summary refs log tree commit diff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rwxr-xr-xmodules/base-client.nix7
-rwxr-xr-xmodules/base-server.nix59
-rwxr-xr-xmodules/base.nix59
-rwxr-xr-xmodules/environments/home.nix52
-rwxr-xr-xmodules/expose-vmvariant.nix22
-rw-r--r--modules/hardware/google-stadia-controller.nix24
-rw-r--r--modules/monitoring/crutches/synapse.nix4
-rw-r--r--modules/monitoring/module.nix8
-rw-r--r--modules/monitoring/postgres.nix4
-rw-r--r--modules/monitoring/synapse.nix8
-rw-r--r--modules/monitoring/system.nix6
-rw-r--r--modules/packages/dotnet-pack.nix18
-rwxr-xr-xmodules/packages/gitfs.nix17
-rw-r--r--modules/packages/mtxclient-git.nix65
-rw-r--r--modules/packages/nginx/mime.types1028
-rw-r--r--modules/packages/nheko-git.nix105
-rw-r--r--modules/packages/overlays/haskell/basement/IntWord64.nix14
-rw-r--r--modules/packages/overlays/haskell/basement/IntWord64.patch105
-rwxr-xr-xmodules/packages/vim.nix29
-rw-r--r--modules/packages/xdg-desktop-portal-gtk.nix63
-rw-r--r--modules/software-templates/dotnet.client.nix21
-rw-r--r--modules/software-templates/dotnet.nix4
-rw-r--r--modules/software-templates/firefox-policy.nix4
-rw-r--r--modules/software-templates/profilers.nix6
-rw-r--r--modules/software-templates/spacebar-server-ts/module.nix11
-rw-r--r--modules/software-templates/steam.nix15
-rw-r--r--modules/software-templates/synapse-workers/generic.nix152
-rw-r--r--modules/software-templates/synapse-workers/generic/auth.nix113
-rw-r--r--modules/software-templates/synapse-workers/generic/client-reader.nix113
-rw-r--r--modules/software-templates/synapse-workers/generic/event-creator.nix113
-rw-r--r--modules/software-templates/synapse-workers/generic/federation-inbound.nix113
-rw-r--r--modules/software-templates/synapse-workers/generic/federation-reader.nix113
-rw-r--r--modules/software-templates/synapse-workers/generic/federation-sender.nix131
-rw-r--r--modules/software-templates/synapse-workers/generic/media-repo.nix113
-rw-r--r--modules/software-templates/synapse-workers/generic/pusher.nix112
-rw-r--r--modules/software-templates/synapse-workers/generic/sync.nix113
-rw-r--r--modules/software-templates/synapse-workers/lib.nix147
-rw-r--r--modules/software-templates/synapse-workers/module.nix108
-rw-r--r--modules/software-templates/synapse-workers/single/appservice.nix77
-rw-r--r--modules/software-templates/synapse-workers/single/background.nix77
-rw-r--r--modules/software-templates/synapse-workers/single/user-dir.nix77
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix130
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix111
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix112
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix112
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix112
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix112
-rw-r--r--modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix112
-rwxr-xr-xmodules/users/Alice.nix4
-rw-r--r--modules/users/Arci.nix200
-rwxr-xr-xmodules/users/Rory.client.nix4
-rwxr-xr-xmodules/users/Rory.nix23
-rwxr-xr-xmodules/users/chris.nix9
-rwxr-xr-xmodules/users/db2k.nix4
-rwxr-xr-xmodules/users/ks.nix4
55 files changed, 2906 insertions, 1573 deletions
diff --git a/modules/base-client.nix b/modules/base-client.nix

index 6537f92..2a5c8e5 100755 --- a/modules/base-client.nix +++ b/modules/base-client.nix
@@ -31,19 +31,16 @@ sshfs # - gui utils - gnome-console nemo feh udisks gparted arandr - #discord-development - discord - gnome-screenshot ]; fonts.packages = with pkgs; [ - (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + #(nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + nerd-fonts.jetbrains-mono cozette ]; diff --git a/modules/base-server.nix b/modules/base-server.nix
index 7473513..ccf4a77 100755 --- a/modules/base-server.nix +++ b/modules/base-server.nix
@@ -39,10 +39,10 @@ kernelPackages = pkgs.linuxPackages_latest; loader = { grub = { - devices = [ "/dev/vda" ]; # nodev for EFI only + devices = lib.mkIf (config.fileSystems ? "/boot") [ "nodev" ]; # EFI - efiSupport = false; - efiInstallAsRemovable = false; + efiSupport = config.fileSystems ? "/boot" && config.fileSystems."/boot".fsType == "vfat"; + efiInstallAsRemovable = config.fileSystems ? "/boot" && config.fileSystems."/boot".fsType == "vfat"; }; timeout = 1; }; @@ -51,17 +51,14 @@ networking = { hostName = lib.mkDefault "Rory-nix-base-server"; networkmanager.enable = false; - useNetworkd = true; wireless.enable = false; enableIPv6 = false; firewall = { enable = false; - # allowedTCPPorts = [ ... ]; - # allowedUDPPorts = [ ... ]; + allowedTCPPorts = [ 22 ]; }; useDHCP = false; - # nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; nameservers = [ "10.10.0.4" "10.10.0.5" @@ -70,8 +67,7 @@ "8.8.8.8" "8.4.4.8" ]; - resolvconf.enable = true; - defaultGateway = "192.168.1.1"; + defaultGateway = lib.mkDefault "192.168.1.1"; }; hardware.pulseaudio.enable = false; @@ -81,51 +77,6 @@ hardware.enableRedistributableFirmware = false; services = { -# prometheus = { -# exporters = { -# node = { -# enable = true; -# port = 9100; -# enabledCollectors = [ -# #"logind" #too slow -# "systemd" -# "processes" -# "interrupts" -# # Testing: -# "buddyinfo" -# "cgroups" -# "ksmd" -# "lnstat" -# "mountstats" -# "network_route" -# #"perf" # requires sysctl change -# "qdisc" -# "sysctl" -# "softirqs" -# "tcpstat" -# ]; -# disabledCollectors = [ -# "textfile" -# "xfs" -# "zfs" -# "selinux" -# "cpufreq" -# "btrfs" -# "powersupplyclass" -# "mdadm" -# "tapestats" -# "fibrechannel" -# "cpu_vulnerabilities" -# "watchdog" -# "thermal_zone" -# "logind" -# "nfs" -# "nfsd" -# "infiniband" -# ]; -# }; -# }; -# }; promtail = { enable = true; configuration = { diff --git a/modules/base.nix b/modules/base.nix
index 4cf2aff..44909aa 100755 --- a/modules/base.nix +++ b/modules/base.nix
@@ -1,11 +1,19 @@ -{ pkgs, lib, ... }: +{ + pkgs, + lib, + config, + ... +}: { imports = [ - ./packages/vim.nix + ./expose-vmvariant.nix + ../packages/vim.nix ./users/Rory.nix ./extra-substituters.nix ./monitoring/module.nix + + # ../packages/overlays/openvpn.nix # Temporary: Fix a build failure ]; boot = { @@ -57,28 +65,33 @@ hostName = lib.mkDefault "Rory-nix-base"; firewall = { enable = false; - # allowedTCPPorts = [ ... ]; - # allowedUDPPorts = [ ... ]; }; - nameservers = [ + nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; }; - environment.etc."resolv.conf".text = '' - nameserver 8.8.8.8 - nameserver 8.4.4.8 - nameserver 1.1.1.1 - nameserver 1.0.0.1 - ''; + + environment.etc."resolv.conf" = lib.mkDefault { + text = lib.concatStringsSep "\n" ( + lib.optionals (config.networking ? nameservers) (map (nameserver: "nameserver ${nameserver}") (config.networking.nameservers)) + #++ lib.optionals (config.networking ? enableIPv6 && !config.networking.enableIPv6) [ "options no-aaaa" ] + ++ lib.optionals (config.networking ? enableIPv6 && config.networking.enableIPv6) [ + "options single-request" + "options single-request-reopen" + "options inet6" + ] + ); + }; i18n.defaultLocale = "en_US.UTF-8"; services = { openssh = { enable = true; + settings.PermitRootLogin = "yes"; #allow more logins in cases where i have many ssh keys on a system extraConfig = '' MaxAuthTries 32 @@ -99,7 +112,7 @@ }; environment.systemPackages = with pkgs; [ - wget + #wget neofetch lnav pciutils @@ -110,17 +123,17 @@ btop duf kitty.terminfo - tmux + #tmux jq yq pv dig cloud-utils nix-output-monitor - expect + #expect unrar-wrapper - arch-install-scripts - debootstrap + #arch-install-scripts + #debootstrap file unzip brotli @@ -157,5 +170,17 @@ polkit.enable = true; sudo.wheelNeedsPassword = false; }; - + virtualisation.vmVariant = { + services.getty.autologinUser = "root"; + virtualisation = { + memorySize = 8192; + cores = 6; + msize = 1*1024*1024; + bios = pkgs.qboot; + }; + + monitoring.monitorAll = lib.mkForce false; + services.promtail.enable = lib.mkForce false; + networking.useDHCP = lib.mkOverride 51 true; + }; } diff --git a/modules/environments/home.nix b/modules/environments/home.nix
index 3fbf14e..cf9f841 100755 --- a/modules/environments/home.nix +++ b/modules/environments/home.nix
@@ -8,38 +8,40 @@ { nix = { distributedBuilds = true; - # - buildMachines = builtins.filter (machine: !builtins.any (ip: ip == machine.hostName) (builtins.map (iface: iface.ipv4.addresses) (builtins.attrValues config.networking.interfaces))) [ - { - systems = [ - "x86_64-linux" - "i686-linux" + # + buildMachines = + builtins.filter (machine: !builtins.any (ip: ip == machine.hostName) (builtins.map (iface: iface.ipv4.addresses) (builtins.attrValues config.networking.interfaces))) + [ + { + systems = [ + "x86_64-linux" + "i686-linux" + ]; + hostName = "192.168.0.3"; + sshUser = "Rory"; + sshKey = "/home/Rory/.ssh/id_ed25519"; + maxJobs = 6; + speedFactor = 43200; + } + { + systems = [ + "x86_64-linux" + "i686-linux" + ]; + hostName = "192.168.0.59"; + sshUser = "Rory"; + sshKey = "/home/Rory/.ssh/id_ed25519"; + maxJobs = 2; + speedFactor = 16000; + } ]; - hostName = "192.168.0.3"; - sshUser = "Rory"; - sshKey = "/home/Rory/.ssh/id_ed25519"; - maxJobs = 6; - speedFactor = 43200; - } - { - systems = [ - "x86_64-linux" - "i686-linux" - ]; - hostName = "192.168.0.59"; - sshUser = "Rory"; - sshKey = "/home/Rory/.ssh/id_ed25519"; - maxJobs = 2; - speedFactor = 16000; - } - ]; #ssh://Rory@192.168.0.3 x86_64-linux,i686-linux /home/Rory/.ssh/id_ed25519 12 1 - - - registry.nixpkgs.flake = pkgs; nixPath = [ "nixpkgs=flake:nixpkgs" ]; settings = { builders-use-substitutes = true; - #builders + #builders trusted-substituters = [ "https://nix-community.cachix.org" "https://cache.garnix.io" diff --git a/modules/expose-vmvariant.nix b/modules/expose-vmvariant.nix new file mode 100755
index 0000000..ab1bad0 --- /dev/null +++ b/modules/expose-vmvariant.nix
@@ -0,0 +1,22 @@ +{ + pkgs, + lib, + config, + ... +}: + +{ + options.virtualisation = { + isVmVariant = lib.mkOption { + default = false; + example = true; + description = "Whether this build is a VM build."; + type = lib.types.bool; + }; + }; + config = { + virtualisation.vmVariant = { + virtualisation.isVmVariant = true; + }; + }; +} diff --git a/modules/hardware/google-stadia-controller.nix b/modules/hardware/google-stadia-controller.nix new file mode 100644
index 0000000..7b59e13 --- /dev/null +++ b/modules/hardware/google-stadia-controller.nix
@@ -0,0 +1,24 @@ +{ + lib, + config, + ... +}: +{ + options.hardware.google-stadia-controller = { + enable = lib.mkEnableOption "Enable Google Stadia Controller support"; + }; + config = lib.mkIf config.hardware.google-stadia-controller.enable { + services.udev.extraRules = '' + #SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", MODE="0664", GROUP="users" + # SDP protocol + KERNEL=="hidraw*", ATTRS{idVendor}=="1fc9", MODE="0666" + ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="1fc9", MODE="0666" + ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="0d28", MODE="0666" + # Flashloader + KERNEL=="hidraw*", ATTRS{idVendor}=="15a2", MODE="0666" + # Controller + KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="18d1", MODE="0666" + SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="9400", MODE="0660", TAG+="uaccess" + ''; + }; +} diff --git a/modules/monitoring/crutches/synapse.nix b/modules/monitoring/crutches/synapse.nix
index 3145d11..7028396 100644 --- a/modules/monitoring/crutches/synapse.nix +++ b/modules/monitoring/crutches/synapse.nix
@@ -1,10 +1,10 @@ -{lib, ...}: +{ lib, ... }: { options.monitoring.synapse = { workerNames = lib.mkOption { type = lib.types.listOf lib.types.str; - default = []; + default = [ ]; description = "Synapse worker names"; }; }; diff --git a/modules/monitoring/module.nix b/modules/monitoring/module.nix
index 62ff1ea..f47c483 100644 --- a/modules/monitoring/module.nix +++ b/modules/monitoring/module.nix
@@ -40,7 +40,13 @@ in prometheus = lib.mkIf (cfg.localPrometheus) { enable = true; listenAddress = "127.0.0.1"; - extraFlags = [ "--storage.tsdb.wal-compression" ]; + extraFlags = [ + "--storage.tsdb.wal-compression" + "--query.max-concurrency 128" + "--rules.max-concurrent-evals 64" + "--storage.tsdb.retention.size 250GB" + "--enable-feature concurrent-rule-eval" + ]; }; grafana = lib.mkIf (cfg.localGrafana) { enable = true; diff --git a/modules/monitoring/postgres.nix b/modules/monitoring/postgres.nix
index 25266fa..63f536b 100644 --- a/modules/monitoring/postgres.nix +++ b/modules/monitoring/postgres.nix
@@ -23,7 +23,9 @@ in { job_name = "postgres"; scrape_interval = "${toString cfg.prometheusScrapeInterval}s"; - static_configs = [ { targets = [ "localhost:${toString config.services.prometheus.exporters.postgres.port}" ]; } ]; + static_configs = [ + { targets = [ "localhost:${toString config.services.prometheus.exporters.postgres.port}" ]; } + ]; } ]; diff --git a/modules/monitoring/synapse.nix b/modules/monitoring/synapse.nix
index a000698..ccc4ae2 100644 --- a/modules/monitoring/synapse.nix +++ b/modules/monitoring/synapse.nix
@@ -42,7 +42,7 @@ in [ { job_name = "synapse-main"; - scrape_interval = "${toString cfg.prometheusScrapeInterval}s"; + scrape_interval = "5s"; static_configs = [ { targets = [ "localhost:9200" ]; @@ -55,7 +55,7 @@ in ++ lib.flatten ( lib.imap (index: workerName: { job_name = "synapse-${workerName}"; - scrape_interval = "${toString cfg.prometheusScrapeInterval}s"; + scrape_interval = "5s"; static_configs = [ { targets = [ "localhost:${toString (9200 + index + 1)}" ]; @@ -75,8 +75,8 @@ in type = "file"; options = { path = builtins.fetchurl { - url = "https://raw.githubusercontent.com/element-hq/synapse/master/contrib/grafana/synapse.json"; - sha256 = "07qlr0waw9phmyd38bv22bn5v303w3397b89l44l3lzwhpnhs16s"; + url = "https://raw.githubusercontent.com/element-hq/synapse/develop/contrib/grafana/synapse.json"; + sha256 = "16fl81sx1by0wldw4vda0zr1pvbq1dpih1fikzwlvmk63mpc80kb"; }; }; } diff --git a/modules/monitoring/system.nix b/modules/monitoring/system.nix
index 171a7af..7e2634b 100644 --- a/modules/monitoring/system.nix +++ b/modules/monitoring/system.nix
@@ -49,8 +49,10 @@ in services.prometheus.scrapeConfigs = [ { job_name = "node"; - scrape_interval = "${toString cfg.prometheusScrapeInterval}s"; - static_configs = [ { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; } ]; + scrape_interval = "5s"; + static_configs = [ + { targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; } + ]; } ]; diff --git a/modules/packages/dotnet-pack.nix b/modules/packages/dotnet-pack.nix deleted file mode 100644
index 0e4a9b4..0000000 --- a/modules/packages/dotnet-pack.nix +++ /dev/null
@@ -1,18 +0,0 @@ -{ - pkgs ? import <nixpkgs> { }, -}: - -pkgs.symlinkJoin { - name = "dotnet-pack"; - paths = [ - pkgs.dotnet-sdk_8 - pkgs.dotnet-sdk_7 - pkgs.dotnet-sdk - ]; - postBuild = '' - rm -rfv $out/bin - rm -rfv $out/dotnet - cp -rv ${pkgs.dotnet-sdk_8}/dotnet $out/ - cp -rv ${pkgs.dotnet-sdk_8}/bin $out/ - ''; -} diff --git a/modules/packages/gitfs.nix b/modules/packages/gitfs.nix deleted file mode 100755
index 728e836..0000000 --- a/modules/packages/gitfs.nix +++ /dev/null
@@ -1,17 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - (gitfs.overrideAttrs (old: { - # TODO: pls fix the nixpkgs derivation - patchPhase = null; - postPatch = old.patchPhase; - patches = (old.patches or [ ]) ++ [ - (fetchpatch { - name = "fix-MutableMapping.patch"; - url = "https://patch-diff.githubusercontent.com/raw/presslabs/gitfs/pull/382.diff"; - hash = "sha256-ZaIEhv37sorSq3P+6GeH346u/5xh3qE+49D9FRNujMQ="; - }) - ]; - })) - ]; -} diff --git a/modules/packages/mtxclient-git.nix b/modules/packages/mtxclient-git.nix deleted file mode 100644
index 2392312..0000000 --- a/modules/packages/mtxclient-git.nix +++ /dev/null
@@ -1,65 +0,0 @@ -# This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/mtxclient/default.nix -# This file is a modified version of nixpkgs/pkgs/development/libraries/mtxclient/default.nix (copied at 5c4b9be) - -{ - lib, - stdenv, - fetchFromGitHub, - cmake, - pkg-config, - openssl, - olm, - spdlog, - nlohmann_json, - libevent, - curl, - coeurl, - re2, - mtxclientSrc, -}: -stdenv.mkDerivation { - pname = "mtxclient"; - version = "git+master"; - src = mtxclientSrc; - - cmakeFlags = [ - # Network requiring tests can't be disabled individually: - # https://github.com/Nheko-Reborn/mtxclient/issues/22 - "-DBUILD_LIB_TESTS=OFF" - "-DBUILD_LIB_EXAMPLES=OFF" - ]; - - postPatch = '' - # See https://github.com/gabime/spdlog/issues/1897 - sed -i '1a add_compile_definitions(SPDLOG_FMT_EXTERNAL)' CMakeLists.txt - ''; - - nativeBuildInputs = [ - cmake - pkg-config - ]; - buildInputs = [ - spdlog - nlohmann_json - openssl - olm - libevent - curl - coeurl - re2 - ]; - - meta = with lib; { - description = "Client API library for Matrix, built on top of Boost.Asio"; - homepage = "https://github.com/Nheko-Reborn/mtxclient"; - license = licenses.mit; - maintainers = with maintainers; [ - fpletz - pstn - ]; - platforms = platforms.all; - # Should be fixable if a higher clang version is used, see: - # https://github.com/NixOS/nixpkgs/pull/85922#issuecomment-619287177 - broken = stdenv.targetPlatform.isDarwin; - }; -} diff --git a/modules/packages/nginx/mime.types b/modules/packages/nginx/mime.types deleted file mode 100644
index 3ac8468..0000000 --- a/modules/packages/nginx/mime.types +++ /dev/null
@@ -1,1028 +0,0 @@ -types { -application/A2L a2l; -application/AML aml; -application/andrew-inset ez; -application/ATF atf; -application/ATFX atfx; -application/ATXML atxml; -application/atom+xml atom; -application/atomcat+xml atomcat; -application/atomdeleted+xml atomdeleted; -application/atomsvc+xml atomsvc; -application/atsc-dwd+xml dwd; -application/atsc-held+xml held; -application/atsc-rsat+xml rsat; -application/auth-policy+xml apxml; -application/bacnet-xdd+zip xdd; -application/calendar+xml xcs; -application/cbor cbor; -application/cccex c3ex; -application/ccmp+xml ccmp; -application/ccxml+xml ccxml; -application/CDFX+XML cdfx; -application/cdmi-capability cdmia; -application/cdmi-container cdmic; -application/cdmi-domain cdmid; -application/cdmi-object cdmio; -application/cdmi-queue cdmiq; -application/CEA cea; -application/cellml+xml cellml cml; -application/clr 1clr; -application/clue_info+xml clue; -application/cms cmsc; -application/cpl+xml cpl; -application/csrattrs csrattrs; -application/dash+xml mpd; -application/dashdelta mpdd; -application/davmount+xml davmount; -application/DCD dcd; -application/dicom dcm; -application/DII dii; -application/DIT dit; -application/dskpp+xml xmls; -application/dssc+der dssc; -application/dssc+xml xdssc; -application/dvcs dvc; -application/ecmascript es; -application/efi efi; -application/emma+xml emma; -application/emotionml+xml emotionml; -application/epub+zip epub; -application/exi exi; -application/fastinfoset finf; -application/fdt+xml fdt; -application/font-tdpfr pfr; -application/geo+json geojson; -application/geopackage+sqlite3 gpkg; -application/gltf-buffer glbin glbuf; -application/gml+xml gml; -application/gzip gz tgz; -application/hyperstudio stk; -application/inkml+xml ink inkml; -application/ipfix ipfix; -application/its+xml its; -application/javascript js; -application/jrd+json jrd; -application/json json; -application/json-patch+json json-patch; -application/ld+json jsonld; -application/lgr+xml lgr; -application/link-format wlnk; -application/lost+xml lostxml; -application/lostsync+xml lostsyncxml; -application/lpf+zip lpf; -application/LXF lxf; -application/mac-binhex40 hqx; -application/mads+xml mads; -application/marc mrc; -application/marcxml+xml mrcx; -application/mathematica nb ma mb; -application/mathml+xml mml; -application/mbox mbox; -application/metalink4+xml meta4; -application/mets+xml mets; -application/MF4 mf4; -application/mipc h5; -application/mmt-aei+xml maei; -application/mmt-usd+xml musd; -application/mods+xml mods; -application/mp21 m21 mp21; -application/msword doc; -application/mxf mxf; -application/n-quads nq; -application/n-triples nt; -application/ocsp-request orq; -application/ocsp-response ors; -application/octet-stream bin lha lzh exe class so dll img iso; -application/ODA oda; -application/ODX odx; -application/oebps-package+xml opf; -application/ogg ogx; -application/opc-nodeset+xml ; -application/oxps oxps; -application/p2p-overlay+xml relo; -application/pdf pdf; -application/PDX pdx; -application/pem-certificate-chain pem; -application/pgp-encrypted pgp; -application/pgp-signature sig; -application/pkcs10 p10; -application/pkcs12 p12 pfx; -application/pkcs7-mime p7m p7c; -application/pkcs7-signature p7s; -application/pkcs8 p8; -application/pkcs8-encrypted p8e; -application/pkix-cert cer; -application/pkix-crl crl; -application/pkix-pkipath pkipath; -application/pkixcmp pki; -application/pls+xml pls; -application/postscript ps eps ai; -application/provenance+xml provx; -application/prs.cww cw cww; -application/prs.hpub+zip hpub; -application/prs.nprend rnd rct; -application/prs.rdf-xml-crypt rdf-crypt; -application/prs.xsf+xml xsf; -application/pskc+xml pskcxml; -application/rdf+xml rdf; -application/route-apd+xml rapd; -application/route-s-tsid+xml sls; -application/route-usd+xml rusd; -application/reginfo+xml rif; -application/relax-ng-compact-syntax rnc; -application/resource-lists-diff+xml rld; -application/resource-lists+xml rl; -application/rfc+xml rfcxml; -application/rls-services+xml rs; -application/rpki-ghostbusters gbr; -application/rpki-manifest mft; -application/rpki-roa roa; -application/rtf rtf; -application/sarif-external-properties+json sarif-external-properties sarif-external-properties.json; -application/sarif+json sarif sarif.json; -application/scim+json scim; -application/scvp-cv-request scq; -application/scvp-cv-response scs; -application/scvp-vp-request spq; -application/scvp-vp-response spp; -application/sdp sdp; -application/senml-etch+cbor senml-etchc; -application/senml-etch+json senml-etchj; -application/senml+cbor senmlc; -application/senml+json senml; -application/senml+xml senmlx; -application/senml-exi senmle; -application/sensml+cbor sensmlc; -application/sensml+json sensml; -application/sensml+xml sensmlx; -application/sensml-exi sensmle; -application/sgml-open-catalog soc; -application/shf+xml shf; -application/sieve siv sieve; -application/simple-filter+xml cl; -application/smil+xml smil smi sml; -application/sparql-query rq; -application/sparql-results+xml srx; -application/sql sql; -application/srgs gram; -application/srgs+xml grxml; -application/sru+xml sru; -application/ssml+xml ssml; -application/stix+json stix; -application/swid+xml swidtag; -application/tamp-apex-update tau; -application/tamp-apex-update-confirm auc; -application/tamp-community-update tcu; -application/tamp-community-update-confirm cuc; -application/td+json jsontd; -application/tamp-error ter; -application/tamp-sequence-adjust tsa; -application/tamp-sequence-adjust-confirm sac; -application/tamp-update tur; -application/tamp-update-confirm tuc; -application/tei+xml tei teiCorpus odd; -application/thraud+xml tfi; -application/timestamp-query tsq; -application/timestamp-reply tsr; -application/timestamped-data tsd; -application/trig trig; -application/ttml+xml ttml; -application/urc-grpsheet+xml gsheet; -application/urc-ressheet+xml rsheet; -application/urc-targetdesc+xml td; -application/urc-uisocketdesc+xml uis; -application/vnd.1000minds.decision-model+xml 1km; -application/vnd.3gpp.5gnas ; -application/vnd.3gpp.pic-bw-large plb; -application/vnd.3gpp.pic-bw-small psb; -application/vnd.3gpp.pic-bw-var pvb; -application/vnd.3gpp2.sms sms; -application/vnd.3gpp2.tcap tcap; -application/vnd.3lightssoftware.imagescal imgcal; -application/vnd.3M.Post-it-Notes pwn; -application/vnd.accpac.simply.aso aso; -application/vnd.accpac.simply.imp imp; -application/vnd.acucobol acu; -application/vnd.acucorp atc acutc; -application/vnd.adobe.flash.movie swf; -application/vnd.adobe.formscentral.fcdt fcdt; -application/vnd.adobe.fxp fxp fxpl; -application/vnd.adobe.xdp+xml xdp; -application/vnd.adobe.xfdf xfdf; -application/vnd.afpc.modca list3820 listafp afp pseg3820; -application/vnd.afpc.modca-overlay ovl; -application/vnd.afpc.modca-pagesegment psg; -application/vnd.ahead.space ahead; -application/vnd.airzip.filesecure.azf azf; -application/vnd.airzip.filesecure.azs azs; -application/vnd.amazon.mobi8-ebook azw3; -application/vnd.americandynamics.acc acc; -application/vnd.amiga.ami ami; -application/vnd.android.ota ota; -application/vnd.anki apkg; -application/vnd.anser-web-certificate-issue-initiation cii; -application/vnd.anser-web-funds-transfer-initiation fti; -application/vnd.apple.installer+xml dist distz pkg mpkg; -application/vnd.apple.keynote keynote; -application/vnd.apple.mpegurl m3u8; -application/vnd.apple.numbers numbers; -application/vnd.apple.pages pages; -application/vnd.aristanetworks.swi swi; -application/vnd.artisan+json artisan; -application/vnd.astraea-software.iota iota; -application/vnd.audiograph aep; -application/vnd.autopackage package; -application/vnd.balsamiq.bmml+xml bmml; -application/vnd.banana-accounting ac2; -application/vnd.balsamiq.bmpr bmpr; -application/vnd.blueice.multipass mpm; -application/vnd.bluetooth.ep.oob ep; -application/vnd.bluetooth.le.oob le; -application/vnd.bmi bmi; -application/vnd.businessobjects rep; -application/vnd.cendio.thinlinc.clientconf tlclient; -application/vnd.chemdraw+xml cdxml; -application/vnd.chess-pgn pgn; -application/vnd.chipnuts.karaoke-mmd mmd; -application/vnd.cinderella cdy; -application/vnd.citationstyles.style+xml csl; -application/vnd.claymore cla; -application/vnd.cloanto.rp9 rp9; -application/vnd.clonk.c4group c4g c4d c4f c4p c4u; -application/vnd.cluetrust.cartomobile-config c11amc; -application/vnd.cluetrust.cartomobile-config-pkg c11amz; -application/vnd.coffeescript coffee; -application/vnd.collabio.xodocuments.document xodt; -application/vnd.collabio.xodocuments.document-template xott; -application/vnd.collabio.xodocuments.presentation xodp; -application/vnd.collabio.xodocuments.presentation-template xotp; -application/vnd.collabio.xodocuments.spreadsheet xods; -application/vnd.collabio.xodocuments.spreadsheet-template xots; -application/vnd.comicbook-rar cbr; -application/vnd.comicbook+zip cbz; -application/vnd.commerce-battelle ica icf icd ic0 ic1 ic2 ic3 ic4 ic5 ic6 ic7 ic8; -application/vnd.commonspace csp cst; -application/vnd.contact.cmsg cdbcmsg; -application/vnd.coreos.ignition+json ign ignition; -application/vnd.cosmocaller cmc; -application/vnd.crick.clicker clkx; -application/vnd.crick.clicker.keyboard clkk; -application/vnd.crick.clicker.palette clkp; -application/vnd.crick.clicker.template clkt; -application/vnd.crick.clicker.wordbank clkw; -application/vnd.criticaltools.wbs+xml wbs; -application/vnd.crypto-shade-file ssvc; -application/vnd.cryptomator.encrypted c9r c9s; -application/vnd.cryptomator.vault cryptomator; -application/vnd.ctc-posml pml; -application/vnd.cups-ppd ppd; -application/vnd.curl curl; -application/vnd.dart dart; -application/vnd.data-vision.rdz rdz; -application/vnd.dbf dbf; -application/vnd.debian.binary-package deb udeb; -application/vnd.dece.data uvf uvvf uvd uvvd; -application/vnd.dece.ttml+xml uvt uvvt; -application/vnd.dece.unspecified uvx uvvx; -application/vnd.dece.zip uvz uvvz; -application/vnd.denovo.fcselayout-link fe_launch; -application/vnd.desmume.movie dsm; -application/vnd.dna dna; -application/vnd.document+json docjson; -application/vnd.doremir.scorecloud-binary-document scld; -application/vnd.dpgraph dpg mwc dpgraph; -application/vnd.dreamfactory dfac; -application/vnd.dtg.local.flash fla; -application/vnd.dvb.ait ait; -application/vnd.dvb.service svc; -application/vnd.dynageo geo; -application/vnd.dzr dzr; -application/vnd.ecowin.chart mag; -application/vnd.enliven nml; -application/vnd.epson.esf esf; -application/vnd.epson.msf msf; -application/vnd.epson.quickanime qam; -application/vnd.epson.salt slt; -application/vnd.epson.ssf ssf; -application/vnd.ericsson.quickcall qcall qca; -application/vnd.espass-espass+zip espass; -application/vnd.eszigno3+xml es3 et3; -application/vnd.etsi.asic-e+zip asice sce; -application/vnd.etsi.asic-s+zip asics; -application/vnd.etsi.timestamp-token tst; -application/vnd.exstream-empower+zip mpw; -application/vnd.exstream-package pub; -application/vnd.evolv.ecig.profile ecigprofile; -application/vnd.evolv.ecig.settings ecig; -application/vnd.evolv.ecig.theme ecigtheme; -application/vnd.ezpix-album ez2; -application/vnd.ezpix-package ez3; -application/vnd.fastcopy-disk-image dim; -application/vnd.fdf fdf; -application/vnd.fdsn.mseed msd mseed; -application/vnd.fdsn.seed seed dataless; -application/vnd.ficlab.flb+zip flb; -application/vnd.filmit.zfc zfc; -application/vnd.FloGraphIt gph; -application/vnd.fluxtime.clip ftc; -application/vnd.font-fontforge-sfd sfd; -application/vnd.framemaker fm; -application/vnd.frogans.fnc fnc; -application/vnd.frogans.ltf ltf; -application/vnd.fsc.weblaunch fsc; -application/vnd.fujitsu.oasys oas; -application/vnd.fujitsu.oasys2 oa2; -application/vnd.fujitsu.oasys3 oa3; -application/vnd.fujitsu.oasysgp fg5; -application/vnd.fujitsu.oasysprs bh2; -application/vnd.fujixerox.ddd ddd; -application/vnd.fujixerox.docuworks xdw; -application/vnd.fujixerox.docuworks.binder xbd; -application/vnd.fujixerox.docuworks.container xct; -application/vnd.fuzzysheet fzs; -application/vnd.genomatix.tuxedo txd; -application/vnd.geocube+xml g3 g³; -application/vnd.geogebra.file ggb; -application/vnd.geogebra.slides ggs; -application/vnd.geogebra.tool ggt; -application/vnd.geometry-explorer gex gre; -application/vnd.geonext gxt; -application/vnd.geoplan g2w; -application/vnd.geospace g3w; -application/vnd.gmx gmx; -application/vnd.google-earth.kml+xml kml; -application/vnd.google-earth.kmz kmz; -application/vnd.grafeq gqf gqs; -application/vnd.groove-account gac; -application/vnd.groove-help ghf; -application/vnd.groove-identity-message gim; -application/vnd.groove-injector grv; -application/vnd.groove-tool-message gtm; -application/vnd.groove-tool-template tpl; -application/vnd.groove-vcard vcg; -application/vnd.hal+xml hal; -application/vnd.HandHeld-Entertainment+xml zmm; -application/vnd.hbci hbci hbc kom upa pkd bpd; -application/vnd.hdt hdt; -application/vnd.hhe.lesson-player les; -application/vnd.hp-HPGL hpgl; -application/vnd.hp-hpid hpi hpid; -application/vnd.hp-hps hps; -application/vnd.hp-jlyt jlt; -application/vnd.hp-PCL pcl; -application/vnd.hydrostatix.sof-data sfd-hdstx; -application/vnd.hzn-3d-crossword x3d; -application/vnd.ibm.electronic-media emm; -application/vnd.ibm.MiniPay mpy; -application/vnd.ibm.rights-management irm; -application/vnd.ibm.secure-container sc; -application/vnd.iccprofile icc icm; -application/vnd.ieee.1905 1905.1; -application/vnd.igloader igl; -application/vnd.imagemeter.folder+zip imf; -application/vnd.imagemeter.image+zip imi; -application/vnd.immervision-ivp ivp; -application/vnd.immervision-ivu ivu; -application/vnd.ims.imsccv1p1 imscc; -application/vnd.insors.igm igm; -application/vnd.intercon.formnet xpw xpx; -application/vnd.intergeo i2g; -application/vnd.intu.qbo qbo; -application/vnd.intu.qfx qfx; -application/vnd.ipunplugged.rcprofile rcprofile; -application/vnd.irepository.package+xml irp; -application/vnd.is-xpr xpr; -application/vnd.isac.fcs fcs; -application/vnd.jam jam; -application/vnd.jcp.javame.midlet-rms rms; -application/vnd.jisp jisp; -application/vnd.joost.joda-archive joda; -application/vnd.kahootz ktz ktr; -application/vnd.kde.karbon karbon; -application/vnd.kde.kchart chrt; -application/vnd.kde.kformula kfo; -application/vnd.kde.kivio flw; -application/vnd.kde.kontour kon; -application/vnd.kde.kpresenter kpr kpt; -application/vnd.kde.kspread ksp; -application/vnd.kde.kword kwd kwt; -application/vnd.kenameaapp htke; -application/vnd.kidspiration kia; -application/vnd.Kinar kne knp sdf; -application/vnd.koan skp skd skm skt; -application/vnd.kodak-descriptor sse; -application/vnd.las las; -application/vnd.las.las+json lasjson; -application/vnd.las.las+xml lasxml; -application/vnd.llamagraphics.life-balance.desktop lbd; -application/vnd.llamagraphics.life-balance.exchange+xml lbe; -application/vnd.logipipe.circuit+zip lcs lca; -application/vnd.loom loom; -application/vnd.lotus-1-2-3 123 wk4 wk3 wk1; -application/vnd.lotus-approach apr vew; -application/vnd.lotus-freelance prz pre; -application/vnd.lotus-notes nsf ntf ndl ns4 ns3 ns2 nsh nsg; -application/vnd.lotus-organizer or3 or2 org; -application/vnd.lotus-screencam scm; -application/vnd.lotus-wordpro lwp sam; -application/vnd.macports.portpkg portpkg; -application/vnd.mapbox-vector-tile mvt; -application/vnd.marlin.drm.mdcf mdc; -application/vnd.maxmind.maxmind-db mmdb; -application/vnd.mcd mcd; -application/vnd.medcalcdata mc1; -application/vnd.mediastation.cdkey cdkey; -application/vnd.MFER mwf; -application/vnd.mfmp mfm; -application/vnd.micrografx.flo flo; -application/vnd.micrografx.igx igx; -application/vnd.mif mif; -application/vnd.Mobius.DAF daf; -application/vnd.Mobius.DIS dis; -application/vnd.Mobius.MBK mbk; -application/vnd.Mobius.MQY mqy; -application/vnd.Mobius.MSL msl; -application/vnd.Mobius.PLC plc; -application/vnd.Mobius.TXF txf; -application/vnd.mophun.application mpn; -application/vnd.mophun.certificate mpc; -application/vnd.mozilla.xul+xml xul; -application/vnd.ms-3mfdocument 3mf; -application/vnd.ms-artgalry cil; -application/vnd.ms-asf asf; -application/vnd.ms-cab-compressed cab; -application/vnd.ms-excel xls xlm xla xlc xlt xlw; -application/vnd.ms-excel.template.macroEnabled.12 xltm; -application/vnd.ms-excel.addin.macroEnabled.12 xlam; -application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb; -application/vnd.ms-excel.sheet.macroEnabled.12 xlsm; -application/vnd.ms-fontobject eot; -application/vnd.ms-htmlhelp chm; -application/vnd.ms-ims ims; -application/vnd.ms-lrm lrm; -application/vnd.ms-officetheme thmx; -application/vnd.ms-powerpoint ppt pps pot; -application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam; -application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm; -application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm; -application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm; -application/vnd.ms-powerpoint.template.macroEnabled.12 potm; -application/vnd.ms-project mpp mpt; -application/vnd.ms-tnef tnef tnf; -application/vnd.ms-word.document.macroEnabled.12 docm; -application/vnd.ms-word.template.macroEnabled.12 dotm; -application/vnd.ms-works wcm wdb wks wps; -application/vnd.ms-wpl wpl; -application/vnd.ms-xpsdocument xps; -application/vnd.msa-disk-image msa; -application/vnd.mseq mseq; -application/vnd.multiad.creator crtr; -application/vnd.multiad.creator.cif cif; -application/vnd.musician mus; -application/vnd.muvee.style msty; -application/vnd.mynfc taglet; -application/vnd.nebumind.line nebul line; -application/vnd.nervana entity request bkm kcm; -application/vnd.nimn nimn; -application/vnd.nitf nitf; -application/vnd.neurolanguage.nlu nlu; -application/vnd.nintendo.nitro.rom nds; -application/vnd.nintendo.snes.rom sfc smc; -application/vnd.noblenet-directory nnd; -application/vnd.noblenet-sealer nns; -application/vnd.noblenet-web nnw; -application/vnd.nokia.n-gage.ac+xml ac; -application/vnd.nokia.n-gage.data ngdat; -application/vnd.nokia.n-gage.symbian.install n-gage; -application/vnd.nokia.radio-preset rpst; -application/vnd.nokia.radio-presets rpss; -application/vnd.novadigm.EDM edm; -application/vnd.novadigm.EDX edx; -application/vnd.novadigm.EXT ext; -application/vnd.oasis.opendocument.chart odc; -application/vnd.oasis.opendocument.chart-template otc; -application/vnd.oasis.opendocument.database odb; -application/vnd.oasis.opendocument.formula odf; -application/vnd.oasis.opendocument.graphics odg; -application/vnd.oasis.opendocument.graphics-template otg; -application/vnd.oasis.opendocument.image odi; -application/vnd.oasis.opendocument.image-template oti; -application/vnd.oasis.opendocument.presentation odp; -application/vnd.oasis.opendocument.presentation-template otp; -application/vnd.oasis.opendocument.spreadsheet ods; -application/vnd.oasis.opendocument.spreadsheet-template ots; -application/vnd.oasis.opendocument.text odt; -application/vnd.oasis.opendocument.text-master odm; -application/vnd.oasis.opendocument.text-template ott; -application/vnd.oasis.opendocument.text-web oth; -application/vnd.olpc-sugar xo; -application/vnd.oma.dd2+xml dd2; -application/vnd.onepager tam; -application/vnd.onepagertamp tamp; -application/vnd.onepagertamx tamx; -application/vnd.onepagertat tat; -application/vnd.onepagertatp tatp; -application/vnd.onepagertatx tatx; -application/vnd.openblox.game+xml obgx; -application/vnd.openblox.game-binary obg; -application/vnd.openeye.oeb oeb; -application/vnd.openofficeorg.extension oxt; -application/vnd.openstreetmap.data+xml osm; -application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; -application/vnd.openxmlformats-officedocument.presentationml.slide sldx; -application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx; -application/vnd.openxmlformats-officedocument.presentationml.template potx; -application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; -application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx; -application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; -application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx; -application/vnd.osa.netdeploy ndc; -application/vnd.osgeo.mapguide.package mgp; -application/vnd.osgi.dp dp; -application/vnd.osgi.subsystem esa; -application/vnd.oxli.countgraph oxlicg; -application/vnd.palm prc pdb pqa oprc; -application/vnd.panoply plp; -application/vnd.patentdive dive; -application/vnd.pawaafile paw; -application/vnd.pg.format str; -application/vnd.pg.osasli ei6; -application/vnd.piaccess.application-licence pil; -application/vnd.picsel efif; -application/vnd.pmi.widget wg; -application/vnd.pocketlearn plf; -application/vnd.powerbuilder6 pbd; -application/vnd.preminet preminet; -application/vnd.previewsystems.box box vbox; -application/vnd.proteus.magazine mgz; -application/vnd.psfs psfs; -application/vnd.publishare-delta-tree qps; -application/vnd.pvi.ptid1 ptid; -application/vnd.qualcomm.brew-app-res bar; -application/vnd.Quark.QuarkXPress qxd qxt qwd qwt qxl qxb; -application/vnd.quobject-quoxdocument quox quiz; -application/vnd.rainstor.data tree; -application/vnd.rar rar; -application/vnd.realvnc.bed bed; -application/vnd.recordare.musicxml mxl; -application/vnd.rig.cryptonote cryptonote; -application/vnd.route66.link66+xml link66; -application/vnd.sailingtracker.track st; -application/vnd.sar SAR; -application/vnd.scribus scd sla slaz; -application/vnd.sealed.3df s3df; -application/vnd.sealed.csf scsf; -application/vnd.sealed.doc sdoc sdo s1w; -application/vnd.sealed.eml seml sem; -application/vnd.sealed.mht smht smh; -application/vnd.sealed.ppt sppt s1p; -application/vnd.sealed.tiff stif; -application/vnd.sealed.xls sxls sxl s1e; -application/vnd.sealedmedia.softseal.html stml s1h; -application/vnd.sealedmedia.softseal.pdf spdf spd s1a; -application/vnd.seemail see; -application/vnd.sema sema; -application/vnd.semd semd; -application/vnd.semf semf; -application/vnd.shade-save-file ssv; -application/vnd.shana.informed.formdata ifm; -application/vnd.shana.informed.formtemplate itp; -application/vnd.shana.informed.interchange iif; -application/vnd.shana.informed.package ipk; -application/vnd.shp shp; -application/vnd.shx shx; -application/vnd.sigrok.session sr; -application/vnd.SimTech-MindMapper twd twds; -application/vnd.smaf mmf; -application/vnd.smart.notebook notebook; -application/vnd.smart.teacher teacher; -application/vnd.snesdev-page-table ptrom pt; -application/vnd.software602.filler.form+xml fo; -application/vnd.software602.filler.form-xml-zip zfo; -application/vnd.solent.sdkm+xml sdkm sdkd; -application/vnd.spotfire.dxp dxp; -application/vnd.spotfire.sfs sfs; -application/vnd.sqlite3 sqlite sqlite3; -application/vnd.stepmania.package smzip; -application/vnd.stepmania.stepchart sm; -application/vnd.sun.wadl+xml wadl; -application/vnd.sus-calendar sus susp; -application/vnd.sycle+xml scl; -application/vnd.syncml+xml xsm; -application/vnd.syncml.dm+wbxml bdm; -application/vnd.syncml.dm+xml xdm; -application/vnd.syncml.dmddf+xml ddf; -application/vnd.tao.intent-module-archive tao; -application/vnd.tcpdump.pcap pcap cap dmp; -application/vnd.theqvd qvd; -application/vnd.think-cell.ppttc+json ppttc; -application/vnd.tml vfr viaframe; -application/vnd.tmobile-livetv tmo; -application/vnd.trid.tpt tpt; -application/vnd.triscape.mxs mxs; -application/vnd.trueapp tra; -application/vnd.ufdl ufdl ufd frm; -application/vnd.uiq.theme utz; -application/vnd.umajin umj; -application/vnd.unity unityweb; -application/vnd.uoml+xml uoml uo; -application/vnd.uri-map urim urimap; -application/vnd.valve.source.material vmt; -application/vnd.vcx vcx; -application/vnd.vd-study mxi study-inter model-inter; -application/vnd.vectorworks vwx; -application/vnd.veryant.thin istc isws; -application/vnd.ves.encrypted VES; -application/vnd.vidsoft.vidconference vsc; -application/vnd.visio vsd vst vsw vss; -application/vnd.visionary vis; -application/vnd.vsf vsf; -application/vnd.wap.sic sic; -application/vnd.wap.slc slc; -application/vnd.wap.wbxml wbxml; -application/vnd.wap.wmlc wmlc; -application/vnd.wap.wmlscriptc wmlsc; -application/vnd.webturbo wtb; -application/vnd.wfa.p2p p2p; -application/vnd.wfa.wsc wsc; -application/vnd.wmc wmc; -application/vnd.wolfram.mathematica.package m; -application/vnd.wolfram.player nbp; -application/vnd.wordperfect wpd; -application/vnd.wqd wqd; -application/vnd.wt.stf stf; -application/vnd.wv.csp+wbxml wv; -application/vnd.xara xar; -application/vnd.xfdl xfdl xfd; -application/vnd.xmpie.cpkg cpkg; -application/vnd.xmpie.dpkg dpkg; -application/vnd.xmpie.ppkg ppkg; -application/vnd.xmpie.xlim xlim; -application/vnd.yamaha.hv-dic hvd; -application/vnd.yamaha.hv-script hvs; -application/vnd.yamaha.hv-voice hvp; -application/vnd.yamaha.openscoreformat osf; -application/vnd.yamaha.smaf-audio saf; -application/vnd.yamaha.smaf-phrase spf; -application/vnd.yaoweme yme; -application/vnd.yellowriver-custom-menu cmp; -application/vnd.zul zir zirz; -application/vnd.zzazz.deck+xml zaz; -application/voicexml+xml vxml; -application/voucher-cms+json vcj; -application/wasm wasm; -application/watcherinfo+xml wif; -application/widget wgt; -application/wsdl+xml wsdl; -application/wspolicy+xml wspolicy; -application/xcap-att+xml xav; -application/xcap-caps+xml xca; -application/xcap-diff+xml xdf; -application/xcap-el+xml xel; -application/xcap-error+xml xer; -application/xcap-ns+xml xns; -application/xhtml+xml xhtml xhtm xht; -application/xliff+xml xlf; -application/xml-dtd dtd; -application/xop+xml xop; -application/xslt+xml xsl xslt; -application/xv+xml mxml xhvml xvml xvm; -application/yang yang; -application/yin+xml yin; -application/zip zip; -application/zstd zst; -audio/32kadpcm 726; -audio/aac adts aac ass; -audio/ac3 ac3; -audio/AMR amr; -audio/AMR-WB awb; -audio/asc acn; -audio/ATRAC-ADVANCED-LOSSLESS aal; -audio/ATRAC-X atx; -audio/ATRAC3 at3 aa3 omg; -audio/basic au snd; -audio/dls dls; -audio/EVRC evc; -audio/EVRCB evb; -audio/EVRCNW enw; -audio/EVRCWB evw; -audio/iLBC lbc; -audio/L16 l16; -audio/mhas mhas; -audio/mobile-xmf mxmf; -audio/mp4 m4a; -audio/mpeg mp3 mpga mp1 mp2; -audio/ogg oga ogg opus spx; -audio/prs.sid sid psid; -audio/QCELP qcp; -audio/SMV smv; -audio/sofa sofa; -audio/usac loas xhe; -audio/vnd.audiokoz koz; -audio/vnd.dece.audio uva uvva; -audio/vnd.digital-winds eol; -audio/vnd.dolby.mlp mlp; -audio/vnd.dts dts; -audio/vnd.dts.hd dtshd; -audio/vnd.everad.plj plj; -audio/vnd.lucent.voice lvp; -audio/vnd.ms-playready.media.pya pya; -audio/vnd.nortel.vbk vbk; -audio/vnd.nuera.ecelp4800 ecelp4800; -audio/vnd.nuera.ecelp7470 ecelp7470; -audio/vnd.nuera.ecelp9600 ecelp9600; -audio/vnd.presonus.multitrack multitrack; -audio/vnd.rip rip; -audio/vnd.sealedmedia.softseal.mpeg smp3 smp s1m; -font/collection ttc; -font/otf otf; -font/ttf ttf; -font/woff woff; -font/woff2 woff2; -image/aces exr; -image/avci avci; -image/avcs avcs; -image/avif avif hif; -image/bmp bmp dib; -image/cgm cgm; -image/dicom-rle drle; -image/emf emf; -image/fits fits fit fts; -image/heic heic; -image/heic-sequence heics; -image/heif heif; -image/heif-sequence heifs; -image/hej2k hej2; -image/hsj2 hsj2; -image/gif gif; -image/ief ief; -image/jls jls; -image/jp2 jp2 jpg2; -image/jph jph; -image/jphc jhc; -image/jpeg jpg jpeg jpe jfif; -image/jpm jpm jpgm; -image/jpx jpx jpf; -image/jxl jxl; -image/jxr jxr; -image/jxrA jxra; -image/jxrS jxrs; -image/jxs jxs; -image/jxsc jxsc; -image/jxsi jxsi; -image/jxss jxss; -image/ktx ktx; -image/ktx2 ktx2; -image/png png; -image/prs.btif btif btf; -image/prs.pti pti; -image/svg+xml svg svgz; -image/t38 t38; -image/tiff tiff tif; -image/tiff-fx tfx; -image/vnd.adobe.photoshop psd; -image/vnd.airzip.accelerator.azv azv; -image/vnd.dece.graphic uvi uvvi uvg uvvg; -image/vnd.djvu djvu djv; -image/vnd.dwg dwg; -image/vnd.dxf dxf; -image/vnd.fastbidsheet fbs; -image/vnd.fpx fpx; -image/vnd.fst fst; -image/vnd.fujixerox.edmics-mmr mmr; -image/vnd.fujixerox.edmics-rlc rlc; -image/vnd.globalgraphics.pgb pgb; -image/vnd.microsoft.icon ico; -image/vnd.mozilla.apng apng; -image/vnd.ms-modi mdi; -image/vnd.pco.b16 b16; -image/vnd.radiance hdr rgbe xyze; -image/vnd.sealed.png spng spn s1n; -image/vnd.sealedmedia.softseal.gif sgif sgi s1g; -image/vnd.sealedmedia.softseal.jpg sjpg sjp s1j; -image/vnd.tencent.tap tap; -image/vnd.valve.source.texture vtf; -image/vnd.wap.wbmp wbmp; -image/vnd.xiff xif; -image/vnd.zbrush.pcx pcx; -image/wmf wmf; -message/global u8msg; -message/global-delivery-status u8dsn; -message/global-disposition-notification u8mdn; -message/global-headers u8hdr; -message/rfc822 eml mail art; -model/gltf-binary glb; -model/gltf+json gltf; -model/iges igs iges; -model/mesh msh mesh silo; -model/mtl mtl; -model/obj obj; -model/stl stl; -model/vnd.collada+xml dae; -model/vnd.dwf dwf; -model/vnd.gdl gdl gsm win dor lmp rsm msm ism; -model/vnd.gtw gtw; -model/vnd.moml+xml moml; -model/vnd.mts mts; -model/vnd.opengex ogex; -model/vnd.parasolid.transmit.binary x_b xmt_bin; -model/vnd.parasolid.transmit.text x_t xmt_txt; -model/vnd.pytha.pyox pyo pyox; -model/vnd.sap.vds vds; -model/vnd.usdz+zip usdz; -model/vnd.valve.source.compiled-map bsp; -model/vnd.vtu vtu; -model/vrml wrl vrml; -model/x3d+xml x3db; -model/x3d-vrml x3dv x3dvz; -multipart/vnd.bint.med-plus bmed; -multipart/voice-message vpm; -text/cache-manifest appcache manifest; -text/calendar ics ifb; -text/cql CQL; -text/css css; -text/csv csv; -text/csv-schema csvs; -text/dns soa zone; -text/gff3 gff3; -text/html html htm; -text/jcr-cnd cnd; -text/markdown markdown md; -text/mizar miz; -text/n3 n3; -text/plain txt asc text pm el c h cc hh cxx hxx f90 conf log nix nginx sh cs sln razor csproj; -text/provenance-notation provn; -text/prs.fallenstein.rst rst; -text/prs.lines.tag tag dsc; -text/richtext rtx; -text/SGML sgml sgm; -text/shaclc shaclc shc; -text/spdx spdx; -text/tab-separated-values tsv; -text/troff t tr roff; -text/turtle ttl; -text/uri-list uris uri; -text/vcard vcf vcard; -text/vnd.a a; -text/vnd.abc abc; -text/vnd.ascii-art ascii; -text/vnd.debian.copyright copyright; -text/vnd.DMClientScript dms; -text/vnd.dvb.subtitle sub; -text/vnd.esmertec.theme-descriptor jtd; -text/vnd.ficlab.flt flt; -text/vnd.fly fly; -text/vnd.fmi.flexstor flx; -text/vnd.graphviz gv dot; -text/vnd.hans hans; -text/vnd.hgl hgl; -text/vnd.in3d.3dml 3dml 3dm; -text/vnd.in3d.spot spot spo; -text/vnd.ms-mediapackage mpf; -text/vnd.net2phone.commcenter.command ccc; -text/vnd.senx.warpscript mc2; -text/vnd.si.uricatalogue uric; -text/vnd.sun.j2me.app-descriptor jad; -text/vnd.sosi sos; -text/vnd.trolltech.linguist ts; -text/vnd.wap.si si; -text/vnd.wap.sl sl; -text/vnd.wap.wml wml; -text/vnd.wap.wmlscript wmls; -text/vtt vtt; -text/xml xml xsd rng; -text/xml-external-parsed-entity ent; -video/3gpp 3gp 3gpp; -video/3gpp2 3g2 3gpp2; -video/iso.segment m4s; -video/mj2 mj2 mjp2; -video/mp4 mp4 mpg4 m4v; -video/mpeg mpeg mpg mpe m1v m2v; -video/ogg ogv; -video/quicktime mov qt; -video/vnd.dece.hd uvh uvvh; -video/vnd.dece.mobile uvm uvvm; -video/vnd.dece.mp4 uvu uvvu; -video/vnd.dece.pd uvp uvvp; -video/vnd.dece.sd uvs uvvs; -video/vnd.dece.video uvv uvvv; -video/vnd.dvb.file dvb; -video/vnd.fvt fvt; -video/vnd.mpegurl mxu m4u; -video/vnd.ms-playready.media.pyv pyv; -video/vnd.nokia.interleaved-multimedia nim; -video/vnd.radgamettools.bink bik bk2; -video/vnd.radgamettools.smacker smk; -video/vnd.sealed.mpeg1 smpg s11; -video/vnd.sealed.mpeg4 s14; -video/vnd.sealed.swf sswf ssw; -video/vnd.sealedmedia.softseal.mov smov smo s1q; -video/vnd.youtube.yt yt; -video/vnd.vivo viv; -application/mac-compactpro cpt; -application/metalink+xml metalink; -application/owl+xml owx; -application/rss+xml rss; -application/vnd.android.package-archive apk; -application/vnd.oma.dd+xml dd; -application/vnd.oma.drm.content dcf; -application/vnd.oma.drm.dcf o4a o4v; -application/vnd.oma.drm.message dm; -application/vnd.oma.drm.rights+wbxml drc; -application/vnd.oma.drm.rights+xml dr; -application/vnd.sun.xml.calc sxc; -application/vnd.sun.xml.calc.template stc; -application/vnd.sun.xml.draw sxd; -application/vnd.sun.xml.draw.template std; -application/vnd.sun.xml.impress sxi; -application/vnd.sun.xml.impress.template sti; -application/vnd.sun.xml.math sxm; -application/vnd.sun.xml.writer sxw; -application/vnd.sun.xml.writer.global sxg; -application/vnd.sun.xml.writer.template stw; -application/vnd.symbian.install sis; -application/vnd.wap.mms-message mms; -application/x-annodex anx; -application/x-bcpio bcpio; -application/x-bittorrent torrent; -application/x-bzip2 bz2; -application/x-cdlink vcd; -application/x-chrome-extension crx; -application/x-cpio cpio; -application/x-csh csh; -application/x-director dcr dir dxr; -application/x-dvi dvi; -application/x-futuresplash spl; -application/x-gtar gtar; -application/x-hdf hdf; -application/x-java-archive jar; -application/x-java-jnlp-file jnlp; -application/x-java-pack200 pack; -application/x-killustrator kil; -application/x-latex latex; -application/x-netcdf nc cdf; -application/x-perl pl; -application/x-rpm rpm; -application/x-sh sh; -application/x-shar shar; -application/x-stuffit sit; -application/x-sv4cpio sv4cpio; -application/x-sv4crc sv4crc; -application/x-tar tar; -application/x-tcl tcl; -application/x-tex tex; -application/x-texinfo texinfo texi; -application/x-troff-man man 1 2 3 4 5 6 7 8; -application/x-troff-me me; -application/x-troff-ms ms; -application/x-ustar ustar; -application/x-wais-source src; -application/x-xpinstall xpi; -application/x-xspf+xml xspf; -application/x-xz xz; -audio/midi mid midi kar; -audio/x-aiff aif aiff aifc; -audio/x-annodex axa; -audio/x-flac flac; -audio/x-matroska mka; -audio/x-mod mod ult uni m15 mtm 669 med; -audio/x-mpegurl m3u; -audio/x-ms-wax wax; -audio/x-ms-wma wma; -audio/x-pn-realaudio ram rm; -audio/x-realaudio ra; -audio/x-s3m s3m; -audio/x-stm stm; -audio/x-wav wav; -chemical/x-xyz xyz; -image/webp webp; -image/x-cmu-raster ras; -image/x-portable-anymap pnm; -image/x-portable-bitmap pbm; -image/x-portable-graymap pgm; -image/x-portable-pixmap ppm; -image/x-rgb rgb; -image/x-targa tga; -image/x-xbitmap xbm; -image/x-xpixmap xpm; -image/x-xwindowdump xwd; -text/html-sandboxed sandboxed; -text/x-pod pod; -text/x-setext etx; -video/webm webm; -video/x-annodex axv; -video/x-flv flv; -video/x-javafx fxm; -video/x-matroska mkv; -video/x-matroska-3d mk3d; -video/x-ms-asf asx; -video/x-ms-wm wm; -video/x-ms-wmv wmv; -video/x-ms-wmx wmx; -video/x-ms-wvx wvx; -video/x-msvideo avi; -video/x-sgi-movie movie; -x-conference/x-cooltalk ice; -x-epoc/x-sisx-app sisx; -} diff --git a/modules/packages/nheko-git.nix b/modules/packages/nheko-git.nix deleted file mode 100644
index c392d2f..0000000 --- a/modules/packages/nheko-git.nix +++ /dev/null
@@ -1,105 +0,0 @@ -# This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/nheko/default.nix#L93 -# This file is a modified version of nixpkgs/pkgs/applications/networking/instant-messengers/nheko/default.nix (copied at 2e896fce) - -{ - lib, - stdenv, - fetchFromGitHub, - cmake, - #, wrapQtAppsHook - asciidoctor, - qt6, - qt6Packages, - #, qtmultimedia - #, qtimageformats - #, qtkeychain - cmark, - coeurl, - curl, - libevent, - lmdb, - lmdbxx, - #, mtxclient - nlohmann_json, - olm, - pkg-config, - re2, - spdlog, - httplib, - voipSupport ? true, - gst_all_1, - libnice, - kdsingleapplication, - pkgs, - nhekoSrc, - mtxclientSrc, -}: - -stdenv.mkDerivation { - pname = "nheko"; - version = "git+master"; - src = nhekoSrc; - - nativeBuildInputs = [ - lmdbxx - cmake - pkg-config - asciidoctor - qt6.wrapQtAppsHook - ]; - - buildInputs = - [ - qt6.qtbase - qt6.qttools - qt6.qtsvg - qt6.qtmultimedia - qt6.qtimageformats - qt6Packages.qtkeychain - kdsingleapplication - cmark - coeurl - curl - libevent - lmdb - (pkgs.callPackage ./mtxclient-git.nix { inherit mtxclientSrc; }) - nlohmann_json - olm - re2 - spdlog - httplib - ] - ++ lib.optionals voipSupport ( - with gst_all_1; - [ - gstreamer - gst-plugins-base - gst-plugins-good - gst-plugins-bad - libnice - ] - ); - - LC_ALL = lib.optionalString (!stdenv.isDarwin) "C.UTF-8"; - - cmakeFlags = [ - "-DCOMPILE_QML=ON" # see https://github.com/Nheko-Reborn/nheko/issues/389 - "-DCMAKE_BUILD_TYPE=Release" - "-DBUILD_SHARED_LIBS=OFF" - #Rory& - "-DMAN=OFF" - - ] ++ lib.optionals (!voipSupport) [ "-DVOIP=OFF" ]; - - preFixup = lib.optionalString voipSupport '' - # add gstreamer plugins path to the wrapper - qtWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0") - ''; - - meta = with lib; { - description = "Desktop client for the Matrix protocol"; - homepage = "https://github.com/Nheko-Reborn/nheko"; - platforms = platforms.all; - license = licenses.gpl3Plus; - }; -} diff --git a/modules/packages/overlays/haskell/basement/IntWord64.nix b/modules/packages/overlays/haskell/basement/IntWord64.nix deleted file mode 100644
index d407bf0..0000000 --- a/modules/packages/overlays/haskell/basement/IntWord64.nix +++ /dev/null
@@ -1,14 +0,0 @@ -{ pkgs, ... }: -{ - nixpkgs.overlays = [ - (self: super: { - haskellPackages = super.haskellPackages.override { - overrides = haskellPackages-self: haskellPackages-super: { - basement = haskellPackages-super.basement.overrideAttrs (oldAttrs: { - patches = [ ./IntWord64.patch ]; - }); - }; - }; - }) - ]; -} diff --git a/modules/packages/overlays/haskell/basement/IntWord64.patch b/modules/packages/overlays/haskell/basement/IntWord64.patch deleted file mode 100644
index 0d1cdf7..0000000 --- a/modules/packages/overlays/haskell/basement/IntWord64.patch +++ /dev/null
@@ -1,105 +0,0 @@ -diff -up basement-0.0.15/Basement/Bits.hs~ basement-0.0.15/Basement/Bits.hs ---- basement-0.0.15/Basement/Bits.hs~ 2022-02-28 12:00:48.000000000 +0800 -+++ basement-0.0.15/Basement/Bits.hs 2023-02-16 18:50:32.947378064 +0800 -@@ -54,7 +54,7 @@ import GHC.Int - import Basement.Compat.Primitive - - #if WORD_SIZE_IN_BITS < 64 --import GHC.IntWord64 -+import GHC.Exts - #endif - - -- | operation over finite bits -diff -up basement-0.0.15/Basement/Numerical/Additive.hs~ basement-0.0.15/Basement/Numerical/Additive.hs ---- basement-0.0.15/Basement/Numerical/Additive.hs~ 2022-02-28 12:00:48.000000000 +0800 -+++ basement-0.0.15/Basement/Numerical/Additive.hs 2023-02-16 18:52:14.547975419 +0800 -@@ -29,7 +29,7 @@ import qualified Basement.Types.Word128 - import qualified Basement.Types.Word256 as Word256 - - #if WORD_SIZE_IN_BITS < 64 --import GHC.IntWord64 -+import GHC.Exts - #endif - - -- | Represent class of things that can be added together, -diff -up basement-0.0.15/Basement/Numerical/Conversion.hs~ basement-0.0.15/Basement/Numerical/Conversion.hs ---- basement-0.0.15/Basement/Numerical/Conversion.hs~ 2022-02-28 12:00:48.000000000 +0800 -+++ basement-0.0.15/Basement/Numerical/Conversion.hs 2023-02-16 18:28:38.844400110 +0800 -@@ -25,7 +25,7 @@ import GHC.Word - import Basement.Compat.Primitive - - #if WORD_SIZE_IN_BITS < 64 --import GHC.IntWord64 -+import GHC.Exts - #endif - - intToInt64 :: Int -> Int64 -@@ -114,7 +114,7 @@ - #endif - #else - word64ToWord32s :: Word64 -> Word32x2 --word64ToWord32s (W64# w64) = Word32x2 (W32# (word64ToWord# (uncheckedShiftRL64# w64 32#))) (W32# (word64ToWord# w64)) -+word64ToWord32s (W64# w64) = Word32x2 (W32# (wordToWord32# (word64ToWord# (uncheckedShiftRL64# w64 32#)))) (W32# (wordToWord32# (word64ToWord# w64))) - #endif - - wordToChar :: Word -> Char -diff -up basement-0.0.15/Basement/PrimType.hs~ basement-0.0.15/Basement/PrimType.hs ---- basement-0.0.15/Basement/PrimType.hs~ 2022-03-03 10:51:42.000000000 +0800 -+++ basement-0.0.15/Basement/PrimType.hs 2023-02-16 18:52:13.884971521 +0800 -@@ -54,7 +54,7 @@ import Basement.Nat - import qualified Prelude (quot) - - #if WORD_SIZE_IN_BITS < 64 --import GHC.IntWord64 -+import GHC.Exts - #endif - - #ifdef FOUNDATION_BOUNDS_CHECK -diff -up basement-0.0.15/Basement/Types/OffsetSize.hs~ basement-0.0.15/Basement/Types/OffsetSize.hs ---- basement-0.0.15/Basement/Types/OffsetSize.hs~ 2019-09-02 11:58:08.000000000 +0800 -+++ basement-0.0.15/Basement/Types/OffsetSize.hs 2023-02-16 18:49:45.703100306 +0800 -@@ -69,7 +69,7 @@ import Data.List (foldl') - import qualified Prelude - - #if WORD_SIZE_IN_BITS < 64 --import GHC.IntWord64 -+import GHC.Exts - #endif - - -- | File size in bytes -@@ -225,7 +225,7 @@ - - csizeOfSize :: CountOf Word8 -> CSize - #if WORD_SIZE_IN_BITS < 64 --csizeOfSize (CountOf (I# sz)) = CSize (W32# (int2Word# sz)) -+csizeOfSize (CountOf (I# sz)) = CSize (W32# (wordToWord32# (int2Word# sz))) - #else - #if __GLASGOW_HASKELL__ >= 904 - csizeOfSize (CountOf (I# sz)) = CSize (W64# (wordToWord64# (int2Word# sz))) -@@ -238,7 +238,7 @@ - - csizeOfOffset :: Offset8 -> CSize - #if WORD_SIZE_IN_BITS < 64 --csizeOfOffset (Offset (I# sz)) = CSize (W32# (int2Word# sz)) -+csizeOfOffset (Offset (I# sz)) = CSize (W32# (wordToWord32# (int2Word# sz))) - #else - #if __GLASGOW_HASKELL__ >= 904 - csizeOfOffset (Offset (I# sz)) = CSize (W64# (wordToWord64# (int2Word# sz))) -@@ -250,7 +250,7 @@ - sizeOfCSSize :: CSsize -> CountOf Word8 - sizeOfCSSize (CSsize (-1)) = error "invalid size: CSSize is -1" - #if WORD_SIZE_IN_BITS < 64 --sizeOfCSSize (CSsize (I32# sz)) = CountOf (I# sz) -+sizeOfCSSize (CSsize (I32# sz)) = CountOf (I# (int32ToInt# sz)) - #else - #if __GLASGOW_HASKELL__ >= 904 - sizeOfCSSize (CSsize (I64# sz)) = CountOf (I# (int64ToInt# sz)) -@@ -261,7 +261,7 @@ - - sizeOfCSize :: CSize -> CountOf Word8 - #if WORD_SIZE_IN_BITS < 64 --sizeOfCSize (CSize (W32# sz)) = CountOf (I# (word2Int# sz)) -+sizeOfCSize (CSize (W32# sz)) = CountOf (I# (word2Int# (word32ToWord# sz))) - #else - #if __GLASGOW_HASKELL__ >= 904 - sizeOfCSize (CSize (W64# sz)) = CountOf (I# (word2Int# (word64ToWord# sz))) diff --git a/modules/packages/vim.nix b/modules/packages/vim.nix deleted file mode 100755
index 1b7bb37..0000000 --- a/modules/packages/vim.nix +++ /dev/null
@@ -1,29 +0,0 @@ -{ pkgs, ... }: -{ - environment.variables = { - EDITOR = "vim"; - }; - - environment.systemPackages = with pkgs; [ - (neovim.override { - vimAlias = true; - configure = { - packages.myPlugins = with pkgs.vimPlugins; { - start = [ - vim-lastplace - vim-nix - vim-airline - ]; - opt = [ ]; - }; - customRC = '' - " your custom vimrc - set nocompatible - set backspace=indent,eol,start - colorscheme vim - " ... - ''; - }; - }) - ]; -} diff --git a/modules/packages/xdg-desktop-portal-gtk.nix b/modules/packages/xdg-desktop-portal-gtk.nix deleted file mode 100644
index cfe48d4..0000000 --- a/modules/packages/xdg-desktop-portal-gtk.nix +++ /dev/null
@@ -1,63 +0,0 @@ -{ - stdenv, - lib, - fetchFromGitHub, - meson, - ninja, - pkg-config, - xdg-desktop-portal, - gtk3, - gnome, - gnome-desktop, - glib, - wrapGAppsHook, - gsettings-desktop-schemas, - buildPortalsInGnome ? true, -}: - -stdenv.mkDerivation (finalAttrs: { - pname = "xdg-desktop-portal-gtk"; - version = "1.15.1"; - - src = fetchFromGitHub { - owner = "flatpak"; - repo = "xdg-desktop-portal-gtk"; - rev = finalAttrs.version; - sha256 = "sha256-uXVjKsqoIjqJilJq8ERRzEqGKbkzc+Zl6y+37CAcYro="; - }; - - nativeBuildInputs = [ - meson - ninja - pkg-config - wrapGAppsHook - ]; - - buildInputs = - [ - glib - gtk3 - xdg-desktop-portal - gsettings-desktop-schemas # settings exposed by settings portal - #fontconfig - ] - ++ lib.optionals buildPortalsInGnome [ - gsettings-desktop-schemas # settings exposed by settings portal - gnome-desktop - gnome.gnome-settings-daemon # schemas needed for settings api (mostly useless now that fonts were moved to g-d-s, just mouse and xsettings) - ]; - - mesonFlags = lib.optionals (!buildPortalsInGnome) [ - "-Dwallpaper=disabled" - "-Dsettings=enabled" - "-Dappchooser=enabled" - "-Dlockdown=disabled" - ]; - - meta = with lib; { - description = "Desktop integration portals for sandboxed apps"; - maintainers = with maintainers; [ jtojnar ]; - platforms = platforms.linux; - license = licenses.lgpl21Plus; - }; -}) diff --git a/modules/software-templates/dotnet.client.nix b/modules/software-templates/dotnet.client.nix
index fa0082b..f855aa3 100644 --- a/modules/software-templates/dotnet.client.nix +++ b/modules/software-templates/dotnet.client.nix
@@ -1,9 +1,26 @@ -{ pkgs, ... }: +{ + config, + pkgs, + nixpkgs-stable, + ... +}: +let + # We have to specify config to set allowUnfree, as nixpkgs-stable.legacyPackages doesn't pass through config. + # See: https://slab.midna.dev/public/posts/where-does-pkgs-come-from-xw6epo0t + stablePkgs = import nixpkgs-stable { + config = config.nixpkgs.config; + system = pkgs.stdenv.hostPlatform.system; + }; +in { #imports = [ ./dotnet.nix ]; environment.systemPackages = with pkgs; [ #`jetbrains.rider - (jetbrains.plugins.addPlugins jetbrains.rider [ "github-copilot" ]) + (jetbrains.plugins.addPlugins jetbrains.rider [ + jetbrains.plugins.github-copilot-fixed + #"github-copilot" + "nixidea" + ]) ]; } diff --git a/modules/software-templates/dotnet.nix b/modules/software-templates/dotnet.nix
index edbcca3..4ab30d5 100644 --- a/modules/software-templates/dotnet.nix +++ b/modules/software-templates/dotnet.nix
@@ -1,7 +1,9 @@ { pkgs, ... }: { - environment.systemPackages = with pkgs; [ (callPackage ../packages/dotnet-pack.nix { inherit pkgs; }) ]; + environment.systemPackages = with pkgs; [ + (callPackage ../packages/dotnet-pack.nix { inherit pkgs; }) + ]; environment.sessionVariables = { DOTNET_CLI_TELEMETRY_OPTOUT = "1"; DOTNET_ROOT = "${(pkgs.callPackage ../packages/dotnet-pack.nix { inherit pkgs; })}"; diff --git a/modules/software-templates/firefox-policy.nix b/modules/software-templates/firefox-policy.nix
index 83d0a47..b8155fd 100644 --- a/modules/software-templates/firefox-policy.nix +++ b/modules/software-templates/firefox-policy.nix
@@ -36,7 +36,9 @@ Enabled = false; }; Extensions = { - Install = [ "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi" ]; + Install = [ + "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi" + ]; }; ExtensionUpdate = false; FirefoxHome = { diff --git a/modules/software-templates/profilers.nix b/modules/software-templates/profilers.nix
index 4381193..c90f81e 100644 --- a/modules/software-templates/profilers.nix +++ b/modules/software-templates/profilers.nix
@@ -1,9 +1,9 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { environment.systemPackages = with pkgs; [ - kcachegrind - linuxKernel.packages.linux_5_15.perf + kdePackages.kcachegrind + config.boot.kernelPackages.perf hotspot valgrind ]; diff --git a/modules/software-templates/spacebar-server-ts/module.nix b/modules/software-templates/spacebar-server-ts/module.nix new file mode 100644
index 0000000..768b423 --- /dev/null +++ b/modules/software-templates/spacebar-server-ts/module.nix
@@ -0,0 +1,11 @@ +{ lib, ... }: +{ + options.services.spacebar-server-ts = { + enable = lib.mkEnableOption "spacebar-server-ts"; + package = lib.mkOption { + type = lib.types.package; + default = null; + description = "The package to use for the spacebar-server-ts service"; + }; + }; +} diff --git a/modules/software-templates/steam.nix b/modules/software-templates/steam.nix new file mode 100644
index 0000000..ac548a7 --- /dev/null +++ b/modules/software-templates/steam.nix
@@ -0,0 +1,15 @@ +{ pkgs, ... }: { + programs.steam = { + enable = true; + gamescopeSession.enable = true; + extraCompatPackages = with pkgs; [ + steam-play-none + proton-ge-bin + ]; + }; + + environment.systemPackages = with pkgs; [ + steam-run + steam-acf + ]; +} \ No newline at end of file diff --git a/modules/software-templates/synapse-workers/generic.nix b/modules/software-templates/synapse-workers/generic.nix new file mode 100644
index 0000000..7fa3967 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic.nix
@@ -0,0 +1,152 @@ +{ + workerName, + tasks, + dbOverrides ? { }, + count ? 1, +}: +{ config, lib, ... }: + +#let +# dbGroup = "medium"; +# workerName = "account_data_stream_writer"; +# tasks = [ "stream_account_data" ]; +## workerRoutes = workerLib.workerRoutes.accountData; +# count = 1; +#in +let + workerLib = import ./lib.nix; + cfg = config.services.matrix-synapse; + enabledResources = lib.attrNames workerRoutes; + workers = lib.range 0 count; + streamTypes = + [ ] + ++ lib.optional (lib.elem "stream_account_data" tasks) "account_data" + ++ lib.optional (lib.elem "stream_presence" tasks) "presence" + ++ lib.optional (lib.elem "stream_push_rules" tasks) "push_rules" + ++ lib.optional (lib.elem "stream_to_device" tasks) "to_device" + ++ lib.optional (lib.elem "stream_typing" tasks) "typing" + ++ lib.optional (lib.elem "stream_receipts" tasks) "receipts" + ++ lib.optional (lib.elem "stream_events" tasks) "events"; + + # recursive update list of attrs +# recursiveMerge = list: lib.foldl (a: b: lib.recursiveUpdate a b) (lib.head list) (lib.tail list); +# workerRoutes = recursiveMerge (lib.map (type: workerLib.workerRoutes.${type}) streamTypes); +in +{ + config = lib.mkIf (cfg.accountDataStreamWriters > 0) { + monitoring.synapse.workerNames = if (count == 1) then [ workerName ] else lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers = lib.listToAttrs ( + lib.map (stream: { + name = stream; + value = lib.map (index: "${workerName}-${toString index}") workers; + }) streamTypes + ); + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = lib.recursiveUpdate (lib.recursiveUpdate config.services.matrix-synapse.settings.database { + application_name = "matrix-synapse (${config.services.matrix-synapse.settings.server_name}) - ${if workerName == null then throw "synapse/db.nix: workerName unspecified" else workerName}"; + }) dbOverrides; + + #region Media + max_upload_size = lib.mkIf (lib.elem "media_repo" tasks) "512M"; + max_avatar_size = lib.mkIf (lib.elem "media_repo" tasks) "512M"; + max_image_pixels = lib.mkIf (lib.elem "media_repo" tasks) "250M"; + + max_pending_media_uploads = lib.mkIf (lib.elem "media_repo" tasks) 512; + dynamic_thumbnails = lib.mkIf (lib.elem "media_repo" tasks) true; + + prevent_media_downloads_from = lib.mkIf (lib.elem "media_repo" tasks) [ + # none, give me all the media + ]; + enable_authenticated_media = lib.mkIf (lib.elem "media_repo" tasks) false; + + url_preview_enabled = lib.mkIf (lib.elem "media_repo" tasks) true; + max_spider_size = lib.mkIf (lib.elem "media_repo" tasks) "50M"; + #endregion + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/auth.nix b/modules/software-templates/synapse-workers/generic/auth.nix new file mode 100644
index 0000000..47064be --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/auth.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "solo"; + workers = lib.range 0 (cfg.authWorkers - 1); + workerName = "auth"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.auth; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.authWorkers > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/client-reader.nix b/modules/software-templates/synapse-workers/generic/client-reader.nix new file mode 100644
index 0000000..9072988 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/client-reader.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "medium"; + workers = lib.range 0 (cfg.clientReaders - 1); + workerName = "client_reader"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.clientReader; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.clientReaders > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/event-creator.nix b/modules/software-templates/synapse-workers/generic/event-creator.nix new file mode 100644
index 0000000..e035405 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/event-creator.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "medium"; + workers = lib.range 0 (cfg.eventCreators - 1); + workerName = "event_creator"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.eventCreator; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.eventCreators > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/federation-inbound.nix b/modules/software-templates/synapse-workers/generic/federation-inbound.nix new file mode 100644
index 0000000..af18e8e --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/federation-inbound.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "medium"; + workers = lib.range 0 (cfg.federationReaders - 1); + workerName = "federation_inbound"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.federationInbound; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.federationInboundWorkers > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/federation-reader.nix b/modules/software-templates/synapse-workers/generic/federation-reader.nix new file mode 100644
index 0000000..09e8419 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/federation-reader.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "medium"; + workers = lib.range 0 (cfg.federationReaders - 1); + workerName = "federation_reader"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.federationReader; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.federationReaders > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/federation-sender.nix b/modules/software-templates/synapse-workers/generic/federation-sender.nix new file mode 100644
index 0000000..bf6cf51 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/federation-sender.nix
@@ -0,0 +1,131 @@ +{ config, lib, ... }: +let + cfg = config.services.matrix-synapse; + dbGroup = "medium"; + workers = lib.range 0 (cfg.federationSenders - 1); + workerName = "federation_sender"; + tasks = [ ]; + workerRoutes = {}; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.federationSenders > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + # Federation sender + send_federation = lib.mkIf (lib.elem "federation_sender" tasks) false; + federation_sender_instances = lib.mkIf (lib.elem "federation_sender" tasks) [ workerName ]; + outbound_federation_restricted_to = lib.mkIf (lib.elem "federation_sender" tasks) [ workerName ]; + worker_replication_secret = "${workerName}_secret"; + + # Pusher + pusher_instances = lib.optional (lib.elem "pusher" tasks) "${workerName}"; + + # Media repo + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + + # Media repo + enable_media_repo = lib.elem "media_repo" tasks; + rc_federation = { + window_size = 1; + sleep_limit = 1000; + sleep_delay = 1; + reject_limit = 1000; + concurrent = 100; + }; + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/media-repo.nix b/modules/software-templates/synapse-workers/generic/media-repo.nix new file mode 100644
index 0000000..d9db8cf --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/media-repo.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "solo"; + workers = lib.range 0 (cfg.mediaRepoWorkers - 1); + workerName = "media_repo"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.mediaRepo; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.mediaRepoWorkers > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/pusher.nix b/modules/software-templates/synapse-workers/generic/pusher.nix new file mode 100644
index 0000000..8c6b697 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/pusher.nix
@@ -0,0 +1,112 @@ +{ config, lib, ... }: +let + cfg = config.services.matrix-synapse; + dbGroup = "small"; + workers = lib.range 0 (cfg.pushers - 1); + workerName = "pusher"; + tasks = [ ]; + workerRoutes = {}; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.pushers > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + pusher_instances = lib.mkIf (lib.elem "pusher" tasks) "${workerName}"; + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/generic/sync.nix b/modules/software-templates/synapse-workers/generic/sync.nix new file mode 100644
index 0000000..eb47e59 --- /dev/null +++ b/modules/software-templates/synapse-workers/generic/sync.nix
@@ -0,0 +1,113 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ./lib.nix; + dbGroup = "medium"; + workers = lib.range 0 (cfg.syncWorkers - 1); + workerName = "sync"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.sync; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.syncWorkers > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + media_instance_running_background_jobs = lib.mkIf (lib.elem "media_repo_background" tasks) "${workerName}"; + enable_media_repo = lib.mkIf (lib.elem "media_repo" tasks) false; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + client_max_body_size 512M; + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/lib.nix b/modules/software-templates/synapse-workers/lib.nix new file mode 100644
index 0000000..c99e2ef --- /dev/null +++ b/modules/software-templates/synapse-workers/lib.nix
@@ -0,0 +1,147 @@ +{ + workerRoutes = { + sync.client = [ + "~ ^/_matrix/client/(v2_alpha|r0|v3)/sync$" + "~ ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$" + "~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$" + "~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$" + "~ ^/_matrix/client/unstable/org.matrix.simplified_msc3575/sync$" + ]; + + clientReader.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state(/|$)" + "~ ^/_matrix/client/v1/rooms/.*/hierarchy$" + "~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/" + "~ ^/_matrix/client/v1/rooms/.*/threads$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases" + "~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search" + "~ ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$" + "~ ^/_matrix/client/(r0|v3|unstable)/notifications$" + # e2ee + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$" + + # unstable + "~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$" + + # auth + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$" + "~ ^/_matrix/client/versions$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" + "~ ^/_matrix/client/(r0|v3|unstable)/register$" + "~ ^/_matrix/client/(r0|v3|unstable)/register/available$" + "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$" + "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$" + "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$" + ]; + + eventCreator.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/knock/" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/" + ]; + + federationInbound.federation = [ + "~ ^/_matrix/federation/(v1|v2)/send/" + ]; + + federationReader.federation = [ + "~ ^/_matrix/federation/(v1|v2)/event/" + "~ ^/_matrix/federation/(v1|v2)/state/" + "~ ^/_matrix/federation/(v1|v2)/state_ids/" + "~ ^/_matrix/federation/(v1|v2)/backfill/" + "~ ^/_matrix/federation/(v1|v2)/get_missing_events/" + "~ ^/_matrix/federation/(v1|v2)/publicRooms" + "~ ^/_matrix/federation/(v1|v2)/query/" + "~ ^/_matrix/federation/(v1|v2)/make_join/" + "~ ^/_matrix/federation/(v1|v2)/make_leave/" + "~ ^/_matrix/federation/(v1|v2)/send_join/" + "~ ^/_matrix/federation/(v1|v2)/send_leave/" + "~ ^/_matrix/federation/v1/make_knock/" + "~ ^/_matrix/federation/v1/send_knock/" + "~ ^/_matrix/federation/(v1|v2)/invite/" # Needs special handling, define manually + "~ ^/_matrix/federation/(v1|v2)/query_auth/" + "~ ^/_matrix/federation/(v1|v2)/event_auth/" + "~ ^/_matrix/federation/v1/timestamp_to_event/" + "~ ^/_matrix/federation/(v1|v2)/exchange_third_party_invite/" + "~ ^/_matrix/federation/(v1|v2)/user/devices/" + "~ ^/_matrix/federation/(v1|v2)/get_groups_publicised$" + "~ ^/_matrix/key/v2/query" + # extra + "~ ^/_matrix/key/v2/server$" + ]; + + mediaRepo.media = [ + "~ ^/_matrix/client/v1/media/" + "~ ^/_matrix/federation/v1/media/" + "~ ^/_synapse/admin/v1/purge_media_cache$" + "~ ^/_synapse/admin/v1/room/.*/media.*$" + "~ ^/_synapse/admin/v1/user/.*/media.*$" + "~ ^/_synapse/admin/v1/users/.*/media$" + "~ ^/_synapse/admin/v1/media/.*$" + "~ ^/_synapse/admin/v1/quarantine_media/.*$" + "~ ^/_matrix/media/" + ]; + + auth.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/account/whoami$" + "~ ^/_matrix/client/versions$" + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" + "~ ^/_matrix/client/(r0|v3|unstable)/register$" + "~ ^/_matrix/client/(r0|v3|unstable)/register/available$" + "~ ^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$" + "~ ^/_matrix/client/(r0|v3|unstable)/password_policy$" + "~ ^/_matrix/client/(r0|v3|unstable)/capabilities$" + ]; + + typing.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing" + ]; + + toDevice.client = [ + "~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/" + ]; + + receipts.client = [ + "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt" + "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers" + ]; + + pushRules.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/" + ]; + + presence.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/" + ]; + + accountData.client = [ + "~ ^/_matrix/client/(r0|v3|unstable)/account_data" + "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/account_data" + "~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/tags" + ]; + + userDirectory.client = [ + "~ ^/_matrix/client/(api/v1|r0|v3|unstable)/user_directory/search$" + + #profile + "~ ^/_matrix/client/v3/profile/.*$" + "~ ^/_matrix/client/v3/profile/.*/(displayname|avatar_url)$" + ]; + }; +} diff --git a/modules/software-templates/synapse-workers/module.nix b/modules/software-templates/synapse-workers/module.nix new file mode 100644
index 0000000..b1d0ced --- /dev/null +++ b/modules/software-templates/synapse-workers/module.nix
@@ -0,0 +1,108 @@ +{ config, lib, ... }: +let + cfg = config.services.matrix-synapse; + mkIntOption = + description: + lib.mkOption { + type = lib.types.int; + default = 0; + description = description; + }; +in +{ + imports = [ + ]; + options.services.matrix-synapse = { + enableWorkers = lib.mkEnableOption "Enable dedicated workers"; + enableStreamWriters = lib.mkEnableOption "Enable stream writers"; + enableAppserviceWorker = lib.mkEnableOption "Enable dedicated appservice worker"; + enableBackgroundWorker = lib.mkEnableOption "Enable dedicated background task worker"; + enableUserDirWorker = lib.mkEnableOption "Enable dedicated user directory worker"; + + authWorkers = mkIntOption "Number of auth workers"; + clientReaders = mkIntOption "Number of client readers"; + eventCreators = mkIntOption "Number of auth workers"; + federationInboundWorkers = mkIntOption "Number of federation inbound workers"; + federationReaders = mkIntOption "Number of federation readers"; + federationSenders = mkIntOption "Number of federation senders"; + mediaRepoWorkers = mkIntOption "Number of media repo workers"; + pushers = mkIntOption "Number of pushers"; + syncWorkers = mkIntOption "Number of sync workers"; + + #stream writers + eventStreamWriters = mkIntOption "Number of event stream writers"; + typingStreamWriters = mkIntOption "Number of typing stream writers"; + toDeviceStreamWriters = mkIntOption "Number of to_device stream writers"; + accountDataStreamWriters = mkIntOption "Number of account data stream writers"; + receiptStreamWriters = mkIntOption "Number of read receipt stream writers"; + presenceStreamWriters = mkIntOption "Number of presence stream writers"; + pushRuleStreamWriters = mkIntOption "Number of push rule stream writers"; + + sharedStreamWriters = mkIntOption "Number of shared stream writers"; + + nginxVirtualHostName = lib.mkOption { + type = lib.types.str; + default = null; + description = "The virtual host name for the nginx server"; + }; + + allowedRemoteInviteOrigins = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = "List of allowed remote invite origins"; + }; + }; + + config = { + assertions = + [ + { + assertion = cfg.enableWorkers -> cfg.nginxVirtualHostName != null; + message = "nginxVirtualHostName must be set when enableWorkers is true"; + } + ] + ++ lib.optionals (cfg.settings ? stream_writers) [ + # Stream types and count limitations: https://github.com/element-hq/synapse/blob/develop/synapse/config/workers.py#L344 + { + assertion = cfg.settings.stream_writers ? typing -> lib.length cfg.settings.stream_writers.typing <= 1; + message = "Only one typing stream writer is supported"; + } + { + assertion = cfg.settings.stream_writers ? to_device -> lib.length cfg.settings.stream_writers.to_device <= 1; + message = "Only one to_device stream writer is supported"; + } + { + assertion = cfg.settings.stream_writers ? account_data -> lib.length cfg.settings.stream_writers.account_data <= 1; + message = "Only one account data stream writer is supported"; + } + # This may be outdated in the documentation...? + #{ + # assertion = cfg.receiptStreamWriters <= 1; + # message = "Only one receipt stream writer is supported"; + #} + { + assertion = cfg.settings.stream_writers ? presence -> lib.length cfg.settings.stream_writers.presence <= 1; + message = "Only one presence stream writer is supported"; + } + { + assertion = cfg.settings.stream_writers ? push_rules -> lib.length cfg.settings.stream_writers.push_rules <= 1; + message = "Only one push rule stream writer is supported"; + } + ]; + + # Matrix utility maps + services.nginx.appendHttpConfig = '' + # Map authorization header to origin name + map $http_authorization $mx_origin_name { + default ""; + "~*X-Matrix origin=(?<origin>[^,]+)" $origin; + } + + # Map origin name to whether it can invite + map $mx_origin_name $mx_can_invite { + default 0; + ${lib.concatMapStringsSep "\n" (origin: " \"${origin}\" 1;") cfg.allowedRemoteInviteOrigins} + } + ''; + }; +} diff --git a/modules/software-templates/synapse-workers/single/appservice.nix b/modules/software-templates/synapse-workers/single/appservice.nix new file mode 100644
index 0000000..03a080b --- /dev/null +++ b/modules/software-templates/synapse-workers/single/appservice.nix
@@ -0,0 +1,77 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "small"; + workerName = "appservice"; + tasks = [ "appservice" ]; + workerRoutes = {}; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (lib.length tasks > 0) { + monitoring.synapse.workerNames = [ workerName ]; + services.matrix-synapse = { + settings = { + instance_map = { + ${workerName} = { + path = "/run/matrix-synapse/${workerName}.sock"; + }; + }; + + run_background_tasks_on = lib.mkIf (lib.elem "background" tasks) workerName; + notify_appservices_from_worker = lib.mkIf (lib.elem "appservice" tasks) workerName; + update_user_directory_from_worker = lib.mkIf (lib.elem "user_directory" tasks) workerName; + }; + + workers = { + ${workerName} = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + + database = (import ../../db.nix { inherit workerName dbGroup; }); + }; + }; + }; + + services.nginx = { + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock"; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/single/background.nix b/modules/software-templates/synapse-workers/single/background.nix new file mode 100644
index 0000000..741b88c --- /dev/null +++ b/modules/software-templates/synapse-workers/single/background.nix
@@ -0,0 +1,77 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "small"; + workerName = "background"; + tasks = [ "background" ]; + workerRoutes = { }; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (lib.length tasks > 0) { + monitoring.synapse.workerNames = [ workerName ]; + services.matrix-synapse = { + settings = { + instance_map = { + ${workerName} = { + path = "/run/matrix-synapse/${workerName}.sock"; + }; + }; + + run_background_tasks_on = lib.mkIf (lib.elem "background" tasks) workerName; + notify_appservices_from_worker = lib.mkIf (lib.elem "appservice" tasks) workerName; + update_user_directory_from_worker = lib.mkIf (lib.elem "user_directory" tasks) workerName; + }; + + workers = { + ${workerName} = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + + database = (import ../../db.nix { inherit workerName dbGroup; }); + }; + }; + }; + + services.nginx = { + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock"; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/single/user-dir.nix b/modules/software-templates/synapse-workers/single/user-dir.nix new file mode 100644
index 0000000..97ddf26 --- /dev/null +++ b/modules/software-templates/synapse-workers/single/user-dir.nix
@@ -0,0 +1,77 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "small"; + workerName = "user_dir"; + tasks = [ "user_directory" ]; + workerRoutes = workerLib.workerRoutes.userDirectory; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (lib.length tasks > 0) { + monitoring.synapse.workerNames = [ workerName ]; + services.matrix-synapse = { + settings = { + instance_map = { + ${workerName} = { + path = "/run/matrix-synapse/${workerName}.sock"; + }; + }; + + run_background_tasks_on = lib.mkIf (lib.elem "background" tasks) workerName; + notify_appservices_from_worker = lib.mkIf (lib.elem "appservice" tasks) workerName; + update_user_directory_from_worker = lib.mkIf (lib.elem "user_directory" tasks) workerName; + }; + + workers = { + ${workerName} = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + + database = (import ../../db.nix { inherit workerName dbGroup; }); + }; + }; + }; + + services.nginx = { + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://unix:/run/matrix-synapse/${workerName}-${type}.sock"; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix new file mode 100644
index 0000000..3f8363a --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/account_data-stream-writer.nix
@@ -0,0 +1,130 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "medium"; +# streamWriterType = "account_data"; + workers = lib.range 0 (cfg.accountDataStreamWriters - 1); + workerName = "account_data_stream_writer"; + tasks = [ "stream_account_data" ]; + workerRoutes = workerLib.workerRoutes.accountData; +in +let + enabledResources = lib.attrNames workerRoutes; + streamTypes = [] + ++ lib.optional (lib.elem "stream_account_data" tasks) "account_data" + ++ lib.optional (lib.elem "stream_presence" tasks) "presence" + ++ lib.optional (lib.elem "stream_push_rules" tasks) "push_rules" + ++ lib.optional (lib.elem "stream_to_device" tasks) "to_device" + ++ lib.optional (lib.elem "stream_typing" tasks) "typing" + ++ lib.optional (lib.elem "stream_receipts" tasks) "receipts" + ++ lib.optional (lib.elem "stream_events" tasks) "events"; +in +{ + config = lib.mkIf (cfg.accountDataStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + #stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; +# stream_writers = lib.listToA + # map `streams` to `workers` + stream_writers = lib.listToAttrs ( + lib.map (stream: { + name = stream; + value = lib.map (index: "${workerName}-${toString index}") workers; + }) streamTypes + ); + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix new file mode 100644
index 0000000..6abce3f --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/event-stream-writer.nix
@@ -0,0 +1,111 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + dbGroup = "medium"; + streamWriterType = "events"; + workers = lib.range 0 (cfg.eventStreamWriters - 1); + workerName = "event_stream_writer"; + tasks = [ ]; + workerRoutes = {}; + enabledResources = []; +in +{ + config = lib.mkIf (cfg.eventStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix new file mode 100644
index 0000000..052f037 --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/presence-stream-writer.nix
@@ -0,0 +1,112 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "medium"; + streamWriterType = "presence"; + workers = lib.range 0 (cfg.presenceStreamWriters - 1); + workerName = "presence_stream_writer"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.presence; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.presenceStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix new file mode 100644
index 0000000..6bba28d --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/push_rule-stream-writer.nix
@@ -0,0 +1,112 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "medium"; + streamWriterType = "push_rules"; + workers = lib.range 0 (cfg.pushRuleStreamWriters - 1); + workerName = "push_rule_stream_writer"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.pushRules; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.pushRuleStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix new file mode 100644
index 0000000..37a5287 --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/receipt-stream-writer.nix
@@ -0,0 +1,112 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "medium"; + streamWriterType = "receipts"; + workers = lib.range 0 (cfg.receiptStreamWriters - 1); + workerName = "receipts_stream_writer"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.receipts; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.receiptStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix new file mode 100644
index 0000000..eb01af9 --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/to_device-stream-writer.nix
@@ -0,0 +1,112 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "medium"; + streamWriterType = "to_device"; + workers = lib.range 0 (cfg.toDeviceStreamWriters - 1); + workerName = "to_device_stream_writer"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.toDevice; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.toDeviceStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix b/modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix new file mode 100644
index 0000000..dadc34a --- /dev/null +++ b/modules/software-templates/synapse-workers/stream-writers/typing-stream-writer.nix
@@ -0,0 +1,112 @@ +{ config, lib, ... }: + +let + cfg = config.services.matrix-synapse; + workerLib = import ../lib.nix; + dbGroup = "medium"; + streamWriterType = "typing"; + workers = lib.range 0 (cfg.typingStreamWriters - 1); + workerName = "typing_stream_writer"; + tasks = [ ]; + workerRoutes = workerLib.workerRoutes.typing; + enabledResources = lib.attrNames workerRoutes; +in +{ + config = lib.mkIf (cfg.typingStreamWriters > 0) { + monitoring.synapse.workerNames = lib.map (index: "${workerName}-${toString index}") workers; + services.matrix-synapse = { + settings = { + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + }; + }) workers + ); + + stream_writers.${streamWriterType} = lib.map (index: "${workerName}-${toString index}") workers; + }; + + workers = lib.listToAttrs ( + lib.map (index: { + name = "${workerName}-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = + [ + { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ] + ++ lib.map (type: { + type = "http"; + path = "/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + mode = "666"; + resources = [ + { + names = [ type ]; + compress = false; + } + ]; + }) enabledResources; + database = ( + import ../../db.nix { + inherit dbGroup; + workerName = "${workerName}-${toString index}"; + } + ); + }; + }) workers + ); + }; + + services.nginx = { + upstreams = lib.listToAttrs ( + lib.map (type: { + name = "${workerName}-${type}"; + value = { + extraConfig = '' + keepalive 32; + least_conn; + ''; + servers = lib.listToAttrs ( + lib.map (index: { + name = "unix:/run/matrix-synapse/${workerName}-${type}-${toString index}.sock"; + value = { + max_fails = 0; + fail_timeout = "0s"; + }; + }) workers + ); + }; + }) enabledResources + ); + + virtualHosts."${cfg.nginxVirtualHostName}".locations = lib.listToAttrs ( + lib.flatten ( + lib.forEach enabledResources ( + type: + lib.map (route: { + name = route; + value = { + proxyPass = "http://${workerName}-${type}"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Connection ""; + ''; + }; + }) workerRoutes.${type} + ) + ) + ); + }; + }; +} diff --git a/modules/users/Alice.nix b/modules/users/Alice.nix
index b3a3cb8..7692950 100755 --- a/modules/users/Alice.nix +++ b/modules/users/Alice.nix
@@ -9,6 +9,8 @@ group = "Alice"; home = "/group/bugmine-contrib"; shell = "${pkgs.git}/bin/git-shell"; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn" + ]; }; } diff --git a/modules/users/Arci.nix b/modules/users/Arci.nix new file mode 100644
index 0000000..f5e747d --- /dev/null +++ b/modules/users/Arci.nix
@@ -0,0 +1,200 @@ +{ lib, pkgs, ... }: + +{ + users.users.Arci = { + isNormalUser = true; + extraGroups = [ + "wheel" + "libvirtd" + "ocp" + ]; + packages = with pkgs; [ + lnav + age + git + lsd + duf + (btop.override { rocmSupport = true; }) + htop + kitty.terminfo + tmux + jq + dig + + # - zsh + zsh + zsh-powerlevel10k + zsh-nix-shell + zsh-you-should-use + zsh-syntax-highlighting + zsh-completions + + wireguard-tools + ]; + openssh.authorizedKeys.keys = [ + ]; + useDefaultShell = true; + shell = pkgs.zsh; + }; + programs.zsh.enable = true; + environment.shells = with pkgs; [ zsh ]; + + home-manager.users.Arci = { + home.preferXdgDirectories = true; + home.sessionVariables = { + EDITOR = "nvim"; + SYSTEMD_EDITOR = "nvim"; + GIT_EDITOR = "nvim"; + QT_QPA_PLATFORMTHEME = "xdgdesktopportal"; + GTK_USE_PORTAL = "1"; + _JAVA_AWT_WM_NONREPARENTING = "1"; + WINEDEBUG = "-all"; + CHOKIDAR_USEPOLLING = "true"; + MSBUILDLIVELOGGER = "auto"; + DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER = "1"; + DOTNET_CLI_TELEMETRY_OPTOUT = "1"; + NIXPKGS_ALLOW_UNFREE = "1"; + MOZ_USE_XINPUT2 = "1"; + }; + programs = { + git = { + enable = true; + userName = "Rory&"; + userEmail = "root@rory.gay"; + extraConfig = { + safe = { + directory = "/"; + }; + }; + }; + zsh = { + enable = true; + #enableAutosuggestions = true; + autosuggestion.enable = true; + enableVteIntegration = true; + autocd = true; + + initExtraFirst = '' + export EDITOR=nvim + export SYSTEMD_EDITOR=$EDITOR + export GIT_EDITOR=$EDITOR + export QT_QPA_PLATFORMTHEME=xdgdesktopportal + export GTK_USE_PORTAL=1 + export _JAVA_AWT_WM_NONREPARENTING=1 + export WINEDEBUG=-all + export DOTPROFILE_LOADED='yes' + export CHOKIDAR_USEPOLLING=true + export MSBUILDLIVELOGGER=auto + export DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER=1 + export DOTNET_CLI_TELEMETRY_OPTOUT=1 + function mkkey() { + echo "Making key for $1" + ssh-keygen -t ed25519 -C "$HOST -> $1" -f ~/.ssh/id_ed25519_$1 + ( + echo "Host $1" + echo " IdentityFile ~/.ssh/id_ed25519_$1" + ) >> ~/.ssh/config + echo 'Done! Public key:' + cat ~/.ssh/id_ed25519_$1.pub + } + + export DISABLE_AUTO_UPDATE=true + COMPLETION_WAITING_DOTS="true" + ''; + initExtra = '' + alias mv='mv -v' + alias pre='npx prettier -w' + alias git-commit='git commit --signoff --sign' + alias npm='NODE_OPTIONS=--openssl-legacy-provider npm' + alias npx='NODE_OPTIONS=--openssl-legacy-provider npx' + alias yarn='NODE_OPTIONS=--openssl-legacy-provider npx -y yarn --use-yarnrc $XDG_CONFIG_HOME/yarn/config' + alias node='NODE_OPTIONS=--openssl-legacy-provider node' + # - dotnet + alias drun='dotnet watch run --no-hot-reload --property WarningLevel=0' + alias dbuild='dotnet watch build --no-hot-reload --property WarningLevel=0' + alias ls='lsd -lAhF --color=always --icon=always' + alias transfetch='neofetch --kitty ~/trans_witch.jpg' + alias gc='git-commit' + [ -f "$HOME/.profile" ] && . $HOME/.profile + ''; + #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig' + oh-my-zsh = { + enable = true; + plugins = [ + "git" + "sudo" + ]; + }; + + plugins = [ + { + name = "powerlevel10k"; + src = pkgs.zsh-powerlevel10k; + file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme"; + } + { + name = "powerlevel10k-config"; + src = lib.cleanSource ./Rory; + file = "p10k.zsh"; + } + { + name = "zsh-syntax-highlighting"; + src = pkgs.zsh-syntax-highlighting; + file = "share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh"; + } + { + name = "zsh-autosuggestions"; + src = pkgs.zsh-autosuggestions; + file = "share/zsh-autosuggestions/zsh-autosuggestions.zsh"; + } + ]; + + localVariables = { + POWERLEVEL9K_LEFT_PROMPT_ELEMENTS = [ + "os_icon" + "dir" + "vcs" + "prompt_char" + ]; + POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS = [ + "status" + "command_execution_time" + "background_jobs" + "direnv" + "virtualenv" + "pyenv" + "nodeenv" + "context" + "nix_shell" + "vi_mode" + "load" + "disk_usage" + "ram" + ]; + POWERLEVEL9K_MODE = "nerdfont-complete"; + POWERLEVEL9K_ICON_PADDING = "none"; + POWERLEVEL9K_PROMPT_ADD_NEWLINE = "false"; + POWERLEVEL9K_LEFT_SUBSEGMENT_SEPARATOR = "\uE0B1"; + POWERLEVEL9K_RIGHT_SUBSEGMENT_SEPARATOR = "\uE0B3"; + POWERLEVEL9K_LEFT_SEGMENT_SEPARATOR = "\uE0B0"; + POWERLEVEL9K_RIGHT_SEGMENT_SEPARATOR = "\uE0B2"; + POWERLEVEL9K_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL = "\uE0B0"; + POWERLEVEL9K_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL = "\uE0B2"; + POWERLEVEL9K_PROMPT_CHAR_OVERWRITE_STATE = true; + }; + }; + neovim = { + defaultEditor = true; + viAlias = true; + vimAlias = true; + vimdiffAlias = true; + coc = { + enable = true; + + }; + }; + }; + + home.stateVersion = "22.11"; + }; +} diff --git a/modules/users/Rory.client.nix b/modules/users/Rory.client.nix
index fb6ad88..ede12df 100755 --- a/modules/users/Rory.client.nix +++ b/modules/users/Rory.client.nix
@@ -35,7 +35,7 @@ # # Install = { WantedBy = [ "default.target" ]; }; # - # Service = { + # Service = { # ExecStart = "${pkgs.keepassxc}/bin/keepassxc ~/.secrets.kdbx"; # Restart = "always"; # }; @@ -50,7 +50,7 @@ # # Install = { WantedBy = [ "default.target" ]; }; # - # Service = { + # Service = { # ExecStart = "${pkgs.easyeffects}/bin/easyeffects"; # Restart = "always"; # }; diff --git a/modules/users/Rory.nix b/modules/users/Rory.nix
index a1007fc..9667a3b 100755 --- a/modules/users/Rory.nix +++ b/modules/users/Rory.nix
@@ -7,6 +7,7 @@ "wheel" "libvirtd" "ocp" + "networkmanager" ]; packages = with pkgs; [ lnav @@ -14,7 +15,7 @@ git lsd duf - (btop.override { rocmSupport = true; }) + btop htop kitty.terminfo tmux @@ -35,6 +36,7 @@ #"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICT+53Hy3wbIlNVIomK2RroaimMWrTlUkndjHt1dFuyh root@pfSense-arcane-home.localdomain" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILF2IuNu//0DP/wKMuDvBgVT3YBS2uULsipbdrhJCTM7 thearcanebrony@tab-linux-desktop" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/kNkY/E5b6rvCQLMaSbpLQ/xoyywIwVVu9uo2j/B6p Rory@RoryNix" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0SOsjSqU9nIVH2hdB81InGytIRrBvjC4QqM7g+hBZX Rory@Arc" ]; useDefaultShell = true; shell = pkgs.zsh; @@ -42,6 +44,13 @@ programs.zsh.enable = true; environment.shells = with pkgs; [ zsh ]; + virtualisation.vmVariant = { + users = { + mutableUsers = false; + users.Rory.password = "password"; + }; + }; + home-manager.users.Rory = { home.preferXdgDirectories = true; home.sessionVariables = { @@ -77,7 +86,7 @@ enableVteIntegration = true; autocd = true; - initExtraFirst = '' + initContent = lib.mkBefore '' export EDITOR=nvim export SYSTEMD_EDITOR=$EDITOR export GIT_EDITOR=$EDITOR @@ -116,8 +125,15 @@ alias drun='dotnet watch run --no-hot-reload --property WarningLevel=0' alias dbuild='dotnet watch build --no-hot-reload --property WarningLevel=0' alias ls='lsd -lAhF --color=always --icon=always' - alias transfetch='neofetch --kitty ~/trans_witch.jpg' + alias tree='lsd --tree' + alias lstree='ls --tree --total-size --sort=size' + #alias transfetch='neofetch --kitty ~/trans_witch.jpg' alias gc='git-commit' + alias yt-dlp='nix run ${pkgs.path}\#yt-dlp --' + alias ytdl='nix run ${pkgs.path}\#yt-dlp -- -k --console-title --print-traffic' + alias ytdl-mp3='nix run ${pkgs.path}\#yt-dlp -- -k --console-title --print-traffic -x --audio-quality 0 --audio-format mp3 -i' + alias ytdl-mp3l='nix run ${pkgs.path}\#yt-dlp -- --console-title -x --audio-quality 0 --audio-format mp3 -o "%%(playlist)s/%%(playlist_index)s. %%(title)s.%%(ext)s" --download-archive archive.txt --embed-thumbnail --add-metadata -R 100 --http-chunk-size 64M --buffer-size 64M -i' + [ -f "$HOME/.profile" ] && . $HOME/.profile ''; #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig' @@ -193,7 +209,6 @@ vimdiffAlias = true; coc = { enable = true; - }; }; }; diff --git a/modules/users/chris.nix b/modules/users/chris.nix
index 9df69a8..43399ac 100755 --- a/modules/users/chris.nix +++ b/modules/users/chris.nix
@@ -4,12 +4,17 @@ users.users.chris = { isNormalUser = true; - extraGroups = [ "wheel" ]; + extraGroups = [ + "wheel" + "dialout" + ]; packages = with pkgs; [ nano #nodejs-slim ]; #initialPassword = "password"; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI" + ]; }; } diff --git a/modules/users/db2k.nix b/modules/users/db2k.nix
index 8bc43e2..3e5addb 100755 --- a/modules/users/db2k.nix +++ b/modules/users/db2k.nix
@@ -8,6 +8,8 @@ group = "db2k"; home = "/data/nginx/html_git/.ocp"; shell = "${pkgs.git}/bin/git-shell"; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfXA4Oh0LZqY8LAS/lnANKVDBlemHGPWdtep1GE/LId garyzipperer09@gmail.com" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfXA4Oh0LZqY8LAS/lnANKVDBlemHGPWdtep1GE/LId garyzipperer09@gmail.com" + ]; }; } diff --git a/modules/users/ks.nix b/modules/users/ks.nix
index 0e2d36c..ea2eb10 100755 --- a/modules/users/ks.nix +++ b/modules/users/ks.nix
@@ -9,7 +9,9 @@ "ocp" ]; #initialPassword = "password"; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUDh1WPUF6mPQ1E38ozUjY/DZhEbwZL37eZ51DgpuLo ks" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUDh1WPUF6mPQ1E38ozUjY/DZhEbwZL37eZ51DgpuLo ks" + ]; }; home-manager.users.ks = {