Compare commits
1 commit
master
...
d2n-bug-98
Author | SHA1 | Date | |
---|---|---|---|
7bb46b1471 |
141 changed files with 24406 additions and 10769 deletions
|
@ -49,15 +49,10 @@ delta_prompt_init() {
|
|||
hostnamevar='%m'
|
||||
fi
|
||||
|
||||
local dirdisplay="%c"
|
||||
if [[ -n $HOVER_HOME ]]; then
|
||||
dirdisplay="[ %c ]"
|
||||
fi
|
||||
|
||||
if [[ -n $SSH_CONNECTION ]]; then
|
||||
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}$hostnamevar $dirdisplay >%f "
|
||||
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}$hostnamevar %c >%f "
|
||||
else
|
||||
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}$dirdisplay >%f "
|
||||
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}%c >%f "
|
||||
fi
|
||||
|
||||
zstyle ':vcs_info:*' enable git
|
||||
|
|
1168
flake.lock
1168
flake.lock
File diff suppressed because it is too large
Load diff
54
flake.nix
54
flake.nix
|
@ -4,46 +4,43 @@
|
|||
inputs = {
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
|
||||
nix-super.url = "gitlab:max/nix-super?host=git.privatevoid.net";
|
||||
nix-super.url = "git+https://git.privatevoid.net/max/nix-super-fork";
|
||||
nix-super.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
modular-nvim.url = "git+https://git.privatevoid.net/max/modular-neovim-prototype";
|
||||
modular-nvim.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager/master";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||
|
||||
nix-crx.url = "git+https://git.privatevoid.net/max/nix-crx.git";
|
||||
nix-crx.url = "git+https://git.privatevoid.net/max/nix-crx";
|
||||
nix-crx.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
nix-vsx.url = "git+https://git.privatevoid.net/max/nix-vsx";
|
||||
nix-vsx.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
deploy-rs.url = "github:serokell/deploy-rs";
|
||||
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||
deploy-rs.inputs.naersk.follows = "naersk";
|
||||
|
||||
# re-pin naersk to fix deprecation warning in deploy-rs
|
||||
naersk.url = "github:nmattia/naersk/master";
|
||||
naersk.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
agenix.url = "github:ryantm/agenix";
|
||||
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
helix.url = "github:helix-editor/helix";
|
||||
helix.inputs = {
|
||||
nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
helix.url = "git+https://git.privatevoid.net/max/helix";
|
||||
helix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
kernel-clr = { url = "github:clearlinux-pkgs/linux"; flake = false; };
|
||||
|
||||
dream2nix.url = "github:nix-community/dream2nix";
|
||||
dream2nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
nixpak.url = "github:nixpak/nixpak";
|
||||
nixpak.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
nil.url = "github:oxalica/nil";
|
||||
nil.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
hyprspace.url = "github:hyprspace/hyprspace";
|
||||
hyprspace.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
lanzaboote.url = "github:nix-community/lanzaboote";
|
||||
lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
attic.url = "github:zhaofengli/attic";
|
||||
attic.inputs.nixpkgs.follows = "nixpkgs";
|
||||
shinobi = { url = "gitlab:Shinobi-Systems/Shinobi/dashboard-v3"; flake = false; };
|
||||
};
|
||||
outputs = { self, nixpkgs, home-manager, nixos-hardware, ... }@inputs:
|
||||
let
|
||||
|
@ -51,7 +48,6 @@
|
|||
system = "x86_64-linux";
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
config.allowUnfreePredicate = pkg: lib.elem (lib.getName pkg) (import ./packages/unfree.nix);
|
||||
};
|
||||
|
||||
deploy-rs-lib = inputs.deploy-rs.lib.${system};
|
||||
|
@ -74,14 +70,14 @@
|
|||
|
||||
deploy.nodes = with deploy-rs-lib; {
|
||||
TITAN = {
|
||||
hostname = "titan.hyprspace";
|
||||
hostname = "titan.hypr";
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = activate.nixos self.nixosConfigurations.TITAN;
|
||||
};
|
||||
};
|
||||
jericho = {
|
||||
hostname = "jericho.hyprspace";
|
||||
hostname = "jericho.hypr";
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = activate.nixos self.nixosConfigurations.jericho;
|
||||
|
@ -105,14 +101,10 @@
|
|||
|
||||
homeConfigurations = {
|
||||
max = inputs.home-manager.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
modules = [
|
||||
{
|
||||
home.homeDirectory = "/home/max";
|
||||
home.username = "max";
|
||||
}
|
||||
./users/max/home.nix
|
||||
];
|
||||
inherit system;
|
||||
homeDirectory = "/home/max";
|
||||
username = "max";
|
||||
configuration.imports = [ ./users/max/home.nix ];
|
||||
extraSpecialArgs = { inherit inputs; };
|
||||
};
|
||||
};
|
||||
|
|
|
@ -4,12 +4,10 @@ tools: {
|
|||
extraHostNames = clientResolve "titan";
|
||||
};
|
||||
|
||||
hyprspace = {
|
||||
hypr = {
|
||||
id = "QmfJ5Tv2z9jFv9Aocevyn6QqRcfm9eYQZhvYvmAVfACfuM";
|
||||
addr = "10.100.3.7";
|
||||
listenPort = 443;
|
||||
routes = [
|
||||
"10.0.0.0/24"
|
||||
];
|
||||
};
|
||||
|
||||
nixos = import ./system.nix;
|
||||
|
|
|
@ -1,39 +0,0 @@
|
|||
{ config, pkgs, inputs, ... }:
|
||||
|
||||
let
|
||||
toml = pkgs.formats.toml {};
|
||||
atticConfig = toml.generate "attic-upload-config.toml" {
|
||||
default-server = "cache";
|
||||
servers.cache.endpoint = "https://cache-api.privatevoid.net";
|
||||
};
|
||||
|
||||
inherit (inputs.attic.packages.${pkgs.system}) attic;
|
||||
in
|
||||
|
||||
{
|
||||
age.secrets.attic-upload-key = {
|
||||
file = ../../../secrets/attic-upload-key.age;
|
||||
mode = "0400";
|
||||
};
|
||||
|
||||
systemd.services.attic-upload = {
|
||||
description = "Attic Uploader";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
path = [ config.nix.package ];
|
||||
environment.XDG_CONFIG_HOME = "/tmp/attic-upload";
|
||||
preStart = ''
|
||||
install -dm700 "$XDG_CONFIG_HOME/attic"
|
||||
cp --no-preserve=mode ${atticConfig} "$XDG_CONFIG_HOME/attic/config.toml"
|
||||
echo "token = \"$ATTIC_TOKEN\"" >> "$XDG_CONFIG_HOME/attic/config.toml"
|
||||
'';
|
||||
serviceConfig = {
|
||||
ExecStart = "${attic}/bin/attic watch-store nix-store";
|
||||
Restart = "always";
|
||||
RestartSec = "10s";
|
||||
DynamicUser = true;
|
||||
EnvironmentFile = config.age.secrets.attic-upload-key.path;
|
||||
};
|
||||
};
|
||||
}
|
21
hosts/TITAN/extras/cachix-upload-daemon.nix
Normal file
21
hosts/TITAN/extras/cachix-upload-daemon.nix
Normal file
|
@ -0,0 +1,21 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
age.secrets.cachix-upload-key = {
|
||||
file = ../../../secrets/cachix-upload-key.age;
|
||||
mode = "0400";
|
||||
};
|
||||
|
||||
systemd.services.cachix-upload = {
|
||||
description = "Cachix Uploader";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
path = [ config.nix.package ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.cachix}/bin/cachix watch-store max";
|
||||
Restart = "always";
|
||||
DynamicUser = true;
|
||||
EnvironmentFile = config.age.secrets.cachix-upload-key.path;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
{ config, ... }:
|
||||
|
||||
{
|
||||
age.secrets = {
|
||||
|
@ -6,6 +6,10 @@
|
|||
file = ../../../secrets/transmission-rpc-password.age;
|
||||
mode = "0400";
|
||||
};
|
||||
wireguard-key-upload = {
|
||||
file = ../../../secrets/wireguard-key-upload.age;
|
||||
mode = "0400";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.mediamanagers = {
|
||||
|
@ -17,9 +21,8 @@
|
|||
enable = true;
|
||||
group = "mediamanagers";
|
||||
settings = {
|
||||
download-dir = "/srv/data/download";
|
||||
incomplete-dir = "/srv/data/download/.incomplete";
|
||||
incomplete-dir-enabled = false;
|
||||
download-dir = "/srv/data/DOWNLOAD";
|
||||
incomplete-dir = "/srv/data/DOWNLOAD/.incomplete";
|
||||
|
||||
# being a leech
|
||||
speed-limit-up = 20;
|
||||
|
@ -31,13 +34,41 @@
|
|||
|
||||
utp-enabled = false;
|
||||
rpc-bind-address = "0.0.0.0";
|
||||
rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.*,10.100.1.*,10.100.3.*,100.64.*.*";
|
||||
rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.*,10.100.1.*,10.100.3.*";
|
||||
rpc-authentication-required = true;
|
||||
};
|
||||
credentialsFile = config.age.secrets.transmission-rpc-password.path;
|
||||
};
|
||||
systemd.services.transmission = {
|
||||
after = [ "mnt-media\\x2duploads.mount" ];
|
||||
unitConfig = {
|
||||
RequiresMountsFor = [ "/mnt/media-uploads" ];
|
||||
};
|
||||
serviceConfig = {
|
||||
BindPaths = [ "/mnt/media-uploads" ];
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
|
||||
|
||||
services.hyprspace.settings.services.fbi-download = "/tcp/${toString config.services.transmission.settings.rpc-port}";
|
||||
networking.wireguard = {
|
||||
enable = true;
|
||||
interfaces.wgupload = {
|
||||
ips = [ "10.150.0.2/24" ];
|
||||
privateKeyFile = config.age.secrets.wireguard-key-upload.path;
|
||||
allowedIPsAsRoutes = true;
|
||||
peers = [
|
||||
{
|
||||
publicKey = "apKXnlMtcOe8WqCVXJAXEjzppN+qTmESlt0NjMTaclQ=";
|
||||
allowedIPs = [ "10.150.0.0/24" ];
|
||||
endpoint = "116.202.226.86:6969";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
fileSystems."/mnt/media-uploads" = {
|
||||
device = "10.150.0.254:/mnt/storage/media/media/uploads";
|
||||
fsType = "nfs4";
|
||||
noCheck = true;
|
||||
options = [ "rsize=1024" "wsize=1024" "x-systemd.after=wireguard-wgupload.service" "x-systemd.mount-timeout=10s" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
{ lib, ... }:
|
||||
|
||||
{
|
||||
services.xserver.videoDrivers = lib.mkOptionDefault [ "nvidia" ];
|
||||
hardware.nvidia = {
|
||||
nvidiaPersistenced = true;
|
||||
open = false;
|
||||
};
|
||||
}
|
64
hosts/TITAN/extras/shinobi.nix
Normal file
64
hosts/TITAN/extras/shinobi.nix
Normal file
|
@ -0,0 +1,64 @@
|
|||
{ config, inputs, pkgs, ... }:
|
||||
let
|
||||
dataDir = "/srv/data/SHINOBI/shinobi";
|
||||
|
||||
shinobiConfigJson = builtins.toJSON {
|
||||
ffmpegBinary = "${pkgs.ffmpeg}/bin/ffmpeg";
|
||||
port = 38080;
|
||||
db = {
|
||||
host = "127.0.0.1";
|
||||
port = 3306;
|
||||
user = "majesticflame";
|
||||
database = "ccio";
|
||||
};
|
||||
};
|
||||
|
||||
configFile = pkgs.writeText "shinobi-conf.json" shinobiConfigJson;
|
||||
|
||||
secretFile = config.age.secrets.shinobi-secrets.path;
|
||||
|
||||
inherit (inputs.self.packages.${pkgs.system}) shinobi;
|
||||
in
|
||||
{
|
||||
age.secrets.shinobi-secrets = {
|
||||
file = ../../../secrets/shinobi-secrets.age;
|
||||
owner = "shinobi";
|
||||
group = "shinobi";
|
||||
mode = "0400";
|
||||
};
|
||||
services.mysql = {
|
||||
enable = true;
|
||||
settings.mysqld.bind-address = "127.0.0.1";
|
||||
package = pkgs.mariadb;
|
||||
dataDir = "/srv/data/DB/mariadb";
|
||||
};
|
||||
|
||||
users.users.shinobi = {
|
||||
isSystemUser = true;
|
||||
group = "shinobi";
|
||||
};
|
||||
|
||||
users.groups.shinobi = {};
|
||||
|
||||
systemd.tmpfiles.rules = [ "d '${dataDir}' 0750 shinobi shinobi - -" ];
|
||||
|
||||
systemd.services.shinobi = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.bash pkgs.nodejs-14_x ];
|
||||
preStart = ''
|
||||
${pkgs.jq}/bin/jq --slurp '.[0] * .[1]' ${configFile} ${secretFile} | install -Dm600 -o shinobi -g shinobi /dev/stdin ${dataDir}/conf.json
|
||||
'';
|
||||
serviceConfig = {
|
||||
WorkingDirectory = dataDir;
|
||||
User = "shinobi";
|
||||
ExecStart = "${pkgs.nodejs-14_x}/bin/node ${shinobi}/bin/shinobi";
|
||||
KillSignal = "HUP";
|
||||
OOMPolicy = "continue";
|
||||
Restart = "on-abnormal";
|
||||
RestartSec = "5s";
|
||||
};
|
||||
environment.NODE_PATH = "${shinobi}/lib/node_modules/shinobi/node_modules";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 38080 ];
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
boot.extraModulePackages = [
|
||||
config.boot.kernelPackages.vendor-reset
|
||||
];
|
||||
|
||||
boot.initrd.kernelModules = [ "vendor-reset" ];
|
||||
}
|
|
@ -13,19 +13,11 @@
|
|||
"usbhid"
|
||||
"sd_mod"
|
||||
"sr_mod"
|
||||
"dm_cache_smq"
|
||||
"dm_persistent_data"
|
||||
"dm_bio_prison"
|
||||
"dm_bufio"
|
||||
"amdgpu"
|
||||
"ddcci_backlight"
|
||||
];
|
||||
boot.initrd.kernelModules = [ "dm_cache" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
services.lvm.boot.thin.enable = true;
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "tmprootfs";
|
||||
fsType = "tmpfs";
|
||||
|
@ -39,9 +31,8 @@
|
|||
};
|
||||
|
||||
fileSystems."/srv/data" = {
|
||||
device = "/dev/mapper/tank-shelf";
|
||||
fsType = "xfs";
|
||||
neededForBoot = true;
|
||||
device = "/dev/disk/by-label/butter";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
fileSystems."/nix" = {
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
{ config, lib, pkgs, aspect, inputs, hosts, ... }:
|
||||
{ config, pkgs, aspect, inputs, hosts, ... }:
|
||||
|
||||
{
|
||||
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./extras/attic-upload-daemon.nix
|
||||
./extras/cachix-upload-daemon.nix
|
||||
./extras/ddcci-backlight.nix
|
||||
./extras/fbi-downloader.nix
|
||||
./extras/nvidia-ml.nix
|
||||
./extras/vendor-reset.nix
|
||||
./extras/shinobi.nix
|
||||
(import ../../users "desktop").users.max
|
||||
inputs.agenix.nixosModules.age
|
||||
]
|
||||
|
@ -24,11 +23,11 @@
|
|||
prowlarr
|
||||
]);
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_6;
|
||||
|
||||
networking.hostName = "TITAN";
|
||||
|
||||
time.timeZone = "Europe/Vienna";
|
||||
|
@ -39,31 +38,18 @@
|
|||
keyMap = "de";
|
||||
};
|
||||
|
||||
services.xserver.xkb.layout = "de";
|
||||
services.xserver.layout = "de";
|
||||
|
||||
services.xserver.libinput.enable = true;
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
system.stateVersion = "20.09";
|
||||
|
