oysteikt/nix-dotfiles
oysteikt
/
nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

modules: add modules for socket activation

This commit is contained in:
Oystein Kristoffer Tveit 2023-07-28 17:59:34 +02:00
parent f1e8c87acd
commit 4456244f2d
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
14 changed files with 2003 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

247
flake.lock
View File

@ -17,13 +17,50 @@
"url": "https://git.nani.wtf/h7x4/dotfiles"
}
},
"flake-utils": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
@ -49,20 +86,19 @@
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
]
},
"locked": {
"lastModified": 1677284824,
"narHash": "sha256-I3gDxmGjyXdtOR5S8sIeCO8pT+5OR69f/g5EVoQUdsY=",
"lastModified": 1687871164,
"narHash": "sha256-bBFlPthuYX322xOlpJvkjUBz0C+MOBjZdDOOJJ+G2jU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "29280978234b73423f4eb708cbb999295f76b42a",
"rev": "07c347bb50994691d7b0095f45ebd8838cf6bc38",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-22.11",
"ref": "release-23.05",
"repo": "home-manager",
"type": "github"
}
@ -72,11 +108,14 @@
"nixpkgs": [
"nixpkgs-unstable"
],
"utils": "utils_2"
"utils": "utils"
},
"locked": {
"lastModified": 1669760368,
"narHash": "sha256-RrFktfI837C7MEiR5PFibQXS2TXzkXcnk9FQgTm9bh4=",
"lastModified": 1677801246,
"narHash": "sha256-/TeSHBkg4gGBsrOjnPxV0YnCIfpYeaMNPcfuj9HeR48=",
"ref": "refs/heads/zellij-kdl-configuration-generator",
"rev": "35ccc428a2b95182a3ca96824d838fd24a738641",
"revCount": 2378,
"type": "git",
"url": "file:///home/h7x4/git/home-manager"
},
@ -90,11 +129,11 @@
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1676674799,
"narHash": "sha256-NaZWOgNrco5OT0J5VrWg02SCkKz8RV1sxRjh0/MWMEc=",
"lastModified": 1689214560,
"narHash": "sha256-2vXE3S68YeWhxRm7SdUD9Ac0xwDl9MHEGaGP8MdZa9c=",
"owner": "dali99",
"repo": "nixos-matrix-modules",
"rev": "362496f4aacb680406db3fad36f98d38e8285b30",
"rev": "c158a35ea298ce3ea7cd446e9992154ea4bc6381",
"type": "github"
},
"original": {
@ -140,15 +179,18 @@
},
"minecraft": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2"
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1677376635,
"narHash": "sha256-ESBC0dvaCpbhUs3DvWxC0JMF6BoKo6xPCaqICvOyPNg=",
"lastModified": 1690076623,
"narHash": "sha256-k1AE76m7N9JVKCz0rjGPNez15rSVsDYS0l6XxfEAH88=",
"owner": "infinidoge",
"repo": "nix-minecraft",
"rev": "fa5b93f66b355d6b549d0d19733030f2eb09209e",
"rev": "8706036acb4955f9d30f789dea1c42549944ce2e",
"type": "github"
},
"original": {
@ -210,13 +252,29 @@
"type": "github"
}
},
"nixpkgs-unstable": {
"nixpkgs-stable": {
"locked": {
"lastModified": 1677342105,
"narHash": "sha256-kv1fpkfCJGb0M+LZaCHFUuIS9kRIwyVgupHu86Y28nc=",
"lastModified": 1689473667,
"narHash": "sha256-41ePf1ylHMTogSPAiufqvBbBos+gtB6zjQlYFSEKFMM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b1f87ca164a9684404c8829b851c3586c4d9f089",
"rev": "13231eccfa1da771afa5c0807fdd73e05a1ec4e6",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1690031011,
"narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "12303c652b881435065a98729eb7278313041e49",
"type": "github"
},
"original": {
@ -227,68 +285,69 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1666198336,
"narHash": "sha256-VTrWD8Bb48h2pi57P1++LuvZIgum3gSLiRzZ/8q3rg0=",
"owner": "nixos",
"lastModified": 1689956312,
"narHash": "sha256-NV9yamMhE5jgz+ZSM2IgXeYqOvmGIbIIJ+AFIhfD7Ek=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "db25c4da285c5989b39e4ce13dea651a88b7a9d4",
"rev": "6da4bc6cb07cba1b8e53d139cbf1d2fb8061d967",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1677341534,
"narHash": "sha256-zqaJuOTnKzg5AubC4rzzJ/IS5kU5n4U7vxosv1Fv8Ug=",
"lastModified": 1689413807,
"narHash": "sha256-exuzOvOhGAEKWQKwDuZAL4N8a1I837hH5eocaTcIbLc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7076110064c09f0b3942f609f2134c1358ef2e50",
"rev": "46ed466081b9cad1125b11f11a2af5cc40b942c7",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1670193339,
"narHash": "sha256-oHTAhX4p6+uxcabq0rKL4EyKWPbDLGKec88ocPIU/2Y=",
"lastModified": 1682134069,
"narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e169cf5b3b1e6cc4a25ff15087c2621605f83409",
"rev": "fd901ef4bf93499374c5af385b2943f5801c0833",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1667254466,
"narHash": "sha256-YrMQzDVOo+uz5gg1REj2q/uVhJE3WcpkqGiMzh3Da3o=",
"lastModified": 1678426640,
"narHash": "sha256-3Q4KN0XAXQT7YE3A8n3LzLtRNUCo0U++W3gl+5NhKHs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1b4722674c315de0e191d0d79790b4eac51570a1",
"rev": "824f886682fc893e6dbf27114e5001ebf2770ea1",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.05",
"ref": "nixos-22.11",
"type": "indirect"
}
},
"osuchan": {
"inputs": {
"nixpkgs": "nixpkgs_4"
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1672838459,
@ -314,10 +373,11 @@
"maunium-stickerpicker": "maunium-stickerpicker",
"minecraft": "minecraft",
"nix-attr-search": "nix-attr-search",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"osuchan": "osuchan",
"secrets": "secrets",
"sops-nix": "sops-nix",
"vscode-server": "vscode-server",
"website": "website"
}
@ -329,8 +389,8 @@
]
},
"locked": {
"lastModified": 1677374425,
"narHash": "sha256-rcXsPpdbcm/9ULPhldGW9FbroC9y+Vt/HRMGBuJ5lmY=",
"lastModified": 1683506783,
"narHash": "sha256-TEJGASqT3Ro1d3t+gKEc9NFOBqb0feVR2HqeZ8o3DGs=",
"type": "git",
"url": "file:///home/h7x4/git/nix-secrets"
},
@ -339,6 +399,55 @@
"url": "file:///home/h7x4/git/nix-secrets"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1689534977,
"narHash": "sha256-EB4hasmjKgetTR0My2bS5AwELZFIQ4zANLqHKi7aVXg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "bd695cc4d0a5e1bead703cc1bec5fa3094820a81",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
@ -354,33 +463,21 @@
"type": "github"
}
},
"utils_2": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"vscode-server": {
"flake": false,
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1676501444,
"narHash": "sha256-H+uQetkzd5GIga56HmCDwl5eihdQgeN2jVdNrkXzDyo=",
"owner": "msteen",
"lastModified": 1684517665,
"narHash": "sha256-SaAr66uCQ8CF75jIr23FZjk1+9Kfwm5sQnwV25206Gs=",
"owner": "nix-community",
"repo": "nixos-vscode-server",
"rev": "57f1716bc625d2892579294cc207956679e3d94c",
"rev": "1e1358493df6529d4c7bc4cc3066f76fd16d4ae6",
"type": "github"
},
"original": {
"owner": "msteen",
"owner": "nix-community",
"repo": "nixos-vscode-server",
"type": "github"
}
@ -390,11 +487,11 @@
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1667672395,
"narHash": "sha256-YM6GmD6jJejuAV9/t8p8++IbEXs6ooy0SvSDmNpSZ58=",
"lastModified": 1678656410,
"narHash": "sha256-VfFki6R7FGX8n/TX5n5+S6RxiFpxaZkgzPVHMlGzpQ4=",
"ref": "main",
"rev": "669ded6d45c2932dcacbe97b385ca01d093229af",
"revCount": 73,
"rev": "44697feb499a85536d69841e6832e18a94ea769b",
"revCount": 75,
"type": "git",
"url": "https://git.nani.wtf/h7x4/nani.wtf"
},

