||||||
Major Component, or to implement a Standard Interface for which an
|
|
||||||
implementation is available to the public in source code form. A
|
|
||||||
"Major Component", in this context, means a major essential component
|
|
||||||
(kernel, window system, and so on) of the specific operating system
|
|
||||||
(if any) on which the executable work runs, or a compiler used to
|
|
||||||
produce the work, or an object code interpreter used to run it.
|
|
||||||
|
|
||||||
The "Corresponding Source" for a work in object code form means all
|
|
||||||
the source code needed to generate, install, and (for an executable
|
|
||||||
work) run the object code and to modify the work, including scripts to
|
|
||||||
control those activities. However, it does not include the work's
|
|
||||||
System Libraries, or general-purpose tools or generally available free
|
|
||||||
programs which are used unmodified in performing those activities but
|
|
||||||
which are not part of the work. For example, Corresponding Source
|
|
||||||
includes interface definition files associated with source files for
|
|
||||||
the work, and the source code for shared libraries and dynamically
|
|
||||||
linked subprograms that the work is specifically designed to require,
|
|
||||||
such as by intimate data communication or control flow between those
|
|
||||||
subprograms and other parts of the work.
|
|
||||||
|
|
||||||
The Corresponding Source need not include anything that users can
|
|
||||||
regenerate automatically from other parts of the Corresponding Source.
|
|
||||||
|
|
||||||
The Corresponding Source for a work in source code form is that same
|
|
||||||
work.
|
|
||||||
|
|
||||||
#### 2. Basic Permissions.
|
|
||||||
|
|
||||||
All rights granted under this License are granted for the term of
|
|
||||||
copyright on the Program, and are irrevocable provided the stated
|
|
||||||
conditions are met. This License explicitly affirms your unlimited
|
|
||||||
permission to run the unmodified Program. The output from running a
|
|
||||||
covered work is covered by this License only if the output, given its
|
|
||||||
content, constitutes a covered work. This License acknowledges your
|
|
||||||
rights of fair use or other equivalent, as provided by copyright law.
|
|
||||||
|
|
||||||
You may make, run and propagate covered works that you do not convey,
|
|
||||||
without conditions so long as your license otherwise remains in force.
|
|
||||||
You may convey covered works to others for the sole purpose of having
|
|
||||||
them make modifications exclusively for you, or provide you with
|
|
||||||
facilities for running those works, provided that you comply with the
|
|
||||||
terms of this License in conveying all material for which you do not
|
|
||||||
control copyright. Those thus making or running the covered works for
|
|
||||||
you must do so exclusively on your behalf, under your direction and
|
|
||||||
control, on terms that prohibit them from making any copies of your
|
|
||||||
copyrighted material outside their relationship with you.
|
|
||||||
|
|
||||||
Conveying under any other circumstances is permitted solely under the
|
|
||||||
conditions stated below. Sublicensing is not allowed; section 10 makes
|
|
||||||
it unnecessary.
|
|
||||||
|
|
||||||
#### 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
|
||||||
|
|
||||||
No covered work shall be deemed part of an effective technological
|
|
||||||
measure under any applicable law fulfilling obligations under article
|
|
||||||
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
|
||||||
similar laws prohibiting or restricting circumvention of such
|
|
||||||
measures.
|
|
||||||
|
|
||||||
When you convey a covered work, you waive any legal power to forbid
|
|
||||||
circumvention of technological measures to the extent such
|
|
||||||
circumvention is effected by exercising rights under this License with
|
|
||||||
respect to the covered work, and you disclaim any intention to limit
|
|
||||||
operation or modification of the work as a means of enforcing, against
|
|
||||||
the work's users, your or third parties' legal rights to forbid
|
|
||||||
circumvention of technological measures.
|
|
||||||
|
|
||||||
#### 4. Conveying Verbatim Copies.
|
|
||||||
|
|
||||||
You may convey verbatim copies of the Program's source code as you
|
|
||||||
receive it, in any medium, provided that you conspicuously and
|
|
||||||
appropriately publish on each copy an appropriate copyright notice;
|
|
||||||
keep intact all notices stating that this License and any
|
|
||||||
non-permissive terms added in accord with section 7 apply to the code;
|
|
||||||
keep intact all notices of the absence of any warranty; and give all
|
|
||||||
recipients a copy of this License along with the Program.
|
|
||||||
|
|
||||||
You may charge any price or no price for each copy that you convey,
|
|
||||||
and you may offer support or warranty protection for a fee.
|
|
||||||
|
|
||||||
#### 5. Conveying Modified Source Versions.
|
|
||||||
|
|
||||||
You may convey a work based on the Program, or the modifications to
|
|
||||||
produce it from the Program, in the form of source code under the
|
|
||||||
terms of section 4, provided that you also meet all of these
|
|
||||||
conditions:
|
|
||||||
|
|
||||||
- a) The work must carry prominent notices stating that you modified
|
|
||||||
it, and giving a relevant date.
|
|
||||||
- b) The work must carry prominent notices stating that it is
|
|
||||||
released under this License and any conditions added under
|
|
||||||
section 7. This requirement modifies the requirement in section 4
|
|
||||||
to "keep intact all notices".
|
|
||||||
- c) You must license the entire work, as a whole, under this
|
|
||||||
License to anyone who comes into possession of a copy. This
|
|
||||||
License will therefore apply, along with any applicable section 7
|
|
||||||
additional terms, to the whole of the work, and all its parts,
|
|
||||||
regardless of how they are packaged. This License gives no
|
|
||||||
permission to license the work in any other way, but it does not
|
|
||||||
invalidate such permission if you have separately received it.
|
|
||||||
- d) If the work has interactive user interfaces, each must display
|
|
||||||
Appropriate Legal Notices; however, if the Program has interactive
|
|
||||||
interfaces that do not display Appropriate Legal Notices, your
|
|
||||||
work need not make them do so.
|
|
||||||
|
|
||||||
A compilation of a covered work with other separate and independent
|
|
||||||
works, which are not by their nature extensions of the covered work,
|
|
||||||
and which are not combined with it such as to form a larger program,
|
|
||||||
in or on a volume of a storage or distribution medium, is called an
|
|
||||||
"aggregate" if the compilation and its resulting copyright are not
|
|
||||||
used to limit the access or legal rights of the compilation's users
|
|
||||||
beyond what the individual works permit. Inclusion of a covered work
|
|
||||||
in an aggregate does not cause this License to apply to the other
|
|
||||||
parts of the aggregate.
|
|
||||||
|
|
||||||
#### 6. Conveying Non-Source Forms.
|
|
||||||
|
|
||||||
You may convey a covered work in object code form under the terms of
|
|
||||||
sections 4 and 5, provided that you also convey the machine-readable
|
|
||||||
Corresponding Source under the terms of this License, in one of these
|
|
||||||
ways:
|
|
||||||
|
|
||||||
- a) Convey the object code in, or embodied in, a physical product
|
|
||||||
(including a physical distribution medium), accompanied by the
|
|
||||||
Corresponding Source fixed on a durable physical medium
|
|
||||||
customarily used for software interchange.
|
|
||||||
- b) Convey the object code in, or embodied in, a physical product
|
|
||||||
(including a physical distribution medium), accompanied by a
|
|
||||||
written offer, valid for at least three years and valid for as
|
|
||||||
long as you offer spare parts or customer support for that product
|
|
||||||
model, to give anyone who possesses the object code either (1) a
|
|
||||||
copy of the Corresponding Source for all the software in the
|
|
||||||
product that is covered by this License, on a durable physical
|
|
||||||
medium customarily used for software interchange, for a price no
|
|
||||||
more than your reasonable cost of physically performing this
|
|
||||||
conveying of source, or (2) access to copy the Corresponding
|
|
||||||
Source from a network server at no charge.
|
|
||||||
- c) Convey individual copies of the object code with a copy of the
|
|
||||||
written offer to provide the Corresponding Source. This
|
|
||||||
alternative is allowed only occasionally and noncommercially, and
|
|
||||||
only if you received the object code with such an offer, in accord
|
|
||||||
with subsection 6b.
|
|
||||||
- d) Convey the object code by offering access from a designated
|
|
||||||
place (gratis or for a charge), and offer equivalent access to the
|
|
||||||
Corresponding Source in the same way through the same place at no
|
|
||||||
further charge. You need not require recipients to copy the
|
|
||||||
Corresponding Source along with the object code. If the place to
|
|
||||||
copy the object code is a network server, the Corresponding Source
|
|
||||||
may be on a different server (operated by you or a third party)
|
|
||||||
that supports equivalent copying facilities, provided you maintain
|
|
||||||
clear directions next to the object code saying where to find the
|
|
||||||
Corresponding Source. Regardless of what server hosts the
|
|
||||||
Corresponding Source, you remain obligated to ensure that it is
|
|
||||||
available for as long as needed to satisfy these requirements.
|
|
||||||
- e) Convey the object code using peer-to-peer transmission,
|
|
||||||
provided you inform other peers where the object code and
|
|
||||||
Corresponding Source of the work are being offered to the general
|
|
||||||
public at no charge under subsection 6d.
|
|
||||||
|
|
||||||
A separable portion of the object code, whose source code is excluded
|
|
||||||
from the Corresponding Source as a System Library, need not be
|
|
||||||
included in conveying the object code work.
|
|
||||||
|
|
||||||
A "User Product" is either (1) a "consumer product", which means any
|
|
||||||
tangible personal property which is normally used for personal,
|
|
||||||
family, or household purposes, or (2) anything designed or sold for
|
|
||||||
incorporation into a dwelling. In determining whether a product is a
|
|
||||||
consumer product, doubtful cases shall be resolved in favor of
|
|
||||||
coverage. For a particular product received by a particular user,
|
|
||||||
"normally used" refers to a typical or common use of that class of
|
|
||||||
product, regardless of the status of the particular user or of the way
|
|
||||||
in which the particular user actually uses, or expects or is expected
|
|
||||||
to use, the product. A product is a consumer product regardless of
|
|
||||||
whether the product has substantial commercial, industrial or
|
|
||||||
non-consumer uses, unless such uses represent the only significant
|
|
||||||
mode of use of the product.
|
|
||||||
|
|
||||||
"Installation Information" for a User Product means any methods,
|
|
||||||
procedures, authorization keys, or other information required to
|
|
||||||
install and execute modified versions of a covered work in that User
|
|
||||||
Product from a modified version of its Corresponding Source. The
|
|
||||||
information must suffice to ensure that the continued functioning of
|
|
||||||
the modified object code is in no case prevented or interfered with
|
|
||||||
solely because modification has been made.
|
|
||||||
|
|
||||||
If you convey an object code work under this section in, or with, or
|
|
||||||
specifically for use in, a User Product, and the conveying occurs as
|
|
||||||
part of a transaction in which the right of possession and use of the
|
|
||||||
User Product is transferred to the recipient in perpetuity or for a
|
|
||||||
fixed term (regardless of how the transaction is characterized), the
|
|
||||||
Corresponding Source conveyed under this section must be accompanied
|
|
||||||
by the Installation Information. But this requirement does not apply
|
|
||||||
if neither you nor any third party retains the ability to install
|
|
||||||
modified object code on the User Product (for example, the work has
|
|
||||||
been installed in ROM).
|
|
||||||
|
|
||||||
The requirement to provide Installation Information does not include a
|
|
||||||
requirement to continue to provide support service, warranty, or
|
|
||||||
updates for a work that has been modified or installed by the
|
|
||||||
recipient, or for the User Product in which it has been modified or
|
|
||||||
installed. Access to a network may be denied when the modification
|
|
||||||
itself materially and adversely affects the operation of the network
|
|
||||||
or violates the rules and protocols for communication across the
|
|
||||||
network.
|
|
||||||
|
|
||||||
Corresponding Source conveyed, and Installation Information provided,
|
|
||||||
in accord with this section must be in a format that is publicly
|
|
||||||
documented (and with an implementation available to the public in
|
|
||||||
source code form), and must require no special password or key for
|
|
||||||
unpacking, reading or copying.
|
|
||||||
|
|
||||||
#### 7. Additional Terms.
|
|
||||||
|
|
||||||
"Additional permissions" are terms that supplement the terms of this
|
|
||||||
License by making exceptions from one or more of its conditions.
|
|
||||||
Additional permissions that are applicable to the entire Program shall
|
|
||||||
be treated as though they were included in this License, to the extent
|
|
||||||
that they are valid under applicable law. If additional permissions
|
|
||||||
apply only to part of the Program, that part may be used separately
|
|
||||||
under those permissions, but the entire Program remains governed by
|
|
||||||
this License without regard to the additional permissions.
|
|
||||||
|
|
||||||
When you convey a copy of a covered work, you may at your option
|
|
||||||
remove any additional permissions from that copy, or from any part of
|
|
||||||
it. (Additional permissions may be written to require their own
|
|
||||||
removal in certain cases when you modify the work.) You may place
|
|
||||||
additional permissions on material, added by you to a covered work,
|
|
||||||
for which you have or can give appropriate copyright permission.
|
|
||||||
|
|
||||||
Notwithstanding any other provision of this License, for material you
|
|
||||||
add to a covered work, you may (if authorized by the copyright holders
|
|
||||||
of that material) supplement the terms of this License with terms:
|
|
||||||
|
|
||||||
- a) Disclaiming warranty or limiting liability differently from the
|
|
||||||
terms of sections 15 and 16 of this License; or
|
|
||||||
- b) Requiring preservation of specified reasonable legal notices or
|
|
||||||
author attributions in that material or in the Appropriate Legal
|
|
||||||
Notices displayed by works containing it; or
|
|
||||||
- c) Prohibiting misrepresentation of the origin of that material,
|
|
||||||
or requiring that modified versions of such material be marked in
|
|
||||||
reasonable ways as different from the original version; or
|
|
||||||
- d) Limiting the use for publicity purposes of names of licensors
|
|
||||||
or authors of the material; or
|
|
||||||
- e) Declining to grant rights under trademark law for use of some
|
|
||||||
trade names, trademarks, or service marks; or
|
|
||||||
- f) Requiring indemnification of licensors and authors of that
|
|
||||||
material by anyone who conveys the material (or modified versions
|
|
||||||
of it) with contractual assumptions of liability to the recipient,
|
|
||||||
for any liability that these contractual assumptions directly
|
|
||||||
impose on those licensors and authors.
