kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity

remove specialArgs inputs

Browse Source
This commit is contained in:
Kierán Meinhardt
2025-12-28 13:19:15 +01:00
parent ab895d9f7b
commit 29571bce10
15 changed files with 186 additions and 444 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
configs/bots/autorenkalender.nix
View File

@@ -1,11 +1,8 @@
{
config,
inputs,
pkgs,
...
}:
let
autorenkalender = inputs.autorenkalender.packages.x86_64-linux.default;
in
{
niveum.bots.autorenkalender = {
enable = true;
@@ -16,7 +13,7 @@ in
chatIds = [ "@autorenkalender" ];
parseMode = "Markdown";
};
command = "${autorenkalender}/bin/autorenkalender";
command = "${pkgs.autorenkalender}/bin/autorenkalender";
};
niveum.passport.services = [

11
configs/bots/default.nix
View File

@@ -1,12 +1,9 @@
{
config,
pkgs,
lib,
inputs,
...
}:
let
telebots = inputs.telebots.defaultPackage.x86_64-linux;
reverseDirectory = "/run/telegram-reverse";
proverbDirectory = "/run/telegram-proverb";
in
@@ -74,7 +71,7 @@ in
path = [ pkgs.ffmpeg ];
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-reverse
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${pkgs.telebots}/bin/telegram-reverse
'';
serviceConfig.Restart = "always";
serviceConfig.WorkingDirectory = reverseDirectory;
@@ -86,7 +83,7 @@ in
description = "Telegram bot converting YouTube Music <-> Spotify";
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-streaming-link
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${pkgs.telebots}/bin/telegram-streaming-link
'';
serviceConfig.Restart = "always";
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-streaming-link.path}";
@@ -97,7 +94,7 @@ in
description = "Telegram beta code bot";
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-betacode
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${pkgs.telebots}/bin/telegram-betacode
'';
serviceConfig.Restart = "always";
serviceConfig.LoadCredential = "token:${config.age.secrets.telegram-token-betacode.path}";
@@ -108,7 +105,7 @@ in
description = "Telegram proverb bot";
enable = true;
script = ''
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${telebots}/bin/telegram-proverb
TELEGRAM_BOT_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/token")" ${pkgs.telebots}/bin/telegram-proverb
'';
serviceConfig.Restart = "always";
serviceConfig.WorkingDirectory = proverbDirectory;

7
configs/bots/hesychius.nix
View File

@@ -1,13 +1,8 @@
{
pkgs,
config,
inputs,
lib,
...
}:
let
hesychius = inputs.scripts.outPath + "/hesychius/hesychius.txt";
in
{
niveum.bots.hesychius = {
enable = true;
@@ -22,7 +17,7 @@ in
tokenFile = config.age.secrets.telegram-token-kmein.path;
chatIds = [ "@HesychiosAlexandreus" ];
};
command = "${pkgs.coreutils}/bin/shuf -n1 ${hesychius}";
command = "${pkgs.coreutils}/bin/shuf -n1 ${pkgs.hesychius}";
};
systemd.timers.bot-hesychius.timerConfig.RandomizedDelaySec = "10h";

3
configs/default.nix
View File

@@ -2,7 +2,6 @@
pkgs,
lib,
config,
inputs,
...
}:
let
@@ -10,8 +9,6 @@ let
in
{
imports = [
inputs.self.nixosModules.system-dependent
inputs.self.nixosModules.power-action
{
boot.supportedFilesystems = [ "ntfs" ];
}

2
configs/nix.nix
View File

@@ -1,6 +1,5 @@
{
pkgs,
inputs,
...
}:
{
@@ -10,6 +9,5 @@
nix = {
package = pkgs.nixVersions.stable;
extraOptions = "experimental-features = nix-command flakes";
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
};
}

