Compare commits
8 commits
Author | SHA1 | Date | |
---|---|---|---|
Bruno BELANYI | 2e5899b22e | ||
Bruno BELANYI | c68574b745 | ||
Bruno BELANYI | 7a03ce2012 | ||
Bruno BELANYI | 0650c1f159 | ||
Bruno BELANYI | 9b2963cb8c | ||
Bruno BELANYI | 091424cb14 | ||
Bruno BELANYI | 1a7223a5e5 | ||
Bruno BELANYI | c8b5b1586c |
|
@ -9,15 +9,15 @@ steps:
|
|||
|
||||
- name: notifiy
|
||||
image: bash
|
||||
environment:
|
||||
ADDRESS:
|
||||
from_secret: matrix_homeserver
|
||||
ROOM:
|
||||
from_secret: matrix_roomid
|
||||
USER:
|
||||
from_secret: matrix_username
|
||||
PASS:
|
||||
from_secret: matrix_password
|
||||
secrets:
|
||||
- source: matrix_homeserver
|
||||
target: address
|
||||
- source: matrix_roomid
|
||||
target: room
|
||||
- source: matrix_username
|
||||
target: user
|
||||
- source: matrix_password
|
||||
target: pass
|
||||
commands:
|
||||
- nix run '.#matrix-notifier'
|
||||
when:
|
||||
|
|
51
flake.lock
51
flake.lock
|
@ -14,11 +14,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715290355,
|
||||
"narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=",
|
||||
"lastModified": 1703433843,
|
||||
"narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "8d37c5bdeade12b6479c85acd133063ab53187a0",
|
||||
"rev": "417caa847f9383e111d1397039c9d4337d024bf0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -73,11 +73,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715865404,
|
||||
"narHash": "sha256-/GJvTdTpuDjNn84j82cU6bXztE0MSkdnTWClUCRub78=",
|
||||
"lastModified": 1706830856,
|
||||
"narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8dc45382d5206bd292f9c2768b8058a8fd8311d9",
|
||||
"rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -94,11 +94,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"lastModified": 1705309234,
|
||||
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -116,11 +116,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709087332,
|
||||
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||
"lastModified": 1703887061,
|
||||
"narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||
"rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -136,11 +136,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715930644,
|
||||
"narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
|
||||
"lastModified": 1707175763,
|
||||
"narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
|
||||
"rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -152,11 +152,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1715961556,
|
||||
"narHash": "sha256-+NpbZRCRisUHKQJZF3CT+xn14ZZQO+KjxIIanH3Pvn4=",
|
||||
"lastModified": 1707092692,
|
||||
"narHash": "sha256-ZbHsm+mGk/izkWtT4xwwqz38fdlwu7nUUKXTOmm4SyE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4a6b83b05df1a8bd7d99095ec4b4d271f2956b64",
|
||||
"rev": "faf912b086576fd1a15fca610166c98d47bc667e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -168,11 +168,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1716149933,
|
||||
"narHash": "sha256-0Ui2HmmKvSqxXfT5kCzTu2EO+kqYxavPZHROxQLsI14=",
|
||||
"lastModified": 1707234300,
|
||||
"narHash": "sha256-D+LdA8g0Tq+KE9EmJMmn8EGRO5jZ2nLe/W0Fr5EIsdg=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "0d0e224fe23a49977d871ae2fe2f14c84b03322a",
|
||||
"rev": "59fceae769455455ef44c1dfb63bbae1ecddc41d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -185,6 +185,9 @@
|
|||
"pre-commit-hooks": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": [
|
||||
"futils"
|
||||
],
|
||||
"gitignore": "gitignore",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
|
@ -194,11 +197,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1715870890,
|
||||
"narHash": "sha256-nacSOeXtUEM77Gn0G4bTdEOeFIrkCBXiyyFZtdGwuH0=",
|
||||
"lastModified": 1706424699,
|
||||
"narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "fa606cccd7b0ccebe2880051208e4a0f61bfc8c1",
|
||||
"rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -63,6 +63,7 @@
|
|||
repo = "pre-commit-hooks.nix";
|
||||
ref = "master";
|
||||
inputs = {
|
||||
flake-utils.follows = "futils";
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
nixpkgs-stable.follows = "nixpkgs";
|
||||
};
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
{ flake-parts
|
||||
, systems
|
||||
, futils
|
||||
, ...
|
||||
} @ inputs:
|
||||
let
|
||||
mySystems = import systems;
|
||||
mySystems = futils.lib.defaultSystems;
|
||||
in
|
||||
flake-parts.lib.mkFlake { inherit inputs; } {
|
||||
systems = mySystems;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# Google Laptop configuration
|
||||
{ lib, options, pkgs, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
{
|
||||
services.gpg-agent.enable = lib.mkForce false;
|
||||
|
||||
|
@ -12,10 +12,8 @@
|
|||
# I use scripts that use the passthrough sequence often on this host
|
||||
enablePassthrough = true;
|
||||
|
||||
terminalFeatures = {
|
||||
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
|
||||
xterm-256color = { };
|
||||
};
|
||||
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
|
||||
trueColorTerminals = [ "xterm-256color" ];
|
||||
};
|
||||
|
||||
ssh = {
|
||||
|
@ -23,21 +21,5 @@
|
|||
package = pkgs.emptyDirectory;
|
||||
};
|
||||
};
|
||||
|
||||
zsh = {
|
||||
notify = {
|
||||
enable = true;
|
||||
|
||||
exclude = options.my.home.zsh.notify.exclude.default ++ [
|
||||
"adb shell$" # Only interactive shell sessions
|
||||
];
|
||||
|
||||
ssh = {
|
||||
enable = true;
|
||||
# `notify-send` is proxied to the ChromeOS layer
|
||||
useOsc777 = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -15,10 +15,8 @@
|
|||
# I use scripts that use the passthrough sequence often on this host
|
||||
enablePassthrough = true;
|
||||
|
||||
terminalFeatures = {
|
||||
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
|
||||
xterm-256color = { };
|
||||
};
|
||||
# HTerm uses `xterm-256color` as its `$TERM`, so use that here
|
||||
trueColorTerminals = [ "xterm-256color" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
{
|
||||
my.home = {
|
||||
# Use graphical pinentry
|
||||
bitwarden.pinentry = pkgs.pinentry-gtk2;
|
||||
bitwarden.pinentry = "gtk2";
|
||||
# Ebook library
|
||||
calibre.enable = true;
|
||||
# Some amount of social life
|
||||
|
@ -14,7 +14,7 @@
|
|||
# Blue light filter
|
||||
gammastep.enable = true;
|
||||
# Use a small popup to enter passwords
|
||||
gpg.pinentry = pkgs.pinentry-gtk2;
|
||||
gpg.pinentry = "gtk2";
|
||||
# Machine specific packages
|
||||
packages.additionalPackages = with pkgs; [
|
||||
element-desktop # Matrix client
|
||||
|
|
|
@ -3,14 +3,15 @@
|
|||
|
||||
{
|
||||
boot = {
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
# Use the GRUB 2 boot loader.
|
||||
loader.grub = {
|
||||
enable = true;
|
||||
# Define on which hard drive you want to install Grub.
|
||||
device = "/dev/disk/by-id/ata-HGST_HUS724020ALA640_PN2181P6J58M1P";
|
||||
};
|
||||
|
||||
initrd = {
|
||||
availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "usbhid" "sd_mod" ];
|
||||
availableKernelModules = [ "uhci_hcd" "ahci" "usbhid" ];
|
||||
kernelModules = [ "dm-snapshot" ];
|
||||
};
|
||||
|
||||
|
|
|
@ -16,5 +16,11 @@
|
|||
# Set your time zone.
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
system.stateVersion = "24.05"; # Did you read the comment?
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "20.09"; # Did you read the comment?
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# Hardware configuration
|
||||
{ modulesPath, ... }:
|
||||
{ lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -11,18 +11,9 @@
|
|||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-label/boot";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [
|
||||
{ device = "/dev/disk/by-label/swap"; }
|
||||
];
|
||||
|
||||
my.hardware = {
|
||||
firmware = {
|
||||
cpuFlavor = "intel";
|
||||
};
|
||||
};
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
||||
|
|
|
@ -1,18 +1,11 @@
|
|||
{ ... }:
|
||||
{
|
||||
my.home = {
|
||||
nix = {
|
||||
cache = {
|
||||
# This server is the one serving the cache, don't try to query it
|
||||
selfHosted = false;
|
||||
};
|
||||
};
|
||||
|
||||
# Allow using extended features when SSH-ing from various clients
|
||||
tmux.terminalFeatures = {
|
||||
# Allow using 24bit color when SSH-ing from various clients
|
||||
tmux.trueColorTerminals = [
|
||||
# My usual terminal, e.g: on laptop
|
||||
alacritty = { };
|
||||
};
|
||||
"alacritty"
|
||||
];
|
||||
|
||||
# Always start a tmux session when opening a shell session
|
||||
zsh.launchTmux = true;
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
SWAP_SIZE=16GiB
|
||||
|
||||
parted /dev/sda --script -- \
|
||||
mklabel gpt \
|
||||
mklabel msdos \
|
||||
mkpart primary 512MiB -$SWAP_SIZE \
|
||||
mkpart primary linux-swap -$SWAP_SIZE 100% \
|
||||
mkpart ESP fat32 1MiB 512MiB \
|
||||
|
@ -11,24 +11,14 @@ parted /dev/sda --script -- \
|
|||
|
||||
parted /dev/sdb --script -- \
|
||||
mklabel gpt \
|
||||
mkpart primary 0% 100%
|
||||
parted /dev/sdc --script -- \
|
||||
mklabel gpt \
|
||||
mkpart primary 0% 100%
|
||||
parted /dev/sdd --script -- \
|
||||
mklabel gpt \
|
||||
mkpart primary 0% 100%
|
||||
mkpart primary 0MiB 100%
|
||||
|
||||
mkfs.ext4 -L media1 /dev/sda1
|
||||
mkfs.ext4 -L media2 /dev/sdb1
|
||||
mkfs.ext4 -L media3 /dev/sdc1
|
||||
mkfs.ext4 -L media4 /dev/sdd1
|
||||
|
||||
pvcreate /dev/sda1
|
||||
pvcreate /dev/sdb1
|
||||
pvcreate /dev/sdc1
|
||||
pvcreate /dev/sdd1
|
||||
vgcreate lvm /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1
|
||||
vgcreate lvm /dev/sda1 /dev/sdb1
|
||||
lvcreate -l 100%FREE -n media lvm
|
||||
|
||||
mkfs.ext4 -L nixos /dev/mapper/lvm-media
|
||||
|
@ -37,17 +27,17 @@ mkfs.fat -F 32 -n boot /dev/sda3
|
|||
|
||||
mount /dev/disk/by-label/nixos /mnt
|
||||
swapon /dev/sda2
|
||||
mkdir -p /mnt/boot
|
||||
mount /dev/disk/by-label/boot /mnt/boot
|
||||
|
||||
apt install sudo
|
||||
useradd -m -G sudo setupuser
|
||||
# shellcheck disable=2117
|
||||
su setupuser
|
||||
|
||||
cat << EOF
|
||||
# Run the following commands as setup user
|
||||
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
|
||||
. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
|
||||
nix profile install nixpkgs#nixos-install-tools
|
||||
curl -L https://nixos.org/nix/install | sh
|
||||
. $HOME/.nix-profile/etc/profile.d/nix.sh
|
||||
nix-channel --add https://nixos.org/channels/nixos-20.09 nixpkgs
|
||||
sudo "$(which nixos-generate-config)" --root /mnt
|
||||
|
||||
# Change uuids to labels
|
||||
|
@ -64,6 +54,3 @@ git crypt unlock
|
|||
|
||||
nixos-install --root /mnt --flake '.#<hostname>'
|
||||
EOF
|
||||
|
||||
# shellcheck disable=2117
|
||||
su setupuser
|
||||
|
|
|
@ -6,17 +6,30 @@
|
|||
hostName = "porthos"; # Define your hostname.
|
||||
domain = "belanyi.fr"; # Define your domain.
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
useDHCP = true;
|
||||
|
||||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||
# replicates the default behaviour.
|
||||
useDHCP = false;
|
||||
|
||||
interfaces = {
|
||||
eno1.useDHCP = true;
|
||||
eno2.useDHCP = true;
|
||||
bond0.useDHCP = true;
|
||||
bonding_masters.useDHCP = true;
|
||||
dummy0.useDHCP = true;
|
||||
erspan0.useDHCP = true;
|
||||
eth0.useDHCP = true;
|
||||
eth1.useDHCP = true;
|
||||
gre0.useDHCP = true;
|
||||
gretap0.useDHCP = true;
|
||||
ifb0.useDHCP = true;
|
||||
ifb1.useDHCP = true;
|
||||
ip6tnl0.useDHCP = true;
|
||||
sit0.useDHCP = true;
|
||||
teql0.useDHCP = true;
|
||||
tunl0.useDHCP = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Which interface is used to connect to the internet
|
||||
my.hardware.networking.externalInterface = "eno1";
|
||||
my.hardware.networking.externalInterface = "eth0";
|
||||
}
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
age-encryption.org/v1
|
||||
-> ssh-ed25519 cKojmg Lhgx43wR8PtAMf5v1eJxKlUBSAoOLdOOn/QaQrwF8zA
|
||||
jfUCpgNzkHCNTWCqtErDaLMmg1Oy+s9zUra1JLCi+J4
|
||||
-> ssh-ed25519 jPowng kSeQ/SmMrzd8ByVu3YHWeZyKmqFZvQSBnDunkB8e6wc
|
||||
WRmnfrV5xcRXA9t0ZXx6YvbRl0sX4PTrw63VVKX4Ei4
|
||||
--- a+LLM1gP9g1AbUapbeeKaS4cEcRBmPo3MHU2DSWTAds
|
||||
Ò,FÜÒ6”â⬘ixÌ<78>°Øe|
«
|
||||
²
|
||||
ÌÏœ,{†
ˆõvª!–†‰zÜ$P;ãé©TØÆÉKW
|
||||
qGô
|
Binary file not shown.
|
@ -21,24 +21,13 @@ in
|
|||
"drone/secret.age".publicKeys = all;
|
||||
"drone/ssh/private-key.age".publicKeys = all;
|
||||
|
||||
"forgejo/mail-password.age" = {
|
||||
owner = "git";
|
||||
publicKeys = all;
|
||||
};
|
||||
|
||||
"gitea/mail-password.age" = {
|
||||
owner = "git";
|
||||
publicKeys = all;
|
||||
};
|
||||
|
||||
"lohr/secret.age" = {
|
||||
owner = "lohr";
|
||||
publicKeys = all;
|
||||
};
|
||||
"lohr/ssh-key.age" = {
|
||||
owner = "lohr";
|
||||
publicKeys = all;
|
||||
};
|
||||
"lohr/secret.age".publicKeys = all;
|
||||
"lohr/ssh-key.age".publicKeys = all;
|
||||
|
||||
"matrix/mail.age" = {
|
||||
owner = "matrix-synapse";
|
||||
|
@ -52,10 +41,6 @@ in
|
|||
publicKeys = all;
|
||||
};
|
||||
|
||||
"mealie/mail.age" = {
|
||||
publicKeys = all;
|
||||
};
|
||||
|
||||
"miniflux/credentials.age".publicKeys = all;
|
||||
|
||||
"monitoring/password.age" = {
|
||||
|
|
|
@ -10,11 +10,6 @@ in
|
|||
adblock = {
|
||||
enable = true;
|
||||
};
|
||||
# Audiobook and podcast library
|
||||
audiobookshelf = {
|
||||
enable = true;
|
||||
port = 9599;
|
||||
};
|
||||
# Backblaze B2 backup
|
||||
backup = {
|
||||
enable = true;
|
||||
|
@ -41,14 +36,14 @@ in
|
|||
flood = {
|
||||
enable = true;
|
||||
};
|
||||
# Forgejo forge
|
||||
forgejo = {
|
||||
# Gitea forge
|
||||
gitea = {
|
||||
enable = true;
|
||||
mail = {
|
||||
enable = true;
|
||||
host = "smtp.migadu.com";
|
||||
user = lib.my.mkMailAddress "forgejo" "belanyi.fr";
|
||||
passwordFile = secrets."forgejo/mail-password".path;
|
||||
host = "smtp.migadu.com:465";
|
||||
user = lib.my.mkMailAddress "gitea" "belanyi.fr";
|
||||
passwordFile = secrets."gitea/mail-password".path;
|
||||
};
|
||||
};
|
||||
# Meta-indexers
|
||||
|
@ -73,10 +68,6 @@ in
|
|||
secretFile = secrets."matrix/sliding-sync-secret".path;
|
||||
};
|
||||
};
|
||||
mealie = {
|
||||
enable = true;
|
||||
credentialsFile = secrets."mealie/mail".path;
|
||||
};
|
||||
miniflux = {
|
||||
enable = true;
|
||||
credentialsFiles = secrets."miniflux/credentials".path;
|
||||
|
@ -139,7 +130,6 @@ in
|
|||
podgrab = {
|
||||
enable = true;
|
||||
passwordFile = secrets."podgrab/password".path;
|
||||
dataDir = "/data/media/podcasts";
|
||||
port = 9598;
|
||||
};
|
||||
# Regular backups
|
||||
|
|
|
@ -25,8 +25,6 @@ in
|
|||
search_mode = "skim";
|
||||
# Show long command lines at the bottom
|
||||
show_preview = true;
|
||||
# I like being able to edit my commands
|
||||
enter_accept = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.home.bitwarden;
|
||||
in
|
||||
|
@ -6,7 +6,12 @@ in
|
|||
options.my.home.bitwarden = with lib; {
|
||||
enable = my.mkDisableOption "bitwarden configuration";
|
||||
|
||||
pinentry = mkPackageOption pkgs "pinentry" { default = [ "pinentry-tty" ]; };
|
||||
pinentry = mkOption {
|
||||
type = types.str;
|
||||
default = "tty";
|
||||
example = "gtk2";
|
||||
description = "Which pinentry interface to use";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
|
|
@ -7,9 +7,9 @@ in
|
|||
enable = my.mkDisableOption "direnv configuration";
|
||||
|
||||
defaultFlake = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
example = "pkgs";
|
||||
type = types.str;
|
||||
default = "pkgs";
|
||||
example = "nixpkgs";
|
||||
description = ''
|
||||
Which flake from the registry should be used for
|
||||
<command>use pkgs</command> by default.
|
||||
|
@ -39,7 +39,7 @@ in
|
|||
in
|
||||
lib.my.genAttrs' files linkLibFile;
|
||||
|
||||
home.sessionVariables = lib.mkIf (cfg.defaultFlake != null) {
|
||||
home.sessionVariables = {
|
||||
DIRENV_DEFAULT_FLAKE = cfg.defaultFlake;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -26,14 +26,7 @@ in
|
|||
gdb
|
||||
];
|
||||
|
||||
xdg = {
|
||||
configFile."gdb/gdbinit".source = ./gdbinit;
|
||||
dataFile. "gdb/.keep".text = "";
|
||||
};
|
||||
|
||||
home.sessionVariables = {
|
||||
GDBHISTFILE = "${config.xdg.dataHome}/gdb/gdb_history";
|
||||
};
|
||||
xdg.configFile."gdb/gdbinit".source = ./gdbinit;
|
||||
}
|
||||
|
||||
(lib.mkIf cfg.rr.enable {
|
||||
|
|
|
@ -148,10 +148,6 @@ in
|
|||
autoStash = true;
|
||||
};
|
||||
|
||||
rerere = {
|
||||
enabled = true;
|
||||
};
|
||||
|
||||
url = {
|
||||
"git@git.belanyi.fr:" = {
|
||||
insteadOf = "https://git.belanyi.fr/";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.home.gpg;
|
||||
in
|
||||
|
@ -6,7 +6,12 @@ in
|
|||
options.my.home.gpg = with lib; {
|
||||
enable = my.mkDisableOption "gpg configuration";
|
||||
|
||||
pinentry = mkPackageOption pkgs "pinentry" { default = [ "pinentry-tty" ]; };
|
||||
pinentry = mkOption {
|
||||
type = types.str;
|
||||
default = "tty";
|
||||
example = "gtk2";
|
||||
description = "Which pinentry interface to use";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
@ -17,7 +22,7 @@ in
|
|||
services.gpg-agent = {
|
||||
enable = true;
|
||||
enableSshSupport = true; # One agent to rule them all
|
||||
pinentryPackage = cfg.pinentry;
|
||||
pinentryFlavor = cfg.pinentry;
|
||||
extraConfig = ''
|
||||
allow-loopback-pinentry
|
||||
'';
|
||||
|
|
|
@ -12,7 +12,7 @@ let
|
|||
# Use pinned nixpkgs when using `nix run pkgs#<whatever>`
|
||||
pkgs = inputs.nixpkgs;
|
||||
}
|
||||
(lib.optionalAttrs cfg.inputs.overrideNixpkgs {
|
||||
(lib.optionalAttrs cfg.overrideNixpkgs {
|
||||
# ... And with `nix run nixpkgs#<whatever>`
|
||||
nixpkgs = inputs.nixpkgs;
|
||||
})
|
||||
|
@ -22,26 +22,20 @@ in
|
|||
options.my.home.nix = with lib; {
|
||||
enable = my.mkDisableOption "nix configuration";
|
||||
|
||||
cache = {
|
||||
selfHosted = my.mkDisableOption "self-hosted cache";
|
||||
};
|
||||
linkInputs = my.mkDisableOption "link inputs to `$XDG_CONFIG_HOME/nix/inputs`";
|
||||
|
||||
inputs = {
|
||||
link = my.mkDisableOption "link inputs to `/etc/nix/inputs/`";
|
||||
addToRegistry = my.mkDisableOption "add inputs and self to registry";
|
||||
|
||||
addToRegistry = my.mkDisableOption "add inputs and self to registry";
|
||||
addToNixPath = my.mkDisableOption "add inputs and self to nix path";
|
||||
|
||||
addToNixPath = my.mkDisableOption "add inputs and self to nix path";
|
||||
|
||||
overrideNixpkgs = my.mkDisableOption "point nixpkgs to pinned system version";
|
||||
};
|
||||
overrideNixpkgs = my.mkDisableOption "point nixpkgs to pinned system version";
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable (lib.mkMerge [
|
||||
{
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.inputs.addToNixPath -> cfg.inputs.link;
|
||||
assertion = cfg.addToNixPath -> cfg.linkInputs;
|
||||
message = ''
|
||||
enabling `my.home.nix.addToNixPath` needs to have
|
||||
`my.home.nix.linkInputs = true`
|
||||
|
@ -54,27 +48,17 @@ in
|
|||
nix = {
|
||||
package = lib.mkDefault pkgs.nix; # NixOS module sets it unconditionally
|
||||
|
||||
# FIXME: waiting on https://github.com/nix-community/home-manager/pull/3876
|
||||
settings = {
|
||||
# I like XDG-compliance
|
||||
use-xdg-base-directories = true;
|
||||
|
||||
experimental-features = [ "nix-command" "flakes" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
(lib.mkIf cfg.cache.selfHosted {
|
||||
nix = {
|
||||
settings = {
|
||||
extra-substituters = [
|
||||
"https://cache.belanyi.fr/"
|
||||
];
|
||||
|
||||
extra-trusted-public-keys = [
|
||||
"cache.belanyi.fr:LPhrTqufwfxTceg1nRWueDWf7/2zSVY9K00pq2UI7tw="
|
||||
];
|
||||
};
|
||||
};
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.inputs.addToRegistry {
|
||||
(lib.mkIf cfg.addToRegistry {
|
||||
nix.registry =
|
||||
let
|
||||
makeEntry = v: { flake = v; };
|
||||
|
@ -83,7 +67,7 @@ in
|
|||
makeEntries channels;
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.inputs.link {
|
||||
(lib.mkIf cfg.linkInputs {
|
||||
xdg.configFile =
|
||||
let
|
||||
makeLink = n: v: {
|
||||
|
@ -95,7 +79,7 @@ in
|
|||
makeLinks channels;
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.inputs.addToNixPath {
|
||||
(lib.mkIf cfg.addToNixPath {
|
||||
home.sessionVariables.NIX_PATH = "${config.xdg.configHome}/nix/inputs\${NIX_PATH:+:$NIX_PATH}";
|
||||
})
|
||||
]);
|
||||
|
|
|
@ -16,7 +16,6 @@ in
|
|||
LESS = "-R -+X -c";
|
||||
# Better XDG compliance
|
||||
LESSHISTFILE = "${config.xdg.dataHome}/less/history";
|
||||
LESSKEY = "${config.xdg.configHome}/less/lesskey";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -49,7 +49,7 @@ in
|
|||
};
|
||||
|
||||
porthos = {
|
||||
hostname = "37.187.146.15";
|
||||
hostname = "91.121.177.163";
|
||||
identityFile = "~/.ssh/shared_rsa";
|
||||
user = "ambroisie";
|
||||
};
|
||||
|
|
|
@ -5,14 +5,6 @@ let
|
|||
config.my.home.x.enable
|
||||
(config.my.home.wm.windowManager != null)
|
||||
];
|
||||
|
||||
mkTerminalFlags = opt: flag:
|
||||
let
|
||||
mkFlag = term: ''set -as terminal-features ",${term}:${flag}"'';
|
||||
enabledTerminals = lib.filterAttrs (_: v: v.${opt}) cfg.terminalFeatures;
|
||||
terminals = lib.attrNames enabledTerminals;
|
||||
in
|
||||
lib.concatMapStringsSep "\n" mkFlag terminals;
|
||||
in
|
||||
{
|
||||
options.my.home.tmux = with lib; {
|
||||
|
@ -20,22 +12,16 @@ in
|
|||
|
||||
enablePassthrough = mkEnableOption "tmux DCS passthrough sequence";
|
||||
|
||||
terminalFeatures = mkOption {
|
||||
type = with types; attrsOf (submodule {
|
||||
options = {
|
||||
hyperlinks = my.mkDisableOption "hyperlinks through OSC8";
|
||||
|
||||
trueColor = my.mkDisableOption "24-bit (RGB) color support";
|
||||
};
|
||||
});
|
||||
|
||||
default = { ${config.my.home.terminal.program} = { }; };
|
||||
defaultText = litteralExpression ''
|
||||
{ ''${config.my.home.terminal.program} = { }; };
|
||||
trueColorTerminals = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = lib.my.nullableToList config.my.home.terminal.program;
|
||||
defaultText = ''
|
||||
`[ config.my.home.terminal.program ]` if it is non-null, otherwise an
|
||||
empty list.
|
||||
'';
|
||||
example = { xterm-256color = { }; };
|
||||
example = [ "xterm-256color" ];
|
||||
description = ''
|
||||
$TERM values which should be considered to have additional features.
|
||||
$TERM values which should be considered to always support 24-bit color.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -46,7 +32,7 @@ in
|
|||
keyMode = "vi"; # Home-row keys and other niceties
|
||||
clock24 = true; # I'm one of those heathens
|
||||
escapeTime = 0; # Let vim do its thing instead
|
||||
historyLimit = 100000; # Bigger buffer
|
||||
historyLimit = 50000; # Bigger buffer
|
||||
terminal = "tmux-256color"; # I want accurate termcap info
|
||||
|
||||
plugins = with pkgs.tmuxPlugins; [
|
||||
|
@ -103,10 +89,13 @@ in
|
|||
''
|
||||
}
|
||||
|
||||
# Force OSC8 hyperlinks for each relevant $TERM
|
||||
${mkTerminalFlags "hyperlinks" "hyperlinks"}
|
||||
# Force 24-bit color for each relevant $TERM
|
||||
${mkTerminalFlags "trueColor" "RGB"}
|
||||
${
|
||||
let
|
||||
mkTcFlag = term: ''set -as terminal-features ",${term}:RGB"'';
|
||||
in
|
||||
lib.concatMapStringsSep "\n" mkTcFlag cfg.trueColorTerminals
|
||||
}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
" Create the `b:undo_ftplugin` variable if it doesn't exist
|
||||
call ftplugined#check_undo_ft()
|
||||
|
||||
" Add comment format
|
||||
setlocal comments=b://,s1:/*,mb:*,ex:*/
|
||||
setlocal commentstring=//\ %s
|
||||
let b:undo_ftplugin.='|setlocal comments< commentstring<'
|
|
@ -1,6 +0,0 @@
|
|||
" Create the `b:undo_ftplugin` variable if it doesn't exist
|
||||
call ftplugined#check_undo_ft()
|
||||
|
||||
" Use a small indentation value on JSON files
|
||||
setlocal shiftwidth=2
|
||||
let b:undo_ftplugin.='|setlocal shiftwidth<'
|
|
@ -105,7 +105,7 @@ in
|
|||
nixpkgs-fmt
|
||||
|
||||
# Shell
|
||||
nodePackages.bash-language-server
|
||||
shellcheck
|
||||
shfmt
|
||||
];
|
||||
};
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
-- Use `bp` filetype for Blueprint files
|
||||
vim.filetype.add({
|
||||
extension = {
|
||||
bp = "bp",
|
||||
},
|
||||
})
|
|
@ -88,23 +88,6 @@ set background=dark
|
|||
|
||||
" 24 bit colors
|
||||
set termguicolors
|
||||
" Setup some overrides for gruvbox
|
||||
lua << EOF
|
||||
local gruvbox = require("gruvbox")
|
||||
local colors = gruvbox.palette
|
||||
|
||||
gruvbox.setup({
|
||||
overrides = {
|
||||