|
|
||||||
|
|
||||||
All other non-permissive additional terms are considered "further
|
|
||||||
restrictions" within the meaning of section 10. If the Program as you
|
|
||||||
received it, or any part of it, contains a notice stating that it is
|
|
||||||
governed by this License along with a term that is a further
|
|
||||||
restriction, you may remove that term. If a license document contains
|
|
||||||
a further restriction but permits relicensing or conveying under this
|
|
||||||
License, you may add to a covered work material governed by the terms
|
|
||||||
of that license document, provided that the further restriction does
|
|
||||||
not survive such relicensing or conveying.
|
|
||||||
|
|
||||||
If you add terms to a covered work in accord with this section, you
|
|
||||||
must place, in the relevant source files, a statement of the
|
|
||||||
additional terms that apply to those files, or a notice indicating
|
|
||||||
where to find the applicable terms.
|
|
||||||
|
|
||||||
Additional terms, permissive or non-permissive, may be stated in the
|
|
||||||
form of a separately written license, or stated as exceptions; the
|
|
||||||
above requirements apply either way.
|
|
||||||
|
|
||||||
#### 8. Termination.
|
|
||||||
|
|
||||||
You may not propagate or modify a covered work except as expressly
|
|
||||||
provided under this License. Any attempt otherwise to propagate or
|
|
||||||
modify it is void, and will automatically terminate your rights under
|
|
||||||
this License (including any patent licenses granted under the third
|
|
||||||
paragraph of section 11).
|
|
||||||
|
|
||||||
However, if you cease all violation of this License, then your license
|
|
||||||
from a particular copyright holder is reinstated (a) provisionally,
|
|
||||||
unless and until the copyright holder explicitly and finally
|
|
||||||
terminates your license, and (b) permanently, if the copyright holder
|
|
||||||
fails to notify you of the violation by some reasonable means prior to
|
|
||||||
60 days after the cessation.
|
|
||||||
|
|
||||||
Moreover, your license from a particular copyright holder is
|
|
||||||
reinstated permanently if the copyright holder notifies you of the
|
|
||||||
violation by some reasonable means, this is the first time you have
|
|
||||||
received notice of violation of this License (for any work) from that
|
|
||||||
copyright holder, and you cure the violation prior to 30 days after
|
|
||||||
your receipt of the notice.
|
|
||||||
|
|
||||||
Termination of your rights under this section does not terminate the
|
|
||||||
licenses of parties who have received copies or rights from you under
|
|
||||||
this License. If your rights have been terminated and not permanently
|
|
||||||
reinstated, you do not qualify to receive new licenses for the same
|
|
||||||
material under section 10.
|
|
||||||
|
|
||||||
#### 9. Acceptance Not Required for Having Copies.
|
|
||||||
|
|
||||||
You are not required to accept this License in order to receive or run
|
|
||||||
a copy of the Program. Ancillary propagation of a covered work
|
|
||||||
occurring solely as a consequence of using peer-to-peer transmission
|
|
||||||
to receive a copy likewise does not require acceptance. However,
|
|
||||||
nothing other than this License grants you permission to propagate or
|
|
||||||
modify any covered work. These actions infringe copyright if you do
|
|
||||||
not accept this License. Therefore, by modifying or propagating a
|
|
||||||
covered work, you indicate your acceptance of this License to do so.
|
|
||||||
|
|
||||||
#### 10. Automatic Licensing of Downstream Recipients.
|
|
||||||
|
|
||||||
Each time you convey a covered work, the recipient automatically
|
|
||||||
receives a license from the original licensors, to run, modify and
|
|
||||||
propagate that work, subject to this License. You are not responsible
|
|
||||||
for enforcing compliance by third parties with this License.
|
|
||||||
|
|
||||||
An "entity transaction" is a transaction transferring control of an
|
|
||||||
organization, or substantially all assets of one, or subdividing an
|
|
||||||
organization, or merging organizations. If propagation of a covered
|
|
||||||
work results from an entity transaction, each party to that
|
|
||||||
transaction who receives a copy of the work also receives whatever
|
|
||||||
licenses to the work the party's predecessor in interest had or could
|
|
||||||
give under the previous paragraph, plus a right to possession of the
|
|
||||||
Corresponding Source of the work from the predecessor in interest, if
|
|
||||||
the predecessor has it or can get it with reasonable efforts.
|
|
||||||
|
|
||||||
You may not impose any further restrictions on the exercise of the
|
|
||||||
rights granted or affirmed under this License. For example, you may
|
|
||||||
not impose a license fee, royalty, or other charge for exercise of
|
|
||||||
rights granted under this License, and you may not initiate litigation
|
|
||||||
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
|
||||||
any patent claim is infringed by making, using, selling, offering for
|
|
||||||
sale, or importing the Program or any portion of it.
|
|
||||||
|
|
||||||
#### 11. Patents.
|
|
||||||
|
|
||||||
A "contributor" is a copyright holder who authorizes use under this
|
|
||||||
License of the Program or a work on which the Program is based. The
|
|
||||||
work thus licensed is called the contributor's "contributor version".
|
|
||||||
|
|
||||||
A contributor's "essential patent claims" are all patent claims owned
|
|
||||||
or controlled by the contributor, whether already acquired or
|
|
||||||
hereafter acquired, that would be infringed by some manner, permitted
|
|
||||||
by this License, of making, using, or selling its contributor version,
|
|
||||||
but do not include claims that would be infringed only as a
|
|
||||||
consequence of further modification of the contributor version. For
|
|
||||||
purposes of this definition, "control" includes the right to grant
|
|
||||||
patent sublicenses in a manner consistent with the requirements of
|
|
||||||
this License.
|
|
||||||
|
|
||||||
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
|
||||||
patent license under the contributor's essential patent claims, to
|
|
||||||
make, use, sell, offer for sale, import and otherwise run, modify and
|
|
||||||
propagate the contents of its contributor version.
|
|
||||||
|
|
||||||
In the following three paragraphs, a "patent license" is any express
|
|
||||||
agreement or commitment, however denominated, not to enforce a patent
|
|
||||||
(such as an express permission to practice a patent or covenant not to
|
|
||||||
sue for patent infringement). To "grant" such a patent license to a
|
|
||||||
party means to make such an agreement or commitment not to enforce a
|
|
||||||
patent against the party.
|
|
||||||
|
|
||||||
If you convey a covered work, knowingly relying on a patent license,
|
|
||||||
and the Corresponding Source of the work is not available for anyone
|
|
||||||
to copy, free of charge and under the terms of this License, through a
|
|
||||||
publicly available network server or other readily accessible means,
|
|
||||||
then you must either (1) cause the Corresponding Source to be so
|
|
||||||
available, or (2) arrange to deprive yourself of the benefit of the
|
|
||||||
patent license for this particular work, or (3) arrange, in a manner
|
|
||||||
consistent with the requirements of this License, to extend the patent
|
|
||||||
license to downstream recipients. "Knowingly relying" means you have
|
|
||||||
actual knowledge that, but for the patent license, your conveying the
|
|
||||||
covered work in a country, or your recipient's use of the covered work
|
|
||||||
in a country, would infringe one or more identifiable patents in that
|
|
||||||
country that you have reason to believe are valid.
|
|
||||||
|
|
||||||
If, pursuant to or in connection with a single transaction or
|
|
||||||
arrangement, you convey, or propagate by procuring conveyance of, a
|
|
||||||
covered work, and grant a patent license to some of the parties
|
|
||||||
receiving the covered work authorizing them to use, propagate, modify
|
|
||||||
or convey a specific copy of the covered work, then the patent license
|
|
||||||
you grant is automatically extended to all recipients of the covered
|
|
||||||
work and works based on it.
|
|
||||||
|
|
||||||
A patent license is "discriminatory" if it does not include within the
|
|
||||||
scope of its coverage, prohibits the exercise of, or is conditioned on
|
|
||||||
the non-exercise of one or more of the rights that are specifically
|
|
||||||
granted under this License. You may not convey a covered work if you
|
|
||||||
are a party to an arrangement with a third party that is in the
|
|
||||||
business of distributing software, under which you make payment to the
|
|
||||||
third party based on the extent of your activity of conveying the
|
|
||||||
work, and under which the third party grants, to any of the parties
|
|
||||||
who would receive the covered work from you, a discriminatory patent
|
|
||||||
license (a) in connection with copies of the covered work conveyed by
|
|
||||||
you (or copies made from those copies), or (b) primarily for and in
|
|
||||||
connection with specific products or compilations that contain the
|
|
||||||
covered work, unless you entered into that arrangement, or that patent
|
|
||||||
license was granted, prior to 28 March 2007.
|
|
||||||
|
|
||||||
Nothing in this License shall be construed as excluding or limiting
|
|
||||||
any implied license or other defenses to infringement that may
|
|
||||||
otherwise be available to you under applicable patent law.
|
|
||||||
|
|
||||||
#### 12. No Surrender of Others' Freedom.
|
|
||||||
|
|
||||||
If conditions are imposed on you (whether by court order, agreement or
|
|
||||||
otherwise) that contradict the conditions of this License, they do not
|
|
||||||
excuse you from the conditions of this License. If you cannot convey a
|
|
||||||
covered work so as to satisfy simultaneously your obligations under
|
|
||||||
this License and any other pertinent obligations, then as a
|
|
||||||
consequence you may not convey it at all. For example, if you agree to
|
|
||||||
terms that obligate you to collect a royalty for further conveying
|
|
||||||
from those to whom you convey the Program, the only way you could
|
|
||||||
satisfy both those terms and this License would be to refrain entirely
|
|
||||||
from conveying the Program.
|
|
||||||
|
|
||||||
#### 13. Remote Network Interaction; Use with the GNU General Public License.
|
|
||||||
|
|
||||||
Notwithstanding any other provision of this License, if you modify the
|
|
||||||
Program, your modified version must prominently offer all users
|
|
||||||
interacting with it remotely through a computer network (if your
|
|
||||||
version supports such interaction) an opportunity to receive the
|
|
||||||
Corresponding Source of your version by providing access to the
|
|
||||||
Corresponding Source from a network server at no charge, through some
|
|
||||||
standard or customary means of facilitating copying of software. This
|
|
||||||
Corresponding Source shall include the Corresponding Source for any
|
|
||||||
work covered by version 3 of the GNU General Public License that is
|
|
||||||
incorporated pursuant to the following paragraph.
|
|
||||||
|
|
||||||
Notwithstanding any other provision of this License, you have
|
|
||||||
permission to link or combine any covered work with a work licensed
|
|
||||||
under version 3 of the GNU General Public License into a single
|
|
||||||
combined work, and to convey the resulting work. The terms of this
|
|
||||||
License will continue to apply to the part which is the covered work,
|
|
||||||
but the work with which it is combined will remain governed by version
|
|
||||||
3 of the GNU General Public License.
|
|
||||||
|
|
||||||
#### 14. Revised Versions of this License.
|
|
||||||
|
|
||||||
The Free Software Foundation may publish revised and/or new versions
|
|
||||||
of the GNU Affero General Public License from time to time. Such new
|
|
||||||
versions will be similar in spirit to the present version, but may
|
|
||||||
differ in detail to address new problems or concerns.
|
|
||||||
|
|
||||||
Each version is given a distinguishing version number. If the Program
|
|
||||||
specifies that a certain numbered version of the GNU Affero General
|
|
||||||
Public License "or any later version" applies to it, you have the
|
|
||||||
option of following the terms and conditions either of that numbered
|
|
||||||
version or of any later version published by the Free Software
|
|
||||||
Foundation. If the Program does not specify a version number of the
|
|
||||||
GNU Affero General Public License, you may choose any version ever
|
|
||||||
published by the Free Software Foundation.
|
|
||||||
|
|
||||||
If the Program specifies that a proxy can decide which future versions
|
|
||||||
of the GNU Affero General Public License can be used, that proxy's
|
|
||||||
public statement of acceptance of a version permanently authorizes you
|
|
||||||
to choose that version for the Program.
|
|
||||||
|
|
||||||
Later license versions may give you additional or different
|
|
||||||
permissions. However, no additional obligations are imposed on any
|
|
||||||
author or copyright holder as a result of your choosing to follow a
|
|
||||||
later version.
|
|
||||||
|
|
||||||
#### 15. Disclaimer of Warranty.
|
|
||||||
|
|
||||||
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
|
||||||
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
|
||||||
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT
|
|
||||||
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
|
|
||||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
||||||
A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
|
|
||||||
PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE
|
|
||||||
DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
|
|
||||||
CORRECTION.
|
|
||||||
|
|
||||||
#### 16. Limitation of Liability.
|
|
||||||
|
|
||||||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
|
||||||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
|
|
||||||
CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
|
|
||||||
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
|
|
||||||
ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
|
|
||||||
NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
|
|
||||||
LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
|
|
||||||
TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
|
|
||||||
PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
|
||||||
|
|
||||||
#### 17. Interpretation of Sections 15 and 16.
|
|
||||||
|
|
||||||
If the disclaimer of warranty and limitation of liability provided
|
|
||||||
above cannot be given local legal effect according to their terms,
|
|
||||||
reviewing courts shall apply local law that most closely approximates
|
|
||||||
an absolute waiver of all civil liability in connection with the
|
|
||||||
Program, unless a warranty or assumption of liability accompanies a
|
|
||||||
copy of the Program in return for a fee.
|
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
|
||||||
|
|
||||||
### How to Apply These Terms to Your New Programs
|
|
||||||
|
|
||||||
If you develop a new program, and you want it to be of the greatest
|
|
||||||
possible use to the public, the best way to achieve this is to make it
|
|
||||||
free software which everyone can redistribute and change under these
|
|
||||||
terms.
|
|
||||||
|
|
||||||
To do so, attach the following notices to the program. It is safest to
|
|
||||||
attach them to the start of each source file to most effectively state
|
|
||||||
the exclusion of warranty; and each file should have at least the
|
|
||||||
"copyright" line and a pointer to where the full notice is found.
