max/config
1
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: max:master
Branches Tags
max:master
max:d2n-bug-98ca5ea
max:gnome-42-alpha
..
compare: max:gnome-42-alpha
Branches Tags
max:master
max:d2n-bug-98ca5ea
max:gnome-42-alpha

5 commits
master ... gnome-42-a

Author SHA1 Message Date
Max
0ad621c61d fixup! packages/gnome-control-center: remove alert chooser patch 2022-03-01 00:44:25 +01:00
Max
4d32ad60f5 packages/gnome-control-center: remove alert chooser patch 2022-03-01 00:43:01 +01:00
Max
60b0582a36 patches: update ipfs patchset 2022-02-28 19:45:45 +01:00
Max
763a3c69d0 packages/gnome-control-center: remove cheese removal 2022-02-28 19:18:21 +01:00
Max
8882fd1c68 flake.lock: Update 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/7f9b6e2babf232412682c09e57ed666d8f84ac2d' (2022-02-21)
  → 'github:NixOS/nixpkgs/b9695eb351d4715c4b9d4bb239856d8c6fbad989' (2022-02-27)
 2022-02-28 19:17:29 +01:00
129 changed files with 1056 additions and 11139 deletions
Show stats Expand all files Collapse all files

33
config/zsh/prompt.zsh
View file

@ -11,16 +11,7 @@
# #
delta_prompt_symbol() { delta_prompt_symbol() {
if [[ "$1" -eq 0 ]]; then if [[ "$1" -eq 0 ]]; then
local symbol_color print -n "%F{$2}"
if [[ -n "$DEVSHELL_DIR" ]]; then
symbol_color=214
elif [[ -n "$IN_NIX3_SHELL" || -n "$IN_NIX_SHELL" ]]; then
symbol_color=blue
else
symbol_color=red
fi
print -n "%F{$symbol_color}"
else else
print -n '%F{8}' print -n '%F{8}'
fi fi
@ -28,11 +19,13 @@ delta_prompt_symbol() {
delta_prompt_nix_shell() { delta_prompt_nix_shell() {
if [[ -n "$IN_NIX3_SHELL" || -n "$IN_NIX_SHELL" ]]; then if [[ -n "$IN_NIX3_SHELL" || -n "$IN_NIX_SHELL" ]]; then
print -Pn " %F{cyan}>%F{blue}>%F{8}" print -n " %F{cyan}>%F{blue}>%F{8}"
tr : '\n' <<<$PATH | grep '^/nix/store' | while read storepath; do tr : '\n' <<<$PATH | grep '^/nix/store' | while read storepath; do
print -n " ${${storepath#*-}%/*}" print -n " ${${storepath#*-}%/*}"
done done
print -P '%f' print -n '%f\n '
else
print -n ' '
fi fi
} }
@ -49,16 +42,19 @@ delta_prompt_init() {
hostnamevar='%m' hostnamevar='%m'
fi fi
local dirdisplay="%c" local symbol_color
if [[ -n $HOVER_HOME ]]; then if [[ -n "$IN_NIX3_SHELL" || -n "$IN_NIX_SHELL" ]]; then
dirdisplay="[ %c ]" symbol_color=blue
else
symbol_color=red
fi fi
if [[ -n $SSH_CONNECTION ]]; then if [[ -n $SSH_CONNECTION ]]; then
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}$hostnamevar $dirdisplay >%f " PROMPT="$(delta_prompt_nix_shell)\$(delta_prompt_symbol \$? $symbol_color)Δ%f %F{8}$hostnamevar %c >%f "
else else
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}$dirdisplay >%f " PROMPT="$(delta_prompt_nix_shell)\$(delta_prompt_symbol \$? $symbol_color)Δ%f %F{8}%c >%f "
fi fi
unfunction delta_prompt_nix_shell
zstyle ':vcs_info:*' enable git zstyle ':vcs_info:*' enable git
zstyle ':vcs_info:*' use-simple true zstyle ':vcs_info:*' use-simple true
@ -66,9 +62,6 @@ delta_prompt_init() {
zstyle ':vcs_info:git*' actionformats '%b|%a' zstyle ':vcs_info:git*' actionformats '%b|%a'
zstyle ':vcs_info:*' max-exports 2 zstyle ':vcs_info:*' max-exports 2
delta_prompt_nix_shell
unfunction delta_prompt_nix_shell
} }
delta_prompt_git_status() { delta_prompt_git_status() {

1023
flake.lock
View file

File diff suppressed because it is too large Load diff

61
flake.nix
View file

@ -2,48 +2,37 @@
description = "System and user config"; description = "System and user config";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/gnome";
nix-super.url = "gitlab:max/nix-super?host=git.privatevoid.net"; nix-super.url = "git+https://git.privatevoid.net/max/nix-super-fork";
nix-super.inputs.nixpkgs.follows = "nixpkgs";
modular-nvim.url = "git+https://git.privatevoid.net/max/modular-neovim-prototype";
modular-nvim.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/master"; home-manager.url = "github:nix-community/home-manager/master";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
nix-crx.url = "git+https://git.privatevoid.net/max/nix-crx.git"; nix-crx.url = "git+https://git.privatevoid.net/max/nix-crx";
nix-crx.inputs.nixpkgs.follows = "nixpkgs"; nix-crx.inputs.nixpkgs.follows = "nixpkgs";
nix-vsx.url = "git+https://git.privatevoid.net/max/nix-vsx";
nix-vsx.inputs.nixpkgs.follows = "nixpkgs";
deploy-rs.url = "github:serokell/deploy-rs"; deploy-rs.url = "github:serokell/deploy-rs";
deploy-rs.inputs.nixpkgs.follows = "nixpkgs"; deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
deploy-rs.inputs.naersk.follows = "naersk";
# re-pin naersk to fix deprecation warning in deploy-rs
naersk.url = "github:nmattia/naersk/master";
naersk.inputs.nixpkgs.follows = "nixpkgs";
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs"; agenix.inputs.nixpkgs.follows = "nixpkgs";
helix.url = "github:helix-editor/helix";
helix.inputs = {
nixpkgs.follows = "nixpkgs";
};
kernel-clr = { url = "github:clearlinux-pkgs/linux"; flake = false; }; kernel-clr = { url = "github:clearlinux-pkgs/linux"; flake = false; };
dream2nix.url = "github:nix-community/dream2nix";
dream2nix.inputs.nixpkgs.follows = "nixpkgs";
nixpak.url = "github:nixpak/nixpak";
nixpak.inputs.nixpkgs.follows = "nixpkgs";
nil.url = "github:oxalica/nil";
nil.inputs.nixpkgs.follows = "nixpkgs";
hyprspace.url = "github:hyprspace/hyprspace";
hyprspace.inputs.nixpkgs.follows = "nixpkgs";
lanzaboote.url = "github:nix-community/lanzaboote";
lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
attic.url = "github:zhaofengli/attic";
attic.inputs.nixpkgs.follows = "nixpkgs";
}; };
outputs = { self, nixpkgs, home-manager, nixos-hardware, ... }@inputs: outputs = { self, nixpkgs, home-manager, nixos-hardware, ... }@inputs:
let let
@ -51,7 +40,6 @@
system = "x86_64-linux"; system = "x86_64-linux";
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
config.allowUnfreePredicate = pkg: lib.elem (lib.getName pkg) (import ./packages/unfree.nix);
}; };
deploy-rs-lib = inputs.deploy-rs.lib.${system}; deploy-rs-lib = inputs.deploy-rs.lib.${system};
@ -74,14 +62,14 @@
deploy.nodes = with deploy-rs-lib; { deploy.nodes = with deploy-rs-lib; {
TITAN = { TITAN = {
hostname = "titan.hyprspace"; hostname = "titan.hypr";
profiles.system = { profiles.system = {
user = "root"; user = "root";
path = activate.nixos self.nixosConfigurations.TITAN; path = activate.nixos self.nixosConfigurations.TITAN;
}; };
}; };
jericho = { jericho = {
hostname = "jericho.hyprspace"; hostname = "jericho.hypr";
profiles.system = { profiles.system = {
user = "root"; user = "root";
path = activate.nixos self.nixosConfigurations.jericho; path = activate.nixos self.nixosConfigurations.jericho;
@ -90,7 +78,8 @@
}; };
packages.${system} = import ./packages { packages.${system} = import ./packages {
inherit inputs pkgs; nixpkgs = pkgs;
inherit inputs;
}; };
defaultApp.${system} = { defaultApp.${system} = {
@ -105,14 +94,10 @@
homeConfigurations = { homeConfigurations = {
max = inputs.home-manager.lib.homeManagerConfiguration { max = inputs.home-manager.lib.homeManagerConfiguration {
inherit pkgs; inherit system;
modules = [ homeDirectory = "/home/max";
{ username = "max";
home.homeDirectory = "/home/max"; configuration.imports = [ ./users/max/home.nix ];
home.username = "max";
}
./users/max/home.nix
];
extraSpecialArgs = { inherit inputs; }; extraSpecialArgs = { inherit inputs; };
}; };
}; };

6
hosts/TITAN/default.nix
View file

@ -4,12 +4,10 @@ tools: {
extraHostNames = clientResolve "titan"; extraHostNames = clientResolve "titan";
}; };
hyprspace = { hypr = {
id = "QmfJ5Tv2z9jFv9Aocevyn6QqRcfm9eYQZhvYvmAVfACfuM"; id = "QmfJ5Tv2z9jFv9Aocevyn6QqRcfm9eYQZhvYvmAVfACfuM";
addr = "10.100.3.7";
listenPort = 443; listenPort = 443;
routes = [
"10.0.0.0/24"
];
}; };
nixos = import ./system.nix; nixos = import ./system.nix;

39
hosts/TITAN/extras/attic-upload-daemon.nix
View file

@ -1,39 +0,0 @@
{ config, pkgs, inputs, ... }:
let
toml = pkgs.formats.toml {};
atticConfig = toml.generate "attic-upload-config.toml" {
default-server = "cache";
servers.cache.endpoint = "https://cache-api.privatevoid.net";
};
inherit (inputs.attic.packages.${pkgs.system}) attic;
in
{
age.secrets.attic-upload-key = {
file = ../../../secrets/attic-upload-key.age;
mode = "0400";
};
systemd.services.attic-upload = {
description = "Attic Uploader";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
path = [ config.nix.package ];
environment.XDG_CONFIG_HOME = "/tmp/attic-upload";
preStart = ''
install -dm700 "$XDG_CONFIG_HOME/attic"
cp --no-preserve=mode ${atticConfig} "$XDG_CONFIG_HOME/attic/config.toml"
echo "token = \"$ATTIC_TOKEN\"" >> "$XDG_CONFIG_HOME/attic/config.toml"
'';
serviceConfig = {
ExecStart = "${attic}/bin/attic watch-store nix-store";
Restart = "always";
RestartSec = "10s";
DynamicUser = true;
EnvironmentFile = config.age.secrets.attic-upload-key.path;
};
};
}

21
hosts/TITAN/extras/cachix-upload-daemon.nix Normal file
View file

@ -0,0 +1,21 @@
{ config, pkgs, ... }:
{
age.secrets.cachix-upload-key = {
file = ../../../secrets/cachix-upload-key.age;
mode = "0400";
};
systemd.services.cachix-upload = {
description = "Cachix Uploader";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
path = [ config.nix.package ];
serviceConfig = {
ExecStart = "${pkgs.cachix}/bin/cachix watch-store max";
Restart = "always";
DynamicUser = true;
EnvironmentFile = config.age.secrets.cachix-upload-key.path;
};
};
}

45
hosts/TITAN/extras/fbi-downloader.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, ... }: { config, ... }:
{ {
age.secrets = { age.secrets = {
@ -6,6 +6,10 @@
file = ../../../secrets/transmission-rpc-password.age; file = ../../../secrets/transmission-rpc-password.age;
mode = "0400"; mode = "0400";
}; };
wireguard-key-upload = {
file = ../../../secrets/wireguard-key-upload.age;
mode = "0400";
};
}; };
users.groups.mediamanagers = { users.groups.mediamanagers = {
@ -17,9 +21,8 @@
enable = true; enable = true;
group = "mediamanagers"; group = "mediamanagers";
settings = { settings = {
download-dir = "/srv/data/download"; download-dir = "/srv/data/DOWNLOAD";
incomplete-dir = "/srv/data/download/.incomplete"; incomplete-dir = "/srv/data/DOWNLOAD/.incomplete";
incomplete-dir-enabled = false;
# being a leech # being a leech
speed-limit-up = 20; speed-limit-up = 20;
@ -31,13 +34,41 @@
utp-enabled = false; utp-enabled = false;
rpc-bind-address = "0.0.0.0"; rpc-bind-address = "0.0.0.0";
rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.*,10.100.1.*,10.100.3.*,100.64.*.*"; rpc-whitelist = "127.0.0.1,::1,10.100.0.1,10.100.0.*,10.100.1.*,10.100.3.*";
rpc-authentication-required = true; rpc-authentication-required = true;
}; };
credentialsFile = config.age.secrets.transmission-rpc-password.path; credentialsFile = config.age.secrets.transmission-rpc-password.path;
}; };
systemd.services.transmission = {
after = [ "mnt-media\\x2duploads.mount" ];
unitConfig = {
RequiresMountsFor = [ "/mnt/media-uploads" ];
};
serviceConfig = {
BindPaths = [ "/mnt/media-uploads" ];
};
};
networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ]; networking.firewall.interfaces.tungsten.allowedTCPPorts = [ 9091 ];
networking.wireguard = {
services.hyprspace.settings.services.fbi-download = "/tcp/${toString config.services.transmission.settings.rpc-port}"; enable = true;
interfaces.wgupload = {
ips = [ "10.150.0.2/24" ];
privateKeyFile = config.age.secrets.wireguard-key-upload.path;
allowedIPsAsRoutes = true;
peers = [
{
publicKey = "apKXnlMtcOe8WqCVXJAXEjzppN+qTmESlt0NjMTaclQ=";
allowedIPs = [ "10.150.0.0/24" ];
endpoint = "116.202.226.86:6969";
}
];
};
};
fileSystems."/mnt/media-uploads" = {
device = "10.150.0.254:/mnt/storage/media/media/uploads";
fsType = "nfs4";
noCheck = true;
options = [ "rsize=1024" "wsize=1024" "x-systemd.after=wireguard-wgupload.service" "x-systemd.mount-timeout=10s" ];
};
} }

9
hosts/TITAN/extras/nvidia-ml.nix
View file

@ -1,9 +0,0 @@
{ lib, ... }:
{
services.xserver.videoDrivers = lib.mkOptionDefault [ "nvidia" ];
hardware.nvidia = {
nvidiaPersistenced = true;
open = false;
};
}

9
hosts/TITAN/extras/vendor-reset.nix
View file

@ -1,9 +0,0 @@
{ config, ... }:
{
boot.extraModulePackages = [
config.boot.kernelPackages.vendor-reset
];
boot.initrd.kernelModules = [ "vendor-reset" ];
}

15
hosts/TITAN/hardware-configuration.nix
View file

@ -13,19 +13,11 @@
"usbhid" "usbhid"
"sd_mod" "sd_mod"
"sr_mod" "sr_mod"
"dm_cache_smq"
"dm_persistent_data"
"dm_bio_prison"
"dm_bufio"
"amdgpu"
"ddcci_backlight"
]; ];
boot.initrd.kernelModules = [ "dm_cache" ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
services.lvm.boot.thin.enable = true;
fileSystems."/" = { fileSystems."/" = {
device = "tmprootfs"; device = "tmprootfs";
fsType = "tmpfs"; fsType = "tmpfs";
@ -39,9 +31,8 @@
}; };
fileSystems."/srv/data" = { fileSystems."/srv/data" = {
device = "/dev/mapper/tank-shelf"; device = "/dev/disk/by-label/butter";
fsType = "xfs"; fsType = "btrfs";
neededForBoot = true;
}; };
fileSystems."/nix" = { fileSystems."/nix" = {

31
hosts/TITAN/system.nix
View file

@ -1,14 +1,12 @@
{ config, lib, pkgs, aspect, inputs, hosts, ... }: { config, pkgs, aspect, inputs, hosts, ... }:
{ {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./extras/attic-upload-daemon.nix ./extras/cachix-upload-daemon.nix
./extras/ddcci-backlight.nix ./extras/ddcci-backlight.nix
./extras/fbi-downloader.nix ./extras/fbi-downloader.nix
./extras/nvidia-ml.nix
./extras/vendor-reset.nix
(import ../../users "desktop").users.max (import ../../users "desktop").users.max
inputs.agenix.nixosModules.age inputs.agenix.nixosModules.age
] ]
@ -24,11 +22,11 @@
prowlarr prowlarr
]); ]);
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_6_6;
networking.hostName = "TITAN"; networking.hostName = "TITAN";
time.timeZone = "Europe/Vienna"; time.timeZone = "Europe/Vienna";
@ -39,31 +37,18 @@
keyMap = "de"; keyMap = "de";
}; };
services.xserver.xkb.layout = "de"; services.xserver.layout = "de";
services.xserver.libinput.enable = true;
services.openssh.enable = true; services.openssh.enable = true;
system.stateVersion = "22.05"; system.stateVersion = "20.09";
services.fstrim.enable = true; services.fstrim.enable = true;
users.mutableUsers = false; users.mutableUsers = false;
virtualisation.podman.enable = true; virtualisation.podman.enable = true;
services.xserver.displayManager.gdm.autoSuspend = false;
boot.tmp = {
useTmpfs = true;
tmpfsSize = "75%";
};
networking.nat = {
enable = true;
externalInterface = "enp24s0";
internalIPs = [
"100.64.0.0/16"
];
};
} }

