diff options
-rwxr-xr-x | .gitignore | 2 | ||||
-rwxr-xr-x | flake.nix | 48 | ||||
-rw-r--r-- | host/Rory-desktop/configuration.nix | 5 | ||||
-rwxr-xr-x | host/Rory-nginx/services/matrix/grapevine.nix | 3 | ||||
-rwxr-xr-x | lib/hooks/pre-commit | 23 | ||||
-rw-r--r-- | lib/hooks/pre-receive | 24 |
6 files changed, 98 insertions, 7 deletions
diff --git a/.gitignore b/.gitignore index 2dfcba2..d5f6e74 100755 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,4 @@ matrix-user-tokens.txt nixpkgs/ result wg/ - +opensuse/ diff --git a/flake.nix b/flake.nix index de69e78..eeaadba 100755 --- a/flake.nix +++ b/flake.nix @@ -23,6 +23,7 @@ # Draupnir module/package nixpkgs-Draupnir.url = "github:TheArcaneBrony/nixpkgs/master"; + #MatrixContentFilter.url = "git+file:/home/Rory/git/matrix/MatrixContentFilter?submodules=1"; # Base modules home-manager.url = "github:nix-community/home-manager/master"; @@ -62,7 +63,47 @@ with inputs; { nixosConfigurations = { - #NIXPKGS FORK + micro = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hardware-configuration.nix + #MatrixContentFilter.modules.default + + ( + { ... }: + { + boot.isContainer = true; + system.stateVersion = "0"; + #services.MatrixContentFilter = { + # enable = true; + # accessTokenPath = "/"; + # appSettings = { + # "Logging" = { + # "LogLevel" = { + # "Default" = "Debug"; + # "System" = "Information"; + # "Microsoft" = "Information"; + # }; + # }; + # "LibMatrixBot" = { + # "Homeserver" = "rory.gay"; + # "Prefixes" = [ + # "!mcf " + # ]; + # "MentionPrefix" = false; + # }; + # "MatrixContentFilter" = { + # Admins = [ "@emma:rory.gay" ]; + # }; + # }; + #}; + } + ) + ]; + #specialArgs = { + # inherit home-manager; + #}; + }; Rory-nginx = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ @@ -70,6 +111,7 @@ ./hardware-configuration.nix home-manager.nixosModules.home-manager grapevine.nixosModules.default + #MatrixContentFilter.modules.default # these arent really modules... botcore-v4.modules.bots @@ -101,7 +143,7 @@ inherit conduit; inherit nixpkgs-Draupnir; #inherit conduwuit; - + inherit (inputs) draupnirSrc; }; }; @@ -219,7 +261,7 @@ ); packages.mtxclient-git = (pkgs.callPackage ./modules/packages/mtxclient-git.nix { inherit mtxclientSrc; }); - + # untested packages.draupnir-main = pkgs.draupnir.overrideAttrs (oldAttrs: { src = draupnirSrc; diff --git a/host/Rory-desktop/configuration.nix b/host/Rory-desktop/configuration.nix index dae5f44..654b245 100644 --- a/host/Rory-desktop/configuration.nix +++ b/host/Rory-desktop/configuration.nix @@ -24,7 +24,7 @@ args@{ ./optional/gui/x11.nix ./optional/gui/wayland.nix - #./printing.nix + ./printing.nix #./ollama.nix ]; @@ -121,6 +121,8 @@ args@{ }; environment.systemPackages = with pkgs; [ + eog + mpv libreoffice qt6.qtwayland @@ -273,6 +275,7 @@ args@{ }; networking.hosts."127.0.0.1" = builtins.attrNames config.services.nginx.virtualHosts; + services.gvfs.enable = true; system.stateVersion = "22.11"; # DO NOT EDIT! } diff --git a/host/Rory-nginx/services/matrix/grapevine.nix b/host/Rory-nginx/services/matrix/grapevine.nix index 0f0006b..2214ab4 100755 --- a/host/Rory-nginx/services/matrix/grapevine.nix +++ b/host/Rory-nginx/services/matrix/grapevine.nix @@ -15,12 +15,11 @@ port = 6167; } ]; + server_discovery.client.base_url = "https://conduit.rory.gay"; # This is required for some reason database = { backend = "rocksdb"; }; - - allow_check_for_updates = false; allow_registration = false; #log = "info"; diff --git a/lib/hooks/pre-commit b/lib/hooks/pre-commit index e69de29..bcd164c 100755 --- a/lib/hooks/pre-commit +++ b/lib/hooks/pre-commit @@ -0,0 +1,23 @@ +#!/usr/bin/env sh + +# full paths from the repo root separated by newlines +MUST_NOT_CHANGE='hardware-configuration.nix +key2.json' + +if git rev-parse --verify HEAD >/dev/null 2>&1 +then + against=HEAD +else + # Initial commit: diff against an empty tree object + against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 +fi + +exec 1>&2 + +if git diff --cached --name-only $against | grep --quiet --line-regexp --fixed-strings "$MUST_NOT_CHANGE" +then + echo Commit would modify one or more files that must not change. + exit 1 +else + exit 0 +fi \ No newline at end of file diff --git a/lib/hooks/pre-receive b/lib/hooks/pre-receive new file mode 100644 index 0000000..61a04dd --- /dev/null +++ b/lib/hooks/pre-receive @@ -0,0 +1,24 @@ +#!/usr/bin/env sh + +# full paths from the repo root separated by newlines +MUST_NOT_CHANGE='hardware-configuration.nix +key2.json' + +z40=0000000000000000000000000000000000000000 + +while read old_value new_value ref_name +do + if [ "$old_value" = $z40 ]; then + # New branch: diff against an empty tree object + against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 + else + against=$old_value + fi + + if git diff --name-only $against..$new_value | + grep --quiet --line-regexp --fixed-strings "$MUST_NOT_CHANGE" + then + echo "$ref_name" may commit key, rejected ... >&2 + exit 1 + fi +done \ No newline at end of file |