|
|
||||||
|
|
||||||
<one line to give the program's name and a brief idea of what it does.>
|
|
||||||
Copyright (C) <year> <name of author>
|
|
||||||
|
|
||||||
This program is free software: you can redistribute it and/or modify
|
|
||||||
it under the terms of the GNU Affero General Public License as
|
|
||||||
published by the Free Software Foundation, either version 3 of the
|
|
||||||
License, or (at your option) any later version.
|
|
||||||
|
|
||||||
This program is distributed in the hope that it will be useful,
|
|
||||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
GNU Affero General Public License for more details.
|
|
||||||
|
|
||||||
You should have received a copy of the GNU Affero General Public License
|
|
||||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
||||||
|
|
||||||
Also add information on how to contact you by electronic and paper
|
|
||||||
mail.
|
|
||||||
|
|
||||||
If your software can interact with users remotely through a computer
|
|
||||||
network, you should also make sure that it provides a way for users to
|
|
||||||
get its source. For example, if your program is a web application, its
|
|
||||||
interface could display a "Source" link that leads users to an archive
|
|
||||||
of the code. There are many ways you could offer source, and different
|
|
||||||
solutions will be better for different programs; see section 13 for
|
|
||||||
the specific requirements.
|
|
||||||
|
|
||||||
You should also get your employer (if you work as a programmer) or
|
|
||||||
school, if any, to sign a "copyright disclaimer" for the program, if
|
|
||||||
necessary. For more information on this, and how to apply and follow
|
|
||||||
the GNU AGPL, see <https://www.gnu.org/licenses/>.
|
|
35
default.nix
35
default.nix
|
@ -1,35 +0,0 @@
|
||||||
let
|
|
||||||
inherit (default.inputs.nixos) lib;
|
|
||||||
|
|
||||||
default = (import ./lib/compat).defaultNix;
|
|
||||||
|
|
||||||
ciSystems = [
|
|
||||||
"aarch64-linux"
|
|
||||||
"x86_64-linux"
|
|
||||||
];
|
|
||||||
|
|
||||||
filterSystems =
|
|
||||||
lib.filterAttrs
|
|
||||||
(system: _: lib.elem system ciSystems);
|
|
||||||
|
|
||||||
recurseIntoAttrsRecursive = lib.mapAttrs (
|
|
||||||
_: v:
|
|
||||||
if lib.isAttrs v
|
|
||||||
then recurseIntoAttrsRecursive (lib.recurseIntoAttrs v)
|
|
||||||
else v
|
|
||||||
);
|
|
||||||
|
|
||||||
systemOutputs =
|
|
||||||
lib.filterAttrs
|
|
||||||
(
|
|
||||||
name: set:
|
|
||||||
lib.isAttrs set
|
|
||||||
&& lib.any
|
|
||||||
(system: set ? ${system} && name != "legacyPackages")
|
|
||||||
ciSystems
|
|
||||||
)
|
|
||||||
default.outputs;
|
|
||||||
|
|
||||||
ciDrvs = lib.mapAttrs (_: system: filterSystems system) systemOutputs;
|
|
||||||
in
|
|
||||||
(recurseIntoAttrsRecursive ciDrvs) // {shell = import ./shell.nix;}
|
|
464
flake.lock
464
flake.lock
|
@ -5,7 +5,7 @@
|
||||||
"adblockStevenBlack": "adblockStevenBlack",
|
"adblockStevenBlack": "adblockStevenBlack",
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixos"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -41,10 +41,10 @@
|
||||||
"agenix": {
|
"agenix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"darwin": [
|
"darwin": [
|
||||||
"darwin"
|
"nix-darwin"
|
||||||
],
|
],
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixos"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -61,32 +61,12 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"darwin": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixos"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1688307440,
|
|
||||||
"narHash": "sha256-7PTjbN+/+b799YN7Tk2SS5Vh8A0L3gBo8hmB7Y0VXug=",
|
|
||||||
"owner": "LnL7",
|
|
||||||
"repo": "nix-darwin",
|
|
||||||
"rev": "b06bab83bdf285ea0ae3c8e145a081eb95959047",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "LnL7",
|
|
||||||
"repo": "nix-darwin",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"deno2nix": {
|
"deno2nix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"devshell": "devshell_3",
|
"devshell": "devshell",
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat_2",
|
||||||
"flake-utils": "flake-utils_5",
|
"flake-utils": "flake-utils_2",
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1686513235,
|
"lastModified": 1686513235,
|
||||||
|
@ -102,22 +82,22 @@
|
||||||
"url": "https://git.pub.solar/b12f/deno2.nix.git"
|
"url": "https://git.pub.solar/b12f/deno2.nix.git"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"deploy": {
|
"deploy-rs": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": [
|
"flake-compat": [
|
||||||
"flake-compat"
|
"flake-compat"
|
||||||
],
|
],
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixos"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1686747123,
|
"lastModified": 1695052866,
|
||||||
"narHash": "sha256-XUQK9kwHpTeilHoad7L4LjMCCyY13Oq383CoFADecRE=",
|
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
|
||||||
"owner": "serokell",
|
"owner": "serokell",
|
||||||
"repo": "deploy-rs",
|
"repo": "deploy-rs",
|
||||||
"rev": "724463b5a94daa810abfc64a4f87faef4e00f984",
|
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -128,18 +108,19 @@
|
||||||
},
|
},
|
||||||
"devshell": {
|
"devshell": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_2",
|
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"digga",
|
"scan2paperless",
|
||||||
|
"deno2nix",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
],
|
||||||
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1671489820,
|
"lastModified": 1685972731,
|
||||||
"narHash": "sha256-qoei5HDJ8psd1YUPD7DhbHdhLIT9L2nadscp4Qk37uk=",
|
"narHash": "sha256-VpwVUthxs3AFgvWxGTHu+KVDnS/zT3xkCtmjX2PjNQs=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "devshell",
|
"repo": "devshell",
|
||||||
"rev": "5aa3a8039c68b4bf869327446590f4cdf90bb634",
|
"rev": "6b2554d28d46bfa6e24b941e999a145760dad0e1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -149,32 +130,9 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"devshell_2": {
|
"devshell_2": {
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"keycloak-theme-pub-solar",
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"systems": "systems"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1688380630,
|
|
||||||
"narHash": "sha256-8ilApWVb1mAi4439zS3iFeIT0ODlbrifm/fegWwgHjA=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "devshell",
|
|
||||||
"rev": "f9238ec3d75cefbb2b42a44948c4e8fb1ae9a205",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "devshell",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"devshell_3": {
|
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"scan2paperless",
|
"scan2paperless",
|
||||||
"deno2nix",
|
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
],
|
||||||
"systems": "systems_3"
|
"systems": "systems_3"
|
||||||
|
@ -193,100 +151,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"devshell_4": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"scan2paperless",
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"systems": "systems_5"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1685972731,
|
|
||||||
"narHash": "sha256-VpwVUthxs3AFgvWxGTHu+KVDnS/zT3xkCtmjX2PjNQs=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "devshell",
|
|
||||||
"rev": "6b2554d28d46bfa6e24b941e999a145760dad0e1",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "devshell",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"digga": {
|
|
||||||
"inputs": {
|
|
||||||
"darwin": [
|
|
||||||
"darwin"
|
|
||||||
],
|
|
||||||
"deploy": [
|
|
||||||
"deploy"
|
|
||||||
],
|
|
||||||
"devshell": "devshell",
|
|
||||||
"flake-compat": [
|
|
||||||
"flake-compat"
|
|
||||||
],
|
|
||||||
"flake-utils": "flake-utils_3",
|
|
||||||
"flake-utils-plus": "flake-utils-plus",
|
|
||||||
"home-manager": [
|
|
||||||
"home"
|
|
||||||
],
|
|
||||||
"nixlib": [
|
|
||||||
"nixos"
|
|
||||||
],
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixos"
|
|
||||||
],
|
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1674947971,
|
|
||||||
"narHash": "sha256-6gKqegJHs72jnfFP9g2sihl4fIZgtKgKuqU2rCkIdGY=",
|
|
||||||
"owner": "pub-solar",
|
|
||||||
"repo": "digga",
|
|
||||||
"rev": "2da608bd8afb48afef82c6b1b6d852a36094a497",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "pub-solar",
|
|
||||||
"ref": "fix/bootstrap-iso",
|
|
||||||
"repo": "digga",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"fix-atomic-container-restarts": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1688325567,
|
|
||||||
"narHash": "sha256-7thz5UlbgR9LNWOoPKMtpchI8U1EQpj6p4FhIGe3ZRI=",
|
|
||||||
"owner": "pub-solar",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "2a04ada27acb5a7401f8265e9d0a6db0f259cafb",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "pub-solar",
|
|
||||||
"ref": "fix/atomic-container-restarts",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"fix-yubikey-agent": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1654372286,
|
|
||||||
"narHash": "sha256-z1WrQkL67Sosz1VnuKQLpzEkEl4ianeLpWJX8Q6bVQY=",
|
|
||||||
"owner": "pub-solar",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "4995a873a796c54cc49e5dca9e1d20350eceec7b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "pub-solar",
|
|
||||||
"ref": "fix/use-latest-unstable-yubikey-agent",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -319,6 +183,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-parts": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1693611461,
|
||||||
|
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1659877975,
|
"lastModified": 1659877975,
|
||||||
|
@ -334,35 +216,16 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils-plus": {
|
|
||||||
"inputs": {
|
|
||||||
"flake-utils": [
|
|
||||||
"digga",
|
|
||||||
"flake-utils"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1654029967,
|
|
||||||
"narHash": "sha256-my3GQ3mQIw/1f6GPV1IhUZrcYQSWh0YJAMPNBjhXJDw=",
|
|
||||||
"owner": "gytis-ivaskevicius",
|
|
||||||
"repo": "flake-utils-plus",
|
|
||||||
"rev": "6271cf3842ff9c8a9af9e3508c547f86bc77d199",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "gytis-ivaskevicius",
|
|
||||||
"ref": "refs/pull/120/head",
|
|
||||||
"repo": "flake-utils-plus",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_2": {
|
"flake-utils_2": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_2"
|
||||||
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1642700792,
|
"lastModified": 1685518550,
|
||||||
"narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
|
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
|
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -372,39 +235,6 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_3": {
|
"flake-utils_3": {
|
||||||
"locked": {
|
|
||||||
"lastModified": 1667395993,
|
|
||||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_4": {
|
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_2"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1689068808,
|
|
||||||
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_5": {
|
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_4"
|
"systems": "systems_4"
|
||||||
},
|
},
|
||||||
|
@ -422,36 +252,18 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_6": {
|
"home-manager": {
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_6"
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1685518550,
|
|
||||||
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"home": {
|
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixos"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1687871164,
|
"lastModified": 1695108154,
|
||||||
"narHash": "sha256-bBFlPthuYX322xOlpJvkjUBz0C+MOBjZdDOOJJ+G2jU=",
|
"narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "07c347bb50994691d7b0095f45ebd8838cf6bc38",
|
"rev": "07682fff75d41f18327a871088d20af2710d4744",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -461,45 +273,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"keycloak-theme-pub-solar": {
|
|
||||||
"inputs": {
|
|
||||||
"devshell": "devshell_2",
|
|
||||||
"flake-utils": "flake-utils_4",
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixos"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1689875310,
|
|
||||||
"narHash": "sha256-gJxh8fVX24nZXBxstZcrzZhMRFG9jyOnQEfkgoRr39I=",
|
|
||||||
"ref": "main",
|
|
||||||
"rev": "c2c86bbf9855f16a231a596b75b443232a7b9395",
|
|
||||||
"revCount": 24,
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git.pub.solar/pub-solar/keycloak-theme"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"ref": "main",
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://git.pub.solar/pub-solar/keycloak-theme"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"latest": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1693663421,
|
|
||||||
"narHash": "sha256-ImMIlWE/idjcZAfxKK8sQA7A1Gi/O58u5/CJA+mxvl8=",
|
|
||||||
"owner": "nixos",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "e56990880811a451abd32515698c712788be5720",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nixos",
|
|
||||||
"ref": "nixos-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"master": {
|
"master": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1693817516,
|
"lastModified": 1693817516,
|
||||||
|
@ -516,6 +289,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"mobile-nixos": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696124168,
|
||||||
|
"narHash": "sha256-EzGHYAR7rozQQLZEHbKEcb5VpUFGoxwEsM0OWfW4wqU=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "mobile-nixos",
|
||||||
|
"rev": "7cee346c3f8e73b25b1cfbf7a086a7652c11e0f3",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "mobile-nixos",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"musnix": {
|
"musnix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs"
|
||||||
|
@ -534,19 +323,39 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos": {
|
"nix-darwin": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1693636127,
|
"lastModified": 1695686713,
|
||||||
"narHash": "sha256-ZlS/lFGzK7BJXX2YVGnP3yZi3T9OLOEtBCyMJsb91U8=",
|
"narHash": "sha256-rJATx5B/nwlBpt7CJUf85LV27qWPbul5UVV8fu6ABPg=",
|
||||||
"owner": "nixos",
|
"owner": "lnl7",
|
||||||
"repo": "nixpkgs",
|
"repo": "nix-darwin",
|
||||||
"rev": "9075cba53e86dc318d159aee55dc9a7c9a4829c1",
|
"rev": "e236a1e598a9a59265897948ac9874c364b9555f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "lnl7",
|
||||||
"ref": "nixos-23.05",
|
"ref": "master",
|
||||||
"repo": "nixpkgs",
|