52
hosts/default.nix
View file

@ -12,60 +12,32 @@ in with tools.dns; {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICz2nGA+Y4OxhMKsV6vKIns3hOoBkK557712h7FfWXcE"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICz2nGA+Y4OxhMKsV6vKIns3hOoBkK557712h7FfWXcE";
extraHostNames = subResolve "vegas" "backbone"; extraHostNames = subResolve "vegas" "backbone";
}; };
hyprspace = { hypr = {
id = "QmYs4xNBby2fTs8RnzfXEk161KD4mftBfCiR8yXtgGPj4J"; id = "QmYs4xNBby2fTs8RnzfXEk161KD4mftBfCiR8yXtgGPj4J";
routes = [ addr = "10.100.3.5";
"10.1.0.1/32"
"10.10.0.0/16"
];
}; };
}; };
prophet = { prophet = {
ssh.id = { ssh.id = {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAUG/ubwo68tt2jMP5ia0Sa4mnkWtlKVN5n4Y50U2nTC"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZ4FyGi69MksEn+UJZ87vw1APqiZmPNlEYIr0CbEoGv";
extraHostNames = subResolve "prophet" "node"; extraHostNames = subResolve "prophet" "node";
}; };
hyprspace = { hypr = {
id = "QmbrAHuh4RYcyN9fWePCZMVmQjbaNXtyvrDCWz4VrchbXh"; id = "QmbrAHuh4RYcyN9fWePCZMVmQjbaNXtyvrDCWz4VrchbXh";
routes = [ addr = "10.100.3.9";
"10.1.0.9/32"
];
}; };
}; };
checkmate = { styx = {
ssh.id = { ssh.id = {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINImnMfEzUBU5qiuu05DMPrddTGypOtr+cL1/yQN2GFn"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYLrmiuPK77cw71QNzG2zaWs6gsxmYuLyqsUrWMYLnk";
extraHostNames = subResolve "checkmate" "node"; extraHostNames = subResolve "styx" "services";
};
hyprspace = {
id = "12D3KooWL84sAtq1QTYwb7gVbhSNX5ZUfVt4kgYKz8pdif1zpGUh";
routes = [
"10.1.0.32/32"
];
}; };
}; };
grail = { AnimusAlpha = let extraHostNames = [ "alpha.animus.com" "animus.com" ]; in {
ssh.id = { ssh.id = {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBi5Fm2pmMBhRgJms+me1ldt9Vgj9cMSnB7UllSz3mpY"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGpFR47Ev+W+bdng6IrDVpl8rlKBBHSr1v5lwJmZcEFH";
extraHostNames = subResolve "grail" "node"; extraHostNames = portMap 69 extraHostNames;
};
hyprspace = {
id = "12D3KooWN31twBvdEcxz2jTv4tBfPe3mkNueBwDJFCN4xn7ZwFbi";
routes = [
"10.1.0.6/32"
];
};
};
thunderskin = {
ssh.id = {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV8TbMvGXfAp9R2I9GdR7aLlGjxh2CW1pCZjQSB4TJp";
extraHostNames = subResolve "thunderskin" "node";
};
hyprspace = {
id = "12D3KooWB9AUPorFoACkWbphyargRBV9osJsYuQDumtQ85j7Aqmg";
routes = [
"10.1.0.4/32"
];
}; };
ssh.extraConfig = tools.ssh.extraConfig extraHostNames [ "Port 69" ];
}; };
} }

3
hosts/jericho/default.nix
View file

@ -4,8 +4,9 @@ tools: {
extraHostNames = clientResolve "jericho"; extraHostNames = clientResolve "jericho";
}; };
hyprspace = { hypr = {
id = "QmccBLgGP3HR36tTkwSYZX3KDv2EXb1MvYwGVs6PbpbHv9"; id = "QmccBLgGP3HR36tTkwSYZX3KDv2EXb1MvYwGVs6PbpbHv9";
addr = "10.100.3.13";
}; };
nixos = import ./system.nix; nixos = import ./system.nix;

9
hosts/jericho/extras/custom-kernel.nix
View file

@ -1,9 +0,0 @@
{ config, lib, ... }:
{
boot.kernelPatches = lib.singleton {
name = "custom-kernel-config-${config.networking.hostName}";
patch = null;
extraConfig = builtins.readFile ./kernel-config.txt;
};
}

12
hosts/jericho/extras/fprint.nix
View file

@ -1,12 +0,0 @@
{ inputs, pkgs, ... }:
{
services.fprintd = {
enable = true;
};
security.pam.services = {
login.fprintAuth = false;
gdm-password.fprintAuth = false;
gdm-fingerprint.fprintAuth = true;
};
}

27
hosts/jericho/extras/kernel-clr.nix
View file

@ -2,15 +2,24 @@
{ {
boot.kernelPatches = let boot.kernelPatches = let
patch = pkgs.runCommand "kernel-clr-combined.patch" { pickPatch = x: "${inputs.kernel-clr}/${x}";
nativeBuildInputs = [ pkgs.gnugrep ]; patchFiles = map pickPatch [
} '' "0104-pci-pme-wakeups.patch"
cd ${inputs.kernel-clr} "0108-smpboot-reuse-timer-calibration.patch"
grep -o '^%patch[0-9]* ' linux.spec \ "0110-give-rdrand-some-credit.patch"
| grep -o '[0-9]*' \ "0111-ipv4-tcp-allow-the-memory-tuning-for-tcp-to-go-a-lit.patch"
| xargs -I '{}' grep '^Patch{}:' linux.spec \ "0118-add-scheduler-turbo3-patch.patch"
| cut -d" " -f2- | xargs cat >> $out "0119-use-lfence-instead-of-rep-and-nop.patch"
''; "0120-do-accept-in-LIFO-order-for-cache-efficiency.patch"
"0121-locking-rwsem-spin-faster.patch"
"itmt_epb.patch"
"mm-wakeups.patch"
"percpu-minsize.patch"
"socket.patch"
];
patches = map builtins.readFile patchFiles;
patchSet = builtins.concatStringsSep "\n" patches;
patch = pkgs.writeText "kernel-clr-combined.patch" patchSet;
in [{ in [{
inherit patch; inherit patch;
name = "Clear Linux* patchset"; name = "Clear Linux* patchset";

124
hosts/jericho/extras/kernel-config.txt
View file

@ -1,124 +0,0 @@
CAN n
CAIF n
AGP n
DRM_NOUVEAU n
DRM_VMWGFX n
DRM_AST n
DRM_MGAG200 n
DRM_QXL n
DRM_VIRTIO_GPU n
DRM_ETNAVIV n
DRM_CIRRUS_QEMU n
ACCESSIBILITY n
INFINIBAND n
HYPERV n
XEN_BALLOON n
XEN_DEV_EVTCHN n
XENFS n
XEN_SYS_HYPERVISOR n
XEN_GNTDEV n
XEN_GRANT_DEV_ALLOC n
XEN_PCIDEV_BACKEND n
XEN_PVCALLS_FRONTEND n
XEN_PVCALLS_BACKEND n
XEN_SCSI_BACKEND n
XEN_PRIVCMD n
XEN_ACPI_PROCESSOR n
GREYBUS n
SOUNDWIRE n
REISERFS_FS n
JFS_FS n
GFS2_FS n
OCFS2_FS n
NILFS2_FS n
ORANGEFS_FS n
ADFS_FS n
AFFS_FS n
BEFS_FS n
BFS_FS n
EFS_FS n
JFFS2_FS n
UBIFS_FS n
VXFS_FS n
MINIX_FS n
OMFS_FS n
HPFS_FS n
QNX4FS_FS n
QNX6FS_FS n
SYSV_FS n
KVM_AMD n
XEN_PCIDEV_FRONTEND n
VMD n
PCI_MESON n
PCCARD n
RAPIDIO n
GNSS n
MTD n
PARPORT n
BLK_DEV_SX8 n
CDROM_PKTCDVD n
ATA_OVER_ETH n
XEN_BLKDEV_FRONTEND n
XEN_BLKDEV_BACKEND n
FIREWIRE n
FIREWIRE_NOSY n
MACINTOSH_DRIVERS n
FDDI n
HIPPI n
NET_SB1000 n
SLIP n
XEN_NETDEV_FRONTEND n
XEN_NETDEV_BACKEND n
VMXNET3 n
DRM_RADEON n
DRM_AMDGPU n
MEMSTICK n
ATLAS_PH_SENSOR n
ATLAS_EZO_SENSOR n
BME680 n
CCS811 n
IAQCORE n
PMS7003 n
SCD30_CORE n
SCD4X n
SENSIRION_SGP30 n
SENSIRION_SGP40 n
SPS30_I2C n
SPS30_SERIAL n
SENSEAIR_SUNRISE_CO2 n
VZ89X n
IIO_CROS_EC_SENSORS_CORE n
AFE4403 n
AFE4404 n
MAX30100 n
MAX30102 n
AM2315 n
DHT11 n
HDC100X n
HDC2010 n
HID_SENSOR_HUMIDITY n
HTS221 n
HTU21 n
SI7005 n
SI7020 n
ABP060MG n
BMP280 n
DLHL60D n
DPS310 n
HID_SENSOR_PRESS n
HP03 n
ICP10100 n
MPL115_I2C n
MPL115_SPI n
MPL3115 n
MS5611 n
MS5637 n
IIO_ST_PRESS n
T5403 n
HP206C n
ZPA2326 n
IPACK_BUS n
PHY_CAN_TRANSCEIVER n
MCB n
FPGA n
SIOX n

18
hosts/jericho/extras/lanzaboote.nix
View file

@ -1,18 +0,0 @@
{ config, inputs, ... }:
{
imports = [
inputs.lanzaboote.nixosModules.lanzaboote
];
age.secrets.secureBootKey.file = ../../../secrets/secure-boot-private-key-jericho.age;
boot.lanzaboote = {
enable = true;
configurationLimit = 50;
publicKeyFile = ./secure-boot/db.pem;
# BUG: the bootloader installation runs before/without the activation script,
# so this key may not exist unless the system has been activated beforehand.
privateKeyFile = config.age.secrets.secureBootKey.path;
};
}

29
hosts/jericho/extras/secure-boot/db.pem
View file

@ -1,29 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIE+TCCAuGgAwIBAgIRAKeYRMV7Va8InQlau+W84swwDQYJKoZIhvcNAQELBQAw
LjEVMBMGA1UEBhMMRGF0YWJhc2UgS2V5MRUwEwYDVQQDEwxEYXRhYmFzZSBLZXkw
HhcNMjMwMTExMjE0MDEzWhcNMjgwMTExMjE0MDEzWjAuMRUwEwYDVQQGEwxEYXRh
YmFzZSBLZXkxFTATBgNVBAMTDERhdGFiYXNlIEtleTCCAiIwDQYJKoZIhvcNAQEB
BQADggIPADCCAgoCggIBALG4gvuyX8lX0HhbLxEkKmEh1ikjR6XxGhWEHePa+xhC
aCHpPdG4R4Q3U/PGNteaxhoFCRTo6TkUcU/WtoYb3CNcDZ51mtUHtY9KFY5A5Yki
yPnNT0W+LFP+vz9B1U+soHp1EA6HgbB/CGWvhmMHwZSzhMsOTsad7nZaiaBfzUmU
p6y616XfI2RzpIlctxQGWNOL0lpdOqCW247ujJdubezvuoXw5gS+6yUi5ssegPdu
UuQkZvgO9yNawISSPNNLj7TbmOC19mQ0q3KcangCCt8/93bbjdtlWMwaDoiWCtL5
e7+Fo/MlhRovcmcz2wPGUr4tn/64mTuMWHhK9CvyIPS3hf7oNGZEWeSdvp8ppaM5
OtocRkDmJjSS+45iEU+d6TTWMrK6s+Mx9UWWJDn/HqRnlmxW4E2eFRhuFRW6/SaB
SbY3X36GMzByj84A4qKwkUGBCK9UZnflXiPv/KSumyg5wmQU4ulAirpMsGP6o78F
vKE8j8avHfC70LPuv9o+pgecp9F7Kg5f6ywGPfXSxv054znV6ZMxpUa0NjLEMp57
2PVfd3EeifgY4M4T5/wQulp8vxN9ipqD/toro16gRB2/Cb1o5FtwV9Fe4/ndVfUA
m8bnG2zo0iLU15L1iTW4vdDZp40BZhzptaz2Xuykqum+BK+8idNtZ8xG5Fy+rED3
AgMBAAGjEjAQMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAgEAIJSY
Lp9/84FJv0/QSBJwI9Ly6p2lobaaZqsUVrOHYqz1Q6VU3zhhTbIYsdfiq/RJY/Dq
w7qPPHwDN9+MgeKPN89q/kXZcZGxO+mT+eAjNBzJUJ3dUfuuoDRgQQEzVd9jUmEA
F39SPZWoa4lefLNdKk7tGu/8T6wmXk03q/RHsG4xWHn4fLdg9XHI4g5o2W9Vorf/
Y2Tz+oQTSipRrqX7lZ0xHGriWp4qTHikBsunzZ/krupSCvAahzG+fDnNYuNHj1FX
/bsITw/2NU7xzJXIRI2+VPTRIppSyZ5hvRBrwfA7mVdRq2HjT0wIRfjnppJvNrOQ
iBKZb/q7shy7bq35SSLpnAQk4ne0BAqPbJP31UxZZ7lzSvynGCUQDwM7A50OkGLC
V9+ov+44+0NN7gCvXhhd8uPuunBTa9zv2gcnoBIy51KvBTxFZ4LOHeU9esPc7W/z
qVaU+yOP3lUJI0Ou285zkP1xhkJyLqv2WlfuXbNxBi3ZmAckrQTjh2llOjSBdy8F
Ce14ni9ybLiIouiEFtBEvDN4jMudDpL04zCuT9amkfznooQsak3T7QrvHl52qLDp
HLOtegwnn8M1ivoqmM6eValayBKN/2gFjHpHmZQmf7J636UNvs6FIvpsPznj+L7a
uJmcfil84qaqDLTNQJfIAyPvOqdnwFO8FiNuAQE=
-----END CERTIFICATE-----

10
hosts/jericho/hardware-configuration.nix
View file

@ -18,6 +18,16 @@
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/home" = {
device = "/dev/disk/by-partlabel/home";
fsType = "xfs";
};
fileSystems."/srv/data" = {
device = "/dev/disk/by-partlabel/data";
fsType = "xfs";
};
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.sensor.iio.enable = true; hardware.sensor.iio.enable = true;
} }

16
hosts/jericho/system.nix
View file

@ -3,11 +3,8 @@
{ {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./extras/custom-kernel.nix
./extras/fprint.nix
./extras/i915-dp-hdmi-always-full-color-patch.nix ./extras/i915-dp-hdmi-always-full-color-patch.nix
./extras/kernel-clr.nix ./extras/kernel-clr.nix
./extras/lanzaboote.nix
./extras/thermal.nix ./extras/thermal.nix
(import ../../users "desktop").users.max (import ../../users "desktop").users.max
inputs.nixos-hardware.nixosModules.dell-xps-13-7390 inputs.nixos-hardware.nixosModules.dell-xps-13-7390
@ -16,21 +13,24 @@
++ aspect.sets.laptop ++ aspect.sets.laptop
++ (with aspect.modules; [ games ]); ++ (with aspect.modules; [ games ]);
boot.kernelPackages = pkgs.linuxPackagesFor (pkgs.linux_6_9.override { boot.kernelPackages = pkgs.linuxPackages_latest;
ignoreConfigErrors = true;
});
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "jericho"; networking.hostName = "jericho";
time.timeZone = "Europe/Vienna";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
console = { console = {
font = ""; font = "";
keyMap = "us"; keyMap = "us";
}; };
services.xserver.xkb.layout = "us"; services.xserver.layout = "us";
services.xserver.libinput.enable = true;
services.openssh.enable = true; services.openssh.enable = true;
@ -38,6 +38,6 @@
services.fstrim.enable = true; services.fstrim.enable = true;
services.kubo.dataDir = "/srv/data/ipfs"; services.ipfs.dataDir = "/srv/data/ipfs";
} }

2
hosts/tools.nix
View file

@ -10,7 +10,7 @@
]; ];
findResolve = list: dnameResolve (append "find" list) ++ append "f.void" list; findResolve = list: dnameResolve (append "find" list) ++ append "f.void" list;
dnameResolve = list: append "private.void" list ++ append "privatevoid.net" list; dnameResolve = list: append "private.void" list ++ append "privatevoid.net" list;
vpnResolve = list: dnameResolve (append "vpn" list) ++ (append "hyprspace" list); vpnResolve = list: dnameResolve (append "vpn" list) ++ (append "hypr" list);
llmnrResolve = append "local"; llmnrResolve = append "local";
append = part: map (x: "${x}.${part}"); append = part: map (x: "${x}.${part}");
portMap = port: map (x: "[${x}]:${builtins.toString port}"); portMap = port: map (x: "[${x}]:${builtins.toString port}");

23
modules/autopatch/default.nix
View file

@ -8,28 +8,43 @@
inherit (patched) inherit (patched)
ddcci-driver-with-global-control ddcci-driver-with-global-control
kubo kooha
nerdfonts-terminus nerdfonts-terminus
oni2
terminus_font_fancy terminus_font_fancy
libfprint webkitgtk
fprintd
; ;
doas = patched.doas-interactive; doas = patched.doas-interactive;
ipfs = patched.lain-ipfs;
hydra-unstable = patched.hydra; hydra-unstable = patched.hydra;
nix-direnv = super.nix-direnv.override { nix-direnv = super.nix-direnv.override {
nix = config.nix.package; nix = config.nix.package;
}; };
} // lib.optionalAttrs config.krb5.enable {
bind = patched.kerberized-bind;
dnsutils = patched.kerberized-dnsutils;
dig = patched.kerberized-dig;
} // lib.optionalAttrs config.services.xserver.desktopManager.gnome.enable { } // lib.optionalAttrs config.services.xserver.desktopManager.gnome.enable {
ungoogled-chromium = super.ungoogled-chromium.override { ungoogled-chromium = super.ungoogled-chromium.override {
commandLineArgs = "--enable-features=OverlayScrollbar,OverlayScrollbarFlashAfterAnyScrollUpdate,OverlayScrollbarFlashWhenMouseEnter --auth-server-whitelist=*privatevoid.net"; commandLineArgs = "--enable-features=OverlayScrollbar,OverlayScrollbarFlashAfterAnyScrollUpdate,OverlayScrollbarFlashWhenMouseEnter --auth-server-whitelist=*privatevoid.net";
}; };
inherit (patched) gnome-control-center nautilus; gnome = super.gnome.overrideScope' (self': super': {
inherit (patched) nautilus;
gnome-control-center = patched.gnome-control-center.override { inherit (self') gnome-user-share; };
});
tilix = patched.tilix-high-refresh-rate;
})) }))
]; ];
} }

