From 4ed22f5a7d6a16ad66eded7f30c85bba5ce2efba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sat, 23 Dec 2023 00:30:47 +0100 Subject: [PATCH] Sort, cleanup, add color highlighting --- modules/gitea.nix | 26 +++++++-------- modules/matrix.nix | 76 ++++++++++++++++++++++---------------------- modules/nix.nix | 6 ++-- modules/postgres.nix | 3 -- modules/ssh.nix | 2 +- modules/tmux.nix | 2 +- modules/zfs.nix | 2 +- 7 files changed, 57 insertions(+), 60 deletions(-) diff --git a/modules/gitea.nix b/modules/gitea.nix index 1f3722c..dfb988e 100644 --- a/modules/gitea.nix +++ b/modules/gitea.nix @@ -114,6 +114,19 @@ in }); }; + config.services.portunus.seedSettings.groups = [ + (lib.mkIf (cfgl.adminGroup != null) { + long_name = "Gitea Administrators"; + name = cfgl.adminGroup; + permissions = { }; + }) + (lib.mkIf (cfgl.userGroup != null) { + long_name = "Gitea Users"; + name = cfgl.userGroup; + permissions = { }; + }) + ]; + config.systemd.services = lib.mkIf (cfg.enable && cfgl.enable) { gitea.preStart = let @@ -131,17 +144,4 @@ in fi ''; }; - - config.services.portunus.seedSettings.groups = [ - (lib.mkIf (cfgl.adminGroup != null) { - long_name = "Gitea Administrators"; - name = cfgl.adminGroup; - permissions = { }; - }) - (lib.mkIf (cfgl.userGroup != null) { - long_name = "Gitea Users"; - name = cfgl.userGroup; - permissions = { }; - }) - ]; } diff --git a/modules/matrix.nix b/modules/matrix.nix index d487888..1724f57 100644 --- a/modules/matrix.nix +++ b/modules/matrix.nix @@ -46,44 +46,6 @@ in "matrix-synapse/config.yaml".source = cfg.configFile; }; - config.services.nginx = lib.mkIf cfge.enable { - enable = true; - virtualHosts."${cfge.domain}" = { - forceSSL = true; - enableACME = lib.mkDefault true; - root = (cfge.package.override { - conf = with config.services.matrix-synapse.settings; { - default_server_config."m.homeserver" = { - "base_url" = public_baseurl; - "server_name" = server_name; - }; - default_theme = "dark"; - room_directory.servers = [ server_name ]; - } // lib.optionalAttrs cfge.enableConfigFeatures { - features = { - # https://github.com/matrix-org/matrix-react-sdk/blob/develop/src/settings/Settings.tsx - # https://github.com/vector-im/element-web/blob/develop/docs/labs.md - feature_ask_to_join = true; - feature_bridge_state = true; - feature_exploring_public_spaces = true; - feature_jump_to_date = true; - feature_mjolnir = true; - feature_pinning = true; - feature_presence_in_room_list = true; - feature_report_to_moderators = true; - feature_qr_signin_reciprocate_show = true; - }; - show_labs_settings = true; - }; - }).overrideAttrs ({ postInstall ? "", ... }: { - # prevent 404 spam in nginx log - postInstall = postInstall + '' - ln -rs $out/config.json $out/config.${cfge.domain}.json - ''; - }); - }; - }; - config.services.matrix-synapse = lib.mkMerge [ { settings = lib.mkIf cfge.enable rec { @@ -150,6 +112,44 @@ in }) ]; + config.services.nginx = lib.mkIf cfge.enable { + enable = true; + virtualHosts."${cfge.domain}" = { + forceSSL = true; + enableACME = lib.mkDefault true; + root = (cfge.package.override { + conf = with config.services.matrix-synapse.settings; { + default_server_config."m.homeserver" = { + "base_url" = public_baseurl; + "server_name" = server_name; + }; + default_theme = "dark"; + room_directory.servers = [ server_name ]; + } // lib.optionalAttrs cfge.enableConfigFeatures { + features = { + # https://github.com/matrix-org/matrix-react-sdk/blob/develop/src/settings/Settings.tsx + # https://github.com/vector-im/element-web/blob/develop/docs/labs.md + feature_ask_to_join = true; + feature_bridge_state = true; + feature_exploring_public_spaces = true; + feature_jump_to_date = true; + feature_mjolnir = true; + feature_pinning = true; + feature_presence_in_room_list = true; + feature_report_to_moderators = true; + feature_qr_signin_reciprocate_show = true; + }; + show_labs_settings = true; + }; + }).overrideAttrs ({ postInstall ? "", ... }: { + # prevent 404 spam in nginx log + postInstall = postInstall + '' + ln -rs $out/config.json $out/config.${cfge.domain}.json + ''; + }); + }; + }; + config.services.portunus.seedSettings.groups = lib.optional (cfg.ldap.userGroup != null) { long_name = "Matrix Users"; name = cfg.ldap.userGroup; diff --git a/modules/nix.nix b/modules/nix.nix index 9c7fc71..8c28a4b 100644 --- a/modules/nix.nix +++ b/modules/nix.nix @@ -67,19 +67,19 @@ in }; system.activationScripts = { - deleteChannels = lib.mkIf cfg.deleteChannels '' + deleteChannels = lib.mkIf cfg.deleteChannels /* bash */ '' echo "Deleting all channels..." rm -rf /root/.nix-channels /home/*/.nix-channels /nix/var/nix/profiles/per-user/*/channels* || true ''; - deleteUserProfiles = lib.mkIf cfg.deleteUserProfiles '' + deleteUserProfiles = lib.mkIf cfg.deleteUserProfiles /* bash */ '' echo "Deleting all user profiles..." rm -rf /root/.nix-profile /home/*/.nix-profile /nix/var/nix/profiles/per-user/*/profile* || true ''; diff-system = lib.mkIf cfg.diffSystem { supportsDryActivation = true; - text = '' + text = /* bash */ '' if [[ -e /run/current-system && -e $systemConfig ]]; then echo System package diff: ${lib.getExe config.nix.package} --extra-experimental-features nix-command store diff-closures /run/current-system $systemConfig || true diff --git a/modules/postgres.nix b/modules/postgres.nix index 17d860c..04c3ded 100644 --- a/modules/postgres.nix +++ b/modules/postgres.nix @@ -1,7 +1,5 @@ { config, lib, libS, pkgs, ... }: -# NOTE: requires https://github.com/NixOS/nixpkgs/pull/257503 because of new usage of extraPlugins - let cfg = config.services.postgresql; cfgu = config.services.postgresql.upgrade; @@ -41,7 +39,6 @@ in environment.systemPackages = lib.optional cfgu.enable ( let # conditions copied from nixos/modules/services/databases/postgresql.nix - newPackage = if cfg.enableJIT && !cfgu.newPackage.jitSupport then cfgu.newPackage.withJIT else cfg.newPackage; newData = "/var/lib/postgresql/${cfgu.newPackage.psqlSchema}"; newBin = "${if cfg.extraPlugins == [] then cfgu.newPackage else cfgu.newPackage.withPackages cfg.extraPlugins}/bin"; diff --git a/modules/ssh.nix b/modules/ssh.nix index d683305..891c456 100644 --- a/modules/ssh.nix +++ b/modules/ssh.nix @@ -18,7 +18,7 @@ in config = lib.mkIf cfgP.addPopularKnownHosts { programs.ssh = { - extraConfig = lib.mkIf cfgP.recommendedDefaults '' + extraConfig = lib.mkIf cfgP.recommendedDefaults /* sshconfig */ '' # hard complain about wrong knownHosts StrictHostKeyChecking accept-new # make automated host key rotation possible diff --git a/modules/tmux.nix b/modules/tmux.nix index b2ab04d..555ac5d 100644 --- a/modules/tmux.nix +++ b/modules/tmux.nix @@ -15,7 +15,7 @@ in clock24 = true; escapeTime = 100; terminal = "xterm-256color"; - extraConfig = '' + extraConfig = /* tmux */'' # focus events enabled for terminals that support them set -g focus-events on diff --git a/modules/zfs.nix b/modules/zfs.nix index 457913d..01bede6 100644 --- a/modules/zfs.nix +++ b/modules/zfs.nix @@ -28,7 +28,7 @@ in virtualisation.containers.storage.settings = lib.mkIf cfg.recommendedDefaults (lib.recursiveUpdate options.virtualisation.containers.storage.settings.default { # fixes: Error: 'overlay' is not supported over zfs, a mount_program is required: backing file system is unsupported for this graph driver - storage.options.mount_program = "${pkgs.fuse-overlayfs}/bin/fuse-overlayfs"; + storage.options.mount_program = lib.getExe pkgs.fuse-overlayfs; }); }; }