This is currently done ad-hoc in a bunch of our systems, but we should
just do it centrally.
The commit message is a bit of a lie, as this doesn't yet update
grfn's systems.
Change-Id: Ic771c1a1da78ec5de9cffbf94c296dce5e11fd84
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3047
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Provide ddcutil and paperlike-go in $PATH. Provide the necessary udev
and kernel module plumbing so they work as non-root.
Icecream-Required-From: Vincent Ambo <mail@tazj.in>
Change-Id: Ic9323a45cdbb75571e8f8b3aca4b9a763c271968
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3029
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
It is easier to do the inverse of this solution: Filter out the
package on the machines that get it from elsewhere.
Change-Id: I2abe112e4e38822d0fc7a47ea0bcedec1e0a96e3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3010
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Instead of having two ways of accessing the path to the depot (one of
which was stuttering, depot.depotPath) we settle on only one:
depot.path.
This was mostly used for NixOS module imports.
Co-Authored-By: Florian Klink <flokli@flokli.de>
Change-Id: I2c0db23383fc34f6ca76baaad4cc4af2d9dfae15
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2962
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Splits //ops/nixos into:
* //ops/nixos.nix - utility functions for building systems
* //ops/machines - shared machine definitions (read by readTree)
* //ops/modules - shared NixOS modules (skipped by readTree)
This simplifies working with the configuration fixpoint in whitby, and
is overall a bit more in line with how NixOS systems in user folders
currently work.
Change-Id: I1322ec5cc76c0207c099c05d44828a3df0b3ffc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2931
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: glittershark <grfn@gws.fyi>
Fixes included:
* exposed gtest in the package set, required for protobuf
* pinned SBCL to version 2.0.8: The channel moved it to >2.1, and a
bunch of warnings seemed to be killing our builds - we should
investigate this later.
* removed kernel patches from //users/tazjin/frog: this machine is
currently out of service anyways, not worth fixing while it's offline
* removed steam & lutris from frog (they're currently broken)
* removed Haskell overrides for hedgehog-classes & hgeometry-combinatorial
* use gRPC sources from upstream and inject Abseil via Nix instead
* fix for renamed grpc import in //third_party/nix
* use libfprint-tod from upstream nixpkgs in glittershark/yeren and
delete glittershark/pkgs/fprintd entirely, since all of the patches used
there are available and working from upstream now (and stopped working
here after the bump)
Change-Id: Ia90e6f774f7b88bc9e60d28351b900ca43ee2695
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2901
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
Please read b/108 to make sense of this.
This gets rid of the explicit list of exposed packages from nixpkgs,
and instead makes the entire package set available at
`third_party.nixpkgs`.
To accommodate this, a LOT of things have to be very slightly shuffled
around. Some of this was done in already submitted CLs, but this
change is unfortunately still quite noisy.
Pay extra attention to:
* overlay-like functionality that was partially moved to actual
overlays (partially as in, the minimum required to get a green
build)
* modified uses of the package set path, esp. in NixOS systems
Special notes:
* xanthous has been disabled in CI because of issues with the Haskell
overlay
* //third_party/nix has been disabled because of other unclear
dependency issues
Both of these will be tackled in a followup CL.
Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
The depot.nix module is automatically brought in by systemFor, and
shouldn't be included in user configs, since it's going away.
Change-Id: Ib5b60203978b51dbff1f7bcc287f2ac9eb278823
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2762
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
I'm only connected to my own tethering nets anyways and I can't be
bothered to figure out all the things I need to open for Chromecasts,
maybe later.
Change-Id: Id1715b205191d4494a5a7001e1fb0f41a89d3de6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2705
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Defines a small helper script that resets the keyboard layout (to
avoid getting stuck in Russian layout) and locks the screen via
xsecurelock, and configures home-manager to launch this automatically.
Fascinatingly this actually seems to be capable of locking the
screen *on suspend*, not *after suspend*.
Change-Id: Ib6279a445aba18c2fb5bc073b675e6e2598fa228
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2644
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
This is required for my volume modification keyboard shortcuts.
Change-Id: I95e02be5b08e1f8a14746ace61226e903fbc68a3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2634
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
This group has access to modifying backlight settings (configured by
the udev rules for `light`).
Change-Id: I1593980757c6265f6822d3d3dce9e19a2473acd8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2626
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Just a few more missing things.
Change-Id: I54b633296d91c6f8dce72d900d7d38b8af4ae419
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2625
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
... also nuke that Bluetooth headset daemon, it doesn't work anyways.
