diff --git a/flake.nix b/flake.nix
index 950d9da1..3d32b924 100644
--- a/flake.nix
+++ b/flake.nix
@@ -207,7 +207,7 @@
inherit (inputs) tracer bevy-mandelbrot bevy-julia;
};
- legacyPackages = lib.attrsets.mapAttrs (system: pkgs:
+ legacyPackages = lib.attrsets.mapAttrs (_: pkgs:
pkgs.appendOverlays [
fenix.overlays.default
naersk.overlay
@@ -224,7 +224,7 @@
inherit specialArgs system;
modules = [
- ({ pkgs, ... }: {
+ ({ ... }: {
_module.args = extraArgs // {
inherit hostRegistry inputs zentralwerk;
};
@@ -327,7 +327,7 @@
radiobert = nixosSystem' {
modules = [
- ({ modulesPath, ... }:
+ ({ ... }:
{
nixpkgs.overlays = [ heliwatch.overlay ];
})
@@ -763,7 +763,7 @@
else nixosSystem.config.system.build.toplevel
) self.nixosConfigurations
// nixos.lib.filterAttrs (name: attr:
- (builtins.match ".+-tftproot" name != null && lib.isDerivation attr)
+ (lib.match ".+-tftproot" name != null && lib.isDerivation attr)
) self.packages.aarch64-linux
);
};
diff --git a/hosts/auth/default.nix b/hosts/auth/default.nix
index 813e8ebb..eb535c3c 100644
--- a/hosts/auth/default.nix
+++ b/hosts/auth/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ config, ... }:
{
c3d2 = {
@@ -58,7 +58,7 @@
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = ./secrets.yaml;
secrets."portunus/seed" = {
- group = config.services.portunus.group;
+ inherit (config.services.portunus) group;
owner = config.services.portunus.user;
};
};
diff --git a/hosts/blogs/default.nix b/hosts/blogs/default.nix
index a45d968e..357bf17a 100644
--- a/hosts/blogs/default.nix
+++ b/hosts/blogs/default.nix
@@ -1,4 +1,4 @@
-{ hostRegistry, zentralwerk, config, ... }:
+{ config, ... }:
{
microvm.mem = 2048;
c3d2.deployment = {
diff --git a/hosts/broker/default.nix b/hosts/broker/default.nix
index 6664c55a..3c31cc64 100644
--- a/hosts/broker/default.nix
+++ b/hosts/broker/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, zentralwerk, ... }:
+{ config, pkgs, ... }:
let
mymqttui = pkgs.writeScriptBin "mqttui" ''
diff --git a/hosts/c3d2-web/default.nix b/hosts/c3d2-web/default.nix
index ae29141b..4b5a66ac 100644
--- a/hosts/c3d2-web/default.nix
+++ b/hosts/c3d2-web/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, nixpkgs, config, lib, pkgs, ... }:
+{ config, pkgs, ... }:
let
webroot = "/var/www";
geminiRoot = "/var/gemini";
@@ -150,11 +150,11 @@ in
home = "/var/lib/c3d2-web";
};
- systemd.tmpfiles.rules = [
- "d ${webroot}/c3d2 0755 c3d2-web ${config.users.users.c3d2-web.group} -"
- "d ${webroot}/log 0755 c3d2-web ${config.users.users.c3d2-web.group} -"
- "d ${geminiRoot} 0755 c3d2-web ${config.users.users.c3d2-web.group} -"
- "d ${config.users.users.c3d2-web.home} 0700 c3d2-web ${config.users.users.c3d2-web.group} -"
+ systemd.tmpfiles.rules = with config.users.users.c3d2-web; [
+ "d ${webroot}/c3d2 0755 c3d2-web ${group} -"
+ "d ${webroot}/log 0755 c3d2-web ${group} -"
+ "d ${geminiRoot} 0755 c3d2-web ${group} -"
+ "d ${home} 0700 c3d2-web ${group} -"
];
# Build script
diff --git a/hosts/dacbert/default.nix b/hosts/dacbert/default.nix
index 90bbd332..cb34dc1d 100644
--- a/hosts/dacbert/default.nix
+++ b/hosts/dacbert/default.nix
@@ -1,4 +1,4 @@
-{ hostRegistry, config, lib, pkgs, modulesPath, ... }:
+{ hostRegistry, config, lib, pkgs, ... }:
{
c3d2 = {
diff --git a/hosts/direkthilfe/default.nix b/hosts/direkthilfe/default.nix
index 89674680..e289dc4a 100644
--- a/hosts/direkthilfe/default.nix
+++ b/hosts/direkthilfe/default.nix
@@ -1,7 +1,6 @@
-{ pkgs, ... }:
-let
- domain = "direkthilfe.c3d2.de";
-in {
+{ config, pkgs, ... }:
+
+{
networking.hostName = "direkthilfe";
microvm.mem = 1024;
c3d2.deployment = {
@@ -27,7 +26,7 @@ in {
services.engelsystem = {
enable = true;
- domain = domain;
+ domain = "direkthilfe.c3d2.de";
createDatabase = true;
package = pkgs.engelsystem.override { php = pkgs.php74; };
config = {
@@ -64,7 +63,7 @@ in {
services.phpfpm.phpPackage = pkgs.php74;
services.nginx = {
enable = true;
- virtualHosts."${domain}" = {
+ virtualHosts."${config.services.engelsystem.domain}" = {
default = true;
forceSSL = true;
enableACME = true;
diff --git a/hosts/dn42/default.nix b/hosts/dn42/default.nix
index 879ca71d..f2db903a 100644
--- a/hosts/dn42/default.nix
+++ b/hosts/dn42/default.nix
@@ -140,7 +140,7 @@ in {
}
'' else
"";
- interface = if conf ? interface then conf.interface else name;
+ interface = conf.interface or name;
in "${neighbor4}${neighbor6}") neighbors));
in ''
protocol kernel {
diff --git a/hosts/factorio/default.nix b/hosts/factorio/default.nix
index fbd4585d..9a7109ff 100644
--- a/hosts/factorio/default.nix
+++ b/hosts/factorio/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ config, lib, ... }:
{
c3d2 = {
diff --git a/hosts/ftp/default.nix b/hosts/ftp/default.nix
index 245deebc..63afffdb 100644
--- a/hosts/ftp/default.nix
+++ b/hosts/ftp/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, zentralwerk, ... }:
+{ config, pkgs, ... }:
{
c3d2 = {
diff --git a/hosts/gitea/default.nix b/hosts/gitea/default.nix
index e160679d..dff1a079 100644
--- a/hosts/gitea/default.nix
+++ b/hosts/gitea/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, zentralwerk, ... }:
+{ config, pkgs, lib, ... }:
{
c3d2 = {
diff --git a/hosts/glotzbert/default.nix b/hosts/glotzbert/default.nix
index 2d6e201e..5847dc3a 100644
--- a/hosts/glotzbert/default.nix
+++ b/hosts/glotzbert/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, pkgs, ... }:
+{ config, pkgs, ... }:
{
imports = [ ./hardware-configuration.nix ];
diff --git a/hosts/glotzbert/hardware-configuration.nix b/hosts/glotzbert/hardware-configuration.nix
index 700acaed..37ee602f 100644
--- a/hosts/glotzbert/hardware-configuration.nix
+++ b/hosts/glotzbert/hardware-configuration.nix
@@ -1,7 +1,7 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
diff --git a/hosts/grafana/default.nix b/hosts/grafana/default.nix
index 3661cebb..9b2e0f75 100644
--- a/hosts/grafana/default.nix
+++ b/hosts/grafana/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, pkgs, lib, modulesPath, ... }:
+{ config, pkgs, ... }:
let
restartServices = [ "grafana" "influxdb" ];
diff --git a/hosts/hedgedoc/default.nix b/hosts/hedgedoc/default.nix
index 08b6ef76..c0c7fa30 100644
--- a/hosts/hedgedoc/default.nix
+++ b/hosts/hedgedoc/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ config, pkgs, ... }:
{
c3d2 = {
diff --git a/hosts/hydra/default.nix b/hosts/hydra/default.nix
index 3277103e..93ffdba1 100644
--- a/hosts/hydra/default.nix
+++ b/hosts/hydra/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, pkgs, lib, ... }:
+{ config, pkgs, ... }:
{
imports = [
@@ -52,5 +52,5 @@
c3d2.hq.statistics.enable = true;
services.smartd.enable = true;
- system.stateVersion = "20.09"; # Did you read the comment?
