summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Sima <ben@bsima.me>2024-04-01 13:30:45 -0400
committerBen Sima <ben@bsima.me>2024-04-01 13:30:45 -0400
commitdb373a8c727cad91d375b40a6c70b11ed73bdafb (patch)
treea7ed24e98242b6e38f44cb0c9884718d248cc613
parent5c8ef1bf4dff4fc7c6e66a57673a81477bcc850a (diff)
Add nixfmt to Lint.hs
nixfmt is the soon-to-be official formatter for Nix code, as per the NixOS GitHub group. So I figure I should just adopt it without worrying too much about the specifics of the formatting. I just formatted everything in one go, hence the huge diff, oh well.
-rw-r--r--Biz/Bild.nix326
-rw-r--r--Biz/Bild/Builder.nix258
-rw-r--r--Biz/Bild/Constants.nix4
-rw-r--r--Biz/Bild/Deps.nix94
-rw-r--r--Biz/Bild/Deps/C.nix4
-rw-r--r--Biz/Bild/Deps/accelerate.nix12
-rw-r--r--Biz/Bild/Deps/autogen.nix61
-rw-r--r--Biz/Bild/Deps/bitsandbytes.nix48
-rw-r--r--Biz/Bild/Deps/exllama.nix20
-rw-r--r--Biz/Bild/Deps/guile-opengl.nix10
-rw-r--r--Biz/Bild/Deps/inspekt3d.nix14
-rw-r--r--Biz/Bild/Deps/interegular.nix11
-rw-r--r--Biz/Bild/Deps/lion-pytorch.nix9
-rw-r--r--Biz/Bild/Deps/llama-cpp.nix12
-rw-r--r--Biz/Bild/Deps/nostr-rs-relay.nix5
-rw-r--r--Biz/Bild/Deps/outlines.nix23
-rw-r--r--Biz/Bild/Deps/perscache.nix22
-rw-r--r--Biz/Bild/Nixpkgs.nix18
-rw-r--r--Biz/Bild/Sources.nix227
-rw-r--r--Biz/Bot.nix13
-rw-r--r--Biz/Cloud.nix2
-rw-r--r--Biz/Cloud/Cgit.nix85
-rw-r--r--Biz/Cloud/Chat.nix50
-rw-r--r--Biz/Cloud/Comms.nix5
-rw-r--r--Biz/Cloud/Comms/Mumble.nix7
-rw-r--r--Biz/Cloud/Comms/Xmpp.nix27
-rw-r--r--Biz/Cloud/Git.nix21
-rw-r--r--Biz/Cloud/Gmnisrv.nix23
-rw-r--r--Biz/Cloud/Hardware.nix8
-rw-r--r--Biz/Cloud/Hub.nix2
-rw-r--r--Biz/Cloud/Mail.nix18
-rw-r--r--Biz/Cloud/Networking.nix33
-rw-r--r--Biz/Cloud/NostrRelay.nix6
-rw-r--r--Biz/Cloud/Ports.nix10
-rw-r--r--Biz/Cloud/Web.nix89
-rw-r--r--Biz/Cloud/Znc.nix49
-rw-r--r--Biz/Dev/Beryllium.nix2
-rw-r--r--Biz/Dev/Beryllium/Configuration.nix13
-rw-r--r--Biz/Dev/Beryllium/Hardware.nix26
-rw-r--r--Biz/Dev/Dns.nix15
-rw-r--r--Biz/Dev/Guix.nix24
-rw-r--r--Biz/Dev/Hoogle.nix6
-rw-r--r--Biz/Dev/Lithium.nix2
-rw-r--r--Biz/Dev/Lithium/Configuration.nix46
-rw-r--r--Biz/Dev/Lithium/Hardware.nix28
-rw-r--r--Biz/Dev/Networking.nix22
-rw-r--r--Biz/Dev/Vpn.nix2
-rw-r--r--Biz/Dragons.nix15
-rw-r--r--Biz/Dragons/Analysis.nix7
-rw-r--r--Biz/Lint.hs36
-rw-r--r--Biz/Nixpert.nix2
-rw-r--r--Biz/OsBase.nix18
-rw-r--r--Biz/Que.nix58
-rw-r--r--Biz/Que/Host.nix14
-rw-r--r--Biz/Que/Site.nix12
-rw-r--r--Biz/Users.nix19
-rw-r--r--Urbit/Harbor.nix47
-rw-r--r--Urbit/Ship.nix11
-rw-r--r--default.nix2
-rw-r--r--shell.nix4
60 files changed, 998 insertions, 1059 deletions
diff --git a/Biz/Bild.nix b/Biz/Bild.nix
index 097a089..04be55f 100644
--- a/Biz/Bild.nix
+++ b/Biz/Bild.nix
@@ -3,161 +3,175 @@
let
constants = import ./Bild/Constants.nix;
lib = nixpkgs.lib;
-# put all of our stuff in the 'bild' namespace
-in nixpkgs // { bild = rec {
- # provided by .envrc
- root = builtins.getEnv "CODEROOT";
-
- inherit (nixpkgs) sources;
-
- haskell = rec {
- inherit (constants) ghcCompiler;
-
- # all available packages
- deps = import ./Bild/Deps/Haskell.nix;
- packages = lib.attrsets.getAttrs deps nixpkgs.haskellPackages;
-
- # make a ghc with dependencies
- ghcWith = nixpkgs.haskell.packages.${ghcCompiler}.ghcWithHoogle;
-
- # ghc with all packages, used for generating bild's package database
- ghcPackageSetFull = ghcWith (p: lib.attrsets.attrVals deps p);
-
- # bild's dependencies, needs to be hand-written
- ghcPackageSetBild = ghcWith (hpkgs: with hpkgs; [
- aeson async base bytestring conduit conduit-extra containers directory
- docopt filepath process protolude rainbow regex-applicative split tasty
- tasty-hunit tasty-quickcheck text hostname
- wai # can remove when removed from Biz.Log
- ]);
- };
-
- lisp = {
- sbclWith = nixpkgs.lispPackages_new.sbclWithPackages;
- };
-
- python = {
- packages = nixpkgs.python3Packages;
- pythonWith = nixpkgs.python3.withPackages;
- buildPythonApplication = nixpkgs.python3.pkgs.buildPythonApplication;
+ # put all of our stuff in the 'bild' namespace
+in nixpkgs // {
+ bild = rec {
+ # provided by .envrc
+ root = builtins.getEnv "CODEROOT";
+
+ inherit (nixpkgs) sources;
+
+ haskell = rec {
+ inherit (constants) ghcCompiler;
+
+ # all available packages
+ deps = import ./Bild/Deps/Haskell.nix;
+ packages = lib.attrsets.getAttrs deps nixpkgs.haskellPackages;
+
+ # make a ghc with dependencies
+ ghcWith = nixpkgs.haskell.packages.${ghcCompiler}.ghcWithHoogle;
+
+ # ghc with all packages, used for generating bild's package database
+ ghcPackageSetFull = ghcWith (p: lib.attrsets.attrVals deps p);
+
+ # bild's dependencies, needs to be hand-written
+ ghcPackageSetBild = ghcWith (hpkgs:
+ with hpkgs; [
+ aeson
+ async
+ base
+ bytestring
+ conduit
+ conduit-extra
+ containers
+ directory
+ docopt
+ filepath
+ process
+ protolude
+ rainbow
+ regex-applicative
+ split
+ tasty
+ tasty-hunit
+ tasty-quickcheck
+ text
+ hostname
+ wai # can remove when removed from Biz.Log
+ ]);
+ };
+
+ lisp = { sbclWith = nixpkgs.lispPackages_new.sbclWithPackages; };
+
+ python = {
+ packages = nixpkgs.python3Packages;
+ pythonWith = nixpkgs.python3.withPackages;
+ buildPythonApplication = nixpkgs.python3.pkgs.buildPythonApplication;
+ };
+
+ # c packages are just nixpkgs, filtered to just the list of deps i want
+ c.packages = lib.attrsets.getAttrs (import ./Bild/Deps/C.nix) nixpkgs.pkgs;
+
+ # expose some packages for inclusion in os/image builds
+ pkgs = with nixpkgs.pkgs; {
+ inherit black deadnix git hlint indent ormolu ruff shellcheck nixfmt;
+ };
+
+ # a standard nix build for bild, for bootstrapping. this should be the only
+ # hand-written builder we need
+ bild = nixpkgs.stdenv.mkDerivation {
+ name = "bild";
+ src = ../.;
+ nativeBuildInputs = [ haskell.ghcPackageSetBild ];
+ buildInputs = [ nixpkgs.makeWrapper ];
+ propagatedBuildInputs = with nixpkgs; [
+ pkg-config
+ git
+ # this is just to get access to ghc-pkg in bild
+ (haskell.ghcWith (_: [ ]))
+
+ # lisp deps, remove this when i implement nix builds for lisp
+ guile
+ (lisp.sbclWith
+ (p: with p; [ asdf alexandria ])) # just enough to build Example.lisp
+ ];
+ strictDeps = true;
+ buildPhase = ''
+ mkdir -p $out/bin $out/lib/ghc-${haskell.ghcPackageSetFull.version}
+ cp -r \
+ ${haskell.ghcPackageSetFull}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d \
+ $out/lib/ghc-${haskell.ghcPackageSetFull.version}
+ ghc \
+ -threaded \
+ -Werror \
+ -i. \
+ --make Biz/Bild.hs \
+ -main-is Biz.Bild \
+ -o $out/bin/bild
+ '';
+ installPhase = ''
+ wrapProgram $out/bin/bild \
+ --prefix PATH : ${
+ lib.makeBinPath [ haskell.ghcPackageSetBild pkgs.git ]
+ } \
+ --set GHC_PACKAGE_PATH \
+ $out/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d
+ '';
+ };
+
+ # wrapper around bild
+ runBildAnalyze = target:
+ nixpkgs.stdenv.mkDerivation rec {
+ name = "bild-analysis";
+ src = ../.;
+ USER = "nixbld";
+ HOSTNAME = "nix-sandbox";
+ # this is the default sandbox path where bild will be working:
+ CODEROOT = "/build/omni";
+ # we need to remove the $src root because bild expects paths relative to the
+ # working directory:
+ TARGET = "."
+ + lib.strings.removePrefix (toString src) (toString target);
+ buildPhase = ''
+ mkdir $out
+ ${bild}/bin/bild --plan "$TARGET" 1> $out/analysis.json \
+ 2> >(tee -a $out/stderr >&2)
+ '';
+ installPhase = "exit 0";
+ };
+
+ # gather data needed for compiling by analyzing the main module. returns the
+ # json object of the build
+ analyze = target:
+ builtins.readFile (runBildAnalyze target + "/analysis.json");
+
+ # this does a bild build for the given target, but entirely in nix. its kinda
+ # like IFD, but not as costly, i think
+ run = target: import ./Bild/Builder.nix { analysisJSON = analyze target; };
+
+ # the main development environment
+ env = nixpkgs.pkgs.mkShell {
+ name = "bizdev";
+ # this should just be dev tools
+ buildInputs = with nixpkgs.pkgs; [
+ bat
+ bc
+ bild
+ black
+ ctags
+ fd
+ figlet
+ fzf
+ git
+ git-branchless
+ gitlint
+ jq
+ lolcat
+ nixpkgs.haskell.packages.${constants.ghcCompiler}.fast-tags
+ ormolu
+ ripgrep
+ tree
+ wemux
+ ];
+ shellHook = ''
+ export GHC_PACKAGE_PATH=${bild}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d
+ '';
+ };
+
+ # build an operating system. 'cfg' is the NixOS config
+ os = cfg: (nixpkgs.nixos (_args: cfg)).toplevel;
+
+ # build a docker image
+ image = nixpkgs.pkgs.dockerTools.buildImage;
};
-
- # c packages are just nixpkgs, filtered to just the list of deps i want
- c.packages = lib.attrsets.getAttrs (import ./Bild/Deps/C.nix) nixpkgs.pkgs;
-
- # expose some packages for inclusion in os/image builds
- pkgs = with nixpkgs.pkgs; {
- inherit
- black
- deadnix
- git
- hlint
- indent
- ormolu
- ruff
- shellcheck
- ;
- };
-
- # a standard nix build for bild, for bootstrapping. this should be the only
- # hand-written builder we need
- bild = nixpkgs.stdenv.mkDerivation {
- name = "bild";
- src = ../.;
- nativeBuildInputs = [ haskell.ghcPackageSetBild ];
- buildInputs = [ nixpkgs.makeWrapper ];
- propagatedBuildInputs = with nixpkgs; [
- pkg-config
- git
- # this is just to get access to ghc-pkg in bild
- (haskell.ghcWith (_: []))
-
- # lisp deps, remove this when i implement nix builds for lisp
- guile
- (lisp.sbclWith (p: with p; [asdf alexandria])) # just enough to build Example.lisp
- ];
- strictDeps = true;
- buildPhase = ''
- mkdir -p $out/bin $out/lib/ghc-${haskell.ghcPackageSetFull.version}
- cp -r \
- ${haskell.ghcPackageSetFull}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d \
- $out/lib/ghc-${haskell.ghcPackageSetFull.version}
- ghc \
- -threaded \
- -Werror \
- -i. \
- --make Biz/Bild.hs \
- -main-is Biz.Bild \
- -o $out/bin/bild
- '';
- installPhase = ''
- wrapProgram $out/bin/bild \
- --prefix PATH : ${lib.makeBinPath [ haskell.ghcPackageSetBild pkgs.git ]} \
- --set GHC_PACKAGE_PATH \
- $out/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d
- '';
- };
-
- # wrapper around bild
- runBildAnalyze = target: nixpkgs.stdenv.mkDerivation rec {
- name = "bild-analysis";
- src = ../.;
- USER = "nixbld";
- HOSTNAME = "nix-sandbox";
- # this is the default sandbox path where bild will be working:
- CODEROOT = "/build/omni";
- # we need to remove the $src root because bild expects paths relative to the
- # working directory:
- TARGET = "." + lib.strings.removePrefix (toString src) (toString target);
- buildPhase = ''
- mkdir $out
- ${bild}/bin/bild --plan "$TARGET" 1> $out/analysis.json \
- 2> >(tee -a $out/stderr >&2)
- '';
- installPhase = "exit 0";
- };
-
- # gather data needed for compiling by analyzing the main module. returns the
- # json object of the build
- analyze = target: builtins.readFile (runBildAnalyze target + "/analysis.json");
-
- # this does a bild build for the given target, but entirely in nix. its kinda
- # like IFD, but not as costly, i think
- run = target: import ./Bild/Builder.nix { analysisJSON = analyze target; };
-
- # the main development environment
- env = nixpkgs.pkgs.mkShell {
- name = "bizdev";
- # this should just be dev tools
- buildInputs = with nixpkgs.pkgs; [
- bat
- bc
- bild
- black
- ctags
- fd
- figlet
- fzf
- git
- git-branchless
- gitlint
- jq
- lolcat
- nixpkgs.haskell.packages.${constants.ghcCompiler}.fast-tags
- ormolu
- ripgrep
- tree
- wemux
- ];
- shellHook = ''
- export GHC_PACKAGE_PATH=${bild}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d
- '';
- };
-
- # build an operating system. 'cfg' is the NixOS config
- os = cfg: (nixpkgs.nixos (_args: cfg)).toplevel;
-
- # build a docker image
- image = nixpkgs.pkgs.dockerTools.buildImage;
-};
}
diff --git a/Biz/Bild/Builder.nix b/Biz/Bild/Builder.nix
index 959d176..d2e6875 100644
--- a/Biz/Bild/Builder.nix
+++ b/Biz/Bild/Builder.nix
@@ -1,148 +1,158 @@
-/*
-This is the library of nix builders. Some rules to follow:
-- Keep this code as minimal as possible. I'd rather write Haskell than Nix,
- wouldn't you?