"repo": "nix-darwin",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixos-flake": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1692742948,
|
||||||
|
"narHash": "sha256-19LQQFGshuQNrrXZYVt+mWY0O3NbhEXeMy3MZwzYZGo=",
|
||||||
|
"owner": "srid",
|
||||||
|
"repo": "nixos-flake",
|
||||||
|
"rev": "2c25190ceacdaaae7e8afbecfa87096bb499a431",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "srid",
|
||||||
|
"repo": "nixos-flake",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -581,23 +390,41 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672791794,
|
"dir": "lib",
|
||||||
"narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=",
|
"lastModified": 1693471703,
|
||||||
"owner": "nixos",
|
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
|
||||||
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d",
|
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"dir": "lib",
|
||||||
|
"owner": "NixOS",
|
||||||
"ref": "nixos-unstable",
|
"ref": "nixos-unstable",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1696039360,
|
||||||
|
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixos-23.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1686412476,
|
"lastModified": 1686412476,
|
||||||
"narHash": "sha256-inl9SVk6o5h75XKC79qrDCAobTD1Jxh6kVYTZKHzewA=",
|
"narHash": "sha256-inl9SVk6o5h75XKC79qrDCAobTD1Jxh6kVYTZKHzewA=",
|
||||||
|
@ -613,7 +440,7 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1693158576,
|
"lastModified": 1693158576,
|
||||||
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
|
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
|
||||||
|
@ -633,28 +460,27 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"adblock-unbound": "adblock-unbound",
|
"adblock-unbound": "adblock-unbound",
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
"darwin": "darwin",
|
"deploy-rs": "deploy-rs",
|
||||||
"deploy": "deploy",
|
|
||||||
"digga": "digga",
|
|
||||||
"fix-atomic-container-restarts": "fix-atomic-container-restarts",
|
|
||||||
"fix-yubikey-agent": "fix-yubikey-agent",
|
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat",
|
||||||
"home": "home",
|
"flake-parts": "flake-parts",
|
||||||
"keycloak-theme-pub-solar": "keycloak-theme-pub-solar",
|
"home-manager": "home-manager",
|
||||||
"latest": "latest",
|
|
||||||
"master": "master",
|
"master": "master",
|
||||||
|
"mobile-nixos": "mobile-nixos",
|
||||||
"musnix": "musnix",
|
"musnix": "musnix",
|
||||||
"nixos": "nixos",
|
"nix-darwin": "nix-darwin",
|
||||||
|
"nixos-flake": "nixos-flake",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"scan2paperless": "scan2paperless"
|
"nixpkgs": "nixpkgs_2",
|
||||||
|
"scan2paperless": "scan2paperless",
|
||||||
|
"unstable": "unstable"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"scan2paperless": {
|
"scan2paperless": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"deno2nix": "deno2nix",
|
"deno2nix": "deno2nix",
|
||||||
"devshell": "devshell_4",
|
"devshell": "devshell_2",
|
||||||
"flake-utils": "flake-utils_6",
|
"flake-utils": "flake-utils_3",
|
||||||
"nixpkgs": "nixpkgs_3"
|
"nixpkgs": "nixpkgs_4"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1693298356,
|
"lastModified": 1693298356,
|
||||||
|
@ -730,33 +556,19 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_5": {
|
"unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1696019113,
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
"narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=",
|
||||||
"owner": "nix-systems",
|
"owner": "nixos",
|
||||||
"repo": "default",
|
"repo": "nixpkgs",
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
"rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-systems",
|
"owner": "nixos",
|
||||||
"repo": "default",
|
"ref": "nixos-unstable",
|
||||||
"type": "github"
|
"repo": "nixpkgs",
|
||||||
}
|
|
||||||
},
|
|
||||||
"systems_6": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1681028828,
|
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-systems",
|
|
||||||
"repo": "default",
|
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
227
flake.nix
227
flake.nix
|
@ -1,199 +1,103 @@
|
||||||
{
|
{
|
||||||
description = "A highly structured configuration database.";
|
description = "b12f hosts";
|
||||||
|
|
||||||
nixConfig.extra-experimental-features = "nix-command flakes";
|
nixConfig.extra-experimental-features = "nix-command flakes";
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
# Track channels with commits tested and built by hydra
|
# Track channels with commits tested and built by hydra
|
||||||
nixos.url = "github:nixos/nixpkgs/nixos-23.05";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
|
||||||
latest.url = "github:nixos/nixpkgs/nixos-unstable";
|
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
|
|
||||||
flake-compat.url = "github:edolstra/flake-compat";
|
flake-compat.url = "github:edolstra/flake-compat";
|
||||||
flake-compat.flake = false;
|
flake-compat.flake = false;
|
||||||
|
|
||||||
digga.url = "github:pub-solar/digga/fix/bootstrap-iso";
|
nix-darwin.url = "github:lnl7/nix-darwin/master";
|
||||||
digga.inputs.nixpkgs.follows = "nixos";
|
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
digga.inputs.nixlib.follows = "nixos";
|
|
||||||
digga.inputs.home-manager.follows = "home";
|
|
||||||
digga.inputs.deploy.follows = "deploy";
|
|
||||||
digga.inputs.darwin.follows = "darwin";
|
|
||||||
digga.inputs.flake-compat.follows = "flake-compat";
|
|
||||||
|
|
||||||
home.url = "github:nix-community/home-manager/release-23.05";
|
home-manager.url = "github:nix-community/home-manager/release-23.05";
|
||||||
home.inputs.nixpkgs.follows = "nixos";
|
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
darwin.url = "github:LnL7/nix-darwin";
|
flake-parts.url = "github:hercules-ci/flake-parts";
|
||||||
darwin.inputs.nixpkgs.follows = "nixos";
|
nixos-flake.url = "github:srid/nixos-flake";
|
||||||
|
|
||||||
deploy.url = "github:serokell/deploy-rs";
|
deploy-rs.url = "github:serokell/deploy-rs";
|
||||||
deploy.inputs.nixpkgs.follows = "nixos";
|
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
deploy.inputs.flake-compat.follows = "flake-compat";
|
deploy-rs.inputs.flake-compat.follows = "flake-compat";
|
||||||
|
|
||||||
agenix.url = "github:ryantm/agenix";
|
agenix.url = "github:ryantm/agenix";
|
||||||
agenix.inputs.nixpkgs.follows = "nixos";
|
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
agenix.inputs.darwin.follows = "darwin";
|
agenix.inputs.darwin.follows = "nix-darwin";
|
||||||
|
|
||||||
nixos-hardware.url = "github:nixos/nixos-hardware";
|
nixos-hardware.url = "github:nixos/nixos-hardware";
|
||||||
|
|
||||||
keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main";
|
mobile-nixos.url = "github:nixos/mobile-nixos";
|
||||||
keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixos";
|
mobile-nixos.flake = false;
|
||||||
|
|
||||||
master.url = "github:nixos/nixpkgs/master";
|
master.url = "github:nixos/nixpkgs/master";
|
||||||
fix-yubikey-agent.url = "github:pub-solar/nixpkgs/fix/use-latest-unstable-yubikey-agent";
|
|
||||||
fix-atomic-container-restarts.url = "github:pub-solar/nixpkgs/fix/atomic-container-restarts";
|
|
||||||
scan2paperless.url = "git+https://git.pub.solar/b12f/scan2paperless.git";
|
scan2paperless.url = "git+https://git.pub.solar/b12f/scan2paperless.git";
|
||||||
musnix.url = "github:musnix/musnix";
|
musnix.url = "github:musnix/musnix";
|
||||||
|
|
||||||
adblock-unbound.url = "github:MayNiklas/nixos-adblock-unbound";
|
adblock-unbound.url = "github:MayNiklas/nixos-adblock-unbound";
|
||||||
adblock-unbound.inputs.nixpkgs.follows = "nixos";
|
adblock-unbound.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = {
|
outputs = inputs@{ self, ... }:
|
||||||
self,
|
inputs.flake-parts.lib.mkFlake { inherit inputs; } {
|
||||||
digga,
|
systems = [
|
||||||
nixos,
|
"x86_64-linux"
|
||||||
home,
|
"aarch64-linux"
|
||||||
nixos-hardware,
|
"x86_64-darwin"
|
||||||
agenix,
|
"aarch64-darwin"
|
||||||
deploy,
|
];
|
||||||
scan2paperless,
|
|
||||||
musnix,
|
|
||||||
...
|
|
||||||
} @ inputs:
|
|
||||||
digga.lib.mkFlake
|
|
||||||
{
|
|
||||||
inherit self inputs;
|
|
||||||
|
|
||||||
channelsConfig = {
|
imports = [
|
||||||
allowUnfree = true;
|
inputs.nixos-flake.flakeModule
|
||||||
};
|
./lib
|
||||||
|
./modules
|
||||||
|
./hosts
|
||||||
|
./users
|
||||||
|
];
|
||||||
|
|
||||||
supportedSystems = ["x86_64-linux" "aarch64-linux" "aarch64-darwin"];
|
perSystem = args@{ system, pkgs, config, ... }: {
|
||||||
|
_module.args = {
|
||||||
channels = {
|
inherit inputs;
|
||||||
nixos = {
|
pkgs = import inputs.nixpkgs {
|
||||||
imports = [(digga.lib.importOverlays ./overlays)];
|
inherit system;
|
||||||
overlays = [
|
overlays = [
|
||||||
(self: super: {
|
inputs.agenix.overlays.default
|
||||||
deploy-rs = {
|
|
||||||
inherit (inputs.nixos.legacyPackages.x86_64-linux) deploy-rs;
|
|
||||||
lib = inputs.deploy.lib.x86_64-linux;
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
latest = {};
|
unstable = import inputs.unstable { inherit system; };
|
||||||
|
master = import inputs.master { inherit system; };
|
||||||
};
|
};
|
||||||
|
|
||||||
lib = import ./lib {lib = digga.lib // nixos.lib;};
|
devShells.default = pkgs.mkShell {
|
||||||
|
buildInputs = with pkgs; [
|
||||||
sharedOverlays = [
|
deploy-rs
|
||||||
(final: prev: {
|
nixpkgs-fmt
|
||||||
__dontExport = true;
|
agenix
|
||||||
lib = prev.lib.extend (lfinal: lprev: {
|
cachix
|
||||||
our = self.lib;
|
editorconfig-checker
|
||||||
});
|
nix
|
||||||
})
|
nodePackages.prettier
|
||||||
agenix.overlays.default
|
nvfetcher
|
||||||
|
shellcheck
|
||||||
(import ./pkgs)
|
shfmt
|
||||||
];
|
treefmt
|
||||||
|
nixos-generators
|
||||||
nixos = {
|
|
||||||
hostDefaults = {
|
|
||||||
system = "x86_64-linux";
|
|
||||||
channelName = "nixos";
|
|
||||||
imports = [(digga.lib.importExportableModules ./modules)];
|
|
||||||
modules = [
|
|
||||||
{lib.our = self.lib;}
|
|
||||||
# FIXME: upstream module causes a huge number of unnecessary
|
|
||||||
# dependencies to be pulled in for all systems -- many of them are
|
|
||||||
# graphical. should only be imported as needed.
|
|
||||||
# digga.nixosModules.bootstrapIso
|
|
||||||
digga.nixosModules.nixConfig
|
|
||||||
home.nixosModules.home-manager
|
|
||||||
agenix.nixosModules.age
|
|
||||||
musnix.nixosModules.musnix
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
imports = [(digga.lib.importHosts ./hosts)];
|
|
||||||
hosts = {
|
|
||||||
# Set host-specific properties here
|
|
||||||
bootstrap = {
|
|
||||||
modules = [
|
|
||||||
digga.nixosModules.bootstrapIso
|
|
||||||
];
|
|
||||||
};
|
|
||||||
PubSolarOS = {
|
|
||||||
tests = [
|
|
||||||
#(import ./tests/first-test.nix {
|
|
||||||
# pkgs = nixos.legacyPackages.x86_64-linux;
|
|
||||||
# lib = nixos.lib;
|
|
||||||
#})
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
pie = {
|
flake = {
|
||||||
system = "aarch64-linux";
|
deploy.nodes = self.b12f-os.lib.deploy.mkDeployNodes self.nixosConfigurations {
|
||||||
modules = [nixos-hardware.nixosModules.raspberry-pi-4];
|
chocolatebar = {
|
||||||
|
sshUser = "b12f";
|
||||||
};
|
};
|
||||||
|
|
||||||
maoam = {
|
biolimo = {
|
||||||
system = "aarch64-linux";
|
sshUser = "b12f";
|
||||||
};
|
|
||||||
};
|
|
||||||
importables = rec {
|
|
||||||
profiles =
|
|
||||||
digga.lib.rakeLeaves ./profiles
|
|
||||||
// {
|
|
||||||
users = digga.lib.rakeLeaves ./users;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
suites = with profiles; rec {
|
|
||||||
base = [users.pub-solar users.root];
|
|
||||||
iso = base ++ [base-user graphical pub-solar-iso];
|
|
||||||
pubsolaros = [full-install base-user users.root];
|
|
||||||
anonymous = [pubsolaros users.pub-solar];
|
|
||||||
|
|
||||||
b12f = pubsolaros ++ [users.b12f social gaming mobile];
|
|
||||||
biolimo = b12f ++ [graphical];
|
|
||||||
chocolatebar = b12f ++ [graphical virtualisation];
|
|
||||||
|
|
||||||
yule = pubsolaros ++ [users.yule];
|
|
||||||
droppie = yule ++ [];
|
|
||||||
pie = yule ++ [];
|
|
||||||
maoam = b12f ++ [];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
home = {
|
|
||||||
imports = [(digga.lib.importExportableModules ./users/modules)];
|
|
||||||
modules = [];
|
|
||||||
importables = rec {
|
|
||||||
profiles = digga.lib.rakeLeaves ./users/profiles;
|
|
||||||
suites = with profiles; rec {
|
|
||||||
base = [direnv git];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
users = let
|
|
||||||
default = {suites, ...}: {
|
|
||||||
imports = suites.base;
|
|
||||||
home.stateVersion = "21.03";
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
pub-solar = default;
|
|
||||||
b12f = default;
|
|
||||||
yule = default;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
devshell = ./shell;
|
|
||||||
|
|
||||||
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
|
|
||||||
|
|
||||||
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {
|
|
||||||
droppie = {
|
droppie = {
|
||||||
hostname = "backup.b12f.io";
|
hostname = "backup.b12f.io";
|
||||||
sshUser = "yule";
|
sshUser = "yule";
|
||||||
|
@ -207,16 +111,7 @@
|
||||||
maoam = {
|
maoam = {
|
||||||
sshUser = "b12f";
|
sshUser = "b12f";
|
||||||
};
|
};
|
||||||
#example = {
|
};
|
||||||
# hostname = "example.com:22";
|
|
||||||
# sshUser = "bartender";
|
|
||||||
# fastConnect = true;
|
|
||||||
# profilesOrder = ["system" "direnv"];
|
|
||||||
# profiles.direnv = {
|
|
||||||
# user = "bartender";
|
|
||||||
# path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.bartender;
|
|
||||||
# };
|
|
||||||
#};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
{suites, ...}: {
|
|
||||||
### root password is empty by default ###
|
|
||||||
### default password: pub-solar, optional: add your SSH keys
|
|
||||||
imports =
|
|
||||||
suites.iso;
|
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
|
||||||
|
|
||||||
networking.networkmanager.enable = true;
|
|
||||||
|
|
||||||
fileSystems."/" = {device = "/dev/disk/by-label/nixos";};
|
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
|
||||||
# settings for stateful data, like file locations and database versions
|
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
|
||||||
# this value at the release version of the first install of this system.
|
|
||||||
# Before changing this value read the documentation for this option
|
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
|
||||||
system.stateVersion = "22.05"; # Did you read the comment?
|
|
||||||
}
|
|
|
@ -1,47 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
psCfg = config.pub-solar;
|
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./configuration.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
pub-solar.paranoia.enable = true;
|
|
||||||
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
|
||||||
pub-solar.core.hibernation.resumeOffset = 15296512;
|
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
|
||||||
|
|
||||||
networking.networkmanager.wifi.backend = mkForce "wpa_supplicant";
|
|
||||||
|
|
||||||
services.printing.drivers = [
|
|
||||||
pkgs.cups-brother-hl3140cw
|
|
||||||
];
|
|
||||||
|
|
||||||
home-manager = with pkgs;
|
|
||||||
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
|
||||||
xdg.configFile = mkIf psCfg.sway.enable {
|
|
||||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
|
||||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
|
||||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
|
||||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
|
||||||
};
|
|
||||||
|
|
||||||
home.packages = [
|
|
||||||
inkscape
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# For OpenProject development with https
|
|
||||||
security.pki.certificates = [
|
|
||||||
(builtins.readFile ./step-roots.pem)
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,20 +1,51 @@
|
||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
imports = [
|
with lib; let
|
||||||
# Include the results of the hardware scan.
|
psCfg = config.pub-solar;
|
||||||
./hardware-configuration.nix
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
];
|
in {
|
||||||
|
pub-solar.graphical.enable = true;
|
||||||
|
pub-solar.sway.enable = true;
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
# Use the systemd-boot EFI boot loader.
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
pub-solar.paranoia.enable = true;
|
||||||
|
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||||
|
pub-solar.core.hibernation.resumeOffset = 15296512;
|
||||||
|
|
||||||
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
|
|
||||||
|
networking.networkmanager.wifi.backend = mkForce "wpa_supplicant";
|
||||||
|
|
||||||
|
services.printing.drivers = [
|
||||||
|
pkgs.cups-brother-hl3140cw
|
||||||
|
];
|
||||||
|
|
||||||
|
home-manager = with pkgs;
|
||||||
|
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||||
|
xdg.configFile = mkIf psCfg.sway.enable {
|
||||||
|
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||||
|
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||||
|
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||||
|
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||||
|
};
|
||||||
|
|
||||||
|
home.packages = [
|
||||||
|
inkscape
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# For OpenProject development with https
|
||||||
|
security.pki.certificates = [
|
||||||
|
(builtins.readFile ./step-roots.pem)
|
||||||
|
];
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{suites, ...}: {
|
{ ... }: {
|
||||||
imports =
|
imports = [
|
||||||
[
|
./configuration.nix
|
||||||
./biolimo.nix
|
./hardware-configuration.nix
|
||||||
]
|
];
|
||||||
++ suites.biolimo;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,54 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
profiles,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
# Gets hostname of host to be bundled inside iso
|
|
||||||
# Copied from https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L3-L11
|
|
||||||
getFqdn = config: let
|
|
||||||
net = config.networking;
|
|
||||||
fqdn =
|
|
||||||
if (net ? domain) && (net.domain != null)
|
|
||||||
then "${net.hostName}.${net.domain}"
|
|
||||||
else net.hostName;
|
|
||||||
in
|
|
||||||
fqdn;
|
|
||||||
in {
|
|
||||||
# build with: `nix build ".#nixosConfigurations.bootstrap.config.system.build.isoImage"`
|
|
||||||
imports = [
|
|
||||||
# profiles.networking
|
|
||||||
profiles.users.root # make sure to configure ssh keys
|
|
||||||
profiles.users.pub-solar
|
|
||||||
profiles.base-user
|
|
||||||
profiles.graphical
|
|
||||||
profiles.pub-solar-iso
|
|
||||||
];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
|
||||||
|
|
||||||
# will be overridden by the bootstrapIso instrumentation
|
|
||||||
fileSystems."/" = {device = "/dev/disk/by-label/nixos";};
|
|
||||||
|
|
||||||
system.nixos.label = "PubSolarOS-" + config.system.nixos.version;
|
|
||||||
|
|
||||||
# mkForce because a similar transformation gets double applied otherwise
|
|
||||||
# https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L17
|
|
||||||
# https://github.com/NixOS/nixpkgs/blob/aecd4d8349b94f9bd5718c74a5b789f233f67326/nixos/modules/installer/cd-dvd/installation-cd-base.nix#L21-L22
|
|
||||||
isoImage = {
|
|
||||||
isoBaseName = mkForce (getFqdn config);
|
|
||||||
isoName = mkForce "${config.system.nixos.label}-${config.isoImage.isoBaseName}-${pkgs.stdenv.hostPlatform.system}.iso";
|
|
||||||
};
|
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
|
||||||
# settings for stateful data, like file locations and database versions
|
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
|
||||||
# this value at the release version of the first install of this system.
|
|
||||||
# Before changing this value read the documentation for this option
|
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
|
||||||
system.stateVersion = "21.05"; # Did you read the comment?
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,109 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
self,
|
|
||||||
inputs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
psCfg = config.pub-solar;
|
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./configuration.nix
|
|
||||||
./virtualisation
|
|
||||||
./factorio
|
|
||||||
];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
hardware.cpu.amd.updateMicrocode = true;
|
|
||||||
|
|
||||||
hardware.opengl.extraPackages = with pkgs; [
|
|
||||||
rocm-opencl-icd
|
|
||||||
rocm-opencl-runtime
|
|
||||||
];
|
|
||||||
|
|
||||||
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
|
||||||
pub-solar.core.hibernation.resumeOffset = 115075072;
|
|
||||||
|
|
||||||
pub-solar.paperless.sync.masterNode = true;
|
|
||||||
|
|
||||||
age.secrets."drone-runner-exec-config" = {
|
|
||||||
file = "${self}/secrets/drone-runner-exec-config";
|
|
||||||
mode = "400";
|
|
||||||
owner = psCfg.user.name;
|
|
||||||
};
|
|
||||||
|
|
||||||
pub-solar.docker-ci-runner = {
|
|
||||||
enable = true;
|
|
||||||
runnerVarsFile = config.age.secrets.drone-runner-exec-config.path;
|
|
||||||
};
|
|
||||||
|
|
||||||
pub-solar.paperless.scannerDefaultDevice = "hp3900:libusb:005:004";
|
|
||||||
|
|
||||||
services.openssh.openFirewall = true;
|
|
||||||
networking.firewall.allowedTCPPorts =
|
|
||||||
[443]
|
|
||||||
++ (
|
|
||||||
if psCfg.sway.vnc.enable
|
|
||||||
then [5901]
|
|
||||||
else []
|
|
||||||
);
|
|
||||||
networking.firewall.allowedUDPPorts = [43050];
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
wayvnc
|
|
||||||
drone-docker-runner
|
|
||||||
stdenv.cc.cc.lib
|
|
||||||
pkgs.hplip
|
|
||||||
];
|
|
||||||
|
|
||||||
age.secrets."vnc-key.pem" = {
|
|
||||||
file = "${self}/secrets/vnc-key-chocolatebar.pem";
|
|
||||||
mode = "400";
|
|
||||||
owner = psCfg.user.name;
|
|
||||||
};
|
|
||||||
age.secrets."vnc-cert.pem" = {
|
|
||||||
file = "${self}/secrets/vnc-cert-chocolatebar.pem";
|
|
||||||
mode = "400";
|
|
||||||
owner = psCfg.user.name;
|
|
||||||
};
|
|
||||||
pub-solar.sway.vnc.enable = true;
|
|
||||||
|
|
||||||
services.printing.drivers = [
|
|
||||||
pkgs.cups-brother-hl3140cw
|
|
||||||
];
|
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
|
||||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="04f9", ATTRS{idProduct}=="209e", ATTRS{serial}=="000W0H924252", MODE="0664", GROUP="lp", SYMLINK+="usb/lp0"
|
|
||||||
'';
|
|
||||||
|
|
||||||
home-manager.users."${psCfg.user.name}" = {
|
|
||||||
xdg.configFile = mkIf psCfg.sway.enable {
|
|
||||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
|
||||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
|
||||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
|
||||||
};
|
|
||||||
|
|
||||||
home.sessionVariables = {
|
|
||||||
NIX_CC = "${pkgs.stdenv.cc}";
|
|
||||||
};
|
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
|
||||||
lmms
|
|
||||||
audacity
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
musnix = {
|
|
||||||
enable = true;
|
|
||||||
kernel.realtime = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# For OpenProject development with https
|
|
||||||
security.pki.certificates = [
|
|
||||||
(builtins.readFile ./step-roots.pem)
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,20 +1,112 @@
|
||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
|
flake,
|
||||||
|
lib,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
imports = [
|
with lib; let
|
||||||
# Include the results of the hardware scan.
|
psCfg = config.pub-solar;
|
||||||
./hardware-configuration.nix
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
|
in {
|
||||||
|
pub-solar.graphical.enable = true;
|
||||||
|
pub-solar.sway.enable = true;
|
||||||
|
pub-solar.virtualisation.enable = true;
|
||||||
|
|
||||||
|
hardware.cpu.amd.updateMicrocode = true;
|
||||||
|
|
||||||
|
hardware.opengl.extraPackages = with pkgs; [
|
||||||
|
rocm-opencl-icd
|
||||||
|
rocm-opencl-runtime
|
||||||
];
|
];
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
# Use the systemd-boot EFI boot loader.
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
pub-solar.paranoia.enable = true;
|
||||||
|
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||||
|
pub-solar.core.hibernation.resumeOffset = 115075072;
|
||||||
|
|
||||||
|
pub-solar.paperless.sync.masterNode = true;
|
||||||
|
|
||||||
|
age.secrets."drone-runner-exec-config" = {
|
||||||
|
file = "${flake.self}/secrets/drone-runner-exec-config";
|
||||||
|
mode = "400";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
|
||||||
|
pub-solar.docker-ci-runner = {
|
||||||
|
enable = true;
|
||||||
|
runnerVarsFile = config.age.secrets.drone-runner-exec-config.path;
|
||||||
|
};
|
||||||
|
|
||||||
|
pub-solar.paperless.scannerDefaultDevice = "hp3900:libusb:005:004";
|
||||||
|
|
||||||
|
services.openssh.openFirewall = true;
|
||||||
|
networking.firewall.allowedTCPPorts =
|
||||||
|
[443]
|
||||||
|
++ (
|
||||||
|
if psCfg.sway.vnc.enable
|
||||||
|
then [5901]
|
||||||
|
else []
|
||||||
|
);
|
||||||
|
networking.firewall.allowedUDPPorts = [43050];
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
wayvnc
|
||||||
|
drone-docker-runner
|
||||||
|
stdenv.cc.cc.lib
|
||||||
|
pkgs.hplip
|
||||||
|
];
|
||||||
|
|
||||||
|
age.secrets."vnc-key.pem" = {
|
||||||
|
file = "${flake.self}/secrets/vnc-key-chocolatebar.pem";
|
||||||
|
mode = "400";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
age.secrets."vnc-cert.pem" = {
|
||||||
|
file = "${flake.self}/secrets/vnc-cert-chocolatebar.pem";
|
||||||
|
mode = "400";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
pub-solar.sway.vnc.enable = true;
|
||||||
|
|
||||||
|
services.printing.drivers = [
|
||||||
|
pkgs.cups-brother-hl3140cw
|
||||||
|
];
|
||||||
|
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEMS=="usb", ATTRS{idVendor}=="04f9", ATTRS{idProduct}=="209e", ATTRS{serial}=="000W0H924252", MODE="0664", GROUP="lp", SYMLINK+="usb/lp0"
|
||||||
|
'';
|
||||||
|
|
||||||
|
home-manager.users."${psCfg.user.name}" = {
|
||||||
|
xdg.configFile = mkIf psCfg.sway.enable {
|
||||||
|
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||||
|
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||||
|
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||||
|
};
|
||||||
|
|
||||||
|
home.sessionVariables = {
|
||||||
|
NIX_CC = "${pkgs.stdenv.cc}";
|
||||||
|
};
|
||||||
|
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
lmms
|
||||||
|
audacity
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
musnix = {
|
||||||
|
enable = true;
|
||||||
|
kernel.realtime = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# For OpenProject development with https
|
||||||
|
security.pki.certificates = [
|
||||||
|
(builtins.readFile ./step-roots.pem)
|
||||||
|
];
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
{suites, ...}: {
|
{...}: {
|
||||||
imports =
|
imports = [
|
||||||
[
|
./configuration.nix
|
||||||
./chocolatebar.nix
|
./hardware-configuration.nix
|
||||||
]
|
|
||||||
++ suites.chocolatebar;
|
./virtualisation
|
||||||
|
# ./factorio
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,6 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
self,
|
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
|
43
hosts/default.nix
Normal file
43
hosts/default.nix
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
{ withSystem, self, inputs, ...}:
|
||||||
|
{
|
||||||
|
flake = {
|
||||||
|
nixosConfigurations = {
|
||||||
|
biolimo = self.nixos-flake.lib.mkLinuxSystem {
|
||||||
|
nixpkgs.hostPlatform = "x86_64-linux";
|
||||||
|
imports = [
|
||||||
|
self.nixosModules.base
|
||||||
|
./biolimo
|
||||||
|
self.nixosModules.b12f
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
chocolatebar = self.nixos-flake.lib.mkLinuxSystem {
|
||||||
|
nixpkgs.hostPlatform = "x86_64-linux";
|
||||||
|
imports = [
|
||||||
|
self.nixosModules.base
|
||||||
|
./chocolatebar
|
||||||
|
self.nixosModules.b12f
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
pie = self.nixos-flake.lib.mkLinuxSystem {
|
||||||
|
nixpkgs.hostPlatform = "aarch64-linux";
|
||||||
|
imports = [
|
||||||
|
self.nixosModules.base
|
||||||
|
inputs.nixos-hardware.nixosModules.raspberry-pi-4
|
||||||
|
./pie
|
||||||
|
self.nixosModules.yule
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# maoam = self.nixos-flake.lib.mkLinuxSystem {
