chore: Run nixfmt
This commit is contained in:
parent
8d8924f5f4
commit
688a5c324e
5 changed files with 70 additions and 50 deletions
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
pkgs ? import (import ./npins).nixpkgs { },
|
||||
}:
|
||||
pkgs.callPackage ./package.nix {}
|
||||
pkgs.callPackage ./package.nix { }
|
||||
|
|
50
module.nix
50
module.nix
|
@ -1,4 +1,9 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
cfg = config.services.signal-irc-bridge;
|
||||
commonServiceOptions = {
|
||||
|
@ -7,22 +12,23 @@ let
|
|||
StateDirectory = "signal-cli";
|
||||
RuntimeDirectory = "signal-cli";
|
||||
|
||||
PrivateDevices=true;
|
||||
PrivateTmp=true;
|
||||
ProtectControlGroups=true;
|
||||
ProtectKernelTunables=true;
|
||||
RestrictSUIDSGID=true;
|
||||
PrivateDevices = true;
|
||||
PrivateTmp = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectKernelTunables = true;
|
||||
RestrictSUIDSGID = true;
|
||||
|
||||
ProtectSystem="strict";
|
||||
ProtectKernelLogs=true;
|
||||
ProtectProc="invisible";
|
||||
PrivateUsers=true;
|
||||
ProtectHome=true;
|
||||
UMask="0027";
|
||||
RuntimeDirectoryMode="0750";
|
||||
StateDirectoryMode="0750";
|
||||
ProtectSystem = "strict";
|
||||
ProtectKernelLogs = true;
|
||||
ProtectProc = "invisible";
|
||||
PrivateUsers = true;
|
||||
ProtectHome = true;
|
||||
UMask = "0027";
|
||||
RuntimeDirectoryMode = "0750";
|
||||
StateDirectoryMode = "0750";
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.signal-irc-bridge = {
|
||||
enable = lib.mkEnableOption "signal-irc bridge";
|
||||
|
@ -38,9 +44,7 @@ in {
|
|||
};
|
||||
|
||||
config = {
|
||||
nixpkgs.overlays = [
|
||||
(import ./overlay.nix)
|
||||
];
|
||||
nixpkgs.overlays = [ (import ./overlay.nix) ];
|
||||
|
||||
systemd.services = lib.mkIf cfg.enable {
|
||||
signal-irc-bridge = {
|
||||
|
@ -53,7 +57,7 @@ in {
|
|||
};
|
||||
serviceConfig = commonServiceOptions // {
|
||||
Restart = "always";
|
||||
RestartSec= "5s";
|
||||
RestartSec = "5s";
|
||||
|
||||
LoadCredential = [ "config:${cfg.configFile}" ];
|
||||
|
||||
|
@ -66,20 +70,18 @@ in {
|
|||
serviceConfig = commonServiceOptions // {
|
||||
ExecStart = "${lib.getExe pkgs.signal-cli} --config \"\${STATE_DIRECTORY}\"/signal-cli-config/ daemon --socket \"\${RUNTIME_DIRECTORY}\"/socket --receive-mode=manual";
|
||||
Restart = "always";
|
||||
RestartSec= "5s";
|
||||
RestartSec = "5s";
|
||||
};
|
||||
};
|
||||
};
|
||||
environment.systemPackages = lib.mkIf cfg.enable [
|
||||
pkgs.signal-cli
|
||||
];
|
||||
environment.systemPackages = lib.mkIf cfg.enable [ pkgs.signal-cli ];
|
||||
|
||||
users = lib.mkIf cfg.enable {
|
||||
users.signal-irc = {
|
||||
isSystemUser = true;
|
||||
group = "signal-irc";
|
||||
};
|
||||
groups.signal-irc = {};
|
||||
groups.signal-irc = { };
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -3,18 +3,32 @@ let
|
|||
data = builtins.fromJSON (builtins.readFile ./sources.json);
|
||||
version = data.version;
|
||||
|
||||
mkSource = spec:
|
||||
assert spec ? type; let
