refactor(ops/nixos): Move my NixOS configurations to //users/tazjin
NixOS modules move one level up because it's unlikely that //ops/nixos will contain actual systems at this point (they're user-specific). This is the first users folder, so it is also added to the root readTree invocation for the repository. Change-Id: I546c701145fa204b7ba7518a8a56a783588629e0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/244 Reviewed-by: tazjin <mail@tazj.in>
This commit is contained in:
parent
9658e96a87
commit
268729083e
24 changed files with 51 additions and 124 deletions
bin
ci-builds.nixdefault.nixops/nixos
.skip-subtreeREADME.mddepot.nixhound.nixmail.nix
modules
monorepo-gerrit.nixsmtprelay.nixtvl-slapd
v4l2loopback.nixusers/tazjin
dotfiles
nixos
|
@ -36,7 +36,7 @@ case "${TARGET_TOOL}" in
|
||||||
attr="third_party.age"
|
attr="third_party.age"
|
||||||
;;
|
;;
|
||||||
rebuilder)
|
rebuilder)
|
||||||
attr="ops.nixos.rebuilder"
|
attr="users.tazjin.nixos.rebuilder"
|
||||||
;;
|
;;
|
||||||
meson)
|
meson)
|
||||||
attr="third_party.meson"
|
attr="third_party.meson"
|
||||||
|
|
|
@ -19,8 +19,6 @@ with (import ./default.nix {}); [
|
||||||
ops.kms_pass
|
ops.kms_pass
|
||||||
ops.kontemplate
|
ops.kontemplate
|
||||||
ops.mq_cli
|
ops.mq_cli
|
||||||
ops.nixos.camdenSystem
|
|
||||||
ops.nixos.frogSystem
|
|
||||||
third_party.cgit
|
third_party.cgit
|
||||||
third_party.git
|
third_party.git
|
||||||
third_party.lisp # will build all third-party libraries
|
third_party.lisp # will build all third-party libraries
|
||||||
|
@ -31,8 +29,7 @@ with (import ./default.nix {}); [
|
||||||
web.cgit-taz
|
web.cgit-taz
|
||||||
web.tvl
|
web.tvl
|
||||||
|
|
||||||
# Nugget is not currently built because it depends on various things
|
# tazjin's personal things
|
||||||
# (such as chromium-vaapi) that don't work in CI.
|
users.tazjin.nixos.camdenSystem
|
||||||
#
|
users.tazjin.nixos.frogSystem
|
||||||
# ops.nixos.nuggetSystem
|
|
||||||
]
|
]
|
||||||
|
|
|
@ -41,6 +41,7 @@ let
|
||||||
presentations = readTree ./presentations;
|
presentations = readTree ./presentations;
|
||||||
third_party = readTree ./third_party;
|
third_party = readTree ./third_party;
|
||||||
tools = readTree ./tools;
|
tools = readTree ./tools;
|
||||||
|
users = readTree ./users;
|
||||||
web = readTree ./web;
|
web = readTree ./web;
|
||||||
};
|
};
|
||||||
in fix(self: {
|
in fix(self: {
|
||||||
|
|
1
ops/nixos/.skip-subtree
Normal file
1
ops/nixos/.skip-subtree
Normal file
|
@ -0,0 +1 @@
|
||||||
|
NixOS modules are not readTree compatible.
|
|
@ -1,20 +1,7 @@
|
||||||
NixOS configuration
|
NixOS modules
|
||||||
===================
|
=============
|
||||||
|
|
||||||
My NixOS configuration! It configures most of the packages I require
|
This folder contains various NixOS modules shared by our NixOS
|
||||||
on my systems, sets up Emacs the way I need and does a bunch of other
|
configurations.
|
||||||
interesting things.
|
|
||||||
|
|
||||||
System configuration lives in folders for each machine and a custom
|
It is not read by `readTree`.
|
||||||
fixed point evaluation (similar to standard NixOS module
|
|
||||||
configuration) is used to combine configuration together.
|
|
||||||
|
|
||||||
Building `ops.nixos.rebuilder` yields a script that will automatically
|
|
||||||
build and activate the newest configuration based on the current
|
|
||||||
hostname.
|
|
||||||
|
|
||||||
## Configured hosts:
|
|
||||||
|
|
||||||
* `frog` - weapon of mass computation at home
|
|
||||||
* `nugget` - desktop computer at home
|
|
||||||
* ~~`urdhva` - T470s~~ (currently with edef)
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
# It needs to be included and configured in each system like this:
|
# It needs to be included and configured in each system like this:
|
||||||
#
|
#
|
||||||
# {
|
# {
|
||||||
# imports = [ ../modules/depot.nix ];
|
# imports = [ "${depot.depotPath}/ops/nixos/depot.nix" ];
|
||||||
# inherit depot;
|
# inherit depot;
|
||||||
# }
|
# }
|
||||||
{ lib, ... }:
|
{ lib, ... }:
|
|
@ -1,77 +0,0 @@
|
||||||
# This file configures offlineimap, notmuch and MSMTP.
|
|
||||||
#
|
|
||||||
# Some manual configuration is required the first time this is
|
|
||||||
# applied:
|
|
||||||
#
|
|
||||||
# 1. Credential setup.
|
|
||||||
# 2. Linking of MSMTP config (ln -s /etc/msmtprc ~/.msmtprc)
|
|
||||||
# 3. Linking of notmuch config (ln -s /etc/notmuch-config ~/.notmuch-config)
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let offlineImapConfig = pkgs.writeText "offlineimaprc"
|
|
||||||
(builtins.readFile ./dotfiles/offlineimaprc);
|
|
||||||
|
|
||||||
msmtpConfig = pkgs.writeText "msmtprc"
|
|
||||||
(builtins.readFile ./dotfiles/msmtprc);
|
|
||||||
|
|
||||||
notmuchConfig = pkgs.writeText "notmuch-config"
|
|
||||||
(builtins.readFile ./dotfiles/notmuch-config);
|
|
||||||
|
|
||||||
tagConfig = pkgs.writeText "notmuch-tags" ''
|
|
||||||
# Tag emacs-devel mailing list:
|
|
||||||
-inbox +emacs-devel -- to:emacs-devel@gnu.org OR cc:emacs-devel@gnu.org
|
|
||||||
|
|
||||||
# Tag nix-devel mailing list & discourse:
|
|
||||||
-inbox +nix-devel -- to:nix-devel@googlegroups.com OR from:nixos1@discoursemail.com
|
|
||||||
|
|
||||||
# Tag my own mail (from other devices) as sent:
|
|
||||||
-inbox +sent -- from:mail@tazj.in
|
|
||||||
|
|
||||||
# Drafts are always read, duh.
|
|
||||||
-unread -- tag:draft
|
|
||||||
'';
|
|
||||||
|
|
||||||
notmuchIndex = pkgs.writeShellScriptBin "notmuch-index" ''
|
|
||||||
echo "Indexing new mails in notmuch"
|
|
||||||
|
|
||||||
# Index new mail
|
|
||||||
${pkgs.notmuch}/bin/notmuch new
|
|
||||||
|
|
||||||
# Apply tags
|
|
||||||
cat ${tagConfig} | ${pkgs.notmuch}/bin/notmuch tag --batch
|
|
||||||
|
|
||||||
echo "Done indexing new mails"
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
# Enable OfflineIMAP timer & service:
|
|
||||||
systemd.user.timers.offlineimap = {
|
|
||||||
description = "OfflineIMAP timer";
|
|
||||||
wantedBy = [ "timers.target" ];
|
|
||||||
|
|
||||||
timerConfig = {
|
|
||||||
Unit = "offlineimap.service";
|
|
||||||
OnCalendar = "*:0/2"; # every 2 minutes
|
|
||||||
Persistent = "true"; # persist timer state after reboots
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.user.services.offlineimap = {
|
|
||||||
description = "OfflineIMAP service";
|
|
||||||
path = with pkgs; [ pass notmuch ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
ExecStart = "${pkgs.offlineimap}/bin/offlineimap -u syslog -o -c ${offlineImapConfig}";
|
|
||||||
ExecStartPost = "${notmuchIndex}/bin/notmuch-index";
|
|
||||||
TimeoutStartSec = "2min";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Link configuration files to /etc/ (from where they will be linked
|
|
||||||
# further):
|
|
||||||
environment.etc = {
|
|
||||||
"msmtprc".source = msmtpConfig;
|
|
||||||
"notmuch-config".source = notmuchConfig;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1 +0,0 @@
|
||||||
The files in this folder are NixOS modules, not readTree-importables.
|
|
20
users/tazjin/nixos/README.md
Normal file
20
users/tazjin/nixos/README.md
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
NixOS configuration
|
||||||
|
===================
|
||||||
|
|
||||||
|
My NixOS configuration! It configures most of the packages I require
|
||||||
|
on my systems, sets up Emacs the way I need and does a bunch of other
|
||||||
|
interesting things.
|
||||||
|
|
||||||
|
System configuration lives in folders for each machine and a custom
|
||||||
|
fixed point evaluation (similar to standard NixOS module
|
||||||
|
configuration) is used to combine configuration together.
|
||||||
|
|
||||||
|
Building `ops.nixos.rebuilder` yields a script that will automatically
|
||||||
|
build and activate the newest configuration based on the current
|
||||||
|
hostname.
|
||||||
|
|
||||||
|
## Configured hosts:
|
||||||
|
|
||||||
|
* `frog` - weapon of mass computation at home
|
||||||
|
* `nugget` - desktop computer at home
|
||||||
|
* ~~`urdhva` - T470s~~ (currently with edef)
|
|
@ -15,11 +15,11 @@ config: let
|
||||||
};
|
};
|
||||||
in lib.fix(self: {
|
in lib.fix(self: {
|
||||||
imports = [
|
imports = [
|
||||||
../modules/depot.nix
|
"${depot.depotPath}/ops/nixos/depot.nix"
|
||||||
../modules/hound.nix
|
"${depot.depotPath}/ops/nixos/hound.nix"
|
||||||
../modules/monorepo-gerrit.nix
|
"${depot.depotPath}/ops/nixos/monorepo-gerrit.nix"
|
||||||
../modules/smtprelay.nix
|
"${depot.depotPath}/ops/nixos/smtprelay.nix"
|
||||||
../modules/tvl-slapd/default.nix
|
"${depot.depotPath}/ops/nixos/tvl-slapd/default.nix"
|
||||||
"${pkgs.nixpkgsSrc}/nixos/modules/services/web-apps/gerrit.nix"
|
"${pkgs.nixpkgsSrc}/nixos/modules/services/web-apps/gerrit.nix"
|
||||||
];
|
];
|
||||||
depot = depot;
|
depot = depot;
|
|
@ -1,3 +1,4 @@
|
||||||
|
# TODO(tazjin): Generalise this and move to //ops/nixos
|
||||||
{ depot, lib, ... }:
|
{ depot, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -9,6 +10,13 @@ let
|
||||||
);
|
);
|
||||||
}).system;
|
}).system;
|
||||||
|
|
||||||
|
caseFor = hostname: ''
|
||||||
|
${hostname})
|
||||||
|
echo "Rebuilding NixOS for //users/tazjin/nixos/${hostname}"
|
||||||
|
system=$(nix-build -E '(import <depot> {}).users.tazjin.nixos.${hostname}System' --no-out-link)
|
||||||
|
;;
|
||||||
|
'';
|
||||||
|
|
||||||
rebuilder = depot.third_party.writeShellScriptBin "rebuilder" ''
|
rebuilder = depot.third_party.writeShellScriptBin "rebuilder" ''
|
||||||
set -ue
|
set -ue
|
||||||
if [[ $EUID -ne 0 ]]; then
|
if [[ $EUID -ne 0 ]]; then
|
||||||
|
@ -17,18 +25,9 @@ let
|
||||||
fi
|
fi
|
||||||
|
|
||||||
case $HOSTNAME in
|
case $HOSTNAME in
|
||||||
nugget)
|
${caseFor "nugget"}
|
||||||
echo "Rebuilding NixOS for //ops/nixos/nugget"
|
${caseFor "camden"}
|
||||||
system=$(nix-build -E '(import <depot> {}).ops.nixos.nuggetSystem' --no-out-link)
|
${caseFor "frog"}
|
||||||
;;
|
|
||||||
camden)
|
|
||||||
echo "Rebuilding NixOS for //ops/nixos/camden"
|
|
||||||
system=$(nix-build -E '(import <depot> {}).ops.nixos.camdenSystem' --no-out-link)
|
|
||||||
;;
|
|
||||||
frog)
|
|
||||||
echo "Rebuilding NixOS for //ops/nixos/frog"
|
|
||||||
system=$(nix-build -E '(import <depot> {}).ops.nixos.frogSystem' --no-out-link)
|
|
||||||
;;
|
|
||||||
*)
|
*)
|
||||||
echo "$HOSTNAME is not a known NixOS host!" >&2
|
echo "$HOSTNAME is not a known NixOS host!" >&2
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -41,7 +40,7 @@ let
|
||||||
in {
|
in {
|
||||||
inherit rebuilder;
|
inherit rebuilder;
|
||||||
|
|
||||||
nuggetSystem = systemFor [ depot.ops.nixos.nugget ];
|
nuggetSystem = systemFor [ depot.users.tazjin.nixos.nugget ];
|
||||||
camdenSystem = systemFor [ depot.ops.nixos.camden ];
|
camdenSystem = systemFor [ depot.users.tazjin.nixos.camden ];
|
||||||
frogSystem = systemFor [ depot.ops.nixos.frog ];
|
frogSystem = systemFor [ depot.users.tazjin.nixos.frog ];
|
||||||
}
|
}
|
Loading…
Reference in a new issue