||||
services.fstrim.enable = true;
|
||||
|
||||
users.mutableUsers = false;
|
||||
|
||||
virtualisation.podman.enable = true;
|
||||
|
||||
services.xserver.displayManager.gdm.autoSuspend = false;
|
||||
|
||||
boot.tmp = {
|
||||
useTmpfs = true;
|
||||
tmpfsSize = "75%";
|
||||
};
|
||||
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
externalInterface = "enp24s0";
|
||||
internalIPs = [
|
||||
"100.64.0.0/16"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -12,60 +12,32 @@ in with tools.dns; {
|
|||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICz2nGA+Y4OxhMKsV6vKIns3hOoBkK557712h7FfWXcE";
|
||||
extraHostNames = subResolve "vegas" "backbone";
|
||||
};
|
||||
hyprspace = {
|
||||
hypr = {
|
||||
id = "QmYs4xNBby2fTs8RnzfXEk161KD4mftBfCiR8yXtgGPj4J";
|
||||
routes = [
|
||||
"10.1.0.1/32"
|
||||
"10.10.0.0/16"
|
||||
];
|
||||
addr = "10.100.3.5";
|
||||
};
|
||||
};
|
||||
prophet = {
|
||||
ssh.id = {
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAUG/ubwo68tt2jMP5ia0Sa4mnkWtlKVN5n4Y50U2nTC";
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZ4FyGi69MksEn+UJZ87vw1APqiZmPNlEYIr0CbEoGv";
|
||||
extraHostNames = subResolve "prophet" "node";
|
||||
};
|
||||
hyprspace = {
|
||||
hypr = {
|
||||
id = "QmbrAHuh4RYcyN9fWePCZMVmQjbaNXtyvrDCWz4VrchbXh";
|
||||
routes = [
|
||||
"10.1.0.9/32"
|
||||
];
|
||||
addr = "10.100.3.9";
|
||||
};
|
||||
};
|
||||
checkmate = {
|
||||
styx = {
|
||||
ssh.id = {
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINImnMfEzUBU5qiuu05DMPrddTGypOtr+cL1/yQN2GFn";
|
||||
extraHostNames = subResolve "checkmate" "node";
|
||||
};
|
||||
hyprspace = {
|
||||
id = "12D3KooWL84sAtq1QTYwb7gVbhSNX5ZUfVt4kgYKz8pdif1zpGUh";
|
||||
routes = [
|
||||
"10.1.0.32/32"
|
||||
];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYLrmiuPK77cw71QNzG2zaWs6gsxmYuLyqsUrWMYLnk";
|
||||
extraHostNames = subResolve "styx" "services";
|
||||
};
|
||||
};
|
||||
grail = {
|
||||
AnimusAlpha = let extraHostNames = [ "alpha.animus.com" "animus.com" ]; in {
|
||||
ssh.id = {
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBi5Fm2pmMBhRgJms+me1ldt9Vgj9cMSnB7UllSz3mpY";
|
||||
extraHostNames = subResolve "grail" "node";
|
||||
};
|
||||
hyprspace = {
|
||||
id = "12D3KooWN31twBvdEcxz2jTv4tBfPe3mkNueBwDJFCN4xn7ZwFbi";
|
||||
routes = [
|
||||
"10.1.0.6/32"
|
||||
];
|
||||
};
|
||||
};
|
||||
thunderskin = {
|
||||
ssh.id = {
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV8TbMvGXfAp9R2I9GdR7aLlGjxh2CW1pCZjQSB4TJp";
|
||||
extraHostNames = subResolve "thunderskin" "node";
|
||||
};
|
||||
hyprspace = {
|
||||
id = "12D3KooWB9AUPorFoACkWbphyargRBV9osJsYuQDumtQ85j7Aqmg";
|
||||
routes = [
|
||||
"10.1.0.4/32"
|
||||
];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGpFR47Ev+W+bdng6IrDVpl8rlKBBHSr1v5lwJmZcEFH";
|
||||
extraHostNames = portMap 69 extraHostNames;
|
||||
};
|
||||
ssh.extraConfig = tools.ssh.extraConfig extraHostNames [ "Port 69" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -4,8 +4,9 @@ tools: {
|
|||
extraHostNames = clientResolve "jericho";
|
||||
};
|
||||
|
||||
hyprspace = {
|
||||
hypr = {
|
||||
id = "QmccBLgGP3HR36tTkwSYZX3KDv2EXb1MvYwGVs6PbpbHv9";
|
||||
addr = "10.100.3.13";
|
||||
};
|
||||
|
||||
nixos = import ./system.nix;
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
{
|
||||
boot.kernelPatches = lib.singleton {
|
||||
name = "custom-kernel-config-${config.networking.hostName}";
|
||||
patch = null;
|
||||
extraConfig = builtins.readFile ./kernel-config.txt;
|
||||
};
|
||||
}
|
|
@ -1,12 +0,0 @@
|
|||
{ inputs, pkgs, ... }:
|
||||
|
||||
{
|
||||
services.fprintd = {
|
||||
enable = true;
|
||||
};
|
||||
security.pam.services = {
|
||||
login.fprintAuth = false;
|
||||
gdm-password.fprintAuth = false;
|
||||
gdm-fingerprint.fprintAuth = true;
|
||||
};
|
||||
}
|
|
@ -2,15 +2,24 @@
|
|||
|
||||
{
|
||||
boot.kernelPatches = let
|
||||
patch = pkgs.runCommand "kernel-clr-combined.patch" {
|
||||
nativeBuildInputs = [ pkgs.gnugrep ];
|
||||
} ''
|
||||
cd ${inputs.kernel-clr}
|
||||
grep -o '^%patch[0-9]* ' linux.spec \
|
||||
| grep -o '[0-9]*' \
|
||||
| xargs -I '{}' grep '^Patch{}:' linux.spec \
|
||||
| cut -d" " -f2- | xargs cat >> $out
|
||||
'';
|
||||
pickPatch = x: "${inputs.kernel-clr}/${x}";
|
||||
patchFiles = map pickPatch [
|
||||
"0104-pci-pme-wakeups.patch"
|
||||
"0108-smpboot-reuse-timer-calibration.patch"
|
||||
"0110-give-rdrand-some-credit.patch"
|
||||
"0111-ipv4-tcp-allow-the-memory-tuning-for-tcp-to-go-a-lit.patch"
|
||||
"0118-add-scheduler-turbo3-patch.patch"
|
||||
"0119-use-lfence-instead-of-rep-and-nop.patch"
|
||||
"0120-do-accept-in-LIFO-order-for-cache-efficiency.patch"
|
||||
"0121-locking-rwsem-spin-faster.patch"
|
||||
"itmt_epb.patch"
|
||||
"mm-wakeups.patch"
|
||||
"percpu-minsize.patch"
|
||||
"socket.patch"
|
||||
];
|
||||
patches = map builtins.readFile patchFiles;
|
||||
patchSet = builtins.concatStringsSep "\n" patches;
|
||||
patch = pkgs.writeText "kernel-clr-combined.patch" patchSet;
|
||||
in [{
|
||||
inherit patch;
|
||||
name = "Clear Linux* patchset";
|
||||
|
|
|
@ -1,124 +0,0 @@
|
|||
CAN n
|
||||
CAIF n
|
||||
AGP n
|
||||
DRM_NOUVEAU n
|
||||
DRM_VMWGFX n
|
||||
DRM_AST n
|
||||
DRM_MGAG200 n
|
||||
DRM_QXL n
|
||||
DRM_VIRTIO_GPU n
|
||||
DRM_ETNAVIV n
|
||||
DRM_CIRRUS_QEMU n
|
||||
ACCESSIBILITY n
|
||||
INFINIBAND n
|
||||
HYPERV n
|
||||
XEN_BALLOON n
|
||||
XEN_DEV_EVTCHN n
|
||||
XENFS n
|
||||
XEN_SYS_HYPERVISOR n
|
||||
XEN_GNTDEV n
|
||||
XEN_GRANT_DEV_ALLOC n
|
||||
XEN_PCIDEV_BACKEND n
|
||||
XEN_PVCALLS_FRONTEND n
|
||||
XEN_PVCALLS_BACKEND n
|
||||
XEN_SCSI_BACKEND n
|
||||
XEN_PRIVCMD n
|
||||
XEN_ACPI_PROCESSOR n
|
||||
GREYBUS n
|
||||
SOUNDWIRE n
|
||||
REISERFS_FS n
|
||||
JFS_FS n
|
||||
GFS2_FS n
|
||||
OCFS2_FS n
|
||||
NILFS2_FS n
|
||||
ORANGEFS_FS n
|
||||
ADFS_FS n
|
||||
AFFS_FS n
|
||||
BEFS_FS n
|
||||
BFS_FS n
|
||||
EFS_FS n
|
||||
JFFS2_FS n
|
||||
UBIFS_FS n
|
||||
VXFS_FS n
|
||||
MINIX_FS n
|
||||
OMFS_FS n
|
||||
HPFS_FS n
|
||||
QNX4FS_FS n
|
||||
QNX6FS_FS n
|
||||
SYSV_FS n
|
||||
KVM_AMD n
|
||||
XEN_PCIDEV_FRONTEND n
|
||||
VMD n
|
||||
PCI_MESON n
|
||||
PCCARD n
|
||||
RAPIDIO n
|
||||
GNSS n
|
||||
MTD n
|
||||
PARPORT n
|
||||
BLK_DEV_SX8 n
|
||||
CDROM_PKTCDVD n
|
||||
ATA_OVER_ETH n
|
||||
XEN_BLKDEV_FRONTEND n
|
||||
XEN_BLKDEV_BACKEND n
|
||||
FIREWIRE n
|
||||
FIREWIRE_NOSY n
|
||||
MACINTOSH_DRIVERS n
|
||||
FDDI n
|
||||
HIPPI n
|
||||
NET_SB1000 n
|
||||
SLIP n
|
||||
XEN_NETDEV_FRONTEND n
|
||||
XEN_NETDEV_BACKEND n
|
||||
VMXNET3 n
|
||||
DRM_RADEON n
|
||||
DRM_AMDGPU n
|
||||
MEMSTICK n
|
||||
ATLAS_PH_SENSOR n
|
||||
ATLAS_EZO_SENSOR n
|
||||
BME680 n
|
||||
CCS811 n
|
||||
IAQCORE n
|
||||
PMS7003 n
|
||||
SCD30_CORE n
|
||||
SCD4X n
|
||||
SENSIRION_SGP30 n
|
||||
SENSIRION_SGP40 n
|
||||
SPS30_I2C n
|
||||
SPS30_SERIAL n
|
||||
SENSEAIR_SUNRISE_CO2 n
|
||||
VZ89X n
|
||||
IIO_CROS_EC_SENSORS_CORE n
|
||||
AFE4403 n
|
||||
AFE4404 n
|
||||
MAX30100 n
|
||||
MAX30102 n
|
||||
AM2315 n
|
||||
DHT11 n
|
||||
HDC100X n
|
||||
HDC2010 n
|
||||
HID_SENSOR_HUMIDITY n
|
||||
HTS221 n
|
||||
HTU21 n
|
||||
SI7005 n
|
||||
SI7020 n
|
||||
ABP060MG n
|
||||
BMP280 n
|
||||
DLHL60D n
|
||||
DPS310 n
|
||||
HID_SENSOR_PRESS n
|
||||
HP03 n
|
||||
ICP10100 n
|
||||
MPL115_I2C n
|
||||
MPL115_SPI n
|
||||
MPL3115 n
|
||||
MS5611 n
|
||||
MS5637 n
|
||||
IIO_ST_PRESS n
|
||||
T5403 n
|
||||
HP206C n
|
||||
ZPA2326 n
|
||||
IPACK_BUS n
|
||||
PHY_CAN_TRANSCEIVER n
|
||||
MCB n
|
||||
FPGA n
|
||||
SIOX n
|
|
@ -1,18 +0,0 @@
|
|||
{ config, inputs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
inputs.lanzaboote.nixosModules.lanzaboote
|
||||
];
|
||||
|
||||
age.secrets.secureBootKey.file = ../../../secrets/secure-boot-private-key-jericho.age;
|
||||
|
||||
boot.lanzaboote = {
|
||||
enable = true;
|
||||
configurationLimit = 50;
|
||||
publicKeyFile = ./secure-boot/db.pem;
|
||||
# BUG: the bootloader installation runs before/without the activation script,
|
||||
# so this key may not exist unless the system has been activated beforehand.
|
||||
privateKeyFile = config.age.secrets.secureBootKey.path;
|
||||
};
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIE+TCCAuGgAwIBAgIRAKeYRMV7Va8InQlau+W84swwDQYJKoZIhvcNAQELBQAw
|
||||
LjEVMBMGA1UEBhMMRGF0YWJhc2UgS2V5MRUwEwYDVQQDEwxEYXRhYmFzZSBLZXkw
|
||||
HhcNMjMwMTExMjE0MDEzWhcNMjgwMTExMjE0MDEzWjAuMRUwEwYDVQQGEwxEYXRh
|
||||
YmFzZSBLZXkxFTATBgNVBAMTDERhdGFiYXNlIEtleTCCAiIwDQYJKoZIhvcNAQEB
|
||||
BQADggIPADCCAgoCggIBALG4gvuyX8lX0HhbLxEkKmEh1ikjR6XxGhWEHePa+xhC
|
||||
aCHpPdG4R4Q3U/PGNteaxhoFCRTo6TkUcU/WtoYb3CNcDZ51mtUHtY9KFY5A5Yki
|
||||
yPnNT0W+LFP+vz9B1U+soHp1EA6HgbB/CGWvhmMHwZSzhMsOTsad7nZaiaBfzUmU
|
||||
p6y616XfI2RzpIlctxQGWNOL0lpdOqCW247ujJdubezvuoXw5gS+6yUi5ssegPdu
|
||||
UuQkZvgO9yNawISSPNNLj7TbmOC19mQ0q3KcangCCt8/93bbjdtlWMwaDoiWCtL5
|
||||
e7+Fo/MlhRovcmcz2wPGUr4tn/64mTuMWHhK9CvyIPS3hf7oNGZEWeSdvp8ppaM5
|
||||
OtocRkDmJjSS+45iEU+d6TTWMrK6s+Mx9UWWJDn/HqRnlmxW4E2eFRhuFRW6/SaB
|
||||
SbY3X36GMzByj84A4qKwkUGBCK9UZnflXiPv/KSumyg5wmQU4ulAirpMsGP6o78F
|
||||
vKE8j8avHfC70LPuv9o+pgecp9F7Kg5f6ywGPfXSxv054znV6ZMxpUa0NjLEMp57
|
||||
2PVfd3EeifgY4M4T5/wQulp8vxN9ipqD/toro16gRB2/Cb1o5FtwV9Fe4/ndVfUA
|
||||
m8bnG2zo0iLU15L1iTW4vdDZp40BZhzptaz2Xuykqum+BK+8idNtZ8xG5Fy+rED3
|
||||
AgMBAAGjEjAQMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAgEAIJSY
|
||||
Lp9/84FJv0/QSBJwI9Ly6p2lobaaZqsUVrOHYqz1Q6VU3zhhTbIYsdfiq/RJY/Dq
|
||||
w7qPPHwDN9+MgeKPN89q/kXZcZGxO+mT+eAjNBzJUJ3dUfuuoDRgQQEzVd9jUmEA
|
||||
F39SPZWoa4lefLNdKk7tGu/8T6wmXk03q/RHsG4xWHn4fLdg9XHI4g5o2W9Vorf/
|
||||
Y2Tz+oQTSipRrqX7lZ0xHGriWp4qTHikBsunzZ/krupSCvAahzG+fDnNYuNHj1FX
|
||||
/bsITw/2NU7xzJXIRI2+VPTRIppSyZ5hvRBrwfA7mVdRq2HjT0wIRfjnppJvNrOQ
|
||||
iBKZb/q7shy7bq35SSLpnAQk4ne0BAqPbJP31UxZZ7lzSvynGCUQDwM7A50OkGLC
|
||||
V9+ov+44+0NN7gCvXhhd8uPuunBTa9zv2gcnoBIy51KvBTxFZ4LOHeU9esPc7W/z
|
||||
qVaU+yOP3lUJI0Ou285zkP1xhkJyLqv2WlfuXbNxBi3ZmAckrQTjh2llOjSBdy8F
|
||||
Ce14ni9ybLiIouiEFtBEvDN4jMudDpL04zCuT9amkfznooQsak3T7QrvHl52qLDp
|
||||
HLOtegwnn8M1ivoqmM6eValayBKN/2gFjHpHmZQmf7J636UNvs6FIvpsPznj+L7a
|
||||
uJmcfil84qaqDLTNQJfIAyPvOqdnwFO8FiNuAQE=
|
||||
-----END CERTIFICATE-----
|
|
@ -18,6 +18,16 @@
|
|||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/home" = {
|
||||
device = "/dev/disk/by-partlabel/home";
|
||||
fsType = "xfs";
|
||||
};
|
||||
|
||||
fileSystems."/srv/data" = {
|
||||
device = "/dev/disk/by-partlabel/data";
|
||||
fsType = "xfs";
|
||||
};
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.sensor.iio.enable = true;
|
||||
}
|
||||
|
|
|
@ -3,11 +3,8 @@
|
|||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./extras/custom-kernel.nix
|
||||
./extras/fprint.nix
|
||||
./extras/i915-dp-hdmi-always-full-color-patch.nix
|
||||
./extras/kernel-clr.nix
|
||||
./extras/lanzaboote.nix
|
||||
./extras/thermal.nix
|
||||
(import ../../users "desktop").users.max
|
||||
inputs.nixos-hardware.nixosModules.dell-xps-13-7390
|
||||
|
@ -16,21 +13,24 @@
|
|||
++ aspect.sets.laptop
|
||||
++ (with aspect.modules; [ games ]);
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.linux_6_9.override {
|
||||
ignoreConfigErrors = true;
|
||||
});
|
||||
boot.kernelPackages = pkgs.linuxPackages_5_16;
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
networking.hostName = "jericho";
|
||||
|
||||
time.timeZone = "Europe/Vienna";
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "";
|
||||
keyMap = "us";
|
||||
};
|
||||
|
||||
services.xserver.xkb.layout = "us";
|
||||
services.xserver.layout = "us";
|
||||
|
||||
services.xserver.libinput.enable = true;
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
|
@ -38,6 +38,6 @@
|
|||
|
||||
services.fstrim.enable = true;
|
||||
|
||||
services.kubo.dataDir = "/srv/data/ipfs";
|
||||
services.ipfs.dataDir = "/srv/data/ipfs";
|
||||
}
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
];
|
||||
findResolve = list: dnameResolve (append "find" list) ++ append "f.void" list;
|
||||
dnameResolve = list: append "private.void" list ++ append "privatevoid.net" list;
|
||||
vpnResolve = list: dnameResolve (append "vpn" list) ++ (append "hyprspace" list);
|
||||
vpnResolve = list: dnameResolve (append "vpn" list) ++ (append "hypr" list);
|
||||
llmnrResolve = append "local";
|
||||
append = part: map (x: "${x}.${part}");
|
||||
portMap = port: map (x: "[${x}]:${builtins.toString port}");
|
||||
|
|
|
@ -8,15 +8,15 @@
|
|||
|
||||
inherit (patched)
|
||||
ddcci-driver-with-global-control
|
||||
kubo
|
||||
nerdfonts-terminus
|
||||
terminus_font_fancy
|
||||
libfprint
|
||||
fprintd
|
||||
webkitgtk
|
||||
;
|
||||
|
||||
doas = patched.doas-interactive;
|
||||
|
||||
ipfs = patched.lain-ipfs;
|
||||
|
||||
hydra-unstable = patched.hydra;
|
||||
|
||||
nix-direnv = super.nix-direnv.override {
|
||||
|
@ -29,7 +29,14 @@
|
|||
commandLineArgs = "--enable-features=OverlayScrollbar,OverlayScrollbarFlashAfterAnyScrollUpdate,OverlayScrollbarFlashWhenMouseEnter --auth-server-whitelist=*privatevoid.net";
|
||||
};
|
||||
|
||||
inherit (patched) gnome-control-center nautilus;
|
||||
gnome = super.gnome.overrideScope' (self': super': {
|
||||
inherit (patched) nautilus;
|
||||
gnome-control-center = patched.gnome-control-center.override { inherit (self') gnome-user-share; };
|
||||
});
|
||||
|
||||
tilix = patched.tilix-high-refresh-rate;
|
||||
|
||||
|
||||
}))
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,23 +0,0 @@
|
|||
{ pkgs, config, inputs, ... }:
|
||||
let
|
||||
inherit (inputs.self.packages.${pkgs.system}) brig;
|
||||
in
|
||||
{
|
||||
environment.systemPackages = [ brig ];
|
||||
|
||||
systemd.user.services.brig = {
|
||||
description = "Brig Daemon";
|
||||
wantedBy = [ "gnome-session.target" ];
|
||||
path = [ "/run/wrappers" config.services.kubo.package ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${brig}/bin/brig --repo %h/.brig daemon launch";
|
||||
#ExecStartPost = "${brig}/bin/brig fstab apply";
|
||||
Restart = "always";
|
||||
Slice = "background.slice";
|
||||
SyslogIdentifier = "brig";
|
||||
};
|
||||
environment = {
|
||||
inherit (config.environment.variables) IPFS_PATH;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
port = 31350;
|
||||
in
|
||||
|
||||
{
|
||||
services.cockpit = {
|
||||
enable = true;
|
||||
inherit port;
|
||||
package = pkgs.cockpit.overrideAttrs {
|
||||
postFixup = ''
|
||||
for package in apps kdump packagekit playground selinux sosreport; do
|
||||
rm -rf $out/share/cockpit/$package
|
||||
done
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
services.hyprspace.settings.services.manage = "/tcp/${toString port}";
|
||||
}
|
|
@ -3,16 +3,13 @@ with builtins;
|
|||
let
|
||||
aspects = [
|
||||
./autopatch
|
||||
./brig
|
||||
./cockpit
|
||||
./desktop
|
||||
./enterprise
|
||||
./firewall
|
||||
./games
|
||||
./hardened
|
||||
./hyprspace
|
||||
./idm
|
||||
./impurity-logger
|
||||
./ipfs
|
||||
./ipfs-lain
|
||||
./jackett
|
||||
./laptop-config
|
||||
./lidarr
|
||||
|
@ -27,7 +24,6 @@ let
|
|||
./shell-config
|
||||
./sound
|
||||
./ssh
|
||||
./xr
|
||||
];
|
||||
mappedAspects = map (x: { name = baseNameOf x; value = import x; }) aspects;
|
||||
in rec {
|
||||
|
@ -35,15 +31,13 @@ in rec {
|
|||
sets = with modules; rec {
|
||||
base = [
|
||||
autopatch
|
||||
cockpit
|
||||
enterprise
|
||||
hardened
|
||||
idm
|
||||
impurity-logger
|
||||
];
|
||||
|
||||
networking = [ firewall ssh ];
|
||||
|
||||
client-networking = networking ++ [ networking-client nm-vdns-auto ipfs hyprspace ];
|
||||
client-networking = networking ++ [ networking-client nm-vdns-auto ipfs-lain hyprspace ];
|
||||
|
||||
desktop = [
|
||||
modules.desktop
|
||||
|
@ -53,7 +47,6 @@ in rec {
|
|||
nix-config
|
||||
shell-config
|
||||
sound
|
||||
xr
|
||||
] ++ base ++ client-networking;
|
||||
|
||||
laptop = desktop ++ [ laptop-config ];
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
{
|
||||
hardware.bluetooth.settings = {
|
||||
General.Experimental = true;
|
||||
};
|
||||
}
|
|
@ -6,13 +6,6 @@
|
|||
in {
|
||||
imports = [
|
||||
./package-sets.nix
|
||||
./nixpak-tricks.nix
|
||||
./hidden-apps.nix
|
||||
./helix-desktop.nix
|
||||
./open-in-blackbox.nix
|
||||
./bluetooth.nix
|
||||
./pkexec.nix
|
||||
./security.nix
|
||||
];
|
||||
|
||||
services.xserver = {
|
||||
|
@ -27,57 +20,20 @@ in {
|
|||
|
||||
programs.adb.enable = true;
|
||||
|
||||
environment.gnome.excludePackages = with pkgs; [
|
||||
environment.gnome.excludePackages = with pkgs.gnome; [
|
||||
cheese
|
||||
gnome-logs
|
||||
gnome-music
|
||||
gnome-console
|
||||
gnome-photos
|
||||
gnome-tour
|
||||
orca
|
||||
snapshot
|
||||
totem
|
||||
yelp
|
||||
];
|
||||
|
||||
desktop.hiddenApps = [
|
||||
"startcenter.desktop" # LibreOffice Start Center
|
||||
"xsltfilter.desktop" # LibreOffice XSLT based filters
|
||||
"xterm.desktop"
|
||||
"cups.desktop"
|
||||
"scrcpy-console.desktop"
|
||||
|
||||
# all the Krita mimetype stuff
|
||||
"krita_brush.desktop"
|
||||
"krita_csv.desktop"
|
||||
"krita_exr.desktop"
|
||||
"krita_gif.desktop"
|
||||
"krita_heif.desktop"
|
||||
"krita_heightmap.desktop"
|
||||
"krita_jp2.desktop"
|
||||
"krita_jpeg.desktop"
|
||||
"krita_jxl.desktop"
|
||||
"krita_kra.desktop"
|
||||
"krita_krz.desktop"
|
||||
"krita_ora.desktop"
|
||||
"krita_pdf.desktop"
|
||||
"krita_png.desktop"
|
||||
"krita_psd.desktop"
|
||||
"krita_qimageio.desktop"
|
||||
"krita_raw.desktop"
|
||||
"krita_spriter.desktop"
|
||||
"krita_svg.desktop"
|
||||
"krita_tga.desktop"
|
||||
"krita_tiff.desktop"
|
||||
"krita_webp.desktop"
|
||||
"krita_xcf.desktop"
|
||||
pkgs.gnome-photos
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = "hx";
|
||||
EDITOR = "nvim";
|
||||
SSH_ASKPASS = lib.mkForce "";
|
||||
};
|
||||
|
||||
fonts.packages = with pkgs; [
|
||||
fonts.fonts = with pkgs; [
|
||||
terminus_font_fancy
|
||||
terminus_font_ttf
|
||||
nerdfonts-terminus
|
||||
|
@ -87,10 +43,9 @@ in {
|
|||
security = {
|
||||
sudo.enable = false;
|
||||
doas.enable = true;
|
||||
doas.extraRules = lib.mkForce [ rec {
|
||||
doas.extraRules = [{
|
||||
groups = [ "wheel" ];
|
||||
noPass = !config.services.fprintd.enable;
|
||||
persist = !noPass;
|
||||
noPass = true;
|
||||
}];
|
||||
};
|
||||
|
||||
|
@ -117,16 +72,11 @@ in {
|
|||
services.packagekit.enable = lib.mkForce false;
|
||||
programs.gnome-terminal.enable = false;
|
||||
|
||||
qt = {
|
||||
qt5 = {
|
||||
enable = true;
|
||||
platformTheme = "gtk2";
|
||||
style = "gtk2";
|
||||
};
|
||||
|
||||
virtualisation.libvirtd = {
|
||||
enable = true;
|
||||
qemu.package = pkgs.qemu_kvm;
|
||||
};
|
||||
|
||||
services.printing.drivers = with pkgs; [ hplip gutenprint ];
|
||||
virtualisation.libvirtd.enable = true;
|
||||
}
|
||||
|
|
|
@ -1,58 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
helixDesktop = pkgs.makeDesktopItem {
|
||||
name = "net.privatevoid.HelixDesktop";
|
||||
desktopName = "Helix";
|
||||
comment = "Helix Editor";
|
||||
mimeTypes = [
|
||||
"text/plain"
|
||||
"application/x-zerosize"
|
||||
"inode/directory"
|
||||
];
|
||||
inherit icon;
|
||||
tryExec = "hx";
|
||||
exec = ''${hxOpenHandler} %F'';
|
||||
};
|
||||
|
||||
icon = pkgs.fetchurl {
|
||||
name = "helix-logo.svg";
|
||||
url = "https://raw.githubusercontent.com/helix-editor/helix/d1a4bd876b3ae646693c0905d7f29b636e2e5033/logo.svg";
|
||||
sha256 = "sha256-1XBrlGbCfkfYhIZuQ9eDBgDoohup/gQ9VZynEerUqcY=";
|
||||
};
|
||||
|
||||
hxOpenHandler = pkgs.writeShellScript "hx-open-handler" ''
|
||||
isDir () { test -d "$1"; }
|
||||
isFile () { test -f "$1"; }
|
||||
findAnyDir () {
|
||||
for f in "$@"; do
|
||||
if test -d "$f"; then
|
||||
echo "$f"
|
||||
return 0
|
||||
fi
|
||||
done
|
||||
return 1
|
||||
}
|
||||
if [[ "$#" == 0 ]]; then
|
||||
exec blackbox -w "$HOME" -c hx
|
||||
elif [[ "$#" == 1 ]]; then
|
||||
isDir "$1" && exec blackbox -w "$1" -c "hx ."
|
||||
isFile "$1" && exec blackbox -w "$(dirname "$1")" -c "hx '$1'"
|
||||
else
|
||||
firstDir="$(findAnyDir "$@")"
|
||||
findAnyDirStatus="$?"
|
||||
if [[ "$findAnyDirStatus" == 0 ]]; then
|
||||
exec blackbox -w "$firstDir" -c "hx ."
|
||||
else
|
||||
# magic: find common base directory
|
||||
workDir="$(dirname "$@" | sed -e 'N;s/^\(.*\).*\n\1.*$/\1\n\1/;D')"
|
||||
args=("$@")
|
||||
exec blackbox -w "$workDir" -c "hx ''${args[*]@Q}"
|
||||
fi
|
||||
fi
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
environment.systemPackages = [ helixDesktop ];
|
||||
}
|
|
@ -1,31 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (config.desktop) hiddenApps;
|
||||
|
||||
hiddenDesktopFile = pkgs.writeText "hidden.desktop" ''
|
||||
[Desktop Entry]
|
||||
Hidden=true
|
||||
NoDisplay=true
|
||||
'';
|
||||
hiddenAppsPackage = pkgs.runCommandLocal "hidden-apps" {} ''
|
||||
mkdir -p $out/share/applications
|
||||
for app in ${lib.escapeShellArgs hiddenApps}; do
|
||||
ln -sf ${hiddenDesktopFile} "$out/share/applications/$app"
|
||||
done
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
options.desktop = {
|
||||
hiddenApps = lib.mkOption {
|
||||
type = with lib.types; listOf str;
|
||||
default = [];
|
||||
};
|
||||
};
|
||||
config = lib.mkIf (hiddenApps != []) {
|
||||
environment.systemPackages = [
|
||||
(lib.hiPrio hiddenAppsPackage)
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,32 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
# tricks xdg-document-portal into not using the document portal for pointless things
|
||||
# note that we report read-write even if the access is supposed to be read-only,
|
||||
# because ticking the checkbox in the dialog every time is annoying, ro status
|
||||
# is enforced by the sandbox anyway
|
||||
# example call: flatpak info --file-access=/srv/file.txt com.nixpak.Whatever
|
||||
documentPortalFileAccessTrick = pkgs.writeShellScriptBin "flatpak" ''
|
||||
[[ "$1" == "info" ]] || exit 1
|
||||
case "$3" in
|
||||
org.chromium.Chromium)
|
||||
case "''${2#--file-access=}" in
|
||||
$HOME/Downloads*) echo read-write;;
|
||||
*) echo hidden;;
|
||||
esac;;
|
||||
io.bassi.Amberol)
|
||||
case "''${2#--file-access=}" in
|
||||
$HOME/Music*) echo read-write;;
|
||||
/srv/data/music*) echo read-write;;
|
||||
*) echo hidden;;
|
||||
esac;;
|
||||
*)
|
||||
echo hidden;;
|
||||
esac
|
||||
'';
|
||||
in
|
||||
{
|
||||
environment.systemPackages = [
|
||||
documentPortalFileAccessTrick
|
||||
];
|
||||
}
|
|
@ -1,18 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
openInBlackBox = pkgs.makeDesktopItem {
|
||||
name = "net.privatevoid.OpenInBlackBox";
|
||||
desktopName = "Black Box";
|
||||
noDisplay = true;
|
||||
mimeTypes = [ "inode/directory" ];
|
||||
icon = "com.raggesilver.BlackBox";
|
||||
startupNotify = false;
|
||||
tryExec = "blackbox";
|
||||
exec = "blackbox -w %f";
|
||||
};
|
||||
in
|
||||
|
||||
{
|
||||
environment.systemPackages = [ openInBlackBox ];
|
||||
}
|
|
@ -1,9 +1,10 @@
|
|||
{ pkgs, inputs, lib, ... }: let
|
||||
custom = inputs.self.packages.${pkgs.system};
|
||||
|
||||
sets = with pkgs; {
|
||||
{ pkgs, config, inputs, lib, ... }: let
|
||||
sets = with pkgs; rec {
|
||||
editor = [
|
||||
inputs.modular-nvim.defaultPackage.x86_64-linux
|
||||
];
|
||||
writing = [
|
||||
(apostrophe.override { texliveMedium = pkgs.emptyDirectory; })
|
||||
apostrophe
|
||||
libreoffice
|
||||
];
|
||||
drawing = [
|
||||
|
@ -11,7 +12,7 @@
|
|||
gimp
|
||||
inkscape
|
||||
krita
|
||||
rnote
|
||||
xournalpp
|
||||
];
|
||||
cli-utils = [
|
||||
bat
|
||||
|
@ -26,45 +27,30 @@
|
|||
xh
|
||||
];
|
||||
www = [
|
||||
custom.ungoogled-chromium
|
||||
ungoogled-chromium
|
||||
];
|
||||
gui-apps = with custom; [
|
||||
amberol
|
||||
blackbox-high-refresh-rate
|
||||
cavalier
|
||||
denaro
|
||||
deja-dup
|
||||
dialect
|
||||
gui-apps = with inputs.self.packages.x86_64-linux; [
|
||||
identity
|
||||
obfuscate
|
||||
fragments-remote
|
||||
tubefeeder
|
||||
wike
|
||||
] ++ [
|
||||
celluloid
|
||||
easyeffects
|
||||
endeavour
|
||||
gnome-firmware-updater
|
||||
gnome-podcasts
|
||||
dconf-editor
|
||||
gnome-boxes
|
||||
gnome-sound-recorder
|
||||
gnome-tweaks
|
||||
nautilus-python
|
||||
jellyfin-media-player
|
||||
junction
|
||||
newsflash
|
||||
gnome.dconf-editor
|
||||
gnome.gnome-boxes
|
||||
gnome.gnome-todo
|
||||
gnome.gnome-tweaks
|
||||
gnome.nautilus-python
|
||||
lollypop
|
||||
pavucontrol
|
||||
scrcpy
|
||||
vaults
|
||||
tilix
|
||||
virt-manager
|
||||
warp
|
||||
];
|
||||
dev-tools = [
|
||||
d-spy
|
||||
emblem
|
||||
sysprof
|
||||
textpieces
|
||||
custom.git-remote-ipld
|
||||
custom.webfont-kit-generator
|
||||
bustle
|
||||
gnome-builder
|
||||
inputs.self.packages.x86_64-linux.neovim-gtk
|
||||
];
|
||||
system = with pkgs.gnomeExtensions; [
|
||||
appindicator
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
{
|
||||
security.polkit.extraConfig = /*javascript*/ ''
|
||||
polkit.addRule(function(action, subject) {
|
||||
if (
|
||||
action.id == "org.freedesktop.policykit.exec" &&
|
||||
subject.isInGroup("wheel")
|
||||
) {
|
||||
if (subject.active) {
|
||||
return polkit.Result.AUTH_SELF_KEEP;
|
||||
} else {
|
||||
return polkit.Result.AUTH_SELF;
|
||||
}
|
||||
}
|
||||
});
|
||||
'';
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
{
|
||||
programs.yubikey-touch-detector.enable = true;
|
||||
}
|
30
modules/enterprise/default.nix
Normal file
30
modules/enterprise/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{ pkgs, config, inputs, ... }:
|
||||
let
|
||||
orgDomain = "privatevoid.net";
|
||||
orgRealm = "PRIVATEVOID.NET";
|
||||
in {
|
||||
krb5 = {
|
||||
enable = true;
|
||||
domain_realm = {
|
||||
${orgDomain} = orgRealm;
|
||||
".${orgDomain}" = orgRealm;
|
||||
};
|
||||
libdefaults = {
|
||||
default_realm = orgRealm;
|
||||
dns_lookup_kdc = true;
|
||||
rdns = false;
|
||||
forwardable = true;
|
||||
default_ccache_name = "KEYRING:persistent:%{uid}";
|
||||
pkinit_anchors = "FILE:${inputs.self.packages.x86_64-linux.privatevoid-smart-card-ca-bundle}";
|
||||
};
|
||||
realms = {
|
||||
"${orgRealm}" = rec {
|
||||
kdc = "authsys.virtual-machines.privatevoid.net";
|
||||
admin_server = kdc;
|
||||
kpasswd_server = kdc;
|
||||
default_domain = orgDomain;
|
||||
};
|
||||
};
|
||||
};
|
||||
services.pcscd.enable = true;
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
{ pkgs, config, ... }:
|
||||
{
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
hardware.graphics.enable32Bit = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
programs.steam.enable = true;
|
||||
}
|
||||
|
|
|
@ -1,55 +1,75 @@
|
|||
{ inputs, pkgs, lib, hosts, config, ... }:
|
||||
let
|
||||
inherit (config.networking) hostName;
|
||||
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hyprspace) hosts;
|
||||
peersFormatted = builtins.mapAttrs (name: x: {
|
||||
inherit name;
|
||||
inherit (x.hyprspace) id;
|
||||
routes = map (net: { inherit net; }) (x.hyprspace.routes or []);
|
||||
}) hyprspaceCapableNodes;
|
||||
inherit (inputs.self.packages.${pkgs.system}) hyprspace;
|
||||
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hypr) hosts;
|
||||
peersFormatted = builtins.mapAttrs (_: x: { "${x.hypr.addr}".id = x.hypr.id; }) hyprspaceCapableNodes;
|
||||
