format
This commit is contained in:
parent
38bae92081
commit
55a219670b
4 changed files with 108 additions and 108 deletions
|
@ -4,7 +4,7 @@
|
|||
...
|
||||
}: {
|
||||
services.nextcloud = {
|
||||
appstoreEnable = true;
|
||||
appstoreEnable = true;
|
||||
caching.redis = true;
|
||||
config = {
|
||||
adminpassFile = config.sops.secrets."services/nextcloud/adminpass".path;
|
||||
|
|
|
@ -69,7 +69,7 @@ rec {
|
|||
inputs.attic.follows = "attic";
|
||||
inputs.flake-utils.follows = "flake-utils";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
# inputs.hydra.follows = "hydra";
|
||||
# inputs.hydra.follows = "hydra";
|
||||
};
|
||||
nixos-config-for-netboot.url = "github:DarkKirb/nixos-config/c9c3d16b23042a25f504a6d71e7075318f1137f8";
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
||||
|
|
|
@ -58,57 +58,58 @@ in {
|
|||
lfsJwtSecret = "${cfg.customDir}/conf/lfs_jwt_secret"; # new file for LFS_JWT_SECRET
|
||||
internalToken = "${cfg.customDir}/conf/internal_token";
|
||||
replaceSecretBin = "${pkgs.replace-secret}/bin/replace-secret";
|
||||
in lib.mkForce ''
|
||||
# copy custom configuration and generate random secrets if needed
|
||||
${optionalString (!cfg.useWizard) ''
|
||||
function gitea_setup {
|
||||
cp -f '${configFile}' '${runConfig}'
|
||||
if [ ! -s '${secretKey}' ]; then
|
||||
${exe} generate secret SECRET_KEY > '${secretKey}'
|
||||
fi
|
||||
# Migrate LFS_JWT_SECRET filename
|
||||
if [[ -s '${oldLfsJwtSecret}' && ! -s '${lfsJwtSecret}' ]]; then
|
||||
mv '${oldLfsJwtSecret}' '${lfsJwtSecret}'
|
||||
fi
|
||||
if [ ! -s '${oauth2JwtSecret}' ]; then
|
||||
${exe} generate secret JWT_SECRET > '${oauth2JwtSecret}'
|
||||
fi
|
||||
${lib.optionalString cfg.lfs.enable ''
|
||||
if [ ! -s '${lfsJwtSecret}' ]; then
|
||||
${exe} generate secret LFS_JWT_SECRET > '${lfsJwtSecret}'
|
||||
fi
|
||||
in
|
||||
lib.mkForce ''
|
||||
# copy custom configuration and generate random secrets if needed
|
||||
${optionalString (!cfg.useWizard) ''
|
||||
function gitea_setup {
|
||||
cp -f '${configFile}' '${runConfig}'
|
||||
if [ ! -s '${secretKey}' ]; then
|
||||
${exe} generate secret SECRET_KEY > '${secretKey}'
|
||||
fi
|
||||
# Migrate LFS_JWT_SECRET filename
|
||||
if [[ -s '${oldLfsJwtSecret}' && ! -s '${lfsJwtSecret}' ]]; then
|
||||
mv '${oldLfsJwtSecret}' '${lfsJwtSecret}'
|
||||
fi
|
||||
if [ ! -s '${oauth2JwtSecret}' ]; then
|
||||
${exe} generate secret JWT_SECRET > '${oauth2JwtSecret}'
|
||||
fi
|
||||
${lib.optionalString cfg.lfs.enable ''
|
||||
if [ ! -s '${lfsJwtSecret}' ]; then
|
||||
${exe} generate secret LFS_JWT_SECRET > '${lfsJwtSecret}'
|
||||
fi
|
||||
''}
|
||||
if [ ! -s '${internalToken}' ]; then
|
||||
${exe} generate secret INTERNAL_TOKEN > '${internalToken}'
|
||||
fi
|
||||
chmod u+w '${runConfig}'
|
||||
${replaceSecretBin} '#secretkey#' '${secretKey}' '${runConfig}'
|
||||
${replaceSecretBin} '#dbpass#' '${cfg.database.passwordFile}' '${runConfig}'
|
||||
${replaceSecretBin} '#oauth2jwtsecret#' '${oauth2JwtSecret}' '${runConfig}'
|
||||
${replaceSecretBin} '#internaltoken#' '${internalToken}' '${runConfig}'
|
||||
${lib.optionalString cfg.lfs.enable ''
|
||||
${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'
|
||||
''}
|
||||
${lib.optionalString (cfg.mailerPasswordFile != null) ''
|
||||
${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}'
|
||||
''}
|
||||
${lib.optionalString (cfg.storageSecretFile != null) ''
|
||||
${replaceSecretBin} '#storageSecret#' '${cfg.storageSecretFile}' '${runConfig}'
|
||||
''}
|
||||
chmod u-w '${runConfig}'
|
||||
}
|
||||
(umask 027; gitea_setup)
|
||||
''}
|
||||
if [ ! -s '${internalToken}' ]; then
|
||||
${exe} generate secret INTERNAL_TOKEN > '${internalToken}'
|
||||
fi
|
||||
chmod u+w '${runConfig}'
|
||||
${replaceSecretBin} '#secretkey#' '${secretKey}' '${runConfig}'
|
||||
${replaceSecretBin} '#dbpass#' '${cfg.database.passwordFile}' '${runConfig}'
|
||||
${replaceSecretBin} '#oauth2jwtsecret#' '${oauth2JwtSecret}' '${runConfig}'
|
||||
${replaceSecretBin} '#internaltoken#' '${internalToken}' '${runConfig}'
|
||||
${lib.optionalString cfg.lfs.enable ''
|
||||
${replaceSecretBin} '#lfsjwtsecret#' '${lfsJwtSecret}' '${runConfig}'
|
||||
''}
|
||||
${lib.optionalString (cfg.mailerPasswordFile != null) ''
|
||||
${replaceSecretBin} '#mailerpass#' '${cfg.mailerPasswordFile}' '${runConfig}'
|
||||
''}
|
||||
${lib.optionalString (cfg.storageSecretFile != null) ''
|
||||
${replaceSecretBin} '#storageSecret#' '${cfg.storageSecretFile}' '${runConfig}'
|
||||
''}
|
||||
chmod u-w '${runConfig}'
|
||||
}
|
||||
(umask 027; gitea_setup)
|
||||
''}
|
||||
# run migrations/init the database
|
||||
${exe} migrate
|
||||
# update all hooks' binary paths
|
||||
${exe} admin regenerate hooks
|
||||
# update command option in authorized_keys
|
||||
if [ -r ${cfg.stateDir}/.ssh/authorized_keys ]
|
||||
then
|
||||
${exe} admin regenerate keys
|
||||
fi
|
||||
'';
|
||||
# run migrations/init the database
|
||||
${exe} migrate
|
||||
# update all hooks' binary paths
|
||||
${exe} admin regenerate hooks
|
||||
# update command option in authorized_keys
|
||||
if [ -r ${cfg.stateDir}/.ssh/authorized_keys ]
|
||||
then
|
||||
${exe} admin regenerate keys
|
||||
fi
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,63 +2,62 @@ inputs: system: self: prev: let
|
|||
inherit (inputs) nixpkgs nixpkgs-noto-variable nix-packages;
|
||||
noto-variable = import nixpkgs-noto-variable {inherit system;};
|
||||
in
|
||||
with nixpkgs.legacyPackages.${system};
|
||||
{
|
||||
mosh = prev.mosh.overrideAttrs (old: {
|
||||
patches = [
|
||||
./mosh/ssh_path.patch
|
||||
./mosh/mosh-client_path.patch
|
||||
./mosh/utempter_path.patch
|
||||
./mosh/bash_completion_datadir.patch
|
||||
];
|
||||
postPatch = ''
|
||||
substituteInPlace scripts/mosh.pl \
|
||||
--subst-var-by ssh "${openssh}/bin/ssh" \
|
||||
--subst-var-by mosh-client "$out/bin/mosh-client"
|
||||
'';
|
||||
version = "2022-02-04";
|
||||
src = prev.fetchFromGitHub {
|
||||
owner = "mobile-shell";
|
||||
repo = "mosh";
|
||||
rev = "dbe419d0e069df3fedc212d456449f64d0280c76";
|
||||
sha256 = "09mvk9zxclkf4wrkkfzg0p2hx1f74gpymr0a0l3pckmk6za2n3d1";
|
||||
with nixpkgs.legacyPackages.${system}; {
|
||||
mosh = prev.mosh.overrideAttrs (old: {
|
||||
patches = [
|
||||
./mosh/ssh_path.patch
|
||||
./mosh/mosh-client_path.patch