|
||||||
|
# nixpkgs.hostPlatform = "aarch64-linux";
|
||||||
|
# imports = [
|
||||||
|
# self.nixosModules.base
|
||||||
|
# ./maoam
|
||||||
|
# self.nixosModules.yule
|
||||||
|
# ];
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,17 +1,14 @@
|
||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
|
flake,
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
imports = [
|
with lib; let
|
||||||
# Include the results of the hardware scan.
|
psCfg = config.pub-solar;
|
||||||
./hardware-configuration.nix
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
];
|
in {
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||||
boot.loader.grub = {
|
boot.loader.grub = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -20,6 +17,47 @@
|
||||||
};
|
};
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
|
|
||||||
|
pub-solar.core.disk-encryption-active = false;
|
||||||
|
pub-solar.core.lite = true;
|
||||||
|
|
||||||
|
security.sudo.extraRules = [
|
||||||
|
{
|
||||||
|
users = ["${psCfg.user.name}"];
|
||||||
|
commands = [
|
||||||
|
{
|
||||||
|
command = "ALL";
|
||||||
|
options = ["NOPASSWD"];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
services.ddclient = {
|
||||||
|
enable = false;
|
||||||
|
ipv6 = true;
|
||||||
|
domains = ["backup.b12f.io"];
|
||||||
|
server = "ddns.hosting.de";
|
||||||
|
username = "b12f";
|
||||||
|
use = "web, web=https://ipcheck-ds.wieistmeineip.de/callback/, web-skip='ip\":\"'";
|
||||||
|
passwordFile = "/run/agenix/dyndns-droppie.key";
|
||||||
|
};
|
||||||
|
|
||||||
|
age.secrets."dyndns-droppie.key" = {
|
||||||
|
file = "${flake.self}/secrets/dyndns-droppie.key";
|
||||||
|
mode = "400";
|
||||||
|
owner = "root";
|
||||||
|
};
|
||||||
|
|
||||||
|
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQSephFJU0NMbVbhwvVJ2/m6jcPYo1IsWCsoarqKin root@droppie
|
||||||
|
age.secrets."droppie-ssh-root.key" = {
|
||||||
|
file = "${flake.self}/secrets/droppie-ssh-root.key";
|
||||||
|
path = "/home/${psCfg.user.name}/.ssh/id_ed25519";
|
||||||
|
mode = "400";
|
||||||
|
owner = psCfg.user.name;
|
||||||
|
};
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
{suites, ...}: {
|
{...}: {
|
||||||
imports =
|
imports = [
|
||||||
[
|
./configuration.nix
|
||||||
./droppie.nix
|
./hardware-configuration.nix
|
||||||
]
|
|
||||||
++ suites.droppie;
|
./nextcloud-web-tunnel.nix
|
||||||
|
./restic-backup.nix
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,60 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
self,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
psCfg = config.pub-solar;
|
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./configuration.nix
|
|
||||||
./nextcloud-web-tunnel.nix
|
|
||||||
./restic-backup.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
|
||||||
|
|
||||||
pub-solar.core.disk-encryption-active = false;
|
|
||||||
pub-solar.core.lite = true;
|
|
||||||
|
|
||||||
security.sudo.extraRules = [
|
|
||||||
{
|
|
||||||
users = ["${psCfg.user.name}"];
|
|
||||||
commands = [
|
|
||||||
{
|
|
||||||
command = "ALL";
|
|
||||||
options = ["NOPASSWD"];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
services.ddclient = {
|
|
||||||
enable = false;
|
|
||||||
ipv6 = true;
|
|
||||||
domains = ["backup.b12f.io"];
|
|
||||||
server = "ddns.hosting.de";
|
|
||||||
username = "b12f";
|
|
||||||
use = "web, web=https://ipcheck-ds.wieistmeineip.de/callback/, web-skip='ip\":\"'";
|
|
||||||
passwordFile = "/run/agenix/dyndns-droppie.key";
|
|
||||||
};
|
|
||||||
|
|
||||||
age.secrets."dyndns-droppie.key" = {
|
|
||||||
file = "${self}/secrets/dyndns-droppie.key";
|
|
||||||
mode = "400";
|
|
||||||
owner = "root";
|
|
||||||
};
|
|
||||||
|
|
||||||
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQSephFJU0NMbVbhwvVJ2/m6jcPYo1IsWCsoarqKin root@droppie
|
|
||||||
age.secrets."droppie-ssh-root.key" = {
|
|
||||||
file = "${self}/secrets/droppie-ssh-root.key";
|
|
||||||
path = "/home/${psCfg.user.name}/.ssh/id_ed25519";
|
|
||||||
mode = "400";
|
|
||||||
owner = psCfg.user.name;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,18 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let
|
config,
|
||||||
mobile-nixos = pkgs.fetchFromGithub {
|
lib,
|
||||||
owner = "NixOS";
|
pkgs,
|
||||||
repo = "mobile-nixos";
|
...
|
||||||
rev = "d22c60e8d4d21f0197c1cac88c34dcc366b7a16c";
|
}: {
|
||||||
sha256 = "";
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
(import <mobile-nixos/lib/configuration.nix> { device = "pine64-pinephone"; })
|
|
||||||
./hardware-configuration.nix
|
|
||||||
<mobile-nixos/examples/phosh/phosh.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
# Use Network Manager
|
# Use Network Manager
|
||||||
networking.wireless.enable = false;
|
networking.wireless.enable = false;
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager.enable = true;
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
{suites, ...}: {
|
{ flake, pkgs, ... }: {
|
||||||
imports =
|
imports = [
|
||||||
[
|
./configuration.nix
|
||||||
./maoam.nix
|
./hardware-configuration.nix
|
||||||
]
|
((import "${flake.inputs.mobile-nixos}/lib/configuration.nix") { device = "pine64-pinephone"; })
|
||||||
++ suites.maoam;
|
"${flake.inputs.mobile-nixos}/examples/phosh/phosh.nix"
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
self,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
psCfg = config.pub-solar;
|
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./configuration.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -5,13 +5,12 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
inputs,
|
|
||||||
...
|
...
|
||||||
}: {
|
}:
|
||||||
imports = [
|
with lib; let
|
||||||
./hardware-configuration.nix
|
psCfg = config.pub-solar;
|
||||||
];
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
|
in {
|
||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
boot.loader.grub.efiSupport = true;
|
boot.loader.grub.efiSupport = true;
|
||||||
boot.loader.grub.efiInstallAsRemovable = true;
|
boot.loader.grub.efiInstallAsRemovable = true;
|
||||||
|
@ -27,6 +26,33 @@
|
||||||
|
|
||||||
boot.kernelPackages = pkgs.linuxPackages_6_1;
|
boot.kernelPackages = pkgs.linuxPackages_6_1;
|
||||||
|
|
||||||
|
pub-solar.core.disk-encryption-active = false;
|
||||||
|
pub-solar.core.lite = true;
|
||||||
|
|
||||||
|
networking.defaultGateway = {
|
||||||
|
address = "192.168.178.1";
|
||||||
|
interface = "enabcm6e4ei0";
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.interfaces.enabcm6e4ei0.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
address = "192.168.178.2";
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
security.sudo.extraRules = [
|
||||||
|
{
|
||||||
|
users = ["${psCfg.user.name}"];
|
||||||
|
commands = [
|
||||||
|
{
|
||||||
|
command = "ALL";
|
||||||
|
options = ["NOPASSWD"];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
{suites, ...}: {
|
{...}: {
|
||||||
imports =
|
imports = [
|
||||||
[
|
./configuration.nix
|
||||||
./pie.nix
|
./hardware-configuration.nix
|
||||||
]
|
|
||||||
++ suites.pie;
|
./unbound.nix
|
||||||
|
./dhcpd.nix
|
||||||
|
./wake-droppie.nix
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,47 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
self,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib; let
|
|
||||||
psCfg = config.pub-solar;
|
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./configuration.nix
|
|
||||||
./unbound.nix
|
|
||||||
./dhcpd.nix
|
|
||||||
./wake-droppie.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
pub-solar.core.disk-encryption-active = false;
|
|
||||||
pub-solar.core.lite = true;
|
|
||||||
|
|
||||||
networking.defaultGateway = {
|
|
||||||
address = "192.168.178.1";
|
|
||||||
interface = "enabcm6e4ei0";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.interfaces.enabcm6e4ei0.ipv4.addresses = [
|
|
||||||
{
|
|
||||||
address = "192.168.178.2";
|
|
||||||
prefixLength = 24;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
security.sudo.extraRules = [
|
|
||||||
{
|
|
||||||
users = ["${psCfg.user.name}"];
|
|
||||||
commands = [
|
|
||||||
{
|
|
||||||
command = "ALL";
|
|
||||||
options = ["NOPASSWD"];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,7 +1,4 @@
|
||||||
{ pkgs, inputs, ... }:
|
{ pkgs, lib, ... }: {
|
||||||
let
|
|
||||||
adlist = inputs.adblock-unbound.packages.${pkgs.system};
|
|
||||||
in {
|
|
||||||
networking.firewall.allowedUDPPorts = [ 53 ];
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||||
networking.firewall.allowedTCPPorts = [ 53 ];
|
networking.firewall.allowedTCPPorts = [ 53 ];
|
||||||
|
|
||||||
|
@ -10,7 +7,7 @@ in {
|
||||||
settings = {
|
settings = {
|
||||||
server = {
|
server = {
|
||||||
include = [
|
include = [
|
||||||
"\"${adlist.unbound-adblockStevenBlack}\""
|
"\"${pkgs.adlist.unbound-adblockStevenBlack}\""
|
||||||
];
|
];
|
||||||
interface = [ "0.0.0.0" ];
|
interface = [ "0.0.0.0" ];
|
||||||
access-control = [ "192.168.178.0/24 allow" ];
|
access-control = [ "192.168.178.0/24 allow" ];
|
||||||
|
|
|
@ -1,10 +1,16 @@
|
||||||
{lib}:
|
{ lib, inputs, ... }: {
|
||||||
lib.makeExtensible (self: let
|
# Configuration common to all Linux systems
|
||||||
callLibs = file: import file {lib = self;};
|
flake = {
|
||||||
in rec {
|
b12f-os.lib = let
|
||||||
|
callLibs = file: import file {inherit lib;};
|
||||||
|
in rec {
|
||||||
## Define your own library functions here!
|
## Define your own library functions here!
|
||||||
#id = x: x;
|
#id = x: x;
|
||||||
## Or in files, containing functions that take {lib}
|
## Or in files, containing functions that take {lib}
|
||||||
#foo = callLibs ./foo.nix;
|
#foo = callLibs ./foo.nix;
|
||||||
## In configs, they can be used under "lib.our"
|
## In configs, they can be used under "lib.our"
|
||||||
})
|
|
||||||
|
deploy = import ./deploy.nix { inherit inputs lib; };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
62
lib/deploy.nix
Normal file
62
lib/deploy.nix
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
/*
|
||||||
|
* The contents of this file are adapted from digga
|
||||||
|
* https://github.com/divnix/digga
|
||||||
|
*
|
||||||
|
* Licensed under the MIT license
|
||||||
|
*/
|
||||||
|
|
||||||
|
{ lib, inputs }: let
|
||||||
|
getFqdn = c: let
|
||||||
|
net = c.config.networking;
|
||||||
|
fqdn =
|
||||||
|
if (net ? domain) && (net.domain != null)
|
||||||
|
then "${net.hostName}.${net.domain}"
|
||||||
|
else net.hostName;
|
||||||
|
in
|
||||||
|
fqdn;
|
||||||
|
in {
|
||||||
|
mkDeployNodes = systemConfigurations: extraConfig:
|
||||||
|
/*
|
||||||
|
*
|
||||||
|
Synopsis: mkNodes _systemConfigurations_ _extraConfig_
|
||||||
|
|
||||||
|
Generate the `nodes` attribute expected by deploy-rs
|
||||||
|
where _systemConfigurations_ are `nodes`.
|
||||||
|
|
||||||
|
_systemConfigurations_ should take the form of a flake's
|
||||||
|
_nixosConfigurations_. Note that deploy-rs does not currently support
|
||||||
|
deploying to darwin hosts.
|
||||||
|
|
||||||
|
_extraConfig_, if specified, will be merged into each of the
|
||||||
|
nodes' configurations.
|
||||||
|
|
||||||
|
Example _systemConfigurations_ input:
|
||||||
|
|
||||||
|
```
|
||||||
|
{
|
||||||
|
hostname-1 = {
|
||||||
|
fastConnection = true;
|
||||||
|
sshOpts = [ "-p" "25" ];
|
||||||
|
};
|
||||||
|
hostname-2 = {
|
||||||
|
sshOpts = [ "-p" "19999" ];
|
||||||
|
sshUser = "root";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
```
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
lib.recursiveUpdate
|
||||||
|
(lib.mapAttrs
|
||||||
|
(
|
||||||
|
_: c: {
|
||||||
|
hostname = getFqdn c;
|
||||||
|
profiles.system = {
|
||||||
|
user = "root";
|
||||||
|
path = inputs.deploy-rs.lib.${c.pkgs.stdenv.hostPlatform.system}.activate.nixos c;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
)
|
||||||
|
systemConfigurations)
|
||||||
|
extraConfig;
|
||||||
|
}
|
|
@ -6,7 +6,7 @@
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
cfg = config.pub-solar.devops;
|
cfg = config.pub-solar.arduino;
|
||||||
in {
|
in {
|
||||||
options.pub-solar.arduino = {
|
options.pub-solar.arduino = {
|
||||||
enable = mkEnableOption "Life with home automation";
|
enable = mkEnableOption "Life with home automation";
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
self,
|
flake,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
@ -37,7 +37,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets."drone-runner-exec-config" = {
|
age.secrets."drone-runner-exec-config" = {
|
||||||
file = "${self}/secrets/drone-runner-exec-config";
|
file = "${flake.self}/secrets/drone-runner-exec-config";
|
||||||
mode = "700";
|
mode = "700";
|
||||||
owner = psCfg.user.name;
|
owner = psCfg.user.name;
|
||||||
};
|
};
|
||||||
|
|
|
@ -12,7 +12,6 @@ in {
|
||||||
./fonts.nix
|
./fonts.nix
|
||||||
./i18n.nix
|
./i18n.nix
|
||||||
./networking.nix
|
./networking.nix
|
||||||
./nix.nix
|
|
||||||
./packages.nix
|
./packages.nix
|
||||||
./services.nix
|
./services.nix
|
||||||
];
|
];
|
||||||
|
|
97
modules/default.nix
Normal file
97
modules/default.nix
Normal file
|
@ -0,0 +1,97 @@
|
||||||
|
{
|
||||||
|
self,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
# Configuration common to all Linux systems
|
||||||
|
flake = {
|
||||||
|
nixosModules = rec {
|
||||||
|
arduino = import ./arduino;
|
||||||
|
audio = import ./audio;
|
||||||
|
ci-runner = import ./ci-runner;
|
||||||
|
core = import ./core;
|
||||||
|
crypto = import ./crypto;
|
||||||
|
devops = import ./devops;
|
||||||
|
docker = import ./docker;
|
||||||
|
docker-ci-runner = import ./docker-ci-runner;
|
||||||
|
email = import ./email;
|
||||||
|
gaming = import ./gaming;
|
||||||
|
graphical = import ./graphical;
|
||||||
|
mobile = import ./mobile;
|
||||||
|
nix = import ./nix;
|
||||||
|
nextcloud = import ./nextcloud;
|
||||||
|
office = import ./office;
|
||||||
|
paperless = import ./paperless;
|
||||||
|
paranoia = import ./paranoia;
|
||||||
|
printing = import ./printing;
|
||||||
|
social = import ./social;
|
||||||
|
sway = import ./sway;
|
||||||
|
terminal-life = import ./terminal-life;
|
||||||
|
uhk = import ./uhk;
|
||||||
|
user = import ./user;
|
||||||
|
virtualisation = import ./virtualisation;
|
||||||
|
|
||||||
|
base.imports = [
|
||||||
|
self.nixosModules.home-manager
|
||||||
|
inputs.agenix.nixosModules.default
|
||||||
|
inputs.musnix.nixosModules.musnix
|
||||||
|
|
||||||
|
({
|
||||||
|
flake,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
unstable,
|
||||||
|
master,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
nixpkgs.overlays = (import ../overlays) ++ [
|
||||||
|
(prev: next: {
|
||||||
|
scan2paperless = inputs.scan2paperless.legacyPackages.${prev.system}.scan2paperless;
|
||||||
|
nixd = inputs.unstable.legacyPackages.${prev.system}.nixd;
|
||||||
|
|
||||||
|
factorio-headless = inputs.master.legacyPackages.${prev.system}.factorio-headless;
|
||||||
|
paperless-ngx = inputs.master.legacyPackages.${prev.system}.paperless-ngx;
|
||||||
|
waybar = inputs.master.legacyPackages.${prev.system}.waybar;
|
||||||
|
element-desktop = inputs.master.legacyPackages.${prev.system}.element-desktop;
|
||||||
|
|
||||||
|
adlist = inputs.adblock-unbound.packages.${prev.system};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
nix.nixPath = [
|
||||||
|
"nixpkgs=${inputs.nixpkgs}"
|
||||||
|
"nixos-config=${./lib/compat/nixos}"
|
||||||
|
"home-manager=${inputs.home-manager}"
|
||||||
|
];
|
||||||
|
})
|
||||||
|
|
||||||
|
self.nixosModules.arduino
|
||||||
|
self.nixosModules.audio
|
||||||
|
self.nixosModules.ci-runner
|
||||||
|
self.nixosModules.core
|
||||||
|
self.nixosModules.crypto
|
||||||
|
self.nixosModules.devops
|
||||||
|
self.nixosModules.docker
|
||||||
|
self.nixosModules.docker-ci-runner
|
||||||
|
self.nixosModules.email
|
||||||
|
self.nixosModules.gaming
|
||||||
|
self.nixosModules.graphical
|
||||||
|
self.nixosModules.mobile
|
||||||
|
self.nixosModules.nix
|
||||||
|
self.nixosModules.nextcloud
|
||||||
|
self.nixosModules.office
|
||||||
|
self.nixosModules.paperless
|
||||||
|
self.nixosModules.paranoia
|
||||||
|
self.nixosModules.printing
|
||||||
|
self.nixosModules.social
|
||||||
|
self.nixosModules.sway
|
||||||
|
self.nixosModules.terminal-life
|
||||||
|
self.nixosModules.uhk
|
||||||
|
self.nixosModules.user
|
||||||
|
self.nixosModules.virtualisation
|
||||||
|
|
||||||
|
self.nixosModules.root
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,7 +2,6 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
self,
|
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
channel,
|
|
||||||
inputs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
nix.nixPath = [
|
|
||||||
"nixpkgs=${channel.input}"
|
|
||||||
"nixos-config=${../lib/compat/nixos}"
|
|
||||||
"home-manager=${inputs.home}"
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -2,7 +2,7 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
inputs,
|
flake,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
nix = {
|
nix = {
|
||||||
|
@ -10,6 +10,7 @@
|
||||||
package = pkgs.nix;
|
package = pkgs.nix;
|
||||||
gc.automatic = true;
|
gc.automatic = true;
|
||||||
optimise.automatic = true;
|
optimise.automatic = true;
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
# Improve nix store disk usage
|
# Improve nix store disk usage
|
||||||
auto-optimise-store = true;
|
auto-optimise-store = true;
|
||||||
|
@ -20,6 +21,7 @@
|
||||||
# Allow only group wheel to connect to the nix daemon
|
# Allow only group wheel to connect to the nix daemon
|
||||||
allowed-users = ["@wheel"];
|
allowed-users = ["@wheel"];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Generally useful nix option defaults
|
# Generally useful nix option defaults
|
||||||
extraOptions = lib.mkForce ''
|
extraOptions = lib.mkForce ''
|
||||||
experimental-features = flakes nix-command
|
experimental-features = flakes nix-command
|
||||||
|
@ -28,5 +30,11 @@
|
||||||
keep-derivations = true
|
keep-derivations = true
|
||||||
fallback = true
|
fallback = true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
nixPath = [
|
||||||
|
"nixpkgs=${flake.inputs.nixpkgs}"
|
||||||
|
"nixos-config=${../../lib/compat/nixos}"
|
||||||
|
"home-manager=${flake.inputs.home-manager}"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
|
@ -2,8 +2,6 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
masterModulesPath,
|
|
||||||
inputs,
|
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
@ -11,14 +9,6 @@ with lib; let
|
||||||
cfg = config.pub-solar.paperless;
|
cfg = config.pub-solar.paperless;
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
in {
|
in {
|
||||||
imports = [
|
|
||||||
"${masterModulesPath}/services/misc/paperless.nix"
|
|
||||||
];
|
|
||||||
|
|
||||||
disabledModules = [
|
|
||||||
"services/misc/paperless.nix"
|
|
||||||
];
|
|
||||||
|
|
||||||
options.pub-solar.paperless = {
|
options.pub-solar.paperless = {
|
||||||
enable = mkEnableOption "All you need to go paperless";
|
enable = mkEnableOption "All you need to go paperless";
|
||||||
ocrLanguage = mkOption {
|
ocrLanguage = mkOption {
|
||||||
|
@ -95,7 +85,7 @@ in {
|
||||||
|
|
||||||
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
inputs.scan2paperless.legacyPackages.x86_64-linux.scan2paperless
|
scan2paperless
|
||||||
sane-backends
|
sane-backends
|
||||||
python310Packages.img2pdf
|
python310Packages.img2pdf
|
||||||
];
|
];
|
||||||
|
|
|
@ -32,7 +32,7 @@ in {
|
||||||
|
|
||||||
# Don't set this if you need sftp
|
# Don't set this if you need sftp
|
||||||
services.openssh.allowSFTP = false;
|
services.openssh.allowSFTP = false;
|
||||||
services.openssh.openFirewall = false; # Lock yourself out
|
# services.openssh.openFirewall = false; # Lock yourself out
|
||||||
|
|
||||||
# Limit the use of sudo to the group wheel
|
# Limit the use of sudo to the group wheel
|
||||||
security.sudo.execWheelOnly = true;
|
security.sudo.execWheelOnly = true;
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
self,
|
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
|
@ -106,8 +105,6 @@ in {
|
||||||
irssi = "irssi --config=$XDG_CONFIG_HOME/irssi/config --home=$XDG_DATA_HOME/irssi";
|
irssi = "irssi --config=$XDG_CONFIG_HOME/irssi/config --home=$XDG_DATA_HOME/irssi";
|
||||||
drone = "DRONE_TOKEN=$(secret-tool lookup drone token) drone";
|
drone = "DRONE_TOKEN=$(secret-tool lookup drone token) drone";
|
||||||
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
|
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
|
||||||
# fix nixos-option
|
|
||||||
nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat";
|
|
||||||
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
|
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
|
||||||
nnn = "nnn -d -e -H -r";
|
nnn = "nnn -d -e -H -r";
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,7 +2,6 @@
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
self,
|
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
@ -24,17 +23,6 @@ in {
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
programs.command-not-found.enable = false;
|
programs.command-not-found.enable = false;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
screen
|
|
||||||
];
|
|
||||||
|
|
||||||
# Starship is a fast and featureful shell prompt
|
|
||||||
# starship.toml has sane defaults that can be changed there
|
|
||||||
programs.starship = {
|
|
||||||
enable = true;
|
|
||||||
settings = import ./starship.toml.nix;
|
|
||||||
};
|
|
||||||
|
|
||||||
home-manager = with pkgs;
|
home-manager = with pkgs;
|
||||||
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||||
home.packages = [
|
home.packages = [
|
||||||
|
@ -55,20 +43,29 @@ in {
|
||||||
];
|
];
|
||||||
}))
|
}))
|
||||||
powerline
|
powerline
|
||||||
|
screen
|
||||||
silver-searcher
|
silver-searcher
|
||||||
watson
|
watson
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Starship is a fast and featureful shell prompt
|
||||||
|
# starship.toml has sane defaults that can be changed there
|
||||||
|
programs.starship = {
|
||||||
|
enable = true;
|
||||||
|
settings = import ./starship.toml.nix;
|
||||||
|
};
|
||||||
|
|
||||||
programs.bash = import ./bash {
|
programs.bash = import ./bash {
|
||||||
inherit config;
|
inherit config;
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
inherit self;
|
|
||||||
inherit lib;
|
inherit lib;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.fzf = import ./fzf {
|
programs.fzf = import ./fzf {
|
||||||
inherit config;
|
inherit config;
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.neovim = import ./nvim {
|
programs.neovim = import ./nvim {
|
||||||
inherit config;
|
inherit config;
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
|
|
Before Width: | Height: | Size: 513 KiB After Width: | Height: | Size: 513 KiB |
|
@ -1,12 +1,16 @@
|
||||||
{
|
{
|
||||||
lib,
|
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
|
lib,
|
||||||
...
|
...