peersFiltered = lib.filterAttrs (name: _: name != hostName) peersFormatted;
|
||||
peerList = builtins.attrValues peersFiltered;
|
||||
buildHyprspacePeerList = peers: pkgs.writeText "hyprspace-peers.yml" (builtins.toJSON peers);
|
||||
peers = lib.foldAttrs (n: _: n) null (builtins.attrValues peersFiltered);
|
||||
peerList = buildHyprspacePeerList peers;
|
||||
myNode = hosts.${hostName};
|
||||
listenPort = myNode.hyprspace.listenPort or 8001;
|
||||
listenPort = myNode.hypr.listenPort or 8001;
|
||||
|
||||
precedingConfig = pkgs.writeText "hyprspace-interface.yml" ''
|
||||
interface:
|
||||
name: hyprspace
|
||||
listen_port: ${builtins.toString listenPort}
|
||||
id: ${myNode.hypr.id}
|
||||
address: ${myNode.hypr.addr}/24
|
||||
private_key: !!binary |
|
||||
'';
|
||||
|
||||
privateKeyFile = config.age.secrets.hyprspace-key.path;
|
||||
runConfig = "/run/hyprspace.yml";
|
||||
in {
|
||||
imports = [
|
||||
inputs.hyprspace.nixosModules.default
|
||||
];
|
||||
networking.hosts = lib.mapAttrs' (k: v: lib.nameValuePair (v.hypr.addr) ([k "${k}.hypr"])) hyprspaceCapableNodes;
|
||||
age.secrets.hyprspace-key = {
|
||||
file = ../../secrets/hyprspace-key- + "${hostName}.age";
|
||||
mode = "0400";
|
||||
};
|
||||
|
||||
age.secrets.ipfs-swarm-key = {
|
||||
file = ../../secrets/ipfs-swarm-key.age;
|
||||
mode = "0400";
|
||||
};
|
||||
systemd.services.hyprspace = {
|
||||
environment = lib.optionalAttrs config.services.kubo.enable {
|
||||
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
|
||||
};
|
||||
};
|
||||
|
||||
services.hyprspace = {
|
||||
enable = true;
|
||||
inherit privateKeyFile;
|
||||
settings = {
|
||||
listenAddresses = let
|
||||
port = toString listenPort;
|
||||
in [
|
||||
"/ip4/0.0.0.0/tcp/${port}"
|
||||
"/ip4/0.0.0.0/udp/${port}/quic-v1"
|
||||
"/ip6/::/tcp/${port}"
|
||||
"/ip6/::/udp/${port}/quic-v1"
|
||||
];
|
||||
peers = peerList;
|
||||
};
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
preStart = ''
|
||||
test -e ${runConfig} && rm ${runConfig}
|
||||
touch ${runConfig}
|
||||
chmod 0600 ${runConfig}
|
||||
|
||||
cat ${precedingConfig} >> ${runConfig}
|
||||
sed 's/^/ /g' ${privateKeyFile} >> ${runConfig}
|
||||
echo -n 'peers: ' >> ${runConfig}
|
||||
cat ${peerList} >> ${runConfig}
|
||||
|
||||
chmod 0400 ${runConfig}
|
||||
'';
|
||||
environment.HYPRSPACE_SWARM_KEY = config.age.secrets.ipfs-swarm-key.path;
|
||||
serviceConfig = {
|
||||
ExecStart = "${hyprspace}/bin/hyprspace up hyprspace -f -c ${runConfig}";
|
||||
ExecStop = "${hyprspace}/bin/hyprspace down hyprspace";
|
||||
};
|
||||
};
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [ listenPort ];
|
||||
allowedUDPPorts = [ listenPort ];
|
||||
trustedInterfaces = [ "hyprspace" ];
|
||||
};
|
||||
networking.networkmanager.dispatcherScripts = [{
|
||||
source = pkgs.writeShellScript "hyprspace-reconnect.sh" ''
|
||||
[[ "$2" != "up" ]] && exit 0
|
||||
PATH=${pkgs.systemd}/bin:$PATH
|
||||
case $1 in
|
||||
wl*|en*)
|
||||
systemctl reload-or-restart --no-block hyprspace.service;;
|
||||
if systemctl is-active hyprspace.service; then
|
||||
${builtins.concatStringsSep "\n" (map (peer: "/run/wrappers/bin/ping -qnA -c3 -W1 ${peer} && exit") (builtins.attrNames peers))}
|
||||
fi
|
||||
systemctl restart --no-block hyprspace.service;;
|
||||
esac
|
||||
exit 0
|
||||
'';
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
services.kanidm = {
|
||||
enableClient = true;
|
||||
clientSettings = {
|
||||
uri = "https://idm.privatevoid.net";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = let
|
||||
idmAlias = pkgs.runCommand "kanidm-idm-alias" {} ''
|
||||
mkdir -p $out/bin
|
||||
ln -s ${pkgs.kanidm}/bin/kanidm $out/bin/idm
|
||||
mkdir -p $out/share/bash-completion/completions
|
||||
cat >$out/share/bash-completion/completions/idm.bash <<EOF
|
||||
source ${pkgs.kanidm}/share/bash-completion/completions/kanidm.bash
|
||||
complete -F _kanidm -o bashdefault -o default idm
|
||||
EOF
|
||||
mkdir -p $out/share/zsh/site-functions
|
||||
cp ${pkgs.kanidm}/share/zsh/site-functions/_kanidm $out/share/zsh/site-functions/_idm
|
||||
substituteInPlace $out/share/zsh/site-functions/_idm --replace kanidm idm
|
||||
'';
|
||||
in [ idmAlias ];
|
||||
}
|
|
@ -1,15 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
mkTracer = name: target: exe: lib.getExe (pkgs.writeShellScriptBin name ''
|
||||
echo "PID $PPID executed ${target}" |& ${config.systemd.package}/bin/systemd-cat --identifier=impurity >/dev/null 2>/dev/null
|
||||
exec -a "$0" '${exe}' "$@"
|
||||
'');
|
||||
in
|
||||
|
||||
{
|
||||
environment = {
|
||||
usrbinenv = mkTracer "env" "/usr/bin/env" "${pkgs.coreutils}/bin/env";
|
||||
binsh = mkTracer "sh" "/bin/sh" "${pkgs.bashInteractive}/bin/sh";
|
||||
};
|
||||
}
|
60
modules/ipfs-lain/default.nix
Normal file
60
modules/ipfs-lain/default.nix
Normal file
|
@ -0,0 +1,60 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.ipfs;
|
||||
ipfsApi = pkgs.writeTextDir "api" "/ip4/127.0.0.1/tcp/5001";
|
||||
in {
|
||||
services.ipfs = {
|
||||
enable = true;
|
||||
localDiscovery = true;
|
||||
autoMount = true;
|
||||
startWhenNeeded = false;
|
||||
enableGC = true;
|
||||
extraFlags = [ "--enable-pubsub-experiment" "--enable-namesys-pubsub" ];
|
||||
extraConfig = {
|
||||
Bootstrap = [
|
||||
"/ip4/95.216.8.12/tcp/4001/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo"
|
||||
"/ip4/51.38.87.150/tcp/4001/p2p/12D3KooWDUgNsoLVauCDpRAo54mc4whoBudgeXQnZZK2iVYhBLCN"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.ipfs.environment.LIBP2P_FORCE_PNET = "1";
|
||||
systemd.sockets = {
|
||||
ipfs-api.enable = false;
|
||||
ipfs-gateway.enable = false;
|
||||
};
|
||||
|
||||
environment = {
|
||||
variables.IPFS_PATH = lib.mkForce "${ipfsApi}";
|
||||
shellAliases = {
|
||||
ipfs-admin = "doas -u ${cfg.user} env IPFS_PATH=${cfg.dataDir} ipfs";
|
||||
f = "ipfs files";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 4001 ];
|
||||
|
||||
environment.systemPackages = lib.singleton (pkgs.writeShellScriptBin "share" ''
|
||||
PATH=${cfg.package}/bin:$PATH
|
||||
set -e
|
||||
cid=$(ipfs add -Qrp --pin=false "$@")
|
||||
test -n $cid || exit 0
|
||||
echo -e "\n\n IPFS path: /ipfs/$cid"
|
||||
echo -e " Web link: https://$(ipfs cid base32 $cid).ipfs.privatevoid.net\n"
|
||||
'');
|
||||
networking.networkmanager.dispatcherScripts = [{
|
||||
source = pkgs.writeShellScript "nm-ipfs-reconnect.sh" ''
|
||||
[[ "$2" != "up" ]] && exit 0
|
||||
PATH=${pkgs.systemd}/bin:${pkgs.findutils}/bin:${cfg.package}/bin:$PATH
|
||||
export IPFS_PATH=${ipfsApi}
|
||||
systemctl is-active ipfs.service || exit 0
|
||||
case $1 in
|
||||
wl*|en*)
|
||||
ipfs swarm peers | xargs -P4 -n1 timeout 3 ipfs swarm disconnect
|
||||
ipfs bootstrap | xargs -P4 -n1 timeout 10 ipfs swarm connect
|
||||
esac
|
||||
exit 0
|
||||
'';
|
||||
type = "basic";
|
||||
}];
|
||||
}
|
|
@ -1,197 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.services.kubo;
|
||||
ipfsApi = pkgs.writeTextDir "api" "/ip4/127.0.0.1/tcp/5001";
|
||||
peeringPeers = [
|
||||
{
|
||||
ID = "Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo";
|
||||
Addrs = [
|
||||
"/ip4/95.216.8.12/udp/110/quic"
|
||||
"/ip4/95.216.8.12/tcp/110"
|
||||
];
|
||||
}
|
||||
{
|
||||
ID = "12D3KooWQWsHPUUeFhe4b6pyCaD1hBoj8j6Z7S7kTznRTh1p1eVt";
|
||||
Addrs = [
|
||||
"/ip4/152.67.79.222/udp/110/quic"
|
||||
"/ip4/152.67.79.222/tcp/110"
|
||||
];
|
||||
}
|
||||
];
|
||||
in {
|
||||
services.kubo = {
|
||||
enable = true;
|
||||
localDiscovery = true;
|
||||
autoMount = true;
|
||||
startWhenNeeded = false;
|
||||
enableGC = true;
|
||||
extraFlags = [ "--enable-pubsub-experiment" "--enable-namesys-pubsub" ];
|
||||
settings = {
|
||||
Addresses = {
|
||||
Swarm = [
|
||||
"/ip4/0.0.0.0/tcp/4001"
|
||||
"/ip4/0.0.0.0/tcp/110"
|
||||
"/ip4/0.0.0.0/udp/4001/quic"
|
||||
"/ip4/0.0.0.0/udp/110/quic"
|
||||
];
|
||||
API = "/ip4/127.0.0.1/tcp/5001";
|
||||
};
|
||||
Peering.Peers = peeringPeers;
|
||||
Bootstrap = (lib.flatten (map (p: map (a: "${a}/p2p/${p.ID}") p.Addrs) peeringPeers)) ++ [
|
||||
"/dnsaddr/bootstrap.libp2p.io/p2p/12D3KooWEZXjE41uU4EL2gpkAQeDXYok6wghN7wwNVPF5bwkaNfS"
|
||||
"/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt"
|
||||
"/dnsaddr/bootstrap.libp2p.io/p2p/QmZa1sAxajnQjVM8WjWXoMbmPd7NsWhfKsPkErzpm9wGkp"
|
||||
"/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN"
|
||||
"/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb"
|
||||
"/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa"
|
||||
];
|
||||
Datastore = {
|
||||
BloomFilterSize = 0;
|
||||
GCPeriod = "1h";
|
||||
HashOnRead = false;
|
||||
NoSync = true;
|
||||
Spec = {
|
||||
mounts = [];
|
||||
child = {
|
||||
path = "badgerds";
|
||||
syncWrites = false;
|
||||
truncate = true;
|
||||
type = "badgerds";
|
||||
};
|
||||
prefix = "badger.datastore";
|
||||
type = "measure";
|
||||
};
|
||||
StorageGCWatermark = 90;
|
||||
StorageMax = "200GB";
|
||||
};
|
||||
Routing = {
|
||||
Type = "custom";
|
||||
Routers = {
|
||||
LanDHT = {
|
||||
Type = "dht";
|
||||
Parameters = {
|
||||
Mode = "auto";
|
||||
PublicIPNetwork = false;
|
||||
AcceleratedDHTClient = false;
|
||||
};
|
||||
};
|
||||
WanDHT = {
|
||||
Type = "dht";
|
||||
Parameters = {
|
||||
Mode = "auto";
|
||||
PublicIPNetwork = true;
|
||||
AcceleratedDHTClient = false;
|
||||
};
|
||||
};
|
||||
CidContact = {
|
||||
Type = "http";
|
||||
Parameters.Endpoint = "https://cid.contact";
|
||||
};
|
||||
PrivateVoid = {
|
||||
Type = "http";
|
||||
Parameters.Endpoint = "https://p2p.privatevoid.net";
|
||||
};
|
||||
AllDHT = {
|
||||
Type = "parallel";
|
||||
Parameters.Routers = [
|
||||
{
|
||||
RouterName = "WanDHT";
|
||||
IgnoreErrors = false;
|
||||
Timeout = "30s";
|
||||
}
|
||||
{
|
||||
RouterName = "LanDHT";
|
||||
IgnoreErrors = false;
|
||||
Timeout = "10s";
|
||||
}
|
||||
];
|
||||
};
|
||||
Parallel = {
|
||||
Type = "parallel";
|
||||
Parameters.Routers = [
|
||||
{
|
||||
RouterName = "WanDHT";
|
||||
IgnoreErrors = false;
|
||||
Timeout = "30s";
|
||||
}
|
||||
{
|
||||
RouterName = "LanDHT";
|
||||
IgnoreErrors = false;
|
||||
Timeout = "10s";
|
||||
}
|
||||
{
|
||||
RouterName = "CidContact";
|
||||
IgnoreErrors = true;
|
||||
Timeout = "10s";
|
||||
ExecuteAfter = "3s";
|
||||
}
|
||||
{
|
||||
RouterName = "PrivateVoid";
|
||||
IgnoreErrors = true;
|
||||
Timeout = "5s";
|
||||
ExecuteAfter = "200ms";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
Methods = {
|
||||
find-peers.RouterName = "Parallel";
|
||||
find-providers.RouterName = "Parallel";
|
||||
get-ipns.RouterName = "Parallel";
|
||||
put-ipns.RouterName = "Parallel";
|
||||
provide.RouterName = "AllDHT";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.ipfs = {
|
||||
serviceConfig = {
|
||||
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||
ReadWritePaths = lib.mkForce [ ];
|
||||
};
|
||||
};
|
||||
systemd.sockets = {
|
||||
ipfs-api.enable = false;
|
||||
ipfs-gateway.enable = false;
|
||||
};
|
||||
|
||||
environment = {
|
||||
variables.IPFS_PATH = lib.mkForce "${ipfsApi}";
|
||||
shellAliases = {
|
||||
ipfs-admin = "doas -u ${cfg.user} env IPFS_PATH=${cfg.dataDir} ipfs";
|
||||
f = "ipfs files";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 110 4001 ];
|
||||
|
||||
environment.systemPackages = lib.singleton (pkgs.writeShellScriptBin "share" ''
|
||||
PATH=${cfg.package}/bin:$PATH
|
||||
set -e
|
||||
cid=$(ipfs add -Qrp --pin=false "$@")
|
||||
test -n $cid || exit 0
|
||||
echo -e "\n\n IPFS path: /ipfs/$cid"
|
||||
b32=$(ipfs cid base32 $cid)
|
||||
echo -e " Web link: https://$b32.ipfs.privatevoid.net"
|
||||
echo -e " Web link: https://$b32.ipfs.dweb.link"
|
||||
echo -e " Web link: https://privatevoid.net/ipfs/$cid"
|
||||
echo -e " Web link: https://ipfs.io/ipfs/$cid"
|
||||
echo -e " Web link: https://cloudflare-ipfs.com/ipfs/$cid\n"
|
||||
'');
|
||||
networking.networkmanager.dispatcherScripts = [{
|
||||
source = pkgs.writeShellScript "nm-ipfs-reconnect.sh" ''
|
||||
[[ "$2" != "up" ]] && exit 0
|
||||
PATH=${pkgs.systemd}/bin:${pkgs.findutils}/bin:${cfg.package}/bin:$PATH
|
||||
export IPFS_PATH=${ipfsApi}
|
||||
systemctl is-active ipfs.service || exit 0
|
||||
case $1 in
|
||||
wl*|en*)
|
||||
ipfs swarm peers | xargs -P4 -n1 timeout 3 ipfs swarm disconnect
|
||||
ipfs bootstrap | xargs -P4 -n1 timeout 10 ipfs swarm connect
|
||||
esac
|
||||
exit 0
|
||||
'';
|
||||
type = "basic";
|
||||
}];
|
||||
}
|
|
@ -1,15 +1,36 @@
|
|||
{ lib, ... }:
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
programs.dconf.profiles.gdm.databases = [
|
||||
{
|
||||
settings."org/gnome/desktop/peripherals/touchpad" = {
|
||||
edge-scrolling-enabled = false;
|
||||
natural-scroll = false;
|
||||
speed= lib.gvariant.mkDouble 0.375;
|
||||
tap-to-click = true;
|
||||
two-finger-scrolling-enabled = true;
|
||||
programs.dconf.profiles.gdm = lib.mkForce (let
|
||||
customDconf = pkgs.writeTextFile {
|
||||
name = "gdm-dconf-touchpad";
|
||||
destination = "/dconf/gdm-custom";
|
||||
text = ''
|
||||
[org/gnome/desktop/peripherals/touchpad]
|
||||
edge-scrolling-enabled=false
|
||||
natural-scroll=false
|
||||
speed=0.375
|
||||
tap-to-click=true
|
||||
two-finger-scrolling-enabled=true
|
||||
'';
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
customDconfDb = pkgs.stdenv.mkDerivation {
|
||||
name = "gdm-dconf-db";
|
||||
buildCommand = ''
|
||||
${pkgs.dconf}/bin/dconf compile $out ${customDconf}/dconf
|
||||
'';
|
||||
};
|
||||
in pkgs.stdenv.mkDerivation {
|
||||
name = "dconf-gdm-profile";
|
||||
buildCommand = with { gdm = pkgs.gnome.gdm; }; ''
|
||||
# Check that the GDM profile starts with what we expect.
|
||||
if [ $(head -n 1 ${gdm}/share/dconf/profile/gdm) != "user-db:user" ]; then
|
||||
echo "GDM dconf profile changed, please update gdm.nix"
|
||||
exit 1
|
||||
fi
|
||||
# Insert our custom DB behind it.
|
||||
sed '2ifile-db:${customDconfDb}' ${gdm}/share/dconf/profile/gdm > $out
|
||||
'';
|
||||
});
|
||||
}
|
||||
|
|
|
@ -1,31 +1,22 @@
|
|||
{ config, inputs, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking.useDHCP = false;
|
||||
|
||||
networking.networkmanager = {
|
||||
dns = "systemd-resolved";
|
||||
enableStrongSwan = false;
|
||||
settings.connectivity = {
|
||||
url = "http://whoami.privatevoid.net/online";
|
||||
respone = "CONNECTED_GLOBAL";
|
||||
interval = 120;
|
||||
};
|
||||
extraConfig = ''
|
||||
[connectivity]
|
||||
uri=http://whoami.privatevoid.net/online
|
||||
response=CONNECTED_GLOBAL
|
||||
interval=120
|
||||
'';
|
||||
};
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
fallbackDns = [
|
||||
"95.216.8.12#securedns.privatevoid.net"
|
||||
"152.67.73.164#securedns.privatevoid.net"
|
||||
"10.1.0.1"
|
||||
];
|
||||
fallbackDns = [ "10.1.0.1" ];
|
||||
llmnr = "true";
|
||||
dnssec = "false";
|
||||
extraConfig = ''
|
||||
Cache=no-negative
|
||||
DNSOverTLS=opportunistic
|
||||
DNS=${builtins.concatStringsSep " " config.services.resolved.fallbackDns}
|
||||
'';
|
||||
extraConfig = "Cache=no-negative";
|
||||
};
|
||||
networking.firewall = let
|
||||
ports = [
|
||||
|
@ -35,12 +26,4 @@
|
|||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
|
||||
boot.extraModulePackages = [
|
||||
(inputs.self.packages.${pkgs.system}.evil.override {
|
||||
inherit (config.boot.kernelPackages) kernel;
|
||||
})
|
||||
];
|
||||
|
||||
boot.kernelModules = [ "evil" ];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,15 @@
|
|||
{ pkgs, ... }:
|
||||
{ pkgs, config, ... }:
|
||||
{
|
||||
# expose nextcloud client into the environment
|
||||
environment.systemPackages = [ pkgs.nextcloud-client ];
|
||||
|
||||
systemd.user.services.nextcloud = {
|
||||
description = "Nextcloud Client Service";
|
||||
wantedBy = [ "gnome-session.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.nextcloud-client}/bin/nextcloud --background";
|
||||
Restart = "always";
|
||||
Slice = "background.slice";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
{ pkgs, lib, config, inputs, ... }:
|
||||
{ pkgs, lib, config, inputs, ... }@args:
|
||||
let
|
||||
builder = {
|
||||
systems = [ "x86_64-linux" "i686-linux" ];
|
||||
speedFactor = 4;
|
||||
supportedFeatures = [ "benchmark" "nixos-test" ];
|
||||
sshKey = config.age.secrets.nixBuilderKey.path;
|
||||
protocol = "ssh-ng";
|
||||
};
|
||||
bigBuilder = builder // {
|
||||
speedFactor = 16;
|
||||
|
@ -18,7 +17,7 @@ in {
|
|||
};
|
||||
nixpkgs.overlays = [
|
||||
(self: super: {
|
||||
nixSuper = inputs.nix-super.packages.x86_64-linux.default;
|
||||
nixSuper = inputs.nix-super.defaultPackage.x86_64-linux;
|
||||
})
|
||||
];
|
||||
nix = {
|
||||
|
@ -30,10 +29,13 @@ in {
|
|||
|
||||
substituters = [
|
||||
"https://cache.privatevoid.net"
|
||||
"https://max.cachix.org?priority=100"
|
||||
"https://reflex.privatevoid.net?priority=90"
|
||||
];
|
||||
|
||||
trusted-public-keys = [
|
||||
"cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg="
|
||||
"max.cachix.org-1:oSMQ1zYLR8H4L17hfe6ETlI/d+VeiBykB8PbBdPtDJw="
|
||||
];
|
||||
|
||||
};
|
||||
|
@ -56,15 +58,15 @@ in {
|
|||
distributedBuilds = true;
|
||||
|
||||
buildMachines = [
|
||||
(builder // {
|
||||
sshUser = "nix";
|
||||
hostName = "prophet.node.privatevoid.net";
|
||||
systems = [ "aarch64-linux" ];
|
||||
(bigBuilder // {
|
||||
sshUser = "nixbuilder";
|
||||
hostName = "animus.com";
|
||||
maxJobs = 4;
|
||||
})
|
||||
] ++
|
||||
(lib.optional (config.networking.hostName != "TITAN") (bigBuilder // {
|
||||
sshUser = "nix";
|
||||
hostName = "titan.hyprspace";
|
||||
hostName = "titan.hypr";
|
||||
speedFactor = 12;
|
||||
maxJobs = 12;
|
||||
}));
|
||||
|
|
|
@ -18,6 +18,17 @@ with inputs;
|
|||
};
|
||||
default.flake = nixpkgs;
|
||||
home-manager.flake = home-manager;
|
||||
vim.flake = let
|
||||
nixpkgsSelfLock = lib.importJSON "${self}/flake.lock";
|
||||
vimLock = lib.importJSON "${modular-nvim}/flake.lock";
|
||||
patchedLock = lib.recursiveUpdate vimLock { nodes.nixpkgs.locked = (nixpkgsSelfLock.nodes.nixpkgs.locked); };
|
||||
patchedLockFile = pkgs.writeText "patched-flake.lock" (builtins.toJSON patchedLock);
|
||||
in pkgs.runCommand "vim-flake" {} ''
|
||||
cp -vr ${modular-nvim} $out
|
||||
chmod +w $out
|
||||
rm $out/flake.lock
|
||||
cp -v ${patchedLockFile} $out/flake.lock
|
||||
'';
|
||||
templates.to = {
|
||||
owner = "max";
|
||||
repo = "flake-templates";
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
}
|
||||
];
|
||||
|
||||
services.kubo.dataDir = "/srv/data/ipfs";
|
||||
services.ipfs.dataDir = "/persist/ipfs";
|
||||
services.lidarr.dataDir = "/persist/db/lidarr";
|
||||
services.jackett.dataDir = "/persist/db/jackett";
|
||||
|
||||
|
|
|
@ -10,11 +10,6 @@ let
|
|||
] ++ [
|
||||
"source ${pkgs.fzf}/share/fzf/key-bindings.zsh"
|
||||
"ZSH_HIGHLIGHT_DIRS_BLACKLIST=(/* /ipfs /ipns)"
|
||||
''
|
||||
command_not_found_handler() {
|
||||
${pkgs.comma}/bin/comma "$@"
|
||||
}
|
||||
''
|
||||
];
|
||||
in {
|
||||
environment.shellAliases = {
|
||||
|
@ -27,13 +22,13 @@ in {
|
|||
sudo = "sudo ";
|
||||
tree = "lsd --tree";
|
||||
uctl = "systemctl --user";
|
||||
vim = "hx";
|
||||
vim = "nvim";
|
||||
nvr = "nvr --servername /tmp/nvim-remote-$USER --remote-tab";
|
||||
nix-repl = "nix repl '<repl>'";
|
||||
# thanks gytis
|
||||
manix-view = ''manix "" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --ansi --preview="manix '{}' | sed 's/type: /> type: /g' | bat -l Markdown --color=always --plain"'';
|
||||
};
|
||||
programs = {
|
||||
command-not-found.enable = false;
|
||||
zsh = {
|
||||
enable = true;
|
||||
histFile = "$HOME/.cache/zsh_history";
|
||||
|
@ -53,7 +48,6 @@ in {
|
|||
"interactivecomments"
|
||||
"monitor"
|
||||
"nobadpattern"
|
||||
"nonomatch"
|
||||
"promptsubst"
|
||||
"sharehistory"
|
||||
"zle"
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
|
@ -7,14 +8,18 @@
|
|||
pulse.enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
jack.enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
# KXStudio stuff
|
||||
cadence
|
||||
carla
|
||||
|
||||
jack_oscrolloscope
|
||||
jack_rack
|
||||
jackmeter
|
||||
qjackctl
|
||||
|
||||
# Audio plugins
|
||||
|
@ -23,12 +28,16 @@
|
|||
artyFX
|
||||
calf
|
||||
distrho
|
||||
guitarix
|
||||
helm
|
||||
infamousPlugins
|
||||
ingen
|
||||
kapitonov-plugins-pack
|
||||
ladspaPlugins
|
||||
lv2
|
||||
metersLv2
|
||||
noise-repellent
|
||||
rakarrack
|
||||
rkrlv2
|
||||
sorcer
|
||||
swh_lv2
|
||||
|
@ -44,11 +53,5 @@
|
|||
VST_PATH = "/run/current-system/sw/lib/vst";
|
||||
};
|
||||
|
||||
desktop.hiddenApps = [
|
||||
"carla-control.desktop"
|
||||
"carla-jack-multi.desktop"
|
||||
"carla-jack-single.desktop"
|
||||
"carla-patchbay.desktop"
|
||||
"carla-rack.desktop"
|
||||
];
|
||||
|
||||
}
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
rules = pkgs.writeTextDir "etc/udev/rules.d/70-xr.rules" ''
|
||||
# Xreal Air 2 Pro
|
||||
ATTRS{idVendor}=="3318", ATTRS{idProduct}=="0432", TAG+="uaccess"
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
services.udev.packages = [ rules ];
|
||||
}
|
|
@ -1,68 +0,0 @@
|
|||
{ stdenv
|
||||
, desktop-file-utils
|
||||
, meson
|
||||
, ninja
|
||||
, gettext
|
||||
, pkg-config
|
||||
, gtk4
|
||||
, gtksourceview5
|
||||
, gobject-introspection
|
||||
, wrapGAppsHook4
|
||||
, fetchFromGitHub
|
||||
, gjs
|
||||
, blueprint-compiler
|
||||
, libadwaita
|
||||
, libsecret
|
||||
, libsoup_3
|
||||
, libportal-gtk4
|
||||
}:
|
||||
|
||||
|
||||
let
|
||||
troll = fetchFromGitHub {
|
||||
owner = "sonnyp";
|
||||
repo = "troll";
|
||||
rev = "12a42a5afc8c6c26d3d782ea75b1e1372a0e8f36";
|
||||
hash = "sha256-e9C9Du5j7tEy/q/OhbfCU7DD3Oe6Hnq1xcFYablBipw=";
|
||||
};
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "forge-sparks";
|
||||
version = "0.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rafaelmardojai";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
hash = "sha256-BxC5BqwSDuLBwG4a5/0pntuHhW05xDsmzO7yMQKi/vI=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
rmdir troll
|
||||
cp -r ${troll} troll
|
||||
chmod +w -R troll
|
||||
patchShebangs troll/gjspack/bin
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
gettext
|
||||
meson
|
||||
ninja
|
||||
pkg-config
|
||||
wrapGAppsHook4
|
||||
blueprint-compiler
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
gjs
|
||||
gtk4
|
||||
gtksourceview5
|
||||
libadwaita
|
||||
gobject-introspection
|
||||
libsecret
|
||||
libsoup_3
|
||||
libportal-gtk4
|
||||
];
|
||||
}
|
|
@ -7,8 +7,6 @@
|
|||
, gettext
|
||||
, python3
|
||||
, rustPlatform
|
||||
, rustc
|
||||
, cargo
|
||||
, pkg-config
|
||||
, glib
|
||||
, libhandy
|
||||
|
@ -43,9 +41,9 @@ stdenv.mkDerivation rec {
|
|||
ninja
|
||||
pkg-config
|
||||
python3
|
||||
cargo
|
||||
rustPlatform.rust.cargo
|
||||
rustPlatform.cargoSetupHook
|
||||
rustc
|
||||
rustPlatform.rust.rustc
|
||||
wrapGAppsHook
|
||||
glib
|
||||
];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ stdenv
|
||||
{ lib, stdenv
|
||||
, desktop-file-utils
|
||||
, fetchFromGitLab
|
||||
, nix-update-script
|
||||
|
@ -7,8 +7,6 @@
|
|||
, gettext
|
||||
, python3
|
||||
, rustPlatform
|
||||
, rustc
|
||||
, cargo
|
||||
, pkg-config
|
||||
, glib
|
||||
, libadwaita
|
||||
|
@ -21,20 +19,20 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "obfuscate";
|
||||
version = "0.0.9";
|
||||
version = "0.0.4";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.gnome.org";
|
||||
owner = "World";
|
||||
repo = "obfuscate";
|
||||
rev = version;
|
||||
sha256 = "sha256-aUhzact437V/bSsG2Ddu2mC03LbyXFg+hJiuGy5NQfQ=";
|
||||
sha256 = "sha256-P8Y2Eizn1BMZXuFjGMXF/3oAUzI8ZNTrnbLyU+V6uk4=";
|
||||
};
|
||||
|
||||
cargoDeps = rustPlatform.fetchCargoTarball {
|
||||
inherit src;
|
||||
name = "${pname}-${version}";
|
||||
hash = "sha256-O/Bg8b5ZEId3PNebd19TIrFvyb0yngtKuMNJlM8M5Fg=";
|
||||
hash = "sha256-eKXVN3PHgeLeG4qxh30VhyMX0FMOO/ZlZ8trUGIs2sc=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -44,9 +42,9 @@ stdenv.mkDerivation rec {
|
|||
ninja
|
||||
pkg-config
|
||||
python3
|
||||
cargo
|
||||
rustPlatform.rust.cargo
|
||||
rustPlatform.cargoSetupHook
|
||||
rustc
|
||||
rustPlatform.rust.rustc
|
||||
wrapGAppsHook
|
||||
glib
|
||||
];
|
||||
|
|
|
@ -1,32 +0,0 @@
|
|||
By default, commit displays something along of "git config core.editors /nix/store/[...]/bin/re.sonny.Commit"
|
||||
as command to set it as git editor. Since this would break on upgrades, just use the non-versioned binary
|
||||
diff --git a/src/welcome.js b/src/welcome.js
|
||||
index c410e2d..62e46ba 100644
|
||||
--- a/src/welcome.js
|
||||
+++ b/src/welcome.js
|
||||
@@ -70,24 +70,7 @@ export default function Welcome({ application }) {
|
||||
}
|
||||
|
||||
function getCommand() {
|
||||
- const FLATPAK_ID = GLib.getenv("FLATPAK_ID");
|
||||
- const { programInvocationName } = system;
|
||||
-
|
||||
- if (FLATPAK_ID) {
|
||||
- return `flatpak run --file-forwarding ${FLATPAK_ID} @@`;
|
||||
- }
|
||||
-
|
||||
- // re.sonny.Commit
|
||||
- if (programInvocationName === GLib.path_get_basename(programInvocationName)) {
|
||||
- return programInvocationName;
|
||||
- }
|
||||
-
|
||||
- // ./re.sonny.commit
|
||||
- // /home/sonny/re.sonny.Commit
|
||||
- return GLib.canonicalize_filename(
|
||||
- programInvocationName,
|
||||
- GLib.get_current_dir(),
|
||||
- );
|
||||
+ return "re.sonny.Commit";
|
||||
}
|
||||
|
||||
function getRange(key) {
|
|
@ -1,64 +0,0 @@
|
|||
{ stdenv
|
||||
, lib
|
||||
, desktop-file-utils
|
||||
, meson
|
||||
, ninja
|
||||
, gettext
|
||||
, pkg-config
|
||||
, gtk4
|
||||
, gtksourceview5
|
||||
, gobject-introspection
|
||||
, wrapGAppsHook4
|
||||
, fetchFromGitHub
|
||||
, gjs
|
||||
, libadwaita
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "commit";
|
||||
version = "3.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sonnyp";
|
||||
repo = "Commit";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-nnjHuE7MzCuoPfCb4MA00BIzLPbhgR6mbeWYagmNjME=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./always-use-latest.patch
|
||||
];
|
||||
|
||||
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
gettext
|
||||
meson
|
||||
ninja
|
||||
pkg-config
|
||||
wrapGAppsHook4
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
gjs
|
||||
gtk4
|
||||
gtksourceview5
|
||||
libadwaita
|
||||
gobject-introspection
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace src/re.sonny.Commit \
|
||||
--replace "/usr/bin/env -S gjs" ${gjs}/bin/gjs
|
||||
'';
|
||||
|
||||
dontPatchShebangs = true;
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://commit.sonny.re/";
|
||||
description = "Commit message editor";
|
||||
maintainers = [ maintainers.Cogitri ];
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
2658
packages/apps/tubefeeder/Cargo.lock
generated
2658
packages/apps/tubefeeder/Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -1,60 +0,0 @@
|
|||
{ stdenv
|
||||
, desktop-file-utils
|
||||
, fetchFromGitLab
|
||||
, gettext
|
||||
, glib
|
||||
, gtk4
|
||||
, libadwaita
|
||||
, meson
|
||||
, ninja
|
||||
, openssl
|
||||
, pkg-config
|
||||
, python3
|
||||
, rustPlatform
|
||||
, rustc
|
||||
, cargo
|
||||
, wrapGAppsHook
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "pipeline";
|
||||
version = "1.14.5";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
owner = "schmiddi-on-mobile";
|
||||
repo = "pipeline";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-C5mFOYYrm8e2zlac7qclhpONKuqdvqfwT74gSX28VPs=";
|
||||
};
|
||||
|
||||
cargoDeps = rustPlatform.importCargoLock {
|
||||
lockFile = ./Cargo.lock;
|
||||
outputHashes = {
|
||||
"tf_core-0.1.4" = "sha256-yOuvHLyX/qUJSs62VbripKwIEoErsPu9rzbKMdndvmc=";
|
||||
};
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
gettext
|
||||
meson
|
||||
ninja
|
||||
pkg-config
|
||||
python3
|
||||
cargo
|
||||
rustPlatform.cargoSetupHook
|
||||
rustc
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
glib
|
||||
gtk4
|
||||
libadwaita
|
||||
openssl
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs build-aux/meson_post_install.py
|
||||
'';
|
||||
}
|
|
@ -1,64 +0,0 @@
|
|||
{ lib, stdenv
|
||||
, cryfs
|
||||
, desktop-file-utils
|
||||
, fetchFromGitHub
|
||||
, gettext
|
||||
, glib
|
||||
, gtk4
|
||||
, libadwaita
|
||||
, meson
|
||||
, ninja
|
||||
, pkg-config
|
||||
, python3
|
||||
, rustPlatform
|
||||
, rustc
|
||||
, cargo
|
||||
, wrapGAppsHook
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "vaults";
|
||||
version = "0.6.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mpobaschnig";
|
||||
repo = "Vaults";
|
||||
rev = version;
|
||||
sha256 = "sha256-1WxzE3sH4QpUU13mTLjYt1zMUgAQ+OA7J5j4pwG9oWo=";
|
||||
};
|
||||
|
||||
cargoDeps = rustPlatform.fetchCargoTarball {
|
||||
inherit src;
|
||||
name = "${pname}-${version}";
|
||||
hash = "sha256-uUO7l+B/6I+XxEb0xxBynq9CC8ixRAvdJ2HWTCVyeQM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
gettext
|
||||
meson
|
||||
ninja
|
||||
pkg-config
|
||||
python3
|
||||
cargo
|
||||
rustPlatform.cargoSetupHook
|
||||
rustc
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
glib
|
||||
gtk4
|
||||
libadwaita
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs build-aux/meson_post_install.py
|
||||
'';
|
||||
|
||||
preFixup = ''
|
||||
gappsWrapperArgs+=(
|
||||
--prefix PATH ":" "${lib.makeBinPath [ cryfs ]}"
|
||||
);
|
||||
'';
|
||||
}
|
|
@ -1,52 +0,0 @@
|
|||
{ fetchFromGitHub
|
||||
, meson, pkg-config, ninja
|
||||
, python3
|
||||
, glib, appstream-glib , desktop-file-utils
|
||||
, gobject-introspection, gtk4, libadwaita
|
||||
, wrapGAppsHook
|
||||
, gnome
|
||||
, gtksourceview5
|
||||
, libsoup_3
|
||||
}:
|
||||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "webfont-kit-generator";
|
||||
version = "1.0.3";
|
||||
format = "other";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rafaelmardojai";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-aD/1moWIiU4zpLTW+VHH9n/sj10vCZ8UzB2ey3mR0/k=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
meson
|
||||
pkg-config
|
||||
ninja
|
||||
appstream-glib
|
||||
desktop-file-utils
|
||||
gobject-introspection
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
glib
|
||||
gtk4
|
||||
libadwaita
|
||||
gtksourceview5
|
||||
libsoup_3
|
||||
gnome.adwaita-icon-theme
|
||||
];
|
||||
|
||||
propagatedBuildInputs = with python3.pkgs; [
|
||||
pygobject3
|
||||
fonttools
|
||||
brotli
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs build-aux/meson/postinstall.py
|
||||
'';
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
{ fetchurl }:
|
||||
|
||||
fetchurl {
|
||||
url =
|
||||
"https://export.privatevoid.net/Certificates/PRIVATEVOID.NET__Private_Void_Smart_Card_Authority-bundle-s12.pem";
|
||||
sha256 = "3939eb6512e5675bb27028f9bf9892dbb1d1a60b014f4537f8d2b6180deece68";
|
||||
}
|
|
@ -8,5 +8,17 @@
|
|||
}:
|
||||
|
||||
{
|
||||
|
||||
shinobi.directory-patches = {
|
||||
patches = [
|
||||
./shinobi/0001-packageDirectory.patch
|
||||
./shinobi/0002-use-packageDirectory-for-languages.patch
|
||||
./shinobi/0003-use-s.location.languages.patch
|
||||
./shinobi/0004-use-packageDirectory-for-folders.patch
|
||||
./shinobi/0005-use-packageDirectory-for-definitions.patch
|
||||
./shinobi/0006-use-packageDirectory-for-web-server-paths.patch
|
||||
./shinobi/0007-remove-terminalCommands.patch
|
||||
./shinobi/0008-disable-subscription-bullshit.patch
|
||||
./shinobi/0009-remove-updater-logic.patch
|
||||
];
|
||||
};
|
||||
}
|
|
@ -0,0 +1,28 @@
|
|||
From 033c0a2889ec62ffbb3c489676fb315b3780ba60 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:15:23 +0100
|
||||
Subject: [PATCH 1/9] packageDirectory
|
||||
|
||||
---
|
||||
libs/process.js | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libs/process.js b/libs/process.js
|
||||
index 9f3852e..b19384a 100644
|
||||
--- a/libs/process.js
|
||||
+++ b/libs/process.js
|
||||
@@ -30,8 +30,10 @@ module.exports = function(process,__dirname){
|
||||
isWin : (process.platform === 'win32' || process.platform === 'win64'),
|
||||
//UTC Offset
|
||||
utcOffset : require('moment')().utcOffset(),
|
||||
- //directory path for this file
|
||||
+ //directory path for cwd
|
||||
mainDirectory : process.cwd(),
|
||||
+ //directory path for this file
|
||||
+ packageDirectory : require('path').resolve(__dirname),
|
||||
//time start
|
||||
timeStarted : new Date()
|
||||
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
From 955e63a2f2cd13b84fb8de1c379b5a7dc98c3dc4 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:19:58 +0100
|
||||
Subject: [PATCH 2/9] use packageDirectory for languages
|
||||
|
||||
---
|
||||
libs/config.js | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libs/config.js b/libs/config.js
|
||||
index 27dae08..e2c8dae 100644
|
||||
--- a/libs/config.js
|
||||
+++ b/libs/config.js
|
||||
@@ -2,7 +2,7 @@ module.exports = function(s){
|
||||
s.location = {
|
||||
super : s.mainDirectory+'/super.json',
|
||||
config : s.mainDirectory+'/conf.json',
|
||||
- languages : s.mainDirectory+'/languages'
|
||||
+ languages : s.packageDirectory+'/languages'
|
||||
}
|
||||
try{
|
||||
var config = require(s.location.config)
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
From 585c3b05855e4bf3e2bf059d0fda0a893700d3a0 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:26:44 +0100
|
||||
Subject: [PATCH 3/9] use s.location.languages
|
||||
|
||||
---
|
||||
libs/language.js | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libs/language.js b/libs/language.js
|
||||
index 285d514..3f964b6 100644
|
||||
--- a/libs/language.js
|
||||
+++ b/libs/language.js
|
||||
@@ -16,7 +16,7 @@ module.exports = function(s,config){
|
||||
return Object.assign({},lang)
|
||||
}
|
||||
s.listOfPossibleLanguages = []
|
||||
- fs.readdirSync(s.mainDirectory + '/languages').forEach(function(filename){
|
||||
+ fs.readdirSync(s.location.languages).forEach(function(filename){
|
||||
var name = filename.replace('.json','')
|
||||
s.listOfPossibleLanguages.push({
|
||||
"name": name,
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
From 1f2260eae4be7084e209f07c2316328ed221433e Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:28:48 +0100
|
||||
Subject: [PATCH 4/9] use packageDirectory for folders
|
||||
|
||||
---
|
||||
libs/folders.js | 6 +++---
|
||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/libs/folders.js b/libs/folders.js
|
||||
index 54f9acc..d35d337 100644
|
||||
--- a/libs/folders.js
|
||||
+++ b/libs/folders.js
|
||||
@@ -3,7 +3,7 @@ module.exports = function(s,config,lang){
|
||||
//directories
|
||||
s.group = {}
|
||||
if(!config.windowsTempDir&&s.isWin===true){config.windowsTempDir='C:/Windows/Temp'}
|
||||
- if(!config.defaultMjpeg){config.defaultMjpeg=s.mainDirectory+'/web/libs/img/bg.jpg'}
|
||||
+ if(!config.defaultMjpeg){config.defaultMjpeg=s.packageDirectory+'/web/libs/img/bg.jpg'}
|
||||
//default stream folder check
|
||||
if(!config.streamDir){
|
||||
if(s.isWin === false){
|
||||
@@ -62,7 +62,7 @@ module.exports = function(s,config,lang){
|
||||
value:""
|
||||
}
|
||||
]
|
||||
- fs.readdirSync(s.mainDirectory + '/web/libs/audio').forEach(function(file){
|
||||
+ fs.readdirSync(s.packageDirectory + '/web/libs/audio').forEach(function(file){
|
||||
s.listOfAudioFiles.push({
|
||||
name: file,
|
||||
value: file
|
||||
@@ -75,7 +75,7 @@ module.exports = function(s,config,lang){
|
||||
value:""
|
||||
}
|
||||
]
|
||||
- fs.readdirSync(s.mainDirectory + '/web/libs/themes').forEach(function(folder){
|
||||
+ fs.readdirSync(s.packageDirectory + '/web/libs/themes').forEach(function(folder){
|
||||
s.listOfThemes.push({
|
||||
name: folder,
|
||||
value: folder
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
From 48b276736cf7fbd721dad40b5cabca1fb094b5d9 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:35:04 +0100
|
||||
Subject: [PATCH 5/9] use packageDirectory for definitions
|
||||
|
||||
---
|
||||
libs/definitions.js | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libs/definitions.js b/libs/definitions.js
|
||||
index a58a6e2..d60cad9 100644
|
||||
--- a/libs/definitions.js
|
||||
+++ b/libs/definitions.js
|
||||
@@ -1,7 +1,7 @@
|
||||
var fs = require('fs')
|
||||
var express = require('express')
|
||||
module.exports = function(s,config,lang,app,io){
|
||||
- s.location.definitions = s.mainDirectory+'/definitions'
|
||||
+ s.location.definitions = s.packageDirectory+'/definitions'
|
||||
try{
|
||||
var definitions = require(s.location.definitions+'/'+config.language+'.js')(s,config,lang)
|
||||
}catch(er){
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,64 @@
|
|||
From c700ec6a01cfc99a639484e9045fc4492466c6ee Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:48:34 +0100
|
||||
Subject: [PATCH 6/9] use packageDirectory for web server paths
|
||||
|
||||
---
|
||||
libs/webServerPaths.js | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/libs/webServerPaths.js b/libs/webServerPaths.js
|
||||
index fba78ba..b72aff6 100644
|
||||
--- a/libs/webServerPaths.js
|
||||
+++ b/libs/webServerPaths.js
|
||||
@@ -77,7 +77,7 @@ module.exports = function(s,config,lang,app,io){
|
||||
////Pages
|
||||
app.enable('trust proxy');
|
||||
if(config.webPaths.home !== '/'){
|
||||
- app.use('/libs',express.static(s.mainDirectory + '/web/libs'))
|
||||
+ app.use('/libs',express.static(s.packageDirectory + '/web/libs'))
|
||||
}
|
||||
[
|
||||
[config.webPaths.home,'libs','/web/libs'],
|
||||
@@ -87,7 +87,7 @@ module.exports = function(s,config,lang,app,io){
|
||||
[config.webPaths.admin,'assets','/web/assets'],
|
||||
[config.webPaths.super,'assets','/web/assets'],
|
||||
].forEach((piece) => {
|
||||
- app.use(s.checkCorrectPathEnding(piece[0])+piece[1],express.static(s.mainDirectory + piece[2]))
|
||||
+ app.use(s.checkCorrectPathEnding(piece[0])+piece[1],express.static(s.packageDirectory + piece[2]))
|
||||
})
|
||||
app.use(bodyParser.json());
|
||||
app.use(bodyParser.urlencoded({extended: true}));
|
||||
@@ -95,10 +95,10 @@ module.exports = function(s,config,lang,app,io){
|
||||
res.header("Access-Control-Allow-Origin",'*');
|
||||
next()
|
||||
})
|
||||
- app.set('views', s.mainDirectory + '/web');
|
||||
+ app.set('views', s.packageDirectory + '/web');
|
||||
app.set('view engine','ejs');
|
||||
//add template handler
|
||||
- if(config.renderPaths.handler!==undefined){require(s.mainDirectory+'/web/'+config.renderPaths.handler+'.js').addHandlers(s,app,io,config)}
|
||||
+ if(config.renderPaths.handler!==undefined){require(s.packageDirectory+'/web/'+config.renderPaths.handler+'.js').addHandlers(s,app,io,config)}
|
||||
|
||||
/**
|
||||
* API : Logout
|
||||
@@ -339,7 +339,7 @@ module.exports = function(s,config,lang,app,io){
|
||||
define: s.getDefinitonFile(userInfo.details.lang),
|
||||
addStorage: s.dir.addStorage,
|
||||
fs: fs,
|
||||
- __dirname: s.mainDirectory,
|
||||
+ __dirname: s.packageDirectory,
|
||||
customAutoLoad: s.customAutoLoadTree
|
||||
})
|
||||
break;
|
||||
@@ -1850,6 +1850,6 @@ module.exports = function(s,config,lang,app,io){
|
||||
res.on('finish',function(){
|
||||
res.end()
|
||||
})
|
||||
- fs.createReadStream(s.mainDirectory + '/web/pages/robots.txt').pipe(res)
|
||||
+ fs.createReadStream(s.packageDirectory + '/web/pages/robots.txt').pipe(res)
|
||||
})
|
||||
}
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
From a2a0608c4844520b0660bdf48b5376ed0a42e7af Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 18:51:47 +0100
|
||||
Subject: [PATCH 7/9] remove terminalCommands
|
||||
|
||||
---
|
||||
libs/startup.js | 14 +-------------
|
||||
1 file changed, 1 insertion(+), 13 deletions(-)
|
||||
|
||||
diff --git a/libs/startup.js b/libs/startup.js
|
||||
index b1c8e56..247eeee 100644
|
||||
--- a/libs/startup.js
|
||||
+++ b/libs/startup.js
|
||||
@@ -32,19 +32,7 @@ module.exports = function(s,config,lang,io){
|
||||
var next = function(){
|
||||
if(callback)callback()
|
||||
}
|
||||
- if(!s.isWin && s.packageJson.mainDirectory !== '.'){
|
||||
- var etcPath = '/etc/shinobisystems/cctv.txt'
|
||||
- fs.stat(etcPath,function(err,stat){
|
||||
- if(err || !stat){
|
||||
- exec('node '+ s.mainDirectory + '/INSTALL/terminalCommands.js',function(err){
|
||||
- if(err)console.log(err)
|
||||
- })
|
||||
- }
|
||||
- next()
|
||||
- })
|
||||
- }else{
|
||||
- next()
|
||||
- }
|
||||
+ next()
|
||||
}
|
||||
var loadedAccounts = []
|
||||
var foundMonitors = []
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,48 @@
|
|||
From adb23ffced5408cc010b3863ba88fe81e39f17ce Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Tue, 15 Mar 2022 21:38:42 +0100
|
||||
Subject: [PATCH 8/9] disable subscription bullshit
|
||||
|
||||
---
|
||||
libs/startup.js | 4 ++--
|
||||
libs/webServerSuperPaths.js | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/libs/startup.js b/libs/startup.js
|
||||
index 247eeee..a810171 100644
|
||||
--- a/libs/startup.js
|
||||
+++ b/libs/startup.js
|
||||
@@ -383,7 +383,7 @@ module.exports = function(s,config,lang,io){
|
||||
}
|
||||
})
|
||||
}
|
||||
- config.userHasSubscribed = false
|
||||
+ config.userHasSubscribed = true
|
||||
//check disk space every 20 minutes
|
||||
if(config.autoDropCache===true){
|
||||
setInterval(function(){
|
||||
@@ -404,7 +404,7 @@ module.exports = function(s,config,lang,io){
|
||||
await checkForStaticUsers()
|
||||
//check for subscription
|
||||
checkSubscription(config.subscriptionId,function(hasSubcribed){
|
||||
- config.userHasSubscribed = hasSubcribed
|
||||
+ config.userHasSubscribed = true
|
||||
//check terminal commander
|
||||
checkForTerminalCommands(function(){
|
||||
//load administrators (groups)
|
||||
diff --git a/libs/webServerSuperPaths.js b/libs/webServerSuperPaths.js
|
||||
index bfbccf9..1d1bf3b 100644
|
||||
--- a/libs/webServerSuperPaths.js
|
||||
+++ b/libs/webServerSuperPaths.js
|
||||
@@ -167,7 +167,7 @@ module.exports = function(s,config,lang,app){
|
||||
}
|
||||
checkSubscription(subscriptionId,function(hasSubcribed){
|
||||
endData.ok = hasSubcribed
|
||||
- config.userHasSubscribed = hasSubcribed
|
||||
+ config.userHasSubscribed = true
|
||||
s.closeJsonResponse(res,endData)
|
||||
})
|
||||
},res,req)
|
||||
--
|
||||
2.35.1
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
From 78e72ba70ddbe690720fd7351934481534fed6c2 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Thu, 17 Mar 2022 23:28:40 +0100
|
||||
Subject: [PATCH 9/9] remove updater logic
|
||||
|
||||
---
|
||||
libs/system/utils.js | 21 +--------------------
|
||||
1 file changed, 1 insertion(+), 20 deletions(-)
|
||||
|
||||
diff --git a/libs/system/utils.js b/libs/system/utils.js
|
||||
index c41c4f6..d045bac 100644
|
||||
--- a/libs/system/utils.js
|
||||
+++ b/libs/system/utils.js
|
||||
@@ -46,26 +46,7 @@ module.exports = (config) => {
|
||||
},
|
||||
updateSystem: () => {
|
||||
return new Promise((resolve,reject) => {
|
||||
- if(!config.thisIsDocker){
|
||||
- if(currentlyUpdating){
|
||||
- resolve(true)
|
||||
- return
|
||||
- };
|
||||
- currentlyUpdating = true
|
||||
- const updateProcess = spawn('sh',[s.mainDirectory + '/UPDATE.sh'])
|
||||
- updateProcess.stderr.on('data',(data) => {
|
||||
- s.systemLog('UPDATE.sh',data.toString())
|
||||
- })
|
||||
- updateProcess.stdout.on('data',(data) => {
|
||||
- s.systemLog('UPDATE.sh',data.toString())
|
||||
- })
|
||||
- updateProcess.on('exit',(data) => {
|
||||
- resolve(true)
|
||||
- currentlyUpdating = false
|
||||
- })
|
||||
- }else{
|
||||
- resolve(false)
|
||||
- }
|
||||
+ resolve(false)
|
||||
})
|
||||
}
|
||||
}
|
||||
--
|
||||
2.35.1
|
||||
|
5589
packages/dream2nix/packages/shinobi/plugins/openalpr/dream-lock.json
Normal file
5589
packages/dream2nix/packages/shinobi/plugins/openalpr/dream-lock.json
Normal file
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
5589
packages/dream2nix/packages/shinobi/plugins/yolo/dream-lock.json
Normal file
5589
packages/dream2nix/packages/shinobi/plugins/yolo/dream-lock.json
Normal file
File diff suppressed because it is too large
Load diff
|
@ -1,30 +0,0 @@
|
|||
{ stdenv, fetchFromGitHub, kernel }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "evil";
|
||||
version = "1.0.0";
|
||||
name = "${pname}-${kernel.version}-${version}";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "alwilson";
|
||||
repo = pname;
|
||||
rev = "096ba9bf408fc714dc09a2e41be9ec03fc50ee4a";
|
||||
sha256 = "sha256-t0iJwIIThNkCcR2P1kJRdffcY6HmFg5qvJeXQhPfy6U=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = kernel.moduleBuildDependencies;
|
||||
|
||||
makeFlags = kernel.makeFlags ++ [
|
||||
"KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
|
||||
"KVER=${kernel.modDirVersion}"
|
||||
"KERNEL_MODLIB=$(out)/lib/modules/${kernel.modDirVersion}"
|
||||
"INCLUDEDIR=$(out)/include"
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
installDir=$out/lib/modules/${kernel.modDirVersion}/extra
|
||||
xz evil.ko
|
||||
install -d $installDir
|
||||
install -m644 evil.ko.xz $installDir
|
||||
'';
|
||||
}
|
|
@ -60,7 +60,7 @@ index 65d13c8..736101a 100644
|
|||
- "/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN",
|
||||
- "/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa",
|
||||
- "/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb",
|
||||
+ "/ip4/95.216.8.12/tcp/995/p2p/QmYs4xNBby2fTs8RnzfXEk161KD4mftBfCiR8yXtgGPj4J",
|
||||
+ "/ip4/168.235.67.108/tcp/4001/p2p/QmRMA5pWXtfuW1y5w2t9gYxrDDD6bPRLKdWAYnHTeCxZMm",
|
||||
+ "/ip4/95.216.8.12/tcp/4001/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo",
|
||||
+ "/ip6/2001:41d0:800:1402::3f16:3fb5/tcp/4001/p2p/12D3KooWDUgNsoLVauCDpRAo54mc4whoBudgeXQnZZK2iVYhBLCN",
|
||||
+ "/ip6/2001:818:da65:e400:a553:fbc1:f0b1:5743/tcp/4001/p2p/12D3KooWC1RZxLvAeEFNTZWk1FWc1sZZ3yemF4FNNRYa3X854KJ8",
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
From 46110b055eaaa0c1f815ff876da4713499c17bc8 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Fri, 17 Jun 2022 22:17:08 +0200
|
||||
Subject: [PATCH 4/4] Use more NAT traversal features
|
||||
|
||||
---
|
||||
p2p/node.go | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/p2p/node.go b/p2p/node.go
|
||||
index 2f86317..0c9a250 100644
|
||||
--- a/p2p/node.go
|
||||
+++ b/p2p/node.go
|
||||
@@ -49,6 +49,9 @@ func CreateNode(ctx context.Context, inputKey string, port int, handler network.
|
||||
libp2p.NATPortMap(),
|
||||
libp2p.DefaultMuxers,
|
||||
libp2p.Transport(tcp.NewTCPTransport),
|
||||
+ libp2p.EnableHolePunching(),
|
||||
+ libp2p.EnableRelayService(),
|
||||
+ libp2p.EnableNATService(),
|
||||
libp2p.FallbackDefaults,
|
||||
)
|
||||
if err != nil {
|
||||
--
|
||||
2.36.0
|
||||
|
|
@ -1,90 +0,0 @@
|
|||
From 3942aaa7dcfa8cfd2fe110cf2bda66b34ead6539 Mon Sep 17 00:00:00 2001
|
||||
From: Max <max@privatevoid.net>
|
||||
Date: Sun, 25 Sep 2022 01:29:25 +0200
|
||||
Subject: [PATCH] Grab bootstrap peers from IPFS API
|
||||
|
||||
---
|
||||
p2p/node.go | 44 +++++++++++++++++++++++++++++++++++++++++++-
|
||||
1 file changed, 43 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/p2p/node.go b/p2p/node.go
|
||||
index 0c9a250..f5d5292 100644
|
||||
--- a/p2p/node.go
|
||||
+++ b/p2p/node.go
|
||||
@@ -2,8 +2,12 @@ package p2p
|
||||
|
||||
import (
|
||||
"context"
|
||||
+ "encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
+ "io/ioutil"
|
||||
+ "net/http"
|
||||
+ "net/url"
|
||||
"os"
|
||||
"sync"
|
||||
|
||||
@@ -22,6 +26,35 @@ import (
|
||||
// Protocol is a descriptor for the Hyprspace P2P Protocol.
|
||||
const Protocol = "/hyprspace/0.0.1"
|
||||
|
||||
+func getExtraBootstrapNodes(addr ma.Multiaddr) (nodesList []string) {
|
||||
+ nodesList = []string{}
|
||||
+ ip4, err := addr.ValueForProtocol(ma.P_IP4)
|
||||
+ if err != nil {
|
||||
+ return
|
||||
+ }
|
||||
+ port, err := addr.ValueForProtocol(ma.P_TCP)
|
||||
+ if err != nil {
|
||||
+ return
|
||||
+ }
|
||||
+ resp, err := http.PostForm("http://"+ip4+":"+port+"/api/v0/swarm/addrs", url.Values{})
|
||||
+
|
||||
+ defer resp.Body.Close()
|
||||
+
|
||||
+ apiResponse, err := ioutil.ReadAll(resp.Body)
|
||||
+
|
||||
+ if err != nil {
|
||||
+ return
|
||||
+ }
|
||||
+ var obj = map[string]map[string][]string{}
|
||||
+ json.Unmarshal([]byte(apiResponse), &obj)
|
||||
+ for k, v := range obj["Addrs"] {
|
||||
+ for _, addr := range v {
|
||||
+ nodesList = append(nodesList, (addr + "/p2p/" + k))
|
||||
+ }
|
||||
+ }
|
||||
+ return
|
||||
+}
|
||||
+
|
||||
// CreateNode creates an internal Libp2p nodes and returns it and it's DHT Discovery service.
|
||||
func CreateNode(ctx context.Context, inputKey string, port int, handler network.StreamHandler) (node host.Host, dhtOut *dht.IpfsDHT, err error) {
|
||||
// Unmarshal Private Key
|
||||
@@ -34,6 +67,15 @@ func CreateNode(ctx context.Context, inputKey string, port int, handler network.
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
+ extraBootstrapNodes := []string{}
|
||||
+ ipfsApiStr, ok := os.LookupEnv("HYPRSPACE_IPFS_API")
|
||||
+ if ok {
|
||||
+ ipfsApiAddr, err := ma.NewMultiaddr(ipfsApiStr)
|
||||
+ if err == nil {
|
||||
+ fmt.Println("[+] Getting additional peers from IPFS API")
|
||||
+ extraBootstrapNodes = getExtraBootstrapNodes(ipfsApiAddr)
|
||||
+ }
|
||||
+ }
|
||||
|
||||
ip6tcp := fmt.Sprintf("/ip6/::/tcp/%d", port)
|
||||
ip4tcp := fmt.Sprintf("/ip4/0.0.0.0/tcp/%d", port)
|
||||
@@ -74,7 +116,7 @@ func CreateNode(ctx context.Context, inputKey string, port int, handler network.
|
||||
|
||||
// Convert Bootstap Nodes into usable addresses.
|
||||
BootstrapPeers := make(map[peer.ID]*peer.AddrInfo, len(peers))
|
||||
- for _, addrStr := range peers {
|
||||
+ for _, addrStr := range append(peers, extraBootstrapNodes...) {
|
||||
addr, err := ma.NewMultiaddr(addrStr)
|
||||
if err != nil {
|
||||
return node, dhtOut, err
|
||||
--
|
||||
2.37.2
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
{ lib, stdenv, buildGo117Module, fetchFromGitHub, iproute2mac }:
|
||||
{ lib, stdenv, buildGoModule, fetchFromGitHub, iproute2mac }:
|
||||
|
||||
buildGo117Module rec {
|
||||
buildGoModule rec {
|
||||
pname = "hyprspace";
|
||||
version = "0.2.2";
|
||||
|
||||
|
@ -10,8 +10,6 @@ buildGo117Module rec {
|
|||
./0001-Lain-ipfs-bootstrap-nodes.patch
|
||||
./0002-Remove-quic-transport-for-Lain-ipfs.patch
|
||||
./0003-Remove-dep-from-go.mod.patch
|
||||
./0004-Use-more-NAT-traversal-features.patch
|
||||
./0005-Grab-bootstrap-peers-from-IPFS-API.patch
|
||||
];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
|
|
|
@ -1,24 +0,0 @@
|
|||
{ mkNixPak, amberol }:
|
||||
|
||||
mkNixPak {
|
||||
config = { sloth, ... }: {
|
||||
imports = [
|
||||
../modules/gui-base.nix
|
||||
../modules/mpris2-player.nix
|
||||
];
|
||||
flatpak.appId = "io.bassi.Amberol";
|
||||
bubblewrap = {
|
||||
bind.rw = [
|
||||
[
|
||||
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/amberol"))
|
||||
(sloth.concat' sloth.xdgCacheHome "/amberol")
|
||||
]
|
||||
];
|
||||
bind.ro = [
|
||||
(sloth.concat' sloth.homeDir "/Music")
|
||||
"/srv/data/music"
|
||||
];
|
||||
};
|
||||
app.package = amberol;
|
||||
};
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
{ mkNixPak, dialect }:
|
||||
|
||||
mkNixPak {
|
||||
config = { sloth, ... }: {
|
||||
imports = [
|
||||
../modules/gui-base.nix
|
||||
../modules/network.nix
|
||||
];
|
||||
flatpak.appId = "app.drey.Dialect";
|
||||
app = {
|
||||
package = dialect;
|
||||
extraEntrypoints = [
|
||||
"/share/dialect/search_provider"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
{ mkNixPak, fragments }:
|
||||
|
||||
mkNixPak {
|
||||
config = { sloth, ... }: {
|
||||
imports = [ ../modules/gui-base.nix ];
|
||||
flatpak.appId = "de.haeckerfelix.Fragments";
|
||||
app.package = fragments;
|
||||
dbus.policies = {
|
||||
"org.freedesktop.secrets" = "talk";
|
||||
};
|
||||
bubblewrap = {
|
||||
network = true;
|
||||
bind.ro = [
|
||||
"/etc/hosts"
|
||||
];
|
||||
bind.rw = [
|
||||
[
|
||||
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/fragments"))
|
||||
(sloth.concat' sloth.xdgCacheHome "/fragments")
|
||||
]
|
||||
(sloth.concat' sloth.xdgConfigHome "/fragments")
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,58 +0,0 @@
|
|||
{ config, lib, pkgs, sloth, ... }:
|
||||
|
||||
let
|
||||
envSuffix = envKey: suffix: sloth.concat' (sloth.env envKey) suffix;
|
||||
in
|
||||
|
||||
{
|
||||
config = {
|
||||
dbus.policies = {
|
||||
"${config.flatpak.appId}" = "own";
|
||||
"${config.flatpak.appId}.*" = "own";
|
||||
"org.freedesktop.DBus" = "talk";
|
||||
"org.gtk.vfs.*" = "talk";
|
||||
"org.gtk.vfs" = "talk";
|
||||
"ca.desrt.dconf" = "talk";
|
||||
"org.freedesktop.portal.*" = "talk";
|
||||
"org.a11y.Bus" = "talk";
|
||||
};
|
||||
gpu.enable = lib.mkDefault true;
|
||||
gpu.provider = "bundle";
|
||||
fonts.enable = true;
|
||||
locale.enable = true;
|
||||
bubblewrap = {
|
||||
sockets = {
|
||||
wayland = true;
|
||||
pulse = true;
|
||||
};
|
||||
network = lib.mkDefault false;
|
||||
bind.rw = [
|
||||
(sloth.concat' sloth.xdgCacheHome "/fontconfig")
|
||||
(sloth.concat' sloth.xdgCacheHome "/mesa_shader_cache")
|
||||
|
||||
(envSuffix "XDG_RUNTIME_DIR" "/at-spi/bus")
|
||||
(envSuffix "XDG_RUNTIME_DIR" "/gvfsd")
|
||||
(envSuffix "XDG_RUNTIME_DIR" "/doc")
|
||||
(envSuffix "XDG_RUNTIME_DIR" "/dconf")
|
||||
];
|
||||
bind.ro = [
|
||||
(sloth.concat' sloth.xdgConfigHome "/gtk-2.0")
|
||||
(sloth.concat' sloth.xdgConfigHome "/gtk-3.0")
|
||||
(sloth.concat' sloth.xdgConfigHome "/gtk-4.0")
|
||||
(sloth.concat' sloth.xdgConfigHome "/dconf")
|
||||
"/etc/localtime"
|
||||
];
|
||||
env = {
|
||||
XDG_DATA_DIRS = lib.makeSearchPath "share" [
|
||||
pkgs.gnome.adwaita-icon-theme
|
||||
pkgs.gnome-themes-extra
|
||||
pkgs.shared-mime-info
|
||||
];
|
||||
XCURSOR_PATH = lib.concatStringsSep ":" [
|
||||
"${pkgs.gnome.adwaita-icon-theme}/share/icons"
|
||||
"${pkgs.gnome.adwaita-icon-theme}/share/pixmaps"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
dbus.policies = {
|
||||
"org.mpris.MediaPlayer2.${config.flatpak.appId}" = "own";
|
||||
};
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
{
|
||||
etc.sslCertificates.enable = true;
|
||||
bubblewrap = {
|
||||
network = true;
|
||||
};
|
||||
}
|
|
@ -1,51 +0,0 @@
|
|||
{ mkNixPak, ungoogled-chromium }:
|
||||
|
||||
mkNixPak {
|
||||
config = { config, sloth, ... }: {
|
||||
app.package = ungoogled-chromium;
|
||||
flatpak = {
|
||||
appId = "org.chromium.Chromium";
|
||||
desktopFile = "chromium-browser.desktop";
|
||||
};
|
||||
imports = [
|
||||
../modules/gui-base.nix
|
||||
../modules/network.nix
|
||||
../modules/mpris2-player.nix
|
||||
];
|
||||
# chromium doesn't use the expected MPRIS2 name format
|
||||
dbus.policies = {
|
||||
"org.mpris.MediaPlayer2.chromium.*" = "own";
|
||||
};
|
||||
bubblewrap = {
|
||||
# for hidraw access (WebAuthn keys)
|
||||
bind.dev = [ "/dev" ];
|
||||
bind.rw = [
|
||||
[
|
||||
(sloth.mkdir (sloth.concat [
|
||||
sloth.appCacheDir
|
||||
"/nixpak-app-shared-tmp"
|
||||
]))
|
||||
"/tmp"
|
||||
]
|
||||
[
|
||||
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/chromium"))
|
||||
(sloth.concat' sloth.xdgCacheHome "/chromium")
|
||||
]
|
||||
[
|
||||
# home-manager does some funny things
|
||||
(sloth.concat [
|
||||
sloth.xdgConfigHome
|
||||
"/nixpak-ungoogled-chromium"
|
||||
])
|
||||
(sloth.concat [
|
||||
sloth.xdgConfigHome
|
||||
"/chromium"
|
||||
])
|
||||
]
|
||||
(sloth.concat' sloth.homeDir "/Downloads")
|
||||
"/tmp/.X11-unix"
|
||||
(sloth.envOr "XAUTHORITY" "/no-xauth")
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,42 +0,0 @@
|
|||
{ mkNixPak, wike, python3Packages }:
|
||||
|
||||
mkNixPak {
|
||||
config = { sloth, ... }: {
|
||||
imports = [
|
||||
../modules/gui-base.nix
|
||||
../modules/network.nix
|
||||
];
|
||||
flatpak.appId = "com.github.hugolabe.Wike";
|
||||
bubblewrap = {
|
||||
bind.rw = [
|
||||
[
|
||||
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/wike"))
|
||||
(sloth.concat' sloth.xdgCacheHome "/wike")
|
||||
]
|
||||
];
|
||||
};
|
||||
app = {
|
||||
# upstream wike is a bit broken
|
||||
package = wike.overrideAttrs (old: {
|
||||
propagatedBuildInputs = old.propagatedBuildInputs ++ [
|
||||
python3Packages.dbus-python
|
||||
];
|
||||
|
||||
# fix double wrapping
|
||||
dontWrapGApps = true;
|
||||
makeWrapperArgs = [
|
||||
"\${gappsWrapperArgs[@]}"
|
||||
];
|
||||
|
||||
# properly wrap wike-sp
|
||||
postFixup = (old.postFixup or "") + ''
|
||||
wrapPythonProgramsIn $out/share/wike "$out $propagatedBuildInputs"
|
||||
'';
|
||||
});
|
||||
|
||||
extraEntrypoints = [
|
||||
"/share/wike/wike-sp"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,7 +1,5 @@
|
|||
{ inputs, pkgs }:
|
||||
let
|
||||
tools = import ./lib/tools.nix;
|
||||
patch' = super: tools.patch super "patches/base/${super.pname}";
|
||||
dream2nix = inputs.dream2nix.lib2.init {
|
||||
inherit pkgs;
|
||||
config = {
|
||||
|
@ -9,42 +7,14 @@ let
|
|||
overridesDirs = [ "${inputs.dream2nix}/overrides" ./dream2nix/overrides ];
|
||||
};
|
||||
};
|
||||
mkNixPak = inputs.nixpak.lib.nixpak {
|
||||
inherit (pkgs) lib;
|
||||
inherit pkgs;
|
||||
};
|
||||
|
||||
sandbox = path: extra: (pkgs.callPackage path ({ inherit mkNixPak; } // extra)).config.env;
|
||||
in
|
||||
{
|
||||
amberol = sandbox ./nixpak/amberol { };
|
||||
|
||||
brig = pkgs.callPackage ./tools/brig { };
|
||||
|
||||
dialect = sandbox ./nixpak/dialect { };
|
||||
|
||||
evil = pkgs.linuxPackages_latest.callPackage ./networking/evil { };
|
||||
privatevoid-smart-card-ca-bundle = pkgs.callPackage ./data/privatevoid-smart-card-certificate-authority-bundle.nix { };
|
||||
|
||||
jdtls = pkgs.callPackage ./development/langservers/jdtls.nix { };
|
||||
|
||||
doom-one-vim = pkgs.callPackage ./vim-plugins/doom-one-vim.nix { };
|
||||
|
||||
fragments-remote = let
|
||||
fakeTransmission = pkgs.writeShellScriptBin "transmission-daemon" ''
|
||||
exec ${pkgs.coreutils}/bin/sleep +Infinity
|
||||
'';
|
||||
|
||||
app = pkgs.fragments.overrideAttrs (_: {
|
||||
preFixup = ''
|
||||
gappsWrapperArgs+=(
|
||||
--prefix PATH : "${pkgs.lib.makeBinPath [ fakeTransmission ] }"
|
||||
)
|
||||
'';
|
||||
});
|
||||
in sandbox ./nixpak/fragments { fragments = app; };
|
||||
|
||||
git-remote-ipld = pkgs.callPackage ./tools/git-remote-ipld { };
|
||||
|
||||
hyprspace = pkgs.callPackage ./networking/hyprspace { iproute2mac = null; };
|
||||
|
||||
identity = pkgs.callPackage ./apps/identity { };
|
||||
|
@ -53,17 +23,11 @@ in
|
|||
|
||||
neovim-gtk = pkgs.callPackage ./apps/neovim-gtk { };
|
||||
|
||||
sonnyp-commit = pkgs.callPackage ./apps/sonnyp-commit { };
|
||||
shinobi = let
|
||||
dream = dream2nix.makeFlakeOutputs {
|
||||
source = inputs.shinobi;
|
||||
};
|
||||
in dream.packages.${pkgs.system}.shinobi // { inherit (dream.apps.${pkgs.system}) resolveImpure; };
|
||||
|
||||
steam-metro-skin = import ./data/misc/steam-metro-skin { inherit (pkgs) fetchzip; };
|
||||
|
||||
tubefeeder = pkgs.callPackage ./apps/tubefeeder { };
|
||||
|
||||
ungoogled-chromium = sandbox ./nixpak/ungoogled-chromium { };
|
||||
|
||||
vaults = pkgs.callPackage ./apps/vaults { };
|
||||
|
||||
webfont-kit-generator = pkgs.callPackage ./apps/webfont-kit-generator { };
|
||||
|
||||
wike = sandbox ./nixpak/wike { };
|
||||
}
|
||||
|
|
|
@ -7,30 +7,11 @@ super: rec {
|
|||
|
||||
doas-interactive = patch-rename super.doas "doas-interactive" "patches/base/doas";
|
||||
|
||||
kubo = patch super.kubo "patches/base/ipfs";
|
||||
lain-ipfs = patch-rename super.ipfs "lain-ipfs" "patches/base/ipfs";
|
||||
|
||||
gnome-control-center = super.gnome-control-center.overrideAttrs (old: {
|
||||
postPatch = (old.postPatch or "") + ''
|
||||
echo disabling alert sound chooser
|
||||
${super.xmlstarlet}/bin/xmlstarlet edit -L \
|
||||
-s '//property[@name="title" and text()="_Alert Sound"]/..' -t elem -n propertyAlertSoundVisible -v False \
|
||||
-s //propertyAlertSoundVisible -t attr -n name -v visible \
|
||||
-r //propertyAlertSoundVisible -v property \
|
||||
panels/sound/cc-sound-panel.ui
|
||||
gnome-control-center = patch' super.gnome.gnome-control-center;
|
||||
|
||||
test "$(${super.xmlstarlet}/bin/xmlstarlet select -t -c '//property[@name="title" and text()="_Alert Sound"]/../property[@name="visible"]/text()' panels/sound/cc-sound-panel.ui)" == "False"
|
||||
'';
|
||||
});
|
||||
|
||||
libfprint = (patch' super.libfprint).overrideAttrs (old: {
|
||||
buildInputs = old.buildInputs ++ [
|
||||
super.openssl
|
||||
];
|
||||
});
|
||||
|
||||
fprintd = super.fprintd.override { inherit libfprint; };
|
||||
|
||||
nautilus = (patch' super.nautilus).overrideAttrs (attrs: {
|
||||
nautilus = (patch' super.gnome.nautilus).overrideAttrs (attrs: {
|
||||
preFixup = with super;
|
||||
let py = (python3.withPackages (ps: with ps; [ ps.pygobject3 ]));
|
||||
in attrs.preFixup + ''
|
||||
|
@ -48,9 +29,9 @@ super: rec {
|
|||
|
||||
vte-high-refresh-rate = patch' super.vte;
|
||||
|
||||
vte-gtk4-high-refresh-rate = patch' super.vte-gtk4;
|
||||
|
||||
tilix-high-refresh-rate = super.tilix.override { gtkd = super.gtkd.override { vte = vte-high-refresh-rate; }; };
|
||||
|
||||
blackbox-high-refresh-rate = (patch' super.blackbox-terminal).override { vte-gtk4 = vte-gtk4-high-refresh-rate; };
|
||||
webkitgtk = patch' super.webkitgtk;
|
||||
|
||||
webkitgtk_4_1 = patch' super.webkitgtk_4_1;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
let tools = import ./lib/tools.nix;
|
||||
in with tools;
|
||||
inputs: rec {
|
||||
nix-super = inputs.nix-super.packages.x86_64-linux.default;
|
||||
nix-super = inputs.nix-super.defaultPackage.x86_64-linux;
|
||||
|
||||
deploy-rs = inputs.deploy-rs.packages.x86_64-linux.deploy-rs;
|
||||
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
diff --git a/cmd/util.go b/cmd/util.go
|
||||
index 37ebfe64..ceee4730 100644
|
||||
--- a/cmd/util.go
|
||||
+++ b/cmd/util.go
|
||||
@@ -79,6 +80,7 @@ func guessRepoFolder(ctx *cli.Context) (string, error) {
|
||||
|
||||
guessLocations := []string{
|
||||
// TODO: For now just one.
|
||||
+ (os.Getenv("HOME") + "/.brig"),
|
||||
".",
|
||||
}
|
||||
|
|
@ -1,47 +0,0 @@
|
|||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
let
|
||||
vp = "github.com/sahib/brig/version";
|
||||
version = {
|
||||
major = "0";
|
||||
minor = "5";
|
||||
patch = "3";
|
||||
releaseType = "develop";
|
||||
gitRev = "6b7eccf8fcbd907fc759f8ca8aa814df8499e2ed";
|
||||
};
|
||||
in
|
||||
|
||||
buildGoModule {
|
||||
pname = "brig";
|
||||
version = "0.5.3pre";
|
||||
|
||||
subPackages = ["."];
|
||||
patches = [
|
||||
./default-repo-location.patch
|
||||
./fix-ghost-remove.patch
|
||||
./fix-replay-remove-already-gone.patch
|
||||
./info-no-check-cached.patch
|
||||
./ls-no-check-cached.patch
|
||||
./pin-ls-recursive.patch
|
||||
./repin-relaxed-locking.patch
|
||||
./vcs-mapper-debug-to-logger.patch
|
||||
];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sahib";
|
||||
repo = "brig";
|
||||
rev = version.gitRev;
|
||||
sha256 = "sha256-lCXSeTIZcIcVcblm9BTUMqTfxO7+BHYQNv6/RlPq14A=";
|
||||
};
|
||||
vendorSha256 = "sha256-pFrrMq7VFCwt8KRgJApCq8lPYv0P8hIUOxKJMN9QR0U=";
|
||||
|
||||
ldflags = with version; [
|
||||
"-s" "-w"
|
||||
"-X ${vp}.Major=${major}"
|
||||
"-X ${vp}.Minor=${minor}"
|
||||
"-X ${vp}.Patch=${patch}"
|
||||
"-X ${vp}.GitRev=${gitRev}"
|
||||
"-X ${vp}.ReleaseType=${releaseType}"
|
||||
"-X ${vp}.BuildTime=1970-01-01T01:00:01+01:00"
|
||||
];
|
||||
}
|
|
@ -1,13 +0,0 @@
|
|||
diff --git a/catfs/vcs/mapper.go b/catfs/vcs/mapper.go
|
||||
index 5568e600..bfba247d 100644
|
||||
--- a/catfs/vcs/mapper.go
|
||||
+++ b/catfs/vcs/mapper.go
|
||||
@@ -311,7 +311,7 @@ func (ma *Mapper) mapDirectory(srcCurr *n.Directory, dstPath string, force bool)
|
||||
|
||||
// No sibling found for this ghost.
|
||||
if aliveDstCurr == nil {
|
||||
- return ma.report(srcCurr, nil, false, false, false)
|
||||
+ return ma.report(srcCurr, nil, false, true, false)
|
||||
}
|
||||
|
||||
localBackCheck, err := ma.lkrSrc.LookupNodeAt(ma.srcHead, aliveDstCurr.Path())
|
|
@ -1,15 +0,0 @@
|
|||
diff --git a/catfs/vcs/change.go b/catfs/vcs/change.go
|
||||
index 94800b23..e454c399 100644
|
||||
--- a/catfs/vcs/change.go
|
||||
+++ b/catfs/vcs/change.go
|
||||
@@ -234,6 +234,10 @@ func replayAddMoveMapping(lkr *c.Linker, oldPath, newPath string) error {
|
||||
func replayRemove(lkr *c.Linker, ch *Change) error {
|
||||
currNd, err := lkr.LookupModNode(ch.Curr.Path())
|
||||
if err != nil {
|
||||
+ // file doesn't exist locally, nothing to do
|
||||
+ if ie.IsNoSuchFileError(err) {
|
||||
+ return nil
|
||||
+ }
|
||||
return e.Wrapf(err, "replay: lookup: %v", ch.Curr.Path())
|
||||
}
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
diff --git a/cmd/fs_handlers.go b/cmd/fs_handlers.go
|
||||
index d86e8d91..f894ac89 100644
|
||||
--- a/cmd/fs_handlers.go
|
||||
+++ b/cmd/fs_handlers.go
|
||||
@@ -591,14 +591,8 @@ func handleShowFileOrDir(ctx *cli.Context, ctl *client.Client, path string) erro
|
||||
return tmpl.Execute(os.Stdout, info)
|
||||
}
|
||||
|
||||
- isCached, err := ctl.IsCached(path)
|
||||
- if err != nil {
|
||||
- return err
|
||||
- }
|
||||
-
|
||||
pinState := yesify(info.IsPinned)
|
||||
explicitState := yesify(info.IsExplicit)
|
||||
- cachedState := yesify(isCached)
|
||||
|
||||
nodeType := "file"
|
||||
if info.IsDir {
|
||||
@@ -627,7 +621,6 @@ func handleShowFileOrDir(ctx *cli.Context, ctl *client.Client, path string) erro
|
||||
printPair("Inode", strconv.FormatUint(info.Inode, 10))
|
||||
printPair("Pinned", pinState)
|
||||
printPair("Explicit", explicitState)
|
||||
- printPair("Cached", cachedState)
|
||||
printPair("IsRaw", yesify(info.IsRaw))
|
||||
printPair("ModTime", info.ModTime.Format(time.RFC3339))
|
||||
printPair("Tree Hash", info.TreeHash.B58String())
|
|
@ -1,37 +0,0 @@
|
|||
diff --git a/cmd/fs_handlers.go b/cmd/fs_handlers.go
|
||||
index f1791b16..d86e8d91 100644
|
||||
--- a/cmd/fs_handlers.go
|
||||
+++ b/cmd/fs_handlers.go
|
||||
@@ -449,7 +449,7 @@ func handleList(ctx *cli.Context, ctl *client.Client) error {
|
||||
userColumn = "USER\t"
|
||||
}
|
||||
|
||||
- fmt.Fprintf(tabW, "SIZE\tBKEND\tMODTIME\t%sPATH\tPIN\tCACHED\tHINT\n", userColumn)
|
||||
+ fmt.Fprintf(tabW, "SIZE\tBKEND\tMODTIME\t%sPATH\tPIN\tHINT\n", userColumn)
|
||||
}
|
||||
|
||||
for _, entry := range entries {
|
||||
@@ -467,22 +467,15 @@ func handleList(ctx *cli.Context, ctl *client.Client) error {
|
||||
userEntry = color.GreenString(userMap[entry.User]) + "\t"
|
||||
}
|
||||
|
||||
- isCached, err := ctl.IsCached(entry.Path)
|
||||
- if err != nil {
|
||||
- return err
|
||||
- }
|
||||
- cachedState := " " + pinStateToSymbol(isCached, false)
|
||||
-
|
||||
fmt.Fprintf(
|
||||
tabW,
|
||||
- "%s\t%s\t%s\t%s%s\t%s\t%s\t%s\n",
|
||||
+ "%s\t%s\t%s\t%s%s\t%s\t%s\n",
|
||||
colorForSize(entry.Size)(humanize.Bytes(entry.Size)),
|
||||
colorForSize(entry.Size)(humanize.Bytes(uint64(entry.CachedSize))),
|
||||
entry.ModTime.Format("2006-01-02 15:04:05 MST"),
|
||||
userEntry,
|
||||
coloredPath,
|
||||
pinState,
|
||||
- cachedState,
|
||||
formatHint(entry.Hint),
|
||||
)
|
||||
}
|
|
@ -1,13 +0,0 @@
|
|||
diff --git a/backend/httpipfs/pin.go b/backend/httpipfs/pin.go
|
||||
index 74c7dec..65d78b8 100644
|
||||
--- a/backend/httpipfs/pin.go
|
||||
+++ b/backend/httpipfs/pin.go
|
||||
@@ -13,7 +13,7 @@ import (
|
||||
// IsPinned returns true when `hash` is pinned in some way.
|
||||
func (nd *Node) IsPinned(hash h.Hash) (bool, error) {
|
||||
ctx := context.Background()
|
||||
- resp, err := nd.sh.Request("pin/ls", hash.B58String()).Send(ctx)
|
||||
+ resp, err := nd.sh.Request("pin/ls", hash.B58String()).Option("type", "recursive").Send(ctx)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
|
@ -1,41 +0,0 @@
|
|||
diff --git a/catfs/repin.go b/catfs/repin.go
|
||||
index 63ba711e..f8b5b9d6 100644
|
||||
--- a/catfs/repin.go
|
||||
+++ b/catfs/repin.go
|
||||
@@ -247,9 +247,12 @@ func (fs *FS) repin(root string) error {
|
||||
savedStorage := uint64(0)
|
||||
parts := []*partition{}
|
||||
|
||||
+ fs.mu.Unlock()
|
||||
log.Infof("repin started (min=%d max=%d quota=%s)", minDepth, maxDepth, quotaSrc)
|
||||
|
||||
err = n.Walk(fs.lkr, rootNd, true, func(child n.Node) error {
|
||||
+ fs.mu.Lock()
|
||||
+ defer fs.mu.Unlock()
|
||||
if child.Type() == n.NodeTypeDirectory {
|
||||
return nil
|
||||
}
|
||||
@@ -259,6 +262,7 @@ func (fs *FS) repin(root string) error {
|
||||
return e.Wrapf(ie.ErrBadNode, "repin")
|
||||
}
|
||||
|
||||
+ fs.mu.Unlock()
|
||||
part, err := fs.partitionNodeHashes(modChild, minDepth, maxDepth)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -273,6 +277,7 @@ func (fs *FS) repin(root string) error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
+ fs.mu.Lock()
|
||||
|
||||
totalStorage += part.PinSize
|
||||
addedToStorage += pinBytes
|
||||
@@ -286,6 +291,7 @@ func (fs *FS) repin(root string) error {
|
||||
return e.Wrapf(err, "repin: walk")
|
||||
}
|
||||
|
||||
+ fs.mu.Lock()
|
||||
quotaUnpins, err := fs.balanceQuota(parts, totalStorage, quota)
|
||||
if err != nil {
|
||||
return e.Wrapf(err, "repin: quota balance")
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue