init
This commit is contained in:
commit
f9dfe15748
53 changed files with 1663 additions and 0 deletions
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
/wip
|
||||||
|
/result
|
||||||
|
result
|
2
config/zsh/components/console-256color.zsh
Normal file
2
config/zsh/components/console-256color.zsh
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
# works well enough
|
||||||
|
[[ "$TERM" == "linux" ]] && TERM=xterm-256color
|
4
config/zsh/components/fuzzy-tab.zsh
Normal file
4
config/zsh/components/fuzzy-tab.zsh
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
zstyle ':completion:*' matcher-list '' \
|
||||||
|
'm:{a-z\-}={A-Z\_}' \
|
||||||
|
'r:[^[:alpha:]]||[[:alpha:]]=** r:|=* m:{a-z\-}={A-Z\_}' \
|
||||||
|
'r:|?=** m:{a-z\-}={A-Z\_}'
|
31
config/zsh/components/highlight-theme.zsh
Normal file
31
config/zsh/components/highlight-theme.zsh
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
# zsh-syntax-highlighting
|
||||||
|
typeset -A ZSH_HIGHLIGHT_STYLES
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_STYLES[precommand]='fg=33'
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_STYLES[arg0]='fg=39'
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_STYLES[single-hyphen-option]='fg=229'
|
||||||
|
ZSH_HIGHLIGHT_STYLES[double-hyphen-option]='fg=228'
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_STYLES[autodirectory]='fg=blue'
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_STYLES[path]='none'
|
||||||
|
# HACK: performance fix assuming "none" isn't truly none
|
||||||
|
ZSH_HIGHLIGHT_DIRS_BLACKLIST+=(/*)
|
||||||
|
|
||||||
|
# fix aliased highlighting of suid precmds
|
||||||
|
typeset -A ZSH_HIGHLIGHT_PATTERNS
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_PATTERNS+=('doas' 'fg=33')
|
||||||
|
ZSH_HIGHLIGHT_PATTERNS+=('sudo' 'fg=33')
|
||||||
|
|
||||||
|
ZSH_HIGHLIGHT_HIGHLIGHTERS=(main pattern)
|
||||||
|
|
||||||
|
# set up LS_COLORS
|
||||||
|
if which dircolors >/dev/null 2>&1; then
|
||||||
|
export $(dircolors)
|
||||||
|
fi
|
||||||
|
|
||||||
|
# colorful tab completion listings
|
||||||
|
zstyle ':completion:*' list-colors "${(s.:.)LS_COLORS}"
|
7
config/zsh/components/history.zsh
Normal file
7
config/zsh/components/history.zsh
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
HISTFILE=~/.cache/zsh_history
|
||||||
|
HISTSIZE=15000
|
||||||
|
SAVEHIST=10000
|
||||||
|
setopt share_history
|
||||||
|
setopt hist_expire_dups_first
|
||||||
|
setopt hist_no_functions hist_no_store hist_reduce_blanks
|
||||||
|
setopt hist_verify
|
38
config/zsh/components/keybinds.zsh
Normal file
38
config/zsh/components/keybinds.zsh
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
# partial outtake from ohmyzsh lib/key-bindings.zsh
|
||||||
|
# https://github.com/ohmyzsh/ohmyzsh/pull/1355/files
|
||||||
|
if (( ${+terminfo[smkx]} )) && (( ${+terminfo[rmkx]} )); then
|
||||||
|
function zle-line-init() {
|
||||||
|
echoti smkx
|
||||||
|
}
|
||||||
|
function zle-line-finish() {
|
||||||
|
echoti rmkx
|
||||||
|
}
|
||||||
|
zle -N zle-line-init
|
||||||
|
zle -N zle-line-finish
|
||||||
|
fi
|
||||||
|
|
||||||
|
bindkey -e # Use emacs key bindings
|
||||||
|
|
||||||
|
bindkey '\ew' kill-region # [Esc-w] - Kill from the cursor to the mark
|
||||||
|
bindkey -s '\el' 'ls\n' # [Esc-l] - run command: ls
|
||||||
|
bindkey '^r' history-incremental-search-backward # [Ctrl-r] - Search backward incrementally for a specified string. The string may begin with ^ to anchor the search to the beginning of the line.
|
||||||
|
bindkey "${terminfo[kpp]}" up-line-or-history # [PageUp] - Up a line of history
|
||||||
|
bindkey "${terminfo[knp]}" down-line-or-history # [PageDown] - Down a line of history
|
||||||
|
|
||||||
|
bindkey "${terminfo[kcuu1]}" history-substring-search-up
|
||||||
|
bindkey "${terminfo[kcud1]}" history-substring-search-down
|
||||||
|
|
||||||
|
bindkey "${terminfo[khome]}" beginning-of-line # [Home] - Go to beginning of line
|
||||||
|
bindkey "${terminfo[kend]}" end-of-line # [End] - Go to end of line
|
||||||
|
|
||||||
|
bindkey ' ' magic-space # [Space] - do history expansion
|
||||||
|
|
||||||
|
bindkey '^[[1;5C' forward-word # [Ctrl-RightArrow] - move forward one word
|
||||||
|
bindkey '^[[1;5D' backward-word # [Ctrl-LeftArrow] - move backward one word
|
||||||
|
|
||||||
|
bindkey "${terminfo[kcbt]}" reverse-menu-complete # [Shift-Tab] - move through the completion menu backwards
|
||||||
|
|
||||||
|
bindkey '^?' backward-delete-char # [Backspace] - delete backward
|
||||||
|
bindkey "${terminfo[kdch1]}" delete-char # [Delete] - delete forward
|
||||||
|
|
||||||
|
|
2
config/zsh/components/magic-space.zsh
Normal file
2
config/zsh/components/magic-space.zsh
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
bindkey ' ' magic-space
|
||||||
|
bindkey '^ ' autosuggest-accept
|
15
config/zsh/components/misc.zsh
Normal file
15
config/zsh/components/misc.zsh
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
# allow using comments in interactive
|
||||||
|
setopt interactive_comments
|
||||||
|
|
||||||
|
# basic support for the omz theme format
|
||||||
|
setopt prompt_subst
|
||||||
|
|
||||||
|
# completions
|
||||||
|
autoload -U compinit
|
||||||
|
compinit
|
||||||
|
# allow fully dynamic alias completion - like it's supposed to be
|
||||||
|
unsetopt complete_aliases
|
||||||
|
|
||||||
|
setopt glob_complete
|
||||||
|
setopt glob_star_short
|
||||||
|
unsetopt bad_pattern
|
43
config/zsh/components/navigation.zsh
Normal file
43
config/zsh/components/navigation.zsh
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
alias d="dirs -v | head -n10"
|
||||||
|
|
||||||
|
# backdir auto expansion: ... -> ../..
|
||||||
|
function rationalise-dot() {
|
||||||
|
local MATCH # keep the regex match from leaking to the environment
|
||||||
|
if [[ $LBUFFER =~ '(^|/| | |'$'\n''|\||;|&)\.\.$' && ! $LBUFFER = p4* ]]; then
|
||||||
|
#if [[ ! $LBUFFER = p4* && $LBUFFER = *.. ]]; then
|
||||||
|
LBUFFER+=/..
|
||||||
|
else
|
||||||
|
zle self-insert
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
zle -N rationalise-dot
|
||||||
|
bindkey . rationalise-dot
|
||||||
|
bindkey -M isearch . self-insert
|
||||||
|
|
||||||
|
# absolutize a relative path, or vice versa, or alternatively insert the cwd
|
||||||
|
function insert-cwd-or-absolute() {
|
||||||
|
local MATCH # keep the regex match from leaking to the environment
|
||||||
|
# match anything that could be a path
|
||||||
|
if [[ $LBUFFER =~ '(|'$'\n''|\||;|&)[^= ]+$' && ! $LBUFFER = p4* ]]; then
|
||||||
|
# make sure it exists
|
||||||
|
if [[ -e $MATCH ]]; then
|
||||||
|
local XMATCH="$MATCH"
|
||||||
|
# absolute - make relative
|
||||||
|
if [[ $XMATCH =~ '^/' ]]; then
|
||||||
|
# cut away the last piece of the buffer
|
||||||
|
local LENGTH=$(( $#LBUFFER - $#XMATCH ))
|
||||||
|
LBUFFER="${LBUFFER:0:${LENGTH}}"
|
||||||
|
# and replace it with a relative realpath
|
||||||
|
LBUFFER+="$(realpath --relative-to=. $XMATCH)"
|
||||||
|
else # relative - make absolute
|
||||||
|
local LENGTH=$(( $#LBUFFER - $#XMATCH ))
|
||||||
|
LBUFFER="${LBUFFER:0:${LENGTH}}"
|
||||||
|
LBUFFER+="$(realpath $XMATCH)"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
LBUFFER+=$(pwd)
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
zle -N insert-cwd-or-absolute
|
||||||
|
bindkey '\ed' insert-cwd-or-absolute
|
88
config/zsh/components/theme-common-mod.zsh
Normal file
88
config/zsh/components/theme-common-mod.zsh
Normal file
|
@ -0,0 +1,88 @@
|
||||||
|
# vim: filetype=sh
|
||||||
|
|
||||||
|
# Prompt symbol
|
||||||
|
COMMON_PROMPT_SYMBOL="Ψ"
|
||||||
|
|
||||||
|
# Colors
|
||||||
|
COMMON_COLORS_HOST_ME=green
|
||||||
|
COMMON_COLORS_HOST_AWS_VAULT=yellow
|
||||||
|
COMMON_COLORS_CURRENT_DIR=blue
|
||||||
|
COMMON_COLORS_RETURN_STATUS_TRUE=99
|
||||||
|
COMMON_COLORS_RETURN_STATUS_FALSE=red
|
||||||
|
COMMON_COLORS_GIT_STATUS_DEFAULT=green
|
||||||
|
COMMON_COLORS_GIT_STATUS_STAGED=red
|
||||||
|
COMMON_COLORS_GIT_STATUS_UNSTAGED=yellow
|
||||||
|
COMMON_COLORS_GIT_PROMPT_SHA=green
|
||||||
|
COMMON_COLORS_BG_JOBS=yellow
|
||||||
|
|
||||||
|
# Left Prompt
|
||||||
|
PROMPT='$(common_host)$(common_current_dir)$(common_bg_jobs)$(common_return_status)'
|
||||||
|
|
||||||
|
# Right Prompt
|
||||||
|
RPROMPT='$(common_git_status)'
|
||||||
|
|
||||||
|
# Prompt with current SHA
|
||||||
|
# PROMPT='$(common_host)$(common_current_dir)$(common_bg_jobs)$(common_return_status)'
|
||||||
|
# RPROMPT='$(common_git_status) $(git_prompt_short_sha)'
|
||||||
|
|
||||||
|
# Host
|
||||||
|
common_host() {
|
||||||
|
if [[ -n $SSH_CONNECTION ]]; then
|
||||||
|
me="%n@%m"
|
||||||
|
elif [[ $LOGNAME != $USER ]]; then
|
||||||
|
me="%n"
|
||||||
|
fi
|
||||||
|
if [[ -n $me ]]; then
|
||||||
|
echo "%{$fg[$COMMON_COLORS_HOST_ME]%}$me%{$reset_color%}:"
|
||||||
|
fi
|
||||||
|
if [[ $AWS_VAULT ]]; then
|
||||||
|
echo "%{$fg[$COMMON_COLORS_HOST_AWS_VAULT]%}$AWS_VAULT%{$reset_color%} "
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Current directory
|
||||||
|
common_current_dir() {
|
||||||
|
echo -n "%{$fg[$COMMON_COLORS_CURRENT_DIR]%}%c "
|
||||||
|
}
|
||||||
|
|
||||||
|
# Prompt symbol
|
||||||
|
common_return_status() {
|
||||||
|
echo -n "%(?.%F{$COMMON_COLORS_RETURN_STATUS_TRUE}.%F{$COMMON_COLORS_RETURN_STATUS_FALSE})$COMMON_PROMPT_SYMBOL%f "
|
||||||
|
}
|
||||||
|
|
||||||
|
# Git status
|
||||||
|
common_git_status() {
|
||||||
|
local message=""
|
||||||
|
local message_color="%F{$COMMON_COLORS_GIT_STATUS_DEFAULT}"
|
||||||
|
|
||||||
|
# https://git-scm.com/docs/git-status#_short_format
|
||||||
|
local staged=$(git status --porcelain 2>/dev/null | grep -e "^[MADRCU]")
|
||||||
|
local unstaged=$(git status --porcelain 2>/dev/null | grep -e "^[MADRCU? ][MADRCU?]")
|
||||||
|
|
||||||
|
if [[ -n ${staged} ]]; then
|
||||||
|
message_color="%F{$COMMON_COLORS_GIT_STATUS_STAGED}"
|
||||||
|
elif [[ -n ${unstaged} ]]; then
|
||||||
|
message_color="%F{$COMMON_COLORS_GIT_STATUS_UNSTAGED}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
local branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
|
||||||
|
if [[ -n ${branch} ]]; then
|
||||||
|
message+="${message_color}${branch}%f"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -n "${message}"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Git prompt SHA
|
||||||
|
ZSH_THEME_GIT_PROMPT_SHA_BEFORE="%{%F{$COMMON_COLORS_GIT_PROMPT_SHA}%}"
|
||||||
|
ZSH_THEME_GIT_PROMPT_SHA_AFTER="%{$reset_color%} "
|
||||||
|
|
||||||
|
# Background Jobs
|
||||||
|
common_bg_jobs() {
|
||||||
|
bg_status="%{$fg[$COMMON_COLORS_BG_JOBS]%}%(1j.↓%j .)"
|
||||||
|
echo -n $bg_status
|
||||||
|
}
|
||||||
|
|
||||||
|
# xterm title
|
||||||
|
PROMPT_XTITLE=$'%{\033]0;%n@%M:%~\007%}'
|
||||||
|
PROMPT="${PROMPT_XTITLE}${PROMPT}"
|
54
config/zsh/components/theme-delta-mod.zsh
Normal file
54
config/zsh/components/theme-delta-mod.zsh
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
# Delta
|
||||||
|
# Reference/Resources:
|
||||||
|
#
|
||||||
|
# Prompt Expansion:
|
||||||
|
# http://zsh.sourceforge.net/Doc/Release/Prompt-Expansion.html
|
||||||
|
# http://unix.stackexchange.com/questions/157693/howto-include-output-of-a-script-into-the-zsh-prompt
|
||||||
|
#
|
||||||
|
# vcs_info
|
||||||
|
# https://github.com/zsh-users/zsh/blob/master/Misc/vcs_info-examples
|
||||||
|
# http://zsh.sourceforge.net/Doc/Release/User-Contributions.html#Version-Control-Information
|
||||||
|
|
||||||
|
delta_prompt_symbol() {
|
||||||
|
if [[ "$1" -eq 0 ]]; then
|
||||||
|
print -n '%F{red}'
|
||||||
|
else
|
||||||
|
print -n '%F{8}'
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
delta_prompt_init() {
|
||||||
|
|
||||||
|
local hostnamevar PRETTY_HOSTNAME CHASSIS LOCATION
|
||||||
|
if [[ -f /etc/machine-info ]]; then
|
||||||
|
. /etc/machine-info
|
||||||
|
if [[ -n $PRETTY_HOSTNAME ]]; then
|
||||||
|
hostnamevar=$PRETTY_HOSTNAME
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [[ -z $hostnamevar ]]; then
|
||||||
|
hostnamevar='%m'
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if [[ -n $SSH_CONNECTION ]]; then
|
||||||
|
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}$hostnamevar %c >%f "
|
||||||
|
else
|
||||||
|
PROMPT=" \$(delta_prompt_symbol \$?)Δ%f %F{8}%c >%f "
|
||||||
|
fi
|
||||||
|
|
||||||
|
zstyle ':vcs_info:*' enable git
|
||||||
|
zstyle ':vcs_info:*' use-simple true
|
||||||
|
zstyle ':vcs_info:git*' formats '%b'
|
||||||
|
zstyle ':vcs_info:git*' actionformats '%b|%a'
|
||||||
|
|
||||||
|
zstyle ':vcs_info:*' max-exports 2
|
||||||
|
}
|
||||||
|
|
||||||
|
delta_prompt_init "$@"
|
||||||
|
|
||||||
|
# xterm title
|
||||||
|
PROMPT_XTITLE=$'%{\033]0;%n@%M:%~\007%}'
|
||||||
|
PROMPT="${PROMPT_XTITLE}${PROMPT}"
|
99
config/zsh/prompt.zsh
Normal file
99
config/zsh/prompt.zsh
Normal file
|
@ -0,0 +1,99 @@
|
||||||
|
# Delta
|
||||||
|
# Reference/Resources:
|
||||||
|
#
|
||||||
|
# Prompt Expansion:
|
||||||
|
# http://zsh.sourceforge.net/Doc/Release/Prompt-Expansion.html
|
||||||
|
# http://unix.stackexchange.com/questions/157693/howto-include-output-of-a-script-into-the-zsh-prompt
|
||||||
|
#
|
||||||
|
# vcs_info
|
||||||
|
# https://github.com/zsh-users/zsh/blob/master/Misc/vcs_info-examples
|
||||||
|
# http://zsh.sourceforge.net/Doc/Release/User-Contributions.html#Version-Control-Information
|
||||||
|
#
|
||||||
|
__shlvl_deep() {
|
||||||
|
[[ $SHLVL -gt 1 ]]
|
||||||
|
}
|
||||||
|
|
||||||
|
delta_prompt_symbol() {
|
||||||
|
if [[ "$1" -eq 0 ]]; then
|
||||||
|
local color
|
||||||
|
if __shlvl_deep; then
|
||||||
|
color=blue
|
||||||
|
else
|
||||||
|
color=red
|
||||||
|
fi
|
||||||
|
print -n "%F{$color}"
|
||||||
|
else
|
||||||
|
print -n '%F{8}'
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
delta_prompt_nix_shell() {
|
||||||
|
if __shlvl_deep; then
|
||||||
|
print -n " %F{cyan}>%F{blue}>%F{8}"
|
||||||
|
tr : '\n' <<<$PATH | grep '^/nix/store' | while read storepath; do
|
||||||
|
print -n " ${${storepath#*-}%/*}"
|
||||||
|
done
|
||||||
|
print -n '%f\n '
|
||||||
|
else
|
||||||
|
print -n ' '
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
delta_prompt_init() {
|
||||||
|
|
||||||
|
local hostnamevar PRETTY_HOSTNAME CHASSIS LOCATION
|
||||||
|
if [[ -f /etc/machine-info ]]; then
|
||||||
|
. /etc/machine-info
|
||||||
|
if [[ -n $PRETTY_HOSTNAME ]]; then
|
||||||
|
hostnamevar=$PRETTY_HOSTNAME
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [[ -z $hostnamevar ]]; then
|
||||||
|
hostnamevar='%m'
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if [[ -n $SSH_CONNECTION ]]; then
|
||||||
|
PROMPT="$(delta_prompt_nix_shell)\$(delta_prompt_symbol \$? red)Δ%f %F{8}$hostnamevar %c >%f "
|
||||||
|
else
|
||||||
|
PROMPT="$(delta_prompt_nix_shell)\$(delta_prompt_symbol \$? red)Δ%f %F{8}%c >%f "
|
||||||
|
fi
|
||||||
|
unfunction delta_prompt_nix_shell
|
||||||
|
|
||||||
|
zstyle ':vcs_info:*' enable git
|
||||||
|
zstyle ':vcs_info:*' use-simple true
|
||||||
|
zstyle ':vcs_info:git*' formats '%b'
|
||||||
|
zstyle ':vcs_info:git*' actionformats '%b|%a'
|
||||||
|
|
||||||
|
zstyle ':vcs_info:*' max-exports 2
|
||||||
|
}
|
||||||
|
|
||||||
|
delta_prompt_git_status() {
|
||||||
|
local message=""
|
||||||
|
local message_color="%F{green}"
|
||||||
|
|
||||||
|
# https://git-scm.com/docs/git-status#_short_format
|
||||||
|
local staged=$(git status --porcelain 2>/dev/null | grep -e "^[MADRCU]")
|
||||||
|
local unstaged=$(git status --porcelain 2>/dev/null | grep -e "^[MADRCU? ][MADRCU?]")
|
||||||
|
|
||||||
|
if [[ -n ${staged} ]]; then
|
||||||
|
message_color="%F{red}"
|
||||||
|
elif [[ -n ${unstaged} ]]; then
|
||||||
|
message_color="%F{yellow}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
local branch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
|
||||||
|
if [[ -n ${branch} ]]; then
|
||||||
|
message+="${message_color}${branch}%f"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo -n "${message}"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
delta_prompt_init "$@"
|
||||||
|
|
||||||
|
# xterm title
|
||||||
|
PROMPT_XTITLE=$'%{\033]0;%n@%M:%~\007%}'
|
||||||
|
PROMPT="${PROMPT_XTITLE}${PROMPT}"
|
||||||
|
RPROMPT='$(delta_prompt_git_status)'
|
188
flake.lock
Normal file
188
flake.lock
Normal file
|
@ -0,0 +1,188 @@
|
||||||
|
{
|
||||||
|
"nodes": {
|
||||||
|
"agenix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1620877075,
|
||||||
|
"narHash": "sha256-XvgTqtmQZHegu9UMDSR50gK5cHEM2gbnRH0qecmdN54=",
|
||||||
|
"owner": "ryantm",
|
||||||
|
"repo": "agenix",
|
||||||
|
"rev": "e543aa7d68f222e1e771165da9e9a64b5bf7b3e3",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "ryantm",
|
||||||
|
"repo": "agenix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"deploy-rs": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-compat": "flake-compat",
|
||||||
|
"naersk": [
|
||||||
|
"naersk"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"utils": "utils"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1621509262,
|
||||||
|
"narHash": "sha256-XyCLtTVTQPXM5LXA1vffP27/tWwEn9VVESESHYNNMFA=",
|
||||||
|
"owner": "serokell",
|
||||||
|
"repo": "deploy-rs",
|
||||||
|
"rev": "d2d05e1357b84d5d70a3acba866c01eca2e4e2aa",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "serokell",
|
||||||
|
"repo": "deploy-rs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-compat": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1606424373,
|
||||||
|
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "flake-compat",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"home-manager": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1622678600,
|
||||||
|
"narHash": "sha256-mDNqOvtiZs6HuNxkfMUGhmUwAbQxdOyqecf0rVGq7h0=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "95da56b783e4ccc8ded71137e4add780b239dd46",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"lowdown-src": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1617481909,
|
||||||
|
"narHash": "sha256-SqnfOFuLuVRRNeVJr1yeEPJue/qWoCp5N6o5Kr///p4=",
|
||||||
|
"owner": "kristapsdz",
|
||||||
|
"repo": "lowdown",
|
||||||
|
"rev": "148f9b2f586c41b7e36e73009db43ea68c7a1a4d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "kristapsdz",
|
||||||
|
"ref": "VERSION_0_8_4",
|
||||||
|
"repo": "lowdown",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"naersk": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1620316130,
|
||||||
|
"narHash": "sha256-sU0VS5oJS1FsHsZsLELAXc7G2eIelVuucRw+q5B1x9k=",
|
||||||
|
"owner": "nmattia",
|
||||||
|
"repo": "naersk",
|
||||||
|
"rev": "a3f40fe42cc6d267ff7518fa3199e99ff1444ac4",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nmattia",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "naersk",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nix-super-unstable": {
|
||||||
|
"inputs": {
|
||||||
|
"lowdown-src": "lowdown-src",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1622633535,
|
||||||
|
"narHash": "sha256-EelxH4BcFDowm5+c8Kl6wUTyvP6LhMpzoOS6r559oHo=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nix",
|
||||||
|
"rev": "bb066409719f3b0e820115a3f89589457bf7f500",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1622622179,
|
||||||
|
"narHash": "sha256-XCw/9QDuj9J6prVR8YrteTcFKj2sRWYIjwgs8qOOrYQ=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "eaba7870ffc3400eca4407baa24184b7fe337ec1",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-21.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": {
|
||||||
|
"inputs": {
|
||||||
|
"agenix": "agenix",
|
||||||
|
"deploy-rs": "deploy-rs",
|
||||||
|
"home-manager": "home-manager",
|
||||||
|
"naersk": "naersk",
|
||||||
|
"nix-super-unstable": "nix-super-unstable",
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"utils": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1610051610,
|
||||||
|
"narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"root": "root",
|
||||||
|
"version": 7
|
||||||
|
}
|
78
flake.nix
Normal file
78
flake.nix
Normal file
|
@ -0,0 +1,78 @@
|
||||||
|
{
|
||||||
|
description = "Private Void system configurations";
|
||||||
|
|
||||||
|
nixConfig = {
|
||||||
|
substituters = [ "https://cache.privatevoid.net" ];
|
||||||
|
trusted-public-keys = ["cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg="];
|
||||||
|
};
|
||||||
|
|
||||||
|
inputs = {
|
||||||
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.05";
|
||||||
|
|
||||||
|
nix-super-unstable.url = "github:NixOS/nix";
|
||||||
|
nix-super-unstable.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
|
home-manager.url = "github:nix-community/home-manager/master";
|
||||||
|
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
|
deploy-rs.url = "github:serokell/deploy-rs";
|
||||||
|
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
deploy-rs.inputs.naersk.follows = "naersk";
|
||||||
|
|
||||||
|
# re-pin naersk to fix deprecation warning in deploy-rs
|
||||||
|
naersk.url = "github:nmattia/naersk/master";
|
||||||
|
naersk.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
|
agenix.url = "github:ryantm/agenix";
|
||||||
|
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
outputs = { self, nixpkgs, home-manager, ... }@inputs:
|
||||||
|
let
|
||||||
|
inherit (nixpkgs) lib;
|
||||||
|
system = "x86_64-linux";
|
||||||
|
pkgs = import nixpkgs {
|
||||||
|
inherit system;
|
||||||
|
};
|
||||||
|
|
||||||
|
deploy-rs-lib = inputs.deploy-rs.lib.${system};
|
||||||
|
agenixModule = inputs.agenix.nixosModules.age;
|
||||||
|
|
||||||
|
aspect = import ./modules inputs;
|
||||||
|
hosts = import ./hosts;
|
||||||
|
specialArgs = { inherit inputs hosts aspect; };
|
||||||
|
mkNixOS' = lib: name: lib.nixosSystem {
|
||||||
|
inherit system;
|
||||||
|
inherit specialArgs;
|
||||||
|
modules = [ hosts."${name}".nixos ];
|
||||||
|
};
|
||||||
|
mkNixOS = mkNixOS' lib;
|
||||||
|
in {
|
||||||
|
nixosModules = aspect.modules;
|
||||||
|
nixosConfigurations =
|
||||||
|
(lib.genAttrs [ "styx" ] mkNixOS);
|
||||||
|
|
||||||
|
deploy.nodes = with deploy-rs-lib; {
|
||||||
|
styx = {
|
||||||
|
hostname = "styx.services.privatevoid.net";
|
||||||
|
profiles.system = {
|
||||||
|
user = "root";
|
||||||
|
path = activate.nixos self.nixosConfigurations.styx;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
packages.${system} = import ./packages {
|
||||||
|
inherit pkgs inputs;
|
||||||
|
};
|
||||||
|
|
||||||
|
defaultApp.${system} = {
|
||||||
|
type = "app";
|
||||||
|
program = self.packages.${system}.flake-installer.outPath;
|
||||||
|
};
|
||||||
|
|
||||||
|
hydraJobs = {
|
||||||
|
systems.${system} = lib.mapAttrs (_: x: x.config.system.build.toplevel) self.nixosConfigurations;
|
||||||
|
packages = self.packages;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
22
hosts/default.nix
Normal file
22
hosts/default.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
let
|
||||||
|
tools = import ./tools.nix;
|
||||||
|
in with tools.dns; {
|
||||||
|
|
||||||
|
# NixOS machines
|
||||||
|
styx = import ./styx tools;
|
||||||
|
|
||||||
|
# Non-NixOS machine metadata
|
||||||
|
VEGAS = {
|
||||||
|
ssh.id = {
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICz2nGA+Y4OxhMKsV6vKIns3hOoBkK557712h7FfWXcE";
|
||||||
|
hostNames = subResolve "vegas" "backbone";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
AnimusAlpha = let hostNames = [ "alpha.animus.com" "animus.com" ]; in {
|
||||||
|
ssh.id = {
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGpFR47Ev+W+bdng6IrDVpl8rlKBBHSr1v5lwJmZcEFH";
|
||||||
|
hostNames = portMap 69 hostNames;
|
||||||
|
};
|
||||||
|
ssh.extraConfig = tools.ssh.extraConfig hostNames [ "Port 69" ];
|
||||||
|
};
|
||||||
|
}
|
7
hosts/styx/default.nix
Normal file
7
hosts/styx/default.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
tools: {
|
||||||
|
ssh.id = with tools.dns; {
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYLrmiuPK77cw71QNzG2zaWs6gsxmYuLyqsUrWMYLnk";
|
||||||
|
hostNames = subResolve "styx" "services";
|
||||||
|
};
|
||||||
|
nixos = import ./system.nix;
|
||||||
|
}
|
17
hosts/styx/system.nix
Normal file
17
hosts/styx/system.nix
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
{ config, pkgs, modulesPath, aspect, inputs, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
(modulesPath + "/virtualisation/lxc-container.nix")
|
||||||
|
inputs.agenix.nixosModules.age
|
||||||
|
]
|
||||||
|
++ (import ../../users "server").groups.admin
|
||||||
|
++ aspect.sets.server
|
||||||
|
++ (with aspect.modules; [ hydra ]);
|
||||||
|
|
||||||
|
networking.hostName = "styx";
|
||||||
|
networking.firewall.enable = false;
|
||||||
|
|
||||||
|
nix.trustedUsers = [ "root" "@wheel" ];
|
||||||
|
|
||||||
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
}
|
32
hosts/tools.nix
Normal file
32
hosts/tools.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
{
|
||||||
|
dns = rec {
|
||||||
|
findSvc = name: [
|
||||||
|
"any.${name}"
|
||||||
|
"local.${name}"
|
||||||
|
"tunnel.${name}"
|
||||||
|
"wired.${name}"
|
||||||
|
"wireless.${name}"
|
||||||
|
"*.if.${name}"
|
||||||
|
];
|
||||||
|
findResolve = list: dnameResolve (append "find" list) ++ append "f.void" list;
|
||||||
|
dnameResolve = list: append "private.void" list ++ append "privatevoid.net" list;
|
||||||
|
vpnResolve = list: dnameResolve (append "vpn" list);
|
||||||
|
llmnrResolve = append "local";
|
||||||
|
append = part: map (x: "${x}.${part}");
|
||||||
|
portMap = port: map (x: "[${x}]:${builtins.toString port}");
|
||||||
|
as = x: [x];
|
||||||
|
|
||||||
|
clientResolve = x: [x] ++
|
||||||
|
findResolve (findSvc x) ++
|
||||||
|
vpnResolve [x] ++
|
||||||
|
llmnrResolve [x];
|
||||||
|
|
||||||
|
subResolve = name: sub: [name] ++ dnameResolve ["${name}.${sub}"];
|
||||||
|
};
|
||||||
|
ssh = {
|
||||||
|
extraConfig = patterns: config: with builtins; let
|
||||||
|
match = "Host ${concatStringsSep " " patterns}";
|
||||||
|
indent = map (x: " " + x) config;
|
||||||
|
in concatStringsSep "\n" ([match] ++ indent);
|
||||||
|
};
|
||||||
|
}
|
20
modules/autopatch/default.nix
Normal file
20
modules/autopatch/default.nix
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
{
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super:
|
||||||
|
(let
|
||||||
|
patched = import ../../packages/patched-derivations.nix super;
|
||||||
|
in {
|
||||||
|
|
||||||
|
ipfs = patched.lain-ipfs;
|
||||||
|
|
||||||
|
hydra-unstable = patched.hydra;
|
||||||
|
|
||||||
|
} // lib.optionalAttrs config.krb5.enable {
|
||||||
|
bind = patched.kerberized-bind;
|
||||||
|
dnsutils = patched.kerberized-dnsutils;
|
||||||
|
dig = patched.kerberized-dig;
|
||||||
|
})
|
||||||
|
)
|
||||||
|
];
|
||||||
|
}
|
30
modules/default.nix
Normal file
30
modules/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
inputs:
|
||||||
|
with builtins;
|
||||||
|
let
|
||||||
|
aspects = {
|
||||||
|
autopatch = import ./autopatch;
|
||||||
|
enterprise = import ./enterprise;
|
||||||
|
hydra = import ./hydra;
|
||||||
|
ipfs-lain = import ./ipfs-lain;
|
||||||
|
nix-builder = import ./nix-builder;
|
||||||
|
nix-config = import ./nix-config;
|
||||||
|
nix-config-server = import ./nix-config/server.nix;
|
||||||
|
nix-register-flakes = import ./nix-register-flakes;
|
||||||
|
shell-config = import ./shell-config;
|
||||||
|
ssh = import ./ssh;
|
||||||
|
};
|
||||||
|
in rec {
|
||||||
|
modules = aspects;
|
||||||
|
sets = with modules; rec {
|
||||||
|
base = [
|
||||||
|
autopatch
|
||||||
|
enterprise
|
||||||
|
];
|
||||||
|
|
||||||
|
networking = [ ssh ];
|
||||||
|
|
||||||
|
server = [
|
||||||
|
nix-config-server
|
||||||
|
] ++ base ++ networking;
|
||||||
|
};
|
||||||
|
}
|
30
modules/enterprise/default.nix
Normal file
30
modules/enterprise/default.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{ pkgs, config, inputs, ... }:
|
||||||
|
let
|
||||||
|
orgDomain = "privatevoid.net";
|
||||||
|
orgRealm = "PRIVATEVOID.NET";
|
||||||
|
in {
|
||||||
|
krb5 = {
|
||||||
|
enable = true;
|
||||||
|
domain_realm = {
|
||||||
|
${orgDomain} = orgRealm;
|
||||||
|
".${orgDomain}" = orgRealm;
|
||||||
|
};
|
||||||
|
libdefaults = {
|
||||||
|
default_realm = orgRealm;
|
||||||
|
dns_lookup_kdc = true;
|
||||||
|
rdns = false;
|
||||||
|
forwardable = true;
|
||||||
|
default_ccache_name = "KEYRING:persistent:%{uid}";
|
||||||
|
pkinit_anchors = "FILE:${inputs.self.packages.x86_64-linux.privatevoid-smart-card-ca-bundle}";
|
||||||
|
};
|
||||||
|
realms = {
|
||||||
|
"${orgRealm}" = rec {
|
||||||
|
kdc = "authsys.virtual-machines.privatevoid.net";
|
||||||
|
admin_server = kdc;
|
||||||
|
kpasswd_server = kdc;
|
||||||
|
default_domain = orgDomain;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.pcscd.enable = true;
|
||||||
|
}
|
13
modules/hardened/default.nix
Normal file
13
modules/hardened/default.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
boot.kernel.sysctl = {
|
||||||
|
"kernel.yama.ptrace_scope" = 1;
|
||||||
|
"kernel.kptr_restrict" = 2;
|
||||||
|
|
||||||
|
"net.ipv4.conf.all.rp_filter" = 1;
|
||||||
|
"net.ipv4.conf.default.rp_filter" = 1;
|
||||||
|
|
||||||
|
"net.ipv4.conf.all.send_redirects" = false;
|
||||||
|
"net.ipv4.conf.default.send_redirects" = false;
|
||||||
|
};
|
||||||
|
}
|
63
modules/hydra/default.nix
Normal file
63
modules/hydra/default.nix
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
{
|
||||||
|
age.secrets = {
|
||||||
|
hydraS3 = {
|
||||||
|
file = ../../secrets/hydra-s3.age;
|
||||||
|
group = "hydra";
|
||||||
|
mode = "0440";
|
||||||
|
};
|
||||||
|
} // lib.mapAttrs' (k: v: lib.nameValuePair "hydra-database-credentials-for-${k}" v)
|
||||||
|
(lib.genAttrs [ "hydra-queue-runner" "hydra-www" "hydra" ]
|
||||||
|
(x:
|
||||||
|
{
|
||||||
|
file = ../../secrets/hydra-db-credentials.age;
|
||||||
|
group = "hydra";
|
||||||
|
owner = x;
|
||||||
|
mode = "0400";
|
||||||
|
}
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
services.hydra = {
|
||||||
|
enable = true;
|
||||||
|
dbi = "dbi:Pg:dbname=hydra;host=10.1.0.1;user=hydra;";
|
||||||
|
hydraURL = "https://hydra.privatevoid.net";
|
||||||
|
notificationSender = "hydra@privatevoid.net";
|
||||||
|
buildMachinesFiles = [ "/etc/nix/hydra-machines" ];
|
||||||
|
useSubstitutes = true;
|
||||||
|
extraConfig = ''
|
||||||
|
store_uri = s3://nix-store?scheme=https&endpoint=object-storage.privatevoid.net&secret-key=/etc/hydra/bincache.key
|
||||||
|
server_store_uri = https://cache.privatevoid.net
|
||||||
|
'';
|
||||||
|
extraEnv = {
|
||||||
|
AWS_SHARED_CREDENTIALS_FILE = config.age.secrets.hydraS3.path;
|
||||||
|
PGPASSFILE = config.age.secrets."hydra-database-credentials-for-hydra".path;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# override weird hydra module stuff
|
||||||
|
|
||||||
|
systemd.services = {
|
||||||
|
hydra-send-stats = lib.mkForce {};
|
||||||
|
} // lib.genAttrs [ "hydra-notify" "hydra-queue-runner" "hydra-server" ]
|
||||||
|
(x: let
|
||||||
|
name = if x == "hydra-server" then "hydra-www" else
|
||||||
|
if x == "hydra-notify" then "hydra-queue-runner" else x;
|
||||||
|
in {
|
||||||
|
environment = {
|
||||||
|
PGPASSFILE = lib.mkForce config.age.secrets."hydra-database-credentials-for-${name}".path;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
nix.extraOptions = lib.mkForce ''
|
||||||
|
allowed-uris = https://git.privatevoid.net
|
||||||
|
keep-outputs = true
|
||||||
|
keep-derivations = true
|
||||||
|
'';
|
||||||
|
|
||||||
|
programs.ssh.knownHosts.git = {
|
||||||
|
hostNames = [ "git" "git.services.privatevoid.net" ];
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC0rChVEO9Qt7hr7vyiyOP7N45CjaxssFCZNOPCszEQi";
|
||||||
|
};
|
||||||
|
}
|
22
modules/ipfs-lain/default.nix
Normal file
22
modules/ipfs-lain/default.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
services.ipfs = {
|
||||||
|
enable = true;
|
||||||
|
extraConfig = {
|
||||||
|
Bootstrap = [
|
||||||
|
"/ip4/95.216.8.12/tcp/4001/p2p/Qmd7QHZU8UjfYdwmjmq1SBh9pvER9AwHpfwQvnvNo3HBBo"
|
||||||
|
"/ip4/34.75.66.204/tcp/4001/p2p/QmUDwdaJthQkxgoHN1QQFvj4jR12A2nGQMXxYJEqtPMsYJ"
|
||||||
|
"/ip4/35.233.49.84/tcp/4001/p2p/QmTuZN9VtqiVWjcqTkRAUnRWYurwFbC6j9E2gvnMs5XEFy"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.ipfs.environment.LIBP2P_FORCE_PNET = "1";
|
||||||
|
|
||||||
|
environment.shellAliases = {
|
||||||
|
ipfs =
|
||||||
|
"doas -u ${config.services.ipfs.user} env IPFS_PATH=${config.services.ipfs.dataDir} ipfs";
|
||||||
|
f =
|
||||||
|
"doas -u ${config.services.ipfs.user} env IPFS_PATH=${config.services.ipfs.dataDir} ipfs files";
|
||||||
|
};
|
||||||
|
}
|
14
modules/nix-builder/default.nix
Normal file
14
modules/nix-builder/default.nix
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
nix.trustedUsers = [ "nix" ];
|
||||||
|
users.users.nix = {
|
||||||
|
isSystemUser = true;
|
||||||
|
description = "Nix Remote Build";
|
||||||
|
home = "/var/tmp/nix-remote-builder";
|
||||||
|
createHome = true;
|
||||||
|
useDefaultShell = true;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBa9gDXWdp7Kqzbjz9Zchu91ZoYcBD6AbjvuktYA//yg"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
71
modules/nix-config/default.nix
Normal file
71
modules/nix-config/default.nix
Normal file
|
@ -0,0 +1,71 @@
|
||||||
|
{ pkgs, config, inputs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
builder = {
|
||||||
|
systems = [ "x86_64-linux" "i686-linux" ];
|
||||||
|
speedFactor = 500;
|
||||||
|
supportedFeatures = [ "benchmark" "nixos-test" ];
|
||||||
|
sshKey = config.age.secrets.nixBuilderKey.path;
|
||||||
|
};
|
||||||
|
bigBuilder = builder // {
|
||||||
|
speedFactor = 1000;
|
||||||
|
supportedFeatures = builder.supportedFeatures ++ [ "kvm" "big-parallel" ];
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
age.secrets.nixBuilderKey = {
|
||||||
|
file = ../../secrets/builder_key.age;
|
||||||
|
mode = "0400";
|
||||||
|
};
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(self: super: {
|
||||||
|
nixSuperUnstable = inputs.self.packages.x86_64-linux.nix-super-unstable;
|
||||||
|
})
|
||||||
|
];
|
||||||
|
nix = {
|
||||||
|
package = pkgs.nixSuperUnstable;
|
||||||
|
|
||||||
|
trustedUsers = [ "root" "@wheel" ];
|
||||||
|
|
||||||
|
extraOptions = ''
|
||||||
|
experimental-features = nix-command flakes ca-references
|
||||||
|
warn-dirty = false
|
||||||
|
builders-use-substitutes = true
|
||||||
|
flake-registry = ${
|
||||||
|
pkgs.writeText "null-registry.json" ''{"flakes":[],"version":2}''
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
|
||||||
|
binaryCaches = [ "https://cache.privatevoid.net" ];
|
||||||
|
binaryCachePublicKeys = [ "cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg=" ];
|
||||||
|
|
||||||
|
autoOptimiseStore = true;
|
||||||
|
|
||||||
|
gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 30d";
|
||||||
|
};
|
||||||
|
|
||||||
|
distributedBuilds = true;
|
||||||
|
|
||||||
|
buildMachines = [
|
||||||
|
(bigBuilder // {
|
||||||
|
sshUser = "root";
|
||||||
|
hostName = "styx.services.private.void";
|
||||||
|
speedFactor = 2000;
|
||||||
|
maxJobs = 2;
|
||||||
|
})
|
||||||
|
(bigBuilder // {
|
||||||
|
sshUser = "nix";
|
||||||
|
hostName = "wired.titan.find.private.void";
|
||||||
|
maxJobs = 12;
|
||||||
|
})
|
||||||
|
(bigBuilder // {
|
||||||
|
sshUser = "nixbuilder";
|
||||||
|
hostName = "animus.com";
|
||||||
|
speedFactor = 3000;
|
||||||
|
maxJobs = 4;
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
29
modules/nix-config/server.nix
Normal file
29
modules/nix-config/server.nix
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
let
|
||||||
|
fixPriority = x: if config.services.hydra.enable
|
||||||
|
then lib.mkForce x
|
||||||
|
else x;
|
||||||
|
in {
|
||||||
|
nix = {
|
||||||
|
package = pkgs.nixUnstable;
|
||||||
|
|
||||||
|
extraOptions = fixPriority ''
|
||||||
|
experimental-features = nix-command flakes ca-references
|
||||||
|
builders-use-substitutes = true
|
||||||
|
flake-registry = ${
|
||||||
|
pkgs.writeText "null-registry.json" ''{"flakes":[],"version":2}''
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
|
||||||
|
binaryCaches = [ "https://cache.privatevoid.net" ];
|
||||||
|
binaryCachePublicKeys = [ "cache.privatevoid.net:SErQ8bvNWANeAvtsOESUwVYr2VJynfuc9JRwlzTTkVg=" ];
|
||||||
|
|
||||||
|
autoOptimiseStore = true;
|
||||||
|
|
||||||
|
gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 30d";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
23
modules/nix-register-flakes/default.nix
Normal file
23
modules/nix-register-flakes/default.nix
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
{ config, inputs, ... }:
|
||||||
|
|
||||||
|
with inputs;
|
||||||
|
{
|
||||||
|
nix.nixPath = [
|
||||||
|
"repl=/etc/nixos/flake-channels/system/repl.nix"
|
||||||
|
"nixpkgs=/etc/nixos/flake-channels/nixpkgs"
|
||||||
|
"home-manager=/etc/nixos/flake-channels/home-manager"
|
||||||
|
];
|
||||||
|
|
||||||
|
nix.registry = {
|
||||||
|
system.flake = self;
|
||||||
|
nixpkgs.flake = nixpkgs;
|
||||||
|
default.flake = nixpkgs;
|
||||||
|
home-manager.flake = home-manager;
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.etc = {
|
||||||
|
"nixos/flake-channels/system".source = inputs.self;
|
||||||
|
"nixos/flake-channels/nixpkgs".source = nixpkgs;
|
||||||
|
"nixos/flake-channels/home-manager".source = home-manager;
|
||||||
|
};
|
||||||
|
}
|
74
modules/shell-config/default.nix
Normal file
74
modules/shell-config/default.nix
Normal file
|
@ -0,0 +1,74 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
let
|
||||||
|
component = name: builtins.readFile (builtins.toString ../../config/zsh/components + "/${name}.zsh");
|
||||||
|
|
||||||
|
snippets = map component [
|
||||||
|
"console-256color"
|
||||||
|
"fuzzy-tab"
|
||||||
|
"magic-space"
|
||||||
|
"navigation"
|
||||||
|
] ++ [
|
||||||
|
"source ${pkgs.fzf}/share/fzf/key-bindings.zsh"
|
||||||
|
];
|
||||||
|
in {
|
||||||
|
environment.shellAliases = {
|
||||||
|
cat = "${pkgs.bat} -p";
|
||||||
|
doas = "doas ";
|
||||||
|
ip = "ip -c";
|
||||||
|
ls = "${pkgs.lsd}";
|
||||||
|
sudo = "sudo ";
|
||||||
|
tree = "${pkgs.lsd} --tree";
|
||||||
|
uctl = "systemctl --user";
|
||||||
|
nix-repl = "nix repl '<repl>'";
|
||||||
|
};
|
||||||
|
programs = {
|
||||||
|
zsh = {
|
||||||
|
enable = true;
|
||||||
|
histFile = "$HOME/.cache/zsh_history";
|
||||||
|
histSize = 15000;
|
||||||
|
setOptions = [
|
||||||
|
"autocd"
|
||||||
|
"autopushd"
|
||||||
|
"globcomplete"
|
||||||
|
"globstarshort"
|
||||||
|
"histexpiredupsfirst"
|
||||||
|
"histfcntllock"
|
||||||
|
"histignoredups"
|
||||||
|
"histnofunctions"
|
||||||
|
"histnostore"
|
||||||
|
"histreduceblanks"
|
||||||
|
"histverify"
|
||||||
|
"interactivecomments"
|
||||||
|
"monitor"
|
||||||
|
"nobadpattern"
|
||||||
|
"promptsubst"
|
||||||
|
"sharehistory"
|
||||||
|
"zle"
|
||||||
|
];
|
||||||
|
|
||||||
|
vteIntegration = true;
|
||||||
|
|
||||||
|
promptInit = builtins.readFile ../../config/zsh/prompt.zsh;
|
||||||
|
interactiveShellInit = builtins.concatStringsSep "\n" snippets;
|
||||||
|
enableCompletion = true;
|
||||||
|
autosuggestions.enable = true;
|
||||||
|
syntaxHighlighting = {
|
||||||
|
enable = true;
|
||||||
|
highlighters = [ "main" "pattern" ];
|
||||||
|
styles = {
|
||||||
|
"precommand" = "fg=33";
|
||||||
|
"arg0" = "fg=39";
|
||||||
|
"single-hyphen-option" = "fg=229";
|
||||||
|
"double-hyphen-option" = "fg=228";
|
||||||
|
"path" = "none";
|
||||||
|
};
|
||||||
|
|
||||||
|
# these are aliases, highlight them properly regardless
|
||||||
|
patterns = {
|
||||||
|
"doas" = "fg=33";
|
||||||
|
"sudo" = "fg=33";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
14
modules/ssh/default.nix
Normal file
14
modules/ssh/default.nix
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
{ hosts, config, lib, ... }:
|
||||||
|
let
|
||||||
|
filtered = lib.filterAttrs (_: host: host ? ssh) hosts;
|
||||||
|
idCapable = lib.filterAttrs (_: host: host.ssh ? id) filtered;
|
||||||
|
configCapable = lib.filterAttrs (_: host: host.ssh ? extraConfig) filtered;
|
||||||
|
|
||||||
|
sshHosts = lib.mapAttrs (_: host: host.ssh.id) idCapable;
|
||||||
|
sshExtras = lib.mapAttrsToList (_: host: host.ssh.extraConfig) configCapable;
|
||||||
|
in {
|
||||||
|
programs.ssh = {
|
||||||
|
knownHosts = sshHosts;
|
||||||
|
extraConfig = builtins.concatStringsSep "\n" sshExtras;
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,7 @@
|
||||||
|
{ fetchurl }:
|
||||||
|
|
||||||
|
fetchurl {
|
||||||
|
url =
|
||||||
|
"https://export.privatevoid.net/Certificates/PRIVATEVOID.NET__Private_Void_Smart_Card_Authority-bundle-s12.pem";
|
||||||
|
sha256 = "3939eb6512e5675bb27028f9bf9892dbb1d1a60b014f4537f8d2b6180deece68";
|
||||||
|
}
|
8
packages/default.nix
Normal file
8
packages/default.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
{ pkgs, inputs }@args:
|
||||||
|
let
|
||||||
|
patched-derivations = import ./patched-derivations.nix pkgs;
|
||||||
|
patched-inputs = import ./patched-inputs.nix args;
|
||||||
|
packages = import ./packages.nix args;
|
||||||
|
in patched-derivations
|
||||||
|
// patched-inputs
|
||||||
|
// packages
|
27
packages/lib/tools.nix
Normal file
27
packages/lib/tools.nix
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
rec {
|
||||||
|
dirfilter = type: path:
|
||||||
|
(let root = builtins.readDir path;
|
||||||
|
in builtins.filter (x: builtins.getAttr x root == type)
|
||||||
|
(builtins.attrNames root));
|
||||||
|
|
||||||
|
absolutify = path: ../../. + ("/" + path);
|
||||||
|
mkpatchlist = pkg:
|
||||||
|
map (patch: absolutify (builtins.concatStringsSep "/" [ pkg patch ]))
|
||||||
|
(dirfilter "regular" (absolutify pkg));
|
||||||
|
|
||||||
|
patch = super: patchdir:
|
||||||
|
super.overrideAttrs
|
||||||
|
(attrs: { patches = (attrs.patches or [ ]) ++ (mkpatchlist patchdir); });
|
||||||
|
|
||||||
|
patch-rename = super: pname: patchdir:
|
||||||
|
super.overrideAttrs (attrs: {
|
||||||
|
patches = (attrs.patches or [ ]) ++ (mkpatchlist patchdir);
|
||||||
|
inherit pname;
|
||||||
|
});
|
||||||
|
|
||||||
|
patch-rename-direct = super: renameWith: patchdir:
|
||||||
|
super.overrideAttrs (attrs: {
|
||||||
|
patches = (attrs.patches or [ ]) ++ (mkpatchlist patchdir);
|
||||||
|
name = renameWith attrs;
|
||||||
|
});
|
||||||
|
}
|
3
packages/packages.nix
Normal file
3
packages/packages.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
{ pkgs, ... }: {
|
||||||
|
privatevoid-smart-card-ca-bundle = pkgs.callPackage ./data/privatevoid-smart-card-certificate-authority-bundle.nix { };
|
||||||
|
}
|
14
packages/patched-derivations.nix
Normal file
14
packages/patched-derivations.nix
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
let tools = import ./lib/tools.nix;
|
||||||
|
in with tools;
|
||||||
|
super: rec {
|
||||||
|
kerberized-bind = super.bind.overrideAttrs (attrs: {
|
||||||
|
configureFlags = attrs.configureFlags ++ [ "--with-gssapi=${super.krb5.dev}" ];
|
||||||
|
buildInputs = attrs.buildInputs ++ [ super.krb5 ];
|
||||||
|
});
|
||||||
|
kerberized-dnsutils = kerberized-bind.dnsutils;
|
||||||
|
kerberized-dig = kerberized-bind.dnsutils;
|
||||||
|
|
||||||
|
hydra = patch super.hydra-unstable "patches/base/hydra";
|
||||||
|
|
||||||
|
lain-ipfs = patch-rename super.ipfs "lain-ipfs" "patches/base/ipfs";
|
||||||
|
}
|
19
packages/patched-inputs.nix
Normal file
19
packages/patched-inputs.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
let tools = import ./lib/tools.nix;
|
||||||
|
in with tools;
|
||||||
|
{ inputs, pkgs, ... }: rec {
|
||||||
|
deploy-rs = patch inputs.deploy-rs.packages.x86_64-linux.deploy-rs "patches/custom/deploy-rs";
|
||||||
|
|
||||||
|
nix-super-unstable = let
|
||||||
|
system = "x86_64-linux";
|
||||||
|
pkgs = import inputs.nixpkgs { inherit system;
|
||||||
|
overlays = [
|
||||||
|
inputs.nix-super-unstable.overlay
|
||||||
|
(self: super: rec {
|
||||||
|
nixSuperUnstable = patch-rename-direct super.nix (attrs: "nix-super-unstable-${attrs.version}") "patches/base/nix";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in pkgs.nixSuperUnstable;
|
||||||
|
|
||||||
|
agenix = inputs.agenix.packages.x86_64-linux.agenix.override { nix = nix-super-unstable; };
|
||||||
|
}
|
12
patches/base/hydra/fix-queue-runner-hang.patch
Normal file
12
patches/base/hydra/fix-queue-runner-hang.patch
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
diff --git a/src/hydra-queue-runner/queue-monitor.cc b/src/hydra-queue-runner/queue-monitor.cc
|
||||||
|
--- a/src/hydra-queue-runner/queue-monitor.cc
|
||||||
|
+++ b/src/hydra-queue-runner/queue-monitor.cc
|
||||||
|
@@ -42,7 +42,7 @@ void State::queueMonitorLoop()
|
||||||
|
|
||||||
|
/* Sleep until we get notification from the database about an
|
||||||
|
event. */
|
||||||
|
if (done && !quit) {
|
||||||
|
- conn->await_notification();
|
||||||
|
+ conn->await_notification(5*60, 0);
|
||||||
|
nrQueueWakeups++;
|
||||||
|
} else
|
14
patches/base/ipfs/ipfs-allow-publish-with-ipns-mounted.patch
Normal file
14
patches/base/ipfs/ipfs-allow-publish-with-ipns-mounted.patch
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
diff --git a/core/coreapi/coreapi.go b/core/coreapi/coreapi.go
|
||||||
|
index 5b638826b..32747fe53 100644
|
||||||
|
--- a/core/coreapi/coreapi.go
|
||||||
|
+++ b/core/coreapi/coreapi.go
|
||||||
|
@@ -191,9 +191,6 @@ func (api *CoreAPI) WithOptions(opts ...options.ApiOption) (coreiface.CoreAPI, e
|
||||||
|
}
|
||||||
|
|
||||||
|
subApi.checkPublishAllowed = func() error {
|
||||||
|
- if n.Mounts.Ipns != nil && n.Mounts.Ipns.IsActive() {
|
||||||
|
- return errors.New("cannot manually publish while IPNS is mounted")
|
||||||
|
- }
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
23
patches/base/ipfs/ipfs-fuse-big-chunks.patch
Normal file
23
patches/base/ipfs/ipfs-fuse-big-chunks.patch
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
diff --git a/fuse/mount/fuse.go b/fuse/mount/fuse.go
|
||||||
|
index c317f5e7d..6e3951757 100644
|
||||||
|
--- a/fuse/mount/fuse.go
|
||||||
|
+++ b/fuse/mount/fuse.go
|
||||||
|
@@ -33,11 +33,15 @@ func NewMount(p goprocess.Process, fsys fs.FS, mountpoint string, allow_other bo
|
||||||
|
var conn *fuse.Conn
|
||||||
|
var err error
|
||||||
|
|
||||||
|
+ var mountOpts = []fuse.MountOption{
|
||||||
|
+ fuse.MaxReadahead(64*1024*1024),
|
||||||
|
+ fuse.AsyncRead(),
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if allow_other {
|
||||||
|
- conn, err = fuse.Mount(mountpoint, fuse.AllowOther())
|
||||||
|
- } else {
|
||||||
|
- conn, err = fuse.Mount(mountpoint)
|
||||||
|
+ mountOpts = append(mountOpts,fuse.AllowOther())
|
||||||
|
}
|
||||||
|
+ conn, err = fuse.Mount(mountpoint, mountOpts...)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
43
patches/base/ipfs/ipfs-fuse-cache-child-nodes.patch
Normal file
43
patches/base/ipfs/ipfs-fuse-cache-child-nodes.patch
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
diff --git a/fuse/readonly/readonly_unix.go b/fuse/readonly/readonly_unix.go
|
||||||
|
index 866cdca1a..3a2269393 100644
|
||||||
|
--- a/fuse/readonly/readonly_unix.go
|
||||||
|
+++ b/fuse/readonly/readonly_unix.go
|
||||||
|
@@ -73,7 +73,7 @@ func (s *Root) Lookup(ctx context.Context, name string) (fs.Node, error) {
|
||||||
|
|
||||||
|
switch nd := nd.(type) {
|
||||||
|
case *mdag.ProtoNode, *mdag.RawNode:
|
||||||
|
- return &Node{Ipfs: s.Ipfs, Nd: nd}, nil
|
||||||
|
+ return &Node{Ipfs: s.Ipfs, Nd: nd, children: make(map[string]fs.Node)}, nil
|
||||||
|
default:
|
||||||
|
log.Error("fuse node was not a protobuf node")
|
||||||
|
return nil, fuse.ENOTSUP
|
||||||
|
@@ -92,6 +92,7 @@ type Node struct {
|
||||||
|
Ipfs *core.IpfsNode
|
||||||
|
Nd ipld.Node
|
||||||
|
cached *ft.FSNode
|
||||||
|
+ children map[string]fs.Node
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *Node) loadData() error {
|
||||||
|
@@ -144,6 +145,9 @@ func (s *Node) Attr(ctx context.Context, a *fuse.Attr) error {
|
||||||
|
// Lookup performs a lookup under this node.
|
||||||
|
func (s *Node) Lookup(ctx context.Context, name string) (fs.Node, error) {
|
||||||
|
log.Debugf("Lookup '%s'", name)
|
||||||
|
+ if childNode, ok := s.children[name] ; ok {
|
||||||
|
+ return childNode, nil
|
||||||
|
+ }
|
||||||
|
link, _, err := uio.ResolveUnixfsOnce(ctx, s.Ipfs.DAG, s.Nd, []string{name})
|
||||||
|
switch err {
|
||||||
|
case os.ErrNotExist, mdag.ErrLinkNotFound:
|
||||||
|
@@ -165,8 +169,9 @@ func (s *Node) Lookup(ctx context.Context, name string) (fs.Node, error) {
|
||||||
|
case nil:
|
||||||
|
// noop
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- return &Node{Ipfs: s.Ipfs, Nd: nd}, nil
|
||||||
|
+ childNode := &Node{Ipfs: s.Ipfs, Nd: nd, children: make(map[string]fs.Node)}
|
||||||
|
+ s.children[name] = childNode
|
||||||
|
+ return childNode, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ReadDirAll reads the link structure as directory entries
|
25
patches/base/ipfs/ipfs-fuse-nuke-getxattr.patch
Normal file
25
patches/base/ipfs/ipfs-fuse-nuke-getxattr.patch
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
diff --git a/fuse/readonly/readonly_unix.go b/fuse/readonly/readonly_unix.go
|
||||||
|
index 3a2269393..8bff88f28 100644
|
||||||
|
--- a/fuse/readonly/readonly_unix.go
|
||||||
|
+++ b/fuse/readonly/readonly_unix.go
|
||||||
|
@@ -228,12 +228,6 @@ func (s *Node) ReadDirAll(ctx context.Context) ([]fuse.Dirent, error) {
|
||||||
|
return nil, fuse.ENOENT
|
||||||
|
}
|
||||||
|
|
||||||
|
-func (s *Node) Getxattr(ctx context.Context, req *fuse.GetxattrRequest, resp *fuse.GetxattrResponse) error {
|
||||||
|
- // TODO: is nil the right response for 'bug off, we ain't got none' ?
|
||||||
|
- resp.Xattr = nil
|
||||||
|
- return nil
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
func (s *Node) Readlink(ctx context.Context, req *fuse.ReadlinkRequest) (string, error) {
|
||||||
|
if s.cached == nil || s.cached.Type() != ft.TSymlink {
|
||||||
|
return "", fuse.Errno(syscall.EINVAL)
|
||||||
|
@@ -278,7 +272,6 @@ type roNode interface {
|
||||||
|
fs.Node
|
||||||
|
fs.NodeStringLookuper
|
||||||
|
fs.NodeReadlinker
|
||||||
|
- fs.NodeGetxattrer
|
||||||
|
}
|
||||||
|
|
||||||
|
var _ roNode = (*Node)(nil)
|
|
@ -0,0 +1,14 @@
|
||||||
|
diff --git a/vendor/github.com/ipfs/go-filestore/fsrefstore.go b/vendor/github.com/ipfs/go-filestore/fsrefstore.go
|
||||||
|
index 19927e0..7ff13aa 100644
|
||||||
|
--- a/vendor/github.com/ipfs/go-filestore/fsrefstore.go
|
||||||
|
+++ b/vendor/github.com/ipfs/go-filestore/fsrefstore.go
|
||||||
|
@@ -281,9 +281,6 @@ func (f *FileManager) putTo(b *posinfo.FilestoreNode, to putter) error {
|
||||||
|
if !f.AllowFiles {
|
||||||
|
return ErrFilestoreNotEnabled
|
||||||
|
}
|
||||||
|
- if !filepath.HasPrefix(b.PosInfo.FullPath, f.root) { //nolint:staticcheck
|
||||||
|
- return fmt.Errorf("cannot add filestore references outside ipfs root (%s)", f.root)
|
||||||
|
- }
|
||||||
|
|
||||||
|
p, err := filepath.Rel(f.root, b.PosInfo.FullPath)
|
||||||
|
if err != nil {
|
12
patches/base/ipfs/ipfs-void-tld.patch
Normal file
12
patches/base/ipfs/ipfs-void-tld.patch
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
diff --git a/namesys/namesys.go b/namesys/namesys.go
|
||||||
|
index 760d04c17..4f3de146d 100644
|
||||||
|
--- a/namesys/namesys.go
|
||||||
|
+++ b/namesys/namesys.go
|
||||||
|
@@ -236,3 +236,7 @@ func (ns *mpns) PublishWithEOL(ctx context.Context, name ci.PrivKey, value path.