-- Try to reuse as much upstream Nix as possible.
+/* This is the library of nix builders. Some rules to follow:
+ - Keep this code as minimal as possible. I'd rather write Haskell than Nix,
+ wouldn't you?
+ - Try to reuse as much upstream Nix as possible.
*/
-{ analysisJSON, nixpkgs ? import ../Bild.nix {} }:
+{ analysisJSON, nixpkgs ? import ../Bild.nix { } }:
with nixpkgs;
let
analysis = builtins.fromJSON analysisJSON;
- build = _: target: let
- name = target.out;
- root = builtins.getEnv "CODEROOT";
- mainModule = target.mainModule;
- compileLine =
- lib.strings.concatStringsSep " " ([target.compiler] ++ target.compilerFlags);
+ build = _: target:
+ let
+ name = target.out;
+ root = builtins.getEnv "CODEROOT";
+ mainModule = target.mainModule;
+ compileLine = lib.strings.concatStringsSep " "
+ ([ target.compiler ] ++ target.compilerFlags);
- allSources = target.srcs ++ [target.quapath];
+ allSources = target.srcs ++ [ target.quapath ];
- isEmpty = x: x == null || x == [];
+ isEmpty = x: x == null || x == [ ];
- skip = ["_" ".direnv"];
- filter = file: type:
- if lib.lists.elem (builtins.baseNameOf file) skip then false
- # TODO: this means any new directory will cause a rebuild. this bad. i
- # should recurse into the directory and match against the srcs. for now I
- # just use preBuild to delete empty dirs
- else if type == "directory" then true
- else if type == "regular" then lib.trivial.pipe file
- [ (f: lib.strings.removePrefix "${root}/" f)
- (f: lib.lists.elem f allSources)
- ]
- else false;
+ skip = [ "_" ".direnv" ];
+ filter = file: type:
+ if lib.lists.elem (builtins.baseNameOf file) skip then
+ false
+ # TODO: this means any new directory will cause a rebuild. this bad. i
+ # should recurse into the directory and match against the srcs. for now I
+ # just use preBuild to delete empty dirs
+ else if type == "directory" then
+ true
+ else if type == "regular" then
+ lib.trivial.pipe file [
+ (f: lib.strings.removePrefix "${root}/" f)
+ (f: lib.lists.elem f allSources)
+ ]
+ else
+ false;
- # remove empty directories, leftover from the src filter
- preBuild = "find . -type d -empty -delete";
+ # remove empty directories, leftover from the src filter
+ preBuild = "find . -type d -empty -delete";
- src = lib.sources.cleanSourceWith {inherit filter; src = lib.sources.cleanSource root;};
+ src = lib.sources.cleanSourceWith {
+ inherit filter;
+ src = lib.sources.cleanSource root;
+ };
- langdeps_ =
- if isEmpty target.langdeps then
- []
+ langdeps_ = if isEmpty target.langdeps then
+ [ ]
else
- lib.attrsets.attrVals
- target.langdeps
- (lib.attrsets.getAttrFromPath (lib.strings.splitString "." target.packageSet) bild);
+ lib.attrsets.attrVals target.langdeps (lib.attrsets.getAttrFromPath
+ (lib.strings.splitString "." target.packageSet) bild);
- sysdeps_ =
- if isEmpty target.sysdeps then
- []
+ sysdeps_ = if isEmpty target.sysdeps then
+ [ ]
else
lib.attrsets.attrVals target.sysdeps pkgs;
- rundeps_ =
- if isEmpty target.rundeps then
- []
+ rundeps_ = if isEmpty target.rundeps then
+ [ ]
else
lib.attrsets.attrVals target.rundeps bild.pkgs;
- CODEROOT = ".";
+ CODEROOT = ".";
- builders = {
- base = stdenv.mkDerivation rec {
- inherit name src CODEROOT preBuild;
- buildInputs = langdeps_ ++ sysdeps_;
- installPhase = "install -D ${name} $out/bin/${name}";
- buildPhase = compileLine;
- };
+ builders = {
+ base = stdenv.mkDerivation rec {
+ inherit name src CODEROOT preBuild;
+ buildInputs = langdeps_ ++ sysdeps_;
+ installPhase = "install -D ${name} $out/bin/${name}";
+ buildPhase = compileLine;
+ };
- haskell = stdenv.mkDerivation rec {
- inherit name src CODEROOT preBuild;
- nativeBuildInputs = [ makeWrapper ];
- buildInputs = sysdeps_ ++ [
- (bild.haskell.ghcWith (p:
- (lib.attrsets.attrVals target.langdeps p)
- ))
- ];
- buildPhase = compileLine;
- installPhase = ''
- install -D ${name} $out/bin/${name}
- wrapProgram $out/bin/${name} \
- --prefix PATH : ${lib.makeBinPath rundeps_}
- '';
- };
+ haskell = stdenv.mkDerivation rec {
+ inherit name src CODEROOT preBuild;
+ nativeBuildInputs = [ makeWrapper ];
+ buildInputs = sysdeps_ ++ [
+ (bild.haskell.ghcWith
+ (p: (lib.attrsets.attrVals target.langdeps p)))
+ ];
+ buildPhase = compileLine;
+ installPhase = ''
+ install -D ${name} $out/bin/${name}
+ wrapProgram $out/bin/${name} \
+ --prefix PATH : ${lib.makeBinPath rundeps_}
+ '';
+ };
- c = stdenv.mkDerivation rec {
- inherit name src CODEROOT preBuild;
- buildInputs = langdeps_ ++ sysdeps_;
- installPhase = "install -D ${name} $out/bin/${name}";
- buildPhase = lib.strings.concatStringsSep " " [
- compileLine
- (if isEmpty langdeps_ then "" else
- "$(pkg-config --cflags ${lib.strings.concatStringsSep " " target.langdeps})")
- (if isEmpty sysdeps_ then "" else
- "$(pkg-config --libs ${lib.strings.concatStringsSep " " target.sysdeps})")
- ];
- };
+ c = stdenv.mkDerivation rec {
+ inherit name src CODEROOT preBuild;
+ buildInputs = langdeps_ ++ sysdeps_;
+ installPhase = "install -D ${name} $out/bin/${name}";
+ buildPhase = lib.strings.concatStringsSep " " [
+ compileLine
+ (if isEmpty langdeps_ then
+ ""
+ else
+ "$(pkg-config --cflags ${
+ lib.strings.concatStringsSep " " target.langdeps
+ })")
+ (if isEmpty sysdeps_ then
+ ""
+ else
+ "$(pkg-config --libs ${
+ lib.strings.concatStringsSep " " target.sysdeps
+ })")
+ ];
+ };
- python = bild.python.buildPythonApplication rec {
- inherit name src CODEROOT;
- propagatedBuildInputs = langdeps_ ++ sysdeps_;
- buildInputs = sysdeps_;
- nativeCheckInputs = [ black mypy ruff ];
- checkPhase = ''
- check() {
- $@ || { echo "fail: $name: $3"; exit 1; }
- }
- cp ${../../pyproject.toml} ./pyproject.toml
- check python -m black --quiet --exclude 'setup\.py$' --check .
- check ${ruff}/bin/ruff check .
- touch ./py.typed
- check python -m mypy \
- --explicit-package-bases \
- --no-error-summary \
- --exclude 'setup\.py$' \
- .
- check python -m ${mainModule} test
- '';
- preBuild = ''
- # remove empty directories, leftover from the src filter
- find . -type d -empty -delete
- # initialize remaining dirs as python modules
- find . -type d -exec touch {}/__init__.py \;
- # generate a minimal setup.py
- cat > setup.py << EOF
- from setuptools import setup, find_packages
- setup(
- name='${name}',
- entry_points={'console_scripts':['${name} = ${mainModule}:main']},
- version='0.0.0',
- url='git://simatime.com/biz.git',
- author='dev',
- author_email='dev@simatime.com',
- description='nil',
- packages=find_packages(),
- install_requires=[],
- )
- EOF
- '';
- pythonImportsCheck = [mainModule]; # sanity check
+ python = bild.python.buildPythonApplication rec {
+ inherit name src CODEROOT;
+ propagatedBuildInputs = langdeps_ ++ sysdeps_;
+ buildInputs = sysdeps_;
+ nativeCheckInputs = [ black mypy ruff ];
+ checkPhase = ''
+ check() {
+ $@ || { echo "fail: $name: $3"; exit 1; }
+ }
+ cp ${../../pyproject.toml} ./pyproject.toml
+ check python -m black --quiet --exclude 'setup\.py$' --check .
+ check ${ruff}/bin/ruff check .
+ touch ./py.typed
+ check python -m mypy \
+ --explicit-package-bases \
+ --no-error-summary \
+ --exclude 'setup\.py$' \
+ .
+ check python -m ${mainModule} test
+ '';
+ preBuild = ''
+ # remove empty directories, leftover from the src filter
+ find . -type d -empty -delete
+ # initialize remaining dirs as python modules
+ find . -type d -exec touch {}/__init__.py \;
+ # generate a minimal setup.py
+ cat > setup.py << EOF
+ from setuptools import setup, find_packages
+ setup(
+ name='${name}',
+ entry_points={'console_scripts':['${name} = ${mainModule}:main']},
+ version='0.0.0',
+ url='git://simatime.com/biz.git',
+ author='dev',
+ author_email='dev@simatime.com',
+ description='nil',
+ packages=find_packages(),
+ install_requires=[],
+ )
+ EOF
+ '';
+ pythonImportsCheck = [ mainModule ]; # sanity check
+ };
};
- };
- in builders.${target.builder};
-# the bild caller gives us the Analysis type, which is a hashmap, but i need to
-# return a single drv, so just take the first one for now. ideally i would only
-# pass Target, one at a time, (perhaps parallelized in haskell land) and then i
-# wouldn't need all of this let nesting
+ in builders.${target.builder};
+ # the bild caller gives us the Analysis type, which is a hashmap, but i need to
+ # return a single drv, so just take the first one for now. ideally i would only
+ # pass Target, one at a time, (perhaps parallelized in haskell land) and then i
+ # wouldn't need all of this let nesting
in builtins.head (lib.attrsets.mapAttrsToList build analysis)
diff --git a/Biz/Bild/Constants.nix b/Biz/Bild/Constants.nix
index 800946d..35fd880 100644
--- a/Biz/Bild/Constants.nix
+++ b/Biz/Bild/Constants.nix
@@ -1,3 +1 @@
-{
- ghcCompiler = "ghc924";
-}
+{ ghcCompiler = "ghc924"; }
diff --git a/Biz/Bild/Deps.nix b/Biz/Bild/Deps.nix
index dcb7d50..bc4b638 100644
--- a/Biz/Bild/Deps.nix
+++ b/Biz/Bild/Deps.nix
@@ -2,53 +2,63 @@ _self: super:
with import ./Constants.nix;
let
- buildCabal = sel: name:
- sel.callCabal2nix name super.sources.${name} {};
- buildCabalSubdir = sel: {name, src ? super.sources.${name}, subdir ? name}:
- sel.callCabal2nix name (src + "/${subdir}") {};
-in rec
-{
+ buildCabal = sel: name: sel.callCabal2nix name super.sources.${name} { };
+ buildCabalSubdir = sel:
+ { name, src ? super.sources.${name}, subdir ? name }:
+ sel.callCabal2nix name (src + "/${subdir}") { };
+in rec {
haskell = super.haskell // {
packages = super.haskell.packages // {
- "${ghcCompiler}" = super.haskell.packages."${ghcCompiler}".override (_old: {
- overrides = with super.pkgs.haskell.lib; sel: sup:
- super.overridePinnedDeps (buildCabal sel) // {
- acid-state = dontCheck sup.acid-state; # mac: "too many open files"
- clay = doJailbreak sup.clay;
- envy = doJailbreak sup.envy;
- fast-tags = sup.fast-tags.overrideAttrs (old: old // { patches = []; });
- generic-data = dontCheck sup.generic-data; # https://github.com/Lysxia/generic-data/issues/56
- readable = doJailbreak sup.readable; # why is this even being built?
- servant-auth = doJailbreak (buildCabalSubdir sel {name = "servant-auth"; subdir = "servant-auth/servant-auth";});
- servant-server = doJailbreak sup.servant-server;
- stripe-core = doJailbreak sup.stripe-core;
- stripe-haskell = dontCheck sup.stripe-haskell;
- stripe-http-client = doJailbreak (dontCheck sup.stripe-http-client);
- temporary = dontCheck sup.temporary;
- wai-middleware-metrics = dontCheck sup.wai-middleware-metrics;
- };
- });
+ "${ghcCompiler}" = super.haskell.packages."${ghcCompiler}".override
+ (_old: {
+ overrides = with super.pkgs.haskell.lib;
+ sel: sup:
+ super.overridePinnedDeps (buildCabal sel) // {
+ acid-state =
+ dontCheck sup.acid-state; # mac: "too many open files"
+ clay = doJailbreak sup.clay;
+ envy = doJailbreak sup.envy;
+ fast-tags =
+ sup.fast-tags.overrideAttrs (old: old // { patches = [ ]; });
+ generic-data = dontCheck
+ sup.generic-data; # https://github.com/Lysxia/generic-data/issues/56
+ readable =
+ doJailbreak sup.readable; # why is this even being built?
+ servant-auth = doJailbreak (buildCabalSubdir sel {
+ name = "servant-auth";
+ subdir = "servant-auth/servant-auth";
+ });
+ servant-server = doJailbreak sup.servant-server;
+ stripe-core = doJailbreak sup.stripe-core;
+ stripe-haskell = dontCheck sup.stripe-haskell;
+ stripe-http-client =
+ doJailbreak (dontCheck sup.stripe-http-client);
+ temporary = dontCheck sup.temporary;
+ wai-middleware-metrics = dontCheck sup.wai-middleware-metrics;
+ };
+ });
};
};
python3 = super.python3.override {
- packageOverrides = _: pysuper: with pysuper.pkgs.python3Packages; {
- exllama = callPackage ./Deps/exllama.nix {
- cudaPackages = super.pkgs.cudaPackages_11_7;
+ packageOverrides = _: pysuper:
+ with pysuper.pkgs.python3Packages; {
+ exllama = callPackage ./Deps/exllama.nix {
+ cudaPackages = super.pkgs.cudaPackages_11_7;
+ };
+ interegular = callPackage ./Deps/interegular.nix { };
+ outlines = callPackage ./Deps/outlines.nix { };
+ perscache = callPackage ./Deps/perscache.nix { };
};
- interegular = callPackage ./Deps/interegular.nix {};
- outlines = callPackage ./Deps/outlines.nix {};
- perscache = callPackage ./Deps/perscache.nix {};
- };
};
python3Packages = python3.pkgs;
- autogen = super.callPackage ./Deps/autogen.nix {};
+ autogen = super.callPackage ./Deps/autogen.nix { };
guile = super.guile_3_0;
- guile-opengl = super.callPackage ./Deps/guile-opengl.nix {};
+ guile-opengl = super.callPackage ./Deps/guile-opengl.nix { };
# The libfive build is broken...
#inspekt3d = super.callPackage ./Deps/inspekt3d.nix {};
guix = super.pkgs.stdenv.mkDerivation rec {
@@ -58,13 +68,13 @@ in rec
src = super.sources.guix;
buildInputs = with super.pkgs; [
guile
- # guile-gcrypt
- # guile-sql
- # guile-zlib
- # guile-lzlib
- # guile-avahi
- # guile-git
- # guile-json
+ # guile-gcrypt
+ # guile-sql
+ # guile-zlib
+ # guile-lzlib
+ # guile-avahi
+ # guile-git
+ # guile-json
gnutls
gnumake
sqlite
@@ -73,7 +83,7 @@ in rec
];
};
- llama-cpp = super.callPackage ./Deps/llama-cpp.nix {};
+ llama-cpp = super.callPackage ./Deps/llama-cpp.nix { };
- nostr-rs-relay = super.callPackage ./Deps/nostr-rs-relay.nix {};
+ nostr-rs-relay = super.callPackage ./Deps/nostr-rs-relay.nix { };
}
diff --git a/Biz/Bild/Deps/C.nix b/Biz/Bild/Deps/C.nix
index 45cae1b..3f670cd 100644
--- a/Biz/Bild/Deps/C.nix
+++ b/Biz/Bild/Deps/C.nix
@@ -1,3 +1 @@
-[
- "libsodium"
-]
+[ "libsodium" ]
diff --git a/Biz/Bild/Deps/accelerate.nix b/Biz/Bild/Deps/accelerate.nix
index 5d00f14..be1d2fd 100644
--- a/Biz/Bild/Deps/accelerate.nix
+++ b/Biz/Bild/Deps/accelerate.nix
@@ -1,18 +1,10 @@
-{ fetchFromGitHub
-, buildPythonPackage
-, numpy
-, packaging
-, psutil
-, pyyaml
-, torch
+{ fetchFromGitHub, buildPythonPackage, numpy, packaging, psutil, pyyaml, torch
}:
buildPythonPackage rec {
name = "accelerate";
version = "0.15.0";
- propagatedBuildInputs = [
- numpy packaging psutil pyyaml torch
- ];
+ propagatedBuildInputs = [ numpy packaging psutil pyyaml torch ];
doCheck = false;
src = fetchFromGitHub {
owner = "huggingface";
diff --git a/Biz/Bild/Deps/autogen.nix b/Biz/Bild/Deps/autogen.nix
index b7b034d..fc95b14 100644
--- a/Biz/Bild/Deps/autogen.nix
+++ b/Biz/Bild/Deps/autogen.nix
@@ -1,5 +1,6 @@
# From: https://github.com/NixOS/nixpkgs/pull/139361
-{ lib, stdenv, buildPackages, fetchurl, fetchpatch, autoreconfHook, which, pkg-config, perl, guile, libxml2 }:
+{ lib, stdenv, buildPackages, fetchurl, fetchpatch, autoreconfHook, which
+, pkg-config, perl, guile, libxml2 }:
stdenv.mkDerivation rec {
pname = "autogen";
@@ -11,11 +12,12 @@ stdenv.mkDerivation rec {
};
patches = let
- dp = { ver ? "1%255.18.16-4", pname, name ? (pname + ".diff"), sha256 }: fetchurl {
- url = "https://salsa.debian.org/debian/autogen/-/raw/debian/${ver}"
+ dp = { ver ? "1%255.18.16-4", pname, name ? (pname + ".diff"), sha256 }:
+ fetchurl {
+ url = "https://salsa.debian.org/debian/autogen/-/raw/debian/${ver}"
+ "/debian/patches/${pname}.diff?inline=false";
- inherit name sha256;
- };
+ inherit name sha256;
+ };
in [
(dp {
pname = "20_no_Werror";
@@ -33,7 +35,8 @@ stdenv.mkDerivation rec {
# patch meanwhile.
(fetchpatch {
name = "guile-3.patch";
- url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-devel/autogen/files/autogen-5.18.16-guile-3.patch?id=43bcc61c56a5a7de0eaf806efec7d8c0e4c01ae7";
+ url =
+ "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-devel/autogen/files/autogen-5.18.16-guile-3.patch?id=43bcc61c56a5a7de0eaf806efec7d8c0e4c01ae7";
sha256 = "18d7y1f6164dm1wlh7rzbacfygiwrmbc35a7qqsbdawpkhydm5lr";
})
];
@@ -41,37 +44,37 @@ stdenv.mkDerivation rec {
outputs = [ "bin" "dev" "lib" "out" "man" "info" ];
nativeBuildInputs = [
- which pkg-config perl autoreconfHook/*patches applied*/
+ which
+ pkg-config
+ perl
+ autoreconfHook # patches applied
] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
# autogen needs a build autogen when cross-compiling
- buildPackages.buildPackages.autogen buildPackages.texinfo
- ];
- buildInputs = [
- guile libxml2
+ buildPackages.buildPackages.autogen
+ buildPackages.texinfo
];
+ buildInputs = [ guile libxml2 ];
preConfigure = ''
export MAN_PAGE_DATE=$(date '+%Y-%m-%d' -d "@$SOURCE_DATE_EPOCH")
'';
- configureFlags =
- [
- # Make sure to use a static value for the timeout. If we do not set a value
- # here autogen will select one based on the execution time of the configure
- # phase which is not really reproducible.
- #
- # If you are curious about the number 78, it has been cargo-culted from
- # Debian: https://salsa.debian.org/debian/autogen/-/blob/master/debian/rules#L21
- "--enable-timeout=78"
- ]
- ++ (lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
- "--with-libxml2=${libxml2.dev}"
- "--with-libxml2-cflags=-I${libxml2.dev}/include/libxml2"
- # the configure check for regcomp wants to run a host program
- "libopts_cv_with_libregex=yes"
- #"MAKEINFO=${buildPackages.texinfo}/bin/makeinfo"
- ])
- # See: https://sourceforge.net/p/autogen/bugs/187/
+ configureFlags = [
+ # Make sure to use a static value for the timeout. If we do not set a value
+ # here autogen will select one based on the execution time of the configure
+ # phase which is not really reproducible.
+ #
+ # If you are curious about the number 78, it has been cargo-culted from
+ # Debian: https://salsa.debian.org/debian/autogen/-/blob/master/debian/rules#L21
+ "--enable-timeout=78"
+ ] ++ (lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
+ "--with-libxml2=${libxml2.dev}"
+ "--with-libxml2-cflags=-I${libxml2.dev}/include/libxml2"
+ # the configure check for regcomp wants to run a host program
+ "libopts_cv_with_libregex=yes"
+ #"MAKEINFO=${buildPackages.texinfo}/bin/makeinfo"
+ ])
+ # See: https://sourceforge.net/p/autogen/bugs/187/
++ lib.optionals stdenv.isDarwin [ "ac_cv_func_utimensat=no" ];
#doCheck = true; # not reliable
diff --git a/Biz/Bild/Deps/bitsandbytes.nix b/Biz/Bild/Deps/bitsandbytes.nix
index b87c0c4..eb32aac 100644
--- a/Biz/Bild/Deps/bitsandbytes.nix
+++ b/Biz/Bild/Deps/bitsandbytes.nix
@@ -1,16 +1,5 @@
-{ lib
-, buildPythonPackage
-, fetchFromGitHub
-, python
-, pythonOlder
-, pytestCheckHook
-, setuptools
-, torch
-, einops
-, lion-pytorch
-, scipy
-, symlinkJoin
-}:
+{ lib, buildPythonPackage, fetchFromGitHub, python, pythonOlder, pytestCheckHook
+, setuptools, torch, einops, lion-pytorch, scipy, symlinkJoin }:
let
pname = "bitsandbytes";
@@ -31,10 +20,11 @@ let
cuda-native-redist = symlinkJoin {
name = "cuda-native-redist-${cudaVersion}";
- paths = with cudaPackages; [
- cuda_cudart # cuda_runtime.h cuda_runtime_api.h
- cuda_nvcc
- ] ++ cuda-common-redist;
+ paths = with cudaPackages;
+ [
+ cuda_cudart # cuda_runtime.h cuda_runtime_api.h
+ cuda_nvcc
+ ] ++ cuda-common-redist;
};
cuda-redist = symlinkJoin {
@@ -42,8 +32,7 @@ let
paths = cuda-common-redist;
};
-in
-buildPythonPackage {
+in buildPythonPackage {
inherit pname version;
format = "pyproject";
@@ -70,24 +59,23 @@ buildPythonPackage {
preBuild = if torch.cudaSupport then
with torch.cudaPackages;
- let cudaVersion = lib.concatStrings (lib.splitVersion torch.cudaPackages.cudaMajorMinorVersion); in
- ''make CUDA_VERSION=${cudaVersion} cuda${cudaMajorVersion}x''
+ let
+ cudaVersion = lib.concatStrings
+ (lib.splitVersion torch.cudaPackages.cudaMajorMinorVersion);
+ in "make CUDA_VERSION=${cudaVersion} cuda${cudaMajorVersion}x"
else
- ''make CUDA_VERSION=CPU cpuonly'';
+ "make CUDA_VERSION=CPU cpuonly";
- nativeBuildInputs = [ setuptools ] ++ lib.optionals torch.cudaSupport [ cuda-native-redist ];
+ nativeBuildInputs = [ setuptools ]
+ ++ lib.optionals torch.cudaSupport [ cuda-native-redist ];
buildInputs = lib.optionals torch.cudaSupport [ cuda-redist ];
- propagatedBuildInputs = [
- torch
- ];
+ propagatedBuildInputs = [ torch ];
- doCheck = false; # tests require CUDA and also GPU access
+ doCheck = false; # tests require CUDA and also GPU access
nativeCheckInputs = [ pytestCheckHook einops lion-pytorch scipy ];
- pythonImportsCheck = [
- "bitsandbytes"
- ];
+ pythonImportsCheck = [ "bitsandbytes" ];
meta = with lib; {
homepage = "https://github.com/TimDettmers/bitsandbytes";
diff --git a/Biz/Bild/Deps/exllama.nix b/Biz/Bild/Deps/exllama.nix
index 1f7e529..51a05e9 100644
--- a/Biz/Bild/Deps/exllama.nix
+++ b/Biz/Bild/Deps/exllama.nix
@@ -1,14 +1,6 @@
-{ lib
-, sources
-, buildPythonPackage
-, pythonOlder
+{ lib, sources, buildPythonPackage, pythonOlder
, torch # tested on 2.0.1 and 2.1.0 (nightly) with cu118
-, safetensors
-, sentencepiece
-, ninja
-, cudaPackages
-, addOpenGLRunpath
-, which
+, safetensors, sentencepiece, ninja, cudaPackages, addOpenGLRunpath, which
, gcc11 # cuda 11.7 requires g++ <12
}:
@@ -36,12 +28,10 @@ buildPythonPackage rec {
cudaPackages.cuda_cudart
];
- propagatedBuildInputs = [
- torch safetensors sentencepiece ninja
- cudaPackages.cudatoolkit
- ];
+ propagatedBuildInputs =
+ [ torch safetensors sentencepiece ninja cudaPackages.cudatoolkit ];
- doCheck = false; # no tests currently
+ doCheck = false; # no tests currently
pythonImportsCheck = [
"exllama"
"exllama.cuda_ext"
diff --git a/Biz/Bild/Deps/guile-opengl.nix b/Biz/Bild/Deps/guile-opengl.nix
index 34019d5..d547042 100644
--- a/Biz/Bild/Deps/guile-opengl.nix
+++ b/Biz/Bild/Deps/guile-opengl.nix
@@ -1,12 +1,4 @@
-{ stdenv
-, lib
-, fetchurl
-, pkgconfig
-, guile
-, libGL
-, libGLU
-, freeglut
-}:
+{ stdenv, lib, fetchurl, pkgconfig, guile, libGL, libGLU, freeglut }:
let
name = "guile-opengl-${version}";
diff --git a/Biz/Bild/Deps/inspekt3d.nix b/Biz/Bild/Deps/inspekt3d.nix
index 78393ee..d1cf60e 100644
--- a/Biz/Bild/Deps/inspekt3d.nix
+++ b/Biz/Bild/Deps/inspekt3d.nix
@@ -1,15 +1,5 @@
-{ stdenv
-, lib
-, autoreconfHook
-, pkgconfig
-, guile
-, guile-opengl
-, mesa
-, glibcLocales
-, libfive
-, sources
-}:
-
+{ stdenv, lib, autoreconfHook, pkgconfig, guile, guile-opengl, mesa
+, glibcLocales, libfive, sources }:
stdenv.mkDerivation {
name = "inspekt3d-unstable";
diff --git a/Biz/Bild/Deps/interegular.nix b/Biz/Bild/Deps/interegular.nix
index 8b0bc86..24065d8 100644
--- a/Biz/Bild/Deps/interegular.nix
+++ b/Biz/Bild/Deps/interegular.nix
@@ -1,7 +1,4 @@
-{ lib
-, sources
-, buildPythonPackage
-}:
+{ lib, sources, buildPythonPackage }:
buildPythonPackage rec {
pname = "interegular";
@@ -12,10 +9,8 @@ buildPythonPackage rec {
propagatedBuildInputs = [ ];
- doCheck = false; # no tests currently
- pythonImportsCheck = [
- "interegular"
- ];
+ doCheck = false; # no tests currently
+ pythonImportsCheck = [ "interegular" ];
meta = with lib; {
description = "Allows to check regexes for overlaps.";
diff --git a/Biz/Bild/Deps/lion-pytorch.nix b/Biz/Bild/Deps/lion-pytorch.nix
index e23011a..7b06e78 100644
--- a/Biz/Bild/Deps/lion-pytorch.nix
+++ b/Biz/Bild/Deps/lion-pytorch.nix
@@ -1,9 +1,4 @@
-{ lib
-, buildPythonPackage
-, pythonOlder
-, fetchFromGitHub
-, torch
-}:
+{ lib, buildPythonPackage, pythonOlder, fetchFromGitHub, torch }:
buildPythonPackage rec {
pname = "lion-pytorch";
@@ -21,7 +16,7 @@ buildPythonPackage rec {
propagatedBuildInputs = [ torch ];
pythonImportsCheck = [ "lion_pytorch" ];
- doCheck = false; # no tests currently
+ doCheck = false; # no tests currently
meta = with lib; {
description = "Optimizer tuned by Google Brain using genetic algorithms";
diff --git a/Biz/Bild/Deps/llama-cpp.nix b/Biz/Bild/Deps/llama-cpp.nix
index b247252..2e2aae7 100644
--- a/Biz/Bild/Deps/llama-cpp.nix
+++ b/Biz/Bild/Deps/llama-cpp.nix
@@ -1,13 +1,5 @@
-{ stdenv
-, sources
-, python3
-, cmake
-, pkgconfig
-, openmpi
-, cudaPackages
-}:
-let
- llama-python = python3.withPackages (ps: with ps; [ numpy sentencepiece ]);
+{ stdenv, sources, python3, cmake, pkgconfig, openmpi, cudaPackages }:
+let llama-python = python3.withPackages (ps: with ps; [ numpy sentencepiece ]);
in stdenv.mkDerivation {
name = "llama.cpp";
version = sources.llama-cpp.rev;
diff --git a/Biz/Bild/Deps/nostr-rs-relay.nix b/Biz/Bild/Deps/nostr-rs-relay.nix
index bb0a1cd..0eef13f 100644
--- a/Biz/Bild/Deps/nostr-rs-relay.nix
+++ b/Biz/Bild/Deps/nostr-rs-relay.nix
@@ -13,10 +13,7 @@ rustPlatform.buildRustPackage rec {
cargoSha256 = "sha256-3593pjc4A4NsEnE/ZYsR1vSMCvw2ZJue4EIY6cFa2WA=";
- nativeBuildInputs = [
- pkg-config
- openssl.dev
- ];
+ nativeBuildInputs = [ pkg-config openssl.dev ];
buildInputs = [ openssl.dev ];
}
diff --git a/Biz/Bild/Deps/outlines.nix b/Biz/Bild/Deps/outlines.nix
index 013581b..29ef41b 100644
--- a/Biz/Bild/Deps/outlines.nix
+++ b/Biz/Bild/Deps/outlines.nix
@@ -1,18 +1,5 @@
-{ lib
-, sources
-, buildPythonPackage
-, interegular
-, jinja2
-, lark
-, numpy
-, perscache
-, pillow
-, pydantic
-, regex
-, scipy
-, tenacity
-, torch
-}:
+{ lib, sources, buildPythonPackage, interegular, jinja2, lark, numpy, perscache
+, pillow, pydantic, regex, scipy, tenacity, torch }:
buildPythonPackage rec {
pname = "outlines";
@@ -35,10 +22,8 @@ buildPythonPackage rec {
torch
];
- doCheck = false; # no tests currently
- pythonImportsCheck = [
- "outlines"
- ];
+ doCheck = false; # no tests currently
+ pythonImportsCheck = [ "outlines" ];
meta = with lib; {
description = "Probabilistic Generative Model Programming";
diff --git a/Biz/Bild/Deps/perscache.nix b/Biz/Bild/Deps/perscache.nix
index d757e1a..508a261 100644
--- a/Biz/Bild/Deps/perscache.nix
+++ b/Biz/Bild/Deps/perscache.nix
@@ -1,11 +1,4 @@
-{ lib
-, sources
-, buildPythonPackage
-, beartype
-, cloudpickle
-, icontract
-, pbr
-}:
+{ lib, sources, buildPythonPackage, beartype, cloudpickle, icontract, pbr }:
buildPythonPackage rec {
pname = "perscache";
@@ -13,18 +6,11 @@ buildPythonPackage rec {
src = sources.perscache;
- propagatedBuildInputs = [
- beartype
- cloudpickle
- icontract
- pbr
- ];
+ propagatedBuildInputs = [ beartype cloudpickle icontract pbr ];
PBR_VERSION = version;
- doCheck = false; # no tests currently
- pythonImportsCheck = [
- "perscache"
- ];
+ doCheck = false; # no tests currently
+ pythonImportsCheck = [ "perscache" ];
meta = with lib; {
description = ''
diff --git a/Biz/Bild/Nixpkgs.nix b/Biz/Bild/Nixpkgs.nix
index dff44a0..ecf50b9 100644
--- a/Biz/Bild/Nixpkgs.nix
+++ b/Biz/Bild/Nixpkgs.nix
@@ -13,9 +13,9 @@ in import sources.nixpkgs-stable {
inherit system config;
overlays = [
(_: _: { inherit sources; })
- (_: _: { unstable = import sources.nixpkgs-unstable {
- inherit system config;
- };})
+ (_: _: {
+ unstable = import sources.nixpkgs-unstable { inherit system config; };
+ })
(_: pkgs: {
# Given a generic `builder`, will generate an attrset for all the packages
# pinned by `deps` with `builder` applied to the package. This attrset can
@@ -29,16 +29,18 @@ in import sources.nixpkgs-stable {
# rules. This will fail if build steps have changed, or if no build
# rules are available upstream.
overrideSource = depName:
- pkgs.${depName}.overrideAttrs (old: old // rec {
- version = pkgs.sources.${depName}.version or pkgs.sources.${depName}.rev;
- src = pkgs.sources.${depName};
- });
+ pkgs.${depName}.overrideAttrs (old:
+ old // rec {
+ version =
+ pkgs.sources.${depName}.version or pkgs.sources.${depName}.rev;
+ src = pkgs.sources.${depName};
+ });
})
(_: pkgs:
# override pinned deps with our sources
pkgs.overridePinnedDeps pkgs.overrideSource)
(import ./Deps.nix)
- (_: pkgs: { niv = import pkgs.sources.niv {}; })
+ (_: pkgs: { niv = import pkgs.sources.niv { }; })
];
}
diff --git a/Biz/Bild/Sources.nix b/Biz/Bild/Sources.nix
index 927683a..f7af81e 100644
--- a/Biz/Bild/Sources.nix
+++ b/Biz/Bild/Sources.nix
@@ -7,42 +7,59 @@ let
#
fetch_file = pkgs: name: spec:
- let
- name' = sanitizeName name + "-src";
- in
- if spec.builtin or true then
- builtins_fetchurl { inherit (spec) url sha256; name = name'; }
- else
- pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
+ let name' = sanitizeName name + "-src";
+ in if spec.builtin or true then
+ builtins_fetchurl {
+ inherit (spec) url sha256;
+ name = name';
+ }
+ else
+ pkgs.fetchurl {
+ inherit (spec) url sha256;
+ name = name';
+ };
fetch_tarball = pkgs: name: spec:
- let
- name' = sanitizeName name + "-src";
- in
- if spec.builtin or true then
- builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
- else
- pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
+ let name' = sanitizeName name + "-src";
+ in if spec.builtin or true then
+ builtins_fetchTarball {
+ name = name';
+ inherit (spec) url sha256;
+ }
+ else
+ pkgs.fetchzip {
+ name = name';
+ inherit (spec) url sha256;
+ };
fetch_git = name: spec:
let
- ref =
- if spec ? ref then spec.ref else
- if spec ? branch then "refs/heads/${spec.branch}" else
- if spec ? tag then "refs/tags/${spec.tag}" else
- abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
- in
- builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; };
+ ref = if spec ? ref then
+ spec.ref
+ else if spec ? branch then
+ "refs/heads/${spec.branch}"
+ else if spec ? tag then
+ "refs/tags/${spec.tag}"
+ else
+ abort
+ "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
+ in builtins.fetchGit {
+ url = spec.repo;
+ inherit (spec) rev;
+ inherit ref;
+ };
fetch_local = spec: spec.path;
- fetch_builtin-tarball = name: throw
- ''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
- $ niv modify ${name} -a type=tarball -a builtin=true'';
+ fetch_builtin-tarball = name:
+ throw ''
+ [${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
+ $ niv modify ${name} -a type=tarball -a builtin=true'';
- fetch_builtin-url = name: throw
- ''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
- $ niv modify ${name} -a type=file -a builtin=true'';
+ fetch_builtin-url = name:
+ throw ''
+ [${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
+ $ niv modify ${name} -a type=file -a builtin=true'';
#
# Various helpers
@@ -50,72 +67,87 @@ let
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
sanitizeName = name:
- (
- concatMapStrings (s: if builtins.isList s then "-" else s)
- (
- builtins.split "[^[:alnum:]+._?=-]+"
- ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
- )
- );
+ (concatMapStrings (s: if builtins.isList s then "-" else s)
+ (builtins.split "[^[:alnum:]+._?=-]+"
+ ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)));
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: system:
let
- sourcesNixpkgs =
- import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; };
+ sourcesNixpkgs = import
+ (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) {
+ inherit system;
+ };
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
- in
- if builtins.hasAttr "nixpkgs" sources
- then sourcesNixpkgs
- else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
- import <nixpkgs> {}
- else
- abort
- ''
- Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
- add a package called "nixpkgs" to your sources.json.
- '';
+ in if builtins.hasAttr "nixpkgs" sources then
+ sourcesNixpkgs
+ else if hasNixpkgsPath && !hasThisAsNixpkgsPath then
+ import <nixpkgs> { }
+ else
+ abort ''
+ Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
+ add a package called "nixpkgs" to your sources.json.
+ '';
# The actual fetching function.
fetch = pkgs: name: spec:
- if ! builtins.hasAttr "type" spec then
+ if !builtins.hasAttr "type" spec then
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
- else if spec.type == "file" then fetch_file pkgs name spec
- else if spec.type == "tarball" then fetch_tarball pkgs name spec
- else if spec.type == "git" then fetch_git name spec
- else if spec.type == "local" then fetch_local spec
- else if spec.type == "builtin-tarball" then fetch_builtin-tarball name
- else if spec.type == "builtin-url" then fetch_builtin-url name
+ else if spec.type == "file" then
+ fetch_file pkgs name spec
+ else if spec.type == "tarball" then
+ fetch_tarball pkgs name spec
+ else if spec.type == "git" then
+ fetch_git name spec
+ else if spec.type == "local" then
+ fetch_local spec
+ else if spec.type == "builtin-tarball" then
+ fetch_builtin-tarball name
+ else if spec.type == "builtin-url" then
+ fetch_builtin-url name
else
- abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
+ abort
+ "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# If the environment variable NIV_OVERRIDE_${name} is set, then use
# the path directly as opposed to the fetched source.
replace = name: drv:
let
- saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
+ saneName = stringAsChars
+ (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
- in
- if ersatz == "" then drv else
- # this turns the string into an actual Nix path (for both absolute and
- # relative paths)
- if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
+ in if ersatz == "" then
+ drv
+ else
+ # this turns the string into an actual Nix path (for both absolute and
+ # relative paths)
+ if builtins.substring 0 1 ersatz == "/" then
+ /. + ersatz
+ else
+ /. + builtins.getEnv "PWD" + "/${ersatz}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
- mapAttrs = builtins.mapAttrs or (
- f: set: with builtins;
- listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set))
- );
+ mapAttrs = builtins.mapAttrs or (f: set:
+ with builtins;
+ listToAttrs (map (attr: {
+ name = attr;
+ value = f attr set.${attr};
+ }) (attrNames set)));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
- range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1);
+ range = first: last:
+ if first > last then
+ [ ]
+ else
+ builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
- stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
+ stringToCharacters = s:
+ map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
@@ -123,48 +155,46 @@ let
concatStrings = builtins.concatStringsSep "";
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
- optionalAttrs = cond: as: if cond then as else {};
+ optionalAttrs = cond: as: if cond then as else { };
# fetchTarball version that is compatible between all the versions of Nix
# deadnix: skip
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
- let
- inherit (builtins) lessThan nixVersion fetchTarball;
- in
- if lessThan nixVersion "1.12" then
- fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
- else
- fetchTarball attrs;
+ let inherit (builtins) lessThan nixVersion fetchTarball;
+ in if lessThan nixVersion "1.12" then
+ fetchTarball
+ ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
+ else
+ fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
# deadnix: skip
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
- let
- inherit (builtins) lessThan nixVersion fetchurl;
- in
- if lessThan nixVersion "1.12" then
- fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
- else
- fetchurl attrs;
+ let inherit (builtins) lessThan nixVersion fetchurl;
+ in if lessThan nixVersion "1.12" then
+ fetchurl
+ ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
+ else
+ fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
- mapAttrs (
- name: spec:
- if builtins.hasAttr "outPath" spec
- then abort
- "The values in sources.json should not have an 'outPath' attribute"
- else
- spec // { outPath = replace name (fetch config.pkgs name spec); }
- ) config.sources;
+ mapAttrs (name: spec:
+ if builtins.hasAttr "outPath" spec then
+ abort
+ "The values in sources.json should not have an 'outPath' attribute"
+ else
+ spec // { outPath = replace name (fetch config.pkgs name spec); })
+ config.sources;
# The "config" used by the fetchers
- mkConfig =
- { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
- , sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile)
- , system ? builtins.currentSystem
- , pkgs ? mkPkgs sources system
- }: rec {
+ mkConfig = { sourcesFile ?
+ if builtins.pathExists ./sources.json then ./sources.json else null
+ , sources ? if isNull sourcesFile then
+ { }
+ else
+ builtins.fromJSON (builtins.readFile sourcesFile)
+ , system ? builtins.currentSystem, pkgs ? mkPkgs sources system }: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
@@ -172,5 +202,6 @@ let
inherit pkgs;
};
-in
-mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); }
+in mkSources (mkConfig { }) // {
+ __functor = _: settings: mkSources (mkConfig settings);
+}
diff --git a/Biz/Bot.nix b/Biz/Bot.nix
index afd5eb4..3b7710b 100644
--- a/Biz/Bot.nix
+++ b/Biz/Bot.nix
@@ -1,14 +1,7 @@
-{ options
-, lib
-, config
-, pkgs
-, ...
-}:
+{ options, lib, config, pkgs, ... }:
-let
- cfg = config.services.bizbot;
-in
-{
+let cfg = config.services.bizbot;
+in {
options.services.bizbot = {
enable = lib.mkEnableOption "Enable the bizbot service";
package = lib.mkOption {
diff --git a/Biz/Cloud.nix b/Biz/Cloud.nix
index 1ae94ac..b379943 100644
--- a/Biz/Cloud.nix
+++ b/Biz/Cloud.nix
@@ -1,4 +1,4 @@
-{ nixpkgs ? import ./Bild.nix {} }:
+{ nixpkgs ? import ./Bild.nix { } }:
with nixpkgs;
# Cloud infrastructure, always online. Mostly for messaging-related stuff.
diff --git a/Biz/Cloud/Cgit.nix b/Biz/Cloud/Cgit.nix
index 0b3a71b..23fa00f 100644
--- a/Biz/Cloud/Cgit.nix
+++ b/Biz/Cloud/Cgit.nix
@@ -4,20 +4,21 @@ with lib;
let
globalConfig = config;
settingsFormat = {
- type = with lib.types; let
- value = oneOf [ int str ] // {
- description = "INI-like atom (int or string)";
- };
- values = coercedTo value lib.singleton (listOf value) // {
- description = value.description + " or a list of them for duplicate keys";
- };
- in
- attrsOf (values);
+ type = with lib.types;
+ let
+ value = oneOf [ int str ] // {
+ description = "INI-like atom (int or string)";
+ };
+ values = coercedTo value lib.singleton (listOf value) // {
+ description = value.description
+ + " or a list of them for duplicate keys";
+ };
+ in attrsOf (values);
generate = name: values:
- pkgs.writeText name (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values);
+ pkgs.writeText name
+ (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values);
};
-in
-{
+in {
options.services.nginx.virtualHosts = mkOption {
type = types.attrsOf (types.submodule ({ config, ... }:
let
@@ -48,8 +49,7 @@ in
# Remove the global options for serialization into cgitrc
settings = removeAttrs cfg (attrNames options);
- in
- {
+ in {
options.cgit = mkOption {
type = types.submodule {
freeformType = settingsFormat.type;
@@ -86,60 +86,49 @@ in
'';
};
- config = let
- location = removeSuffix "/" cfg.location;
+ config = let location = removeSuffix "/" cfg.location;
in mkIf cfg.enable {
locations."${location}/" = {
root = "${pkgs.cgit}/cgit/";
tryFiles = "$uri @cgit";
};
- locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = {
- alias = "${pkgs.cgit}/cgit/$1";
- };
+ locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" =
+ {
+ alias = "${pkgs.cgit}/cgit/$1";
+ };
locations."@cgit" = {
extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
- fastcgi_param CGIT_CONFIG ${settingsFormat.generate "cgitrc" settings};
+ fastcgi_param CGIT_CONFIG ${
+ settingsFormat.generate "cgitrc" settings
+ };
fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress};
- '' + (
- if cfg.location == "/"
- then
- ''
- fastcgi_param PATH_INFO $uri;
- ''
- else
- ''
- fastcgi_split_path_info ^(${location}/)(/?.+)$;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- ''
- ) + (
- if !cfg.allowCrawlers
- then
- ''
- add_header X-Robots-Tag "noindex, follow" always;
- ''
- else ""
- );
+ '' + (if cfg.location == "/" then ''
+ fastcgi_param PATH_INFO $uri;
+ '' else ''
+ fastcgi_split_path_info ^(${location}/)(/?.+)$;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ '') + (if !cfg.allowCrawlers then ''
+ add_header X-Robots-Tag "noindex, follow" always;
+ '' else
+ "");
};
};
}));
};
- config =
- let
- vhosts = config.services.nginx.virtualHosts;
- in
- mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) {
- # make the cgitrc manpage available
- environment.systemPackages = [ pkgs.cgit ];
+ config = let vhosts = config.services.nginx.virtualHosts;
+ in mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) {
+ # make the cgitrc manpage available
+ environment.systemPackages = [ pkgs.cgit ];
- services.fcgiwrap.enable = true;
- };
+ services.fcgiwrap.enable = true;
+ };
meta = {
maintainers = with lib.maintainers; [ bsima ]; # afix-space hmenke ];
diff --git a/Biz/Cloud/Chat.nix b/Biz/Cloud/Chat.nix
index be856d8..7f86621 100644
--- a/Biz/Cloud/Chat.nix
+++ b/Biz/Cloud/Chat.nix
@@ -24,21 +24,17 @@ in {
enable = false;
settings.server_name = config.networking.domain;
#registration_shared_secret = "AkGRWSQLga3RoKRFnHhKoeCEIeZzu31y4TRzMRkMyRbBnETkVTSxilf24qySLzQn";
- settings.listeners = [
- {
- port = matrix_port;
- bind_address = "::1";
- type = "http";
- tls = false;
- x_forwarded = true;
- resources = [
- {
- names = [ "client" "federation" ];
- compress = false;
- }
- ];
- }
- ];
+ settings.listeners = [{
+ port = matrix_port;
+ bind_address = "::1";
+ type = "http";
+ tls = false;
+ x_forwarded = true;
+ resources = [{
+ names = [ "client" "federation" ];
+ compress = false;
+ }];
+ }];
};
# matrix needs a database
#
@@ -55,23 +51,21 @@ in {
# route to matrix-synapse
"${config.networking.domain}" = {
locations."= /.well-known/matrix/server".extraConfig =
- let
- server = { "m.server" = "${fqdn}:443"; };
+ let server = { "m.server" = "${fqdn}:443"; };
in ''
add_header Content-Type application/json;
return 200 '${builtins.toJSON server}';
'';
- locations."= /.well-known/matrix/client".extraConfig =
- let
- client = {
- "m.homeserver" = { "base_url" = "https://${fqdn}"; } ;
- "m.identity_server" = { "base_url" = "https://vector.im"; };
- };
- in ''
- add_header Content-Type application/json;
- add_header Access-Control-Allow-Origin *;
- return 200 '${builtins.toJSON client}';
- '';
+ locations."= /.well-known/matrix/client".extraConfig = let
+ client = {
+ "m.homeserver" = { "base_url" = "https://${fqdn}"; };
+ "m.identity_server" = { "base_url" = "https://vector.im"; };
+ };
+ in ''
+ add_header Content-Type application/json;
+ add_header Access-Control-Allow-Origin *;
+ return 200 '${builtins.toJSON client}';
+ '';
};
# reverse proxy for matrix client-server and server-server communication
"${fqdn}" = {
diff --git a/Biz/Cloud/Comms.nix b/Biz/Cloud/Comms.nix
index 700296d..bf7a763 100644
--- a/Biz/Cloud/Comms.nix
+++ b/Biz/Cloud/Comms.nix
@@ -1,8 +1,5 @@
{ ... }:
{
- imports = [
- ./Comms/Xmpp.nix
- ./Comms/Mumble.nix
- ];
+ imports = [ ./Comms/Xmpp.nix ./Comms/Mumble.nix ];
}
diff --git a/Biz/Cloud/Comms/Mumble.nix b/Biz/Cloud/Comms/Mumble.nix
index d728a07..66d21a5 100644
--- a/Biz/Cloud/Comms/Mumble.nix
+++ b/Biz/Cloud/Comms/Mumble.nix
@@ -1,8 +1,7 @@
{ config, ... }:
# mumble and related services
-let
- ports = import ../Ports.nix;
+let ports = import ../Ports.nix;
in {
services.murmur = {
enable = true;
@@ -20,9 +19,7 @@ in {
listening_addr = "127.0.0.1";
listening_port = ports.botamusique;
};
- radio = {
- lofi = "https://live.hunter.fm/lofi_high";
- };
+ radio = { lofi = "https://live.hunter.fm/lofi_high"; };
};
};
}
diff --git a/Biz/Cloud/Comms/Xmpp.nix b/Biz/Cloud/Comms/Xmpp.nix
index af52f3f..ad8649b 100644
--- a/Biz/Cloud/Comms/Xmpp.nix
+++ b/Biz/Cloud/Comms/Xmpp.nix
@@ -11,22 +11,19 @@ let
in {
networking.firewall.allowedTCPPorts = [
# https://prosody.im/doc/ports
- 5000 # file transfer
- 5222 # client connections
- 5269 # server-to-server
- 5280 # http
- 5281 # https
- 5347 # external components
- 5582 # telnet console
+ 5000 # file transfer
+ 5222 # client connections
+ 5269 # server-to-server
+ 5280 # http
+ 5281 # https
+ 5347 # external components
+ 5582 # telnet console
];
services.prosody = {
enable = true;
- package = pkgs.prosody.override {
- withCommunityModules = [
- "conversejs"
- ];
- };
+ package =
+ pkgs.prosody.override { withCommunityModules = [ "conversejs" ]; };
# when i learn how to use security.acme better, and use separate certs, then i
# can fix this group
@@ -36,7 +33,7 @@ in {
inherit ssl;
uploadHttp = {
domain = "upload.${rootDomain}";
- uploadExpireAfter = toString (60*60*24*30); # 30 days, as seconds
+ uploadExpireAfter = toString (60 * 60 * 24 * 30); # 30 days, as seconds
};
modules = {
@@ -129,9 +126,7 @@ in {
};
};
- services.prosody-filer = {
- enable = true;
- };
+ services.prosody-filer = { enable = true; };
services.nginx.virtualHosts."${rootDomain}".locations = {
"/http-bind" = {
diff --git a/Biz/Cloud/Git.nix b/Biz/Cloud/Git.nix
index 6e3d8c8..3ef4530 100644
--- a/Biz/Cloud/Git.nix
+++ b/Biz/Cloud/Git.nix
@@ -67,12 +67,15 @@ in {
];
jvmOpts = [
# https://stackoverflow.com/a/71817404
- "--add-opens" "java.base/java.lang=ALL-UNNAMED"
- "--add-opens" "java.base/java.util=ALL-UNNAMED"
+ "--add-opens"
+ "java.base/java.lang=ALL-UNNAMED"
+ "--add-opens"
+ "java.base/java.util=ALL-UNNAMED"
];
plugins = [
(pkgs.fetchurl {
- url = "https://github.com/davido/gerrit-oauth-provider/releases/download/v3.5.1/gerrit-oauth-provider.jar";
+ url =
+ "https://github.com/davido/gerrit-oauth-provider/releases/download/v3.5.1/gerrit-oauth-provider.jar";
sha256 = "sha256-MS3ElMRUrBX4miiflepMETRK3SaASqpqO3nUn9kq3Gk=";
})
];
@@ -81,14 +84,16 @@ in {
settings = {
auth.type = "OAUTH";
auth.gitBasicAuthPolicy = "HTTP";
- download.command = [ "checkout" "cherry_pick" "pull" "format_patch"];
+ download.command = [ "checkout" "cherry_pick" "pull" "format_patch" ];
gerrit.canonicalWebUrl = "https://gerrit.${domain}";
- httpd.listenUrl = "proxy-https://${config.services.gerrit.listenAddress}";
+ httpd.listenUrl =
+ "proxy-https://${config.services.gerrit.listenAddress}";
plugin.gerrit-oauth-provider-github-oauth = {
root-url = "https://github.com";
client-id = "e48084aa0eebe31a2b18";
};
- sshd.advertisedAddress = "gerrit.${domain}:${toString ports.gerrit-ssh}";
+ sshd.advertisedAddress =
+ "gerrit.${domain}:${toString ports.gerrit-ssh}";
sshd.listenAddress = "[::]:${toString ports.gerrit-ssh}";
};
};
@@ -114,7 +119,5 @@ in {
};
"nginx".extraGroups = [ "git" ];
};
- users.groups = {
- gitDaemon = {};
- };
+ users.groups = { gitDaemon = { }; };
}
diff --git a/Biz/Cloud/Gmnisrv.nix b/Biz/Cloud/Gmnisrv.nix
index 2f7672b..e2a66f6 100644
--- a/Biz/Cloud/Gmnisrv.nix
+++ b/Biz/Cloud/Gmnisrv.nix
@@ -1,11 +1,6 @@
-{ lib
-, config
-, pkgs
-, ...
-}:
+{ lib, config, pkgs, ... }:
-let
- cfg = config.services.gmnisrv;
+let cfg = config.services.gmnisrv;
in {
meta.maintainers = [ lib.maintainers.bsima ];
options.services.gmnisrv = {
@@ -20,9 +15,7 @@ in {
Configuration for gmnisrv. See gmnisrv.ini(5) for supported settings.
'';
default = {
- ":tls" = {
- "store" = lib.mkDefault "${cfg.dataDir}/certs";
- };
+ ":tls" = { "store" = lib.mkDefault "${cfg.dataDir}/certs"; };
};
};
dataDir = lib.mkOption {
@@ -36,10 +29,12 @@ in {
description = "gmnisrv service";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
- script = let ini = lib.generators.toINIWithGlobalSection {} {
- globalSection = {"listen" = cfg.listen;};
- sections = cfg.settings;
- }; in "${pkgs.gmnisrv}/bin/gmnisrv -C ${ini}";
+ script = let
+ ini = lib.generators.toINIWithGlobalSection { } {
+ globalSection = { "listen" = cfg.listen; };
+ sections = cfg.settings;
+ };
+ in "${pkgs.gmnisrv}/bin/gmnisrv -C ${ini}";
};
};
}
diff --git a/Biz/Cloud/Hardware.nix b/Biz/Cloud/Hardware.nix
index ab775dc..8fdbd4e 100644
--- a/Biz/Cloud/Hardware.nix
+++ b/Biz/Cloud/Hardware.nix
@@ -1,7 +1,9 @@
-{ modulesPath, ... }:
-{
+{ modulesPath, ... }: {
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub.device = "/dev/vda";
boot.initrd.kernelModules = [ "nvme" ];
- fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
+ fileSystems."/" = {
+ device = "/dev/vda1";
+ fsType = "ext4";
+ };
}
diff --git a/Biz/Cloud/Hub.nix b/Biz/Cloud/Hub.nix
index bc346a8..39bbdd0 100644
--- a/Biz/Cloud/Hub.nix
+++ b/Biz/Cloud/Hub.nix
@@ -11,7 +11,7 @@ let
inherit settings;
};
motdFile = pkgs.writeText "motd" ''
- Meshheads write code.
+ Meshheads write code.
'';
rulesFile = pkgs.writeText "rules" ''
1. x
diff --git a/Biz/Cloud/Mail.nix b/Biz/Cloud/Mail.nix
index 4ff3fd6..fa99cf3 100644
--- a/Biz/Cloud/Mail.nix
+++ b/Biz/Cloud/Mail.nix
@@ -1,13 +1,10 @@
{ ... }:
-/*
-
-Known issues:
-
-- when the acme cert gets refreshed, you need to manually restart dovecot
-- when restarting dovecot, it might hang, in that case do:
- systemctl --job-mode=ignore-dependencies restart dovecot2 postfix
+/* Known issues:
+ - when the acme cert gets refreshed, you need to manually restart dovecot
+ - when restarting dovecot, it might hang, in that case do:
+ systemctl --job-mode=ignore-dependencies restart dovecot2 postfix
*/
{
@@ -47,10 +44,9 @@ Known issues:
quota = "10G";
};
"nick@simatime.com" = {
- hashedPassword = "$6$31P/Mg8k8Pezy1e$Fn1tDyssf.1EgxmLYFsQpSq6RP4wbEvP/UlBlXQhyKA9FnmFtJteXsbJM1naa8Kyylo8vZM9zmeoSthHS1slA1";
- aliases = [
- "nicolai@simatime.com"
- ];
+ hashedPassword =
+ "$6$31P/Mg8k8Pezy1e$Fn1tDyssf.1EgxmLYFsQpSq6RP4wbEvP/UlBlXQhyKA9FnmFtJteXsbJM1naa8Kyylo8vZM9zmeoSthHS1slA1";
+ aliases = [ "nicolai@simatime.com" ];
quota = "1G";
};
};
diff --git a/Biz/Cloud/Networking.nix b/Biz/Cloud/Networking.nix
index 05a1608..1c1f832 100644
--- a/Biz/Cloud/Networking.nix
+++ b/Biz/Cloud/Networking.nix
@@ -2,8 +2,7 @@
# This file was populated at runtime with the networking
# details gathered from the active system.
networking = {
- nameservers = [ "8.8.8.8"
- ];
+ nameservers = [ "8.8.8.8" ];
defaultGateway = "143.198.112.1";
defaultGateway6 = "2604:a880:400:d0::1";
dhcpcd.enable = false;
@@ -11,15 +10,33 @@
interfaces = {
eth0 = {
ipv4.addresses = [
- { address="143.198.118.179"; prefixLength=20; }
-{ address="10.10.0.7"; prefixLength=16; }
+ {
+ address = "143.198.118.179";
+ prefixLength = 20;
+ }
+ {
+ address = "10.10.0.7";
+ prefixLength = 16;
+ }
];
ipv6.addresses = [
- { address="2604:a880:400:d0::19f1:7001"; prefixLength=64; }
-{ address="fe80::a06e:26ff:fee1:941"; prefixLength=64; }
+ {
+ address = "2604:a880:400:d0::19f1:7001";
+ prefixLength = 64;
+ }
+ {
+ address = "fe80::a06e:26ff:fee1:941";
+ prefixLength = 64;
+ }
];
- ipv4.routes = [ { address = "143.198.112.1"; prefixLength = 32; } ];
- ipv6.routes = [ { address = "2604:a880:400:d0::1"; prefixLength = 128; } ];
+ ipv4.routes = [{
+ address = "143.198.112.1";
+ prefixLength = 32;
+ }];
+ ipv6.routes = [{
+ address = "2604:a880:400:d0::1";
+ prefixLength = 128;
+ }];
};
};
diff --git a/Biz/Cloud/NostrRelay.nix b/Biz/Cloud/NostrRelay.nix
index 73c1366..0be8a6f 100644
--- a/Biz/Cloud/NostrRelay.nix
+++ b/Biz/Cloud/NostrRelay.nix
@@ -27,10 +27,8 @@ in {
'';
script = "nostr-rs-relay --db ${dataDir}";
serviceConfig = {
- Environment = [
- "RUST_LOG=info,nostr_rs_relay=info"
- "APP_DATA=${dataDir}"
- ];
+ Environment =
+ [ "RUST_LOG=info,nostr_rs_relay=info" "APP_DATA=${dataDir}" ];
WorkingDirectory = dataDir;
KillSignal = "INT";
Type = "simple";
diff --git a/Biz/Cloud/Ports.nix b/Biz/Cloud/Ports.nix
index 56a1ae7..69968fb 100644
--- a/Biz/Cloud/Ports.nix
+++ b/Biz/Cloud/Ports.nix
@@ -15,7 +15,10 @@
headscale = 8844;
hoogle = 8008;
http = 80;
- httpdev = { from = 8000; to = 8099; };
+ httpdev = {
+ from = 8000;
+ to = 8099;
+ };
https = 443;
invidious = 8086;
jellyfin = 8096;
@@ -33,7 +36,10 @@
stableDiffusion = 8501;
syncthing-gui = 8384;
tor = 144;
- torrents = { from = 3000; to = 3099; };
+ torrents = {
+ from = 3000;
+ to = 3099;
+ };
wireguard = 51820;
znc = 5000;
}
diff --git a/Biz/Cloud/Web.nix b/Biz/Cloud/Web.nix
index f97f6e0..b54e108 100644
--- a/Biz/Cloud/Web.nix
+++ b/Biz/Cloud/Web.nix
@@ -3,9 +3,8 @@
let
rootDomain = config.networking.domain;
ports = import ./Ports.nix;
-in
-{
- imports = [ ./Gmnisrv.nix ];
+in {
+ imports = [ ./Gmnisrv.nix ];
networking.firewall = {
allowedTCPPorts = [
ports.ssh
@@ -86,9 +85,7 @@ in
listen = "0.0.0.0:${toString ports.gemini} [::]:${toString ports.gemini}";
settings = {
":tls" = { store = "/var/lib/gmnisrv"; };
- "bsima.me" = {
- "root" = "/var/web/ben";
- };
+ "bsima.me" = { "root" = "/var/web/ben"; };
"${rootDomain}" = {
"root" = "/var/web/simatime.com";
"cgi" = "on";
@@ -116,7 +113,12 @@ in
# redirect '/git' to '/git/'
"/git".return = "301 https://$host/git/";
# nostr nip-5 verification
- "/.well-known/nostr.json".return = "200 '${builtins.toJSON { names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436";}}'";
+ "/.well-known/nostr.json".return = "200 '${
+ builtins.toJSON {
+ names.bensima =
+ "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436";
+ }
+ }'";
# disabled for nixpert test
"/" = {
root = "/var/web/simatime.com";
@@ -149,19 +151,22 @@ in
};
"hoogle.${rootDomain}" = {
- locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.hoogle}";
+ locations."/".proxyPass =
+ "http://${ports.bensIp}:${toString ports.hoogle}";
forceSSL = true;
useACMEHost = rootDomain;
};
"tv.${rootDomain}" = {
- locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.jellyfin}";
+ locations."/".proxyPass =
+ "http://${ports.bensIp}:${toString ports.jellyfin}";
forceSSL = true;
useACMEHost = rootDomain;
};
"cal.${rootDomain}" = {
- locations."/".proxyPass = "http://localhost:${toString ports.radicale}";
+ locations."/".proxyPass =
+ "http://localhost:${toString ports.radicale}";
forceSSL = true;
useACMEHost = rootDomain;
extraConfig = ''
@@ -173,7 +178,8 @@ in
};
"reddit.${rootDomain}" = {
- locations."/".proxyPass = "http://localhost:${toString ports.libreddit}";
+ locations."/".proxyPass =
+ "http://localhost:${toString ports.libreddit}";
forceSSL = true;
useACMEHost = rootDomain;
};
@@ -189,7 +195,8 @@ in
};
"youtube.${rootDomain}" = {
- locations."/".proxyPass = "http://localhost:${toString ports.invidious}";
+ locations."/".proxyPass =
+ "http://localhost:${toString ports.invidious}";
forceSSL = true;
useACMEHost = rootDomain;
};
@@ -205,13 +212,15 @@ in
};
"dragons.dev" = {
- locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dragons}";
+ locations."/".proxyPass =
+ "http://${ports.bensIp}:${toString ports.dragons}";
forceSSL = true;
useACMEHost = rootDomain;
};
"dandel-rovbur.${rootDomain}" = {
- locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dandel-rovbur}";
+ locations."/".proxyPass =
+ "http://${ports.bensIp}:${toString ports.dandel-rovbur}";
forceSSL = true;
useACMEHost = rootDomain;
};
@@ -226,7 +235,8 @@ in
forceSSL = true;
useACMEHost = rootDomain;
locations."/" = {
- proxyPass = "http://${ports.bensIp}:${toString ports.stableDiffusion}";
+ proxyPass =
+ "http://${ports.bensIp}:${toString ports.stableDiffusion}";
proxyWebsockets = true;
};
};
@@ -234,7 +244,8 @@ in
"music.${rootDomain}" = {
forceSSL = true;
useACMEHost = rootDomain;
- locations."/".proxyPass = "http://localhost:${toString ports.botamusique}";
+ locations."/".proxyPass =
+ "http://localhost:${toString ports.botamusique}";
};
"nostr.${rootDomain}" = {
@@ -275,28 +286,26 @@ in
};
# This must contain all of the other domains we host
- security.acme.certs.${rootDomain}.extraDomainNames = [
- "bsima.me" "www.bsima.me"
- "dragons.dev"
- "nixpert.chat"
- ] ++ map (sub: "${sub}.${rootDomain}") [
- "music"
- "tv"
- "matrix"
- "chat"
- "hoogle"
- "dandel-rovbur"
- "sabten"
- "cal"
- "notebook"
- "nostr"
- "reddit"
- "old.reddit"
- "www.reddit"
- "youtube"
- "www.youtube"
- "m.youtube"
- "sd"
- "gerrit"
- ];
+ security.acme.certs.${rootDomain}.extraDomainNames =
+ [ "bsima.me" "www.bsima.me" "dragons.dev" "nixpert.chat" ]
+ ++ map (sub: "${sub}.${rootDomain}") [
+ "music"
+ "tv"
+ "matrix"
+ "chat"
+ "hoogle"
+ "dandel-rovbur"
+ "sabten"
+ "cal"
+ "notebook"
+ "nostr"
+ "reddit"
+ "old.reddit"
+ "www.reddit"
+ "youtube"
+ "www.youtube"
+ "m.youtube"
+ "sd"
+ "gerrit"
+ ];
}
diff --git a/Biz/Cloud/Znc.nix b/Biz/Cloud/Znc.nix
index 79eee95..caa8e88 100644
--- a/Biz/Cloud/Znc.nix
+++ b/Biz/Cloud/Znc.nix
@@ -1,9 +1,6 @@
-/*
-
-N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"'
-
-- https://wiki.znc.in/Configuration
+/* N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"'
+ - https://wiki.znc.in/Configuration
*/
{ pkgs, ... }:
@@ -13,10 +10,11 @@ N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"'
znc = {
enable = true;
openFirewall = true;
- modulePackages = with pkgs.zncModules; [
- #backlog clientaway clientbuffer
- #ignore
- ];
+ modulePackages = with pkgs.zncModules;
+ [
+ #backlog clientaway clientbuffer
+ #ignore
+ ];
useLegacyConfig = false;
config = {
LoadModule = [ "adminlog" ];
@@ -36,34 +34,30 @@ N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"'
LoadModule = [ "simple_away" "nickserv" "sasl" ];
Nick = "bsima";
Chan = {
- "#emacs" = { Detached = true; };
- "#guile" = {};
- "#guix" = { Detached = true; };
- "#haskell" = {};
- "#hledger" = {};
- "#nixos" = {};
- "#notmuch" = { Detached = true; };
- "#org-mode" = { Detached = true; };
- "#scheme" = { Detached = true; };
- "#sr.ht" = { Detached = true; };
- "#xmonad" = { Detached = true; };
+ "#emacs" = { Detached = true; };
+ "#guile" = { };
+ "#guix" = { Detached = true; };
+ "#haskell" = { };
+ "#hledger" = { };
+ "#nixos" = { };
+ "#notmuch" = { Detached = true; };
+ "#org-mode" = { Detached = true; };
+ "#scheme" = { Detached = true; };
+ "#sr.ht" = { Detached = true; };
+ "#xmonad" = { Detached = true; };
};
};
oftc = {
Server = "irc.oftc.net +6697";
LoadModule = [ "simple_away" "nickserv" ];
Nick = "bsima";
- Chan = {
- "#home-manager" = {};
- };
+ Chan = { "#home-manager" = { }; };
};
zeronode = {
Server = "irc.zeronode.net +6667";
LoadModule = [ "simple_away" "nickserv" ];
Nick = "ben";
- Chan = {
- "#NoAgenda" = {};
- };
+ Chan = { "#NoAgenda" = { }; };
};
#sorcery = {
# Server = "irc.sorcery.net +6697";
@@ -71,7 +65,8 @@ N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"'
};
Pass.password = {
Method = "sha256";
- Hash = "bead16d806e7bf5cbbc31d572b20f01e2b253eb60e2497ce465df56306becd02";
+ Hash =
+ "bead16d806e7bf5cbbc31d572b20f01e2b253eb60e2497ce465df56306becd02";
Salt = "/GhmBMc+E6b7qd8muFEe";
};
};
diff --git a/Biz/Dev/Beryllium.nix b/Biz/Dev/Beryllium.nix
index b2dad1e..2cfe61a 100644
--- a/Biz/Dev/Beryllium.nix
+++ b/Biz/Dev/Beryllium.nix
@@ -1,4 +1,4 @@
-{ nixpkgs ? import ../Bild.nix {} }:
+{ nixpkgs ? import ../Bild.nix { } }:
with nixpkgs;
bild.os {
imports = [
diff --git a/Biz/Dev/Beryllium/Configuration.nix b/Biz/Dev/Beryllium/Configuration.nix
index 106f78e..b1d7f11 100644
--- a/Biz/Dev/Beryllium/Configuration.nix
+++ b/Biz/Dev/Beryllium/Configuration.nix
@@ -5,10 +5,9 @@
{ config, pkgs, ... }:
{
- imports =
- [ # Include the results of the hardware scan.
- ./Hardware.nix
- ];
+ imports = [ # Include the results of the hardware scan.
+ ./Hardware.nix
+ ];
# Bootloader.
boot.loader.systemd-boot.enable = true;
@@ -105,7 +104,7 @@
services.clight.temperature.night = 1800;
services.clight.settings.sunrise = "7:00";
services.clight.settings.sunset = "17:00";
- location.latitude = 40.80;
+ location.latitude = 40.8;
location.longitude = -81.52;
services.eternal-terminal.enable = true;
@@ -119,8 +118,8 @@
v4l-utils
linuxPackages.v4l2loopback
nvtop
- # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
- # wget
+ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+ # wget
];
# Some programs need SUID wrappers, can be configured further or are
diff --git a/Biz/Dev/Beryllium/Hardware.nix b/Biz/Dev/Beryllium/Hardware.nix
index 8c74e10..ecf425c 100644
--- a/Biz/Dev/Beryllium/Hardware.nix
+++ b/Biz/Dev/Beryllium/Hardware.nix
@@ -4,24 +4,23 @@
{ config, lib, modulesPath, ... }:
{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
+ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
- boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+ boot.initrd.availableKernelModules =
+ [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/f96eaa16-d0e2-4230-aece-131ce7b630da";
- fsType = "ext4";
- };
+ fileSystems."/" = {
+ device = "/dev/disk/by-uuid/f96eaa16-d0e2-4230-aece-131ce7b630da";
+ fsType = "ext4";
+ };
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/A34A-6527";
- fsType = "vfat";
- };
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/A34A-6527";
+ fsType = "vfat";
+ };
swapDevices = [ ];
@@ -34,5 +33,6 @@
# networking.interfaces.enp99s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+ hardware.cpu.amd.updateMicrocode =
+ lib.mkDefault config.hardware.enableRedistributableFirmware;
}
diff --git a/Biz/Dev/Dns.nix b/Biz/Dev/Dns.nix
index 0490ead..baf79aa 100644
--- a/Biz/Dev/Dns.nix
+++ b/Biz/Dev/Dns.nix
@@ -1,20 +1,11 @@
{ ... }:
-
-
{
services.bind = {
enable = true;
- forwarders = [
- "8.8.8.8"
- "1.1.1.1"
- ];
- cacheNetworks = [
- "127.0.0.0/8"
- "192.168.0.0/24"
- ];
- extraConfig = ''
- '';
+ forwarders = [ "8.8.8.8" "1.1.1.1" ];
+ cacheNetworks = [ "127.0.0.0/8" "192.168.0.0/24" ];
+ extraConfig = "";
extraOptions = ''
dnssec-validation auto;
'';
diff --git a/Biz/Dev/Guix.nix b/Biz/Dev/Guix.nix
index 8ee55d4..0b261fb 100644
--- a/Biz/Dev/Guix.nix
+++ b/Biz/Dev/Guix.nix
@@ -6,7 +6,6 @@ let
cfg = config.services.guix;
-
in {
options.services.guix = {
@@ -21,7 +20,8 @@ in {
serviceConfig = {
Restart = "always";
- ExecStart = "${pkgs.guix}/bin/guix-daemon --build-users-group=guixbuild";
+ ExecStart =
+ "${pkgs.guix}/bin/guix-daemon --build-users-group=guixbuild";
Environment = null;
RemainAfterExit = "yes";
StandardOutput = "syslog";
@@ -30,18 +30,14 @@ in {
};
};
users = {
- extraUsers = lib.attrs.genAttrs
- (lib.lists.range 1 10)
- (n: {
- name = "guixbuilder${n}";
- isSystemUser = true;
- extraGroups = ["guixbuild"];
- group = "guixbuild";
- description = "Guix build user ${n}";
- });
- extraGroups = {
- "guixbuild" = {};
- };
+ extraUsers = lib.attrs.genAttrs (lib.lists.range 1 10) (n: {
+ name = "guixbuilder${n}";
+ isSystemUser = true;
+ extraGroups = [ "guixbuild" ];
+ group = "guixbuild";
+ description = "Guix build user ${n}";
+ });
+ extraGroups = { "guixbuild" = { }; };
};
};
}
diff --git a/Biz/Dev/Hoogle.nix b/Biz/Dev/Hoogle.nix
index 02330b5..213a31c 100644
--- a/Biz/Dev/Hoogle.nix
+++ b/Biz/Dev/Hoogle.nix
@@ -25,7 +25,7 @@ in {
};
packages = mkOption {
- default = _hp: [];
+ default = _hp: [ ];
defaultText = "hp: []";
example = "hp: with hp; [ text lens ]";
description = ''
@@ -64,7 +64,9 @@ in {
serviceConfig = {
Restart = "always";
- ExecStart = ''${hoogleEnv}/bin/hoogle server --local --port ${toString cfg.port} --home ${cfg.home} --host ${cfg.host}'';
+ ExecStart = "${hoogleEnv}/bin/hoogle server --local --port ${
+ toString cfg.port
+ } --home ${cfg.home} --host ${cfg.host}";
DynamicUser = true;
diff --git a/Biz/Dev/Lithium.nix b/Biz/Dev/Lithium.nix
index d3b17b7..d81b55c 100644
--- a/Biz/Dev/Lithium.nix
+++ b/Biz/Dev/Lithium.nix
@@ -1,4 +1,4 @@
-{ nixpkgs ? import ../Bild.nix {} }:
+{ nixpkgs ? import ../Bild.nix { } }:
with nixpkgs;
# Dev machine for work and building stuff.
diff --git a/Biz/Dev/Lithium/Configuration.nix b/Biz/Dev/Lithium/Configuration.nix
index 7434b3f..e6cbdfe 100644
--- a/Biz/Dev/Lithium/Configuration.nix
+++ b/Biz/Dev/Lithium/Configuration.nix
@@ -14,17 +14,18 @@ in {
time.timeZone = "America/New_York";
fonts.fonts = with pkgs; [
- google-fonts mononoki source-code-pro fantasque-sans-mono hack-font
- fira fira-code fira-code-symbols
+ google-fonts
+ mononoki
+ source-code-pro
+ fantasque-sans-mono
+ hack-font
+ fira
+ fira-code
+ fira-code-symbols
];
- environment.systemPackages = [
- pkgs.nvtop #
- pkgs.k3s
- pkgs.wemux
- pkgs.tmux
- pkgs.wireguard-tools
- ];
+ environment.systemPackages =
+ [ pkgs.nvtop pkgs.k3s pkgs.wemux pkgs.tmux pkgs.wireguard-tools ];
nixpkgs = {
config = {
@@ -63,7 +64,8 @@ in {
services.my-hoogle.enable = true;
services.my-hoogle.port = ports.hoogle;
services.my-hoogle.home = "//hoogle.simatime.com";
- services.my-hoogle.packages = pkgset: lib.attrsets.attrVals (import ../../Bild/Deps/Haskell.nix) pkgset;
+ services.my-hoogle.packages = pkgset:
+ lib.attrsets.attrVals (import ../../Bild/Deps/Haskell.nix) pkgset;
services.my-hoogle.haskellPackages = pkgs.haskell.packages.${ghcCompiler};
services.my-hoogle.host = "0.0.0.0";
@@ -84,11 +86,13 @@ in {
services.tor.settings.Nickname = "ydeee3q1cjo83tsuqcz";
services.tor.settings.AccountingMax = "10 GBytes";
services.tor.settings.AccountingStart = "month 1 1:00";
- services.tor.settings.ContactInfo = "ContactInfo pgp:66A6AD150399D970DCA4C4E6C8218B7D0BFDECCD ciissversion:2";
+ services.tor.settings.ContactInfo =
+ "ContactInfo pgp:66A6AD150399D970DCA4C4E6C8218B7D0BFDECCD ciissversion:2";
services.bitcoind.mainnet.enable = true;
services.bitcoind.mainnet.dataDir = "/mnt/campbell/bitcoind-mainnet/data";
- services.bitcoind.mainnet.configFile = "/mnt/campbell/bitcoind-mainnet/bitcoin.conf";
+ services.bitcoind.mainnet.configFile =
+ "/mnt/campbell/bitcoind-mainnet/bitcoin.conf";
services.bitcoind.mainnet.prune = 10000;
services.pcscd.enable = true;
@@ -140,12 +144,20 @@ in {
services.jupyter.port = ports.jupyter;
services.jupyter.ip = "*";
users.users.jupyter.group = "jupyter";
- users.groups.jupyter = {};
- services.jupyter.password = "'argon2:$argon2id$v=19$m=10240,t=10,p=8$nvQhgk+htbIYi961YYAf1w$ekpwiTT5L4+OAods0K7EDw'";
+ users.groups.jupyter = { };
+ services.jupyter.password =
+ "'argon2:$argon2id$v=19$m=10240,t=10,p=8$nvQhgk+htbIYi961YYAf1w$ekpwiTT5L4+OAods0K7EDw'";
services.jupyter.kernels.python3 = let
- env = (pkgs.python3.withPackages (p: with p; [
- ipykernel pandas scikitlearn numpy matplotlib sympy ipywidgets
- ]));
+ env = (pkgs.python3.withPackages (p:
+ with p; [
+ ipykernel
+ pandas
+ scikitlearn
+ numpy
+ matplotlib
+ sympy
+ ipywidgets
+ ]));
in {
displayName = "py3";
argv = [
diff --git a/Biz/Dev/Lithium/Hardware.nix b/Biz/Dev/Lithium/Hardware.nix
index 4d835aa..54c07f5 100644
--- a/Biz/Dev/Lithium/Hardware.nix
+++ b/Biz/Dev/Lithium/Hardware.nix
@@ -4,26 +4,22 @@
{ lib, modulesPath, ... }:
{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
+ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
- boot.initrd.availableKernelModules = [
- "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"
- ];
+ boot.initrd.availableKernelModules =
+ [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [
- ];
+ boot.extraModulePackages = [ ];
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/f08dd8f9-787c-4e2a-a0cc-7019edc2ce2b";
- fsType = "ext4";
- };
+ fileSystems."/" = {
+ device = "/dev/disk/by-uuid/f08dd8f9-787c-4e2a-a0cc-7019edc2ce2b";
+ fsType = "ext4";
+ };
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/C67C-D7B5";
- fsType = "vfat";
- };
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/C67C-D7B5";
+ fsType = "vfat";
+ };
fileSystems."/mnt/campbell" = {
device = "/dev/disk/by-uuid/037df3ae-4609-402c-ab1d-4593190d0ee7";
diff --git a/Biz/Dev/Networking.nix b/Biz/Dev/Networking.nix
index 1a28b56..c89add7 100644
--- a/Biz/Dev/Networking.nix
+++ b/Biz/Dev/Networking.nix
@@ -1,14 +1,11 @@
{ ... }:
-let
- ports = import ../Cloud/Ports.nix;
+let ports = import ../Cloud/Ports.nix;
in {
networking = {
nameservers = [ "1.1.1.1" ];
hostName = "lithium";
- hosts = {
- "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ];
- };
+ hosts = { "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ]; };
firewall = {
allowedTCPPorts = [
@@ -32,18 +29,9 @@ in {
ports.stableDiffusion
ports.tor
];
- allowedTCPPortRanges = [
- ports.torrents
- ports.httpdev
- ];
- allowedUDPPorts = [
- ports.dns
- ports.et
- ports.murmur
- ];
- allowedUDPPortRanges = [
- ports.torrents
- ];
+ allowedTCPPortRanges = [ ports.torrents ports.httpdev ];
+ allowedUDPPorts = [ ports.dns ports.et ports.murmur ];
+ allowedUDPPortRanges = [ ports.torrents ];
};
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
diff --git a/Biz/Dev/Vpn.nix b/Biz/Dev/Vpn.nix
index 5a3c3e6..47f9c6e 100644
--- a/Biz/Dev/Vpn.nix
+++ b/Biz/Dev/Vpn.nix
@@ -8,7 +8,7 @@ in {
enable = true;
address = "0.0.0.0";
port = ports.headscale;
- settings = {};
+ settings = { };
};
services.nginx.virtualHosts.${domain} = {
diff --git a/Biz/Dragons.nix b/Biz/Dragons.nix
index 6473232..2530572 100644
--- a/Biz/Dragons.nix
+++ b/Biz/Dragons.nix
@@ -1,14 +1,7 @@
-{ options
-, lib
-, config
-, pkgs
-, ...
-}:
+{ options, lib, config, pkgs, ... }:
-let
- cfg = config.services.dragons;
-in
-{
+let cfg = config.services.dragons;
+in {
options.services.dragons = {
enable = lib.mkEnableOption "Enable the dragons service";
port = lib.mkOption {
@@ -55,7 +48,7 @@ in
"DEPO=${cfg.depo}"
"KEEP=${cfg.keep}"
];
- EnvironmentFile="/run/dragons/env";
+ EnvironmentFile = "/run/dragons/env";
KillSignal = "INT";
Type = "simple";
Restart = "on-abort";
diff --git a/Biz/Dragons/Analysis.nix b/Biz/Dragons/Analysis.nix
index de431a7..49a76e0 100644
--- a/Biz/Dragons/Analysis.nix
+++ b/Biz/Dragons/Analysis.nix
@@ -1,4 +1,4 @@
-{ nixpkgs ? import ../Bild.nix {} }:
+{ nixpkgs ? import ../Bild.nix { } }:
with nixpkgs;
# Run this like so:
#
@@ -12,9 +12,6 @@ bild.image {
fromImage = null;
fromImageName = null;
fromImageTag = "latest";
- contents = [
- bild.pkgs.git
- (bild.run ./Analysis.hs)
- ];
+ contents = [ bild.pkgs.git (bild.run ./Analysis.hs) ];
config.Cmd = [ "/bin/dragons-analyze" ];
}
diff --git a/Biz/Lint.hs b/Biz/Lint.hs
index 13150cc..d27ca1d 100644
--- a/Biz/Lint.hs
+++ b/Biz/Lint.hs
@@ -15,6 +15,7 @@
-- : run deadnix
-- : run shellcheck
-- : run indent
+-- : run nixfmt
module Biz.Lint (main) where
import Alpha
@@ -78,8 +79,11 @@ all your lint are belong to us
Usage:
lint test
- lint [--fix] [<file>...]
- lint -h, --help
+ lint [options] [<file>...]
+
+Options:
+ --fix, -f Apply fixes automatically
+ --help, -h Print this info
|]
exit :: [Result] -> IO ()
@@ -88,7 +92,7 @@ exit results = Exit.exitWith <| (n > 0) ?: (Exit.ExitFailure n, Exit.ExitSuccess
n = length <| filter bad results
bad = \case
(Warn _) -> False
- Done {status = Bad _} -> True
+ Done _ (Bad _) -> True
_ -> False
printResult :: Result -> IO Result
@@ -137,8 +141,6 @@ data Linter = Linter
formatter :: Maybe (String -> String)
}
--- deriving (Show)
-
ormolu :: Linter
ormolu =
Linter
@@ -219,6 +221,15 @@ decodeDeadnixOutput deadnixJson =
formatDeadnixResult DeadnixResult {..} =
file <> ":" <> show line <> ":" <> show column <> ": " <> message
+nixfmt :: Linter
+nixfmt =
+ Linter
+ { exe = "nixfmt",
+ checkArgs = ["--check"],
+ fixArgs = Nothing,
+ formatter = Nothing
+ }
+
shellcheck :: Linter
shellcheck =
Linter
@@ -241,7 +252,7 @@ data Status = Good | Bad String
deriving (Show)
data Result
- = Done {linter :: Linter, status :: Status}
+ = Done Linter Status
| Warn Text
| NoOp Namespace.Ext
@@ -251,6 +262,7 @@ run mode nsmap = nsmap |> Map.assocs |> traverse (runOne mode) /> concat
runOne :: Mode -> (Ext, [Namespace]) -> IO [Result]
runOne mode (ext, ns's) = results +> traverse printResult
where
+ results :: IO [Result]
results =
-- i would run these with mapConcurrently, but the output gets mangled. to
-- do it right i need a queue for the results. someday.
@@ -264,9 +276,17 @@ runOne mode (ext, ns's) = results +> traverse printResult
lint mode ruff ns's
]
Namespace.Sh -> [lint mode shellcheck ns's]
- Namespace.Nix -> [lint mode deadnix ns's]
+ Namespace.Nix -> [lint mode deadnix ns's, lint mode nixfmt ns's]
Namespace.C -> [lint mode indent ns's]
- _ -> [pure <. Warn <| "no linter for " <> show ext]
+ _ ->
+ ns's
+ |> map Namespace.toPath
+ |> joinWith ", "
+ |> str
+ |> ("no linter for " <>)
+ |> Warn
+ |> (pure :: Result -> IO Result)
+ |> (pure :: IO Result -> [IO Result])
lint :: Mode -> Linter -> [Namespace] -> IO Result
lint mode linter@Linter {..} ns's =
diff --git a/Biz/Nixpert.nix b/Biz/Nixpert.nix
index faf27b2..f2f99b2 100644
--- a/Biz/Nixpert.nix
+++ b/Biz/Nixpert.nix
@@ -1,7 +1,7 @@
{ pkgs, ... }:
let
- salespage = pkgs.runCommand "salespage" {} ''
+ salespage = pkgs.runCommand "salespage" { } ''
mkdir -p $out
${pkgs.pandoc}/bin/pandoc \
--standalone \
diff --git a/Biz/OsBase.nix b/Biz/OsBase.nix
index 3b59f11..50899d2 100644
--- a/Biz/OsBase.nix
+++ b/Biz/OsBase.nix
@@ -1,14 +1,20 @@
-{pkgs, ...}:
-let
- ports = import ./Cloud/Ports.nix;
+{ pkgs, ... }:
+let ports = import ./Cloud/Ports.nix;
in {
boot.tmp.cleanOnBoot = true;
fonts.fonts = with pkgs; [
- google-fonts mononoki source-code-pro fantasque-sans-mono hack-font
- fira fira-code fira-code-symbols
+ google-fonts
+ mononoki
+ source-code-pro
+ fantasque-sans-mono
+ hack-font
+ fira
+ fira-code
+ fira-code-symbols
];
networking.firewall.allowPing = true;
- nix.settings.substituters = [ "https://cache.nixos.org" ]; # "ssh://dev.simatime.com" ];
+ nix.settings.substituters =
+ [ "https://cache.nixos.org" ]; # "ssh://dev.simatime.com" ];
nix.gc.automatic = true;
nix.gc.dates = "Sunday 02:15";
nix.optimise.automatic = true;
diff --git a/Biz/Que.nix b/Biz/Que.nix
index 103aef0..ac89a56 100644
--- a/Biz/Que.nix
+++ b/Biz/Que.nix
@@ -1,16 +1,11 @@
-{ nixpkgs ? import ./Bild.nix {} }:
+{ nixpkgs ? import ./Bild.nix { } }:
with nixpkgs;
# The production server for que.run
bild.os {
- imports = [
- ./OsBase.nix
- ./Packages.nix
- ./Users.nix
- ./Que/Host.nix
- ./Que/Site.nix
- ];
+ imports =
+ [ ./OsBase.nix ./Packages.nix ./Users.nix ./Que/Host.nix ./Que/Site.nix ];
networking.hostName = "prod-que";
networking.domain = "que.run";
services.que-server = {
@@ -19,16 +14,17 @@ bild.os {
package = bild.run ./Que/Host.hs;
};
boot.loader.grub.device = "/dev/vda";
- fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
- swapDevices = [
- { device = "/swapfile"; } # 4GB
- ];
+ fileSystems."/" = {
+ device = "/dev/vda1";
+ fsType = "ext4";
+ };
+ swapDevices = [{
+ device = "/swapfile";
+ } # 4GB
+ ];
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
networking = {
- nameservers = [
- "67.207.67.2"
- "67.207.67.3"
- ];
+ nameservers = [ "67.207.67.2" "67.207.67.3" ];
defaultGateway = "157.245.224.1";
defaultGateway6 = "2604:a880:2:d1::1";
dhcpcd.enable = false;
@@ -36,15 +32,33 @@ bild.os {
interfaces = {
eth0 = {
ipv4.addresses = [
- { address="157.245.236.44"; prefixLength=20; }
- { address="10.46.0.5"; prefixLength=16; }
+ {
+ address = "157.245.236.44";
+ prefixLength = 20;
+ }
+ {
+ address = "10.46.0.5";
+ prefixLength = 16;
+ }
];
ipv6.addresses = [
- { address="2604:a880:2:d1::a2:5001"; prefixLength=64; }
- { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; }
+ {
+ address = "2604:a880:2:d1::a2:5001";
+ prefixLength = 64;
+ }
+ {
+ address = "fe80::7892:a5ff:fec6:dbc3";
+ prefixLength = 64;
+ }
];
- ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ];
- ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ];
+ ipv4.routes = [{
+ address = "157.245.224.1";
+ prefixLength = 32;
+ }];
+ ipv6.routes = [{
+ address = "2604:a880:2:d1::1";
+ prefixLength = 32;
+ }];
};
};
};
diff --git a/Biz/Que/Host.nix b/Biz/Que/Host.nix
index 84bd9cc..b6b533e 100644
--- a/Biz/Que/Host.nix
+++ b/Biz/Que/Host.nix
@@ -1,13 +1,7 @@
-{ options
-, lib
-, config
-, ...
-}:
+{ options, lib, config, ... }:
-let
- cfg = config.services.que-server;
-in
-{
+let cfg = config.services.que-server;
+in {
options.services.que-server = {
enable = lib.mkEnableOption "Enable the que-server service";
port = lib.mkOption {
@@ -34,7 +28,7 @@ in
Que server
'';
serviceConfig = {
- Environment = ["QUE_PORT=${toString cfg.port}"];
+ Environment = [ "QUE_PORT=${toString cfg.port}" ];
EnvironmentFile = "/run/que/env";
KillSignal = "INT";
Type = "simple";
diff --git a/Biz/Que/Site.nix b/Biz/Que/Site.nix
index 15b058d..cc525f6 100644
--- a/Biz/Que/Site.nix
+++ b/Biz/Que/Site.nix
@@ -1,11 +1,4 @@
-{ options
-, lib
-, config
-, pkgs
-, ...
-}:
-
-
+{ options, lib, config, pkgs, ... }:
let
cfg = config.services.que-website;
@@ -22,8 +15,7 @@ let
cp ${./Client.py} $out/Client.py
'';
};
-in
-{
+in {
options.services.que-website = {
enable = lib.mkEnableOption "Enable the que-website service";
namespace = lib.mkOption {
diff --git a/Biz/Users.nix b/Biz/Users.nix
index b7717a3..b214704 100644
--- a/Biz/Users.nix
+++ b/Biz/Users.nix
@@ -1,24 +1,25 @@
{ config, lib, ... }:
let
- readKeys = k: lib.trivial.pipe k [
- builtins.readFile
- (lib.strings.splitString "\n")
- (lib.filter (s: s != ""))
- ];
+ readKeys = k:
+ lib.trivial.pipe k [
+ builtins.readFile
+ (lib.strings.splitString "\n")
+ (lib.filter (s: s != ""))
+ ];
in {
users.groups = {
# group for publishing web data
- "www-data" = {};
+ "www-data" = { };
};
users.motd = ''
- welcome to the simatime network!
- your host is '${config.networking.hostName}'
+ welcome to the simatime network!
+ your host is '${config.networking.hostName}'
'';
users.mutableUsers = false;
- users.users = { #
+ users.users = {
# bots
#
deploy = {
diff --git a/Urbit/Harbor.nix b/Urbit/Harbor.nix
index 50abc53..6098163 100644
--- a/Urbit/Harbor.nix
+++ b/Urbit/Harbor.nix
@@ -1,40 +1,31 @@
-{ options
-, lib
-, config
-, pkgs
-, ...
-}:
+{ options, lib, config, pkgs, ... }:
-/*
+/* Urbit Harbor is a supervisor for Urbit ships on the local machine. It does no
+ orchestration, it just manages systemd services.
-Urbit Harbor is a supervisor for Urbit ships on the local machine. It does no
-orchestration, it just manages systemd services.
+ Setup process:
-Setup process:
+ <running as user "urbit-harbor">
+ dir=/var/urbit/harbor
+ urbit -c $dir/zod -k $dir/zod.key -x # one-time setup
+ <create $dir/zod.service from some template>
+ systemctl --user enable $dir/zod.service # nees fullpath
+ systemctl --user start zod.service
- <running as user "urbit-harbor">
- dir=/var/urbit/harbor
- urbit -c $dir/zod -k $dir/zod.key -x # one-time setup
- <create $dir/zod.service from some template>
- systemctl --user enable $dir/zod.service # nees fullpath
- systemctl --user start zod.service
+ Service Template:
+ [Service]
+ ExecStart=urbit -tq /var/urbit/harbor/zod # maybe want -d?
+ ExecStartPre=mkdir -p /var/urbit/harbor/zod
-Service Template:
+ [Unit]
+ Description=zod
- [Service]
- ExecStart=urbit -tq /var/urbit/harbor/zod # maybe want -d?
- ExecStartPre=mkdir -p /var/urbit/harbor/zod
-
- [Unit]
- Description=zod
-
- [Install]
- WantedBy=multi-user.target
+ [Install]
+ WantedBy=multi-user.target
*/
-let
- cfg = config.services.urbit-harbor;
+let cfg = config.services.urbit-harbor;
in {
options.services.urbitharbor = {
enable = lib.mkEnableOption "Enable urbit-harbor";
diff --git a/Urbit/Ship.nix b/Urbit/Ship.nix
index ec6a9ec..45f6b72 100644
--- a/Urbit/Ship.nix
+++ b/Urbit/Ship.nix
@@ -1,5 +1,4 @@
-{ bild ? import ../Biz/Bild.nix {}
-}:
+{ bild ? import ../Biz/Bild.nix { } }:
# This represents a single ship running in a container.
@@ -33,12 +32,8 @@ in bild.image {
contents = bild.pkgs.urbit;
config = {
- Cmd = [
- "${urbit-start}"
- ];
+ Cmd = [ "${urbit-start}" ];
WorkingDir = "/";
- Volumes = {
- "/" = { };
- };
+ Volumes = { "/" = { }; };
};
}
diff --git a/default.nix b/default.nix
index d88873c..99c9893 100644
--- a/default.nix
+++ b/default.nix
@@ -1 +1 @@
-import ./Biz/Bild.nix {}
+import ./Biz/Bild.nix { }
diff --git a/shell.nix b/shell.nix
index 1db7442..90eb55a 100644
--- a/shell.nix
+++ b/shell.nix
@@ -1,3 +1 @@
-(import ./Biz/Bild.nix {
- nixpkgs = import ./Biz/Bild/Nixpkgs.nix;
-}).bild.env
+(import ./Biz/Bild.nix { nixpkgs = import ./Biz/Bild/Nixpkgs.nix; }).bild.env