diff --git a/modules/base-client.nix b/modules/base-client.nix
index 6537f92..2a5c8e5 100755
--- a/modules/base-client.nix
+++ b/modules/base-client.nix
@@ -31,19 +31,16 @@
sshfs
# - gui utils
- gnome-console
nemo
feh
udisks
gparted
arandr
- #discord-development
- discord
- gnome-screenshot
];
fonts.packages = with pkgs; [
- (nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
+ #(nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
+ nerd-fonts.jetbrains-mono
cozette
];
diff --git a/modules/base-server.nix b/modules/base-server.nix
index 7473513..ccf4a77 100755
--- a/modules/base-server.nix
+++ b/modules/base-server.nix
@@ -39,10 +39,10 @@
kernelPackages = pkgs.linuxPackages_latest;
loader = {
grub = {
- devices = [ "/dev/vda" ]; # nodev for EFI only
+ devices = lib.mkIf (config.fileSystems ? "/boot") [ "nodev" ];
# EFI
- efiSupport = false;
- efiInstallAsRemovable = false;
+ efiSupport = config.fileSystems ? "/boot" && config.fileSystems."/boot".fsType == "vfat";
+ efiInstallAsRemovable = config.fileSystems ? "/boot" && config.fileSystems."/boot".fsType == "vfat";
};
timeout = 1;
};
@@ -51,17 +51,14 @@
networking = {
hostName = lib.mkDefault "Rory-nix-base-server";
networkmanager.enable = false;
- useNetworkd = true;
wireless.enable = false;
enableIPv6 = false;
firewall = {
enable = false;
- # allowedTCPPorts = [ ... ];
- # allowedUDPPorts = [ ... ];
+ allowedTCPPorts = [ 22 ];
};
useDHCP = false;
- # nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ];
nameservers = [
"10.10.0.4"
"10.10.0.5"
@@ -70,8 +67,7 @@
"8.8.8.8"
"8.4.4.8"
];
- resolvconf.enable = true;
- defaultGateway = "192.168.1.1";
+ defaultGateway = lib.mkDefault "192.168.1.1";
};
hardware.pulseaudio.enable = false;
@@ -81,51 +77,6 @@
hardware.enableRedistributableFirmware = false;
services = {
-# prometheus = {
-# exporters = {
-# node = {
-# enable = true;
-# port = 9100;
-# enabledCollectors = [
-# #"logind" #too slow
-# "systemd"
-# "processes"
-# "interrupts"
-# # Testing:
-# "buddyinfo"
-# "cgroups"
-# "ksmd"
-# "lnstat"
-# "mountstats"
-# "network_route"
-# #"perf" # requires sysctl change
-# "qdisc"
-# "sysctl"
-# "softirqs"
-# "tcpstat"
-# ];
-# disabledCollectors = [
-# "textfile"
-# "xfs"
-# "zfs"
-# "selinux"
-# "cpufreq"
-# "btrfs"
-# "powersupplyclass"
-# "mdadm"
-# "tapestats"
-# "fibrechannel"
-# "cpu_vulnerabilities"
-# "watchdog"
-# "thermal_zone"
-# "logind"
-# "nfs"
-# "nfsd"
-# "infiniband"
-# ];
-# };
-# };
-# };
promtail = {
enable = true;
configuration = {
diff --git a/modules/base.nix b/modules/base.nix
index 4cf2aff..44909aa 100755
--- a/modules/base.nix
+++ b/modules/base.nix
@@ -1,11 +1,19 @@
-{ pkgs, lib, ... }:
+{
+ pkgs,
+ lib,
+ config,
+ ...
+}:
{
imports = [
- ./packages/vim.nix
+ ./expose-vmvariant.nix
+ ../packages/vim.nix
./users/Rory.nix
./extra-substituters.nix
./monitoring/module.nix
+
+ # ../packages/overlays/openvpn.nix # Temporary: Fix a build failure
];
boot = {
@@ -57,28 +65,33 @@
hostName = lib.mkDefault "Rory-nix-base";
firewall = {
enable = false;
- # allowedTCPPorts = [ ... ];
- # allowedUDPPorts = [ ... ];
};
- nameservers = [
+ nameservers = lib.mkDefault [
"1.1.1.1"
"1.0.0.1"
"8.8.8.8"
"8.4.4.8"
];
};
- environment.etc."resolv.conf".text = ''
- nameserver 8.8.8.8
- nameserver 8.4.4.8
- nameserver 1.1.1.1
- nameserver 1.0.0.1
- '';
+
+ environment.etc."resolv.conf" = lib.mkDefault {
+ text = lib.concatStringsSep "\n" (
+ lib.optionals (config.networking ? nameservers) (map (nameserver: "nameserver ${nameserver}") (config.networking.nameservers))
+ #++ lib.optionals (config.networking ? enableIPv6 && !config.networking.enableIPv6) [ "options no-aaaa" ]
+ ++ lib.optionals (config.networking ? enableIPv6 && config.networking.enableIPv6) [
+ "options single-request"
+ "options single-request-reopen"
+ "options inet6"
+ ]
+ );
+ };
i18n.defaultLocale = "en_US.UTF-8";
services = {
openssh = {
enable = true;
+ settings.PermitRootLogin = "yes";
#allow more logins in cases where i have many ssh keys on a system
extraConfig = ''
MaxAuthTries 32
@@ -99,7 +112,7 @@
};
environment.systemPackages = with pkgs; [
- wget
+ #wget
neofetch
lnav
pciutils
@@ -110,17 +123,17 @@
btop
duf
kitty.terminfo
- tmux
+ #tmux
jq
yq
pv
dig
cloud-utils
nix-output-monitor
- expect
+ #expect
unrar-wrapper
- arch-install-scripts
- debootstrap
+ #arch-install-scripts
+ #debootstrap
file
unzip
brotli
@@ -157,5 +170,17 @@
polkit.enable = true;
sudo.wheelNeedsPassword = false;
};
-
+ virtualisation.vmVariant = {
+ services.getty.autologinUser = "root";
+ virtualisation = {
+ memorySize = 8192;
+ cores = 6;
+ msize = 1*1024*1024;
+ bios = pkgs.qboot;
+ };
+
+ monitoring.monitorAll = lib.mkForce false;
+ services.promtail.enable = lib.mkForce false;
+ networking.useDHCP = lib.mkOverride 51 true;
+ };
}
diff --git a/modules/environments/home.nix b/modules/environments/home.nix
index 3fbf14e..cf9f841 100755
--- a/modules/environments/home.nix
+++ b/modules/environments/home.nix
@@ -8,38 +8,40 @@
{
nix = {
distributedBuilds = true;
- #
- buildMachines = builtins.filter (machine: !builtins.any (ip: ip == machine.hostName) (builtins.map (iface: iface.ipv4.addresses) (builtins.attrValues config.networking.interfaces))) [
- {
- systems = [
- "x86_64-linux"
- "i686-linux"
+ #
+ buildMachines =
+ builtins.filter (machine: !builtins.any (ip: ip == machine.hostName) (builtins.map (iface: iface.ipv4.addresses) (builtins.attrValues config.networking.interfaces)))
+ [
+ {
+ systems = [
+ "x86_64-linux"
+ "i686-linux"
+ ];
+ hostName = "192.168.0.3";
+ sshUser = "Rory";
+ sshKey = "/home/Rory/.ssh/id_ed25519";
+ maxJobs = 6;
+ speedFactor = 43200;
+ }
+ {
+ systems = [
+ "x86_64-linux"
+ "i686-linux"
+ ];
+ hostName = "192.168.0.59";
+ sshUser = "Rory";
+ sshKey = "/home/Rory/.ssh/id_ed25519";
+ maxJobs = 2;
+ speedFactor = 16000;
+ }
];
- hostName = "192.168.0.3";
- sshUser = "Rory";
- sshKey = "/home/Rory/.ssh/id_ed25519";
- maxJobs = 6;
- speedFactor = 43200;
- }
- {
- systems = [
- "x86_64-linux"
- "i686-linux"
- ];
- hostName = "192.168.0.59";
- sshUser = "Rory";
- sshKey = "/home/Rory/.ssh/id_ed25519";
- maxJobs = 2;
- speedFactor = 16000;
- }
- ];
#ssh://Rory@192.168.0.3 x86_64-linux,i686-linux /home/Rory/.ssh/id_ed25519 12 1 - - -
registry.nixpkgs.flake = pkgs;
nixPath = [ "nixpkgs=flake:nixpkgs" ];
settings = {
builders-use-substitutes = true;
- #builders
+ #builders
trusted-substituters = [
"https://nix-community.cachix.org"
"https://cache.garnix.io"
diff --git a/modules/expose-vmvariant.nix b/modules/expose-vmvariant.nix
new file mode 100755
index 0000000..ab1bad0
--- /dev/null
+++ b/modules/expose-vmvariant.nix
@@ -0,0 +1,22 @@
+{
+ pkgs,
+ lib,
+ config,
+ ...
+}:
+
+{
+ options.virtualisation = {
+ isVmVariant = lib.mkOption {
+ default = false;
+ example = true;
+ description = "Whether this build is a VM build.";
+ type = lib.types.bool;
+ };
+ };
+ config = {
+ virtualisation.vmVariant = {
+ virtualisation.isVmVariant = true;
+ };
+ };
+}
diff --git a/modules/hardware/google-stadia-controller.nix b/modules/hardware/google-stadia-controller.nix
new file mode 100644
index 0000000..7b59e13
--- /dev/null
+++ b/modules/hardware/google-stadia-controller.nix
@@ -0,0 +1,24 @@
+{
+ lib,
+ config,
+ ...
+}:
+{
+ options.hardware.google-stadia-controller = {
+ enable = lib.mkEnableOption "Enable Google Stadia Controller support";
+ };
+ config = lib.mkIf config.hardware.google-stadia-controller.enable {
+ services.udev.extraRules = ''
+ #SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", MODE="0664", GROUP="users"
+ # SDP protocol
+ KERNEL=="hidraw*", ATTRS{idVendor}=="1fc9", MODE="0666"
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="1fc9", MODE="0666"
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="0d28", MODE="0666"
+ # Flashloader
+ KERNEL=="hidraw*", ATTRS{idVendor}=="15a2", MODE="0666"
+ # Controller
+ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="18d1", MODE="0666"
+ SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="9400", MODE="0660", TAG+="uaccess"
+ '';
+ };
+}
diff --git a/modules/monitoring/crutches/synapse.nix b/modules/monitoring/crutches/synapse.nix
index 3145d11..7028396 100644
--- a/modules/monitoring/crutches/synapse.nix
+++ b/modules/monitoring/crutches/synapse.nix
@@ -1,10 +1,10 @@
-{lib, ...}:
+{ lib, ... }:
{
options.monitoring.synapse = {
workerNames = lib.mkOption {
type = lib.types.listOf lib.types.str;
- default = [];
+ default = [ ];
description = "Synapse worker names";
};
};
diff --git a/modules/monitoring/module.nix b/modules/monitoring/module.nix
index 62ff1ea..f47c483 100644
--- a/modules/monitoring/module.nix
+++ b/modules/monitoring/module.nix
@@ -40,7 +40,13 @@ in
prometheus = lib.mkIf (cfg.localPrometheus) {
enable = true;
listenAddress = "127.0.0.1";
- extraFlags = [ "--storage.tsdb.wal-compression" ];
+ extraFlags = [
+ "--storage.tsdb.wal-compression"
+ "--query.max-concurrency 128"
+ "--rules.max-concurrent-evals 64"
+ "--storage.tsdb.retention.size 250GB"
+ "--enable-feature concurrent-rule-eval"
+ ];
};
grafana = lib.mkIf (cfg.localGrafana) {
enable = true;
diff --git a/modules/monitoring/postgres.nix b/modules/monitoring/postgres.nix
index 25266fa..63f536b 100644
--- a/modules/monitoring/postgres.nix
+++ b/modules/monitoring/postgres.nix
@@ -23,7 +23,9 @@ in
{
job_name = "postgres";
scrape_interval = "${toString cfg.prometheusScrapeInterval}s";
- static_configs = [ { targets = [ "localhost:${toString config.services.prometheus.exporters.postgres.port}" ]; } ];
+ static_configs = [
+ { targets = [ "localhost:${toString config.services.prometheus.exporters.postgres.port}" ]; }
+ ];
}
];
diff --git a/modules/monitoring/synapse.nix b/modules/monitoring/synapse.nix
index a000698..ccc4ae2 100644
--- a/modules/monitoring/synapse.nix
+++ b/modules/monitoring/synapse.nix
@@ -42,7 +42,7 @@ in
[
{
job_name = "synapse-main";
- scrape_interval = "${toString cfg.prometheusScrapeInterval}s";
+ scrape_interval = "5s";
static_configs = [
{
targets = [ "localhost:9200" ];
@@ -55,7 +55,7 @@ in
++ lib.flatten (
lib.imap (index: workerName: {
job_name = "synapse-${workerName}";
- scrape_interval = "${toString cfg.prometheusScrapeInterval}s";
+ scrape_interval = "5s";
static_configs = [
{
targets = [ "localhost:${toString (9200 + index + 1)}" ];
@@ -75,8 +75,8 @@ in
type = "file";
options = {
path = builtins.fetchurl {
- url = "https://raw.githubusercontent.com/element-hq/synapse/master/contrib/grafana/synapse.json";
- sha256 = "07qlr0waw9phmyd38bv22bn5v303w3397b89l44l3lzwhpnhs16s";
+ url = "https://raw.githubusercontent.com/element-hq/synapse/develop/contrib/grafana/synapse.json";
+ sha256 = "16fl81sx1by0wldw4vda0zr1pvbq1dpih1fikzwlvmk63mpc80kb";
};
};
}
diff --git a/modules/monitoring/system.nix b/modules/monitoring/system.nix
index 171a7af..7e2634b 100644
--- a/modules/monitoring/system.nix
+++ b/modules/monitoring/system.nix
@@ -49,8 +49,10 @@ in
services.prometheus.scrapeConfigs = [
{
job_name = "node";
- scrape_interval = "${toString cfg.prometheusScrapeInterval}s";
- static_configs = [ { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; } ];
+ scrape_interval = "5s";
+ static_configs = [
+ { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }
+ ];
}
];
diff --git a/modules/packages/dotnet-pack.nix b/modules/packages/dotnet-pack.nix
deleted file mode 100644
index 0e4a9b4..0000000
--- a/modules/packages/dotnet-pack.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- pkgs ? import <nixpkgs> { },
-}:
-
-pkgs.symlinkJoin {
- name = "dotnet-pack";
- paths = [
- pkgs.dotnet-sdk_8
- pkgs.dotnet-sdk_7
- pkgs.dotnet-sdk
- ];
- postBuild = ''
- rm -rfv $out/bin
- rm -rfv $out/dotnet
- cp -rv ${pkgs.dotnet-sdk_8}/dotnet $out/
- cp -rv ${pkgs.dotnet-sdk_8}/bin $out/
- '';
-}
diff --git a/modules/packages/gitfs.nix b/modules/packages/gitfs.nix
deleted file mode 100755
index 728e836..0000000
--- a/modules/packages/gitfs.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ pkgs, ... }:
-{
- environment.systemPackages = with pkgs; [
- (gitfs.overrideAttrs (old: {
- # TODO: pls fix the nixpkgs derivation
- patchPhase = null;
- postPatch = old.patchPhase;
- patches = (old.patches or [ ]) ++ [
- (fetchpatch {
- name = "fix-MutableMapping.patch";
- url = "https://patch-diff.githubusercontent.com/raw/presslabs/gitfs/pull/382.diff";
- hash = "sha256-ZaIEhv37sorSq3P+6GeH346u/5xh3qE+49D9FRNujMQ=";
- })
- ];
- }))
- ];
-}
diff --git a/modules/packages/mtxclient-git.nix b/modules/packages/mtxclient-git.nix
deleted file mode 100644
index 2392312..0000000
--- a/modules/packages/mtxclient-git.nix
+++ /dev/null
@@ -1,65 +0,0 @@
-# This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/mtxclient/default.nix
-# This file is a modified version of nixpkgs/pkgs/development/libraries/mtxclient/default.nix (copied at 5c4b9be)
-
-{
- lib,
- stdenv,
- fetchFromGitHub,
- cmake,
- pkg-config,
- openssl,
- olm,
- spdlog,
- nlohmann_json,
- libevent,
- curl,
- coeurl,
- re2,
- mtxclientSrc,
-}:
-stdenv.mkDerivation {
- pname = "mtxclient";
- version = "git+master";
- src = mtxclientSrc;
-
- cmakeFlags = [
- # Network requiring tests can't be disabled individually:
- # https://github.com/Nheko-Reborn/mtxclient/issues/22
- "-DBUILD_LIB_TESTS=OFF"
- "-DBUILD_LIB_EXAMPLES=OFF"
- ];
-
- postPatch = ''
- # See https://github.com/gabime/spdlog/issues/1897
- sed -i '1a add_compile_definitions(SPDLOG_FMT_EXTERNAL)' CMakeLists.txt
- '';
-
- nativeBuildInputs = [
- cmake
- pkg-config
- ];
- buildInputs = [
- spdlog
- nlohmann_json
- openssl
- olm
- libevent
- curl
- coeurl
- re2
- ];
-
- meta = with lib; {
- description = "Client API library for Matrix, built on top of Boost.Asio";
- homepage = "https://github.com/Nheko-Reborn/mtxclient";
- license = licenses.mit;
- maintainers = with maintainers; [
- fpletz
- pstn
- ];
- platforms = platforms.all;
- # Should be fixable if a higher clang version is used, see:
- # https://github.com/NixOS/nixpkgs/pull/85922#issuecomment-619287177
- broken = stdenv.targetPlatform.isDarwin;
- };
-}
diff --git a/modules/packages/nginx/mime.types b/modules/packages/nginx/mime.types
deleted file mode 100644
index 3ac8468..0000000
--- a/modules/packages/nginx/mime.types
+++ /dev/null
@@ -1,1028 +0,0 @@
-types {
-application/A2L a2l;
-application/AML aml;
-application/andrew-inset ez;
-application/ATF atf;
-application/ATFX atfx;
-application/ATXML atxml;
-application/atom+xml atom;
-application/atomcat+xml atomcat;
-application/atomdeleted+xml atomdeleted;
-application/atomsvc+xml atomsvc;
-application/atsc-dwd+xml dwd;
-application/atsc-held+xml held;
-application/atsc-rsat+xml rsat;
-application/auth-policy+xml apxml;
-application/bacnet-xdd+zip xdd;
-application/calendar+xml xcs;
-application/cbor cbor;
-application/cccex c3ex;
-application/ccmp+xml ccmp;
-application/ccxml+xml ccxml;
-application/CDFX+XML cdfx;
-application/cdmi-capability cdmia;
-application/cdmi-container cdmic;
-application/cdmi-domain cdmid;
-application/cdmi-object cdmio;
-application/cdmi-queue cdmiq;
-application/CEA cea;
-application/cellml+xml cellml cml;
-application/clr 1clr;
-application/clue_info+xml clue;
-application/cms cmsc;
-application/cpl+xml cpl;
-application/csrattrs csrattrs;
-application/dash+xml mpd;
-application/dashdelta mpdd;
-application/davmount+xml davmount;
-application/DCD dcd;
-application/dicom dcm;
-application/DII dii;
-application/DIT dit;
-application/dskpp+xml xmls;
-application/dssc+der dssc;
-application/dssc+xml xdssc;
-application/dvcs dvc;
-application/ecmascript es;
-application/efi efi;
-application/emma+xml emma;
-application/emotionml+xml emotionml;
-application/epub+zip epub;
-application/exi exi;
-application/fastinfoset finf;
-application/fdt+xml fdt;
-application/font-tdpfr pfr;
-application/geo+json geojson;
-application/geopackage+sqlite3 gpkg;
-application/gltf-buffer glbin glbuf;
-application/gml+xml gml;
-application/gzip gz tgz;
-application/hyperstudio stk;
-application/inkml+xml ink inkml;
-application/ipfix ipfix;
-application/its+xml its;
-application/javascript js;
-application/jrd+json jrd;
-application/json json;
-application/json-patch+json json-patch;
-application/ld+json jsonld;
-application/lgr+xml lgr;
-application/link-format wlnk;
-application/lost+xml lostxml;
-application/lostsync+xml lostsyncxml;
-application/lpf+zip lpf;
-application/LXF lxf;
-application/mac-binhex40 hqx;
-application/mads+xml mads;
-application/marc mrc;
-application/marcxml+xml mrcx;
-application/mathematica nb ma mb;
-application/mathml+xml mml;
-application/mbox mbox;
-application/metalink4+xml meta4;
-application/mets+xml mets;
-application/MF4 mf4;
-application/mipc h5;
-application/mmt-aei+xml maei;
-application/mmt-usd+xml musd;
-application/mods+xml mods;
-application/mp21 m21 mp21;
-application/msword doc;
-application/mxf mxf;
-application/n-quads nq;
-application/n-triples nt;
-application/ocsp-request orq;
-application/ocsp-response ors;
-application/octet-stream bin lha lzh exe class so dll img iso;
-application/ODA oda;
-application/ODX odx;
-application/oebps-package+xml opf;
-application/ogg ogx;
-application/opc-nodeset+xml ;
-application/oxps oxps;
-application/p2p-overlay+xml relo;
-application/pdf pdf;
-application/PDX pdx;
-application/pem-certificate-chain pem;
-application/pgp-encrypted pgp;
-application/pgp-signature sig;
-application/pkcs10 p10;
-application/pkcs12 p12 pfx;
-application/pkcs7-mime p7m p7c;
-application/pkcs7-signature p7s;
-application/pkcs8 p8;
-application/pkcs8-encrypted p8e;
-application/pkix-cert cer;
-application/pkix-crl crl;
-application/pkix-pkipath pkipath;
-application/pkixcmp pki;
-application/pls+xml pls;
-application/postscript ps eps ai;
-application/provenance+xml provx;
-application/prs.cww cw cww;
-application/prs.hpub+zip hpub;
-application/prs.nprend rnd rct;
-application/prs.rdf-xml-crypt rdf-crypt;
-application/prs.xsf+xml xsf;
-application/pskc+xml pskcxml;
-application/rdf+xml rdf;
-application/route-apd+xml rapd;
-application/route-s-tsid+xml sls;
-application/route-usd+xml rusd;
-application/reginfo+xml rif;
-application/relax-ng-compact-syntax rnc;
-application/resource-lists-diff+xml rld;
-application/resource-lists+xml rl;
-application/rfc+xml rfcxml;
-application/rls-services+xml rs;
-application/rpki-ghostbusters gbr;
-application/rpki-manifest mft;
-application/rpki-roa roa;
-application/rtf rtf;
-application/sarif-external-properties+json sarif-external-properties sarif-external-properties.json;
-application/sarif+json sarif sarif.json;
-application/scim+json scim;
-application/scvp-cv-request scq;
-application/scvp-cv-response scs;
-application/scvp-vp-request spq;
-application/scvp-vp-response spp;
-application/sdp sdp;
-application/senml-etch+cbor senml-etchc;
-application/senml-etch+json senml-etchj;
-application/senml+cbor senmlc;
-application/senml+json senml;
-application/senml+xml senmlx;
-application/senml-exi senmle;
-application/sensml+cbor sensmlc;
-application/sensml+json sensml;
-application/sensml+xml sensmlx;
-application/sensml-exi sensmle;
-application/sgml-open-catalog soc;
-application/shf+xml shf;
-application/sieve siv sieve;
-application/simple-filter+xml cl;
-application/smil+xml smil smi sml;
-application/sparql-query rq;
-application/sparql-results+xml srx;
-application/sql sql;
-application/srgs gram;
-application/srgs+xml grxml;
-application/sru+xml sru;
-application/ssml+xml ssml;
-application/stix+json stix;
-application/swid+xml swidtag;
-application/tamp-apex-update tau;
-application/tamp-apex-update-confirm auc;
-application/tamp-community-update tcu;
-application/tamp-community-update-confirm cuc;
-application/td+json jsontd;
-application/tamp-error ter;
-application/tamp-sequence-adjust tsa;
-application/tamp-sequence-adjust-confirm sac;
-application/tamp-update tur;
-application/tamp-update-confirm tuc;
-application/tei+xml tei teiCorpus odd;
-application/thraud+xml tfi;
-application/timestamp-query tsq;
-application/timestamp-reply tsr;
-application/timestamped-data tsd;
-application/trig trig;
-application/ttml+xml ttml;
-application/urc-grpsheet+xml gsheet;
-application/urc-ressheet+xml rsheet;
-application/urc-targetdesc+xml td;
-application/urc-uisocketdesc+xml uis;
-application/vnd.1000minds.decision-model+xml 1km;
-application/vnd.3gpp.5gnas ;
-application/vnd.3gpp.pic-bw-large plb;
-application/vnd.3gpp.pic-bw-small psb;
-application/vnd.3gpp.pic-bw-var pvb;
-application/vnd.3gpp2.sms sms;
-application/vnd.3gpp2.tcap tcap;
-application/vnd.3lightssoftware.imagescal imgcal;
-application/vnd.3M.Post-it-Notes pwn;
-application/vnd.accpac.simply.aso aso;
-application/vnd.accpac.simply.imp imp;
-application/vnd.acucobol acu;
-application/vnd.acucorp atc acutc;
-application/vnd.adobe.flash.movie swf;
-application/vnd.adobe.formscentral.fcdt fcdt;
-application/vnd.adobe.fxp fxp fxpl;
-application/vnd.adobe.xdp+xml xdp;
-application/vnd.adobe.xfdf xfdf;
-application/vnd.afpc.modca list3820 listafp afp pseg3820;
-application/vnd.afpc.modca-overlay ovl;
-application/vnd.afpc.modca-pagesegment psg;
-application/vnd.ahead.space ahead;
-application/vnd.airzip.filesecure.azf azf;
-application/vnd.airzip.filesecure.azs azs;
-application/vnd.amazon.mobi8-ebook azw3;
-application/vnd.americandynamics.acc acc;
-application/vnd.amiga.ami ami;
-application/vnd.android.ota ota;
-application/vnd.anki apkg;
-application/vnd.anser-web-certificate-issue-initiation cii;
-application/vnd.anser-web-funds-transfer-initiation fti;
-application/vnd.apple.installer+xml dist distz pkg mpkg;
-application/vnd.apple.keynote keynote;
-application/vnd.apple.mpegurl m3u8;
-application/vnd.apple.numbers numbers;
-application/vnd.apple.pages pages;
-application/vnd.aristanetworks.swi swi;
-application/vnd.artisan+json artisan;
-application/vnd.astraea-software.iota iota;
-application/vnd.audiograph aep;
-application/vnd.autopackage package;
-application/vnd.balsamiq.bmml+xml bmml;
-application/vnd.banana-accounting ac2;
-application/vnd.balsamiq.bmpr bmpr;
-application/vnd.blueice.multipass mpm;
-application/vnd.bluetooth.ep.oob ep;
-application/vnd.bluetooth.le.oob le;
-application/vnd.bmi bmi;
-application/vnd.businessobjects rep;
-application/vnd.cendio.thinlinc.clientconf tlclient;
-application/vnd.chemdraw+xml cdxml;
-application/vnd.chess-pgn pgn;
-application/vnd.chipnuts.karaoke-mmd mmd;
-application/vnd.cinderella cdy;
-application/vnd.citationstyles.style+xml csl;
-application/vnd.claymore cla;
-application/vnd.cloanto.rp9 rp9;
-application/vnd.clonk.c4group c4g c4d c4f c4p c4u;
-application/vnd.cluetrust.cartomobile-config c11amc;
-application/vnd.cluetrust.cartomobile-config-pkg c11amz;
-application/vnd.coffeescript coffee;
-application/vnd.collabio.xodocuments.document xodt;
-application/vnd.collabio.xodocuments.document-template xott;
-application/vnd.collabio.xodocuments.presentation xodp;
-application/vnd.collabio.xodocuments.presentation-template xotp;
-application/vnd.collabio.xodocuments.spreadsheet xods;
-application/vnd.collabio.xodocuments.spreadsheet-template xots;
-application/vnd.comicbook-rar cbr;
-application/vnd.comicbook+zip cbz;
-application/vnd.commerce-battelle ica icf icd ic0 ic1 ic2 ic3 ic4 ic5 ic6 ic7 ic8;
-application/vnd.commonspace csp cst;
-application/vnd.contact.cmsg cdbcmsg;
-application/vnd.coreos.ignition+json ign ignition;
-application/vnd.cosmocaller cmc;
-application/vnd.crick.clicker clkx;
-application/vnd.crick.clicker.keyboard clkk;
-application/vnd.crick.clicker.palette clkp;
-application/vnd.crick.clicker.template clkt;
-application/vnd.crick.clicker.wordbank clkw;
-application/vnd.criticaltools.wbs+xml wbs;
-application/vnd.crypto-shade-file ssvc;
-application/vnd.cryptomator.encrypted c9r c9s;
-application/vnd.cryptomator.vault cryptomator;
-application/vnd.ctc-posml pml;
-application/vnd.cups-ppd ppd;
-application/vnd.curl curl;
-application/vnd.dart dart;
-application/vnd.data-vision.rdz rdz;
-application/vnd.dbf dbf;
-application/vnd.debian.binary-package deb udeb;
-application/vnd.dece.data uvf uvvf uvd uvvd;
-application/vnd.dece.ttml+xml uvt uvvt;
-application/vnd.dece.unspecified uvx uvvx;
-application/vnd.dece.zip uvz uvvz;
-application/vnd.denovo.fcselayout-link fe_launch;
-application/vnd.desmume.movie dsm;
-application/vnd.dna dna;
-application/vnd.document+json docjson;
-application/vnd.doremir.scorecloud-binary-document scld;
-application/vnd.dpgraph dpg mwc dpgraph;
-application/vnd.dreamfactory dfac;
-application/vnd.dtg.local.flash fla;
-application/vnd.dvb.ait ait;
-application/vnd.dvb.service svc;
-application/vnd.dynageo geo;
-application/vnd.dzr dzr;
-application/vnd.ecowin.chart mag;
-application/vnd.enliven nml;
-application/vnd.epson.esf esf;
-application/vnd.epson.msf msf;
-application/vnd.epson.quickanime qam;
-application/vnd.epson.salt slt;
-application/vnd.epson.ssf ssf;
-application/vnd.ericsson.quickcall qcall qca;
-application/vnd.espass-espass+zip espass;
-application/vnd.eszigno3+xml es3 et3;
-application/vnd.etsi.asic-e+zip asice sce;
-application/vnd.etsi.asic-s+zip asics;
-application/vnd.etsi.timestamp-token tst;
-application/vnd.exstream-empower+zip mpw;
-application/vnd.exstream-package pub;
-application/vnd.evolv.ecig.profile ecigprofile;
-application/vnd.evolv.ecig.settings ecig;
-application/vnd.evolv.ecig.theme ecigtheme;
-application/vnd.ezpix-album ez2;
-application/vnd.ezpix-package ez3;
-application/vnd.fastcopy-disk-image dim;
-application/vnd.fdf fdf;
-application/vnd.fdsn.mseed msd mseed;
-application/vnd.fdsn.seed seed dataless;
-application/vnd.ficlab.flb+zip flb;
-application/vnd.filmit.zfc zfc;
-application/vnd.FloGraphIt gph;
-application/vnd.fluxtime.clip ftc;
-application/vnd.font-fontforge-sfd sfd;
-application/vnd.framemaker fm;
-application/vnd.frogans.fnc fnc;
-application/vnd.frogans.ltf ltf;
-application/vnd.fsc.weblaunch fsc;
-application/vnd.fujitsu.oasys oas;
-application/vnd.fujitsu.oasys2 oa2;
-application/vnd.fujitsu.oasys3 oa3;
-application/vnd.fujitsu.oasysgp fg5;
-application/vnd.fujitsu.oasysprs bh2;
-application/vnd.fujixerox.ddd ddd;
-application/vnd.fujixerox.docuworks xdw;
-application/vnd.fujixerox.docuworks.binder xbd;
-application/vnd.fujixerox.docuworks.container xct;
-application/vnd.fuzzysheet fzs;
-application/vnd.genomatix.tuxedo txd;
-application/vnd.geocube+xml g3 g³;
-application/vnd.geogebra.file ggb;
-application/vnd.geogebra.slides ggs;
-application/vnd.geogebra.tool ggt;
-application/vnd.geometry-explorer gex gre;
-application/vnd.geonext gxt;
-application/vnd.geoplan g2w;
-application/vnd.geospace g3w;
-application/vnd.gmx gmx;
-application/vnd.google-earth.kml+xml kml;
-application/vnd.google-earth.kmz kmz;
-application/vnd.grafeq gqf gqs;
-application/vnd.groove-account gac;
-application/vnd.groove-help ghf;
-application/vnd.groove-identity-message gim;
-application/vnd.groove-injector grv;
-application/vnd.groove-tool-message gtm;
-application/vnd.groove-tool-template tpl;
-application/vnd.groove-vcard vcg;
-application/vnd.hal+xml hal;
-application/vnd.HandHeld-Entertainment+xml zmm;
-application/vnd.hbci hbci hbc kom upa pkd bpd;
-application/vnd.hdt hdt;
-application/vnd.hhe.lesson-player les;
-application/vnd.hp-HPGL hpgl;
-application/vnd.hp-hpid hpi hpid;
-application/vnd.hp-hps hps;
-application/vnd.hp-jlyt jlt;
-application/vnd.hp-PCL pcl;
-application/vnd.hydrostatix.sof-data sfd-hdstx;
-application/vnd.hzn-3d-crossword x3d;
-application/vnd.ibm.electronic-media emm;
-application/vnd.ibm.MiniPay mpy;
-application/vnd.ibm.rights-management irm;
-application/vnd.ibm.secure-container sc;
-application/vnd.iccprofile icc icm;
-application/vnd.ieee.1905 1905.1;
-application/vnd.igloader igl;
-application/vnd.imagemeter.folder+zip imf;
-application/vnd.imagemeter.image+zip imi;
-application/vnd.immervision-ivp ivp;
-application/vnd.immervision-ivu ivu;
-application/vnd.ims.imsccv1p1 imscc;
-application/vnd.insors.igm igm;
-application/vnd.intercon.formnet xpw xpx;
-application/vnd.intergeo i2g;
-application/vnd.intu.qbo qbo;
-application/vnd.intu.qfx qfx;
-application/vnd.ipunplugged.rcprofile rcprofile;
-application/vnd.irepository.package+xml irp;
-application/vnd.is-xpr xpr;
-application/vnd.isac.fcs fcs;
-application/vnd.jam jam;
-application/vnd.jcp.javame.midlet-rms rms;
-application/vnd.jisp jisp;
-application/vnd.joost.joda-archive joda;
-application/vnd.kahootz ktz ktr;
-application/vnd.kde.karbon karbon;
-application/vnd.kde.kchart chrt;
-application/vnd.kde.kformula kfo;
-application/vnd.kde.kivio flw;
-application/vnd.kde.kontour kon;
-application/vnd.kde.kpresenter kpr kpt;
-application/vnd.kde.kspread ksp;
-application/vnd.kde.kword kwd kwt;
-application/vnd.kenameaapp htke;
-application/vnd.kidspiration kia;
-application/vnd.Kinar kne knp sdf;
-application/vnd.koan skp skd skm skt;
-application/vnd.kodak-descriptor sse;
-application/vnd.las las;
-application/vnd.las.las+json lasjson;
-application/vnd.las.las+xml lasxml;
-application/vnd.llamagraphics.life-balance.desktop lbd;
-application/vnd.llamagraphics.life-balance.exchange+xml lbe;
-application/vnd.logipipe.circuit+zip lcs lca;
-application/vnd.loom loom;
-application/vnd.lotus-1-2-3 123 wk4 wk3 wk1;
-application/vnd.lotus-approach apr vew;
-application/vnd.lotus-freelance prz pre;
-application/vnd.lotus-notes nsf ntf ndl ns4 ns3 ns2 nsh nsg;
-application/vnd.lotus-organizer or3 or2 org;
-application/vnd.lotus-screencam scm;
-application/vnd.lotus-wordpro lwp sam;
-application/vnd.macports.portpkg portpkg;
-application/vnd.mapbox-vector-tile mvt;
-application/vnd.marlin.drm.mdcf mdc;
-application/vnd.maxmind.maxmind-db mmdb;
-application/vnd.mcd mcd;
-application/vnd.medcalcdata mc1;
-application/vnd.mediastation.cdkey cdkey;
-application/vnd.MFER mwf;
-application/vnd.mfmp mfm;
-application/vnd.micrografx.flo flo;
-application/vnd.micrografx.igx igx;
-application/vnd.mif mif;
-application/vnd.Mobius.DAF daf;
-application/vnd.Mobius.DIS dis;
-application/vnd.Mobius.MBK mbk;
-application/vnd.Mobius.MQY mqy;
-application/vnd.Mobius.MSL msl;
-application/vnd.Mobius.PLC plc;
-application/vnd.Mobius.TXF txf;
-application/vnd.mophun.application mpn;
-application/vnd.mophun.certificate mpc;
-application/vnd.mozilla.xul+xml xul;
-application/vnd.ms-3mfdocument 3mf;
-application/vnd.ms-artgalry cil;
-application/vnd.ms-asf asf;
-application/vnd.ms-cab-compressed cab;
-application/vnd.ms-excel xls xlm xla xlc xlt xlw;
-application/vnd.ms-excel.template.macroEnabled.12 xltm;
-application/vnd.ms-excel.addin.macroEnabled.12 xlam;
-application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb;
-application/vnd.ms-excel.sheet.macroEnabled.12 xlsm;
-application/vnd.ms-fontobject eot;
-application/vnd.ms-htmlhelp chm;
-application/vnd.ms-ims ims;
-application/vnd.ms-lrm lrm;
-application/vnd.ms-officetheme thmx;
-application/vnd.ms-powerpoint ppt pps pot;
-application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam;
-application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm;
-application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm;
-application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm;
-application/vnd.ms-powerpoint.template.macroEnabled.12 potm;
-application/vnd.ms-project mpp mpt;
-application/vnd.ms-tnef tnef tnf;
-application/vnd.ms-word.document.macroEnabled.12 docm;
-application/vnd.ms-word.template.macroEnabled.12 dotm;
-application/vnd.ms-works wcm wdb wks wps;
-application/vnd.ms-wpl wpl;
-application/vnd.ms-xpsdocument xps;
-application/vnd.msa-disk-image msa;
-application/vnd.mseq mseq;
-application/vnd.multiad.creator crtr;
-application/vnd.multiad.creator.cif cif;
-application/vnd.musician mus;
-application/vnd.muvee.style msty;
-application/vnd.mynfc taglet;
-application/vnd.nebumind.line nebul line;
-application/vnd.nervana entity request bkm kcm;
-application/vnd.nimn nimn;
-application/vnd.nitf nitf;
-application/vnd.neurolanguage.nlu nlu;
-application/vnd.nintendo.nitro.rom nds;
-application/vnd.nintendo.snes.rom sfc smc;
-application/vnd.noblenet-directory nnd;
-application/vnd.noblenet-sealer nns;
-application/vnd.noblenet-web nnw;
-application/vnd.nokia.n-gage.ac+xml ac;
-application/vnd.nokia.n-gage.data ngdat;
-application/vnd.nokia.n-gage.symbian.install n-gage;
-application/vnd.nokia.radio-preset rpst;
-application/vnd.nokia.radio-presets rpss;
-application/vnd.novadigm.EDM edm;
-application/vnd.novadigm.EDX edx;
-application/vnd.novadigm.EXT ext;
-application/vnd.oasis.opendocument.chart odc;
-application/vnd.oasis.opendocument.chart-template otc;
-application/vnd.oasis.opendocument.database odb;
-application/vnd.oasis.opendocument.formula odf;
-application/vnd.oasis.opendocument.graphics odg;
-application/vnd.oasis.opendocument.graphics-template otg;
-application/vnd.oasis.opendocument.image odi;
-application/vnd.oasis.opendocument.image-template oti;
-application/vnd.oasis.opendocument.presentation odp;
-application/vnd.oasis.opendocument.presentation-template otp;
-application/vnd.oasis.opendocument.spreadsheet ods;
-application/vnd.oasis.opendocument.spreadsheet-template ots;
-application/vnd.oasis.opendocument.text odt;
-application/vnd.oasis.opendocument.text-master odm;
-application/vnd.oasis.opendocument.text-template ott;
-application/vnd.oasis.opendocument.text-web oth;
-application/vnd.olpc-sugar xo;
-application/vnd.oma.dd2+xml dd2;
-application/vnd.onepager tam;
-application/vnd.onepagertamp tamp;
-application/vnd.onepagertamx tamx;
-application/vnd.onepagertat tat;
-application/vnd.onepagertatp tatp;
-application/vnd.onepagertatx tatx;
-application/vnd.openblox.game+xml obgx;
-application/vnd.openblox.game-binary obg;
-application/vnd.openeye.oeb oeb;
-application/vnd.openofficeorg.extension oxt;
-application/vnd.openstreetmap.data+xml osm;
-application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
-application/vnd.openxmlformats-officedocument.presentationml.slide sldx;
-application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx;
-application/vnd.openxmlformats-officedocument.presentationml.template potx;
-application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
-application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx;
-application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
-application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx;
-application/vnd.osa.netdeploy ndc;
-application/vnd.osgeo.mapguide.package mgp;
-application/vnd.osgi.dp dp;
-application/vnd.osgi.subsystem esa;
-application/vnd.oxli.countgraph oxlicg;
-application/vnd.palm prc pdb pqa oprc;
-application/vnd.panoply plp;
-application/vnd.patentdive dive;
-application/vnd.pawaafile paw;
-application/vnd.pg.format str;
-application/vnd.pg.osasli ei6;
-application/vnd.piaccess.application-licence pil;
-application/vnd.picsel efif;
-application/vnd.pmi.widget wg;
-application/vnd.pocketlearn plf;
-application/vnd.powerbuilder6 pbd;
-application/vnd.preminet preminet;
-application/vnd.previewsystems.box box vbox;
-application/vnd.proteus.magazine mgz;
-application/vnd.psfs psfs;
-application/vnd.publishare-delta-tree qps;
-application/vnd.pvi.ptid1 ptid;
-application/vnd.qualcomm.brew-app-res bar;
-application/vnd.Quark.QuarkXPress qxd qxt qwd qwt qxl qxb;
-application/vnd.quobject-quoxdocument quox quiz;
-application/vnd.rainstor.data tree;
-application/vnd.rar rar;
-application/vnd.realvnc.bed bed;
-application/vnd.recordare.musicxml mxl;
-application/vnd.rig.cryptonote cryptonote;
-application/vnd.route66.link66+xml link66;
-application/vnd.sailingtracker.track st;
-application/vnd.sar SAR;
-application/vnd.scribus scd sla slaz;
-application/vnd.sealed.3df s3df;
-application/vnd.sealed.csf scsf;
-application/vnd.sealed.doc sdoc sdo s1w;
-application/vnd.sealed.eml seml sem;
-application/vnd.sealed.mht smht smh;
-application/vnd.sealed.ppt sppt s1p;
-application/vnd.sealed.tiff stif;
-application/vnd.sealed.xls sxls sxl s1e;
-application/vnd.sealedmedia.softseal.html stml s1h;
-application/vnd.sealedmedia.softseal.pdf spdf spd s1a;
-application/vnd.seemail see;
-application/vnd.sema sema;
-application/vnd.semd semd;
-application/vnd.semf semf;
-application/vnd.shade-save-file ssv;
-application/vnd.shana.informed.formdata ifm;
-application/vnd.shana.informed.formtemplate itp;
-application/vnd.shana.informed.interchange iif;
-application/vnd.shana.informed.package ipk;
-application/vnd.shp shp;
-application/vnd.shx shx;
-application/vnd.sigrok.session sr;
-application/vnd.SimTech-MindMapper twd twds;
-application/vnd.smaf mmf;
-application/vnd.smart.notebook notebook;
-application/vnd.smart.teacher teacher;
-application/vnd.snesdev-page-table ptrom pt;
-application/vnd.software602.filler.form+xml fo;
-application/vnd.software602.filler.form-xml-zip zfo;
-application/vnd.solent.sdkm+xml sdkm sdkd;
-application/vnd.spotfire.dxp dxp;
-application/vnd.spotfire.sfs sfs;
-application/vnd.sqlite3 sqlite sqlite3;
-application/vnd.stepmania.package smzip;
-application/vnd.stepmania.stepchart sm;
-application/vnd.sun.wadl+xml wadl;
-application/vnd.sus-calendar sus susp;
-application/vnd.sycle+xml scl;
-application/vnd.syncml+xml xsm;
-application/vnd.syncml.dm+wbxml bdm;
-application/vnd.syncml.dm+xml xdm;
-application/vnd.syncml.dmddf+xml ddf;
-application/vnd.tao.intent-module-archive tao;
-application/vnd.tcpdump.pcap pcap cap dmp;
-application/vnd.theqvd qvd;
-application/vnd.think-cell.ppttc+json ppttc;
-application/vnd.tml vfr viaframe;
-application/vnd.tmobile-livetv tmo;
-application/vnd.trid.tpt tpt;
-application/vnd.triscape.mxs mxs;
-application/vnd.trueapp tra;
-application/vnd.ufdl ufdl ufd frm;
-application/vnd.uiq.theme utz;
-application/vnd.umajin umj;
-application/vnd.unity unityweb;
-application/vnd.uoml+xml uoml uo;
-application/vnd.uri-map urim urimap;
-application/vnd.valve.source.material vmt;
-application/vnd.vcx vcx;
-application/vnd.vd-study mxi study-inter model-inter;
-application/vnd.vectorworks vwx;
-application/vnd.veryant.thin istc isws;
-application/vnd.ves.encrypted VES;
-application/vnd.vidsoft.vidconference vsc;
-application/vnd.visio vsd vst vsw vss;
-application/vnd.visionary vis;
-application/vnd.vsf vsf;
-application/vnd.wap.sic sic;
-application/vnd.wap.slc slc;
-application/vnd.wap.wbxml wbxml;
-application/vnd.wap.wmlc wmlc;
-application/vnd.wap.wmlscriptc wmlsc;
-application/vnd.webturbo wtb;
-application/vnd.wfa.p2p p2p;
-application/vnd.wfa.wsc wsc;
-application/vnd.wmc wmc;
-application/vnd.wolfram.mathematica.package m;
-application/vnd.wolfram.player nbp;
-application/vnd.wordperfect wpd;
-application/vnd.wqd wqd;
-application/vnd.wt.stf stf;
-application/vnd.wv.csp+wbxml wv;
-application/vnd.xara xar;
-application/vnd.xfdl xfdl xfd;
-application/vnd.xmpie.cpkg cpkg;
-application/vnd.xmpie.dpkg dpkg;
-application/vnd.xmpie.ppkg ppkg;
-application/vnd.xmpie.xlim xlim;
-application/vnd.yamaha.hv-dic hvd;
-application/vnd.yamaha.hv-script hvs;
-application/vnd.yamaha.hv-voice hvp;
-application/vnd.yamaha.openscoreformat osf;
-application/vnd.yamaha.smaf-audio saf;
-application/vnd.yamaha.smaf-phrase spf;
-application/vnd.yaoweme yme;
-application/vnd.yellowriver-custom-menu cmp;
-application/vnd.zul zir zirz;
-application/vnd.zzazz.deck+xml zaz;
-application/voicexml+xml vxml;
-application/voucher-cms+json vcj;
-application/wasm wasm;
-application/watcherinfo+xml wif;
-application/widget wgt;
-application/wsdl+xml wsdl;
-application/wspolicy+xml wspolicy;
-application/xcap-att+xml xav;
-application/xcap-caps+xml xca;
-application/xcap-diff+xml xdf;
-application/xcap-el+xml xel;
-application/xcap-error+xml xer;
-application/xcap-ns+xml xns;
-application/xhtml+xml xhtml xhtm xht;
-application/xliff+xml xlf;
-application/xml-dtd dtd;
-application/xop+xml xop;
-application/xslt+xml xsl xslt;
-application/xv+xml mxml xhvml xvml xvm;
-application/yang yang;
-application/yin+xml yin;
-application/zip zip;
-application/zstd zst;
-audio/32kadpcm 726;
-audio/aac adts aac ass;
-audio/ac3 ac3;
-audio/AMR amr;
-audio/AMR-WB awb;
-audio/asc acn;
-audio/ATRAC-ADVANCED-LOSSLESS aal;
-audio/ATRAC-X atx;
-audio/ATRAC3 at3 aa3 omg;
-audio/basic au snd;
-audio/dls dls;
-audio/EVRC evc;
-audio/EVRCB evb;
-audio/EVRCNW enw;
-audio/EVRCWB evw;
-audio/iLBC lbc;
-audio/L16 l16;
-audio/mhas mhas;
-audio/mobile-xmf mxmf;
-audio/mp4 m4a;
-audio/mpeg mp3 mpga mp1 mp2;
-audio/ogg oga ogg opus spx;
-audio/prs.sid sid psid;
-audio/QCELP qcp;
-audio/SMV smv;
-audio/sofa sofa;
-audio/usac loas xhe;
-audio/vnd.audiokoz koz;
-audio/vnd.dece.audio uva uvva;
-audio/vnd.digital-winds eol;
-audio/vnd.dolby.mlp mlp;
-audio/vnd.dts dts;
-audio/vnd.dts.hd dtshd;
-audio/vnd.everad.plj plj;
-audio/vnd.lucent.voice lvp;
-audio/vnd.ms-playready.media.pya pya;
-audio/vnd.nortel.vbk vbk;
-audio/vnd.nuera.ecelp4800 ecelp4800;
-audio/vnd.nuera.ecelp7470 ecelp7470;
-audio/vnd.nuera.ecelp9600 ecelp9600;
-audio/vnd.presonus.multitrack multitrack;
-audio/vnd.rip rip;
-audio/vnd.sealedmedia.softseal.mpeg smp3 smp s1m;
-font/collection ttc;
-font/otf otf;
-font/ttf ttf;
-font/woff woff;
-font/woff2 woff2;
-image/aces exr;
-image/avci avci;
-image/avcs avcs;
-image/avif avif hif;
-image/bmp bmp dib;
-image/cgm cgm;
-image/dicom-rle drle;
-image/emf emf;
-image/fits fits fit fts;
-image/heic heic;
-image/heic-sequence heics;
-image/heif heif;
-image/heif-sequence heifs;
-image/hej2k hej2;
-image/hsj2 hsj2;
-image/gif gif;
-image/ief ief;
-image/jls jls;
-image/jp2 jp2 jpg2;
-image/jph jph;
-image/jphc jhc;
-image/jpeg jpg jpeg jpe jfif;
-image/jpm jpm jpgm;
-image/jpx jpx jpf;
-image/jxl jxl;
-image/jxr jxr;
-image/jxrA jxra;
-image/jxrS jxrs;
-image/jxs jxs;
-image/jxsc jxsc;
-image/jxsi jxsi;
-image/jxss jxss;
-image/ktx ktx;
-image/ktx2 ktx2;
-image/png png;
-image/prs.btif btif btf;
-image/prs.pti pti;
-image/svg+xml svg svgz;
-image/t38 t38;
-image/tiff tiff tif;
-image/tiff-fx tfx;
-image/vnd.adobe.photoshop psd;
-image/vnd.airzip.accelerator.azv azv;
-image/vnd.dece.graphic uvi uvvi uvg uvvg;
-image/vnd.djvu djvu djv;
-image/vnd.dwg dwg;
-image/vnd.dxf dxf;
-image/vnd.fastbidsheet fbs;
-image/vnd.fpx fpx;
-image/vnd.fst fst;
-image/vnd.fujixerox.edmics-mmr mmr;
-image/vnd.fujixerox.edmics-rlc rlc;
-image/vnd.globalgraphics.pgb pgb;
-image/vnd.microsoft.icon ico;
-image/vnd.mozilla.apng apng;
-image/vnd.ms-modi mdi;
-image/vnd.pco.b16 b16;
-image/vnd.radiance hdr rgbe xyze;
-image/vnd.sealed.png spng spn s1n;
-image/vnd.sealedmedia.softseal.gif sgif sgi s1g;
-image/vnd.sealedmedia.softseal.jpg sjpg sjp s1j;
-image/vnd.tencent.tap tap;
-image/vnd.valve.source.texture vtf;
-image/vnd.wap.wbmp wbmp;
-image/vnd.xiff xif;
-image/vnd.zbrush.pcx pcx;
-image/wmf wmf;
-message/global u8msg;
-message/global-delivery-status u8dsn;
-message/global-disposition-notification u8mdn;
-message/global-headers u8hdr;
-message/rfc822 eml mail art;
-model/gltf-binary glb;
-model/gltf+json gltf;
-model/iges igs iges;
-model/mesh msh mesh silo;
-model/mtl mtl;
-model/obj obj;
-model/stl stl;
-model/vnd.collada+xml dae;
-model/vnd.dwf dwf;
-model/vnd.gdl gdl gsm win dor lmp rsm msm ism;
-model/vnd.gtw gtw;
-model/vnd.moml+xml moml;
-model/vnd.mts mts;
-model/vnd.opengex ogex;
-model/vnd.parasolid.transmit.binary x_b xmt_bin;
-model/vnd.parasolid.transmit.text x_t xmt_txt;
-model/vnd.pytha.pyox pyo pyox;
-model/vnd.sap.vds vds;
-model/vnd.usdz+zip usdz;
-model/vnd.valve.source.compiled-map bsp;
-model/vnd.vtu vtu;
-model/vrml wrl vrml;
-model/x3d+xml x3db;
-model/x3d-vrml x3dv x3dvz;
-multipart/vnd.bint.med-plus bmed;
-multipart/voice-message vpm;
-text/cache-manifest appcache manifest;
-text/calendar ics ifb;
-text/cql CQL;
-text/css css;
-text/csv csv;
-text/csv-schema csvs;
-text/dns soa zone;
-text/gff3 gff3;
-text/html html htm;
-text/jcr-cnd cnd;
-text/markdown markdown md;
-text/mizar miz;
-text/n3 n3;
-text/plain txt asc text pm el c h cc hh cxx hxx f90 conf log nix nginx sh cs sln razor csproj;
-text/provenance-notation provn;
-text/prs.fallenstein.rst rst;
-text/prs.lines.tag tag dsc;
-text/richtext rtx;
-text/SGML sgml sgm;
-text/shaclc shaclc shc;
-text/spdx spdx;
-text/tab-separated-values tsv;
-text/troff t tr roff;
-text/turtle ttl;
-text/uri-list uris uri;
-text/vcard vcf vcard;
-text/vnd.a a;
-text/vnd.abc abc;
-text/vnd.ascii-art ascii;
-text/vnd.debian.copyright copyright;
-text/vnd.DMClientScript dms;
-text/vnd.dvb.subtitle sub;
-text/vnd.esmertec.theme-descriptor jtd;
-text/vnd.ficlab.flt flt;
-text/vnd.fly fly;
-text/vnd.fmi.flexstor flx;
-text/vnd.graphviz gv dot;
-text/vnd.hans hans;
-text/vnd.hgl hgl;
-text/vnd.in3d.3dml 3dml 3dm;
-text/vnd.in3d.spot spot spo;
-text/vnd.ms-mediapackage mpf;
-text/vnd.net2phone.commcenter.command ccc;
-text/vnd.senx.warpscript mc2;
-text/vnd.si.uricatalogue uric;
-text/vnd.sun.j2me.app-descriptor jad;
-text/vnd.sosi sos;
-text/vnd.trolltech.linguist ts;
-text/vnd.wap.si si;
-text/vnd.wap.sl sl;
-text/vnd.wap.wml wml;
-text/vnd.wap.wmlscript wmls;
-text/vtt vtt;
-text/xml xml xsd rng;
-text/xml-external-parsed-entity ent;
-video/3gpp 3gp 3gpp;
-video/3gpp2 3g2 3gpp2;
-video/iso.segment m4s;
-video/mj2 mj2 mjp2;
-video/mp4 mp4 mpg4 m4v;
-video/mpeg mpeg mpg mpe m1v m2v;
-video/ogg ogv;
-video/quicktime mov qt;
-video/vnd.dece.hd uvh uvvh;
-video/vnd.dece.mobile uvm uvvm;
-video/vnd.dece.mp4 uvu uvvu;
-video/vnd.dece.pd uvp uvvp;
-video/vnd.dece.sd uvs uvvs;
-video/vnd.dece.video uvv uvvv;
-video/vnd.dvb.file dvb;
-video/vnd.fvt fvt;
-video/vnd.mpegurl mxu m4u;
-video/vnd.ms-playready.media.pyv pyv;
-video/vnd.nokia.interleaved-multimedia nim;
-video/vnd.radgamettools.bink bik bk2;
-video/vnd.radgamettools.smacker smk;
-video/vnd.sealed.mpeg1 smpg s11;
-video/vnd.sealed.mpeg4 s14;
-video/vnd.sealed.swf sswf ssw;
-video/vnd.sealedmedia.softseal.mov smov smo s1q;
-video/vnd.youtube.yt yt;
-video/vnd.vivo viv;
-application/mac-compactpro cpt;
-application/metalink+xml metalink;
-application/owl+xml owx;
-application/rss+xml rss;
-application/vnd.android.package-archive apk;
-application/vnd.oma.dd+xml dd;
-application/vnd.oma.drm.content dcf;
-application/vnd.oma.drm.dcf o4a o4v;
-application/vnd.oma.drm.message dm;
-application/vnd.oma.drm.rights+wbxml drc;
-application/vnd.oma.drm.rights+xml dr;
-application/vnd.sun.xml.calc sxc;
-application/vnd.sun.xml.calc.template stc;
-application/vnd.sun.xml.draw sxd;
-application/vnd.sun.xml.draw.template std;
-application/vnd.sun.xml.impress sxi;
-application/vnd.sun.xml.impress.template sti;
-application/vnd.sun.xml.math sxm;
-application/vnd.sun.xml.writer sxw;
-application/vnd.sun.xml.writer.global sxg;
-application/vnd.sun.xml.writer.template stw;
-application/vnd.symbian.install sis;
-application/vnd.wap.mms-message mms;
-application/x-annodex anx;
-application/x-bcpio bcpio;
-application/x-bittorrent torrent;
-application/x-bzip2 bz2;
-application/x-cdlink vcd;
-application/x-chrome-extension crx;
-application/x-cpio cpio;
-application/x-csh csh;
-application/x-director dcr dir dxr;
-application/x-dvi dvi;
-application/x-futuresplash spl;
-application/x-gtar gtar;
-application/x-hdf hdf;
-application/x-java-archive jar;
-application/x-java-jnlp-file jnlp;
-application/x-java-pack200 pack;
-application/x-killustrator kil;
-application/x-latex latex;
-application/x-netcdf nc cdf;
-application/x-perl pl;
-application/x-rpm rpm;
-application/x-sh sh;
-application/x-shar shar;
-application/x-stuffit sit;
-application/x-sv4cpio sv4cpio;
-application/x-sv4crc sv4crc;
-application/x-tar tar;
-application/x-tcl tcl;
-application/x-tex tex;
-application/x-texinfo texinfo texi;
-application/x-troff-man man 1 2 3 4 5 6 7 8;
-application/x-troff-me me;
-application/x-troff-ms ms;
-application/x-ustar ustar;
-application/x-wais-source src;
-application/x-xpinstall xpi;
-application/x-xspf+xml xspf;
-application/x-xz xz;
-audio/midi mid midi kar;
-audio/x-aiff aif aiff aifc;
-audio/x-annodex axa;
-audio/x-flac flac;
-audio/x-matroska mka;
-audio/x-mod mod ult uni m15 mtm 669 med;
-audio/x-mpegurl m3u;
-audio/x-ms-wax wax;
-audio/x-ms-wma wma;
-audio/x-pn-realaudio ram rm;
-audio/x-realaudio ra;
-audio/x-s3m s3m;
-audio/x-stm stm;
-audio/x-wav wav;
-chemical/x-xyz xyz;
-image/webp webp;
-image/x-cmu-raster ras;
-image/x-portable-anymap pnm;
-image/x-portable-bitmap pbm;
-image/x-portable-graymap pgm;
-image/x-portable-pixmap ppm;
-image/x-rgb rgb;
-image/x-targa tga;
-image/x-xbitmap xbm;
-image/x-xpixmap xpm;
-image/x-xwindowdump xwd;
-text/html-sandboxed sandboxed;
-text/x-pod pod;
-text/x-setext etx;
-video/webm webm;
-video/x-annodex axv;
-video/x-flv flv;
-video/x-javafx fxm;
-video/x-matroska mkv;
-video/x-matroska-3d mk3d;
-video/x-ms-asf asx;
-video/x-ms-wm wm;
-video/x-ms-wmv wmv;
-video/x-ms-wmx wmx;
-video/x-ms-wvx wvx;
-video/x-msvideo avi;
-video/x-sgi-movie movie;
-x-conference/x-cooltalk ice;
-x-epoc/x-sisx-app sisx;
-}
diff --git a/modules/packages/nheko-git.nix b/modules/packages/nheko-git.nix
deleted file mode 100644
index c392d2f..0000000
--- a/modules/packages/nheko-git.nix
+++ /dev/null
@@ -1,105 +0,0 @@
-# This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/nheko/default.nix#L93
-# This file is a modified version of nixpkgs/pkgs/applications/networking/instant-messengers/nheko/default.nix (copied at 2e896fce)
-
-{
- lib,
- stdenv,
- fetchFromGitHub,
- cmake,
- #, wrapQtAppsHook
- asciidoctor,
- qt6,
- qt6Packages,
- #, qtmultimedia
- #, qtimageformats
- #, qtkeychain
- cmark,
- coeurl,
- curl,
- libevent,
- lmdb,
- lmdbxx,
- #, mtxclient
- nlohmann_json,
- olm,
- pkg-config,
- re2,
- spdlog,
- httplib,
- voipSupport ? true,
- gst_all_1,
- libnice,
- kdsingleapplication,
- pkgs,
- nhekoSrc,
- mtxclientSrc,
-}:
-
-stdenv.mkDerivation {
- pname = "nheko";
- version = "git+master";
- src = nhekoSrc;
-
- nativeBuildInputs = [
- lmdbxx
- cmake
- pkg-config
- asciidoctor
- qt6.wrapQtAppsHook
- ];
-
- buildInputs =
- [
- qt6.qtbase
- qt6.qttools
- qt6.qtsvg
- qt6.qtmultimedia
- qt6.qtimageformats
- qt6Packages.qtkeychain
- kdsingleapplication
- cmark
- coeurl
- curl
- libevent
- lmdb
- (pkgs.callPackage ./mtxclient-git.nix { inherit mtxclientSrc; })
- nlohmann_json
- olm
- re2
- spdlog
- httplib
- ]
- ++ lib.optionals voipSupport (
- with gst_all_1;
- [
- gstreamer
- gst-plugins-base
- gst-plugins-good
- gst-plugins-bad
- libnice
- ]
- );
-
- LC_ALL = lib.optionalString (!stdenv.isDarwin) "C.UTF-8";
-
- cmakeFlags = [
- "-DCOMPILE_QML=ON" # see https://github.com/Nheko-Reborn/nheko/issues/389
- "-DCMAKE_BUILD_TYPE=Release"
- "-DBUILD_SHARED_LIBS=OFF"
- #Rory&
- "-DMAN=OFF"
-
- ] ++ lib.optionals (!voipSupport) [ "-DVOIP=OFF" ];
-
- preFixup = lib.optionalString voipSupport ''
- # add gstreamer plugins path to the wrapper
- qtWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0")
- '';
-
- meta = with lib; {
- description = "Desktop client for the Matrix protocol";
- homepage = "https://github.com/Nheko-Reborn/nheko";
- platforms = platforms.all;
- license = licenses.gpl3Plus;
- };
-}
diff --git a/modules/packages/overlays/haskell/basement/IntWord64.nix b/modules/packages/overlays/haskell/basement/IntWord64.nix
deleted file mode 100644
index d407bf0..0000000
--- a/modules/packages/overlays/haskell/basement/IntWord64.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ pkgs, ... }:
-{
- nixpkgs.overlays = [
- (self: super: {
- haskellPackages = super.haskellPackages.override {
- overrides = haskellPackages-self: haskellPackages-super: {
- basement = haskellPackages-super.basement.overrideAttrs (oldAttrs: {
- patches = [ ./IntWord64.patch ];
- });
- };
- };
- })
- ];
-}
diff --git a/modules/packages/overlays/haskell/basement/IntWord64.patch b/modules/packages/overlays/haskell/basement/IntWord64.patch
deleted file mode 100644
index 0d1cdf7..0000000
--- a/modules/packages/overlays/haskell/basement/IntWord64.patch
+++ /dev/null
@@ -1,105 +0,0 @@
-diff -up basement-0.0.15/Basement/Bits.hs~ basement-0.0.15/Basement/Bits.hs
---- basement-0.0.15/Basement/Bits.hs~ 2022-02-28 12:00:48.000000000 +0800
-+++ basement-0.0.15/Basement/Bits.hs 2023-02-16 18:50:32.947378064 +0800
-@@ -54,7 +54,7 @@ import GHC.Int
- import Basement.Compat.Primitive
-
- #if WORD_SIZE_IN_BITS < 64
--import GHC.IntWord64
-+import GHC.Exts
- #endif
-
- -- | operation over finite bits
-diff -up basement-0.0.15/Basement/Numerical/Additive.hs~ basement-0.0.15/Basement/Numerical/Additive.hs
---- basement-0.0.15/Basement/Numerical/Additive.hs~ 2022-02-28 12:00:48.000000000 +0800
-+++ basement-0.0.15/Basement/Numerical/Additive.hs 2023-02-16 18:52:14.547975419 +0800
-@@ -29,7 +29,7 @@ import qualified Basement.Types.Word128
- import qualified Basement.Types.Word256 as Word256
-
- #if WORD_SIZE_IN_BITS < 64
--import GHC.IntWord64
-+import GHC.Exts
- #endif
-
- -- | Represent class of things that can be added together,
-diff -up basement-0.0.15/Basement/Numerical/Conversion.hs~ basement-0.0.15/Basement/Numerical/Conversion.hs
---- basement-0.0.15/Basement/Numerical/Conversion.hs~ 2022-02-28 12:00:48.000000000 +0800
-+++ basement-0.0.15/Basement/Numerical/Conversion.hs 2023-02-16 18:28:38.844400110 +0800
-@@ -25,7 +25,7 @@ import GHC.Word
- import Basement.Compat.Primitive
-
- #if WORD_SIZE_IN_BITS < 64
--import GHC.IntWord64
-+import GHC.Exts
- #endif
-
- intToInt64 :: Int -> Int64
-@@ -114,7 +114,7 @@
- #endif
- #else
- word64ToWord32s :: Word64 -> Word32x2
--word64ToWord32s (W64# w64) = Word32x2 (W32# (word64ToWord# (uncheckedShiftRL64# w64 32#))) (W32# (word64ToWord# w64))
-+word64ToWord32s (W64# w64) = Word32x2 (W32# (wordToWord32# (word64ToWord# (uncheckedShiftRL64# w64 32#)))) (W32# (wordToWord32# (word64ToWord# w64)))
- #endif
-
- wordToChar :: Word -> Char
-diff -up basement-0.0.15/Basement/PrimType.hs~ basement-0.0.15/Basement/PrimType.hs
---- basement-0.0.15/Basement/PrimType.hs~ 2022-03-03 10:51:42.000000000 +0800
-+++ basement-0.0.15/Basement/PrimType.hs 2023-02-16 18:52:13.884971521 +0800
-@@ -54,7 +54,7 @@ import Basement.Nat
- import qualified Prelude (quot)
-
- #if WORD_SIZE_IN_BITS < 64
--import GHC.IntWord64
-+import GHC.Exts
- #endif
-
- #ifdef FOUNDATION_BOUNDS_CHECK
-diff -up basement-0.0.15/Basement/Types/OffsetSize.hs~ basement-0.0.15/Basement/Types/OffsetSize.hs
---- basement-0.0.15/Basement/Types/OffsetSize.hs~ 2019-09-02 11:58:08.000000000 +0800
-+++ basement-0.0.15/Basement/Types/OffsetSize.hs 2023-02-16 18:49:45.703100306 +0800
-@@ -69,7 +69,7 @@ import Data.List (foldl')
- import qualified Prelude
-
- #if WORD_SIZE_IN_BITS < 64
--import GHC.IntWord64
-+import GHC.Exts
- #endif
-
- -- | File size in bytes
-@@ -225,7 +225,7 @@
-
- csizeOfSize :: CountOf Word8 -> CSize
- #if WORD_SIZE_IN_BITS < 64
--csizeOfSize (CountOf (I# sz)) = CSize (W32# (int2Word# sz))
-+csizeOfSize (CountOf (I# sz)) = CSize (W32# (wordToWord32# (int2Word# sz)))
- #else
- #if __GLASGOW_HASKELL__ >= 904
- csizeOfSize (CountOf (I# sz)) = CSize (W64# (wordToWord64# (int2Word# sz)))
-@@ -238,7 +238,7 @@
-
- csizeOfOffset :: Offset8 -> CSize
- #if WORD_SIZE_IN_BITS < 64
--csizeOfOffset (Offset (I# sz)) = CSize (W32# (int2Word# sz))
-+csizeOfOffset (Offset (I# sz)) = CSize (W32# (wordToWord32# (int2Word# sz)))
- #else
- #if __GLASGOW_HASKELL__ >= 904
- csizeOfOffset (Offset (I# sz)) = CSize (W64# (wordToWord64# (int2Word# sz)))
-@@ -250,7 +250,7 @@
- sizeOfCSSize :: CSsize -> CountOf Word8
- sizeOfCSSize (CSsize (-1)) = error "invalid size: CSSize is -1"
- #if WORD_SIZE_IN_BITS < 64
--sizeOfCSSize (CSsize (I32# sz)) = CountOf (I# sz)
-+sizeOfCSSize (CSsize (I32# sz)) = CountOf (I# (int32ToInt# sz))
- #else
- #if __GLASGOW_HASKELL__ >= 904
- sizeOfCSSize (CSsize (I64# sz)) = CountOf (I# (int64ToInt# sz))
-@@ -261,7 +261,7 @@
-
- sizeOfCSize :: CSize -> CountOf Word8
- #if WORD_SIZE_IN_BITS < 64
--sizeOfCSize (CSize (W32# sz)) = CountOf (I# (word2Int# sz))
-+sizeOfCSize (CSize (W32# sz)) = CountOf (I# (word2Int# (word32ToWord# sz)))
- #else
- #if __GLASGOW_HASKELL__ >= 904
- sizeOfCSize (CSize (W64# sz)) = CountOf (I# (word2Int# (word64ToWord# sz)))
diff --git a/modules/packages/vim.nix b/modules/packages/vim.nix
deleted file mode 100755
index 1b7bb37..0000000
--- a/modules/packages/vim.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ pkgs, ... }:
-{
- environment.variables = {
- EDITOR = "vim";
- };
-
- environment.systemPackages = with pkgs; [
- (neovim.override {
- vimAlias = true;
- configure = {
- packages.myPlugins = with pkgs.vimPlugins; {
- start = [
- vim-lastplace
- vim-nix
- vim-airline
- ];
- opt = [ ];
- };
- customRC = ''
- " your custom vimrc
- set nocompatible
- set backspace=indent,eol,start
- colorscheme vim
- " ...
- '';
- };
- })
- ];
-}
diff --git a/modules/packages/xdg-desktop-portal-gtk.nix b/modules/packages/xdg-desktop-portal-gtk.nix
deleted file mode 100644
index cfe48d4..0000000
--- a/modules/packages/xdg-desktop-portal-gtk.nix
+++ /dev/null
@@ -1,63 +0,0 @@
-{
- stdenv,
- lib,
- fetchFromGitHub,
- meson,
- ninja,
- pkg-config,
- xdg-desktop-portal,
- gtk3,
- gnome,
- gnome-desktop,
- glib,
- wrapGAppsHook,
- gsettings-desktop-schemas,
- buildPortalsInGnome ? true,
-}:
-
-stdenv.mkDerivation (finalAttrs: {
- pname = "xdg-desktop-portal-gtk";
- version = "1.15.1";
-
- src = fetchFromGitHub {
- owner = "flatpak";
- repo = "xdg-desktop-portal-gtk";
- rev = finalAttrs.version;
- sha256 = "sha256-uXVjKsqoIjqJilJq8ERRzEqGKbkzc+Zl6y+37CAcYro=";
- };
-
- nativeBuildInputs = [
- meson
- ninja
- pkg-config
- wrapGAppsHook
- ];
-
- buildInputs =
- [
- glib
- gtk3
- xdg-desktop-portal
- gsettings-desktop-schemas # settings exposed by settings portal
- #fontconfig
- ]
- ++ lib.optionals buildPortalsInGnome [
- gsettings-desktop-schemas # settings exposed by settings portal
- gnome-desktop
- gnome.gnome-settings-daemon # schemas needed for settings api (mostly useless now that fonts were moved to g-d-s, just mouse and xsettings)
- ];
-
- mesonFlags = lib.optionals (!buildPortalsInGnome) [
- "-Dwallpaper=disabled"
- "-Dsettings=enabled"
- "-Dappchooser=enabled"
- "-Dlockdown=disabled"
- ];
-
- meta = with lib; {
- description = "Desktop integration portals for sandboxed apps";
- maintainers = with maintainers; [ jtojnar ];
- platforms = platforms.linux;
- license = licenses.lgpl21Plus;
- };
-})
diff --git a/modules/software-templates/dotnet.client.nix b/modules/software-templates/dotnet.client.nix
index fa0082b..f855aa3 100644
--- a/modules/software-templates/dotnet.client.nix
+++ b/modules/software-templates/dotnet.client.nix
@@ -1,9 +1,26 @@
-{ pkgs, ... }:
+{
+ config,
+ pkgs,
+ nixpkgs-stable,
+ ...
+}:
+let
+ # We have to specify config to set allowUnfree, as nixpkgs-stable.legacyPackages doesn't pass through config.
+ # See: https://slab.midna.dev/public/posts/where-does-pkgs-come-from-xw6epo0t
+ stablePkgs = import nixpkgs-stable {
+ config = config.nixpkgs.config;
+ system = pkgs.stdenv.hostPlatform.system;
+ };
+in
{
#imports = [ ./dotnet.nix ];
environment.systemPackages = with pkgs; [
#`jetbrains.rider
- (jetbrains.plugins.addPlugins jetbrains.rider [ "github-copilot" ])
+ (jetbrains.plugins.addPlugins jetbrains.rider [
+ jetbrains.plugins.github-copilot-fixed
+ #"github-copilot"
+ "nixidea"
+ ])
];
}
diff --git a/modules/software-templates/dotnet.nix b/modules/software-templates/dotnet.nix
index edbcca3..4ab30d5 100644
--- a/modules/software-templates/dotnet.nix
+++ b/modules/software-templates/dotnet.nix
@@ -1,7 +1,9 @@
{ pkgs, ... }:
{
- environment.systemPackages = with pkgs; [ (callPackage ../packages/dotnet-pack.nix { inherit pkgs; }) ];
+ environment.systemPackages = with pkgs; [
+ (callPackage ../packages/dotnet-pack.nix { inherit pkgs; })
+ ];
environment.sessionVariables = {
DOTNET_CLI_TELEMETRY_OPTOUT = "1";
DOTNET_ROOT = "${(pkgs.callPackage ../packages/dotnet-pack.nix { inherit pkgs; })}";
diff --git a/modules/software-templates/firefox-policy.nix b/modules/software-templates/firefox-policy.nix
index 83d0a47..b8155fd 100644
--- a/modules/software-templates/firefox-policy.nix
+++ b/modules/software-templates/firefox-policy.nix
@@ -36,7 +36,9 @@
Enabled = false;
};
Extensions = {
- Install = [ "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi" ];
+ Install = [
+ "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi"
+ ];
};
ExtensionUpdate = false;
FirefoxHome = {
diff --git a/modules/software-templates/profilers.nix b/modules/software-templates/profilers.nix
index 4381193..c90f81e 100644
--- a/modules/software-templates/profilers.nix
+++ b/modules/software-templates/profilers.nix
@@ -1,9 +1,9 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
{
environment.systemPackages = with pkgs; [
- kcachegrind
- linuxKernel.packages.linux_5_15.perf
+ kdePackages.kcachegrind
+ config.boot.kernelPackages.perf
hotspot
valgrind
];
diff --git a/modules/software-templates/spacebar-server-ts/module.nix b/modules/software-templates/spacebar-server-ts/module.nix
new file mode 100644
index 0000000..768b423
--- /dev/null
+++ b/modules/software-templates/spacebar-server-ts/module.nix
@@ -0,0 +1,11 @@
+{ lib, ... }:
+{
+ options.services.spacebar-server-ts = {
+ enable = lib.mkEnableOption "spacebar-server-ts";
+ package = lib.mkOption {
+ type = lib.types.package;
+ default = null;
+ description = "The package to use for the spacebar-server-ts service";
+ };
+ };
+}
diff --git a/modules/software-templates/steam.nix b/modules/software-templates/steam.nix
new file mode 100644
index 0000000..ac548a7
--- /dev/null
+++ b/modules/software-templates/steam.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }: {
+ programs.steam = {
+ enable = true;
+ gamescopeSession.enable = true;
+ extraCompatPackages = with pkgs; [
+ steam-play-none
+ proton-ge-bin
+ ];
+ };
+
+ environment.systemPackages = with pkgs; [
+ steam-run
+ steam-acf
+ ];
+}
\ No newline at end of file
diff --git a/modules/software-templates/synapse-workers/generic.nix b/modules/software-templates/synapse-workers/generic.nix
new file mode 100644
index 0000000..7fa3967
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic.nix
@@ -0,0 +1,152 @@
+{
+ workerName,
+ tasks,
+ dbOverrides ? { },
+ count ? 1,
+}:
+{ config, lib, ... }:
+
+#let
+# dbGroup = "medium";
+# workerName = "account_data_stream_writer";
+# tasks = [ "stream_account_data" ];
+## workerRoutes = workerLib.workerRoutes.accountData;
+# count = 1;
+#in
+let
+ workerLib = import ./lib.nix;
+ cfg = config.services.matrix-synapse;
+ enabledResources = lib.attrNames workerRoutes;
+ workers = lib.range 0 count;
+ streamTypes =
+ [ ]
+ ++ lib.optional (lib.elem "stream_account_data" tasks) "account_data"
+ ++ lib.optional (lib.elem "stream_presence" tasks) "presence"
+ ++ lib.optional (lib.elem "stream_push_rules" tasks) "push_rules"
+ ++ lib.optional (lib.elem "stream_to_device" tasks) "to_device"
+ ++ lib.optional (lib.elem "stream_typing" tasks) "typing"
+ ++ lib.optional (lib.elem "stream_receipts" tasks) "receipts"
+ ++ lib.optional (lib.elem "stream_events" tasks) "events";
+
+ # recursive update list of attrs
+# recursiveMerge = list: lib.foldl (a: b: lib.recursiveUpdate a b) (lib.head list) (lib.tail list);
+# workerRoutes = recursiveMerge (lib.map (type: workerLib.workerRoutes.${type}) streamTypes);
+in
+{
+ config = lib.mkIf (cfg.accountDataStreamWriters > 0) {
+ monitoring.synapse.workerNames = if (count == 1) then [ workerName ] else lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers = lib.listToAttrs (
+ lib.map (stream: {
+ name = stream;
+ value = lib.map (index: "${workerName}-${toString index}") workers;
+ }) streamTypes
+ );
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = lib.recursiveUpdate (lib.recursiveUpdate config.services.matrix-synapse.settings.database {
+ application_name = "matrix-synapse (${config.services.matrix-synapse.settings.server_name}) - ${if workerName == null then throw "synapse/db.nix: workerName unspecified" else workerName}";
+ }) dbOverrides;
+
+ #region Media
+ max_upload_size = lib.mkIf (lib.elem "media_repo" tasks) "512M";
+ max_avatar_size = lib.mkIf (lib.elem "media_repo" tasks) "512M";
+ max_image_pixels = lib.mkIf (lib.elem "media_repo" tasks) "250M";
+
+ max_pending_media_uploads = lib.mkIf (lib.elem "media_repo" tasks) 512;
+ dynamic_thumbnails = lib.mkIf (lib.elem "media_repo" tasks) true;
+
+ prevent_media_downloads_from = lib.mkIf (lib.elem "media_repo" tasks) [
+ # none, give me all the media
+ ];
+ enable_authenticated_media = lib.mkIf (lib.elem "media_repo" tasks) false;
+
+ url_preview_enabled = lib.mkIf (lib.elem "media_repo" tasks) true;
+ max_spider_size = lib.mkIf (lib.elem "media_repo" tasks) "50M";
+ #endregion
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/auth.nix b/modules/software-templates/synapse-workers/generic/auth.nix
new file mode 100644
index 0000000..47064be
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/auth.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "solo";
+ workers = lib.range 0 (cfg.authWorkers - 1);
+ workerName = "auth";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.auth;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.authWorkers > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/client-reader.nix b/modules/software-templates/synapse-workers/generic/client-reader.nix
new file mode 100644
index 0000000..9072988
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/client-reader.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "medium";
+ workers = lib.range 0 (cfg.clientReaders - 1);
+ workerName = "client_reader";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.clientReader;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.clientReaders > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/event-creator.nix b/modules/software-templates/synapse-workers/generic/event-creator.nix
new file mode 100644
index 0000000..e035405
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/event-creator.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "medium";
+ workers = lib.range 0 (cfg.eventCreators - 1);
+ workerName = "event_creator";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.eventCreator;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.eventCreators > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/federation-inbound.nix b/modules/software-templates/synapse-workers/generic/federation-inbound.nix
new file mode 100644
index 0000000..af18e8e
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/federation-inbound.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "medium";
+ workers = lib.range 0 (cfg.federationReaders - 1);
+ workerName = "federation_inbound";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.federationInbound;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.federationInboundWorkers > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/federation-reader.nix b/modules/software-templates/synapse-workers/generic/federation-reader.nix
new file mode 100644
index 0000000..09e8419
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/federation-reader.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "medium";
+ workers = lib.range 0 (cfg.federationReaders - 1);
+ workerName = "federation_reader";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.federationReader;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.federationReaders > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/federation-sender.nix b/modules/software-templates/synapse-workers/generic/federation-sender.nix
new file mode 100644
index 0000000..bf6cf51
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/federation-sender.nix
@@ -0,0 +1,131 @@
+{ config, lib, ... }:
+let
+ cfg = config.services.matrix-synapse;
+ dbGroup = "medium";
+ workers = lib.range 0 (cfg.federationSenders - 1);
+ workerName = "federation_sender";
+ tasks = [ ];
+ workerRoutes = {};
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.federationSenders > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ # Federation sender
+ send_federation = lib.mkIf (lib.elem "federation_sender" tasks) false;
+ federation_sender_instances = lib.mkIf (lib.elem "federation_sender" tasks) [ workerName ];
+ outbound_federation_restricted_to = lib.mkIf (lib.elem "federation_sender" tasks) [ workerName ];
+ worker_replication_secret = "${workerName}_secret";
+
+ # Pusher
+ pusher_instances = lib.optional (lib.elem "pusher" tasks) "${workerName}";
+
+ # Media repo
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+
+ # Media repo
+ enable_media_repo = lib.elem "media_repo" tasks;
+ rc_federation = {
+ window_size = 1;
+ sleep_limit = 1000;
+ sleep_delay = 1;
+ reject_limit = 1000;
+ concurrent = 100;
+ };
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/media-repo.nix b/modules/software-templates/synapse-workers/generic/media-repo.nix
new file mode 100644
index 0000000..d9db8cf
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/media-repo.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "solo";
+ workers = lib.range 0 (cfg.mediaRepoWorkers - 1);
+ workerName = "media_repo";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.mediaRepo;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.mediaRepoWorkers > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/pusher.nix b/modules/software-templates/synapse-workers/generic/pusher.nix
new file mode 100644
index 0000000..8c6b697
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/pusher.nix
@@ -0,0 +1,112 @@
+{ config, lib, ... }:
+let
+ cfg = config.services.matrix-synapse;
+ dbGroup = "small";
+ workers = lib.range 0 (cfg.pushers - 1);
+ workerName = "pusher";
+ tasks = [ ];
+ workerRoutes = {};
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.pushers > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ pusher_instances = lib.mkIf (lib.elem "pusher" tasks) "${workerName}";
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/generic/sync.nix b/modules/software-templates/synapse-workers/generic/sync.nix
new file mode 100644
index 0000000..eb47e59
--- /dev/null
+++ b/modules/software-templates/synapse-workers/generic/sync.nix
@@ -0,0 +1,113 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ./lib.nix;
+ dbGroup = "medium";
+ workers = lib.range 0 (cfg.syncWorkers - 1);
+ workerName = "sync";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.sync;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.syncWorkers > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}";
+ enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ client_max_body_size 512M;
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/lib.nix b/modules/software-templates/synapse-workers/lib.nix
new file mode 100644
index 0000000..c99e2ef
--- /dev/null
+++ b/modules/software-templates/synapse-workers/lib.nix
@@ -0,0 +1,147 @@
+{
+ workerRoutes = {
+ sync.client = [
+ "~ ^/_matrix/client/(v2_alpha|r0|v3)/sync$"
+ "~ ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$"
+ "~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$"
+ "~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$"
+ "~ ^/_matrix/client/unstable/org.matrix.simplified_msc3575/sync$"
+ ];
+
+ clientReader.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state(/|$)"
+ "~ ^/_matrix/client/v1/rooms/.*/hierarchy$"
+ "~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/"
+ "~ ^/_matrix/client/v1/rooms/.*/threads$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases"
+ "~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search"
+ "~ ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/notifications$"
+ # e2ee
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$"
+
+ # unstable
+ "~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$"
+
+ # auth
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$"
+ "~ ^/_matrix/client/versions$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/register$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/register/available$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$"
+ ];
+
+ eventCreator.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/knock/"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/"
+ ];
+
+ federationInbound.federation = [
+ "~ ^/_matrix/federation/(v1|v2)/send/"
+ ];
+
+ federationReader.federation = [
+ "~ ^/_matrix/federation/(v1|v2)/event/"
+ "~ ^/_matrix/federation/(v1|v2)/state/"
+ "~ ^/_matrix/federation/(v1|v2)/state_ids/"
+ "~ ^/_matrix/federation/(v1|v2)/backfill/"
+ "~ ^/_matrix/federation/(v1|v2)/get_missing_events/"
+ "~ ^/_matrix/federation/(v1|v2)/publicRooms"
+ "~ ^/_matrix/federation/(v1|v2)/query/"
+ "~ ^/_matrix/federation/(v1|v2)/make_join/"
+ "~ ^/_matrix/federation/(v1|v2)/make_leave/"
+ "~ ^/_matrix/federation/(v1|v2)/send_join/"
+ "~ ^/_matrix/federation/(v1|v2)/send_leave/"
+ "~ ^/_matrix/federation/v1/make_knock/"
+ "~ ^/_matrix/federation/v1/send_knock/"
+ "~ ^/_matrix/federation/(v1|v2)/invite/" # Needs special handling, define manually
+ "~ ^/_matrix/federation/(v1|v2)/query_auth/"
+ "~ ^/_matrix/federation/(v1|v2)/event_auth/"
+ "~ ^/_matrix/federation/v1/timestamp_to_event/"
+ "~ ^/_matrix/federation/(v1|v2)/exchange_third_party_invite/"
+ "~ ^/_matrix/federation/(v1|v2)/user/devices/"
+ "~ ^/_matrix/federation/(v1|v2)/get_groups_publicised$"
+ "~ ^/_matrix/key/v2/query"
+ # extra
+ "~ ^/_matrix/key/v2/server$"
+ ];
+
+ mediaRepo.media = [
+ "~ ^/_matrix/client/v1/media/"
+ "~ ^/_matrix/federation/v1/media/"
+ "~ ^/_synapse/admin/v1/purge_media_cache$"
+ "~ ^/_synapse/admin/v1/room/.*/media.*$"
+ "~ ^/_synapse/admin/v1/user/.*/media.*$"
+ "~ ^/_synapse/admin/v1/users/.*/media$"
+ "~ ^/_synapse/admin/v1/media/.*$"
+ "~ ^/_synapse/admin/v1/quarantine_media/.*$"
+ "~ ^/_matrix/media/"
+ ];
+
+ auth.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$"
+ "~ ^/_matrix/client/versions$"
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/register$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/register/available$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$"
+ "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$"
+ ];
+
+ typing.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing"
+ ];
+
+ toDevice.client = [
+ "~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/"
+ ];
+
+ receipts.client = [
+ "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt"
+ "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers"
+ ];
+
+ pushRules.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/"
+ ];
+
+ presence.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/"
+ ];
+
+ accountData.client = [
+ "~ ^/_matrix/client/(r0|v3|unstable)/account_data"
+ "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/account_data"
+ "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/tags"
+ ];
+
+ userDirectory.client = [
+ "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/user_directory/search$"
+
+ #profile
+ "~ ^/_matrix/client/v3/profile/.*$"
+ "~ ^/_matrix/client/v3/profile/.*/(displayname|avatar_url)$"
+ ];
+ };
+}
diff --git a/modules/software-templates/synapse-workers/module.nix b/modules/software-templates/synapse-workers/module.nix
new file mode 100644
index 0000000..b1d0ced
--- /dev/null
+++ b/modules/software-templates/synapse-workers/module.nix
@@ -0,0 +1,108 @@
+{ config, lib, ... }:
+let
+ cfg = config.services.matrix-synapse;
+ mkIntOption =
+ description:
+ lib.mkOption {
+ type = lib.types.int;
+ default = 0;
+ description = description;
+ };
+in
+{
+ imports = [
+ ];
+ options.services.matrix-synapse = {
+ enableWorkers = lib.mkEnableOption "Enable dedicated workers";
+ enableStreamWriters = lib.mkEnableOption "Enable stream writers";
+ enableAppserviceWorker = lib.mkEnableOption "Enable dedicated appservice worker";
+ enableBackgroundWorker = lib.mkEnableOption "Enable dedicated background task worker";
+ enableUserDirWorker = lib.mkEnableOption "Enable dedicated user directory worker";
+
+ authWorkers = mkIntOption "Number of auth workers";
+ clientReaders = mkIntOption "Number of client readers";
+ eventCreators = mkIntOption "Number of auth workers";
+ federationInboundWorkers = mkIntOption "Number of federation inbound workers";
+ federationReaders = mkIntOption "Number of federation readers";
+ federationSenders = mkIntOption "Number of federation senders";
+ mediaRepoWorkers = mkIntOption "Number of media repo workers";
+ pushers = mkIntOption "Number of pushers";
+ syncWorkers = mkIntOption "Number of sync workers";
+
+ #stream writers
+ eventStreamWriters = mkIntOption "Number of event stream writers";
+ typingStreamWriters = mkIntOption "Number of typing stream writers";
+ toDeviceStreamWriters = mkIntOption "Number of to_device stream writers";
+ accountDataStreamWriters = mkIntOption "Number of account data stream writers";
+ receiptStreamWriters = mkIntOption "Number of read receipt stream writers";
+ presenceStreamWriters = mkIntOption "Number of presence stream writers";
+ pushRuleStreamWriters = mkIntOption "Number of push rule stream writers";
+
+ sharedStreamWriters = mkIntOption "Number of shared stream writers";
+
+ nginxVirtualHostName = lib.mkOption {
+ type = lib.types.str;
+ default = null;
+ description = "The virtual host name for the nginx server";
+ };
+
+ allowedRemoteInviteOrigins = lib.mkOption {
+ type = lib.types.listOf lib.types.str;
+ default = [ ];
+ description = "List of allowed remote invite origins";
+ };
+ };
+
+ config = {
+ assertions =
+ [
+ {
+ assertion = cfg.enableWorkers -> cfg.nginxVirtualHostName != null;
+ message = "nginxVirtualHostName must be set when enableWorkers is true";
+ }
+ ]
+ ++ lib.optionals (cfg.settings ? stream_writers) [
+ # Stream types and count limitations: https://github.com/element-hq/synapse/blob/develop/synapse/config/workers.py#L344
+ {
+ assertion = cfg.settings.stream_writers ? typing -> lib.length cfg.settings.stream_writers.typing <= 1;
+ message = "Only one typing stream writer is supported";
+ }
+ {
+ assertion = cfg.settings.stream_writers ? to_device -> lib.length cfg.settings.stream_writers.to_device <= 1;
+ message = "Only one to_device stream writer is supported";
+ }
+ {
+ assertion = cfg.settings.stream_writers ? account_data -> lib.length cfg.settings.stream_writers.account_data <= 1;
+ message = "Only one account data stream writer is supported";
+ }
+ # This may be outdated in the documentation...?
+ #{
+ # assertion = cfg.receiptStreamWriters <= 1;
+ # message = "Only one receipt stream writer is supported";
+ #}
+ {
+ assertion = cfg.settings.stream_writers ? presence -> lib.length cfg.settings.stream_writers.presence <= 1;
+ message = "Only one presence stream writer is supported";
+ }
+ {
+ assertion = cfg.settings.stream_writers ? push_rules -> lib.length cfg.settings.stream_writers.push_rules <= 1;
+ message = "Only one push rule stream writer is supported";
+ }
+ ];
+
+ # Matrix utility maps
+ services.nginx.appendHttpConfig = ''
+ # Map authorization header to origin name
+ map $http_authorization $mx_origin_name {
+ default "";
+ "~*X-Matrix origin=(?<origin>[^,]+)" $origin;
+ }
+
+ # Map origin name to whether it can invite
+ map $mx_origin_name $mx_can_invite {
+ default 0;
+ ${lib.concatMapStringsSep "\n" (origin: " \"${origin}\" 1;") cfg.allowedRemoteInviteOrigins}
+ }
+ '';
+ };
+}
diff --git a/modules/software-templates/synapse-workers/single/appservice.nix b/modules/software-templates/synapse-workers/single/appservice.nix
new file mode 100644
index 0000000..03a080b
--- /dev/null
+++ b/modules/software-templates/synapse-workers/single/appservice.nix
@@ -0,0 +1,77 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "small";
+ workerName = "appservice";
+ tasks = [ "appservice" ];
+ workerRoutes = {};
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (lib.length tasks > 0) {
+ monitoring.synapse.workerNames = [ workerName ];
+ services.matrix-synapse = {
+ settings = {
+ instance_map = {
+ ${workerName} = {
+ path = "/run/matrix-synapse/${workerName}.sock";
+ };
+ };
+
+ run_background_tasks_on = lib.mkIf (lib.elem "background" tasks) workerName;
+ notify_appservices_from_worker = lib.mkIf (lib.elem "appservice" tasks) workerName;
+ update_user_directory_from_worker = lib.mkIf (lib.elem "user_directory" tasks) workerName;
+ };
+
+ workers = {
+ ${workerName} = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+
+ database = (import ../../db.nix { inherit workerName dbGroup; });
+ };
+ };
+ };
+
+ services.nginx = {
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/single/background.nix b/modules/software-templates/synapse-workers/single/background.nix
new file mode 100644
index 0000000..741b88c
--- /dev/null
+++ b/modules/software-templates/synapse-workers/single/background.nix
@@ -0,0 +1,77 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "small";
+ workerName = "background";
+ tasks = [ "background" ];
+ workerRoutes = { };
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (lib.length tasks > 0) {
+ monitoring.synapse.workerNames = [ workerName ];
+ services.matrix-synapse = {
+ settings = {
+ instance_map = {
+ ${workerName} = {
+ path = "/run/matrix-synapse/${workerName}.sock";
+ };
+ };
+
+ run_background_tasks_on = lib.mkIf (lib.elem "background" tasks) workerName;
+ notify_appservices_from_worker = lib.mkIf (lib.elem "appservice" tasks) workerName;
+ update_user_directory_from_worker = lib.mkIf (lib.elem "user_directory" tasks) workerName;
+ };
+
+ workers = {
+ ${workerName} = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+
+ database = (import ../../db.nix { inherit workerName dbGroup; });
+ };
+ };
+ };
+
+ services.nginx = {
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/single/user-dir.nix b/modules/software-templates/synapse-workers/single/user-dir.nix
new file mode 100644
index 0000000..97ddf26
--- /dev/null
+++ b/modules/software-templates/synapse-workers/single/user-dir.nix
@@ -0,0 +1,77 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "small";
+ workerName = "user_dir";
+ tasks = [ "user_directory" ];
+ workerRoutes = workerLib.workerRoutes.userDirectory;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (lib.length tasks > 0) {
+ monitoring.synapse.workerNames = [ workerName ];
+ services.matrix-synapse = {
+ settings = {
+ instance_map = {
+ ${workerName} = {
+ path = "/run/matrix-synapse/${workerName}.sock";
+ };
+ };
+
+ run_background_tasks_on = lib.mkIf (lib.elem "background" tasks) workerName;
+ notify_appservices_from_worker = lib.mkIf (lib.elem "appservice" tasks) workerName;
+ update_user_directory_from_worker = lib.mkIf (lib.elem "user_directory" tasks) workerName;
+ };
+
+ workers = {
+ ${workerName} = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+
+ database = (import ../../db.nix { inherit workerName dbGroup; });
+ };
+ };
+ };
+
+ services.nginx = {
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock";
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix
new file mode 100644
index 0000000..3f8363a
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix
@@ -0,0 +1,130 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "medium";
+# streamWriterType = "account_data";
+ workers = lib.range 0 (cfg.accountDataStreamWriters - 1);
+ workerName = "account_data_stream_writer";
+ tasks = [ "stream_account_data" ];
+ workerRoutes = workerLib.workerRoutes.accountData;
+in
+let
+ enabledResources = lib.attrNames workerRoutes;
+ streamTypes = []
+ ++ lib.optional (lib.elem "stream_account_data" tasks) "account_data"
+ ++ lib.optional (lib.elem "stream_presence" tasks) "presence"
+ ++ lib.optional (lib.elem "stream_push_rules" tasks) "push_rules"
+ ++ lib.optional (lib.elem "stream_to_device" tasks) "to_device"
+ ++ lib.optional (lib.elem "stream_typing" tasks) "typing"
+ ++ lib.optional (lib.elem "stream_receipts" tasks) "receipts"
+ ++ lib.optional (lib.elem "stream_events" tasks) "events";
+in
+{
+ config = lib.mkIf (cfg.accountDataStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ #stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+# stream_writers = lib.listToA
+ # map `streams` to `workers`
+ stream_writers = lib.listToAttrs (
+ lib.map (stream: {
+ name = stream;
+ value = lib.map (index: "${workerName}-${toString index}") workers;
+ }) streamTypes
+ );
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix
new file mode 100644
index 0000000..6abce3f
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix
@@ -0,0 +1,111 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ dbGroup = "medium";
+ streamWriterType = "events";
+ workers = lib.range 0 (cfg.eventStreamWriters - 1);
+ workerName = "event_stream_writer";
+ tasks = [ ];
+ workerRoutes = {};
+ enabledResources = [];
+in
+{
+ config = lib.mkIf (cfg.eventStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix
new file mode 100644
index 0000000..052f037
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix
@@ -0,0 +1,112 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "medium";
+ streamWriterType = "presence";
+ workers = lib.range 0 (cfg.presenceStreamWriters - 1);
+ workerName = "presence_stream_writer";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.presence;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.presenceStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix
new file mode 100644
index 0000000..6bba28d
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix
@@ -0,0 +1,112 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "medium";
+ streamWriterType = "push_rules";
+ workers = lib.range 0 (cfg.pushRuleStreamWriters - 1);
+ workerName = "push_rule_stream_writer";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.pushRules;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.pushRuleStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix
new file mode 100644
index 0000000..37a5287
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix
@@ -0,0 +1,112 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "medium";
+ streamWriterType = "receipts";
+ workers = lib.range 0 (cfg.receiptStreamWriters - 1);
+ workerName = "receipts_stream_writer";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.receipts;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.receiptStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix
new file mode 100644
index 0000000..eb01af9
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix
@@ -0,0 +1,112 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "medium";
+ streamWriterType = "to_device";
+ workers = lib.range 0 (cfg.toDeviceStreamWriters - 1);
+ workerName = "to_device_stream_writer";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.toDevice;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.toDeviceStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix
new file mode 100644
index 0000000..dadc34a
--- /dev/null
+++ b/modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix
@@ -0,0 +1,112 @@
+{ config, lib, ... }:
+
+let
+ cfg = config.services.matrix-synapse;
+ workerLib = import ../lib.nix;
+ dbGroup = "medium";
+ streamWriterType = "typing";
+ workers = lib.range 0 (cfg.typingStreamWriters - 1);
+ workerName = "typing_stream_writer";
+ tasks = [ ];
+ workerRoutes = workerLib.workerRoutes.typing;
+ enabledResources = lib.attrNames workerRoutes;
+in
+{
+ config = lib.mkIf (cfg.typingStreamWriters > 0) {
+ monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers;
+ services.matrix-synapse = {
+ settings = {
+ instance_map = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ };
+ }) workers
+ );
+
+ stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers;
+ };
+
+ workers = lib.listToAttrs (
+ lib.map (index: {
+ name = "${workerName}-${toString index}";
+ value = {
+ worker_app = "synapse.app.generic_worker";
+ worker_listeners =
+ [
+ {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${toString index}.sock";
+ resources = [
+ {
+ names = [ "replication" ];
+ compress = false;
+ }
+ ];
+ }
+ ]
+ ++ lib.map (type: {
+ type = "http";
+ path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ mode = "666";
+ resources = [
+ {
+ names = [ type ];
+ compress = false;
+ }
+ ];
+ }) enabledResources;
+ database = (
+ import ../../db.nix {
+ inherit dbGroup;
+ workerName = "${workerName}-${toString index}";
+ }
+ );
+ };
+ }) workers
+ );
+ };
+
+ services.nginx = {
+ upstreams = lib.listToAttrs (
+ lib.map (type: {
+ name = "${workerName}-${type}";
+ value = {
+ extraConfig = ''
+ keepalive 32;
+ least_conn;
+ '';
+ servers = lib.listToAttrs (
+ lib.map (index: {
+ name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock";
+ value = {
+ max_fails = 0;
+ fail_timeout = "0s";
+ };
+ }) workers
+ );
+ };
+ }) enabledResources
+ );
+
+ virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs (
+ lib.flatten (
+ lib.forEach enabledResources (
+ type:
+ lib.map (route: {
+ name = route;
+ value = {
+ proxyPass = "http://${workerName}-${type}";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Connection "";
+ '';
+ };
+ }) workerRoutes.${type}
+ )
+ )
+ );
+ };
+ };
+}
diff --git a/modules/users/Alice.nix b/modules/users/Alice.nix
index b3a3cb8..7692950 100755
--- a/modules/users/Alice.nix
+++ b/modules/users/Alice.nix
@@ -9,6 +9,8 @@
group = "Alice";
home = "/group/bugmine-contrib";
shell = "${pkgs.git}/bin/git-shell";
- openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn" ];
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn"
+ ];
};
}
diff --git a/modules/users/Arci.nix b/modules/users/Arci.nix
new file mode 100644
index 0000000..f5e747d
--- /dev/null
+++ b/modules/users/Arci.nix
@@ -0,0 +1,200 @@
+{ lib, pkgs, ... }:
+
+{
+ users.users.Arci = {
+ isNormalUser = true;
+ extraGroups = [
+ "wheel"
+ "libvirtd"
+ "ocp"
+ ];
+ packages = with pkgs; [
+ lnav
+ age
+ git
+ lsd
+ duf
+ (btop.override { rocmSupport = true; })
+ htop
+ kitty.terminfo
+ tmux
+ jq
+ dig
+
+ # - zsh
+ zsh
+ zsh-powerlevel10k
+ zsh-nix-shell
+ zsh-you-should-use
+ zsh-syntax-highlighting
+ zsh-completions
+
+ wireguard-tools
+ ];
+ openssh.authorizedKeys.keys = [
+ ];
+ useDefaultShell = true;
+ shell = pkgs.zsh;
+ };
+ programs.zsh.enable = true;
+ environment.shells = with pkgs; [ zsh ];
+
+ home-manager.users.Arci = {
+ home.preferXdgDirectories = true;
+ home.sessionVariables = {
+ EDITOR = "nvim";
+ SYSTEMD_EDITOR = "nvim";
+ GIT_EDITOR = "nvim";
+ QT_QPA_PLATFORMTHEME = "xdgdesktopportal";
+ GTK_USE_PORTAL = "1";
+ _JAVA_AWT_WM_NONREPARENTING = "1";
+ WINEDEBUG = "-all";
+ CHOKIDAR_USEPOLLING = "true";
+ MSBUILDLIVELOGGER = "auto";
+ DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER = "1";
+ DOTNET_CLI_TELEMETRY_OPTOUT = "1";
+ NIXPKGS_ALLOW_UNFREE = "1";
+ MOZ_USE_XINPUT2 = "1";
+ };
+ programs = {
+ git = {
+ enable = true;
+ userName = "Rory&";
+ userEmail = "root@rory.gay";
+ extraConfig = {
+ safe = {
+ directory = "/";
+ };
+ };
+ };
+ zsh = {
+ enable = true;
+ #enableAutosuggestions = true;
+ autosuggestion.enable = true;
+ enableVteIntegration = true;
+ autocd = true;
+
+ initExtraFirst = ''
+ export EDITOR=nvim
+ export SYSTEMD_EDITOR=$EDITOR
+ export GIT_EDITOR=$EDITOR
+ export QT_QPA_PLATFORMTHEME=xdgdesktopportal
+ export GTK_USE_PORTAL=1
+ export _JAVA_AWT_WM_NONREPARENTING=1
+ export WINEDEBUG=-all
+ export DOTPROFILE_LOADED='yes'
+ export CHOKIDAR_USEPOLLING=true
+ export MSBUILDLIVELOGGER=auto
+ export DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER=1
+ export DOTNET_CLI_TELEMETRY_OPTOUT=1
+ function mkkey() {
+ echo "Making key for $1"
+ ssh-keygen -t ed25519 -C "$HOST -> $1" -f ~/.ssh/id_ed25519_$1
+ (
+ echo "Host $1"
+ echo " IdentityFile ~/.ssh/id_ed25519_$1"
+ ) >> ~/.ssh/config
+ echo 'Done! Public key:'
+ cat ~/.ssh/id_ed25519_$1.pub
+ }
+
+ export DISABLE_AUTO_UPDATE=true
+ COMPLETION_WAITING_DOTS="true"
+ '';
+ initExtra = ''
+ alias mv='mv -v'
+ alias pre='npx prettier -w'
+ alias git-commit='git commit --signoff --sign'
+ alias npm='NODE_OPTIONS=--openssl-legacy-provider npm'
+ alias npx='NODE_OPTIONS=--openssl-legacy-provider npx'
+ alias yarn='NODE_OPTIONS=--openssl-legacy-provider npx -y yarn --use-yarnrc $XDG_CONFIG_HOME/yarn/config'
+ alias node='NODE_OPTIONS=--openssl-legacy-provider node'
+ # - dotnet
+ alias drun='dotnet watch run --no-hot-reload --property WarningLevel=0'
+ alias dbuild='dotnet watch build --no-hot-reload --property WarningLevel=0'
+ alias ls='lsd -lAhF --color=always --icon=always'
+ alias transfetch='neofetch --kitty ~/trans_witch.jpg'
+ alias gc='git-commit'
+ [ -f "$HOME/.profile" ] && . $HOME/.profile
+ '';
+ #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig'
+ oh-my-zsh = {
+ enable = true;
+ plugins = [
+ "git"
+ "sudo"
+ ];
+ };
+
+ plugins = [
+ {
+ name = "powerlevel10k";
+ src = pkgs.zsh-powerlevel10k;
+ file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
+ }
+ {
+ name = "powerlevel10k-config";
+ src = lib.cleanSource ./Rory;
+ file = "p10k.zsh";
+ }
+ {
+ name = "zsh-syntax-highlighting";
+ src = pkgs.zsh-syntax-highlighting;
+ file = "share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh";
+ }
+ {
+ name = "zsh-autosuggestions";
+ src = pkgs.zsh-autosuggestions;
+ file = "share/zsh-autosuggestions/zsh-autosuggestions.zsh";
+ }
+ ];
+
+ localVariables = {
+ POWERLEVEL9K_LEFT_PROMPT_ELEMENTS = [
+ "os_icon"
+ "dir"
+ "vcs"
+ "prompt_char"
+ ];
+ POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS = [
+ "status"
+ "command_execution_time"
+ "background_jobs"
+ "direnv"
+ "virtualenv"
+ "pyenv"
+ "nodeenv"
+ "context"
+ "nix_shell"
+ "vi_mode"
+ "load"
+ "disk_usage"
+ "ram"
+ ];
+ POWERLEVEL9K_MODE = "nerdfont-complete";
+ POWERLEVEL9K_ICON_PADDING = "none";
+ POWERLEVEL9K_PROMPT_ADD_NEWLINE = "false";
+ POWERLEVEL9K_LEFT_SUBSEGMENT_SEPARATOR = "\uE0B1";
+ POWERLEVEL9K_RIGHT_SUBSEGMENT_SEPARATOR = "\uE0B3";
+ POWERLEVEL9K_LEFT_SEGMENT_SEPARATOR = "\uE0B0";
+ POWERLEVEL9K_RIGHT_SEGMENT_SEPARATOR = "\uE0B2";
+ POWERLEVEL9K_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL = "\uE0B0";
+ POWERLEVEL9K_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL = "\uE0B2";
+ POWERLEVEL9K_PROMPT_CHAR_OVERWRITE_STATE = true;
+ };
+ };
+ neovim = {
+ defaultEditor = true;
+ viAlias = true;
+ vimAlias = true;
+ vimdiffAlias = true;
+ coc = {
+ enable = true;
+
+ };
+ };
+ };
+
+ home.stateVersion = "22.11";
+ };
+}
diff --git a/modules/users/Rory.client.nix b/modules/users/Rory.client.nix
index fb6ad88..ede12df 100755
--- a/modules/users/Rory.client.nix
+++ b/modules/users/Rory.client.nix
@@ -35,7 +35,7 @@
#
# Install = { WantedBy = [ "default.target" ]; };
#
- # Service = {
+ # Service = {
# ExecStart = "${pkgs.keepassxc}/bin/keepassxc ~/.secrets.kdbx";
# Restart = "always";
# };
@@ -50,7 +50,7 @@
#
# Install = { WantedBy = [ "default.target" ]; };
#
- # Service = {
+ # Service = {
# ExecStart = "${pkgs.easyeffects}/bin/easyeffects";
# Restart = "always";
# };
diff --git a/modules/users/Rory.nix b/modules/users/Rory.nix
index a1007fc..9667a3b 100755
--- a/modules/users/Rory.nix
+++ b/modules/users/Rory.nix
@@ -7,6 +7,7 @@
"wheel"
"libvirtd"
"ocp"
+ "networkmanager"
];
packages = with pkgs; [
lnav
@@ -14,7 +15,7 @@
git
lsd
duf
- (btop.override { rocmSupport = true; })
+ btop
htop
kitty.terminfo
tmux
@@ -35,6 +36,7 @@
#"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICT+53Hy3wbIlNVIomK2RroaimMWrTlUkndjHt1dFuyh root@pfSense-arcane-home.localdomain"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILF2IuNu//0DP/wKMuDvBgVT3YBS2uULsipbdrhJCTM7 thearcanebrony@tab-linux-desktop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/kNkY/E5b6rvCQLMaSbpLQ/xoyywIwVVu9uo2j/B6p Rory@RoryNix"
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0SOsjSqU9nIVH2hdB81InGytIRrBvjC4QqM7g+hBZX Rory@Arc"
];
useDefaultShell = true;
shell = pkgs.zsh;
@@ -42,6 +44,13 @@
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
+ virtualisation.vmVariant = {
+ users = {
+ mutableUsers = false;
+ users.Rory.password = "password";
+ };
+ };
+
home-manager.users.Rory = {
home.preferXdgDirectories = true;
home.sessionVariables = {
@@ -77,7 +86,7 @@
enableVteIntegration = true;
autocd = true;
- initExtraFirst = ''
+ initContent = lib.mkBefore ''
export EDITOR=nvim
export SYSTEMD_EDITOR=$EDITOR
export GIT_EDITOR=$EDITOR
@@ -116,8 +125,15 @@
alias drun='dotnet watch run --no-hot-reload --property WarningLevel=0'
alias dbuild='dotnet watch build --no-hot-reload --property WarningLevel=0'
alias ls='lsd -lAhF --color=always --icon=always'
- alias transfetch='neofetch --kitty ~/trans_witch.jpg'
+ alias tree='lsd --tree'
+ alias lstree='ls --tree --total-size --sort=size'
+ #alias transfetch='neofetch --kitty ~/trans_witch.jpg'
alias gc='git-commit'
+ alias yt-dlp='nix run ${pkgs.path}\#yt-dlp --'
+ alias ytdl='nix run ${pkgs.path}\#yt-dlp -- -k --console-title --print-traffic'
+ alias ytdl-mp3='nix run ${pkgs.path}\#yt-dlp -- -k --console-title --print-traffic -x --audio-quality 0 --audio-format mp3 -i'
+ alias ytdl-mp3l='nix run ${pkgs.path}\#yt-dlp -- --console-title -x --audio-quality 0 --audio-format mp3 -o "%%(playlist)s/%%(playlist_index)s. %%(title)s.%%(ext)s" --download-archive archive.txt --embed-thumbnail --add-metadata -R 100 --http-chunk-size 64M --buffer-size 64M -i'
+
[ -f "$HOME/.profile" ] && . $HOME/.profile
'';
#alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig'
@@ -193,7 +209,6 @@
vimdiffAlias = true;
coc = {
enable = true;
-
};
};
};
diff --git a/modules/users/chris.nix b/modules/users/chris.nix
index 9df69a8..43399ac 100755
--- a/modules/users/chris.nix
+++ b/modules/users/chris.nix
@@ -4,12 +4,17 @@
users.users.chris = {
isNormalUser = true;
- extraGroups = [ "wheel" ];
+ extraGroups = [
+ "wheel"
+ "dialout"
+ ];
packages = with pkgs; [
nano
#nodejs-slim
];
#initialPassword = "password";
- openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI" ];
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI"
+ ];
};
}
diff --git a/modules/users/db2k.nix b/modules/users/db2k.nix
index 8bc43e2..3e5addb 100755
--- a/modules/users/db2k.nix
+++ b/modules/users/db2k.nix
@@ -8,6 +8,8 @@
group = "db2k";
home = "/data/nginx/html_git/.ocp";
shell = "${pkgs.git}/bin/git-shell";
- openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfXA4Oh0LZqY8LAS/lnANKVDBlemHGPWdtep1GE/LId garyzipperer09@gmail.com" ];
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfXA4Oh0LZqY8LAS/lnANKVDBlemHGPWdtep1GE/LId garyzipperer09@gmail.com"
+ ];
};
}
diff --git a/modules/users/ks.nix b/modules/users/ks.nix
index 0e2d36c..ea2eb10 100755
--- a/modules/users/ks.nix
+++ b/modules/users/ks.nix
@@ -9,7 +9,9 @@
"ocp"
];
#initialPassword = "password";
- openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUDh1WPUF6mPQ1E38ozUjY/DZhEbwZL37eZ51DgpuLo ks" ];
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUDh1WPUF6mPQ1E38ozUjY/DZhEbwZL37eZ51DgpuLo ks"
+ ];
};
home-manager.users.ks = {
|