+ system.stateVersion = "20.09";
}
diff --git a/hosts/hydra/hardware-configuration.nix b/hosts/hydra/hardware-configuration.nix
index 51876ce3..5340469a 100644
--- a/hosts/hydra/hardware-configuration.nix
+++ b/hosts/hydra/hardware-configuration.nix
@@ -1,7 +1,7 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{ config, lib, modulesPath, ... }:
{
imports =
diff --git a/hosts/hydra/hydra.nix b/hosts/hydra/hydra.nix
index 663c1225..77f5e8e4 100644
--- a/hosts/hydra/hydra.nix
+++ b/hosts/hydra/hydra.nix
@@ -1,4 +1,4 @@
-{ self, hostRegistry, hydra-ca, config, lib, pkgs, ... }:
+{ config, lib, ... }:
let
cachePort = 5000;
diff --git a/hosts/leon/default.nix b/hosts/leon/default.nix
index e2fc50a3..ced6c838 100644
--- a/hosts/leon/default.nix
+++ b/hosts/leon/default.nix
@@ -26,7 +26,7 @@
# `...-' `...-'
#--------------------------------------------------------------------------------
-{ config, lib, pkgs, ... }:
+{ lib, pkgs, ... }:
{
deployment = {
persistedShares = [ "/etc" "/home" "/var" ];
diff --git a/hosts/leoncloud/default.nix b/hosts/leoncloud/default.nix
index e94ba0f3..ed126e07 100644
--- a/hosts/leoncloud/default.nix
+++ b/hosts/leoncloud/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
deployment = {
diff --git a/hosts/matemat/default.nix b/hosts/matemat/default.nix
index e1ea56b8..0ca0bceb 100644
--- a/hosts/matemat/default.nix
+++ b/hosts/matemat/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ pkgs, ... }:
{
c3d2 = {
diff --git a/hosts/mediawiki/default.nix b/hosts/mediawiki/default.nix
index 0422d64f..1a561f31 100644
--- a/hosts/mediawiki/default.nix
+++ b/hosts/mediawiki/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
networking.hostName = "mediawiki";
diff --git a/hosts/mobilizon/default.nix b/hosts/mobilizon/default.nix
index b996ad0c..689d3422 100644
--- a/hosts/mobilizon/default.nix
+++ b/hosts/mobilizon/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, pkgs, ... }:
+{ config, pkgs, ... }:
{
microvm.mem = 1024;
c3d2.isInHq = false;
diff --git a/hosts/mucbot/default.nix b/hosts/mucbot/default.nix
index b3d13456..e681656a 100644
--- a/hosts/mucbot/default.nix
+++ b/hosts/mucbot/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, tigger, ... }:
+{ pkgs, tigger, ... }:
{
deployment = {
diff --git a/hosts/network-homepage/default.nix b/hosts/network-homepage/default.nix
index fdcf2285..6143ab63 100644
--- a/hosts/network-homepage/default.nix
+++ b/hosts/network-homepage/default.nix
@@ -1,6 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
-
-with lib;
+{ zentralwerk, pkgs, ... }:
{
system.stateVersion = "22.05";
diff --git a/hosts/nfsroot/default.nix b/hosts/nfsroot/default.nix
index 7187b395..c913d0b0 100644
--- a/hosts/nfsroot/default.nix
+++ b/hosts/nfsroot/default.nix
@@ -1,7 +1,5 @@
-{ zentralwerk, config, lib, pkgs, ... }:
+{ lib, ... }:
let
- netConfig = zentralwerk.lib.config.site.net.serv;
-
nfsExports = [
"var/lib/nfsroot/dacbert"
"var/lib/nfsroot/riscbert"
diff --git a/hosts/nncp/default.nix b/hosts/nncp/default.nix
index 32307479..997115df 100644
--- a/hosts/nncp/default.nix
+++ b/hosts/nncp/default.nix
@@ -37,7 +37,7 @@
xx = "tx"; # transmit only
when-tx-exists = true;
};
- in lib.mapAttrs (name: value:
+ in lib.mapAttrs (_: value:
value // {
via = lib.lists.remove "c3d2" value.via;
} // (lib.attrsets.optionalAttrs (value.addrs or { } != { }) {
diff --git a/hosts/nncp/neighbours.nix b/hosts/nncp/neighbours.nix
index d10158ea..fc77799c 100644
--- a/hosts/nncp/neighbours.nix
+++ b/hosts/nncp/neighbours.nix
@@ -1,7 +1,7 @@
-{ config, lib, pkgs, ... }:
+{ config, pkgs, ... }:
-let
- exec = {
+{
+ programs.nncp.settings.neigh.emery.exec = {
# A command to asynchronously export store paths to a remote caller.
nix-store-export = with pkgs;
