diff --git a/configuration/common/nix.nix b/configuration/common/nix.nix
index 2c2f4b4..cabb17a 100644
--- a/configuration/common/nix.nix
+++ b/configuration/common/nix.nix
@@ -4,7 +4,7 @@
clerie.nixfiles.enable = true;
- clerie.nixfiles.system-auto-upgrade.enable = true;
+ clerie.system-auto-upgrade.enable = true;
nix.settings = {
trusted-users = [ "@wheel" "@guests" ];
@@ -51,8 +51,21 @@
};
exact = true;
};
+ "templates" = {
+ from = {
+ type = "indirect";
+ id = "templates";
+ };
+ to = {
+ type = "git";
+ url = "https://git.clerie.de/clerie/flake-templates.git";
+ };
+ };
};
documentation.doc.enable = false;
+ environment.systemPackages = with pkgs; [
+ nix-remove-result-links
+ ];
}
diff --git a/configuration/desktop/default.nix b/configuration/desktop/default.nix
index 4713d19..074cbab 100644
--- a/configuration/desktop/default.nix
+++ b/configuration/desktop/default.nix
@@ -5,6 +5,7 @@
./audio.nix
./fonts.nix
./gnome.nix
+ ./inputs.nix
./networking.nix
./power.nix
./printing.nix
diff --git a/configuration/desktop/gnome.nix b/configuration/desktop/gnome.nix
index 1a70246..f05d50a 100644
--- a/configuration/desktop/gnome.nix
+++ b/configuration/desktop/gnome.nix
@@ -32,4 +32,27 @@
];
services.gnome.evolution-data-server.enable = true;
+
+ programs.dconf.profiles = {
+ user.databases = [
+ {
+ settings = {
+ "org/gnome/desktop/calendar" = {
+ show-weekdate = true;
+ };
+ "org/gnome/desktop/interface" = {
+ enable-hot-corners = false;
+ show-battery-percentage = true;
+ };
+ "org/gnome/desktop/notifications" = {
+ show-in-lock-screen = false;
+ };
+ "org/gnome/gnome-system-monitor" = {
+ network-in-bits = true;
+ network-total-in-bits = true;
+ };
+ };
+ }
+ ];
+ };
}
diff --git a/configuration/desktop/inputs.nix b/configuration/desktop/inputs.nix
new file mode 100644
index 0000000..4207c16
--- /dev/null
+++ b/configuration/desktop/inputs.nix
@@ -0,0 +1,42 @@
+{ ... }:
+
+{
+ programs.dconf.profiles = {
+ user.databases = [
+ {
+ settings = {
+ "org/gnome/desktop/peripherals/touchpad" = {
+ disable-while-typing = false;
+ edge-scrolling-enabled = false;
+ natural-scroll = true;
+ tap-to-click = true;
+ two-finger-scrolling-enabled = true;
+ };
+ "org/gnome/settings-daemon/plugins/media-keys" = {
+ custom-keybindings = [
+ "/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/terminal/"
+ ];
+ };
+ "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/terminal" = {
+ name = "Terminal";
+ binding = "<Primary><Alt>t";
+ command = "gnome-terminal";
+ };
+ };
+ }
+ ];
+ gdm.databases = [
+ {
+ settings = {
+ "org/gnome/desktop/peripherals/touchpad" = {
+ disable-while-typing = false;
+ edge-scrolling-enabled = false;
+ natural-scroll = true;
+ tap-to-click = true;
+ two-finger-scrolling-enabled = true;
+ };
+ };
+ }
+ ];
+ };
+}
diff --git a/configuration/desktop/power.nix b/configuration/desktop/power.nix
index 87c060a..aca3231 100644
--- a/configuration/desktop/power.nix
+++ b/configuration/desktop/power.nix
@@ -8,4 +8,29 @@
systemd.sleep.extraConfig = ''
HibernateDelaySec=30m
'';
+
+ programs.dconf.profiles = {
+ user.databases = [
+ {
+ settings = {
+ "org/gnome/settings-daemon/plugins/power" = {
+ power-button-action = "hibernate";
+ power-saver-profile-on-low-battery = false;
