From 3122cdf0c4dca8df08aca42e7df3e866bc3dd94e Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Tue, 1 Feb 2022 12:17:42 +0300 Subject: [PATCH] fix(tazjin/tverskoy): copy & paste some l2tp fix from nixpkgs#64965 Change-Id: Ib6375cd2281ce7eff87d9a1f8bd8f811ed180a87 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5155 Autosubmit: tazjin Tested-by: BuildkiteCI Reviewed-by: tazjin --- third_party/nixpkgs/default.nix | 2 +- third_party/sources/default.nix | 76 +++++++++++++------------ users/tazjin/nixos/tverskoy/default.nix | 5 ++ 3 files changed, 46 insertions(+), 37 deletions(-) diff --git a/third_party/nixpkgs/default.nix b/third_party/nixpkgs/default.nix index 8bb4fb903..74643cf70 100644 --- a/third_party/nixpkgs/default.nix +++ b/third_party/nixpkgs/default.nix @@ -20,7 +20,7 @@ let # Stable package set is imported, but not exposed, to overlay # required packages into the unstable set. - stableNixpkgs = import depot.third_party.sources.nixpkgs-stable {}; + stableNixpkgs = import depot.third_party.sources.nixpkgs-stable { }; # Overlay for packages that should come from the stable channel # instead (e.g. because something is broken in unstable). diff --git a/third_party/sources/default.nix b/third_party/sources/default.nix index b23ea36fc..5894c9207 100644 --- a/third_party/sources/default.nix +++ b/third_party/sources/default.nix @@ -1,5 +1,6 @@ # This file has been generated by Niv. -_: let +_: +let # # The fetchers. fetch_ fetches specs of type . @@ -17,10 +18,10 @@ _: let # sanitize the name, though nix will still fail if name starts with period name' = stringAsChars (x: if ! ok x then "-" else x) "${name}-src"; in - if spec.builtin or true then - builtins_fetchTarball { name = name'; inherit (spec) url sha256; } - else - pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; + if spec.builtin or true then + builtins_fetchTarball { name = name'; inherit (spec) url sha256; } + else + pkgs.fetchzip { name = name'; inherit (spec) url sha256; }; fetch_git = spec: builtins.fetchGit { url = spec.repo; inherit (spec) rev ref; }; @@ -43,20 +44,20 @@ _: let mkPkgs = sources: let sourcesNixpkgs = - import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) {}; + import (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) { }; hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; hasThisAsNixpkgsPath = == ./.; in - if builtins.hasAttr "nixpkgs" sources - then sourcesNixpkgs - else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then - import {} - else - abort - '' - Please specify either (through -I or NIX_PATH=nixpkgs=...) or - add a package called "nixpkgs" to your sources.json. - ''; + if builtins.hasAttr "nixpkgs" sources + then sourcesNixpkgs + else if hasNixpkgsPath && ! hasThisAsNixpkgsPath then + import { } + else + abort + '' + Please specify either (through -I or NIX_PATH=nixpkgs=...) or + add a package called "nixpkgs" to your sources.json. + ''; # The actual fetching function. fetch = pkgs: name: spec: @@ -79,7 +80,7 @@ _: let saneName = stringAsChars (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) name; ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; in - if ersatz == "" then drv else ersatz; + if ersatz == "" then drv else ersatz; # Ports of functions for older nix versions @@ -90,7 +91,7 @@ _: let ); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = first: last: if first > last then [] else builtins.genList (n: first + n) (last - first + 1); + range = first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1); # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); @@ -104,36 +105,39 @@ _: let let inherit (builtins) lessThan nixVersion fetchTarball; in - if lessThan nixVersion "1.12" then - fetchTarball { inherit name url; } - else - fetchTarball attrs; + if lessThan nixVersion "1.12" then + fetchTarball { inherit name url; } + else + fetchTarball attrs; # fetchurl version that is compatible between all the versions of Nix builtins_fetchurl = { url, sha256 }@attrs: let inherit (builtins) lessThan nixVersion fetchurl; in - if lessThan nixVersion "1.12" then - fetchurl { inherit url; } - else - fetchurl attrs; + if lessThan nixVersion "1.12" then + fetchurl { inherit url; } + else + fetchurl attrs; # Create the final "sources" from the config mkSources = config: - mapAttrs ( - name: spec: - if builtins.hasAttr "outPath" spec - then abort - "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); } - ) config.sources; + mapAttrs + ( + name: spec: + if builtins.hasAttr "outPath" spec + then + abort + "The values in sources.json should not have an 'outPath' attribute" + else + spec // { outPath = replace name (fetch config.pkgs name spec); } + ) + config.sources; # The "config" used by the fetchers mkConfig = { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then {} else builtins.fromJSON (builtins.readFile sourcesFile) + , sources ? if isNull sourcesFile then { } else builtins.fromJSON (builtins.readFile sourcesFile) , pkgs ? mkPkgs sources }: rec { # The sources, i.e. the attribute set of spec name to spec @@ -144,4 +148,4 @@ _: let }; in -mkSources (mkConfig {}) // { __functor = _: settings: mkSources (mkConfig settings); } +mkSources (mkConfig { }) // { __functor = _: settings: mkSources (mkConfig settings); } diff --git a/users/tazjin/nixos/tverskoy/default.nix b/users/tazjin/nixos/tverskoy/default.nix index f19501362..0c833e35e 100644 --- a/users/tazjin/nixos/tverskoy/default.nix +++ b/users/tazjin/nixos/tverskoy/default.nix @@ -145,6 +145,11 @@ lib.fix (self: { ]; }; + # from https://github.com/NixOS/nixpkgs/issues/64965 + environment.etc."ipsec.secrets".text = '' + include ipsec.d/ipsec.nm-l2tp.secrets + ''; + security.rtkit.enable = true; services = {