12
configs/packages.nix
View File

@@ -1,8 +1,6 @@
{
config,
pkgs,
lib,
inputs,
...
}:
let
@@ -190,22 +188,18 @@ in
par
qrencode
# inputs.menstruation-backend.defaultPackage.x86_64-linux
inputs.agenix.packages.x86_64-linux.default
inputs.recht.defaultPackage.x86_64-linux
pkgs.agenix
pkgs.alarm
(pkgs.writers.writeDashBin "worldradio" ''
shuf ${worldradio} | ${pkgs.findutils}/bin/xargs ${pkgs.mpv}/bin/mpv --no-video
'')
(pkgs.writers.writeDashBin "chats" ''
${pkgs.openssh}/bin/ssh makanek "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
${pkgs.openssh}/bin/ssh -p ${toString pkgs.lib.niveum.machines.makanek.sshPort} ${pkgs.lib.niveum.machines.makanek.externalIp} "cd /var/lib/weechat/logs && grep --ignore-case --color=always --recursive $@" | ${pkgs.less}/bin/less --raw-control-chars
'')
inputs.scripts.packages.x86_64-linux.alarm
spotify
ncspot
playerctl
#krebs

3
configs/stardict.nix
View File

@@ -1,7 +1,6 @@
{
pkgs,
lib,
inputs,
...
}:
let
@@ -153,7 +152,7 @@ let
};
};
coptic = {
dictionary = inputs.coptic-dictionary.packages.x86_64-linux.coptic-stardict;
dictionary = pkgs.coptic-stardict;
Crum = pkgs.fetchzip {
url = locker "stardict-Coptic-English_all_dialects-2.4.2.tar.bz2";
sha256 = "1fi281mb9yzv40wjsdapi8fzpa7x2yscz582lv2qnss9g8zzzzr9";

4
configs/stylix.nix
View File

@@ -2,12 +2,11 @@
pkgs,
config,
lib,
inputs,
...
}:
let
generatedWallpaper = pkgs.runCommand "wallpaper.png" { } ''
${inputs.wallpaper-generator.packages.x86_64-linux.wp-gen}/bin/wallpaper-generator lines \
${pkgs.wp-gen}/bin/wallpaper-generator lines \
--output $out \
${lib.concatMapStringsSep " " (
n: "--base0${lib.toHexString n}=${config.lib.stylix.colors.withHashtag."base0${lib.toHexString n}"}"
@@ -16,7 +15,6 @@ let
in
{
# https://danth.github.io/stylix/tricks.html
# stylix.image = inputs.wallpapers.outPath + "/meteora/rodrigo-soares-250630.jpg";
stylix.enable = true;
stylix.image = generatedWallpaper;

36
flake.lock generated
View File

@@ -455,6 +455,21 @@
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
},
@@ -1121,11 +1136,11 @@
},
"nixpkgs_8": {
"locked": {
"lastModified": 1744536153,
"narHash": "sha256-awS2zRgF4uTwrOKwwiJcByDzDOdo3Q1rPZbiHQg/N38=",
"lastModified": 1665296151,
"narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "18dd725c29603f582cf1900e0d25f9f1063dbf11",
"rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
"type": "github"
},
"original": {
@@ -1408,14 +1423,15 @@
},
"rust-overlay_2": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1765593578,
"narHash": "sha256-qbl874bCIy9+OLImdfBfZ9ITUDDjjTAB04Dk4PlZFV0=",
"lastModified": 1677119371,
"narHash": "sha256-L0Da4eKzDZrsy8ysOS1lhgDjAgEqGvYGf/lXaRd5/YQ=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "348b94ed9ddffccdf1a65582a2dcff0a4a3eeeb4",
"rev": "c67c79ea25664d66e74ae91a6fa0d6c65d12d3a7",
"type": "github"
},
"original": {
@@ -1482,11 +1498,11 @@
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1765657698,
"narHash": "sha256-Ic5lcBZQKw9kOU6BUl3w+r1zCj9hveHyaHsOAYB7Yhg=",
"lastModified": 1766923069,
"narHash": "sha256-RTW7ZlqnTue6o6yr2rzIT9MhfQPucDFnx4RgE7e4fNo=",
"owner": "kmein",
"repo": "scripts",
"rev": "aeea5b4cdaf39169ab469a7c31269c8360b9c403",
"rev": "8c8acef0d204ebd606d240ea829478f664f588fd",
"type": "github"
},
"original": {
@@ -1891,7 +1907,7 @@
},
"wallpaper-generator_2": {
"inputs": {
"flake-utils": "flake-utils_3",
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_12"
},
"locked": {

313
flake.nix
View File

@@ -71,76 +71,82 @@
eachSupportedSystem = lib.genAttrs lib.systems.flakeExposed;
in
{
apps = let localSystem = "x86_64-linux"; in {
${localSystem} =
let
pkgs = nixpkgs.legacyPackages.${localSystem};
lib = nixpkgs.lib;
in
lib.mergeAttrsList [
{
mock-secrets = {
type = "app";
program = toString (
pkgs.writers.writeDash "mock-secrets" ''
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f | ${pkgs.coreutils}/bin/sort > secrets.txt
''
);
};
}
(builtins.listToAttrs (
map (
hostname:
let
machines = import lib/machines.nix;
systemAddresses =
system:
lib.optionals (system ? "internalIp") [ system.internalIp ]
++ lib.optionals (system ? "externalIp") [ system.externalIp ]
++ lib.optionals (system ? "retiolum") [
system.retiolum.ipv6
system.retiolum.ipv4
]
++ lib.optionals (system ? "mycelium") [ system.mycelium.ipv6 ];
addresses = lib.listToAttrs (
map (name: {
inherit name;
value = systemAddresses (machines.${hostname});
}) (builtins.attrNames self.nixosConfigurations)
);
deployScript = pkgs.writers.writeBash "deploy-${hostname}" ''
# try to connect to any of the known addresses
targets=(
${lib.concatStringsSep " " (map (addr: "\"root@${addr}\"") addresses.${hostname})}
)
for target in "''${targets[@]}"; do
nc -z -w 2 "$(echo $target | cut -d'@' -f2)" ${
toString machines.${hostname}.sshPort
} && reachable_target=$target && break
done
if [ -z "$reachable_target" ]; then
echo "No reachable target found for ${hostname}" >&2
exit 1
fi
echo "Deploying to ${hostname} via $reachable_target"
export NIX_SSHOPTS='-p ${toString machines.${hostname}.sshPort}'
${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \
--max-jobs 2 \
--log-format internal-json \
--flake .#${hostname} \
--target-host "$reachable_target" \
${lib.optionalString (localSystem != machines.${hostname}.system) "--build-host $reachable_target"} \
|& ${pkgs.nix-output-monitor}/bin/nom --json
'';
in
lib.attrsets.nameValuePair "deploy-${hostname}" {
apps =
let
localSystem = "x86_64-linux";
in
{
${localSystem} =
let
pkgs = nixpkgs.legacyPackages.${localSystem};
lib = nixpkgs.lib;
in
lib.mergeAttrsList [
{
mock-secrets = {
type = "app";
program = toString deployScript;
}
) (builtins.attrNames self.nixosConfigurations)
))
];
};
program = toString (
pkgs.writers.writeDash "mock-secrets" ''
${pkgs.findutils}/bin/find secrets -not -path '*/.*' -type f | ${pkgs.coreutils}/bin/sort > secrets.txt
''
);
};
}
(builtins.listToAttrs (
map (
hostname:
let
machines = import lib/machines.nix;
systemAddresses =
system:
lib.optionals (system ? "internalIp") [ system.internalIp ]
++ lib.optionals (system ? "externalIp") [ system.externalIp ]
++ lib.optionals (system ? "retiolum") [
system.retiolum.ipv6
system.retiolum.ipv4
]
++ lib.optionals (system ? "mycelium") [ system.mycelium.ipv6 ];
addresses = lib.listToAttrs (
map (name: {
inherit name;
value = systemAddresses (machines.${hostname});
}) (builtins.attrNames self.nixosConfigurations)
);
deployScript = pkgs.writers.writeBash "deploy-${hostname}" ''
# try to connect to any of the known addresses
targets=(
${lib.concatStringsSep " " (map (addr: "\"root@${addr}\"") addresses.${hostname})}
)
for target in "''${targets[@]}"; do
nc -z -w 2 "$(echo $target | cut -d'@' -f2)" ${
toString machines.${hostname}.sshPort
} && reachable_target=$target && break
done
if [ -z "$reachable_target" ]; then
echo "No reachable target found for ${hostname}" >&2
exit 1
fi
echo "Deploying to ${hostname} via $reachable_target"
export NIX_SSHOPTS='-p ${toString machines.${hostname}.sshPort}'
${pkgs.nixos-rebuild}/bin/nixos-rebuild switch \
--max-jobs 2 \
--log-format internal-json \
--flake .#${hostname} \
--target-host "$reachable_target" \
${
lib.optionalString (localSystem != machines.${hostname}.system) "--build-host $reachable_target"
} \
|& ${pkgs.nix-output-monitor}/bin/nom --json
'';
in
lib.attrsets.nameValuePair "deploy-${hostname}" {
type = "app";
program = toString deployScript;
}
) (builtins.attrNames self.nixosConfigurations)
))
];
};
# TODO overlay for packages
# TODO remove flake-utils dependency from my own repos
@@ -231,6 +237,19 @@
vim-reason-plus = prev.callPackage packages/vimPlugins/vim-reason-plus.nix { }; # TODO upstream
};
# packaged from inputs
agenix = agenix.packages.${prev.stdenv.hostPlatform.system}.default;
alarm = scripts.packages.${prev.stdenv.hostPlatform.system}.alarm;
menstruation-telegram = menstruation-telegram.packages.${prev.stdenv.hostPlatform.system}.menstruation-telegram;
menstruation-backend = menstruation-backend.packages.${prev.stdenv.hostPlatform.system}.menstruation-backend;
telebots = telebots.packages.${prev.stdenv.hostPlatform.system}.telebots;
hesychius = scripts.packages.${prev.stdenv.hostPlatform.system}.hesychius;
autorenkalender = autorenkalender.packages.${prev.stdenv.hostPlatform.system}.default;
coptic-stardict = coptic-dictionary.packages.${prev.stdenv.hostPlatform.system}.coptic-stardict;
onomap = scripts.packages.${prev.stdenv.hostPlatform.system}.onomap;
tinc-graph = tinc-graph.packages.${prev.stdenv.hostPlatform.system}.tinc-graph;
wp-gen = wallpaper-generator.packages.${prev.stdenv.hostPlatform.system}.wp-gen;
# krebs
brainmelter = prev.callPackage packages/brainmelter.nix { };
cyberlocker-tools = prev.callPackage packages/cyberlocker-tools.nix { };
@@ -302,148 +321,96 @@
nixosConfigurations =
let
niveumSpecialArgs = system: {
unstablePackages = import nixpkgs-unstable {
inherit system;
overlays = [ ];
config.allowUnfreePredicate =
pkg:
builtins.elem (nixpkgs-unstable.lib.getName pkg) [
"obsidian"
"zoom"
];
};
inputs = {
inherit
tinc-graph
self
telebots
menstruation-telegram
menstruation-backend
scripts
coptic-dictionary
agenix
recht
autorenkalender
nixpkgs
wallpaper-generator
;
};
};
defaultModules = [
{ nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; }
{ nixpkgs.overlays = [ self.overlays.default ]; }
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
desktopModules = [
home-manager.nixosModules.home-manager
nix-index-database.nixosModules.default
nur.modules.nixos.default
stylix.nixosModules.stylix
self.nixosModules.system-dependent
self.nixosModules.power-action
];
in
{
ful = nixpkgs.lib.nixosSystem rec {
ful = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
modules = defaultModules ++ [
systems/ful/configuration.nix
agenix.nixosModules.default
self.nixosModules.passport
self.nixosModules.panoptikon
self.nixosModules.go-webring
stockholm.nixosModules.reaktor2
retiolum.nixosModules.retiolum
nur.modules.nixos.default
{ nixpkgs.overlays = [ stockholm.overlays.default ]; }
];
};
zaatar = nixpkgs.lib.nixosSystem rec {
zaatar = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
modules = defaultModules ++ [
systems/zaatar/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
};
kibbeh = nixpkgs.lib.nixosSystem rec {
kibbeh = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
systems/kibbeh/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
];
modules =
defaultModules
++ desktopModules
++ [
systems/kibbeh/configuration.nix
];
};
makanek = nixpkgs.lib.nixosSystem rec {
makanek = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
# for using inputs in other config files
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
modules = defaultModules ++ [
systems/makanek/configuration.nix
self.nixosModules.telegram-bot
self.nixosModules.passport
agenix.nixosModules.default
retiolum.nixosModules.retiolum
nur.modules.nixos.default
];
};
tahina = nixpkgs.lib.nixosSystem rec {
tahina = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
modules = defaultModules ++ [
systems/tahina/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
};
tabula = nixpkgs.lib.nixosSystem rec {
tabula = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
modules = defaultModules ++ [
systems/tabula/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
];
};
manakish = nixpkgs.lib.nixosSystem rec {
manakish = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
systems/manakish/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
nix-index-database.nixosModules.default
nur.modules.nixos.default
stylix.nixosModules.stylix
];
modules =
defaultModules
++ desktopModules
++ [
systems/manakish/configuration.nix
];
};
kabsa = nixpkgs.lib.nixosSystem rec {
kabsa = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
systems/kabsa/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
nur.modules.nixos.default
nix-index-database.nixosModules.default
stylix.nixosModules.stylix
];
modules =
defaultModules
++ desktopModules
++ [
systems/kabsa/configuration.nix
];
};
fatteh = nixpkgs.lib.nixosSystem rec {
fatteh = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = niveumSpecialArgs system;
modules = [
{ nixpkgs.overlays = [ self.overlays.default ]; }
systems/fatteh/configuration.nix
agenix.nixosModules.default
retiolum.nixosModules.retiolum
home-manager.nixosModules.home-manager
nur.modules.nixos.default
nix-index-database.nixosModules.default
stylix.nixosModules.stylix
];
modules =
defaultModules
++ desktopModules
++ [
systems/fatteh/configuration.nix
];
};
};

1
systems/ful/alew.nix
View File

@@ -1,7 +1,6 @@
{
pkgs,
config,
inputs,
...
}:
let

5
systems/makanek/menstruation.nix
View File

@@ -2,7 +2,6 @@
config,
pkgs,
lib,
inputs,
...
}:
let
@@ -38,7 +37,7 @@ in
script = ''
set -efu
export MENSTRUATION_TOKEN="$(cat "$CREDENTIALS_DIRECTORY/menstruation-token")"
${inputs.menstruation-telegram.defaultPackage.x86_64-linux}/bin/menstruation-telegram
${pkgs.menstruation-telegram}/bin/menstruation-telegram
'';
serviceConfig = {
Restart = "always";
@@ -57,7 +56,7 @@ in
serviceConfig = {
Restart = "always";
DynamicUser = true;
ExecStart = "${inputs.menstruation-backend.defaultPackage.x86_64-linux}/bin/menstruation_server";
ExecStart = "${pkgs.menstruation-backend}/bin/menstruation_server";
};
};
}

4
systems/makanek/names.nix
View File

@@ -1,7 +1,5 @@
{
pkgs,
lib,
inputs,
...
}: let
port = 5703;
@@ -12,7 +10,7 @@ in {
description = "Better clone of geogen.stoepel.net";
serviceConfig = {
DynamicUser = true;
ExecStart = "${inputs.scripts.packages.x86_64-linux.onomap}/bin/onomap-web";
ExecStart = "${pkgs.onomap}/bin/onomap-web";
Restart = "on-failure";
RestartSec = "15s";
};

13
systems/makanek/retiolum-map.nix
View File

@@ -2,7 +2,6 @@
config,
pkgs,
lib,
inputs,
...
}: let
network = "retiolum";
@@ -11,20 +10,18 @@
geo-ip-database = "${lib.head config.services.geoipupdate.settings.EditionIDs}.mmdb";
geo-ip-database-path = "${config.services.geoipupdate.settings.DatabaseDirectory}/${geo-ip-database}";
tinc-graph = inputs.tinc-graph.defaultPackage.x86_64-linux;
in {
systemd.services.retiolum-index = {
description = "Retiolum indexing service";
wants = ["tinc.${network}.service"];
script = ''
${tinc-graph}/bin/tinc-graph --geoip-file ${geo-ip-database-path} --network ${network} \
${pkgs.tinc-graph}/bin/tinc-graph --geoip-file ${geo-ip-database-path} --network ${network} \
| ${pkgs.coreutils}/bin/tee network.json \
| ${tinc-graph}/bin/tinc-midpoint > midpoint.json
| ${pkgs.tinc-graph}/bin/tinc-midpoint > midpoint.json
cp ${tinc-graph}/static/map.html map.html
cp ${tinc-graph}/static/map.html index.html
cp ${tinc-graph}/static/graph.html graph.html
cp ${pkgs.tinc-graph}/static/map.html map.html
cp ${pkgs.tinc-graph}/static/map.html index.html
cp ${pkgs.tinc-graph}/static/graph.html graph.html
'';
startAt = "hourly";
path = [pkgs.coreutils pkgs.jq pkgs.tinc_pre];

209
systems/makanek/weechat.sync-conflict-20250130-092406-AJVBWR2.nix
View File

@@ -1,209 +0,0 @@
{ lib, pkgs, config, unstablePackages, ... }:
let
weechatHome = "/var/lib/weechat";
weechat-declarative =
pkgs.callPackage ../../packages/weechat-declarative.nix {
inherit unstablePackages;
};
in {
systemd.services.weechat = let
tmux = pkgs.writers.writeDash "tmux" ''
exec ${pkgs.tmux}/bin/tmux -f ${
pkgs.writeText "tmux.conf" ''
set-option -g prefix `
unbind-key C-b
bind ` send-prefix
set-option -g status off
set-option -g default-terminal screen-256color
#use session instead of windows
bind-key c new-session
bind-key p switch-client -p
bind-key n switch-client -n
bind-key C-s switch-client -l
''
} "$@"
'';
weechat = weechat-declarative.override {
config = {
scripts = [
pkgs.weechatScripts.weechat-autosort
pkgs.weechatScripts.colorize_nicks
# pkgs.weechatScripts.weechat-matrix
(pkgs.callPackage ../../packages/weechatScripts/hotlist2extern.nix
{ })
];
settings = let nick = "kmein";
in {
weechat = {
look.mouse = true;
look.prefix_align_max = 15;
color.chat_nick_colors =
lib.lists.subtractLists (lib.range 52 69 ++ lib.range 231 248)
(lib.range 31 254);
};
irc = {
look = {
server_buffer = "independent";
color_nicks_in_nicklist = true;
};
server_default = {
nicks = nick;
msg_part = "tschö mit ö";
msg_quit = "ciao kakao";
msg_kick = "warum machst du diese?";
realname = lib.head (lib.strings.split " " pkgs.lib.niveum.kieran.name);
};
server = {
hackint = {
autoconnect = true;
addresses = "irc.hackint.org/6697";
ipv6 = true;
tls = true;
autojoin = [ "#eloop" "#krebs" "#the_playlist" ];
sasl_mechanism = "plain";
sasl_username = nick;
sasl_password = "\${sec.data.hackint_sasl}";
};
libera = {
autoconnect = true;
addresses = "irc.libera.chat/6697";
tls = true;
autojoin = [ "#haskell" "#fysi" "#binaergewitter" "#vim" ];
sasl_mechanism = "plain";
sasl_username = nick;
sasl_password = "\${sec.data.libera_sasl}";
};
retiolum = {
autoconnect = true;
addresses = "irc.r";
tls = false;
autojoin = [ "#xxx" "#brockman" "#flix" ];
command = lib.concatStringsSep "\\;" [
"/oper admin aidsballs"
"/msg nickserv always-on true"
"/msg nickserv autoreplay-missed on"
"/msg nickserv auto-away"
];
sasl_mechanism = "plain";
sasl_username = nick;
sasl_password = "\${sec.data.retiolum_sasl}";
};
brockman = {
autoconnect = true;
addresses = "brockman.news/6667";
tls = false;
autojoin = [ "#cook" "#kmeinung" ];
sasl_username = nick;
sasl_password = "\${sec.data.brockman_sasl}";
sasl_mechanism = "plain";
};
};
};
logger.level.irc.news = 0;
plugins.var.perl.hotlist2extern = {
external_command_hotlist = "echo %X > ${weechatHome}/hotlist.txt";
external_command_hotlist_empty =
"echo -n %X > ${weechatHome}/hotlist.txt";
lowest_priority = "2";
use_title = "off";
delimiter = ",";
};
matrix.look.server_buffer = "merge_without_core";
matrix.server.nibbana = {
address = "nibbana.jp";
username = nick;
password = "\${sec.data.nibbana_account}";
autoconnect = true;
};
alias.cmd.mod = "/quote omode $channel +o $nick";
relay = {
port.weechat = 9000;
network.password = "\${sec.data.relay_password}";
};
filters = {
zerocovid = {
buffer = "irc.news.*";
tags = "*";
regex =
"[kc]orona|💉|🤒|😷|[kc]ovid|virus|lockdown|va[kc][sc]in|vaxx|mutante|mutation|impf|pandemi|κορ[ωο]ν[αο]ϊό|корона|expert|infe[ck]t|infizi|in[cz]iden[cz]|sars-cov|drosten|virolog|lauterbach|delta|omi[ck]ron|epidemi|booster|r-wert";
};
smart = {
buffer = "*";
tags = "irc_smart_filter";
regex = "*";
};
playlist_topic = {
buffer = "irc.*.#the_playlist";
tags = "irc_topic";
regex = "*";
};
brockman_notice = {
buffer = "irc.news.*";
tags = "irc_notice";
regex = "*";
};
bots = {
buffer = "irc.retiolum.*";
tags = [ "nick_gitlab" "nick_prometheus" ];
regex = "*";
};
people = {
buffer = "irc.*.*";
tags = map (name: "nick_${name}") [ "mod_p[matrix-fli" ];
regex = "*";
};
};
};
extraCommands = ''
/save
/connect -all
'';
# /matrix connect nibbana
};
};
in {
description = "Weechat bouncer";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
restartIfChanged = true;
path = [ pkgs.alacritty.terminfo ];
environment.WEECHAT_HOME = weechatHome;
# preStart = "${pkgs.coreutils}/bin/rm $WEECHAT_HOME/*.conf";
script = "${tmux} -2 new-session -d -s IM ${weechat}/bin/weechat";
preStop = "${tmux} kill-session -t IM";
serviceConfig = {
User = "weechat";
Group = "weechat";
RemainAfterExit = true;
Type = "oneshot";
};
};
users.groups.weechat = { };
users.extraUsers.weechat = {
useDefaultShell = true;
openssh.authorizedKeys.keys = pkgs.lib.niveum.kieran.sshKeys ++ [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC+KVDmYYH7mA8v81e9O3swXm3ZVYY9t4HP65ud61uXy weechat_android@kibbeh"
];
createHome = true;
group = "weechat";
home = "/var/lib/weechat";
isSystemUser = true;
packages = [ pkgs.tmux ];
};
age.secrets.weechat-sec = {
file = ../../secrets/weechat-sec.conf.age;
path = "/var/lib/weechat/sec.conf";
owner = "weechat";
group = "weechat";
mode = "440";
};
niveum.passport.services = [{
title = "weechat bouncer";
description = "keeps me logged in on IRC.";
}];
}