|
||||
./mosh/utempter_path.patch
|
||||
./mosh/bash_completion_datadir.patch
|
||||
];
|
||||
postPatch = ''
|
||||
substituteInPlace scripts/mosh.pl \
|
||||
--subst-var-by ssh "${openssh}/bin/ssh" \
|
||||
--subst-var-by mosh-client "$out/bin/mosh-client"
|
||||
'';
|
||||
version = "2022-02-04";
|
||||
src = prev.fetchFromGitHub {
|
||||
owner = "mobile-shell";
|
||||
repo = "mosh";
|
||||
rev = "dbe419d0e069df3fedc212d456449f64d0280c76";
|
||||
sha256 = "09mvk9zxclkf4wrkkfzg0p2hx1f74gpymr0a0l3pckmk6za2n3d1";
|
||||
};
|
||||
});
|
||||
inherit (noto-variable) noto-fonts-cjk;
|
||||
nix = prev.nix.overrideAttrs (old: {
|
||||
postPatchPhase = ''
|
||||
sed 's/getBoolAttr."allowSubstitutes", true./true/' src/libstore/parsed-derivations.cc
|
||||
'';
|
||||
checkPhase = "true";
|
||||
installCheckPhase = "true";
|
||||
});
|
||||
rnix-lsp = with prev;
|
||||
rustPlatform.buildRustPackage {
|
||||
pname = "rnix-lsp";
|
||||
version = "0.3.0-alejandra";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nix-community";
|
||||
repo = "rnix-lsp";
|
||||
# https://github.com/nix-community/rnix-lsp/pull/89
|
||||
rev = "9189b50b34285b2a9de36a439f6c990fd283c9c7";
|
||||
sha256 = "sha256-ZnUtvwkcz7QlAiqQxhI4qVUhtVR+thLhG3wQlle7oZg=";
|
||||
};
|
||||
});
|
||||
inherit (noto-variable) noto-fonts-cjk;
|
||||
nix = prev.nix.overrideAttrs (old: {
|
||||
postPatchPhase = ''
|
||||
sed 's/getBoolAttr."allowSubstitutes", true./true/' src/libstore/parsed-derivations.cc
|
||||
'';
|
||||
|
||||
cargoSha256 = "sha256-VhE+DspQ0IZKf7rNkERA/gD7iMzjW4TnRSnYy1gdV0s=";
|
||||
cargoBuildFlags = ["--no-default-features" "--features" "alejandra"];
|
||||
|
||||
checkPhase = "true";
|
||||
installCheckPhase = "true";
|
||||
});
|
||||
rnix-lsp = with prev;
|
||||
rustPlatform.buildRustPackage {
|
||||
pname = "rnix-lsp";
|
||||
version = "0.3.0-alejandra";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nix-community";
|
||||
repo = "rnix-lsp";
|
||||
# https://github.com/nix-community/rnix-lsp/pull/89
|
||||
rev = "9189b50b34285b2a9de36a439f6c990fd283c9c7";
|
||||
sha256 = "sha256-ZnUtvwkcz7QlAiqQxhI4qVUhtVR+thLhG3wQlle7oZg=";
|
||||
};
|
||||
|
||||
cargoSha256 = "sha256-VhE+DspQ0IZKf7rNkERA/gD7iMzjW4TnRSnYy1gdV0s=";
|
||||
cargoBuildFlags = ["--no-default-features" "--features" "alejandra"];
|
||||
|
||||
checkPhase = "true";
|
||||
|
||||
meta = with lib; {
|
||||
description = "A work-in-progress language server for Nix, with syntax checking and basic completion";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ma27];
|
||||
};
|
||||
meta = with lib; {
|
||||
description = "A work-in-progress language server for Nix, with syntax checking and basic completion";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ma27];
|
||||
};
|
||||
hydra-unsstable = nix-packages.packages.${system}.hydra.overrideAttrs (super: {
|
||||
doCheck = false;
|
||||
checkPhase = "";
|
||||
installCheckPhase = "";
|
||||
});
|
||||
}
|
||||
};
|
||||
hydra-unsstable = nix-packages.packages.${system}.hydra.overrideAttrs (super: {
|
||||
doCheck = false;
|
||||
checkPhase = "";
|
||||
installCheckPhase = "";
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue