diff --git a/flake.lock b/flake.lock index b43e6e1..248032b 100644 --- a/flake.lock +++ b/flake.lock @@ -84,7 +84,7 @@ "inputs": { "flake-utils": "flake-utils", "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ], "nixpkgs-stable": "nixpkgs-stable" }, @@ -121,11 +121,11 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", "type": "github" }, "original": { @@ -212,10 +212,10 @@ "type": "github" } }, - "home-manager_2": { + "home-manager-unstable": { "inputs": { "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ] }, "locked": { @@ -232,6 +232,27 @@ "type": "github" } }, + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1702195709, + "narHash": "sha256-+zRjWkm5rKqQ57PuLZ3JF3xi3vPMiOJzItb1m/43Cq4=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "6761b8188b860f374b457eddfdb05c82eef9752f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.11", + "repo": "home-manager", + "type": "github" + } + }, "home-manager_3": { "inputs": { "nixpkgs": [ @@ -304,20 +325,50 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710806803, - "narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=", + "lastModified": 1702346276, + "narHash": "sha256-eAQgwIWApFQ40ipeOjVSoK4TEHVd6nbSd9fApiHIw5A=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3", + "rev": "cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } }, + "nixpkgs-22_11": { + "locked": { + "lastModified": 1669558522, + "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.11", + "type": "indirect" + } + }, + "nixpkgs-23_05": { + "locked": { + "lastModified": 1704290814, + "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-23.05", + "type": "indirect" + } + }, "nixpkgs-droid": { "locked": { "lastModified": 1702350026, @@ -382,13 +433,29 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs-unstable": { "locked": { - "lastModified": 1709703039, - "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", + "lastModified": 1710806803, + "narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", + "rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1670751203, + "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60", "type": "github" }, "original": { @@ -475,9 +542,11 @@ "disko": "disko", "emacs": "emacs", "home-manager": "home-manager_2", + "home-manager-unstable": "home-manager-unstable", "nix-on-droid": "nix-on-droid", "nixpkgs": "nixpkgs", "nixpkgs-droid": "nixpkgs-droid", + "nixpkgs-unstable": "nixpkgs-unstable", "pre-commit-hooks": "pre-commit-hooks", "snm": "snm" } @@ -487,14 +556,16 @@ "blobs": "blobs", "flake-compat": "flake-compat_2", "nixpkgs": "nixpkgs_2", + "nixpkgs-22_11": "nixpkgs-22_11", + "nixpkgs-23_05": "nixpkgs-23_05", "utils": "utils_2" }, "locked": { - "lastModified": 1710449465, - "narHash": "sha256-2orO8nfplp6uQJBFqKkj1iyNMC6TysmwbWwbb4osTag=", + "lastModified": 1703666786, + "narHash": "sha256-SLPNpM/rI8XPyVJAxMYAe+n6NiYSpuXvdwPILHP4yZI=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "79c8cfcd5873a85559da6201b116fb38b490d030", + "rev": "b5023b36a1f6628865cb42b4353bd2ddde0ea9f4", "type": "gitlab" }, "original": { @@ -534,21 +605,6 @@ "type": "github" } }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "utils": { "locked": { "lastModified": 1659877975, @@ -565,15 +621,12 @@ } }, "utils_2": { - "inputs": { - "systems": "systems_3" - }, "locked": { - "lastModified": 1709126324, - "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", + "lastModified": 1605370193, + "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", "owner": "numtide", "repo": "flake-utils", - "rev": "d465f4819400de7c8d874d50b982301f28a84605", + "rev": "5021eac20303a61fafe17224c087f5519baed54d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index c3f2842..43fc420 100644 --- a/flake.nix +++ b/flake.nix @@ -1,16 +1,22 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; nixpkgs-droid.url = "github:NixOS/nixpkgs/nixos-23.05"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix"; pre-commit-hooks.inputs.nixpkgs.follows = "nixpkgs"; home-manager = { - url = "github:nix-community/home-manager"; + url = "github:nix-community/home-manager/release-23.11"; inputs.nixpkgs.follows = "nixpkgs"; }; + home-manager-unstable = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + }; + # simple mailserver snm = { url = "gitlab:simple-nixos-mailserver/nixos-mailserver/master"; @@ -24,7 +30,7 @@ emacs = { url = "github:nix-community/emacs-overlay"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; }; # simplex-chat = { @@ -42,88 +48,94 @@ disko.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { self, home-manager, nixpkgs, pre-commit-hooks, ... }@inputs: { - checks."x86_64-linux" = let - system = "x86_64-linux"; - pkgs = import nixpkgs { inherit system; }; - in { - pre-commit-check = pre-commit-hooks.lib.${system}.run { - src = ./.; - settings = { ormolu.defaultExtensions = [ "GHC2021" ]; }; - tools.fourmolu = pkgs.haskellPackages.fourmolu; - hooks = { - nixfmt.enable = true; - fourmolu.enable = true; - hpack.enable = true; - hlint.enable = true; + outputs = { self, home-manager, nixpkgs, nixpkgs-unstable, pre-commit-hooks + , ... }@inputs: { + checks."x86_64-linux" = let + system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + in { + pre-commit-check = pre-commit-hooks.lib.${system}.run { + src = ./.; + settings = { ormolu.defaultExtensions = [ "GHC2021" ]; }; + tools.fourmolu = pkgs.haskellPackages.fourmolu; + hooks = { + nixfmt.enable = true; + fourmolu.enable = true; + hpack.enable = true; + hlint.enable = true; + }; }; }; - }; - nixosConfigurations."thrall" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - ({ inputs, lib, ... }: { - nixpkgs = { - config.allowUnfree = true; - overlays = with inputs; [ emacs.overlay ]; + nixosConfigurations."thrall" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = let + postfix-overlay = final: prev: { + postfix = nixpkgs-unstable.legacyPackages."x86_64-linux".postfix; }; - }) - ./hosts/thrall - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.alex = import ./home/alex/cli.nix; - } - ]; - }; - - nixosConfigurations."dregil" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ ./hosts/dregil ]; - }; - - nixosConfigurations."igor" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ ./hosts/igor ]; - }; - - nixOnDroidConfigurations.default = with inputs; - nix-on-droid.lib.nixOnDroidConfiguration { - modules = [ - ./hosts/redmi - { nix.registry.nixpkgs.flake = nixpkgs-droid; } - { nix.nixPath = [ "nixpkgs=${nixpkgs-droid}" ]; } + in [ + ({ inputs, lib, ... }: { + nixpkgs = { + config.allowUnfree = true; + overlays = with inputs; [ emacs.overlay postfix-overlay ]; + }; + nix.registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + }) + ./hosts/thrall + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.alex = import ./home/alex/cli.nix; + } ]; }; - devShells."x86_64-linux".default = let - system = "x86_64-linux"; - pkgs = import nixpkgs { inherit system; }; - in pkgs.haskellPackages.shellFor { - inherit (self.checks.${system}.pre-commit-check) shellHook; + nixosConfigurations."dregil" = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ ./hosts/dregil ]; + }; - packages = p: [ p.xmonad p.xmonad-contrib ]; + nixosConfigurations."igor" = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ ./hosts/igor ]; + }; - withHoogle = true; + nixOnDroidConfigurations.default = with inputs; + nix-on-droid.lib.nixOnDroidConfiguration { + modules = [ + ./hosts/redmi + { nix.registry.nixpkgs.flake = nixpkgs-droid; } + { nix.nixPath = [ "nixpkgs=${nixpkgs-droid}" ]; } + ]; + }; - nativeBuildInputs = with pkgs; [ - haskellPackages.haskell-language-server - haskellPackages.fourmolu - haskellPackages.hspec-discover - haskellPackages.doctest - haskellPackages.xmonad - haskellPackages.xmonad-contrib - cabal-install - ghcid - nixfmt - hpack - hlint - ]; + devShells."x86_64-linux".default = let + system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; }; + in pkgs.haskellPackages.shellFor { + inherit (self.checks.${system}.pre-commit-check) shellHook; + + packages = p: [ p.xmonad p.xmonad-contrib ]; + + withHoogle = true; + + nativeBuildInputs = with pkgs; [ + haskellPackages.haskell-language-server + haskellPackages.fourmolu + haskellPackages.hspec-discover + haskellPackages.doctest + haskellPackages.xmonad + haskellPackages.xmonad-contrib + cabal-install + ghcid + nixfmt + hpack + hlint + ]; + }; }; - }; } diff --git a/hosts/dregil/default.nix b/hosts/dregil/default.nix index 71b89de..c670933 100644 --- a/hosts/dregil/default.nix +++ b/hosts/dregil/default.nix @@ -1,10 +1,14 @@ { lib, config, pkgs, inputs, ... }: { imports = [ - ({ ... }: { nixpkgs = { config.allowUnfree = true; }; }) + ({ inputs, lib, ... }: { + nixpkgs = { config.allowUnfree = true; }; + nix.registry = + lib.mkForce (lib.mapAttrs (_: value: { flake = value; }) inputs); + }) ../../modules/security.nix ../../modules/common-system.nix ./configuration.nix - inputs.home-manager.nixosModules.home-manager + inputs.home-manager-unstable.nixosModules.home-manager ../../home/anne/default.nix ../../home/alex/default.nix ]; diff --git a/hosts/thrall/default.nix b/hosts/thrall/default.nix index c39abe0..56cd004 100644 --- a/hosts/thrall/default.nix +++ b/hosts/thrall/default.nix @@ -7,8 +7,6 @@ let authorityFromUrl = url: builtins.head (pkgs.lib.drop 1 (pkgs.lib.splitString "://" url)); in { - disabledModules = [ "services/web-apps/hledger-web.nix" ]; - imports = [ ./hardware-configuration.nix inputs.snm.nixosModule @@ -21,7 +19,6 @@ in { ../../modules/timezone.nix ../../modules/keybase.nix ../../modules/ssh.nix - ../../modules/hledger-web.nix ]; # Use the GRUB 2 boot loader. @@ -228,15 +225,16 @@ in { }; # paperless - "${authorityFromUrl config.services.paperless.settings.PAPERLESS_URL}" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = - "http://127.0.0.1:${toString config.services.paperless.port}/"; - proxyWebsockets = true; + "${authorityFromUrl config.services.paperless.extraConfig.PAPERLESS_URL}" = + { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = + "http://127.0.0.1:${toString config.services.paperless.port}/"; + proxyWebsockets = true; + }; }; - }; # hledger "${authorityFromUrl config.services.hledger-web.baseUrl}" = { @@ -282,7 +280,7 @@ in { address = "127.0.0.1"; port = 3002; consumptionDirIsPublic = true; - settings = { + extraConfig = { PAPERLESS_OCR_LANGUAGE = "deu+eng"; PAPERLESS_URL = "https://docs.failco.de"; PAPERLESS_CONSUMER_RECURSIVE = true; diff --git a/modules/hledger-web.nix b/modules/hledger-web.nix deleted file mode 100644 index 4c55584..0000000 --- a/modules/hledger-web.nix +++ /dev/null @@ -1,140 +0,0 @@ -{ lib, pkgs, config, ... }: -with lib; -let cfg = config.services.hledger-web; -in { - options.services.hledger-web = { - - enable = mkEnableOption (lib.mdDoc "hledger-web service"); - - serveApi = mkEnableOption - (lib.mdDoc "serving only the JSON web API, without the web UI"); - - host = mkOption { - type = types.str; - default = "127.0.0.1"; - description = lib.mdDoc '' - Address to listen on. - ''; - }; - - port = mkOption { - type = types.port; - default = 5000; - example = 80; - description = lib.mdDoc '' - Port to listen on. - ''; - }; - - capabilities = { - view = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Enable the view capability. - ''; - }; - add = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enable the add capability. - ''; - }; - manage = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enable the manage capability. - ''; - }; - }; - - stateDir = mkOption { - type = types.path; - default = "/var/lib/hledger-web"; - description = lib.mdDoc '' - Path the service has access to. If left as the default value this - directory will automatically be created before the hledger-web server - starts, otherwise the sysadmin is responsible for ensuring the - directory exists with appropriate ownership and permissions. - ''; - }; - - journalFiles = mkOption { - type = types.listOf types.str; - default = [ ".hledger.journal" ]; - description = lib.mdDoc '' - Paths to journal files relative to {option}`services.hledger-web.stateDir`. - ''; - }; - - baseUrl = mkOption { - type = with types; nullOr str; - default = null; - example = "https://example.org"; - description = lib.mdDoc '' - Base URL, when sharing over a network. - ''; - }; - - extraOptions = mkOption { - type = types.listOf types.str; - default = [ ]; - example = [ "--forecast" ]; - description = lib.mdDoc '' - Extra command line arguments to pass to hledger-web. - ''; - }; - - }; - - config = mkIf cfg.enable { - - users.users.hledger = { - name = "hledger"; - group = "hledger"; - isSystemUser = true; - home = cfg.stateDir; - useDefaultShell = true; - }; - - users.groups.hledger = { }; - - systemd.services.hledger-web = let - serverArgs = with cfg; - escapeShellArgs ([ - "--serve" - "--host=${host}" - "--port=${toString port}" - (optionalString capabilities.add "--allow=add") - (optionalString capabilities.view "--allow=view") - (optionalString capabilities.manage "--allow=edit") - (optionalString (cfg.baseUrl != null) "--base-url=${cfg.baseUrl}") - (optionalString (cfg.serveApi) "--serve-api") - ] ++ (map (f: "--file=${stateDir}/${f}") cfg.journalFiles) - ++ extraOptions); - in { - description = "hledger-web - web-app for the hledger accounting tool."; - documentation = [ "https://hledger.org/hledger-web.html" ]; - wantedBy = [ "multi-user.target" ]; - after = [ "networking.target" ]; - serviceConfig = mkMerge [ - { - ExecStart = "${pkgs.hledger-web}/bin/hledger-web ${serverArgs}"; - Restart = "always"; - WorkingDirectory = cfg.stateDir; - User = "hledger"; - Group = "hledger"; - PrivateTmp = true; - } - (mkIf (cfg.stateDir == "/var/lib/hledger-web") { - StateDirectory = "hledger-web"; - }) - ]; - }; - - }; - - meta.maintainers = with lib.maintainers; [ marijanp erictapen ]; -}