15
flake.nix
View File

@ -104,7 +104,18 @@
in [
(self: super: { kanidm = nonrecursive-unstable-pkgs.kanidm; })
(self: super: { pgadmin4 = nonrecursive-unstable-pkgs.pgadmin4; })
(self: super: { pcloud = unstable-pkgs.callPackage ./package-overrides/pcloud.nix {}; })
osuchan.overlays.default
(self: super: {
mpv-unwrapped = super.mpv-unwrapped.override {
ffmpeg_5 = super.ffmpeg_5-full;
};
})
# (self: super: {
# systemd = super.systemd.overrideAttrs (final: prev: {
# mesonFlags = prev.mesonFlags ++ [ "-Dsystemd-socket-proxyd=true" ];
# });
# })
];
};
@ -115,6 +126,10 @@
inherit pkgs;
packages.${system} = {
inherit (pkgs) kanidm pcloud;
};
devShells.${system}.default = pkgs.mkShell {
packages = with pkgs; [ sops ];
};

2
home/config/xdg/mimetypes.nix
View File

@ -80,7 +80,7 @@ let
in {
xdg.dataFile."applications/mimeapps.list".force = true;
xdg.configFile."mimeapps.list".force = true;
xdg.mimeApps = {
enable = true;
# associations.added = {};

3
home/home.nix
View File

@ -47,6 +47,7 @@ in {
./services/polybar.nix
./services/stalonetray.nix
./services/sxhkd.nix
./services/copyq.nix
];
home = {
@ -121,7 +122,7 @@ in {
services = {
gnome-keyring.enable = mkIf graphics true;
dropbox.enable = true;
# dropbox.enable = true;
network-manager-applet.enable = mkIf graphics true;
# redshift.enable = true;
};

7
home/packages.nix
View File

@ -61,6 +61,7 @@ in {
nix-output-monitor
nix-tree
nix-zsh-completions
nixpkgs-review
# nixops
nmap
ouch
@ -120,11 +121,9 @@ in {
birdtray
calibre
cool-retro-term
copyq
darktable
discord
element-desktop
fcitx
geogebra
gimp
gnome.gnome-font-viewer
@ -156,7 +155,7 @@ in {
shellcheck
slack
sublime3
swiPrologWithGui
# swiPrologWithGui
sxiv
tagainijisho
teams
@ -178,7 +177,7 @@ in {
xmonad-log
# xsnow # Wait until christmas
yubioath-desktop
yubioath-flutter
yuzu-mainline
zeal
zoom-us

1415
home/programs/emacs/config.el Normal file
View File

File diff suppressed because it is too large Load Diff

18
home/programs/vscode.nix
View File

@ -3,7 +3,7 @@
let mapPrefixToSet = prefix: set:
with lib; attrsets.mapAttrs' (k: v: attrsets.nameValuePair ("${prefix}.${k}") v) set;
vs-liveshare = pkgs.callPackage ./vscode-extensions/vsliveshare.nix {};
# vs-liveshare = pkgs.callPackage ./vscode-extensions/vsliveshare.nix {};
in
{
@ -274,7 +274,7 @@ in
# ms-vsliveshare.vsliveshare
bbenoist.nix
christian-kohler.path-intellisense
coenraads.bracket-pair-colorizer-2
# coenraads.bracket-pair-colorizer-2
haskell.haskell
justusadam.language-haskell
justusadam.language-haskell
@ -289,7 +289,7 @@ in
redhat.vscode-yaml
shardulm94.trailing-spaces
usernamehw.errorlens
vs-liveshare
# vs-liveshare
vscodevim.vim
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
{
@ -328,12 +328,12 @@ in
version = "0.1.4";
sha256 = "02b04756kfk640hri1xw0p6kwjxwp8d2hpmca0iysfivfcmm1bqn";
}
{
name = "indent-rainbow";
publisher = "oderwat";
version = "8.2.2";
sha256 = "1xxljwh66f21fzmhw8icrmxxmfww1s67kf5ja65a8qb1x1rhjjgf";
}
# {
# name = "indent-rainbow";
# publisher = "oderwat";
# version = "8.2.2";
# sha256 = "1xxljwh66f21fzmhw8icrmxxmfww1s67kf5ja65a8qb1x1rhjjgf";
# }
{
name = "vscodeintellicode";
publisher = "VisualStudioExptTeam";

4
home/services/copyq.nix Normal file
View File

@ -0,0 +1,4 @@
{ ... }:
{
services.copyq.enable = true;
}

4
home/shellOptions.nix
View File

@ -133,6 +133,8 @@ in rec {
"Nix Stuff" = {
nxr = "sudo nixos-rebuild switch";
nix-check-syntax = "nix-instantiate --parse-only";
nxr-hm = "sudo nixos-rebuild switch --flake ~/nix#home-manager-tester";
nxr-ks = "sudo nixos-rebuild switch --flake ~/nix#kasei";
@ -228,7 +230,7 @@ in rec {
# the "technically correct definition" of an alias
"Actual Aliases" = {
dp = "${dropbox-cli}/bin/dropbox";
# dp = "${dropbox-cli}/bin/dropbox";
# Having 'watch' with a space after as an alias, enables it to expand other aliases
watch = "${procps}/bin/watch ";

32
hosts/common.nix
View File

@ -36,7 +36,7 @@ in {
"big-paralell"
];
mandatoryFeatures = [];
sshUser = "nix-builder";
sshUser = "nix-ssh";
sshKey = secrets.keys.ssh.nixBuilders.tsuki.private;
}
{
@ -94,14 +94,28 @@ in {
i18n = {
defaultLocale = "en_US.UTF-8";
inputMethod = lib.mkIf (!machineVars.headless) {
# enabled = "fcitx";
# engines = with pkgs.fcitx-engines; [ mozc ];
enabled = "fcitx5";
fcitx5.addons = with pkgs; [
fcitx5-mozc
fcitx5-gtk
# fcitx5-gtk
# fcitx5-chinese-addons
];
};
};
systemd.user.services."fcitx5" = lib.mkIf (config.i18n.inputMethod.enabled == "fcitx5") {
description = "Fcitx5 IME";
wantedBy = [ "graphical.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${config.i18n.inputMethod.package}/bin/fcitx5";
ExecReload = "/bin/kill -HUP $MAINPID";
Restart="on-failure";
};
};
environment = {
variables = {
EDITOR = "nvim";
@ -226,10 +240,10 @@ in {
resolved.enable = true;
openssh.settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
openssh= {
passwordAuthentication = false;
kbdInteractiveAuthentication = false;
permitRootLogin = "no";
};
udev.packages = with pkgs; [
@ -328,8 +342,8 @@ in {
clang
dart
dotnet-sdk
dotnet-sdk_3
dotnet-sdk_5
# dotnet-sdk_3
# dotnet-sdk_5
dotnetPackages.Nuget
elm2nix
elmPackages.elm
@ -337,7 +351,7 @@ in {
gcc
ghc
ghcid
haskellPackages.Cabal_3_6_3_0
# haskellPackages.Cabal_3_6_3_0
maven
nixfmt
nixpkgs-fmt

27
hosts/kasei/configuration.nix
View File

@ -37,17 +37,29 @@
hostName = "kasei";
networkmanager.enable = true;
interfaces.enp6s0.useDHCP = true;
firewall.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [ 7860 ];
allowedUDPPorts = [ config.services.tailscale.port ];
checkReversePath = "loose";
trustedInterfaces = [ "tailscale0" ];
};
hostId = "f0660cef";
};
services = {
openssh.enable = true;
openssh = {
enable = true;
settings.X11Forwarding = true;
};
xserver.videoDrivers = ["nvidia"];
tailscale.enable = true;
};
# TODO: remove when merged: https://github.com/NixOS/nixpkgs/pull/167388
systemd.services.logid = {
systemd = {
services = {
logid = {
description = "Logitech Configuration Daemon";
startLimitIntervalSec = 0;
wants = [ "multi-user.target" ];
@ -62,6 +74,8 @@
Restart="on-failure";
};
};
};
};
virtualisation = {
docker.enable = true;
@ -71,9 +85,14 @@
boot = {
initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
initrd.kernelModules = [ ];
# kernelPackages = pkgs.linuxKernel.packages.linux_zen.zfs;
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
kernelModules = [ "kvm-amd" ];
blacklistedKernelModules = [ "nouveau" ];
kernelParams = [ "nomodeset" ];
supportedFilesystems = [ "zfs" ];
loader = {
efi.canTouchEfiVariables = false;
grub = {
@ -118,5 +137,3 @@
logitech.wireless.enable = true;
};
}

49
hosts/special/home-manager-tester/fcitx5-material-color.nix Normal file
View File

@ -0,0 +1,49 @@
{
lib,
stdenvNoCC,
fetchFromGitHub
}:
stdenvNoCC.mkDerivation rec {
pname = "fcitx5-material-color";
version = "0.2.1";
src = fetchFromGitHub {
owner = "hosxy";
repo = "Fcitx5-Material-Color";
rev = "${version}";
sha256 = "i9JHIJ+cHLTBZUNzj9Ujl3LIdkCllTWpO1Ta4OT1LTc=";
};
outputs = [ "out" "doc" ];
installPhase = ''
runHook preInstall
install -Dm644 -t $out/usr/share/fcitx5/themes/fcitx5-material-color radio.png arrow.png
find $src -type f -name 'theme*.conf' \
-exec install -Dm644 -t $out/usr/share/fcitx5/themes/fcitx5-material-color {} +
find $src/screenshot -type f \
-exec install -Dm644 -t $doc/usr/share/doc/fcitx5/themes/fcitx5-material-color {} +
install -Dm644 -t $doc/usr/share/doc/fcitx5/themes/fcitx5-material-color \
LICENSE \
README.md
runHook postInstall
'';
meta = with lib; {
description = "";
longDescription = ''
A fcitx5 skin with colors from Material Design.
Designed to mimick the interface of the Windows 10 IME.
'';
homepage = "https://github.com/hosxy/Fcitx5-Material-Color";
license = licenses.asl20;
maintainers = [ maintainers.h7x4 ];
platforms = platforms.all;
};
}

139
modules/socketActivation.nix Normal file
View File

@ -0,0 +1,139 @@
{ config, pkgs, lib, ... }:
let
inherit (lib) mkOption types mdDoc;
cfg = lib.filterAttrs (_: value: value.enable) config.local.socketActivation;
in
{
options.local.socketActivation = mkOption {
type = types.attrsOf (types.submodule ({ name, ... }: {
options = {
enable = lib.mkEnableOption "socket activation for <name>";
service = mkOption {
type = types.str;
default = name;
defaultText = "<name>";
example = "myservice";
description = mdDoc "Systemd service name";
};
privateNamespace = mkOption {
type = types.bool;
default = true;
example = false;
description = mdDoc ''
Whether to isolate the network of the original service.
This is recommended, but might be impractical if the original
service also uses networking for its own operation.
'';
};
originalSocketAddress = mkOption {
type = types.str;
example = "localhost:8080";
description = mdDoc ''
Socket that the original service is listening to.
This could be a TCP or UNIX socket.
'';
};
newSocketAddress = mkOption {
type = with types; either str port;
example = "localhost:8080";
description = mdDoc ''
Addres of the new systemd socket.
This could be a TCP or UNIX socket.
'';
};
connectionsMax = mkOption {
type = types.int;
default = 256;
example = 1024;
description = mdDoc ''
Sets the maximum number of simultaneous connections.
If the limit of concurrent connections is reached further connections will be refused.
See <https://www.freedesktop.org/software/systemd/man/systemd-socket-proxyd.html#--connections-max=>
'';
};
exitIdleTime = mkOption {
type = types.nullOr types.str;
default = "5m";
example = "1h";
description = mdDoc ''
Amount of inactivity time, before systemd shuts down the service.
If this is set to `null`, the service will never stop.
See <https://www.freedesktop.org/software/systemd/man/systemd-socket-proxyd.html#--exit-idle-time=>
'';
};
};
}));
description = mdDoc "Forcefully socket activated systemd services";
default = { };
};
config = {
assertions = lib.mapAttrsToList (name: value: {
# NOTE: This assertion is missing a lot of invalid cases.
# The original socket address could've been "localhost:1234" and now only 1234,
# while still meaning the same thing.
# Also, if the originalSocketAddress and newSocketAddress is the same UNIX socket path
# it doesn't matter whether they're in different namespaces AFAIK, they'll still clash.
assertion = !value.privateNamespace -> (value.originalSocketAddress != value.newSocketAddress);
message = ''
The new proxied socket address of "${name}" clashes with its original socket address.
Either enable `privateNamespace` to isolate the original service' network, or use a separate
socket address.
'';
}) cfg;
systemd = lib.mkMerge ((lib.flip lib.mapAttrsToList) cfg (name: value: let
originalService = config.systemd.services.${value.service};
in {
sockets."${name}-proxy" = {
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenStream = value.newSocketAddress;
};
};
services."${name}-proxy" = rec {
requires = [
"${name}.service"
"${name}-proxy.socket"
];
after = requires;
unitConfig = lib.mkIf value.privateNamespace {
JoinsNamespaceOf = "${value.service}.service";
};
serviceConfig = {
ExecStart = let
args = lib.cli.toGNUCommandLineShell { } {
exit-idle-time = if value.exitIdleTime != null then value.exitIdleTime else "infinity";
connections-max = value.connectionsMax;
};
in ''${pkgs.systemd}/lib/systemd/systemd-socket-proxyd ${args} "${cfg.${name}.originalSocketAddress}"'';
PrivateNetwork = value.privateNamespace;
};
};
services.${name} = {
unitConfig = {
StopWhenUnneeded = true;
};
serviceConfig = lib.mkIf value.privateNamespace {
PrivateNetwork = true;
};
};
}));
};
}

132
package-overrides/pcloud.nix Normal file
View File

@ -0,0 +1,132 @@
# Even though pCloud Drive is redistributed as a plug-n-play AppImage, it
# requires a little bit more love because of the way Nix launches those types
# of applications.
#
# What Nix does, simplifying a bit, is that it extracts an AppImage and starts
# it via buildFHSEnv - this is totally fine for majority of apps, but makes
# it by-design *impossible* to launch SUID wrappers [^1]; in case of pCloud,
# it's fusermount.
# (so pCloud starts, but silently fails to mount the FUSE drive.)
#
# To overcome this issue, we're manually extracting the AppImage and then treat
# it as if it was a regular, good-ol' application requiring some standard path
# fixes.
#
# ^1 https://github.com/NixOS/nixpkgs/issues/69338
{
# Build dependencies
appimageTools
, autoPatchelfHook
, fetchzip
, lib
, stdenv
# Runtime dependencies;
# A few additional ones (e.g. Node) are already shipped together with the
# AppImage, so we don't have to duplicate them here.
, alsa-lib
, dbus-glib
, fuse
, gsettings-desktop-schemas
, gtk3
, libdbusmenu-gtk2
, libXdamage
, libX11
, libappindicator
, libindicator
, libnotify
, nss
, udev
}:
let
pname = "pcloud";
version = "1.12.0";
code = "XZyc9wVZAbFzyV8ElP71D5v170CvEmVtmrB7";
# Archive link's codes: https://www.pcloud.com/release-notes/linux.html
src = fetchzip {
url = "https://api.pcloud.com/getpubzip?code=${code}&filename=${pname}-${version}.zip";
hash = "sha256-QzBlpF+qtNdSZFv3gU0mQhpVyPTWdGH3c+UHKKGfvKc=";
};
appimageContents = appimageTools.extractType2 {
name = "${pname}-${version}";
src = "${src}/pcloud";
};
in
stdenv.mkDerivation {
inherit pname version;
src = appimageContents;
dontConfigure = true;
dontBuild = true;
nativeBuildInputs = [
autoPatchelfHook
];
buildInputs = [
alsa-lib
dbus-glib
fuse
gtk3
libX11
libXdamage
libappindicator
libdbusmenu-gtk2
libindicator
libnotify
nss
udev
];
installPhase = ''
mkdir "$out"
cp -ar . "$out/app"
cd "$out"
# Remove the AppImage runner, since users are not supposed to use it; the
# actual entry point is the `pcloud` binary
rm app/AppRun
# Adjust directory structure, so that the `.desktop` etc. files are
# properly detected
mkdir bin
mv app/usr/share .
# mv app/usr/lib .
# Adjust the `.desktop` file
mkdir share/applications
substitute \
app/pcloud.desktop \
share/applications/pcloud.desktop \
--replace 'Name=pcloud' 'Name=pCloud' \
--replace 'Exec=AppRun' 'Exec=${pname}'
# Build the main executable
cat > bin/pcloud <<EOF
#! $SHELL -e
# This is required for the file picker dialog - otherwise pcloud just
# crashes
export XDG_DATA_DIRS="${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}:${gtk3}/share/gsettings-schemas/${gtk3.name}:$XDG_DATA_DIRS"
exec "$out/app/pcloud"
EOF
chmod +x bin/pcloud
'';
meta = with lib; {
description = "Secure and simple to use cloud storage for your files; pCloud Drive, Electron Edition";
homepage = "https://www.pcloud.com/";
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = licenses.unfree;
maintainers = with maintainers; [ patryk27 ];
platforms = [ "x86_64-linux" ];
};
}