diff options
Diffstat (limited to 'Omni')
57 files changed, 976 insertions, 820 deletions
diff --git a/Omni/Bild.nix b/Omni/Bild.nix index fdfa3b8..f36f8f9 100644 --- a/Omni/Bild.nix +++ b/Omni/Bild.nix @@ -1,14 +1,24 @@ -{ nixpkgs ? import ./Bild/Nixpkgs.nix }: - -let +{nixpkgs ? import ./Bild/Nixpkgs.nix}: let constants = import ./Bild/Constants.nix; # expose some attrs from stable, keep this minimal and simple - stable = let stable = nixpkgs.nixos-24_11; + stable = let + stable = nixpkgs.nixos-24_11; in { - inherit (stable) - sources lib makeWrapper ccacheStdenv haskell sbcl python312 nixos mkShell - dockerTools pkgs; + inherit + (stable) + sources + lib + makeWrapper + ccacheStdenv + haskell + sbcl + python312 + nixos + mkShell + dockerTools + pkgs + ; stdenv = stable.ccacheStdenv; }; @@ -19,13 +29,16 @@ let # makeSourcesPath :: [pkgset] -> str makeSourcesPath = with stable; sources: - lib.trivial.pipe sources [ - (builtins.map lib.attrsets.attrValues) - lib.lists.flatten - (builtins.filter (pkg: pkg != null)) - (builtins.map (pkg: if pkg ? src then pkg.src else pkg)) - (lib.strings.concatStringsSep ":") - ]; + lib.trivial.pipe sources [ + (builtins.map lib.attrsets.attrValues) + lib.lists.flatten + (builtins.filter (pkg: pkg != null)) + (builtins.map (pkg: + if pkg ? src + then pkg.src + else pkg)) + (lib.strings.concatStringsSep ":") + ]; # this is the main library definitions, recursive references can be made with # `self.thing`, like in Python objects @@ -42,7 +55,8 @@ let # all available packages deps = import ./Bild/Deps/Haskell.nix; - packages = self.lib.attrsets.getAttrs self.haskell.deps + packages = + self.lib.attrsets.getAttrs self.haskell.deps stable.haskell.packages."${constants.ghcCompiler}"; # make a ghc with dependencies @@ -78,10 +92,11 @@ let ]); }; - lisp = { sbclWith = stable.sbcl.withPackages; }; + lisp = {sbclWith = stable.sbcl.withPackages;}; python = { - packages = self.lib.attrsets.getAttrs (import ./Bild/Deps/Python.nix) + packages = + self.lib.attrsets.getAttrs (import ./Bild/Deps/Python.nix) stable.python312.pkgs; pythonWith = stable.python312.withPackages; buildPythonApplication = stable.python312.pkgs.buildPythonApplication; @@ -93,9 +108,34 @@ let # exposed packages for inclusion in builds pkgs = with stable.pkgs; { - inherit bat bc cmark universal-ctags datasette deadnix fd figlet fzf git - git-branchless gitlint groff guile hlint indent jq lolcat mypy nixfmt - ormolu pkg-config ripgrep rustc tree wemux; + inherit + alejandra + bat + bc + cmark + universal-ctags + datasette + deadnix + fd + figlet + fzf + git + git-branchless + gitlint + groff + guile + hlint + indent + jq + lolcat + mypy + ormolu + pkg-config + ripgrep + rustc + tree + wemux + ; llama-cpp = unstable.llama-cpp; # can't put this in the dev namespace because it pulls in openai with # python311, which conflicts with any other usage of openai with @@ -124,18 +164,18 @@ let ../Omni/Test.hs ]; }; - nativeBuildInputs = [ self.haskell.ghcPackageSetBild ]; - buildInputs = [ self.makeWrapper ]; + nativeBuildInputs = [self.haskell.ghcPackageSetBild]; + buildInputs = [self.makeWrapper]; propagatedBuildInputs = with self.pkgs; [ pkg-config git # this is just to get access to ghc-pkg in bild - (self.haskell.ghcWith (_: [ ])) + (self.haskell.ghcWith (_: [])) # lisp deps, remove this when i implement nix builds for lisp guile (self.lisp.sbclWith - (p: with p; [ alexandria ])) # just enough to build Example.lisp + (p: with p; [alexandria])) # just enough to build Example.lisp ]; strictDeps = true; ghcVersion = self.haskell.ghcVersion; @@ -158,11 +198,11 @@ let installPhase = '' wrapProgram $out/bin/bild \ --prefix PATH : ${ - self.lib.makeBinPath [ - self.haskell.ghcPackageSetBild - self.pkgs.git - ] - } \ + self.lib.makeBinPath [ + self.haskell.ghcPackageSetBild + self.pkgs.git + ] + } \ --set GHC_PACKAGE_PATH \ $out/lib/ghc-$ghcVersion/package.conf.d ''; @@ -177,7 +217,8 @@ let HOSTNAME = "nix-sandbox"; # we need to remove the $src root because bild expects paths relative to the # working directory: - TARGET = "." + TARGET = + "." + self.lib.strings.removePrefix (toString src) (toString target); buildPhase = '' export CODEROOT=$(pwd) @@ -242,14 +283,16 @@ let # build an os image for a digital ocean droplet droplet = cfg: - (stable.nixos ({ modulesPath, ... }: { + (stable.nixos ({modulesPath, ...}: { imports = [ "${toString modulesPath}/virtualisation/digital-ocean-image.nix" (_args: cfg) ]; - })).digitalOceanImage; + })) + .digitalOceanImage; # build a docker image image = stable.dockerTools.buildImage; }; -in self +in + self diff --git a/Omni/Bild/Builder.nix b/Omni/Bild/Builder.nix index b4e6780..09e478b 100644 --- a/Omni/Bild/Builder.nix +++ b/Omni/Bild/Builder.nix @@ -1,11 +1,14 @@ -/* This is the library of nix builders. Some rules to follow: - - Keep this code as minimal as possible. I'd rather write Haskell than Nix, - wouldn't you? - - Try to reuse as much upstream Nix as possible. +/* +This is the library of nix builders. Some rules to follow: +- Keep this code as minimal as possible. I'd rather write Haskell than Nix, + wouldn't you? +- Try to reuse as much upstream Nix as possible. */ -{ analysisJSON, bild }: -with bild; -let +{ + analysisJSON, + bild, +}: +with bild; let analysis = builtins.fromJSON analysisJSON; # common bash functions for the builder @@ -16,158 +19,166 @@ let } ''; - build = _: target: - let - name = target.out; - root = builtins.getEnv "CODEROOT"; - mainModule = target.mainModule; - compileLine = lib.strings.concatStringsSep " " - ([ target.compiler ] ++ target.compilerFlags); + build = _: target: let + name = target.out; + root = builtins.getEnv "CODEROOT"; + mainModule = target.mainModule; + compileLine = + lib.strings.concatStringsSep " " + ([target.compiler] ++ target.compilerFlags); - allSources = target.srcs ++ [ target.quapath ]; + allSources = target.srcs ++ [target.quapath]; - isEmpty = x: x == null || x == [ ]; + isEmpty = x: x == null || x == []; - skip = [ "_" ".direnv" ]; - filter = file: type: - if lib.lists.elem (builtins.baseNameOf file) skip then - false - # TODO: this means any new directory will cause a rebuild. this bad. i - # should recurse into the directory and match against the srcs. for now I - # just use preBuild to delete empty dirs - else if type == "directory" then - true - else if type == "regular" then - lib.trivial.pipe file [ - (f: lib.strings.removePrefix "${root}/" f) - (f: lib.lists.elem f allSources) - ] - else - false; + skip = ["_" ".direnv"]; + filter = file: type: + if lib.lists.elem (builtins.baseNameOf file) skip + then false + # TODO: this means any new directory will cause a rebuild. this bad. i + # should recurse into the directory and match against the srcs. for now I + # just use preBuild to delete empty dirs + else if type == "directory" + then true + else if type == "regular" + then + lib.trivial.pipe file [ + (f: lib.strings.removePrefix "${root}/" f) + (f: lib.lists.elem f allSources) + ] + else false; - # remove empty directories, leftover from the src filter - preBuild = "find . -type d -empty -delete"; + # remove empty directories, leftover from the src filter + preBuild = "find . -type d -empty -delete"; - src = lib.sources.cleanSourceWith { - inherit filter; - src = lib.sources.cleanSource root; - }; + src = lib.sources.cleanSourceWith { + inherit filter; + src = lib.sources.cleanSource root; + }; - langdeps_ = if isEmpty target.langdeps then - [ ] + langdeps_ = + if isEmpty target.langdeps + then [] else lib.attrsets.attrVals target.langdeps (lib.attrsets.getAttrFromPath - (lib.strings.splitString "." target.packageSet) bild); + (lib.strings.splitString "." target.packageSet) + bild); - sysdeps_ = if isEmpty target.sysdeps then - [ ] - else - lib.attrsets.attrVals target.sysdeps pkgs; + sysdeps_ = + if isEmpty target.sysdeps + then [] + else lib.attrsets.attrVals target.sysdeps pkgs; - rundeps_ = if isEmpty target.rundeps then - [ ] - else - lib.attrsets.attrVals target.rundeps pkgs; + rundeps_ = + if isEmpty target.rundeps + then [] + else lib.attrsets.attrVals target.rundeps pkgs; - CODEROOT = "."; + CODEROOT = "."; - builders = { - base = stdenv.mkDerivation rec { - inherit name src CODEROOT preBuild; - buildInputs = langdeps_ ++ sysdeps_; - installPhase = "install -D ${name} $out/bin/${name}"; - buildPhase = compileLine; - }; + builders = { + base = stdenv.mkDerivation rec { + inherit name src CODEROOT preBuild; + buildInputs = langdeps_ ++ sysdeps_; + installPhase = "install -D ${name} $out/bin/${name}"; + buildPhase = compileLine; + }; - haskell = stdenv.mkDerivation rec { - inherit name src CODEROOT preBuild; - nativeBuildInputs = [ makeWrapper ]; - buildInputs = sysdeps_ ++ [ + haskell = stdenv.mkDerivation rec { + inherit name src CODEROOT preBuild; + nativeBuildInputs = [makeWrapper]; + buildInputs = + sysdeps_ + ++ [ (haskell.ghcWith (p: (lib.attrsets.attrVals target.langdeps p))) ]; - buildPhase = compileLine; - installPhase = '' - install -D ${name} $out/bin/${name} - wrapProgram $out/bin/${name} \ - --prefix PATH : ${lib.makeBinPath rundeps_} - ''; - }; + buildPhase = compileLine; + installPhase = '' + install -D ${name} $out/bin/${name} + wrapProgram $out/bin/${name} \ + --prefix PATH : ${lib.makeBinPath rundeps_} + ''; + }; - c = stdenv.mkDerivation rec { - inherit name src CODEROOT preBuild; - buildInputs = langdeps_ ++ sysdeps_; - installPhase = "install -D ${name} $out/bin/${name}"; - buildPhase = lib.strings.concatStringsSep " " [ - compileLine - (if isEmpty langdeps_ then - "" - else - "$(pkg-config --cflags ${ - lib.strings.concatStringsSep " " target.langdeps - })") - (if isEmpty sysdeps_ then - "" - else - "$(pkg-config --libs ${ - lib.strings.concatStringsSep " " target.sysdeps - })") - ]; - }; + c = stdenv.mkDerivation rec { + inherit name src CODEROOT preBuild; + buildInputs = langdeps_ ++ sysdeps_; + installPhase = "install -D ${name} $out/bin/${name}"; + buildPhase = lib.strings.concatStringsSep " " [ + compileLine + ( + if isEmpty langdeps_ + then "" + else "$(pkg-config --cflags ${ + lib.strings.concatStringsSep " " target.langdeps + })" + ) + ( + if isEmpty sysdeps_ + then "" + else "$(pkg-config --libs ${ + lib.strings.concatStringsSep " " target.sysdeps + })" + ) + ]; + }; - python = python.buildPythonApplication rec { - inherit name src CODEROOT; - nativeBuildInputs = [ makeWrapper ]; - propagatedBuildInputs = langdeps_ ++ sysdeps_ ++ rundeps_; - buildInputs = sysdeps_; - nativeCheckInputs = [ pkgs.ruff python.packages.mypy ]; - checkPhase = '' - . ${commonBash} - cp ${../../pyproject.toml} ./pyproject.toml - check ruff format --exclude 'setup.py' --check . - # ignore EXE here to support run.sh shebangs - check ruff check \ - --ignore EXE \ - --exclude 'setup.py' \ - --exclude '__init__.py' \ - . - touch ./py.typed - check python -m mypy \ - --explicit-package-bases \ - --no-error-summary \ - --exclude 'setup\.py$' \ - . - ''; - installCheck = '' - . ${commonBash} - check python -m ${mainModule} test - ''; - preBuild = '' - # remove empty directories, leftover from the src filter - find . -type d -empty -delete - # initialize remaining dirs as python modules - find . -type d -exec touch {}/__init__.py \; - # generate a minimal setup.py - cat > setup.py << EOF - from setuptools import find_packages, setup - setup( - name="${name}", - entry_points={"console_scripts":["${name} = ${mainModule}:main"]}, - version="0.0.0", - url="git://simatime.com/omni.git", - author="dev", - author_email="dev@simatime.com", - description="nil", - packages=find_packages(), - install_requires=[], - ) - EOF - ''; - pythonImportsCheck = [ mainModule ]; # sanity check - }; + python = python.buildPythonApplication rec { + inherit name src CODEROOT; + nativeBuildInputs = [makeWrapper]; + propagatedBuildInputs = langdeps_ ++ sysdeps_ ++ rundeps_; + buildInputs = sysdeps_; + nativeCheckInputs = [pkgs.ruff python.packages.mypy]; + checkPhase = '' + . ${commonBash} + cp ${../../pyproject.toml} ./pyproject.toml + check ruff format --exclude 'setup.py' --check . + # ignore EXE here to support run.sh shebangs + check ruff check \ + --ignore EXE \ + --exclude 'setup.py' \ + --exclude '__init__.py' \ + . + touch ./py.typed + check python -m mypy \ + --explicit-package-bases \ + --no-error-summary \ + --exclude 'setup\.py$' \ + . + ''; + installCheck = '' + . ${commonBash} + check python -m ${mainModule} test + ''; + preBuild = '' + # remove empty directories, leftover from the src filter + find . -type d -empty -delete + # initialize remaining dirs as python modules + find . -type d -exec touch {}/__init__.py \; + # generate a minimal setup.py + cat > setup.py << EOF + from setuptools import find_packages, setup + setup( + name="${name}", + entry_points={"console_scripts":["${name} = ${mainModule}:main"]}, + version="0.0.0", + url="git://simatime.com/omni.git", + author="dev", + author_email="dev@simatime.com", + description="nil", + packages=find_packages(), + install_requires=[], + ) + EOF + ''; + pythonImportsCheck = [mainModule]; # sanity check }; - in builders.${target.builder}; + }; + in + builders.${target.builder}; # the bild caller gives us the Analysis type, which is a hashmap, but i need to # return a single drv, so just take the first one for now. ideally i would only # pass Target, one at a time, (perhaps parallelized in haskell land) and then i # wouldn't need all of this let nesting -in builtins.head (lib.attrsets.mapAttrsToList build analysis) +in + builtins.head (lib.attrsets.mapAttrsToList build analysis) diff --git a/Omni/Bild/CcacheWrapper.nix b/Omni/Bild/CcacheWrapper.nix index 644c2f6..26e6fc3 100644 --- a/Omni/Bild/CcacheWrapper.nix +++ b/Omni/Bild/CcacheWrapper.nix @@ -1,6 +1,4 @@ -self: super: - -let +self: super: let # this should come from config.programs.ccache.cacheDir but I can't figure out # how to access that from a nixpkgs overlay, so just hardcode the default ccacheDir = "/var/cache/ccache"; @@ -9,11 +7,13 @@ let # deadnix: skip fixwebkit = pkg: self.useCcacheStdenv (pkg.overrideAttrs (attrs: rec { - preConfigure = attrs.preConfigure + '' - # not sure which of these works so just do them both - export NUMBER_OF_PROCESSORS=$NIX_BUILD_CORES - ninjaFlagsArray+=("-l$NIX_BUILD_CORES") - ''; + preConfigure = + attrs.preConfigure + + '' + # not sure which of these works so just do them both + export NUMBER_OF_PROCESSORS=$NIX_BUILD_CORES + ninjaFlagsArray+=("-l$NIX_BUILD_CORES") + ''; })); in { ccacheWrapper = super.ccacheWrapper.override { @@ -42,7 +42,7 @@ in { ''; }; - useCcacheStdenv = pkg: pkg.override { stdenv = super.ccacheStdenv; }; + useCcacheStdenv = pkg: pkg.override {stdenv = super.ccacheStdenv;}; cudann = self.useCcacheStdenv super.cudann; llvm = self.useCcacheStdenv super.llvm; diff --git a/Omni/Bild/Constants.nix b/Omni/Bild/Constants.nix index 776f580..f54de97 100644 --- a/Omni/Bild/Constants.nix +++ b/Omni/Bild/Constants.nix @@ -1 +1 @@ -{ ghcCompiler = "ghc966"; } +{ghcCompiler = "ghc966";} diff --git a/Omni/Bild/Deps.nix b/Omni/Bild/Deps.nix index 3414418..0b23f9f 100644 --- a/Omni/Bild/Deps.nix +++ b/Omni/Bild/Deps.nix @@ -1,6 +1,4 @@ -_self: super: - -{ +_self: super: { # Needs upgrading for guile 3 # inspekt3d = super.callPackage ./Deps/inspekt3d.nix {}; @@ -28,9 +26,9 @@ _self: super: llm = super.overrideSrc super.llm super.sources.llm; - nostr-rs-relay = super.callPackage ./Deps/nostr-rs-relay.nix { }; + nostr-rs-relay = super.callPackage ./Deps/nostr-rs-relay.nix {}; - ollama = super.ollama.override { acceleration = "cuda"; }; + ollama = super.ollama.override {acceleration = "cuda";}; - radicale = super.radicale.overrideAttrs (_old: { doCheck = false; }); + radicale = super.radicale.overrideAttrs (_old: {doCheck = false;}); } diff --git a/Omni/Bild/Deps/C.nix b/Omni/Bild/Deps/C.nix index 3f670cd..833fc40 100644 --- a/Omni/Bild/Deps/C.nix +++ b/Omni/Bild/Deps/C.nix @@ -1 +1 @@ -[ "libsodium" ] +["libsodium"] diff --git a/Omni/Bild/Deps/Haskell.nix b/Omni/Bild/Deps/Haskell.nix index 04f3a74..5d6abbb 100644 --- a/Omni/Bild/Deps/Haskell.nix +++ b/Omni/Bild/Deps/Haskell.nix @@ -1,6 +1,5 @@ # This is the global set of Haskell packages which gets deployed to Hoogle, and # is available for selecting. - [ "MonadRandom" "QuickCheck" diff --git a/Omni/Bild/Deps/accelerate.nix b/Omni/Bild/Deps/accelerate.nix index be1d2fd..55a8609 100644 --- a/Omni/Bild/Deps/accelerate.nix +++ b/Omni/Bild/Deps/accelerate.nix @@ -1,10 +1,16 @@ -{ fetchFromGitHub, buildPythonPackage, numpy, packaging, psutil, pyyaml, torch +{ + fetchFromGitHub, + buildPythonPackage, + numpy, + packaging, + psutil, + pyyaml, + torch, }: - buildPythonPackage rec { name = "accelerate"; version = "0.15.0"; - propagatedBuildInputs = [ numpy packaging psutil pyyaml torch ]; + propagatedBuildInputs = [numpy packaging psutil pyyaml torch]; doCheck = false; src = fetchFromGitHub { owner = "huggingface"; @@ -13,4 +19,3 @@ buildPythonPackage rec { sha256 = "sha256-agfbOaa+Nm10HZkd2Y7zR3R37n+vLNsxCyxZax6O3Lo="; }; } - diff --git a/Omni/Bild/Deps/bitsandbytes.nix b/Omni/Bild/Deps/bitsandbytes.nix index eb32aac..c336559 100644 --- a/Omni/Bild/Deps/bitsandbytes.nix +++ b/Omni/Bild/Deps/bitsandbytes.nix @@ -1,7 +1,17 @@ -{ lib, buildPythonPackage, fetchFromGitHub, python, pythonOlder, pytestCheckHook -, setuptools, torch, einops, lion-pytorch, scipy, symlinkJoin }: - -let +{ + lib, + buildPythonPackage, + fetchFromGitHub, + python, + pythonOlder, + pytestCheckHook, + setuptools, + torch, + einops, + lion-pytorch, + scipy, + symlinkJoin, +}: let pname = "bitsandbytes"; version = "0.38.0"; @@ -24,63 +34,68 @@ let [ cuda_cudart # cuda_runtime.h cuda_runtime_api.h cuda_nvcc - ] ++ cuda-common-redist; + ] + ++ cuda-common-redist; }; cuda-redist = symlinkJoin { name = "cuda-redist-${cudaVersion}"; paths = cuda-common-redist; }; - -in buildPythonPackage { - inherit pname version; - format = "pyproject"; - - disabled = pythonOlder "3.7"; - - src = fetchFromGitHub { - owner = "TimDettmers"; - repo = pname; - rev = "refs/tags/${version}"; - hash = "sha256-gGlbzTDvZNo4MhcYzLvWuB2ec7q+Qt5/LtTbJ0Rc+Kk="; - }; - - postPatch = '' - substituteInPlace Makefile --replace "/usr/bin/g++" "g++" --replace "lib64" "lib" - substituteInPlace bitsandbytes/cuda_setup/main.py \ - --replace "binary_path = package_dir / binary_name" \ - "binary_path = Path('$out/${python.sitePackages}/${pname}')/binary_name" - '' + lib.optionalString torch.cudaSupport '' - substituteInPlace bitsandbytes/cuda_setup/main.py \ - --replace "/usr/local/cuda/lib64" "${cuda-native-redist}/lib" - ''; - - CUDA_HOME = "${cuda-native-redist}"; - - preBuild = if torch.cudaSupport then - with torch.cudaPackages; - let - cudaVersion = lib.concatStrings - (lib.splitVersion torch.cudaPackages.cudaMajorMinorVersion); - in "make CUDA_VERSION=${cudaVersion} cuda${cudaMajorVersion}x" - else - "make CUDA_VERSION=CPU cpuonly"; - - nativeBuildInputs = [ setuptools ] - ++ lib.optionals torch.cudaSupport [ cuda-native-redist ]; - buildInputs = lib.optionals torch.cudaSupport [ cuda-redist ]; - - propagatedBuildInputs = [ torch ]; - - doCheck = false; # tests require CUDA and also GPU access - nativeCheckInputs = [ pytestCheckHook einops lion-pytorch scipy ]; - - pythonImportsCheck = [ "bitsandbytes" ]; - - meta = with lib; { - homepage = "https://github.com/TimDettmers/bitsandbytes"; - description = "8-bit CUDA functions for PyTorch"; - license = licenses.mit; - maintainers = with maintainers; [ bcdarwin ]; - }; -} +in + buildPythonPackage { + inherit pname version; + format = "pyproject"; + + disabled = pythonOlder "3.7"; + + src = fetchFromGitHub { + owner = "TimDettmers"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-gGlbzTDvZNo4MhcYzLvWuB2ec7q+Qt5/LtTbJ0Rc+Kk="; + }; + + postPatch = + '' + substituteInPlace Makefile --replace "/usr/bin/g++" "g++" --replace "lib64" "lib" + substituteInPlace bitsandbytes/cuda_setup/main.py \ + --replace "binary_path = package_dir / binary_name" \ + "binary_path = Path('$out/${python.sitePackages}/${pname}')/binary_name" + '' + + lib.optionalString torch.cudaSupport '' + substituteInPlace bitsandbytes/cuda_setup/main.py \ + --replace "/usr/local/cuda/lib64" "${cuda-native-redist}/lib" + ''; + + CUDA_HOME = "${cuda-native-redist}"; + + preBuild = + if torch.cudaSupport + then + with torch.cudaPackages; let + cudaVersion = + lib.concatStrings + (lib.splitVersion torch.cudaPackages.cudaMajorMinorVersion); + in "make CUDA_VERSION=${cudaVersion} cuda${cudaMajorVersion}x" + else "make CUDA_VERSION=CPU cpuonly"; + + nativeBuildInputs = + [setuptools] + ++ lib.optionals torch.cudaSupport [cuda-native-redist]; + buildInputs = lib.optionals torch.cudaSupport [cuda-redist]; + + propagatedBuildInputs = [torch]; + + doCheck = false; # tests require CUDA and also GPU access + nativeCheckInputs = [pytestCheckHook einops lion-pytorch scipy]; + + pythonImportsCheck = ["bitsandbytes"]; + + meta = with lib; { + homepage = "https://github.com/TimDettmers/bitsandbytes"; + description = "8-bit CUDA functions for PyTorch"; + license = licenses.mit; + maintainers = with maintainers; [bcdarwin]; + }; + } diff --git a/Omni/Bild/Deps/guile-opengl.nix b/Omni/Bild/Deps/guile-opengl.nix index af01082..cb625e6 100644 --- a/Omni/Bild/Deps/guile-opengl.nix +++ b/Omni/Bild/Deps/guile-opengl.nix @@ -1,32 +1,40 @@ -{ stdenv, lib, fetchurl, pkg-config, guile, libGL, libGLU, freeglut }: - -let +{ + stdenv, + lib, + fetchurl, + pkg-config, + guile, + libGL, + libGLU, + freeglut, +}: let name = "guile-opengl-${version}"; version = "0.1.0"; -in stdenv.mkDerivation { - inherit name; +in + stdenv.mkDerivation { + inherit name; - src = fetchurl { - url = "mirror://gnu/guile-opengl/${name}.tar.gz"; - sha256 = "13qfx4xh8baryxqrv986l848ygd0piqwm6s2s90pxk9c0m9vklim"; - }; + src = fetchurl { + url = "mirror://gnu/guile-opengl/${name}.tar.gz"; + sha256 = "13qfx4xh8baryxqrv986l848ygd0piqwm6s2s90pxk9c0m9vklim"; + }; - patchPhase = '' - substituteInPlace glx/runtime.scm \ - --replace '(dynamic-link "libGL")' '(dynamic-link "${libGL}/lib/libGL.so")' - substituteInPlace glu/runtime.scm \ - --replace '(dynamic-link "libGLU")' '(dynamic-link "${libGLU}/lib/libGLU.so")' - substituteInPlace glut/runtime.scm \ - --replace '(dynamic-link "libglut")' '(dynamic-link "${freeglut}/lib/libglut.so")' - ''; + patchPhase = '' + substituteInPlace glx/runtime.scm \ + --replace '(dynamic-link "libGL")' '(dynamic-link "${libGL}/lib/libGL.so")' + substituteInPlace glu/runtime.scm \ + --replace '(dynamic-link "libGLU")' '(dynamic-link "${libGLU}/lib/libGLU.so")' + substituteInPlace glut/runtime.scm \ + --replace '(dynamic-link "libglut")' '(dynamic-link "${freeglut}/lib/libglut.so")' + ''; - nativeBuildInputs = [ pkg-config guile libGL libGLU freeglut ]; + nativeBuildInputs = [pkg-config guile libGL libGLU freeglut]; - meta = with lib; { - description = "Guile bindings for the OpenGL graphics API"; - homepage = "https://www.gnu.org/software/guile-opengl/"; - license = licenses.gpl3Plus; - maintainers = with maintainers; [ vyp ]; - platforms = platforms.all; - }; -} + meta = with lib; { + description = "Guile bindings for the OpenGL graphics API"; + homepage = "https://www.gnu.org/software/guile-opengl/"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [vyp]; + platforms = platforms.all; + }; + } diff --git a/Omni/Bild/Deps/inspekt3d.nix b/Omni/Bild/Deps/inspekt3d.nix index 3146350..de3db4e 100644 --- a/Omni/Bild/Deps/inspekt3d.nix +++ b/Omni/Bild/Deps/inspekt3d.nix @@ -1,15 +1,24 @@ -{ stdenv, lib, autoreconfHook, pkg-config, guile, guile-opengl, mesa -, glibcLocales, libfive, sources }: - +{ + stdenv, + lib, + autoreconfHook, + pkg-config, + guile, + guile-opengl, + mesa, + glibcLocales, + libfive, + sources, +}: stdenv.mkDerivation { name = "inspekt3d-unstable"; src = sources.inspekt3d; version = "unstable-2018-10-17"; - nativeBuildInputs = [ pkg-config autoreconfHook ]; - buildInputs = [ guile glibcLocales mesa ]; - propagatedBuildInputs = [ guile-opengl libfive ]; + nativeBuildInputs = [pkg-config autoreconfHook]; + buildInputs = [guile glibcLocales mesa]; + propagatedBuildInputs = [guile-opengl libfive]; preBuild = '' substituteInPlace inspekt3d/library.scm \ @@ -24,7 +33,7 @@ stdenv.mkDerivation { description = "Lightweight 3D viewer for Libfive written in Guile Scheme"; homepage = "https://sr.ht/~morgansmith/inspekt3d"; license = licenses.gpl3; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; platforms = platforms.all; }; } diff --git a/Omni/Bild/Deps/interegular.nix b/Omni/Bild/Deps/interegular.nix index 24065d8..b46f4c8 100644 --- a/Omni/Bild/Deps/interegular.nix +++ b/Omni/Bild/Deps/interegular.nix @@ -1,5 +1,8 @@ -{ lib, sources, buildPythonPackage }: - +{ + lib, + sources, + buildPythonPackage, +}: buildPythonPackage rec { pname = "interegular"; version = sources.interegular.rev; @@ -7,15 +10,15 @@ buildPythonPackage rec { src = sources.interegular; - propagatedBuildInputs = [ ]; + propagatedBuildInputs = []; doCheck = false; # no tests currently - pythonImportsCheck = [ "interegular" ]; + pythonImportsCheck = ["interegular"]; meta = with lib; { description = "Allows to check regexes for overlaps."; homepage = "https://github.com/MegaIng/interegular"; license = licenses.mit; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; }; } diff --git a/Omni/Bild/Deps/lion-pytorch.nix b/Omni/Bild/Deps/lion-pytorch.nix index 7b06e78..e8fcf3d 100644 --- a/Omni/Bild/Deps/lion-pytorch.nix +++ b/Omni/Bild/Deps/lion-pytorch.nix @@ -1,5 +1,10 @@ -{ lib, buildPythonPackage, pythonOlder, fetchFromGitHub, torch }: - +{ + lib, + buildPythonPackage, + pythonOlder, + fetchFromGitHub, + torch, +}: buildPythonPackage rec { pname = "lion-pytorch"; version = "0.1.2"; @@ -13,15 +18,15 @@ buildPythonPackage rec { hash = "sha256-9hdpRJvCpv3PeC7f0IXpHt6i+e6LiT0QUl5jeDGelQE="; }; - propagatedBuildInputs = [ torch ]; + propagatedBuildInputs = [torch]; - pythonImportsCheck = [ "lion_pytorch" ]; + pythonImportsCheck = ["lion_pytorch"]; doCheck = false; # no tests currently meta = with lib; { description = "Optimizer tuned by Google Brain using genetic algorithms"; homepage = "https://github.com/lucidrains/lion-pytorch"; license = licenses.mit; - maintainers = with maintainers; [ bcdarwin ]; + maintainers = with maintainers; [bcdarwin]; }; } diff --git a/Omni/Bild/Deps/llm-ollama.nix b/Omni/Bild/Deps/llm-ollama.nix index e2b6a66..15b26cc 100644 --- a/Omni/Bild/Deps/llm-ollama.nix +++ b/Omni/Bild/Deps/llm-ollama.nix @@ -1,5 +1,13 @@ -{ buildPythonPackage, fetchFromGitHub, lib, llm, ollama, pytestCheckHook -, setuptools, pythonOlder, }: +{ + buildPythonPackage, + fetchFromGitHub, + lib, + llm, + ollama, + pytestCheckHook, + setuptools, + pythonOlder, +}: buildPythonPackage rec { pname = "llm-ollama"; version = "0.3.0"; @@ -14,27 +22,26 @@ buildPythonPackage rec { hash = "sha256-Ar0Ux8BNGY0i764CEk7+48J6jnndlRIIMPZ9tFpXiy4="; }; - nativeBuildInputs = [ setuptools ]; + nativeBuildInputs = [setuptools]; - buildInputs = [ llm ollama ]; + buildInputs = [llm ollama]; - propagatedBuildInputs = [ ollama ]; + propagatedBuildInputs = [ollama]; disabledTests = [ # wants to mkdir in the /homeless-shelter "test_registered_models" ]; - nativeCheckInputs = [ pytestCheckHook ]; + nativeCheckInputs = [pytestCheckHook]; - pythonImportsCheck = [ "llm_ollama" ]; + pythonImportsCheck = ["llm_ollama"]; meta = with lib; { homepage = "https://github.com/taketwo/llm-ollama"; - description = - "LLM plugin providing access to local Ollama models usting HTTP API"; + description = "LLM plugin providing access to local Ollama models usting HTTP API"; changelog = "https://github.com/taketwo/llm-ollama/releases/tag/${version}"; license = licenses.asl20; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; }; } diff --git a/Omni/Bild/Deps/llm-sentence-transformers.nix b/Omni/Bild/Deps/llm-sentence-transformers.nix index 4d63c83..f6766ee 100644 --- a/Omni/Bild/Deps/llm-sentence-transformers.nix +++ b/Omni/Bild/Deps/llm-sentence-transformers.nix @@ -1,5 +1,13 @@ -{ buildPythonPackage, fetchFromGitHub, lib, llm, sentence-transformers -, pytestCheckHook, setuptools, pythonOlder, }: +{ + buildPythonPackage, + fetchFromGitHub, + lib, + llm, + sentence-transformers, + pytestCheckHook, + setuptools, + pythonOlder, +}: buildPythonPackage rec { pname = "llm-sentence-transformers"; version = "0.2"; @@ -14,11 +22,11 @@ buildPythonPackage rec { hash = "sha256-1NlKPWekdVLrNkIMWXLCRWn54RlAEuEDWMCDnQHNkBc="; }; - nativeBuildInputs = [ setuptools ]; + nativeBuildInputs = [setuptools]; - buildInputs = [ llm sentence-transformers ]; + buildInputs = [llm sentence-transformers]; - propagatedBuildInputs = [ sentence-transformers ]; + propagatedBuildInputs = [sentence-transformers]; # fails because of some pydantic warnings doCheck = false; @@ -27,16 +35,15 @@ buildPythonPackage rec { "test_sentence_transformers" ]; - nativeCheckInputs = [ pytestCheckHook ]; + nativeCheckInputs = [pytestCheckHook]; - pythonImportsCheck = [ "llm_sentence_transformers" ]; + pythonImportsCheck = ["llm_sentence_transformers"]; meta = with lib; { homepage = "https://github.com/taketwo/llm-sentence-transformers"; description = "LLM plugin for embeddings using sentence-transformers"; - changelog = - "https://github.com/taketwo/llm-sentence-transformers/releases/tag/${version}"; + changelog = "https://github.com/taketwo/llm-sentence-transformers/releases/tag/${version}"; license = licenses.asl20; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; }; } diff --git a/Omni/Bild/Deps/ludic.nix b/Omni/Bild/Deps/ludic.nix index dfac06c..58936c7 100644 --- a/Omni/Bild/Deps/ludic.nix +++ b/Omni/Bild/Deps/ludic.nix @@ -1,7 +1,19 @@ -{ buildPythonPackage, fetchFromGitHub, lib, setuptools, pytestCheckHook -, python-multipart, starlette, typeguard, pygments, pytest, pytest-cov, httpx -, hatchling, hatch-vcs }: - +{ + buildPythonPackage, + fetchFromGitHub, + lib, + setuptools, + pytestCheckHook, + python-multipart, + starlette, + typeguard, + pygments, + pytest, + pytest-cov, + httpx, + hatchling, + hatch-vcs, +}: buildPythonPackage rec { pname = "ludic"; version = "0.5.2"; @@ -14,23 +26,23 @@ buildPythonPackage rec { hash = "sha256-Zcob2ljyeiCqnCobkDP4ihRTxvs5OtQ4y5+Itsgs/0o="; }; - nativeBuildInputs = [ setuptools hatchling hatch-vcs ]; + nativeBuildInputs = [setuptools hatchling hatch-vcs]; - propagatedBuildInputs = [ python-multipart starlette typeguard pygments ]; + propagatedBuildInputs = [python-multipart starlette typeguard pygments]; - disabledTestPaths = [ "tests/contrib/test_django.py" ]; + disabledTestPaths = ["tests/contrib/test_django.py"]; - nativeCheckInputs = [ pytestCheckHook ]; + nativeCheckInputs = [pytestCheckHook]; - checkInputs = [ pytest pytest-cov httpx ]; + checkInputs = [pytest pytest-cov httpx]; - pythonImportsCheck = [ "ludic" ]; + pythonImportsCheck = ["ludic"]; meta = with lib; { homepage = "https://github.com/getludic/ludic"; description = "Web Development in Pure Python with Type-Guided Components."; changelog = "https://github.com/getludic/ludic/releases/tag/${version}"; license = licenses.mit; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; }; } diff --git a/Omni/Bild/Deps/nostr-rs-relay.nix b/Omni/Bild/Deps/nostr-rs-relay.nix index 0eef13f..df76cdd 100644 --- a/Omni/Bild/Deps/nostr-rs-relay.nix +++ b/Omni/Bild/Deps/nostr-rs-relay.nix @@ -1,5 +1,9 @@ -{ fetchFromSourcehut, rustPlatform, pkg-config, openssl }: - +{ + fetchFromSourcehut, + rustPlatform, + pkg-config, + openssl, +}: rustPlatform.buildRustPackage rec { pname = "nostr-rs-relay"; version = "0.7.15"; @@ -13,7 +17,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-3593pjc4A4NsEnE/ZYsR1vSMCvw2ZJue4EIY6cFa2WA="; - nativeBuildInputs = [ pkg-config openssl.dev ]; + nativeBuildInputs = [pkg-config openssl.dev]; - buildInputs = [ openssl.dev ]; + buildInputs = [openssl.dev]; } diff --git a/Omni/Bild/Deps/outlines.nix b/Omni/Bild/Deps/outlines.nix index 29ef41b..6426c15 100644 --- a/Omni/Bild/Deps/outlines.nix +++ b/Omni/Bild/Deps/outlines.nix @@ -1,6 +1,19 @@ -{ lib, sources, buildPythonPackage, interegular, jinja2, lark, numpy, perscache -, pillow, pydantic, regex, scipy, tenacity, torch }: - +{ + lib, + sources, + buildPythonPackage, + interegular, + jinja2, + lark, + numpy, + perscache, + pillow, + pydantic, + regex, + scipy, + tenacity, + torch, +}: buildPythonPackage rec { pname = "outlines"; version = sources.outlines.rev; @@ -23,12 +36,12 @@ buildPythonPackage rec { ]; doCheck = false; # no tests currently - pythonImportsCheck = [ "outlines" ]; + pythonImportsCheck = ["outlines"]; meta = with lib; { description = "Probabilistic Generative Model Programming"; homepage = "https://github.com/normal-computing/outlines"; license = licenses.asl20; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; }; } diff --git a/Omni/Bild/Deps/perscache.nix b/Omni/Bild/Deps/perscache.nix index 508a261..889f91c 100644 --- a/Omni/Bild/Deps/perscache.nix +++ b/Omni/Bild/Deps/perscache.nix @@ -1,16 +1,23 @@ -{ lib, sources, buildPythonPackage, beartype, cloudpickle, icontract, pbr }: - +{ + lib, + sources, + buildPythonPackage, + beartype, + cloudpickle, + icontract, + pbr, +}: buildPythonPackage rec { pname = "perscache"; version = sources.perscache.rev; src = sources.perscache; - propagatedBuildInputs = [ beartype cloudpickle icontract pbr ]; + propagatedBuildInputs = [beartype cloudpickle icontract pbr]; PBR_VERSION = version; doCheck = false; # no tests currently - pythonImportsCheck = [ "perscache" ]; + pythonImportsCheck = ["perscache"]; meta = with lib; { description = '' @@ -20,6 +27,6 @@ buildPythonPackage rec { ''; homepage = "https://github.com/leshchenko1979/perscache"; license = licenses.mit; - maintainers = with maintainers; [ bsima ]; + maintainers = with maintainers; [bsima]; }; } diff --git a/Omni/Bild/Functions.nix b/Omni/Bild/Functions.nix index 8b87f86..2a40da2 100644 --- a/Omni/Bild/Functions.nix +++ b/Omni/Bild/Functions.nix @@ -10,24 +10,25 @@ _: super: { # rules. This will fail if build steps have changed, or if no build # rules are available upstream. overrideSource = depName: - if super ? "${depName}" && super.${depName} ? overrideAttrs then + if super ? "${depName}" && super.${depName} ? overrideAttrs + then super.${depName}.overrideAttrs (attrs: - attrs // rec { + attrs + // rec { version = super.sources.${depName}.version or super.sources.${depName}.rev; src = super.sources.${depName}; }) - else - null; + else null; # Simply override the 'src' attr on a drv. This is meant to be a simpler # alternative to 'overrideSource' above. In an overlay, use it like: # mypkg = super.overrideSrc super.mypkg super.sources.mypkg; overrideSrc = dep: src: dep.overrideAttrs (attrs: - attrs // { + attrs + // { version = src.version or src.rev; src = src; }); } - diff --git a/Omni/Bild/Haskell.nix b/Omni/Bild/Haskell.nix index 764ef5d..7e969da 100644 --- a/Omni/Bild/Haskell.nix +++ b/Omni/Bild/Haskell.nix @@ -1,37 +1,38 @@ -_self: super: - -let +_self: super: let inherit (import ./Constants.nix) ghcCompiler; - buildCabal = sel: name: sel.callCabal2nix name super.sources.${name} { }; - + buildCabal = sel: name: sel.callCabal2nix name super.sources.${name} {}; in rec { - - haskell = super.haskell // { - packages = super.haskell.packages // { - "${ghcCompiler}" = super.haskell.packages."${ghcCompiler}".override - (_old: { - overrides = with super.pkgs.haskell.lib; - sel: sup: - super.overridePinnedDeps (buildCabal sel) // { - ap-normalize = dontCheck sup.ap-normalize; - clay = doJailbreak sup.clay; - cmark = doJailbreak sup.cmark; - docopt = buildCabal sel "docopt"; - filelock = dontCheck sup.filelock; - linear-generics = doJailbreak sup.linear-generics; - req = doJailbreak sup.req; - servant-auth = doJailbreak sup.servant-auth; - servant-auth-server = dontCheck sup.servant-auth-server; - shellcheck = doJailbreak sup.shellcheck; - string-qq = doJailbreak sup.string-qq; - syb-with-class = doJailbreak sup.syb-with-class; - th-abstraction = doJailbreak sup.th-abstraction; - }; - }); + haskell = + super.haskell + // { + packages = + super.haskell.packages + // { + "${ghcCompiler}" = + super.haskell.packages."${ghcCompiler}".override + (_old: { + overrides = with super.pkgs.haskell.lib; + sel: sup: + super.overridePinnedDeps (buildCabal sel) + // { + ap-normalize = dontCheck sup.ap-normalize; + clay = doJailbreak sup.clay; + cmark = doJailbreak sup.cmark; + docopt = buildCabal sel "docopt"; + filelock = dontCheck sup.filelock; + linear-generics = doJailbreak sup.linear-generics; + req = doJailbreak sup.req; + servant-auth = doJailbreak sup.servant-auth; + servant-auth-server = dontCheck sup.servant-auth-server; + shellcheck = doJailbreak sup.shellcheck; + string-qq = doJailbreak sup.string-qq; + syb-with-class = doJailbreak sup.syb-with-class; + th-abstraction = doJailbreak sup.th-abstraction; + }; + }); + }; }; - }; ormolu = super.haskellPackages.ormolu; - } diff --git a/Omni/Bild/Nixpkgs.nix b/Omni/Bild/Nixpkgs.nix index 828021c..c4934ce 100644 --- a/Omni/Bild/Nixpkgs.nix +++ b/Omni/Bild/Nixpkgs.nix @@ -1,5 +1,5 @@ let - sources = import ./Sources.nix { sourcesFile = ./Sources.json; }; + sources = import ./Sources.nix {sourcesFile = ./Sources.json;}; config = { allowAliases = true; @@ -16,7 +16,7 @@ let depsOverlay = _: pkgs: pkgs.overridePinnedDeps pkgs.overrideSource; overlays = [ - (_: _: { inherit sources; }) + (_: _: {inherit sources;}) (import ./CcacheWrapper.nix) (import ./Functions.nix) depsOverlay @@ -24,16 +24,15 @@ let (import ./Python.nix) (import ./Haskell.nix) # backport newer packages from unstable - (_: _: { unstable = nixos-unstable-small.pkgs; }) + (_: _: {unstable = nixos-unstable-small.pkgs;}) ]; nixos-unstable-small = - import sources.nixos-unstable-small { inherit system config overlays; }; - + import sources.nixos-unstable-small {inherit system config overlays;}; in { - nixos-24_05 = import sources.nixos-24_05 { inherit system config overlays; }; + nixos-24_05 = import sources.nixos-24_05 {inherit system config overlays;}; - nixos-24_11 = import sources.nixos-24_11 { inherit system config overlays; }; + nixos-24_11 = import sources.nixos-24_11 {inherit system config overlays;}; inherit nixos-unstable-small; } diff --git a/Omni/Bild/Python.nix b/Omni/Bild/Python.nix index 88abe94..035b11c 100644 --- a/Omni/Bild/Python.nix +++ b/Omni/Bild/Python.nix @@ -1,15 +1,15 @@ _self: super: { python312 = super.python312.override { packageOverrides = _pyself: pysuper: - with pysuper.pkgs.python312Packages; - let dontCheck = p: p.overridePythonAttrs (_: { doCheck = false; }); + with pysuper.pkgs.python312Packages; let + dontCheck = p: p.overridePythonAttrs (_: {doCheck = false;}); in { - interegular = callPackage ./Deps/interegular.nix { }; + interegular = callPackage ./Deps/interegular.nix {}; ipython = dontCheck pysuper.ipython; - ludic = callPackage ./Deps/ludic.nix { }; + ludic = callPackage ./Deps/ludic.nix {}; mypy = dontCheck pysuper.mypy; - outlines = callPackage ./Deps/outlines.nix { }; - perscache = callPackage ./Deps/perscache.nix { }; + outlines = callPackage ./Deps/outlines.nix {}; + perscache = callPackage ./Deps/perscache.nix {}; tokenizers = dontCheck pysuper.tokenizers; }; }; @@ -17,9 +17,9 @@ _self: super: { python311 = super.python311.override { packageOverrides = _pyself: pysuper: with pysuper.pkgs.python311Packages; { - llm-ollama = callPackage ./Deps/llm-ollama.nix { }; + llm-ollama = callPackage ./Deps/llm-ollama.nix {}; llm-sentence-transformers = - callPackage ./Deps/llm-sentence-transformers.nix { }; + callPackage ./Deps/llm-sentence-transformers.nix {}; }; }; } diff --git a/Omni/Bild/Sources.nix b/Omni/Bild/Sources.nix index f7af81e..dbcd147 100644 --- a/Omni/Bild/Sources.nix +++ b/Omni/Bild/Sources.nix @@ -1,14 +1,13 @@ # This file has been generated by Niv. - let - # # The fetchers. fetch_<type> fetches specs of type <type>. # - - fetch_file = pkgs: name: spec: - let name' = sanitizeName name + "-src"; - in if spec.builtin or true then + fetch_file = pkgs: name: spec: let + name' = sanitizeName name + "-src"; + in + if spec.builtin or true + then builtins_fetchurl { inherit (spec) url sha256; name = name'; @@ -19,9 +18,11 @@ let name = name'; }; - fetch_tarball = pkgs: name: spec: - let name' = sanitizeName name + "-src"; - in if spec.builtin or true then + fetch_tarball = pkgs: name: spec: let + name' = sanitizeName name + "-src"; + in + if spec.builtin or true + then builtins_fetchTarball { name = name'; inherit (spec) url sha256; @@ -32,18 +33,19 @@ let inherit (spec) url sha256; }; - fetch_git = name: spec: - let - ref = if spec ? ref then - spec.ref - else if spec ? branch then - "refs/heads/${spec.branch}" - else if spec ? tag then - "refs/tags/${spec.tag}" + fetch_git = name: spec: let + ref = + if spec ? ref + then spec.ref + else if spec ? branch + then "refs/heads/${spec.branch}" + else if spec ? tag + then "refs/tags/${spec.tag}" else abort "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; - in builtins.fetchGit { + in + builtins.fetchGit { url = spec.repo; inherit (spec) rev; inherit ref; @@ -66,24 +68,27 @@ let # # https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695 - sanitizeName = name: - (concatMapStrings (s: if builtins.isList s then "-" else s) - (builtins.split "[^[:alnum:]+._?=-]+" - ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name))); + sanitizeName = name: (concatMapStrings (s: + if builtins.isList s + then "-" + else s) + (builtins.split "[^[:alnum:]+._?=-]+" + ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name))); # The set of packages used when specs are fetched using non-builtins. - mkPkgs = sources: system: - let - sourcesNixpkgs = import - (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { - inherit system; - }; - hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; - hasThisAsNixpkgsPath = <nixpkgs> == ./.; - in if builtins.hasAttr "nixpkgs" sources then - sourcesNixpkgs - else if hasNixpkgsPath && !hasThisAsNixpkgsPath then - import <nixpkgs> { } + mkPkgs = sources: system: let + sourcesNixpkgs = + import + (builtins_fetchTarball {inherit (sources.nixpkgs) url sha256;}) { + inherit system; + }; + hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; + hasThisAsNixpkgsPath = <nixpkgs> == ./.; + in + if builtins.hasAttr "nixpkgs" sources + then sourcesNixpkgs + else if hasNixpkgsPath && !hasThisAsNixpkgsPath + then import <nixpkgs> {} else abort '' Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or @@ -92,58 +97,62 @@ let # The actual fetching function. fetch = pkgs: name: spec: - - if !builtins.hasAttr "type" spec then - abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then - fetch_file pkgs name spec - else if spec.type == "tarball" then - fetch_tarball pkgs name spec - else if spec.type == "git" then - fetch_git name spec - else if spec.type == "local" then - fetch_local spec - else if spec.type == "builtin-tarball" then - fetch_builtin-tarball name - else if spec.type == "builtin-url" then - fetch_builtin-url name + if !builtins.hasAttr "type" spec + then abort "ERROR: niv spec ${name} does not have a 'type' attribute" + else if spec.type == "file" + then fetch_file pkgs name spec + else if spec.type == "tarball" + then fetch_tarball pkgs name spec + else if spec.type == "git" + then fetch_git name spec + else if spec.type == "local" + then fetch_local spec + else if spec.type == "builtin-tarball" + then fetch_builtin-tarball name + else if spec.type == "builtin-url" + then fetch_builtin-url name else abort "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; # If the environment variable NIV_OVERRIDE_${name} is set, then use # the path directly as opposed to the fetched source. - replace = name: drv: - let - saneName = stringAsChars - (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; - ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; - in if ersatz == "" then - drv - else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - if builtins.substring 0 1 ersatz == "/" then - /. + ersatz + replace = name: drv: let + saneName = + stringAsChars + (c: + if isNull (builtins.match "[a-zA-Z0-9]" c) + then "_" + else c) + name; + ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; + in + if ersatz == "" + then drv else - /. + builtins.getEnv "PWD" + "/${ersatz}"; + # this turns the string into an actual Nix path (for both absolute and + # relative paths) + if builtins.substring 0 1 ersatz == "/" + then /. + ersatz + else /. + builtins.getEnv "PWD" + "/${ersatz}"; # Ports of functions for older nix versions # a Nix version of mapAttrs if the built-in doesn't exist - mapAttrs = builtins.mapAttrs or (f: set: - with builtins; - listToAttrs (map (attr: { - name = attr; - value = f attr set.${attr}; - }) (attrNames set))); + mapAttrs = + builtins.mapAttrs + or (f: set: + with builtins; + listToAttrs (map (attr: { + name = attr; + value = f attr set.${attr}; + }) (attrNames set))); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 range = first: last: - if first > last then - [ ] - else - builtins.genList (n: first + n) (last - first + 1); + if first > last + then [] + else builtins.genList (n: first + n) (last - first + 1); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 stringToCharacters = s: @@ -155,53 +164,72 @@ let concatStrings = builtins.concatStringsSep ""; # https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331 - optionalAttrs = cond: as: if cond then as else { }; + optionalAttrs = cond: as: + if cond + then as + else {}; # fetchTarball version that is compatible between all the versions of Nix - # deadnix: skip - builtins_fetchTarball = { url, name ? null, sha256 }@attrs: - let inherit (builtins) lessThan nixVersion fetchTarball; - in if lessThan nixVersion "1.12" then + builtins_fetchTarball = { + url, + name ? null, + # deadnix: skip + sha256, + } @ attrs: let + inherit (builtins) lessThan nixVersion fetchTarball; + in + if lessThan nixVersion "1.12" + then fetchTarball - ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchTarball attrs; + ({inherit url;} // (optionalAttrs (!isNull name) {inherit name;})) + else fetchTarball attrs; # fetchurl version that is compatible between all the versions of Nix - # deadnix: skip - builtins_fetchurl = { url, name ? null, sha256 }@attrs: - let inherit (builtins) lessThan nixVersion fetchurl; - in if lessThan nixVersion "1.12" then + builtins_fetchurl = { + url, + name ? null, + # deadnix: skip + sha256, + } @ attrs: let + inherit (builtins) lessThan nixVersion fetchurl; + in + if lessThan nixVersion "1.12" + then fetchurl - ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchurl attrs; + ({inherit url;} // (optionalAttrs (!isNull name) {inherit name;})) + else fetchurl attrs; # Create the final "sources" from the config mkSources = config: mapAttrs (name: spec: - if builtins.hasAttr "outPath" spec then + if builtins.hasAttr "outPath" spec + then abort "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); }) + else spec // {outPath = replace name (fetch config.pkgs name spec);}) config.sources; # The "config" used by the fetchers - mkConfig = { sourcesFile ? - if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then - { } - else - builtins.fromJSON (builtins.readFile sourcesFile) - , system ? builtins.currentSystem, pkgs ? mkPkgs sources system }: rec { - # The sources, i.e. the attribute set of spec name to spec - inherit sources; - - # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers - inherit pkgs; - }; - -in mkSources (mkConfig { }) // { - __functor = _: settings: mkSources (mkConfig settings); -} + mkConfig = { + sourcesFile ? + if builtins.pathExists ./sources.json + then ./sources.json + else null, + sources ? + if isNull sourcesFile + then {} + else builtins.fromJSON (builtins.readFile sourcesFile), + system ? builtins.currentSystem, + pkgs ? mkPkgs sources system, + }: rec { + # The sources, i.e. the attribute set of spec name to spec + inherit sources; + + # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers + inherit pkgs; + }; +in + mkSources (mkConfig {}) + // { + __functor = _: settings: mkSources (mkConfig settings); + } diff --git a/Omni/Bot.nix b/Omni/Bot.nix index 934ad9c..d287e55 100644 --- a/Omni/Bot.nix +++ b/Omni/Bot.nix @@ -1,6 +1,11 @@ -{ options, lib, config, pkgs, ... }: - -let cfg = config.services.omnibot; +{ + options, + lib, + config, + pkgs, + ... +}: let + cfg = config.services.omnibot; in { options.services.bizbot = { enable = lib.mkEnableOption "Enable the omnibot service"; @@ -24,8 +29,8 @@ in { config = lib.mkIf cfg.enable { systemd.services = { "omnibot-${cfg.server}-${cfg.channel}-ii" = { - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.ii ]; + wantedBy = ["multi-user.target"]; + path = [pkgs.ii]; script = '' ${pkgs.ii}/bin/ii ${cfg.dataDir}/irc -s ${cfg.server} -p 6667 -n omnibot ''; @@ -35,12 +40,11 @@ in { description = '' omnibot ii tree for ${cfg.server}/${cfg.channel} ''; - }; "omnibot-${cfg.server}-${cfg.channel}" = { - path = [ cfg.package ]; - wantedBy = [ "multi-user.target" ]; - after = [ "omnibot-${cfg.server}-${cfg.channel}-ii.service" ]; + path = [cfg.package]; + wantedBy = ["multi-user.target"]; + after = ["omnibot-${cfg.server}-${cfg.channel}-ii.service"]; script = '' tail -f ${cfg.dataDir}/irc/${cfg.server}/${cfg.channel}/out \ | ${cfg.package}/bin/omnibot \ diff --git a/Omni/Cloud.nix b/Omni/Cloud.nix index 5111373..e9bff4b 100644 --- a/Omni/Cloud.nix +++ b/Omni/Cloud.nix @@ -1,6 +1,5 @@ -{ bild }: +{bild}: # Cloud infrastructure, always online. Mostly for messaging-related stuff. - bild.os { imports = [ ./Os/Base.nix diff --git a/Omni/Cloud/Chat.nix b/Omni/Cloud/Chat.nix index 7f86621..a3a6a78 100644 --- a/Omni/Cloud/Chat.nix +++ b/Omni/Cloud/Chat.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: # # a homeserver for matrix.org. # @@ -24,17 +28,21 @@ in { enable = false; settings.server_name = config.networking.domain; #registration_shared_secret = "AkGRWSQLga3RoKRFnHhKoeCEIeZzu31y4TRzMRkMyRbBnETkVTSxilf24qySLzQn"; - settings.listeners = [{ - port = matrix_port; - bind_address = "::1"; - type = "http"; - tls = false; - x_forwarded = true; - resources = [{ - names = [ "client" "federation" ]; - compress = false; - }]; - }]; + settings.listeners = [ + { + port = matrix_port; + bind_address = "::1"; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + names = ["client" "federation"]; + compress = false; + } + ]; + } + ]; }; # matrix needs a database # @@ -50,16 +58,16 @@ in { virtualHosts = { # route to matrix-synapse "${config.networking.domain}" = { - locations."= /.well-known/matrix/server".extraConfig = - let server = { "m.server" = "${fqdn}:443"; }; - in '' - add_header Content-Type application/json; - return 200 '${builtins.toJSON server}'; - ''; + locations."= /.well-known/matrix/server".extraConfig = let + server = {"m.server" = "${fqdn}:443";}; + in '' + add_header Content-Type application/json; + return 200 '${builtins.toJSON server}'; + ''; locations."= /.well-known/matrix/client".extraConfig = let client = { - "m.homeserver" = { "base_url" = "https://${fqdn}"; }; - "m.identity_server" = { "base_url" = "https://vector.im"; }; + "m.homeserver" = {"base_url" = "https://${fqdn}";}; + "m.identity_server" = {"base_url" = "https://vector.im";}; }; in '' add_header Content-Type application/json; diff --git a/Omni/Cloud/Comms.nix b/Omni/Cloud/Comms.nix index bf7a763..fec53be 100644 --- a/Omni/Cloud/Comms.nix +++ b/Omni/Cloud/Comms.nix @@ -1,5 +1 @@ -{ ... }: - -{ - imports = [ ./Comms/Xmpp.nix ./Comms/Mumble.nix ]; -} +{...}: {imports = [./Comms/Xmpp.nix ./Comms/Mumble.nix];} diff --git a/Omni/Cloud/Comms/Coturn.nix b/Omni/Cloud/Comms/Coturn.nix index 93093f0..485ec66 100644 --- a/Omni/Cloud/Comms/Coturn.nix +++ b/Omni/Cloud/Comms/Coturn.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ +{config, ...}: { services.coturn = { enable = true; cert = "/var/lib/acme/${config.networking.domain}/fullchain.pem"; diff --git a/Omni/Cloud/Comms/Jitsi.nix b/Omni/Cloud/Comms/Jitsi.nix index 17aeced..23bfc28 100644 --- a/Omni/Cloud/Comms/Jitsi.nix +++ b/Omni/Cloud/Comms/Jitsi.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -{ +{config, ...}: { services.jitsi-meet = { enable = true; config = { diff --git a/Omni/Cloud/Comms/Mumble.nix b/Omni/Cloud/Comms/Mumble.nix index 66d21a5..db332ce 100644 --- a/Omni/Cloud/Comms/Mumble.nix +++ b/Omni/Cloud/Comms/Mumble.nix @@ -1,7 +1,7 @@ -{ config, ... }: - +{config, ...}: # mumble and related services -let ports = import ../Ports.nix; +let + ports = import ../Ports.nix; in { services.murmur = { enable = true; @@ -19,7 +19,7 @@ in { listening_addr = "127.0.0.1"; listening_port = ports.botamusique; }; - radio = { lofi = "https://live.hunter.fm/lofi_high"; }; + radio = {lofi = "https://live.hunter.fm/lofi_high";}; }; }; } diff --git a/Omni/Cloud/Comms/Xmpp.nix b/Omni/Cloud/Comms/Xmpp.nix index ad8649b..5a8264b 100644 --- a/Omni/Cloud/Comms/Xmpp.nix +++ b/Omni/Cloud/Comms/Xmpp.nix @@ -1,4 +1,8 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: # # xmpp chat service # @@ -23,12 +27,12 @@ in { services.prosody = { enable = true; package = - pkgs.prosody.override { withCommunityModules = [ "conversejs" ]; }; + pkgs.prosody.override {withCommunityModules = ["conversejs"];}; # when i learn how to use security.acme better, and use separate certs, then i # can fix this group group = "nginx"; - admins = [ "bsima@${rootDomain}" ]; + admins = ["bsima@${rootDomain}"]; allowRegistration = true; inherit ssl; uploadHttp = { @@ -126,7 +130,7 @@ in { }; }; - services.prosody-filer = { enable = true; }; + services.prosody-filer = {enable = true;}; services.nginx.virtualHosts."${rootDomain}".locations = { "/http-bind" = { @@ -186,7 +190,7 @@ in { }; }; - users.users.nginx.extraGroups = [ "prosody" ]; + users.users.nginx.extraGroups = ["prosody"]; security.acme.certs.${rootDomain}.extraDomainNames = [ # these stopped working idk why diff --git a/Omni/Cloud/Git.nix b/Omni/Cloud/Git.nix index bc97d23..854c58a 100644 --- a/Omni/Cloud/Git.nix +++ b/Omni/Cloud/Git.nix @@ -1,6 +1,9 @@ -{ lib, config, pkgs, ... }: - -let +{ + lib, + config, + pkgs, + ... +}: let inherit (config.networking) domain; root = "/var/git"; ports = import ./Ports.nix; @@ -70,8 +73,7 @@ in { ]; plugins = [ (pkgs.fetchurl { - url = - "https://github.com/davido/gerrit-oauth-provider/releases/download/v3.5.1/gerrit-oauth-provider.jar"; + url = "https://github.com/davido/gerrit-oauth-provider/releases/download/v3.5.1/gerrit-oauth-provider.jar"; sha256 = "sha256-MS3ElMRUrBX4miiflepMETRK3SaASqpqO3nUn9kq3Gk="; }) ]; @@ -80,16 +82,14 @@ in { settings = { auth.type = "OAUTH"; auth.gitBasicAuthPolicy = "HTTP"; - download.command = [ "checkout" "cherry_pick" "pull" "format_patch" ]; + download.command = ["checkout" "cherry_pick" "pull" "format_patch"]; gerrit.canonicalWebUrl = "https://gerrit.${domain}"; - httpd.listenUrl = - "proxy-https://${config.services.gerrit.listenAddress}"; + httpd.listenUrl = "proxy-https://${config.services.gerrit.listenAddress}"; plugin.gerrit-oauth-provider-github-oauth = { root-url = "https://github.com"; client-id = "e48084aa0eebe31a2b18"; }; - sshd.advertisedAddress = - "gerrit.${domain}:${toString ports.gerrit-ssh}"; + sshd.advertisedAddress = "gerrit.${domain}:${toString ports.gerrit-ssh}"; sshd.listenAddress = "[::]:${toString ports.gerrit-ssh}"; }; }; @@ -111,9 +111,9 @@ in { group = "gitDaemon"; isSystemUser = true; description = "Git daemon user"; - extraGroups = [ "git" ]; + extraGroups = ["git"]; }; - "nginx".extraGroups = [ "git" ]; + "nginx".extraGroups = ["git"]; }; - users.groups = { gitDaemon = { }; }; + users.groups = {gitDaemon = {};}; } diff --git a/Omni/Cloud/Gmnisrv.nix b/Omni/Cloud/Gmnisrv.nix index e2a66f6..c7ee523 100644 --- a/Omni/Cloud/Gmnisrv.nix +++ b/Omni/Cloud/Gmnisrv.nix @@ -1,8 +1,12 @@ -{ lib, config, pkgs, ... }: - -let cfg = config.services.gmnisrv; +{ + lib, + config, + pkgs, + ... +}: let + cfg = config.services.gmnisrv; in { - meta.maintainers = [ lib.maintainers.bsima ]; + meta.maintainers = [lib.maintainers.bsima]; options.services.gmnisrv = { enable = lib.mkEnableOption "Enable the gmnisrv service"; listen = lib.mkOption { @@ -15,7 +19,7 @@ in { Configuration for gmnisrv. See gmnisrv.ini(5) for supported settings. ''; default = { - ":tls" = { "store" = lib.mkDefault "${cfg.dataDir}/certs"; }; + ":tls" = {"store" = lib.mkDefault "${cfg.dataDir}/certs";}; }; }; dataDir = lib.mkOption { @@ -27,11 +31,11 @@ in { config = lib.mkIf cfg.enable { systemd.services.gmnisrv = { description = "gmnisrv service"; - wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; + wantedBy = ["multi-user.target"]; + after = ["network-online.target"]; script = let - ini = lib.generators.toINIWithGlobalSection { } { - globalSection = { "listen" = cfg.listen; }; + ini = lib.generators.toINIWithGlobalSection {} { + globalSection = {"listen" = cfg.listen;}; sections = cfg.settings; }; in "${pkgs.gmnisrv}/bin/gmnisrv -C ${ini}"; diff --git a/Omni/Cloud/Hardware.nix b/Omni/Cloud/Hardware.nix index 8fdbd4e..5824223 100644 --- a/Omni/Cloud/Hardware.nix +++ b/Omni/Cloud/Hardware.nix @@ -1,7 +1,7 @@ -{ modulesPath, ... }: { - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; +{modulesPath, ...}: { + imports = [(modulesPath + "/profiles/qemu-guest.nix")]; boot.loader.grub.device = "/dev/vda"; - boot.initrd.kernelModules = [ "nvme" ]; + boot.initrd.kernelModules = ["nvme"]; fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; diff --git a/Omni/Cloud/Mail.nix b/Omni/Cloud/Mail.nix index fa99cf3..d3f70bc 100644 --- a/Omni/Cloud/Mail.nix +++ b/Omni/Cloud/Mail.nix @@ -1,12 +1,11 @@ -{ ... }: +{...}: +/* +Known issues: -/* Known issues: - - - when the acme cert gets refreshed, you need to manually restart dovecot - - when restarting dovecot, it might hang, in that case do: - systemctl --job-mode=ignore-dependencies restart dovecot2 postfix +- when the acme cert gets refreshed, you need to manually restart dovecot +- when restarting dovecot, it might hang, in that case do: + systemctl --job-mode=ignore-dependencies restart dovecot2 postfix */ - { mailserver = { enable = true; @@ -15,7 +14,7 @@ alertAddress = "bsima@me.com"; }; fqdn = "simatime.com"; - domains = [ "simatime.com" "bsima.me" ]; + domains = ["simatime.com" "bsima.me"]; certificateScheme = 3; # let's encrypt enableImap = true; enablePop3 = true; @@ -35,18 +34,17 @@ "postmaster@simatime.com" "abuse@simatime.com" ]; - catchAll = [ "simatime.com" "bsima.me" ]; + catchAll = ["simatime.com" "bsima.me"]; quota = "10G"; }; "dev@simatime.com" = { hashedPasswordFile = "/home/ben/hashed-mail-password"; - aliases = [ "dev@bsima.me" ]; + aliases = ["dev@bsima.me"]; quota = "10G"; }; "nick@simatime.com" = { - hashedPassword = - "$6$31P/Mg8k8Pezy1e$Fn1tDyssf.1EgxmLYFsQpSq6RP4wbEvP/UlBlXQhyKA9FnmFtJteXsbJM1naa8Kyylo8vZM9zmeoSthHS1slA1"; - aliases = [ "nicolai@simatime.com" ]; + hashedPassword = "$6$31P/Mg8k8Pezy1e$Fn1tDyssf.1EgxmLYFsQpSq6RP4wbEvP/UlBlXQhyKA9FnmFtJteXsbJM1naa8Kyylo8vZM9zmeoSthHS1slA1"; + aliases = ["nicolai@simatime.com"]; quota = "1G"; }; }; diff --git a/Omni/Cloud/Networking.nix b/Omni/Cloud/Networking.nix index 1c1f832..419433b 100644 --- a/Omni/Cloud/Networking.nix +++ b/Omni/Cloud/Networking.nix @@ -1,8 +1,8 @@ -{ lib, ... }: { +{lib, ...}: { # This file was populated at runtime with the networking # details gathered from the active system. networking = { - nameservers = [ "8.8.8.8" ]; + nameservers = ["8.8.8.8"]; defaultGateway = "143.198.112.1"; defaultGateway6 = "2604:a880:400:d0::1"; dhcpcd.enable = false; @@ -29,16 +29,19 @@ prefixLength = 64; } ]; - ipv4.routes = [{ - address = "143.198.112.1"; - prefixLength = 32; - }]; - ipv6.routes = [{ - address = "2604:a880:400:d0::1"; - prefixLength = 128; - }]; + ipv4.routes = [ + { + address = "143.198.112.1"; + prefixLength = 32; + } + ]; + ipv6.routes = [ + { + address = "2604:a880:400:d0::1"; + prefixLength = 128; + } + ]; }; - }; }; services.udev.extraRules = '' diff --git a/Omni/Cloud/NostrRelay.nix b/Omni/Cloud/NostrRelay.nix index 0be8a6f..1bcf99b 100644 --- a/Omni/Cloud/NostrRelay.nix +++ b/Omni/Cloud/NostrRelay.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: - -let +{ + config, + pkgs, + ... +}: let ports = import ./Ports.nix; dataDir = "/var/lib/nostr-rs-relay"; # https://git.sr.ht/~gheartsfield/nostr-rs-relay/tree/master/config.toml @@ -19,16 +21,15 @@ let ''; in { config.systemd.services.nostr-relay = { - path = [ pkgs.nostr-rs-relay ]; - wantedBy = [ "multi-user.target" ]; + path = [pkgs.nostr-rs-relay]; + wantedBy = ["multi-user.target"]; preStart = '' mkdir -p ${dataDir} cat "${cfg}" > ${dataDir}/config.toml ''; script = "nostr-rs-relay --db ${dataDir}"; serviceConfig = { - Environment = - [ "RUST_LOG=info,nostr_rs_relay=info" "APP_DATA=${dataDir}" ]; + Environment = ["RUST_LOG=info,nostr_rs_relay=info" "APP_DATA=${dataDir}"]; WorkingDirectory = dataDir; KillSignal = "INT"; Type = "simple"; diff --git a/Omni/Cloud/Web.nix b/Omni/Cloud/Web.nix index 0e080f5..1791539 100644 --- a/Omni/Cloud/Web.nix +++ b/Omni/Cloud/Web.nix @@ -1,10 +1,8 @@ -{ config, ... }: - -let +{config, ...}: let rootDomain = config.networking.domain; ports = import ./Ports.nix; in { - imports = [ ./Gmnisrv.nix ]; + imports = [./Gmnisrv.nix]; networking.firewall = { allowedTCPPorts = [ ports.ssh @@ -20,7 +18,6 @@ in { }; services = { - libreddit = { enable = true; address = "127.0.0.1"; @@ -84,8 +81,8 @@ in { enable = false; listen = "0.0.0.0:${toString ports.gemini} [::]:${toString ports.gemini}"; settings = { - ":tls" = { store = "/var/lib/gmnisrv"; }; - "bsima.me" = { "root" = "/var/web/ben"; }; + ":tls" = {store = "/var/lib/gmnisrv";}; + "bsima.me" = {"root" = "/var/web/ben";}; "${rootDomain}" = { "root" = "/var/web/simatime.com"; "cgi" = "on"; @@ -114,11 +111,10 @@ in { "/git".return = "301 https://$host/git/"; # nostr nip-5 verification "/.well-known/nostr.json".return = "200 '${ - builtins.toJSON { - names.bensima = - "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436"; - } - }'"; + builtins.toJSON { + names.bensima = "2fa4b9ba71b6dab17c4723745bb7850dfdafcb6ae1a8642f76f9c64fa5f43436"; + } + }'"; # disabled for nixpert test "/" = { root = "/var/web/simatime.com"; @@ -145,28 +141,25 @@ in { autoindex on; ''; }; - serverAliases = [ "www.bsima.me" ]; + serverAliases = ["www.bsima.me"]; forceSSL = true; useACMEHost = rootDomain; }; "hoogle.${rootDomain}" = { - locations."/".proxyPass = - "http://${ports.bensIp}:${toString ports.hoogle}"; + locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.hoogle}"; forceSSL = true; useACMEHost = rootDomain; }; "tv.${rootDomain}" = { - locations."/".proxyPass = - "http://${ports.bensIp}:${toString ports.jellyfin}"; + locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.jellyfin}"; forceSSL = true; useACMEHost = rootDomain; }; "cal.${rootDomain}" = { - locations."/".proxyPass = - "http://localhost:${toString ports.radicale}"; + locations."/".proxyPass = "http://localhost:${toString ports.radicale}"; forceSSL = true; useACMEHost = rootDomain; extraConfig = '' @@ -178,8 +171,7 @@ in { }; "reddit.${rootDomain}" = { - locations."/".proxyPass = - "http://localhost:${toString ports.libreddit}"; + locations."/".proxyPass = "http://localhost:${toString ports.libreddit}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -195,8 +187,7 @@ in { }; "youtube.${rootDomain}" = { - locations."/".proxyPass = - "http://localhost:${toString ports.invidious}"; + locations."/".proxyPass = "http://localhost:${toString ports.invidious}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -212,8 +203,7 @@ in { }; "dandel-rovbur.