From db373a8c727cad91d375b40a6c70b11ed73bdafb Mon Sep 17 00:00:00 2001 From: Ben Sima Date: Mon, 1 Apr 2024 13:30:45 -0400 Subject: Add nixfmt to Lint.hs nixfmt is the soon-to-be official formatter for Nix code, as per the NixOS GitHub group. So I figure I should just adopt it without worrying too much about the specifics of the formatting. I just formatted everything in one go, hence the huge diff, oh well. --- Biz/Bild.nix | 326 +++++++++++++++++++----------------- Biz/Bild/Builder.nix | 258 ++++++++++++++-------------- Biz/Bild/Constants.nix | 4 +- Biz/Bild/Deps.nix | 94 ++++++----- Biz/Bild/Deps/C.nix | 4 +- Biz/Bild/Deps/accelerate.nix | 12 +- Biz/Bild/Deps/autogen.nix | 61 +++---- Biz/Bild/Deps/bitsandbytes.nix | 48 ++---- Biz/Bild/Deps/exllama.nix | 20 +-- Biz/Bild/Deps/guile-opengl.nix | 10 +- Biz/Bild/Deps/inspekt3d.nix | 14 +- Biz/Bild/Deps/interegular.nix | 11 +- Biz/Bild/Deps/lion-pytorch.nix | 9 +- Biz/Bild/Deps/llama-cpp.nix | 12 +- Biz/Bild/Deps/nostr-rs-relay.nix | 5 +- Biz/Bild/Deps/outlines.nix | 23 +-- Biz/Bild/Deps/perscache.nix | 22 +-- Biz/Bild/Nixpkgs.nix | 18 +- Biz/Bild/Sources.nix | 227 ++++++++++++++----------- Biz/Bot.nix | 13 +- Biz/Cloud.nix | 2 +- Biz/Cloud/Cgit.nix | 85 ++++------ Biz/Cloud/Chat.nix | 50 +++--- Biz/Cloud/Comms.nix | 5 +- Biz/Cloud/Comms/Mumble.nix | 7 +- Biz/Cloud/Comms/Xmpp.nix | 27 ++- Biz/Cloud/Git.nix | 21 ++- Biz/Cloud/Gmnisrv.nix | 23 +-- Biz/Cloud/Hardware.nix | 8 +- Biz/Cloud/Hub.nix | 2 +- Biz/Cloud/Mail.nix | 18 +- Biz/Cloud/Networking.nix | 33 +++- Biz/Cloud/NostrRelay.nix | 6 +- Biz/Cloud/Ports.nix | 10 +- Biz/Cloud/Web.nix | 89 +++++----- Biz/Cloud/Znc.nix | 49 +++--- Biz/Dev/Beryllium.nix | 2 +- Biz/Dev/Beryllium/Configuration.nix | 13 +- Biz/Dev/Beryllium/Hardware.nix | 26 +-- Biz/Dev/Dns.nix | 15 +- Biz/Dev/Guix.nix | 24 ++- Biz/Dev/Hoogle.nix | 6 +- Biz/Dev/Lithium.nix | 2 +- Biz/Dev/Lithium/Configuration.nix | 46 +++-- Biz/Dev/Lithium/Hardware.nix | 28 ++-- Biz/Dev/Networking.nix | 22 +-- Biz/Dev/Vpn.nix | 2 +- Biz/Dragons.nix | 15 +- Biz/Dragons/Analysis.nix | 7 +- Biz/Lint.hs | 36 +++- Biz/Nixpert.nix | 2 +- Biz/OsBase.nix | 18 +- Biz/Que.nix | 58 ++++--- Biz/Que/Host.nix | 14 +- Biz/Que/Site.nix | 12 +- Biz/Users.nix | 19 ++- Urbit/Harbor.nix | 47 +++--- Urbit/Ship.nix | 11 +- default.nix | 2 +- shell.nix | 4 +- 60 files changed, 998 insertions(+), 1059 deletions(-) diff --git a/Biz/Bild.nix b/Biz/Bild.nix index 097a089..04be55f 100644 --- a/Biz/Bild.nix +++ b/Biz/Bild.nix @@ -3,161 +3,175 @@ let constants = import ./Bild/Constants.nix; lib = nixpkgs.lib; -# put all of our stuff in the 'bild' namespace -in nixpkgs // { bild = rec { - # provided by .envrc - root = builtins.getEnv "CODEROOT"; - - inherit (nixpkgs) sources; - - haskell = rec { - inherit (constants) ghcCompiler; - - # all available packages - deps = import ./Bild/Deps/Haskell.nix; - packages = lib.attrsets.getAttrs deps nixpkgs.haskellPackages; - - # make a ghc with dependencies - ghcWith = nixpkgs.haskell.packages.${ghcCompiler}.ghcWithHoogle; - - # ghc with all packages, used for generating bild's package database - ghcPackageSetFull = ghcWith (p: lib.attrsets.attrVals deps p); - - # bild's dependencies, needs to be hand-written - ghcPackageSetBild = ghcWith (hpkgs: with hpkgs; [ - aeson async base bytestring conduit conduit-extra containers directory - docopt filepath process protolude rainbow regex-applicative split tasty - tasty-hunit tasty-quickcheck text hostname - wai # can remove when removed from Biz.Log - ]); - }; - - lisp = { - sbclWith = nixpkgs.lispPackages_new.sbclWithPackages; - }; - - python = { - packages = nixpkgs.python3Packages; - pythonWith = nixpkgs.python3.withPackages; - buildPythonApplication = nixpkgs.python3.pkgs.buildPythonApplication; + # put all of our stuff in the 'bild' namespace +in nixpkgs // { + bild = rec { + # provided by .envrc + root = builtins.getEnv "CODEROOT"; + + inherit (nixpkgs) sources; + + haskell = rec { + inherit (constants) ghcCompiler; + + # all available packages + deps = import ./Bild/Deps/Haskell.nix; + packages = lib.attrsets.getAttrs deps nixpkgs.haskellPackages; + + # make a ghc with dependencies + ghcWith = nixpkgs.haskell.packages.${ghcCompiler}.ghcWithHoogle; + + # ghc with all packages, used for generating bild's package database + ghcPackageSetFull = ghcWith (p: lib.attrsets.attrVals deps p); + + # bild's dependencies, needs to be hand-written + ghcPackageSetBild = ghcWith (hpkgs: + with hpkgs; [ + aeson + async + base + bytestring + conduit + conduit-extra + containers + directory + docopt + filepath + process + protolude + rainbow + regex-applicative + split + tasty + tasty-hunit + tasty-quickcheck + text + hostname + wai # can remove when removed from Biz.Log + ]); + }; + + lisp = { sbclWith = nixpkgs.lispPackages_new.sbclWithPackages; }; + + python = { + packages = nixpkgs.python3Packages; + pythonWith = nixpkgs.python3.withPackages; + buildPythonApplication = nixpkgs.python3.pkgs.buildPythonApplication; + }; + + # c packages are just nixpkgs, filtered to just the list of deps i want + c.packages = lib.attrsets.getAttrs (import ./Bild/Deps/C.nix) nixpkgs.pkgs; + + # expose some packages for inclusion in os/image builds + pkgs = with nixpkgs.pkgs; { + inherit black deadnix git hlint indent ormolu ruff shellcheck nixfmt; + }; + + # a standard nix build for bild, for bootstrapping. this should be the only + # hand-written builder we need + bild = nixpkgs.stdenv.mkDerivation { + name = "bild"; + src = ../.; + nativeBuildInputs = [ haskell.ghcPackageSetBild ]; + buildInputs = [ nixpkgs.makeWrapper ]; + propagatedBuildInputs = with nixpkgs; [ + pkg-config + git + # this is just to get access to ghc-pkg in bild + (haskell.ghcWith (_: [ ])) + + # lisp deps, remove this when i implement nix builds for lisp + guile + (lisp.sbclWith + (p: with p; [ asdf alexandria ])) # just enough to build Example.lisp + ]; + strictDeps = true; + buildPhase = '' + mkdir -p $out/bin $out/lib/ghc-${haskell.ghcPackageSetFull.version} + cp -r \ + ${haskell.ghcPackageSetFull}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d \ + $out/lib/ghc-${haskell.ghcPackageSetFull.version} + ghc \ + -threaded \ + -Werror \ + -i. \ + --make Biz/Bild.hs \ + -main-is Biz.Bild \ + -o $out/bin/bild + ''; + installPhase = '' + wrapProgram $out/bin/bild \ + --prefix PATH : ${ + lib.makeBinPath [ haskell.ghcPackageSetBild pkgs.git ] + } \ + --set GHC_PACKAGE_PATH \ + $out/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d + ''; + }; + + # wrapper around bild + runBildAnalyze = target: + nixpkgs.stdenv.mkDerivation rec { + name = "bild-analysis"; + src = ../.; + USER = "nixbld"; + HOSTNAME = "nix-sandbox"; + # this is the default sandbox path where bild will be working: + CODEROOT = "/build/omni"; + # we need to remove the $src root because bild expects paths relative to the + # working directory: + TARGET = "." + + lib.strings.removePrefix (toString src) (toString target); + buildPhase = '' + mkdir $out + ${bild}/bin/bild --plan "$TARGET" 1> $out/analysis.json \ + 2> >(tee -a $out/stderr >&2) + ''; + installPhase = "exit 0"; + }; + + # gather data needed for compiling by analyzing the main module. returns the + # json object of the build + analyze = target: + builtins.readFile (runBildAnalyze target + "/analysis.json"); + + # this does a bild build for the given target, but entirely in nix. its kinda + # like IFD, but not as costly, i think + run = target: import ./Bild/Builder.nix { analysisJSON = analyze target; }; + + # the main development environment + env = nixpkgs.pkgs.mkShell { + name = "bizdev"; + # this should just be dev tools + buildInputs = with nixpkgs.pkgs; [ + bat + bc + bild + black + ctags + fd + figlet + fzf + git + git-branchless + gitlint + jq + lolcat + nixpkgs.haskell.packages.${constants.ghcCompiler}.fast-tags + ormolu + ripgrep + tree + wemux + ]; + shellHook = '' + export GHC_PACKAGE_PATH=${bild}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d + ''; + }; + + # build an operating system. 'cfg' is the NixOS config + os = cfg: (nixpkgs.nixos (_args: cfg)).toplevel; + + # build a docker image + image = nixpkgs.pkgs.dockerTools.buildImage; }; - - # c packages are just nixpkgs, filtered to just the list of deps i want - c.packages = lib.attrsets.getAttrs (import ./Bild/Deps/C.nix) nixpkgs.pkgs; - - # expose some packages for inclusion in os/image builds - pkgs = with nixpkgs.pkgs; { - inherit - black - deadnix - git - hlint - indent - ormolu - ruff - shellcheck - ; - }; - - # a standard nix build for bild, for bootstrapping. this should be the only - # hand-written builder we need - bild = nixpkgs.stdenv.mkDerivation { - name = "bild"; - src = ../.; - nativeBuildInputs = [ haskell.ghcPackageSetBild ]; - buildInputs = [ nixpkgs.makeWrapper ]; - propagatedBuildInputs = with nixpkgs; [ - pkg-config - git - # this is just to get access to ghc-pkg in bild - (haskell.ghcWith (_: [])) - - # lisp deps, remove this when i implement nix builds for lisp - guile - (lisp.sbclWith (p: with p; [asdf alexandria])) # just enough to build Example.lisp - ]; - strictDeps = true; - buildPhase = '' - mkdir -p $out/bin $out/lib/ghc-${haskell.ghcPackageSetFull.version} - cp -r \ - ${haskell.ghcPackageSetFull}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d \ - $out/lib/ghc-${haskell.ghcPackageSetFull.version} - ghc \ - -threaded \ - -Werror \ - -i. \ - --make Biz/Bild.hs \ - -main-is Biz.Bild \ - -o $out/bin/bild - ''; - installPhase = '' - wrapProgram $out/bin/bild \ - --prefix PATH : ${lib.makeBinPath [ haskell.ghcPackageSetBild pkgs.git ]} \ - --set GHC_PACKAGE_PATH \ - $out/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d - ''; - }; - - # wrapper around bild - runBildAnalyze = target: nixpkgs.stdenv.mkDerivation rec { - name = "bild-analysis"; - src = ../.; - USER = "nixbld"; - HOSTNAME = "nix-sandbox"; - # this is the default sandbox path where bild will be working: - CODEROOT = "/build/omni"; - # we need to remove the $src root because bild expects paths relative to the - # working directory: - TARGET = "." + lib.strings.removePrefix (toString src) (toString target); - buildPhase = '' - mkdir $out - ${bild}/bin/bild --plan "$TARGET" 1> $out/analysis.json \ - 2> >(tee -a $out/stderr >&2) - ''; - installPhase = "exit 0"; - }; - - # gather data needed for compiling by analyzing the main module. returns the - # json object of the build - analyze = target: builtins.readFile (runBildAnalyze target + "/analysis.json"); - - # this does a bild build for the given target, but entirely in nix. its kinda - # like IFD, but not as costly, i think - run = target: import ./Bild/Builder.nix { analysisJSON = analyze target; }; - - # the main development environment - env = nixpkgs.pkgs.mkShell { - name = "bizdev"; - # this should just be dev tools - buildInputs = with nixpkgs.pkgs; [ - bat - bc - bild - black - ctags - fd - figlet - fzf - git - git-branchless - gitlint - jq - lolcat - nixpkgs.haskell.packages.${constants.ghcCompiler}.fast-tags - ormolu - ripgrep - tree - wemux - ]; - shellHook = '' - export GHC_PACKAGE_PATH=${bild}/lib/ghc-${haskell.ghcPackageSetFull.version}/package.conf.d - ''; - }; - - # build an operating system. 'cfg' is the NixOS config - os = cfg: (nixpkgs.nixos (_args: cfg)).toplevel; - - # build a docker image - image = nixpkgs.pkgs.dockerTools.buildImage; -}; } diff --git a/Biz/Bild/Builder.nix b/Biz/Bild/Builder.nix index 959d176..d2e6875 100644 --- a/Biz/Bild/Builder.nix +++ b/Biz/Bild/Builder.nix @@ -1,148 +1,158 @@ -/* -This is the library of nix builders. Some rules to follow: -- Keep this code as minimal as possible. I'd rather write Haskell than Nix, - wouldn't you? -- Try to reuse as much upstream Nix as possible. +/* This is the library of nix builders. Some rules to follow: + - Keep this code as minimal as possible. I'd rather write Haskell than Nix, + wouldn't you? + - Try to reuse as much upstream Nix as possible. */ -{ analysisJSON, nixpkgs ? import ../Bild.nix {} }: +{ analysisJSON, nixpkgs ? import ../Bild.nix { } }: with nixpkgs; let analysis = builtins.fromJSON analysisJSON; - build = _: target: let - name = target.out; - root = builtins.getEnv "CODEROOT"; - mainModule = target.mainModule; - compileLine = - lib.strings.concatStringsSep " " ([target.compiler] ++ target.compilerFlags); + build = _: target: + let + name = target.out; + root = builtins.getEnv "CODEROOT"; + mainModule = target.mainModule; + compileLine = lib.strings.concatStringsSep " " + ([ target.compiler ] ++ target.compilerFlags); - allSources = target.srcs ++ [target.quapath]; + allSources = target.srcs ++ [ target.quapath ]; - isEmpty = x: x == null || x == []; + isEmpty = x: x == null || x == [ ]; - skip = ["_" ".direnv"]; - filter = file: type: - if lib.lists.elem (builtins.baseNameOf file) skip then false - # TODO: this means any new directory will cause a rebuild. this bad. i - # should recurse into the directory and match against the srcs. for now I - # just use preBuild to delete empty dirs - else if type == "directory" then true - else if type == "regular" then lib.trivial.pipe file - [ (f: lib.strings.removePrefix "${root}/" f) - (f: lib.lists.elem f allSources) - ] - else false; + skip = [ "_" ".direnv" ]; + filter = file: type: + if lib.lists.elem (builtins.baseNameOf file) skip then + false + # TODO: this means any new directory will cause a rebuild. this bad. i + # should recurse into the directory and match against the srcs. for now I + # just use preBuild to delete empty dirs + else if type == "directory" then + true + else if type == "regular" then + lib.trivial.pipe file [ + (f: lib.strings.removePrefix "${root}/" f) + (f: lib.lists.elem f allSources) + ] + else + false; - # remove empty directories, leftover from the src filter - preBuild = "find . -type d -empty -delete"; + # remove empty directories, leftover from the src filter + preBuild = "find . -type d -empty -delete"; - src = lib.sources.cleanSourceWith {inherit filter; src = lib.sources.cleanSource root;}; + src = lib.sources.cleanSourceWith { + inherit filter; + src = lib.sources.cleanSource root; + }; - langdeps_ = - if isEmpty target.langdeps then - [] + langdeps_ = if isEmpty target.langdeps then + [ ] else - lib.attrsets.attrVals - target.langdeps - (lib.attrsets.getAttrFromPath (lib.strings.splitString "." target.packageSet) bild); + lib.attrsets.attrVals target.langdeps (lib.attrsets.getAttrFromPath + (lib.strings.splitString "." target.packageSet) bild); - sysdeps_ = - if isEmpty target.sysdeps then - [] + sysdeps_ = if isEmpty target.sysdeps then + [ ] else lib.attrsets.attrVals target.sysdeps pkgs; - rundeps_ = - if isEmpty target.rundeps then - [] + rundeps_ = if isEmpty target.rundeps then + [ ] else lib.attrsets.attrVals target.rundeps bild.pkgs; - CODEROOT = "."; + CODEROOT = "."; - builders = { - base = stdenv.mkDerivation rec { - inherit name src CODEROOT preBuild; - buildInputs = langdeps_ ++ sysdeps_; - installPhase = "install -D ${name} $out/bin/${name}"; - buildPhase = compileLine; - }; + builders = { + base = stdenv.mkDerivation rec { + inherit name src CODEROOT preBuild; + buildInputs = langdeps_ ++ sysdeps_; + installPhase = "install -D ${name} $out/bin/${name}"; + buildPhase = compileLine; + }; - haskell = stdenv.mkDerivation rec { - inherit name src CODEROOT preBuild; - nativeBuildInputs = [ makeWrapper ]; - buildInputs = sysdeps_ ++ [ - (bild.haskell.ghcWith (p: - (lib.attrsets.attrVals target.langdeps p) - )) - ]; - buildPhase = compileLine; - installPhase = '' - install -D ${name} $out/bin/${name} - wrapProgram $out/bin/${name} \ - --prefix PATH : ${lib.makeBinPath rundeps_} - ''; - }; + haskell = stdenv.mkDerivation rec { + inherit name src CODEROOT preBuild; + nativeBuildInputs = [ makeWrapper ]; + buildInputs = sysdeps_ ++ [ + (bild.haskell.ghcWith + (p: (lib.attrsets.attrVals target.langdeps p))) + ]; + buildPhase = compileLine; + installPhase = '' + install -D ${name} $out/bin/${name} + wrapProgram $out/bin/${name} \ + --prefix PATH : ${lib.makeBinPath rundeps_} + ''; + }; - c = stdenv.mkDerivation rec { - inherit name src CODEROOT preBuild; - buildInputs = langdeps_ ++ sysdeps_; - installPhase = "install -D ${name} $out/bin/${name}"; - buildPhase = lib.strings.concatStringsSep " " [ - compileLine - (if isEmpty langdeps_ then "" else - "$(pkg-config --cflags ${lib.strings.concatStringsSep " " target.langdeps})") - (if isEmpty sysdeps_ then "" else - "$(pkg-config --libs ${lib.strings.concatStringsSep " " target.sysdeps})") - ]; - }; + c = stdenv.mkDerivation rec { + inherit name src CODEROOT preBuild; + buildInputs = langdeps_ ++ sysdeps_; + installPhase = "install -D ${name} $out/bin/${name}"; + buildPhase = lib.strings.concatStringsSep " " [ + compileLine + (if isEmpty langdeps_ then + "" + else + "$(pkg-config --cflags ${ + lib.strings.concatStringsSep " " target.langdeps + })") + (if isEmpty sysdeps_ then + "" + else + "$(pkg-config --libs ${ + lib.strings.concatStringsSep " " target.sysdeps + })") + ]; + }; - python = bild.python.buildPythonApplication rec { - inherit name src CODEROOT; - propagatedBuildInputs = langdeps_ ++ sysdeps_; - buildInputs = sysdeps_; - nativeCheckInputs = [ black mypy ruff ]; - checkPhase = '' - check() { - $@ || { echo "fail: $name: $3"; exit 1; } - } - cp ${../../pyproject.toml} ./pyproject.toml - check python -m black --quiet --exclude 'setup\.py$' --check . - check ${ruff}/bin/ruff check . - touch ./py.typed - check python -m mypy \ - --explicit-package-bases \ - --no-error-summary \ - --exclude 'setup\.py$' \ - . - check python -m ${mainModule} test - ''; - preBuild = '' - # remove empty directories, leftover from the src filter - find . -type d -empty -delete - # initialize remaining dirs as python modules - find . -type d -exec touch {}/__init__.py \; - # generate a minimal setup.py - cat > setup.py << EOF - from setuptools import setup, find_packages - setup( - name='${name}', - entry_points={'console_scripts':['${name} = ${mainModule}:main']}, - version='0.0.0', - url='git://simatime.com/biz.git', - author='dev', - author_email='dev@simatime.com', - description='nil', - packages=find_packages(), - install_requires=[], - ) - EOF - ''; - pythonImportsCheck = [mainModule]; # sanity check + python = bild.python.buildPythonApplication rec { + inherit name src CODEROOT; + propagatedBuildInputs = langdeps_ ++ sysdeps_; + buildInputs = sysdeps_; + nativeCheckInputs = [ black mypy ruff ]; + checkPhase = '' + check() { + $@ || { echo "fail: $name: $3"; exit 1; } + } + cp ${../../pyproject.toml} ./pyproject.toml + check python -m black --quiet --exclude 'setup\.py$' --check . + check ${ruff}/bin/ruff check . + touch ./py.typed + check python -m mypy \ + --explicit-package-bases \ + --no-error-summary \ + --exclude 'setup\.py$' \ + . + check python -m ${mainModule} test + ''; + preBuild = '' + # remove empty directories, leftover from the src filter + find . -type d -empty -delete + # initialize remaining dirs as python modules + find . -type d -exec touch {}/__init__.py \; + # generate a minimal setup.py + cat > setup.py << EOF + from setuptools import setup, find_packages + setup( + name='${name}', + entry_points={'console_scripts':['${name} = ${mainModule}:main']}, + version='0.0.0', + url='git://simatime.com/biz.git', + author='dev', + author_email='dev@simatime.com', + description='nil', + packages=find_packages(), + install_requires=[], + ) + EOF + ''; + pythonImportsCheck = [ mainModule ]; # sanity check + }; }; - }; - in builders.${target.builder}; -# the bild caller gives us the Analysis type, which is a hashmap, but i need to -# return a single drv, so just take the first one for now. ideally i would only -# pass Target, one at a time, (perhaps parallelized in haskell land) and then i -# wouldn't need all of this let nesting + in builders.${target.builder}; + # the bild caller gives us the Analysis type, which is a hashmap, but i need to + # return a single drv, so just take the first one for now. ideally i would only + # pass Target, one at a time, (perhaps parallelized in haskell land) and then i + # wouldn't need all of this let nesting in builtins.head (lib.attrsets.mapAttrsToList build analysis) diff --git a/Biz/Bild/Constants.nix b/Biz/Bild/Constants.nix index 800946d..35fd880 100644 --- a/Biz/Bild/Constants.nix +++ b/Biz/Bild/Constants.nix @@ -1,3 +1 @@ -{ - ghcCompiler = "ghc924"; -} +{ ghcCompiler = "ghc924"; } diff --git a/Biz/Bild/Deps.nix b/Biz/Bild/Deps.nix index dcb7d50..bc4b638 100644 --- a/Biz/Bild/Deps.nix +++ b/Biz/Bild/Deps.nix @@ -2,53 +2,63 @@ _self: super: with import ./Constants.nix; let - buildCabal = sel: name: - sel.callCabal2nix name super.sources.${name} {}; - buildCabalSubdir = sel: {name, src ? super.sources.${name}, subdir ? name}: - sel.callCabal2nix name (src + "/${subdir}") {}; -in rec -{ + buildCabal = sel: name: sel.callCabal2nix name super.sources.${name} { }; + buildCabalSubdir = sel: + { name, src ? super.sources.${name}, subdir ? name }: + sel.callCabal2nix name (src + "/${subdir}") { }; +in rec { haskell = super.haskell // { packages = super.haskell.packages // { - "${ghcCompiler}" = super.haskell.packages."${ghcCompiler}".override (_old: { - overrides = with super.pkgs.haskell.lib; sel: sup: - super.overridePinnedDeps (buildCabal sel) // { - acid-state = dontCheck sup.acid-state; # mac: "too many open files" - clay = doJailbreak sup.clay; - envy = doJailbreak sup.envy; - fast-tags = sup.fast-tags.overrideAttrs (old: old // { patches = []; }); - generic-data = dontCheck sup.generic-data; # https://github.com/Lysxia/generic-data/issues/56 - readable = doJailbreak sup.readable; # why is this even being built? - servant-auth = doJailbreak (buildCabalSubdir sel {name = "servant-auth"; subdir = "servant-auth/servant-auth";}); - servant-server = doJailbreak sup.servant-server; - stripe-core = doJailbreak sup.stripe-core; - stripe-haskell = dontCheck sup.stripe-haskell; - stripe-http-client = doJailbreak (dontCheck sup.stripe-http-client); - temporary = dontCheck sup.temporary; - wai-middleware-metrics = dontCheck sup.wai-middleware-metrics; - }; - }); + "${ghcCompiler}" = super.haskell.packages."${ghcCompiler}".override + (_old: { + overrides = with super.pkgs.haskell.lib; + sel: sup: + super.overridePinnedDeps (buildCabal sel) // { + acid-state = + dontCheck sup.acid-state; # mac: "too many open files" + clay = doJailbreak sup.clay; + envy = doJailbreak sup.envy; + fast-tags = + sup.fast-tags.overrideAttrs (old: old // { patches = [ ]; }); + generic-data = dontCheck + sup.generic-data; # https://github.com/Lysxia/generic-data/issues/56 + readable = + doJailbreak sup.readable; # why is this even being built? + servant-auth = doJailbreak (buildCabalSubdir sel { + name = "servant-auth"; + subdir = "servant-auth/servant-auth"; + }); + servant-server = doJailbreak sup.servant-server; + stripe-core = doJailbreak sup.stripe-core; + stripe-haskell = dontCheck sup.stripe-haskell; + stripe-http-client = + doJailbreak (dontCheck sup.stripe-http-client); + temporary = dontCheck sup.temporary; + wai-middleware-metrics = dontCheck sup.wai-middleware-metrics; + }; + }); }; }; python3 = super.python3.override { - packageOverrides = _: pysuper: with pysuper.pkgs.python3Packages; { - exllama = callPackage ./Deps/exllama.nix { - cudaPackages = super.pkgs.cudaPackages_11_7; + packageOverrides = _: pysuper: + with pysuper.pkgs.python3Packages; { + exllama = callPackage ./Deps/exllama.nix { + cudaPackages = super.pkgs.cudaPackages_11_7; + }; + interegular = callPackage ./Deps/interegular.nix { }; + outlines = callPackage ./Deps/outlines.nix { }; + perscache = callPackage ./Deps/perscache.nix { }; }; - interegular = callPackage ./Deps/interegular.nix {}; - outlines = callPackage ./Deps/outlines.nix {}; - perscache = callPackage ./Deps/perscache.nix {}; - }; }; python3Packages = python3.pkgs; - autogen = super.callPackage ./Deps/autogen.nix {}; + autogen = super.callPackage ./Deps/autogen.nix { }; guile = super.guile_3_0; - guile-opengl = super.callPackage ./Deps/guile-opengl.nix {}; + guile-opengl = super.callPackage ./Deps/guile-opengl.nix { }; # The libfive build is broken... #inspekt3d = super.callPackage ./Deps/inspekt3d.nix {}; guix = super.pkgs.stdenv.mkDerivation rec { @@ -58,13 +68,13 @@ in rec src = super.sources.guix; buildInputs = with super.pkgs; [ guile - # guile-gcrypt - # guile-sql - # guile-zlib - # guile-lzlib - # guile-avahi - # guile-git - # guile-json + # guile-gcrypt + # guile-sql + # guile-zlib + # guile-lzlib + # guile-avahi + # guile-git + # guile-json gnutls gnumake sqlite @@ -73,7 +83,7 @@ in rec ]; }; - llama-cpp = super.callPackage ./Deps/llama-cpp.nix {}; + llama-cpp = super.callPackage ./Deps/llama-cpp.nix { }; - nostr-rs-relay = super.callPackage ./Deps/nostr-rs-relay.nix {}; + nostr-rs-relay = super.callPackage ./Deps/nostr-rs-relay.nix { }; } diff --git a/Biz/Bild/Deps/C.nix b/Biz/Bild/Deps/C.nix index 45cae1b..3f670cd 100644 --- a/Biz/Bild/Deps/C.nix +++ b/Biz/Bild/Deps/C.nix @@ -1,3 +1 @@ -[ - "libsodium" -] +[ "libsodium" ] diff --git a/Biz/Bild/Deps/accelerate.nix b/Biz/Bild/Deps/accelerate.nix index 5d00f14..be1d2fd 100644 --- a/Biz/Bild/Deps/accelerate.nix +++ b/Biz/Bild/Deps/accelerate.nix @@ -1,18 +1,10 @@ -{ fetchFromGitHub -, buildPythonPackage -, numpy -, packaging -, psutil -, pyyaml -, torch +{ fetchFromGitHub, buildPythonPackage, numpy, packaging, psutil, pyyaml, torch }: buildPythonPackage rec { name = "accelerate"; version = "0.15.0"; - propagatedBuildInputs = [ - numpy packaging psutil pyyaml torch - ]; + propagatedBuildInputs = [ numpy packaging psutil pyyaml torch ]; doCheck = false; src = fetchFromGitHub { owner = "huggingface"; diff --git a/Biz/Bild/Deps/autogen.nix b/Biz/Bild/Deps/autogen.nix index b7b034d..fc95b14 100644 --- a/Biz/Bild/Deps/autogen.nix +++ b/Biz/Bild/Deps/autogen.nix @@ -1,5 +1,6 @@ # From: https://github.com/NixOS/nixpkgs/pull/139361 -{ lib, stdenv, buildPackages, fetchurl, fetchpatch, autoreconfHook, which, pkg-config, perl, guile, libxml2 }: +{ lib, stdenv, buildPackages, fetchurl, fetchpatch, autoreconfHook, which +, pkg-config, perl, guile, libxml2 }: stdenv.mkDerivation rec { pname = "autogen"; @@ -11,11 +12,12 @@ stdenv.mkDerivation rec { }; patches = let - dp = { ver ? "1%255.18.16-4", pname, name ? (pname + ".diff"), sha256 }: fetchurl { - url = "https://salsa.debian.org/debian/autogen/-/raw/debian/${ver}" + dp = { ver ? "1%255.18.16-4", pname, name ? (pname + ".diff"), sha256 }: + fetchurl { + url = "https://salsa.debian.org/debian/autogen/-/raw/debian/${ver}" + "/debian/patches/${pname}.diff?inline=false"; - inherit name sha256; - }; + inherit name sha256; + }; in [ (dp { pname = "20_no_Werror"; @@ -33,7 +35,8 @@ stdenv.mkDerivation rec { # patch meanwhile. (fetchpatch { name = "guile-3.patch"; - url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-devel/autogen/files/autogen-5.18.16-guile-3.patch?id=43bcc61c56a5a7de0eaf806efec7d8c0e4c01ae7"; + url = + "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-devel/autogen/files/autogen-5.18.16-guile-3.patch?id=43bcc61c56a5a7de0eaf806efec7d8c0e4c01ae7"; sha256 = "18d7y1f6164dm1wlh7rzbacfygiwrmbc35a7qqsbdawpkhydm5lr"; }) ]; @@ -41,37 +44,37 @@ stdenv.mkDerivation rec { outputs = [ "bin" "dev" "lib" "out" "man" "info" ]; nativeBuildInputs = [ - which pkg-config perl autoreconfHook/*patches applied*/ + which + pkg-config + perl + autoreconfHook # patches applied ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ # autogen needs a build autogen when cross-compiling - buildPackages.buildPackages.autogen buildPackages.texinfo - ]; - buildInputs = [ - guile libxml2 + buildPackages.buildPackages.autogen + buildPackages.texinfo ]; + buildInputs = [ guile libxml2 ]; preConfigure = '' export MAN_PAGE_DATE=$(date '+%Y-%m-%d' -d "@$SOURCE_DATE_EPOCH") ''; - configureFlags = - [ - # Make sure to use a static value for the timeout. If we do not set a value - # here autogen will select one based on the execution time of the configure - # phase which is not really reproducible. - # - # If you are curious about the number 78, it has been cargo-culted from - # Debian: https://salsa.debian.org/debian/autogen/-/blob/master/debian/rules#L21 - "--enable-timeout=78" - ] - ++ (lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ - "--with-libxml2=${libxml2.dev}" - "--with-libxml2-cflags=-I${libxml2.dev}/include/libxml2" - # the configure check for regcomp wants to run a host program - "libopts_cv_with_libregex=yes" - #"MAKEINFO=${buildPackages.texinfo}/bin/makeinfo" - ]) - # See: https://sourceforge.net/p/autogen/bugs/187/ + configureFlags = [ + # Make sure to use a static value for the timeout. If we do not set a value + # here autogen will select one based on the execution time of the configure + # phase which is not really reproducible. + # + # If you are curious about the number 78, it has been cargo-culted from + # Debian: https://salsa.debian.org/debian/autogen/-/blob/master/debian/rules#L21 + "--enable-timeout=78" + ] ++ (lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ + "--with-libxml2=${libxml2.dev}" + "--with-libxml2-cflags=-I${libxml2.dev}/include/libxml2" + # the configure check for regcomp wants to run a host program + "libopts_cv_with_libregex=yes" + #"MAKEINFO=${buildPackages.texinfo}/bin/makeinfo" + ]) + # See: https://sourceforge.net/p/autogen/bugs/187/ ++ lib.optionals stdenv.isDarwin [ "ac_cv_func_utimensat=no" ]; #doCheck = true; # not reliable diff --git a/Biz/Bild/Deps/bitsandbytes.nix b/Biz/Bild/Deps/bitsandbytes.nix index b87c0c4..eb32aac 100644 --- a/Biz/Bild/Deps/bitsandbytes.nix +++ b/Biz/Bild/Deps/bitsandbytes.nix @@ -1,16 +1,5 @@ -{ lib -, buildPythonPackage -, fetchFromGitHub -, python -, pythonOlder -, pytestCheckHook -, setuptools -, torch -, einops -, lion-pytorch -, scipy -, symlinkJoin -}: +{ lib, buildPythonPackage, fetchFromGitHub, python, pythonOlder, pytestCheckHook +, setuptools, torch, einops, lion-pytorch, scipy, symlinkJoin }: let pname = "bitsandbytes"; @@ -31,10 +20,11 @@ let cuda-native-redist = symlinkJoin { name = "cuda-native-redist-${cudaVersion}"; - paths = with cudaPackages; [ - cuda_cudart # cuda_runtime.h cuda_runtime_api.h - cuda_nvcc - ] ++ cuda-common-redist; + paths = with cudaPackages; + [ + cuda_cudart # cuda_runtime.h cuda_runtime_api.h + cuda_nvcc + ] ++ cuda-common-redist; }; cuda-redist = symlinkJoin { @@ -42,8 +32,7 @@ let paths = cuda-common-redist; }; -in -buildPythonPackage { +in buildPythonPackage { inherit pname version; format = "pyproject"; @@ -70,24 +59,23 @@ buildPythonPackage { preBuild = if torch.cudaSupport then with torch.cudaPackages; - let cudaVersion = lib.concatStrings (lib.splitVersion torch.cudaPackages.cudaMajorMinorVersion); in - ''make CUDA_VERSION=${cudaVersion} cuda${cudaMajorVersion}x'' + let + cudaVersion = lib.concatStrings + (lib.splitVersion torch.cudaPackages.cudaMajorMinorVersion); + in "make CUDA_VERSION=${cudaVersion} cuda${cudaMajorVersion}x" else - ''make CUDA_VERSION=CPU cpuonly''; + "make CUDA_VERSION=CPU cpuonly"; - nativeBuildInputs = [ setuptools ] ++ lib.optionals torch.cudaSupport [ cuda-native-redist ]; + nativeBuildInputs = [ setuptools ] + ++ lib.optionals torch.cudaSupport [ cuda-native-redist ]; buildInputs = lib.optionals torch.cudaSupport [ cuda-redist ]; - propagatedBuildInputs = [ - torch - ]; + propagatedBuildInputs = [ torch ]; - doCheck = false; # tests require CUDA and also GPU access + doCheck = false; # tests require CUDA and also GPU access nativeCheckInputs = [ pytestCheckHook einops lion-pytorch scipy ]; - pythonImportsCheck = [ - "bitsandbytes" - ]; + pythonImportsCheck = [ "bitsandbytes" ]; meta = with lib; { homepage = "https://github.com/TimDettmers/bitsandbytes"; diff --git a/Biz/Bild/Deps/exllama.nix b/Biz/Bild/Deps/exllama.nix index 1f7e529..51a05e9 100644 --- a/Biz/Bild/Deps/exllama.nix +++ b/Biz/Bild/Deps/exllama.nix @@ -1,14 +1,6 @@ -{ lib -, sources -, buildPythonPackage -, pythonOlder +{ lib, sources, buildPythonPackage, pythonOlder , torch # tested on 2.0.1 and 2.1.0 (nightly) with cu118 -, safetensors -, sentencepiece -, ninja -, cudaPackages -, addOpenGLRunpath -, which +, safetensors, sentencepiece, ninja, cudaPackages, addOpenGLRunpath, which , gcc11 # cuda 11.7 requires g++ <12 }: @@ -36,12 +28,10 @@ buildPythonPackage rec { cudaPackages.cuda_cudart ]; - propagatedBuildInputs = [ - torch safetensors sentencepiece ninja - cudaPackages.cudatoolkit - ]; + propagatedBuildInputs = + [ torch safetensors sentencepiece ninja cudaPackages.cudatoolkit ]; - doCheck = false; # no tests currently + doCheck = false; # no tests currently pythonImportsCheck = [ "exllama" "exllama.cuda_ext" diff --git a/Biz/Bild/Deps/guile-opengl.nix b/Biz/Bild/Deps/guile-opengl.nix index 34019d5..d547042 100644 --- a/Biz/Bild/Deps/guile-opengl.nix +++ b/Biz/Bild/Deps/guile-opengl.nix @@ -1,12 +1,4 @@ -{ stdenv -, lib -, fetchurl -, pkgconfig -, guile -, libGL -, libGLU -, freeglut -}: +{ stdenv, lib, fetchurl, pkgconfig, guile, libGL, libGLU, freeglut }: let name = "guile-opengl-${version}"; diff --git a/Biz/Bild/Deps/inspekt3d.nix b/Biz/Bild/Deps/inspekt3d.nix index 78393ee..d1cf60e 100644 --- a/Biz/Bild/Deps/inspekt3d.nix +++ b/Biz/Bild/Deps/inspekt3d.nix @@ -1,15 +1,5 @@ -{ stdenv -, lib -, autoreconfHook -, pkgconfig -, guile -, guile-opengl -, mesa -, glibcLocales -, libfive -, sources -}: - +{ stdenv, lib, autoreconfHook, pkgconfig, guile, guile-opengl, mesa +, glibcLocales, libfive, sources }: stdenv.mkDerivation { name = "inspekt3d-unstable"; diff --git a/Biz/Bild/Deps/interegular.nix b/Biz/Bild/Deps/interegular.nix index 8b0bc86..24065d8 100644 --- a/Biz/Bild/Deps/interegular.nix +++ b/Biz/Bild/Deps/interegular.nix @@ -1,7 +1,4 @@ -{ lib -, sources -, buildPythonPackage -}: +{ lib, sources, buildPythonPackage }: buildPythonPackage rec { pname = "interegular"; @@ -12,10 +9,8 @@ buildPythonPackage rec { propagatedBuildInputs = [ ]; - doCheck = false; # no tests currently - pythonImportsCheck = [ - "interegular" - ]; + doCheck = false; # no tests currently + pythonImportsCheck = [ "interegular" ]; meta = with lib; { description = "Allows to check regexes for overlaps."; diff --git a/Biz/Bild/Deps/lion-pytorch.nix b/Biz/Bild/Deps/lion-pytorch.nix index e23011a..7b06e78 100644 --- a/Biz/Bild/Deps/lion-pytorch.nix +++ b/Biz/Bild/Deps/lion-pytorch.nix @@ -1,9 +1,4 @@ -{ lib -, buildPythonPackage -, pythonOlder -, fetchFromGitHub -, torch -}: +{ lib, buildPythonPackage, pythonOlder, fetchFromGitHub, torch }: buildPythonPackage rec { pname = "lion-pytorch"; @@ -21,7 +16,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ torch ]; pythonImportsCheck = [ "lion_pytorch" ]; - doCheck = false; # no tests currently + doCheck = false; # no tests currently meta = with lib; { description = "Optimizer tuned by Google Brain using genetic algorithms"; diff --git a/Biz/Bild/Deps/llama-cpp.nix b/Biz/Bild/Deps/llama-cpp.nix index b247252..2e2aae7 100644 --- a/Biz/Bild/Deps/llama-cpp.nix +++ b/Biz/Bild/Deps/llama-cpp.nix @@ -1,13 +1,5 @@ -{ stdenv -, sources -, python3 -, cmake -, pkgconfig -, openmpi -, cudaPackages -}: -let - llama-python = python3.withPackages (ps: with ps; [ numpy sentencepiece ]); +{ stdenv, sources, python3, cmake, pkgconfig, openmpi, cudaPackages }: +let llama-python = python3.withPackages (ps: with ps; [ numpy sentencepiece ]); in stdenv.mkDerivation { name = "llama.cpp"; version = sources.llama-cpp.rev; diff --git a/Biz/Bild/Deps/nostr-rs-relay.nix b/Biz/Bild/Deps/nostr-rs-relay.nix index bb0a1cd..0eef13f 100644 --- a/Biz/Bild/Deps/nostr-rs-relay.nix +++ b/Biz/Bild/Deps/nostr-rs-relay.nix @@ -13,10 +13,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-3593pjc4A4NsEnE/ZYsR1vSMCvw2ZJue4EIY6cFa2WA="; - nativeBuildInputs = [ - pkg-config - openssl.dev - ]; + nativeBuildInputs = [ pkg-config openssl.dev ]; buildInputs = [ openssl.dev ]; } diff --git a/Biz/Bild/Deps/outlines.nix b/Biz/Bild/Deps/outlines.nix index 013581b..29ef41b 100644 --- a/Biz/Bild/Deps/outlines.nix +++ b/Biz/Bild/Deps/outlines.nix @@ -1,18 +1,5 @@ -{ lib -, sources -, buildPythonPackage -, interegular -, jinja2 -, lark -, numpy -, perscache -, pillow -, pydantic -, regex -, scipy -, tenacity -, torch -}: +{ lib, sources, buildPythonPackage, interegular, jinja2, lark, numpy, perscache +, pillow, pydantic, regex, scipy, tenacity, torch }: buildPythonPackage rec { pname = "outlines"; @@ -35,10 +22,8 @@ buildPythonPackage rec { torch ]; - doCheck = false; # no tests currently - pythonImportsCheck = [ - "outlines" - ]; + doCheck = false; # no tests currently + pythonImportsCheck = [ "outlines" ]; meta = with lib; { description = "Probabilistic Generative Model Programming"; diff --git a/Biz/Bild/Deps/perscache.nix b/Biz/Bild/Deps/perscache.nix index d757e1a..508a261 100644 --- a/Biz/Bild/Deps/perscache.nix +++ b/Biz/Bild/Deps/perscache.nix @@ -1,11 +1,4 @@ -{ lib -, sources -, buildPythonPackage -, beartype -, cloudpickle -, icontract -, pbr -}: +{ lib, sources, buildPythonPackage, beartype, cloudpickle, icontract, pbr }: buildPythonPackage rec { pname = "perscache"; @@ -13,18 +6,11 @@ buildPythonPackage rec { src = sources.perscache; - propagatedBuildInputs = [ - beartype - cloudpickle - icontract - pbr - ]; + propagatedBuildInputs = [ beartype cloudpickle icontract pbr ]; PBR_VERSION = version; - doCheck = false; # no tests currently - pythonImportsCheck = [ - "perscache" - ]; + doCheck = false; # no tests currently + pythonImportsCheck = [ "perscache" ]; meta = with lib; { description = '' diff --git a/Biz/Bild/Nixpkgs.nix b/Biz/Bild/Nixpkgs.nix index dff44a0..ecf50b9 100644 --- a/Biz/Bild/Nixpkgs.nix +++ b/Biz/Bild/Nixpkgs.nix @@ -13,9 +13,9 @@ in import sources.nixpkgs-stable { inherit system config; overlays = [ (_: _: { inherit sources; }) - (_: _: { unstable = import sources.nixpkgs-unstable { - inherit system config; - };}) + (_: _: { + unstable = import sources.nixpkgs-unstable { inherit system config; }; + }) (_: pkgs: { # Given a generic `builder`, will generate an attrset for all the packages # pinned by `deps` with `builder` applied to the package. This attrset can @@ -29,16 +29,18 @@ in import sources.nixpkgs-stable { # rules. This will fail if build steps have changed, or if no build # rules are available upstream. overrideSource = depName: - pkgs.${depName}.overrideAttrs (old: old // rec { - version = pkgs.sources.${depName}.version or pkgs.sources.${depName}.rev; - src = pkgs.sources.${depName}; - }); + pkgs.${depName}.overrideAttrs (old: + old // rec { + version = + pkgs.sources.${depName}.version or pkgs.sources.${depName}.rev; + src = pkgs.sources.${depName}; + }); }) (_: pkgs: # override pinned deps with our sources pkgs.overridePinnedDeps pkgs.overrideSource) (import ./Deps.nix) - (_: pkgs: { niv = import pkgs.sources.niv {}; }) + (_: pkgs: { niv = import pkgs.sources.niv { }; }) ]; } diff --git a/Biz/Bild/Sources.nix b/Biz/Bild/Sources.nix index 927683a..f7af81e 100644 --- a/Biz/Bild/Sources.nix +++ b/Biz/Bild/Sources.nix @@ -7,42 +7,59 @@ let # fetch_file = pkgs: name: spec: - let - name' = sanitizeName name + "-src"; - in - if spec.builtin or true then - builtins_fetchurl { inherit (spec) url sha256; name = name'; } - else - pkgs.fetchurl { inherit (spec) url sha256; name = name'; }; + let name' = sanitizeName name + "-src"; + in if spec.builtin or true then + builtins_fetchurl { + inherit (spec) url sha256; + name = name'; + } + else + pkgs.fetchurl { + inherit (spec) url sha256; + name = name'; + }; fetch_tarball = pkgs: name: spec: - let - name' = sanitizeName name + "-src"; - in - if spec.builtin or true then - builtins_fetchTarball { name = name'; inherit (spec) url sha256; } - else - pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; + let name' = sanitizeName name + "-src"; + in if spec.builtin or true then + builtins_fetchTarball { + name = name'; + inherit (spec) url sha256; + } + else + pkgs.fetchzip { + name = name'; + inherit (spec) url sha256; + }; fetch_git = name: spec: let - ref = - if spec ? ref then spec.ref else - if spec ? branch then "refs/heads/${spec.branch}" else - if spec ? tag then "refs/tags/${spec.tag}" else - abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; - in - builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; }; + ref = if spec ? ref then + spec.ref + else if spec ? branch then + "refs/heads/${spec.branch}" + else if spec ? tag then + "refs/tags/${spec.tag}" + else + abort + "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; + in builtins.fetchGit { + url = spec.repo; + inherit (spec) rev; + inherit ref; + }; fetch_local = spec: spec.path; - fetch_builtin-tarball = name: throw - ''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=tarball -a builtin=true''; + fetch_builtin-tarball = name: + throw '' + [${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`. + $ niv modify ${name} -a type=tarball -a builtin=true''; - fetch_builtin-url = name: throw - ''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=file -a builtin=true''; + fetch_builtin-url = name: + throw '' + [${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`. + $ niv modify ${name} -a type=file -a builtin=true''; # # Various helpers @@ -50,72 +67,87 @@ let # https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695 sanitizeName = name: - ( - concatMapStrings (s: if builtins.isList s then "-" else s) - ( - builtins.split "[^[:alnum:]+._?=-]+" - ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name) - ) - ); + (concatMapStrings (s: if builtins.isList s then "-" else s) + (builtins.split "[^[:alnum:]+._?=-]+" + ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name))); # The set of packages used when specs are fetched using non-builtins. mkPkgs = sources: system: let - sourcesNixpkgs = - import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; }; + sourcesNixpkgs = import + (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { + inherit system; + }; hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; hasThisAsNixpkgsPath = == ./.; - in - if builtins.hasAttr "nixpkgs" sources - then sourcesNixpkgs - else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then - import {} - else - abort - '' - Please specify either (through -I or NIX_PATH=nixpkgs=...) or - add a package called "nixpkgs" to your sources.json. - ''; + in if builtins.hasAttr "nixpkgs" sources then + sourcesNixpkgs + else if hasNixpkgsPath && !hasThisAsNixpkgsPath then + import { } + else + abort '' + Please specify either (through -I or NIX_PATH=nixpkgs=...) or + add a package called "nixpkgs" to your sources.json. + ''; # The actual fetching function. fetch = pkgs: name: spec: - if ! builtins.hasAttr "type" spec then + if !builtins.hasAttr "type" spec then abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then fetch_file pkgs name spec - else if spec.type == "tarball" then fetch_tarball pkgs name spec - else if spec.type == "git" then fetch_git name spec - else if spec.type == "local" then fetch_local spec - else if spec.type == "builtin-tarball" then fetch_builtin-tarball name - else if spec.type == "builtin-url" then fetch_builtin-url name + else if spec.type == "file" then + fetch_file pkgs name spec + else if spec.type == "tarball" then + fetch_tarball pkgs name spec + else if spec.type == "git" then + fetch_git name spec + else if spec.type == "local" then + fetch_local spec + else if spec.type == "builtin-tarball" then + fetch_builtin-tarball name + else if spec.type == "builtin-url" then + fetch_builtin-url name else - abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; + abort + "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; # If the environment variable NIV_OVERRIDE_${name} is set, then use # the path directly as opposed to the fetched source. replace = name: drv: let - saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; + saneName = stringAsChars + (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; - in - if ersatz == "" then drv else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}"; + in if ersatz == "" then + drv + else + # this turns the string into an actual Nix path (for both absolute and + # relative paths) + if builtins.substring 0 1 ersatz == "/" then + /. + ersatz + else + /. + builtins.getEnv "PWD" + "/${ersatz}"; # Ports of functions for older nix versions # a Nix version of mapAttrs if the built-in doesn't exist - mapAttrs = builtins.mapAttrs or ( - f: set: with builtins; - listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)) - ); + mapAttrs = builtins.mapAttrs or (f: set: + with builtins; + listToAttrs (map (attr: { + name = attr; + value = f attr set.${attr}; + }) (attrNames set))); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1); + range = first: last: + if first > last then + [ ] + else + builtins.genList (n: first + n) (last - first + 1); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 - stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); + stringToCharacters = s: + map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); @@ -123,48 +155,46 @@ let concatStrings = builtins.concatStringsSep ""; # https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331 - optionalAttrs = cond: as: if cond then as else {}; + optionalAttrs = cond: as: if cond then as else { }; # fetchTarball version that is compatible between all the versions of Nix # deadnix: skip builtins_fetchTarball = { url, name ? null, sha256 }@attrs: - let - inherit (builtins) lessThan nixVersion fetchTarball; - in - if lessThan nixVersion "1.12" then - fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchTarball attrs; + let inherit (builtins) lessThan nixVersion fetchTarball; + in if lessThan nixVersion "1.12" then + fetchTarball + ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) + else + fetchTarball attrs; # fetchurl version that is compatible between all the versions of Nix # deadnix: skip builtins_fetchurl = { url, name ? null, sha256 }@attrs: - let - inherit (builtins) lessThan nixVersion fetchurl; - in - if lessThan nixVersion "1.12" then - fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchurl attrs; + let inherit (builtins) lessThan nixVersion fetchurl; + in if lessThan nixVersion "1.12" then + fetchurl + ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) + else + fetchurl attrs; # Create the final "sources" from the config mkSources = config: - mapAttrs ( - name: spec: - if builtins.hasAttr "outPath" spec - then abort - "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); } - ) config.sources; + mapAttrs (name: spec: + if builtins.hasAttr "outPath" spec then + abort + "The values in sources.json should not have an 'outPath' attribute" + else + spec // { outPath = replace name (fetch config.pkgs name spec); }) + config.sources; # The "config" used by the fetchers - mkConfig = - { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile) - , system ? builtins.currentSystem - , pkgs ? mkPkgs sources system - }: rec { + mkConfig = { sourcesFile ? + if builtins.pathExists ./sources.json then ./sources.json else null + , sources ? if isNull sourcesFile then + { } + else + builtins.fromJSON (builtins.readFile sourcesFile) + , system ? builtins.currentSystem, pkgs ? mkPkgs sources system }: rec { # The sources, i.e. the attribute set of spec name to spec inherit sources; @@ -172,5 +202,6 @@ let inherit pkgs; }; -in -mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); } +in mkSources (mkConfig { }) // { + __functor = _: settings: mkSources (mkConfig settings); +} diff --git a/Biz/Bot.nix b/Biz/Bot.nix index afd5eb4..3b7710b 100644 --- a/Biz/Bot.nix +++ b/Biz/Bot.nix @@ -1,14 +1,7 @@ -{ options -, lib -, config -, pkgs -, ... -}: +{ options, lib, config, pkgs, ... }: -let - cfg = config.services.bizbot; -in -{ +let cfg = config.services.bizbot; +in { options.services.bizbot = { enable = lib.mkEnableOption "Enable the bizbot service"; package = lib.mkOption { diff --git a/Biz/Cloud.nix b/Biz/Cloud.nix index 1ae94ac..b379943 100644 --- a/Biz/Cloud.nix +++ b/Biz/Cloud.nix @@ -1,4 +1,4 @@ -{ nixpkgs ? import ./Bild.nix {} }: +{ nixpkgs ? import ./Bild.nix { } }: with nixpkgs; # Cloud infrastructure, always online. Mostly for messaging-related stuff. diff --git a/Biz/Cloud/Cgit.nix b/Biz/Cloud/Cgit.nix index 0b3a71b..23fa00f 100644 --- a/Biz/Cloud/Cgit.nix +++ b/Biz/Cloud/Cgit.nix @@ -4,20 +4,21 @@ with lib; let globalConfig = config; settingsFormat = { - type = with lib.types; let - value = oneOf [ int str ] // { - description = "INI-like atom (int or string)"; - }; - values = coercedTo value lib.singleton (listOf value) // { - description = value.description + " or a list of them for duplicate keys"; - }; - in - attrsOf (values); + type = with lib.types; + let + value = oneOf [ int str ] // { + description = "INI-like atom (int or string)"; + }; + values = coercedTo value lib.singleton (listOf value) // { + description = value.description + + " or a list of them for duplicate keys"; + }; + in attrsOf (values); generate = name: values: - pkgs.writeText name (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values); + pkgs.writeText name + (lib.generators.toKeyValue { listsAsDuplicateKeys = true; } values); }; -in -{ +in { options.services.nginx.virtualHosts = mkOption { type = types.attrsOf (types.submodule ({ config, ... }: let @@ -48,8 +49,7 @@ in # Remove the global options for serialization into cgitrc settings = removeAttrs cfg (attrNames options); - in - { + in { options.cgit = mkOption { type = types.submodule { freeformType = settingsFormat.type; @@ -86,60 +86,49 @@ in ''; }; - config = let - location = removeSuffix "/" cfg.location; + config = let location = removeSuffix "/" cfg.location; in mkIf cfg.enable { locations."${location}/" = { root = "${pkgs.cgit}/cgit/"; tryFiles = "$uri @cgit"; }; - locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = { - alias = "${pkgs.cgit}/cgit/$1"; - }; + locations."~ ^${location}/(cgit.(css|png)|favicon.ico|robots.txt)$" = + { + alias = "${pkgs.cgit}/cgit/$1"; + }; locations."@cgit" = { extraConfig = '' include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_param CGIT_CONFIG ${settingsFormat.generate "cgitrc" settings}; + fastcgi_param CGIT_CONFIG ${ + settingsFormat.generate "cgitrc" settings + }; fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi; fastcgi_param QUERY_STRING $args; fastcgi_param HTTP_HOST $server_name; fastcgi_pass unix:${globalConfig.services.fcgiwrap.socketAddress}; - '' + ( - if cfg.location == "/" - then - '' - fastcgi_param PATH_INFO $uri; - '' - else - '' - fastcgi_split_path_info ^(${location}/)(/?.+)$; - fastcgi_param PATH_INFO $fastcgi_path_info; - '' - ) + ( - if !cfg.allowCrawlers - then - '' - add_header X-Robots-Tag "noindex, follow" always; - '' - else "" - ); + '' + (if cfg.location == "/" then '' + fastcgi_param PATH_INFO $uri; + '' else '' + fastcgi_split_path_info ^(${location}/)(/?.+)$; + fastcgi_param PATH_INFO $fastcgi_path_info; + '') + (if !cfg.allowCrawlers then '' + add_header X-Robots-Tag "noindex, follow" always; + '' else + ""); }; }; })); }; - config = - let - vhosts = config.services.nginx.virtualHosts; - in - mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) { - # make the cgitrc manpage available - environment.systemPackages = [ pkgs.cgit ]; + config = let vhosts = config.services.nginx.virtualHosts; + in mkIf (any (name: vhosts.${name}.cgit.enable) (attrNames vhosts)) { + # make the cgitrc manpage available + environment.systemPackages = [ pkgs.cgit ]; - services.fcgiwrap.enable = true; - }; + services.fcgiwrap.enable = true; + }; meta = { maintainers = with lib.maintainers; [ bsima ]; # afix-space hmenke ]; diff --git a/Biz/Cloud/Chat.nix b/Biz/Cloud/Chat.nix index be856d8..7f86621 100644 --- a/Biz/Cloud/Chat.nix +++ b/Biz/Cloud/Chat.nix @@ -24,21 +24,17 @@ in { enable = false; settings.server_name = config.networking.domain; #registration_shared_secret = "AkGRWSQLga3RoKRFnHhKoeCEIeZzu31y4TRzMRkMyRbBnETkVTSxilf24qySLzQn"; - settings.listeners = [ - { - port = matrix_port; - bind_address = "::1"; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = false; - } - ]; - } - ]; + settings.listeners = [{ + port = matrix_port; + bind_address = "::1"; + type = "http"; + tls = false; + x_forwarded = true; + resources = [{ + names = [ "client" "federation" ]; + compress = false; + }]; + }]; }; # matrix needs a database # @@ -55,23 +51,21 @@ in { # route to matrix-synapse "${config.networking.domain}" = { locations."= /.well-known/matrix/server".extraConfig = - let - server = { "m.server" = "${fqdn}:443"; }; + let server = { "m.server" = "${fqdn}:443"; }; in '' add_header Content-Type application/json; return 200 '${builtins.toJSON server}'; ''; - locations."= /.well-known/matrix/client".extraConfig = - let - client = { - "m.homeserver" = { "base_url" = "https://${fqdn}"; } ; - "m.identity_server" = { "base_url" = "https://vector.im"; }; - }; - in '' - add_header Content-Type application/json; - add_header Access-Control-Allow-Origin *; - return 200 '${builtins.toJSON client}'; - ''; + locations."= /.well-known/matrix/client".extraConfig = let + client = { + "m.homeserver" = { "base_url" = "https://${fqdn}"; }; + "m.identity_server" = { "base_url" = "https://vector.im"; }; + }; + in '' + add_header Content-Type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON client}'; + ''; }; # reverse proxy for matrix client-server and server-server communication "${fqdn}" = { diff --git a/Biz/Cloud/Comms.nix b/Biz/Cloud/Comms.nix index 700296d..bf7a763 100644 --- a/Biz/Cloud/Comms.nix +++ b/Biz/Cloud/Comms.nix @@ -1,8 +1,5 @@ { ... }: { - imports = [ - ./Comms/Xmpp.nix - ./Comms/Mumble.nix - ]; + imports = [ ./Comms/Xmpp.nix ./Comms/Mumble.nix ]; } diff --git a/Biz/Cloud/Comms/Mumble.nix b/Biz/Cloud/Comms/Mumble.nix index d728a07..66d21a5 100644 --- a/Biz/Cloud/Comms/Mumble.nix +++ b/Biz/Cloud/Comms/Mumble.nix @@ -1,8 +1,7 @@ { config, ... }: # mumble and related services -let - ports = import ../Ports.nix; +let ports = import ../Ports.nix; in { services.murmur = { enable = true; @@ -20,9 +19,7 @@ in { listening_addr = "127.0.0.1"; listening_port = ports.botamusique; }; - radio = { - lofi = "https://live.hunter.fm/lofi_high"; - }; + radio = { lofi = "https://live.hunter.fm/lofi_high"; }; }; }; } diff --git a/Biz/Cloud/Comms/Xmpp.nix b/Biz/Cloud/Comms/Xmpp.nix index af52f3f..ad8649b 100644 --- a/Biz/Cloud/Comms/Xmpp.nix +++ b/Biz/Cloud/Comms/Xmpp.nix @@ -11,22 +11,19 @@ let in { networking.firewall.allowedTCPPorts = [ # https://prosody.im/doc/ports - 5000 # file transfer - 5222 # client connections - 5269 # server-to-server - 5280 # http - 5281 # https - 5347 # external components - 5582 # telnet console + 5000 # file transfer + 5222 # client connections + 5269 # server-to-server + 5280 # http + 5281 # https + 5347 # external components + 5582 # telnet console ]; services.prosody = { enable = true; - package = pkgs.prosody.override { - withCommunityModules = [ - "conversejs" - ]; - }; + package = + pkgs.prosody.override { withCommunityModules = [ "conversejs" ]; }; # when i learn how to use security.acme better, and use separate certs, then i # can fix this group @@ -36,7 +33,7 @@ in { inherit ssl; uploadHttp = { domain = "upload.${rootDomain}"; - uploadExpireAfter = toString (60*60*24*30); # 30 days, as seconds + uploadExpireAfter = toString (60 * 60 * 24 * 30); # 30 days, as seconds }; modules = { @@ -129,9 +126,7 @@ in { }; }; - services.prosody-filer = { - enable = true; - }; + services.prosody-filer = { enable = true; }; services.nginx.virtualHosts."${rootDomain}".locations = { "/http-bind" = { diff --git a/Biz/Cloud/Git.nix b/Biz/Cloud/Git.nix index 6e3d8c8..3ef4530 100644 --- a/Biz/Cloud/Git.nix +++ b/Biz/Cloud/Git.nix @@ -67,12 +67,15 @@ in { ]; jvmOpts = [ # https://stackoverflow.com/a/71817404 - "--add-opens" "java.base/java.lang=ALL-UNNAMED" - "--add-opens" "java.base/java.util=ALL-UNNAMED" + "--add-opens" + "java.base/java.lang=ALL-UNNAMED" + "--add-opens" + "java.base/java.util=ALL-UNNAMED" ]; plugins = [ (pkgs.fetchurl { - url = "https://github.com/davido/gerrit-oauth-provider/releases/download/v3.5.1/gerrit-oauth-provider.jar"; + url = + "https://github.com/davido/gerrit-oauth-provider/releases/download/v3.5.1/gerrit-oauth-provider.jar"; sha256 = "sha256-MS3ElMRUrBX4miiflepMETRK3SaASqpqO3nUn9kq3Gk="; }) ]; @@ -81,14 +84,16 @@ in { settings = { auth.type = "OAUTH"; auth.gitBasicAuthPolicy = "HTTP"; - download.command = [ "checkout" "cherry_pick" "pull" "format_patch"]; + download.command = [ "checkout" "cherry_pick" "pull" "format_patch" ]; gerrit.canonicalWebUrl = "https://gerrit.${domain}"; - httpd.listenUrl = "proxy-https://${config.services.gerrit.listenAddress}"; + httpd.listenUrl = + "proxy-https://${config.services.gerrit.listenAddress}"; plugin.gerrit-oauth-provider-github-oauth = { root-url = "https://github.com"; client-id = "e48084aa0eebe31a2b18"; }; - sshd.advertisedAddress = "gerrit.${domain}:${toString ports.gerrit-ssh}"; + sshd.advertisedAddress = + "gerrit.${domain}:${toString ports.gerrit-ssh}"; sshd.listenAddress = "[::]:${toString ports.gerrit-ssh}"; }; }; @@ -114,7 +119,5 @@ in { }; "nginx".extraGroups = [ "git" ]; }; - users.groups = { - gitDaemon = {}; - }; + users.groups = { gitDaemon = { }; }; } diff --git a/Biz/Cloud/Gmnisrv.nix b/Biz/Cloud/Gmnisrv.nix index 2f7672b..e2a66f6 100644 --- a/Biz/Cloud/Gmnisrv.nix +++ b/Biz/Cloud/Gmnisrv.nix @@ -1,11 +1,6 @@ -{ lib -, config -, pkgs -, ... -}: +{ lib, config, pkgs, ... }: -let - cfg = config.services.gmnisrv; +let cfg = config.services.gmnisrv; in { meta.maintainers = [ lib.maintainers.bsima ]; options.services.gmnisrv = { @@ -20,9 +15,7 @@ in { Configuration for gmnisrv. See gmnisrv.ini(5) for supported settings. ''; default = { - ":tls" = { - "store" = lib.mkDefault "${cfg.dataDir}/certs"; - }; + ":tls" = { "store" = lib.mkDefault "${cfg.dataDir}/certs"; }; }; }; dataDir = lib.mkOption { @@ -36,10 +29,12 @@ in { description = "gmnisrv service"; wantedBy = [ "multi-user.target" ]; after = [ "network-online.target" ]; - script = let ini = lib.generators.toINIWithGlobalSection {} { - globalSection = {"listen" = cfg.listen;}; - sections = cfg.settings; - }; in "${pkgs.gmnisrv}/bin/gmnisrv -C ${ini}"; + script = let + ini = lib.generators.toINIWithGlobalSection { } { + globalSection = { "listen" = cfg.listen; }; + sections = cfg.settings; + }; + in "${pkgs.gmnisrv}/bin/gmnisrv -C ${ini}"; }; }; } diff --git a/Biz/Cloud/Hardware.nix b/Biz/Cloud/Hardware.nix index ab775dc..8fdbd4e 100644 --- a/Biz/Cloud/Hardware.nix +++ b/Biz/Cloud/Hardware.nix @@ -1,7 +1,9 @@ -{ modulesPath, ... }: -{ +{ modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.loader.grub.device = "/dev/vda"; boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; + fileSystems."/" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; } diff --git a/Biz/Cloud/Hub.nix b/Biz/Cloud/Hub.nix index bc346a8..39bbdd0 100644 --- a/Biz/Cloud/Hub.nix +++ b/Biz/Cloud/Hub.nix @@ -11,7 +11,7 @@ let inherit settings; }; motdFile = pkgs.writeText "motd" '' - Meshheads write code. + Meshheads write code. ''; rulesFile = pkgs.writeText "rules" '' 1. x diff --git a/Biz/Cloud/Mail.nix b/Biz/Cloud/Mail.nix index 4ff3fd6..fa99cf3 100644 --- a/Biz/Cloud/Mail.nix +++ b/Biz/Cloud/Mail.nix @@ -1,13 +1,10 @@ { ... }: -/* - -Known issues: - -- when the acme cert gets refreshed, you need to manually restart dovecot -- when restarting dovecot, it might hang, in that case do: - systemctl --job-mode=ignore-dependencies restart dovecot2 postfix +/* Known issues: + - when the acme cert gets refreshed, you need to manually restart dovecot + - when restarting dovecot, it might hang, in that case do: + systemctl --job-mode=ignore-dependencies restart dovecot2 postfix */ { @@ -47,10 +44,9 @@ Known issues: quota = "10G"; }; "nick@simatime.com" = { - hashedPassword = "$6$31P/Mg8k8Pezy1e$Fn1tDyssf.1EgxmLYFsQpSq6RP4wbEvP/UlBlXQhyKA9FnmFtJteXsbJM1naa8Kyylo8vZM9zmeoSthHS1slA1"; - aliases = [ - "nicolai@simatime.com" - ]; + hashedPassword = + "$6$31P/Mg8k8Pezy1e$Fn1tDyssf.1EgxmLYFsQpSq6RP4wbEvP/UlBlXQhyKA9FnmFtJteXsbJM1naa8Kyylo8vZM9zmeoSthHS1slA1"; + aliases = [ "nicolai@simatime.com" ]; quota = "1G"; }; }; diff --git a/Biz/Cloud/Networking.nix b/Biz/Cloud/Networking.nix index 05a1608..1c1f832 100644 --- a/Biz/Cloud/Networking.nix +++ b/Biz/Cloud/Networking.nix @@ -2,8 +2,7 @@ # This file was populated at runtime with the networking # details gathered from the active system. networking = { - nameservers = [ "8.8.8.8" - ]; + nameservers = [ "8.8.8.8" ]; defaultGateway = "143.198.112.1"; defaultGateway6 = "2604:a880:400:d0::1"; dhcpcd.enable = false; @@ -11,15 +10,33 @@ interfaces = { eth0 = { ipv4.addresses = [ - { address="143.198.118.179"; prefixLength=20; } -{ address="10.10.0.7"; prefixLength=16; } + { + address = "143.198.118.179"; + prefixLength = 20; + } + { + address = "10.10.0.7"; + prefixLength = 16; + } ]; ipv6.addresses = [ - { address="2604:a880:400:d0::19f1:7001"; prefixLength=64; } -{ address="fe80::a06e:26ff:fee1:941"; prefixLength=64; } + { + address = "2604:a880:400:d0::19f1:7001"; + prefixLength = 64; + } + { + address = "fe80::a06e:26ff:fee1:941"; + prefixLength = 64; + } ]; - ipv4.routes = [ { address = "143.198.112.1"; prefixLength = 32; } ]; - ipv6.routes = [ { address = "2604:a880:400:d0::1"; prefixLength = 128; } ]; + ipv4.routes = [{ + address = "143.198.112.1"; + prefixLength = 32; + }]; + ipv6.routes = [{ + address = "2604:a880:400:d0::1"; + prefixLength = 128; + }]; }; }; diff --git a/Biz/Cloud/NostrRelay.nix b/Biz/Cloud/NostrRelay.nix index 73c1366..0be8a6f 100644 --- a/Biz/Cloud/NostrRelay.nix +++ b/Biz/Cloud/NostrRelay.nix @@ -27,10 +27,8 @@ in { ''; script = "nostr-rs-relay --db ${dataDir}"; serviceConfig = { - Environment = [ - "RUST_LOG=info,nostr_rs_relay=info" - "APP_DATA=${dataDir}" - ]; + Environment = + [ "RUST_LOG=info,nostr_rs_relay=info" "APP_DATA=${dataDir}" ]; WorkingDirectory = dataDir; KillSignal = "INT"; Type = "simple"; diff --git a/Biz/Cloud/Ports.nix b/Biz/Cloud/Ports.nix index 56a1ae7..69968fb 100644 --- a/Biz/Cloud/Ports.nix +++ b/Biz/Cloud/Ports.nix @@ -15,7 +15,10 @@ headscale = 8844; hoogle = 8008; http = 80; - httpdev = { from = 8000; to = 8099; }; + httpdev = { + from = 8000; + to = 8099; + }; https = 443; invidious = 8086; jellyfin = 8096; @@ -33,7 +36,10 @@ stableDiffusion = 8501; syncthing-gui = 8384; tor = 144; - torrents = { from = 3000; to = 3099; }; + torrents = { + from = 3000; + to = 3099; + }; wireguard = 51820; znc = 5000; } diff --git a/Biz/Cloud/Web.nix b/Biz/Cloud/Web.nix index f97f6e0..b54e108 100644 --- a/Biz/Cloud/Web.nix +++ b/Biz/Cloud/Web.nix @@ -3,9 +3,8 @@ let rootDomain = config.networking.domain; ports = import ./Ports.nix; -in -{ - imports = [ ./Gmnisrv.nix ]; +in { + imports = [ ./Gmnisrv.nix ]; networking.firewall = { allowedTCPPorts = [ ports.ssh @@ -86,9 +85,7 @@ in listen = "0.0.0.0:${toString ports.gemini} [::]:${toString ports.gemini}"; settings = { ":tls" = { store = "/var/lib/gmnisrv"; }; - "bsima.me" = { - "root" = "/var/web/ben"; - }; + "bsima.me" = { "root" = "/var/web/ben"; }; "${rootDomain}" = { "root" = "/var/web/simatime.com"; "cgi" = "on"; @@ -116,7 +113,12 @@ in # redirect '/git' to '/git/' "/git".return = "301 https://$host/git/"; # nostr nip-5 verification - "/.well-known/nostr.json".return = "200 '${builtins.toJSON { names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436";}}'"; + "/.well-known/nostr.json".return = "200 '${ + builtins.toJSON { + names.bensima = + "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436"; + } + }'"; # disabled for nixpert test "/" = { root = "/var/web/simatime.com"; @@ -149,19 +151,22 @@ in }; "hoogle.${rootDomain}" = { - locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.hoogle}"; + locations."/".proxyPass = + "http://${ports.bensIp}:${toString ports.hoogle}"; forceSSL = true; useACMEHost = rootDomain; }; "tv.${rootDomain}" = { - locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.jellyfin}"; + locations."/".proxyPass = + "http://${ports.bensIp}:${toString ports.jellyfin}"; forceSSL = true; useACMEHost = rootDomain; }; "cal.${rootDomain}" = { - locations."/".proxyPass = "http://localhost:${toString ports.radicale}"; + locations."/".proxyPass = + "http://localhost:${toString ports.radicale}"; forceSSL = true; useACMEHost = rootDomain; extraConfig = '' @@ -173,7 +178,8 @@ in }; "reddit.${rootDomain}" = { - locations."/".proxyPass = "http://localhost:${toString ports.libreddit}"; + locations."/".proxyPass = + "http://localhost:${toString ports.libreddit}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -189,7 +195,8 @@ in }; "youtube.${rootDomain}" = { - locations."/".proxyPass = "http://localhost:${toString ports.invidious}"; + locations."/".proxyPass = + "http://localhost:${toString ports.invidious}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -205,13 +212,15 @@ in }; "dragons.dev" = { - locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dragons}"; + locations."/".proxyPass = + "http://${ports.bensIp}:${toString ports.dragons}"; forceSSL = true; useACMEHost = rootDomain; }; "dandel-rovbur.${rootDomain}" = { - locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dandel-rovbur}"; + locations."/".proxyPass = + "http://${ports.bensIp}:${toString ports.dandel-rovbur}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -226,7 +235,8 @@ in forceSSL = true; useACMEHost = rootDomain; locations."/" = { - proxyPass = "http://${ports.bensIp}:${toString ports.stableDiffusion}"; + proxyPass = + "http://${ports.bensIp}:${toString ports.stableDiffusion}"; proxyWebsockets = true; }; }; @@ -234,7 +244,8 @@ in "music.${rootDomain}" = { forceSSL = true; useACMEHost = rootDomain; - locations."/".proxyPass = "http://localhost:${toString ports.botamusique}"; + locations."/".proxyPass = + "http://localhost:${toString ports.botamusique}"; }; "nostr.${rootDomain}" = { @@ -275,28 +286,26 @@ in }; # This must contain all of the other domains we host - security.acme.certs.${rootDomain}.extraDomainNames = [ - "bsima.me" "www.bsima.me" - "dragons.dev" - "nixpert.chat" - ] ++ map (sub: "${sub}.${rootDomain}") [ - "music" - "tv" - "matrix" - "chat" - "hoogle" - "dandel-rovbur" - "sabten" - "cal" - "notebook" - "nostr" - "reddit" - "old.reddit" - "www.reddit" - "youtube" - "www.youtube" - "m.youtube" - "sd" - "gerrit" - ]; + security.acme.certs.${rootDomain}.extraDomainNames = + [ "bsima.me" "www.bsima.me" "dragons.dev" "nixpert.chat" ] + ++ map (sub: "${sub}.${rootDomain}") [ + "music" + "tv" + "matrix" + "chat" + "hoogle" + "dandel-rovbur" + "sabten" + "cal" + "notebook" + "nostr" + "reddit" + "old.reddit" + "www.reddit" + "youtube" + "www.youtube" + "m.youtube" + "sd" + "gerrit" + ]; } diff --git a/Biz/Cloud/Znc.nix b/Biz/Cloud/Znc.nix index 79eee95..caa8e88 100644 --- a/Biz/Cloud/Znc.nix +++ b/Biz/Cloud/Znc.nix @@ -1,9 +1,6 @@ -/* - -N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' - -- https://wiki.znc.in/Configuration +/* N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' + - https://wiki.znc.in/Configuration */ { pkgs, ... }: @@ -13,10 +10,11 @@ N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' znc = { enable = true; openFirewall = true; - modulePackages = with pkgs.zncModules; [ - #backlog clientaway clientbuffer - #ignore - ]; + modulePackages = with pkgs.zncModules; + [ + #backlog clientaway clientbuffer + #ignore + ]; useLegacyConfig = false; config = { LoadModule = [ "adminlog" ]; @@ -36,34 +34,30 @@ N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' LoadModule = [ "simple_away" "nickserv" "sasl" ]; Nick = "bsima"; Chan = { - "#emacs" = { Detached = true; }; - "#guile" = {}; - "#guix" = { Detached = true; }; - "#haskell" = {}; - "#hledger" = {}; - "#nixos" = {}; - "#notmuch" = { Detached = true; }; - "#org-mode" = { Detached = true; }; - "#scheme" = { Detached = true; }; - "#sr.ht" = { Detached = true; }; - "#xmonad" = { Detached = true; }; + "#emacs" = { Detached = true; }; + "#guile" = { }; + "#guix" = { Detached = true; }; + "#haskell" = { }; + "#hledger" = { }; + "#nixos" = { }; + "#notmuch" = { Detached = true; }; + "#org-mode" = { Detached = true; }; + "#scheme" = { Detached = true; }; + "#sr.ht" = { Detached = true; }; + "#xmonad" = { Detached = true; }; }; }; oftc = { Server = "irc.oftc.net +6697"; LoadModule = [ "simple_away" "nickserv" ]; Nick = "bsima"; - Chan = { - "#home-manager" = {}; - }; + Chan = { "#home-manager" = { }; }; }; zeronode = { Server = "irc.zeronode.net +6667"; LoadModule = [ "simple_away" "nickserv" ]; Nick = "ben"; - Chan = { - "#NoAgenda" = {}; - }; + Chan = { "#NoAgenda" = { }; }; }; #sorcery = { # Server = "irc.sorcery.net +6697"; @@ -71,7 +65,8 @@ N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' }; Pass.password = { Method = "sha256"; - Hash = "bead16d806e7bf5cbbc31d572b20f01e2b253eb60e2497ce465df56306becd02"; + Hash = + "bead16d806e7bf5cbbc31d572b20f01e2b253eb60e2497ce465df56306becd02"; Salt = "/GhmBMc+E6b7qd8muFEe"; }; }; diff --git a/Biz/Dev/Beryllium.nix b/Biz/Dev/Beryllium.nix index b2dad1e..2cfe61a 100644 --- a/Biz/Dev/Beryllium.nix +++ b/Biz/Dev/Beryllium.nix @@ -1,4 +1,4 @@ -{ nixpkgs ? import ../Bild.nix {} }: +{ nixpkgs ? import ../Bild.nix { } }: with nixpkgs; bild.os { imports = [ diff --git a/Biz/Dev/Beryllium/Configuration.nix b/Biz/Dev/Beryllium/Configuration.nix index 106f78e..b1d7f11 100644 --- a/Biz/Dev/Beryllium/Configuration.nix +++ b/Biz/Dev/Beryllium/Configuration.nix @@ -5,10 +5,9 @@ { config, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./Hardware.nix - ]; + imports = [ # Include the results of the hardware scan. + ./Hardware.nix + ]; # Bootloader. boot.loader.systemd-boot.enable = true; @@ -105,7 +104,7 @@ services.clight.temperature.night = 1800; services.clight.settings.sunrise = "7:00"; services.clight.settings.sunset = "17:00"; - location.latitude = 40.80; + location.latitude = 40.8; location.longitude = -81.52; services.eternal-terminal.enable = true; @@ -119,8 +118,8 @@ v4l-utils linuxPackages.v4l2loopback nvtop - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget ]; # Some programs need SUID wrappers, can be configured further or are diff --git a/Biz/Dev/Beryllium/Hardware.nix b/Biz/Dev/Beryllium/Hardware.nix index 8c74e10..ecf425c 100644 --- a/Biz/Dev/Beryllium/Hardware.nix +++ b/Biz/Dev/Beryllium/Hardware.nix @@ -4,24 +4,23 @@ { config, lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/f96eaa16-d0e2-4230-aece-131ce7b630da"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/f96eaa16-d0e2-4230-aece-131ce7b630da"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/A34A-6527"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/A34A-6527"; + fsType = "vfat"; + }; swapDevices = [ ]; @@ -34,5 +33,6 @@ # networking.interfaces.enp99s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/Biz/Dev/Dns.nix b/Biz/Dev/Dns.nix index 0490ead..baf79aa 100644 --- a/Biz/Dev/Dns.nix +++ b/Biz/Dev/Dns.nix @@ -1,20 +1,11 @@ { ... }: - - { services.bind = { enable = true; - forwarders = [ - "8.8.8.8" - "1.1.1.1" - ]; - cacheNetworks = [ - "127.0.0.0/8" - "192.168.0.0/24" - ]; - extraConfig = '' - ''; + forwarders = [ "8.8.8.8" "1.1.1.1" ]; + cacheNetworks = [ "127.0.0.0/8" "192.168.0.0/24" ]; + extraConfig = ""; extraOptions = '' dnssec-validation auto; ''; diff --git a/Biz/Dev/Guix.nix b/Biz/Dev/Guix.nix index 8ee55d4..0b261fb 100644 --- a/Biz/Dev/Guix.nix +++ b/Biz/Dev/Guix.nix @@ -6,7 +6,6 @@ let cfg = config.services.guix; - in { options.services.guix = { @@ -21,7 +20,8 @@ in { serviceConfig = { Restart = "always"; - ExecStart = "${pkgs.guix}/bin/guix-daemon --build-users-group=guixbuild"; + ExecStart = + "${pkgs.guix}/bin/guix-daemon --build-users-group=guixbuild"; Environment = null; RemainAfterExit = "yes"; StandardOutput = "syslog"; @@ -30,18 +30,14 @@ in { }; }; users = { - extraUsers = lib.attrs.genAttrs - (lib.lists.range 1 10) - (n: { - name = "guixbuilder${n}"; - isSystemUser = true; - extraGroups = ["guixbuild"]; - group = "guixbuild"; - description = "Guix build user ${n}"; - }); - extraGroups = { - "guixbuild" = {}; - }; + extraUsers = lib.attrs.genAttrs (lib.lists.range 1 10) (n: { + name = "guixbuilder${n}"; + isSystemUser = true; + extraGroups = [ "guixbuild" ]; + group = "guixbuild"; + description = "Guix build user ${n}"; + }); + extraGroups = { "guixbuild" = { }; }; }; }; } diff --git a/Biz/Dev/Hoogle.nix b/Biz/Dev/Hoogle.nix index 02330b5..213a31c 100644 --- a/Biz/Dev/Hoogle.nix +++ b/Biz/Dev/Hoogle.nix @@ -25,7 +25,7 @@ in { }; packages = mkOption { - default = _hp: []; + default = _hp: [ ]; defaultText = "hp: []"; example = "hp: with hp; [ text lens ]"; description = '' @@ -64,7 +64,9 @@ in { serviceConfig = { Restart = "always"; - ExecStart = ''${hoogleEnv}/bin/hoogle server --local --port ${toString cfg.port} --home ${cfg.home} --host ${cfg.host}''; + ExecStart = "${hoogleEnv}/bin/hoogle server --local --port ${ + toString cfg.port + } --home ${cfg.home} --host ${cfg.host}"; DynamicUser = true; diff --git a/Biz/Dev/Lithium.nix b/Biz/Dev/Lithium.nix index d3b17b7..d81b55c 100644 --- a/Biz/Dev/Lithium.nix +++ b/Biz/Dev/Lithium.nix @@ -1,4 +1,4 @@ -{ nixpkgs ? import ../Bild.nix {} }: +{ nixpkgs ? import ../Bild.nix { } }: with nixpkgs; # Dev machine for work and building stuff. diff --git a/Biz/Dev/Lithium/Configuration.nix b/Biz/Dev/Lithium/Configuration.nix index 7434b3f..e6cbdfe 100644 --- a/Biz/Dev/Lithium/Configuration.nix +++ b/Biz/Dev/Lithium/Configuration.nix @@ -14,17 +14,18 @@ in { time.timeZone = "America/New_York"; fonts.fonts = with pkgs; [ - google-fonts mononoki source-code-pro fantasque-sans-mono hack-font - fira fira-code fira-code-symbols + google-fonts + mononoki + source-code-pro + fantasque-sans-mono + hack-font + fira + fira-code + fira-code-symbols ]; - environment.systemPackages = [ - pkgs.nvtop # - pkgs.k3s - pkgs.wemux - pkgs.tmux - pkgs.wireguard-tools - ]; + environment.systemPackages = + [ pkgs.nvtop pkgs.k3s pkgs.wemux pkgs.tmux pkgs.wireguard-tools ]; nixpkgs = { config = { @@ -63,7 +64,8 @@ in { services.my-hoogle.enable = true; services.my-hoogle.port = ports.hoogle; services.my-hoogle.home = "//hoogle.simatime.com"; - services.my-hoogle.packages = pkgset: lib.attrsets.attrVals (import ../../Bild/Deps/Haskell.nix) pkgset; + services.my-hoogle.packages = pkgset: + lib.attrsets.attrVals (import ../../Bild/Deps/Haskell.nix) pkgset; services.my-hoogle.haskellPackages = pkgs.haskell.packages.${ghcCompiler}; services.my-hoogle.host = "0.0.0.0"; @@ -84,11 +86,13 @@ in { services.tor.settings.Nickname = "ydeee3q1cjo83tsuqcz"; services.tor.settings.AccountingMax = "10 GBytes"; services.tor.settings.AccountingStart = "month 1 1:00"; - services.tor.settings.ContactInfo = "ContactInfo pgp:66A6AD150399D970DCA4C4E6C8218B7D0BFDECCD ciissversion:2"; + services.tor.settings.ContactInfo = + "ContactInfo pgp:66A6AD150399D970DCA4C4E6C8218B7D0BFDECCD ciissversion:2"; services.bitcoind.mainnet.enable = true; services.bitcoind.mainnet.dataDir = "/mnt/campbell/bitcoind-mainnet/data"; - services.bitcoind.mainnet.configFile = "/mnt/campbell/bitcoind-mainnet/bitcoin.conf"; + services.bitcoind.mainnet.configFile = + "/mnt/campbell/bitcoind-mainnet/bitcoin.conf"; services.bitcoind.mainnet.prune = 10000; services.pcscd.enable = true; @@ -140,12 +144,20 @@ in { services.jupyter.port = ports.jupyter; services.jupyter.ip = "*"; users.users.jupyter.group = "jupyter"; - users.groups.jupyter = {}; - services.jupyter.password = "'argon2:$argon2id$v=19$m=10240,t=10,p=8$nvQhgk+htbIYi961YYAf1w$ekpwiTT5L4+OAods0K7EDw'"; + users.groups.jupyter = { }; + services.jupyter.password = + "'argon2:$argon2id$v=19$m=10240,t=10,p=8$nvQhgk+htbIYi961YYAf1w$ekpwiTT5L4+OAods0K7EDw'"; services.jupyter.kernels.python3 = let - env = (pkgs.python3.withPackages (p: with p; [ - ipykernel pandas scikitlearn numpy matplotlib sympy ipywidgets - ])); + env = (pkgs.python3.withPackages (p: + with p; [ + ipykernel + pandas + scikitlearn + numpy + matplotlib + sympy + ipywidgets + ])); in { displayName = "py3"; argv = [ diff --git a/Biz/Dev/Lithium/Hardware.nix b/Biz/Dev/Lithium/Hardware.nix index 4d835aa..54c07f5 100644 --- a/Biz/Dev/Lithium/Hardware.nix +++ b/Biz/Dev/Lithium/Hardware.nix @@ -4,26 +4,22 @@ { lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" - ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ - ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/f08dd8f9-787c-4e2a-a0cc-7019edc2ce2b"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/f08dd8f9-787c-4e2a-a0cc-7019edc2ce2b"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/C67C-D7B5"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/C67C-D7B5"; + fsType = "vfat"; + }; fileSystems."/mnt/campbell" = { device = "/dev/disk/by-uuid/037df3ae-4609-402c-ab1d-4593190d0ee7"; diff --git a/Biz/Dev/Networking.nix b/Biz/Dev/Networking.nix index 1a28b56..c89add7 100644 --- a/Biz/Dev/Networking.nix +++ b/Biz/Dev/Networking.nix @@ -1,14 +1,11 @@ { ... }: -let - ports = import ../Cloud/Ports.nix; +let ports = import ../Cloud/Ports.nix; in { networking = { nameservers = [ "1.1.1.1" ]; hostName = "lithium"; - hosts = { - "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ]; - }; + hosts = { "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ]; }; firewall = { allowedTCPPorts = [ @@ -32,18 +29,9 @@ in { ports.stableDiffusion ports.tor ]; - allowedTCPPortRanges = [ - ports.torrents - ports.httpdev - ]; - allowedUDPPorts = [ - ports.dns - ports.et - ports.murmur - ]; - allowedUDPPortRanges = [ - ports.torrents - ]; + allowedTCPPortRanges = [ ports.torrents ports.httpdev ]; + allowedUDPPorts = [ ports.dns ports.et ports.murmur ]; + allowedUDPPortRanges = [ ports.torrents ]; }; # The global useDHCP flag is deprecated, therefore explicitly set to false here. diff --git a/Biz/Dev/Vpn.nix b/Biz/Dev/Vpn.nix index 5a3c3e6..47f9c6e 100644 --- a/Biz/Dev/Vpn.nix +++ b/Biz/Dev/Vpn.nix @@ -8,7 +8,7 @@ in { enable = true; address = "0.0.0.0"; port = ports.headscale; - settings = {}; + settings = { }; }; services.nginx.virtualHosts.${domain} = { diff --git a/Biz/Dragons.nix b/Biz/Dragons.nix index 6473232..2530572 100644 --- a/Biz/Dragons.nix +++ b/Biz/Dragons.nix @@ -1,14 +1,7 @@ -{ options -, lib -, config -, pkgs -, ... -}: +{ options, lib, config, pkgs, ... }: -let - cfg = config.services.dragons; -in -{ +let cfg = config.services.dragons; +in { options.services.dragons = { enable = lib.mkEnableOption "Enable the dragons service"; port = lib.mkOption { @@ -55,7 +48,7 @@ in "DEPO=${cfg.depo}" "KEEP=${cfg.keep}" ]; - EnvironmentFile="/run/dragons/env"; + EnvironmentFile = "/run/dragons/env"; KillSignal = "INT"; Type = "simple"; Restart = "on-abort"; diff --git a/Biz/Dragons/Analysis.nix b/Biz/Dragons/Analysis.nix index de431a7..49a76e0 100644 --- a/Biz/Dragons/Analysis.nix +++ b/Biz/Dragons/Analysis.nix @@ -1,4 +1,4 @@ -{ nixpkgs ? import ../Bild.nix {} }: +{ nixpkgs ? import ../Bild.nix { } }: with nixpkgs; # Run this like so: # @@ -12,9 +12,6 @@ bild.image { fromImage = null; fromImageName = null; fromImageTag = "latest"; - contents = [ - bild.pkgs.git - (bild.run ./Analysis.hs) - ]; + contents = [ bild.pkgs.git (bild.run ./Analysis.hs) ]; config.Cmd = [ "/bin/dragons-analyze" ]; } diff --git a/Biz/Lint.hs b/Biz/Lint.hs index 13150cc..d27ca1d 100644 --- a/Biz/Lint.hs +++ b/Biz/Lint.hs @@ -15,6 +15,7 @@ -- : run deadnix -- : run shellcheck -- : run indent +-- : run nixfmt module Biz.Lint (main) where import Alpha @@ -78,8 +79,11 @@ all your lint are belong to us Usage: lint test - lint [--fix] [...] - lint -h, --help + lint [options] [...] + +Options: + --fix, -f Apply fixes automatically + --help, -h Print this info |] exit :: [Result] -> IO () @@ -88,7 +92,7 @@ exit results = Exit.exitWith <| (n > 0) ?: (Exit.ExitFailure n, Exit.ExitSuccess n = length <| filter bad results bad = \case (Warn _) -> False - Done {status = Bad _} -> True + Done _ (Bad _) -> True _ -> False printResult :: Result -> IO Result @@ -137,8 +141,6 @@ data Linter = Linter formatter :: Maybe (String -> String) } --- deriving (Show) - ormolu :: Linter ormolu = Linter @@ -219,6 +221,15 @@ decodeDeadnixOutput deadnixJson = formatDeadnixResult DeadnixResult {..} = file <> ":" <> show line <> ":" <> show column <> ": " <> message +nixfmt :: Linter +nixfmt = + Linter + { exe = "nixfmt", + checkArgs = ["--check"], + fixArgs = Nothing, + formatter = Nothing + } + shellcheck :: Linter shellcheck = Linter @@ -241,7 +252,7 @@ data Status = Good | Bad String deriving (Show) data Result - = Done {linter :: Linter, status :: Status} + = Done Linter Status | Warn Text | NoOp Namespace.Ext @@ -251,6 +262,7 @@ run mode nsmap = nsmap |> Map.assocs |> traverse (runOne mode) /> concat runOne :: Mode -> (Ext, [Namespace]) -> IO [Result] runOne mode (ext, ns's) = results +> traverse printResult where + results :: IO [Result] results = -- i would run these with mapConcurrently, but the output gets mangled. to -- do it right i need a queue for the results. someday. @@ -264,9 +276,17 @@ runOne mode (ext, ns's) = results +> traverse printResult lint mode ruff ns's ] Namespace.Sh -> [lint mode shellcheck ns's] - Namespace.Nix -> [lint mode deadnix ns's] + Namespace.Nix -> [lint mode deadnix ns's, lint mode nixfmt ns's] Namespace.C -> [lint mode indent ns's] - _ -> [pure <. Warn <| "no linter for " <> show ext] + _ -> + ns's + |> map Namespace.toPath + |> joinWith ", " + |> str + |> ("no linter for " <>) + |> Warn + |> (pure :: Result -> IO Result) + |> (pure :: IO Result -> [IO Result]) lint :: Mode -> Linter -> [Namespace] -> IO Result lint mode linter@Linter {..} ns's = diff --git a/Biz/Nixpert.nix b/Biz/Nixpert.nix index faf27b2..f2f99b2 100644 --- a/Biz/Nixpert.nix +++ b/Biz/Nixpert.nix @@ -1,7 +1,7 @@ { pkgs, ... }: let - salespage = pkgs.runCommand "salespage" {} '' + salespage = pkgs.runCommand "salespage" { } '' mkdir -p $out ${pkgs.pandoc}/bin/pandoc \ --standalone \ diff --git a/Biz/OsBase.nix b/Biz/OsBase.nix index 3b59f11..50899d2 100644 --- a/Biz/OsBase.nix +++ b/Biz/OsBase.nix @@ -1,14 +1,20 @@ -{pkgs, ...}: -let - ports = import ./Cloud/Ports.nix; +{ pkgs, ... }: +let ports = import ./Cloud/Ports.nix; in { boot.tmp.cleanOnBoot = true; fonts.fonts = with pkgs; [ - google-fonts mononoki source-code-pro fantasque-sans-mono hack-font - fira fira-code fira-code-symbols + google-fonts + mononoki + source-code-pro + fantasque-sans-mono + hack-font + fira + fira-code + fira-code-symbols ]; networking.firewall.allowPing = true; - nix.settings.substituters = [ "https://cache.nixos.org" ]; # "ssh://dev.simatime.com" ]; + nix.settings.substituters = + [ "https://cache.nixos.org" ]; # "ssh://dev.simatime.com" ]; nix.gc.automatic = true; nix.gc.dates = "Sunday 02:15"; nix.optimise.automatic = true; diff --git a/Biz/Que.nix b/Biz/Que.nix index 103aef0..ac89a56 100644 --- a/Biz/Que.nix +++ b/Biz/Que.nix @@ -1,16 +1,11 @@ -{ nixpkgs ? import ./Bild.nix {} }: +{ nixpkgs ? import ./Bild.nix { } }: with nixpkgs; # The production server for que.run bild.os { - imports = [ - ./OsBase.nix - ./Packages.nix - ./Users.nix - ./Que/Host.nix - ./Que/Site.nix - ]; + imports = + [ ./OsBase.nix ./Packages.nix ./Users.nix ./Que/Host.nix ./Que/Site.nix ]; networking.hostName = "prod-que"; networking.domain = "que.run"; services.que-server = { @@ -19,16 +14,17 @@ bild.os { package = bild.run ./Que/Host.hs; }; boot.loader.grub.device = "/dev/vda"; - fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; - swapDevices = [ - { device = "/swapfile"; } # 4GB - ]; + fileSystems."/" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; + swapDevices = [{ + device = "/swapfile"; + } # 4GB + ]; networking.firewall.allowedTCPPorts = [ 22 80 443 ]; networking = { - nameservers = [ - "67.207.67.2" - "67.207.67.3" - ]; + nameservers = [ "67.207.67.2" "67.207.67.3" ]; defaultGateway = "157.245.224.1"; defaultGateway6 = "2604:a880:2:d1::1"; dhcpcd.enable = false; @@ -36,15 +32,33 @@ bild.os { interfaces = { eth0 = { ipv4.addresses = [ - { address="157.245.236.44"; prefixLength=20; } - { address="10.46.0.5"; prefixLength=16; } + { + address = "157.245.236.44"; + prefixLength = 20; + } + { + address = "10.46.0.5"; + prefixLength = 16; + } ]; ipv6.addresses = [ - { address="2604:a880:2:d1::a2:5001"; prefixLength=64; } - { address="fe80::7892:a5ff:fec6:dbc3"; prefixLength=64; } + { + address = "2604:a880:2:d1::a2:5001"; + prefixLength = 64; + } + { + address = "fe80::7892:a5ff:fec6:dbc3"; + prefixLength = 64; + } ]; - ipv4.routes = [ { address = "157.245.224.1"; prefixLength = 32; } ]; - ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 32; } ]; + ipv4.routes = [{ + address = "157.245.224.1"; + prefixLength = 32; + }]; + ipv6.routes = [{ + address = "2604:a880:2:d1::1"; + prefixLength = 32; + }]; }; }; }; diff --git a/Biz/Que/Host.nix b/Biz/Que/Host.nix index 84bd9cc..b6b533e 100644 --- a/Biz/Que/Host.nix +++ b/Biz/Que/Host.nix @@ -1,13 +1,7 @@ -{ options -, lib -, config -, ... -}: +{ options, lib, config, ... }: -let - cfg = config.services.que-server; -in -{ +let cfg = config.services.que-server; +in { options.services.que-server = { enable = lib.mkEnableOption "Enable the que-server service"; port = lib.mkOption { @@ -34,7 +28,7 @@ in Que server ''; serviceConfig = { - Environment = ["QUE_PORT=${toString cfg.port}"]; + Environment = [ "QUE_PORT=${toString cfg.port}" ]; EnvironmentFile = "/run/que/env"; KillSignal = "INT"; Type = "simple"; diff --git a/Biz/Que/Site.nix b/Biz/Que/Site.nix index 15b058d..cc525f6 100644 --- a/Biz/Que/Site.nix +++ b/Biz/Que/Site.nix @@ -1,11 +1,4 @@ -{ options -, lib -, config -, pkgs -, ... -}: - - +{ options, lib, config, pkgs, ... }: let cfg = config.services.que-website; @@ -22,8 +15,7 @@ let cp ${./Client.py} $out/Client.py ''; }; -in -{ +in { options.services.que-website = { enable = lib.mkEnableOption "Enable the que-website service"; namespace = lib.mkOption { diff --git a/Biz/Users.nix b/Biz/Users.nix index b7717a3..b214704 100644 --- a/Biz/Users.nix +++ b/Biz/Users.nix @@ -1,24 +1,25 @@ { config, lib, ... }: let - readKeys = k: lib.trivial.pipe k [ - builtins.readFile - (lib.strings.splitString "\n") - (lib.filter (s: s != "")) - ]; + readKeys = k: + lib.trivial.pipe k [ + builtins.readFile + (lib.strings.splitString "\n") + (lib.filter (s: s != "")) + ]; in { users.groups = { # group for publishing web data - "www-data" = {}; + "www-data" = { }; }; users.motd = '' - welcome to the simatime network! - your host is '${config.networking.hostName}' + welcome to the simatime network! + your host is '${config.networking.hostName}' ''; users.mutableUsers = false; - users.users = { # + users.users = { # bots # deploy = { diff --git a/Urbit/Harbor.nix b/Urbit/Harbor.nix index 50abc53..6098163 100644 --- a/Urbit/Harbor.nix +++ b/Urbit/Harbor.nix @@ -1,40 +1,31 @@ -{ options -, lib -, config -, pkgs -, ... -}: +{ options, lib, config, pkgs, ... }: -/* +/* Urbit Harbor is a supervisor for Urbit ships on the local machine. It does no + orchestration, it just manages systemd services. -Urbit Harbor is a supervisor for Urbit ships on the local machine. It does no -orchestration, it just manages systemd services. + Setup process: -Setup process: + + dir=/var/urbit/harbor + urbit -c $dir/zod -k $dir/zod.key -x # one-time setup + + systemctl --user enable $dir/zod.service # nees fullpath + systemctl --user start zod.service - - dir=/var/urbit/harbor - urbit -c $dir/zod -k $dir/zod.key -x # one-time setup - - systemctl --user enable $dir/zod.service # nees fullpath - systemctl --user start zod.service + Service Template: + [Service] + ExecStart=urbit -tq /var/urbit/harbor/zod # maybe want -d? + ExecStartPre=mkdir -p /var/urbit/harbor/zod -Service Template: + [Unit] + Description=zod - [Service] - ExecStart=urbit -tq /var/urbit/harbor/zod # maybe want -d? - ExecStartPre=mkdir -p /var/urbit/harbor/zod - - [Unit] - Description=zod - - [Install] - WantedBy=multi-user.target + [Install] + WantedBy=multi-user.target */ -let - cfg = config.services.urbit-harbor; +let cfg = config.services.urbit-harbor; in { options.services.urbitharbor = { enable = lib.mkEnableOption "Enable urbit-harbor"; diff --git a/Urbit/Ship.nix b/Urbit/Ship.nix index ec6a9ec..45f6b72 100644 --- a/Urbit/Ship.nix +++ b/Urbit/Ship.nix @@ -1,5 +1,4 @@ -{ bild ? import ../Biz/Bild.nix {} -}: +{ bild ? import ../Biz/Bild.nix { } }: # This represents a single ship running in a container. @@ -33,12 +32,8 @@ in bild.image { contents = bild.pkgs.urbit; config = { - Cmd = [ - "${urbit-start}" - ]; + Cmd = [ "${urbit-start}" ]; WorkingDir = "/"; - Volumes = { - "/" = { }; - }; + Volumes = { "/" = { }; }; }; } diff --git a/default.nix b/default.nix index d88873c..99c9893 100644 --- a/default.nix +++ b/default.nix @@ -1 +1 @@ -import ./Biz/Bild.nix {} +import ./Biz/Bild.nix { } diff --git a/shell.nix b/shell.nix index 1db7442..90eb55a 100644 --- a/shell.nix +++ b/shell.nix @@ -1,3 +1 @@ -(import ./Biz/Bild.nix { - nixpkgs = import ./Biz/Bild/Nixpkgs.nix; -}).bild.env +(import ./Biz/Bild.nix { nixpkgs = import ./Biz/Bild/Nixpkgs.nix; }).bild.env -- cgit v1.2.3