[
@@ -16,4 +16,4 @@ let
# A command to import store paths from a remote caller.
nix-store-import = [ "${config.nix.package}/bin/nix-store" "--import" ];
};
-in { programs.nncp.settings.neigh = { emery = { inherit exec; }; }; }
+}
diff --git a/hosts/oparl/default.nix b/hosts/oparl/default.nix
index 32f1c6fb..713ca79e 100644
--- a/hosts/oparl/default.nix
+++ b/hosts/oparl/default.nix
@@ -1,9 +1,7 @@
-{ zentralwerk, oparl-scraper, config, pkgs, ... }:
+{ oparl-scraper, config, pkgs, ... }:
+
let
ratsinfo-scraper = import oparl-scraper { inherit pkgs; };
-
- netConfig = zentralwerk.lib.config.site.net.serv;
-
in
{
c3d2.deployment = {
@@ -41,7 +39,7 @@ in
path = with pkgs; [
git openssh poppler_utils ratsinfo-scraper
];
- script = ''
+ script = /* bash */ ''
if [ -d data ]; then
pushd data
git pull
diff --git a/hosts/prometheus/default.nix b/hosts/prometheus/default.nix
index c36ef496..c3c366e0 100644
--- a/hosts/prometheus/default.nix
+++ b/hosts/prometheus/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, pkgs, lib, ... }:
+{ zentralwerk, config, lib, ... }:
{
sops.defaultSopsFile = ./secrets.yaml;
@@ -64,7 +64,7 @@
static_configs =
let
zwNets = zentralwerk.lib.config.site.net;
- fromNet = net: filter:
+ fromNet = net: _:
map (host:
"${host}.${net}.zentralwerk.org:9100"
) (builtins.attrNames zwNets.${net}.hosts4);
diff --git a/hosts/public-access-proxy/proxy.nix b/hosts/public-access-proxy/proxy.nix
index eb3b65e0..21f5070e 100644
--- a/hosts/public-access-proxy/proxy.nix
+++ b/hosts/public-access-proxy/proxy.nix
@@ -1,50 +1,48 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
-with lib;
-let cfg = config.services.proxy;
-
- canonicalize = builtins.replaceStrings ["*" "." ":" "[" "]"] ["all" "_" "_" "" ""];
-
-in {
+let
+ cfg = config.services.proxy;
+ canonicalize = builtins.replaceStrings [ "*" "." ":" "[" "]" ] [ "all" "_" "_" "" "" ];
+in
+{
options.services.proxy = {
-
- enable = mkOption {
+ enable = lib.mkOption {
default = false;
description = "whether to enable proxy";
- type = types.bool;
+ type = lib.types.bool;
};
- proxyHosts = mkOption {
- type = types.listOf (types.submodule {
+ proxyHosts = lib.mkOption {
+ type = lib.types.listOf (lib.types.submodule {
options = {
- hostNames = mkOption {
- type = types.listOf types.str;
+ hostNames = lib.mkOption {
+ type = with lib.types; listOf str;
default = [ ];
description = ''
Proxy these hostNames.
'';
};
- proxyTo = mkOption {
- type = types.submodule {
+ proxyTo = lib.mkOption {
+ type = lib.types.submodule {
options = {
- host = mkOption {
- type = types.nullOr types.string;
+ host = lib.mkOption {
+ type = with lib.types; nullOr string;
default = null;
description = ''
Host to forward traffic to.
Any hostname may only be used once
'';
};
- httpPort = mkOption {
- type = types.int;
+ httpPort = lib.mkOption {
+ type = lib.types.int;
default = 80;
description = ''
Port to forward http to.
'';
};
- httpsPort = mkOption {
- type = types.int;
+ httpsPort = lib.mkOption {
+ type = lib.types.int;
default = 443;
description = ''
Port to forward http to.
@@ -57,8 +55,8 @@ in {
'';
default = { };
};
- matchArg = mkOption {
- type = types.str;
+ matchArg = lib.mkOption {
+ type = lib.types.str;
default = "";
description = "Optional argument to HAProxy `req.ssl_sni -i`";
};
@@ -76,11 +74,9 @@ in {
};
}];
};
-
};
- config = mkIf cfg.enable {
-
+ config = lib.mkIf cfg.enable {
services.haproxy = {
enable = true;
config = ''
@@ -101,10 +97,9 @@ in {
option forwardfor
http-request set-header X-Forwarded-Proto http
http-request set-header X-Forwarded-Port 80
- ${
- concatMapStrings ({ proxyTo, hostNames, matchArg }:
- optionalString (hostNames != [ ] && proxyTo.host != null) (
- concatMapStrings (hostname: ''
+ ${lib.concatMapStrings ({ proxyTo, hostNames, matchArg }:
+ lib.optionalString (hostNames != [ ] && proxyTo.host != null) (
+ lib.concatMapStrings (hostname: ''
use-server ${canonicalize hostname}-http if { req.hdr(host) -i ${matchArg} ${hostname} }
