Compare commits
17 Commits
9aff1c7e6d
...
2bac86be95
Author | SHA1 | Date | |
---|---|---|---|
|
2bac86be95 | ||
|
987a65fe2b | ||
343ce80661 | |||
7b67445838 | |||
5b8b8f8cab | |||
a15527caf8 | |||
f011e3fc9e | |||
b98fb3b061 | |||
8e9c9f87be | |||
f34337159d | |||
52582895cf | |||
1faa4386b1 | |||
59f83dd5af | |||
03b75a9b8a | |||
c472f5086c | |||
521ffac88c | |||
07609fb02d |
@ -4,7 +4,7 @@
|
||||
|
||||
clerie.nixfiles.enable = true;
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade.enable = true;
|
||||
clerie.system-auto-upgrade.enable = true;
|
||||
|
||||
nix.settings = {
|
||||
trusted-users = [ "@wheel" "@guests" ];
|
||||
@ -51,8 +51,21 @@
|
||||
};
|
||||
exact = true;
|
||||
};
|
||||
"templates" = {
|
||||
from = {
|
||||
type = "indirect";
|
||||
id = "templates";
|
||||
};
|
||||
to = {
|
||||
type = "git";
|
||||
url = "https://git.clerie.de/clerie/flake-templates.git";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
documentation.doc.enable = false;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
nix-remove-result-links
|
||||
];
|
||||
}
|
||||
|
@ -5,6 +5,7 @@
|
||||
./audio.nix
|
||||
./fonts.nix
|
||||
./gnome.nix
|
||||
./inputs.nix
|
||||
./networking.nix
|
||||
./power.nix
|
||||
./printing.nix
|
||||
|
@ -32,4 +32,27 @@
|
||||
];
|
||||
|
||||
services.gnome.evolution-data-server.enable = true;
|
||||
|
||||
programs.dconf.profiles = {
|
||||
user.databases = [
|
||||
{
|
||||
settings = {
|
||||
"org/gnome/desktop/calendar" = {
|
||||
show-weekdate = true;
|
||||
};
|
||||
"org/gnome/desktop/interface" = {
|
||||
enable-hot-corners = false;
|
||||
show-battery-percentage = true;
|
||||
};
|
||||
"org/gnome/desktop/notifications" = {
|
||||
show-in-lock-screen = false;
|
||||
};
|
||||
"org/gnome/gnome-system-monitor" = {
|
||||
network-in-bits = true;
|
||||
network-total-in-bits = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
42
configuration/desktop/inputs.nix
Normal file
42
configuration/desktop/inputs.nix
Normal file
@ -0,0 +1,42 @@
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
programs.dconf.profiles = {
|
||||
user.databases = [
|
||||
{
|
||||
settings = {
|
||||
"org/gnome/desktop/peripherals/touchpad" = {
|
||||
disable-while-typing = false;
|
||||
edge-scrolling-enabled = false;
|
||||
natural-scroll = true;
|
||||
tap-to-click = true;
|
||||
two-finger-scrolling-enabled = true;
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys" = {
|
||||
custom-keybindings = [
|
||||
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/terminal/"
|
||||
];
|
||||
};
|
||||
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/terminal" = {
|
||||
name = "Terminal";
|
||||
binding = "<Primary><Alt>t";
|
||||
command = "gnome-terminal";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
gdm.databases = [
|
||||
{
|
||||
settings = {
|
||||
"org/gnome/desktop/peripherals/touchpad" = {
|
||||
disable-while-typing = false;
|
||||
edge-scrolling-enabled = false;
|
||||
natural-scroll = true;
|
||||
tap-to-click = true;
|
||||
two-finger-scrolling-enabled = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
@ -8,4 +8,29 @@
|
||||
systemd.sleep.extraConfig = ''
|
||||
HibernateDelaySec=30m
|
||||
'';
|
||||
|
||||
programs.dconf.profiles = {
|
||||
user.databases = [
|
||||
{
|
||||
settings = {
|
||||
"org/gnome/settings-daemon/plugins/power" = {
|
||||
power-button-action = "hibernate";
|
||||
power-saver-profile-on-low-battery = false;
|
||||
sleep-inactive-ac-type = "nothing";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
gdm.databases = [
|
||||
{
|
||||
settings = {
|
||||
"org/gnome/settings-daemon/plugins/power" = {
|
||||
power-button-action = "hibernate";
|
||||
power-saver-profile-on-low-battery = false;
|
||||
sleep-inactive-ac-type = "nothing";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -252,11 +252,11 @@
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1709237383,
|
||||
"narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
|
||||
"lastModified": 1710451336,
|
||||
"narHash": "sha256-pP86Pcfu3BrAvRO7R64x7hs+GaQrjFes+mEPowCfkxY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
|
||||
"rev": "d691274a972b3165335d261cc4671335f5c67de9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -112,9 +112,9 @@
|
||||
};
|
||||
in {
|
||||
inherit (pkgs)
|
||||
anycast_healthchecker
|
||||
flask-excel
|
||||
chromium-incognito
|
||||
iot-data
|
||||
nix-remove-result-links
|
||||
nixfiles-add-secret
|
||||
nixfiles-auto-install
|
||||
nixfiles-generate-backup-secrets
|
||||
@ -122,11 +122,8 @@
|
||||
nixfiles-system-upgrade
|
||||
nixfiles-updated-inputs
|
||||
nixfiles-update-ssh-host-keys
|
||||
pyexcel-xlsx
|
||||
pyexcel-webio
|
||||
update-from-hydra
|
||||
uptimestatus
|
||||
wetter;
|
||||
uptimestatus;
|
||||
});
|
||||
|
||||
hydraJobs = {
|
||||
|
@ -329,7 +329,7 @@
|
||||
}
|
||||
'';
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
clerie.system-auto-upgrade = {
|
||||
allowReboot = true;
|
||||
autoUpgrade = true;
|
||||
};
|
||||
|
@ -183,7 +183,7 @@
|
||||
}
|
||||
'';
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
clerie.system-auto-upgrade = {
|
||||
allowReboot = true;
|
||||
autoUpgrade = true;
|
||||
startAt = "*-*-* 06:22:00";
|
||||
|
@ -183,7 +183,7 @@
|
||||
}
|
||||
'';
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
clerie.system-auto-upgrade = {
|
||||
allowReboot = true;
|
||||
autoUpgrade = true;
|
||||
startAt = "*-*-* 07:22:00";
|
||||
|
@ -25,6 +25,7 @@
|
||||
nmap
|
||||
|
||||
okular
|
||||
chromium-incognito
|
||||
];
|
||||
|
||||
# Wireshark
|
||||
|
@ -62,7 +62,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
clerie.system-auto-upgrade = {
|
||||
allowReboot = true;
|
||||
autoUpgrade = true;
|
||||
};
|
||||
|
@ -39,7 +39,7 @@
|
||||
|
||||
networking.firewall.allowedUDPPorts = [];
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
clerie.system-auto-upgrade = {
|
||||
allowReboot = true;
|
||||
autoUpgrade = true;
|
||||
};
|
||||
|
@ -5,8 +5,10 @@
|
||||
[
|
||||
./hardware-configuration.nix
|
||||
../../configuration/proxmox-vm
|
||||
./firmware.nix
|
||||
./mixcloud.nix
|
||||
./syncthing.nix
|
||||
./users.nix
|
||||
];
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
@ -26,7 +28,7 @@
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
clerie.system-auto-upgrade = {
|
||||
allowReboot = true;
|
||||
autoUpgrade = true;
|
||||
};
|
||||
|
37
hosts/storage-2/firmware.nix
Normal file
37
hosts/storage-2/firmware.nix
Normal file
@ -0,0 +1,37 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
age.secrets.firmware-htpasswd = {
|
||||
owner = "nginx";
|
||||
group = "nginx";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts = {
|
||||
"firmware.clerie.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
alias = "/data/firmware/";
|
||||
basicAuthFile = config.age.secrets.firmware-htpasswd.path;
|
||||
extraConfig = ''
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.data-firmware = {
|
||||
group = "data-firmware";
|
||||
home = "/data/firmware";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.data-firmware = {};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /data/firmware - data-firmware data-firmware - -"
|
||||
];
|
||||
}
|
10
hosts/storage-2/secrets/firmware-htpasswd.age
Normal file
10
hosts/storage-2/secrets/firmware-htpasswd.age
Normal file
@ -0,0 +1,10 @@
|
||||
age-encryption.org/v1
|
||||
-> ssh-ed25519 HwR33w AtsznTAUQumy3G6fSBwIiezL2Zdzl33t9TU3hDotcRs
|
||||
eG+bBDB+MOQk7cHx+3Ha/n83t2QEbZunRYi0idRF9RQ
|
||||
-> ssh-ed25519 pI7EWw egjmvw3f6zrl0XmxI7xWhKsPl8PXTkZDSY84VbtJTG4
|
||||
MFsjDhp5UrprE3w7q9W3ZmGlkNnOFbsJNVjfeO11trw
|
||||
-> 0=-grease Fi`a + >zPFov* a
|
||||
nx2zvPHhzkSNi/8oxnL07qefB248BCwJMjpVTc8i5j5aedELas87iI/WppKoa/tq
|
||||
/jYLHztLjqKy412YvA0xuzR6yZ7G
|
||||
--- 7M+CSupk4WV36DU/c8ZtODB6N8kuhttk4aLMULp8/Zc
|
||||
†!U©ÊÀÍÕ©ÁÒ±m<C2B1>îL¦ˆsøaYh?<3F>Uaq®a¤}¯¦ ˜ÂŽ•Ÿ¾ô®Ål@Eqǘ˜Óà¦w¯ä<C2AF>¯¾þÈ*.¼ýL¯Ñ“JeFy@= J™õ¹÷°
|
5
hosts/storage-2/users.nix
Normal file
5
hosts/storage-2/users.nix
Normal file
@ -0,0 +1,5 @@
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
users.users.clerie.extraGroups = [ "data-firmware" ];
|
||||
}
|
@ -1,90 +1,11 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
configFile = pkgs.writeText "wetter.cfg" ''
|
||||
SQLALCHEMY_DATABASE_URI="postgresql://wetter_web@/wetter?host=/run/postgresql"
|
||||
'';
|
||||
|
||||
in {
|
||||
users.users.wetter = {
|
||||
description = "Wetter Service";
|
||||
group = "wetter";
|
||||
home = "/var/lib/wetter/";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.wetter = {};
|
||||
|
||||
users.users.wetter_web = {
|
||||
description = "Wetter Web Service";
|
||||
group = "wetter_web";
|
||||
home = "/var/lib/wetter/";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.wetter_web = {};
|
||||
|
||||
users.users.wetter_scraper = {
|
||||
description = "Wetter Scraper";
|
||||
group = "wetter_scraper";
|
||||
home = "/var/lib/wetter/";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC4kCYnm6mnPI3nPF5YmYCxeVqL4i02dSIJ9kngxu9rS dwd-scraper"
|
||||
];
|
||||
};
|
||||
users.groups.wetter_scraper = {};
|
||||
|
||||
services.postgresql = {
|
||||
ensureDatabases = [ "wetter" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "wetter";
|
||||
ensurePermissions = {
|
||||
"DATABASE wetter" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "wetter_scraper";
|
||||
ensurePermissions = {
|
||||
"DATABASE wetter" = "CONNECT";
|
||||
"SCHEMA public" = "USAGE";
|
||||
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "wetter_web";
|
||||
ensurePermissions = {
|
||||
"DATABASE wetter" = "CONNECT";
|
||||
"SCHEMA public" = "USAGE";
|
||||
"ALL TABLES IN SCHEMA public" = "SELECT";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# systemd.services.wetter = {
|
||||
# wantedBy = [ "multi-user.target" ];
|
||||
# serviceConfig = {
|
||||
# RuntimeDirectory = "wetter";
|
||||
# StateDirectory = "wetter";
|
||||
# User = "wetter_web";
|
||||
# Group = "wetter_web";
|
||||
# };
|
||||
# environment = {
|
||||
# WETTER_SETTINGS = "${configFile}";
|
||||
# };
|
||||
# script = "gunicorn -w 4 -b [::1]:8234 wetter:app";
|
||||
# path = with pkgs; [ (python3.withPackages (ps: [ ps.gunicorn wetter ])) ];
|
||||
# };
|
||||
|
||||
{
|
||||
services.nginx.virtualHosts = {
|
||||
"wetter.clerie.de" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
#proxyPass = "http://[::1]:8234";
|
||||
return = ''200 "wetter.clerie.de is currently offline, find source code on https://git.clerie.de/clerie/wetter\n"'';
|
||||
extraConfig = ''
|
||||
types { } default_type "text/plain; charset=utf-8";
|
||||
|
@ -1,122 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.clerie.anycast_healthchecker;
|
||||
configFile = pkgs.writeText "anycast-healthchecker.conf" ''
|
||||
[DEFAULT]
|
||||
interface = lo
|
||||
|
||||
[daemon]
|
||||
pidfile = /run/anycast-healthchecker/anycast-healthchecker.pid
|
||||
ipv4 = true
|
||||
ipv6 = true
|
||||
bird_conf = /var/lib/anycast-healthchecker/anycast-prefixes.conf
|
||||
bird6_conf = /var/lib/anycast-healthchecker/anycast-prefixes6.conf
|
||||
bird_variable = ACAST_PS_ADVERTISE
|
||||
bird6_variable = ACAST6_PS_ADVERTISE
|
||||
bird_reconfigure_cmd = birdc configure
|
||||
bird6_reconfigure_cmd = birdc configure
|
||||
dummy_ip_prefix = 10.189.200.255/32
|
||||
dummy_ip6_prefix = 2001:db8::1/128
|
||||
bird_keep_changes = false
|
||||
bird6_keep_changes = false
|
||||
bird_changes_counter = 128
|
||||
bird6_changes_counter = 128
|
||||
purge_ip_prefixes = false
|
||||
loglevel = debug
|
||||
log_maxbytes = 104857600
|
||||
log_backups = 8
|
||||
json_stdout = false
|
||||
json_log_file = false
|
||||
json_log_server = false
|
||||
'';
|
||||
|
||||
checksDir = pkgs.writeTextDir "checks.conf" (
|
||||
concatStringsSep "\n" (
|
||||
mapAttrsToList (
|
||||
name: check: ''
|
||||
[${name}]
|
||||
ip_prefix = ${check.ip_prefix}
|
||||
check_cmd = ${check.cmd}
|
||||
'' + (
|
||||
concatStringsSep "\n" (
|
||||
optional (check.timeout != null) "check_timeout = ${toString check.timeout}"
|
||||
++ optional (check.rise != null) "check_rise = ${toString check.rise}"
|
||||
++ optional (check.fail != null) "check_fail = ${toString check.fail}"
|
||||
++ optional (check.interval != null) "check_interval = ${toString check.interval}"
|
||||
)
|
||||
)
|
||||
) cfg.checks
|
||||
)
|
||||
);
|
||||
|
||||
checkOpts = { config, ... }@moduleAttrs: {
|
||||
|
||||
options = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
};
|
||||
timeout = mkOption {
|
||||
type = with types; nullOr int;
|
||||
default = null;
|
||||
};
|
||||
rise = mkOption {
|
||||
type = with types; nullOr int;
|
||||
default = null;
|
||||
};
|
||||
fail = mkOption {
|
||||
type = with types; nullOr int;
|
||||
default = null;
|
||||
};
|
||||
interval = mkOption {
|
||||
type = with types; nullOr int;
|
||||
default = null;
|
||||
};
|
||||
ip_prefix = mkOption {
|
||||
type = types.str;
|
||||
};
|
||||
cmd = mkOption {
|
||||
type = types.str;
|
||||
default = "${pkgs.curl}/bin/curl --fail --silent http://${moduleAttrs.config.ip_prefix}";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
in {
|
||||
|
||||
options = {
|
||||
|
||||
clerie.anycast_healthchecker = {
|
||||
|
||||
enable = mkEnableOption "anycast healthchecker";
|
||||
|
||||
checks = mkOption {
|
||||
type = with types; attrsOf (submodule checkOpts);
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.services.anycast_healthchecker = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
RuntimeDirectory = "anycast-healthchecker";
|
||||
StateDirectory = "anycast-healthchecker";
|
||||
User = "bird2";
|
||||
Group = "bird2";
|
||||
ExecStart = "${pkgs.anycast_healthchecker}/bin/anycast-healthchecker -f ${configFile} -d ${checksDir}";
|
||||
};
|
||||
path = with pkgs; [ bird2 ];
|
||||
};
|
||||
|
||||
};
|
||||
}
|
@ -3,13 +3,13 @@
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.clerie.nixfiles.system-auto-upgrade;
|
||||
cfg = config.clerie.system-auto-upgrade;
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
clerie.nixfiles.system-auto-upgrade = {
|
||||
enable = mkEnableOption "clerie nixfiles tools";
|
||||
clerie.system-auto-upgrade = {
|
||||
enable = mkEnableOption "clerie system upgrade";
|
||||
allowReboot = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
@ -28,7 +28,7 @@ in
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.nixfiles-system-auto-upgrade = {
|
||||
systemd.services.clerie-system-auto-upgrade = {
|
||||
# Make sure this unit does not stop themself while upgrading
|
||||
restartIfChanged = false;
|
||||
unitConfig.X-StopOnRemoval = false;
|
||||
@ -38,7 +38,7 @@ in
|
||||
ExecStart = pkgs.nixfiles-system-upgrade + "/bin/nixfiles-system-upgrade --no-confirm${optionalString cfg.allowReboot " --allow-reboot"}${optionalString (config.clerie.monitoring.enable) " --node-exporter-metrics-path /var/lib/prometheus-node-exporter/textfiles/nixfiles-system-upgrade.prom"}";
|
||||
};
|
||||
};
|
||||
systemd.timers.nixfiles-system-auto-upgrade = mkIf cfg.autoUpgrade {
|
||||
systemd.timers.clerie-system-auto-upgrade = mkIf cfg.autoUpgrade {
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnCalendar = if cfg.startAt == null then "*-*-* 05:37:00" else cfg.startAt;
|
@ -4,16 +4,14 @@
|
||||
imports = [
|
||||
./policyrouting
|
||||
./akne
|
||||
./anycast_healthchecker
|
||||
./backup
|
||||
./clerie-firewall
|
||||
./clerie-gc-dir
|
||||
./gre-tunnel
|
||||
./clerie-system-upgrade
|
||||
./minecraft-server
|
||||
./monitoring
|
||||
./nginx-port-forward
|
||||
./nixfiles
|
||||
./nixfiles/nixfiles-system-upgrade.nix
|
||||
./update-from-hydra
|
||||
./wg-clerie
|
||||
./wireguard-initrd
|
||||
|
@ -1,89 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.clerie.gre-tunnel;
|
||||
|
||||
generateInterfaceUnit = isIPv6: (name: tunnel:
|
||||
nameValuePair "gre-tunnel-${name}" {
|
||||
description = "GRE Tunnel - ${name}";
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network.target" "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment.DEVICE = name;
|
||||
path = with pkgs; [ iproute ];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
|
||||
script = ''
|
||||
${tunnel.preSetup}
|
||||
ip${optionalString isIPv6 " -6"} tunnel add ${name} mode ${optionalString isIPv6 "ip6"}gre remote ${tunnel.remote} local ${tunnel.local}
|
||||
ip link set ${name} up
|
||||
ip${optionalString isIPv6 " -6"} a add ${tunnel.address} dev ${name}
|
||||
${tunnel.postSetup}
|
||||
'';
|
||||
|
||||
postStop = ''
|
||||
ip link set ${name} down
|
||||
ip tunnel del ${name}
|
||||
${tunnel.postShutdown}
|
||||
'';
|
||||
});
|
||||
|
||||
checkOpts = { config, ... }@moduleAttrs: {
|
||||
options = {
|
||||
remote = mkOption {
|
||||
type = types.str;
|
||||
description = "Address of reciever.";
|
||||
};
|
||||
local = mkOption {
|
||||
type = types.str;
|
||||
description = "Address our packets originate from.";
|
||||
};
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
description = "Our address in this tunnel.";
|
||||
};
|
||||
preSetup = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Commands called at the start of the interface setup.";
|
||||
};
|
||||
postSetup = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Commands called at the end of the interface setup.";
|
||||
};
|
||||
postShutdown = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Commands called after shutting down the interface.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
in {
|
||||
options = {
|
||||
clerie.gre-tunnel = {
|
||||
enable = mkEnableOption "Declarative Policy-Routing";
|
||||
ipv6 = mkOption {
|
||||
type = with types; attrsOf (submodule checkOpts);
|
||||
default = {};
|
||||
};
|
||||
ipv4 = mkOption {
|
||||
type = with types; attrsOf (submodule checkOpts);
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services =
|
||||
(mapAttrs' (generateInterfaceUnit false) cfg.ipv4)
|
||||
// (mapAttrs' (generateInterfaceUnit true) cfg.ipv6);
|
||||
};
|
||||
}
|
@ -1,18 +0,0 @@
|
||||
{ buildPythonPackage, fetchPypi, pbr, docopt, python-json-logger }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "anycast-healthchecker";
|
||||
version = "0.9.1";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1d555aa420113c9119f9f548eac35cb4789018b8866535a91f05086727146ea4";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
pbr
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
docopt python-json-logger
|
||||
];
|
||||
}
|
36
pkgs/chromium-incognito/default.nix
Normal file
36
pkgs/chromium-incognito/default.nix
Normal file
@ -0,0 +1,36 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
chromium-incognito-wrapper = pkgs.writeShellScriptBin "chromium" ''
|
||||
${pkgs.ungoogled-chromium}/bin/chromium --incognito "$@"
|
||||
'';
|
||||
|
||||
in pkgs.stdenv.mkDerivation {
|
||||
pname = "chromium-incognito";
|
||||
version = "0.1.0";
|
||||
src = pkgs.writeTextDir "chromium-incognito.desktop" ''
|
||||
[Desktop Entry]
|
||||
Version=1.0
|
||||
Name=Chromium Incognito
|
||||
Exec=${chromium-incognito-wrapper}/bin/chromium %U
|
||||
StartupNotify=true
|
||||
Terminal=false
|
||||
Icon=chromium
|
||||
Type=Application
|
||||
Categories=Network;WebBrowser;
|
||||
MimeType=application/pdf;application/rdf+xml;application/rss+xml;application/xhtml+xml;application/xhtml_xml;application/xml;image/gif;image/jpeg;image/png;image/webp;text/html;text/xml;x-scheme-handler/http;x-scheme-handler/https;
|
||||
Actions=new-window;
|
||||
|
||||
[Desktop Action new-window]
|
||||
Name=New Incognito Window
|
||||
Exec=${chromium-incognito-wrapper}/bin/chromium
|
||||
'';
|
||||
buildPhase = ''
|
||||
mkdir -p $out/bin
|
||||
ln -s ${chromium-incognito-wrapper}/bin/chromium $out/bin
|
||||
install -D chromium-incognito.desktop $out/share/applications/chromium-incognito.desktop
|
||||
ln -s ${pkgs.ungoogled-chromium}/share/icons $out/share
|
||||
'';
|
||||
|
||||
meta.mainProgram = "chromium";
|
||||
}
|
@ -1,17 +0,0 @@
|
||||
{ buildPythonPackage, fetchPypi, pyexcel-webio, flask }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "Flask-Excel";
|
||||
version = "0.0.7";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "b82ddfe6319ecf2f796ada9966737ac8eaf9a99d6bce773f8acdc08acd7e9fae";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
pyexcel-webio flask
|
||||
];
|
||||
|
||||
doCheck = false;
|
||||
}
|
9
pkgs/nix-remove-result-links/default.nix
Normal file
9
pkgs/nix-remove-result-links/default.nix
Normal file
@ -0,0 +1,9 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
pkgs.writeShellApplication {
|
||||
name = "nix-remove-result-links";
|
||||
text = ''
|
||||
#!/usr/bin/env bash
|
||||
find "''${1:-.}" -depth -type l -name "result*" -lname "/nix/store/*" -print -delete
|
||||
'';
|
||||
}
|
@ -1,7 +1,7 @@
|
||||
final: prev: {
|
||||
anycast_healthchecker = final.python3.pkgs.callPackage ./anycast_healthchecker {};
|
||||
flask-excel = final.python3.pkgs.callPackage ./flask-excel {};
|
||||
chromium-incognito = final.callPackage ./chromium-incognito {};
|
||||
iot-data = final.python3.pkgs.callPackage ./iot-data {};
|
||||
nix-remove-result-links = final.callPackage ./nix-remove-result-links {};
|
||||
nixfiles-add-secret = final.callPackage ./nixfiles/nixfiles-add-secret.nix {};
|
||||
nixfiles-auto-install = final.callPackage ./nixfiles/nixfiles-auto-install.nix {};
|
||||
nixfiles-generate-backup-secrets = final.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
|
||||
@ -9,11 +9,6 @@ final: prev: {
|
||||
nixfiles-system-upgrade = final.callPackage ./nixfiles/nixfiles-system-upgrade.nix {};
|
||||
nixfiles-updated-inputs = final.callPackage ./nixfiles/nixfiles-updated-inputs.nix {};
|
||||
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
||||
pyexcel-xlsx = final.python3.pkgs.callPackage ./pyexcel-xlsx {};
|
||||
pyexcel-webio = final.python3.pkgs.callPackage ./pyexcel-webio {};
|
||||
update-from-hydra = final.callPackage ./update-from-hydra {};
|
||||
uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
|
||||
wetter = final.python3.pkgs.callPackage ./wetter {
|
||||
inherit (final) pkg-config libsass;
|
||||
};
|
||||
}
|
||||
|
@ -1,17 +0,0 @@
|
||||
{ buildPythonPackage, fetchPypi, pyexcel }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pyexcel-webio";
|
||||
version = "0.1.4";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "039538f1b35351f1632891dde29ef4d7fba744e217678ebb5a501336e28ca265";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
pyexcel
|
||||
];
|
||||
|
||||
doCheck = false;
|
||||
}
|
@ -1,17 +0,0 @@
|
||||
{ buildPythonPackage, fetchPypi, openpyxl, pyexcel-io }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pyexcel-xlsx";
|
||||
version = "0.6.0";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "55754f764252461aca6871db203f4bd1370ec877828e305e6be1de5f9aa6a79d";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
openpyxl pyexcel-io
|
||||
];
|
||||
|
||||
doCheck = false;
|
||||
}
|
@ -1,83 +0,0 @@
|
||||
{
|
||||
pkgs,
|
||||
buildPythonPackage,
|
||||
flask,
|
||||
flask_sqlalchemy,
|
||||
lib,
|
||||
libsass,
|
||||
yarn2nix-moretea,
|
||||
nodejs,
|
||||
pkg-config,
|
||||
psycopg2,
|
||||
python3,
|
||||
stdenv,
|
||||
flask-excel,
|
||||
pyexcel-xlsx,
|
||||
}:
|
||||
|
||||
let
|
||||
src = pkgs.fetchgit {
|
||||
url = "https://git.clerie.de/clerie/wetter.git";
|
||||
rev = "3193c6d507af5d6f5d62c23046b7fbf0c638ddb4";
|
||||
sha256 = "sha256-ouUmmw020jKg/SRlYhGBFRw/atxW+atQ1JSTFQNi5iw=";
|
||||
};
|
||||
pname = "wetter";
|
||||
version = "0.0.1";
|
||||
|
||||
packageJSON = src + "/package.json";
|
||||
yarnLock = src + "/yarn.lock";
|
||||
|
||||
modules = yarn2nix-moretea.mkYarnModules {
|
||||
pname = "${pname}-modules";
|
||||
name = "${pname}-modules-${version}";
|
||||
inherit version packageJSON yarnLock;
|
||||
|
||||
/* build native node-sass extensions */
|
||||
pkgConfig.node-sass = {
|
||||
buildInputs = [ python3 libsass pkg-config ];
|
||||
postInstall = ''
|
||||
export npm_config_nodedir=${nodejs}
|
||||
LIBSASS_EXT=auto yarn --offline run build
|
||||
rm build/config.gypi
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
assets = stdenv.mkDerivation {
|
||||
inherit src pname version;
|
||||
|
||||
NODE_ENV = "production";
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
ln -s ${modules}/node_modules
|
||||
node_modules/.bin/rollup -c
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
cp -r wetter/static/bundle $out
|
||||
runHook postInstall
|
||||
'';
|
||||
};
|
||||
|
||||
in buildPythonPackage rec {
|
||||
inherit src pname version;
|
||||
|
||||
propagatedBuildInputs = [
|
||||
flask
|
||||
flask_sqlalchemy
|
||||
psycopg2
|
||||
flask-excel
|
||||
pyexcel-xlsx
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/${python3.sitePackages}/wetter/static
|
||||
cp -r ${assets} $out/${python3.sitePackages}/wetter/static/bundle
|
||||
cp -r wetter/templates $out/${python3.sitePackages}/wetter/templates
|
||||
'';
|
||||
|
||||
doCheck = false;
|
||||
}
|
Loading…
Reference in New Issue
Block a user