Compare commits
32 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 ErrorNoInternet
|
0ccd0ba801
|
||
 javalsai
|
c830cc1f96
|
||
|
ErrorNoInternet
|
00e815c003
|
||
|
ErrorNoInternet
|
3910f14eef
|
||
|
javalsai
|
82c76dc390
|
||
|
javalsai
|
edf7aab2f0 | ||
|
ErrorNoInternet
|
760c5c8284
|
||
|
ErrorNoInternet
|
3a5d5d27f4
|
||
|
ErrorNoInternet
|
015bbc3d66
|
||
|
ErrorNoInternet
|
dc374e8c04
|
||
|
ErrorNoInternet
|
a708c04a9a
|
||
|
javalsai
|
a2534a3dab | ||
|
javalsai
|
b78c41a5f7 | ||
|
javalsai
|
e1f2dc3161 | ||
|
ErrorNoInternet
|
f1c5f038ec
|
||
|
ErrorNoInternet
|
ae0d4f5958
|
||
|
ErrorNoInternet
|
ded0374c57
|
||
|
ErrorNoInternet
|
ab0f9a2ff2
|
||
|
javalsai
|
fb9526fec2 | ||
|
ErrorNoInternet
|
0692e680b8
|
||
|
ErrorNoInternet
|
3a940586d5
|
||
|
javalsai
|
7e7097f457 | ||
|
javalsai
|
22b3a95bf8 | ||
|
javalsai
|
de4b8833bd | ||
|
javalsai
|
ac9b80573f | ||
|
javalsai
|
66a15a5d19 | ||
|
javalsai
|
7e331f5e1a | ||
|
javalsai
|
a8374e231f | ||
|
javalsai
|
27b861d5a5 | ||
|
javalsai
|
6a29ac005c | ||
|
ErrorNoInternet
|
0b9f76dcb4
|
||
|
javalsai
|
cc52b0e6cb |
+2
-1
@@ -1,3 +1,4 @@
|
||||
# Nix
|
||||
/result
|
||||
/*.qcow2
|
||||
/.direnv
|
||||
/result
|
||||
|
||||
+1
-1
@@ -21,5 +21,5 @@ in
|
||||
map (user: {
|
||||
name = "dns/tuxcord.net/${user.name}.tuxcord.net.key.age";
|
||||
value.publicKeys = [ tuxcord-ca ] ++ getSSHKeys user.name;
|
||||
}) (builtins.filter (user: user.value.options.ddns or false) (attrsToList users))
|
||||
}) (builtins.filter (user: user.value.ddns or false) (attrsToList users))
|
||||
)
|
||||
|
||||
+13
-10
@@ -1,21 +1,24 @@
|
||||
rec {
|
||||
users = import ./users.nix;
|
||||
toList = x: if builtins.isList x then x else [ x ];
|
||||
|
||||
adminSSHKeys = builtins.concatLists (
|
||||
map (user: getSSHKeys user.name) (
|
||||
builtins.filter (user: user.value.options.admin or false) (attrsToList users)
|
||||
)
|
||||
);
|
||||
nameValuePair = name: value: { inherit name value; };
|
||||
|
||||
mapAttrsToList = f: attrs: builtins.attrValues (builtins.mapAttrs f attrs);
|
||||
|
||||
attrsToList = mapAttrsToList nameValuePair;
|
||||
mapAttrsToList = f: attrs: builtins.attrValues (builtins.mapAttrs f attrs);
|
||||
nameValuePair = name: value: { inherit name value; };
|
||||
toList = x: if builtins.isList x then x else [ x ];
|
||||
|
||||
getSSHKeys =
|
||||
username:
|
||||
if (builtins.hasAttr "ssh" users.${username}) then
|
||||
toList users.${username}.ssh
|
||||
else
|
||||
builtins.warn "user ${username} declared without ssh key" [ ];
|
||||
builtins.warn "user ${username} declared without ssh keys" [ ];
|
||||
|
||||
users = import ./users.nix;
|
||||
|
||||
adminSSHKeys = builtins.concatLists (
|
||||
map (user: getSSHKeys user.name) (
|
||||
builtins.filter (user: user.value.admin or false) (attrsToList users)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
+5
-9
@@ -1,23 +1,19 @@
|
||||
{
|
||||
error = {
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDzdpxex2GlFVf5G2qsh3Ixa/XCMjnbq4JSTmAev7WYJ error.nointernet@gmail.com";
|
||||
options = {
|
||||
admin = true;
|
||||
ddns = true;
|
||||
};
|
||||
admin = true;
|
||||
ddns = true;
|
||||
};
|
||||
|
||||
javalsai = {
|
||||
ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFjavnLqxIzFLIUpUWDOwhlYeoII4Qk1/9e0yWWxD/P";
|
||||
options = {
|
||||
admin = true;
|
||||
ddns = true;
|
||||
};
|
||||
admin = true;
|
||||
ddns = true;
|
||||
};
|
||||
|
||||
max = {
|
||||
ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDxVfJhzPDZ108UjB3Vj/akzlzYn27kyAw29AuYAr7gvG5vrqhLUYYmK8t+ZVWVpc1g6cK7OF1oUn2E5Qfmy6wqyZQXftAZ4OcRS0MB71W1bAcRq3rGe6KQDm8RSEeygX+zO+2Z6zQmVWgPr/I+JFQZ8wiWdP8X8djqTRdhqUD+SR3ZgTcnY3aLmeB/I56rcZQ3lKIeg/pEsyQ8weptlV0rTWamna6Z7Nw48VwWNSI+6EqfW2/4/edm0Ue8jMNqNZ0yx+kHJbudPgZgSR1SiR2rqlEEUaiQJQQV3VdY4DhGm7143ZSKUxyKlfTuQ7qR1zSIg6f5V71A37ik9YiSbBlOZO86swR4qHESoMNf608IuqRt2NdALHwozFPUCu16qnhu5JTk8twSAzrAhOk5zWQj1LYMoQEBhcFSmwir/1gE71NSjYtqXGVAdfkVmZ4uqG5+a1D7H3VXWOqu/j839M045O1ZBY6X3lKDsEJ1Z1+LCl/NojWnvPtJUHYI6+SdQ6k=";
|
||||
options.admin = true;
|
||||
admin = true;
|
||||
};
|
||||
|
||||
vectorum = {
|
||||
|
||||
+8
-15
@@ -99,22 +99,15 @@ in
|
||||
|
||||
extraHosts =
|
||||
let
|
||||
subdomains = [
|
||||
""
|
||||
".git"
|
||||
];
|
||||
subdomains = [ "git" ];
|
||||
|
||||
inherit (config.networking) fqdn;
|
||||
hosts = [ fqdn ] ++ map (sub: "${sub}.${fqdn}") subdomains;
|
||||
in
|
||||
builtins.foldl' (
|
||||
hosts-acc: domain-prefix:
|
||||
let
|
||||
host = "${domain-prefix}${config.networking.fqdn}";
|
||||
in
|
||||
hosts-acc
|
||||
+ ''
|
||||
127.0.0.1 ${host}
|
||||
::1 ${host}
|
||||
''
|
||||
) "" subdomains;
|
||||
lib.concatMapStrings (host: ''
|
||||
127.0.0.1 ${host}
|
||||
::1 ${host}
|
||||
'') hosts;
|
||||
};
|
||||
|
||||
virtualisation.podman.enable = true;
|
||||
|
||||
+4
-1
@@ -15,7 +15,10 @@
|
||||
"xhci_pci"
|
||||
];
|
||||
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
kernelModules = [
|
||||
"kvm-amd"
|
||||
"kvm-intel"
|
||||
];
|
||||
};
|
||||
|
||||
hardware = {
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
{
|
||||
acme = {
|
||||
enable = true;
|
||||
rfc2136.nameserver = "tuxcord.net";
|
||||
};
|
||||
imports = [
|
||||
./storage.nix
|
||||
];
|
||||
|
||||
dns.enable = true;
|
||||
networking.fqdn = "nix.tuxcord.net";
|
||||
|
||||
acme.rfc2136.nameserver = "tuxcord.net";
|
||||
dns.enable = true;
|
||||
|
||||
services.getty.autologinUser = "root";
|
||||
|
||||
time.timeZone = "Europe/Madrid";
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
fileSystems."/" = {
|
||||
device = "/dev/vda";
|
||||
fsType = "ext4";
|
||||
};
|
||||
}
|
||||
@@ -32,6 +32,7 @@
|
||||
device = "/dev/xvda2";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@persist" ] ++ defaultOptions;
|
||||
neededForBoot = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -1,6 +1,12 @@
|
||||
{
|
||||
imports = [
|
||||
./storage.nix
|
||||
];
|
||||
|
||||
networking.fqdn = "tuxcord.test";
|
||||
|
||||
acme.enable = false;
|
||||
dns.enable = true;
|
||||
|
||||
networking.fqdn = "tuxcord.test";
|
||||
services.getty.autologinUser = "root";
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
fileSystems."/" = {
|
||||
device = "/dev/vda";
|
||||
fsType = "ext4";
|
||||
};
|
||||
}
|
||||
@@ -55,8 +55,6 @@
|
||||
};
|
||||
};
|
||||
|
||||
fileSystems."/persist".neededForBoot = true;
|
||||
|
||||
environment.persistence."/persist" = {
|
||||
enable = true;
|
||||
hideMounts = true;
|
||||
@@ -65,6 +63,7 @@
|
||||
"/export"
|
||||
"/mnt"
|
||||
"/var/db/sudo/lectured"
|
||||
"/var/lib/containers"
|
||||
"/var/lib/nfs"
|
||||
"/var/lib/nixos"
|
||||
"/var/lib/systemd/coredump"
|
||||
|
||||
+27
-13
@@ -3,13 +3,20 @@ let
|
||||
inherit (config.networking) fqdn;
|
||||
|
||||
mkVhost =
|
||||
attrs:
|
||||
attrs: locations:
|
||||
let
|
||||
acmeEnabled = config.acme.enable;
|
||||
in
|
||||
{
|
||||
forceSSL = acmeEnabled;
|
||||
useACMEHost = if acmeEnabled then fqdn else null;
|
||||
|
||||
locations = {
|
||||
"= /robots.txt" = {
|
||||
alias = disallowedRobotsTxt;
|
||||
};
|
||||
}
|
||||
// locations;
|
||||
}
|
||||
// attrs;
|
||||
|
||||
@@ -21,6 +28,19 @@ let
|
||||
proxy_request_buffering off;
|
||||
'';
|
||||
};
|
||||
|
||||
mkSsi = webRoot: {
|
||||
root = webRoot;
|
||||
|
||||
extraConfig = ''
|
||||
ssi on;
|
||||
'';
|
||||
};
|
||||
|
||||
disallowedRobotsTxt = builtins.toFile "robots.txt" ''
|
||||
User-agent: *
|
||||
Disallow: /
|
||||
'';
|
||||
in
|
||||
{
|
||||
services.nginx = {
|
||||
@@ -32,20 +52,14 @@ in
|
||||
recommendedGzipSettings = true;
|
||||
recommendedOptimisation = true;
|
||||
|
||||
virtualHosts."${fqdn}" = mkVhost {
|
||||
default = true;
|
||||
|
||||
locations."/" = {
|
||||
root = "${self.pins.website}/web-root";
|
||||
|
||||
extraConfig = ''
|
||||
ssi on;
|
||||
'';
|
||||
virtualHosts = {
|
||||
"${fqdn}" = mkVhost { default = true; } {
|
||||
"/" = mkSsi "${self.pins.website}/web-root";
|
||||
};
|
||||
};
|
||||
|
||||
virtualHosts."git.${fqdn}" = mkVhost {
|
||||
locations."/" = mkProxy config.services.gitea.settings.server.HTTP_PORT;
|
||||
"git.${fqdn}" = mkVhost { } {
|
||||
"/" = mkProxy config.services.gitea.settings.server.HTTP_PORT;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
+3
-1
@@ -1,9 +1,11 @@
|
||||
{ config, ... }:
|
||||
{
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
ClientAliveInterval = 300;
|
||||
X11Forwarding = true;
|
||||
|
||||
KbdInteractiveAuthentication = false;
|
||||
PasswordAuthentication = false;
|
||||
@@ -11,5 +13,5 @@
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
networking.firewall.allowedTCPPorts = config.services.openssh.ports;
|
||||
}
|
||||
|
||||
+34
-26
@@ -11,35 +11,30 @@ let
|
||||
"wheel"
|
||||
];
|
||||
|
||||
mkUser =
|
||||
name: uid: options:
|
||||
let
|
||||
admin = options.admin or false;
|
||||
in
|
||||
{
|
||||
users.users.${name} = {
|
||||
inherit uid;
|
||||
isNormalUser = true;
|
||||
extraGroups = lib.optionals admin adminGroups;
|
||||
openssh.authorizedKeys.keys = self.lib.getSSHKeys name;
|
||||
};
|
||||
|
||||
systemd.slices."user-${builtins.toString uid}".sliceConfig = {
|
||||
CPUQuota = "50%";
|
||||
CPUWeight = "10";
|
||||
IOAccounting = true;
|
||||
IOWeight = "10";
|
||||
MemoryMax = "2G";
|
||||
MemorySwapMax = "1G";
|
||||
TasksMax = "100";
|
||||
};
|
||||
mkUser = name: uid: admin: {
|
||||
users.users.${name} = {
|
||||
inherit uid;
|
||||
isNormalUser = true;
|
||||
extraGroups = lib.optionals admin adminGroups;
|
||||
openssh.authorizedKeys.keys = self.lib.getSSHKeys name;
|
||||
};
|
||||
|
||||
systemd.slices."user-${builtins.toString uid}".sliceConfig = {
|
||||
CPUQuota = "50%";
|
||||
CPUWeight = "10";
|
||||
IOAccounting = true;
|
||||
IOWeight = "10";
|
||||
MemoryMax = "2G";
|
||||
MemorySwapMax = "1G";
|
||||
TasksMax = "100";
|
||||
};
|
||||
};
|
||||
in
|
||||
lib.recursiveUpdate
|
||||
(builtins.foldl'
|
||||
(attrs: user: {
|
||||
options = lib.recursiveUpdate attrs.options (
|
||||
mkUser user.name attrs.uid (user.value.options or { })
|
||||
mkUser user.name attrs.uid (user.value.admin or false)
|
||||
);
|
||||
uid = attrs.uid + 1;
|
||||
})
|
||||
@@ -50,8 +45,21 @@ lib.recursiveUpdate
|
||||
(lib.attrsToList users)
|
||||
).options
|
||||
{
|
||||
users.users.root = {
|
||||
initialPassword = "tuxcord";
|
||||
openssh.authorizedKeys.keys = self.lib.adminSSHKeys;
|
||||
users = {
|
||||
motd = ''
|
||||
__ __ __
|
||||
---------/\ \__ /\ \ /\ \__
|
||||
---------\ \ ,_\ __ __ __ _ ___ ___ _ __ \_\ \ ___ __\ \ ,_\
|
||||
----------\ \ \/ /\ \/\ \/\ \/'\ /'___\ / __`\/\`'__\/'_` \ /'_ `\ /'__`\ \ \/
|
||||
-----------\ \ \_\ \ \_\ \/> <//\ \__//\ \L\ \ \ \//\ \L\ \ __/\ \/\ \/\ __/\ \ \_
|
||||
------------\ \__\\ \____//\_/\_\ \____\ \____/\ \_\\ \___,_\/\_\ \_\ \_\ \____\\ \__\
|
||||
-------------\/__/ \/___/ \//\/_/\/____/\/___/ \/_/ \/__,_ /\/_/\/_/\/_/\/____/ \/__/
|
||||
A friendly Linux community - est. July 2023
|
||||
'';
|
||||
|
||||
users.root = {
|
||||
initialPassword = "tuxcord";
|
||||
openssh.authorizedKeys.keys = self.lib.adminSSHKeys;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
+143
-30
@@ -9,8 +9,15 @@
|
||||
*/
|
||||
# Generated by npins. Do not modify; will be overwritten regularly
|
||||
let
|
||||
data = builtins.fromJSON (builtins.readFile ./sources.json);
|
||||
version = data.version;
|
||||
# Backwards-compatibly make something that previously didn't take any arguments take some
|
||||
# The function must return an attrset, and will unfortunately be eagerly evaluated
|
||||
# Same thing, but it catches eval errors on the default argument so that one may still call it with other arguments
|
||||
mkFunctor =
|
||||
fn:
|
||||
let
|
||||
e = builtins.tryEval (fn { });
|
||||
in
|
||||
(if e.success then e.value else { error = fn { }; }) // { __functor = _self: fn; };
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
|
||||
range =
|
||||
@@ -21,7 +28,6 @@ let
|
||||
|
||||
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
|
||||
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
|
||||
concatMapStrings = f: list: concatStrings (map f list);
|
||||
concatStrings = builtins.concatStringsSep "";
|
||||
|
||||
# If the environment variable NPINS_OVERRIDE_${name} is set, then use
|
||||
@@ -48,41 +54,90 @@ let
|
||||
|
||||
mkSource =
|
||||
name: spec:
|
||||
{
|
||||
pkgs ? null,
|
||||
}:
|
||||
assert spec ? type;
|
||||
let
|
||||
# Unify across builtin and pkgs fetchers.
|
||||
# `fetchGit` requires a wrapper because of slight API differences.
|
||||
fetchers =
|
||||
if pkgs == null then
|
||||
{
|
||||
inherit (builtins) fetchTarball fetchurl;
|
||||
# Frustratingly, due to flakes and `fetchTree`, `fetchGit`
|
||||
# has a different signature than the other builtin
|
||||
# fetchers
|
||||
fetchGit = args: (builtins.fetchGit args).outPath;
|
||||
}
|
||||
else
|
||||
{
|
||||
fetchTarball =
|
||||
{
|
||||
url,
|
||||
sha256,
|
||||
}:
|
||||
pkgs.fetchzip {
|
||||
inherit url sha256;
|
||||
extension = "tar";
|
||||
};
|
||||
inherit (pkgs) fetchurl;
|
||||
fetchGit =
|
||||
{
|
||||
url,
|
||||
submodules,
|
||||
rev,
|
||||
name,
|
||||
lfs,
|
||||
narHash,
|
||||
}:
|
||||
pkgs.fetchgit {
|
||||
inherit url rev name lfs;
|
||||
fetchSubmodules = submodules;
|
||||
hash = narHash;
|
||||
};
|
||||
};
|
||||
|
||||
path =
|
||||
if spec.type == "Git" then
|
||||
mkGitSource spec
|
||||
mkGitSource fetchers spec
|
||||
else if spec.type == "GitRelease" then
|
||||
mkGitSource spec
|
||||
mkGitSource fetchers spec
|
||||
else if spec.type == "PyPi" then
|
||||
mkPyPiSource spec
|
||||
mkPyPiSource fetchers spec
|
||||
else if spec.type == "Channel" then
|
||||
mkChannelSource spec
|
||||
else if spec.type == "Tarball" then
|
||||
mkTarballSource spec
|
||||
mkChannelSource fetchers spec
|
||||
else if spec.type == "Url" || spec.type == "MutableUrl" then
|
||||
mkUrlSource fetchers spec
|
||||
else if spec.type == "Container" then
|
||||
mkContainerSource pkgs spec
|
||||
else
|
||||
builtins.throw "Unknown source type ${spec.type}";
|
||||
in
|
||||
spec // { outPath = mayOverride name path; };
|
||||
|
||||
mkGitSource =
|
||||
{
|
||||
fetchTarball,
|
||||
fetchGit,
|
||||
...
|
||||
}:
|
||||
{
|
||||
repository,
|
||||
revision,
|
||||
url ? null,
|
||||
submodules,
|
||||
hash,
|
||||
branch ? null,
|
||||
lfs,
|
||||
...
|
||||
}:
|
||||
assert repository ? type;
|
||||
# At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
|
||||
# In the latter case, there we will always be an url to the tarball
|
||||
if url != null && !submodules then
|
||||
builtins.fetchTarball {
|
||||
fetchTarball {
|
||||
inherit url;
|
||||
sha256 = hash; # FIXME: check nix version & use SRI hashes
|
||||
sha256 = hash;
|
||||
}
|
||||
else
|
||||
let
|
||||
@@ -93,6 +148,8 @@ let
|
||||
"https://github.com/${repository.owner}/${repository.repo}.git"
|
||||
else if repository.type == "GitLab" then
|
||||
"${repository.server}/${repository.repo_path}.git"
|
||||
else if repository.type == "Forgejo" then
|
||||
"${repository.server}/${repository.owner}/${repository.repo}.git"
|
||||
else
|
||||
throw "Unrecognized repository type ${repository.type}";
|
||||
urlToName =
|
||||
@@ -107,40 +164,96 @@ let
|
||||
"${if matched == null then "source" else builtins.head matched}${appendShort}";
|
||||
name = urlToName url revision;
|
||||
in
|
||||
builtins.fetchGit {
|
||||
fetchGit {
|
||||
rev = revision;
|
||||
inherit name;
|
||||
# hash = hash;
|
||||
inherit url submodules;
|
||||
narHash = hash;
|
||||
|
||||
inherit name submodules url lfs;
|
||||
};
|
||||
|
||||
mkPyPiSource =
|
||||
{ url, hash, ... }:
|
||||
builtins.fetchurl {
|
||||
{ fetchurl, ... }:
|
||||
{
|
||||
url,
|
||||
hash,
|
||||
...
|
||||
}:
|
||||
fetchurl {
|
||||
inherit url;
|
||||
sha256 = hash;
|
||||
};
|
||||
|
||||
mkChannelSource =
|
||||
{ url, hash, ... }:
|
||||
builtins.fetchTarball {
|
||||
{ fetchTarball, ... }:
|
||||
{
|
||||
url,
|
||||
hash,
|
||||
...
|
||||
}:
|
||||
fetchTarball {
|
||||
inherit url;
|
||||
sha256 = hash;
|
||||
};
|
||||
|
||||
mkTarballSource =
|
||||
mkUrlSource =
|
||||
{
|
||||
fetchTarball,
|
||||
fetchurl,
|
||||
...
|
||||
}:
|
||||
{
|
||||
url,
|
||||
locked_url ? url,
|
||||
hash,
|
||||
unpack,
|
||||
...
|
||||
}:
|
||||
(if unpack then fetchTarball else fetchurl) {
|
||||
inherit url;
|
||||
sha256 = hash;
|
||||
};
|
||||
|
||||
mkContainerSource =
|
||||
pkgs:
|
||||
{
|
||||
image_name,
|
||||
image_tag,
|
||||
image_digest,
|
||||
hash,
|
||||
...
|
||||
}:
|
||||
builtins.fetchTarball {
|
||||
url = locked_url;
|
||||
sha256 = hash;
|
||||
};
|
||||
if pkgs == null then
|
||||
builtins.throw "container sources require passing in a Nixpkgs value: https://github.com/andir/npins/blob/master/README.md#using-the-nixpkgs-fetchers"
|
||||
else
|
||||
pkgs.dockerTools.pullImage {
|
||||
imageName = image_name;
|
||||
imageDigest = image_digest;
|
||||
finalImageTag = image_tag;
|
||||
hash = hash;
|
||||
};
|
||||
|
||||
in
|
||||
if version == 5 then
|
||||
builtins.mapAttrs mkSource data.pins
|
||||
else
|
||||
throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"
|
||||
mkFunctor (
|
||||
{
|
||||
input ? ./sources.json,
|
||||
}:
|
||||
let
|
||||
data =
|
||||
if builtins.isPath input then
|
||||
# while `readFile` will throw an error anyways if the path doesn't exist,
|
||||
# we still need to check beforehand because *our* error can be caught but not the one from the builtin
|
||||
# See: <https://git.lix.systems/lix-project/lix/issues/1098>
|
||||
if builtins.pathExists input then
|
||||
builtins.fromJSON (builtins.readFile input)
|
||||
else
|
||||
throw "Input path ${toString input} does not exist"
|
||||
else if builtins.isAttrs input then
|
||||
input
|
||||
else
|
||||
throw "Unsupported input type ${builtins.typeOf input}, must be a path or an attrset";
|
||||
version = data.version;
|
||||
in
|
||||
if version == 8 then
|
||||
builtins.mapAttrs (name: spec: mkFunctor (mkSource name spec)) data.pins
|
||||
else
|
||||
throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"
|
||||
)
|
||||
|
||||
+4
-3
@@ -8,10 +8,11 @@
|
||||
},
|
||||
"branch": "main",
|
||||
"submodules": false,
|
||||
"revision": "a9f523c268062c0c4a8167b719be15e3e4b3ef88",
|
||||
"lfs": true,
|
||||
"revision": "b18dd7b863644debb0a843a5b21bb490bfe7d048",
|
||||
"url": null,
|
||||
"hash": "0ql14xjz0prvy3rdx6zkbpsjxvx40ivdzrwzdgfsk07jg07aki05"
|
||||
"hash": "sha256-xYH9RXYZDVotUW8fKIEC9u0GJeEg2nV/23aQlEyeQso="
|
||||
}
|
||||
},
|
||||
"version": 5
|
||||
"version": 8
|
||||
}
|
||||
|
||||
+21
-1
@@ -2,6 +2,26 @@
|
||||
{
|
||||
perSystem =
|
||||
{ pkgs, ... }:
|
||||
let
|
||||
npins' = pkgs.npins.overrideAttrs (
|
||||
final: old: {
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "javalsai";
|
||||
repo = "npins";
|
||||
rev = "f3def7dfeecc16884cb0601f6c904d5142f47383";
|
||||
hash = "sha256-ejeOGmDw+D4KddFJ5OAPradqoS+p2eAhhS4fOLQOWOk=";
|
||||
};
|
||||
|
||||
cargoHash = null;
|
||||
cargoDeps = pkgs.rustPlatform.fetchCargoVendor {
|
||||
src = final.src;
|
||||
hash = "sha256-mG4UClFBgiWBraWQ12N3CSyapaIpuXI9F8wQGwh/ooQ=";
|
||||
};
|
||||
|
||||
cargoBuildFeatures = [ ];
|
||||
}
|
||||
);
|
||||
in
|
||||
{
|
||||
devShells.default = pkgs.mkShell {
|
||||
name = "configuration.nix";
|
||||
@@ -33,7 +53,7 @@
|
||||
jujutsu
|
||||
nix-output-monitor
|
||||
nixfmt
|
||||
npins
|
||||
npins'
|
||||
parted
|
||||
smartmontools
|
||||
statix
|
||||
|
||||
Reference in New Issue
Block a user