|
||||||
}:
|
}: let
|
||||||
with lib; let
|
psCfg = config.pub-solar;
|
||||||
cfg = config.pub-solar;
|
in
|
||||||
in {
|
with lib; {
|
||||||
|
imports = [
|
||||||
|
./home.nix
|
||||||
|
];
|
||||||
|
|
||||||
options.pub-solar = {
|
options.pub-solar = {
|
||||||
user = {
|
user = {
|
||||||
name = mkOption {
|
name = mkOption {
|
||||||
|
@ -46,4 +50,37 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
users = {
|
||||||
|
mutableUsers = false;
|
||||||
|
|
||||||
|
users = with pkgs;
|
||||||
|
pkgs.lib.setAttrByPath [psCfg.user.name] {
|
||||||
|
# Indicates whether this is an account for a “real” user.
|
||||||
|
# This automatically sets group to users, createHome to true,
|
||||||
|
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
|
||||||
|
isNormalUser = true;
|
||||||
|
description = psCfg.user.description;
|
||||||
|
extraGroups = [
|
||||||
|
"input"
|
||||||
|
"lp"
|
||||||
|
"networkmanager"
|
||||||
|
"scanner"
|
||||||
|
"video"
|
||||||
|
"dialout"
|
||||||
|
"wheel"
|
||||||
|
];
|
||||||
|
shell = pkgs.bash;
|
||||||
|
initialHashedPassword =
|
||||||
|
if psCfg.user.password != null
|
||||||
|
then psCfg.user.password
|
||||||
|
else "";
|
||||||
|
openssh.authorizedKeys.keys =
|
||||||
|
if psCfg.user.publicKeys != null
|
||||||
|
then psCfg.user.publicKeys
|
||||||
|
else [];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,7 @@ in {
|
||||||
# paths it should manage.
|
# paths it should manage.
|
||||||
home.username = psCfg.user.name;
|
home.username = psCfg.user.name;
|
||||||
home.homeDirectory = "/home/${psCfg.user.name}";
|
home.homeDirectory = "/home/${psCfg.user.name}";
|
||||||
|
home.stateVersion = "22.11";
|
||||||
|
|
||||||
home.packages = with pkgs; [];
|
home.packages = with pkgs; [];
|
||||||
|
|
8
overlays/default.nix
Normal file
8
overlays/default.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
[
|
||||||
|
(import ../pkgs)
|
||||||
|
(import ./blesh.nix)
|
||||||
|
(import ./manix.nix)
|
||||||
|
(import ./rnix-lsp.nix)
|
||||||
|
(import ./neovim-plugins.nix)
|
||||||
|
(import ./signal-desktop.nix)
|
||||||
|
]
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.audio.enable = true;
|
|
||||||
}
|
|
|
@ -1,43 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
psCfg = config.pub-solar;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
./home.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
users = {
|
|
||||||
mutableUsers = false;
|
|
||||||
|
|
||||||
users = with pkgs;
|
|
||||||
pkgs.lib.setAttrByPath [psCfg.user.name] {
|
|
||||||
# Indicates whether this is an account for a “real” user.
|
|
||||||
# This automatically sets group to users, createHome to true,
|
|
||||||
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
|
|
||||||
isNormalUser = true;
|
|
||||||
description = psCfg.user.description;
|
|
||||||
extraGroups = [
|
|
||||||
"input"
|
|
||||||
"lp"
|
|
||||||
"networkmanager"
|
|
||||||
"scanner"
|
|
||||||
"video"
|
|
||||||
"dialout"
|
|
||||||
"wheel"
|
|
||||||
];
|
|
||||||
shell = pkgs.bash;
|
|
||||||
initialHashedPassword =
|
|
||||||
if psCfg.user.password != null
|
|
||||||
then psCfg.user.password
|
|
||||||
else "";
|
|
||||||
openssh.authorizedKeys.keys =
|
|
||||||
if psCfg.user.publicKeys != null
|
|
||||||
then psCfg.user.publicKeys
|
|
||||||
else [];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,109 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
inputs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
# Sets nrdxp.cachix.org binary cache which just speeds up some builds
|
|
||||||
imports = [../cachix];
|
|
||||||
|
|
||||||
config = {
|
|
||||||
pub-solar.terminal-life.enable = true;
|
|
||||||
pub-solar.audio.enable = true;
|
|
||||||
pub-solar.crypto.enable = true;
|
|
||||||
pub-solar.devops.enable = true;
|
|
||||||
|
|
||||||
# This is just a representation of the nix default
|
|
||||||
nix.systemFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
systemPackages = with pkgs; [
|
|
||||||
# Core unix utility packages
|
|
||||||
coreutils-full
|
|
||||||
progress
|
|
||||||
dnsutils
|
|
||||||
inetutils
|
|
||||||
mtr
|
|
||||||
pciutils
|
|
||||||
usbutils
|
|
||||||
gitFull
|
|
||||||
git-lfs
|
|
||||||
git-bug
|
|
||||||
wget
|
|
||||||
openssl
|
|
||||||
openssh
|
|
||||||
curl
|
|
||||||
htop
|
|
||||||
lsof
|
|
||||||
psmisc
|
|
||||||
xdg-utils
|
|
||||||
sysfsutils
|
|
||||||
renameutils
|
|
||||||
nfs-utils
|
|
||||||
moreutils
|
|
||||||
mailutils
|
|
||||||
keyutils
|
|
||||||
input-utils
|
|
||||||
elfutils
|
|
||||||
binutils
|
|
||||||
dateutils
|
|
||||||
diffutils
|
|
||||||
findutils
|
|
||||||
exfat
|
|
||||||
file
|
|
||||||
|
|
||||||
# zippit
|
|
||||||
zip
|
|
||||||
unzip
|
|
||||||
|
|
||||||
# Modern modern utilities
|
|
||||||
p7zip
|
|
||||||
croc
|
|
||||||
jq
|
|
||||||
|
|
||||||
# Nix specific utilities
|
|
||||||
niv
|
|
||||||
manix
|
|
||||||
nix-index
|
|
||||||
nix-tree
|
|
||||||
nixpkgs-review
|
|
||||||
# Build broken, python2.7-PyJWT-2.0.1.drv' failed
|
|
||||||
#nixops
|
|
||||||
psos
|
|
||||||
nvd
|
|
||||||
|
|
||||||
# Fun
|
|
||||||
neofetch
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
fonts = {
|
|
||||||
fonts = with pkgs; [powerline-fonts dejavu_fonts];
|
|
||||||
|
|
||||||
fontconfig.defaultFonts = {
|
|
||||||
monospace = ["DejaVu Sans Mono for Powerline"];
|
|
||||||
|
|
||||||
sansSerif = ["DejaVu Sans"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# For rage encryption, all hosts need a ssh key pair
|
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
openFirewall = lib.mkDefault true;
|
|
||||||
passwordAuthentication = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
# Service that makes Out of Memory Killer more effective
|
|
||||||
services.earlyoom.enable = true;
|
|
||||||
|
|
||||||
# Use latest LTS linux kernel by default
|
|
||||||
boot.kernelPackages = pkgs.linuxPackages_5_15;
|
|
||||||
|
|
||||||
boot.supportedFilesystems = ["ntfs"];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,17 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
config = {
|
|
||||||
pub-solar.audio.bluetooth.enable = true;
|
|
||||||
pub-solar.docker.enable = true;
|
|
||||||
pub-solar.nextcloud.enable = true;
|
|
||||||
pub-solar.office.enable = true;
|
|
||||||
# pub-solar.printing.enable = true; # this is enabled automatically if office is enabled
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.gaming.enable = true;
|
|
||||||
}
|
|
|
@ -1,12 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.graphical.enable = true;
|
|
||||||
pub-solar.sway.enable = true;
|
|
||||||
}
|
|
|
@ -1,13 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.graphical.enable = false;
|
|
||||||
pub-solar.x-os.localProxyService.enable = false;
|
|
||||||
pub-solar.sway.enable = false;
|
|
||||||
}
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.mobile.enable = true;
|
|
||||||
}
|
|
|
@ -1,15 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
config = {
|
|
||||||
pub-solar.graphical.wayland.software-renderer.enable = true;
|
|
||||||
pub-solar.sway.terminal = "foot";
|
|
||||||
pub-solar.core.iso-options.enable = true;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.social.enable = true;
|
|
||||||
}
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit (lib) fileContents;
|
|
||||||
in {
|
|
||||||
pub-solar.virtualisation.enable = true;
|
|
||||||
}
|
|
|
@ -1,11 +0,0 @@
|
||||||
{
|
|
||||||
self,
|
|
||||||
inputs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
modules = with inputs; [
|
|
||||||
];
|
|
||||||
exportedModules = [
|
|
||||||
./devos.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,64 +0,0 @@
|
||||||
{
|
|
||||||
pkgs,
|
|
||||||
extraModulesPath,
|
|
||||||
inputs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}: let
|
|
||||||
inherit
|
|
||||||
(pkgs)
|
|
||||||
agenix
|
|
||||||
alejandra
|
|
||||||
cachix
|
|
||||||
editorconfig-checker
|
|
||||||
nix
|
|
||||||
nodePackages
|
|
||||||
nvfetcher
|
|
||||||
shellcheck
|
|
||||||
shfmt
|
|
||||||
treefmt
|
|
||||||
nixos-generators
|
|
||||||
;
|
|
||||||
|
|
||||||
inherit
|
|
||||||
(pkgs.nodePackages)
|
|
||||||
prettier
|
|
||||||
;
|
|
||||||
|
|
||||||
pkgWithCategory = category: package: {inherit package category;};
|
|
||||||
devos = pkgWithCategory "devos";
|
|
||||||
formatter = pkgWithCategory "linter";
|
|
||||||
in {
|
|
||||||
imports = ["${extraModulesPath}/git/hooks.nix" ./hooks];
|
|
||||||
|
|
||||||
# override for our own welcome
|
|
||||||
devshell.name = pkgs.lib.mkForce "PubSolarOS";
|
|
||||||
|
|
||||||
packages = [
|
|
||||||
alejandra
|
|
||||||
editorconfig-checker
|
|
||||||
nodePackages.prettier
|
|
||||||
shellcheck
|
|
||||||
shfmt
|
|
||||||
];
|
|
||||||
|
|
||||||
commands = with pkgs;
|
|
||||||
[
|
|
||||||
(devos nix)
|
|
||||||
(devos agenix)
|
|
||||||
{
|
|
||||||
category = "devos";
|
|
||||||
name = pkgs.nvfetcher.pname;
|
|
||||||
help = pkgs.nvfetcher.meta.description;
|
|
||||||
command = "cd $PRJ_ROOT/pkgs; ${pkgs.nvfetcher}/bin/nvfetcher -c ./sources.toml $@";
|
|
||||||
}
|
|
||||||
(formatter treefmt)
|
|
||||||
]
|
|
||||||
++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [
|
|
||||||
(devos cachix)
|
|
||||||
]
|
|
||||||
++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [
|
|
||||||
(devos nixos-generators)
|
|
||||||
(devos deploy-rs.deploy-rs)
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,6 +0,0 @@
|
||||||
{
|
|
||||||
git.hooks = {
|
|
||||||
enable = true;
|
|
||||||
pre-commit.text = builtins.readFile ./pre-commit.sh;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,9 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
# Check editorconfig
|
|
||||||
if ! editorconfig-checker; then
|
|
||||||
printf "%b\n" \
|
|
||||||
"\nCode is not aligned with .editorconfig" \
|
|
||||||
"Review the output and commit your fixes" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
|
@ -2,7 +2,7 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
self,
|
flake,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
@ -10,13 +10,13 @@ with lib; let
|
||||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||||
in {
|
in {
|
||||||
age.secrets."cat-test.ovpn" = {
|
age.secrets."cat-test.ovpn" = {
|
||||||
file = "${self}/secrets/cat-test.ovpn";
|
file = "${flake.self}/secrets/cat-test.ovpn";
|
||||||
mode = "700";
|
mode = "700";
|
||||||
owner = psCfg.user.name;
|
owner = psCfg.user.name;
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets.".fwknoprc" = {
|
age.secrets.".fwknoprc" = {
|
||||||
file = "${self}/secrets/.fwknoprc";
|
file = "${flake.self}/secrets/.fwknoprc";
|
||||||
mode = "600";
|
mode = "600";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
{
|
{
|
||||||
self,
|
|
||||||
config,
|
config,
|
||||||
hmUsers,
|
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
|
flake,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
|
@ -14,12 +13,10 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
home-manager.users = {inherit (hmUsers) b12f;};
|
|
||||||
|
|
||||||
services.yubikey-agent.enable = true;
|
services.yubikey-agent.enable = true;
|
||||||
|
|
||||||
age.secrets.b12f-env-secrets = {
|
age.secrets.b12f-env-secrets = {
|
||||||
file = "${self}/secrets/b12f-env-secrets";
|
file = "${flake.self}/secrets/b12f-env-secrets";
|
||||||
mode = "400";
|
mode = "400";
|
||||||
owner = psCfg.user.name;
|
owner = psCfg.user.name;
|
||||||
};
|
};
|
||||||
|
@ -57,8 +54,12 @@ in {
|
||||||
arduino.enable = true;
|
arduino.enable = true;
|
||||||
email.enable = true;
|
email.enable = true;
|
||||||
uhk.enable = true;
|
uhk.enable = true;
|
||||||
|
social.enable = false;
|
||||||
|
gaming.enable = false;
|
||||||
|
mobile.enable = false;
|
||||||
audio.spotify.enable = true;
|
audio.spotify.enable = true;
|
||||||
audio.spotify.username = "spotify@benjaminbaedorf.eu";
|
audio.spotify.username = "spotify@benjaminbaedorf.eu";
|
||||||
|
audio.mopidy.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Needed for the udev rules for solaar
|
# Needed for the udev rules for solaar
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
self,
|
flake,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
|
@ -14,8 +14,6 @@ in {
|
||||||
./concepts-and-training.nix
|
./concepts-and-training.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
pub-solar.audio.mopidy.enable = false;
|
|
||||||
|
|
||||||
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
present-md
|
present-md
|
||||||
|
@ -124,7 +122,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets."mopidy.conf" = {
|
age.secrets."mopidy.conf" = {
|
||||||
file = "${self}/secrets/mopidy.conf";
|
file = "${flake.self}/secrets/mopidy.conf";
|
||||||
mode = "700";
|
mode = "700";
|
||||||
owner = "b12f";
|
owner = "b12f";
|
||||||
};
|
};
|
||||||
|
|
9
users/default.nix
Normal file
9
users/default.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{
|
||||||
|
flake = {
|
||||||
|
nixosModules = rec {
|
||||||
|
root = import ./root;
|
||||||
|
b12f = import ./b12f;
|
||||||
|
yule = import ./yule;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,6 +1,4 @@
|
||||||
{hmUsers, ...}: {
|
{config, ...}: {
|
||||||
home-manager.users = {inherit (hmUsers) pub-solar;};
|
|
||||||
|
|
||||||
pub-solar = {
|
pub-solar = {
|
||||||
# These are your personal settings
|
# These are your personal settings
|
||||||
# The only required settings are `name` and `password`,
|
# The only required settings are `name` and `password`,
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
hmUsers,
|
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
...
|
...
|
||||||
|
@ -8,8 +7,6 @@
|
||||||
psCfg = config.pub-solar;
|
psCfg = config.pub-solar;
|
||||||
in {
|
in {
|
||||||
config = {
|
config = {
|
||||||
home-manager.users = {inherit (hmUsers) yule;};
|
|
||||||
|
|
||||||
pub-solar = {
|
pub-solar = {
|
||||||
# These are your personal settings
|
# These are your personal settings
|
||||||
# The only required settings are `name` and `password`,
|
# The only required settings are `name` and `password`,
|
||||||
|
|
Loading…
Reference in a new issue