Change-Id: Iee884046a2bf2718767442ec62b2f731e14e39e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2624
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Uses the impermanence module to configure the bind-mounts for the few
applications that are allowed to persist stuff between boots.
For now this setup uses ZFS rollbacks to get /home back into a clean
state, where the `tazjin-clean` snapshot is a partition with only the
`/home/tazjin` folder and the correct partitions on it.
This gives me enough scratch space to e.g. download stuff larger than
my RAM without accumulating state.
Change-Id: I7cdb2276f087ea62201690cb8b36ae074203f87c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2623
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This module is responsible for mounting persistent storage into the
ephemeral root disk of this machine.
Currently only very basic configuration and data are retained, and
hopefully that won't change.
Change-Id: If800cbee60b7b3c5b8c457b9b332a0c05c33f20e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2621
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This is my new X13 AMD Thinkpad, on which many fun things will be done.
Change-Id: I4de114a8c5ebb37d2f4844f407d2dc0e7cc9557e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2620
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Making this a monthly service apparently.
Necessary changes:
* 3p: expose emacs27 instead of emacs26 which got removed
users/tazjin/{camden, frog}: switch from emacs26 to emacs27
* 3p/lieer: google_api_python_client got renamed to
google-api-python-client
Change-Id: I1011665d10eebc99990addbef6a8a6b000b93896
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2605
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
* rebases the send scope patch
* removes the API key override patch, lieer now has a configuration
option for this
Change-Id: I198e8b61855f6cdb2b1439a1c8f2d9d69261c1b5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2242
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Included fixes for random breakage:
* 3p/awscli: pick from the stable channel; it is broken on unstable
* 3p/googletest: bumped version & removed patches that nixpkgs applies
* 3p/lisp/cffi: bumped library version for SBCL compat
* 3p/nix: fix libsystemd attribute
* 3p/nix: reformatted (clang-format handling of ternaries changed)
* glittershark/home: Use home-manager from nixkpgs
* glittershark/kernel: bumped linux-ck patch hash
* glittershark/kernel: removed "patch patch"
* multi/whitby: Use home-manager from nixpkgs
* tazjin/frog: drop Sourcetrail (it doesn't build currently)
Note that in addition to these changes, some previous CLs updated the
versions of git and cgit which was necessary for this channel bump,
but which could not be done in the same commit due to the nature of
the subtree merges.
Change-Id: If2563e8a68e2750c4b913a976ff7b93b42e8b7f3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2110
Tested-by: BuildkiteCI
Reviewed-by: multi <depot@in-addr.xyz>
Reviewed-by: glittershark <grfn@gws.fyi>
The new one is causing breakage for me, but I have no time to debug
this, so I'm backporting the old one.
AFAICT the simp_le included in this channel should be new enough to
have ACMEv2 compat, we'll see if it works.
Change-Id: Ib8b869a5af8a0418a66017a0cf3b9336df5f2d05
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2017
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Create the pipeline by outputting a file that contains nix-build
invocations for each target's *derivation path*.
Each invocation has a generated Nix expression passed to it with `-E`
which fetches the correct target from the tree while correctly
handling targets with strange characters (such as in Go-packages).
This makes it possible to run target-level granular pipelines. We're
getting somewhere!
Change-Id: Ia6946e389dafd1d4926130bb8891446d6e17133b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1855
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
This is a temporary state (TODO added) to be picked up by the new CI
logic.
Change-Id: Id4702740ffd18325088e2a8a0c6157a8cee7ccf7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1852
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Bumps both nixos-unstable and nixos-20.03 to today's versions, as per
status.nixos.org
Contains minor fixes to things that broke because of the update:
* tazjin/frog: hardware.u2f is a deprecated setting
* glittershark/system: modSha256 in Go modules is now vendorSha256
* glittershark/owothia: removed version constraint on relude
Change-Id: Ib3e9612b1b06ed547b90e4f8b0ffe5ed7fe0a5c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1642
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
rather than using nix-shell each time ...
Change-Id: If84a84bca4ed892d0d38c5dcfc23a073cbb89e64
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1512
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
This allows access to profiling events by (almost?) all users.
Change-Id: I10e31ea9978f0b552a3973c29e98b43a6db45d1d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1183
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Frog has a ThreadRipper, and rr won't run at all without this patch.
Change-Id: Ie7e7c3567fb395ef8e7cd23061f099f91c7882ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1130
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