|
||||||
|
ns.cacheSet(string(id), value, ttl)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+func init() {
|
||||||
|
+ isd.ExtendedTLDs["VOID"] = true
|
||||||
|
+}
|
11
patches/base/ipfs/lain-webui-0.8.0.patch
Normal file
11
patches/base/ipfs/lain-webui-0.8.0.patch
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
--- a/core/corehttp/webui.go 2020-05-09 04:58:18.000000000 +0200
|
||||||
|
+++ b/core/corehttp/webui.go 2020-07-15 00:22:00.439862559 +0200
|
||||||
|
@@ -1,7 +1,7 @@
|
||||||
|
package corehttp
|
||||||
|
|
||||||
|
// TODO: move to IPNS
|
||||||
|
-const WebUIPath = "/ipfs/bafybeif4zkmu7qdhkpf3pnhwxipylqleof7rl6ojbe7mq3fzogz6m4xk3i" // v2.11.4
|
||||||
|
+const WebUIPath = "/ipns/webui.ipfs.privatevoid.net"
|
||||||
|
|
||||||
|
// this is a list of all past webUI paths.
|
||||||
|
var WebUIPaths = []string{
|
162
patches/base/nix/nix-flake-default.patch
Normal file
162
patches/base/nix/nix-flake-default.patch
Normal file
|
@ -0,0 +1,162 @@
|
||||||
|
diff --git a/src/nix/installables.cc b/src/nix/installables.cc
|
||||||
|
index 4e6bf4a9a..ab672f8be 100644
|
||||||
|
--- a/src/libcmd/installables.cc
|
||||||
|
+++ b/src/libcmd/installables.cc
|
||||||
|
@@ -20,6 +20,10 @@
|
||||||
|
|
||||||
|
namespace nix {
|
||||||
|
|
||||||
|
+const static std::regex attrPathRegex(
|
||||||
|
+ R"((?:[a-zA-Z0-9_"-][a-zA-Z0-9_".-]*))",
|
||||||
|
+ std::regex::ECMAScript);
|
||||||
|
+
|
||||||
|
void completeFlakeInputPath(
|
||||||
|
ref<EvalState> evalState,
|
||||||
|
const FlakeRef & flakeRef,
|
||||||
|
@@ -215,10 +219,19 @@ void completeFlakeRefWithFragment(
|
||||||
|
/* Look for flake output attributes that match the
|
||||||
|
prefix. */
|
||||||
|
try {
|
||||||
|
+ bool isAttrPath = std::regex_match(prefix.begin(), prefix.end(), attrPathRegex);
|
||||||
|
auto hash = prefix.find('#');
|
||||||
|
- if (hash != std::string::npos) {
|
||||||
|
- auto fragment = prefix.substr(hash + 1);
|
||||||
|
- auto flakeRefS = std::string(prefix.substr(0, hash));
|
||||||
|
+ if (isAttrPath || hash != std::string::npos) {
|
||||||
|
+ auto fragment =
|
||||||
|
+ isAttrPath
|
||||||
|
+ ? prefix
|
||||||
|
+ : prefix.substr(hash + 1);
|
||||||
|
+
|
||||||
|
+ auto flakeRefS =
|
||||||
|
+ isAttrPath
|
||||||
|
+ ? std::string("flake:default")
|
||||||
|
+ : std::string(prefix.substr(0, hash));
|
||||||
|
+
|
||||||
|
// FIXME: do tilde expansion.
|
||||||
|
auto flakeRef = parseFlakeRef(flakeRefS, absPath("."));
|
||||||
|
|
||||||
|
@@ -251,7 +264,10 @@ void completeFlakeRefWithFragment(
|
||||||
|
auto attrPath2 = attr->getAttrPath(attr2);
|
||||||
|
/* Strip the attrpath prefix. */
|
||||||
|
attrPath2.erase(attrPath2.begin(), attrPath2.begin() + attrPathPrefix.size());
|
||||||
|
- completions->add(flakeRefS + "#" + concatStringsSep(".", attrPath2));
|
||||||
|
+ if (isAttrPath)
|
||||||
|
+ completions->add(concatStringsSep(".", attrPath2));
|
||||||
|
+ else
|
||||||
|
+ completions->add(flakeRefS + "#" + concatStringsSep(".", attrPath2));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -626,7 +642,13 @@ std::vector<std::shared_ptr<Installable>> SourceExprCommand::parseInstallables(
|
||||||
|
std::exception_ptr ex;
|
||||||
|
|
||||||
|
try {
|
||||||
|
- auto [flakeRef, fragment] = parseFlakeRefWithFragment(s, absPath("."));
|
||||||
|
+ bool isAttrPath = std::regex_match(s, attrPathRegex);
|
||||||
|
+
|
||||||
|
+ auto [flakeRef, fragment] =
|
||||||
|
+ isAttrPath
|
||||||
|
+ ? std::make_pair(parseFlakeRef("flake:default", absPath(".")), s)
|
||||||
|
+ : parseFlakeRefWithFragment(s, absPath("."));
|
||||||
|
+
|
||||||
|
result.push_back(std::make_shared<InstallableFlake>(
|
||||||
|
getEvalState(), std::move(flakeRef),
|
||||||
|
fragment == "" ? getDefaultFlakeAttrPaths() : Strings{fragment},
|
||||||
|
diff --git a/src/nix/search.cc b/src/nix/search.cc
|
||||||
|
index 9f864b3a4..b21118ece 100644
|
||||||
|
--- a/src/nix/search.cc
|
||||||
|
+++ b/src/nix/search.cc
|
||||||
|
@@ -30,13 +30,32 @@ std::string hilite(const std::string & s, const std::smatch & m, std::string pos
|
||||||
|
+ std::string(m.suffix());
|
||||||
|
}
|
||||||
|
|
||||||
|
-struct CmdSearch : InstallableCommand, MixJSON
|
||||||
|
+struct CmdSearch : SourceExprCommand, MixJSON
|
||||||
|
{
|
||||||
|
+ std::string _installable{"flake:default"};
|
||||||
|
std::vector<std::string> res;
|
||||||
|
|
||||||
|
CmdSearch()
|
||||||
|
{
|
||||||
|
- expectArgs("regex", &res);
|
||||||
|
+ bool hasInstallable = false;
|
||||||
|
+
|
||||||
|
+ addFlag({
|
||||||
|
+ .longName = "installable",
|
||||||
|
+ .shortName = 'i',
|
||||||
|
+ .description = "Search within this installable",
|
||||||
|
+ .labels = {"installable"},
|
||||||
|
+ .handler = {[this, &hasInstallable](std::string ss) {
|
||||||
|
+ hasInstallable = true;
|
||||||
|
+ _installable = ss;
|
||||||
|
+ }},
|
||||||
|
+ .completer = completePath
|
||||||
|
+ });
|
||||||
|
+
|
||||||
|
+ if (hasInstallable && (file || expr)) {
|
||||||
|
+ throw UsageError("'--installable' cannot be used together with '--file' or '--expr'");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ expectArgs("args", &res);
|
||||||
|
}
|
||||||
|
|
||||||
|
std::string description() override
|
||||||
|
@@ -63,6 +82,8 @@ struct CmdSearch : InstallableCommand, MixJSON
|
||||||
|
{
|
||||||
|
settings.readOnlyMode = true;
|
||||||
|
|
||||||
|
+ auto installable = parseInstallable(store, (file || expr) ? "" : _installable);
|
||||||
|
+
|
||||||
|
// Empty search string should match all packages
|
||||||
|
// Use "^" here instead of ".*" due to differences in resulting highlighting
|
||||||
|
// (see #1893 -- libc++ claims empty search string is not in POSIX grammar)
|
||||||
|
diff --git a/tests/flakes.sh b/tests/flakes.sh
|
||||||
|
index 2b7bcdd68..f654b2f36 100644
|
||||||
|
--- a/tests/flakes.sh
|
||||||
|
+++ b/tests/flakes.sh
|
||||||
|
@@ -188,7 +188,7 @@ nix build -o $TEST_ROOT/result flake1#foo
|
||||||
|
[[ -e $TEST_ROOT/result/hello ]]
|
||||||
|
|
||||||
|
# Test defaultPackage.
|
||||||
|
-nix build -o $TEST_ROOT/result flake1
|
||||||
|
+nix build -o $TEST_ROOT/result flake1#
|
||||||
|
[[ -e $TEST_ROOT/result/hello ]]
|
||||||
|
|
||||||
|
nix build -o $TEST_ROOT/result $flake1Dir
|
||||||
|
diff --git a/tests/search.sh b/tests/search.sh
|
||||||
|
index ee3261687..e41963c2d 100644
|
||||||
|
--- a/tests/search.sh
|
||||||
|
+++ b/tests/search.sh
|
||||||
|
@@ -3,23 +3,23 @@ source common.sh
|
||||||
|
clearStore
|
||||||
|
clearCache
|
||||||
|
|
||||||
|
-(( $(nix search -f search.nix '' hello | wc -l) > 0 ))
|
||||||
|
+(( $(nix search -f search.nix hello | wc -l) > 0 ))
|
||||||
|
|
||||||
|
# Check descriptions are searched
|
||||||
|
-(( $(nix search -f search.nix '' broken | wc -l) > 0 ))
|
||||||
|
+(( $(nix search -f search.nix broken | wc -l) > 0 ))
|
||||||
|
|
||||||
|
# Check search that matches nothing
|
||||||
|
-(( $(nix search -f search.nix '' nosuchpackageexists | wc -l) == 0 ))
|
||||||
|
+(( $(nix search -f search.nix nosuchpackageexists | wc -l) == 0 ))
|
||||||
|
|
||||||
|
# Search for multiple arguments
|
||||||
|
-(( $(nix search -f search.nix '' hello empty | wc -l) == 2 ))
|
||||||
|
+(( $(nix search -f search.nix hello empty | wc -l) == 2 ))
|
||||||
|
|
||||||
|
# Multiple arguments will not exist
|
||||||
|
-(( $(nix search -f search.nix '' hello broken | wc -l) == 0 ))
|
||||||
|
+(( $(nix search -f search.nix hello broken | wc -l) == 0 ))
|
||||||
|
|
||||||
|
## Search expressions
|
||||||
|
|
||||||
|
# Check that empty search string matches all
|
||||||
|
-nix search -f search.nix '' |grep -q foo
|
||||||
|
-nix search -f search.nix '' |grep -q bar
|
||||||
|
-nix search -f search.nix '' |grep -q hello
|
||||||
|
+nix search -f search.nix |grep -q foo
|
||||||
|
+nix search -f search.nix |grep -q bar
|
||||||
|
+nix search -f search.nix |grep -q hello
|
15
patches/base/nix/nix-profile-list-better-ui.patch
Normal file
15
patches/base/nix/nix-profile-list-better-ui.patch
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
diff --git a/src/nix/profile.cc b/src/nix/profile.cc
|
||||||
|
index 4d275f5..48e9625 100644
|
||||||
|
--- a/src/nix/profile.cc
|
||||||
|
+++ b/src/nix/profile.cc
|
||||||
|
@@ -453,9 +453,8 @@ struct CmdProfileList : virtual EvalCommand, virtual StoreCommand, MixDefaultPro
|
||||||
|
|
||||||
|
for (size_t i = 0; i < manifest.elements.size(); ++i) {
|
||||||
|
auto & element(manifest.elements[i]);
|
||||||
|
- logger->cout("%d %s %s %s", i,
|
||||||
|
+ logger->cout("%03d %s\t%s", i,
|
||||||
|
element.source ? element.source->originalRef.to_string() + "#" + element.source->attrPath : "-",
|
||||||
|
- element.source ? element.source->resolvedRef.to_string() + "#" + element.source->attrPath : "-",
|
||||||
|
concatStringsSep(" ", store->printStorePathSet(element.storePaths)));
|
||||||
|
}
|
||||||
|
}
|
13
patches/base/nix/no-unknown-flake-outputs.patch
Normal file
13
patches/base/nix/no-unknown-flake-outputs.patch
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
diff --git a/src/nix/flake.cc b/src/nix/flake.cc
|
||||||
|
index 2f0c468..492a7de 100644
|
||||||
|
--- a/src/nix/flake.cc
|
||||||
|
+++ b/src/nix/flake.cc
|
||||||
|
@@ -574,8 +574,6 @@ struct CmdFlakeCheck : FlakeCommand
|
||||||
|
*attr.value, *attr.pos);
|
||||||
|
}
|
||||||
|
|
||||||
|
- else
|
||||||
|
- warn("unknown flake output '%s'", name);
|
||||||
|
|
||||||
|
} catch (Error & e) {
|
||||||
|
e.addTrace(pos, hintfmt("while checking flake output '%s'", name));
|
51
patches/custom/deploy-rs/deploy-rs-no-emojis.patch
Normal file
51
patches/custom/deploy-rs/deploy-rs-no-emojis.patch
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
diff --git a/src/lib.rs b/src/lib.rs
|
||||||
|
index b93b9ae..9081214 100644
|
||||||
|
--- a/src/lib.rs
|
||||||
|
+++ b/src/lib.rs
|
||||||
|
@@ -17,16 +17,6 @@ pub fn make_lock_path(temp_path: &str, closure: &str) -> String {
|
||||||
|
format!("{}/deploy-rs-canary-{}", temp_path, lock_hash)
|
||||||
|
}
|
||||||
|
|
||||||
|
-fn make_emoji(level: log::Level) -> &'static str {
|
||||||
|
- match level {
|
||||||
|
- log::Level::Error => "❌",
|
||||||
|
- log::Level::Warn => "⚠️",
|
||||||
|
- log::Level::Info => "ℹ️",
|
||||||
|
- log::Level::Debug => "❓",
|
||||||
|
- log::Level::Trace => "🖊️",
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
pub fn logger_formatter_activate(
|
||||||
|
w: &mut dyn std::io::Write,
|
||||||
|
_now: &mut DeferredNow,
|
||||||
|
@@ -36,8 +26,7 @@ pub fn logger_formatter_activate(
|
||||||
|
|
||||||
|
write!(
|
||||||
|
w,
|
||||||
|
- "⭐ {} [activate] [{}] {}",
|
||||||
|
- make_emoji(level),
|
||||||
|
+ "[activate] [{}] {}",
|
||||||
|
style(level, level.to_string()),
|
||||||
|
record.args()
|
||||||
|
)
|
||||||
|
@@ -52,8 +41,7 @@ pub fn logger_formatter_wait(
|
||||||
|
|
||||||
|
write!(
|
||||||
|
w,
|
||||||
|
- "👀 {} [wait] [{}] {}",
|
||||||
|
- make_emoji(level),
|
||||||
|
+ "[wait] [{}] {}",
|
||||||
|
style(level, level.to_string()),
|
||||||
|
record.args()
|
||||||
|
)
|
||||||
|
@@ -68,8 +56,7 @@ pub fn logger_formatter_deploy(
|
||||||
|
|
||||||
|
write!(
|
||||||
|
w,
|
||||||
|
- "🚀 {} [deploy] [{}] {}",
|
||||||
|
- make_emoji(level),
|
||||||
|
+ "[deploy] [{}] {}",
|
||||||
|
style(level, level.to_string()),
|
||||||
|
record.args()
|
||||||
|
)
|
8
repl.nix
Normal file
8
repl.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
let
|
||||||
|
flake = builtins.getFlake (toString ./.);
|
||||||
|
nixpkgs = import <nixpkgs> { };
|
||||||
|
in {
|
||||||
|
inherit flake;
|
||||||
|
inherit nixpkgs;
|
||||||
|
nixos = flake.nixosConfigurations;
|
||||||
|
}
|
12
secrets/hydra-db-credentials.age
Normal file
12
secrets/hydra-db-credentials.age
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 NO562A 8y69PgCxhGnJyWidqAWhMu5W6KmOyrPj6Yq6CH2zeXs
|
||||||
|
L+qJsxC0eJJZ6QkHk/mif/jSrlV135nYV36p8I2VABI
|
||||||
|
-> ssh-ed25519 5/zT0w 4EzS5JYeSpxinLyP1dPDar2uN/HP+mZ1SpaFrO4Z9T8
|
||||||
|
E3FWjk7Ma1+XYls0tZyVzt9rdeVC2Cxd7p0aXR8BMmY
|
||||||
|
-> ssh-ed25519 8Ib2bg IU8rm12IoW6rjJvtKZQjPypE6//B8N+zT6aYOsGsagQ
|
||||||
|
V1gwYZ2mSmwwRGrQy+5Yi6X2jc7cuSb4i8ug78TgNNs
|
||||||
|
-> 8?D(x;Zq-grease
|
||||||
|
eLVD9rsrAlXCtjq1xYeWksV+NrZJGLWIpVXOS/L5G6YoS5tmZfPIEpIJ75wylUSu
|
||||||
|
dCmo2xg
|
||||||
|
--- K4HxduHKm3NBmH/0fWai2n4O+6H7JF/4tkjc+2GQjtg
|
||||||
|
Í».>Ø—9æ$¨ZòÂÄßoÓ˜ÃCé€4R'Ú<>¥p¯20A^~½“¤B<C2A4>X=b—Jó<4A>¾gàßm¬¯n‹¾RÖÅÅ8{†Œë’s ,ùdiEá±~Ï¢‰p!¹ñ¯üº{‹½)¸¹Šž>WB²¡½È-Q ‹nV ¨A:¼
|
12
secrets/hydra-s3.age
Normal file
12
secrets/hydra-s3.age
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
age-encryption.org/v1
|
||||||
|
-> ssh-ed25519 NO562A /BSDGnygvS3MifbGGMuh4aEYLPU/ZWTHmbY2vIhati0
|
||||||
|
JKVX2J0gCpL3eUyobQySzxmjmbSGGgeYjjLxLv+psZs
|
||||||
|
-> ssh-ed25519 5/zT0w YJd4JqY/YGg6/VfzdK+6FI1/72RyRLlHsIc/CSdHwX0
|
||||||
|
85UB6ky6eeBbFIMMXeqwIwt7PN/FaWK6qNwaXdHZkj8
|
||||||
|
-> ssh-ed25519 8Ib2bg fTOeo/9ndpGTMVK0B1ZWpFOPZdbdreiulrASoJgy4Bo
|
||||||
|
X1UHKTGpFdk5TMeY7StlGVV01GNJTrXMOoSi9kAEm1c
|
||||||
|
-> 3jS]IIF-grease = `,U>Z ^m41U@0 C
|
||||||
|
Jh+cNu7e0o/a3m4yN6Wrqf3bYjXuzKfQBF3uSY+578mzlTxuhigdM7mXU8RUBad1
|
||||||
|
hoYavMvK5ipI8bbK6pNeM/R24SDJPtd28TPZ8AlWHWKqknoDW1gXndcHiJDe
|
||||||
|
--- LpT1SWpbWrqdFDV4cf2rEP9ssFr3aubcyNm3rXfdj9Y
|
||||||
|
´‰ã
"˜÷9’îÒ«ìÊ>nf›Y»ânÌ7—מÑ
7Zl'à;>-¬áú)½zV"Š§a
Á¡†;Å.f@ý’ÔŠÖM<C396>¦¼£ÛÙáš]Ô”ëN+$j´ªd`aˆFÀ_Ï„Ö‹±JǦšE~\ŽÖ¯{7ªÄ<C2AA>iˆÇV¾eë‚ìeýKC%³ÁÑ̦BKR9.ê<>QV0µ¡Y}
|
9
secrets/secrets.nix
Normal file
9
secrets/secrets.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
let
|
||||||
|
max = (import ../users/max/userinfo.nix null).sshKeys;
|
||||||
|
hosts = import ../hosts;
|
||||||
|
systemKeys = x: x.ssh.id.publicKey or null;
|
||||||
|
in with hosts;
|
||||||
|
{
|
||||||
|
"hydra-s3.age".publicKeys = max ++ map systemKeys [ styx ];
|
||||||
|
"hydra-db-credentials.age".publicKeys = max ++ map systemKeys [ styx ];
|
||||||
|
}
|
16
users/max/userinfo.nix
Normal file
16
users/max/userinfo.nix
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
pkgs: rec {
|
||||||
|
firstName = "Max";
|
||||||
|
lastName = "Headroom";
|
||||||
|
userName = "max";
|
||||||
|
orgDomain = "privatevoid.net";
|
||||||
|
|
||||||
|
security = { pkcs11Providers = [ "${pkgs.opensc}/lib/opensc-pkcs11.so" ]; };
|
||||||
|
|
||||||
|
sshKeys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL5C7mC5S2gM0K6x0L/jNwAeQYbFSzs16Q73lONUlIkL max@TITAN"
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmdWfmAs/0rno8zJlhBFMY2SumnHbTNdZUXJqxgd9ON max@jericho"
|
||||||
|
];
|
||||||
|
|
||||||
|
email = "${userName}@${orgDomain}";
|
||||||
|
gecos = "${firstName} ${lastName}";
|
||||||
|
}
|
Loading…
Reference in a new issue