23
modules/brig/default.nix
View file

@ -1,23 +0,0 @@
{ pkgs, config, inputs, ... }:
let
inherit (inputs.self.packages.${pkgs.system}) brig;
in
{
environment.systemPackages = [ brig ];
systemd.user.services.brig = {
description = "Brig Daemon";
wantedBy = [ "gnome-session.target" ];
path = [ "/run/wrappers" config.services.kubo.package ];
serviceConfig = {
ExecStart = "${brig}/bin/brig --repo %h/.brig daemon launch";
#ExecStartPost = "${brig}/bin/brig fstab apply";
Restart = "always";
Slice = "background.slice";
SyslogIdentifier = "brig";
};
environment = {
inherit (config.environment.variables) IPFS_PATH;
};
};
}

21
modules/cockpit/default.nix
View file

@ -1,21 +0,0 @@
{ pkgs, ... }:
let
port = 31350;
in
{
services.cockpit = {
enable = true;
inherit port;
package = pkgs.cockpit.overrideAttrs {
postFixup = ''
for package in apps kdump packagekit playground selinux sosreport; do
rm -rf $out/share/cockpit/$package
done
'';
};
};
services.hyprspace.settings.services.manage = "/tcp/${toString port}";
}

15
modules/default.nix
View file

@ -3,16 +3,13 @@ with builtins;
let let
aspects = [ aspects = [
./autopatch ./autopatch
./brig
./cockpit
./desktop ./desktop
./enterprise
./firewall ./firewall
./games ./games
./hardened ./hardened
./hyprspace ./hyprspace
./idm ./ipfs-lain
./impurity-logger
./ipfs
./jackett ./jackett
./laptop-config ./laptop-config
./lidarr ./lidarr
@ -27,7 +24,6 @@ let
./shell-config ./shell-config
./sound ./sound
./ssh ./ssh
./xr
]; ];
mappedAspects = map (x: { name = baseNameOf x; value = import x; }) aspects; mappedAspects = map (x: { name = baseNameOf x; value = import x; }) aspects;
in rec { in rec {
@ -35,15 +31,13 @@ in rec {
sets = with modules; rec { sets = with modules; rec {
base = [ base = [
autopatch autopatch
cockpit enterprise
hardened hardened
idm
impurity-logger
]; ];
networking = [ firewall ssh ]; networking = [ firewall ssh ];
client-networking = networking ++ [ networking-client nm-vdns-auto ipfs hyprspace ]; client-networking = networking ++ [ networking-client nm-vdns-auto ipfs-lain hyprspace ];
desktop = [ desktop = [
modules.desktop modules.desktop
@ -53,7 +47,6 @@ in rec {
nix-config nix-config
shell-config shell-config
sound sound
xr
] ++ base ++ client-networking; ] ++ base ++ client-networking;
laptop = desktop ++ [ laptop-config ]; laptop = desktop ++ [ laptop-config ];

5
modules/desktop/bluetooth.nix
View file

@ -1,5 +0,0 @@
{
hardware.bluetooth.settings = {
General.Experimental = true;
};
}

68
modules/desktop/default.nix
View file

@ -6,13 +6,6 @@
in { in {
imports = [ imports = [
./package-sets.nix ./package-sets.nix
./nixpak-tricks.nix
./hidden-apps.nix
./helix-desktop.nix
./open-in-blackbox.nix
./bluetooth.nix
./pkexec.nix
./security.nix
]; ];
services.xserver = { services.xserver = {
@ -27,57 +20,20 @@ in {
programs.adb.enable = true; programs.adb.enable = true;
environment.gnome.excludePackages = with pkgs; [ environment.gnome.excludePackages = with pkgs.gnome; [
cheese
gnome-logs gnome-logs
gnome-music gnome-music
gnome-console
gnome-photos
gnome-tour
orca
snapshot
totem totem
yelp pkgs.gnome-photos
];
desktop.hiddenApps = [
"startcenter.desktop" # LibreOffice Start Center
"xsltfilter.desktop" # LibreOffice XSLT based filters
"xterm.desktop"
"cups.desktop"
"scrcpy-console.desktop"
# all the Krita mimetype stuff
"krita_brush.desktop"
"krita_csv.desktop"
"krita_exr.desktop"
"krita_gif.desktop"
"krita_heif.desktop"
"krita_heightmap.desktop"
"krita_jp2.desktop"
"krita_jpeg.desktop"
"krita_jxl.desktop"
"krita_kra.desktop"
"krita_krz.desktop"
"krita_ora.desktop"
"krita_pdf.desktop"
"krita_png.desktop"
"krita_psd.desktop"
"krita_qimageio.desktop"
"krita_raw.desktop"
"krita_spriter.desktop"
"krita_svg.desktop"
"krita_tga.desktop"
"krita_tiff.desktop"
"krita_webp.desktop"
"krita_xcf.desktop"
]; ];
environment.variables = { environment.variables = {
EDITOR = "hx"; EDITOR = "nvim";
SSH_ASKPASS = lib.mkForce ""; SSH_ASKPASS = lib.mkForce "";
}; };
fonts.packages = with pkgs; [ fonts.fonts = with pkgs; [
terminus_font_fancy terminus_font_fancy
terminus_font_ttf terminus_font_ttf
nerdfonts-terminus nerdfonts-terminus
@ -87,10 +43,9 @@ in {
security = { security = {
sudo.enable = false; sudo.enable = false;
doas.enable = true; doas.enable = true;
doas.extraRules = lib.mkForce [ rec { doas.extraRules = [{
groups = [ "wheel" ]; groups = [ "wheel" ];
noPass = !config.services.fprintd.enable; noPass = true;
persist = !noPass;
}]; }];
}; };
@ -117,16 +72,11 @@ in {
services.packagekit.enable = lib.mkForce false; services.packagekit.enable = lib.mkForce false;
programs.gnome-terminal.enable = false; programs.gnome-terminal.enable = false;
qt = { qt5 = {
enable = true; enable = true;
platformTheme = "gtk2"; platformTheme = "gtk2";
style = "gtk2"; style = "gtk2";
}; };
virtualisation.libvirtd = { virtualisation.libvirtd.enable = true;
enable = true;
qemu.package = pkgs.qemu_kvm;
};
services.printing.drivers = with pkgs; [ hplip gutenprint ];
} }

58
modules/desktop/helix-desktop.nix
View file

@ -1,58 +0,0 @@
{ pkgs, ... }:
let
helixDesktop = pkgs.makeDesktopItem {
name = "net.privatevoid.HelixDesktop";
desktopName = "Helix";
comment = "Helix Editor";
mimeTypes = [
"text/plain"
"application/x-zerosize"
"inode/directory"
];
inherit icon;
tryExec = "hx";
exec = ''${hxOpenHandler} %F'';
};
icon = pkgs.fetchurl {
name = "helix-logo.svg";
url = "https://raw.githubusercontent.com/helix-editor/helix/d1a4bd876b3ae646693c0905d7f29b636e2e5033/logo.svg";
sha256 = "sha256-1XBrlGbCfkfYhIZuQ9eDBgDoohup/gQ9VZynEerUqcY=";
};
hxOpenHandler = pkgs.writeShellScript "hx-open-handler" ''
isDir () { test -d "$1"; }
isFile () { test -f "$1"; }
findAnyDir () {
for f in "$@"; do
if test -d "$f"; then
echo "$f"
return 0
fi
done
return 1
}
if [[ "$#" == 0 ]]; then
exec blackbox -w "$HOME" -c hx
elif [[ "$#" == 1 ]]; then
isDir "$1" && exec blackbox -w "$1" -c "hx ."
isFile "$1" && exec blackbox -w "$(dirname "$1")" -c "hx '$1'"
else
firstDir="$(findAnyDir "$@")"
findAnyDirStatus="$?"
if [[ "$findAnyDirStatus" == 0 ]]; then
exec blackbox -w "$firstDir" -c "hx ."
else
# magic: find common base directory
workDir="$(dirname "$@" | sed -e 'N;s/^\(.*\).*\n\1.*$/\1\n\1/;D')"
args=("$@")
exec blackbox -w "$workDir" -c "hx ''${args[*]@Q}"
fi
fi
'';
in
{
environment.systemPackages = [ helixDesktop ];
}

31
modules/desktop/hidden-apps.nix
View file

@ -1,31 +0,0 @@
{ config, lib, pkgs, ... }:
let
inherit (config.desktop) hiddenApps;
hiddenDesktopFile = pkgs.writeText "hidden.desktop" ''
[Desktop Entry]
Hidden=true
NoDisplay=true
'';
hiddenAppsPackage = pkgs.runCommandLocal "hidden-apps" {} ''
mkdir -p $out/share/applications
for app in ${lib.escapeShellArgs hiddenApps}; do
ln -sf ${hiddenDesktopFile} "$out/share/applications/$app"
done
'';
in
{
options.desktop = {
hiddenApps = lib.mkOption {
type = with lib.types; listOf str;
default = [];
};
};
config = lib.mkIf (hiddenApps != []) {
environment.systemPackages = [
(lib.hiPrio hiddenAppsPackage)
];
};
}

32
modules/desktop/nixpak-tricks.nix
View file

@ -1,32 +0,0 @@
{ pkgs, ... }:
let
# tricks xdg-document-portal into not using the document portal for pointless things
# note that we report read-write even if the access is supposed to be read-only,
# because ticking the checkbox in the dialog every time is annoying, ro status
# is enforced by the sandbox anyway
# example call: flatpak info --file-access=/srv/file.txt com.nixpak.Whatever
documentPortalFileAccessTrick = pkgs.writeShellScriptBin "flatpak" ''
[[ "$1" == "info" ]] || exit 1
case "$3" in
org.chromium.Chromium)
case "''${2#--file-access=}" in
$HOME/Downloads*) echo read-write;;
*) echo hidden;;
esac;;
io.bassi.Amberol)
case "''${2#--file-access=}" in
$HOME/Music*) echo read-write;;
/srv/data/music*) echo read-write;;
*) echo hidden;;
esac;;
*)
echo hidden;;
esac
'';
in
{
environment.systemPackages = [
documentPortalFileAccessTrick
];
}

18
modules/desktop/open-in-blackbox.nix
View file

@ -1,18 +0,0 @@
{ pkgs, ... }:
let
openInBlackBox = pkgs.makeDesktopItem {
name = "net.privatevoid.OpenInBlackBox";
desktopName = "Black Box";
noDisplay = true;
mimeTypes = [ "inode/directory" ];
icon = "com.raggesilver.BlackBox";
startupNotify = false;
tryExec = "blackbox";
exec = "blackbox -w %f";
};
in
{
environment.systemPackages = [ openInBlackBox ];
}

57
modules/desktop/package-sets.nix
View file

@ -1,9 +1,10 @@
{ pkgs, inputs, lib, ... }: let { pkgs, config, inputs, lib, ... }: let
custom = inputs.self.packages.${pkgs.system}; sets = with pkgs; rec {
editor = [
sets = with pkgs; { inputs.modular-nvim.defaultPackage.x86_64-linux
];
writing = [ writing = [
(apostrophe.override { texliveMedium = pkgs.emptyDirectory; }) apostrophe
libreoffice libreoffice
]; ];
drawing = [ drawing = [
@ -11,7 +12,7 @@
gimp gimp
inkscape inkscape
krita krita
rnote xournalpp
]; ];
cli-utils = [ cli-utils = [
bat bat
@ -26,45 +27,31 @@
xh xh
]; ];
www = [ www = [
custom.ungoogled-chromium ungoogled-chromium
]; ];
gui-apps = with custom; [ gui-apps = with inputs.self.packages.x86_64-linux; [
amberol identity
blackbox-high-refresh-rate
cavalier
denaro
deja-dup
dialect
obfuscate obfuscate
fragments-remote ] ++ [
tubefeeder
wike
celluloid celluloid
easyeffects
endeavour
gnome-firmware-updater gnome-firmware-updater
gnome-podcasts gnome-podcasts
dconf-editor gnome.dconf-editor
gnome-boxes gnome.gnome-boxes
gnome-sound-recorder gnome.gnome-todo
gnome-tweaks gnome.gnome-tweaks
nautilus-python gnome.nautilus-python
jellyfin-media-player kooha
junction lollypop
newsflash
pavucontrol pavucontrol
scrcpy scrcpy
vaults tilix
virt-manager virt-manager
warp
]; ];
dev-tools = [ dev-tools = [
d-spy bustle
emblem gnome-builder
sysprof inputs.self.packages.x86_64-linux.neovim-gtk
textpieces
custom.git-remote-ipld
custom.webfont-kit-generator
]; ];
system = with pkgs.gnomeExtensions; [ system = with pkgs.gnomeExtensions; [
appindicator appindicator

16
modules/desktop/pkexec.nix
View file

@ -1,16 +0,0 @@
{
security.polkit.extraConfig = /*javascript*/ ''
polkit.addRule(function(action, subject) {
if (
action.id == "org.freedesktop.policykit.exec" &&
subject.isInGroup("wheel")
) {
if (subject.active) {
return polkit.Result.AUTH_SELF_KEEP;
} else {
return polkit.Result.AUTH_SELF;
}
}
});
'';
}

3
modules/desktop/security.nix
View file

@ -1,3 +0,0 @@
{
programs.yubikey-touch-detector.enable = true;
}

30
modules/enterprise/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ pkgs, config, inputs, ... }:
let
orgDomain = "privatevoid.net";
orgRealm = "PRIVATEVOID.NET";
in {
krb5 = {
enable = true;
domain_realm = {
${orgDomain} = orgRealm;
".${orgDomain}" = orgRealm;
};
libdefaults = {
default_realm = orgRealm;
dns_lookup_kdc = true;
rdns = false;
forwardable = true;
default_ccache_name = "KEYRING:persistent:%{uid}";
pkinit_anchors = "FILE:${inputs.self.packages.x86_64-linux.privatevoid-smart-card-ca-bundle}";
};
realms = {
"${orgRealm}" = rec {
kdc = "authsys.virtual-machines.privatevoid.net";
admin_server = kdc;
kpasswd_server = kdc;
default_domain = orgDomain;
};
};
};
services.pcscd.enable = true;
}

2
modules/games/default.nix
View file

@ -1,6 +1,6 @@
{ pkgs, config, ... }: { pkgs, config, ... }:
{ {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
hardware.graphics.enable32Bit = true; hardware.opengl.driSupport32Bit = true;
programs.steam.enable = true; programs.steam.enable = true;
} }

82
modules/hyprspace/default.nix
View file

@ -1,55 +1,75 @@
{ inputs, pkgs, lib, hosts, config, ... }: { inputs, pkgs, lib, hosts, config, ... }:
let let
inherit (config.networking) hostName; inherit (config.networking) hostName;
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hyprspace) hosts; inherit (inputs.self.packages.${pkgs.system}) hyprspace;
peersFormatted = builtins.mapAttrs (name: x: { hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hypr) hosts;
inherit name; peersFormatted = builtins.mapAttrs (_: x: { "${x.hypr.addr}".id = x.hypr.id; }) hyprspaceCapableNodes;
inherit (x.hyprspace) id;
routes = map (net: { inherit net; }) (x.hyprspace.routes or []);
}) hyprspaceCapableNodes;
peersFiltered = lib.filterAttrs (name: _: name != hostName) peersFormatted; peersFiltered = lib.filterAttrs (name: _: name != hostName) peersFormatted;
peerList = builtins.attrValues peersFiltered; buildHyprspacePeerList = peers: pkgs.writeText "hyprspace-peers.yml" (builtins.toJSON peers);
peers = lib.foldAttrs (n: _: n) null (builtins.attrValues peersFiltered);
peerList = buildHyprspacePeerList peers;
myNode = hosts.${hostName}; myNode = hosts.${hostName};
listenPort = myNode.hyprspace.listenPort or 8001; listenPort = myNode.hypr.listenPort or 8001;
precedingConfig = pkgs.writeText "hyprspace-interface.yml" ''
interface:
name: hyprspace
listen_port: ${builtins.toString listenPort}
id: ${myNode.hypr.id}
address: ${myNode.hypr.addr}/24
private_key: !!binary |
'';
privateKeyFile = config.age.secrets.hyprspace-key.path; privateKeyFile = config.age.secrets.hyprspace-key.path;
runConfig = "/run/hyprspace.yml";
in { in {
imports = [ networking.hosts = lib.mapAttrs' (k: v: lib.nameValuePair (v.hypr.addr) ([k "${k}.hypr"])) hyprspaceCapableNodes;
inputs.hyprspace.nixosModules.default
];
age.secrets.hyprspace-key = { age.secrets.hyprspace-key = {
file = ../../secrets/hyprspace-key- + "${hostName}.age"; file = ../../secrets/hyprspace-key- + "${hostName}.age";
mode = "0400"; mode = "0400";
}; };
age.secrets.ipfs-swarm-key = {
file = ../../secrets/ipfs-swarm-key.age;
mode = "0400";
};
systemd.services.hyprspace = { systemd.services.hyprspace = {
environment = lib.optionalAttrs config.services.kubo.enable {
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
};
};
services.hyprspace = {
enable = true; enable = true;
inherit privateKeyFile; wantedBy = [ "multi-user.target" ];
settings = { wants = [ "network-online.target" ];
listenAddresses = let after = [ "network-online.target" ];
port = toString listenPort; preStart = ''
in [ test -e ${runConfig} && rm ${runConfig}
"/ip4/0.0.0.0/tcp/${port}" touch ${runConfig}
"/ip4/0.0.0.0/udp/${port}/quic-v1" chmod 0600 ${runConfig}
"/ip6/::/tcp/${port}"
"/ip6/::/udp/${port}/quic-v1" cat ${precedingConfig} >> ${runConfig}
]; sed 's/^/ /g' ${privateKeyFile} >> ${runConfig}
peers = peerList; echo -n 'peers: ' >> ${runConfig}
cat ${peerList} >> ${runConfig}
chmod 0400 ${runConfig}
'';
environment.HYPRSPACE_SWARM_KEY = config.age.secrets.ipfs-swarm-key.path;
serviceConfig = {
ExecStart = "${hyprspace}/bin/hyprspace up hyprspace -f -c ${runConfig}";
ExecStop = "${hyprspace}/bin/hyprspace down hyprspace";
}; };
}; };
networking.firewall = {
allowedTCPPorts = [ listenPort ];
allowedUDPPorts = [ listenPort ];
trustedInterfaces = [ "hyprspace" ];
};
networking.networkmanager.dispatcherScripts = [{ networking.networkmanager.dispatcherScripts = [{
source = pkgs.writeShellScript "hyprspace-reconnect.sh" '' source = pkgs.writeShellScript "hyprspace-reconnect.sh" ''
[[ "$2" != "up" ]] && exit 0 [[ "$2" != "up" ]] && exit 0
PATH=${pkgs.systemd}/bin:$PATH PATH=${pkgs.systemd}/bin:$PATH
case $1 in case $1 in
wl*|en*) wl*|en*)
systemctl reload-or-restart --no-block hyprspace.service;; if systemctl is-active hyprspace.service; then
${builtins.concatStringsSep "\n" (map (peer: "/run/wrappers/bin/ping -qnA -c3 -W1 ${peer} && exit") (builtins.attrNames peers))}
fi
systemctl restart --no-block hyprspace.service;;
esac esac
exit 0 exit 0
''; '';

25
modules/idm/default.nix
View file

@ -1,25 +0,0 @@
{ pkgs, ... }:
{
services.kanidm = {
enableClient = true;
clientSettings = {
uri = "https://idm.privatevoid.net";
};
};
environment.systemPackages = let
idmAlias = pkgs.runCommand "kanidm-idm-alias" {} ''
mkdir -p $out/bin
ln -s ${pkgs.kanidm}/bin/kanidm $out/bin/idm
mkdir -p $out/share/bash-completion/completions
cat >$out/share/bash-completion/completions/idm.bash <<EOF
source ${pkgs.kanidm}/share/bash-completion/completions/kanidm.bash
complete -F _kanidm -o bashdefault -o default idm
EOF
mkdir -p $out/share/zsh/site-functions
cp ${pkgs.kanidm}/share/zsh/site-functions/_kanidm $out/share/zsh/site-functions/_idm
substituteInPlace $out/share/zsh/site-functions/_idm --replace kanidm idm
'';
in [ idmAlias ];
}

15
modules/impurity-logger/default.nix
View file

@ -1,15 +0,0 @@
{ config, lib, pkgs, ... }:
let
mkTracer = name: target: exe: lib.getExe (pkgs.writeShellScriptBin name ''
echo "PID $PPID executed ${target}" |& ${config.systemd.package}/bin/systemd-cat --identifier=impurity >/dev/null 2>/dev/null
exec -a "$0" '${exe}' "$@"
'');
in
{
environment = {
usrbinenv = mkTracer "env" "/usr/bin/env" "${pkgs.coreutils}/bin/env";
binsh = mkTracer "sh" "/bin/sh" "${pkgs.bashInteractive}/bin/sh";
};
}

60
modules/ipfs-lain/default.nix Normal file
View file

@ -0,0 +1,60 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.ipfs;
ipfsApi = pkgs.writeTextDir "api" "/ip4/127.0.0.1/tcp/5001";
in {
services.ipfs = {
enable = true;
localDiscovery = true;
autoMount = true;
startWhenNeeded = false;
enableGC = true;
extraFlags = [ "--enable-pubsub-experiment" "--enable-namesys-pubsub" ];
extraConfig = {
Bootstrap = [
"/ip4/95.216.8.12/tcp/4001/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo"
"/ip4/51.38.87.150/tcp/4001/p2p/12D3KooWDUgNsoLVauCDpRAo54mc4whoBudgeXQnZZK2iVYhBLCN"
];
};
};
systemd.services.ipfs.environment.LIBP2P_FORCE_PNET = "1";
systemd.sockets = {
ipfs-api.enable = false;
ipfs-gateway.enable = false;
};
environment = {
variables.IPFS_PATH = lib.mkForce "${ipfsApi}";
shellAliases = {
ipfs-admin = "doas -u ${cfg.user} env IPFS_PATH=${cfg.dataDir} ipfs";
f = "ipfs files";
};
};
networking.firewall.allowedTCPPorts = [ 4001 ];
environment.systemPackages = lib.singleton (pkgs.writeShellScriptBin "share" ''
PATH=${cfg.package}/bin:$PATH
set -e
cid=$(ipfs add -Qrp --pin=false "$@")
test -n $cid || exit 0
echo -e "\n\n IPFS path: /ipfs/$cid"
echo -e " Web link: https://$(ipfs cid base32 $cid).ipfs.privatevoid.net\n"
'');
networking.networkmanager.dispatcherScripts = [{
source = pkgs.writeShellScript "nm-ipfs-reconnect.sh" ''
[[ "$2" != "up" ]] && exit 0
PATH=${pkgs.systemd}/bin:${pkgs.findutils}/bin:${cfg.package}/bin:$PATH
export IPFS_PATH=${ipfsApi}
systemctl is-active ipfs.service || exit 0
case $1 in
wl*|en*)
ipfs swarm peers | xargs -P4 -n1 timeout 3 ipfs swarm disconnect
ipfs bootstrap | xargs -P4 -n1 timeout 10 ipfs swarm connect
esac
exit 0
'';
type = "basic";
}];
}

197
modules/ipfs/default.nix
View file

@ -1,197 +0,0 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.kubo;
ipfsApi = pkgs.writeTextDir "api" "/ip4/127.0.0.1/tcp/5001";
peeringPeers = [
{
ID = "Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo";
Addrs = [
"/ip4/95.216.8.12/udp/110/quic"
"/ip4/95.216.8.12/tcp/110"
];
}
{
ID = "12D3KooWQWsHPUUeFhe4b6pyCaD1hBoj8j6Z7S7kTznRTh1p1eVt";
Addrs = [
"/ip4/152.67.79.222/udp/110/quic"
"/ip4/152.67.79.222/tcp/110"
];
}
];
in {
services.kubo = {
enable = true;
localDiscovery = true;
autoMount = true;
startWhenNeeded = false;
enableGC = true;
extraFlags = [ "--enable-pubsub-experiment" "--enable-namesys-pubsub" ];
settings = {
Addresses = {
Swarm = [
"/ip4/0.0.0.0/tcp/4001"
"/ip4/0.0.0.0/tcp/110"
"/ip4/0.0.0.0/udp/4001/quic"
"/ip4/0.0.0.0/udp/110/quic"
];
API = "/ip4/127.0.0.1/tcp/5001";
};
Peering.Peers = peeringPeers;
Bootstrap = (lib.flatten (map (p: map (a: "${a}/p2p/${p.ID}") p.Addrs) peeringPeers)) ++ [
"/dnsaddr/bootstrap.libp2p.io/p2p/12D3KooWEZXjE41uU4EL2gpkAQeDXYok6wghN7wwNVPF5bwkaNfS"
"/dnsaddr/bootstrap.libp2p.io/p2p/QmcZf59bWwK5XFi76CZX8cbJ4BhTzzA3gU1ZjYZcYW3dwt"
"/dnsaddr/bootstrap.libp2p.io/p2p/QmZa1sAxajnQjVM8WjWXoMbmPd7NsWhfKsPkErzpm9wGkp"
"/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN"
"/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb"
"/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa"
];
Datastore = {
BloomFilterSize = 0;
GCPeriod = "1h";
HashOnRead = false;
NoSync = true;
Spec = {
mounts = [];
child = {
path = "badgerds";
syncWrites = false;
truncate = true;
type = "badgerds";
};
prefix = "badger.datastore";
type = "measure";
};
StorageGCWatermark = 90;
StorageMax = "200GB";
};
Routing = {
Type = "custom";
Routers = {
LanDHT = {
Type = "dht";
Parameters = {
Mode = "auto";
PublicIPNetwork = false;
AcceleratedDHTClient = false;
};
};
WanDHT = {
Type = "dht";
Parameters = {
Mode = "auto";
PublicIPNetwork = true;
AcceleratedDHTClient = false;
};
};
CidContact = {
Type = "http";
Parameters.Endpoint = "https://cid.contact";
};
PrivateVoid = {
Type = "http";
Parameters.Endpoint = "https://p2p.privatevoid.net";
};
AllDHT = {
Type = "parallel";
Parameters.Routers = [
{
RouterName = "WanDHT";
IgnoreErrors = false;
Timeout = "30s";
}
{
RouterName = "LanDHT";
IgnoreErrors = false;
Timeout = "10s";
}
];
};
Parallel = {
Type = "parallel";
Parameters.Routers = [
{
RouterName = "WanDHT";
IgnoreErrors = false;
Timeout = "30s";
}
{
RouterName = "LanDHT";
IgnoreErrors = false;
Timeout = "10s";
}
{
RouterName = "CidContact";
IgnoreErrors = true;
Timeout = "10s";
ExecuteAfter = "3s";
}
{
RouterName = "PrivateVoid";
IgnoreErrors = true;
Timeout = "5s";
ExecuteAfter = "200ms";
}
];
};
};
Methods = {
find-peers.RouterName = "Parallel";
find-providers.RouterName = "Parallel";
get-ipns.RouterName = "Parallel";
put-ipns.RouterName = "Parallel";
provide.RouterName = "AllDHT";
};
};
};
};
systemd.services.ipfs = {
serviceConfig = {
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
ReadWritePaths = lib.mkForce [ ];
};
};
systemd.sockets = {
ipfs-api.enable = false;
ipfs-gateway.enable = false;
};
environment = {
variables.IPFS_PATH = lib.mkForce "${ipfsApi}";
shellAliases = {
ipfs-admin = "doas -u ${cfg.user} env IPFS_PATH=${cfg.dataDir} ipfs";
f = "ipfs files";
};
};
networking.firewall.allowedTCPPorts = [ 110 4001 ];
environment.systemPackages = lib.singleton (pkgs.writeShellScriptBin "share" ''
PATH=${cfg.package}/bin:$PATH
set -e
cid=$(ipfs add -Qrp --pin=false "$@")
test -n $cid || exit 0
echo -e "\n\n IPFS path: /ipfs/$cid"
b32=$(ipfs cid base32 $cid)
echo -e " Web link: https://$b32.ipfs.privatevoid.net"
echo -e " Web link: https://$b32.ipfs.dweb.link"
echo -e " Web link: https://privatevoid.net/ipfs/$cid"
echo -e " Web link: https://ipfs.io/ipfs/$cid"
echo -e " Web link: https://cloudflare-ipfs.com/ipfs/$cid\n"
'');
networking.networkmanager.dispatcherScripts = [{
source = pkgs.writeShellScript "nm-ipfs-reconnect.sh" ''
[[ "$2" != "up" ]] && exit 0
PATH=${pkgs.systemd}/bin:${pkgs.findutils}/bin:${cfg.package}/bin:$PATH
export IPFS_PATH=${ipfsApi}
systemctl is-active ipfs.service || exit 0
case $1 in
wl*|en*)
ipfs swarm peers | xargs -P4 -n1 timeout 3 ipfs swarm disconnect
ipfs bootstrap | xargs -P4 -n1 timeout 10 ipfs swarm connect
esac
exit 0
'';
type = "basic";
}];
}

45
modules/laptop-config/gdm-touchpad-config.nix
View file

@ -1,15 +1,36 @@
{ lib, ... }: { pkgs, lib, ... }:
{ {
programs.dconf.profiles.gdm.databases = [ programs.dconf.profiles.gdm = lib.mkForce (let
{ customDconf = pkgs.writeTextFile {
settings."org/gnome/desktop/peripherals/touchpad" = { name = "gdm-dconf-touchpad";
edge-scrolling-enabled = false; destination = "/dconf/gdm-custom";
natural-scroll = false; text = ''
speed= lib.gvariant.mkDouble 0.375; [org/gnome/desktop/peripherals/touchpad]
tap-to-click = true; edge-scrolling-enabled=false
two-finger-scrolling-enabled = true; natural-scroll=false
}; speed=0.375
} tap-to-click=true
]; two-finger-scrolling-enabled=true
'';
};
customDconfDb = pkgs.stdenv.mkDerivation {
name = "gdm-dconf-db";
buildCommand = ''
${pkgs.dconf}/bin/dconf compile $out ${customDconf}/dconf
'';
};
in pkgs.stdenv.mkDerivation {
name = "dconf-gdm-profile";
buildCommand = with { gdm = pkgs.gnome.gdm; }; ''
# Check that the GDM profile starts with what we expect.
if [ $(head -n 1 ${gdm}/share/dconf/profile/gdm) != "user-db:user" ]; then
echo "GDM dconf profile changed, please update gdm.nix"
exit 1
fi
# Insert our custom DB behind it.
sed '2ifile-db:${customDconfDb}' ${gdm}/share/dconf/profile/gdm > $out
'';
});
} }

33
modules/networking-client/default.nix
View file

@ -1,31 +1,14 @@
{ config, inputs, pkgs, ... }:
{ {
networking.useDHCP = false; networking.useDHCP = false;
networking.networkmanager = { networking.networkmanager.dns = "systemd-resolved";
dns = "systemd-resolved"; networking.networkmanager.enableStrongSwan = false;
enableStrongSwan = false;
settings.connectivity = {
url = "http://whoami.privatevoid.net/online";
respone = "CONNECTED_GLOBAL";
interval = 120;
};
};
services.resolved = { services.resolved = {
enable = true; enable = true;
fallbackDns = [ fallbackDns = [ "10.1.0.1" ];
"95.216.8.12#securedns.privatevoid.net"
"152.67.73.164#securedns.privatevoid.net"
"10.1.0.1"
];
llmnr = "true"; llmnr = "true";
dnssec = "false"; dnssec = "false";
extraConfig = '' extraConfig = "Cache=no-negative";
Cache=no-negative
DNSOverTLS=opportunistic
DNS=${builtins.concatStringsSep " " config.services.resolved.fallbackDns}
'';
}; };
networking.firewall = let networking.firewall = let
ports = [ ports = [
@ -35,12 +18,4 @@
allowedTCPPorts = ports; allowedTCPPorts = ports;
allowedUDPPorts = ports; allowedUDPPorts = ports;
}; };
boot.extraModulePackages = [
(inputs.self.packages.${pkgs.system}.evil.override {
inherit (config.boot.kernelPackages) kernel;
})
];
boot.kernelModules = [ "evil" ];
} }

13
modules/nextcloud-client/default.nix
View file

@ -1,4 +1,15 @@
{ pkgs, ... }: { pkgs, config, ... }:
{ {
# expose nextcloud client into the environment
environment.systemPackages = [ pkgs.nextcloud-client ]; environment.systemPackages = [ pkgs.nextcloud-client ];
systemd.user.services.nextcloud = {
description = "Nextcloud Client Service";
wantedBy = [ "gnome-session.target" ];
serviceConfig = {
ExecStart = "${pkgs.nextcloud-client}/bin/nextcloud --background";
Restart = "always";
Slice = "background.slice";
};
};
} }

18
modules/nix-config/default.nix
View file

@ -1,11 +1,10 @@
{ pkgs, lib, config, inputs, ... }: { pkgs, lib, config, inputs, ... }@args:
let let
builder = { builder = {
systems = [ "x86_64-linux" "i686-linux" ]; systems = [ "x86_64-linux" "i686-linux" ];
speedFactor = 4; speedFactor = 4;
supportedFeatures = [ "benchmark" "nixos-test" ]; supportedFeatures = [ "benchmark" "nixos-test" ];
sshKey = config.age.secrets.nixBuilderKey.path; sshKey = config.age.secrets.nixBuilderKey.path;
protocol = "ssh-ng";
}; };
bigBuilder = builder // { bigBuilder = builder // {
speedFactor = 16; speedFactor = 16;
@ -18,7 +17,7 @@ in {
}; };
nixpkgs.overlays = [ nixpkgs.overlays = [
(self: super: { (self: super: {
nixSuper = inputs.nix-super.packages.x86_64-linux.default; nixSuper = inputs.nix-super.defaultPackage.x86_64-linux;
}) })
]; ];
nix = { nix = {
@ -30,10 +29,13 @@ in {
substituters = [ substituters = [
"https://cache.privatevoid.net" "https://cache.privatevoid.net"
"https://max.cachix.org?priority=100"
"https://reflex.privatevoid.net?priority=90"
]; ];
trusted-public-keys = [ trusted-public-keys = [
"cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg=" "cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg="
"max.cachix.org-1:oSMQ1zYLR8H4L17hfe6ETlI/d+VeiBykB8PbBdPtDJw="
]; ];
}; };
@ -56,15 +58,15 @@ in {
distributedBuilds = true; distributedBuilds = true;
buildMachines = [ buildMachines = [
(builder // { (bigBuilder // {
sshUser = "nix"; sshUser = "nixbuilder";
hostName = "prophet.node.privatevoid.net"; hostName = "animus.com";
systems = [ "aarch64-linux" ]; maxJobs = 4;
}) })
] ++ ] ++
(lib.optional (config.networking.hostName != "TITAN") (bigBuilder // { (lib.optional (config.networking.hostName != "TITAN") (bigBuilder // {
sshUser = "nix"; sshUser = "nix";
hostName = "titan.hyprspace"; hostName = "titan.hypr";
speedFactor = 12; speedFactor = 12;
maxJobs = 12; maxJobs = 12;
})); }));

25
modules/nix-register-flakes/default.nix
View file

@ -10,14 +10,20 @@ with inputs;
nix.registry = { nix.registry = {
system.flake = self; system.flake = self;
nixpkgs.to = { nixpkgs.flake = nixpkgs;
owner = "NixOS";
repo = "nixpkgs";
rev = nixpkgs.rev;
type = "github";
};
default.flake = nixpkgs; default.flake = nixpkgs;
home-manager.flake = home-manager; home-manager.flake = home-manager;
vim.flake = let
nixpkgsSelfLock = lib.importJSON "${self}/flake.lock";
vimLock = lib.importJSON "${modular-nvim}/flake.lock";
patchedLock = lib.recursiveUpdate vimLock { nodes.nixpkgs.locked = (nixpkgsSelfLock.nodes.nixpkgs.locked); };
patchedLockFile = pkgs.writeText "patched-flake.lock" (builtins.toJSON patchedLock);
in pkgs.runCommand "vim-flake" {} ''
cp -vr ${modular-nvim} $out
chmod +w $out
rm $out/flake.lock
cp -v ${patchedLockFile} $out/flake.lock
'';
templates.to = { templates.to = {
owner = "max"; owner = "max";
repo = "flake-templates"; repo = "flake-templates";
@ -25,13 +31,6 @@ with inputs;
host = "git.privatevoid.net"; host = "git.privatevoid.net";
type = "gitlab"; type = "gitlab";
}; };
config.to = {
owner = "max";
repo = "config";
ref = "master";
host = "git.privatevoid.net";
type = "gitlab";
};
}; };
environment.etc = { environment.etc = {

2
modules/persistence/default.nix
View file

@ -13,7 +13,7 @@
} }
]; ];
services.kubo.dataDir = "/srv/data/ipfs"; services.ipfs.dataDir = "/persist/ipfs";
services.lidarr.dataDir = "/persist/db/lidarr"; services.lidarr.dataDir = "/persist/db/lidarr";
services.jackett.dataDir = "/persist/db/jackett"; services.jackett.dataDir = "/persist/db/jackett";

10
modules/shell-config/default.nix
View file

@ -10,11 +10,6 @@ let
] ++ [ ] ++ [
"source ${pkgs.fzf}/share/fzf/key-bindings.zsh" "source ${pkgs.fzf}/share/fzf/key-bindings.zsh"
"ZSH_HIGHLIGHT_DIRS_BLACKLIST=(/* /ipfs /ipns)" "ZSH_HIGHLIGHT_DIRS_BLACKLIST=(/* /ipfs /ipns)"
''
command_not_found_handler() {
${pkgs.comma}/bin/comma "$@"
}
''
]; ];
in { in {
environment.shellAliases = { environment.shellAliases = {
@ -27,13 +22,13 @@ in {
sudo = "sudo "; sudo = "sudo ";
tree = "lsd --tree"; tree = "lsd --tree";
uctl = "systemctl --user"; uctl = "systemctl --user";
vim = "hx"; vim = "nvim";
nvr = "nvr --servername /tmp/nvim-remote-$USER --remote-tab";
nix-repl = "nix repl '<repl>'"; nix-repl = "nix repl '<repl>'";
# thanks gytis # thanks gytis
manix-view = ''manix "" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --ansi --preview="manix '{}' | sed 's/type: /> type: /g' | bat -l Markdown --color=always --plain"''; manix-view = ''manix "" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --ansi --preview="manix '{}' | sed 's/type: /> type: /g' | bat -l Markdown --color=always --plain"'';
}; };
programs = { programs = {
command-not-found.enable = false;
zsh = { zsh = {
enable = true; enable = true;
histFile = "$HOME/.cache/zsh_history"; histFile = "$HOME/.cache/zsh_history";
@ -53,7 +48,6 @@ in {
"interactivecomments" "interactivecomments"
"monitor" "monitor"
"nobadpattern" "nobadpattern"
"nonomatch"
"promptsubst" "promptsubst"
"sharehistory" "sharehistory"
"zle" "zle"

19
modules/sound/default.nix
View file

@ -1,5 +1,6 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
sound.enable = true;
hardware.pulseaudio.enable = false; hardware.pulseaudio.enable = false;
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
@ -7,14 +8,18 @@
pulse.enable = true; pulse.enable = true;
alsa.enable = true; alsa.enable = true;
alsa.support32Bit = true; alsa.support32Bit = true;
jack.enable = true;
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# KXStudio stuff # KXStudio stuff
cadence
carla carla
jack_oscrolloscope
jack_rack jack_rack
jackmeter
qjackctl qjackctl
# Audio plugins # Audio plugins
@ -23,12 +28,16 @@
artyFX artyFX
calf calf
distrho distrho
guitarix
helm helm
infamousPlugins
ingen
kapitonov-plugins-pack kapitonov-plugins-pack
ladspaPlugins ladspaPlugins
lv2 lv2
metersLv2 metersLv2
noise-repellent noise-repellent
rakarrack
rkrlv2 rkrlv2
sorcer sorcer
swh_lv2 swh_lv2
@ -44,11 +53,5 @@
VST_PATH = "/run/current-system/sw/lib/vst"; VST_PATH = "/run/current-system/sw/lib/vst";
}; };
desktop.hiddenApps = [
"carla-control.desktop"
"carla-jack-multi.desktop"
"carla-jack-single.desktop"
"carla-patchbay.desktop"
"carla-rack.desktop"
];
} }

12
modules/xr/default.nix
View file

@ -1,12 +0,0 @@
{ pkgs, ... }:
let
rules = pkgs.writeTextDir "etc/udev/rules.d/70-xr.rules" ''
# Xreal Air 2 Pro
ATTRS{idVendor}=="3318", ATTRS{idProduct}=="0432", TAG+="uaccess"
'';
in
{
services.udev.packages = [ rules ];
}

68
packages/apps/forge-sparks/default.nix
View file

@ -1,68 +0,0 @@
{ stdenv
, desktop-file-utils
, meson
, ninja
, gettext
, pkg-config
, gtk4
, gtksourceview5
, gobject-introspection
, wrapGAppsHook4
, fetchFromGitHub
, gjs
, blueprint-compiler
, libadwaita
, libsecret
, libsoup_3
, libportal-gtk4
}:
let
troll = fetchFromGitHub {
owner = "sonnyp";
repo = "troll";
rev = "12a42a5afc8c6c26d3d782ea75b1e1372a0e8f36";
hash = "sha256-e9C9Du5j7tEy/q/OhbfCU7DD3Oe6Hnq1xcFYablBipw=";
};
in
stdenv.mkDerivation rec {
pname = "forge-sparks";
version = "0.2.0";
src = fetchFromGitHub {
owner = "rafaelmardojai";
repo = pname;
rev = version;
hash = "sha256-BxC5BqwSDuLBwG4a5/0pntuHhW05xDsmzO7yMQKi/vI=";
};
postPatch = ''
rmdir troll
cp -r ${troll} troll
chmod +w -R troll
patchShebangs troll/gjspack/bin
'';
nativeBuildInputs = [
desktop-file-utils
gettext
meson
ninja
pkg-config
wrapGAppsHook4
blueprint-compiler
];
buildInputs = [
gjs
gtk4
gtksourceview5
libadwaita
gobject-introspection
libsecret
libsoup_3
libportal-gtk4
];
}

6
packages/apps/identity/default.nix
View file

@ -7,8 +7,6 @@
, gettext , gettext
, python3 , python3
, rustPlatform , rustPlatform
, rustc
, cargo
, pkg-config , pkg-config
, glib , glib
, libhandy , libhandy
@ -43,9 +41,9 @@ stdenv.mkDerivation rec {
ninja ninja
pkg-config pkg-config
python3 python3
cargo rustPlatform.rust.cargo
rustPlatform.cargoSetupHook rustPlatform.cargoSetupHook
rustc rustPlatform.rust.rustc
wrapGAppsHook wrapGAppsHook
glib glib
]; ];

14
packages/apps/obfuscate/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv { lib, stdenv
, desktop-file-utils , desktop-file-utils
, fetchFromGitLab , fetchFromGitLab
, nix-update-script , nix-update-script
@ -7,8 +7,6 @@
, gettext , gettext
, python3 , python3
, rustPlatform , rustPlatform
, rustc
, cargo
, pkg-config , pkg-config
, glib , glib
, libadwaita , libadwaita
@ -21,20 +19,20 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "obfuscate"; pname = "obfuscate";
version = "0.0.9"; version = "0.0.4";
src = fetchFromGitLab { src = fetchFromGitLab {
domain = "gitlab.gnome.org"; domain = "gitlab.gnome.org";
owner = "World"; owner = "World";
repo = "obfuscate"; repo = "obfuscate";
rev = version; rev = version;
sha256 = "sha256-aUhzact437V/bSsG2Ddu2mC03LbyXFg+hJiuGy5NQfQ="; sha256 = "sha256-P8Y2Eizn1BMZXuFjGMXF/3oAUzI8ZNTrnbLyU+V6uk4=";
}; };
cargoDeps = rustPlatform.fetchCargoTarball { cargoDeps = rustPlatform.fetchCargoTarball {
inherit src; inherit src;
name = "${pname}-${version}"; name = "${pname}-${version}";
hash = "sha256-O/Bg8b5ZEId3PNebd19TIrFvyb0yngtKuMNJlM8M5Fg="; hash = "sha256-eKXVN3PHgeLeG4qxh30VhyMX0FMOO/ZlZ8trUGIs2sc=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@ -44,9 +42,9 @@ stdenv.mkDerivation rec {
ninja ninja
pkg-config pkg-config
python3 python3
cargo rustPlatform.rust.cargo
rustPlatform.cargoSetupHook rustPlatform.cargoSetupHook
rustc rustPlatform.rust.rustc
wrapGAppsHook wrapGAppsHook
glib glib
]; ];

32
packages/apps/sonnyp-commit/always-use-latest.patch
View file

@ -1,32 +0,0 @@
By default, commit displays something along of "git config core.editors /nix/store/[...]/bin/re.sonny.Commit"
as command to set it as git editor. Since this would break on upgrades, just use the non-versioned binary
diff --git a/src/welcome.js b/src/welcome.js
index c410e2d..62e46ba 100644
--- a/src/welcome.js
+++ b/src/welcome.js
@@ -70,24 +70,7 @@ export default function Welcome({ application }) {
}
function getCommand() {
- const FLATPAK_ID = GLib.getenv("FLATPAK_ID");
- const { programInvocationName } = system;
-
- if (FLATPAK_ID) {
- return `flatpak run --file-forwarding ${FLATPAK_ID} @@`;
- }
-
- // re.sonny.Commit
- if (programInvocationName === GLib.path_get_basename(programInvocationName)) {
- return programInvocationName;
- }
-
- // ./re.sonny.commit
- // /home/sonny/re.sonny.Commit
- return GLib.canonicalize_filename(
- programInvocationName,
- GLib.get_current_dir(),
- );
+ return "re.sonny.Commit";
}
function getRange(key) {

64
packages/apps/sonnyp-commit/default.nix
View file

@ -1,64 +0,0 @@
{ stdenv
, lib
, desktop-file-utils
, meson
, ninja
, gettext
, pkg-config
, gtk4
, gtksourceview5
, gobject-introspection
, wrapGAppsHook4
, fetchFromGitHub
, gjs
, libadwaita
}:
stdenv.mkDerivation rec {
pname = "commit";
version = "3.2.0";
src = fetchFromGitHub {
owner = "sonnyp";
repo = "Commit";
rev = "v${version}";
hash = "sha256-nnjHuE7MzCuoPfCb4MA00BIzLPbhgR6mbeWYagmNjME=";
};
patches = [
./always-use-latest.patch
];
nativeBuildInputs = [
desktop-file-utils
gettext
meson
ninja
pkg-config
wrapGAppsHook4
];
buildInputs = [
gjs
gtk4
gtksourceview5
libadwaita
gobject-introspection
];
postPatch = ''
substituteInPlace src/re.sonny.Commit \
--replace "/usr/bin/env -S gjs" ${gjs}/bin/gjs
'';
dontPatchShebangs = true;
meta = with lib; {
homepage = "https://commit.sonny.re/";
description = "Commit message editor";
maintainers = [ maintainers.Cogitri ];
license = licenses.gpl3Plus;
platforms = platforms.linux;
};
}

2658
packages/apps/tubefeeder/Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

60
packages/apps/tubefeeder/default.nix
View file

@ -1,60 +0,0 @@
{ stdenv
, desktop-file-utils
, fetchFromGitLab
, gettext
, glib
, gtk4
, libadwaita
, meson
, ninja
, openssl
, pkg-config
, python3
, rustPlatform
, rustc
, cargo
, wrapGAppsHook
}:
stdenv.mkDerivation rec {
pname = "pipeline";
version = "1.14.5";
src = fetchFromGitLab {
owner = "schmiddi-on-mobile";
repo = "pipeline";
rev = "v${version}";
sha256 = "sha256-C5mFOYYrm8e2zlac7qclhpONKuqdvqfwT74gSX28VPs=";
};
cargoDeps = rustPlatform.importCargoLock {
lockFile = ./Cargo.lock;
outputHashes = {
"tf_core-0.1.4" = "sha256-yOuvHLyX/qUJSs62VbripKwIEoErsPu9rzbKMdndvmc=";
};
};
nativeBuildInputs = [
desktop-file-utils
gettext
meson
ninja
pkg-config
python3
cargo
rustPlatform.cargoSetupHook
rustc
wrapGAppsHook
];
buildInputs = [
glib
gtk4
libadwaita
openssl
];
postPatch = ''
patchShebangs build-aux/meson_post_install.py
'';
}

64
packages/apps/vaults/default.nix
View file

@ -1,64 +0,0 @@
{ lib, stdenv
, cryfs
, desktop-file-utils
, fetchFromGitHub
, gettext
, glib
, gtk4
, libadwaita
, meson
, ninja
, pkg-config
, python3
, rustPlatform
, rustc
, cargo
, wrapGAppsHook
}:
stdenv.mkDerivation rec {
pname = "vaults";
version = "0.6.0";
src = fetchFromGitHub {
owner = "mpobaschnig";
repo = "Vaults";
rev = version;
sha256 = "sha256-1WxzE3sH4QpUU13mTLjYt1zMUgAQ+OA7J5j4pwG9oWo=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
hash = "sha256-uUO7l+B/6I+XxEb0xxBynq9CC8ixRAvdJ2HWTCVyeQM=";
};
nativeBuildInputs = [
desktop-file-utils
gettext
meson
ninja
pkg-config
python3
cargo
rustPlatform.cargoSetupHook
rustc
wrapGAppsHook
];
buildInputs = [
glib
gtk4
libadwaita
];
postPatch = ''
patchShebangs build-aux/meson_post_install.py
'';
preFixup = ''
gappsWrapperArgs+=(
--prefix PATH ":" "${lib.makeBinPath [ cryfs ]}"
);
'';
}

52
packages/apps/webfont-kit-generator/default.nix
View file

@ -1,52 +0,0 @@
{ fetchFromGitHub
, meson, pkg-config, ninja
, python3
, glib, appstream-glib , desktop-file-utils
, gobject-introspection, gtk4, libadwaita
, wrapGAppsHook
, gnome
, gtksourceview5
, libsoup_3
}:
python3.pkgs.buildPythonApplication rec {
pname = "webfont-kit-generator";
version = "1.0.3";
format = "other";
src = fetchFromGitHub {
owner = "rafaelmardojai";
repo = pname;
rev = version;
sha256 = "sha256-aD/1moWIiU4zpLTW+VHH9n/sj10vCZ8UzB2ey3mR0/k=";
};
nativeBuildInputs = [
meson
pkg-config
ninja
appstream-glib
desktop-file-utils
gobject-introspection
wrapGAppsHook
];
buildInputs = [
glib
gtk4
libadwaita
gtksourceview5
libsoup_3
gnome.adwaita-icon-theme
];
propagatedBuildInputs = with python3.pkgs; [
pygobject3
fonttools
brotli
];
postPatch = ''
patchShebangs build-aux/meson/postinstall.py
'';
}

7
packages/data/privatevoid-smart-card-certificate-authority-bundle.nix Normal file
View file

@ -0,0 +1,7 @@
{ fetchurl }:
fetchurl {
url =
"https://export.privatevoid.net/Certificates/PRIVATEVOID.NET__Private_Void_Smart_Card_Authority-bundle-s12.pem";
sha256 = "3939eb6512e5675bb27028f9bf9892dbb1d1a60b014f4537f8d2b6180deece68";
}

6
packages/default.nix
View file

@ -1,8 +1,8 @@
{ pkgs, inputs }@args: { nixpkgs, inputs }:
let let
patched-derivations = import ./patched-derivations.nix pkgs; patched-derivations = import ./patched-derivations.nix nixpkgs;
patched-inputs = import ./patched-inputs.nix inputs; patched-inputs = import ./patched-inputs.nix inputs;
packages = import ./packages.nix args; packages = import ./packages.nix nixpkgs;
in patched-derivations in patched-derivations
// patched-inputs // patched-inputs
// packages // packages

12
packages/dream2nix/overrides/nodejs/default.nix
View file

@ -1,12 +0,0 @@
{
lib,
pkgs,
# dream2nix
satisfiesSemver,
...
}:
{
}

30
packages/networking/evil/default.nix
View file

@ -1,30 +0,0 @@
{ stdenv, fetchFromGitHub, kernel }:
stdenv.mkDerivation rec {
pname = "evil";
version = "1.0.0";
name = "${pname}-${kernel.version}-${version}";
src = fetchFromGitHub {
owner = "alwilson";
repo = pname;
rev = "096ba9bf408fc714dc09a2e41be9ec03fc50ee4a";
sha256 = "sha256-t0iJwIIThNkCcR2P1kJRdffcY6HmFg5qvJeXQhPfy6U=";
};
nativeBuildInputs = kernel.moduleBuildDependencies;
makeFlags = kernel.makeFlags ++ [
"KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
"KVER=${kernel.modDirVersion}"
"KERNEL_MODLIB=$(out)/lib/modules/${kernel.modDirVersion}"
"INCLUDEDIR=$(out)/include"
];
installPhase = ''
installDir=$out/lib/modules/${kernel.modDirVersion}/extra
xz evil.ko
install -d $installDir
install -m644 evil.ko.xz $installDir
'';
}

2
packages/networking/hyprspace/0001-Lain-ipfs-bootstrap-nodes.patch
View file

@ -60,7 +60,7 @@ index 65d13c8..736101a 100644
- "/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN", - "/dnsaddr/bootstrap.libp2p.io/p2p/QmNnooDu7bfjPFoTZYxMNLWUQJyrVwtbZg5gBMjTezGAJN",
- "/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa", - "/dnsaddr/bootstrap.libp2p.io/p2p/QmQCU2EcMqAqQPR2i9bChDtGNJchTbq5TbXJJ16u19uLTa",
- "/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb", - "/dnsaddr/bootstrap.libp2p.io/p2p/QmbLHAnMoJPWSCR5Zhtx6BHJX9KiKNN6tpvbUcqanj75Nb",
+ "/ip4/95.216.8.12/tcp/995/p2p/QmYs4xNBby2fTs8RnzfXEk161KD4mftBfCiR8yXtgGPj4J", + "/ip4/168.235.67.108/tcp/4001/p2p/QmRMA5pWXtfuW1y5w2t9gYxrDDD6bPRLKdWAYnHTeCxZMm",
+ "/ip4/95.216.8.12/tcp/4001/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo", + "/ip4/95.216.8.12/tcp/4001/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo",
+ "/ip6/2001:41d0:800:1402::3f16:3fb5/tcp/4001/p2p/12D3KooWDUgNsoLVauCDpRAo54mc4whoBudgeXQnZZK2iVYhBLCN", + "/ip6/2001:41d0:800:1402::3f16:3fb5/tcp/4001/p2p/12D3KooWDUgNsoLVauCDpRAo54mc4whoBudgeXQnZZK2iVYhBLCN",
+ "/ip6/2001:818:da65:e400:a553:fbc1:f0b1:5743/tcp/4001/p2p/12D3KooWC1RZxLvAeEFNTZWk1FWc1sZZ3yemF4FNNRYa3X854KJ8", + "/ip6/2001:818:da65:e400:a553:fbc1:f0b1:5743/tcp/4001/p2p/12D3KooWC1RZxLvAeEFNTZWk1FWc1sZZ3yemF4FNNRYa3X854KJ8",

26
packages/networking/hyprspace/0004-Use-more-NAT-traversal-features.patch
View file

@ -1,26 +0,0 @@
From 46110b055eaaa0c1f815ff876da4713499c17bc8 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Fri, 17 Jun 2022 22:17:08 +0200
Subject: [PATCH 4/4] Use more NAT traversal features
---
p2p/node.go | 3 +++
1 file changed, 3 insertions(+)
diff --git a/p2p/node.go b/p2p/node.go
index 2f86317..0c9a250 100644
--- a/p2p/node.go
+++ b/p2p/node.go
@@ -49,6 +49,9 @@ func CreateNode(ctx context.Context, inputKey string, port int, handler network.
libp2p.NATPortMap(),
libp2p.DefaultMuxers,
libp2p.Transport(tcp.NewTCPTransport),
+ libp2p.EnableHolePunching(),
+ libp2p.EnableRelayService(),
+ libp2p.EnableNATService(),
libp2p.FallbackDefaults,
)
if err != nil {
--
2.36.0

90
packages/networking/hyprspace/0005-Grab-bootstrap-peers-from-IPFS-API.patch
View file

@ -1,90 +0,0 @@
From 3942aaa7dcfa8cfd2fe110cf2bda66b34ead6539 Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Sun, 25 Sep 2022 01:29:25 +0200
Subject: [PATCH] Grab bootstrap peers from IPFS API
---
p2p/node.go | 44 +++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 43 insertions(+), 1 deletion(-)
diff --git a/p2p/node.go b/p2p/node.go
index 0c9a250..f5d5292 100644
--- a/p2p/node.go
+++ b/p2p/node.go
@@ -2,8 +2,12 @@ package p2p
import (
"context"
+ "encoding/json"
"errors"
"fmt"
+ "io/ioutil"
+ "net/http"
+ "net/url"
"os"
"sync"
@@ -22,6 +26,35 @@ import (
// Protocol is a descriptor for the Hyprspace P2P Protocol.
const Protocol = "/hyprspace/0.0.1"
+func getExtraBootstrapNodes(addr ma.Multiaddr) (nodesList []string) {
+ nodesList = []string{}
+ ip4, err := addr.ValueForProtocol(ma.P_IP4)
+ if err != nil {
+ return
+ }
+ port, err := addr.ValueForProtocol(ma.P_TCP)
+ if err != nil {
+ return
+ }
+ resp, err := http.PostForm("http://"+ip4+":"+port+"/api/v0/swarm/addrs", url.Values{})
+
+ defer resp.Body.Close()
+
+ apiResponse, err := ioutil.ReadAll(resp.Body)
+
+ if err != nil {
+ return
+ }
+ var obj = map[string]map[string][]string{}
+ json.Unmarshal([]byte(apiResponse), &obj)
+ for k, v := range obj["Addrs"] {
+ for _, addr := range v {
+ nodesList = append(nodesList, (addr + "/p2p/" + k))
+ }
+ }
+ return
+}
+
// CreateNode creates an internal Libp2p nodes and returns it and it's DHT Discovery service.
func CreateNode(ctx context.Context, inputKey string, port int, handler network.StreamHandler) (node host.Host, dhtOut *dht.IpfsDHT, err error) {
// Unmarshal Private Key
@@ -34,6 +67,15 @@ func CreateNode(ctx context.Context, inputKey string, port int, handler network.
if err != nil {
return
}
+ extraBootstrapNodes := []string{}
+ ipfsApiStr, ok := os.LookupEnv("HYPRSPACE_IPFS_API")
+ if ok {
+ ipfsApiAddr, err := ma.NewMultiaddr(ipfsApiStr)
+ if err == nil {
+ fmt.Println("[+] Getting additional peers from IPFS API")
+ extraBootstrapNodes = getExtraBootstrapNodes(ipfsApiAddr)
+ }
+ }
ip6tcp := fmt.Sprintf("/ip6/::/tcp/%d", port)
ip4tcp := fmt.Sprintf("/ip4/0.0.0.0/tcp/%d", port)
@@ -74,7 +116,7 @@ func CreateNode(ctx context.Context, inputKey string, port int, handler network.
// Convert Bootstap Nodes into usable addresses.
BootstrapPeers := make(map[peer.ID]*peer.AddrInfo, len(peers))
- for _, addrStr := range peers {
+ for _, addrStr := range append(peers, extraBootstrapNodes...) {
addr, err := ma.NewMultiaddr(addrStr)
if err != nil {
return node, dhtOut, err
--
2.37.2

6
packages/networking/hyprspace/default.nix
View file

@ -1,6 +1,6 @@
{ lib, stdenv, buildGo117Module, fetchFromGitHub, iproute2mac }: { lib, stdenv, buildGoModule, fetchFromGitHub, iproute2mac }:
buildGo117Module rec { buildGoModule rec {
pname = "hyprspace"; pname = "hyprspace";
version = "0.2.2"; version = "0.2.2";
@ -10,8 +10,6 @@ buildGo117Module rec {
./0001-Lain-ipfs-bootstrap-nodes.patch ./0001-Lain-ipfs-bootstrap-nodes.patch
./0002-Remove-quic-transport-for-Lain-ipfs.patch ./0002-Remove-quic-transport-for-Lain-ipfs.patch
./0003-Remove-dep-from-go.mod.patch ./0003-Remove-dep-from-go.mod.patch
./0004-Use-more-NAT-traversal-features.patch
./0005-Grab-bootstrap-peers-from-IPFS-API.patch
]; ];
src = fetchFromGitHub { src = fetchFromGitHub {

24
packages/nixpak/amberol/default.nix
View file

@ -1,24 +0,0 @@
{ mkNixPak, amberol }:
mkNixPak {
config = { sloth, ... }: {
imports = [
../modules/gui-base.nix
../modules/mpris2-player.nix
];
flatpak.appId = "io.bassi.Amberol";
bubblewrap = {
bind.rw = [
[
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/amberol"))
(sloth.concat' sloth.xdgCacheHome "/amberol")
]
];
bind.ro = [
(sloth.concat' sloth.homeDir "/Music")
"/srv/data/music"
];
};
app.package = amberol;
};
}

17
packages/nixpak/dialect/default.nix
View file

@ -1,17 +0,0 @@
{ mkNixPak, dialect }:
mkNixPak {
config = { sloth, ... }: {
imports = [
../modules/gui-base.nix
../modules/network.nix
];
flatpak.appId = "app.drey.Dialect";
app = {
package = dialect;
extraEntrypoints = [
"/share/dialect/search_provider"
];
};
};
}

25
packages/nixpak/fragments/default.nix
View file

@ -1,25 +0,0 @@
{ mkNixPak, fragments }:
mkNixPak {
config = { sloth, ... }: {
imports = [ ../modules/gui-base.nix ];
flatpak.appId = "de.haeckerfelix.Fragments";
app.package = fragments;
dbus.policies = {
"org.freedesktop.secrets" = "talk";
};
bubblewrap = {
network = true;
bind.ro = [
"/etc/hosts"
];
bind.rw = [
[
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/fragments"))
(sloth.concat' sloth.xdgCacheHome "/fragments")
]
(sloth.concat' sloth.xdgConfigHome "/fragments")
];
};
};
}

58
packages/nixpak/modules/gui-base.nix
View file

@ -1,58 +0,0 @@
{ config, lib, pkgs, sloth, ... }:
let
envSuffix = envKey: suffix: sloth.concat' (sloth.env envKey) suffix;
in
{
config = {
dbus.policies = {
"${config.flatpak.appId}" = "own";
"${config.flatpak.appId}.*" = "own";
"org.freedesktop.DBus" = "talk";
"org.gtk.vfs.*" = "talk";
"org.gtk.vfs" = "talk";
"ca.desrt.dconf" = "talk";
"org.freedesktop.portal.*" = "talk";
"org.a11y.Bus" = "talk";
};
gpu.enable = lib.mkDefault true;
gpu.provider = "bundle";
fonts.enable = true;
locale.enable = true;
bubblewrap = {
sockets = {
wayland = true;
pulse = true;
};
network = lib.mkDefault false;
bind.rw = [
(sloth.concat' sloth.xdgCacheHome "/fontconfig")
(sloth.concat' sloth.xdgCacheHome "/mesa_shader_cache")
(envSuffix "XDG_RUNTIME_DIR" "/at-spi/bus")
(envSuffix "XDG_RUNTIME_DIR" "/gvfsd")
(envSuffix "XDG_RUNTIME_DIR" "/doc")
(envSuffix "XDG_RUNTIME_DIR" "/dconf")
];
bind.ro = [
(sloth.concat' sloth.xdgConfigHome "/gtk-2.0")
(sloth.concat' sloth.xdgConfigHome "/gtk-3.0")
(sloth.concat' sloth.xdgConfigHome "/gtk-4.0")
(sloth.concat' sloth.xdgConfigHome "/dconf")
"/etc/localtime"
];
env = {
XDG_DATA_DIRS = lib.makeSearchPath "share" [
pkgs.gnome.adwaita-icon-theme
pkgs.gnome-themes-extra
pkgs.shared-mime-info
];
XCURSOR_PATH = lib.concatStringsSep ":" [
"${pkgs.gnome.adwaita-icon-theme}/share/icons"
"${pkgs.gnome.adwaita-icon-theme}/share/pixmaps"
];
};
};
};
}

6
packages/nixpak/modules/mpris2-player.nix
View file

@ -1,6 +0,0 @@
{ config, ... }:
{
dbus.policies = {
"org.mpris.MediaPlayer2.${config.flatpak.appId}" = "own";
};
}

6
packages/nixpak/modules/network.nix
View file

@ -1,6 +0,0 @@
{
etc.sslCertificates.enable = true;
bubblewrap = {
network = true;
};
}

51
packages/nixpak/ungoogled-chromium/default.nix
View file

@ -1,51 +0,0 @@
{ mkNixPak, ungoogled-chromium }:
mkNixPak {
config = { config, sloth, ... }: {
app.package = ungoogled-chromium;
flatpak = {
appId = "org.chromium.Chromium";
desktopFile = "chromium-browser.desktop";
};
imports = [
../modules/gui-base.nix
../modules/network.nix
../modules/mpris2-player.nix
];
# chromium doesn't use the expected MPRIS2 name format
dbus.policies = {
"org.mpris.MediaPlayer2.chromium.*" = "own";
};
bubblewrap = {
# for hidraw access (WebAuthn keys)
bind.dev = [ "/dev" ];
bind.rw = [
[
(sloth.mkdir (sloth.concat [
sloth.appCacheDir
"/nixpak-app-shared-tmp"
]))
"/tmp"
]
[
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/chromium"))
(sloth.concat' sloth.xdgCacheHome "/chromium")
]
[
# home-manager does some funny things
(sloth.concat [
sloth.xdgConfigHome
"/nixpak-ungoogled-chromium"
])
(sloth.concat [
sloth.xdgConfigHome
"/chromium"
])
]
(sloth.concat' sloth.homeDir "/Downloads")
"/tmp/.X11-unix"
(sloth.envOr "XAUTHORITY" "/no-xauth")
];
};
};
}

42
packages/nixpak/wike/default.nix
View file

@ -1,42 +0,0 @@
{ mkNixPak, wike, python3Packages }:
mkNixPak {
config = { sloth, ... }: {
imports = [
../modules/gui-base.nix
../modules/network.nix
];
flatpak.appId = "com.github.hugolabe.Wike";
bubblewrap = {
bind.rw = [
[
(sloth.mkdir (sloth.concat' sloth.appCacheDir "/wike"))
(sloth.concat' sloth.xdgCacheHome "/wike")
]
];
};
app = {
# upstream wike is a bit broken
package = wike.overrideAttrs (old: {
propagatedBuildInputs = old.propagatedBuildInputs ++ [
python3Packages.dbus-python
];
# fix double wrapping
dontWrapGApps = true;
makeWrapperArgs = [
"\${gappsWrapperArgs[@]}"
];
# properly wrap wike-sp
postFixup = (old.postFixup or "") + ''
wrapPythonProgramsIn $out/share/wike "$out $propagatedBuildInputs"
'';
});
extraEntrypoints = [
"/share/wike/wike-sp"
];
};
};
}

58
packages/packages.nix
View file

@ -1,69 +1,17 @@
{ inputs, pkgs }: pkgs: {
let privatevoid-smart-card-ca-bundle = pkgs.callPackage ./data/privatevoid-smart-card-certificate-authority-bundle.nix { };
tools = import ./lib/tools.nix;
patch' = super: tools.patch super "patches/base/${super.pname}";
dream2nix = inputs.dream2nix.lib2.init {
inherit pkgs;
config = {
projectRoot = ./dream2nix;
overridesDirs = [ "${inputs.dream2nix}/overrides" ./dream2nix/overrides ];
};
};
mkNixPak = inputs.nixpak.lib.nixpak {
inherit (pkgs) lib;
inherit pkgs;
};
sandbox = path: extra: (pkgs.callPackage path ({ inherit mkNixPak; } // extra)).config.env;
in
{
amberol = sandbox ./nixpak/amberol { };
brig = pkgs.callPackage ./tools/brig { };
dialect = sandbox ./nixpak/dialect { };
evil = pkgs.linuxPackages_latest.callPackage ./networking/evil { };
jdtls = pkgs.callPackage ./development/langservers/jdtls.nix { }; jdtls = pkgs.callPackage ./development/langservers/jdtls.nix { };
doom-one-vim = pkgs.callPackage ./vim-plugins/doom-one-vim.nix { }; doom-one-vim = pkgs.callPackage ./vim-plugins/doom-one-vim.nix { };
fragments-remote = let
fakeTransmission = pkgs.writeShellScriptBin "transmission-daemon" ''
exec ${pkgs.coreutils}/bin/sleep +Infinity
'';
app = pkgs.fragments.overrideAttrs (_: {
preFixup = ''
gappsWrapperArgs+=(
--prefix PATH : "${pkgs.lib.makeBinPath [ fakeTransmission ] }"
)
'';
});
in sandbox ./nixpak/fragments { fragments = app; };
git-remote-ipld = pkgs.callPackage ./tools/git-remote-ipld { };
hyprspace = pkgs.callPackage ./networking/hyprspace { iproute2mac = null; }; hyprspace = pkgs.callPackage ./networking/hyprspace { iproute2mac = null; };
identity = pkgs.callPackage ./apps/identity { }; identity = pkgs.callPackage ./apps/identity { };
obfuscate = pkgs.callPackage ./apps/obfuscate { }; obfuscate = pkgs.callPackage ./apps/obfuscate { };
neovim-gtk = pkgs.callPackage ./apps/neovim-gtk { }; neovim-gtk = pkgs.callPackage ./apps/neovim-gtk { };
sonnyp-commit = pkgs.callPackage ./apps/sonnyp-commit { };
steam-metro-skin = import ./data/misc/steam-metro-skin { inherit (pkgs) fetchzip; }; steam-metro-skin = import ./data/misc/steam-metro-skin { inherit (pkgs) fetchzip; };
tubefeeder = pkgs.callPackage ./apps/tubefeeder { };
ungoogled-chromium = sandbox ./nixpak/ungoogled-chromium { };
vaults = pkgs.callPackage ./apps/vaults { };
webfont-kit-generator = pkgs.callPackage ./apps/webfont-kit-generator { };
wike = sandbox ./nixpak/wike { };
} }

49
packages/patched-derivations.nix
View file

@ -3,34 +3,31 @@ let
patch' = super: tools.patch super "patches/base/${super.pname}"; patch' = super: tools.patch super "patches/base/${super.pname}";
in with tools; in with tools;
super: rec { super: rec {
kerberized-bind = super.bind.overrideAttrs (attrs: {
configureFlags = attrs.configureFlags ++ [ "--with-gssapi=${super.krb5.dev}" ];
buildInputs = attrs.buildInputs ++ [ super.krb5 ];
});
kerberized-dnsutils = kerberized-bind.dnsutils;
kerberized-dig = kerberized-bind.dnsutils;
ddcci-driver-with-global-control = patch super.linuxPackages.ddcci-driver "patches/kmods/ddcci-driver"; ddcci-driver-with-global-control = patch super.linuxPackages.ddcci-driver "patches/kmods/ddcci-driver";
doas-interactive = patch-rename super.doas "doas-interactive" "patches/base/doas"; doas-interactive = patch-rename super.doas "doas-interactive" "patches/base/doas";
kubo = patch super.kubo "patches/base/ipfs"; lain-ipfs = patch-rename super.ipfs "lain-ipfs" "patches/base/ipfs";
gnome-control-center = super.gnome-control-center.overrideAttrs (old: { glib = patch' super.glib;
postPatch = (old.postPatch or "") + ''
echo disabling alert sound chooser
${super.xmlstarlet}/bin/xmlstarlet edit -L \
-s '//property[@name="title" and text()="_Alert Sound"]/..' -t elem -n propertyAlertSoundVisible -v False \
-s //propertyAlertSoundVisible -t attr -n name -v visible \
-r //propertyAlertSoundVisible -v property \
panels/sound/cc-sound-panel.ui
test "$(${super.xmlstarlet}/bin/xmlstarlet select -t -c '//property[@name="title" and text()="_Alert Sound"]/../property[@name="visible"]/text()' panels/sound/cc-sound-panel.ui)" == "False" gnome-control-center = super.gnome.gnome-control-center;
'';
kooha = super.kooha.overrideAttrs (_: {
postInstall = ''
substituteInPlace $out/share/applications/io.github.seadve.Kooha.desktop \
--replace "=Kooha" "=Screen Recorder"
'';
}); });
libfprint = (patch' super.libfprint).overrideAttrs (old: { nautilus = (patch' super.gnome.nautilus).overrideAttrs (attrs: {
buildInputs = old.buildInputs ++ [
super.openssl
];
});
fprintd = super.fprintd.override { inherit libfprint; };
nautilus = (patch' super.nautilus).overrideAttrs (attrs: {
preFixup = with super; preFixup = with super;
let py = (python3.withPackages (ps: with ps; [ ps.pygobject3 ])); let py = (python3.withPackages (ps: with ps; [ ps.pygobject3 ]));
in attrs.preFixup + '' in attrs.preFixup + ''
@ -40,6 +37,12 @@ super: rec {
''; '';
}); });
oni2 = super.oni2.overrideAttrs (attrs: {
nativeBuildInputs = attrs.nativeBuildInputs ++ [
super.python3
];
});
terminus_font_fancy = super.terminus_font.overrideAttrs (attrs: { terminus_font_fancy = super.terminus_font.overrideAttrs (attrs: {
patches = (attrs.patches or [ ]) ++ [ "alt/td1.diff" "alt/ll2.diff" ]; patches = (attrs.patches or [ ]) ++ [ "alt/td1.diff" "alt/ll2.diff" ];
}); });
@ -48,9 +51,9 @@ super: rec {
vte-high-refresh-rate = patch' super.vte; vte-high-refresh-rate = patch' super.vte;
vte-gtk4-high-refresh-rate = patch' super.vte-gtk4;
tilix-high-refresh-rate = super.tilix.override { gtkd = super.gtkd.override { vte = vte-high-refresh-rate; }; }; tilix-high-refresh-rate = super.tilix.override { gtkd = super.gtkd.override { vte = vte-high-refresh-rate; }; };
blackbox-high-refresh-rate = (patch' super.blackbox-terminal).override { vte-gtk4 = vte-gtk4-high-refresh-rate; }; webkitgtk = patch' super.webkitgtk;
webkitgtk_4_1 = patch' super.webkitgtk_4_1;
} }

2
packages/patched-inputs.nix
View file

@ -1,7 +1,7 @@
let tools = import ./lib/tools.nix; let tools = import ./lib/tools.nix;
in with tools; in with tools;
inputs: rec { inputs: rec {
nix-super = inputs.nix-super.packages.x86_64-linux.default; nix-super = inputs.nix-super.defaultPackage.x86_64-linux;
deploy-rs = inputs.deploy-rs.packages.x86_64-linux.deploy-rs; deploy-rs = inputs.deploy-rs.packages.x86_64-linux.deploy-rs;

12
packages/tools/brig/default-repo-location.patch
View file

@ -1,12 +0,0 @@
diff --git a/cmd/util.go b/cmd/util.go
index 37ebfe64..ceee4730 100644
--- a/cmd/util.go
+++ b/cmd/util.go
@@ -79,6 +80,7 @@ func guessRepoFolder(ctx *cli.Context) (string, error) {
guessLocations := []string{
// TODO: For now just one.
+ (os.Getenv("HOME") + "/.brig"),
".",
}

47
packages/tools/brig/default.nix
View file

@ -1,47 +0,0 @@
{ lib, buildGoModule, fetchFromGitHub }:
let
vp = "github.com/sahib/brig/version";
version = {
major = "0";
minor = "5";
patch = "3";
releaseType = "develop";
gitRev = "6b7eccf8fcbd907fc759f8ca8aa814df8499e2ed";
};
in
buildGoModule {
pname = "brig";
version = "0.5.3pre";
subPackages = ["."];
patches = [
./default-repo-location.patch
./fix-ghost-remove.patch
./fix-replay-remove-already-gone.patch
./info-no-check-cached.patch
./ls-no-check-cached.patch
./pin-ls-recursive.patch
./repin-relaxed-locking.patch
./vcs-mapper-debug-to-logger.patch
];
src = fetchFromGitHub {
owner = "sahib";
repo = "brig";
rev = version.gitRev;
sha256 = "sha256-lCXSeTIZcIcVcblm9BTUMqTfxO7+BHYQNv6/RlPq14A=";
};
vendorSha256 = "sha256-pFrrMq7VFCwt8KRgJApCq8lPYv0P8hIUOxKJMN9QR0U=";
ldflags = with version; [
"-s" "-w"
"-X ${vp}.Major=${major}"
"-X ${vp}.Minor=${minor}"
"-X ${vp}.Patch=${patch}"
"-X ${vp}.GitRev=${gitRev}"
"-X ${vp}.ReleaseType=${releaseType}"
"-X ${vp}.BuildTime=1970-01-01T01:00:01+01:00"
];
}

13
packages/tools/brig/fix-ghost-remove.patch
View file

@ -1,13 +0,0 @@
diff --git a/catfs/vcs/mapper.go b/catfs/vcs/mapper.go
index 5568e600..bfba247d 100644
--- a/catfs/vcs/mapper.go
+++ b/catfs/vcs/mapper.go
@@ -311,7 +311,7 @@ func (ma *Mapper) mapDirectory(srcCurr *n.Directory, dstPath string, force bool)
// No sibling found for this ghost.
if aliveDstCurr == nil {
- return ma.report(srcCurr, nil, false, false, false)
+ return ma.report(srcCurr, nil, false, true, false)
}
localBackCheck, err := ma.lkrSrc.LookupNodeAt(ma.srcHead, aliveDstCurr.Path())

15
packages/tools/brig/fix-replay-remove-already-gone.patch
View file

@ -1,15 +0,0 @@
diff --git a/catfs/vcs/change.go b/catfs/vcs/change.go
index 94800b23..e454c399 100644
--- a/catfs/vcs/change.go
+++ b/catfs/vcs/change.go
@@ -234,6 +234,10 @@ func replayAddMoveMapping(lkr *c.Linker, oldPath, newPath string) error {
func replayRemove(lkr *c.Linker, ch *Change) error {
currNd, err := lkr.LookupModNode(ch.Curr.Path())
if err != nil {
+ // file doesn't exist locally, nothing to do
+ if ie.IsNoSuchFileError(err) {
+ return nil
+ }
return e.Wrapf(err, "replay: lookup: %v", ch.Curr.Path())
}

27
packages/tools/brig/info-no-check-cached.patch
View file

@ -1,27 +0,0 @@
diff --git a/cmd/fs_handlers.go b/cmd/fs_handlers.go
index d86e8d91..f894ac89 100644
--- a/cmd/fs_handlers.go
+++ b/cmd/fs_handlers.go
@@ -591,14 +591,8 @@ func handleShowFileOrDir(ctx *cli.Context, ctl *client.Client, path string) erro
return tmpl.Execute(os.Stdout, info)
}
- isCached, err := ctl.IsCached(path)
- if err != nil {
- return err
- }
-
pinState := yesify(info.IsPinned)
explicitState := yesify(info.IsExplicit)
- cachedState := yesify(isCached)
nodeType := "file"
if info.IsDir {
@@ -627,7 +621,6 @@ func handleShowFileOrDir(ctx *cli.Context, ctl *client.Client, path string) erro
printPair("Inode", strconv.FormatUint(info.Inode, 10))
printPair("Pinned", pinState)
printPair("Explicit", explicitState)
- printPair("Cached", cachedState)
printPair("IsRaw", yesify(info.IsRaw))
printPair("ModTime", info.ModTime.Format(time.RFC3339))
printPair("Tree Hash", info.TreeHash.B58String())

37
packages/tools/brig/ls-no-check-cached.patch
View file

@ -1,37 +0,0 @@
diff --git a/cmd/fs_handlers.go b/cmd/fs_handlers.go
index f1791b16..d86e8d91 100644
--- a/cmd/fs_handlers.go
+++ b/cmd/fs_handlers.go
@@ -449,7 +449,7 @@ func handleList(ctx *cli.Context, ctl *client.Client) error {
userColumn = "USER\t"
}
- fmt.Fprintf(tabW, "SIZE\tBKEND\tMODTIME\t%sPATH\tPIN\tCACHED\tHINT\n", userColumn)
+ fmt.Fprintf(tabW, "SIZE\tBKEND\tMODTIME\t%sPATH\tPIN\tHINT\n", userColumn)
}
for _, entry := range entries {
@@ -467,22 +467,15 @@ func handleList(ctx *cli.Context, ctl *client.Client) error {
userEntry = color.GreenString(userMap[entry.User]) + "\t"
}
- isCached, err := ctl.IsCached(entry.Path)
- if err != nil {
- return err
- }
- cachedState := " " + pinStateToSymbol(isCached, false)
-
fmt.Fprintf(
tabW,
- "%s\t%s\t%s\t%s%s\t%s\t%s\t%s\n",
+ "%s\t%s\t%s\t%s%s\t%s\t%s\n",
colorForSize(entry.Size)(humanize.Bytes(entry.Size)),
colorForSize(entry.Size)(humanize.Bytes(uint64(entry.CachedSize))),
entry.ModTime.Format("2006-01-02 15:04:05 MST"),
userEntry,
coloredPath,
pinState,
- cachedState,
formatHint(entry.Hint),
)
}

13
packages/tools/brig/pin-ls-recursive.patch
View file

@ -1,13 +0,0 @@
diff --git a/backend/httpipfs/pin.go b/backend/httpipfs/pin.go
index 74c7dec..65d78b8 100644
--- a/backend/httpipfs/pin.go
+++ b/backend/httpipfs/pin.go
@@ -13,7 +13,7 @@ import (
// IsPinned returns true when `hash` is pinned in some way.
func (nd *Node) IsPinned(hash h.Hash) (bool, error) {
ctx := context.Background()
- resp, err := nd.sh.Request("pin/ls", hash.B58String()).Send(ctx)
+ resp, err := nd.sh.Request("pin/ls", hash.B58String()).Option("type", "recursive").Send(ctx)
if err != nil {
return false, err
}

41
packages/tools/brig/repin-relaxed-locking.patch
View file

@ -1,41 +0,0 @@
diff --git a/catfs/repin.go b/catfs/repin.go
index 63ba711e..f8b5b9d6 100644
--- a/catfs/repin.go
+++ b/catfs/repin.go
@@ -247,9 +247,12 @@ func (fs *FS) repin(root string) error {
savedStorage := uint64(0)
parts := []*partition{}
+ fs.mu.Unlock()
log.Infof("repin started (min=%d max=%d quota=%s)", minDepth, maxDepth, quotaSrc)
err = n.Walk(fs.lkr, rootNd, true, func(child n.Node) error {
+ fs.mu.Lock()
+ defer fs.mu.Unlock()
if child.Type() == n.NodeTypeDirectory {
return nil
}
@@ -259,6 +262,7 @@ func (fs *FS) repin(root string) error {
return e.Wrapf(ie.ErrBadNode, "repin")
}
+ fs.mu.Unlock()
part, err := fs.partitionNodeHashes(modChild, minDepth, maxDepth)
if err != nil {
return err
@@ -273,6 +277,7 @@ func (fs *FS) repin(root string) error {
if err != nil {
return err
}
+ fs.mu.Lock()
totalStorage += part.PinSize
addedToStorage += pinBytes
@@ -286,6 +291,7 @@ func (fs *FS) repin(root string) error {
return e.Wrapf(err, "repin: walk")
}
+ fs.mu.Lock()
quotaUnpins, err := fs.balanceQuota(parts, totalStorage, quota)
if err != nil {
return e.Wrapf(err, "repin: quota balance")

110
packages/tools/brig/vcs-mapper-debug-to-logger.patch
View file

@ -1,110 +0,0 @@
diff --git a/catfs/vcs/debug.go b/catfs/vcs/debug.go
deleted file mode 100644
index 18dbe736..00000000
--- a/catfs/vcs/debug.go
+++ /dev/null
@@ -1,21 +0,0 @@
-package vcs
-
-import (
- "fmt"
-)
-
-const (
- printDebug = false
-)
-
-func debug(args ...interface{}) {
- if printDebug {
- fmt.Println(args...)
- }
-}
-
-func debugf(spec string, args ...interface{}) {
- if printDebug {
- fmt.Printf(spec, args...)
- }
-}
diff --git a/catfs/vcs/mapper.go b/catfs/vcs/mapper.go
index fb87116f..5568e600 100644
--- a/catfs/vcs/mapper.go
+++ b/catfs/vcs/mapper.go
@@ -138,7 +138,7 @@ func (ma *Mapper) report(src, dst n.ModNode, typeMismatch, isRemove, isMove bool
ma.setDstHandled(dst)
}
- debug("=> report", src, dst)
+ log.Debug("=> report", src, dst)
return ma.fn(MapPair{
Src: src,
Dst: dst,
@@ -181,7 +181,7 @@ func (ma *Mapper) mapFile(srcCurr *n.File, dstFilePath string) error {
return nil
}
- debug("map file", srcCurr.Path(), dstFilePath)
+ log.Debug("map file", srcCurr.Path(), dstFilePath)
// Remember that we visited this node.
ma.setSrcVisited(srcCurr)
@@ -669,9 +669,9 @@ func (ma *Mapper) extractLeftovers(lkr *c.Linker, root *n.Directory, srcToDst bo
}
for _, child := range children {
- debug(fmt.Sprintf("extract: %v", child.Path()))
+ log.Debug(fmt.Sprintf("extract: %v", child.Path()))
if ma.nodeIsHandled(child, srcToDst) {
- debug(fmt.Sprintf("node is handled: %v", child.Path()))
+ log.Debug(fmt.Sprintf("node is handled: %v", child.Path()))
continue
}
@@ -689,7 +689,7 @@ func (ma *Mapper) extractLeftovers(lkr *c.Linker, root *n.Directory, srcToDst bo
complete = ma.isDstComplete(dir)
}
- debug(fmt.Sprintf("is complete: %v %v", child.Path(), complete))
+ log.Debug(fmt.Sprintf("is complete: %v %v", child.Path(), complete))
if complete {
if srcToDst {
err = ma.report(dir, nil, false, false, false)
@@ -787,7 +787,7 @@ func (ma *Mapper) Map(fn func(pair MapPair) error) error {
if err != nil {
return err
}
- debug("-- Extract leftover src")
+ log.Debug("-- Extract leftover src")
// Extract things in "src" that were not mapped yet.
// These are files that can be added to our inventory,
@@ -795,7 +795,7 @@ func (ma *Mapper) Map(fn func(pair MapPair) error) error {
if err := ma.extractLeftovers(ma.lkrSrc, srcRoot, true); err != nil {
return err
}
- debug("-- Extract leftover dst")
+ log.Debug("-- Extract leftover dst")
// Check for files that we have, but dst does not.
// We call those files "missing".
diff --git a/catfs/vcs/resolve.go b/catfs/vcs/resolve.go
index 0f5e9cd6..14ca1f01 100644
--- a/catfs/vcs/resolve.go
+++ b/catfs/vcs/resolve.go
@@ -172,7 +172,7 @@ func (rv *resolver) cacheLastCommonMerge() error {
return err
}
- debugf("last merge found: %v = %s", with, srcRef)
+ log.Debugf("last merge found: %v = %s", with, srcRef)
rv.dstMergeCmt = currHead
rv.srcMergeCmt = srcHead
}
@@ -352,7 +352,7 @@ func (rv *resolver) decide(pair MapPair) error {
}
if pair.TypeMismatch {
- debugf(
+ log.Debugf(
"%s is a %s and %s a %s; ignoring",
pair.Src.Path(), pair.Src.Type(),
pair.Dst.Path(), pair.Dst.Type(),

19
packages/tools/git-remote-ipld/default.nix
View file

@ -1,19 +0,0 @@
{ buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "git-remote-ipld";
version = "0.1.0";
patches = [
./silence-logger.patch
];
src = fetchFromGitHub {
owner = "ipfs-shipyard";
repo = pname;
rev = "2f4756ae2c5df8c8276dbca94038e3eaffac3a95";
sha256 = "sha256-0BxDEghcTEpge1KIQ6s7+/XMVHcTnmWRtMaQEHLaQ+M=";
};
vendorHash = "sha256-LpQYi8pqMIiNjDyXiNSEF8kwciK6eQq/yyPsgsArHko=";
doCheck = false;
}

48
packages/tools/git-remote-ipld/silence-logger.patch
View file

@ -1,48 +0,0 @@
diff --git a/core/tracker.go b/core/tracker.go
index cb4e8b0..43a6b1d 100644
--- a/core/tracker.go
+++ b/core/tracker.go
@@ -2,6 +2,7 @@ package core
import (
"fmt"
+ "log"
"os"
"path"
@@ -15,6 +16,26 @@ type Tracker struct {
txn *badger.Txn
}
+type logger struct {
+ *log.Logger
+}
+
+func (l *logger) Debugf(f string, v ...interface{}) {
+ return
+}
+
+func (l *logger) Infof(f string, v ...interface{}) {
+ return
+}
+
+func (l *logger) Warningf(f string, v ...interface{}) {
+ l.Printf("WARNING: "+f, v...)
+}
+
+func (l *logger) Errorf(f string, v ...interface{}) {
+ l.Printf("ERROR: "+f, v...)
+}
+
func NewTracker(gitPath string) (*Tracker, error) {
ipldDir := path.Join(gitPath, "ipld")
err := os.MkdirAll(ipldDir, 0755)
@@ -22,7 +43,7 @@ func NewTracker(gitPath string) (*Tracker, error) {
return nil, err
}
- opt := badger.DefaultOptions(ipldDir)
+ opt := badger.DefaultOptions(ipldDir).WithLogger(&logger{Logger: log.New(os.Stderr, "badger ", log.LstdFlags)})
db, err := badger.Open(opt)
if err != nil {

6
packages/unfree.nix
View file

@ -1,6 +0,0 @@
[
# For NVIDIA ML
"nvidia-persistenced"
"nvidia-settings"
"nvidia-x11"
]

138
patches/base/blackbox/remove-process-watcher.patch
View file

@ -1,138 +0,0 @@
diff --git a/src/services/meson.build b/src/services/meson.build
index 0f9114b..390e869 100644
--- a/src/services/meson.build
+++ b/src/services/meson.build
@@ -1,5 +1,4 @@
blackbox_sources += files([
- 'ProcessWatcher.vala',
'Scheme.vala',
'Settings.vala',
'Shortcuts.vala',
diff --git a/src/widgets/Terminal.vala b/src/widgets/Terminal.vala
index 7d53851..49db51b 100644
--- a/src/widgets/Terminal.vala
+++ b/src/widgets/Terminal.vala
@@ -49,13 +49,10 @@ public class Terminal.Terminal : Vte.Terminal {
public signal void spawn_failed (string? error_message);
- public signal void context_changed (ProcessContext context);
-
// Properties
public Scheme scheme { get; set; }
public Pid pid { get; protected set; default = -1; }
- public Process? process { get; protected set; default = null; }
public uint user_scrollback_lines {
get {
@@ -481,56 +478,6 @@ public class Terminal.Terminal : Vte.Terminal {
if (_pid < 0) {
return;
}
-
- this.process = new Process () {
- terminal_fd = this.pty.get_fd (),
- pid = this.pid,
- foreground_pid = -1,
- };
-
- this.process.foreground_task_finished.connect ((_process) => {
- var desktop_notifications_enabled =
- Settings.get_default ().notify_process_completion;
-
- if (
- desktop_notifications_enabled &&
- !this.has_focus &&
- _process.last_foreground_task_command != null
- ) {
- var n = new GLib.Notification (_("Command completed"));
- n.set_body (_process.last_foreground_task_command);
-
- // TODO: improve this notification system so that when a user clicks
- // the notification, Black Box focuses the right terminal window and
- // automatically focusses the tab that just completed.
- //
- // https://valadoc.org/gio-2.0/GLib.Notification.set_default_action.html
- // https://valadoc.org/gio-2.0/GLib.Action.parse_detailed_name.html
-
- this.window.application.send_notification (null, n);
-
- // GNOME seems to be showing the same notification twice. I am sure we
- // are not calling this twice. This may be an upstream bug.
- GLib.Application.get_default ().send_notification (null, n);
- }
- });
-
- this.process.notify ["context"].connect ((__process, spec) => {
- var context = (_process as Process)?.context ?? ProcessContext.DEFAULT;
-
- this.context_changed.emit (context);
- // string context_str =
- // context == ProcessContext.SSH
- // ? "ssh"
- // : context == ProcessContext.ROOT
- // ? "root"
- // : "default";
- // message ("New context for process: %s", context_str);
- });
-
- ProcessWatcher.get_instance ().watch (this.process);
-
- this.context_changed.emit (this.process.context);
}
private async bool spawn_on_flatpak (Vte.PtyFlags flags,
@@ -603,7 +550,6 @@ public class Terminal.Terminal : Vte.Terminal {
// This is not a good idea. Another thread might be modifying this field
// as well.
// this.process.ended = true;
- this.process = null;
this.exit ();
}
diff --git a/src/widgets/Window.vala b/src/widgets/Window.vala
index 4ede36c..2e0003b 100644
--- a/src/widgets/Window.vala
+++ b/src/widgets/Window.vala
@@ -215,10 +215,6 @@ public class Terminal.Window : Adw.ApplicationWindow {
SettingsBindFlags.GET
);
- this.settings.notify ["context-aware-header-bar"].connect (() => {
- this.on_active_terminal_context_changed ();
- });
-
this.header_bar_revealer.notify ["reveal-child"]
.connect (this.on_reveal_header_bar_changed);
@@ -806,29 +802,6 @@ public class Terminal.Window : Adw.ApplicationWindow {
.connect (this.on_active_terminal_title_changed);
this.active_terminal_tab_signal_handlers.append_val (handler);
-
- this.on_active_terminal_context_changed ();
- handler = this.active_terminal
- .context_changed
- .connect (this.on_active_terminal_tab_changed);
- }
-
- private void on_active_terminal_context_changed () {
- var context = this.active_terminal?.process?.context;
- var is_context_aware_enabled =
- Settings.get_default ().context_aware_header_bar;
-
- widget_set_css_class (
- this,
- "context-root",
- context == ProcessContext.ROOT && is_context_aware_enabled
- );
-
- widget_set_css_class (
- this,
- "context-ssh",
- context == ProcessContext.SSH && is_context_aware_enabled
- );
}
private void on_active_terminal_title_changed () {

102
patches/base/glib/glib-appinfo-watch.patch Normal file
View file

@ -0,0 +1,102 @@
This patch lets GLib's GDesktopAppInfo API watch and notice changes
to the Nix user and system profiles. That way, the list of available
applications shown by the desktop environment is immediately updated
when the user installs or removes any
(see <https://issues.guix.gnu.org/35594>).
It does so by monitoring /nix/var/nix/profiles (for changes to the system
profile) and /nix/var/nix/profiles/per-user/USER (for changes to the user
profile) as well as /etc/profiles/per-user (for chanes to the user
environment profile) and crawling their share/applications sub-directory when
changes happen.
diff --git a/gio/gdesktopappinfo.c b/gio/gdesktopappinfo.c
index f1e2fdd..095c110 100644
--- a/gio/gdesktopappinfo.c
+++ b/gio/gdesktopappinfo.c
@@ -148,6 +148,7 @@ typedef struct
gchar *alternatively_watching;
gboolean is_config;
gboolean is_setup;
+ gchar *nix_profile_watch_dir;
GFileMonitor *monitor;
GHashTable *app_names;
GHashTable *mime_tweaks;
@@ -180,6 +181,7 @@ desktop_file_dir_unref (DesktopFileDir *dir)
{
desktop_file_dir_reset (dir);
g_free (dir->path);
+ g_free (dir->nix_profile_watch_dir);
g_free (dir);
}
}
@@ -204,6 +206,14 @@ desktop_file_dir_get_alternative_dir (DesktopFileDir *dir)
{
gchar *parent;
+ /* If DIR is a profile, watch the specified directory--e.g.,
+ * /nix/var/nix/profiles/per-user/$USER/ for the user profile. Do not watch
+ * ~/.nix-profile or /run/current-system/sw because GFileMonitor does
+ * not pass IN_DONT_FOLLOW and thus cannot notice any change.
+ * /etc/profiles/per-user is monitored directly for the same reason. */
+ if (dir->nix_profile_watch_dir != NULL)
+ return g_strdup (dir->nix_profile_watch_dir);
+
/* If the directory itself exists then we need no alternative. */
if (g_access (dir->path, R_OK | X_OK) == 0)
return NULL;
@@ -249,11 +258,11 @@ desktop_file_dir_changed (GFileMonitor *monitor,
*
* If this is a notification for a parent directory (because the
* desktop directory didn't exist) then we shouldn't fire the signal
- * unless something actually changed.
+ * unless something actually changed or it's part of a Nix profile.
*/
g_mutex_lock (&desktop_file_dir_lock);
- if (dir->alternatively_watching)
+ if (dir->alternatively_watching && dir->nix_profile_watch_dir == NULL)
{
gchar *alternative_dir;
@@ -1555,6 +1564,40 @@ desktop_file_dirs_lock (void)
for (i = 0; dirs[i]; i++)
g_ptr_array_add (desktop_file_dirs, desktop_file_dir_new (dirs[i]));
+ {
+ /* Monitor the system and user profile under /nix/var/nix/profiles and
+ * treat modifications to them as if they were modifications to their
+ * /share sub-directory. */
+ const gchar *user;
+ DesktopFileDir *system_profile_dir, *user_profile_dir, *user_env_dir;
+
+ system_profile_dir =
+ desktop_file_dir_new ("/nix/var/nix/profiles/system/sw/share");
+ system_profile_dir->nix_profile_watch_dir = g_strdup ("/nix/var/nix/profiles");
+ g_ptr_array_add (desktop_file_dirs, desktop_file_dir_ref (system_profile_dir));
+
+ user = g_get_user_name ();
+ if (user != NULL)
+ {
+ gchar *profile_dir, *user_data_dir, *env_dir, *env_data_dir;
+
+ profile_dir = g_build_filename ("/nix/var/nix/profiles/per-user", user, NULL);
+ user_data_dir = g_build_filename (profile_dir, "profile", "share", NULL);
+ user_profile_dir = desktop_file_dir_new (user_data_dir);
+ user_profile_dir->nix_profile_watch_dir = profile_dir;
+
+ env_dir = g_build_filename ("/etc/profiles/per-user", NULL);
+ env_data_dir = g_build_filename (env_dir, user, "share", NULL);
+ user_env_dir = desktop_file_dir_new (env_data_dir);
+ user_env_dir->nix_profile_watch_dir = env_dir;
+
+ g_ptr_array_add (desktop_file_dirs, desktop_file_dir_ref (user_profile_dir));
+ g_ptr_array_add (desktop_file_dirs, desktop_file_dir_ref (user_env_dir));
+ g_free (user_data_dir);
+ g_free (env_data_dir);
+ }
+ }
+
/* The list of directories will never change after this, unless
* g_get_user_config_dir() changes due to %G_TEST_OPTION_ISOLATE_DIRS. */
desktop_file_dirs_config_dir = user_config_dir;

6
patches/base/ipfs/ipfs-allow-publish-with-ipns-mounted.patch
View file

@ -1,11 +1,11 @@
diff --git a/core/coreapi/coreapi.go b/core/coreapi/coreapi.go diff --git a/core/coreapi/coreapi.go b/core/coreapi/coreapi.go
index fb54917..9852989 100644 index 5b638826b..32747fe53 100644
--- a/core/coreapi/coreapi.go --- a/core/coreapi/coreapi.go
+++ b/core/coreapi/coreapi.go +++ b/core/coreapi/coreapi.go
@@ -198,9 +198,6 @@ func (api *CoreAPI) WithOptions(opts ...options.ApiOption) (coreiface.CoreAPI, e @@ -191,9 +191,6 @@ func (api *CoreAPI) WithOptions(opts ...options.ApiOption) (coreiface.CoreAPI, e
} }
subAPI.checkPublishAllowed = func() error { subApi.checkPublishAllowed = func() error {
- if n.Mounts.Ipns != nil && n.Mounts.Ipns.IsActive() { - if n.Mounts.Ipns != nil && n.Mounts.Ipns.IsActive() {
- return errors.New("cannot manually publish while IPNS is mounted") - return errors.New("cannot manually publish while IPNS is mounted")
- } - }

15
patches/base/ipfs/ipfs-unsafe-allow-all-paths-for-filestore.patch Normal file
View file

@ -0,0 +1,15 @@
diff --git a/vendor/github.com/ipfs/go-filestore/fsrefstore.go b/vendor/github.com/ipfs/go-filestore/fsrefstore.go
index 9eb2b43..332cdc0 100644
--- a/vendor/github.com/ipfs/go-filestore/fsrefstore.go
+++ b/vendor/github.com/ipfs/go-filestore/fsrefstore.go
@@ -290,10 +290,6 @@ func (f *FileManager) putTo(ctx context.Context, b *posinfo.FilestoreNode, to pu
if !f.AllowFiles {
return ErrFilestoreNotEnabled
}
- //lint:ignore SA1019 // ignore staticcheck
- if !filepath.HasPrefix(b.PosInfo.FullPath, f.root) {
- return fmt.Errorf("cannot add filestore references outside ipfs root (%s)", f.root)
- }
p, err := filepath.Rel(f.root, b.PosInfo.FullPath)
if err != nil {

11
patches/base/ipfs/lain-webui-0.10.0.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/core/corehttp/webui.go 2020-05-09 04:58:18.000000000 +0200
+++ b/core/corehttp/webui.go 2020-07-15 00:22:00.439862559 +0200
@@ -1,7 +1,7 @@
package corehttp
// TODO: move to IPNS
-const WebUIPath = "/ipfs/bafybeihcyruaeza7uyjd6ugicbcrqumejf6uf353e5etdkhotqffwtguva" // v2.13.0
+const WebUIPath = "/ipns/webui.ipfs.privatevoid.net"
// this is a list of all past webUI paths.
var WebUIPaths = []string{

4505
patches/base/libfprint/532d_support.patch
View file

File diff suppressed because it is too large Load diff

13
patches/base/libfprint/increase-frames.patch
View file

@ -1,13 +0,0 @@
diff --git a/libfprint/drivers/goodixtls/goodix53xd.c b/libfprint/drivers/goodixtls/goodix53xd.c
index 8fe8c1f..8a4b2dd 100644
--- a/libfprint/drivers/goodixtls/goodix53xd.c
+++ b/libfprint/drivers/goodixtls/goodix53xd.c
@@ -50,7 +50,7 @@
// extra end
#define GOODIX53XD_RAW_FRAME_SIZE \
(GOODIX53XD_HEIGHT * GOODIX53XD_SCAN_WIDTH) / 4 * 6
-#define GOODIX53XD_CAP_FRAMES 1 // Number of frames we capture per swipe
+#define GOODIX53XD_CAP_FRAMES 10 // Number of frames we capture per swipe
typedef unsigned short Goodix53xdPix;

50
patches/base/webkitgtk/PasteboardGtk-fix-paste-images.patch Normal file
View file

@ -0,0 +1,50 @@
diff --git b/Source/WebCore/platform/gtk/PasteboardGtk.cpp a/Source/WebCore/platform/gtk/PasteboardGtk.cpp
index fbe7198..6693af0 100644
--- b/Source/WebCore/platform/gtk/PasteboardGtk.cpp
+++ a/Source/WebCore/platform/gtk/PasteboardGtk.cpp
@@ -315,15 +315,43 @@ void Pasteboard::read(PasteboardWebContentReader& reader, WebContentReadingPolic
void Pasteboard::read(PasteboardFileReader& reader, Optional<size_t>)
{
+ WTFLogAlways("xxoo Pasteboard::read PasteboardFileReader");
if (m_selectionData) {
- for (const auto& filePath : m_selectionData->filenames())
+ WTFLogAlways("xxoo Pasteboard::read m_selectionData");
+ for (const auto& filePath : m_selectionData->filenames()) {
+ WTFLogAlways("xxoo Pasteboard::read m_selectionData reader.readFilename filePath=%s", filePath.utf8().data());
reader.readFilename(filePath);
+ }
return;
}
+
+ WTFLogAlways("xxoo Pasteboard::read readFilePathsFromClipboard pasteboardName=%s", m_name.utf8().data());
auto filePaths = platformStrategies()->pasteboardStrategy()->readFilePathsFromClipboard(m_name);
- for (const auto& filePath : filePaths)
+ for (const auto& filePath : filePaths) {
+ WTFLogAlways("xxoo Pasteboard::read readFilePathsFromClipboard reader.readFilename filePath=%s", filePath.utf8().data());
reader.readFilename(filePath);
+ }
+
+ if (filePaths.isEmpty()) {
+ WTFLogAlways("xxoo Pasteboard::read readFilePathsFromClipboard got no filePaths, try readBufferFromClipboard pasteboardName=%s", m_name.utf8().data());
+
+ auto types = platformStrategies()->pasteboardStrategy()->types(m_name);
+ static const ASCIILiteral imageTypes[] = { "image/png"_s, "image/jpeg"_s, "image/gif"_s, "image/bmp"_s, "image/vnd.microsoft.icon"_s, "image/x-icon"_s };
+ for (const auto& imageType : imageTypes) {
+ if (types.contains(imageType)) {
+ WTFLogAlways("xxoo Pasteboard::read readBufferFromClipboard types contains imageType");
+ auto buffer = platformStrategies()->pasteboardStrategy()->readBufferFromClipboard(m_name, imageType);
+ // readBuffer(const String&, const String& type, Ref<SharedBuffer>&&)
+ // readImage(Ref<SharedBuffer>&&, const String&, PresentationSize = { })
+ if (!buffer->isEmpty()) {
+ reader.readBuffer(imageType, imageType, buffer.releaseNonNull());
+ WTFLogAlways("xxoo Pasteboard::read reader.readBuffer success");
+ return;
+ }
+ }
+ }
+ }
}
bool Pasteboard::hasData()

2
patches/kmods/ddcci-driver/global-control-device.patch
View file

@ -68,7 +68,7 @@ index 7a98522..e518bfc 100644
+ if (ddcci_bl_global_control == NULL) { + if (ddcci_bl_global_control == NULL) {
+ printk(KERN_INFO "ddcci-backlight: registering global controller with brightness=%d, max_brightness=%d\n", + printk(KERN_INFO "ddcci-backlight: registering global controller with brightness=%d, max_brightness=%d\n",
+ brightness, max_brightness); + brightness, max_brightness);
+ cprops.type = BACKLIGHT_FIRMWARE; + cprops.type = BACKLIGHT_RAW;
+ cprops.max_brightness = max_brightness; + cprops.max_brightness = max_brightness;
+ cprops.brightness = brightness; + cprops.brightness = brightness;
+ ddcci_bl_global_control = devm_backlight_device_register(&dev->dev, "0000-ddcci_backlight_global_control", + ddcci_bl_global_control = devm_backlight_device_register(&dev->dev, "0000-ddcci_backlight_global_control",

Some files were not shown because too many files have changed in this diff Show more