${rootDomain}" = { - locations."/".proxyPass = - "http://${ports.bensIp}:${toString ports.dandel-rovbur}"; + locations."/".proxyPass = "http://${ports.bensIp}:${toString ports.dandel-rovbur}"; forceSSL = true; useACMEHost = rootDomain; }; @@ -228,8 +218,7 @@ in { forceSSL = true; useACMEHost = rootDomain; locations."/" = { - proxyPass = - "http://${ports.bensIp}:${toString ports.stableDiffusion}"; + proxyPass = "http://${ports.bensIp}:${toString ports.stableDiffusion}"; proxyWebsockets = true; }; }; @@ -237,8 +226,7 @@ in { "music.${rootDomain}" = { forceSSL = true; useACMEHost = rootDomain; - locations."/".proxyPass = - "http://localhost:${toString ports.botamusique}"; + locations."/".proxyPass = "http://localhost:${toString ports.botamusique}"; }; "nostr.${rootDomain}" = { @@ -273,14 +261,14 @@ in { }; }; }; - }; }; }; # This must contain all of the other domains we host security.acme.certs.${rootDomain}.extraDomainNames = - [ "bsima.me" "www.bsima.me" ] ++ map (sub: "${sub}.${rootDomain}") [ + ["bsima.me" "www.bsima.me"] + ++ map (sub: "${sub}.${rootDomain}") [ "music" "tv" "matrix" diff --git a/Omni/Cloud/Znc.nix b/Omni/Cloud/Znc.nix index e68ebc7..5b927bc 100644 --- a/Omni/Cloud/Znc.nix +++ b/Omni/Cloud/Znc.nix @@ -1,63 +1,60 @@ -/* N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' +/* +N.B.: generate znc passwords with 'nix-shell -p znc --command "znc --makepass"' - - https://wiki.znc.in/Configuration +- https://wiki.znc.in/Configuration */ - -{ pkgs, ... }: - -{ +{pkgs, ...}: { services = { znc = { enable = true; openFirewall = true; - modulePackages = with pkgs.zncModules; - [ - #backlog clientaway clientbuffer - #ignore - ]; + modulePackages = with pkgs.zncModules; [ + #backlog clientaway clientbuffer + #ignore + ]; useLegacyConfig = false; config = { - LoadModule = [ "adminlog" ]; + LoadModule = ["adminlog"]; Motd = "welcome to znc.simatime.com"; User.bsima = { Admin = true; Nick = "bsima"; AltNick = "bsima1"; - LoadModule = [ "chansaver" "controlpanel" "log" ]; + LoadModule = ["chansaver" "controlpanel" "log"]; Network = { efnet = { Server = "irc.efnet.info +6697"; - LoadModule = [ "simple_away" ]; + LoadModule = ["simple_away"]; }; libera = { Server = "irc.libera.chat +6697"; - LoadModule = [ "simple_away" "nickserv" "sasl" ]; + LoadModule = ["simple_away" "nickserv" "sasl"]; Nick = "bsima"; Chan = { - "#emacs" = { Detached = true; }; - "#guile" = { }; - "#guix" = { Detached = true; }; - "#haskell" = { }; - "#hledger" = { }; - "#nixos" = { }; - "#notmuch" = { Detached = true; }; - "#org-mode" = { Detached = true; }; - "#scheme" = { Detached = true; }; - "#sr.ht" = { Detached = true; }; - "#xmonad" = { Detached = true; }; + "#emacs" = {Detached = true;}; + "#guile" = {}; + "#guix" = {Detached = true;}; + "#haskell" = {}; + "#hledger" = {}; + "#nixos" = {}; + "#notmuch" = {Detached = true;}; + "#org-mode" = {Detached = true;}; + "#scheme" = {Detached = true;}; + "#sr.ht" = {Detached = true;}; + "#xmonad" = {Detached = true;}; }; }; oftc = { Server = "irc.oftc.net +6697"; - LoadModule = [ "simple_away" "nickserv" ]; + LoadModule = ["simple_away" "nickserv"]; Nick = "bsima"; - Chan = { "#home-manager" = { }; }; + Chan = {"#home-manager" = {};}; }; zeronode = { Server = "irc.zeronode.net +6697"; - LoadModule = [ "simple_away" "nickserv" ]; + LoadModule = ["simple_away" "nickserv"]; Nick = "bsima"; - Chan = { "#NoAgenda" = { }; }; + Chan = {"#NoAgenda" = {};}; }; #sorcery = { # Server = "irc.sorcery.net +6697"; @@ -65,8 +62,7 @@ }; Pass.password = { Method = "sha256"; - Hash = - "bead16d806e7bf5cbbc31d572b20f01e2b253eb60e2497ce465df56306becd02"; + Hash = "bead16d806e7bf5cbbc31d572b20f01e2b253eb60e2497ce465df56306becd02"; Salt = "/GhmBMc+E6b7qd8muFEe"; }; }; diff --git a/Omni/Dev/Beryllium.nix b/Omni/Dev/Beryllium.nix index b9fe363..8452d1e 100644 --- a/Omni/Dev/Beryllium.nix +++ b/Omni/Dev/Beryllium.nix @@ -1,4 +1,4 @@ -{ bild }: +{bild}: bild.os { imports = [ ../Os/Base.nix diff --git a/Omni/Dev/Beryllium/Configuration.nix b/Omni/Dev/Beryllium/Configuration.nix index 16f4bca..69c83a6 100644 --- a/Omni/Dev/Beryllium/Configuration.nix +++ b/Omni/Dev/Beryllium/Configuration.nix @@ -1,8 +1,8 @@ -{ pkgs, ... }: - -let ports = import ../../Cloud/Ports.nix; +{pkgs, ...}: let + ports = import ../../Cloud/Ports.nix; in { - imports = [ # Include the results of the hardware scan. + imports = [ + # Include the results of the hardware scan. ./Hardware.nix ]; @@ -10,8 +10,8 @@ in { boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.kernelModules = [ "v4l2loopback" ]; - boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ]; + boot.kernelModules = ["v4l2loopback"]; + boot.extraModulePackages = [pkgs.linuxPackages.v4l2loopback]; # Enable networking networking.networkmanager.enable = true; @@ -68,7 +68,7 @@ in { hardware.opengl.enable = true; hardware.opengl.driSupport32Bit = true; - services.xserver.videoDrivers = [ "nvidia" ]; + services.xserver.videoDrivers = ["nvidia"]; hardware.nvidia.nvidiaPersistenced = true; hardware.nvidia.modesetting.enable = true; hardware.nvidia.powerManagement.enable = false; @@ -103,7 +103,7 @@ in { systemd.services.NetworkManager-wait-online.enable = false; - networking.firewall.allowedTCPPorts = [ ports.barrier ]; + networking.firewall.allowedTCPPorts = [ports.barrier]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave @@ -111,5 +111,4 @@ in { # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? - } diff --git a/Omni/Dev/Beryllium/Hardware.nix b/Omni/Dev/Beryllium/Hardware.nix index ecf425c..5a8b583 100644 --- a/Omni/Dev/Beryllium/Hardware.nix +++ b/Omni/Dev/Beryllium/Hardware.nix @@ -1,16 +1,18 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + config, + lib, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/f96eaa16-d0e2-4230-aece-131ce7b630da"; @@ -22,7 +24,7 @@ fsType = "vfat"; }; - swapDevices = [ ]; + swapDevices = []; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/Omni/Dev/Beryllium/Ollama.nix b/Omni/Dev/Beryllium/Ollama.nix index 35b4fe1..0018f49 100644 --- a/Omni/Dev/Beryllium/Ollama.nix +++ b/Omni/Dev/Beryllium/Ollama.nix @@ -1,19 +1,20 @@ -{ pkgs, ... }: -/* Ollama API service +{pkgs, ...}: +/* +Ollama API service - Don't put too much work into this, there's a much better and more complete - ollama service (with webui!) being built here: - https://github.com/NixOS/nixpkgs/pull/275448 +Don't put too much work into this, there's a much better and more complete +ollama service (with webui!) being built here: +https://github.com/NixOS/nixpkgs/pull/275448 - If you want to spend time on it, spend time over there. +If you want to spend time on it, spend time over there. */ -let pkg = pkgs.unstable.ollama; +let + pkg = pkgs.unstable.ollama; in { - systemd.services.ollama = { description = "ollama"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + after = ["network.target"]; + wantedBy = ["multi-user.target"]; environment = { OLLAMA_HOST = "localhost:11434"; @@ -31,18 +32,18 @@ in { Restart = "on-failure"; RestartSec = 3; # Persistent storage for model files, i.e. /var/lib/<StateDirectory> - StateDirectory = [ "ollama" ]; + StateDirectory = ["ollama"]; }; }; # for administration, make this available to users' PATH - environment.systemPackages = [ pkg ]; + environment.systemPackages = [pkg]; - users.groups.ollama = { }; + users.groups.ollama = {}; users.users.ollama = { group = "ollama"; isSystemUser = true; - extraGroups = [ "render" "video" ]; + extraGroups = ["render" "video"]; }; } diff --git a/Omni/Dev/Dns.nix b/Omni/Dev/Dns.nix index baf79aa..e42b10a 100644 --- a/Omni/Dev/Dns.nix +++ b/Omni/Dev/Dns.nix @@ -1,10 +1,8 @@ -{ ... }: - -{ +{...}: { services.bind = { enable = true; - forwarders = [ "8.8.8.8" "1.1.1.1" ]; - cacheNetworks = [ "127.0.0.0/8" "192.168.0.0/24" ]; + forwarders = ["8.8.8.8" "1.1.1.1"]; + cacheNetworks = ["127.0.0.0/8" "192.168.0.0/24"]; extraConfig = ""; extraOptions = '' dnssec-validation auto; @@ -15,5 +13,4 @@ # 192.168.0.1 router.home # 192.168.0.196 lithium.home #''; - } diff --git a/Omni/Dev/Guix.nix b/Omni/Dev/Guix.nix index 0b261fb..837e5f2 100644 --- a/Omni/Dev/Guix.nix +++ b/Omni/Dev/Guix.nix @@ -1,13 +1,12 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - +{ + config, + lib, + pkgs, + ... +}: +with lib; let cfg = config.services.guix; - in { - options.services.guix = { enable = mkEnableOption "GNU Guix package manager"; }; @@ -16,12 +15,11 @@ in { systemd.services.guix-daemon = { description = "Build daemon for GNU Guix"; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig = { Restart = "always"; - ExecStart = - "${pkgs.guix}/bin/guix-daemon --build-users-group=guixbuild"; + ExecStart = "${pkgs.guix}/bin/guix-daemon --build-users-group=guixbuild"; Environment = null; RemainAfterExit = "yes"; StandardOutput = "syslog"; @@ -33,11 +31,11 @@ in { extraUsers = lib.attrs.genAttrs (lib.lists.range 1 10) (n: { name = "guixbuilder${n}"; isSystemUser = true; - extraGroups = [ "guixbuild" ]; + extraGroups = ["guixbuild"]; group = "guixbuild"; description = "Guix build user ${n}"; }); - extraGroups = { "guixbuild" = { }; }; + extraGroups = {"guixbuild" = {};}; }; }; } diff --git a/Omni/Dev/Hoogle.nix b/Omni/Dev/Hoogle.nix index 213a31c..1a4ab51 100644 --- a/Omni/Dev/Hoogle.nix +++ b/Omni/Dev/Hoogle.nix @@ -1,18 +1,17 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - +{ + config, + lib, + pkgs, + ... +}: +with lib; let cfg = config.services.my-hoogle; hoogleEnv = pkgs.buildEnv { name = "hoogle"; - paths = [ (cfg.haskellPackages.ghcWithHoogle cfg.packages) ]; + paths = [(cfg.haskellPackages.ghcWithHoogle cfg.packages)]; }; - in { - options.services.my-hoogle = { enable = mkEnableOption "Haskell documentation server"; @@ -25,7 +24,7 @@ in { }; packages = mkOption { - default = _hp: [ ]; + default = _hp: []; defaultText = "hp: []"; example = "hp: with hp; [ text lens ]"; description = '' @@ -60,13 +59,13 @@ in { systemd.services.hoogle = { description = "Haskell documentation server"; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; serviceConfig = { Restart = "always"; ExecStart = "${hoogleEnv}/bin/hoogle server --local --port ${ - toString cfg.port - } --home ${cfg.home} --host ${cfg.host}"; + toString cfg.port + } --home ${cfg.home} --host ${cfg.host}"; DynamicUser = true; @@ -77,5 +76,4 @@ in { }; }; }; - } diff --git a/Omni/Dev/Lithium.nix b/Omni/Dev/Lithium.nix index 9eb8304..72a841f 100644 --- a/Omni/Dev/Lithium.nix +++ b/Omni/Dev/Lithium.nix @@ -1,6 +1,5 @@ -{ bild }: +{bild}: # Dev machine for work and building stuff. - bild.os { imports = [ ../Os/Base.nix diff --git a/Omni/Dev/Lithium/Configuration.nix b/Omni/Dev/Lithium/Configuration.nix index 91b7f59..e050d48 100644 --- a/Omni/Dev/Lithium/Configuration.nix +++ b/Omni/Dev/Lithium/Configuration.nix @@ -1,6 +1,8 @@ -{ lib, pkgs, ... }: - -let +{ + lib, + pkgs, + ... +}: let ghcCompiler = (import ../../Bild/Constants.nix).ghcCompiler; ports = import ../../Cloud/Ports.nix; in { @@ -24,8 +26,7 @@ in { fira-code-symbols ]; - environment.systemPackages = - [ pkgs.nvtop pkgs.k3s pkgs.wemux pkgs.tmux pkgs.wireguard-tools ]; + environment.systemPackages = [pkgs.nvtop pkgs.k3s pkgs.wemux pkgs.tmux pkgs.wireguard-tools]; hardware.opengl.enable = true; @@ -68,13 +69,11 @@ in { services.tor.settings.Nickname = "ydeee3q1cjo83tsuqcz"; services.tor.settings.AccountingMax = "10 GBytes"; services.tor.settings.AccountingStart = "month 1 1:00"; - services.tor.settings.ContactInfo = - "ContactInfo pgp:66A6AD150399D970DCA4C4E6C8218B7D0BFDECCD ciissversion:2"; + services.tor.settings.ContactInfo = "ContactInfo pgp:66A6AD150399D970DCA4C4E6C8218B7D0BFDECCD ciissversion:2"; services.bitcoind.mainnet.enable = true; services.bitcoind.mainnet.dataDir = "/mnt/campbell/bitcoind-mainnet/data"; - services.bitcoind.mainnet.configFile = - "/mnt/campbell/bitcoind-mainnet/bitcoin.conf"; + services.bitcoind.mainnet.configFile = "/mnt/campbell/bitcoind-mainnet/bitcoin.conf"; services.bitcoind.mainnet.prune = 10000; services.pcscd.enable = true; @@ -118,18 +117,17 @@ in { services.xserver.windowManager.xmonad.enable = true; services.xserver.libinput.enable = true; services.xserver.libinput.touchpad.tapping = true; - services.xserver.modules = [ pkgs.xf86_input_wacom ]; + services.xserver.modules = [pkgs.xf86_input_wacom]; services.xserver.wacom.enable = true; services.jupyter.enable = true; services.jupyter.port = ports.jupyter; services.jupyter.ip = "*"; users.users.jupyter.group = "jupyter"; - users.groups.jupyter = { }; - services.jupyter.password = - "'argon2:$argon2id$v=19$m=10240,t=10,p=8$nvQhgk+htbIYi961YYAf1w$ekpwiTT5L4+OAods0K7EDw'"; + users.groups.jupyter = {}; + services.jupyter.password = "'argon2:$argon2id$v=19$m=10240,t=10,p=8$nvQhgk+htbIYi961YYAf1w$ekpwiTT5L4+OAods0K7EDw'"; services.jupyter.kernels.python3 = let - env = (pkgs.python3.withPackages (p: + env = pkgs.python3.withPackages (p: with p; [ ipykernel pandas @@ -138,7 +136,7 @@ in { matplotlib sympy ipywidgets - ])); + ]); in { displayName = "py3"; argv = [ @@ -193,7 +191,7 @@ in { (lib.strings.splitString "\n") (lib.filter (s: s != "")) ]; - nix.settings.trusted-users = [ "root" "ben" ]; + nix.settings.trusted-users = ["root" "ben"]; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database diff --git a/Omni/Dev/Lithium/Hardware.nix b/Omni/Dev/Lithium/Hardware.nix index 54c07f5..80d4e54 100644 --- a/Omni/Dev/Lithium/Hardware.nix +++ b/Omni/Dev/Lithium/Hardware.nix @@ -1,15 +1,16 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ lib, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + lib, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/f08dd8f9-787c-4e2a-a0cc-7019edc2ce2b"; @@ -26,7 +27,7 @@ fsType = "ext4"; }; - swapDevices = [ ]; + swapDevices = []; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; } diff --git a/Omni/Dev/Networking.nix b/Omni/Dev/Networking.nix index c89add7..f7ea6e3 100644 --- a/Omni/Dev/Networking.nix +++ b/Omni/Dev/Networking.nix @@ -1,11 +1,10 @@ -{ ... }: - -let ports = import ../Cloud/Ports.nix; +{...}: let + ports = import ../Cloud/Ports.nix; in { networking = { - nameservers = [ "1.1.1.1" ]; + nameservers = ["1.1.1.1"]; hostName = "lithium"; - hosts = { "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ]; }; + hosts = {"::1" = ["localhost" "ipv6-localhost" "ipv6-loopback"];}; firewall = { allowedTCPPorts = [ @@ -29,9 +28,9 @@ in { ports.stableDiffusion ports.tor ]; - allowedTCPPortRanges = [ ports.torrents ports.httpdev ]; - allowedUDPPorts = [ ports.dns ports.et ports.murmur ]; - allowedUDPPortRanges = [ ports.torrents ]; + allowedTCPPortRanges = [ports.torrents ports.httpdev]; + allowedUDPPorts = [ports.dns ports.et ports.murmur]; + allowedUDPPortRanges = [ports.torrents]; }; # The global useDHCP flag is deprecated, therefore explicitly set to false here. @@ -40,5 +39,4 @@ in { useDHCP = false; interfaces.enp2s0.useDHCP = true; }; - } diff --git a/Omni/Dev/Vpn.nix b/Omni/Dev/Vpn.nix index 9b791b7..a8a1f3c 100644 --- a/Omni/Dev/Vpn.nix +++ b/Omni/Dev/Vpn.nix @@ -1,6 +1,4 @@ -{ config, ... }: - -let +{config, ...}: let ports = import ../Cloud/Ports.nix; domain = "headscale.simatime.com"; in { @@ -8,7 +6,7 @@ in { enable = true; address = "0.0.0.0"; port = ports.headscale; - settings = { dns.base_domain = "simatime.com"; }; + settings = {dns.base_domain = "simatime.com";}; }; services.nginx.virtualHosts.${domain} = { @@ -20,14 +18,13 @@ in { }; }; - environment.systemPackages = [ config.services.headscale.package ]; + environment.systemPackages = [config.services.headscale.package]; services.tailscale.enable = true; networking.firewall = { checkReversePath = "loose"; - trustedInterfaces = [ "tailscale0" ]; - allowedUDPPorts = [ config.services.tailscale.port ]; + trustedInterfaces = ["tailscale0"]; + allowedUDPPorts = [config.services.tailscale.port]; }; - } diff --git a/Omni/Lint.hs b/Omni/Lint.hs index 0cc428a..c6b6878 100755 --- a/Omni/Lint.hs +++ b/Omni/Lint.hs @@ -15,7 +15,7 @@ -- : run deadnix -- : run shellcheck -- : run indent --- : run nixfmt +-- : run alejandra module Omni.Lint (main) where import Alpha @@ -224,10 +224,10 @@ decodeDeadnixOutput deadnixJson = formatDeadnixResult DeadnixResult {..} = file <> ":" <> show line <> ":" <> show column <> ": " <> message -nixfmt :: Linter -nixfmt = +alejandra :: Linter +alejandra = Linter - { exe = "nixfmt", + { exe = "alejandra", checkArgs = ["--check"], fixArgs = Nothing, decoder = Nothing @@ -279,7 +279,7 @@ runOne mode (ext, ns's) = results +> traverse printResult lint mode ruff ns's ] Namespace.Sh -> [lint mode shellcheck ns's] - Namespace.Nix -> [lint mode deadnix ns's, lint mode nixfmt ns's] + Namespace.Nix -> [lint mode deadnix ns's, lint mode alejandra ns's] Namespace.C -> [lint mode indent ns's] _ -> ns's diff --git a/Omni/Os/Base.nix b/Omni/Os/Base.nix index 8e301e1..c18ca1d 100644 --- a/Omni/Os/Base.nix +++ b/Omni/Os/Base.nix @@ -1,19 +1,17 @@ -{ config, ... }: - +{config, ...}: # This module defines common default settings that all OS builds should include. - -let ports = import ../Cloud/Ports.nix; +let + ports = import ../Cloud/Ports.nix; in { boot.tmp.cleanOnBoot = true; networking.firewall.allowPing = true; - nix.settings.substituters = - [ "https://cache.nixos.org" ]; # "ssh://dev.simatime.com" ]; + nix.settings.substituters = ["https://cache.nixos.org"]; # "ssh://dev.simatime.com" ]; nix.gc.automatic = true; nix.gc.dates = "Sunday 02:15"; nix.optimise.automatic = true; - nix.optimise.dates = [ "Sunday 02:30" ]; - nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ]; - nix.settings.trusted-users = [ "ben" ]; + nix.optimise.dates = ["Sunday 02:30"]; + nix.settings.extra-sandbox-paths = [config.programs.ccache.cacheDir]; + nix.settings.trusted-users = ["ben"]; programs.ccache.enable = true; programs.mosh.enable = true; programs.mosh.withUtempter = true; @@ -23,7 +21,7 @@ in { services.clamav.daemon.enable = true; # security services.clamav.updater.enable = true; # security services.fail2ban.enable = true; # security - services.fail2ban.ignoreIP = [ ports.bensIp ]; # my home IP + services.fail2ban.ignoreIP = [ports.bensIp]; # my home IP services.fail2ban.maxretry = 10; services.openssh.enable = true; services.openssh.openFirewall = true; diff --git a/Omni/Os/Boot.nix b/Omni/Os/Boot.nix index c789d89..bfbae8c 100644 --- a/Omni/Os/Boot.nix +++ b/Omni/Os/Boot.nix @@ -1,14 +1,15 @@ -{ bild }: -/* This target creates a qcow2 image of a barebones NixOS VM which should be used - to bootstrap a deployment target. +{bild}: +/* +This target creates a qcow2 image of a barebones NixOS VM which should be used +to bootstrap a deployment target. - The workflow is like this: +The workflow is like this: - - bild this, you get a qcow2 image - - go to https://cloud.digitalocean.com/images/custom_images - - upload the image - - start a new droplet with this image - - once fully provisioned and accessible via ssh, the new droplet can be a deploy - target for any other namespace +- bild this, you get a qcow2 image +- go to https://cloud.digitalocean.com/images/custom_images +- upload the image +- start a new droplet with this image +- once fully provisioned and accessible via ssh, the new droplet can be a deploy + target for any other namespace */ -bild.droplet { imports = [ ./Base.nix ../Users.nix ]; } +bild.droplet {imports = [./Base.nix ../Users.nix];} diff --git a/Omni/Packages.nix b/Omni/Packages.nix index 66c1983..4f74512 100644 --- a/Omni/Packages.nix +++ b/Omni/Packages.nix @@ -1,10 +1,6 @@ -{ pkgs, ... }: - +{pkgs, ...}: # Base set of packages to be expected everywhere. - -with pkgs; - -{ +with pkgs; { fonts.fonts = with pkgs; [ google-fonts mononoki diff --git a/Omni/Users.nix b/Omni/Users.nix index b214704..043c5fd 100644 --- a/Omni/Users.nix +++ b/Omni/Users.nix @@ -1,6 +1,8 @@ -{ config, lib, ... }: - -let +{ + config, + lib, + ... +}: let readKeys = k: lib.trivial.pipe k [ builtins.readFile @@ -10,7 +12,7 @@ let in { users.groups = { # group for publishing web data - "www-data" = { }; + "www-data" = {}; }; users.motd = '' @@ -26,7 +28,7 @@ in { isNormalUser = true; home = "/home/deploy"; openssh.authorizedKeys.keys = readKeys ./Keys/Deploy.pub; - extraGroups = [ "wheel" ]; + extraGroups = ["wheel"]; }; # # humans @@ -38,23 +40,22 @@ in { isNormalUser = true; home = "/home/ben"; openssh.authorizedKeys.keys = readKeys ./Keys/Ben.pub; - extraGroups = [ "wheel" "docker" "bitcoind-mainnet" "git" ]; - hashedPassword = - "$6$SGhdoRB6DhWe$elW8RQE1ebe8JKf1ALW8jGZTPCyn2rpq/0J8MV/A9y8qFMEhA.Z2eiexMgptohZAK5kcGOc6HIUgNzJqnDUvY."; + extraGroups = ["wheel" "docker" "bitcoind-mainnet" "git"]; + hashedPassword = "$6$SGhdoRB6DhWe$elW8RQE1ebe8JKf1ALW8jGZTPCyn2rpq/0J8MV/A9y8qFMEhA.Z2eiexMgptohZAK5kcGOc6HIUgNzJqnDUvY."; }; dre = { description = "Andres Ulloa"; isNormalUser = true; home = "/home/dre"; openssh.authorizedKeys.keys = readKeys ./Keys/Dre.pub; - extraGroups = [ "wheel" "git" ]; + extraGroups = ["wheel" "git"]; }; nick = { description = "Nick Sima"; isNormalUser = true; home = "/home/nick"; openssh.authorizedKeys.keys = readKeys ./Keys/Nick.pub; - extraGroups = [ "docker" "git" ]; + extraGroups = ["docker" "git"]; }; }; } |