From 880b1c247e13162610eb1169c1eaf2480712d1e4 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 9 Mar 2024 22:00:17 +0100 Subject: [PATCH 1/8] nixos: services: lohr: migrate to tmpfiles This is better than a custom script. --- modules/nixos/services/lohr/default.nix | 34 ++++++++++++++----------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/modules/nixos/services/lohr/default.nix b/modules/nixos/services/lohr/default.nix index dd4eea8..21aadba 100644 --- a/modules/nixos/services/lohr/default.nix +++ b/modules/nixos/services/lohr/default.nix @@ -59,21 +59,6 @@ in "LOHR_HOME=${lohrHome}" "LOHR_CONFIG=" ]; - ExecStartPre = lib.mkIf (cfg.sshKeyFile != null) ''+${ - pkgs.writeScript "copy-ssh-key" '' - #!${pkgs.bash}/bin/bash - # Ensure the key is not there - mkdir -p '${lohrHome}/.ssh' - rm -f '${lohrHome}/.ssh/id_ed25519' - - # Move the key into place - cp ${cfg.sshKeyFile} '${lohrHome}/.ssh/id_ed25519' - - # Fix permissions - chown -R lohr:lohr '${lohrHome}/.ssh' - chmod -R 0700 '${lohrHome}/.ssh' - '' - }''; ExecStart = let configFile = settingsFormat.generate "lohr-config.yaml" cfg.setting; @@ -103,5 +88,24 @@ in inherit (cfg) port; }; }; + + # SSH key provisioning + systemd.tmpfiles.settings."10-lohr" = lib.mkIf (cfg.sshKeyFile != null) { + "${lohrHome}/.ssh" = { + d = { + user = "lohr"; + group = "lohr"; + mode = "0700"; + }; + }; + "${lohrHome}/.ssh/id_ed25519" = { + "f+" = { + user = "lohr"; + group = "lohr"; + mode = "0700"; + argument = cfg.sshKeyFile; + }; + }; + }; }; } From fe1130c0422ce392e83616264c3a04e3b64dd20d Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 11:52:42 +0000 Subject: [PATCH 2/8] overlays: add none-ls-shellcheck-nvim --- overlays/none-ls-shellcheck-nvim/default.nix | 4 ++++ overlays/none-ls-shellcheck-nvim/generated.nix | 15 +++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 overlays/none-ls-shellcheck-nvim/default.nix create mode 100644 overlays/none-ls-shellcheck-nvim/generated.nix diff --git a/overlays/none-ls-shellcheck-nvim/default.nix b/overlays/none-ls-shellcheck-nvim/default.nix new file mode 100644 index 0000000..832e71d --- /dev/null +++ b/overlays/none-ls-shellcheck-nvim/default.nix @@ -0,0 +1,4 @@ +self: prev: +{ + vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); +} diff --git a/overlays/none-ls-shellcheck-nvim/generated.nix b/overlays/none-ls-shellcheck-nvim/generated.nix new file mode 100644 index 0000000..ee93a88 --- /dev/null +++ b/overlays/none-ls-shellcheck-nvim/generated.nix @@ -0,0 +1,15 @@ +{ vimUtils, fetchFromGitHub }: +_final: _prev: +{ + none-ls-shellcheck-nvim = vimUtils.buildVimPlugin { + pname = "none-ls-shellcheck.nvim"; + version = "2024-02-28"; + src = fetchFromGitHub { + owner = "gbprod"; + repo = "none-ls-shellcheck.nvim"; + rev = "1eed283a7ede771b522a0a9f30bb604f02f51d64"; + sha256 = "1hs0q9a0xwyqml0bfmplk89f1dk4nyg6aapfarnx44zqiw1183kn"; + }; + meta.homepage = "https://github.com/gbprod/none-ls-shellcheck.nvim/"; + }; +} From 3daa2f4242321d74a37ce4dcdd33fdab70681720 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 11:53:19 +0000 Subject: [PATCH 3/8] home: vim: null-ls: fix deprecated builtins `none-ls` deprecated a lot of unmaintained builtins, or ones that they find has been replaced by a compete LSP server. This removes those deprecated builtins, or uses a shim until I migrate to the relevant LSP configuration (for `bash-language-server`). --- modules/home/vim/default.nix | 1 + modules/home/vim/plugin/settings/null-ls.lua | 26 +++----------------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 871bf40..3e1aee4 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -68,6 +68,7 @@ in lsp-format-nvim # Simplified formatting configuration lsp_lines-nvim # Show diagnostics *over* regions none-ls-nvim # LSP integration for linters and formatters + none-ls-shellcheck-nvim # shellcheck shim for none-ls nvim-treesitter.withAllGrammars # Better highlighting nvim-treesitter-textobjects # More textobjects nvim-ts-context-commentstring # Comment string in nested language blocks diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index 0eaa55c..9915194 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -28,14 +28,6 @@ null_ls.register({ }), }) --- Haskell -null_ls.register({ - null_ls.builtins.formatting.brittany.with({ - -- Only used if available - condition = utils.is_executable_condition("brittany"), - }), -}) - -- Nix null_ls.register({ null_ls.builtins.formatting.nixpkgs_fmt.with({ @@ -50,16 +42,6 @@ null_ls.register({ -- Python null_ls.register({ - null_ls.builtins.diagnostics.flake8.with({ - -- Only used if available, but prefer pflake8 if available - condition = function() - return utils.is_executable("flake8") and not utils.is_executable("pflake8") - end, - }), - null_ls.builtins.diagnostics.pyproject_flake8.with({ - -- Only used if available - condition = utils.is_executable_condition("pflake8"), - }), null_ls.builtins.diagnostics.mypy.with({ -- Only used if available condition = utils.is_executable_condition("mypy"), @@ -81,13 +63,13 @@ null_ls.register({ -- Shell (non-POSIX) null_ls.register({ - null_ls.builtins.code_actions.shellcheck.with({ + require("none-ls-shellcheck.diagnostics").with({ -- Restrict to bash and zsh filetypes = { "bash", "zsh" }, -- Only used if available condition = utils.is_executable_condition("shellcheck"), }), - null_ls.builtins.diagnostics.shellcheck.with({ + require("none-ls-shellcheck.code_actions").with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test, use bash dialect @@ -110,13 +92,13 @@ null_ls.register({ -- Shell (POSIX) null_ls.register({ - null_ls.builtins.code_actions.shellcheck.with({ + require("none-ls-shellcheck.diagnostics").with({ -- Restrict to POSIX sh filetypes = { "sh" }, -- Only used if available condition = utils.is_executable_condition("shellcheck"), }), - null_ls.builtins.diagnostics.shellcheck.with({ + require("none-ls-shellcheck.code_actions").with({ -- Show error code in message diagnostics_format = "[#{c}] #{m}", -- Require explicit empty string test From ea0adeed374c2c57ce1c3abb787d2645af91aed8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:01:15 +0000 Subject: [PATCH 4/8] home: vim: lspconfig: add 'ruff-lsp' Since everybody is moving towards using it instead of other linters... --- modules/home/vim/plugin/settings/lspconfig.lua | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 794a765..7b2d95f 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -52,6 +52,13 @@ if utils.is_executable("pyright") then }) end +if utils.is_executable("ruff-lsp") then + lspconfig.ruff_lsp.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end + -- Rust if utils.is_executable("rust-analyzer") then lspconfig.rust_analyzer.setup({ From 72f5bc25afab78ca5d1147fa91e2d72b46a42cc8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:04:38 +0000 Subject: [PATCH 5/8] home: vim: lspconfig: add 'hls' If I ever end up actually learning it... --- modules/home/vim/plugin/settings/lspconfig.lua | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 7b2d95f..178898a 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -29,6 +29,14 @@ if utils.is_executable("clangd") then }) end +-- Haskell +if utils.is_executable("haskell-language-server-wrapper") then + lspconfig.hls.setup({ + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end + -- Nix if utils.is_executable("nil") then lspconfig.nil_ls.setup({ From dd9fa99c3d79a0b9b34058496adc8914862c56f3 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:20:53 +0000 Subject: [PATCH 6/8] home: vim: lspconfig: migrate to 'bashls' Since `none-ls` has removed their `shellcheck` built-in. This actually makes the diagnostics more robust to POSIX/non-POSIX scripts (the LSP server detects it at runtime, which is more robust than the `ftdetect` scripts). Nice bonus: the shellcheck code is shown in the diagnostics message without any configuration! I'm not sure if I can configure `avoid-nullary-conditions` -- though it seems like this check is broken at the moment (I couldn't get it to trigger during my tests). --- modules/home/vim/default.nix | 3 +- .../home/vim/plugin/settings/lspconfig.lua | 9 ++++++ modules/home/vim/plugin/settings/null-ls.lua | 32 ------------------- 3 files changed, 10 insertions(+), 34 deletions(-) diff --git a/modules/home/vim/default.nix b/modules/home/vim/default.nix index 3e1aee4..07711cc 100644 --- a/modules/home/vim/default.nix +++ b/modules/home/vim/default.nix @@ -68,7 +68,6 @@ in lsp-format-nvim # Simplified formatting configuration lsp_lines-nvim # Show diagnostics *over* regions none-ls-nvim # LSP integration for linters and formatters - none-ls-shellcheck-nvim # shellcheck shim for none-ls nvim-treesitter.withAllGrammars # Better highlighting nvim-treesitter-textobjects # More textobjects nvim-ts-context-commentstring # Comment string in nested language blocks @@ -106,7 +105,7 @@ in nixpkgs-fmt # Shell - shellcheck + nodePackages.bash-language-server shfmt ]; }; diff --git a/modules/home/vim/plugin/settings/lspconfig.lua b/modules/home/vim/plugin/settings/lspconfig.lua index 178898a..c2de2ea 100644 --- a/modules/home/vim/plugin/settings/lspconfig.lua +++ b/modules/home/vim/plugin/settings/lspconfig.lua @@ -74,3 +74,12 @@ if utils.is_executable("rust-analyzer") then on_attach = lsp.on_attach, }) end + +-- Shell +if utils.is_executable("bash-language-server") then + lspconfig.bashls.setup({ + filetypes = { "bash", "sh", "zsh" }, + capabilities = capabilities, + on_attach = lsp.on_attach, + }) +end diff --git a/modules/home/vim/plugin/settings/null-ls.lua b/modules/home/vim/plugin/settings/null-ls.lua index 9915194..c372751 100644 --- a/modules/home/vim/plugin/settings/null-ls.lua +++ b/modules/home/vim/plugin/settings/null-ls.lua @@ -63,22 +63,6 @@ null_ls.register({ -- Shell (non-POSIX) null_ls.register({ - require("none-ls-shellcheck.diagnostics").with({ - -- Restrict to bash and zsh - filetypes = { "bash", "zsh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - require("none-ls-shellcheck.code_actions").with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test, use bash dialect - extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" }, - -- Restrict to bash and zsh - filetypes = { "bash", "zsh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use bash dialect @@ -92,22 +76,6 @@ null_ls.register({ -- Shell (POSIX) null_ls.register({ - require("none-ls-shellcheck.diagnostics").with({ - -- Restrict to POSIX sh - filetypes = { "sh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), - require("none-ls-shellcheck.code_actions").with({ - -- Show error code in message - diagnostics_format = "[#{c}] #{m}", - -- Require explicit empty string test - extra_args = { "-o", "avoid-nullary-conditions" }, - -- Restrict to POSIX sh - filetypes = { "sh" }, - -- Only used if available - condition = utils.is_executable_condition("shellcheck"), - }), null_ls.builtins.formatting.shfmt.with({ -- Indent with 4 spaces, simplify the code, indent switch cases, -- add space after redirection, use POSIX From d96d5d459f09c6d56380f74a9874e270af9976f8 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Mon, 11 Mar 2024 12:29:34 +0000 Subject: [PATCH 7/8] overlays: remove none-ls-shellcheck-nvim --- overlays/none-ls-shellcheck-nvim/default.nix | 4 ---- overlays/none-ls-shellcheck-nvim/generated.nix | 15 --------------- 2 files changed, 19 deletions(-) delete mode 100644 overlays/none-ls-shellcheck-nvim/default.nix delete mode 100644 overlays/none-ls-shellcheck-nvim/generated.nix diff --git a/overlays/none-ls-shellcheck-nvim/default.nix b/overlays/none-ls-shellcheck-nvim/default.nix deleted file mode 100644 index 832e71d..0000000 --- a/overlays/none-ls-shellcheck-nvim/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: prev: -{ - vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { }); -} diff --git a/overlays/none-ls-shellcheck-nvim/generated.nix b/overlays/none-ls-shellcheck-nvim/generated.nix deleted file mode 100644 index ee93a88..0000000 --- a/overlays/none-ls-shellcheck-nvim/generated.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ vimUtils, fetchFromGitHub }: -_final: _prev: -{ - none-ls-shellcheck-nvim = vimUtils.buildVimPlugin { - pname = "none-ls-shellcheck.nvim"; - version = "2024-02-28"; - src = fetchFromGitHub { - owner = "gbprod"; - repo = "none-ls-shellcheck.nvim"; - rev = "1eed283a7ede771b522a0a9f30bb604f02f51d64"; - sha256 = "1hs0q9a0xwyqml0bfmplk89f1dk4nyg6aapfarnx44zqiw1183kn"; - }; - meta.homepage = "https://github.com/gbprod/none-ls-shellcheck.nvim/"; - }; -} From 7e77d8960238c26dd2dcd8dc4114876a17ee85f7 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 9 Mar 2024 21:49:12 +0100 Subject: [PATCH 8/8] flake: bump inputs And fix the breaking changes in Vikunja (which actually make my configuration simpler). --- flake.lock | 24 +++++++++++----------- modules/nixos/services/vikunja/default.nix | 23 ++------------------- 2 files changed, 14 insertions(+), 33 deletions(-) diff --git a/flake.lock b/flake.lock index cd0b2de..ce8318f 100644 --- a/flake.lock +++ b/flake.lock @@ -73,11 +73,11 @@ ] }, "locked": { - "lastModified": 1706830856, - "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", "type": "github" }, "original": { @@ -136,11 +136,11 @@ ] }, "locked": { - "lastModified": 1709204054, - "narHash": "sha256-U1idK0JHs1XOfSI1APYuXi4AEADf+B+ZU4Wifc0pBHk=", + "lastModified": 1709988192, + "narHash": "sha256-qxwIkl85P0I1/EyTT+NJwzbXdOv86vgZxcv4UKicjK8=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f3367769a93b226c467551315e9e270c3f78b15", + "rev": "b0b0c3d94345050a7f86d1ebc6c56eea4389d030", "type": "github" }, "original": { @@ -152,11 +152,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1709150264, - "narHash": "sha256-HofykKuisObPUfj0E9CJVfaMhawXkYx3G8UIFR/XQ38=", + "lastModified": 1709703039, + "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9099616b93301d5cf84274b184a3a5ec69e94e08", + "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1709206595, - "narHash": "sha256-lBU/gE7DiJCNkJGPVUms0zA0hxzDVgENIXfebj1oeLc=", + "lastModified": 1710013455, + "narHash": "sha256-qzOpU4APTso6JLA+/F4zlO/yL8++n/CsUpmxbQAsy/4=", "owner": "nix-community", "repo": "NUR", - "rev": "fbe8df1c13fd8e63e35c2c4654104661eb1fbbed", + "rev": "cf1e9b0e085368cc489c765f285f1d07c2ec8d36", "type": "github" }, "original": { diff --git a/modules/nixos/services/vikunja/default.nix b/modules/nixos/services/vikunja/default.nix index 9767d00..6e7700f 100644 --- a/modules/nixos/services/vikunja/default.nix +++ b/modules/nixos/services/vikunja/default.nix @@ -30,8 +30,6 @@ in frontendScheme = "https"; frontendHostname = vikunjaDomain; - setupNginx = false; - database = { type = "postgres"; user = "vikunja"; @@ -61,28 +59,11 @@ in # This is a weird setup my.services.nginx.virtualHosts = { ${subdomain} = { - # Serve the root for the web-ui - root = config.services.vikunja.package-frontend; - - extraConfig = { - locations = { - "/" = { - tryFiles = "try_files $uri $uri/ /"; - }; - - # Serve the API through a UNIX socket - "~* ^/(api|dav|\\.well-known)/" = { - proxyPass = "http://unix:${socketPath}"; - extraConfig = '' - client_max_body_size 20M; - ''; - }; - }; - }; + socket = socketPath; }; }; - systemd.services.vikunja-api = { + systemd.services.vikunja = { serviceConfig = { # Use a system user to simplify using the CLI DynamicUser = lib.mkForce false;