shoehorn nix-hexchen-style config into flakes

this replaces niv with nix flakes, attempting to preserve the old
structure as much as possible. Notable caveats:
 - I'm not sure if flake inputs expose version information anywhere, so
   the version in pkgs/mattermost/default.nix is now hardcoded.
   Confusingly, this appears to trigger a rebuild. Maybe I've missed something.
 - a lot of the old-style host.nix & deploy.nix machinery in nix-hexchen
   does not work with flakes, and their newer replacements are not exposed
   by upstream; I've put basic imitations of the relevant parts in this repo
 - (in particular, directories in hosts/ won't become deployable configs
   automatically)
 - parts of the code are now probably more complicated than they'd have to be
 - old variables names were preserved; confusingly, this means the flake
   inputs are still called "sources"
This commit is contained in:
stuebinm 2022-11-13 22:45:50 +01:00
parent 025d17c487
commit c09337c973
15 changed files with 1060 additions and 301 deletions

View file

@ -1,8 +1,6 @@
{ config, lib, pkgs, modules, ... }:
{ config, lib, pkgs, modules, sources, ... }:
let
sources = import ../nix/sources.nix;
in {
{
imports = [
../modules
./users.nix

986
flake.lock Normal file
View file

@ -0,0 +1,986 @@
{
"nodes": {
"blobs": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"blobs_2": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"cyberchaos": {
"inputs": {
"digital-nftables": "digital-nftables",
"digital-secretFiles": "digital-secretFiles",
"flake-utils": "flake-utils",
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
]
},
"locked": {
"host": "cyberchaos.dev",
"lastModified": 1668290886,
"narHash": "sha256-fkSHW98kVyH8E0bHWvMhgOd/xPfVTEj6/ehaQMhvapk=",
"owner": "cyberchaoscreatures",
"repo": "nixlib",
"rev": "fbad9753debcb7bd6a1d41c450a3fdbe5223c36d",
"type": "gitlab"
},
"original": {
"host": "cyberchaos.dev",
"owner": "cyberchaoscreatures",
"repo": "nixlib",
"type": "gitlab"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1659725433,
"narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"digital-nftables": {
"flake": false,
"locked": {
"lastModified": 1665861879,
"narHash": "sha256-Qtob7i1f3iPvWF/XJdWA1zzKPJqVCaE8HUCjKN+z5lQ=",
"owner": "~digital",
"repo": "digital-nixfiles",
"rev": "8f2e68436698e295c74aeb31178d45ee60af0dd4",
"type": "sourcehut"
},
"original": {
"owner": "~digital",
"ref": "testing",
"repo": "digital-nixfiles",
"type": "sourcehut"
}
},
"digital-secretFiles": {
"flake": false,
"locked": {
"lastModified": 1665365432,
"narHash": "sha256-HF09GMEeDG7/EuLxsqzyR50OwNQY3jvsS86Q5dxl4uA=",
"owner": "~digital",
"repo": "secretFiles",
"rev": "4146e87c049867c9f0786327a746e0a94fda85a7",
"type": "sourcehut"
},
"original": {
"owner": "~digital",
"ref": "main",
"repo": "secretFiles",
"type": "sourcehut"
}
},
"doom-emacs": {
"flake": false,
"locked": {
"lastModified": 1667001463,
"narHash": "sha256-M4gBRCfUlopMwqqfygPlfYrDEWgn5iivDHCpYkZ9yQE=",
"owner": "doomemacs",
"repo": "doom-emacs",
"rev": "3d8f9ae5ea90aad27d3f40ff701bc2f368391420",
"type": "github"
},
"original": {
"owner": "doomemacs",
"repo": "doom-emacs",
"type": "github"
}
},
"doom-emacs_2": {
"flake": false,
"locked": {
"lastModified": 1660901074,
"narHash": "sha256-3apl0eQlfBj3y0gDdoPp2M6PXYnhxs0QWOHp8B8A9sc=",
"owner": "doomemacs",
"repo": "doomemacs",
"rev": "c44bc81a05f3758ceaa28921dd9c830b9c571e61",
"type": "github"
},
"original": {
"owner": "doomemacs",
"ref": "master",
"repo": "doomemacs",
"type": "github"
}
},
"doom-snippets": {
"flake": false,
"locked": {
"lastModified": 1662645711,
"narHash": "sha256-XKpPCtECGZQ5bFPPDUX3oAltXOJNwAI/OktxiLnADRE=",
"owner": "doomemacs",
"repo": "snippets",
"rev": "03a62fe7edf7e87fdbd925713fbd3bf292d14b00",
"type": "github"
},
"original": {
"owner": "doomemacs",
"repo": "snippets",
"type": "github"
}
},
"emacs-overlay": {
"flake": false,
"locked": {
"lastModified": 1666989765,
"narHash": "sha256-bPwGXizMQnXxEsKt1n0lGGB8kiaXhmehu1pSy0VwCow=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "87fd982e510d78c7ed61df5a0e339fe57f858f87",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"emacs-overlay_2": {
"flake": false,
"locked": {
"lastModified": 1664478431,
"narHash": "sha256-XTPklm/+e2UfIitB0+s/fKTheMJSw3G1p+t0SsBCuo4=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "6c78924bc5b6daaf98c0dbe63bdfcf80e6433f4b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"emacs-so-long": {
"flake": false,
"locked": {
"lastModified": 1575031854,
"narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=",
"owner": "hlissner",
"repo": "emacs-so-long",
"rev": "ed666b0716f60e8988c455804de24b55919e71ca",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "emacs-so-long",
"type": "github"
}
},
"evil-escape": {
"flake": false,
"locked": {
"lastModified": 1588439096,
"narHash": "sha256-aB2Ge5o/93B18tPf4fN1c+O46CNh/nOqwLJbox4c8Gw=",
"owner": "hlissner",
"repo": "evil-escape",
"rev": "819f1ee1cf3f69a1ae920e6004f2c0baeebbe077",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "evil-escape",
"type": "github"
}
},
"evil-markdown": {
"flake": false,
"locked": {
"lastModified": 1626852210,
"narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=",
"owner": "Somelauw",
"repo": "evil-markdown",
"rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477",
"type": "github"
},
"original": {
"owner": "Somelauw",
"repo": "evil-markdown",
"type": "github"
}
},
"evil-org-mode": {
"flake": false,
"locked": {
"lastModified": 1607203864,
"narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=",
"owner": "hlissner",
"repo": "evil-org-mode",
"rev": "a9706da260c45b98601bcd72b1d2c0a24a017700",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "evil-org-mode",
"type": "github"
}
},
"evil-quick-diff": {
"flake": false,
"locked": {
"lastModified": 1575189609,
"narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=",
"owner": "rgrinberg",
"repo": "evil-quick-diff",
"rev": "69c883720b30a892c63bc89f49d4f0e8b8028908",
"type": "github"
},
"original": {
"owner": "rgrinberg",
"repo": "evil-quick-diff",
"type": "github"
}
},
"explain-pause-mode": {
"flake": false,
"locked": {
"lastModified": 1595842060,
"narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=",
"owner": "lastquestion",
"repo": "explain-pause-mode",
"rev": "2356c8c3639cbeeb9751744dbe737267849b4b51",
"type": "github"
},
"original": {
"owner": "lastquestion",
"repo": "explain-pause-mode",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1648199409,
"narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "64a525ee38886ab9028e6f61790de0832aa3ef03",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"format-all": {
"flake": false,
"locked": {
"lastModified": 1581716637,
"narHash": "sha256-ul7LCe60W8TIvUmUtZtZRo8489TK9iTPDsLHmzxY57M=",
"owner": "lassik",
"repo": "emacs-format-all-the-code",
"rev": "47d862d40a088ca089c92cd393c6dca4628f87d3",
"type": "github"
},
"original": {
"owner": "lassik",
"repo": "emacs-format-all-the-code",
"rev": "47d862d40a088ca089c92cd393c6dca4628f87d3",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
],
"utils": "utils_2"
},
"locked": {
"lastModified": 1666903647,
"narHash": "sha256-sFI1Gh9DTGzHnBINondupUGYbe+T0wZcpcZjkW0qffM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "213a06295dff96668a1d673b9fd1c03ce1de6745",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"mattermost-server": {
"flake": false,
"locked": {
"lastModified": 1655204693,
"narHash": "sha256-cI7QSB/95TVFMpu4l75EQGVZhZj48sCZaMpiT5jFv8w=",
"owner": "mattermost",
"repo": "mattermost-server",
"rev": "d565c9595e08fe87d520f4ab2fa55e8f5a065f9c",
"type": "github"
},
"original": {
"owner": "mattermost",
"ref": "v6.7.2",
"repo": "mattermost-server",
"type": "github"
}
},
"mattermost-webapp": {
"flake": false,
"locked": {
"narHash": "sha256-HaKkQxGd+YPdzgbvqSUYpA98S43A2yjU90hgMOl0kl8=",
"type": "tarball",
"url": "https://releases.mattermost.com/6.7.2/mattermost-6.7.2-linux-amd64.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://releases.mattermost.com/6.7.2/mattermost-6.7.2-linux-amd64.tar.gz"
}
},
"nix-doom-emacs": {
"inputs": {
"doom-emacs": "doom-emacs_2",
"doom-snippets": "doom-snippets",
"emacs-overlay": "emacs-overlay_2",
"emacs-so-long": "emacs-so-long",
"evil-escape": "evil-escape",
"evil-markdown": "evil-markdown",
"evil-org-mode": "evil-org-mode",
"evil-quick-diff": "evil-quick-diff",
"explain-pause-mode": "explain-pause-mode",
"flake-compat": "flake-compat_3",
"flake-utils": [
"nix-hexchen",
"flake-utils"
],
"format-all": "format-all",
"nix-straight": "nix-straight",
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
],
"nose": "nose",
"ob-racket": "ob-racket",
"org": "org",
"org-contrib": "org-contrib",
"org-yt": "org-yt",
"php-extras": "php-extras",
"revealjs": "revealjs",
"rotate-text": "rotate-text",
"sln-mode": "sln-mode",
"ts-fold": "ts-fold",
"ws-butler": "ws-butler"
},
"locked": {
"lastModified": 1665958150,
"narHash": "sha256-LhVCEqZ3JPr/5YuishMI3N9UAK8aam8xAd8eGNkwygk=",
"owner": "nix-community",
"repo": "nix-doom-emacs",
"rev": "c9a6efdab4bdda28ec372cff97b0557351aa6098",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-doom-emacs",
"rev": "c9a6efdab4bdda28ec372cff97b0557351aa6098",
"type": "github"
}
},
"nix-hexchen": {
"inputs": {
"cyberchaos": "cyberchaos",
"deploy-rs": "deploy-rs",
"doom-emacs": "doom-emacs",
"emacs-overlay": "emacs-overlay",
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"home-manager": "home-manager",
"nix-doom-emacs": "nix-doom-emacs",
"nixos-mailserver": "nixos-mailserver",
"nixpkgs": "nixpkgs",
"nixpkgs-bindfix": "nixpkgs-bindfix",
"sops-nix": "sops-nix",
"waybar-iceportal": "waybar-iceportal"
},
"locked": {
"lastModified": 1668291754,
"narHash": "sha256-AHsqQ6or1vjbC/aJxFQGlm/L3HrJIlVescQXI8I+HhI=",
"ref": "main",
"rev": "1e065ad810a792d44fe8836b42324bc4cad90ace",
"revCount": 290,
"type": "git",
"url": "https://gitlab.com/hexchen/nixfiles"
},
"original": {
"ref": "main",
"type": "git",
"url": "https://gitlab.com/hexchen/nixfiles"
}
},
"nix-straight": {
"flake": false,
"locked": {
"lastModified": 1656684255,
"narHash": "sha256-ZefQiv4Ipu2VkLjs1oyelTLU7kBVJgkcQd+yBpJU0yo=",
"owner": "nix-community",
"repo": "nix-straight.el",
"rev": "fb8dd5c44cde70abd13380766e40af7a63888942",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-straight.el",
"type": "github"
}
},
"nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
],
"nixpkgs-22_05": "nixpkgs-22_05",
"utils": [
"nix-hexchen",
"flake-utils"
]
},
"locked": {
"lastModified": 1658267644,
"narHash": "sha256-NJRe1rnlF112eZwxNASlRL8/ghwD8g+lpHIYRkWQxC8=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "004c229ca44c069d93c92abf67ff1619fb508c6a",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"type": "gitlab"
}
},
"nixos-mailserver_2": {
"inputs": {
"blobs": "blobs_2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-22_05": "nixpkgs-22_05_3",
"utils": "utils_3"
},
"locked": {
"lastModified": 1655930346,
"narHash": "sha256-ht56HHOzEhjeIgAv5ZNFjSVX/in1YlUs0HG9c1EUXTM=",
"rev": "f535d8123c4761b2ed8138f3d202ea710a334a1d",
"revCount": 532,
"type": "git",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
},
"original": {
"rev": "f535d8123c4761b2ed8138f3d202ea710a334a1d",
"type": "git",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1667991831,
"narHash": "sha256-DHgEsLZI044B9T4AjA3K6+yB9/DqLr4dyA7OIx0FG7o=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "872fceeed60ae6b7766cc0a4cd5bf5901b9098ec",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-22_05": {
"locked": {
"lastModified": 1654936503,
"narHash": "sha256-soKzdhI4jTHv/rSbh89RdlcJmrPgH8oMb/PLqiqIYVQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dab6df51387c3878cdea09f43589a15729cae9f4",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.05",
"type": "indirect"
}
},
"nixpkgs-22_05_2": {
"locked": {
"lastModified": 1666488099,
"narHash": "sha256-DANs2epN5QgvxWzH7xF3dzb4WE0lEuMLrMEu/vPmQxw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f9115594149ebcb409a42e303bec4956814a8419",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-22_05_3": {
"locked": {
"lastModified": 1654936503,
"narHash": "sha256-soKzdhI4jTHv/rSbh89RdlcJmrPgH8oMb/PLqiqIYVQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dab6df51387c3878cdea09f43589a15729cae9f4",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.05",
"type": "indirect"
}
},
"nixpkgs-bindfix": {
"locked": {
"lastModified": 1646653989,
"narHash": "sha256-X7cClFjpVm5emaEg9eABeXvG6yx7HCoTIqOE04ICjxA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bea64c8d594d0074d17a4513a2d2d856b1b0fee0",
"type": "github"
},
"original": {
"id": "nixpkgs",
"rev": "bea64c8d594d0074d17a4513a2d2d856b1b0fee0",
"type": "indirect"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1663850217,
"narHash": "sha256-tp9nXo1/IdN/xN9m06ryy0QUAEfoN6K56ObM/1QTAjc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1642635915,
"narHash": "sha256-vabPA32j81xBO5m3+qXndWp5aqepe+vu96Wkd9UnngM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6d8215281b2f87a5af9ed7425a26ac575da0438f",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1667921968,
"narHash": "sha256-EI+//LbhUzX471LHq8GgB+oUHpdA2rsiXpY1q5tDYGw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "df2bcbbd1c2aa144261cf1b0003c889c075dc693",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "df2bcbbd1c2aa144261cf1b0003c889c075dc693",
"type": "github"
}
},
"nose": {
"flake": false,
"locked": {
"lastModified": 1400604510,
"narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=",
"owner": "emacsattic",
"repo": "nose",
"rev": "f8528297519eba911696c4e68fa88892de9a7b72",
"type": "github"
},
"original": {
"owner": "emacsattic",
"repo": "nose",
"type": "github"
}
},
"ob-racket": {
"flake": false,
"locked": {
"lastModified": 1584656173,
"narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=",
"owner": "xchrishawk",
"repo": "ob-racket",
"rev": "83457ec9e1e96a29fd2086ed19432b9d75787673",
"type": "github"
},
"original": {
"owner": "xchrishawk",
"repo": "ob-racket",
"type": "github"
}
},
"org": {
"flake": false,
"locked": {
"lastModified": 1665657044,
"narHash": "sha256-8+pYCZLckxXyT1PIZmvwUwmEf+dOClhEoLL+lnZmIao=",
"owner": "emacs-straight",
"repo": "org-mode",
"rev": "3e86487755e6e023625ad3ddac105b93759e63ec",
"type": "github"
},
"original": {
"owner": "emacs-straight",
"repo": "org-mode",
"type": "github"
}
},
"org-contrib": {
"flake": false,
"locked": {
"lastModified": 1664301003,
"narHash": "sha256-8CAq/EB52RMQHNLZM0uc/1N5gKTfxGhf7WFt9sMKoD8=",
"owner": "emacsmirror",
"repo": "org-contrib",
"rev": "aa104c0bbc3113f6d3d167b20bd8d6bf6a285f0f",
"type": "github"
},
"original": {
"owner": "emacsmirror",
"repo": "org-contrib",
"type": "github"
}
},
"org-yt": {
"flake": false,
"locked": {
"lastModified": 1527381913,
"narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=",
"owner": "TobiasZawada",
"repo": "org-yt",
"rev": "40cc1ac76d741055cbefa13860d9f070a7ade001",
"type": "github"
},
"original": {
"owner": "TobiasZawada",
"repo": "org-yt",
"type": "github"
}
},
"php-extras": {
"flake": false,
"locked": {
"lastModified": 1573312690,
"narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=",
"owner": "arnested",
"repo": "php-extras",
"rev": "d410c5af663c30c01d461ac476d1cbfbacb49367",
"type": "github"
},
"original": {
"owner": "arnested",
"repo": "php-extras",
"type": "github"
}
},
"revealjs": {
"flake": false,
"locked": {
"lastModified": 1664012352,
"narHash": "sha256-Pu5p6HqIO2wvWiTEhsQyIuwlWEIa1GjO3EDXosznyYE=",
"owner": "hakimel",
"repo": "reveal.js",
"rev": "468132320d6e072abd1297d7cc24766a2b7a832d",
"type": "github"
},
"original": {
"owner": "hakimel",
"repo": "reveal.js",
"type": "github"
}
},
"root": {
"inputs": {
"mattermost-server": "mattermost-server",
"mattermost-webapp": "mattermost-webapp",
"nix-hexchen": "nix-hexchen",
"nixos-mailserver": "nixos-mailserver_2",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable"
}
},
"rotate-text": {
"flake": false,
"locked": {
"lastModified": 1322962747,
"narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=",
"owner": "debug-ito",
"repo": "rotate-text.el",
"rev": "48f193697db996855aee1ad2bc99b38c6646fe76",
"type": "github"
},
"original": {
"owner": "debug-ito",
"repo": "rotate-text.el",
"type": "github"
}
},
"sln-mode": {
"flake": false,
"locked": {
"lastModified": 1423727528,
"narHash": "sha256-XqkqPyEJuTtFslOz1fpTf/Klbd/zA7IGpzpmum/MGao=",
"owner": "sensorflo",
"repo": "sln-mode",
"rev": "0f91d1b957c7d2a7bab9278ec57b54d57f1dbd9c",
"type": "github"
},
"original": {
"owner": "sensorflo",
"repo": "sln-mode",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
],
"nixpkgs-22_05": "nixpkgs-22_05_2"
},
"locked": {
"lastModified": 1666499473,
"narHash": "sha256-q1eFnBFL0kHgcnUPeKagw3BfbE/5sMJNGL2E2AR+a2M=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "1b5f9512a265f0c9687dbff47893180f777f4809",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"ts-fold": {
"flake": false,
"locked": {
"lastModified": 1663136308,
"narHash": "sha256-FI25RLoHqhcjA2qel75LVmQH4rTkKiAUR2w9QODT1XM=",
"owner": "jcs-elpa",
"repo": "ts-fold",
"rev": "c3da5520b988720f7f6e9e5e11b60746598112e0",
"type": "github"
},
"original": {
"owner": "jcs-elpa",
"repo": "ts-fold",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1648297722,
"narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_3": {
"locked": {
"lastModified": 1605370193,
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"waybar-iceportal": {
"inputs": {
"nixpkgs": [
"nix-hexchen",
"nixpkgs"
]
},
"locked": {
"lastModified": 1661258114,
"narHash": "sha256-wdm35mfyjz/eFrtd9fMeAJwfUk6XskbyM115wYI1kVA=",
"owner": "e1mo",
"repo": "waybar-iceportal",
"rev": "13b297c2cc0b4b56d4caccd626a16b455d8d49e5",
"type": "github"
},
"original": {
"owner": "e1mo",
"repo": "waybar-iceportal",
"type": "github"
}
},
"ws-butler": {
"flake": false,
"locked": {
"lastModified": 1634511126,
"narHash": "sha256-c0y0ZPtxxICPk+eaNbbQf6t+FRCliNY54CCz9QHQ8ZI=",
"owner": "hlissner",
"repo": "ws-butler",
"rev": "572a10c11b6cb88293de48acbb59a059d36f9ba5",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "ws-butler",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

56
flake.nix Normal file
View file

@ -0,0 +1,56 @@
{
description = "hacc infra stuff";
inputs = {
mattermost-webapp.url = "https://releases.mattermost.com/6.7.2/mattermost-6.7.2-linux-amd64.tar.gz";
mattermost-webapp.flake = false;
mattermost-server.url = "github:mattermost/mattermost-server?ref=v6.7.2";
mattermost-server.flake = false;
nixpkgs.url = "github:NixOS/nixpkgs?rev=df2bcbbd1c2aa144261cf1b0003c889c075dc693";
nixpkgs-unstable.url = "github:NixOS/nixpkgs?rev=ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90";
nix-hexchen.url = "git+https://gitlab.com/hexchen/nixfiles?ref=main";
nixos-mailserver.url = "git+https://gitlab.com/simple-nixos-mailserver/nixos-mailserver?rev=f535d8123c4761b2ed8138f3d202ea710a334a1d";
};
outputs = { self, nixpkgs, nix-hexchen, ... }@inputs:
let modules = nix-hexchen.nixosModules;
profiles = nix-hexchen.nixosModules.profiles;
pkgs = import ./pkgs {
sources = inputs;
system = "x86_64-linux";
};
# simulate the evalConfig as contained in nix-hexchen/lib/hosts.nix,
# but compatible with flakes
evalConfig = extraSpecial: config: nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
config
nix-hexchen.nixosModules.network.nftables
{ nixpkgs.pkgs = pkgs; }
];
specialArgs = {
inherit modules profiles evalConfig;
sources = inputs;
} // extraSpecial;
};
in {
# do this by hand instead of via nix-hexchen/lib/hosts.nix, since that one
# apparently can't support pkgs depending on flake inputs
nixosConfigurations.parsons = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/parsons/configuration.nix
# not used anymore, but other things in nix-hexchen still depend on it
nix-hexchen.nixosModules.deploy
{ nixpkgs.pkgs = pkgs; }
];
specialArgs = {
# with a few exceptions, the flake inputs can be used the same
# as the niv-style (import nix/sources.nix {})
sources = inputs;
inherit modules profiles evalConfig;
};
};
};
}

View file

@ -5,8 +5,9 @@
../../common
./hardware.nix
modules.encboot
modules.network.nftables modules.nftnat
((import sources.nix-hexchen) {}).profiles.nopersist
modules.network.nftables
modules.nftnat
sources.nix-hexchen.nixosModules.profiles.nopersist
../../services/nextcloud.nix
../../services/mattermost.nix

View file

@ -1,78 +0,0 @@
{
"mattermost-server": {
"branch": "master",
"description": "Open source Slack-alternative in Golang and React - Mattermost",
"homepage": "https://mattermost.com",
"owner": "mattermost",
"repo": "mattermost-server",
"rev": "2ea14ef395fad8919b2f4137642a7f50b370ffba",
"sha256": "1k5zqnc4yqnad2cw1wpqk22mjra08jz9gf4v692kbrgx3x4d13kh",
"type": "tarball",
"url": "https://github.com/mattermost/mattermost-server/archive/refs/tags/v6.7.2.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/refs/tags/v<version>.tar.gz",
"version": "6.7.2"
},
"mattermost-webapp": {
"sha256": "0pwjfklk0q28yza2iny0im5pq3x430jskvq6rvfq7ycx251s98hx",
"type": "tarball",
"url": "https://releases.mattermost.com/6.7.2/mattermost-6.7.2-linux-amd64.tar.gz",
"url_template": "https://releases.mattermost.com/<version>/mattermost-<version>-linux-amd64.tar.gz",
"version": "6.7.2"
},
"niv": {
"branch": "master",
"description": "Easy dependency management for Nix projects",
"homepage": "https://github.com/nmattia/niv",
"owner": "nmattia",
"repo": "niv",
"rev": "82e5cd1ad3c387863f0545d7591512e76ab0fc41",
"sha256": "090l219mzc0gi33i3psgph6s2pwsc8qy4lyrqjdj4qzkvmaj65a7",
"type": "tarball",
"url": "https://github.com/nmattia/niv/archive/82e5cd1ad3c387863f0545d7591512e76ab0fc41.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nix-hexchen": {
"branch": "main",
"ref": "main",
"repo": "https://gitlab.com/hexchen/nixfiles",
"rev": "ef358992030e9a6fa975a24bf4d9aa133bc72424",
"sha256": "01hcdrpfc8g1bbc96h7gi04zmyxi9vd7392ncadwfkx5xfd2fp17",
"type": "tarball",
"url": "https://gitlab.com/hexchen/nixfiles/-/archive/ef358992030e9a6fa975a24bf4d9aa133bc72424.tar.gz",
"url_template": "<repo>/-/archive/<rev>.tar.gz"
},
"nixos-mailserver": {
"branch": "nixos-22.05",
"ref": "nixos-22.05",
"repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver",
"rev": "f535d8123c4761b2ed8138f3d202ea710a334a1d",
"sha256": "0csx2i8p7gbis0n5aqpm57z5f9cd8n9yabq04bg1h4mkfcf7mpl6",
"type": "tarball",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/f535d8123c4761b2ed8138f3d202ea710a334a1d.tar.gz",
"url_template": "<repo>/-/archive/<rev>.tar.gz"
},
"nixpkgs": {
"branch": "nixos-22.05",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "df2bcbbd1c2aa144261cf1b0003c889c075dc693",
"sha256": "0v308fdsndcnbqibpnj0jwg19sh7l30spisjxzw3alz1nvybz3qh",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/df2bcbbd1c2aa144261cf1b0003c889c075dc693.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixpkgs-unstable": {
"branch": "nixos-unstable",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90",
"sha256": "0dq22dagzk76x2ws4dz88w018i6byamd6rnzqizx68bzimg6g7xn",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

View file

@ -1,194 +0,0 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchurl { inherit (spec) url sha256; name = name'; }
else
pkgs.fetchurl { inherit (spec) url sha256; name = name'; };
fetch_tarball = pkgs: name: spec:
let
name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchTarball { name = name'; inherit (spec) url sha256; }
else
pkgs.fetchzip { name = name'; inherit (spec) url sha256; };
fetch_git = name: spec:
let
ref =
if spec ? ref then spec.ref else
if spec ? branch then "refs/heads/${spec.branch}" else
if spec ? tag then "refs/tags/${spec.tag}" else
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
submodules = if spec ? submodules then spec.submodules else false;
submoduleArg =
let
nixSupportsSubmodules = builtins.compareVersions builtins.nixVersion "2.4" >= 0;
emptyArgWithWarning =
if submodules == true
then
builtins.trace
(
"The niv input \"${name}\" uses submodules "
+ "but your nix's (${builtins.nixVersion}) builtins.fetchGit "
+ "does not support them"
)
{}
else {};
in
if nixSupportsSubmodules
then { inherit submodules; }
else emptyArgWithWarning;
in
builtins.fetchGit
({ url = spec.repo; inherit (spec) rev; inherit ref; } // submoduleArg);
fetch_local = spec: spec.path;
fetch_builtin-tarball = name: throw
''[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=tarball -a builtin=true'';
fetch_builtin-url = name: throw
''[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=file -a builtin=true'';
#
# Various helpers
#
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
sanitizeName = name:
(
concatMapStrings (s: if builtins.isList s then "-" else s)
(
builtins.split "[^[:alnum:]+._?=-]+"
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)
)
);
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: system:
let
sourcesNixpkgs =
import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { inherit system; };
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources
then sourcesNixpkgs
else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then
import <nixpkgs> {}
else
abort
''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if ! builtins.hasAttr "type" spec then
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file" then fetch_file pkgs name spec
else if spec.type == "tarball" then fetch_tarball pkgs name spec
else if spec.type == "git" then fetch_git name spec
else if spec.type == "local" then fetch_local spec
else if spec.type == "builtin-tarball" then fetch_builtin-tarball name
else if spec.type == "builtin-url" then fetch_builtin-url name
else
abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# If the environment variable NIV_OVERRIDE_${name} is set, then use
# the path directly as opposed to the fetched source.
replace = name: drv:
let
saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
in
if ersatz == "" then drv else
# this turns the string into an actual Nix path (for both absolute and
# relative paths)
if builtins.substring 0 1 ersatz == "/" then /. + ersatz else /. + builtins.getEnv "PWD" + "/${ersatz}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs = builtins.mapAttrs or (
f: set: with builtins;
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set))
);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
concatMapStrings = f: list: concatStrings (map f list);
concatStrings = builtins.concatStringsSep "";
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
optionalAttrs = cond: as: if cond then as else {};
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12" then
fetchTarball ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
else
fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
let
inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12" then
fetchurl ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
else
fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs (
name: spec:
if builtins.hasAttr "outPath" spec
then abort
"The values in sources.json should not have an 'outPath' attribute"
else
spec // { outPath = replace name (fetch config.pkgs name spec); }
) config.sources;
# The "config" used by the fetchers
mkConfig =
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
, sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile)
, system ? builtins.currentSystem
, pkgs ? mkPkgs sources system
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); }

View file

@ -1,7 +1,6 @@
{ config ? {}, system ? builtins.currentSystem, ... }@args:
{ sources, system ? builtins.currentSystem, ... }@args:
let
sources = import ../nix/sources.nix;
pkgs = import sources.nixpkgs args;
unstable = import sources.nixpkgs-unstable args;
@ -9,7 +8,7 @@ let
newpkgs = {
mattermost = callPackage ./mattermost {};
mattermost = callPackage ./mattermost {inherit sources;};
# a version of the lounge with some extra css that
# hides things the hacc-voc doesn't need

View file

@ -1,8 +1,7 @@
{ stdenv, fetchurl, fetchFromGitHub, buildGoPackage, buildEnv, lib }:
{ stdenv, fetchurl, fetchFromGitHub, buildGoPackage, buildEnv, lib, sources }:
let
sources = import ../../nix/sources.nix;
version = sources.mattermost-webapp.version;
version = "6.7.2";
mattermost-server = buildGoPackage rec {
pname = "mattermost-server";

View file

@ -21,7 +21,7 @@
users.users.root.hashedPassword = "";
system.stateVersion = "21.11";
imports = [ ((import sources.nix-hexchen) { }).profiles.nopersist ];
imports = [ sources.nix-hexchen.nixosModules.profiles.nopersist ];
environment.systemPackages = [ pkgs.gitea ];

View file

@ -18,9 +18,7 @@
users.users.root.hashedPassword = "";
system.stateVersion = "21.05";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
];
imports = [ sources.nix-hexchen.nixosModules.profiles.nopersist ];
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;

View file

@ -18,9 +18,8 @@
users.users.root.hashedPassword = "";
system.stateVersion = "21.05";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
];
imports = [ sources.nix-hexchen.nixosModules.profiles.nopersist ];
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;

View file

@ -20,9 +20,8 @@
hexchen.bindmounts."/var/lib/mediawiki" = "/persist/var/lib/mediawiki";
system.stateVersion = "21.05";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
];
imports = [ sources.nix-hexchen.nixosModules.profiles.nopersist ];
networking.hosts."127.0.0.1" = [ "wiki.lantifa.org" ];
users.users.mediawiki.extraGroups = [ "keys" ];

View file

@ -22,9 +22,7 @@ in {
users.users.root.hashedPassword = "";
system.stateVersion = "21.05";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
];
imports = [ sources.nix-hexchen.nixosModules.profiles.nopersist ];
nixpkgs.overlays = [ (self: super: { inherit mattermost; }) ];

View file

@ -19,7 +19,7 @@
system.stateVersion = "21.05";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
sources.nix-hexchen.nixosModules.profiles.nopersist
(import "${sources.nixpkgs-unstable}/nixos/modules/services/web-apps/nextcloud.nix")
];

View file

@ -20,9 +20,7 @@ in {
users.users.root.hashedPassword = "";
system.stateVersion = "21.05";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
];
imports = [ sources.nix-hexchen.nixosModules.profiles.nopersist ];
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;