-- Only URLs should be underlined
|
||||
["@string.special.path"] = { link = "GruvboxOrange" },
|
||||
-- Revert back to the better diff highlighting
|
||||
DiffAdd = { fg = colors.green, bg = "NONE" },
|
||||
DiffChange = { fg = colors.aqua, bg = "NONE" },
|
||||
DiffDelete = { fg = colors.red, bg = "NONE" },
|
||||
DiffText = { fg = colors.yellow, bg = colors.bg0 },
|
||||
}
|
||||
})
|
||||
EOF
|
||||
" Use my preferred colorscheme
|
||||
colorscheme gruvbox
|
||||
" }}}
|
||||
|
|
|
@ -51,7 +51,8 @@ M.on_attach = function(client, bufnr)
|
|||
local wk = require("which-key")
|
||||
|
||||
local function list_workspace_folders()
|
||||
vim.print(vim.lsp.buf.list_workspace_folders())
|
||||
local utils = require("ambroisie.utils")
|
||||
utils.dump(vim.lsp.buf.list_workspace_folders())
|
||||
end
|
||||
|
||||
local function cycle_diagnostics_display()
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
local M = {}
|
||||
|
||||
--- pretty print lua object
|
||||
--- @param obj any object to pretty print
|
||||
M.dump = function(obj)
|
||||
print(vim.inspect(obj))
|
||||
end
|
||||
|
||||
--- checks if a given command is executable
|
||||
--- @param cmd string? command to check
|
||||
--- @return boolean executable
|
||||
|
@ -9,7 +15,7 @@ end
|
|||
|
||||
--- return a function that checks if a given command is executable
|
||||
--- @param cmd string? command to check
|
||||
--- @return fun(): boolean executable
|
||||
--- @return fun(cmd: string): boolean executable
|
||||
M.is_executable_condition = function(cmd)
|
||||
return function()
|
||||
return M.is_executable(cmd)
|
||||
|
@ -34,11 +40,11 @@ M.is_ssh = function()
|
|||
return false
|
||||
end
|
||||
|
||||
--- list all active LSP clients for specific buffer, or all buffers
|
||||
--- list all active LSP clients for current buffer
|
||||
--- @param bufnr int? buffer number
|
||||
--- @return table all active LSP client names
|
||||
M.list_lsp_clients = function(bufnr)
|
||||
local clients = vim.lsp.get_active_clients({ bufnr = bufnr })
|
||||
local clients = vim.lsp.buf_get_clients(bufnr)
|
||||
local names = {}
|
||||
|
||||
for _, client in ipairs(clients) do
|
||||
|
|
|
@ -29,17 +29,16 @@ if utils.is_executable("clangd") then
|
|||
})
|
||||
end
|
||||
|
||||
-- Haskell
|
||||
if utils.is_executable("haskell-language-server-wrapper") then
|
||||
lspconfig.hls.setup({
|
||||
-- Nix
|
||||
if utils.is_executable("nil") then
|
||||
lspconfig.nil_ls.setup({
|
||||
capabilities = capabilities,
|
||||
on_attach = lsp.on_attach,
|
||||
})
|
||||
end
|
||||
|
||||
-- Nix
|
||||
if utils.is_executable("nil") then
|
||||
lspconfig.nil_ls.setup({
|
||||
if utils.is_executable("rnix-lsp") then
|
||||
lspconfig.rnix.setup({
|
||||
capabilities = capabilities,
|
||||
on_attach = lsp.on_attach,
|
||||
})
|
||||
|
@ -53,13 +52,6 @@ if utils.is_executable("pyright") then
|
|||
})
|
||||
end
|
||||
|
||||
if utils.is_executable("ruff-lsp") then
|
||||
lspconfig.ruff_lsp.setup({
|
||||
capabilities = capabilities,
|
||||
on_attach = lsp.on_attach,
|
||||
})
|
||||
end
|
||||
|
||||
-- Rust
|
||||
if utils.is_executable("rust-analyzer") then
|
||||
lspconfig.rust_analyzer.setup({
|
||||
|
@ -67,12 +59,3 @@ if utils.is_executable("rust-analyzer") then
|
|||
on_attach = lsp.on_attach,
|
||||
})
|
||||
end
|
||||
|
||||
-- Shell
|
||||
if utils.is_executable("bash-language-server") then
|
||||
lspconfig.bashls.setup({
|
||||
filetypes = { "bash", "sh", "zsh" },
|
||||
capabilities = capabilities,
|
||||
on_attach = lsp.on_attach,
|
||||
})
|
||||
end
|
||||
|
|
|
@ -10,7 +10,7 @@ local function list_spell_languages()
|
|||
end
|
||||
|
||||
local function list_lsp_clients()
|
||||
local client_names = utils.list_lsp_clients(0)
|
||||
local client_names = utils.list_lsp_clients()
|
||||
|
||||
if #client_names == 0 then
|
||||
return ""
|
||||
|
|
|
@ -18,16 +18,48 @@ null_ls.register({
|
|||
}),
|
||||
})
|
||||
|
||||
-- C, C++
|
||||
null_ls.register({
|
||||
null_ls.builtins.formatting.clang_format.with({
|
||||
-- Only used if available, but prefer clangd formatting if available
|
||||
condition = function()
|
||||
return utils.is_executable("clang-format") and not utils.is_executable("clangd")
|
||||
end,
|
||||
}),
|
||||
})
|
||||
|
||||
-- Haskell
|
||||
null_ls.register({
|
||||
null_ls.builtins.formatting.brittany.with({
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("brittany"),
|
||||
}),
|
||||
})
|
||||
|
||||
-- Nix
|
||||
null_ls.register({
|
||||
null_ls.builtins.formatting.nixpkgs_fmt.with({
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("nixpkgs-fmt"),
|
||||
-- Only used if available, but prefer rnix if available
|
||||
condition = function()
|
||||
return utils.is_executable("nixpkgs-fmt")
|
||||
and not utils.is_executable("rnix-lsp")
|
||||
and not utils.is_executable("nil")
|
||||
end,
|
||||
}),
|
||||
})
|
||||
|
||||
-- Python
|
||||
null_ls.register({
|
||||
null_ls.builtins.diagnostics.flake8.with({
|
||||
-- Only used if available, but prefer pflake8 if available
|
||||
condition = function()
|
||||
return utils.is_executable("flake8") and not utils.is_executable("pflake8")
|
||||
end,
|
||||
}),
|
||||
null_ls.builtins.diagnostics.pyproject_flake8.with({
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("pflake8"),
|
||||
}),
|
||||
null_ls.builtins.diagnostics.mypy.with({
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("mypy"),
|
||||
|
@ -49,6 +81,22 @@ null_ls.register({
|
|||
|
||||
-- Shell (non-POSIX)
|
||||
null_ls.register({
|
||||
null_ls.builtins.code_actions.shellcheck.with({
|
||||
-- Restrict to bash and zsh
|
||||
filetypes = { "bash", "zsh" },
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("shellcheck"),
|
||||
}),
|
||||
null_ls.builtins.diagnostics.shellcheck.with({
|
||||
-- Show error code in message
|
||||
diagnostics_format = "[#{c}] #{m}",
|
||||
-- Require explicit empty string test, use bash dialect
|
||||
extra_args = { "-s", "bash", "-o", "avoid-nullary-conditions" },
|
||||
-- Restrict to bash and zsh
|
||||
filetypes = { "bash", "zsh" },
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("shellcheck"),
|
||||
}),
|
||||
null_ls.builtins.formatting.shfmt.with({
|
||||
-- Indent with 4 spaces, simplify the code, indent switch cases,
|
||||
-- add space after redirection, use bash dialect
|
||||
|
@ -62,6 +110,22 @@ null_ls.register({
|
|||
|
||||
-- Shell (POSIX)
|
||||
null_ls.register({
|
||||
null_ls.builtins.code_actions.shellcheck.with({
|
||||
-- Restrict to POSIX sh
|
||||
filetypes = { "sh" },
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("shellcheck"),
|
||||
}),
|
||||
null_ls.builtins.diagnostics.shellcheck.with({
|
||||
-- Show error code in message
|
||||
diagnostics_format = "[#{c}] #{m}",
|
||||
-- Require explicit empty string test
|
||||
extra_args = { "-o", "avoid-nullary-conditions" },
|
||||
-- Restrict to POSIX sh
|
||||
filetypes = { "sh" },
|
||||
-- Only used if available
|
||||
condition = utils.is_executable_condition("shellcheck"),
|
||||
}),
|
||||
null_ls.builtins.formatting.shfmt.with({
|
||||
-- Indent with 4 spaces, simplify the code, indent switch cases,
|
||||
-- add space after redirection, use POSIX
|
||||
|
|
|
@ -42,9 +42,11 @@ in
|
|||
ANDROID_USER_HOME = "${configHome}/android";
|
||||
CARGO_HOME = "${dataHome}/cargo";
|
||||
DOCKER_CONFIG = "${configHome}/docker";
|
||||
GRADLE_USER_HOME = "${dataHome}/gradle";
|
||||
GDBHISTFILE = "${dataHome}/gdb/gdb_history";
|
||||
HISTFILE = "${dataHome}/bash/history";
|
||||
INPUTRC = "${configHome}/readline/inputrc";
|
||||
LESSHISTFILE = "${dataHome}/less/history";
|
||||
LESSKEY = "${configHome}/less/lesskey";
|
||||
PSQL_HISTORY = "${dataHome}/psql_history";
|
||||
PYTHONPYCACHEPREFIX = "${cacheHome}/python/";
|
||||
PYTHONUSERBASE = "${dataHome}/python/";
|
||||
|
@ -52,6 +54,5 @@ in
|
|||
REDISCLI_HISTFILE = "${dataHome}/redis/rediscli_history";
|
||||
REPO_CONFIG_DIR = "${configHome}/repo";
|
||||
XCOMPOSECACHE = "${dataHome}/X11/xcompose";
|
||||
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${configHome}/java";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -15,152 +15,81 @@ in
|
|||
enable = my.mkDisableOption "zsh configuration";
|
||||
|
||||
launchTmux = mkEnableOption "auto launch tmux at shell start";
|
||||
|
||||
notify = {
|
||||
enable = mkEnableOption "zsh-done notification";
|
||||
|
||||
exclude = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [
|
||||
"delta"
|
||||
"direnv reload"
|
||||
"fg"
|
||||
"git (?!push|pull|fetch)"
|
||||
"htop"
|
||||
"less"
|
||||
"man"
|
||||
"nvim"
|
||||
"tail -f"
|
||||
"tmux"
|
||||
"vim"
|
||||
];
|
||||
example = [ "command --long-running-option" ];
|
||||
description = ''
|
||||
List of exclusions which should not be create a notification. Accepts
|
||||
Perl regexes (implicitly anchored with `^\s*`).
|
||||
'';
|
||||
};
|
||||
|
||||
ssh = {
|
||||
enable = mkEnableOption "notify through SSH/non-graphical connections";
|
||||
|
||||
useOsc777 = lib.my.mkDisableOption "use OSC-777 for notifications";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable (lib.mkMerge [
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
zsh-completions
|
||||
config = lib.mkIf cfg.enable {
|
||||
home.packages = with pkgs; [
|
||||
zsh-completions
|
||||
];
|
||||
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME
|
||||
enableCompletion = true;
|
||||
|
||||
history = {
|
||||
size = 500000;
|
||||
save = 500000;
|
||||
extended = true;
|
||||
expireDuplicatesFirst = true;
|
||||
ignoreSpace = true;
|
||||
ignoreDups = true;
|
||||
share = false;
|
||||
path = "${config.xdg.dataHome}/zsh/zsh_history";
|
||||
};
|
||||
|
||||
plugins = [
|
||||
{
|
||||
name = "fast-syntax-highlighting";
|
||||
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
|
||||
src = pkgs.zsh-fast-syntax-highlighting;
|
||||
}
|
||||
{
|
||||
name = "agkozak-zsh-prompt";
|
||||
file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh";
|
||||
src = pkgs.agkozak-zsh-prompt;
|
||||
}
|
||||
];
|
||||
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
dotDir = "${relativeXdgConfig}/zsh"; # Don't clutter $HOME
|
||||
enableCompletion = true;
|
||||
# Modal editing is life, but CLI benefits from emacs gymnastics
|
||||
defaultKeymap = "emacs";
|
||||
|
||||
history = {
|
||||
size = 500000;
|
||||
save = 500000;
|
||||
extended = true;
|
||||
expireDuplicatesFirst = true;
|
||||
ignoreSpace = true;
|
||||
ignoreDups = true;
|
||||
share = false;
|
||||
path = "${config.xdg.dataHome}/zsh/zsh_history";
|
||||
};
|
||||
|
||||
plugins = [
|
||||
{
|
||||
name = "fast-syntax-highlighting";
|
||||
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
|
||||
src = pkgs.zsh-fast-syntax-highlighting;
|
||||
}
|
||||
{
|
||||
name = "agkozak-zsh-prompt";
|
||||
file = "share/zsh/site-functions/agkozak-zsh-prompt.plugin.zsh";
|
||||
src = pkgs.agkozak-zsh-prompt;
|
||||
}
|
||||
];
|
||||
|
||||
# Modal editing is life, but CLI benefits from emacs gymnastics
|
||||
defaultKeymap = "emacs";
|
||||
|
||||
# Make those happen early to avoid doing double the work
|
||||
initExtraFirst = lib.mkBefore ''
|
||||
${
|
||||
lib.optionalString cfg.launchTmux ''
|
||||
# Launch tmux unless already inside one
|
||||
if [ -z "$TMUX" ]; then
|
||||
exec tmux new-session
|
||||
fi
|
||||
''
|
||||
}
|
||||
'';
|
||||
|
||||
initExtra = lib.mkAfter ''
|
||||
source ${./completion-styles.zsh}
|
||||
source ${./extra-mappings.zsh}
|
||||
source ${./options.zsh}
|
||||
|
||||
# Source local configuration
|
||||
if [ -f "$ZDOTDIR/zshrc.local" ]; then
|
||||
source "$ZDOTDIR/zshrc.local"
|
||||
fi
|
||||
'';
|
||||
|
||||
localVariables = {
|
||||
# I like having the full path
|
||||
AGKOZAK_PROMPT_DIRTRIM = 0;
|
||||
# Because I *am* from EPITA
|
||||
AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ];
|
||||
# Easy on the eyes
|
||||
AGKOZAK_COLORS_BRANCH_STATUS = "magenta";
|
||||
# I don't like moving my eyes
|
||||
AGKOZAK_LEFT_PROMPT_ONLY = 1;
|
||||
};
|
||||
|
||||
# Enable VTE integration
|
||||
enableVteIntegration = true;
|
||||
};
|
||||
}
|
||||
|
||||
(lib.mkIf cfg.notify.enable {
|
||||
programs.zsh = {
|
||||
plugins = [
|
||||
{
|
||||
name = "zsh-done";
|
||||
file = "share/zsh/site-functions/done.plugin.zsh";
|
||||
src = pkgs.ambroisie.zsh-done;
|
||||
}
|
||||
];
|
||||
|
||||
# `localVariables` values don't get merged correctly due to their type,
|
||||
# don't use `mkIf`
|
||||
localVariables = {
|
||||
DONE_EXCLUDE =
|
||||
let
|
||||
joined = lib.concatMapStringsSep "|" (c: "(${c})") cfg.notify.exclude;
|
||||
in
|
||||
''^\s*(${joined})'';
|
||||
# Make those happen early to avoid doing double the work
|
||||
initExtraFirst = ''
|
||||
${
|
||||
lib.optionalString cfg.launchTmux ''
|
||||
# Launch tmux unless already inside one
|
||||
if [ -z "$TMUX" ]; then
|
||||
exec tmux new-session
|
||||
fi
|
||||
''
|
||||
}
|
||||
# Enable `zsh-done` through SSH, if configured
|
||||
// lib.optionalAttrs cfg.notify.ssh.enable {
|
||||
DONE_ALLOW_NONGRAPHICAL = 1;
|
||||
};
|
||||
'';
|
||||
|
||||
# Use OSC-777 to send the notification through SSH
|
||||
initExtra = lib.mkIf cfg.notify.ssh.useOsc777 ''
|
||||
done_send_notification() {
|
||||
local exit_status="$1"
|
||||
local title="$2"
|
||||
local message="$3"
|
||||
initExtra = ''
|
||||
source ${./completion-styles.zsh}
|
||||
source ${./extra-mappings.zsh}
|
||||
source ${./options.zsh}
|
||||
|
||||
${lib.getExe pkgs.ambroisie.osc777} "$title" "$message"
|
||||
}
|
||||
'';
|
||||
# Source local configuration
|
||||
if [ -f "$ZDOTDIR/zshrc.local" ]; then
|
||||
source "$ZDOTDIR/zshrc.local"
|
||||
fi
|
||||
'';
|
||||
|
||||
localVariables = {
|
||||
# I like having the full path
|
||||
AGKOZAK_PROMPT_DIRTRIM = 0;
|
||||
# Because I *am* from EPITA
|
||||
AGKOZAK_PROMPT_CHAR = [ "42sh$" "42sh#" ":" ];
|
||||
# Easy on the eyes
|
||||
AGKOZAK_COLORS_BRANCH_STATUS = "magenta";
|
||||
# I don't like moving my eyes
|
||||
AGKOZAK_LEFT_PROMPT_ONLY = 1;
|
||||
};
|
||||
})
|
||||
]);
|
||||
|
||||
# Enable VTE integration
|
||||
enableVteIntegration = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -25,8 +25,8 @@ in
|
|||
package = pkgs.pulseaudioFull;
|
||||
};
|
||||
|
||||
services.pipewire.wireplumber.configPackages = [
|
||||
(pkgs.writeTextDir "share/wireplumber/bluetooth.lua.d/51-bluez-config.lua" ''
|
||||
environment.etc = {
|
||||
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
|
||||
bluez_monitor.properties = {
|
||||
-- SBC XQ provides better audio
|
||||
["bluez5.enable-sbc-xq"] = true,
|
||||
|
@ -40,8 +40,8 @@ in
|
|||
-- FIXME: Some devices may now support both hsp_ag and hfp_ag
|
||||
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
|
||||
}
|
||||
'')
|
||||
];
|
||||
'';
|
||||
};
|
||||
})
|
||||
|
||||
# Support for A2DP audio profile
|
||||
|
|
|
@ -9,7 +9,7 @@ in
|
|||
|
||||
config = lib.mkIf cfg.enable {
|
||||
# Enable touchpad support
|
||||
services.libinput.enable = true;
|
||||
services.xserver.libinput.enable = true;
|
||||
|
||||
# Enable TLP power management
|
||||
my.services.tlp.enable = true;
|
||||
|
|
|
@ -1,39 +0,0 @@
|
|||
# Audiobook and podcast library
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.services.audiobookshelf;
|
||||
in
|
||||
{
|
||||
options.my.services.audiobookshelf = with lib; {
|
||||
enable = mkEnableOption "Audiobookshelf, a self-hosted podcast manager";
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8000;
|
||||
example = 4242;
|
||||
description = "The port on which Audiobookshelf will listen for incoming HTTP traffic.";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.audiobookshelf = {
|
||||
enable = true;
|
||||
inherit (cfg) port;
|
||||
|
||||
group = "media";
|
||||
};
|
||||
|
||||
# Set-up media group
|
||||
users.groups.media = { };
|
||||
|
||||
my.services.nginx.virtualHosts = {
|
||||
audiobookshelf = {
|
||||
inherit (cfg) port;
|
||||
# Proxy websockets for RPC
|
||||
extraConfig = {
|
||||
locations."/".proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -89,16 +89,6 @@ in
|
|||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
# Essential files which should always be backed up
|
||||
my.services.backup.paths = lib.flatten [
|
||||
# Should be unique to a given host, used by some software (e.g: ZFS)
|
||||
"/etc/machine-id"
|
||||
# Contains the UID/GID map, and other useful state
|
||||
"/var/lib/nixos"
|
||||
# SSH host keys (and public keys for convenience)
|
||||
(builtins.map (key: [ key.path "${key.path}.pub" ]) config.services.openssh.hostKeys)
|
||||
];
|
||||
|
||||
services.restic.backups.backblaze = {
|
||||
# Take care of included and excluded files
|
||||
paths = cfg.paths;
|
||||
|
|
|
@ -35,7 +35,7 @@ in
|
|||
useACMEHost = domain;
|
||||
default = true;
|
||||
|
||||
locations."/".return = "302 https://${domain}$request_uri";
|
||||
locations."/".return = "302 https://belanyi.fr$request_uri";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -4,21 +4,18 @@
|
|||
imports = [
|
||||
./adblock
|
||||
./aria
|
||||
./audiobookshelf
|
||||
./backup
|
||||
./blog
|
||||
./calibre-web
|
||||
./drone
|
||||
./fail2ban
|
||||
./flood
|
||||
./forgejo
|
||||
./gitea
|
||||
./grocy
|
||||
./indexers
|
||||
./jellyfin
|
||||
./lohr
|
||||
./matrix
|
||||
./mealie
|
||||
./miniflux
|
||||
./monitoring
|
||||
./navidrome
|
||||
|
|
|
@ -1,162 +0,0 @@
|
|||
# A low-ressource, full-featured git forge.
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.services.forgejo;
|
||||
in
|
||||
{
|
||||
options.my.services.forgejo = with lib; {
|
||||
enable = mkEnableOption "Forgejo";
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 3042;
|
||||
example = 8080;
|
||||
description = "Internal port";
|
||||
};
|
||||
mail = {
|
||||
enable = mkEnableOption {
|
||||
description = "mailer configuration";
|
||||
};
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
example = "smtp.example.com";
|
||||
description = "Host for the mail account";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 465;
|
||||
example = 587;
|
||||
description = "Port for the mail account";
|
||||
};
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
example = "forgejo@example.com";
|
||||
description = "User for the mail account";
|
||||
};
|
||||
passwordFile = mkOption {
|
||||
type = types.str;
|
||||
example = "/run/secrets/forgejo-mail-password.txt";
|
||||
description = "Password for the mail account";
|
||||
};
|
||||
protocol = mkOption {
|
||||
type = types.str;
|
||||
default = "smtps";
|
||||
example = "smtp";
|
||||
description = "Protocol for connection";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.enable -> !config.my.services.gitea.enable;
|
||||
message = ''
|
||||
`config.my.services.forgejo` is incompatible with
|
||||
`config.my.services.gitea`.
|
||||
'';
|
||||
}
|
||||
];
|
||||
|
||||
services.forgejo =
|
||||
let
|
||||
inherit (config.networking) domain;
|
||||
forgejoDomain = "git.${domain}";
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
|
||||
user = "git";
|
||||
group = "git";
|
||||
|
||||
lfs.enable = true;
|
||||
|
||||
useWizard = false;
|
||||
|
||||
database = {
|
||||
type = "postgres"; # Automatic setup
|
||||
user = "git"; # User needs to be the same as forgejo user
|
||||
name = "git"; # Name must be the same as user for `ensureDBOwnership`
|
||||
};
|
||||
|
||||
# NixOS module uses `forgejo dump` to backup repositories and the database,
|
||||
# but it produces a single .zip file that's not very backup friendly.
|
||||
# I configure my backup system manually below.
|
||||
dump.enable = false;
|
||||
|
||||
mailerPasswordFile = lib.mkIf cfg.mail.enable cfg.mail.passwordFile;
|
||||
|
||||
settings = {
|
||||
DEFAULT = {
|
||||
APP_NAME = "Ambroisie's forge";
|
||||
};
|
||||
|
||||
server = {
|
||||
HTTP_PORT = cfg.port;
|
||||
DOMAIN = forgejoDomain;
|
||||
ROOT_URL = "https://${forgejoDomain}";
|
||||
};
|
||||
|
||||
mailer = lib.mkIf cfg.mail.enable {
|
||||
ENABLED = true;
|
||||
SMTP_ADDR = cfg.mail.host;
|
||||
SMTP_PORT = cfg.mail.port;
|
||||
FROM = "Forgejo <${cfg.mail.user}>";
|
||||
USER = cfg.mail.user;
|
||||
PROTOCOL = cfg.mail.protocol;
|
||||
};
|
||||
|
||||
service = {
|
||||
DISABLE_REGISTRATION = true;
|
||||
};
|
||||
|
||||
session = {
|
||||
# only send cookies via HTTPS
|
||||
COOKIE_SECURE = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.git = {
|
||||
description = "Forgejo Service";
|
||||
home = config.services.forgejo.stateDir;
|
||||
useDefaultShell = true;
|
||||
group = "git";
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.git = { };
|
||||
|
||||
my.services.nginx.virtualHosts = {
|
||||
# Proxy to Forgejo
|
||||
git = {
|
||||
inherit (cfg) port;
|
||||
};
|
||||
# Redirect `forgejo.` to actual forge subdomain
|
||||
forgejo = {
|
||||
redirect = config.services.forgejo.settings.server.ROOT_URL;
|
||||
};
|
||||
};
|
||||
|
||||
my.services.backup = {
|
||||
paths = [
|
||||
config.services.forgejo.lfs.contentDir
|
||||
config.services.forgejo.repositoryRoot
|
||||
];
|
||||
};
|
||||
|
||||
services.fail2ban.jails = {
|
||||
forgejo = ''
|
||||
enabled = true
|
||||
filter = forgejo
|
||||
action = iptables-allports
|
||||
'';
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
"fail2ban/filter.d/forgejo.conf".text = ''
|
||||
[Definition]
|
||||
failregex = ^.*(Failed authentication attempt|invalid credentials|Attempted access of unknown user).* from <HOST>$
|
||||
journalmatch = _SYSTEMD_UNIT=forgejo.service
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
|
@ -18,15 +18,9 @@ in
|
|||
};
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
example = "smtp.example.com";
|
||||
example = "smtp.example.com:465";
|
||||
description = "Host for the mail account";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 465;
|
||||
example = 587;
|
||||
description = "Port for the mail account";
|
||||
};
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
example = "gitea@example.com";
|
||||
|
@ -37,11 +31,17 @@ in
|
|||
example = "/run/secrets/gitea-mail-password.txt";
|
||||
description = "Password for the mail account";
|
||||
};
|
||||
protocol = mkOption {
|
||||
type = mkOption {
|
||||
type = types.str;
|
||||
default = "smtps";
|
||||
default = "smtp";
|
||||
example = "smtp";
|
||||
description = "Protocol for connection";
|
||||
description = "Password for the mail account";
|
||||
};
|
||||
tls = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
example = false;
|
||||
description = "Use TLS for connection";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -58,8 +58,6 @@ in
|
|||
appName = "Ambroisie's forge";
|
||||
|
||||
user = "git";
|
||||
group = "git";
|
||||
|
||||
lfs.enable = true;
|
||||
|
||||
useWizard = false;
|
||||
|
@ -86,11 +84,11 @@ in
|
|||
|
||||
mailer = lib.mkIf cfg.mail.enable {
|
||||
ENABLED = true;
|
||||
SMTP_ADDR = cfg.mail.host;
|
||||
SMTP_PORT = cfg.mail.port;
|
||||
FROM = "Gitea <${cfg.mail.user}>";
|
||||
HOST = cfg.mail.host;
|
||||
FROM = cfg.mail.user;
|
||||
USER = cfg.mail.user;
|
||||
PROTOCOL = cfg.mail.protocol;
|
||||
MAILER_TYPE = cfg.mail.type;
|
||||
IS_TLS_ENABLED = cfg.mail.tls;
|
||||
};
|
||||
|
||||
service = {
|
||||
|
@ -109,6 +107,11 @@ in
|
|||
home = config.services.gitea.stateDir;
|
||||
useDefaultShell = true;
|
||||
group = "git";
|
||||
|
||||
# The service for gitea seems to hardcode the group as
|
||||
# gitea, so, uh, just in case?
|
||||
extraGroups = [ "gitea" ];
|
||||
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.git = { };
|
||||
|
|
|
@ -59,6 +59,21 @@ in
|
|||
"LOHR_HOME=${lohrHome}"
|
||||
"LOHR_CONFIG="
|
||||
];
|
||||
ExecStartPre = lib.mkIf (cfg.sshKeyFile != null) ''+${
|
||||
pkgs.writeScript "copy-ssh-key" ''
|
||||
#!${pkgs.bash}/bin/bash
|
||||
# Ensure the key is not there
|
||||
mkdir -p '${lohrHome}/.ssh'
|
||||
rm -f '${lohrHome}/.ssh/id_ed25519'
|
||||
|
||||
# Move the key into place
|
||||
cp ${cfg.sshKeyFile} '${lohrHome}/.ssh/id_ed25519'
|
||||
|
||||
# Fix permissions
|
||||
chown -R lohr:lohr '${lohrHome}/.ssh'
|
||||
chmod -R 0700 '${lohrHome}/.ssh'
|
||||
''
|
||||
}'';
|
||||
ExecStart =
|
||||
let
|
||||
configFile = settingsFormat.generate "lohr-config.yaml" cfg.setting;
|
||||
|
@ -88,24 +103,5 @@ in
|
|||
inherit (cfg) port;
|
||||
};
|
||||
};
|
||||
|
||||
# SSH key provisioning
|
||||
systemd.tmpfiles.settings."10-lohr" = lib.mkIf (cfg.sshKeyFile != null) {
|
||||
"${lohrHome}/.ssh" = {
|
||||
d = {
|
||||
user = "lohr";
|
||||
group = "lohr";
|
||||
mode = "0700";
|
||||
};
|
||||
};
|
||||
"${lohrHome}/.ssh/id_ed25519" = {
|
||||
"L+" = {
|
||||
user = "lohr";
|
||||
group = "lohr";
|
||||
mode = "0700";
|
||||
argument = cfg.sshKeyFile;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,79 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.services.mealie;
|
||||
in
|
||||
{
|
||||
options.my.services.mealie = with lib; {
|
||||
enable = mkEnableOption "Mealie service";
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 4537;
|
||||
example = 8080;
|
||||
description = "Internal port for webui";
|
||||
};
|
||||
|
||||
credentialsFile = mkOption {
|
||||
type = types.str;
|
||||
example = "/var/lib/mealie/credentials.env";
|
||||
description = ''
|
||||
Configuration file for secrets.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.mealie = {
|
||||
enable = true;
|
||||
inherit (cfg) port credentialsFile;
|
||||
|
||||
settings = {
|
||||
# Basic settings
|
||||
BASE_URL = "https://mealie.${config.networking.domain}";
|
||||
TZ = config.time.timeZone;
|
||||
ALLOw_SIGNUP = "false";
|
||||
|
||||
# Use PostgreSQL
|
||||
DB_ENGINE = "postgres";
|
||||
POSTGRES_USER = "mealie";
|
||||
POSTGRES_PASSWORD = "";
|
||||
POSTGRES_SERVER = "/run/postgresql";
|
||||
# Pydantic and/or mealie doesn't handle the URI correctly, hijack it
|
||||
# with query parameters...
|
||||
POSTGRES_DB = "mealie?host=/run/postgresql&dbname=mealie";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services = {
|
||||
mealie = {
|
||||
after = [ "postgresql.service" ];
|
||||
requires = [ "postgresql.service" ];
|
||||
};
|
||||
};
|
||||
|
||||
# Set-up database
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureDatabases = [ "mealie" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "mealie";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
my.services.nginx.virtualHosts = {
|
||||
mealie = {
|
||||
inherit (cfg) port;
|
||||
|
||||
extraConfig = {
|
||||
# Allow bulk upload of recipes for import/export
|
||||
locations."/".extraConfig = ''
|
||||
client_max_body_size 0;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -31,7 +31,7 @@ in
|
|||
config = lib.mkIf cfg.enable {
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
package = pkgs.nextcloud29;
|
||||
package = pkgs.nextcloud28;
|
||||
hostName = "nextcloud.${config.networking.domain}";
|
||||
home = "/var/lib/nextcloud";
|
||||
maxUploadSize = cfg.maxSize;
|
||||
|
|
|
@ -17,15 +17,6 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
example = "/mnt/podgrab";
|
||||
description = ''
|
||||
Path to the directory to store the podcasts. Use default if null
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8080;
|
||||
|
@ -38,14 +29,8 @@ in
|
|||
services.podgrab = {
|
||||
enable = true;
|
||||
inherit (cfg) passwordFile port;
|
||||
|
||||
group = "media";
|
||||
dataDirectory = lib.mkIf (cfg.dataDir != null) cfg.dataDir;
|
||||
};
|
||||
|
||||
# Set-up media group
|
||||
users.groups.media = { };
|
||||
|
||||
my.services.nginx.virtualHosts = {
|
||||
podgrab = {
|
||||
inherit (cfg) port;
|
||||
|
|
|
@ -20,28 +20,24 @@ in
|
|||
|
||||
# Taken from the manual
|
||||
(lib.mkIf cfg.upgradeScript {
|
||||
containers.temp-pg.config.services.postgresql = {
|
||||
enable = true;
|
||||
package = pkgs.postgresql_13;
|
||||
};
|
||||
|
||||
environment.systemPackages =
|
||||
let
|
||||
pgCfg = config.services.postgresql;
|
||||
newPackage' = pkgs.postgresql_13;
|
||||
|
||||
oldPackage = if pgCfg.enableJIT then pgCfg.package.withJIT else pgCfg.package;
|
||||
oldData = pgCfg.dataDir;
|
||||
oldBin = "${if pgCfg.extraPlugins == [] then oldPackage else oldPackage.withPackages pgCfg.extraPlugins}/bin";
|
||||
|
||||
newPackage = if pgCfg.enableJIT then newPackage'.withJIT else newPackage';
|
||||
newData = "/var/lib/postgresql/${newPackage.psqlSchema}";
|
||||
newBin = "${if pgCfg.extraPlugins == [] then newPackage else newPackage.withPackages pgCfg.extraPlugins}/bin";
|
||||
newpg = config.containers.temp-pg.config.services.postgresql;
|
||||
in
|
||||
[
|
||||
(pkgs.writeScriptBin "upgrade-pg-cluster" ''
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -eux
|
||||
export OLDDATA="${oldData}"
|
||||
export NEWDATA="${newData}"
|
||||
export OLDBIN="${oldBin}"
|
||||
export NEWBIN="${newBin}"
|
||||
set -x
|
||||
export OLDDATA="${config.services.postgresql.dataDir}"
|
||||
export NEWDATA="${newpg.dataDir}"
|
||||
export OLDBIN="${config.services.postgresql.package}/bin"
|
||||
export NEWBIN="${newpg.package}/bin"
|
||||
|
||||
if [ "$OLDDATA" -ef "$NEWDATA" ]; then
|
||||
echo "Cannot migrate to same data directory" >&2
|
||||
|
@ -50,21 +46,14 @@ in
|
|||
|
||||
install -d -m 0700 -o postgres -g postgres "$NEWDATA"
|
||||
cd "$NEWDATA"
|
||||
sudo -u postgres "$NEWBIN/initdb" -D "$NEWDATA"
|
||||
sudo -u postgres $NEWBIN/initdb -D "$NEWDATA"
|
||||
|
||||
systemctl stop postgresql # old one
|
||||
|
||||
sudo -u postgres "$NEWBIN/pg_upgrade" \
|
||||
sudo -u postgres $NEWBIN/pg_upgrade \
|
||||
--old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \
|
||||
--old-bindir "$OLDBIN" --new-bindir "$NEWBIN" \
|
||||
--old-bindir $OLDBIN --new-bindir $NEWBIN \
|
||||
"$@"
|
||||
|
||||
cat << EOF
|
||||
Run the following commands after setting:
|
||||
services.postgresql.package = pkgs.postgresql_${lib.versions.major newPackage.version}
|
||||
sudo -u postgres vacuumdb --all --analyze-in-stages
|
||||
${newData}/delete_old_cluster.sh
|
||||
EOF
|
||||
'')
|
||||
];
|
||||
})
|
||||
|
|
|
@ -39,12 +39,31 @@ in
|
|||
downloadDirectory
|
||||
port
|
||||
;
|
||||
};
|
||||
|
||||
# Use media group when downloading files
|
||||
# Use pyload user/media group when downloading files
|
||||
systemd.services.pyload = {
|
||||
serviceConfig = {
|
||||
User = lib.mkForce "pyload";
|
||||
Group = lib.mkForce "media";
|
||||
DynamicUser = lib.mkForce false;
|
||||
};
|
||||
};
|
||||
|
||||
# And make sure the download directory has the correct owners
|
||||
systemd.tmpfiles.settings.pyload = {
|
||||
${cfg.downloadDirectory}.d = {
|
||||
user = "pyload";
|
||||
group = "media";
|
||||
};
|
||||
};
|
||||
|
||||
# Set-up pyload user and media group
|
||||
users.users.pyload = {
|
||||
isSystemUser = true;
|
||||
group = "media";
|
||||
};
|
||||
|
||||
# Set-up media group
|
||||
users.groups.media = { };
|
||||
|
||||
my.services.nginx.virtualHosts = {
|
||||
|
|
|
@ -11,9 +11,7 @@ in
|
|||
config = lib.mkIf cfg.enable {
|
||||
services.rss-bridge = {
|
||||
enable = true;
|
||||
config = {
|
||||
system.enabled_bridges = [ "*" ]; # Whitelist all
|
||||
};
|
||||
whitelist = [ "*" ]; # Whitelist all
|
||||
virtualHost = "rss-bridge.${config.networking.domain}";
|
||||
};
|
||||
|
||||
|
|
|
@ -73,13 +73,6 @@ in
|
|||
my.services.nginx.virtualHosts = {
|
||||
recipes = {
|
||||
inherit (cfg) port;
|
||||
|
||||
extraConfig = {
|
||||
# Allow bulk upload of recipes for import/export
|
||||
locations."/".extraConfig = ''
|
||||
client_max_body_size 0;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -30,6 +30,8 @@ in
|
|||
frontendScheme = "https";
|
||||
frontendHostname = vikunjaDomain;
|
||||
|
||||
setupNginx = false;
|
||||
|
||||
database = {
|
||||
type = "postgres";
|
||||
user = "vikunja";
|
||||
|
@ -59,11 +61,28 @@ in
|
|||
# This is a weird setup
|
||||
my.services.nginx.virtualHosts = {
|
||||
${subdomain} = {
|
||||
socket = socketPath;
|
||||
# Serve the root for the web-ui
|
||||
root = config.services.vikunja.package-frontend;
|
||||
|
||||
extraConfig = {
|
||||
locations = {
|
||||
"/" = {
|
||||
tryFiles = "try_files $uri $uri/ /";
|
||||
};
|
||||
|
||||
# Serve the API through a UNIX socket
|
||||
"~* ^/(api|dav|\\.well-known)/" = {
|
||||
proxyPass = "http://unix:${socketPath}";
|
||||
extraConfig = ''
|
||||
client_max_body_size 20M;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.vikunja = {
|
||||
systemd.services.vikunja-api = {
|
||||
serviceConfig = {
|
||||
# Use a system user to simplify using the CLI
|
||||
DynamicUser = lib.mkForce false;
|
||||
|
|
|
@ -13,7 +13,7 @@ let
|
|||
porthos = {
|
||||
clientNum = 1;
|
||||
publicKey = "PLdgsizztddri0LYtjuNHr5r2E8D+yI+gM8cm5WDfHQ=";
|
||||
externalIp = "37.187.146.15";
|
||||
externalIp = "91.121.177.163";
|
||||
};
|
||||
|
||||
# "Clients"
|
||||
|
|
|
@ -44,8 +44,6 @@ in
|
|||
serviceConfig = {
|
||||
# Same option as upstream, without @setuid
|
||||
SystemCallFilter = lib.mkForce "~@clock @privileged @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap";
|
||||
# NodeJS requires RWX memory...
|
||||
MemoryDenyWriteExecute = lib.mkForce false;
|
||||
|
||||
BindPaths = [
|
||||
"/nix/var/nix/daemon-socket/socket"
|
||||
|
|
|
@ -8,12 +8,6 @@
|
|||
|
||||
options.my.services.woodpecker = with lib; {
|
||||
enable = mkEnableOption "Woodpecker CI";
|
||||
forge = mkOption {
|
||||
type = types.enum [ "gitea" "forgejo" ];
|
||||
default = "forgejo";
|
||||
example = "gitea";
|
||||
description = "Which Forge to connect to";
|
||||
};
|
||||
runners = mkOption {
|
||||
type = with types; listOf (enum [ "exec" "docker" ]);
|
||||
default = [ ];
|
||||
|
|
|
@ -17,7 +17,7 @@ in
|
|||
WOODPECKER_GRPC_ADDR = ":${toString cfg.rpcPort}";
|
||||
|
||||
WOODPECKER_GITEA = "true";
|
||||
WOODPECKER_GITEA_URL = config.services.${cfg.forge}.settings.server.ROOT_URL;
|
||||
WOODPECKER_GITEA_URL = config.services.gitea.settings.server.ROOT_URL;
|
||||
|
||||
WOODPECKER_LOG_LEVEL = "debug";
|
||||
};
|
||||
|
|
|
@ -54,10 +54,13 @@ in
|
|||
nix = {
|
||||
package = pkgs.nix;
|
||||
|
||||
# FIXME: waiting on https://github.com/NixOS/nixpkgs/pull/146515
|
||||
# FIXME: look at https://github.com/SuperSandro2000/nixos-modules/blob/master/modules/nix.nix
|
||||
settings = {
|
||||
# I like XDG-compliance
|
||||
use-xdg-base-directories = true;
|
||||
|
||||
experimental-features = [ "nix-command" "flakes" ];
|
||||
# Trusted users are equivalent to root, and might as well allow wheel
|
||||
trusted-users = [ "root" "@wheel" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
28
overlays/gruvbox-nvim-better-diff/colours.patch
Normal file
28
overlays/gruvbox-nvim-better-diff/colours.patch
Normal file
|
@ -0,0 +1,28 @@
|
|||
From 416b3c9c5e783d173ac0fd5310a76c1b144b92c1 Mon Sep 17 00:00:00 2001
|
||||
From: eeeXun <sdes96303@gmail.com>
|
||||
Date: Thu, 19 Oct 2023 02:34:12 +0800
|
||||
Subject: Use better diff colours
|
||||
|
||||
---
|
||||
README.md | 3 ++-
|
||||
lua/gruvbox.lua | 7 ++++---
|
||||
2 files changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/lua/gruvbox.lua b/lua/gruvbox.lua
|
||||
index ceba0735..a319fc6a 100644
|
||||
--- a/lua/gruvbox.lua
|
||||
+++ b/lua/gruvbox.lua
|
||||
@@ -360,9 +361,9 @@ local function get_groups()
|
||||
PmenuSel = { fg = colors.bg2, bg = colors.blue, bold = config.bold },
|
||||
PmenuSbar = { bg = colors.bg2 },
|
||||
PmenuThumb = { bg = colors.bg4 },
|
||||
- DiffDelete = { bg = colors.dark_red },
|
||||
- DiffAdd = { bg = colors.dark_green },
|
||||
- DiffChange = { bg = colors.dark_aqua },
|
||||
- DiffText = { bg = colors.yellow, fg = colors.bg0 },
|
||||
+ DiffDelete = { fg = colors.red },
|
||||
+ DiffAdd = { fg = colors.green },
|
||||
+ DiffChange = { fg = colors.aqua },
|
||||
+ DiffText = { fg = colors.yellow, bg = colors.bg0 },
|
||||
SpellCap = { link = "GruvboxBlueUnderline" },
|
||||
SpellBad = { link = "GruvboxRedUnderline" },
|
10
overlays/gruvbox-nvim-better-diff/generated.nix
Normal file
10
overlays/gruvbox-nvim-better-diff/generated.nix
Normal file
|
@ -0,0 +1,10 @@
|
|||
{ ... }:
|
||||
|
||||
_final: prev: {
|
||||
gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: {
|
||||
patches = (oa.patches or [ ]) ++ [
|
||||
# Inspired by https://github.com/ellisonleao/gruvbox.nvim/pull/291
|
||||
./colours.patch
|
||||
];
|
||||
});
|
||||
}
|
4
overlays/gruvbox-nvim-treesitter-fix/default.nix
Normal file
4
overlays/gruvbox-nvim-treesitter-fix/default.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
self: prev:
|
||||
{
|
||||
vimPlugins = prev.vimPlugins.extend (self.callPackage ./generated.nix { });
|
||||
}
|
14
overlays/gruvbox-nvim-treesitter-fix/generated.nix
Normal file
14
overlays/gruvbox-nvim-treesitter-fix/generated.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ fetchFromGitHub }:
|
||||
|
||||
_final: prev: {
|
||||
gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (_: {
|
||||
version = "2024-01-29";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ellisonleao";
|
||||
repo = "gruvbox.nvim";
|
||||
rev = "6e4027ae957cddf7b193adfaec4a8f9e03b4555f";
|
||||
sha256 = "sha256-jWnrRy/PT7D0UcPGL+XTbKHWvS0ixvbyqPtTzG9HY84=";
|
||||
};
|
||||
});
|
||||
}
|
|
@ -1,14 +0,0 @@
|
|||
{ fetchpatch, ... }:
|
||||
|
||||
_final: prev: {
|
||||
gruvbox-nvim = prev.gruvbox-nvim.overrideAttrs (oa: {
|
||||
patches = (oa.patches or [ ]) ++ [
|
||||
# https://github.com/ellisonleao/gruvbox.nvim/pull/319
|
||||
(fetchpatch {
|
||||
name = "expose-color-palette.patch";
|
||||
url = "https://github.com/ellisonleao/gruvbox.nvim/commit/07a493ba4f8b650aab9ed9e486caa89822be0996.patch";
|
||||
hash = "sha256-iGwt8qIHe2vaiAUcpaUxyGlM472F89vobTdQ7CF/H70=";
|
||||
})
|
||||
];
|
||||
});
|
||||
}
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
pname = "zsh-done";
|
||||
version = "0.1.1";
|
||||
version = "0.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ambroisie";
|
||||
repo = "zsh-done";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-dyhPhoMrAfDWtrBX5TA+B3G7QZ7gBhoDGNOEqGsCBQU=";
|
||||
hash = "sha256-DC7urJDXPP9vBYABrJF5KZ4HfMbrpHIVogSmEB8PWLA=";
|
||||
};
|
||||
|
||||
dontConfigure = true;
|
||||
|
@ -26,7 +26,7 @@ stdenvNoCC.mkDerivation rec {
|
|||
description = ''
|
||||
A zsh plug-in to receive notifications when long processes finish
|
||||
'';
|
||||
homepage = "https://git.belanyi.fr/ambroisie/zsh-done";
|
||||
homepage = "https://gitea.belanyi.fr/ambroisie/zsh-done";
|
||||
license = licenses.mit;
|
||||
platforms = platforms.unix;
|
||||
maintainers = with maintainers; [ ambroisie ];
|
||||
|
|
|
@ -1,12 +1,7 @@
|
|||
labels:
|
||||
backend: local
|
||||
type: exec
|
||||
|
||||
steps:
|
||||
- name: pre-commit check
|
||||
image: bash
|
||||
commands:
|
||||
- nix develop --command pre-commit run --all
|
||||
|
||||
- name: nix flake check
|
||||
image: bash
|
||||
commands:
|
||||
|
@ -14,17 +9,17 @@ steps:
|
|||
|
||||
- name: notifiy
|
||||
image: bash
|
||||
environment:
|
||||
ADDRESS:
|
||||
from_secret: matrix_homeserver
|
||||
ROOM:
|
||||
from_secret: matrix_roomid
|
||||
USER:
|
||||
from_secret: matrix_username
|
||||
PASS:
|
||||
from_secret: matrix_password
|
||||
secrets:
|
||||
- source: matrix_homeserver
|
||||
target: address
|
||||
- source: matrix_roomid
|
||||
target: room
|
||||
- source: matrix_username
|
||||
target: user
|
||||
- source: matrix_password
|
||||
target: pass
|
||||
commands:
|
||||
- nix run github:ambroisie/matrix-notifier
|
||||
- nix run '.#matrix-notifier'
|
||||
when:
|
||||
status:
|
||||
- failure
|
||||
|
|
|
@ -52,7 +52,7 @@
|
|||
|
||||
meta = with lib; {
|
||||
description = "A C++ project";
|
||||
homepage = "https://git.belanyi.fr/ambroisie/project";
|
||||
homepage = "https://gitea.belanyi.fr/ambroisie/project";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ ambroisie ];
|
||||
platforms = platforms.unix;
|
||||
|
|
|
@ -1,15 +1,15 @@
|
|||
find_package(GTest)
|
||||
|
||||
if(${GTest_FOUND})
|
||||
include(GoogleTest)
|
||||
if (${GTest_FOUND})
|
||||
include(GoogleTest)
|
||||
|
||||
add_executable(dummy_test dummy_test.cc)
|
||||
target_link_libraries(dummy_test PRIVATE common_options)
|
||||
add_executable(dummy_test dummy_test.cc)
|
||||
target_link_libraries(dummy_test PRIVATE common_options)
|
||||
|
||||
target_link_libraries(dummy_test PRIVATE
|
||||
GTest::gtest
|
||||
GTest::gtest_main
|
||||
)
|
||||
target_link_libraries(dummy_test PRIVATE
|
||||
GTest::gtest
|
||||
GTest::gtest_main
|
||||
)
|
||||
|
||||
gtest_discover_tests(dummy_test)
|
||||
endif()
|
||||
gtest_discover_tests(dummy_test)
|
||||
endif (${GTest_FOUND})
|
||||
|
|
|
@ -1,12 +1,7 @@
|
|||
labels:
|
||||
backend: local
|
||||
type: exec
|
||||
|
||||
steps:
|
||||
- name: pre-commit check
|
||||
image: bash
|
||||
commands:
|
||||
- nix develop --command pre-commit run --all
|
||||
|
||||
- name: nix flake check
|
||||
image: bash
|
||||
commands:
|
||||
|
@ -14,17 +9,17 @@ steps:
|
|||
|
||||
- name: notifiy
|
||||
image: bash
|
||||
environment:
|
||||
ADDRESS:
|
||||
from_secret: matrix_homeserver
|
||||
ROOM:
|
||||
from_secret: matrix_roomid
|
||||
USER:
|
||||
from_secret: matrix_username
|
||||
PASS:
|
||||
from_secret: matrix_password
|
||||
secrets:
|
||||
- source: matrix_homeserver
|
||||
target: address
|
||||
- source: matrix_roomid
|
||||
target: room
|
||||
- source: matrix_username
|
||||
target: user
|
||||
- source: matrix_password
|
||||
target: pass
|
||||
commands:
|
||||
- nix run github:ambroisie/matrix-notifier
|
||||
- nix run '.#matrix-notifier'
|
||||
when:
|
||||
status:
|
||||
- failure
|
||||
|
|
|
@ -52,7 +52,7 @@
|
|||
|
||||
meta = with lib; {
|
||||
description = "A C++ project";
|
||||
homepage = "https://git.belanyi.fr/ambroisie/project";
|
||||
homepage = "https://gitea.belanyi.fr/ambroisie/project";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ ambroisie ];
|
||||
platforms = platforms.unix;
|
||||
|
|
|
@ -5,10 +5,6 @@
|
|||
};
|
||||
"c++-meson" = {
|
||||
path = ./c++-meson;
|
||||
description = "A C++ project using Meson";
|
||||
};
|
||||
"rust-cargo" = {
|
||||
path = ./rust-cargo;
|
||||
description = "A Rust project using Cargo";
|
||||
description = "A C++ project using CMake";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
if ! has nix_direnv_version || ! nix_direnv_version 3.0.0; then
|
||||
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/3.0.0/direnvrc" "sha256-21TMnI2xWX7HkSTjFFri2UaohXVj854mgvWapWrxRXg="
|
||||
fi
|
||||
|
||||
use flake
|
6
templates/rust-cargo/.gitignore
vendored
6
templates/rust-cargo/.gitignore
vendored
|
@ -1,6 +0,0 @@
|
|||
# Rust build directory
|
||||
/target
|
||||
|
||||
# Nix generated files
|
||||
/.pre-commit-config.yaml
|
||||
/result
|
|
@ -1,31 +0,0 @@
|
|||
labels:
|
||||
backend: local
|
||||
|
||||
steps:
|
||||
- name: pre-commit check
|
||||
image: bash
|
||||
commands:
|
||||
- nix develop --command pre-commit run --all
|
||||
|
||||
- name: nix flake check
|
||||
image: bash
|
||||
commands:
|
||||
- nix flake check
|
||||
|
||||
- name: notifiy
|
||||
image: bash
|
||||
environment:
|
||||
ADDRESS:
|
||||
from_secret: matrix_homeserver
|
||||
ROOM:
|
||||
from_secret: matrix_roomid
|
||||
USER:
|
||||
from_secret: matrix_username
|
||||
PASS:
|
||||
from_secret: matrix_password
|
||||
commands:
|
||||
- nix run github:ambroisie/matrix-notifier
|
||||
when:
|
||||
status:
|
||||
- failure
|
||||
- success
|
7
templates/rust-cargo/Cargo.lock
generated
7
templates/rust-cargo/Cargo.lock
generated
|
@ -1,7 +0,0 @@
|
|||
# This file is automatically @generated by Cargo.
|
||||
# It is not intended for manual editing.
|
||||
version = 3
|
||||
|
||||
[[package]]
|
||||
name = "project"
|
||||
version = "0.0.0"
|
|
@ -1,8 +0,0 @@
|
|||
[package]
|
||||
name = "project"
|
||||
version = "0.0.0"
|
||||
edition = "2021"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[dependencies]
|
|
@ -1,112 +0,0 @@
|
|||
{
|
||||
description = "A Rust project";
|
||||
|
||||
inputs = {
|
||||
futils = {
|
||||
type = "github";
|
||||
owner = "numtide";
|
||||
repo = "flake-utils";
|
||||
ref = "main";
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
type = "github";
|
||||
owner = "NixOS";
|
||||
repo = "nixpkgs";
|
||||
ref = "nixos-unstable";
|
||||
};
|
||||
|
||||
pre-commit-hooks = {
|
||||
type = "github";
|
||||
owner = "cachix";
|
||||
repo = "pre-commit-hooks.nix";
|
||||
ref = "master";
|
||||
inputs = {
|
||||
flake-utils.follows = "futils";
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
outputs = { self, futils, nixpkgs, pre-commit-hooks }:
|
||||
{
|
||||
overlays = {
|
||||
default = final: _prev: {
|
||||
project = with final; rustPlatform.buildRustPackage {
|
||||
pname = "project";
|
||||
version = (final.lib.importTOML ./Cargo.toml).package.version;
|
||||
|
||||
src = self;
|
||||
|
||||
cargoLock = {
|
||||
lockFile = "${self}/Cargo.lock";
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A Rust project";
|
||||
homepage = "https://git.belanyi.fr/ambroisie/project";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ ambroisie ];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
} // futils.lib.eachDefaultSystem (system:
|
||||
let
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
self.overlays.default
|
||||
];
|
||||
};
|
||||
|
||||
pre-commit = pre-commit-hooks.lib.${system}.run {
|
||||
src = self;
|
||||
|
||||
hooks = {
|
||||
clippy = {
|
||||
enable = true;
|
||||
settings = {
|
||||
denyWarnings = true;
|
||||
};
|
||||
};
|
||||
|
||||
nixpkgs-fmt = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
rustfmt = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
checks = {
|
||||
inherit (self.packages.${system}) project;
|
||||
};
|
||||
|
||||
devShells = {
|
||||
default = pkgs.mkShell {
|
||||
inputsFrom = with self.packages.${system}; [
|
||||
project
|
||||
];
|
||||
|
||||
packages = with pkgs; [
|
||||
clippy
|
||||
rust-analyzer
|
||||
rustfmt
|
||||
];
|
||||
|
||||
RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}";
|
||||
|
||||
inherit (pre-commit) shellHook;
|
||||
};
|
||||
};
|
||||
|
||||
packages = futils.lib.flattenTree {
|
||||
default = pkgs.project;
|
||||
inherit (pkgs) project;
|
||||
};
|
||||
});
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
fn main() {
|
||||
println!("Hello, world!");
|
||||
}
|
Loading…
Reference in a new issue