server ${canonicalize hostname}-http ${proxyTo.host}:${
toString proxyTo.httpPort
@@ -118,13 +113,13 @@ in {
bind :::443 v4v6
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
- ${concatMapStrings ({ proxyTo, hostNames, matchArg }:
- concatMapStrings (hostname: ''
+ ${lib.concatMapStrings ({ proxyTo, hostNames, matchArg }:
+ lib.concatMapStrings (hostname: ''
use_backend ${canonicalize proxyTo.host}-https if { req.ssl_sni -i ${matchArg} ${hostname} }
'') hostNames
) cfg.proxyHosts}
- ${concatMapStrings ({ proxyTo, hostNames, matchArg }: ''
+ ${lib.concatMapStrings ({ proxyTo, ... }: ''
backend ${canonicalize proxyTo.host}-https
server ${canonicalize proxyTo.host}-https ${proxyTo.host}:${
toString proxyTo.httpsPort
diff --git a/hosts/public-access-proxy/stats.nix b/hosts/public-access-proxy/stats.nix
index 09fac918..1656fbeb 100644
--- a/hosts/public-access-proxy/stats.nix
+++ b/hosts/public-access-proxy/stats.nix
@@ -1,4 +1,4 @@
-{ pkgs, lib, ... }:
+{ pkgs, ... }:
{
c3d2.hq.statistics.enable = true;
diff --git a/hosts/pulsebert/hardware-configuration.nix b/hosts/pulsebert/hardware-configuration.nix
index 26675d11..caf973a7 100644
--- a/hosts/pulsebert/hardware-configuration.nix
+++ b/hosts/pulsebert/hardware-configuration.nix
@@ -1,7 +1,7 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{ lib, ... }:
{
#imports =
diff --git a/hosts/rpi-netboot/default.nix b/hosts/rpi-netboot/default.nix
index 40fb2ff1..017dec7c 100644
--- a/hosts/rpi-netboot/default.nix
+++ b/hosts/rpi-netboot/default.nix
@@ -1,4 +1,4 @@
-{ hostRegistry, nixpkgs, config, lib, pkgs, modulesPath, ... }:
+{ hostRegistry, lib, pkgs, ... }:
{
c3d2 = {
diff --git a/hosts/scrape/default.nix b/hosts/scrape/default.nix
index 4bbf9290..fe8fa315 100644
--- a/hosts/scrape/default.nix
+++ b/hosts/scrape/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, pkgs, config, scrapers, ... }:
+{ pkgs, config, scrapers, ... }:
let
freifunkNodes = {
diff --git a/hosts/sdrweb/default.nix b/hosts/sdrweb/default.nix
index a5bc6a17..f6e53b0f 100644
--- a/hosts/sdrweb/default.nix
+++ b/hosts/sdrweb/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, config, pkgs, ... }:
+{ config, pkgs, ... }:
{
deployment = {
# needs to keep just its ssh key for sops-nix
diff --git a/hosts/server10/default.nix b/hosts/server10/default.nix
index 1b829a29..a16d803e 100644
--- a/hosts/server10/default.nix
+++ b/hosts/server10/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, ... }:
{
imports = [
diff --git a/hosts/server10/hardware-configuration.nix b/hosts/server10/hardware-configuration.nix
index 50ffe4f0..fb2caeed 100644
--- a/hosts/server10/hardware-configuration.nix
+++ b/hosts/server10/hardware-configuration.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, modulesPath, ... }:
+{ config, lib, modulesPath, ... }:
{
imports =
diff --git a/hosts/server8/default.nix b/hosts/server8/default.nix
index e84a6b59..a8bb6654 100644
--- a/hosts/server8/default.nix
+++ b/hosts/server8/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ ... }:
{
imports = [
diff --git a/hosts/server8/hardware-configuration.nix b/hosts/server8/hardware-configuration.nix
index 597568d2..17de888d 100644
--- a/hosts/server8/hardware-configuration.nix
+++ b/hosts/server8/hardware-configuration.nix
@@ -1,7 +1,7 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{ config, lib, modulesPath, ... }:
{
imports =
diff --git a/hosts/server9/default.nix b/hosts/server9/default.nix
index ea5a2b4c..1f28e789 100644
--- a/hosts/server9/default.nix
+++ b/hosts/server9/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+_:
{
imports = [
diff --git a/hosts/server9/hardware-configuration.nix b/hosts/server9/hardware-configuration.nix
index c1abba41..0a9b72d9 100644
--- a/hosts/server9/hardware-configuration.nix
+++ b/hosts/server9/hardware-configuration.nix
@@ -1,7 +1,7 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{ config, lib, modulesPath, ... }:
{
imports =
diff --git a/hosts/spaceapi/default.nix b/hosts/spaceapi/default.nix
index 2475fb3a..5861ef59 100644
--- a/hosts/spaceapi/default.nix
+++ b/hosts/spaceapi/default.nix
@@ -1,4 +1,5 @@
-{ zentralwerk, ... }:
+_:
+
{
c3d2.deployment = {
server = "server10";
diff --git a/hosts/ticker/default.nix b/hosts/ticker/default.nix
index 152c6a25..154daefd 100644
--- a/hosts/ticker/default.nix
+++ b/hosts/ticker/default.nix
@@ -1,6 +1,4 @@
-{ zentralwerk, config, lib, pkgs, ... }:
-
-with lib;
+{ zentralwerk, config, ... }:
{
system.stateVersion = "22.05";
diff --git a/hosts/zengel/default.nix b/hosts/zengel/default.nix
index 1a423801..57ef41a5 100644
--- a/hosts/zengel/default.nix
+++ b/hosts/zengel/default.nix
@@ -1,7 +1,6 @@
-{ pkgs, ... }:
-let
- domain = "zengel.datenspuren.de";
-in {
+{ config, pkgs, ... }:
+
+{
networking.hostName = "zengel";
microvm.mem = 1024;
c3d2.deployment = {
@@ -13,7 +12,7 @@ in {
services.engelsystem = {
enable = true;
- domain = domain;
+ domain = "zengel.datenspuren.de";
createDatabase = true;
package = pkgs.engelsystem.override { php = pkgs.php74; };
config = {
@@ -50,7 +49,7 @@ in {
services.phpfpm.phpPackage = pkgs.php74;
services.nginx = {
enable = true;
- virtualHosts."${domain}" = {
+ virtualHosts."${config.services.engelsystem.domain}" = {
default = true;
forceSSL = true;
enableACME = true;
diff --git a/modules/audio-server.nix b/modules/audio-server.nix
index ad6fe887..107314b7 100644
--- a/modules/audio-server.nix
+++ b/modules/audio-server.nix
@@ -35,7 +35,7 @@
bluetoothSupport = true;
advancedBluetoothCodecs = true;
zeroconfSupport = true;
- }).overrideAttrs (oldAttrs: {
+ }).overrideAttrs (_: {
# one test times out
doCheck = false;
});
diff --git a/modules/backup.nix b/modules/backup.nix
index 936fa1e2..2c0585ef 100644
--- a/modules/backup.nix
+++ b/modules/backup.nix
@@ -2,7 +2,7 @@
{
config.services.postgresqlBackup = {
- enable = config.services.postgresql.enable;
+ inherit (config.services.postgresql) enable;
backupAll = true;
compression = "zstd";
# compressionLevel = 9; # TODO: only available with 21.11
diff --git a/modules/c3d2.nix b/modules/c3d2.nix
index f15493d9..60d6f2f2 100644
--- a/modules/c3d2.nix
+++ b/modules/c3d2.nix
@@ -169,21 +169,21 @@ in
config =
let
- adminKeys = (with builtins; lib.lists.flatten (
+ adminKeys = with builtins; lib.lists.flatten (
map
(getAttr "sshKeys")
(attrValues cfg.users)
- ));
+ );
mkIfIsInHq = x: lib.mkIf cfg.isInHq (lib.mkDefault x);
in
{
networking.hosts = lib.mkIf cfg.mergeHostsFile
((
lib.attrsets.mapAttrs' (n: v: { name = v.ip4; value = [ "${n}.c3d2" ]; })
- (lib.attrsets.filterAttrs (n: v: v.ip4 != null) cfg.hosts)
+ (lib.attrsets.filterAttrs (_: v: v.ip4 != null) cfg.hosts)
) // (
lib.attrsets.mapAttrs' (n: v: { name = v.ip6; value = [ "${n}.c3d2" ]; })
- (lib.attrsets.filterAttrs (n: v: v.ip6 != null) cfg.hosts)
+ (lib.attrsets.filterAttrs (_: v: v.ip6 != null) cfg.hosts)
));
programs.nncp.settings = lib.optionalAttrs cfg.mergeNncpSettings cfg.nncp;
diff --git a/modules/cluster/default.nix b/modules/cluster/default.nix
index 7b698fd0..7acbbe57 100644
--- a/modules/cluster/default.nix
+++ b/modules/cluster/default.nix
@@ -1,4 +1,4 @@
-{ zentralwerk, hostRegistry, config, lib, pkgs, ... }:
+{ zentralwerk, hostRegistry, config, lib, ... }:
let
inherit (config.networking) hostName;
@@ -15,8 +15,6 @@ let
then net
else result
) null [ "cluster" "serv" ];
-
- ipv4Addr = zentralwerk.lib.config.site.net.${serverNet hostName}.hosts4.${hostName};
in {
# Open firewall between cluster members
networking.firewall.extraCommands = lib.concatMapStrings (server:
@@ -41,7 +39,7 @@ in {
);
nomad = {
datacenter = "c3d2";
- servers = servers;
+ inherit servers;
# run tasks only on these:
client.enable = builtins.elem hostName microvmServers;
client.meta =
diff --git a/modules/cluster/deployment-options.nix b/modules/cluster/deployment-options.nix
index 4f77f516..c7ee785a 100644
--- a/modules/cluster/deployment-options.nix
+++ b/modules/cluster/deployment-options.nix
@@ -13,9 +13,9 @@
networks = mkOption {
type = with types; listOf str;
default = builtins.attrNames (
- lib.filterAttrs (net: { hosts4, hosts6, ... }:
+ lib.filterAttrs (_: { hosts4, hosts6, ... }:
hosts4 ? ${config.networking.hostName} ||
- lib.filterAttrs (ctx: hosts6:
+ lib.filterAttrs (_: hosts6:
hosts6 ? ${config.networking.hostName}
) hosts6 != {}
) zentralwerk.lib.config.site.net
diff --git a/modules/cluster/deployment.nix b/modules/cluster/deployment.nix
index 8a23ac35..ceedabd0 100644
--- a/modules/cluster/deployment.nix
+++ b/modules/cluster/deployment.nix
@@ -31,8 +31,7 @@ in
{
microvm = {
hypervisor = "cloud-hypervisor";
- vcpu = config.deployment.vcpu;
- mem = config.deployment.mem;
+ inherit (config.deployment) mem vcpu;
preStart = ''
# Discard old writable store overlay
diff --git a/modules/logging.nix b/modules/logging.nix
index 13681b10..683af85d 100644
--- a/modules/logging.nix
+++ b/modules/logging.nix
@@ -1,28 +1,6 @@
-{ hostRegistry, config, pkgs, lib, ... }:
+{ config, pkgs, lib, ... }:
-let
-
- nginxGlobalLogging = ''
- log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
- '"remote_addr": "$remote_addr", '
- '"body_bytes_sent": $body_bytes_sent, '
- '"request_time": $request_time, '
- '"response_status": $status, '
- '"request": "$request", '
- '"request_method": "$request_method", '
- '"host": "$host",'
- '"upstream_cache_status": "$upstream_cache_status",'
- '"upstream_addr": "$upstream_addr",'
- '"http_x_forwarded_for": "$http_x_forwarded_for",'
- '"http_referrer": "$http_referer", '
- '"http_user_agent": "$http_user_agent" }';
-
- # replace the hostnames with the IP or hostname of your Graylog2 server
- access_log syslog:server=graylog.server.org:12301 graylog2_json;
- error_log syslog:server=graylog.server.org:12302;
- '';
-
-in {
+{
# add central logging
services.journalbeat = {
enable = false;
diff --git a/modules/microvm.nix b/modules/microvm.nix
index 8df5d8a8..fad57689 100644
--- a/modules/microvm.nix
+++ b/modules/microvm.nix
@@ -19,9 +19,9 @@ let
"${builtins.substring 0 1 hash}2:${c 2}:${c 4}:${c 6}:${c 8}:${c 10}";
nets = builtins.attrNames (
- lib.filterAttrs (net: { hosts4, hosts6, ... }:
+ lib.filterAttrs (_: { hosts4, hosts6, ... }:
hosts4 ? ${hostName} ||
- lib.filterAttrs (ctx: hosts6:
+ lib.filterAttrs (_: hosts6:
hosts6 ? ${hostName}
) hosts6 != {}
) zentralwerk.lib.config.site.net
diff --git a/modules/nncp.nix b/modules/nncp.nix
index f605a7a7..23aa135f 100644
--- a/modules/nncp.nix
+++ b/modules/nncp.nix
@@ -1,13 +1,10 @@
-{ config, lib, pkgs, ... }:
-with lib;
+{ config, lib, ... }:
let
nncpCfgFile = "/run/nncp.hjson";
programCfg = lib.optionalAttrs (config.programs ? nncp) config.programs.nncp;
callerCfg = config.services.nncp.caller;
daemonCfg = config.services.nncp.daemon;
- settingsFormat = pkgs.formats.json { };
- jsonCfgFile = settingsFormat.generate "nncp.json" programCfg.settings;
pkg = programCfg.package;
in
{
@@ -15,13 +12,13 @@ in
services.nncp = {
caller = {
- enable = mkEnableOption ''
+ enable = lib.mkEnableOption ''
croned NNCP TCP daemon caller.
The daemon will take configuration from
'';
- extraArgs = mkOption {
- type = with types; listOf str;
+ extraArgs = lib.mkOption {
+ type = with lib.types; listOf str;
description = "Extra command-line arguments to pass to caller.";
default = [ ];
example = [ "-autotoss" ];
@@ -29,18 +26,18 @@ in
};
daemon = {
- enable = mkEnableOption ''
+ enable = lib.mkEnableOption ''
NNCP TCP synronization daemon.
The daemon will take configuration from
'';
socketActivation = {
- enable = mkEnableOption ''
+ enable = lib.mkEnableOption ''
Whether to run nncp-daemon persistently or socket-activated.
'';
- listenStreams = mkOption {
- type = with types; listOf str;
+ listenStreams = lib.mkOption {
+ type = with lib.types; listOf str;
description = ''
TCP sockets to bind to.
See .
@@ -49,8 +46,8 @@ in
};
};
- extraArgs = mkOption {
- type = with types; listOf str;
+ extraArgs = lib.mkOption {
+ type = with lib.types; listOf str;
description = "Extra command-line arguments to pass to daemon.";
default = [ ];
example = [ "-autotoss" ];
@@ -60,15 +57,14 @@ in
};
};
- config = mkIf (programCfg.enable or callerCfg.enable or daemonCfg.enable) {
-
+ config = lib.mkIf (programCfg.enable or callerCfg.enable or daemonCfg.enable) {
assertions = [{
- assertion = with builtins;
+ assertion =
let
callerCongfigured =
let neigh = config.programs.nncp.settings.neigh or { };
- in lib.lists.any (x: hasAttr "calls" x && x.calls != [ ])
- (attrValues neigh);
+ in lib.lists.any (x: lib.hasAttr "calls" x && x.calls != [ ])
+ (lib.attrValues neigh);
in !callerCfg.enable || callerCongfigured;
message = "NNCP caller enabled but call configuration is missing";
}];
@@ -89,7 +85,7 @@ in
};
};
- systemd.services."nncp-daemon" = mkIf daemonCfg.enable {
+ systemd.services."nncp-daemon" = lib.mkIf daemonCfg.enable {
enable = !daemonCfg.socketActivation.enable;
description = "NNCP TCP syncronization daemon.";
documentation = [ "http://www.nncpgo.org/nncp_002ddaemon.html" ];
@@ -106,7 +102,7 @@ in
};
};
- systemd.services."nncp-daemon@" = mkIf daemonCfg.socketActivation.enable {
+ systemd.services."nncp-daemon@" = lib.mkIf daemonCfg.socketActivation.enable {
description = "NNCP TCP syncronization daemon.";
documentation = [ "http://www.nncpgo.org/nncp_002ddaemon.html" ];
after = [ "network.target" ];
@@ -123,7 +119,7 @@ in
};
};
- systemd.sockets.nncp-daemon = mkIf daemonCfg.socketActivation.enable {
+ systemd.sockets.nncp-daemon = lib.mkIf daemonCfg.socketActivation.enable {
inherit (daemonCfg.socketActivation) listenStreams;
description = "socket for NNCP TCP syncronization.";
conflicts = [ "nncp-daemon.service" ];
diff --git a/modules/plume.nix b/modules/plume.nix
index 530c5abd..1a9a0534 100644
--- a/modules/plume.nix
+++ b/modules/plume.nix
@@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }:
let
- inherit (pkgs) plume;
cfg = config.services.plume;
in
{
@@ -33,7 +32,7 @@ in
ids.uids.plume = 499;
users.users.${cfg.user} = {
uid = config.ids.uids.plume;
- group = cfg.group;
+ inherit (cfg) group;
home = "/var/lib/plume";
};
users.groups.${cfg.group} = {};
@@ -52,11 +51,11 @@ in
after = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
- path = [ plume ];
+ path = [ pkgs.plume ];
script = ''
ln -sf ${cfg.envFile} .env
mkdir -p static/media
- for f in ${plume}/share/plume/static/*; do
+ for f in ${pkgs.plume}/share/plume/static/*; do
n=$(basename "$f")
if [ "$n" != media ]; then
rm -f "static/$n"
@@ -79,7 +78,7 @@ in
#! ${pkgs.runtimeShell} -e
plm() {
- sudo -u ${config.services.plume.user} -- ${plume}/bin/plm $@
+ sudo -u ${config.services.plume.user} -- ${pkgs.plume}/bin/plm $@
}
plm migration run
diff --git a/modules/rpi-netboot.nix b/modules/rpi-netboot.nix
index 8de21ce2..3c0782ac 100644
--- a/modules/rpi-netboot.nix
+++ b/modules/rpi-netboot.nix
@@ -1,4 +1,4 @@
-{ hostRegistry, config, pkgs, lib, ... }:
+{ config, pkgs, lib, ... }:
{
boot = {
loader.generic-extlinux-compatible.enable = false;
diff --git a/overlays/bmxd.nix b/overlays/bmxd.nix
index f5741fa5..8a4e9324 100644
--- a/overlays/bmxd.nix
+++ b/overlays/bmxd.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchgit, fetchpatch, }:
+{ stdenv, fetchgit }:
stdenv.mkDerivation {
pname = "bmxd";
diff --git a/overlays/plume/default.nix b/overlays/plume/default.nix
index ad4ce17c..70149ff7 100644
--- a/overlays/plume/default.nix
+++ b/overlays/plume/default.nix
@@ -1,6 +1,5 @@
{ naersk
, fenix
-, curl
, nodejs
, rustPlatform
, stdenv
@@ -137,7 +136,7 @@ let
"--package=plume-front"
];
copyLibs = true;
- overrideMain = oa: {
+ overrideMain = _: {
buildPhase = ''
wasm-pack build --mode no-install --target web --release plume-front
'';
diff --git a/packages.nix b/packages.nix
index 83f9d90b..7ffdf033 100644
--- a/packages.nix
+++ b/packages.nix
@@ -5,12 +5,7 @@ let
let
hostConf = hostRegistry.hosts."${name}";
in
- if hostConf ? ip4
- then hostConf.ip4
- else if hostConf ? ip6
- then hostConf.ip6
- else throw "Host ${name} has no ip4 or ip6 address";
-
+ hostConf.ip4 or (hostConf.ip6 or (throw "Host ${name} has no ip4 or ip6 address"));
# all the input flakes for `nix copy` to the build machine,
# allowing --override-input
@@ -309,10 +304,7 @@ lib.attrsets.mapAttrs
];
}).config.microvm.declaredRunner;
- "${host}-tftproot" =
- if config.system.build ? tftproot
- then config.system.build.tftproot
- else lib.trace "No tftproot for ${host}" null;
+ "${host}-tftproot" = config.system.build.tftproot or (lib.trace "No tftproot for ${host}" null);
}
)
{ }