+ sleep-inactive-ac-type = "nothing";
+ };
+ };
+ }
+ ];
+ gdm.databases = [
+ {
+ settings = {
+ "org/gnome/settings-daemon/plugins/power" = {
+ power-button-action = "hibernate";
+ power-saver-profile-on-low-battery = false;
+ sleep-inactive-ac-type = "nothing";
+ };
+ };
+ }
+ ];
+ };
}
diff --git a/flake.lock b/flake.lock
index 7812d95..e8da552 100644
--- a/flake.lock
+++ b/flake.lock
@@ -252,11 +252,11 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1709237383,
- "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
+ "lastModified": 1710451336,
+ "narHash": "sha256-pP86Pcfu3BrAvRO7R64x7hs+GaQrjFes+mEPowCfkxY=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
+ "rev": "d691274a972b3165335d261cc4671335f5c67de9",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index 3b87f80..b1dd8e2 100644
--- a/flake.nix
+++ b/flake.nix
@@ -112,9 +112,9 @@
};
in {
inherit (pkgs)
- anycast_healthchecker
- flask-excel
+ chromium-incognito
iot-data
+ nix-remove-result-links
nixfiles-add-secret
nixfiles-auto-install
nixfiles-generate-backup-secrets
@@ -122,11 +122,8 @@
nixfiles-system-upgrade
nixfiles-updated-inputs
nixfiles-update-ssh-host-keys
- pyexcel-xlsx
- pyexcel-webio
update-from-hydra
- uptimestatus
- wetter;
+ uptimestatus;
});
hydraJobs = {
diff --git a/hosts/dn42-il-gw1/configuration.nix b/hosts/dn42-il-gw1/configuration.nix
index b984017..8ade80b 100644
--- a/hosts/dn42-il-gw1/configuration.nix
+++ b/hosts/dn42-il-gw1/configuration.nix
@@ -329,7 +329,7 @@
}
'';
- clerie.nixfiles.system-auto-upgrade = {
+ clerie.system-auto-upgrade = {
allowReboot = true;
autoUpgrade = true;
};
diff --git a/hosts/dn42-il-gw5/configuration.nix b/hosts/dn42-il-gw5/configuration.nix
index ac7a0d9..1512f88 100644
--- a/hosts/dn42-il-gw5/configuration.nix
+++ b/hosts/dn42-il-gw5/configuration.nix
@@ -183,7 +183,7 @@
}
'';
- clerie.nixfiles.system-auto-upgrade = {
+ clerie.system-auto-upgrade = {
allowReboot = true;
autoUpgrade = true;
startAt = "*-*-* 06:22:00";
diff --git a/hosts/dn42-il-gw6/configuration.nix b/hosts/dn42-il-gw6/configuration.nix
index ffefe9b..274f33a 100644
--- a/hosts/dn42-il-gw6/configuration.nix
+++ b/hosts/dn42-il-gw6/configuration.nix
@@ -183,7 +183,7 @@
}
'';
- clerie.nixfiles.system-auto-upgrade = {
+ clerie.system-auto-upgrade = {
allowReboot = true;
autoUpgrade = true;
startAt = "*-*-* 07:22:00";
diff --git a/hosts/krypton/programs.nix b/hosts/krypton/programs.nix
index 44b7585..2284729 100644
--- a/hosts/krypton/programs.nix
+++ b/hosts/krypton/programs.nix
@@ -25,6 +25,7 @@
nmap
okular
+ chromium-incognito
];
# Wireshark
diff --git a/hosts/minecraft-2/configuration.nix b/hosts/minecraft-2/configuration.nix
index 3a893b0..611dc19 100644
--- a/hosts/minecraft-2/configuration.nix
+++ b/hosts/minecraft-2/configuration.nix
@@ -62,7 +62,7 @@ in {
};
};
- clerie.nixfiles.system-auto-upgrade = {
+ clerie.system-auto-upgrade = {
allowReboot = true;
autoUpgrade = true;
};
diff --git a/hosts/nonat/configuration.nix b/hosts/nonat/configuration.nix
index d1af256..8e048bc 100644
--- a/hosts/nonat/configuration.nix
+++ b/hosts/nonat/configuration.nix
@@ -39,7 +39,7 @@
networking.firewall.allowedUDPPorts = [];
- clerie.nixfiles.system-auto-upgrade = {
+ clerie.system-auto-upgrade = {
allowReboot = true;
autoUpgrade = true;
};
diff --git a/hosts/storage-2/configuration.nix b/hosts/storage-2/configuration.nix
index 4aaea5a..7631145 100644
--- a/hosts/storage-2/configuration.nix
+++ b/hosts/storage-2/configuration.nix
@@ -5,8 +5,10 @@
[
./hardware-configuration.nix
../../configuration/proxmox-vm
+ ./firmware.nix
./mixcloud.nix
./syncthing.nix
+ ./users.nix
];
boot.loader.grub.enable = true;
@@ -26,7 +28,7 @@
networking.firewall.allowedTCPPorts = [ 80 443 ];
- clerie.nixfiles.system-auto-upgrade = {
+ clerie.system-auto-upgrade = {
allowReboot = true;
autoUpgrade = true;
};
diff --git a/hosts/storage-2/firmware.nix b/hosts/storage-2/firmware.nix
new file mode 100644
index 0000000..4ba6b5d
--- /dev/null
+++ b/hosts/storage-2/firmware.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+ age.secrets.firmware-htpasswd = {
+ owner = "nginx";
+ group = "nginx";
+ };
+
+ services.nginx.virtualHosts = {
+ "firmware.clerie.de" = {
+ enableACME = true;
+ forceSSL = true;
+ locations."/" = {
+ alias = "/data/firmware/";
+ basicAuthFile = config.age.secrets.firmware-htpasswd.path;
+ extraConfig = ''
+ autoindex on;
+ autoindex_exact_size off;
+ '';
+ };
+ };
+ };
+
+ users.users.data-firmware = {
+ group = "data-firmware";
+ home = "/data/firmware";
+ useDefaultShell = true;
+ isSystemUser = true;
+ };
+ users.groups.data-firmware = {};
+
+ systemd.tmpfiles.rules = [
+ "d /data/firmware - data-firmware data-firmware - -"
+ ];
+}
diff --git a/hosts/storage-2/secrets/firmware-htpasswd.age b/hosts/storage-2/secrets/firmware-htpasswd.age
new file mode 100644
index 0000000..efcf094
--- /dev/null
+++ b/hosts/storage-2/secrets/firmware-htpasswd.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 HwR33w AtsznTAUQumy3G6fSBwIiezL2Zdzl33t9TU3hDotcRs
+eG+bBDB+MOQk7cHx+3Ha/n83t2QEbZunRYi0idRF9RQ
+-> ssh-ed25519 pI7EWw egjmvw3f6zrl0XmxI7xWhKsPl8PXTkZDSY84VbtJTG4
+MFsjDhp5UrprE3w7q9W3ZmGlkNnOFbsJNVjfeO11trw
+-> 0=-grease Fi`a + >zPFov* a
+nx2zvPHhzkSNi/8oxnL07qefB248BCwJMjpVTc8i5j5aedELas87iI/WppKoa/tq
+/jYLHztLjqKy412YvA0xuzR6yZ7G
+--- 7M+CSupk4WV36DU/c8ZtODB6N8kuhttk4aLMULp8/Zc
+��!U����թ�ұm��L���s��aY�h?�Uaq�a�}��� ���������l@��Eqǘ����w�䍯���*�.��L����ѓJeFy@= J�����
\ No newline at end of file
diff --git a/hosts/storage-2/users.nix b/hosts/storage-2/users.nix
new file mode 100644
index 0000000..984ce62
--- /dev/null
+++ b/hosts/storage-2/users.nix
@@ -0,0 +1,5 @@
+{ ... }:
+
+{
+ users.users.clerie.extraGroups = [ "data-firmware" ];
+}
diff --git a/hosts/web-2/wetter.nix b/hosts/web-2/wetter.nix
index bbbb582..c4cac3d 100644
--- a/hosts/web-2/wetter.nix
+++ b/hosts/web-2/wetter.nix
@@ -1,90 +1,11 @@
{ pkgs, ... }:
-let
- configFile = pkgs.writeText "wetter.cfg" ''
- SQLALCHEMY_DATABASE_URI="postgresql://wetter_web@/wetter?host=/run/postgresql"
- '';
-
-in {
- users.users.wetter = {
- description = "Wetter Service";
- group = "wetter";
- home = "/var/lib/wetter/";
- useDefaultShell = true;
- isSystemUser = true;
- };
- users.groups.wetter = {};
-
- users.users.wetter_web = {
- description = "Wetter Web Service";
- group = "wetter_web";
- home = "/var/lib/wetter/";
- useDefaultShell = true;
- isSystemUser = true;
- };
- users.groups.wetter_web = {};
-