|
||||
mkSource =
|
||||
spec:
|
||||
assert spec ? type;
|
||||
let
|
||||
path =
|
||||
if spec.type == "Git" then mkGitSource spec
|
||||
else if spec.type == "GitRelease" then mkGitSource spec
|
||||
else if spec.type == "PyPi" then mkPyPiSource spec
|
||||
else if spec.type == "Channel" then mkChannelSource spec
|
||||
else builtins.throw "Unknown source type ${spec.type}";
|
||||
if spec.type == "Git" then
|
||||
mkGitSource spec
|
||||
else if spec.type == "GitRelease" then
|
||||
mkGitSource spec
|
||||
else if spec.type == "PyPi" then
|
||||
mkPyPiSource spec
|
||||
else if spec.type == "Channel" then
|
||||
mkChannelSource spec
|
||||
else
|
||||
builtins.throw "Unknown source type ${spec.type}";
|
||||
in
|
||||
spec // { outPath = path; };
|
||||
|
||||
mkGitSource = { repository, revision, url ? null, hash, ... }:
|
||||
mkGitSource =
|
||||
{
|
||||
repository,
|
||||
revision,
|
||||
url ? null,
|
||||
hash,
|
||||
...
|
||||
}:
|
||||
assert repository ? type;
|
||||
# At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
|
||||
# In the latter case, there we will always be an url to the tarball
|
||||
|
@ -23,19 +37,23 @@ let
|
|||
inherit url;
|
||||
sha256 = hash; # FIXME: check nix version & use SRI hashes
|
||||
})
|
||||
else assert repository.type == "Git"; builtins.fetchGit {
|
||||
url = repository.url;
|
||||
rev = revision;
|
||||
# hash = hash;
|
||||
};
|
||||
else
|
||||
assert repository.type == "Git";
|
||||
builtins.fetchGit {
|
||||
url = repository.url;
|
||||
rev = revision;
|
||||
# hash = hash;
|
||||
};
|
||||
|
||||
mkPyPiSource = { url, hash, ... }:
|
||||
mkPyPiSource =
|
||||
{ url, hash, ... }:
|
||||
builtins.fetchurl {
|
||||
inherit url;
|
||||
sha256 = hash;
|
||||
};
|
||||
|
||||
mkChannelSource = { url, hash, ... }:
|
||||
mkChannelSource =
|
||||
{ url, hash, ... }:
|
||||
builtins.fetchTarball {
|
||||
inherit url;
|
||||
sha256 = hash;
|
||||
|
|
|
@ -1,3 +1 @@
|
|||
final: prev: {
|
||||
signal-irc-bridge = final.callPackage ./package.nix {};
|
||||
}
|
||||
final: prev: { signal-irc-bridge = final.callPackage ./package.nix { }; }
|
||||
|
|
16
package.nix
16
package.nix
|
@ -1,4 +1,9 @@
|
|||
{ lib, openssl, pkg-config, rustPlatform }:
|
||||
{
|
||||
lib,
|
||||
openssl,
|
||||
pkg-config,
|
||||
rustPlatform,
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "signal-irc-bridge";
|
||||
|
@ -8,18 +13,15 @@ rustPlatform.buildRustPackage rec {
|
|||
with lib.fileset;
|
||||
toSource {
|
||||
root = ./.;
|
||||
fileset =
|
||||
intersection (gitTracked ./.) (fileFilter (file: !file.hasExt "nix") ./.);
|
||||
fileset = intersection (gitTracked ./.) (fileFilter (file: !file.hasExt "nix") ./.);
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
nativeBuildInputs = [
|
||||
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
openssl
|
||||
];
|
||||
buildInputs = [ openssl ];
|
||||
|
||||
cargoHash = "sha256-J7+o6krHuK3CwwOIcDfm0s6F0cmviFQhSHpdKpXsa/g=";
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue