Compare commits

..

2 commits

Author SHA1 Message Date
78845777ad
julia_15: nixpkgs unstable → 21.05
Apparently the working julia version was moved into a stable channel since I
last looked at this, and the version in unstable is broken again. Fun!

Anyways, it builds again now (as part of parsons's config)
2021-08-26 22:11:54 +02:00
a00e28d85a
add pluto notebook server
Pluto [1] is one of these interactive notebook thingies that have become
so unreasonably popular with people doing machine learning or data
analysis, but – somewhat surprisingly – it's actually not shit (e.g. no
global mutable state in the notebook, no weird unreadable fileformat
that doesn't play well with version control, etc.)

In particular, it can be used collaboratively (while it doesn't do
real-time collaborative editing like a pad, it /does/ push out global
updates each time someone executes a cell, so it's reasonably close),
and I think it may be useful to have for julia-hacking sessions.

It may also be useful for people running low-end laptops, since code is
executed on the host — and I guess hainich has enough unused ressources
lying around that we can spare a few.

After deploying this, the notebook server should be reachable via:
  ssh hainich -L 9999:localhost:9999
and then visiting http://localhost:9999

Caveats: by design, pluto allows a user to execute arbitrary code on the
host. That is its main function, and not something we can prevent. I've
tried to mitigate this as far as possible by:
 - only allowing access via ssh port forwarding. In theory pluto does
   have basic access control, but that works via a secret link that
   it'll spit to stdout on startup (i.e. the journal), which cannot be
   set in advance, nor regenerted without restarting the entire process.
   Unfortunately, this means we won't be able to use it at e.g.
   conference sessions with people who don't have access to our infra
 - running it in a nixos-container as its own user, so it should never
   get any kind of access to the "main" directory tree apart from a
   single directory that we can keep notebooks in (which is currently a
   bind mount set to /data/pluto)
 - limiting memory and cpu for that container via systemd (less out of
   worry for exploits, and more so that a few accidental while-true
   loops will never consume enough cpu time to noticebly slow down
   anything else). The current limits for both a chosen relatively low;
   we'll have to see if they become too limiting should anyone run an
   actual weather model on this.

Things we could also do:
 - currently, the container does not have its own network (mostly since
   that would make it slightly less convenient to use with port
   forwarding); in theory, pluto should even be able to run entirely
   without internet access of its own, but I'm not sure if this would
   break things like loading images / raw data into a notebook
 - make the container ephemeral, and only keep the directory containing
   the notebooks. I haven't done this since it would require
   recompilation of pluto each time the container is wiped, which makes
   for a potentially inconvenient startup time (though still < 3-5 mins)

Questions:
 - have I missed anything important that should definitely be also
   sandboxed / limited in some way?
 - in general, are we comfortable running something like this?
 - would we (in principle) be comfortable opening this up to other
   people for congress sessions (assuming we figure out a reasonable
   access control)?

Notes to deployer:
 - while I have not tested this on hainich, it works on my own server
 - you will probably have to create the /data/pluto directory for the
   bind mount, and make it world-writable (or chown it to the pluto user
   inside the container)

[1] https://github.com/fonsp/Pluto.jl/
2021-08-26 21:27:49 +02:00
249 changed files with 2017 additions and 40472 deletions

View file

@ -7,3 +7,10 @@ build-parsons:
stage: build stage: build
script: script:
- nix-build -A deploy.parsons - nix-build -A deploy.parsons
build-nixda:
tags:
- nix
stage: build
script:
- nix-build -A deploy.nixda

View file

@ -10,8 +10,6 @@ welcome to hacc nixfiles (haccfiles). this is the code describing our nix-based
- `modules/`: home-grown modules for hacc-specific services - `modules/`: home-grown modules for hacc-specific services
- `nix/`: sources files, managed with niv - `nix/`: sources files, managed with niv
- `pkgs/`: packages we built and don't want to upstream - `pkgs/`: packages we built and don't want to upstream
- `hosts/`: configuration.nix per host
- `services/`: all services we run; imported in appropriate host config
## working with the haccfiles ## working with the haccfiles
@ -22,19 +20,6 @@ nix build -f . deploy.$hostname && ./result switch
`$hostname` can be replaced with any hostname or group `$hostname` can be replaced with any hostname or group
## I don't want to build this long dependency / want a cached version!
If it's still available on parsons from a previous deploy, do:
```shell
nix copy --from ssh://parsons /nix/store/...
```
Note: don't just copy the .drv file (which Nix complains about if it can't
build something), that's just the description of how to build it! If you
don't know the actual outpath, look in the .drv file (should start with
`Derive([("out","[the path you want]"...`)
## committing to haccfiles ## committing to haccfiles
- Golden Rule: DO NOT COMMIT TO MAIN - Golden Rule: DO NOT COMMIT TO MAIN
- exceptions apply, if you are not sure where to commit, don't commit to main - exceptions apply, if you are not sure where to commit, don't commit to main

View file

@ -36,6 +36,7 @@ in {
security.sudo.wheelNeedsPassword = lib.mkDefault false; security.sudo.wheelNeedsPassword = lib.mkDefault false;
i18n.defaultLocale = "en_IE.UTF-8"; i18n.defaultLocale = "en_IE.UTF-8";
time.timeZone = "UTC";
console = { console = {
font = "Lat2-Terminus16"; font = "Lat2-Terminus16";
keyMap = "de"; keyMap = "de";
@ -44,8 +45,8 @@ in {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
smartmontools lm_sensors htop tcpdump nload iftop smartmontools lm_sensors htop tcpdump nload iftop
bottom # bottom
ripgrep vgrep ripgrep
git wget git wget
kitty.terminfo kitty.terminfo
rsync pv progress rsync pv progress
@ -61,7 +62,7 @@ in {
socat socat
tmux tmux
gnupg gnupg
vim neovim vim
patchelf patchelf
binutils binutils
dnsutils dnsutils
@ -69,8 +70,6 @@ in {
nmap nmap
s-tui stress s-tui stress
ffmpeg-full ffmpeg-full
bat
niv
]; ];
security.acme.email = "info+acme@hacc.space"; security.acme.email = "info+acme@hacc.space";

View file

@ -48,13 +48,13 @@
packages = with pkgs; [ ffmpeg ]; packages = with pkgs; [ ffmpeg ];
}; };
moira = { schweby = {
uid = 1004; uid = 1004;
shell = pkgs.fish; shell = pkgs.fish;
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "cdrom" ]; extraGroups = [ "wheel" "cdrom" ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJrcJRF71+XM5YZj+SaSiGcdVZ0IDxGBXIWssDtHiTtr moira_2022_06" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL6JWi0MBDz0Zy4zjauQv28xYmHyapb8D4zeesq91LLE schweby@txsbcct"
]; ];
hashedPassword = "$6$zkAsaVdmIduqZxez$GY9aBlYeP41F0it/VbbZzLLLRQhHAbDdFsa3e/1GS9McTuSimMHODg6HqNVEH1zSqD3afhK/0UHfqbtF5qpi90"; hashedPassword = "$6$zkAsaVdmIduqZxez$GY9aBlYeP41F0it/VbbZzLLLRQhHAbDdFsa3e/1GS9McTuSimMHODg6HqNVEH1zSqD3afhK/0UHfqbtF5qpi90";
}; };

View file

@ -9,19 +9,17 @@
# boot.plymouth.splashBeforeUnlock = true; # boot.plymouth.splashBeforeUnlock = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
pulsemixer pavucontrol pulsemixer pavucontrol
firefox kitty j4-dmenu-desktop bemenu firefox git kitty j4-dmenu-desktop bemenu
breeze-qt5 mako breeze-qt5 mako
mpv youtube-dl mpv youtube-dl
wl-clipboard mumble wl-clipboard mumble
xdg_utils xdg_utils
slurp grim libnotify slurp grim libnotify
_1password-gui _1password-gui
gimp
# gnome3.nautilus # gnome3.nautilus
] ++ (with pkgs; [ alacritty picom feh copyq polybar cinnamon.nemo rofi arandr notepadqq nomacs imv gthumb ]); ] ++ (with pkgs; [ alacritty picom feh copyq polybar cinnamon.nemo rofi arandr notepadqq nomacs bat ]);
sound.enable = true; sound.enable = true;
time.timeZone = "Europe/Berlin";
hardware.pulseaudio = { hardware.pulseaudio = {
enable = true; enable = true;
package = pkgs.pulseaudioFull; package = pkgs.pulseaudioFull;

View file

@ -25,7 +25,7 @@
networking.hostName = "nixda"; # Define your hostname. networking.hostName = "nixda"; # Define your hostname.
environment.systemPackages = with pkgs; [ blackmagicDesktopVideo blender companion ]; environment.systemPackages = with pkgs; [ blackmagicDesktopVideo blender ];
networking.wg-quick.interfaces.cornbox = { networking.wg-quick.interfaces.cornbox = {
privateKeyFile = "/etc/wireguard/cornbox.key"; privateKeyFile = "/etc/wireguard/cornbox.key";
@ -54,21 +54,12 @@
isNormalUser = true; isNormalUser = true;
password = "hacchacc"; password = "hacchacc";
extraGroups = [ "audio" "video" ]; extraGroups = [ "audio" "video" ];
openssh.authorizedKeys.keys = with pkgs.lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
}; };
services.pipewire.enable = true; services.pipewire.enable = true;
services.pipewire.pulse.enable = true; services.pipewire.pulse.enable = true;
hardware.pulseaudio.enable = lib.mkForce false; hardware.pulseaudio.enable = lib.mkForce false;
services.udev.extraRules = ''
SUBSYSTEM=="input", GROUP="input", MODE="0666"
SUBSYSTEM=="usb", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="006?", MODE:="666", GROUP="plugdev"
KERNEL=="hidraw", ATTRS{idVendor}=="0fd9", ATTRS{idProduct}=="006?", MODE:="666", GROUP="plugdev"
SUBSYSTEM=="usb", ATTRS{idVendor}=="ffff", ATTRS{idProduct}=="1f4?", MODE:="666", GROUP="plugdev"
KERNEL=="hidraw", ATTRS{idVendor}=="ffff", ATTRS{idProduct}=="1f4?", MODE:="666", GROUP="plugdev"
'';
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave # on your system were taken. Its perfectly fine and recommended to leave

View file

@ -16,12 +16,12 @@
../../services/hedgedoc-i4f.nix ../../services/hedgedoc-i4f.nix
../../services/mail.nix ../../services/mail.nix
../../services/syncthing.nix ../../services/syncthing.nix
../../services/gitea.nix ../../services/gitlab.nix
../../services/nginx-pages.nix ../../services/nginx-pages.nix
../../services/gitlab-runner.nix
../../services/unifi.nix
../../services/lantifa.nix ../../services/lantifa.nix
../../services/vaultwarden.nix ../../services/pluto.nix
../../services/uffd.nix
# ../../services/workadventure.nix
./lxc.nix ./lxc.nix
]; ];
@ -79,7 +79,7 @@
services.restic.backups.tardis = { services.restic.backups.tardis = {
passwordFile = "/persist/restic/system"; passwordFile = "/persist/restic/system";
environmentFile = "/persist/restic/system.s3creds"; s3CredentialsFile = "/persist/restic/system.s3creds";
paths = [ paths = [
"/home" "/home"
"/persist" "/persist"

View file

@ -5,12 +5,5 @@ in {
imports = [ imports = [
./nftnat ./nftnat
./decklink.nix ./decklink.nix
./websites.nix
];
# disabled since vaultwarden defines a dummy bitwarden_rs option that
# shows a deprication warning, which conflicts with this module
disabledModules = [
"services/security/bitwarden_rs/default.nix"
]; ];
} }

View file

@ -6,9 +6,13 @@ let
cfg = config.services.mattermost-patched; cfg = config.services.mattermost-patched;
defaultConfig = builtins.fromJSON (builtins.replaceStrings [ "\\u0026" ] [ "&" ]
(readFile "${pkgs.mattermost}/config/config.json")
);
database = "postgres://${cfg.localDatabaseUser}:${cfg.localDatabasePassword}@localhost:5432/${cfg.localDatabaseName}?sslmode=disable&connect_timeout=10"; database = "postgres://${cfg.localDatabaseUser}:${cfg.localDatabasePassword}@localhost:5432/${cfg.localDatabaseName}?sslmode=disable&connect_timeout=10";
mattermostConf = foldl recursiveUpdate {} mattermostConf = foldl recursiveUpdate defaultConfig
[ { ServiceSettings.SiteURL = cfg.siteUrl; [ { ServiceSettings.SiteURL = cfg.siteUrl;
ServiceSettings.ListenAddress = cfg.listenAddress; ServiceSettings.ListenAddress = cfg.listenAddress;
TeamSettings.SiteName = cfg.siteName; TeamSettings.SiteName = cfg.siteName;
@ -223,7 +227,7 @@ in
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
ExecStart = "${pkgs.mattermost}/bin/mattermost" + ExecStart = "${pkgs.mattermost}/bin/mattermost" +
(if cfg.mutableConfig then " -c ${database}" else " -c ${cfg.statePath}/config/config.json"); (lib.optionalString (!cfg.mutableConfig) " -c ${database}");
WorkingDirectory = "${cfg.statePath}"; WorkingDirectory = "${cfg.statePath}";
Restart = "always"; Restart = "always";
RestartSec = "10"; RestartSec = "10";

View file

@ -285,14 +285,6 @@ in {
phone-numbers. phone-numbers.
''; '';
}; };
defaultapp = mkOption {
default = null;
type = types.nullOr types.str;
example = "files";
description = ''
This options sets the app that opens as default.
'';
};
}; };
caching = { caching = {
@ -485,7 +477,6 @@ in {
${optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"} ${optionalString cfg.caching.apcu "'memcache.local' => '\\OC\\Memcache\\APCu',"}
'log_type' => 'syslog', 'log_type' => 'syslog',
'log_level' => '${builtins.toString cfg.logLevel}', 'log_level' => '${builtins.toString cfg.logLevel}',
${optionalString (c.defaultapp != null) "'defaultapp' => '${c.defaultapp}',"}
${optionalString (c.overwriteProtocol != null) "'overwriteprotocol' => '${c.overwriteProtocol}',"} ${optionalString (c.overwriteProtocol != null) "'overwriteprotocol' => '${c.overwriteProtocol}',"}
${optionalString (c.dbname != null) "'dbname' => '${c.dbname}',"} ${optionalString (c.dbname != null) "'dbname' => '${c.dbname}',"}
${optionalString (c.dbhost != null) "'dbhost' => '${c.dbhost}',"} ${optionalString (c.dbhost != null) "'dbhost' => '${c.dbhost}',"}

View file

@ -1,53 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.hacc.websites;
in
{
options.hacc.websites = {
enable = mkOption {
type = types.bool;
default = false;
};
directory = mkOption {
type = types.path;
description = "all subdirectories of the given path are expected to contain a (static) website";
};
ignore = mkOption {
type = types.listOf types.str;
default = [];
description = "subdirectories that shouldn't be published";
};
};
config = mkIf cfg.enable {
services.nginx = {
enable = true;
virtualHosts =
let
subdirs =
let dirAttrs = filterAttrs
(n: v: v == "directory" || lists.elem n cfg.ignore)
(builtins.readDir cfg.directory);
in mapAttrsToList (n: v: n) dirAttrs;
mkWebsite = subdir: {
name = subdir;
# the nginx virtualhost config (for all sites) goes in here
value = {
enableACME = true;
forceSSL = true;
# naive string interpolation is safe here since nix will always immediately
# resolve relative paths to absolute paths; it's not lazy about that.
locations."/".root =
(pkgs.callPackage "${cfg.directory}/${subdir}" {}).outPath;
};
};
in listToAttrs (map mkWebsite subdirs);
};
};
}

View file

@ -2,19 +2,19 @@
"haccmap": { "haccmap": {
"branch": "master", "branch": "master",
"repo": "https://gitlab.infra4future.de/hacc/haccspace-rc3-map", "repo": "https://gitlab.infra4future.de/hacc/haccspace-rc3-map",
"rev": "9490ebf656ef379e51cb518ec0038e15d6aeaac6", "rev": "3b99ee7e5bb2f27044784d03572da77d39cb2427",
"type": "git" "type": "git"
}, },
"home-manager": { "home-manager": {
"branch": "release-21.11", "branch": "release-21.05",
"description": "Manage a user environment using Nix [maintainer=@rycee] ", "description": "Manage a user environment using Nix [maintainer=@rycee] ",
"homepage": "https://nix-community.github.io/home-manager/", "homepage": "https://nix-community.github.io/home-manager/",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "d93d56ab8c1c6aa575854a79b9d2f69d491db7d0", "rev": "b39647e52ed3c0b989e9d5c965e598ae4c38d7ef",
"sha256": "1fi27zabvqlyc2ggg7wr01j813gs46rswg1i897h9hqkbgqsjkny", "sha256": "0xw1vgwfdn75rgamcsi5j1iqfl0j06x8xp92k24wr9hayfr5m400",
"type": "tarball", "type": "tarball",
"url": "https://github.com/nix-community/home-manager/archive/d93d56ab8c1c6aa575854a79b9d2f69d491db7d0.tar.gz", "url": "https://github.com/nix-community/home-manager/archive/b39647e52ed3c0b989e9d5c965e598ae4c38d7ef.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}, },
"mattermost-server": { "mattermost-server": {
@ -23,19 +23,25 @@
"homepage": "https://mattermost.com", "homepage": "https://mattermost.com",
"owner": "mattermost", "owner": "mattermost",
"repo": "mattermost-server", "repo": "mattermost-server",
"rev": "2ea14ef395fad8919b2f4137642a7f50b370ffba", "rev": "868b8d91db6e8a0525a9e93c50a388625d426a4a",
"sha256": "1k5zqnc4yqnad2cw1wpqk22mjra08jz9gf4v692kbrgx3x4d13kh", "sha256": "1vihpmy7253yl87arlz8y9rahk1q69blykwm3172dk1hxajr7c13",
"type": "tarball", "type": "tarball",
"url": "https://github.com/mattermost/mattermost-server/archive/refs/tags/v6.7.2.tar.gz", "url": "https://github.com/mattermost/mattermost-server/archive/refs/tags/v5.37.1.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/refs/tags/v<version>.tar.gz", "url_template": "https://github.com/<owner>/<repo>/archive/refs/tags/v<version>.tar.gz",
"version": "6.7.2" "version": "5.37.1"
}, },
"mattermost-webapp": { "mattermost-webapp": {
"sha256": "0pwjfklk0q28yza2iny0im5pq3x430jskvq6rvfq7ycx251s98hx", "sha256": "00q1kcfda2z69ijpw71a6cbj76p5f57nj7pym44pp4cadi2wz180",
"type": "tarball", "type": "tarball",
"url": "https://releases.mattermost.com/6.7.2/mattermost-6.7.2-linux-amd64.tar.gz", "url": "https://releases.mattermost.com/5.37.1/mattermost-5.37.1-linux-amd64.tar.gz",
"url_template": "https://releases.mattermost.com/<version>/mattermost-<version>-linux-amd64.tar.gz", "url_template": "https://releases.mattermost.com/<version>/mattermost-<version>-linux-amd64.tar.gz",
"version": "6.7.2" "version": "5.37.1"
},
"mumble-website": {
"branch": "master",
"repo": "https://gitlab.infra4future.de/hacc/infra4future/mumble.infra4future.de.git",
"rev": "3a70bf8aa1f4bb56524d36153b84cfb538c4f787",
"type": "git"
}, },
"niv": { "niv": {
"branch": "master", "branch": "master",
@ -43,10 +49,10 @@
"homepage": "https://github.com/nmattia/niv", "homepage": "https://github.com/nmattia/niv",
"owner": "nmattia", "owner": "nmattia",
"repo": "niv", "repo": "niv",
"rev": "82e5cd1ad3c387863f0545d7591512e76ab0fc41", "rev": "e0ca65c81a2d7a4d82a189f1e23a48d59ad42070",
"sha256": "090l219mzc0gi33i3psgph6s2pwsc8qy4lyrqjdj4qzkvmaj65a7", "sha256": "1pq9nh1d8nn3xvbdny8fafzw87mj7gsmp6pxkdl65w2g18rmcmzx",
"type": "tarball", "type": "tarball",
"url": "https://github.com/nmattia/niv/archive/82e5cd1ad3c387863f0545d7591512e76ab0fc41.tar.gz", "url": "https://github.com/nmattia/niv/archive/e0ca65c81a2d7a4d82a189f1e23a48d59ad42070.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}, },
"nix-hexchen": { "nix-hexchen": {
@ -60,25 +66,25 @@
"url_template": "<repo>/-/archive/<rev>.tar.gz" "url_template": "<repo>/-/archive/<rev>.tar.gz"
}, },
"nixos-mailserver": { "nixos-mailserver": {
"branch": "nixos-21.11", "branch": "nixos-21.05",
"ref": "nixos-21.11", "ref": "nixos-21.05",
"repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver", "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver",
"rev": "6e3a7b2ea6f0d68b82027b988aa25d3423787303", "rev": "5675b122a947b40e551438df6a623efad19fd2e7",
"sha256": "1i56llz037x416bw698v8j6arvv622qc0vsycd20lx3yx8n77n44", "sha256": "1fwhb7a5v9c98nzhf3dyqf3a5ianqh7k50zizj8v5nmj3blxw4pi",
"type": "tarball", "type": "tarball",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/6e3a7b2ea6f0d68b82027b988aa25d3423787303.tar.gz", "url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/5675b122a947b40e551438df6a623efad19fd2e7.tar.gz",
"url_template": "<repo>/-/archive/<rev>.tar.gz" "url_template": "<repo>/-/archive/<rev>.tar.gz"
}, },
"nixpkgs": { "nixpkgs": {
"branch": "nixos-21.11", "branch": "nixos-21.05",
"description": "Nix Packages collection", "description": "Nix Packages collection",
"homepage": "", "homepage": "",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "eabc38219184cc3e04a974fe31857d8e0eac098d", "rev": "2d6ab6c6b92f7aaf8bc53baba9754b9bfdce56f2",
"sha256": "04ffwp2gzq0hhz7siskw6qh9ys8ragp7285vi1zh8xjksxn1msc5", "sha256": "1aafqly1mcqxh0r15mrlsrs4znldhm7cizsmfp3d25lqssay6gjd",
"type": "tarball", "type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/eabc38219184cc3e04a974fe31857d8e0eac098d.tar.gz", "url": "https://github.com/nixos/nixpkgs/archive/2d6ab6c6b92f7aaf8bc53baba9754b9bfdce56f2.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
@ -87,16 +93,22 @@
"homepage": "", "homepage": "",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90", "rev": "fe01052444c1d66ed6ef76df2af798c9769e9e79",
"sha256": "0dq22dagzk76x2ws4dz88w018i6byamd6rnzqizx68bzimg6g7xn", "sha256": "0z99hwxgrvlf0psicwd97kdqqcc3qngfzmcz7k68q6q868y8582y",
"type": "tarball", "type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/ae1dc133ea5f1538d035af41e5ddbc2ebcb67b90.tar.gz", "url": "https://github.com/nixos/nixpkgs/archive/fe01052444c1d66ed6ef76df2af798c9769e9e79.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz" "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}, },
"pbb-nixfiles": {
"branch": "main",
"repo": "https://git.petabyte.dev/petabyteboy/nixfiles.git",
"rev": "ce2d8bbb9eaf1bbc9bd00cb60bf633ecbae86415",
"type": "git"
},
"workadventure": { "workadventure": {
"branch": "master", "branch": "master",
"repo": "https://stuebinm.eu/git/workadventure-nix", "repo": "https://stuebinm.eu/git/workadventure-nix",
"rev": "8db4bbc5eccaac218c68fb0853f1972dadd7a40c", "rev": "9adf5b9de18ebfbd5e688bb1b3f040cbc8602c6f",
"type": "git" "type": "git"
} }
} }

View file

@ -31,28 +31,8 @@ let
if spec ? branch then "refs/heads/${spec.branch}" else if spec ? branch then "refs/heads/${spec.branch}" else
if spec ? tag then "refs/tags/${spec.tag}" else if spec ? tag then "refs/tags/${spec.tag}" else
abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!";
submodules = if spec ? submodules then spec.submodules else false;
submoduleArg =
let
nixSupportsSubmodules = builtins.compareVersions builtins.nixVersion "2.4" >= 0;
emptyArgWithWarning =
if submodules == true
then
builtins.trace
(
"The niv input \"${name}\" uses submodules "
+ "but your nix's (${builtins.nixVersion}) builtins.fetchGit "
+ "does not support them"
)
{}
else {};
in in
if nixSupportsSubmodules builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; };
then { inherit submodules; }
else emptyArgWithWarning;
in
builtins.fetchGit
({ url = spec.repo; inherit (spec) rev; inherit ref; } // submoduleArg);
fetch_local = spec: spec.path; fetch_local = spec: spec.path;

View file

@ -4,21 +4,21 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "blackmagic-desktop-video"; pname = "blackmagic-desktop-video";
version = "12.2.2"; version = "12.0";
buildInputs = [ buildInputs = [
libcxx libcxxabi libcxx libcxxabi
]; ];
src = requireFile { src = requireFile {
name = "Blackmagic_Desktop_Video_Linux_12.2.2.tar.gz"; name = "Blackmagic_Desktop_Video_Linux_12.1.tar.gz";
url = "https://www.blackmagicdesign.com/support/"; url = "https://www.blackmagicdesign.com/support/download/d99c3a1740b546f094ffbb30ddf1f4c1";
sha256 = "8bca946bd3f002d2d404a74210c881935351e1a0d03f750559b180fdb439ef35"; sha256 = "51febf247d22412beea2d637fcc34cc19b1a46df9a5bf0e157d95705bf7c7b73";
}; };
setSourceRoot = '' setSourceRoot = ''
tar xf Blackmagic_Desktop_Video_Linux_12.2.2/other/x86_64/desktopvideo-12.2.2a6-x86_64.tar.gz tar xf Blackmagic_Desktop_Video_Linux_12.1/other/x86_64/desktopvideo-12.1a9-x86_64.tar.gz
sourceRoot=$NIX_BUILD_TOP/desktopvideo-12.2.2a6-x86_64 sourceRoot=$NIX_BUILD_TOP/desktopvideo-12.1a9-x86_64
''; '';
installPhase = '' installPhase = ''
@ -39,7 +39,7 @@ stdenv.mkDerivation rec {
$out/bin/DesktopVideoHelper $out/bin/DesktopVideoHelper
''; '';
meta = with lib; { meta = with stdenv.lib; {
homepage = "https://www.blackmagicdesign.com/support/family/capture-and-playback"; homepage = "https://www.blackmagicdesign.com/support/family/capture-and-playback";
maintainers = [ maintainers.hexchen ]; maintainers = [ maintainers.hexchen ];
license = licenses.unfree; license = licenses.unfree;

View file

@ -1,92 +0,0 @@
{ stdenv, mkYarnPackage, mkYarnModules, fetchFromGitHub, libsass, python, python3, pkg-config, libusb, fetchurl, nodejs, electron, writeText, makeWrapper, udev, nodePackages, libvips }:
let
version = "2.1.3";
source = fetchFromGitHub {
owner = "bitfocus";
repo = "companion";
# rev = "v${version}";
rev = "1cc51029a19d7263a09058f73922277ca53a1583";
sha256 = "0305wwdic3n20whzhh9zqcd3dwj7hc4fpycs645ncc3sk48azmj0";
};
nodeHeaders = fetchurl {
url = "https://nodejs.org/download/release/v${nodejs.version}/node-v${nodejs.version}-headers.tar.gz";
sha256 = "19b0dg8292cjx758wlrvpb3jf520bpyvjal2n7r4fyvk38x9flik";
};
webui = mkYarnPackage rec {
inherit version;
pname = "bitfocus-companion-webui";
src = "${source}/webui";
configurePhase = "
cp -r $node_modules node_modules
chmod -R u+w node_modules
";
buildPhase = "PUBLIC_URL=. yarn build";
installPhase = "mv build $out";
distPhase = "true";
yarnNix = ./yarn-webui.nix;
pkgConfig = {
node-sass = {
buildInputs = [ libsass python ];
postInstall = "node scripts/build.js --tarball=${nodeHeaders}";
};
};
};
yarnModulesNoWorkspace = args: (mkYarnModules args).overrideAttrs(old: {
buildPhase = builtins.replaceStrings [" ./package.json"] [" /dev/null; cp deps/*/package.json ."] old.buildPhase;
});
modules = yarnModulesNoWorkspace rec {
inherit version;
pname = "companion-modules";
name = "${pname}-${version}";
yarnNix = ./yarn.nix;
packageJSON = "${source}/package.json";
yarnLock = "${source}/yarn.lock";
pkgConfig = {
node-hid = {
buildInputs = [ udev libusb python3 pkg-config ];
postInstall = "${nodePackages.node-gyp}/bin/node-gyp rebuild --tarball=${nodeHeaders}";
};
sharp = {
buildInputs = [ libvips pkg-config ];
postInstall = ''
sed -i "s|<!(node -p \"require(\\\\'./lib/libvips\\\\').minimumLibvipsVersion\")|${libvips.version}|" binding.gyp
sed -i "s|<!(node -p \"require(\\\\'./lib/libvips\\\\').pkgConfigPath()\")||" binding.gyp
sed -i "s|<!(node -p \"Boolean(require(\\\\'./lib/libvips\\\\').useGlobalLibvips()).toString()\")|true|" binding.gyp
sed -i "s|PKG_CONFIG_PATH=\"<(pkg_config_path)\" ||" binding.gyp
${nodePackages.node-gyp}/bin/node-gyp rebuild --tarball=${nodeHeaders}
'';
};
};
};
in stdenv.mkDerivation rec {
inherit version webui modules;
pname = "bitfocus-companion";
src = source;
nativeBuildInputs = [ makeWrapper ];
configurePhase = "";
buildPhase = "";
installPhase = ''
mkdir -p $out/share
cp --no-preserve=mode -r $src "$out/share/companion"
echo "nixos-f00baa-0" > $out/share/companion/BUILD
ln -s '${webui}' "$out/share/companion/static"
cp -r '${modules}/node_modules' "$out/share/companion/node_modules"
sed -i "s|process.resourcesPath|\"$out/share/companion\"|" $out/share/companion/lib/server_http.js
sed -i "s|require('app-root-path')|\"$out/share/companion\"|" $out/share/companion/{app,lib/{schedule,help,instance}}.js
makeWrapper '${electron}/bin/electron' "$out/bin/companion" \
--add-flags "$out/share/companion"
'';
}

View file

@ -1,478 +0,0 @@
{
"name": "companion",
"version": "2.2.0",
"description": "Companion",
"main": "electron.js",
"build": {
"productName": "Companion",
"appId": "companion.bitfocus.no",
"remoteBuild": false,
"dmg": {
"artifactName": "companion-mac-${arch}.dmg",
"sign": true
},
"mac": {
"target": "dmg",
"category": "no.bitfocus.companion",
"extendInfo": {
"LSBackgroundOnly": 1,
"LSUIElement": 1
},
"extraFiles": [
{
"from": "./node_modules/sharp/vendor/8.10.6/lib",
"to": "Frameworks",
"filter": [
"!glib-2.0/**/*"
]
}
]
},
"win": {
"target": "nsis",
"extraFiles": [
{
"from": "./node_modules/sharp/build/Release",
"to": ".",
"filter": [
"lib*.dll"
]
}
]
},
"nsis": {
"artifactName": "companion-win64.exe",
"createStartMenuShortcut": true,
"perMachine": true,
"oneClick": false,
"allowElevation": true,
"allowToChangeInstallationDirectory": true,
"installerIcon": "icon.ico",
"installerSidebar": "compinst.bmp",
"uninstallerSidebar": "compinst.bmp"
},
"directories": {
"buildResources": "assets/",
"output": "electron-output/"
},
"linux": {
"target": "dir",
"extraFiles": [
{
"from": "./node_modules/sharp/vendor/8.10.6/lib",
"to": ".",
"filter": [
"libvips*.so.*"
]
}
]
},
"files": [
"**/*",
"assets/icon.png",
"assets/bitfocus-logo.png",
"assets/trayTemplate.png",
"assets/trayTemplate@2x.png",
"!webui/**/*",
"!font/*",
"!tools/*",
"!*.md",
"!node_modules/sharp/vendor/lib"
],
"extraResources": [
{
"from": "webui/build",
"to": "static"
}
]
},
"scripts": {
"prod": "./tools/build_writefile.sh && electron .",
"dev": "./tools/build_writefile.sh && cross-env DEVELOPER=1 electron .",
"update": "./tools/update.sh",
"pack": "electron-builder --dir",
"dist:webui": "yarn --cwd webui build",
"dist:prepare": "./tools/build_writefile.sh ; rm -rf electron-output && yarn dist:webui",
"dist": "yarn dist:prepare && yarn electron-rebuild && electron-builder",
"electron-rebuild": "yarn dist:prepare:sharp && electron-builder install-app-deps",
"testprod": "./node_modules/electron/cli.js .",
"macdist": "yarn dist:prepare && yarn dist:prepare:mac-x64 && electron-builder --publish=never --x64 --mac",
"macarmdist": "yarn dist:prepare && yarn dist:prepare:mac-arm64 && electron-builder --publish=never --arm64 --mac",
"windist": "yarn dist:prepare && yarn dist:prepare:win && electron-builder --publish=never --x64 --win",
"lindist": "yarn dist:prepare && yarn dist:prepare:linux && electron-builder --publish=never --x64 --linux",
"rpidist": "yarn dist:prepare && yarn dist:prepare:rpi && electron-builder --publish=never --armv7l --linux",
"dist:prepare:sharp": "cd node_modules/sharp && rimraf vendor && node install/libvips && node install/dll-copy",
"dist:prepare:win": "cross-env npm_config_platform=win32 npm_config_arch=x64 yarn dist:prepare:sharp",
"dist:prepare:mac-x64": "cross-env npm_config_platform=darwin npm_config_arch=x64 yarn dist:prepare:sharp",
"dist:prepare:mac-arm64": "cross-env npm_config_platform=darwin npm_config_arch=arm64 yarn dist:prepare:sharp",
"dist:prepare:linux": "cross-env npm_config_platform=linux npm_config_arch=x64 yarn dist:prepare:sharp",
"dist:prepare:rpi": "cross-env npm_config_platform=linux npm_config_arch=arm yarn dist:prepare:sharp",
"test": "mocha",
"postinstall": "./tools/build_writefile.sh",
"headless": "nodemon --ignore './webui/' headless.js",
"dev-headless": "./tools/build_writefile.sh && cross-env DEVELOPER=1 nodemon --ignore './webui/' headless.js",
"dev-webui": "yarn --cwd webui dev",
"format": "prettier --write ."
},
"repository": "https://github.com/bitfocus/companion",
"keywords": [
"bitfocus",
"companion"
],
"engines": {
"npm": "please-use-yarn",
"yarn": "^1.22",
"node": "^14.16"
},
"managed_node_version": "14",
"author": "Bitfocus AS",
"license": "MIT",
"devDependencies": {
"asar": "^3.0.3",
"aws-sdk": "^2.931.0",
"chai": "^4.3.4",
"chai-fs": "^2.0.0",
"cross-env": "^7.0.3",
"electron": "^13.1.2",
"electron-builder": "22.11.7",
"mocha": "^6.2.3",
"nodemon": "^2.0.7",
"p-all": "^3.0.0",
"prettier": "^2.3.1",
"rimraf": "^3.0.2",
"s3-upload-stream": "^1.0.7"
},
"dependencies": {
"@sentry/electron": "^2.5.0",
"app-root-path": "^3.0.0",
"binopsy": "^0.0.0",
"check-ip": "^1.1.1",
"companion-module-7thsensedesign-delta": "github:bitfocus/companion-module-7thsensedesign-delta#v1.0.1",
"companion-module-agf-characterworks": "github:bitfocus/companion-module-agf-characterworks#v1.0.3",
"companion-module-aja-helo": "github:bitfocus/companion-module-aja-helo#v1.0.2",
"companion-module-aja-kipro": "github:bitfocus/companion-module-aja-kipro#v2.0.11",
"companion-module-aja-kumo": "github:bitfocus/companion-module-aja-kumo#v1.0.5",
"companion-module-allenheath-dlive-ilive": "github:bitfocus/companion-module-allenheath-dlive-ilive#v1.3.7",
"companion-module-allenheath-qu": "github:bitfocus/companion-module-allenheath-qu#v1.0.7",
"companion-module-allenheath-sq": "github:bitfocus/companion-module-allenheath-sq#v1.3.8",
"companion-module-analogway-eks500": "github:bitfocus/companion-module-analogway-eks500#v1.0.1",
"companion-module-analogway-livecore": "github:bitfocus/companion-module-analogway-livecore#v1.1.1",
"companion-module-analogway-livepremier": "github:bitfocus/companion-module-analogway-livepremier#v1.0.2",
"companion-module-analogway-midra": "github:bitfocus/companion-module-analogway-midra#v1.0.2",
"companion-module-analogway-picturall": "github:bitfocus/companion-module-analogway-picturall#v1.2.1",
"companion-module-analogway-pls300": "github:bitfocus/companion-module-analogway-pls300#v1.0.3",
"companion-module-analogway-vertige": "github:bitfocus/companion-module-analogway-vertige#v1.0.0",
"companion-module-analogway-vio": "github:bitfocus/companion-module-analogway-vio#v1.0.1",
"companion-module-anomes-millumin": "github:bitfocus/companion-module-anomes-millumin#v1.0.6",
"companion-module-arkaos-mediamaster": "github:bitfocus/companion-module-arkaos-mediamaster#v1.0.1",
"companion-module-aten-matrix": "github:bitfocus/companion-module-aten-matrix#v1.0.0",
"companion-module-audiostrom-liveprofessor": "github:bitfocus/companion-module-audiostrom-liveprofessor#v1.0.0",
"companion-module-audivero-unityintercom-client": "github:bitfocus/companion-module-audivero-unityintercom-client#v1.0.2",
"companion-module-avishop-hdbaset-matrix": "github:bitfocus/companion-module-avishop-hdbaset-matrix#v1.0.1",
"companion-module-avolites-ai": "github:bitfocus/companion-module-avolites-ai#v1.0.1",
"companion-module-avolites-titan": "github:bitfocus/companion-module-avolites-titan#v1.1.0",
"companion-module-avproconnect-acmx1616-auhd": "github:bitfocus/companion-module-avproconnect-acmx1616-auhd#v1.0.0",
"companion-module-avstumpfl-pixera": "github:bitfocus/companion-module-avstumpfl-pixera#v1.0.2",
"companion-module-axis-ptz": "github:bitfocus/companion-module-axis-ptz#v1.0.1",
"companion-module-barco-dcs": "github:bitfocus/companion-module-barco-dcs#v1.0.4",
"companion-module-barco-dp": "github:bitfocus/companion-module-barco-dp#v1.1.2",
"companion-module-barco-encore": "github:bitfocus/companion-module-barco-encore#v1.0.1",
"companion-module-barco-eventmaster": "github:bitfocus/companion-module-barco-eventmaster#v1.3.6",
"companion-module-barco-eventmaster-xml": "github:bitfocus/companion-module-barco-eventmaster-xml#v1.2.4",
"companion-module-barco-hdx": "github:bitfocus/companion-module-barco-hdx#v1.1.5",
"companion-module-barco-imagepro": "github:bitfocus/companion-module-barco-imagepro#v1.0.1",
"companion-module-barco-matrixpro": "github:bitfocus/companion-module-barco-matrixpro#v1.1.0",
"companion-module-barco-pds": "github:bitfocus/companion-module-barco-pds#v1.1.5",
"companion-module-barco-pulse": "github:bitfocus/companion-module-barco-pulse#v1.1.2",
"companion-module-bbc-raven": "github:bitfocus/companion-module-bbc-raven#v1.0.1",
"companion-module-behringer-wing": "github:bitfocus/companion-module-behringer-wing#v1.0.5",
"companion-module-behringer-x32": "github:bitfocus/companion-module-behringer-x32#v2.7.0",
"companion-module-behringer-xair": "github:bitfocus/companion-module-behringer-xair#v1.6.7",
"companion-module-biamp-audia": "github:bitfocus/companion-module-biamp-audia#v1.0.1",
"companion-module-birddog-studio": "github:bitfocus/companion-module-birddog-studio#v1.0.0",
"companion-module-birddog-visca": "github:bitfocus/companion-module-birddog-visca#v1.0.4",
"companion-module-bitfocus-companion": "github:bitfocus/companion-module-bitfocus-companion#v1.5.3",
"companion-module-bitfocus-snapshot": "github:bitfocus/companion-module-bitfocus-snapshot#v0.0.4",
"companion-module-blackbox-boxilla": "github:bitfocus/companion-module-blackbox-boxilla#v1.0.2",
"companion-module-blackdiamondvideo-phantom800": "github:bitfocus/companion-module-blackdiamondvideo-phantom800#v1.0.0",
"companion-module-bmd-atem": "github:bitfocus/companion-module-bmd-atem#v2.13.0",
"companion-module-bmd-audiomonitor": "github:bitfocus/companion-module-bmd-audiomonitor#v1.0.0",
"companion-module-bmd-hyperdeck": "github:bitfocus/companion-module-bmd-hyperdeck#v1.2.2",
"companion-module-bmd-multiview16": "github:bitfocus/companion-module-bmd-multiview16#v1.0.1",
"companion-module-bmd-multiview4": "github:bitfocus/companion-module-bmd-multiview4#v1.3.2",
"companion-module-bmd-smartview": "github:bitfocus/companion-module-bmd-smartview#v1.1.3",
"companion-module-bmd-teranex": "github:bitfocus/companion-module-bmd-teranex#v1.0.4",
"companion-module-bmd-videohub": "github:bitfocus/companion-module-bmd-videohub#v1.3.0",
"companion-module-bmd-webpresenterhd": "github:bitfocus/companion-module-bmd-webpresenterhd#v1.0.1",
"companion-module-boinx-mimolive": "github:bitfocus/companion-module-boinx-mimolive#v1.0.1",
"companion-module-borealsystems-director": "github:bitfocus/companion-module-borealsystems-director#v1.0.0",
"companion-module-brightsign-player": "github:bitfocus/companion-module-brightsign-player#v1.1.1",
"companion-module-brompton-tessera": "github:bitfocus/companion-module-brompton-tessera#v1.0.0",
"companion-module-canon-xf": "github:bitfocus/companion-module-canon-xf#v1.0.0",
"companion-module-casparcg-server": "github:bitfocus/companion-module-casparcg-server#v1.0.2",
"companion-module-chamsys-magicq-osc": "github:bitfocus/companion-module-chamsys-magicq-osc#v1.0.1",
"companion-module-chamsys-magicq-udp": "github:bitfocus/companion-module-chamsys-magicq-udp#v1.0.2",
"companion-module-christie-pandorasbox": "github:bitfocus/companion-module-christie-pandorasbox#v2.0.2",
"companion-module-christie-projector": "github:bitfocus/companion-module-christie-projector#v2.0.3",
"companion-module-christie-spyder": "github:bitfocus/companion-module-christie-spyder#v1.0.0",
"companion-module-christie-wd": "github:bitfocus/companion-module-christie-wd#v1.0.6",
"companion-module-cisco-cms": "github:bitfocus/companion-module-cisco-cms#v1.0.1",
"companion-module-cisco-webex-websocket": "github:bitfocus/companion-module-cisco-webex-websocket#v1.1.0",
"companion-module-cockos-reaper": "github:bitfocus/companion-module-cockos-reaper#v1.1.0",
"companion-module-connect-webcaster": "github:bitfocus/companion-module-connect-webcaster#v1.0.0",
"companion-module-crystal-scte": "github:bitfocus/companion-module-crystal-scte#v1.0.0",
"companion-module-dahuasecurity-ptz": "github:bitfocus/companion-module-dahuasecurity-ptz#v1.0.1",
"companion-module-dalite-scb": "github:bitfocus/companion-module-dalite-scb#v1.0.0",
"companion-module-dashare-multiplay": "github:bitfocus/companion-module-dashare-multiplay#v1.0.1",
"companion-module-datapath-fx4": "github:bitfocus/companion-module-datapath-fx4#v1.0.0",
"companion-module-dataton-watchout": "github:bitfocus/companion-module-dataton-watchout#v1.2.0",
"companion-module-datavideo-dvip": "github:bitfocus/companion-module-datavideo-dvip#v1.0.0",
"companion-module-datavideo-visca": "github:bitfocus/companion-module-datavideo-visca#v1.0.3",
"companion-module-dcc-ex-commandstation": "github:bitfocus/companion-module-dcc-ex-commandstation#v1.0.0",
"companion-module-denon-dn-500bd-mkii": "github:bitfocus/companion-module-denon-dn-500bd-mkii#v1.0.2",
"companion-module-denon-receiver": "github:bitfocus/companion-module-denon-receiver#v1.0.1",
"companion-module-denon-recorder": "github:bitfocus/companion-module-denon-recorder#v1.0.1",
"companion-module-depili-clock-8001": "github:bitfocus/companion-module-depili-clock-8001#v5.1.1",
"companion-module-dexon-dimax": "github:bitfocus/companion-module-dexon-dimax#v1.0.3",
"companion-module-dexon-divip": "github:bitfocus/companion-module-dexon-divip#v1.0.2",
"companion-module-dexon-matrix": "github:bitfocus/companion-module-dexon-matrix#v1.0.1",
"companion-module-digico-osc": "github:bitfocus/companion-module-digico-osc#v1.0.2",
"companion-module-digitalprojection-highlight": "github:bitfocus/companion-module-digitalprojection-highlight#v1.0.2",
"companion-module-disguise": "github:bitfocus/companion-module-disguise#v1.1.0",
"companion-module-disguise-mtc": "github:bitfocus/companion-module-disguise-mtc#v1.0.2",
"companion-module-dolby-cinemaprocessor": "github:bitfocus/companion-module-dolby-cinemaprocessor#v1.1.0",
"companion-module-draco-tera": "github:bitfocus/companion-module-draco-tera#v1.0.4",
"companion-module-dsan-limitimer": "github:bitfocus/companion-module-dsan-limitimer#v1.1.1",
"companion-module-dsan-perfectcue": "github:bitfocus/companion-module-dsan-perfectcue#v1.0.0",
"companion-module-dtvideolabs-playbackproplus": "github:bitfocus/companion-module-dtvideolabs-playbackproplus#v1.0.2",
"companion-module-elgato-keylight": "github:bitfocus/companion-module-elgato-keylight#v1.2.2",
"companion-module-epiphan-pearl": "github:bitfocus/companion-module-epiphan-pearl#v1.0.7",
"companion-module-etc-eos": "github:bitfocus/companion-module-etc-eos#v1.2.1",
"companion-module-extron-dxp": "github:bitfocus/companion-module-extron-dxp#v1.0.8",
"companion-module-extron-in1604": "github:bitfocus/companion-module-extron-in1604#v1.0.3",
"companion-module-extron-ipl-t-pcs4": "github:bitfocus/companion-module-extron-ipl-t-pcs4#v1.0.2",
"companion-module-extron-smp111": "github:bitfocus/companion-module-extron-smp111#v1.0.4",
"companion-module-extron-smp351": "github:bitfocus/companion-module-extron-smp351#v1.2.0",
"companion-module-extron-smx": "github:bitfocus/companion-module-extron-smx#v1.0.4",
"companion-module-faithchapel-videoplayoutserver": "github:bitfocus/companion-module-faithchapel-videoplayoutserver#v1.0.1",
"companion-module-figure53-go-button": "github:bitfocus/companion-module-figure53-go-button#v1.2.4",
"companion-module-figure53-qlab": "github:bitfocus/companion-module-figure53-qlab#v1.2.5",
"companion-module-figure53-qlab-advance": "github:bitfocus/companion-module-figure53-qlab-advance#v1.3.8",
"companion-module-figure53-qview": "github:bitfocus/companion-module-figure53-qview#v1.0.0",
"companion-module-folivora-btt": "github:bitfocus/companion-module-folivora-btt#v1.0.2",
"companion-module-fora-hvs": "github:bitfocus/companion-module-fora-hvs#v1.2.4",
"companion-module-foscam-ptz": "github:bitfocus/companion-module-foscam-ptz#v1.0.1",
"companion-module-gallery-virtualvtrpro": "github:bitfocus/companion-module-gallery-virtualvtrpro#v1.0.1",
"companion-module-gammacontrol-gmaestro": "github:bitfocus/companion-module-gammacontrol-gmaestro#v1.0.2",
"companion-module-gefen-dvimatrix": "github:bitfocus/companion-module-gefen-dvimatrix#v1.0.1",
"companion-module-generic-artnet": "github:bitfocus/companion-module-generic-artnet#v1.0.2",
"companion-module-generic-emberplus": "github:bitfocus/companion-module-generic-emberplus#v1.1.1",
"companion-module-generic-http": "github:bitfocus/companion-module-generic-http#v1.0.8",
"companion-module-generic-mqtt": "github:bitfocus/companion-module-generic-mqtt#v1.2.0",
"companion-module-generic-osc": "github:bitfocus/companion-module-generic-osc#v1.0.4",
"companion-module-generic-pjlink": "github:bitfocus/companion-module-generic-pjlink#v1.0.5",
"companion-module-generic-sacn": "github:bitfocus/companion-module-generic-sacn#v1.0.0",
"companion-module-generic-swp08": "github:bitfocus/companion-module-generic-swp08#v1.0.3",
"companion-module-generic-tcp-serial": "github:bitfocus/companion-module-generic-tcp-serial#v1.0.2",
"companion-module-generic-tcp-udp": "github:bitfocus/companion-module-generic-tcp-udp#v1.0.6",
"companion-module-generic-wakeonlan": "github:bitfocus/companion-module-generic-wakeonlan#v1.0.4",
"companion-module-generic-websocket": "github:bitfocus/companion-module-generic-websocket#v1.0.0",
"companion-module-globalcache-itac-cc": "github:bitfocus/companion-module-globalcache-itac-cc#v1.0.1",
"companion-module-globalcache-itac-ir": "github:bitfocus/companion-module-globalcache-itac-ir#v1.0.5",
"companion-module-globalcache-itac-sl": "github:bitfocus/companion-module-globalcache-itac-sl#v1.0.3",
"companion-module-grassvalley-amp": "github:bitfocus/companion-module-grassvalley-amp#v1.1.3",
"companion-module-greenhippo-hippotizer": "github:bitfocus/companion-module-greenhippo-hippotizer#v1.0.2",
"companion-module-h2r-graphics": "github:bitfocus/companion-module-h2r-graphics#v1.1.2",
"companion-module-haivision-connectdvr": "github:bitfocus/companion-module-haivision-connectdvr#v1.0.9",
"companion-module-haivision-kbencoder": "github:bitfocus/companion-module-haivision-kbencoder#v1.0.0",
"companion-module-highend-hog4": "github:bitfocus/companion-module-highend-hog4#v1.1.0",
"companion-module-hologfx-holographics": "github:bitfocus/companion-module-hologfx-holographics#v1.0.0",
"companion-module-homeassistant-server": "github:bitfocus/companion-module-homeassistant-server#v0.6.1",
"companion-module-ifelseware-avkey": "github:bitfocus/companion-module-ifelseware-avkey#v1.0.0",
"companion-module-ifelseware-avplayback": "github:bitfocus/companion-module-ifelseware-avplayback#v1.0.2",
"companion-module-imimot-mitti": "github:bitfocus/companion-module-imimot-mitti#v1.0.8",
"companion-module-interactivetechnologies-cueserver": "github:bitfocus/companion-module-interactivetechnologies-cueserver#v1.0.1",
"companion-module-irisdown-countdowntimer": "github:bitfocus/companion-module-irisdown-countdowntimer#v1.1.3",
"companion-module-irisdown-remoteshowcontrol": "github:bitfocus/companion-module-irisdown-remoteshowcontrol#v1.0.2",
"companion-module-jamesholt-x32tc": "github:bitfocus/companion-module-jamesholt-x32tc#v1.0.6",
"companion-module-joy-playdeck": "github:bitfocus/companion-module-joy-playdeck#v1.0.1",
"companion-module-justmacros-lua": "github:bitfocus/companion-module-justmacros-lua#v1.0.1",
"companion-module-jvc-ptz": "github:bitfocus/companion-module-jvc-ptz#v1.0.9",
"companion-module-kiloview-ndi": "github:bitfocus/companion-module-kiloview-ndi#v1.0.0",
"companion-module-kramer-matrix": "github:bitfocus/companion-module-kramer-matrix#v1.2.1",
"companion-module-kramer-vp727": "github:bitfocus/companion-module-kramer-vp727#v1.0.1",
"companion-module-kramer-vp734": "github:bitfocus/companion-module-kramer-vp734#v1.0.0",
"companion-module-kramer-vp773a": "github:bitfocus/companion-module-kramer-vp773a#v1.0.0",
"companion-module-kramer-vs41h": "github:bitfocus/companion-module-kramer-vs41h#v1.0.0",
"companion-module-leafcoders-titler": "github:bitfocus/companion-module-leafcoders-titler#v1.0.0",
"companion-module-lectrosonics-aspen": "github:bitfocus/companion-module-lectrosonics-aspen#v1.0.0",
"companion-module-lightware-lw2": "github:bitfocus/companion-module-lightware-lw2#v1.0.2",
"companion-module-lightware-lw3": "github:bitfocus/companion-module-lightware-lw3#v1.0.1",
"companion-module-liminalet-zoomosc": "github:bitfocus/companion-module-liminalet-zoomosc#v1.0.8",
"companion-module-linkbox-remote": "github:bitfocus/companion-module-linkbox-remote#v1.2.1",
"companion-module-livingasone-decoders": "github:bitfocus/companion-module-livingasone-decoders#v1.1.2",
"companion-module-ltn-schedule": "github:bitfocus/companion-module-ltn-schedule#v1.0.0",
"companion-module-lumens-mediaprocessor": "github:bitfocus/companion-module-lumens-mediaprocessor#v1.0.0",
"companion-module-lumens-visca": "github:bitfocus/companion-module-lumens-visca#v1.0.2",
"companion-module-lyntec-rpc-breaker": "github:bitfocus/companion-module-lyntec-rpc-breaker#v1.0.3",
"companion-module-magewell-proconvert-decoder": "github:bitfocus/companion-module-magewell-proconvert-decoder#v1.0.0",
"companion-module-magewell-ultrastream": "github:bitfocus/companion-module-magewell-ultrastream#v0.0.3",
"companion-module-magicsoft-recorder": "github:bitfocus/companion-module-magicsoft-recorder#v1.0.0",
"companion-module-malighting-grandma2": "github:bitfocus/companion-module-malighting-grandma2#v1.0.10",
"companion-module-malighting-msc": "github:bitfocus/companion-module-malighting-msc#v0.2.1",
"companion-module-matrox-monarch": "github:bitfocus/companion-module-matrox-monarch#v1.0.0",
"companion-module-media-player-classic": "github:bitfocus/companion-module-media-player-classic#v1.0.0",
"companion-module-metus-ingest": "github:bitfocus/companion-module-metus-ingest#v1.2.1",
"companion-module-middleatlantic-racklink": "github:bitfocus/companion-module-middleatlantic-racklink#v1.0.0",
"companion-module-middlethings-middlecontrol": "github:bitfocus/companion-module-middlethings-middlecontrol#v1.0.1",
"companion-module-modelighting-edin": "github:bitfocus/companion-module-modelighting-edin#v1.0.0",
"companion-module-modulo": "github:bitfocus/companion-module-modulo#v1.0.1",
"companion-module-motu-avb": "github:bitfocus/companion-module-motu-avb#v1.0.2",
"companion-module-msc-router": "github:bitfocus/companion-module-msc-router#v1.0.2",
"companion-module-multicamsystems-multicamsuite": "github:bitfocus/companion-module-multicamsystems-multicamsuite#v1.0.1",
"companion-module-muxlab-kvm": "github:bitfocus/companion-module-muxlab-kvm#v1.0.0",
"companion-module-neodarque-stagetimer2": "github:bitfocus/companion-module-neodarque-stagetimer2#v1.2.6",
"companion-module-netio-powerbox": "github:bitfocus/companion-module-netio-powerbox#v1.0.0",
"companion-module-nevion-mrp": "github:bitfocus/companion-module-nevion-mrp#v2.0.2",
"companion-module-newbluefx-titler": "github:bitfocus/companion-module-newbluefx-titler#v1.0.1",
"companion-module-newtek-ndistudiomonitor": "github:bitfocus/companion-module-newtek-ndistudiomonitor#v1.0.1",
"companion-module-newtek-tricaster": "github:bitfocus/companion-module-newtek-tricaster#v1.1.4",
"companion-module-nexo-nxamp": "github:bitfocus/companion-module-nexo-nxamp#v1.0.0",
"companion-module-nobe-omniscope": "github:bitfocus/companion-module-nobe-omniscope#v1.0.0",
"companion-module-noismada-octopuslistener": "github:bitfocus/companion-module-noismada-octopuslistener#v1.0.2",
"companion-module-noismada-octopusshowcontrol": "github:bitfocus/companion-module-noismada-octopusshowcontrol#v1.2.0",
"companion-module-novastar-controller": "github:bitfocus/companion-module-novastar-controller#v1.0.6",
"companion-module-obs-studio": "github:bitfocus/companion-module-obs-studio#v1.0.24",
"companion-module-obsidiancontrol-onyx": "github:bitfocus/companion-module-obsidiancontrol-onyx#v1.0.3",
"companion-module-octava-pro-dsx": "github:bitfocus/companion-module-octava-pro-dsx#v0.0.1",
"companion-module-openlp-http": "github:bitfocus/companion-module-openlp-http#v0.1.1",
"companion-module-opensong-api": "github:bitfocus/companion-module-opensong-api#v1.0.1",
"companion-module-openweather-rest": "github:bitfocus/companion-module-openweather-rest#v1.0.2",
"companion-module-opticis-omm-1000": "github:bitfocus/companion-module-opticis-omm-1000#v1.0.2",
"companion-module-optoma-z28s": "github:bitfocus/companion-module-optoma-z28s#v1.0.2",
"companion-module-orfast-ndi": "github:bitfocus/companion-module-orfast-ndi#v1.0.0",
"companion-module-panasonic-avhs": "github:bitfocus/companion-module-panasonic-avhs#v1.0.4",
"companion-module-panasonic-camera-controller": "github:bitfocus/companion-module-panasonic-camera-controller#v1.0.6",
"companion-module-panasonic-projector": "github:bitfocus/companion-module-panasonic-projector#v1.0.1",
"companion-module-panasonic-ptz": "github:bitfocus/companion-module-panasonic-ptz#v1.0.19",
"companion-module-panasonic-tv-th": "github:bitfocus/companion-module-panasonic-tv-th#v0.0.1",
"companion-module-pangolin-beyond": "github:bitfocus/companion-module-pangolin-beyond#v1.0.2",
"companion-module-phillips-hue": "github:bitfocus/companion-module-phillips-hue#v0.0.4",
"companion-module-pixap-pixtimerpro": "github:bitfocus/companion-module-pixap-pixtimerpro#v1.0.6",
"companion-module-planningcenter-serviceslive": "github:bitfocus/companion-module-planningcenter-serviceslive#v1.0.5",
"companion-module-presentationtools-aps": "github:bitfocus/companion-module-presentationtools-aps#v1.1.0",
"companion-module-presentationtools-cuetimer": "github:bitfocus/companion-module-presentationtools-cuetimer#v1.0.0",
"companion-module-protopie-bridge": "github:bitfocus/companion-module-protopie-bridge#v1.0.2",
"companion-module-prsi-ipower": "github:bitfocus/companion-module-prsi-ipower#v1.0.2",
"companion-module-ptzoptics-visca": "github:bitfocus/companion-module-ptzoptics-visca#v1.1.6",
"companion-module-qsys-remote-control": "github:bitfocus/companion-module-qsys-remote-control#v1.0.3",
"companion-module-radiodj-rest": "github:bitfocus/companion-module-radiodj-rest#v1.0.0",
"companion-module-rationalacoustics-smaart3": "github:bitfocus/companion-module-rationalacoustics-smaart3#v1.0.3",
"companion-module-renewedvision-propresenter": "github:bitfocus/companion-module-renewedvision-propresenter#v2.4.0",
"companion-module-renewedvision-pvp": "github:bitfocus/companion-module-renewedvision-pvp#v1.0.7",
"companion-module-resolume-arena": "github:bitfocus/companion-module-resolume-arena#v1.0.5",
"companion-module-rocosoft-ptzjoy": "github:bitfocus/companion-module-rocosoft-ptzjoy#v1.0.1",
"companion-module-roku-tv": "github:bitfocus/companion-module-roku-tv#v1.0.1",
"companion-module-roland-m5000": "github:bitfocus/companion-module-roland-m5000#v1.0.2",
"companion-module-roland-v1200hd": "github:bitfocus/companion-module-roland-v1200hd#v1.0.0",
"companion-module-roland-v600uhd": "github:bitfocus/companion-module-roland-v600uhd#v1.0.1",
"companion-module-roland-v60hd": "github:bitfocus/companion-module-roland-v60hd#v1.0.10",
"companion-module-roland-vp42h": "github:bitfocus/companion-module-roland-vp42h#v1.0.0",
"companion-module-roland-vr50hd-mk2": "github:bitfocus/companion-module-roland-vr50hd-mk2#v1.0.0",
"companion-module-roland-xs42h": "github:bitfocus/companion-module-roland-xs42h#v1.0.0",
"companion-module-roland-xs62s": "github:bitfocus/companion-module-roland-xs62s#v1.0.1",
"companion-module-roland-xs84h": "github:bitfocus/companion-module-roland-xs84h#v1.0.0",
"companion-module-rossvideo-caprica": "github:bitfocus/companion-module-rossvideo-caprica#v1.0.0",
"companion-module-rossvideo-nkrouter": "github:bitfocus/companion-module-rossvideo-nkrouter#v1.0.2",
"companion-module-rossvideo-rosstalk": "github:bitfocus/companion-module-rossvideo-rosstalk#v1.2.8",
"companion-module-rossvideo-xpression": "github:bitfocus/companion-module-rossvideo-xpression#v1.0.2",
"companion-module-sain-smart-relay": "github:bitfocus/companion-module-sain-smart-relay#v1.0.0",
"companion-module-seervision-suite": "github:bitfocus/companion-module-seervision-suite#v1.1.0",
"companion-module-sharp-tv": "github:bitfocus/companion-module-sharp-tv#v1.0.0",
"companion-module-showcuesystems-scs": "github:bitfocus/companion-module-showcuesystems-scs#v1.0.1",
"companion-module-shure-dis-ccu": "github:bitfocus/companion-module-shure-dis-ccu#v1.0.1",
"companion-module-shure-psm1000": "github:bitfocus/companion-module-shure-psm1000#v1.0.0",
"companion-module-shure-scm820": "github:bitfocus/companion-module-shure-scm820#v1.0.0",
"companion-module-shure-wireless": "github:bitfocus/companion-module-shure-wireless#v1.2.0",
"companion-module-sienna-ndimonitor": "github:bitfocus/companion-module-sienna-ndimonitor#v1.0.0",
"companion-module-singularlive-studio": "github:bitfocus/companion-module-singularlive-studio#v1.0.7",
"companion-module-slack-webhooks": "github:bitfocus/companion-module-slack-webhooks#v1.0.1",
"companion-module-softron-movierecorder": "github:bitfocus/companion-module-softron-movierecorder#v1.0.1",
"companion-module-softron-ontheairvideo": "github:bitfocus/companion-module-softron-ontheairvideo#v1.0.0",
"companion-module-sononum-horae": "github:bitfocus/companion-module-sononum-horae#v1.0.1",
"companion-module-sonoran-coyote": "github:bitfocus/companion-module-sonoran-coyote#v1.0.0",
"companion-module-sonos-speakers": "github:bitfocus/companion-module-sonos-speakers#v0.2.0",
"companion-module-sony-bravia": "github:bitfocus/companion-module-sony-bravia#v1.0.0",
"companion-module-sony-visca": "github:bitfocus/companion-module-sony-visca#v1.2.8",
"companion-module-soundcraft-ui": "github:bitfocus/companion-module-soundcraft-ui#v2.0.3",
"companion-module-sounddevices-pixnet": "github:bitfocus/companion-module-sounddevices-pixnet#v1.0.0",
"companion-module-spotify-remote": "github:bitfocus/companion-module-spotify-remote#v1.0.7",
"companion-module-spx-gc": "github:bitfocus/companion-module-spx-gc#v1.0.2",
"companion-module-studiocoast-vmix": "github:bitfocus/companion-module-studiocoast-vmix#v1.2.22",
"companion-module-symetrix-dsp": "github:bitfocus/companion-module-symetrix-dsp#v1.3.0",
"companion-module-tallyma-wirelesstally": "github:bitfocus/companion-module-tallyma-wirelesstally#v1.0.1",
"companion-module-tascam-bdmp1": "github:bitfocus/companion-module-tascam-bdmp1#v0.1.5",
"companion-module-tascam-cd": "github:bitfocus/companion-module-tascam-cd#v1.0.2",
"companion-module-techministry-midirelay": "github:bitfocus/companion-module-techministry-midirelay#v2.0.4",
"companion-module-techministry-protally": "github:bitfocus/companion-module-techministry-protally#v1.0.0",
"companion-module-techministry-tallyarbiter": "github:bitfocus/companion-module-techministry-tallyarbiter#v1.0.2",
"companion-module-teracom-tcw181b": "github:bitfocus/companion-module-teracom-tcw181b#v1.0.2",
"companion-module-teradek-vidiu": "github:bitfocus/companion-module-teradek-vidiu#v1.0.2",
"companion-module-tesla-smart": "github:bitfocus/companion-module-tesla-smart#v1.0.3",
"companion-module-thelightingcontroller": "github:bitfocus/companion-module-thelightingcontroller#v1.1.2",
"companion-module-thingm-blink1": "github:bitfocus/companion-module-thingm-blink1#v1.2.3",
"companion-module-tplink-kasasmartplug": "github:bitfocus/companion-module-tplink-kasasmartplug#v1.0.1",
"companion-module-tslproducts-umd": "github:bitfocus/companion-module-tslproducts-umd#v1.2.1",
"companion-module-tvone-corio": "github:bitfocus/companion-module-tvone-corio#v1.0.0",
"companion-module-twitch-api": "github:bitfocus/companion-module-twitch-api#v1.0.0",
"companion-module-ubiquiti-unifi": "github:bitfocus/companion-module-ubiquiti-unifi#v1.0.1",
"companion-module-vaddio-ptz": "github:bitfocus/companion-module-vaddio-ptz#v1.0.1",
"companion-module-vicreo-hotkey": "github:bitfocus/companion-module-vicreo-hotkey#v2.0.5",
"companion-module-vicreo-variablelistener": "github:bitfocus/companion-module-vicreo-variablelistener#v1.0.7",
"companion-module-videolan-vlc": "github:bitfocus/companion-module-videolan-vlc#v1.1.12",
"companion-module-visualproductions-bstation2": "github:bitfocus/companion-module-visualproductions-bstation2#v1.0.6",
"companion-module-vivitek-projector": "github:bitfocus/companion-module-vivitek-projector#v1.0.3",
"companion-module-vizio-smartcast": "github:bitfocus/companion-module-vizio-smartcast#v1.1.4",
"companion-module-vyv-photon": "github:bitfocus/companion-module-vyv-photon#v1.0.4",
"companion-module-wyrestorm-sw0402mv": "github:bitfocus/companion-module-wyrestorm-sw0402mv#v1.0.1",
"companion-module-xiamen-sprolink-vd-series": "github:bitfocus/companion-module-xiamen-sprolink-vd-series#v1.0.1",
"companion-module-yamaha-rcp": "github:bitfocus/companion-module-yamaha-rcp#v1.6.0",
"companion-module-youtube-live": "github:bitfocus/companion-module-youtube-live#v1.1.2",
"companion-module-zenvideo-ndirouter": "github:bitfocus/companion-module-zenvideo-ndirouter#v1.0.1",
"debug": "^4.2.0",
"elgato-stream-deck": "^4.1.0",
"emberplus-connection": "^0.0.4",
"express": "^4.16.3",
"find-process": "1.4.4",
"fs-extra": "^10.0.0",
"infinitton-idisplay": "^1.0.5",
"lodash": "^4.17.20",
"mkdirp": "^1.0.4",
"moment": "^2.29.1",
"network": "^0.4.1",
"node-fetch": "^2.6.1",
"node-rest-client": "^3.1.0",
"osc": "^2.4.1",
"pngjs": "^3.3.3",
"sharp": "^0.28.3",
"shortid": "^2.2.16",
"socket.io": "^4.1.2",
"strip-ansi": "^5.2.0",
"websocket": "^1.0.34",
"node-hid": "^2.1.1",
"serialport": "^9.2.0",
"ws": "^7.4.6"
},
"collective": {
"type": "donorbox",
"url": "https://donorbox.org/bitfocus-opensource"
},
"optionalDependencies": {
"@julusian/jpeg-turbo": "^1.1.1"
},
"resolutions": {
"infinitton-idisplay/node-hid": "^2.1.1",
"**/osc/serialport": "^9.2.0",
"**/osc/ws": "^7.4.6"
}
}

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -1,13 +1,13 @@
{ stdenv, requireFile, fetchpatch, kernel, lib }: { stdenv, requireFile, fetchpatch, kernel }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "decklink"; pname = "decklink";
version = "12.2.2"; version = "12.0";
src = requireFile { src = requireFile {
name = "Blackmagic_Desktop_Video_Linux_12.2.2.tar.gz"; name = "Blackmagic_Desktop_Video_Linux_12.1.tar.gz";
url = "https://www.blackmagicdesign.com/support/"; url = "https://www.blackmagicdesign.com/support/download/d99c3a1740b546f094ffbb30ddf1f4c1";
sha256 = "8bca946bd3f002d2d404a74210c881935351e1a0d03f750559b180fdb439ef35"; sha256 = "51febf247d22412beea2d637fcc34cc19b1a46df9a5bf0e157d95705bf7c7b73";
}; };
KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
@ -16,15 +16,15 @@ stdenv.mkDerivation rec {
nativeBuildInputs = kernel.moduleBuildDependencies; nativeBuildInputs = kernel.moduleBuildDependencies;
setSourceRoot = '' setSourceRoot = ''
tar xf Blackmagic_Desktop_Video_Linux_12.2.2/other/x86_64/desktopvideo-12.2.2a6-x86_64.tar.gz tar xf Blackmagic_Desktop_Video_Linux_12.1/other/x86_64/desktopvideo-12.1a9-x86_64.tar.gz
sourceRoot=$NIX_BUILD_TOP/desktopvideo-12.2.2a6-x86_64/usr/src sourceRoot=$NIX_BUILD_TOP/desktopvideo-12.1a9-x86_64/usr/src
''; '';
buildPhase = '' buildPhase = ''
runHook preBuild runHook preBuild
make -C $sourceRoot/blackmagic-12.2.2a6 -j$NIX_BUILD_CORES make -C $sourceRoot/blackmagic-12.1a9 -j$NIX_BUILD_CORES
make -C $sourceRoot/blackmagic-io-12.2.2a6 -j$NIX_BUILD_CORES make -C $sourceRoot/blackmagic-io-12.1a9 -j$NIX_BUILD_CORES
runHook postBuild runHook postBuild
''; '';
@ -32,13 +32,13 @@ stdenv.mkDerivation rec {
installPhase = '' installPhase = ''
runHook preInstall runHook preInstall
make -C $KERNELDIR M=$sourceRoot/blackmagic-12.2.2a6 modules_install make -C $KERNELDIR M=$sourceRoot/blackmagic-12.1a9 modules_install
make -C $KERNELDIR M=$sourceRoot/blackmagic-io-12.2.2a6 modules_install make -C $KERNELDIR M=$sourceRoot/blackmagic-io-12.1a9 modules_install
runHook postInstall runHook postInstall
''; '';
meta = with lib; { meta = with stdenv.lib; {
homepage = "https://www.blackmagicdesign.com/support/family/capture-and-playback"; homepage = "https://www.blackmagicdesign.com/support/family/capture-and-playback";
maintainers = [ maintainers.hexchen ]; maintainers = [ maintainers.hexchen ];
license = licenses.unfree; license = licenses.unfree;

View file

@ -10,9 +10,6 @@ let
newpkgs = { newpkgs = {
alps = callPackage ./alps {}; alps = callPackage ./alps {};
companion = callPackage ./companion {};
libvips = callPackage ./libvips {};
docker = pkgs.docker.overrideAttrs (super: { docker = pkgs.docker.overrideAttrs (super: {
moby = super.moby.overrideAttrs (super: { moby = super.moby.overrideAttrs (super: {
extraPath = super.extraPath + ":${pkgs.zfs}/bin"; extraPath = super.extraPath + ":${pkgs.zfs}/bin";
@ -60,9 +57,7 @@ let
''; '';
}; };
uffd = callPackage ./uffd {}; inherit (unstable) bottom;
inherit (unstable) bottom vaultwarden vaultwarden-vault;
}; };
in pkgs.extend(_: _: newpkgs) in pkgs.extend(_: _: newpkgs)

View file

@ -1,18 +0,0 @@
{
stdenv, fetchurl, pkg-config, glib, expat,
libjpeg_turbo, libexif, librsvg, libtiff, libpng
}:
stdenv.mkDerivation rec {
pname = "libvips";
version = "8.11.3";
src = fetchurl {
url = "https://github.com/libvips/libvips/releases/download/v${version}/vips-${version}.tar.gz";
sha256 = "00fz7h7vb0qqsc9i2smp3aljwjyb5cin2fiqillv8vvx8wpis2lv";
};
propagatedBuildInputs = [ glib ];
buildInputs = [ expat libjpeg_turbo libexif librsvg libtiff libpng ];
nativeBuildInputs = [ pkg-config ];
}

View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, fetchFromGitHub, buildGoPackage, buildEnv, lib }: { stdenv, fetchurl, fetchFromGitHub, buildGoPackage, buildEnv }:
let let
sources = import ../../nix/sources.nix; sources = import ../../nix/sources.nix;
@ -12,9 +12,10 @@ let
goPackagePath = "github.com/mattermost/mattermost-server"; goPackagePath = "github.com/mattermost/mattermost-server";
ldflags = [ buildFlagsArray = ''
"-X ${goPackagePath}/model.BuildNumber=nixpkgs-${version}" -ldflags=
]; -X ${goPackagePath}/model.BuildNumber=nixpkgs-${version}
'';
}; };
@ -39,7 +40,7 @@ in
name = "mattermost-${version}"; name = "mattermost-${version}";
paths = [ mattermost-server mattermost-webapp ]; paths = [ mattermost-server mattermost-webapp ];
meta = with lib; { meta = with stdenv.lib; {
description = "Open-source, self-hosted Slack-alternative"; description = "Open-source, self-hosted Slack-alternative";
homepage = "https://www.mattermost.org"; homepage = "https://www.mattermost.org";
license = with licenses; [ agpl3 asl20 ]; license = with licenses; [ agpl3 asl20 ];

199
pkgs/pluto/Manifest.toml Normal file
View file

@ -0,0 +1,199 @@
# This file is machine-generated - editing it directly is not advised
[[Artifacts]]
deps = ["Pkg"]
git-tree-sha1 = "c30985d8821e0cd73870b17b0ed0ce6dc44cb744"
uuid = "56f22d72-fd6d-98f1-02f0-08ddc0907c33"
version = "1.3.0"
[[Base64]]
uuid = "2a0f44e3-6c83-55bd-87e4-b1978d98bd5f"
[[Configurations]]
deps = ["Crayons", "ExproniconLite", "OrderedCollections", "TOML"]
git-tree-sha1 = "b8486a417456d2fbbe2af13e24cef459c9f42429"
uuid = "5218b696-f38b-4ac9-8b61-a12ec717816d"
version = "0.15.4"
[[Crayons]]
git-tree-sha1 = "3f71217b538d7aaee0b69ab47d9b7724ca8afa0d"
uuid = "a8cc5b0e-0ffa-5ad4-8c14-923d3ee1735f"
version = "4.0.4"
[[DataAPI]]
git-tree-sha1 = "dfb3b7e89e395be1e25c2ad6d7690dc29cc53b1d"
uuid = "9a962f9c-6df0-11e9-0e5d-c546b8b5ee8a"
version = "1.6.0"
[[DataValueInterfaces]]
git-tree-sha1 = "bfc1187b79289637fa0ef6d4436ebdfe6905cbd6"
uuid = "e2d170a0-9d28-54be-80f0-106bbe20a464"
version = "1.0.0"
[[Dates]]
deps = ["Printf"]
uuid = "ade2ca70-3891-5945-98fb-dc099432e06a"
[[Distributed]]
deps = ["Random", "Serialization", "Sockets"]
uuid = "8ba89e20-285c-5b6f-9357-94700520ee1b"
[[ExproniconLite]]
git-tree-sha1 = "c97ce5069033ac15093dc44222e3ecb0d3af8966"
uuid = "55351af7-c7e9-48d6-89ff-24e801d99491"
version = "0.6.9"
[[FuzzyCompletions]]
deps = ["REPL"]
git-tree-sha1 = "9cde086faa37f32794be3d2df393ff064d43cd66"
uuid = "fb4132e2-a121-4a70-b8a1-d5b831dcdcc2"
version = "0.4.1"
[[HTTP]]
deps = ["Base64", "Dates", "IniFile", "MbedTLS", "NetworkOptions", "Sockets", "URIs"]
git-tree-sha1 = "b855bf8247d6e946c75bb30f593bfe7fe591058d"
uuid = "cd3eb016-35fb-5094-929b-558a96fad6f3"
version = "0.9.8"
[[IniFile]]
deps = ["Test"]
git-tree-sha1 = "098e4d2c533924c921f9f9847274f2ad89e018b8"
uuid = "83e8ac13-25f8-5344-8a64-a9f2b223428f"
version = "0.5.0"
[[InteractiveUtils]]
deps = ["Markdown"]
uuid = "b77e0a4c-d291-57a0-90e8-8db25a27a240"
[[IteratorInterfaceExtensions]]
git-tree-sha1 = "a3f24677c21f5bbe9d2a714f95dcd58337fb2856"
uuid = "82899510-4779-5014-852e-03e436cf321d"
version = "1.0.0"
[[JLLWrappers]]
deps = ["Preferences"]
git-tree-sha1 = "642a199af8b68253517b80bd3bfd17eb4e84df6e"
uuid = "692b3bcd-3c85-4b1f-b108-f13ce0eb3210"
version = "1.3.0"
[[LibGit2]]
deps = ["Printf"]
uuid = "76f85450-5226-5b5a-8eaa-529ad045b433"
[[Libdl]]
uuid = "8f399da3-3557-5675-b5ff-fb832c97cbdb"
[[LinearAlgebra]]
deps = ["Libdl"]
uuid = "37e2e46d-f89d-539d-b4ee-838fcccc9c8e"
[[Logging]]
uuid = "56ddb016-857b-54e1-b83d-db4d58db5568"
[[Markdown]]
deps = ["Base64"]
uuid = "d6f4376e-aef5-505a-96c1-9c027394607a"
[[MbedTLS]]
deps = ["Dates", "MbedTLS_jll", "Random", "Sockets"]
git-tree-sha1 = "1c38e51c3d08ef2278062ebceade0e46cefc96fe"
uuid = "739be429-bea8-5141-9913-cc70e7f3736d"
version = "1.0.3"
[[MbedTLS_jll]]
deps = ["Artifacts", "JLLWrappers", "Libdl", "Pkg"]
git-tree-sha1 = "0eef589dd1c26a3ac9d753fe1a8bcad63f956fa6"
uuid = "c8ffd9c3-330d-5841-b78e-0817d7145fa1"
version = "2.16.8+1"
[[MsgPack]]
deps = ["Serialization"]
git-tree-sha1 = "a8cbf066b54d793b9a48c5daa5d586cf2b5bd43d"
uuid = "99f44e22-a591-53d1-9472-aa23ef4bd671"
version = "1.1.0"
[[NetworkOptions]]
git-tree-sha1 = "ed3157f48a05543cce9b241e1f2815f7e843d96e"
uuid = "ca575930-c2e3-43a9-ace4-1e988b2c1908"
version = "1.2.0"
[[OrderedCollections]]
git-tree-sha1 = "85f8e6578bf1f9ee0d11e7bb1b1456435479d47c"
uuid = "bac558e1-5e72-5ebc-8fee-abe8a469f55d"
version = "1.4.1"
[[Pkg]]
deps = ["Dates", "LibGit2", "Libdl", "Logging", "Markdown", "Printf", "REPL", "Random", "SHA", "UUIDs"]
uuid = "44cfe95a-1eb2-52ea-b672-e2afdf69b78f"
[[Pluto]]
deps = ["Base64", "Configurations", "Dates", "Distributed", "FuzzyCompletions", "HTTP", "InteractiveUtils", "Logging", "Markdown", "MsgPack", "Pkg", "REPL", "Sockets", "TableIOInterface", "Tables", "UUIDs"]
git-tree-sha1 = "85156b21dee3a4515ff479555eb958ad33c057aa"
uuid = "c3e4b0f8-55cb-11ea-2926-15256bba5781"
version = "0.14.5"
[[Preferences]]
deps = ["TOML"]
git-tree-sha1 = "00cfd92944ca9c760982747e9a1d0d5d86ab1e5a"
uuid = "21216c6a-2e73-6563-6e65-726566657250"
version = "1.2.2"
[[Printf]]
deps = ["Unicode"]
uuid = "de0858da-6303-5e67-8744-51eddeeeb8d7"
[[REPL]]
deps = ["InteractiveUtils", "Markdown", "Sockets"]
uuid = "3fa0cd96-eef1-5676-8a61-b3b8758bbffb"
[[Random]]
deps = ["Serialization"]
uuid = "9a3f8284-a2c9-5f02-9a11-845980a1fd5c"
[[SHA]]
uuid = "ea8e919c-243c-51af-8825-aaa63cd721ce"
[[Serialization]]
uuid = "9e88b42a-f829-5b0c-bbe9-9e923198166b"
[[Sockets]]
uuid = "6462fe0b-24de-5631-8697-dd941f90decc"
[[TOML]]
deps = ["Dates"]
git-tree-sha1 = "44aaac2d2aec4a850302f9aa69127c74f0c3787e"
uuid = "fa267f1f-6049-4f14-aa54-33bafae1ed76"
version = "1.0.3"
[[TableIOInterface]]
git-tree-sha1 = "9a0d3ab8afd14f33a35af7391491ff3104401a35"
uuid = "d1efa939-5518-4425-949f-ab857e148477"
version = "0.1.6"
[[TableTraits]]
deps = ["IteratorInterfaceExtensions"]
git-tree-sha1 = "c06b2f539df1c6efa794486abfb6ed2022561a39"
uuid = "3783bdb8-4a98-5b6b-af9a-565f29a5fe9c"
version = "1.0.1"
[[Tables]]
deps = ["DataAPI", "DataValueInterfaces", "IteratorInterfaceExtensions", "LinearAlgebra", "TableTraits", "Test"]
git-tree-sha1 = "c9d2d262e9a327be1f35844df25fe4561d258dc9"
uuid = "bd369af6-aec1-5ad0-b16a-f7cc5008161c"
version = "1.4.2"
[[Test]]
deps = ["Distributed", "InteractiveUtils", "Logging", "Random"]
uuid = "8dfed614-e22c-5e08-85e1-65c5234f0b40"
[[URIs]]
git-tree-sha1 = "97bbe755a53fe859669cd907f2d96aee8d2c1355"
uuid = "5c2747f8-b7ea-4ff2-ba2e-563bfd36b1d4"
version = "1.3.0"
[[UUIDs]]
deps = ["Random", "SHA"]
uuid = "cf7118a7-6976-5b1a-9a39-7adc72f591a4"
[[Unicode]]
uuid = "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5"

2
pkgs/pluto/Project.toml Normal file
View file

@ -0,0 +1,2 @@
[deps]
Pluto = "c3e4b0f8-55cb-11ea-2926-15256bba5781"

50
pkgs/pluto/Readme.org Normal file
View file

@ -0,0 +1,50 @@
#+TITLE: Pluto standalone
This is a nix derivation that wraps a version of julia with the packages
(and their dependency closure) defined in ~Packages.toml~; currently
this is just Pluto. It also provides a little julia script that will
activate this packageset (called a "julia depot"), and then start a
Pluto notebook server on port 9999. Note that it does so without setting
up any kind of authenticaton, so don't expose that port!
* TODOs
- [ ] add more packages
- [ ] more sensible auth
- [ ] working precompilation; this would probably allow running this
without a writable julia depot
* Steps to reproduce / update the julia-to-nix part of this:
In general, it is enough to follow the readme of julia2nix, but since
that has a bunch of unstated assumptions and weird failure modes, here's a rough outline of how to actually do it:
- using julia's package managing mode, make changes to ~Packages.toml~
and ~Manifest.toml~. Be sure to use the same version of julia that
will run on hainich (currently the ~julia_15~ package of
nixpkgs-unstable), as otherwise hashes may be different
- clone https://github.com/thomasjm/julia2nix somewhere
- run ~julia2nix~ to generate the nix derivations
+ unfortunately, jula2nix assumes that nixpkgs-unstable is available
as ~<nixpkgs>~ from within nix; it may fail if you are on another
channel. In that case, there seems to be no better solution than grepping for occurences of "<nixpkgs>" in jula2nix and replacing
them with some other path that has the required version
+ this will re-generate all the ~*.nix~ files in this directory, and
probably reset all options. The defaults are reasonably sensible,
but make sure to disable the ~precompile~ option in ~default.nix~
(see below for why)
- run ~nix-build --no-out-link~ to check if it worked and nix can
build the julia depot
- deploy hainich. Note that the derivation will only contain the
package sources, not a compiled version. Julia will compile packages
on startup (and cache them for subsequent runs), so after the deploy
it may take a minute or two to actually run Pluto
* precompilation
/In theory/, we should be able to precompile all the packages during
nix-build, and then directly load them into julia and runtime.
However, this currently fails, and even if precompiled packages are
present in the depot built via nix, julia will refuse to use them and
recompile them instead (in a second julia depot that is writable at
runtime).
There's an open issue on this at jula2nix:
https://github.com/thomasjm/julia2nix/issues/22

160
pkgs/pluto/common.nix Normal file
View file

@ -0,0 +1,160 @@
{
callPackage,
curl,
fetchurl,
git,
stdenvNoCC,
cacert,
jq,
julia,
lib,
python3,
runCommand,
stdenv,
writeText,
makeWrapper,
# Arguments
makeWrapperArgs ? "",
precompile ? true,
extraBuildInputs ? []
}:
let
# We need to use a specially modified fetchgit that understands tree hashes, until
# https://github.com/NixOS/nixpkgs/pull/104714 lands
fetchgit = callPackage ./fetchgit {};
packages = callPackage ./packages.nix {};
### Repoify packages
# This step is needed because leaveDotGit is not reproducible
# https://github.com/NixOS/nixpkgs/issues/8567
repoified = map (item: if item.src == null then item else item // { src = repoify item.name item.treehash item.src; }) packages.closure;
repoify = name: treehash: src:
runCommand ''${name}-repoified'' {buildInputs = [git];} ''
mkdir -p $out
cp -r ${src}/. $out
cd $out
git init
git add . -f
git config user.email "julia2nix@localhost"
git config user.name "julia2nix"
git commit -m "Dummy commit"
if [[ -n "${treehash}" ]]; then
if [[ $(git cat-file -t ${treehash}) != "tree" ]]; then
echo "Couldn't find desired tree object for ${name} in repoify (${treehash})"
exit 1
fi
fi
'';
repoifiedReplaceInManifest = lib.filter (x: x.replaceUrlInManifest != null) repoified;
### Manifest.toml (processed)
manifestToml = runCommand "Manifest.toml" { buildInputs = [jq]; } ''
cp ${./Manifest.toml} ./Manifest.toml
echo ${writeText "packages.json" (lib.generators.toJSON {} repoifiedReplaceInManifest)}
cat ${writeText "packages.json" (lib.generators.toJSON {} repoifiedReplaceInManifest)} | jq -r '.[]|[.name, .replaceUrlInManifest, .src] | @tsv' |
while IFS=$'\t' read -r name replaceUrlInManifest src; do
sed -i "s|$replaceUrlInManifest|file://$src|g" ./Manifest.toml
done
cp ./Manifest.toml $out
'';
### Overrides.toml
fetchArtifact = x: stdenv.mkDerivation {
name = x.name;
src = fetchurl { url = x.url; sha256 = x.sha256; };
sourceRoot = ".";
dontConfigure = true;
dontBuild = true;
installPhase = "cp -r . $out";
dontFixup = true;
};
artifactOverrides = lib.zipAttrsWith (name: values: fetchArtifact (lib.head (lib.head values))) (
map (item: item.artifacts) packages.closure
);
overridesToml = runCommand "Overrides.toml" { buildInputs = [jq]; } ''
echo '${lib.generators.toJSON {} artifactOverrides}' | jq -r '. | to_entries | map ((.key + " = \"" + .value + "\"")) | .[]' > $out
'';
### Processed registry
generalRegistrySrc = repoify "julia-general" "" (fetchgit {
url = packages.registryUrl;
rev = packages.registryRev;
sha256 = packages.registrySha256;
branchName = "master";
});
registry = runCommand "julia-registry" { buildInputs = [(python3.withPackages (ps: [ps.toml])) jq git]; } ''
git clone ${generalRegistrySrc}/. $out
cd $out
cat ${writeText "packages.json" (lib.generators.toJSON {} repoified)} | jq -r '.[]|[.name, .path, .src] | @tsv' |
while IFS=$'\t' read -r name path src; do
# echo "Processing: $name, $path, $src"
if [[ "$path" != "null" ]]; then
python -c "import toml; \
packageTomlPath = '$path/Package.toml'; \
contents = toml.load(packageTomlPath); \
contents['repo'] = 'file://$src'; \
f = open(packageTomlPath, 'w'); \
f.write(toml.dumps(contents)); \
"
fi
done
export HOME=$(pwd)
git config --global user.email "julia-to-nix-depot@email.com"
git config --global user.name "julia-to-nix-depot script"
git add .
git commit -m "Switch to local package repos"
'';
depot = runCommand "julia-depot" {
buildInputs = [git curl julia] ++ extraBuildInputs;
inherit registry precompile;
} ''
export HOME=$(pwd)
echo "Using registry $registry"
echo "Using Julia ${julia}/bin/julia"
cp ${manifestToml} ./Manifest.toml
cp ${./Project.toml} ./Project.toml
mkdir -p $out/artifacts
cp ${overridesToml} $out/artifacts/Overrides.toml
export JULIA_DEPOT_PATH=$out
julia -e ' \
using Pkg
Pkg.Registry.add(RegistrySpec(path="${registry}"))
Pkg.activate(".")
Pkg.instantiate()
# Remove the registry to save space
Pkg.Registry.rm("General")
'
if [[ -n "$precompile" ]]; then
julia -e ' \
using Pkg
Pkg.activate(".")
Pkg.precompile()
'
fi
'';
in
runCommand "julia-env" {
inherit julia depot makeWrapperArgs;
buildInputs = [makeWrapper];
} ''
mkdir -p $out/bin
makeWrapper $julia/bin/julia $out/bin/julia --suffix JULIA_DEPOT_PATH : "$depot" $makeWrapperArgs
''

44
pkgs/pluto/default.nix Normal file
View file

@ -0,0 +1,44 @@
{ pkgs }:
with pkgs;
let
# The base Julia version
baseJulia = julia_15;
# Extra libraries for Julia's LD_LIBRARY_PATH.
# Recent Julia packages that use Artifacts.toml to specify their dependencies
# shouldn't need this.
# But if a package implicitly depends on some library being present at runtime, you can
# add it here.
extraLibs = [];
# Wrapped Julia with libraries and environment variables.
# Note: setting The PYTHON environment variable is recommended to prevent packages
# from trying to obtain their own with Conda.
julia = runCommand "julia-wrapped" { buildInputs = [makeWrapper]; } ''
mkdir -p $out/bin
makeWrapper ${baseJulia}/bin/julia $out/bin/julia \
--suffix LD_LIBRARY_PATH : "${lib.makeLibraryPath extraLibs}" \
--set PYTHON ${python3}/bin/python
'';
in
callPackage ./common.nix {
inherit julia;
# Run Pkg.precompile() to precompile all packages?
precompile = false;
# Extra arguments to makeWrapper when creating the final Julia wrapper.
# By default, it will just put the new depot at the end of JULIA_DEPOT_PATH.
# You can add additional flags here.
makeWrapperArgs = "";
# Extra buildInputs for building the Julia depot. Useful if your packages have
# additional build-time dependencies not managed through the Artifacts.toml system.
# Defaults to extraLibs, but can be configured independently.
extraBuildInputs = extraLibs;
}

View file

@ -0,0 +1,16 @@
# tested so far with:
# - no revision specified and remote has a HEAD which is used
# - revision specified and remote has a HEAD
# - revision specified and remote without HEAD
source $stdenv/setup
header "exporting $url (rev $rev) into $out"
$SHELL $fetcher --builder --url "$url" --out "$out" --rev "$rev" \
${leaveDotGit:+--leave-dotGit} \
${deepClone:+--deepClone} \
${fetchSubmodules:+--fetch-submodules} \
${branchName:+--branch-name "$branchName"}
runHook postFetch
stopNest

View file

@ -0,0 +1,71 @@
{stdenvNoCC, git, cacert}: let
urlToName = url: rev: let
inherit (stdenvNoCC.lib) removeSuffix splitString last;
base = last (splitString ":" (baseNameOf (removeSuffix "/" url)));
matched = builtins.match "(.*).git" base;
short = builtins.substring 0 7 rev;
appendShort = if (builtins.match "[a-f0-9]*" rev) != null
then "-${short}"
else "";
in "${if matched == null then base else builtins.head matched}${appendShort}";
in
{ url, rev ? "HEAD", md5 ? "", sha256 ? "", leaveDotGit ? deepClone
, fetchSubmodules ? true, deepClone ? false
, branchName ? null
, name ? urlToName url rev
, # Shell code executed after the file has been fetched
# successfully. This can do things like check or transform the file.
postFetch ? ""
, preferLocalBuild ? true
}:
/* NOTE:
fetchgit has one problem: git fetch only works for refs.
This is because fetching arbitrary (maybe dangling) commits may be a security risk
and checking whether a commit belongs to a ref is expensive. This may
change in the future when some caching is added to git (?)
Usually refs are either tags (refs/tags/*) or branches (refs/heads/*)
Cloning branches will make the hash check fail when there is an update.
But not all patches we want can be accessed by tags.
The workaround is getting the last n commits so that it's likely that they
still contain the hash we want.
for now : increase depth iteratively (TODO)
real fix: ask git folks to add a
git fetch $HASH contained in $BRANCH
facility because checking that $HASH is contained in $BRANCH is less
expensive than fetching --depth $N.
Even if git folks implemented this feature soon it may take years until
server admins start using the new version?
*/
assert deepClone -> leaveDotGit;
if md5 != "" then
throw "fetchgit does not support md5 anymore, please use sha256"
else
stdenvNoCC.mkDerivation {
inherit name;
builder = ./builder.sh;
fetcher = ./nix-prefetch-git; # This must be a string to ensure it's called with bash.
nativeBuildInputs = [git];
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = sha256;
inherit url rev leaveDotGit fetchSubmodules deepClone branchName postFetch;
GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt";
impureEnvVars = stdenvNoCC.lib.fetchers.proxyImpureEnvVars ++ [
"GIT_PROXY_COMMAND" "SOCKS_SERVER"
];
inherit preferLocalBuild;
}

View file

@ -0,0 +1,459 @@
#! /usr/bin/env bash
set -e -o pipefail
url=
rev=
expHash=
hashType=$NIX_HASH_ALGO
deepClone=$NIX_PREFETCH_GIT_DEEP_CLONE
leaveDotGit=$NIX_PREFETCH_GIT_LEAVE_DOT_GIT
fetchSubmodules=
builder=
branchName=$NIX_PREFETCH_GIT_BRANCH_NAME
# ENV params
out=${out:-}
http_proxy=${http_proxy:-}
# populated by clone_user_rev()
fullRev=
humanReadableRev=
commitDate=
commitDateStrict8601=
if test -n "$deepClone"; then
deepClone=true
else
deepClone=
fi
if test "$leaveDotGit" != 1; then
leaveDotGit=
else
leaveDotGit=true
fi
usage(){
echo >&2 "syntax: nix-prefetch-git [options] [URL [REVISION [EXPECTED-HASH]]]
Options:
--out path Path where the output would be stored.
--url url Any url understood by 'git clone'.
--rev ref Any sha1 or references (such as refs/heads/master)
--hash h Expected hash.
--branch-name Branch name to check out into
--deepClone Clone the entire repository.
--no-deepClone Make a shallow clone of just the required ref.
--leave-dotGit Keep the .git directories.
--fetch-submodules Fetch submodules.
--builder Clone as fetchgit does, but url, rev, and out option are mandatory.
--quiet Only print the final json summary.
"
exit 1
}
# some git commands print to stdout, which would contaminate our JSON output
clean_git(){
git "$@" >&2
}
argi=0
argfun=""
for arg; do
if test -z "$argfun"; then
case $arg in
--out) argfun=set_out;;
--url) argfun=set_url;;
--rev) argfun=set_rev;;
--hash) argfun=set_hashType;;
--branch-name) argfun=set_branchName;;
--deepClone) deepClone=true;;
--quiet) QUIET=true;;
--no-deepClone) deepClone=;;
--leave-dotGit) leaveDotGit=true;;
--fetch-submodules) fetchSubmodules=true;;
--builder) builder=true;;
-h|--help) usage; exit;;
*)
: $((++argi))
case $argi in
1) url=$arg;;
2) rev=$arg;;
3) expHash=$arg;;
*) exit 1;;
esac
;;
esac
else
case $argfun in
set_*)
var=${argfun#set_}
eval $var=$arg
;;
esac
argfun=""
fi
done
if test -z "$url"; then
usage
fi
init_remote(){
local url=$1
clean_git init
clean_git remote add origin "$url"
( [ -n "$http_proxy" ] && clean_git config http.proxy "$http_proxy" ) || true
}
# Return the reference of an hash if it exists on the remote repository.
ref_from_hash(){
local hash=$1
git ls-remote origin | sed -n "\,$hash\t, { s,\(.*\)\t\(.*\),\2,; p; q}"
}
# Return the hash of a reference if it exists on the remote repository.
hash_from_ref(){
local ref=$1
git ls-remote origin | sed -n "\,\t$ref, { s,\(.*\)\t\(.*\),\1,; p; q}"
}
# Returns a name based on the url and reference
#
# This function needs to be in sync with nix's fetchgit implementation
# of urlToName() to re-use the same nix store paths.
url_to_name(){
local url=$1
local ref=$2
local base
base=$(basename "$url" .git | cut -d: -f2)
if [[ $ref =~ ^[a-z0-9]+$ ]]; then
echo "$base-${ref:0:7}"
else
echo "$base"
fi
}
# Fetch everything and checkout the right sha1
checkout_hash(){
local hash="$1"
local ref="$2"
if test -z "$hash"; then
hash=$(hash_from_ref "$ref")
fi
clean_git fetch -t ${builder:+--progress} origin || return 1
local object_type=$(git cat-file -t "$hash")
if [[ "$object_type" == "commit" ]]; then
clean_git checkout -b "$branchName" "$hash" || return 1
elif [[ "$object_type" == "tree" ]]; then
clean_git config user.email "nix-prefetch-git@localhost"
clean_git config user.name "nix-prefetch-git"
commit_id=$(git commit-tree "$hash" -m "Commit created from tree hash $hash")
clean_git checkout -b "$branchName" "$commit_id" || return 1
else
echo "Unrecognized git object type: $object_type"
return 1
fi
}
# Fetch only a branch/tag and checkout it.
checkout_ref(){
local hash="$1"
local ref="$2"
if [[ -n "$deepClone" ]]; then
# The caller explicitly asked for a deep clone. Deep clones
# allow "git describe" and similar tools to work. See
# https://marc.info/?l=nix-dev&m=139641582514772
# for a discussion.
return 1
fi
if test -z "$ref"; then
ref=$(ref_from_hash "$hash")
fi
if test -n "$ref"; then
# --depth option is ignored on http repository.
clean_git fetch ${builder:+--progress} --depth 1 origin +"$ref" || return 1
clean_git checkout -b "$branchName" FETCH_HEAD || return 1
else
return 1
fi
}
# Update submodules
init_submodules(){
# Add urls into .git/config file
clean_git submodule init
# list submodule directories and their hashes
git submodule status |
while read -r l; do
local hash
local dir
local name
local url
# checkout each submodule
hash=$(echo "$l" | awk '{print $1}' | tr -d '-')
dir=$(echo "$l" | sed -n 's/^.[0-9a-f]\+ \(.*[^)]*\)\( (.*)\)\?$/\1/p')
name=$(
git config -f .gitmodules --get-regexp submodule\..*\.path |
sed -n "s,^\(.*\)\.path $dir\$,\\1,p")
url=$(git config --get "${name}.url")
clone "$dir" "$url" "$hash" ""
done
}
clone(){
local top=$PWD
local dir="$1"
local url="$2"
local hash="$3"
local ref="$4"
cd "$dir"
# Initialize the repository.
init_remote "$url"
# Download data from the repository.
checkout_ref "$hash" "$ref" ||
checkout_hash "$hash" "$ref" || (
echo 1>&2 "Unable to checkout $hash$ref from $url."
exit 1
)
# Checkout linked sources.
if test -n "$fetchSubmodules"; then
init_submodules
fi
if [ -z "$builder" ] && [ -f .topdeps ]; then
if tg help &>/dev/null; then
echo "populating TopGit branches..."
tg remote --populate origin
else
echo "WARNING: would populate TopGit branches but TopGit is not available" >&2
echo "WARNING: install TopGit to fix the problem" >&2
fi
fi
cd "$top"
}
# Remove all remote branches, remove tags not reachable from HEAD, do a full
# repack and then garbage collect unreferenced objects.
make_deterministic_repo(){
local repo="$1"
# run in sub-shell to not touch current working directory
(
cd "$repo"
# Remove files that contain timestamps or otherwise have non-deterministic
# properties.
rm -rf .git/logs/ .git/hooks/ .git/index .git/FETCH_HEAD .git/ORIG_HEAD \
.git/refs/remotes/origin/HEAD .git/config
# Remove all remote branches.
git branch -r | while read -r branch; do
clean_git branch -rD "$branch"
done
# Remove tags not reachable from HEAD. If we're exactly on a tag, don't
# delete it.
maybe_tag=$(git tag --points-at HEAD)
git tag --contains HEAD | while read -r tag; do
if [ "$tag" != "$maybe_tag" ]; then
clean_git tag -d "$tag"
fi
done
# Do a full repack. Must run single-threaded, or else we lose determinism.
clean_git config pack.threads 1
clean_git repack -A -d -f
rm -f .git/config
# Garbage collect unreferenced objects.
# Note: --keep-largest-pack prevents non-deterministic ordering of packs
# listed in .git/objects/info/packs by only using a single pack
clean_git gc --prune=all --keep-largest-pack
)
}
clone_user_rev() {
local dir="$1"
local url="$2"
local rev="${3:-HEAD}"
# Perform the checkout.
case "$rev" in
HEAD|refs/*)
clone "$dir" "$url" "" "$rev" 1>&2;;
*)
if test -z "$(echo "$rev" | tr -d 0123456789abcdef)"; then
clone "$dir" "$url" "$rev" "" 1>&2
else
# if revision is not hexadecimal it might be a tag
clone "$dir" "$url" "" "refs/tags/$rev" 1>&2
fi;;
esac
pushd "$dir" >/dev/null
fullRev=$( (git rev-parse "$rev" 2>/dev/null || git rev-parse "refs/heads/$branchName") | tail -n1)
humanReadableRev=$(git describe "$fullRev" 2> /dev/null || git describe --tags "$fullRev" 2> /dev/null || echo -- none --)
commitDate=$(git show -1 --no-patch --pretty=%ci "$fullRev")
commitDateStrict8601=$(git show -1 --no-patch --pretty=%cI "$fullRev")
popd >/dev/null
# Allow doing additional processing before .git removal
eval "$NIX_PREFETCH_GIT_CHECKOUT_HOOK"
if test -z "$leaveDotGit"; then
echo "removing \`.git'..." >&2
find "$dir" -name .git -print0 | xargs -0 rm -rf
else
find "$dir" -name .git | while read -r gitdir; do
make_deterministic_repo "$(readlink -f "$gitdir/..")"
done
fi
}
exit_handlers=()
run_exit_handlers() {
exit_status=$?
for handler in "${exit_handlers[@]}"; do
eval "$handler $exit_status"
done
}
trap run_exit_handlers EXIT
quiet_exit_handler() {
exec 2>&3 3>&-
if [ $1 -ne 0 ]; then
cat "$errfile" >&2
fi
rm -f "$errfile"
}
quiet_mode() {
errfile="$(mktemp "${TMPDIR:-/tmp}/git-checkout-err-XXXXXXXX")"
exit_handlers+=(quiet_exit_handler)
exec 3>&2 2>"$errfile"
}
json_escape() {
local s="$1"
s="${s//\\/\\\\}" # \
s="${s//\"/\\\"}" # "
s="${s//^H/\\\b}" # \b (backspace)
s="${s//^L/\\\f}" # \f (form feed)
s="${s//
/\\\n}" # \n (newline)
s="${s//^M/\\\r}" # \r (carriage return)
s="${s// /\\t}" # \t (tab)
echo "$s"
}
print_results() {
hash="$1"
if ! test -n "$QUIET"; then
echo "" >&2
echo "git revision is $fullRev" >&2
if test -n "$finalPath"; then
echo "path is $finalPath" >&2
fi
echo "git human-readable version is $humanReadableRev" >&2
echo "Commit date is $commitDate" >&2
if test -n "$hash"; then
echo "hash is $hash" >&2
fi
fi
if test -n "$hash"; then
cat <<EOF
{
"url": "$(json_escape "$url")",
"rev": "$(json_escape "$fullRev")",
"date": "$(json_escape "$commitDateStrict8601")",
"path": "$(json_escape "$finalPath")",
"$(json_escape "$hashType")": "$(json_escape "$hash")",
"fetchSubmodules": $([[ -n "$fetchSubmodules" ]] && echo true || echo false),
"deepClone": $([[ -n "$deepClone" ]] && echo true || echo false),
"leaveDotGit": $([[ -n "$leaveDotGit" ]] && echo true || echo false)
}
EOF
fi
}
remove_tmpPath() {
rm -rf "$tmpPath"
}
if test -n "$QUIET"; then
quiet_mode
fi
if test -z "$branchName"; then
branchName=fetchgit
fi
if test -n "$builder"; then
test -n "$out" -a -n "$url" -a -n "$rev" || usage
mkdir -p "$out"
clone_user_rev "$out" "$url" "$rev"
else
if test -z "$hashType"; then
hashType=sha256
fi
# If the hash was given, a file with that hash may already be in the
# store.
if test -n "$expHash"; then
finalPath=$(nix-store --print-fixed-path --recursive "$hashType" "$expHash" "$(url_to_name "$url" "$rev")")
if ! nix-store --check-validity "$finalPath" 2> /dev/null; then
finalPath=
fi
hash=$expHash
fi
# If we don't know the hash or a path with that hash doesn't exist,
# download the file and add it to the store.
if test -z "$finalPath"; then
tmpPath="$(mktemp -d "${TMPDIR:-/tmp}/git-checkout-tmp-XXXXXXXX")"
exit_handlers+=(remove_tmpPath)
tmpFile="$tmpPath/$(url_to_name "$url" "$rev")"
mkdir -p "$tmpFile"
# Perform the checkout.
clone_user_rev "$tmpFile" "$url" "$rev"
# Compute the hash.
hash=$(nix-hash --type $hashType --base32 "$tmpFile")
# Add the downloaded file to the Nix store.
finalPath=$(nix-store --add-fixed --recursive "$hashType" "$tmpFile")
if test -n "$expHash" -a "$expHash" != "$hash"; then
echo "hash mismatch for URL \`$url'. Got \`$hash'; expected \`$expHash'." >&2
exit 1
fi
fi
print_results "$hash"
if test -n "$PRINT_PATH"; then
echo "$finalPath"
fi
fi

350
pkgs/pluto/packages.nix Normal file
View file

@ -0,0 +1,350 @@
# This file is autogenerated, do not edit by hand!
{fetchgit}: {
registryUrl = "https://github.com/JuliaRegistries/General.git";
registryRev = "c67828a86f7501f4d487607ded065dbff37ee456";
registrySha256 = "1jsg9wf6gwfaswld0d6mm9g8i4v2nrd7265a2an9xh3zdk1blcny";
rootPackages = ["Pluto"];
closure = [{
name = "Artifacts";
uuid = "56f22d72-fd6d-98f1-02f0-08ddc0907c33";
path = "A/Artifacts";
replaceUrlInManifest = null;
treehash = "c30985d8821e0cd73870b17b0ed0ce6dc44cb744";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaPackaging/Artifacts.jl.git"; rev = "c30985d8821e0cd73870b17b0ed0ce6dc44cb744"; sha256 = "0i0s26ypiwg6zyb3aqn9kiyiblkkab1mfac9plmq2jv4hggm4jfc"; };
} {
name = "Base64";
uuid = "2a0f44e3-6c83-55bd-87e4-b1978d98bd5f";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Configurations";
uuid = "5218b696-f38b-4ac9-8b61-a12ec717816d";
path = "C/Configurations";
replaceUrlInManifest = null;
treehash = "b8486a417456d2fbbe2af13e24cef459c9f42429";
artifacts = {};
src = fetchgit { url = "https://github.com/Roger-luo/Configurations.jl.git"; rev = "b8486a417456d2fbbe2af13e24cef459c9f42429"; sha256 = "1dz1h64nqgcv6ai70pfv2dv4mqx9rqmh08196k7j73bqlc6r00w1"; };
} {
name = "Crayons";
uuid = "a8cc5b0e-0ffa-5ad4-8c14-923d3ee1735f";
path = "C/Crayons";
replaceUrlInManifest = null;
treehash = "3f71217b538d7aaee0b69ab47d9b7724ca8afa0d";
artifacts = {};
src = fetchgit { url = "https://github.com/KristofferC/Crayons.jl.git"; rev = "3f71217b538d7aaee0b69ab47d9b7724ca8afa0d"; sha256 = "0v3zhjlnb2914bxcj4myl8pgb7m31p77aj2k1bckmqs96jdph10z"; };
} {
name = "DataAPI";
uuid = "9a962f9c-6df0-11e9-0e5d-c546b8b5ee8a";
path = "D/DataAPI";
replaceUrlInManifest = null;
treehash = "dfb3b7e89e395be1e25c2ad6d7690dc29cc53b1d";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaData/DataAPI.jl.git"; rev = "dfb3b7e89e395be1e25c2ad6d7690dc29cc53b1d"; sha256 = "14sfvkz169zcbap3gdwpj16qsap783h86fd07flfxk822abam11w"; };
} {
name = "DataValueInterfaces";
uuid = "e2d170a0-9d28-54be-80f0-106bbe20a464";
path = "D/DataValueInterfaces";
replaceUrlInManifest = null;
treehash = "bfc1187b79289637fa0ef6d4436ebdfe6905cbd6";
artifacts = {};
src = fetchgit { url = "https://github.com/queryverse/DataValueInterfaces.jl.git"; rev = "bfc1187b79289637fa0ef6d4436ebdfe6905cbd6"; sha256 = "0g2wj6q7jj956nx6g7dk8x7w1c4l2xcmnr1kq5x8s8fild9kslg8"; };
} {
name = "Dates";
uuid = "ade2ca70-3891-5945-98fb-dc099432e06a";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Distributed";
uuid = "8ba89e20-285c-5b6f-9357-94700520ee1b";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "ExproniconLite";
uuid = "55351af7-c7e9-48d6-89ff-24e801d99491";
path = "E/ExproniconLite";
replaceUrlInManifest = null;
treehash = "c97ce5069033ac15093dc44222e3ecb0d3af8966";
artifacts = {};
src = fetchgit { url = "https://github.com/Roger-luo/ExproniconLite.jl.git"; rev = "c97ce5069033ac15093dc44222e3ecb0d3af8966"; sha256 = "0qk73k71c6v0vsq705mmxfj4vg3qslppxy5c8magaf7v5yr605iv"; };
} {
name = "FuzzyCompletions";
uuid = "fb4132e2-a121-4a70-b8a1-d5b831dcdcc2";
path = "F/FuzzyCompletions";
replaceUrlInManifest = null;
treehash = "9cde086faa37f32794be3d2df393ff064d43cd66";
artifacts = {};
src = fetchgit { url = "https://github.com/JunoLab/FuzzyCompletions.jl.git"; rev = "9cde086faa37f32794be3d2df393ff064d43cd66"; sha256 = "07sv88c472n6w4x7diy952igbcfm1s104ysnnvprld83312siw06"; };
} {
name = "HTTP";
uuid = "cd3eb016-35fb-5094-929b-558a96fad6f3";
path = "H/HTTP";
replaceUrlInManifest = null;
treehash = "b855bf8247d6e946c75bb30f593bfe7fe591058d";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaWeb/HTTP.jl.git"; rev = "b855bf8247d6e946c75bb30f593bfe7fe591058d"; sha256 = "10m7sqzm06c6pkn885gf6bjnbx4m8hcgy8lyzv15arlssrdracad"; };
} {
name = "IniFile";
uuid = "83e8ac13-25f8-5344-8a64-a9f2b223428f";
path = "I/IniFile";
replaceUrlInManifest = null;
treehash = "098e4d2c533924c921f9f9847274f2ad89e018b8";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaIO/IniFile.jl.git"; rev = "098e4d2c533924c921f9f9847274f2ad89e018b8"; sha256 = "19cn41w04hikrqdzlxhrgf21rfqhkvj9x1zvwh3yz9hqbf350xs9"; };
} {
name = "InteractiveUtils";
uuid = "b77e0a4c-d291-57a0-90e8-8db25a27a240";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "IteratorInterfaceExtensions";
uuid = "82899510-4779-5014-852e-03e436cf321d";
path = "I/IteratorInterfaceExtensions";
replaceUrlInManifest = null;
treehash = "a3f24677c21f5bbe9d2a714f95dcd58337fb2856";
artifacts = {};
src = fetchgit { url = "https://github.com/queryverse/IteratorInterfaceExtensions.jl.git"; rev = "a3f24677c21f5bbe9d2a714f95dcd58337fb2856"; sha256 = "1slpay1dhja8f9gy6z7b3psgvgcknn963dvfqqakvg1grk9ppa09"; };
} {
name = "JLLWrappers";
uuid = "692b3bcd-3c85-4b1f-b108-f13ce0eb3210";
path = "J/JLLWrappers";
replaceUrlInManifest = null;
treehash = "642a199af8b68253517b80bd3bfd17eb4e84df6e";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaPackaging/JLLWrappers.jl.git"; rev = "642a199af8b68253517b80bd3bfd17eb4e84df6e"; sha256 = "0v7xhsv9z16d657yp47vgc86ggc01i1wigqh3n0d7i1s84z7xa0h"; };
} {
name = "LibGit2";
uuid = "76f85450-5226-5b5a-8eaa-529ad045b433";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Libdl";
uuid = "8f399da3-3557-5675-b5ff-fb832c97cbdb";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "LinearAlgebra";
uuid = "37e2e46d-f89d-539d-b4ee-838fcccc9c8e";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Logging";
uuid = "56ddb016-857b-54e1-b83d-db4d58db5568";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Markdown";
uuid = "d6f4376e-aef5-505a-96c1-9c027394607a";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "MbedTLS";
uuid = "739be429-bea8-5141-9913-cc70e7f3736d";
path = "M/MbedTLS";
replaceUrlInManifest = null;
treehash = "1c38e51c3d08ef2278062ebceade0e46cefc96fe";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaLang/MbedTLS.jl.git"; rev = "1c38e51c3d08ef2278062ebceade0e46cefc96fe"; sha256 = "0zjzf2r57l24n3k0gcqkvx3izwn5827iv9ak0lqix0aa5967wvfb"; };
} {
name = "MbedTLS_jll";
uuid = "c8ffd9c3-330d-5841-b78e-0817d7145fa1";
path = "M/MbedTLS_jll";
replaceUrlInManifest = null;
treehash = "0eef589dd1c26a3ac9d753fe1a8bcad63f956fa6";
artifacts = {
"519367e9365948074c1fcc9f4365597f147a5ab7" = [{
name = "MbedTLS";
url = "https://github.com/JuliaBinaryWrappers/MbedTLS_jll.jl/releases/download/MbedTLS-v2.16.8+0/MbedTLS.v2.16.8.x86_64-linux-gnu.tar.gz";
sha256 = "5968d98ac1d4fdbf44ed87b0687f916f69ab077961b3cc9ea6068e2d739bd953";
}];
};
src = fetchgit { url = "https://github.com/JuliaBinaryWrappers/MbedTLS_jll.jl.git"; rev = "0eef589dd1c26a3ac9d753fe1a8bcad63f956fa6"; sha256 = "0x43cp26p4w799i1cy4j72l5b1dyqcsab98qjw6yydxk2wha5vw4"; };
} {
name = "MsgPack";
uuid = "99f44e22-a591-53d1-9472-aa23ef4bd671";
path = "M/MsgPack";
replaceUrlInManifest = null;
treehash = "a8cbf066b54d793b9a48c5daa5d586cf2b5bd43d";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaIO/MsgPack.jl.git"; rev = "a8cbf066b54d793b9a48c5daa5d586cf2b5bd43d"; sha256 = "1layiqjf9si38pfdcszppgcy4zbfqgld7jlw8x645sm9b17b19fg"; };
} {
name = "NetworkOptions";
uuid = "ca575930-c2e3-43a9-ace4-1e988b2c1908";
path = "N/NetworkOptions";
replaceUrlInManifest = null;
treehash = "ed3157f48a05543cce9b241e1f2815f7e843d96e";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaLang/NetworkOptions.jl.git"; rev = "ed3157f48a05543cce9b241e1f2815f7e843d96e"; sha256 = "02nm4v67lb1dzhgyyr9bg8kylyyhsgfsxf3nxhbl4hp9dz48an0a"; };
} {
name = "OrderedCollections";
uuid = "bac558e1-5e72-5ebc-8fee-abe8a469f55d";
path = "O/OrderedCollections";
replaceUrlInManifest = null;
treehash = "85f8e6578bf1f9ee0d11e7bb1b1456435479d47c";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaCollections/OrderedCollections.jl.git"; rev = "85f8e6578bf1f9ee0d11e7bb1b1456435479d47c"; sha256 = "0jaxcmvkp8zpqrz101yikdigz90s70i7in5wn8kybwzf0na3lhwf"; };
} {
name = "Pkg";
uuid = "44cfe95a-1eb2-52ea-b672-e2afdf69b78f";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Pluto";
uuid = "c3e4b0f8-55cb-11ea-2926-15256bba5781";
path = "P/Pluto";
replaceUrlInManifest = null;
treehash = "85156b21dee3a4515ff479555eb958ad33c057aa";
artifacts = {};
src = fetchgit { url = "https://github.com/fonsp/Pluto.jl.git"; rev = "85156b21dee3a4515ff479555eb958ad33c057aa"; sha256 = "1dvgrj0likniafs06hrwfndbshqr5khdqdyylganc1m81652rz5x"; };
} {
name = "Preferences";
uuid = "21216c6a-2e73-6563-6e65-726566657250";
path = "P/Preferences";
replaceUrlInManifest = null;
treehash = "00cfd92944ca9c760982747e9a1d0d5d86ab1e5a";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaPackaging/Preferences.jl.git"; rev = "00cfd92944ca9c760982747e9a1d0d5d86ab1e5a"; sha256 = "1cail43iqzbi6m9v6981rhz47zf2lcvhs5ds5gdqvc9nx5frghxq"; };
} {
name = "Printf";
uuid = "de0858da-6303-5e67-8744-51eddeeeb8d7";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "REPL";
uuid = "3fa0cd96-eef1-5676-8a61-b3b8758bbffb";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Random";
uuid = "9a3f8284-a2c9-5f02-9a11-845980a1fd5c";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "SHA";
uuid = "ea8e919c-243c-51af-8825-aaa63cd721ce";
path = "S/SHA";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Serialization";
uuid = "9e88b42a-f829-5b0c-bbe9-9e923198166b";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Sockets";
uuid = "6462fe0b-24de-5631-8697-dd941f90decc";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "TOML";
uuid = "fa267f1f-6049-4f14-aa54-33bafae1ed76";
path = "T/TOML";
replaceUrlInManifest = null;
treehash = "44aaac2d2aec4a850302f9aa69127c74f0c3787e";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaLang/TOML.jl.git"; rev = "44aaac2d2aec4a850302f9aa69127c74f0c3787e"; sha256 = "1xy19fc5lrj9kh298xhczvmjl1cx3p46fj2xlmkisaqxzhd782yd"; };
} {
name = "TableIOInterface";
uuid = "d1efa939-5518-4425-949f-ab857e148477";
path = "T/TableIOInterface";
replaceUrlInManifest = null;
treehash = "9a0d3ab8afd14f33a35af7391491ff3104401a35";
artifacts = {};
src = fetchgit { url = "https://github.com/lungben/TableIOInterface.jl.git"; rev = "9a0d3ab8afd14f33a35af7391491ff3104401a35"; sha256 = "0p2fi9jbyfg2j6rysv4if7dx8qw2mssb04i75j1zq607j8707kvn"; };
} {
name = "TableTraits";
uuid = "3783bdb8-4a98-5b6b-af9a-565f29a5fe9c";
path = "T/TableTraits";
replaceUrlInManifest = null;
treehash = "c06b2f539df1c6efa794486abfb6ed2022561a39";
artifacts = {};
src = fetchgit { url = "https://github.com/queryverse/TableTraits.jl.git"; rev = "c06b2f539df1c6efa794486abfb6ed2022561a39"; sha256 = "08ssb2630wm6j8f2qa985mn2vfibfm5kjcn4ayl2qkhfcyp8daw4"; };
} {
name = "Tables";
uuid = "bd369af6-aec1-5ad0-b16a-f7cc5008161c";
path = "T/Tables";
replaceUrlInManifest = null;
treehash = "c9d2d262e9a327be1f35844df25fe4561d258dc9";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaData/Tables.jl.git"; rev = "c9d2d262e9a327be1f35844df25fe4561d258dc9"; sha256 = "1q0wh4031zdp40k44jaix19pzy6cnwsa2p0zfz6799jbyqkg4kr1"; };
} {
name = "Test";
uuid = "8dfed614-e22c-5e08-85e1-65c5234f0b40";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "URIs";
uuid = "5c2747f8-b7ea-4ff2-ba2e-563bfd36b1d4";
path = "U/URIs";
replaceUrlInManifest = null;
treehash = "97bbe755a53fe859669cd907f2d96aee8d2c1355";
artifacts = {};
src = fetchgit { url = "https://github.com/JuliaWeb/URIs.jl.git"; rev = "97bbe755a53fe859669cd907f2d96aee8d2c1355"; sha256 = "0kp4hg3kknkm2smlcizqfd33l9x4vkahc2714gnbjp39fj285b92"; };
} {
name = "UUIDs";
uuid = "cf7118a7-6976-5b1a-9a39-7adc72f591a4";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
} {
name = "Unicode";
uuid = "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5";
path = "null";
replaceUrlInManifest = null;
treehash = "None";
artifacts = {};
src = null;
}];
}

View file

@ -0,0 +1,15 @@
using Pkg
Pkg.activate(".")
using Pluto
Pluto.run(
launch_browser = false,
require_secret_for_access = false,
require_secret_for_open_links = false,
port = 9999,
host = "127.0.0.1",
notebook_path_suggestion = "/notebooks"
)

View file

@ -1,34 +0,0 @@
{ stdenv, lib, python3Packages, fetchzip }:
python3Packages.buildPythonPackage rec {
pname = "uffd";
version = "2.0.1";
src = fetchzip {
url = "https://git.cccv.de/uffd/uffd/-/archive/v${version}/uffd-v${version}.tar.gz";
hash = "sha256-KP4J1bw5u7MklaPu2SBFRNyGgkKOBOpft5MMH+em5M4=";
};
patches = [ ./gitea-magic.patch ./fix-setuppy.patch ./fix-userinfo.patch ];
propagatedBuildInputs = with python3Packages; [
flask
flask_sqlalchemy
flask_migrate
qrcode
fido2
oauthlib
flask-babel
argon2_cffi
itsdangerous
alembic
Mako
];
postPatch = ''
sed -i -e 's/==[0-9.]\+//g' setup.py
'';
doCheck = false;
doInstallCheck = false;
}

View file

@ -1,34 +0,0 @@
--- a/setup.py 2022-04-30 13:12:45.564651955 +0000
+++ b/setup.py 2022-04-30 13:17:02.545809513 +0000
@@ -41,31 +41,5 @@
'Flask-Babel==0.11.2',
'alembic==1.0.0',
'argon2-cffi==18.3.0',
-
- # The main dependencies on their own lead to version collisions and pip is
- # not very good at resolving them, so we pin the versions from Debian Buster
- # for all dependencies.
- 'certifi==2018.8.24',
- #cffi==1.12.2'
- 'cffi # v1.12.2 no longer works with python3.9. Newer versions seem to work fine.',
- 'chardet==3.0.4',
- 'click==7.0',
- 'cryptography==2.6.1',
- 'idna==2.6',
- 'itsdangerous==0.24',
- 'Jinja2==2.10',
- 'MarkupSafe==1.1.0',
- 'oauthlib==2.1.0',
- 'pyasn1==0.4.2',
- 'pycparser==2.19',
- 'requests==2.21.0',
- 'requests-oauthlib==1.0.0',
- 'six==1.12.0',
- 'SQLAlchemy==1.2.18',
- 'urllib3==1.24.1',
- 'Werkzeug==0.14.1',
- 'python-dateutil==2.7.3',
- #editor==1.0.3
- 'Mako==1.0.7',
],
)

View file

@ -1,10 +0,0 @@
--- a/uffd/oauth2/views.py 2022-04-30 20:39:53.825474990 +0000
+++ b/uffd/oauth2/views.py 2022-04-30 20:40:12.632389377 +0000
@@ -234,6 +234,7 @@
id=user.unix_uid,
name=user.displayname,
nickname=user.loginname,
+ username=user.loginname,
email=user.mail,
groups=[group.name for group in user.groups]
)

View file

@ -1,32 +0,0 @@
From e3c0995160a653ef6cd8784b255036585b273b82 Mon Sep 17 00:00:00 2001
From: stuebinm <stuebinm@disroot.org>
Date: Wed, 20 Jul 2022 18:02:15 +0200
Subject: [PATCH] magic gitea patch
---
uffd/oauth2/views.py | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/uffd/oauth2/views.py b/uffd/oauth2/views.py
index d13fd42..94352be 100644
--- a/uffd/oauth2/views.py
+++ b/uffd/oauth2/views.py
@@ -230,6 +230,15 @@ def oauth_required(*scopes):
@oauth_required('profile')
def userinfo():
user = request.oauth.user
+ client = request.oauth.client_id
+ if client == "gitea":
+ return jsonify(
+ id=user.unix_uid,
+ full_name=user.displayname,
+ login=user.loginname,
+ email=user.mail,
+ groups=[group.name for group in user.groups]
+ )
return jsonify(
id=user.unix_uid,
name=user.displayname,
--
2.36.0

View file

@ -1,133 +0,0 @@
{ config, lib, pkgs, profiles, modules, evalConfig, sources, ... }:
{
containers.gitea = {
privateNetwork = true;
hostAddress = "192.168.100.1";
localAddress = "192.168.100.10";
autoStart = true;
bindMounts = {
"/persist" = {
hostPath = "/persist/containers/gitea";
isReadOnly = false;
};
};
path = (evalConfig {
hosts = { };
groups = { };
} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
boot.isContainer = true;
networking.useDHCP = false;
users.users.root.hashedPassword = "";
imports = [ ((import sources.nix-hexchen) { }).profiles.nopersist ];
environment.systemPackages = [ pkgs.gitea ];
hexchen.bindmounts."/var/lib/gitea" = "/persist/gitea";
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;
networking.defaultGateway = {
address = "192.168.100.1";
interface = "eth0";
};
services.coredns = {
enable = true;
config = ''
.:53 {
forward . 1.1.1.1
}
'';
};
services.gitea = {
enable = true;
appName = "0x0: git for all creatures";
rootUrl = "https://git.infra4future.de/";
httpAddress = "0.0.0.0";
httpPort = 3000;
lfs.enable = true;
disableRegistration = true;
database.type = "postgres";
cookieSecure = true;
log.level = "Info";
# mailerPasswordFile =
# "/var/lib/secrets/noreply"; # see below for access permissions
settings = {
# mailer = {
# ENABLED = true;
# HOST = "0x0.rip:465";
# FROM = "noreply@0x0.rip";
# ENVELOPE_FROM = "noreply@0x0.rip";
# USER = "noreply@0x0.rip";
# };
repository = {
DEFAULT_PRIVATE = "public";
PREFERRED_LICENSES = "Unlicense";
DEFAULT_BRANCH = "main";
};
oauth2_client = {
ACCOUNT_LINKING = "auto";
ENABLE_AUTO_REGISTRATION = true;
};
"repository.pull-requests" = {
DEFAULT_MERGE_STYLE = "merge";
DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = true;
};
"repository.upload".FILE_MAX_SIZE = 1024;
server = {
LANDING_PAGE = "explore";
OFFLINE_MODE = true;
};
security = { INSTALL_LOCK = true; };
other = {
SHOW_FOOTER_VERSION = false;
SHOW_FOOTER_TEMPLATE_LOAD_TIME = false;
};
cron = {
ENABLED = true;
NOTICE_ON_SUCCESS = true;
};
"cron.update_mirrors" = {
SCHEDULE = "@every 12h";
PULL_LIMIT = "-1";
PUSH_LIMIT = "-1";
};
"cron.git_gc_repos".ENABLED = true;
"cron.delete_old_actions".ENABLED = true;
};
};
services.postgresqlBackup = {
enable = true;
databases = [ "gitea" ];
startAt = "*-*-* 23:45:00";
location = "/persist/backups/postgres";
};
services.openssh = {
enable = true;
passwordAuthentication = false;
listenAddresses = [ {
addr = "192.168.100.10";
port = 22;
} ];
extraConfig = ''
AcceptEnv GIT_PROTOCOL
'';
};
})).config.system.build.toplevel;
};
services.nginx.virtualHosts."git.infra4future.de" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://${config.containers.gitea.localAddress}:3000";
};
};
hexchen.nftables.nat.forwardPorts = [{
ports = [ 22 ];
destination = "${config.containers.gitea.localAddress}:22";
proto = "tcp";
}];
}

View file

@ -0,0 +1,63 @@
{config, pkgs, lib, ...}:
{
services.gitlab-runner = {
enable = true;
concurrent = 4;
services = {
infra4future = {
buildsDir = "/persist/var/lib/gitlab-runner/builds";
dockerImage = "nixos/nix";
executor = "docker";
registrationConfigFile = "/persist/var/lib/gitlab-runner/gitlab-runner.env";
};
nix = {
limit = 1; # don't run multiple jobs
registrationConfigFile = "/persist/var/lib/gitlab-runner/gitlab-runner.env";
dockerImage = "alpine";
dockerVolumes = [
"/nix/store:/nix/store:ro"
"/nix/var/nix/db:/nix/var/nix/db:ro"
"/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro"
];
dockerDisableCache = true;
preBuildScript = pkgs.writeScript "setup-container" ''
mkdir -p -m 0755 /nix/var/log/nix/drvs
mkdir -p -m 0755 /nix/var/nix/gcroots
mkdir -p -m 0755 /nix/var/nix/profiles
mkdir -p -m 0755 /nix/var/nix/temproots
mkdir -p -m 0755 /nix/var/nix/userpool
mkdir -p -m 1777 /nix/var/nix/gcroots/per-user
mkdir -p -m 1777 /nix/var/nix/profiles/per-user
mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root
mkdir -p -m 0700 "$HOME/.nix-defexpr"
. ${pkgs.nix}/etc/profile.d/nix.sh
${pkgs.nix}/bin/nix-env -i ${lib.concatStringsSep " " (with pkgs; [ nix cacert git openssh ])}
${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixpkgs-unstable
${pkgs.nix}/bin/nix-channel --update nixpkgs
'';
environmentVariables = {
ENV = "/etc/profile";
USER = "root";
NIX_REMOTE = "daemon";
PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin";
NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt";
};
tagList = [ "nix" ];
};
};
};
systemd.services.gitlab-runner.serviceConfig = {
DynamicUser = lib.mkForce false;
User = "gitlab-runner";
};
users.users.gitlab-runner = {
home = "/persist/var/lib/gitlab-runner";
extraGroups = [ "docker" ];
isSystemUser = true;
};
virtualisation.docker.storageDriver = "zfs";
}

168
services/gitlab.nix Normal file
View file

@ -0,0 +1,168 @@
{config, pkgs, lib, profiles, modules, evalConfig, sources, ...}:
{
containers.gitlab = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.1";
localAddress = "192.168.100.7";
bindMounts = {
"/persist" = {
hostPath = "/persist/containers/gitlab";
isReadOnly = false;
};
};
path = (evalConfig {hosts = {}; groups = {};} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
boot.isContainer = true;
networking.useDHCP = false;
users.users.root.hashedPassword = "";
imports = [
../modules/mattermost.nix
((import sources.nix-hexchen) {}).profiles.nopersist
];
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;
networking.defaultGateway = {
address = "192.168.100.1";
interface = "eth0";
};
services.gitlab = {
enable = true;
databaseCreateLocally = true;
host = "gitlab.infra4future.de";
https = true;
port = 443;
statePath = "/persist/gitlab";
user = "git";
databaseUsername = "git";
initialRootPasswordFile = "/persist/secrets/gitlab-root";
secrets.secretFile = "/persist/secrets/gitlab-secret";
secrets.dbFile = "/persist/secrets/gitlab-db";
secrets.otpFile = "/persist/secrets/gitlab-otp";
secrets.jwsFile = "/persist/secrets/gitlab-jws";
smtp = {
enable = true;
address = "mail.hacc.space";
port = 587;
authentication = "plain";
domain = "gitlab.infra4future.de";
enableStartTLSAuto = true;
username = "noreply@infra4future.de";
passwordFile = "/persist/secrets/noreply-pass";
};
pagesExtraArgs = [ "-listen-proxy" "0.0.0.0:8090" ];
extraConfig = {
pages = {
enabled = true;
host = "4future.dev";
port = 443;
https = true;
};
omniauth = {
enabled = true;
auto_sign_in_with_provider = "openid_connect";
allow_single_sign_on = ["openid_connect"];
block_auto_created_users = false;
providers = [
{
name = "openid_connect";
label = "infra4future Login";
args = {
name = "openid_connect";
scope = ["openid" "profile" "email"];
response_type = "code";
issuer = "https://auth.infra4future.de/auth/realms/forfuture";
discovery = true;
client_auth_method = "query";
uid_field = "username";
client_options = {
identifier = "gitlab";
secret = { _secret = "/persist/secrets/oidc-clientsecret"; };
redirect_uri = "https://gitlab.infra4future.de/users/auth/openid_connect/callback";
};
};
}
];
};
};
};
services.redis.enable = true;
services.postgresql.package = pkgs.postgresql_13;
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedTlsSettings = true;
virtualHosts."gitlab.infra4future.de" = {
default = true;
locations."/".proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
locations."/".extraConfig = ''
proxy_redirect off;
'';
};
};
services.openssh.enable = true;
services.openssh.passwordAuthentication = false;
users.users.git = {
isSystemUser = true;
group = "gitlab";
home = "/persist/gitlab/home";
uid = 165;
};
services.coredns = {
enable = true;
config = ''
.:53 {
forward . 1.1.1.1
}
'';
};
})).config.system.build.toplevel;
};
hexchen.nftables.nat.forwardPorts = [{
ports = [ 22 ];
destination = "${config.containers.gitlab.localAddress}:22";
proto = "tcp";
}];
services.nginx.virtualHosts."gitlab.infra4future.de" = {
locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:80";
locations."/".extraConfig = ''
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
'';
enableACME = true;
forceSSL = true;
};
services.nginx.virtualHosts."4future.dev" = {
locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:8090";
serverName = "~^((.*)\.)?4future\.dev$";
useACMEHost = "4future.dev";
forceSSL = true;
};
security.acme.certs."4future.dev" = {
dnsProvider = "cloudflare";
credentialsFile = "/var/lib/acme/cloudflare.pass";
extraDomainNames = [ "*.4future.dev" ];
group = config.services.nginx.group;
};
}

View file

@ -18,6 +18,7 @@
users.users.root.hashedPassword = ""; users.users.root.hashedPassword = "";
imports = [ imports = [
../modules/mattermost.nix
((import sources.nix-hexchen) {}).profiles.nopersist ((import sources.nix-hexchen) {}).profiles.nopersist
]; ];
@ -42,12 +43,7 @@
allowFreeURL = true; allowFreeURL = true;
allowGravatar = false; allowGravatar = false;
allowOrigin = [ "localhost" "pad.hacc.space" "fff-muc.de" ]; allowOrigin = [ "localhost" "pad.hacc.space" "fff-muc.de" ];
db = { dbURL = "postgres://codimd:codimd@localhost:5432/codimd";
host = "/run/postgresql";
username = "codimd";
dialect = "postgres";
database = "codimd";
};
defaultPermission = "limited"; defaultPermission = "limited";
domain = "pad.hacc.space"; domain = "pad.hacc.space";
host = "0.0.0.0"; host = "0.0.0.0";
@ -55,18 +51,17 @@
hsts.preload = false; hsts.preload = false;
email = false; email = false;
oauth2 = { oauth2 = {
authorizationURL = "https://login.infra4future.de/oauth2/authorize"; authorizationURL = "https://auth.infra4future.de/auth/realms/forfuture/protocol/openid-connect/auth";
tokenURL = "https://login.infra4future.de/oauth2/token"; tokenURL = "https://auth.infra4future.de/auth/realms/forfuture/protocol/openid-connect/token";
clientID = "hedgedoc"; clientID = "hedgedoc";
clientSecret = "1a730af1-4d6e-4c1d-8f7e-72375c9b8d62"; clientSecret = "1a730af1-4d6e-4c1d-8f7e-72375c9b8d62";
}; };
}; };
}; };
systemd.services.hedgedoc.environment = { systemd.services.hedgedoc.environment = {
"CMD_LOGLEVEL" = "warn"; "CMD_OAUTH2_USER_PROFILE_URL" = "https://auth.infra4future.de/auth/realms/forfuture/protocol/openid-connect/userinfo";
"CMD_OAUTH2_USER_PROFILE_URL" = "https://login.infra4future.de/oauth2/userinfo"; "CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR" = "name";
"CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR" = "nickname"; "CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR" = "display-name";
"CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR" = "name";
"CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR" = "email"; "CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR" = "email";
"CMD_OAUTH2_PROVIDERNAME" = "Infra4Future"; "CMD_OAUTH2_PROVIDERNAME" = "Infra4Future";
}; };
@ -79,11 +74,6 @@
"DATABASE codimd" = "ALL PRIVILEGES"; "DATABASE codimd" = "ALL PRIVILEGES";
}; };
}]; }];
authentication = ''
local all all trust
host codimd codimd 127.0.0.1/32 trust
'';
package = pkgs.postgresql_11;
}; };
services.postgresqlBackup = { services.postgresqlBackup = {
enable = true; enable = true;

View file

@ -18,6 +18,7 @@
users.users.root.hashedPassword = ""; users.users.root.hashedPassword = "";
imports = [ imports = [
../modules/mattermost.nix
((import sources.nix-hexchen) {}).profiles.nopersist ((import sources.nix-hexchen) {}).profiles.nopersist
]; ];
@ -42,11 +43,7 @@
allowFreeURL = true; allowFreeURL = true;
allowGravatar = false; allowGravatar = false;
allowOrigin = [ "localhost" "pad.infra4future.de" "fff-muc.de" ]; allowOrigin = [ "localhost" "pad.infra4future.de" "fff-muc.de" ];
db = { dbURL = "postgres://hedgedoc:hedgedoc@localhost:5432/hedgedoc";
host = "/run/postgresql";
dialect = "postgres";
database = "hedgedoc";
};
defaultPermission = "freely"; defaultPermission = "freely";
domain = "pad.infra4future.de"; domain = "pad.infra4future.de";
host = "0.0.0.0"; host = "0.0.0.0";
@ -55,12 +52,8 @@
email = false; email = false;
}; };
}; };
systemd.services.hedgedoc.environment = {
"CMD_LOGLEVEL" = "warn";
};
services.postgresql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_11;
authentication = '' authentication = ''
local all all trust local all all trust
host hedgedoc hedgedoc 127.0.0.1/32 trust host hedgedoc hedgedoc 127.0.0.1/32 trust

View file

@ -1,6 +1,8 @@
{ config, lib, pkgs, profiles, modules, evalConfig, ... }: { config, lib, pkgs, profiles, modules, evalConfig, ... }:
{ let
unstable = import (import ../nix/sources.nix).nixpkgs-unstable {};
in {
containers.lantifa = { containers.lantifa = {
autoStart = true; autoStart = true;
privateNetwork = true; privateNetwork = true;
@ -35,12 +37,13 @@
services.mediawiki = { services.mediawiki = {
enable = true; enable = true;
name = "LANtifa"; name = "LANtifa";
package = unstable.mediawiki;
database.createLocally = true; database.createLocally = true;
passwordFile = "/var/lib/mediawiki/mediawiki-password"; passwordFile = "/var/lib/mediawiki/mediawiki-password";
extraConfig = let extraConfig = let
wikidb = pkgs.fetchzip { wikidb = pkgs.fetchzip {
url = "https://www.kennel17.co.uk/uploads/testwiki/e/e9/WikiDB.zip"; url = "http://www.kennel17.co.uk/uploads/testwiki/archive/e/e9/20210407232657%21WikiDB.zip";
sha256 = "sha256-8pMNQwmGEsbIoSV1s4RL5Xqq4+f+GNOaCB8VlVnbweY="; sha256 = "0d4f2ygglz4w515a7lgw59500q3xmr92xxhsmh8p204yaa769x8v";
}; };
in '' in ''
// Configure short URLs // Configure short URLs
@ -77,8 +80,8 @@
sha256 = "1k0z44jfqsxzwy6jjz3yfibiq8wi845d5iwwh8j3yijn2854fj0i"; sha256 = "1k0z44jfqsxzwy6jjz3yfibiq8wi845d5iwwh8j3yijn2854fj0i";
}; };
intersection = pkgs.fetchzip { # This is the DynamicPageList extension intersection = pkgs.fetchzip { # This is the DynamicPageList extension
url = "https://extdist.wmflabs.org/dist/extensions/intersection-REL1_36-82eb087.tar.gz"; url = "https://extdist.wmflabs.org/dist/extensions/intersection-REL1_36-789511a.tar.gz";
sha256 = "sha256-TD58DvJ4CFASP4rIc94jeB4SN4zktLe33xZtz/Qg2dk="; sha256 = "0b5viv0d2pm1g68hynm8xbvcyw2cr3lgaxbqzdykk2yvvhc4w8j5";
}; };
PageForms = pkgs.fetchzip { PageForms = pkgs.fetchzip {
url = "https://github.com/wikimedia/mediawiki-extensions-PageForms/archive/5.0.1.zip"; url = "https://github.com/wikimedia/mediawiki-extensions-PageForms/archive/5.0.1.zip";

View file

@ -1,75 +1,43 @@
{ config, pkgs, lib, sources, ... }: { config, pkgs, lib, sources, ... }:
{ {
imports = [ sources.nixos-mailserver.outPath ]; imports = [
sources.nixos-mailserver.outPath
# reduce log spam ];
systemd.services.rspamd.serviceConfig.LogLevelMax =
3; # this is set to error because rspamd regularly complains about not enough learns
systemd.services.postfix.serviceConfig.LogLevelMax = 5; # = notice
systemd.services.dovecot2.serviceConfig.LogLevelMax = 5; # = notice
# stop postfix from dying if rspamd hiccups
systemd.services.postfix.unitConfig = {
Requires = lib.mkForce "dovecot2.service opendkim.service";
};
mailserver = { mailserver = {
mailDirectory = "/persist/mail"; mailDirectory = "/persist/mail";
enable = true; enable = true;
fqdn = "mail.hacc.space"; fqdn = "mail.hacc.space";
monitoring = { domains = [ "hacc.space" "muc.hacc.space" "hacc.earth" "4future.dev" "4futu.re" "infra4future.de" "discuss.infra4future.de" ];
enable = true;
alertAddress = "admin@hacc.space";
};
domains = [
"hacc.space"
"muc.hacc.space"
"hacc.earth"
"4future.dev"
"4futu.re"
"infra4future.de"
];
loginAccounts = { loginAccounts = {
"hexchen@hacc.space".hashedPassword = "hexchen@hacc.space".hashedPassword = "$6$x9skYtRp4dgxC$1y8gPC2BuVqG3kJVSMGgzZv0Bg1T9qxcnBWLIDbANy1d//SQ23Y7s3IMYcEPd1/l/MYWD9Y/Qse6HbT5w5Xwq/";
"$6$x9skYtRp4dgxC$1y8gPC2BuVqG3kJVSMGgzZv0Bg1T9qxcnBWLIDbANy1d//SQ23Y7s3IMYcEPd1/l/MYWD9Y/Qse6HbT5w5Xwq/"; "hexchen@hacc.space".aliases = [ "postmaster@hacc.space" "abuse@hacc.space" "hexchen@infra4future.de" ];
"octycs@hacc.space".hashedPassword = "octycs@hacc.space".hashedPassword = "$6$KceTivtJ$58jxhYF6ULfivNsb3Z0J7PnGea0Hs2wTWh3c9FrKRIAmuOD96u2IDgZRCn6P5NrXA0BL.n6HC2RS3r.4JnOmg.";
"$6$KceTivtJ$58jxhYF6ULfivNsb3Z0J7PnGea0Hs2wTWh3c9FrKRIAmuOD96u2IDgZRCn6P5NrXA0BL.n6HC2RS3r.4JnOmg.";
"octycs@hacc.space".aliases = [ "markus@hacc.space" ]; "octycs@hacc.space".aliases = [ "markus@hacc.space" ];
"raphael@hacc.space".hashedPassword = "raphael@hacc.space".hashedPassword = "$6$QveHpwMcp9mkFVAU$EFuahOrJIxPg.c.WGFHtrP3.onwJYwvP7fiBHHGb9jhosewZ2tEUP.2D3uyDLhd9Cfny6Yp4jDk/Hkjk7/ME1/";
"$6$QveHpwMcp9mkFVAU$EFuahOrJIxPg.c.WGFHtrP3.onwJYwvP7fiBHHGb9jhosewZ2tEUP.2D3uyDLhd9Cfny6Yp4jDk/Hkjk7/ME1/";
"moira@hacc.space".hashedPassword = "schweby@hacc.space".hashedPassword = "$6$BpYhwcZNrkLhVqK$6FMqA/vUkdV4GBlHLSqS5DRCb/CaLDNeIsBcZ8G30heytS/tJj2Ag7b1ovSltTA4PUfhee3pJrz1BkwkA93vN1";
"$6$BpYhwcZNrkLhVqK$6FMqA/vUkdV4GBlHLSqS5DRCb/CaLDNeIsBcZ8G30heytS/tJj2Ag7b1ovSltTA4PUfhee3pJrz1BkwkA93vN1";
"zauberberg@hacc.space".hashedPassword = "zauberberg@hacc.space".hashedPassword = "$6$ISAaU8X6D$oGKe9WXDWrRpGzHUTdxrxdtg9zuGOlBMuDc82IZhegpsv1bqd550FhZZrI40IjZTA5Hy2MZ8j/0efpnQ4fOQH0";
"$6$ISAaU8X6D$oGKe9WXDWrRpGzHUTdxrxdtg9zuGOlBMuDc82IZhegpsv1bqd550FhZZrI40IjZTA5Hy2MZ8j/0efpnQ4fOQH0";
"zauberberg@hacc.space".aliases = [ "lukas@hacc.space" ]; "zauberberg@hacc.space".aliases = [ "lukas@hacc.space" ];
"stuebinm@hacc.space".hashedPassword = "stuebinm@hacc.space".hashedPassword = "$6$mjrMQG5smqLRlm$WzmbiZnGlEXGT7hj/n2qz0nvVzGyZfMToCyLRi0wErfVEHI7y7jtWoHqIWnpcHAM29UocsIFFsUCb3XqQCwwB.";
"$6$mjrMQG5smqLRlm$WzmbiZnGlEXGT7hj/n2qz0nvVzGyZfMToCyLRi0wErfVEHI7y7jtWoHqIWnpcHAM29UocsIFFsUCb3XqQCwwB.";
"lenny@hacc.space".hashedPassword = "lenny@hacc.space".hashedPassword = "$6$EZpv9XImv5F3$p2NSoo5gLxh6NnB3/C6wF8knRTuMHqDXYF3BEscaQuk7qok2Z13xKT/6mFvvSKKBnFCuYptgnfGswmoqIzm/1/";
"$6$EZpv9XImv5F3$p2NSoo5gLxh6NnB3/C6wF8knRTuMHqDXYF3BEscaQuk7qok2Z13xKT/6mFvvSKKBnFCuYptgnfGswmoqIzm/1/";
"lenny@hacc.space".aliases = [ "rinderhacc@hacc.space" ]; "lenny@hacc.space".aliases = [ "rinderhacc@hacc.space" ];
"finance@muc.hacc.space".hashedPassword = "finance@muc.hacc.space".hashedPassword = "$6$R3GRmvXwqnMM6q.R$Y9mrUAmMnCScsM6pKjxo2a2XPM7lHrV8FIgK0PzhYvZbxWczo7.O4dk1onYeV1mRx/nXZfkZNjqNCruCn0S2m.";
"$6$R3GRmvXwqnMM6q.R$Y9mrUAmMnCScsM6pKjxo2a2XPM7lHrV8FIgK0PzhYvZbxWczo7.O4dk1onYeV1mRx/nXZfkZNjqNCruCn0S2m.";
"noreply@hacc.space" = { # service accounts
hashedPassword = "noreply@hacc.space".hashedPassword = "$6$YsqMoItITZUzI5wo$5Lejf8XBHRx4LW4VuZ9wJCiBbT4kOV/EZaCdWQ07eVIrkRTZwXWZ5zfsh.olXEFwvpNWN.DBnU.dQc.cC0/ra/";
"$6$YsqMoItITZUzI5wo$5Lejf8XBHRx4LW4VuZ9wJCiBbT4kOV/EZaCdWQ07eVIrkRTZwXWZ5zfsh.olXEFwvpNWN.DBnU.dQc.cC0/ra/"; "newsletter@hacc.space".hashedPassword = "$6$f0xKnQxBInd$zbVIi1lTKWauqW.c8sMNLHNwzn81oQrVOiIfJwPa98n9xWz/NkjuWLYuFpK.MSZwNwP7Yv/a/qaOb9v8qv/.N1";
sendOnly = true; "gitlab@infra4future.de".hashedPassword = "$6$8vvkYuxv$9xV5WktsqfgM3cWSxonjtaohm7oqvDC5qsgJCJBATwesjTRxd/QTLa7t7teK8Nzyl.Py26xz.NvYowCZQ4aBE1";
}; "noreply@infra4future.de".hashedPassword = "$6$uaD8bRcT1$gFqhFyu5RUsyUUOG5b.kN.JAJ1rVHvaYhpeRHoMvrERAMgBu1FHu2oDnjTsy.5NKoLc5xpI5uv4Gpy4YbmDmV.";
"discuss@infra4future.de".hashedPassword = "$6$8x8/OlMFjq1$S54jdBh7WjrdC6UtbYAHHzMJak7Ai/CjwmWBBbqh7yRHuZt.mfZrsfBNiL3JKBHE7seQ7JYRU99lJKCU6Aujg/";
"noreply@infra4future.de" = {
hashedPassword =
"$6$uaD8bRcT1$gFqhFyu5RUsyUUOG5b.kN.JAJ1rVHvaYhpeRHoMvrERAMgBu1FHu2oDnjTsy.5NKoLc5xpI5uv4Gpy4YbmDmV.";
sendOnly = true;
};
}; };
extraVirtualAliases = { extraVirtualAliases = {
@ -81,41 +49,42 @@
"hexchen@hacc.space" "hexchen@hacc.space"
"octycs@hacc.space" "octycs@hacc.space"
"raphael@hacc.space" "raphael@hacc.space"
"moira@hacc.space" "schweby@hacc.space"
"zauberberg@hacc.space" "zauberberg@hacc.space"
"stuebinm@hacc.space" "stuebinm@hacc.space"
"lenny@hacc.space" "lenny@hacc.space"
]; ];
# admin: current people with access to the mail server and knowledge on how to use it
# admin: current people with access to the mail server and knowledge on how to use it™ "admin@hacc.space" = [
"admin@hacc.space" = "hexchen@hacc.space"
[ "hexchen@hacc.space" "moira@hacc.space" "zauberberg@hacc.space" ]; "schweby@hacc.space"
"zauberberg@hacc.space"
];
# voc: hacc video operation center, various streaming-related things # voc: hacc video operation center, various streaming-related things
"voc@hacc.space" = [ "voc@hacc.space" = [
"hexchen@hacc.space" "hexchen@hacc.space"
"moira@hacc.space" "schweby@hacc.space"
"octycs@hacc.space" "octycs@hacc.space"
"stuebinm@hacc.space" "stuebinm@hacc.space"
"zauberberg@hacc.space" "zauberberg@hacc.space"
"lenny@hacc.space" "lenny@hacc.space"
"raphael@hacc.space"
]; ];
# -- Regional: Germany -- # -- Regional: Germany --
# board of hacc e.V. # board of hacc e.V.
"vorstand@hacc.space" = "vorstand@hacc.space" = [
[ "raphael@hacc.space" "moira@hacc.space" "zauberberg@hacc.space" ]; "raphael@hacc.space"
"schweby@hacc.space"
"zauberberg@hacc.space"
];
# members of hacc e.V. # members of hacc e.V.
"mitglieder@hacc.space" = [ "mitglieder@hacc.space" = [
"hexchen@hacc.space" "hexchen@hacc.space"
"raphael@hacc.space" "raphael@hacc.space"
"moira@hacc.space" "schweby@hacc.space"
"zauberberg@hacc.space" "zauberberg@hacc.space"
"lenny@hacc.space" "lenny@hacc.space"
"octycs@hacc.space" "octycs@hacc.space"
"stuebinm@hacc.space"
]; ];
# -- Regional: Munich -- # -- Regional: Munich --
@ -123,47 +92,58 @@
"hexchen@hacc.space" "hexchen@hacc.space"
"octycs@hacc.space" "octycs@hacc.space"
"raphael@hacc.space" "raphael@hacc.space"
"moira@hacc.space" "schweby@hacc.space"
"zauberberg@hacc.space" "zauberberg@hacc.space"
"stuebinm@hacc.space" "stuebinm@hacc.space"
"lenny@hacc.space" "lenny@hacc.space"
]; ];
# -- c3 world operation centre --
"world@muc.hacc.space" = [
"hexchen@hacc.space"
"stuebinm@hacc.space"
];
}; };
# Use Let's Encrypt certificates. Note that this needs to set up a stripped # Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80. # down nginx and opens port 80.
certificateScheme = 3; certificateScheme = 3;
# Only allow implict TLS # Enable IMAP and POP3
enableImap = false; enableImap = true;
enablePop3 = false; enablePop3 = true;
enableImapSsl = true;
enablePop3Ssl = true;
# Enable the ManageSieve protocol # Enable the ManageSieve protocol
enableManageSieve = true; enableManageSieve = true;
# whether to scan inbound emails for viruses (note that this requires at least
# 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty)
virusScanning = false;
}; };
services.postfix.submissionOptions.smtpd_sender_restrictions = "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
services.postfix.submissionOptions.smtpd_sender_restrictions = services.postfix.submissionsOptions.smtpd_sender_restrictions = "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
lib.mkForce "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
services.postfix.submissionsOptions.smtpd_sender_restrictions =
lib.mkForce "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
services.postfix.virtual = '' services.postfix.virtual = ''
postmaster@hacc.space admin@hacc.space
abuse@hacc.space admin@hacc.space
contact@hacc.space info@hacc.space
hello@hacc.space info@hacc.space
haccvoc@hacc.space voc@hacc.space
@4future.dev @hacc.space @4future.dev @hacc.space
@4futu.re @hacc.space @4futu.re @hacc.space
@hacc.earth @hacc.space @hacc.earth @hacc.space
@infra4future.de @hacc.space @discuss.infra4future.de discuss@infra4future.de
admin@infra4future.de admin@hacc.space
noreply@infra4future.de admin@hacc.space
lukas@infra4future.de zauberberg@hacc.space
info@infra4future.de admin@hacc.space
postmaster@infra4future.de admin@hacc.space
voc@infra4future.de voc@hacc.space
haccvoc@infra4future.de voc@hacc.space
contact@hacc.space info@hacc.space
himmel@hacc.space admin@hacc.space
divoc-patches@muc.hacc.space world@muc.hacc.space
''; '';
systemd.services.alps = { systemd.services.alps = {
enable = true; enable = true;
script = script = "${pkgs.alps}/bin/alps -theme alps imaps://mail.hacc.space:993 smtps://mail.hacc.space:465";
"${pkgs.alps}/bin/alps -theme alps imaps://mail.hacc.space:993 smtps://mail.hacc.space:465";
serviceConfig.WorkingDirectory = "${pkgs.alps}/share/alps"; serviceConfig.WorkingDirectory = "${pkgs.alps}/share/alps";
serviceConfig.Restart = "always"; serviceConfig.Restart = "always";
requiredBy = [ "multi-user.target" ]; requiredBy = [ "multi-user.target" ];

View file

@ -78,7 +78,6 @@ in {
TeamSettings = { TeamSettings = {
EnableTeamCreation = true; EnableTeamCreation = true;
EnableUserCreation = true; EnableUserCreation = true;
MaxUsersPerTeam = 250;
EnableOpenServer = false; EnableOpenServer = false;
EnableUserDeactivation = true; EnableUserDeactivation = true;
ExperimentalViewArchivedChannels = true; ExperimentalViewArchivedChannels = true;
@ -141,9 +140,9 @@ in {
Enable = true; Enable = true;
Id = "mattermost"; Id = "mattermost";
Scope = ""; Scope = "";
AuthEndpoint = "https://login.infra4future.de/oauth2/authorize"; AuthEndpoint = "https://auth.infra4future.de/auth/realms/forfuture/protocol/openid-connect/auth";
TokenEndpoint = "https://login.infra4future.de/oauth2/token"; TokenEndpoint = "https://auth.infra4future.de/auth/realms/forfuture/protocol/openid-connect/token";
UserApiEndpoint = "https://login.infra4future.de/oauth2/userinfo"; UserApiEndpoint = "https://auth.infra4future.de/auth/realms/forfuture/protocol/openid-connect/userinfo";
}; };
# for some reason, these don't appear to be working; the startup # for some reason, these don't appear to be working; the startup
# process complaines and sets these back to en # process complaines and sets these back to en
@ -202,7 +201,6 @@ in {
services.postgresql = { services.postgresql = {
enable = lib.mkForce true; # mattermost sets this to false. wtf. enable = lib.mkForce true; # mattermost sets this to false. wtf.
package = pkgs.postgresql_11;
ensureDatabases = [ "mattermost" ]; ensureDatabases = [ "mattermost" ];
ensureUsers = [ { ensureUsers = [ {
name = "mattermost"; name = "mattermost";

View file

@ -1,5 +1,18 @@
{ config, lib, pkgs, sources, ... }: { config, lib, pkgs, sources, ... }:
let
mumblesite = pkgs.stdenv.mkDerivation {
name = "mumble.hacc.space-website";
src = sources.mumble-website.outPath.outPath;
buildPhase = ''
${pkgs.jekyll.outPath}/bin/jekyll build
'';
installPhase = ''
mkdir -p $out
cp -r _site/* $out
'';
};
in
{ {
hexchen.bindmounts."/var/lib/murmur" = "/persist/var/lib/murmur"; hexchen.bindmounts."/var/lib/murmur" = "/persist/var/lib/murmur";
@ -15,9 +28,17 @@
networking.firewall.allowedTCPPorts = [ config.services.murmur.port ]; networking.firewall.allowedTCPPorts = [ config.services.murmur.port ];
networking.firewall.allowedUDPPorts = [ config.services.murmur.port ]; networking.firewall.allowedUDPPorts = [ config.services.murmur.port ];
# the mumble cert has its own group so that both nginx and murmur can read it services.nginx.virtualHosts =
users.groups.mumblecert = {}; let vhost = {
security.acme.certs."mumble.hacc.space".group = "mumblecert"; forceSSL = true;
users.users.nginx.extraGroups = [ "mumblecert" ]; enableACME = true;
users.users.murmur.extraGroups = [ "mumblecert" ]; root = mumblesite.outPath;
};
in {
"mumble.infra4future.de" = vhost;
"mumble.hacc.space" = vhost;
};
# set ACLs so that the murmur user can read the certificates
security.acme.certs."mumble.hacc.space".postRun = "setfacl -Rm u:murmur:rX /var/lib/acme/mumble.hacc.space";
} }

View file

@ -36,7 +36,7 @@
# must be set manually; may not be incremented by more than one at # must be set manually; may not be incremented by more than one at
# a time, otherwise nextcloud WILL break # a time, otherwise nextcloud WILL break
package = pkgs.nextcloud24; package = pkgs.nextcloud21;
home = "/persist/nextcloud"; home = "/persist/nextcloud";
https = true; https = true;
@ -47,11 +47,15 @@
dbuser = "nextcloud"; dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud"; dbname = "nextcloud";
adminpassFile = "/persist/nextcloud/config/admin_pw"; # there's also a adminpassFile option, but for testing this seems
# enough (less fiddling with getting the file into a nixos
# container for ad-hoc setups)
adminpass = "lushfjwebrwhjebr";
adminuser = "root"; adminuser = "root";
defaultapp = "apporder";
}; };
caching.redis = true;
# multiple pools may be doable using services.phpfpm.pools, # multiple pools may be doable using services.phpfpm.pools,
# but i have not tried this yet. The nextcloud module defines a # but i have not tried this yet. The nextcloud module defines a
# pool "nextcloud" # pool "nextcloud"
@ -66,15 +70,40 @@
extraOptions = { extraOptions = {
instanceid = "ocxlphb7fbju"; instanceid = "ocxlphb7fbju";
redis = {
host = "/run/redis/redis.sock";
port = 0;
dbindex = 0;
password = "secret";
timeout = 1.5;
};
datadirectory = "/persist/data/ncdata"; datadirectory = "/persist/data/ncdata";
mail_smtpmode = "smtp";
mail_smtpsecure = "ssl";
mail_sendmailmode = "smtp";
mail_from_address = "noreply";
mail_domain = "infra4future.de";
mail_smtpauthtype = "PLAIN";
mail_smtpauth = 1;
mail_smtphost = "mail.hacc.space";
mail_smtpport = 465;
mail_smtpname = "noreply@infra4future.de";
loglevel = 0; loglevel = 0;
"overwrite.cli.url" = "https://cloud.infra4future.de"; "overwrite.cli.url" = "https://cloud.infra4future.de";
}; };
# passwordsalt, secret, and mail_smtppassword go in here
secretFile = "/persist/secrets.json";
};
services.redis = {
enable = true;
unixSocket = "/var/run/redis/redis.sock";
}; };
services.postgresql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_11;
ensureDatabases = [ "nextcloud" ]; ensureDatabases = [ "nextcloud" ];
ensureUsers = [ ensureUsers = [
{ # by default, postgres has unix sockets enabled, and allows a { # by default, postgres has unix sockets enabled, and allows a
@ -106,11 +135,6 @@
locations."/".proxyPass = "http://${config.containers.nextcloud.localAddress}:80"; locations."/".proxyPass = "http://${config.containers.nextcloud.localAddress}:80";
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
extraConfig = ''
proxy_buffering off;
client_max_body_size 0;
add_header Cache-Control "no-store, no-cache, must-revalidate";
'';
}; };
} }

View file

@ -1,9 +1,32 @@
{ config, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
let
domains = [ "www.infra4future.de" "hacc.earth" "www.hacc.earth" ];
in {
{ services.nginx.virtualHosts =
hacc.websites = { listToAttrs (map (host: nameValuePair host {
enable = true; useACMEHost = "infra4future.de";
directory = ../websites; forceSSL = true;
locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:8090";
}) domains) // {
"infra4future.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://${config.containers.gitlab.localAddress}:8090";
};
"muc.hacc.earth" = {
enableACME = true;
forceSSL = true;
locations."/".extraConfig = ''
proxy_pass "http://${config.containers.gitlab.localAddress}:8090/infra4future/muc.hacc.earth/";
proxy_set_header Host 'hacc.4future.dev';
'';
};
};
security.acme.certs."infra4future.de" = {
extraDomainNames = domains;
}; };
} }

66
services/pluto.nix Normal file
View file

@ -0,0 +1,66 @@
{ config, lib, pkgs, ... }:
let sources = import ../nix/sources.nix;
in
{
containers.pluto = {
autoStart = true;
bindMounts."/notebooks" = {
hostPath = "/data/pluto";
isReadOnly = false;
};
config = {pkgs, config, ...}: {
systemd.services.pluto =
let
julia = (import ../pkgs/pluto)
{pkgs = import sources.nixpkgs {};};
pluto = pkgs.stdenv.mkDerivation {
name = "pluto-standalone";
buildPhase = "mkdir $out";
installPhase = ''
cp *.toml $out
cp *.jl $out
'';
src = ../pkgs/pluto;
};
in {
enable = true;
description = "Pluto.js notebook server";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
type = "simple";
User = "pluto";
Group = "pluto";
};
# julia needs some writable directory to keep state in
# (especially precompiled artifacts). The wrapped version
# of julia below will append this with a path from the
# nix store that contains all needed packages, so this
# should even work entirely without internet access.
environment.JULIA_DEPOT_PATH = "/var/lib/julia";
script = ''
cd ${pluto.outPath}
${julia}/bin/julia pluto-standalone.jl
'';
};
users.users.pluto = {
group = "pluto";
home = "/notebooks";
isSystemUser = true;
};
users.groups.pluto = {};
systemd.tmpfiles.rules = [
"d /var/lib/julia 0750 pluto pluto"
];
};
};
systemd.services."container@pluto".serviceConfig = {
MemoryHigh = "2G"; # will throttle, but not a hard limit
MemoryMax = "2.5G"; # hard limit
CPUQuota = "100%"; # give CPU time roughly equivalent to one core
};
}

View file

@ -6,7 +6,21 @@
openDefaultPorts = true; openDefaultPorts = true;
configDir = "/persist/var/lib/syncthing/"; configDir = "/persist/var/lib/syncthing/";
dataDir = "/persist/data/syncthing/"; dataDir = "/persist/data/syncthing/";
declarative = {
devices = { devices = {
# schweby
txsbcct = {
addresses = []; # empty = dynamic
id = "AQHOPTO-X3LWJXZ-2SPLSEW-MCVMX3R-VSLPPYE-NIOTDMW-QOYRSDZ-2LR7RAD";
};
octycs = {
addresses = []; # empty = dynamic
id = "KIJVGWZ-GRXPAUX-ZOTZDLS-KUKANCC-A2IBZRM-BT3RZK7-5M43O6R-OZD5IQE";
};
stuebinm-desktop = {
addresses = []; # empty = dynamic
id = "CWZTKG7-F45LE2O-TIT6IBC-RQD6MLH-K5ECUGJ-LOHJXF3-I2F4R6I-JVMRLAJ";
};
raphael-laptop = { raphael-laptop = {
addresses = []; # empty = dynamic addresses = []; # empty = dynamic
id = "72B3T74-NOMJV3X-EVJXTJF-5GGAEZB-ZDKBHXQ-VQNRYEU-YCPA2JP-L6NGAAG"; id = "72B3T74-NOMJV3X-EVJXTJF-5GGAEZB-ZDKBHXQ-VQNRYEU-YCPA2JP-L6NGAAG";
@ -16,24 +30,26 @@
addresses = []; # empty = dynamic addresses = []; # empty = dynamic
id = "HV7IU2N-Q4W3A7F-BSASR43-OB575SM-47FY2UW-7N5GMFM-PX3LWRN-HXBXMQF"; id = "HV7IU2N-Q4W3A7F-BSASR43-OB575SM-47FY2UW-7N5GMFM-PX3LWRN-HXBXMQF";
}; };
# hexchen
storah = {
addresses = [ "tcp://46.4.62.95:22000" "quic://46.4.62.95:22000" ];
id = "SGHQ2JA-7FJ6CKM-N3I54R4-UOJC5KO-7W22O62-YLTF26F-S7DLZG4-ZLP7HAM";
};
}; };
folders = { folders = {
"/persist/data/syncthing/hacc/" = { "/persist/data/syncthing/hacc/" = {
id = "qt2ly-xvvvs"; id = "qt2ly-xvvvs";
devices = [ "conway" "raphael-laptop"]; devices = [ "txsbcct" "octycs" "stuebinm-desktop" "conway" "raphael-laptop" "storah" ];
type = "receiveonly"; type = "receiveonly";
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
}; };
}; };
"/persist/data/syncthing/hacc_eV_vorstand/" = {
id = "twwt7-fxrsr";
devices = [ "conway" "raphael-laptop"];
# type = "receiveencrypted"; # no yet implemented
}; };
}; };
overrideFolders = false; # enables workaround for recieveencrypted
}; };
} }

View file

@ -1,84 +0,0 @@
{ config, lib, pkgs, profiles, modules, evalConfig, sources, ... }:
let
uffd = pkgs.uffd;
in {
containers.uffd = {
privateNetwork = true;
hostAddress = "192.168.100.1";
localAddress = "192.168.100.9";
autoStart = true;
bindMounts = {
"/persist" = {
hostPath = "/persist/containers/uffd";
isReadOnly = false;
};
};
path = (evalConfig {hosts = {}; groups = {};} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
boot.isContainer = true;
networking.useDHCP = false;
users.users.root.hashedPassword = "";
imports = [
((import sources.nix-hexchen) {}).profiles.nopersist
];
nixpkgs.config.allowUnfree = true;
networking.firewall.enable = false;
networking.defaultGateway = {
address = "192.168.100.1";
interface = "eth0";
};
services.coredns = {
enable = true;
config = ''
.:53 {
forward . 1.1.1.1
}
'';
};
services.uwsgi = {
enable = true;
plugins = [ "python3" ];
instance = {
type = "normal";
pythonPackages = self: with self; [ uffd ];
module = "uffd:create_app()";
# socket = "${config.services.uwsgi.runDir}/uwsgi.sock";
http = ":8080";
env = [
"CONFIG_PATH=/persist/uffd/uffd.conf"
];
hook-pre-app = "exec:FLASK_APP=${uffd}/lib/python3.9/site-packages/uffd flask db upgrade";
};
};
})).config.system.build.toplevel;
};
services.nginx.virtualHosts."login.infra4future.de" = {
enableACME = true;
forceSSL = true;
locations = {
"/".proxyPass = "http://${config.containers.uffd.localAddress}:8080";
"/static".root = "${uffd}/lib/python3.9/site-packages/uffd";
"/static/hacc.png".return = "302 https://infra4future.de/assets/img/logo_vernetzung.png";
"/static/infra4future.svg".return = "302 https://infra4future.de/assets/img/infra4future.svg";
"/static/hedgedoc.svg".return = "302 https://infra4future.de/assets/img/icons/hedgedoc.svg";
"/static/mattermost.svg".return = "302 https://infra4future.de/assets/img/icons/mattermost.svg";
"/static/nextcloud.svg".return = "302 https://infra4future.de/assets/img/icons/nextcloud.svg";
"/static/hot_shit.svg".return = "302 https://infra4future.de/assets/img/icons/hot_shit.svg";
};
};
systemd.services.auamost = {
enable = true;
description = "mattermost aua gruppensync";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig.Type = "simple";
path = [ pkgs.curl pkgs.jq ];
script = "${pkgs.fish}/bin/fish /persist/magic/mattermost-groupsync.fish";
startAt = "*:0/15";
};
}

10
services/unifi.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, lib, pkgs, ... }:
{
nixpkgs.config.allowUnfree = true;
services.unifi = {
enable = true;
openPorts = true;
dataDir = "/persist/var/lib/unifi";
};
}

View file

@ -1,51 +0,0 @@
{ config, lib, pkgs, ... }:
{
services.vaultwarden = {
enable = true;
config = {
DATA_FOLDER="/persist/var/lib/vaultwarden/data";
LOG_LEVEL="error";
SIGNUPS_ALLOWED=false;
SIGNUPS_VERIFY=true;
SIGNUPS_DOMAINS_WHITELIST="hacc.space";
ORG_CREATION_USERS="admin@hacc.space";
INVITATIONS_ALLOWED=true;
INVITATION_ORG_NAME="haccwarden";
TRASH_AUTO_DELETE_DAYS=90;
DOMAIN="https://pw.hacc.space";
ROCKET_ADDRESS="127.0.0.1";
ROCKET_PORT=5354;
ROCKET_WORKERS=2;
SMTP_HOST="mail.hacc.space";
SMTP_FROM="vaultwarden@hacc.space";
SMTP_FROM_NAME="haccwarden";
SMTP_PORT=587;
SMTP_USERNAME="noreply@infra4future.de";
};
environmentFile = "/persist/var/lib/vaultwarden/vaultwarden.env"; #contains SMTP_PASSWORD
dbBackend = "sqlite";
backupDir = "/persist/data/vaultwarden_backups/";
};
#work around ProtectSystem=strict, cleanup
systemd.services.vaultwarden.serviceConfig = {
ReadWritePaths = [ "/persist/var/lib/vaultwarden" ];
StateDirectory = lib.mkForce "";
};
systemd.services.backup-vaultwarden.environment.DATA_FOLDER =
lib.mkForce "/persist/var/lib/vaultwarden/data";
services.nginx.virtualHosts."pw.hacc.space" = {
locations."/" = {
proxyPass = "http://127.0.0.1:5354";
proxyWebsockets = true;
};
forceSSL = true;
enableACME = true;
};
}

View file

@ -1,87 +0,0 @@
{ config, lib, pkgs, modules, profiles, evalConfig, sources, ... }:
let
wapkgs = "${sources.workadventure}/wapkgs.nix";
in
{
services.coturn = {
enable = true;
realm = "void.hacc.space";
no-cli = true;
lt-cred-mech = true;
extraConfig = ''
user=turn:a4c9ad080dc51146611eabd15a27b07fc92850a9ae90c53e7745fce6c5a2c457
fingerprint
external-ip=135.181.215.233
server-name=void.hacc.space
prometheus
'';
cert = config.security.acme.certs."void.hacc.space".directory + "full.pem";
pkey = config.security.acme.certs."void.hacc.space".directory + "key.pem";
};
networking.firewall = with config.services.coturn;
let
ports = [ listening-port tls-listening-port ];
in {
allowedTCPPorts = ports ++ [ 9641 ]; # 9641 is the port for the prometheus endpoint
allowedUDPPorts = ports;
allowedUDPPortRanges = [
{ from = min-port; to = max-port; }
];
};
services.nginx.virtualHosts."void.hacc.space" = {
locations."/" = {
proxyPass = "http://192.168.150.3";
proxyWebsockets = true;
};
enableACME = true;
forceSSL = true;
};
containers.wa-void = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.150.1";
localAddress = "192.168.150.3";
path = (evalConfig {hosts = {}; groups = {};} ({ config, lib, pkgs, profiles, modules, sources, ... }: {
boot.isContainer = true;
networking.useDHCP = false;
users.users.root.hashedPassword = "";
imports = [
"${sources.workadventure.outPath}/default.nix"
((import sources.nix-hexchen) {}).profiles.nopersist
];
services.workadventure."void" = {
packageset = (import wapkgs {inherit pkgs;}).workadventure-xce;
nginx = {
default = true;
domain = "https://void.hacc.space";
maps.path = "${sources.haccmap.outPath}/";
maps.serve = true;
};
frontend.startRoomUrl = "/_/global/void.hacc.space/maps/main.json";
commonConfig = {
webrtc.stun.url = "stun:void.hacc.space:3478";
webrtc.turn = {
url = "turn:135.181.215.233";
user = "turn";
password = "a4c9ad080dc51146611eabd15a27b07fc92850a9ae90c53e7745fce6c5a2c457";
};
jitsi.url = "meet.ffmuc.net";
};
};
})).config.system.build.toplevel;
};
}

View file

@ -1,25 +0,0 @@
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
of the public at large and to the detriment of our heirs and
successors. We intend this dedication to be an overt act of
relinquishment in perpetuity of all present and future rights to this
software under copyright law.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
For more information, please refer to <http://unlicense.org/>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 3.7 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 5.2 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 396 KiB

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 17 KiB

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 111 KiB

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 24 KiB

File diff suppressed because one or more lines are too long

Before

Width:  |  Height:  |  Size: 49 KiB

View file

@ -1,16 +0,0 @@
{ stdenvNoCC }:
stdenvNoCC.mkDerivation {
name = "hacc.earth-static";
src = ./.;
phases = [ "buildPhase" ];
buildPhase = ''
cd $src
mkdir -p $out
cp -r * $out
rm $out/default.nix
'';
}

View file

@ -1,460 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>hacc &ndash; hackers against climate change</title>
<link rel="icon" type="image/png" href="assets/favicon.png">
<style>
@font-face {
font-family: 'share-tech';
src: url('assets/ShareTech-Regular.ttf') format('truetype');
/*font-weight: normal;
font-style: normal;*/
}
html {
overflow: hidden;
height: 100%;
}
body {
background-color: #000;
color: #fff;
font-family: share-tech;
margin: 0;
perspective: 1px;
-webkit-perspective: 1px;
-webkit-transform-style: preserve-3d;
transform-style: preserve-3d;
overflow-y: auto;
overflow-x: hidden;
height: 100%;
}
#globe {
position: absolute;
top: 0;
right: 0;
left: 0;
transform: translateZ(-1px) scale(2);
z-index:-1;
}
#globe > img {
height: 100vh;
/*position: absolute;
right: 0;
top: 0;*/
float: right;
/*width: 30%;*/
}
#bg {
position: absolute;
top: 40%;
right: 0;
left: 0;
height: 60%;
transform: translateZ(.25px);
z-index:-1;
background: transparent;
background: linear-gradient(0deg, rgba(0,0,0,1) 0%, rgba(0,0,0,0) 100%);
}
#bg::after {
background: #000;
height: 1000px;
width: 100%;
bottom: -1000px;
position: absolute;
content: "";
}
.content {
position: relative;
top: 100px;
margin-left: 150px;
margin-right: 150px;
overflow: hidden;
-webkit-transform: translateZ(0px);
}
footer.content {
top: 50px;
color: #cccccc;
font-size: 14px;
}
footer a {
color: #cccccc;
}
.logo {
position: relative;
width: 100%;
}
.logo > img {
width: 300px;
max-width: 100%;
}
h1 {
font-size: 42px;
font-weight: 600;
display: inline;
/*margin-bottom: 0;*/
background: rgb(59,115,185);
background: linear-gradient(90deg, rgb(59, 115, 185) 0%, rgb(229, 35, 33) 100%);
background-clip: border-box;
color: transparent;
-webkit-background-clip: text;
background-clip: text;
}
p, li {
font-size: 26px;
max-width: 900px;
}
a {
text-decoration: none;
color: #3b73b9;
transition: color .1s linear;
}
a:hover {
/*color: #e52321;*/
color: #4e9af9;
}
ul {
margin-top: 0;
}
.langswitch {
//position: -webkit-sticky; /* Safari */
//position: sticky;
font-size: 30px;
max-width: 100px;
margin: auto;
margin-right: 0px;
top: 50px;
/*left: 900px;*/
/*right: 10px;*/ /*sticky somehow doesn't like right*/
text-shadow: 2px 2px 5px black;
z-index: 100;
}
.welcome {
margin-top: 25vh;
width: 60%;
}
.whatwedo {
margin-top: 150px;
}
.section {
margin-top: 100px;
}
.activities {
width: 100%;
margin-top: 80px;
}
.activities > div {
width: 44%;
display: inline-grid;
margin-left: 5%;
}
.activities .logo-container {
width: 100%;
text-align: center;
}
.activities .logo-container img {
height: 70px;
max-width: 100%;
}
.blink {
animation: 1s steps(2) 0s infinite running blink;
}
@keyframes blink {
from { visibility: hidden; }
to { visibility: visible; }
}
@media only screen and (max-width: 1000px) {
.content {
margin-left: 50px;
margin-right: 50px;
}
.activities > div {
width: 90%;
display: block;
}
.activities > div:first-child {
margin-bottom: 70px;
}
}
@media only screen and (max-width: 650px) {
.logo {
text-align: center;
}
.welcome {
width: 100%;
margin-top: 55vh;
}
.content {
margin-left: 20px;
margin-right: 20px;
}
p, li {
font-size: 22px;
}
}
@media only screen and (min-width: 768px) {
.langswitch {
position: -webkit-sticky; /* Safari */
position: sticky;
font-size: 30px;
margin: auto;
margin-right: 50px;
top: 50px;
}
}
</style>
</head>
<body>
<div id="globe"><img src="assets/globe_cut_mid.jpg" alt="Die Erde vom Weltall aus gesehen." /></div>
<div id="bg"></div>
<!--<div class="langswitch"><u><a href="/index.html" style="color: #ffffff">en</a></u>/<a href="/index_de.html" style="color: #ffffff">de</a></div>-->
<main class="content" style="z-index: 100">
<div class="logo"><img src="assets/logo_header_shadow.svg" alt="hacc. hackers against climate change." /></div>
<a name="welcometohacc"></a>
<div class="welcome">
<h1>Welcome to hacc<span class="blink">_</span></h1>
<p>
“Hackers Against Climate Change" originated as a series of <a href="https://events.ccc.de/congress/2018/wiki/index.php/Session%3AHackers_Against_Climate_Change">self-organized sessions at 35c3</a>. Working groups, spin offs and local chapters formed afterwards and were present at all major CCC events. Join the groups or start your own!</p>
<p>More info <a href="#aboutpage">about this page</a> at the bottom.
</p>
</div>
<a name="contact"></a>
<div class="section">
<h1>Get in contact<span class="blink"></span></h1>
<p>
<ul>
<li>
<a href="https://muc.hacc.earth">hacc e.V.</a>, local chapter Munich<sup><a href="#history">*</a></sup>
<ul>
<li>
<a href="https://web.libera.chat/#hacc">#hacc</a> on irc.libera.chat or as matrix bridge <a href="https://matrix.to/#/#hacc:libera.chat">#hacc:libera.chat</a>
</li>
<li>
<a href="https://web.libera.chat/#hacc-muc">#hacc-muc</a> on irc.libera.chat or as matrix bridge <a href="https://matrix.to/#/#hacc-muc:libera.chat">#hacc-muc:libera.chat</a>
</li>
<li>
<a href="https://chaos.social/@hacc">@hacc@chaos.social</a>
</li>
<li>
<a href="https://mumble.hacc.space/">mumble.hacc.space</a>
</li>
<li>
info@hacc.earth
</li>
</ul>
</li>
<li>
<a href="https://totalism.org/hacc">CHT hackbase</a>, local chapter Canary Island<sup><a href="#history">*</a></sup>
<ul>
<li>
<a href="https://matrix.to/#/#hacc:matrix.org">#hacc:matrix.org</a>
</li>
</ul>
</li>
<li>
<a href="https://hacc.uber.space/mailman/listinfo">hacc mailinglists</a>
</li>
</ul>
</p>
<!--
<a name="activities"></a>
<div class="activities">
<div>
<a name="haccvoc"></a>
<div class="logo-container">
<a href="https://hacc.earth#haccvoc"><img src="assets/haccvoc.svg" alt="hacc.voc"></a>
</div>
<p>
If you have an event and need someone
to film or livestream it, maybe we have
time and can help you!
All our recordings and livestreams can be found on <a href="https://hacc.media/">hacc.media</a>; if we stream something live, you'll find us at
<a href="https://live.hacc.media/">live.hacc.media</a>.
</p>
<ul>
<li><a href="https://vedge-kongress.de/">v-edge Congress 2020</a> in Munich</li>
<li>Filmed and live streamed several stage discussions and press conferences of other * for future groups (see <a href="https://hacc.media/search?tagsOneOf=fff">hacc.media</a>)</li>
<li>Livestreams from demonstrations for climate justice</a></li>
<li>Our own <a href="https://hacc.media/videos/watch/playlist/e90713e1-44a7-4f8e-9d1d-dd6551587d2f?playlistPosition=1">stage</a> at the Remote Chaos Experience (rc3) 2020</li>
<li>Streaming infrastructure for the second and third editions of the <a href="https://studentsforfuture.info/public-climate-school/">Public Climate School</a> by Students for Future</li>
</ul>
</div>
<div>
<a name="infra4future"></a>
<div class="logo-container">
<a href="https://infra4future.de"><img src="assets/infra4future.svg" alt="infra4future"></a>
</div>
<p>
We provide and administrate server infrastructure
for other climate justice groups.
</p>
<ul>
<li>cloud storage, chats, and forums</li>
<li><a href="https://mumble.hacc.space">mumble.hacc.space</a>: a voice-chat allowing groups to stay in contact while we cant physically meet</li>
<li>if you need any, look around on the website linked above, write us, or just <a href="https://cloud.infra4future.de/">create an account</a>!</li>
</ul>
</div>
</div>
</div>
-->
<a name="participate"></a>
<div class="section">
<h1>Ways to Participate<span class="blink"></span></h1>
<p>
<ul>
<!--<li>Regular open international call usually every 10th and 25th of a month at 18:00 UTC via <a href="https://meet.ffmuc.net/hacc.int">Jitsi</a> organized by the hacc e.V..</li>-->
<li>Regular meetings of the <a href="https://muc.hacc.earth">hacc e.V.</a>, usually every 1st and 3rd Wednesday 7:30 p.m. at <a href="https://muc.ccc.de/">muCCC</a>. At the moment we meet online on <a href="https://mumble.hacc.space/">mumble.hacc.space</a>.</li>
<li>Meetings of <a href="https://hacc.uber.space/HACC/Europe/DE/NRW/Siegen">Klimanotstandbündnis in Siegen</a>. See hacc group page.</li>
<li>
Propose changes to the hacc e.V. infrastructure. You can open an issue or open a merge request <a href="https://git.infra4future.de/hacc/haccfiles">on the nixfiles</a> which control a growing part of our infrastructure. Or just ask us via one of hacc e.V. channels above.
</li>
<li>
Add you or your project to the <a href="https://e2h.totalism.org/e2h.php?_=hacc-directory#---_PROJECTS">hacc directory</a>
</li>
<li>
Use the <a href="https://hacc.wiki">wiki</a> and add your project!
</li>
</ul>
</p>
</div>
<a name="chapters"></a>
<div class="section">
<h1>Local chapters<span class="blink"></span></h1>
<p>
<ul>
<li><a href="https://totalism.org/hacc">CHT hackbase</a> on the Canary Islands, Spain<sup><a href="#history">*</a></sup></li>
<li><a href="https://muc.hacc.earth">hackers against climate change e.V.</a>, Munich, Germany<sup><a href="#history">*</a></sup></li>
<li><a href="https://hacc.uber.space/HACC/Europe/DE/NRW/Siegen">Klimanotstandbündnis in Siegen</a>, Germany</li>
</ul>
</p>
</div>
<a name="groups"></a>
<div class="section">
<h1>Spin offs &amp; working groups<span class="blink"></span></h1>
<p>
There are different spin-offs of the movement originating from the <a href="https://events.ccc.de/congress/2018/wiki/index.php/Session:Hackers_Against_Climate_Change">original hacc sessions</a> and events like the <a href="https://events.ccc.de/camp/2019/wiki/Main_Page">CCCamp2019</a> or working groups associated to hacc.
</p>
<ul>
<li><a href="https://hacc.uber.space/c3sus">c3sus</a>, making Chaos events more sustainable</li>
<li><a href="https://altpwr.net/">Eventgrid</a>, developing a green power network for Camps</li>
<li><a href="https://infra4future.de">infra4future</a>, offering infrastructure and communcation platforms</li>
<li><a href="https://hacc.media/">hacc-voc</a>, doing streams and recordings</li>
<li><a href="https://hacc.uber.space/GreenFediverse">GreenFeediverse</a>, providing a list about servers and their renewable energy consumption status</li>
</ul>
<p>
Further project ideas can be found or added in the <a href="https://hacc.wiki">wiki</a> and the <a href="https://e2h.totalism.org/e2h.php?_=hacc-directory#---_PROJECTS">hacc directory</a>.
</p>
<a name="similar"></a>
<div class="section">
<h1>Similar groups<span class="blink"></span></h1>
<p>
<ul>
<li><a href="https://bits-und-baeume.org/regionalzweige/de">Bits &amp; Bäume</a>, with multiple local chapters</li>
<li><a href="https://developersforfuture.org">Developers for Future</a></li>
</ul>
</p>
</div>
<a name="weinthepress"></a>
<div class="section">
<h1>We in the press<span class="blink"></span></h1>
<p>
<ul>
<li>Short interview with c3sus and hacc activists in the <a href="https://denkangebot.org">Denkangebot Podacst</a> episode <a href="https://www.denkangebot.org/allgemein/da008-urlaub-auf-dem-hackercamp/">"Urlaub auf dem Hackercamp"</a>, unfortunately in German only</li>
<li>
Le Monde decided to give us, our posters, and Mate, a <a href="https://www.lemonde.fr/pixels/article/2019/12/30/a-leipzig-hackers-et-militants-pour-le-climat-font-front-commun_6024362_4408996.html">shoutout</a> in their article about the <a href="https://events.ccc.de/congress/2019/wiki/index.php/Main_Page">36c3</a>!
</li>
</ul>
</p>
</div>
<a name="history"></a>
<div class="section">
<h1>History of hacc<span class="blink"></span></h1>
<p>
“Hackers Against Climate Change" originated as a series of <a href="https://events.ccc.de/congress/2018/wiki/index.php/Session%3AHackers_Against_Climate_Change">self-organized sessions at 35c3</a>. In the aftermath members of those sessions started spin offs as mentioned above and local chapters in Siegen, Munich and on the Canary Islands.
</p>
<p>
The local chapter in Siegen initiated the first hacc sessions at 35c3 and afterwards was mainly involved in local activities.
<p>
The local chapter CHT hackbase cohosted the 35c3 sessions, hosted the session at 36c3 and cohosted the divoc r2r sessions.
</p>
<p>
Inspired by the activities in Siegen, the Munich chapter started their bi-weekly meetings in May 2019. With the approval to use the name by the initiator of the first sessions on May 13th 2020 we eventually founded the German non-profit organization "<a href="https://muc.hacc.earth">hackers against climate change e.V.</a>" on December 9th 2020. Two members of us were part of the 35c3 sessions. Since then we were active at the CCCamp 2019, 36c3, rC3 and divoc r2r.<br>
</p>
<p>
Unfortunately conflicts led to a split between the local chapter Munich and CHT hackbase in July 2021.
</p>
<a name="aboutpage"></a>
<div class="section">
<h1>About this page<span class="blink"></span></h1>
<p>
The hacc e.V. runs this page (<a href="https://hacc.earth">hacc.earth</a>) but not necessarily the linked projects. You can find more about our activities and involvements on our <a href="https://muc.hacc.earth">own page</a>.<br>
Also the source of the page can be found <a href="https://git.infra4future.de/hacc/haccfiles/src/branch/main/websites/hacc.earth">here</a>. As with the hacc e.V. infrastructure in general you are invited to make change requests or just <a href="#contac">contact</a> us to ask for changes.
</p>
<p>
The hacc logo was designed by <a href="https://creativesforfuture.de/">Creatives for Future</a>.
</p>
</div>
<div class="section"></div>
</main>
<footer class="content" style="z-index: 200">
<div>
<a href="https://git.infra4future.de/hacc/haccfiles/src/branch/main/websites/hacc.earth">Source of hacc.earth</a> &bull;
<a href="#contact">Contact</a> &bull;
<a href="https://infra4future.de/impressum.html">Imprint</a>
</div>
</footer>
</body>
</html>

View file

@ -1,385 +0,0 @@
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>hacc &ndash; hackers against climate change</title>
<link rel="icon" type="image/png" href="assets/favicon.png">
<style>
@font-face {
font-family: 'share-tech';
src: url('assets/ShareTech-Regular.ttf') format('truetype');
/*font-weight: normal;
font-style: normal;*/
}
html {
overflow: hidden;
height: 100%;
}
body {
background-color: #000;
color: #fff;
font-family: share-tech;
margin: 0;
perspective: 1px;
-webkit-perspective: 1px;
-webkit-transform-style: preserve-3d;
transform-style: preserve-3d;
overflow-y: auto;
overflow-x: hidden;
height: 100%;
}
#globe {
position: absolute;
top: 0;
right: 0;
left: 0;
transform: translateZ(-1px) scale(2);
z-index:-1;
}
#globe > img {
height: 100vh;
/*position: absolute;
right: 0;
top: 0;*/
float: right;
/*width: 30%;*/
}
#bg {
position: absolute;
top: 40%;
right: 0;
left: 0;
height: 60%;
transform: translateZ(.25px);
z-index:-1;
background: transparent;
background: linear-gradient(0deg, rgba(0,0,0,1) 0%, rgba(0,0,0,0) 100%);
}
#bg::after {
background: #000;
height: 1000px;
width: 100%;
bottom: -1000px;
position: absolute;
content: "";
}
.content {
position: relative;
top: 100px;
margin-left: 150px;
margin-right: 150px;
overflow: hidden;
-webkit-transform: translateZ(0px);
}
footer.content {
top: 50px;
color: #707070;
font-size: 14px;
}
footer a {
color: #cccccc;
}
.logo {
position: relative;
width: 100%;
}
.logo > img {
width: 300px;
max-width: 100%;
}
h1 {
font-size: 42px;
font-weight: 600;
display: inline;
/*margin-bottom: 0;*/
background: rgb(59,115,185);
background: linear-gradient(90deg, rgb(59, 115, 185) 0%, rgb(229, 35, 33) 100%);
background-clip: border-box;
color: transparent;
-webkit-background-clip: text;
background-clip: text;
}
p, li {
font-size: 26px;
max-width: 900px;
}
a {
text-decoration: none;
color: #3b73b9;
transition: color .1s linear;
}
a:hover {
/*color: #e52321;*/
color: #4e9af9;
}
ul {
margin-top: 0;
}
.langswitch {
//position: -webkit-sticky; /* Safari */
//position: sticky;
font-size: 30px;
max-width: 100px;
margin: auto;
margin-right: 0px;
top: 50px;
/*left: 900px;*/
/*right: 10px;*/ /*sticky somehow doesn't like right*/
text-shadow: 2px 2px 5px black;
z-index: 100;
}
.welcome {
margin-top: 25vh;
width: 60%;
}
.whatwedo {
margin-top: 150px;
}
.section {
margin-top: 100px;
}
.activities {
width: 100%;
margin-top: 80px;
}
.activities > div {
width: 44%;
display: inline-grid;
margin-left: 5%;
}
.activities .logo-container {
width: 100%;
text-align: center;
}
.activities .logo-container img {
height: 70px;
max-width: 100%;
}
.blink {
animation: 1s steps(2) 0s infinite running blink;
}
@keyframes blink {
from { visibility: hidden; }
to { visibility: visible; }
}
@media only screen and (max-width: 1000px) {
.content {
margin-left: 50px;
margin-right: 50px;
}
.activities > div {
width: 90%;
display: block;
}
.activities > div:first-child {
margin-bottom: 70px;
}
}
@media only screen and (max-width: 650px) {
.logo {
text-align: center;
}
.welcome {
width: 100%;
margin-top: 55vh;
}
.content {
margin-left: 20px;
margin-right: 20px;
}
p, li {
font-size: 22px;
}
}
@media only screen and (min-width: 768px) {
.langswitch {
position: -webkit-sticky; /* Safari */
position: sticky;
font-size: 30px;
margin: auto;
margin-right: 50px;
top: 50px;
}
}
</style>
</head>
<body>
<div id="globe"><img src="assets/globe_cut_mid.jpg" alt="The Earth, seen from space."/></div>
<div id="bg"></div>
<div class="langswitch"><a href="/index.html" style="color: #ffffff">en</a>/<u><a href="/index_de.html" style="color: #ffffff">de</a></u></div>
<main class="content" style="z-index: 100">
<div class="logo"><img src="assets/logo_header_shadow.svg" alt="hacc. hackers against climate change."/></div>
<a name="welcometohacc"></a>
<div class="welcome">
<h1>Willkommen bei hacc<span class="blink">_</span></h1>
<p>
“Hackers Against Climate Change” entstammt einer Serie von <a href="https://events.ccc.de/congress/2018/wiki/index.php/Session:Hackers_Against_Climate_Change">Self-Organized Sessions beim 35c3</a>. Seit dem haben wir mit anderen Klimaschutzgruppen zusammengearbeitet, diese mit technischem Wissen unterstützt, sowie in der Hacker Community auf die Klimakrise aufmerksam gemacht.</p>
<p>
Zögere nicht mit uns in <a href="#contact">Kontakt</a> zu treten, über verschiedene Kanäle oder bei lokalen <a href="#meetups">Treffen</a>. Treffe uns bei Chaos-Events oder starte Deine eigene lokale Gruppe!
</p>
</div>
<a name="whatwedo"></a>
<div class="whatwedo">
<h1>Was wir machen<span class="blink"></span></h1>
<p>
hacc ist eine Gemeinschaft von Lebewesen die sich zur Aufgabe gemacht haben, im Sinne der <a href="https://www.ccc.de/de/hackerethik">Hackerethik</a> des Chaos Computer Clubs die Klimaschutzbewegung mitzugestalten. Zur Zeit sind unsere bedeutensten Projekte <a href="#haccvoc">hacc.voc</a> und <a href="#infra4future">infra4future</a> (siehe unten).<br>Ein weiteres Projekt ist <a href="https://hacc.uber.space/HACC_CSV">hacc.csv</a>. Dabei steht csv für collaboration, science, visualization und data. Es gibt zwei <a href="https://hacc.uber.space/HACC_Local_Groups">lokale Gruppen</a> in Deutschland, in München und
Siegen.
</p>
<a name="activities"></a>
<div class="activities">
<div>
<a name="haccvoc"></a>
<div class="logo-container">
<a href="https://haccvoc.de"><img src="assets/haccvoc.svg" alt="hacc.voc"></a>
</div>
<p>
Du hast ein Event hast brauchst wen um es zu filmen
oder live zu streamen? Vielleicht habe wir Zeit und können
dir helfen! <br>
Alle unsere Aufnahmen landen auf <a href="https://hacc.media">hacc.media</a>;
unsere Livestreams sind auf <a href="https://live.hacc.media">live.hacc.media</a>.
</p>
<ul>
<li><a href="https://vedge-kongress.de/">v-edge Congress 2020</a> in München</li>
<li>Livestreams und Aufzeichnungen einiger Podiumsdiskussionen und Pressekonferenzen von anderen * for future-Orgas (siehe <a href="https://hacc.media/search?tagsOneOf=fff">hacc.media</a>)</li>
<li>Unsere eigene <a href="https://hacc.media/videos/watch/playlist/e90713e1-44a7-4f8e-9d1d-dd6551587d2f?playlistPosition=1">Stage</a> auf der Remote Chaos Experience (rc3) 2020</li>
<li>Die Streaming-Infrastruktur für die zweite und dritte Auflage der <a href="https://studentsforfuture.info/public-climate-school/">Public Climate School</a> der Students for Future</li>
</ul>
</div>
<div>
<a name="infra4future"></a>
<div class="logo-container">
<a href="https://infra4future.de"><img src="assets/infra4future.svg" alt="infra4future"></a>
</div>
<p>
Wir betreiben und administrieren Server-Infrastruktur und stellen diese Klimaschutzgruppen zur Verfügung.
</p>
<ul>
<li>Cloud-Speicher, Chats und Foren</li>
<li><a href="https://mumble.hacc.space">mumble.hacc.space</a>: ein Sprach-Chat für Gruppen, die ohne physische Treffen in Kontakt bleiben wollen</li>
<li>Wenn Du einen der Dienste benötigst, schau Dich auf der oben verlinkten Seite um, schreib uns oder <a href="https://cloud.infra4future.de/">erstell Dir ein Account</a>!</li>
</ul>
</div>
</div>
</div>
<a name="meetups"></a>
<div class="section">
<h1>Mitmachen<span class="blink"></span></h1>
<ul>
<li>Regelmäßiger internationaler Call, jeden 10. und 25. im Monat um 18:00 UTC via <a href="https://meet.ffmuc.net/hacc.int">Jitsi</a>.</li>
<li>Regelmäßige Treffen von <a href="https://hacc.uber.space/HACC/Europe/DE/BY/Munich">hacc in München</a>, normalerweise jeden ersten und dritten Mittwoch im Monat um 19:00 Uhr beim <a href="https://muc.ccc.de/">muCCC</a>. Im Moment treffen wir uns Online auf <a href="https://mumble.hacc.space/">mumble.hacc.space</a>.</li>
<li>Regelmäßige Treffen des <a href="https://hacc.uber.space/HACC/Europe/DE/NRW/Siegen">Klimanotstandbündnis in Siegen</a>. Jeden zweiten Sonntag, siehe hacc-Seite.</li>
<li>
Wenn du Vorschläge für Änderungen an unserer Infrastruktur hast, leg bitte einen Issue oder erstelle einen Merge Request <a href="https://git.infra4future.de/hacc/haccfiles">auf die nixfiles</a>, über die wir einen (größer werdenden) Teil unserer Server verwalten.
</li>
</ul>
</div>
<a name="contact"></a>
<div class="section">
<h1>Kontakt<span class="blink"></span></h1>
<p>
Du kannst uns über verschiedne Kanäle erreichen und mitmachen:
</p>
<ul>
<li>contact-at-hacc.earth</li>
<li>Im Fediverse auf <a href="https://chaos.social/@hacc">chaos.social</a></li>
<li><a href="https://hacc.wiki">hacc.wiki</a></li>
<li><a href="https://infra4future.de">infra4future.de</a></li>
<li><a href="https://matrix.to/#/#hacc:libera.chat">#hacc:libera.chat</a></li>
<li><a href="https://web.libera.chat/#hacc">#hacc auf irc.libera.chat</a></li>
<li><a href="https://mumble.hacc.space">mumble.hacc.space</a></li>
<li><a href="https://hacc.uber.space/mailman/listinfo">hacc-Mailinglisten</a></li>
</ul>
</div>
<a name="othergroups"></a>
<div class="section">
<h1>Spin offs &amp; Ähnlich Gruppen<span class="blink"></span></h1>
<p>
Es gibt verschiedene Spin-Offs, die aus der Bewegung der den <a href="https://events.ccc.de/congress/2018/wiki/index.php/Session:Hackers_Against_Climate_Change">ersten hacc-Sessions</a> auf dem 35c3 und Events wie dem <a href="https://events.ccc.de/camp/2019/wiki/Main_Page">CCCamp2019</a> entstanden sind:
</p>
<ul>
<li><a href="https://hacc.uber.space/c3sus">c3sus</a>, Chaos-Events nachhaltig gestalten</li>
<li><a href="https://altpwr.net/">Eventgrid</a>, Entwicklung eines lokalen Stromnetzes, für Outdoor-Events wie dem Camp</li>
</ul>
<p>
Weitere Projektideen gibt es im <a href="https://hacc.wiki">wiki</a>.
</p>
<h2>Ähnliche Gruppen</h2>
<ul>
<li><a href="https://bits-und-baeume.org/regionalzweige/de">Bits &amp; Bäume</a> in Dresden, Berlin, Hannover, Dortmund, Köln und Osnabrück</li>
<li><a href="https://hackersforfuture.de">Hackers for Future</a> in Regensburg (zur Zeit pausierend)</li>
<li><a href="https://developersforfuture.org">Developers for Future</a></li>
<li><a href="https://totalism.org">CHT Hackbase</a> auf den Kanarischen Inseln</li>
</ul>
</div>
<a name="weinthepress"></a>
<div class="section">
<h1>In der Presse<span class="blink"></span></h1>
<p>
Le Monde hat sich aus unbekannten Gründen entschlossen, uns und unsere Poster (und Mate) in einem <a href="https://www.lemonde.fr/pixels/article/2019/12/30/a-leipzig-hackers-et-militants-pour-le-climat-font-front-commun_6024362_4408996.html">Artikel</a> zum <a href="https://events.ccc.de/congress/2019/wiki/index.php/Main_Page">36c3</a> zu erwähnen!
</p>
</div>
<div class="section"></div>
</main>
<footer class="content" style="z-index: 200">
<div>
<a href="#contact">Kontakt</a> &bull;
<a href="https://infra4future.de/impressum.html">Impressum</a>
</div>
</footer>
</body>
</html>

Binary file not shown.

View file

@ -1,2 +0,0 @@
.jekyll-cache
_site

View file

@ -1,31 +0,0 @@
# SFF Technik Wiki
?> Gerade wird noch herumgebastelt, deswegen ist einiges unvollständig.
Hier sammeln wir technische Leitfäden, wie ihr euch mit den bei SFF verwendeten Tools
zurechtfindet, und wie ihr digitale Events abhalten & gestalten könnt.
Hauptsächlich geht es hier um die [PCS](https://studentsforfuture.info/public-climate-school),
aber manches ist vielleicht auch so nützlich.
**Für ungeklärte Fragen, Ergänzungswünsche oder Feedback wendet euch einfach an den [PCS Tech Support auf Telegram](https://t.me/joinchat/PezzhhOoxeVRGvoxMoi4Sg).**
**Überblick:**
- **[Webseite](website/website.md)**: Hier findet ihr Leitfäden für unsere bundesweite Webseite.
- **[Tools](tools/tools.md)**: Hier findet ihr Leitfäden zu einigen Tools zur Organisation, für Social Media, Events, Online-Meetings und Live-Interaktion.
- **[Streams](streams/streams)**: Hier erfahrt ihr, wie ihr Veranstaltungen streamen könnt. Außerdem findet ihr hier die technische Stream Dokumentation zu den digitalen PCS.
- **[Online-Events](event/online-event.md)**: Hier findet ihr Ressourcen, die euch bei digitalen Events vielleicht helfen können.
**FAQ:**
- [Wie kommt mein Format in den Stream? Wie läuft das ab?](/faq?id=wie-kommt-mein-format-in-den-stream-wie-läuft-das-ab)
- [Wir haben keinen Streaming-Account. Könnt ihr uns etwas zur Verfügung stellen?](/faq?id=wir-haben-keinen-streaming-account-könnt-ihr-uns-etwas-zur-verfügung-stellen)
- [Woher bekomme ich Ortsgruppen Zugang zur Website?](/faq?id=woher-bekomme-ich-ortsgruppen-zugang-zur-website)
- [Wie kann ich mit Trollen im meinem Online-Event umgehen?](/faq?id=wie-kann-ich-mit-trollen-im-meinem-online-event-umgehen)
- [Wie kann ich mein Online-Event barrierefrei gestalten?](/faq?id=wie-kann-ich-mein-online-event-barrierefrei-gestalten)
---
<a href="https://www.youtube.com/watch?v=wn5AE98T8sE"><img src="img/faq/pcs_walkthrough_thumbnail.png" ></a>
[Hier](https://www.youtube.com/watch?v=wn5AE98T8sE) findest du ein YouTube-Video, in dem wir die aktuellen Tools der PCS-Organisation erklären.

View file

@ -1,8 +0,0 @@
# Seite nicht gefunden :(
Falls du auf einen Link geklickt hast, ist der Link vermutlich veraltet.
Bitte melde dich beim
[PCS Tech Support auf Telegram](https://t.me/joinchat/PezzhhOoxeVRGvoxMoi4Sg), damit
das behoben werden kann.
[Zur Startseite](/)

View file

@ -1,4 +0,0 @@
##### PCS
Public Climate School

View file

@ -1,36 +0,0 @@
- [Start](README.md)
- [FAQ](faq.md)
- [Webseite](website/website.md)
- [Events eintragen](website/events-eintragen.md)
- [OG-Homepage einrichten](website/og-homepage.md)
- [Tools](tools/tools.md)
- [Tools zur Organisation](tools/orga.md)
- [Plattform-N](tools/plattform-n.md)
- [Rocket.Chat](tools/rocket-chat.md)
- [Meistertask](tools/meistertask.md)
- [Dieses Wiki](tools/technik-wiki.md)
- [Tools für Social Media](tools/socialmedia.md)
- [Profilbildgenerator](tools/profilbildgenerator.md)
- [Sharepics mit Canva](tools/canva.md)
- [Tools fürs Eventmanagement](tools/events.md)
- [Eventkalender](tools/eventkalender.md)
- [Attending.io](tools/attending.md)
- [Tools für Video-Konferenzen](tools/video-conference.md)
- [Zoom](tools/zoom.md)
- [BigBlueButton](tools/bbb.md)
- [JitSi](tools/jitsi.md)
- [Tools für Live-Interaktion](tools/live-interaktion.md)
- [Tweedback](tools/tweedback.md)
- [Streams](streams/streams.md)
- [Stream: Zoom zu YouTube](streams/einfach.md)
- [Stream: Zoom zu PCS-Server (RTMP)](streams/streamzoomrtpm.md)
- [Streams mit OBS](streams/obs.md)
- [Troubleshooting](streams/troubleshooting.md)
- [Ergänzungen / Optimierungen](streams/optimierungen.md)
- [Technische Dok. digitale PCS](streams/pcs-doc.md)
- [Überblick PCS 2.0](streams/pcs2.md)
- [Überblick PCS 3.0](streams/pcs3.md)
- [Online-Events](events/online-events.md)
- [Moderation](events/moderation.md)
- [Datenschutz](events/datenschutz.md)
- [Beispiel PCS Einverständniserklärung](events/einverstaendniserklaerung.md)

View file

@ -1,16 +0,0 @@
{ stdenvNoCC }:
stdenvNoCC.mkDerivation {
name = "muc.hacc.earth-static";
src = ./.;
phases = [ "buildPhase" ];
buildPhase = ''
cd $src
mkdir -p $out
cp -r * $out
rm $out/default.nix
'';
}

View file

@ -1,17 +0,0 @@
# Leitfaden: PCS 2020 zum Thema Datenschutz
Dadurch, dass die PCS 2020 online stattfindet müssen wir uns auch Gedanken über Datenschutz machen. Dieser Leitfaden kann nicht jeden Fall abdecken und es handelt sich hier nur um Empfehlungen.
## Normaler Vortrag
Sollte der Vortrag wie eine Vorlesung in diesen Zeiten üblich über eine Konferenzplattform stattfinden jedoch ansonsten nicht weiter gestreamed oder aufgezeichnet werden, reicht meistens ein einfacher Hinweis auf die Datenschutzrichtlinien der Plattform. Dieser sollte vor betreten der Plattform platziert sein. Zum Beispiel an der Stelle an der ihr die Links zu der Vorlesung bewirbt.
## Aufgezeichneter oder gestreamter Vortrag
Für einen Vortrag der noch anderweitig zugänglich gemacht werden soll müssen noch weitere Vorkehrung getroffen werden. Alle Menschen die in einem solchen Vortrag zu sehen sind müssen **vor der Verarbeitung ihrer Daten** zugestimmt haben. Zuschauer könnt ihr Beispielsweise mündlich darüber aufklären, dass sie in einem Livestream zu sehen sein werden oder was mit der Aufnahme passiert. Außerdem empfiehlt es sich auch an anderer Stelle darauf hinzuweisen. Beispielsweise kann auf der gleichen Folie auf der zur Interaktion aufgerufen wird, auch der Hinweis stehen, dass eine solche aufgezeichnet wird. Wichtig ist das es nicht die Möglichkeit gibt, dass unfreiwillig oder unwissentlich persönliche Daten (z.B. Äußerungen, Namen etc) verarbeitet/veröffentlicht werden. Um sicher zu gehen könnt empfiehlt sich zu diesem Zweck auch von jedem Teilnehmenden eine Einverständniserklärung unterschreiben zu lassen. Eine weitere Möglichkeit ist es Fragerunden am Ende des Vortrages nicht mit aufzuzeichnen. Bedenkt außerdem auch, dass auch Menschen die erst später der Konferenz beitreten informiert werden müssen. Zum Beispiel im Chat.
Die Dozierenden solltet ihr außerdem **vorher** darum bitten euch eine Einverständnis Erklärung auszufüllen.
Beispiele für Einverständniserklärungen findet ihr [hier](events/einverstaendniserklaerung.md).

View file

@ -1,68 +0,0 @@
# Beispiel PCS Einverständniserklärung
Wenn ihr Veranstaltungen aufzeichnen und veröffentlichen wollt, braucht ihr vermutlich
eine Einverständniserklärung. Hier findet ihr Beispiele für die PCS, die ihr für euch
anpassen könnt (insb. alles was <mark>markiert</mark> ist).
Trotzdem der Disclaimer: **Die Einverständniserklärungen hier sind nur zur Orientierung und ohne Gewährleistung!**
## Deutsch
#### Als PDF:
Eine Beispieleinverständniserklärung von der PCS 2020 findet ihr <a target="_blank" rel="noopener noreferrer" title="Einverständniserklärung (PDF)" href="einverstaendniserklaerung.pdf">hier</a>.
#### In Textform:
_**Einverständniserklärung zur Aufzeichnung von Vorlesungen / Vorträgen im Rahmen der Public Climate School vom <mark>17.-21.05.2021</mark>.**_
*Ich erkläre mich damit einverstanden, dass von mir Audio-/Videoaufnahmen gemacht
werden, die im Rahmen der vom <mark>17.-21.05.2021</mark> stattfindenden Public
Climate School online veröffentlicht werden.*
*Ich versichere, dass innerhalb dieser Aufzeichnungen keine Rechte Dritter verletzt
werden.*
*Ich erkläre, dass ich alle Materialien, die ich in meiner Vorlesung/meinem Vortrag benutze,
selbst erstellt habe, bzw. bei der Verwendung fremder Materialien (Texte aus Büchern,
Zeitschriften, Bilder, Graphiken, Filmausschnitte, Musiktitel, etc.) diese auf das
Urheberrecht nach §60a geprüft habe und diese veröffentlicht werden können.*
*Ich stelle die <mark>Students for Future Stadt</mark> von allen Ansprüchen Dritter frei, die sich
wegen möglicher Urheberrechtsverstöße an die <mark>Students for Future Stadt</mark> wenden.*
*Ich verpflichte mich außerdem, den Betreiber des genutzten online Servers unverzüglich
zu informieren, wenn Dritte Ansprüche auf Grund der ihnen zustehenden Urheber- bzw.
Nutzungsrechte in Bezug auf die oben bezeichnete Aufzeichnung geltend machen.*
*Ich erkläre, dass meine Vorlesung/mein Vortrag und damit die Audio-/Videoaufnahmen
und bereitgestellte Foliensätze frei von diskriminierenden Inhalten sind, seien sie
rassistisch, sexistisch, antisemitisch, trans\*feindlich, homophob oder anderweitig
diskriminierend.*
*Name, Vorname:
Titel des Vortrags:
Datum des Vortrags:
Datum, Unterschrift:*
## Englisch
#### In Textform:
_**Declaration of consent for the recording of lectures in context of the Public Climate School from <mark>May 17 21 2021</mark>**_
*I hereby agree that audio/video recordings may be made of me, that might be published online in the context of the Public Climate School taking place from <mark>17.-21.05.2021</mark>.*
*I assure that no rights of third parties are violated within these recordings.*
*I declare that I have created all materials I use in my lecture myself, or when using foreign materials (texts from books, magazines, pictures, graphics, film clips, music titles, etc.) I have checked them for copyright according to §60a UrhG and they can be published.*
*I indemnify the <mark>Students for Future Stadt</mark> from all claims of third parties who contact the <mark>Students for Future Stadt</mark> regarding possible copyright infringements.*
*I also undertake to inform the operator of the online server used immediately if third parties assert claims based on the copyrights or rights of use to which they are entitled with regard to the above-mentioned recording.*
*I declare that my lectures and therefore my audio-/video recordings and slides are free of discriminating contents such as racist, sexist, antisemitic, trans\*hostile, homophobic or otherwise discriminating.*
*Full name:
Title of lecture:
Date of lecture:
Date, Signature:*

View file

@ -1,3 +0,0 @@
# Moderation
...

View file

@ -1,32 +0,0 @@
# Online-Events
Hier versuchen wir euch eine Sammlung nützlicher Guides für die Durchführung von
Online Veranstaltungen bereitzustellen.
Typischerweise sind vor jedem Online-Event folgende Fragen zu klären:
- **Wie können Menschen teilnehmen?**
Meist entweder direkte Teilnahme im Online Meeting, z.B. über Zoom,
oder ein Stream, z.B. über YouTube.
Das hängt von einigen Faktoren ab, u.a. wie viele Teilnehmer:innen erwartet werden,
wie interaktiv das Event sein soll, und wie geschlossen der Raum, in dem es stattfindet.
Für Workshops eignen sich Meetings, für Podiumsdiskussion sind vermutlich Streams
die bessere Wahl. Vorträge lassen sich auf beide Arten gut umsetzen. Hier ist vermutlich
die Teilnehmer:innenzahl und Öffentlichkeit ausschlaggebend.
Theoretisch geht auch eine Kombination: Die Teilnehmer:innen können dem Meeting direkt
beitreten, während es gleichzeitig gestreamt wird. In diesem Fall müsstet ihr aber
sicherstellen, dass keine Person das Meeting stören kann und dass keine persönlichen
Daten im Stream landen können. Außerdem könnten Zuschauer:innen auf YouTube dann z.B.
nicht erfahren, wenn Fragen im Zoom Chat gestellt werden.
- **Wer kann teilnehemen / braucht es evtl. eine Anmeldung?**
Es ist bei allen Optionen möglich, die Teilnahme so einzuschränken, dass nur Menschen
mit den richtigen Zugangsdaten oder dem richtigen Link teilnehemen können.
Um diese zu verteilen könnt ihr zum Beispiel eine Anmeldung machen.
- **Wie sieht die Interaktion mit den Teilnehmer:innen aus?**
Fast alle Tools haben einen Chat, den ihr natürlich verwenden könnt, der aber auch schnell
unübersichtlich werden kann. Es kann sich daher lohnen, ein eigenes Tool für die Live-Interaktion
zu verwenden. Mehr dazu findet ihr auf der [zugehörigen Seite bei den Tools](tools/live-interaktion.md).
- **Soll die Veranstaltung aufgezeichnet werden?**
Wenn ja, braucht ihr vermutlich eine [Einverständniserklärung](events/datenschutz.md).

View file

@ -1,109 +0,0 @@
# **F**requently **A**sked **Q**uestions:
?> Das FAQ ist noch von der letzten PCS, das heißt insb. die Links werden sich vermutlich noch ändern.
## Wie kommt mein Format in den Stream? Wie läuft das ab?
Das hängt davon ab, was für ein Format es ist bzw. welches Tool ihr verwendet:
- **Voraufgezeichnete Videos:**
könnt ihr uns einfach über einen Cloud Link (z.B. hier: https://fffutu.re/pcs-lecture-upload)
oder einen Link zu einem (ungelisteten) YouTube Video schicken. Bitte gebt uns das Video noch vor Beginn der PCS.
- **Zoom-Veranstaltungen**:
hier hängt es davon ab, ob ihr das Meeting selbst erstellt habt oder der/die Dozierende.
Nur die Person, die das Meeting erstellt hat kann das Livestreaming aktivieren. Wie das geht steht [hier](zoom.md).
Ihr bekommt dazu so bald wie möglich die genauen Einstellungen, die ihr da eingeben müsst.
Bitte prüft schon im vornherein, ob ihr das in den Einstellungen findet (also ob es bei euch aktiviert ist).
- **JitSi**:
Für JitSi im Livestream verwenden wir voraussichtlich eine eigene Instanz. Das bedeutet ihr bekommt von uns so bald wie möglich einen Link zu dem JitSi Raum. Dort könnt ihr dann mit zwei Klicks den Stream starten.
Mehr Infos dazu kommen so bald wie möglich. Bitte gebt uns unbedingt vorher bekannt, falls mehr als 6 Personen an diesem Meeting teilnehmen werden.
- **BigBlueButton**:
Es tut uns Leid, aber bisher haben wir uns noch nicht mit einem Leitfaden für BigBlueButton beschäftigen können. Deshalb möchten wir euch diesen ausführlichen Leitfaden von HACC (Hackers Against Climate Crisis) wärmstens empfehlen: [Recording a talk with Big Blue Button and obs studio](https://hacc.uber.space/Recording_a_talk_with_Big_Blue_Button_and_obs_studio)
<a href="https://www.youtube.com/watch?v=dmryPtz-_ME&feature=youtu.be"><img src="img/faq/tutorial_thumbnail.png"></a>
## Wie kann ich als Dolmer*in teilnehmen?
- **Den Stream empfangen**
1. Über Zoom:
Sie sitzen mit in dem Zoom Meeting, indem der Vortrag abgehalten wird.
2. Über VLC:
Sie empfangen den Stream ohne große Verzögerung auf ihren PC.
<a href="https://www.youtube.com/watch?v=UBJodCpsUI8">Hier finden Sie die Aufzeichnung des entsprechenden Technik-Briefings.</a>
- **Übersetzung einsprechen**
Dafür müssen Sie dem entsprechenden Mumble Channel beitreten. Den Link erhalten Sie von uns. Als Gebärdensprachendolmetscher*in müssen Sie nur dem richtigen Zoom Meeting beitreten und nichts weiter tun. <a href="https://www.youtube.com/watch?v=UBJodCpsUI8">Hier finden Sie eine Aufgabe des Übersetzerinnen-Briefings.</a>
## Wir haben keinen Streaming-Account. Könnt ihr uns etwas zur Verfügung stellen?
- **Streaming Accounts eurer Uni:**
werden möglicherweise auch euch als Studenten zur Verfügung gestellt. Viele Universitäten haben zahlreiche Zoom Lizenzen erworben, oder betreiben BigBlueButton Instanzen. Informiert euch also, ob ihr auf diese Weise an einen Account kommt.
- **Streaming Accounts vom Technik Team:**
können wir euch zur Verfügung stellen, wenn ihr keine andere Möglichkeit mehr habt. Zurzeit wäre uns es möglich sowohl Zoom, als auch BigBlueButton Instanzen zu stellen. Wir würden die Anzahl der von uns gestellten Instanzen aber gerne in Grenzen halten. Meldet euch dafür im [PCS-Techsupport](https://fffutu.re/pcs-techsupport) auf Telegram.
## Woher bekomme ich Ortsgruppen Zugang zur Website?
Richtig, jede Ortsgruppe kann sich auf der Website von [Students for Future Germany](studentsforfuture.info) einloggen.
**Wenn ihr keine Zugangsdaten (mehr) habt** meldet euch per Telegram im [PCS-Techsupport](https://fffutu.re/pcs-techsupport)
Wie ihr anschließend eure Kontaktinformationen aktualisiert, eine eigene OG-Homepage erstellt, oder einen Eventkalender anlegt steht [hier](webseite.md).
## Wie kann ich mit Trollen im meinem Online-Event umgehen?
Das wichtigste zuerst: **Don't Feed the Troll!** Negativ auf dein Event einzuwirken ist oft das Ziel von Troll-Angriffen.
Versuche dich deshalb von destruktiven Menschen
- nicht ablenken zu lassen,
- nicht emotional zu reagieren,
- und sie nicht in den Fokus zu rücken.
Verweise als Moderation im Zweifel darauf, nach dem Event weiterzudiskutieren und nicht währenddessen.
Ansonsten kannst du natürlich technische Hilfsmittel verwenden, wie
- einen Zoom-Warteraum
- Menschen kicken/bannen
- die Video/Sprachfunktion für Menschen ausschalten.
Im [Zoom-Leitfaden](zoom.md) findest du dazu einige nützliche Funktionen.
**Bitte beachte**, dass wir keine Expert*innen im Umgang mit Trollen sind. Wenn ihr ausführliche Informationen sucht, können wir euch folgende Artikel empfehlen:
- [Ratgeber: Konstruktiv auf Internet-Trolle reagieren (Klimafakten.de)](https://www.klimafakten.de/meldung/ratgeber-konstruktiv-auf-internet-trolle-reagieren)
- [Beware of ZoomBombing: screensharing filth to video calls (TheCrunch.com)](https://techcrunch.com/2020/03/17/zoombombing/?guccounter=1)
## Wie kann ich mein Online-Event barrierefrei gestalten?
Beim Stichwort Barrierefreiheit kennen wir Möglichkeiten, um folgendes einzubauen:
- **Live-Untertitel** (braucht Menschen die live Mitschreiben, [Tutorial auf zoom.us](https://support.zoom.us/hc/en-us/articles/207279736))
- **Gebärdesprachendolmetscher*in** (braucht Mensch mit diesem Skill)
Wenn ihr mit Zoom arbeitet wäre beides umsetzbar. Sofern das Teil des Livestreams sein soll, würden wir dann eurem Meeting beitreten und die Untertitel oder den\*die Dolmetscher\*in mit OBS mitschneiden.
**Bitte sagt uns [hier auf Telegram](https://fffutu.re/pcs-techsupport) sobald wie möglich Bescheid, falls ihr das plant!**

Binary file not shown.

Before

Width:  |  Height:  |  Size: 140 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 43 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 86 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.1 MiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 415 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.7 MiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 22 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.6 MiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 653 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 724 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 23 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 64 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 183 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 61 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 207 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 570 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 920 KiB

Some files were not shown because too many files have changed in this diff Show more