- users.users.wetter_scraper = {
- description = "Wetter Scraper";
- group = "wetter_scraper";
- home = "/var/lib/wetter/";
- useDefaultShell = true;
- isSystemUser = true;
- openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC4kCYnm6mnPI3nPF5YmYCxeVqL4i02dSIJ9kngxu9rS dwd-scraper"
- ];
- };
- users.groups.wetter_scraper = {};
-
- services.postgresql = {
- ensureDatabases = [ "wetter" ];
- ensureUsers = [
- {
- name = "wetter";
- ensurePermissions = {
- "DATABASE wetter" = "ALL PRIVILEGES";
- };
- }
- {
- name = "wetter_scraper";
- ensurePermissions = {
- "DATABASE wetter" = "CONNECT";
- "SCHEMA public" = "USAGE";
- "ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
- };
- }
- {
- name = "wetter_web";
- ensurePermissions = {
- "DATABASE wetter" = "CONNECT";
- "SCHEMA public" = "USAGE";
- "ALL TABLES IN SCHEMA public" = "SELECT";
- };
- }
- ];
- };
-
-# systemd.services.wetter = {
-# wantedBy = [ "multi-user.target" ];
-# serviceConfig = {
-# RuntimeDirectory = "wetter";
-# StateDirectory = "wetter";
-# User = "wetter_web";
-# Group = "wetter_web";
-# };
-# environment = {
-# WETTER_SETTINGS = "${configFile}";
-# };
-# script = "gunicorn -w 4 -b [::1]:8234 wetter:app";
-# path = with pkgs; [ (python3.withPackages (ps: [ ps.gunicorn wetter ])) ];
-# };
-
+{
services.nginx.virtualHosts = {
"wetter.clerie.de" = {
enableACME = true;
forceSSL = true;
locations."/" = {
- #proxyPass = "http://[::1]:8234";
return = ''200 "wetter.clerie.de is currently offline, find source code on https://git.clerie.de/clerie/wetter\n"'';
extraConfig = ''
types { } default_type "text/plain; charset=utf-8";
diff --git a/modules/anycast_healthchecker/default.nix b/modules/anycast_healthchecker/default.nix
deleted file mode 100644
index 2683a09..0000000
--- a/modules/anycast_healthchecker/default.nix
+++ /dev/null
@@ -1,122 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-with lib;
-
-let
- cfg = config.clerie.anycast_healthchecker;
- configFile = pkgs.writeText "anycast-healthchecker.conf" ''
- [DEFAULT]
- interface = lo
-
- [daemon]
- pidfile = /run/anycast-healthchecker/anycast-healthchecker.pid
- ipv4 = true
- ipv6 = true
- bird_conf = /var/lib/anycast-healthchecker/anycast-prefixes.conf
- bird6_conf = /var/lib/anycast-healthchecker/anycast-prefixes6.conf
- bird_variable = ACAST_PS_ADVERTISE
- bird6_variable = ACAST6_PS_ADVERTISE
- bird_reconfigure_cmd = birdc configure
- bird6_reconfigure_cmd = birdc configure
- dummy_ip_prefix = 10.189.200.255/32
- dummy_ip6_prefix = 2001:db8::1/128
- bird_keep_changes = false
- bird6_keep_changes = false
- bird_changes_counter = 128
- bird6_changes_counter = 128
- purge_ip_prefixes = false
- loglevel = debug
- log_maxbytes = 104857600
- log_backups = 8
- json_stdout = false
- json_log_file = false
- json_log_server = false
- '';
-
- checksDir = pkgs.writeTextDir "checks.conf" (
- concatStringsSep "\n" (
- mapAttrsToList (
- name: check: ''
- [${name}]
- ip_prefix = ${check.ip_prefix}
- check_cmd = ${check.cmd}
- '' + (
- concatStringsSep "\n" (
- optional (check.timeout != null) "check_timeout = ${toString check.timeout}"
- ++ optional (check.rise != null) "check_rise = ${toString check.rise}"
- ++ optional (check.fail != null) "check_fail = ${toString check.fail}"
- ++ optional (check.interval != null) "check_interval = ${toString check.interval}"
- )
- )
- ) cfg.checks
- )
- );
-
- checkOpts = { config, ... }@moduleAttrs: {
-
- options = {
-
- enable = mkOption {
- type = types.bool;
- default = true;
- };
- timeout = mkOption {
- type = with types; nullOr int;
- default = null;
- };
- rise = mkOption {
- type = with types; nullOr int;
- default = null;
- };
- fail = mkOption {
- type = with types; nullOr int;
- default = null;
- };
- interval = mkOption {
- type = with types; nullOr int;
- default = null;
- };
- ip_prefix = mkOption {
- type = types.str;
- };
- cmd = mkOption {
- type = types.str;
- default = "${pkgs.curl}/bin/curl --fail --silent http://${moduleAttrs.config.ip_prefix}";
- };
- };
-
- };
-
-in {
-
- options = {
-
- clerie.anycast_healthchecker = {
-
- enable = mkEnableOption "anycast healthchecker";
-
- checks = mkOption {
- type = with types; attrsOf (submodule checkOpts);
- };
-
- };
-
- };
-
-
- config = mkIf cfg.enable {
-
- systemd.services.anycast_healthchecker = {
- wantedBy = [ "multi-user.target" ];
- serviceConfig = {
- RuntimeDirectory = "anycast-healthchecker";
- StateDirectory = "anycast-healthchecker";
- User = "bird2";
- Group = "bird2";
- ExecStart = "${pkgs.anycast_healthchecker}/bin/anycast-healthchecker -f ${configFile} -d ${checksDir}";
- };
- path = with pkgs; [ bird2 ];
- };
-
- };
-}
diff --git a/modules/nixfiles/nixfiles-system-upgrade.nix b/modules/clerie-system-upgrade/default.nix
similarity index 83%
rename from modules/nixfiles/nixfiles-system-upgrade.nix
rename to modules/clerie-system-upgrade/default.nix
index 43e0612..6c3a212 100644
--- a/modules/nixfiles/nixfiles-system-upgrade.nix
+++ b/modules/clerie-system-upgrade/default.nix
@@ -3,13 +3,13 @@
with lib;
let
- cfg = config.clerie.nixfiles.system-auto-upgrade;
+ cfg = config.clerie.system-auto-upgrade;
in
{
options = {
- clerie.nixfiles.system-auto-upgrade = {
- enable = mkEnableOption "clerie nixfiles tools";
+ clerie.system-auto-upgrade = {
+ enable = mkEnableOption "clerie system upgrade";
allowReboot = mkOption {
type = types.bool;
default = false;
@@ -28,7 +28,7 @@ in
};
};
config = mkIf cfg.enable {
- systemd.services.nixfiles-system-auto-upgrade = {
+ systemd.services.clerie-system-auto-upgrade = {
# Make sure this unit does not stop themself while upgrading
restartIfChanged = false;
unitConfig.X-StopOnRemoval = false;
@@ -38,7 +38,7 @@ in
ExecStart = pkgs.nixfiles-system-upgrade + "/bin/nixfiles-system-upgrade --no-confirm${optionalString cfg.allowReboot " --allow-reboot"}${optionalString (config.clerie.monitoring.enable) " --node-exporter-metrics-path /var/lib/prometheus-node-exporter/textfiles/nixfiles-system-upgrade.prom"}";
};
};
- systemd.timers.nixfiles-system-auto-upgrade = mkIf cfg.autoUpgrade {
+ systemd.timers.clerie-system-auto-upgrade = mkIf cfg.autoUpgrade {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = if cfg.startAt == null then "*-*-* 05:37:00" else cfg.startAt;
diff --git a/modules/default.nix b/modules/default.nix
index 08b5ed4..09a16f8 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -4,16 +4,14 @@
imports = [
./policyrouting
./akne
- ./anycast_healthchecker
./backup
./clerie-firewall
./clerie-gc-dir
- ./gre-tunnel
+ ./clerie-system-upgrade
./minecraft-server
./monitoring
./nginx-port-forward
./nixfiles
- ./nixfiles/nixfiles-system-upgrade.nix
./update-from-hydra
./wg-clerie
./wireguard-initrd
diff --git a/modules/gre-tunnel/default.nix b/modules/gre-tunnel/default.nix
deleted file mode 100644
index 8e6bc90..0000000
--- a/modules/gre-tunnel/default.nix
+++ /dev/null
@@ -1,89 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
- cfg = config.clerie.gre-tunnel;
-
- generateInterfaceUnit = isIPv6: (name: tunnel:
- nameValuePair "gre-tunnel-${name}" {
- description = "GRE Tunnel - ${name}";
- requires = [ "network-online.target" ];
- after = [ "network.target" "network-online.target" ];
- wantedBy = [ "multi-user.target" ];
- environment.DEVICE = name;
- path = with pkgs; [ iproute ];
-
- serviceConfig = {
- Type = "oneshot";
- RemainAfterExit = true;
- };
-
- script = ''
- ${tunnel.preSetup}
- ip${optionalString isIPv6 " -6"} tunnel add ${name} mode ${optionalString isIPv6 "ip6"}gre remote ${tunnel.remote} local ${tunnel.local}
- ip link set ${name} up
- ip${optionalString isIPv6 " -6"} a add ${tunnel.address} dev ${name}
- ${tunnel.postSetup}
- '';
-
- postStop = ''
- ip link set ${name} down
- ip tunnel del ${name}
- ${tunnel.postShutdown}
- '';
- });
-
- checkOpts = { config, ... }@moduleAttrs: {
- options = {
- remote = mkOption {
- type = types.str;
- description = "Address of reciever.";
- };
- local = mkOption {
- type = types.str;
- description = "Address our packets originate from.";
- };
- address = mkOption {
- type = types.str;
- description = "Our address in this tunnel.";
- };
- preSetup = mkOption {
- type = types.str;
- default = "";
- description = "Commands called at the start of the interface setup.";
- };
- postSetup = mkOption {
- type = types.str;
- default = "";
- description = "Commands called at the end of the interface setup.";
- };
- postShutdown = mkOption {
- type = types.str;
- default = "";
- description = "Commands called after shutting down the interface.";
- };
- };
- };
-
-in {
- options = {
- clerie.gre-tunnel = {
- enable = mkEnableOption "Declarative Policy-Routing";
- ipv6 = mkOption {
- type = with types; attrsOf (submodule checkOpts);
- default = {};
- };
- ipv4 = mkOption {
- type = with types; attrsOf (submodule checkOpts);
- default = {};
- };
- };
- };
-
- config = mkIf cfg.enable {
- systemd.services =
- (mapAttrs' (generateInterfaceUnit false) cfg.ipv4)
- // (mapAttrs' (generateInterfaceUnit true) cfg.ipv6);
- };
-}
diff --git a/pkgs/anycast_healthchecker/default.nix b/pkgs/anycast_healthchecker/default.nix
deleted file mode 100644
index a0d682b..0000000
--- a/pkgs/anycast_healthchecker/default.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ buildPythonPackage, fetchPypi, pbr, docopt, python-json-logger }:
-
-buildPythonPackage rec {
- pname = "anycast-healthchecker";
- version = "0.9.1";
-
- src = fetchPypi {
- inherit pname version;
- sha256 = "1d555aa420113c9119f9f548eac35cb4789018b8866535a91f05086727146ea4";
- };
-
- buildInputs = [
- pbr
- ];
- propagatedBuildInputs = [
- docopt python-json-logger
- ];
-}
diff --git a/pkgs/chromium-incognito/default.nix b/pkgs/chromium-incognito/default.nix
new file mode 100644
index 0000000..fccb617
--- /dev/null
+++ b/pkgs/chromium-incognito/default.nix
@@ -0,0 +1,36 @@
+{ pkgs, ... }:
+
+let
+ chromium-incognito-wrapper = pkgs.writeShellScriptBin "chromium" ''
+ ${pkgs.ungoogled-chromium}/bin/chromium --incognito "$@"
+ '';
+
+in pkgs.stdenv.mkDerivation {
+ pname = "chromium-incognito";
+ version = "0.1.0";
+ src = pkgs.writeTextDir "chromium-incognito.desktop" ''
+ [Desktop Entry]
+ Version=1.0
+ Name=Chromium Incognito
+ Exec=${chromium-incognito-wrapper}/bin/chromium %U
+ StartupNotify=true
+ Terminal=false
+ Icon=chromium
+ Type=Application
+ Categories=Network;WebBrowser;
+ MimeType=application/pdf;application/rdf+xml;application/rss+xml;application/xhtml+xml;application/xhtml_xml;application/xml;image/gif;image/jpeg;image/png;image/webp;text/html;text/xml;x-scheme-handler/http;x-scheme-handler/https;
+ Actions=new-window;
+
+ [Desktop Action new-window]
+ Name=New Incognito Window
+ Exec=${chromium-incognito-wrapper}/bin/chromium
+ '';
+ buildPhase = ''
+ mkdir -p $out/bin
+ ln -s ${chromium-incognito-wrapper}/bin/chromium $out/bin
+ install -D chromium-incognito.desktop $out/share/applications/chromium-incognito.desktop
+ ln -s ${pkgs.ungoogled-chromium}/share/icons $out/share
+ '';
+
+ meta.mainProgram = "chromium";
+}
diff --git a/pkgs/flask-excel/default.nix b/pkgs/flask-excel/default.nix
deleted file mode 100644
index c2b47e6..0000000
--- a/pkgs/flask-excel/default.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ buildPythonPackage, fetchPypi, pyexcel-webio, flask }:
-
-buildPythonPackage rec {
- pname = "Flask-Excel";
- version = "0.0.7";
-
- src = fetchPypi {
- inherit pname version;
- sha256 = "b82ddfe6319ecf2f796ada9966737ac8eaf9a99d6bce773f8acdc08acd7e9fae";
- };
-
- propagatedBuildInputs = [
- pyexcel-webio flask
- ];
-
- doCheck = false;
-}
diff --git a/pkgs/nix-remove-result-links/default.nix b/pkgs/nix-remove-result-links/default.nix
new file mode 100644
index 0000000..9fd9c30
--- /dev/null
+++ b/pkgs/nix-remove-result-links/default.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+
+pkgs.writeShellApplication {
+ name = "nix-remove-result-links";
+ text = ''
+ #!/usr/bin/env bash
+ find "''${1:-.}" -depth -type l -name "result*" -lname "/nix/store/*" -print -delete
+ '';
+}
diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix
index 52b4146..530c957 100644
--- a/pkgs/overlay.nix
+++ b/pkgs/overlay.nix
@@ -1,7 +1,7 @@
final: prev: {
- anycast_healthchecker = final.python3.pkgs.callPackage ./anycast_healthchecker {};
- flask-excel = final.python3.pkgs.callPackage ./flask-excel {};
+ chromium-incognito = final.callPackage ./chromium-incognito {};
iot-data = final.python3.pkgs.callPackage ./iot-data {};
+ nix-remove-result-links = final.callPackage ./nix-remove-result-links {};
nixfiles-add-secret = final.callPackage ./nixfiles/nixfiles-add-secret.nix {};
nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
@@ -9,11 +9,6 @@ final: prev: {
nixfiles-system-upgrade = final.callPackage ./nixfiles/nixfiles-system-upgrade.nix {};
nixfiles-updated-inputs = final.callPackage ./nixfiles/nixfiles-updated-inputs.nix {};
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
- pyexcel-xlsx = final.python3.pkgs.callPackage ./pyexcel-xlsx {};
- pyexcel-webio = final.python3.pkgs.callPackage ./pyexcel-webio {};
update-from-hydra = final.callPackage ./update-from-hydra {};
uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
- wetter = final.python3.pkgs.callPackage ./wetter {
- inherit (final) pkg-config libsass;
- };
}
diff --git a/pkgs/pyexcel-webio/default.nix b/pkgs/pyexcel-webio/default.nix
deleted file mode 100644
index aab2240..0000000
--- a/pkgs/pyexcel-webio/default.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ buildPythonPackage, fetchPypi, pyexcel }:
-
-buildPythonPackage rec {
- pname = "pyexcel-webio";
- version = "0.1.4";
-
- src = fetchPypi {
- inherit pname version;
- sha256 = "039538f1b35351f1632891dde29ef4d7fba744e217678ebb5a501336e28ca265";
- };
-
- propagatedBuildInputs = [
- pyexcel
- ];
-
- doCheck = false;
-}
diff --git a/pkgs/pyexcel-xlsx/default.nix b/pkgs/pyexcel-xlsx/default.nix
deleted file mode 100644
index 91ad307..0000000
--- a/pkgs/pyexcel-xlsx/default.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ buildPythonPackage, fetchPypi, openpyxl, pyexcel-io }:
-
-buildPythonPackage rec {
- pname = "pyexcel-xlsx";
- version = "0.6.0";
-
- src = fetchPypi {
- inherit pname version;
- sha256 = "55754f764252461aca6871db203f4bd1370ec877828e305e6be1de5f9aa6a79d";
- };
-
- propagatedBuildInputs = [
- openpyxl pyexcel-io
- ];
-
- doCheck = false;
-}
diff --git a/pkgs/wetter/default.nix b/pkgs/wetter/default.nix
deleted file mode 100644
index 658be06..0000000
--- a/pkgs/wetter/default.nix
+++ /dev/null
@@ -1,83 +0,0 @@
-{
- pkgs,
- buildPythonPackage,
- flask,
- flask_sqlalchemy,
- lib,
- libsass,
- yarn2nix-moretea,
- nodejs,
- pkg-config,
- psycopg2,
- python3,
- stdenv,
- flask-excel,
- pyexcel-xlsx,
-}:
-
-let
- src = pkgs.fetchgit {
- url = "https://git.clerie.de/clerie/wetter.git";
- rev = "3193c6d507af5d6f5d62c23046b7fbf0c638ddb4";
- sha256 = "sha256-ouUmmw020jKg/SRlYhGBFRw/atxW+atQ1JSTFQNi5iw=";
- };
- pname = "wetter";
- version = "0.0.1";
-
- packageJSON = src + "/package.json";
- yarnLock = src + "/yarn.lock";
-
- modules = yarn2nix-moretea.mkYarnModules {
- pname = "${pname}-modules";
- name = "${pname}-modules-${version}";
- inherit version packageJSON yarnLock;
-
- /* build native node-sass extensions */
- pkgConfig.node-sass = {
- buildInputs = [ python3 libsass pkg-config ];
- postInstall = ''
- export npm_config_nodedir=${nodejs}
- LIBSASS_EXT=auto yarn --offline run build
- rm build/config.gypi
- '';
- };
- };
-
- assets = stdenv.mkDerivation {
- inherit src pname version;
-
- NODE_ENV = "production";
-
- buildPhase = ''
- runHook preBuild
- ln -s ${modules}/node_modules
- node_modules/.bin/rollup -c
- runHook postBuild
- '';
-
- installPhase = ''
- runHook preInstall
- cp -r wetter/static/bundle $out
- runHook postInstall
- '';
- };
-
-in buildPythonPackage rec {
- inherit src pname version;
-
- propagatedBuildInputs = [
- flask
- flask_sqlalchemy
- psycopg2
- flask-excel
- pyexcel-xlsx
- ];
-
- postInstall = ''
- mkdir -p $out/${python3.sitePackages}/wetter/static
- cp -r ${assets} $out/${python3.sitePackages}/wetter/static/bundle
- cp -r wetter/templates $out/${python3.sitePackages}/wetter/templates
- '';
-
- doCheck = false;
-}