atagen/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

current

Browse source 
linted
This commit is contained in:
atagen 2025-02-02 16:57:31 +11:00
parent 4e99a0e323
commit 7485de646a
95 changed files with 2743 additions and 2282 deletions
Download patch file Download diff file Expand all files Collapse all files

689
home/util/containers.nix
View file

@ -3,363 +3,382 @@
lib,
pkgs,
...
}: let
containerOptions = {...}: {
options = {
pullPolicy = mkOption {
type = with types; str;
description = "Podman container pulling policy";
default = "newer";
};
image = mkOption {
type = with types; str;
description = "OCI image to run.";
example = "library/hello-world";
};
imageFile = mkOption {
type = with types; nullOr package;
default = null;
description = ''
Path to an image file to load before running the image. This can
be used to bypass pulling the image from the registry.
The `image` attribute must match the name and
tag of the image contained in this file, as they will be used to
run the container with that image. If they do not match, the
image will be pulled from the registry as usual.
'';
example = literalExpression "pkgs.dockerTools.buildImage {...};";
};
login = {
username = mkOption {
type = with types; nullOr str;
default = null;
description = "Username for login.";
}:
let
containerOptions =
_:
{
options = {
pullPolicy = mkOption {
type = with types; str;
description = "Podman container pulling policy";
default = "newer";
};
image = mkOption {
type = with types; str;
description = "OCI image to run.";
example = "library/hello-world";
};
passwordFile = mkOption {
type = with types; nullOr str;
imageFile = mkOption {
type = with types; nullOr package;
default = null;
description = "Path to file containing password.";
example = "/etc/nixos/dockerhub-password.txt";
description = ''
Path to an image file to load before running the image. This can
be used to bypass pulling the image from the registry.
The `image` attribute must match the name and
tag of the image contained in this file, as they will be used to
run the container with that image. If they do not match, the
image will be pulled from the registry as usual.
'';
example = literalExpression "pkgs.dockerTools.buildImage {...};";
};
registry = mkOption {
type = with types; nullOr str;
default = null;
description = "Registry where to login to.";
example = "https://docker.pkg.github.com";
login = {
username = mkOption {
type = with types; nullOr str;
default = null;
description = "Username for login.";
};
passwordFile = mkOption {
type = with types; nullOr str;
default = null;
description = "Path to file containing password.";
example = "/etc/nixos/dockerhub-password.txt";
};
registry = mkOption {
type = with types; nullOr str;
default = null;
description = "Registry where to login to.";
example = "https://docker.pkg.github.com";
};
};
};
cmd = mkOption {
type = with types; listOf str;
default = [];
description = "Commandline arguments to pass to the image's entrypoint.";
example = literalExpression ''
["--port=9000"]
'';
};
cmd = mkOption {
type = with types; listOf str;
default = [ ];
description = "Commandline arguments to pass to the image's entrypoint.";
example = literalExpression ''
["--port=9000"]
'';
};
labels = mkOption {
type = with types; attrsOf str;
default = {};
description = "Labels to attach to the container at runtime.";
example = literalExpression ''
{
"traefik.https.routers.example.rule" = "Host(`example.container`)";
}
'';
};
entrypoint = mkOption {
type = with types; nullOr str;
description = "Override the default entrypoint of the image.";
default = null;
example = "/bin/my-app";
};
environment = mkOption {
type = with types; attrsOf str;
default = {};
description = "Environment variables to set for this container.";
example = literalExpression ''
{
DATABASE_HOST = "db.example.com";
DATABASE_PORT = "3306";
}
'';
};
environmentFiles = mkOption {
type = with types; listOf path;
default = [];
description = "Environment files for this container.";
example = literalExpression ''
[
/path/to/.env
/path/to/.env.secret
]
'';
};
log-driver = mkOption {
type = types.str;
default = "journald";
description = ''
Logging driver for the container. The default of
`"journald"` means that the container's logs will be
handled as part of the systemd unit.
For more details and a full list of logging drivers, refer to podman documentation.
For Docker:
[Docker engine documentation](https://docs.docker.com/engine/reference/run/#logging-drivers---log-driver)
For Podman:
Refer to the docker-run(1) man page.
'';
};
ports = mkOption {
type = with types; listOf str;
default = [];
description = ''
Network ports to publish from the container to the outer host.
Valid formats:
- `<ip>:<hostPort>:<containerPort>`
- `<ip>::<containerPort>`
- `<hostPort>:<containerPort>`
- `<containerPort>`
Both `hostPort` and `containerPort` can be specified as a range of
ports. When specifying ranges for both, the number of container
ports in the range must match the number of host ports in the
range. Example: `1234-1236:1234-1236/tcp`
When specifying a range for `hostPort` only, the `containerPort`
must *not* be a range. In this case, the container port is published
somewhere within the specified `hostPort` range.
Example: `1234-1236:1234/tcp`
Refer to the
[Docker engine documentation](https://docs.docker.com/engine/reference/run/#expose-incoming-ports) for full details.
'';
example = literalExpression ''
[
"8080:9000"
]
'';
};
user = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Override the username or UID (and optionally groupname or GID) used
in the container.
'';
example = "nobody:nogroup";
};
volumes = mkOption {
type = with types; listOf str;
default = [];
description = ''
List of volumes to attach to this container.
Note that this is a list of `"src:dst"` strings to
allow for `src` to refer to `/nix/store` paths, which
would be difficult with an attribute set. There are
also a variety of mount options available as a third
field; please refer to the
[docker engine documentation](https://docs.docker.com/engine/reference/run/#volume-shared-filesystems) for details.
'';
example = literalExpression ''
[
"volume_name:/path/inside/container"
"/path/on/host:/path/inside/container"
]
'';
};
workdir = mkOption {
type = with types; nullOr str;
default = null;
description = "Override the default working directory for the container.";
example = "/var/lib/hello_world";
};
dependsOn = mkOption {
type = with types; listOf str;
default = [];
description = ''
Define which other containers this one depends on. They will be added to both After and Requires for the unit.
Use the same name as the attribute under `virtualisation.oci-containers.containers`.
'';
example = literalExpression ''
containers = {
node1 = {};
node2 = {
dependsOn = [ "node1" ];
labels = mkOption {
type = with types; attrsOf str;
default = { };
description = "Labels to attach to the container at runtime.";
example = literalExpression ''
{
"traefik.https.routers.example.rule" = "Host(`example.container`)";
}
}
'';
};
entrypoint = mkOption {
type = with types; nullOr str;
description = "Override the default entrypoint of the image.";
default = null;
example = "/bin/my-app";
};
environment = mkOption {
type = with types; attrsOf str;
default = { };
description = "Environment variables to set for this container.";
example = literalExpression ''
{
DATABASE_HOST = "db.example.com";
DATABASE_PORT = "3306";
}
'';
};
environmentFiles = mkOption {
type = with types; listOf path;
default = [ ];
description = "Environment files for this container.";
example = literalExpression ''
[
/path/to/.env
/path/to/.env.secret
]
'';
};
log-driver = mkOption {
type = types.str;
default = "journald";
description = ''
Logging driver for the container. The default of
`"journald"` means that the container's logs will be
handled as part of the systemd unit.
For more details and a full list of logging drivers, refer to podman documentation.
For Docker:
[Docker engine documentation](https://docs.docker.com/engine/reference/run/#logging-drivers---log-driver)
For Podman:
Refer to the docker-run(1) man page.
'';
};
ports = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Network ports to publish from the container to the outer host.
Valid formats:
- `<ip>:<hostPort>:<containerPort>`
- `<ip>::<containerPort>`
- `<hostPort>:<containerPort>`
- `<containerPort>`
Both `hostPort` and `containerPort` can be specified as a range of
ports. When specifying ranges for both, the number of container
ports in the range must match the number of host ports in the
range. Example: `1234-1236:1234-1236/tcp`
When specifying a range for `hostPort` only, the `containerPort`
must *not* be a range. In this case, the container port is published
somewhere within the specified `hostPort` range.
Example: `1234-1236:1234/tcp`
Refer to the
[Docker engine documentation](https://docs.docker.com/engine/reference/run/#expose-incoming-ports) for full details.
'';
example = literalExpression ''
[
"8080:9000"
]
'';
};
user = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Override the username or UID (and optionally groupname or GID) used
in the container.
'';
example = "nobody:nogroup";
};
volumes = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
List of volumes to attach to this container.
Note that this is a list of `"src:dst"` strings to
allow for `src` to refer to `/nix/store` paths, which
would be difficult with an attribute set. There are
also a variety of mount options available as a third
field; please refer to the
[docker engine documentation](https://docs.docker.com/engine/reference/run/#volume-shared-filesystems) for details.
'';
example = literalExpression ''
[
"volume_name:/path/inside/container"
"/path/on/host:/path/inside/container"
]
'';
};
workdir = mkOption {
type = with types; nullOr str;
default = null;
description = "Override the default working directory for the container.";
example = "/var/lib/hello_world";
};
dependsOn = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Define which other containers this one depends on. They will be added to both After and Requires for the unit.
Use the same name as the attribute under `virtualisation.oci-containers.containers`.
'';
example = literalExpression ''
containers = {
node1 = {};
node2 = {
dependsOn = [ "node1" ];
}
}
'';
};
hostname = mkOption {
type = with types; nullOr str;
default = null;
description = "The hostname of the container.";
example = "hello-world";
};
preRunExtraOptions = mkOption {
type = with types; listOf str;
default = [ ];
description = "Extra options for podman that go before the `run` argument.";
example = [
"--runtime"
"runsc"
];
};
extraOptions = mkOption {
type = with types; listOf str;
default = [ ];
description = "Extra options for podman run`.";
example = literalExpression ''
["--network=host"]
'';
};
autoStart = mkOption {
type = types.bool;
default = false;
description = ''
When enabled, the container is automatically started on boot.
If this option is set to false, the container has to be started on-demand via its service.
'';
};
};
};
mkService =
name: container:
let
podman = lib.getExe pkgs.podman;
rm = lib.getExe' pkgs.coreutils "rm";
printf = lib.getExe' pkgs.coreutils "printf";
getId = ''"$(${lib.getExe' pkgs.coreutils "id"} -u)"'';
dependsOn = map (x: "podman-${x}.service") container.dependsOn;
escapedName = lib.escapeShellArg name;
preStartScript = pkgs.writeShellApplication {
name = "pre-start";
runtimeInputs = [ ];
text = ''
${printf} "Running pre-start script.."
${podman} rm -f ${name} || true
${lib.optionalString (container.imageFile != null) ''
${podman} load -i ${container.imageFile}
''}
${rm} -f /run/user/${getId}/podman-${escapedName}.ctr-id
${printf} " success.\nStarting Podman...\n"
'';
};
script = concatStringsSep " \\\n " (
[
"exec ${podman} "
]
++ map escapeShellArg container.preRunExtraOptions
++ [
"run"
"--log-level=debug"
"--rm"
"--name=${escapedName}"
"--log-driver=${container.log-driver}"
]
++ optional (container.entrypoint != null) "--entrypoint=${escapeShellArg container.entrypoint}"
++ optional (container.hostname != null) "--hostname=${escapeShellArg container.hostname}"
++ optional (container.pullPolicy != null) "--pull=${container.pullPolicy}"
++ [
"--cidfile=/run/user/${getId}/podman-${escapedName}.ctr-id"
# "--sdnotify=ignore"
"--cgroups=no-conmon"
"--sdnotify=conmon"
"-d"
"--replace"
]
++ (mapAttrsToList (k: v: "-e ${escapeShellArg k}=${escapeShellArg v}") container.environment)
++ map (f: "--env-file ${escapeShellArg f}") container.environmentFiles
++ map (p: "-p ${escapeShellArg p}") container.ports
++ optional (container.user != null) "-u ${escapeShellArg container.user}"
++ map (v: "-v ${escapeShellArg v}") container.volumes
++ (mapAttrsToList (k: v: "-l ${escapeShellArg k}=${escapeShellArg v}") container.labels)
++ optional (container.workdir != null) "-w ${escapeShellArg container.workdir}"
++ map escapeShellArg container.extraOptions
++ [ container.image ]
++ map escapeShellArg container.cmd
);
hostname = mkOption {
type = with types; nullOr str;
default = null;
description = "The hostname of the container.";
example = "hello-world";
inherit (lib)
concatStringsSep
escapeShellArg
optional
mapAttrsToList
;
in
{
Unit = {
WantedBy = lib.optional container.autoStart "default.target"; # graphical-session instead maybe?
After = dependsOn;
Requires = dependsOn;
# StopWhenUnneeded = true;
};
# TODO make network target..
# wants = lib.optional (container.imageFile == null) "network-online.target";
# after = lib.optionals (container.imageFile == null) [ "network-online.target" ]
# ++ dependsOn;
# environment = proxy_env;
preRunExtraOptions = mkOption {
type = with types; listOf str;
default = [];
description = "Extra options for podman that go before the `run` argument.";
example = ["--runtime" "runsc"];
};
extraOptions = mkOption {
type = with types; listOf str;
default = [];
description = "Extra options for podman run`.";
example = literalExpression ''
["--network=host"]
'';
};
autoStart = mkOption {
type = types.bool;
default = false;
description = ''
When enabled, the container is automatically started on boot.
If this option is set to false, the container has to be started on-demand via its service.
'';
Service = {
### There is no generalized way of supporting `reload` for docker
### containers. Some containers may respond well to SIGHUP sent to their
### init process, but it is not guaranteed; some apps have other reload
### mechanisms, some don't have a reload signal at all, and some docker
### images just have broken signal handling. The best compromise in this
### case is probably to leave ExecReload undefined, so `systemctl reload`
### will at least result in an error instead of potentially undefined
### behaviour.
###
### Advanced users can still override this part of the unit to implement
### a custom reload handler, since the result of all this is a normal
### systemd service from the perspective of the NixOS module system.
###
# ExecReload = ...;
###
ExecStartPre = [ "${preStartScript}/bin/pre-start" ];
ExecStart = [
"${pkgs.writeShellScript "start" script}"
];
ExecStop = [
"${podman} stop --ignore --cidfile=/run/user/${getId}/podman-${escapedName}.ctr-id"
"${podman} rm -f --ignore --cidfile=/run/user/${getId}/podman-${escapedName}.ctr-id"
];
# TimeoutStartSec = 0;
# TimeoutStopSec = 120;
# Restart = "always";
Environment = [ "PODMAN_SYSTEMD_UNIT=podman-${name}.service" ];
Type = "notify";
NotifyAccess = "all";
# Type = "exec";
};
};
};
mkService = name: container: let
podman = lib.getExe pkgs.podman;
rm = lib.getExe' pkgs.coreutils "rm";
printf = lib.getExe' pkgs.coreutils "printf";
getId = ''"$(${lib.getExe' pkgs.coreutils "id"} -u)"'';
dependsOn = map (x: "podman-${x}.service") container.dependsOn;
escapedName = lib.escapeShellArg name;
preStartScript = pkgs.writeShellApplication {
name = "pre-start";
runtimeInputs = [];
text = ''
${printf} "Running pre-start script.."
${podman} rm -f ${name} || true
${lib.optionalString (container.imageFile != null) ''
${podman} load -i ${container.imageFile}
''}
${rm} -f /run/user/${getId}/podman-${escapedName}.ctr-id
${printf} " success.\nStarting Podman...\n"
'';
};
script = concatStringsSep " \\\n " (
[
"exec ${podman} "
]
++ map escapeShellArg container.preRunExtraOptions
++ [
"run"
"--log-level=debug"
"--rm"
"--name=${escapedName}"
"--log-driver=${container.log-driver}"
]
++ optional (container.entrypoint != null)
"--entrypoint=${escapeShellArg container.entrypoint}"
++ optional (container.hostname != null)
"--hostname=${escapeShellArg container.hostname}"
++ optional (container.pullPolicy != null)
"--pull=${container.pullPolicy}"
++ [
"--cidfile=/run/user/${getId}/podman-${escapedName}.ctr-id"
# "--sdnotify=ignore"
"--cgroups=no-conmon"
"--sdnotify=conmon"
"-d"
"--replace"
]
++ (mapAttrsToList (k: v: "-e ${escapeShellArg k}=${escapeShellArg v}") container.environment)
++ map (f: "--env-file ${escapeShellArg f}") container.environmentFiles
++ map (p: "-p ${escapeShellArg p}") container.ports
++ optional (container.user != null) "-u ${escapeShellArg container.user}"
++ map (v: "-v ${escapeShellArg v}") container.volumes
++ (mapAttrsToList (k: v: "-l ${escapeShellArg k}=${escapeShellArg v}") container.labels)
++ optional (container.workdir != null) "-w ${escapeShellArg container.workdir}"
++ map escapeShellArg container.extraOptions
++ [container.image]
++ map escapeShellArg container.cmd
);
inherit (lib) concatStringsSep escapeShellArg optional mapAttrsToList;
in {
Unit = {
WantedBy = [] ++ lib.optional (container.autoStart) "default.target"; # graphical-session instead maybe?
After = dependsOn;
Requires = dependsOn;
# StopWhenUnneeded = true;
};
# TODO make network target..
# wants = lib.optional (container.imageFile == null) "network-online.target";
# after = lib.optionals (container.imageFile == null) [ "network-online.target" ]
# ++ dependsOn;
# environment = proxy_env;
Service = {
### There is no generalized way of supporting `reload` for docker
### containers. Some containers may respond well to SIGHUP sent to their
### init process, but it is not guaranteed; some apps have other reload
### mechanisms, some don't have a reload signal at all, and some docker
### images just have broken signal handling. The best compromise in this
### case is probably to leave ExecReload undefined, so `systemctl reload`
### will at least result in an error instead of potentially undefined
### behaviour.
###
### Advanced users can still override this part of the unit to implement
### a custom reload handler, since the result of all this is a normal
### systemd service from the perspective of the NixOS module system.
###
# ExecReload = ...;
###
ExecStartPre = ["${preStartScript}/bin/pre-start"];
ExecStart = [
"${pkgs.writeShellScript "start" script}"
];
ExecStop = [
"${podman} stop --ignore --cidfile=/run/user/${getId}/podman-${escapedName}.ctr-id"
"${podman} rm -f --ignore --cidfile=/run/user/${getId}/podman-${escapedName}.ctr-id"
];
# TimeoutStartSec = 0;
# TimeoutStopSec = 120;
# Restart = "always";
Environment = ["PODMAN_SYSTEMD_UNIT=podman-${name}.service"];
Type = "notify";
NotifyAccess = "all";
# Type = "exec";
};
};
cfg = config.containers;
inherit (lib) mapAttrs' nameValuePair mkOption types mkIf literalExpression;
in {
inherit (lib)
mapAttrs'
nameValuePair
mkOption
types
mkIf
literalExpression
;
in
{
options.containers = mkOption {
default = {};
default = { };
type = with types; attrsOf (submodule containerOptions);
};
config = mkIf (cfg != {}) {
config = mkIf (cfg != { }) {
systemd.user.services = mapAttrs' (k: v: nameValuePair "podman-${k}" (mkService k v)) cfg;
};
}

160
home/util/cosmic.nix
View file

@ -2,8 +2,20 @@
lib,
config,
...
}: let
inherit (lib) filterAttrs concatStrings concatStringsSep mapAttrsToList concatLists foldlAttrs concatMapAttrs mapAttrs mapAttrs' nameValuePair boolToString;
}:
let
inherit (lib)
filterAttrs
concatStrings
concatStringsSep
mapAttrsToList
concatLists
foldlAttrs
concatMapAttrs
mapAttrs'
nameValuePair
boolToString
;
inherit (builtins) typeOf toString stringLength;
# build up serialisation machinery from here for various types
@ -12,24 +24,33 @@
array = a: "[${concatStringsSep "," a}]";
# attrset -> hashmap
_assoc = a: mapAttrsToList (name: val: "${name}: ${val}") a;
assoc = a: '' {
assoc = a: ''
{
${concatStringsSep ",\n" (concatLists (map _assoc a))}
}'';
# attrset -> struct
_struct_kv = k: v:
if v == null
then ""
else (concatStringsSep ":" [k (serialise.${typeOf v} v)]);
_struct_concat = s:
_struct_kv =
k: v:
if v == null then
""
else
(concatStringsSep ":" [
k
(serialise.${typeOf v} v)
]);
_struct_concat =
s:
foldlAttrs (
acc: k: v:
if stringLength acc > 0
then concatStringsSep ", " [acc (_struct_kv k v)]
else _struct_kv k v
) ""
s;
_struct_filt = s:
_struct_concat (filterAttrs (k: v: v != null) s);
if stringLength acc > 0 then
concatStringsSep ", " [
acc
(_struct_kv k v)
]
else
_struct_kv k v
) "" s;
_struct_filt = s: _struct_concat (filterAttrs (_k: v: v != null) s);
struct = s: "(${_struct_filt s})";
toQuotedString = s: ''"${toString s}"'';
@ -46,59 +67,68 @@
};
# define the key for a keybind
defineBinding = binding:
defineBinding =
binding:
struct {
inherit (binding) modifiers;
key =
if isNull binding.key
then null
else toQuotedString binding.key;
key = if (binding.key == null) then null else toQuotedString binding.key;
};
# map keybinding from list of attrset to hashmap of (mod,key): action
_mapBindings = bindings:
map (
inner: {"${defineBinding inner}" = maybeToString (checkAction inner.action);}
)
bindings;
mapBindings = bindings:
assoc (_mapBindings bindings);
_mapBindings =
bindings:
map (inner: { "${defineBinding inner}" = maybeToString (checkAction inner.action); }) bindings;
mapBindings = bindings: assoc (_mapBindings bindings);
# check a keybinding's action
# escape with quotes if it's a Spawn action
checkAction = a:
if typeOf a == "set" && a.type == "Spawn"
then {
inherit (a) type;
data = toQuotedString a.data;
}
else a;
checkAction =
a:
if typeOf a == "set" && a.type == "Spawn" then
{
inherit (a) type;
data = toQuotedString a.data;
}
else
a;
maybeToString = s:
if typeOf s == "set"
then concatStrings [s.type "(" (toString s.data) ")"]
else s;
maybeToString =
s:
if typeOf s == "set" then
concatStrings [
s.type
"("
(toString s.data)
")"
]
else
s;
mapCosmicSettings = application: options:
mapAttrs' (k: v:
mapCosmicSettings =
application: options:
mapAttrs' (
k: v:
nameValuePair "cosmic/${application}/v${options.version}/${k}" {
enable = true;
text = serialise.${typeOf v} v;
})
options.option;
# deconstructKeybindAttr = attr: mapAttrs' (
# name: value:
# ) attr;
# rec_attr = lib.types.attrsOf (lib.types.oneOf lib.types.string rec_attr);
in {
}
) options.option;
in
# deconstructKeybindAttr = attr: mapAttrs' (
# name: value:
# ) attr;
# rec_attr = lib.types.attrsOf (lib.types.oneOf lib.types.string rec_attr);
{
options.cosmic = {
enable = with lib;
enable =
with lib;
mkOption {
default = false;
type = types.bool;
};
defaultKeybindings = with lib;
defaultKeybindings =
with lib;
mkOption {
default = true;
type = types.bool;
@ -110,15 +140,17 @@ in {
# type = with types; rec_attr;
# };
keybindings = with lib;
keybindings =
with lib;
mkOption {
default = [];
type = with types;
default = [ ];
type =
with types;
listOf (submodule {
options = {
modifiers = mkOption {
type = listOf str;
default = [];
default = [ ];
};
key = mkOption {
type = nullOr str;
@ -131,7 +163,10 @@ in {
type = str;
};
data = mkOption {
type = oneOf [str int];
type = oneOf [
str
int
];
default = "";
};
};
@ -141,10 +176,12 @@ in {
});
};
otherSettings = with lib;
otherSettings =
with lib;
mkOption {
default = {};
type = with types;
default = { };
type =
with types;
attrsOf (submodule {
options = {
version = mkOption {
@ -162,15 +199,14 @@ in {
# TODO we need to split between system_actions, workspaces, custom
config.xdg.configFile =
{
"cosmic/com.system76.CosmicSettings.Shortcuts/v1/custom".text = mapBindings config.cosmic.keybindings;
"cosmic/com.system76.CosmicSettings.Shortcuts/v1/custom".text =
mapBindings config.cosmic.keybindings;
"cosmic/com.system76.CosmicSettings.Shortcuts/v1/defaults" = {
text = "{}";
enable = !config.cosmic.defaultKeybindings;
};
}
// concatMapAttrs (
application: options:
mapCosmicSettings application options
)
config.cosmic.otherSettings;
application: options: mapCosmicSettings application options
) config.cosmic.otherSettings;
}

49
home/util/ez.nix
View file

@ -2,30 +2,35 @@
config,
lib,
...
}: {
}:
{
options = {
ezServices = with lib;
ezServices =
with lib;
mkOption {
type = with types; attrsOf str;
default = {};
default = { };
};
ezOneShots = with lib;
ezOneShots =
with lib;
mkOption {
type = with types; attrsOf str;
default = {};
default = { };
};
ezConf = with lib;
ezConf =
with lib;
mkOption {
type = with types; attrsOf path;
default = {};
default = { };
};
# for specifying an additional systemd target
extraTarget = with lib;
extraTarget =
with lib;
mkOption {
type = with types; listOf str;
default = [];
default = [ ];
};
};
@ -34,37 +39,33 @@
builtins.mapAttrs (name: cmd: {
Unit = {
Description = "${name}";
Requires = ["graphical-session.target"] ++ config.extraTarget;
After = ["graphical-session.target"] ++ config.extraTarget;
Requires = [ "graphical-session.target" ] ++ config.extraTarget;
After = [ "graphical-session.target" ] ++ config.extraTarget;
};
Service = {
ExecStart = cmd;
};
Install = {
WantedBy = ["graphical-session.target"] ++ config.extraTarget;
WantedBy = [ "graphical-session.target" ] ++ config.extraTarget;
};
})
config.ezServices
}) config.ezServices
// builtins.mapAttrs (name: cmd: {
Unit = {
Description = "${name}";
After = ["graphical-session.target"] ++ config.extraTarget;
After = [ "graphical-session.target" ] ++ config.extraTarget;
};
Service = {
ExecStart = cmd;
Type = "oneshot";
};
Install = {
WantedBy = ["graphical-session.target"] ++ config.extraTarget;
WantedBy = [ "graphical-session.target" ] ++ config.extraTarget;
};
})
config.ezOneShots;
}) config.ezOneShots;
xdg.configFile =
builtins.mapAttrs (name: value: {
enable = true;
source = value;
})
config.ezConf;
xdg.configFile = builtins.mapAttrs (_name: value: {
enable = true;
source = value;
}) config.ezConf;
};
}

194
home/util/firefox-webapp.nix
View file

@ -2,22 +2,44 @@
config,
lib,
...
}: let
}:
let
inherit (builtins) getAttr stringLength substring;
inherit (lib) mkOption getExe listToAttrs attrsToList imap;
inherit (lib.attrsets) filterAttrs mapAttrs mapAttrs' nameValuePair;
inherit (lib)
mkOption
getExe
listToAttrs
attrsToList
imap
;
inherit (lib.attrsets)
mapAttrs
mapAttrs'
nameValuePair
;
inherit (lib.strings) concatStringsSep toUpper;
enumerate = a:
listToAttrs (imap (id: {
name,
value,
}: {
inherit name;
value = value // {inherit id;};
}) (attrsToList a));
make-app-profiles = cfg:
mapAttrs' (name: cfg:
enumerate =
a:
listToAttrs (
imap (
id:
{
name,
value,
}:
{
inherit name;
value = value // {
inherit id;
};
}
) (attrsToList a)
);
make-app-profiles =
cfg:
mapAttrs' (
name: cfg:
nameValuePair "home-manager-webapp-${name}" {
inherit (cfg) id;
userChrome = ''
@ -46,39 +68,39 @@
}
'';
settings =
cfg.extraSettings
// {
"browser.startup.homepage" = builtins.toString cfg.url;
"browser.sessionstore.resume_session_once" = false;
"browser.sessionstore.resume_from_crash" = false;
"browser.cache.disk.enable" = false;
"browser.cache.disk.capacity" = 0;
"browser.cache.disk.filesystem_reported" = 1;
"browser.cache.disk.smart_size.enabled" = false;
"browser.cache.disk.smart_size.first_run" = false;
"browser.cache.disk.smart_size.use_old_max" = false;
"browser.ctrlTab.previews" = true;
"browser.tabs.warnOnClose" = false;
"plugin.state.flash" = 2;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"browser.tabs.drawInTitlebar" = false;
"browser.tabs.inTitlebar" = 0;
"browser.contentblocking.category" = "strict";
"network.cookie.lifetimePolicy" = 0;
"layout.css.prefers-color-scheme.content-override" = getAttr cfg.theme {
dark = 0;
light = 1;
system = 2;
};
settings = cfg.extraSettings // {
"browser.startup.homepage" = builtins.toString cfg.url;
"browser.sessionstore.resume_session_once" = false;
"browser.sessionstore.resume_from_crash" = false;
"browser.cache.disk.enable" = false;
"browser.cache.disk.capacity" = 0;
"browser.cache.disk.filesystem_reported" = 1;
"browser.cache.disk.smart_size.enabled" = false;
"browser.cache.disk.smart_size.first_run" = false;
"browser.cache.disk.smart_size.use_old_max" = false;
"browser.ctrlTab.previews" = true;
"browser.tabs.warnOnClose" = false;
"plugin.state.flash" = 2;
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
"browser.tabs.drawInTitlebar" = false;
"browser.tabs.inTitlebar" = 0;
"browser.contentblocking.category" = "strict";
"network.cookie.lifetimePolicy" = 0;
"layout.css.prefers-color-scheme.content-override" = getAttr cfg.theme {
dark = 0;
light = 1;
system = 2;
};
})
cfg;
in {
};
}
) cfg;
in
{
options.programs.firefox.webapps = mkOption {
default = {};
default = { };
type = with lib.types;
type =
with lib.types;
attrsOf (submodule {
options = {
####################
@ -102,13 +124,13 @@ in {
extraArgs = mkOption {
type = listOf str;
default = [];
default = [ ];
description = "Extra args to launch Firefox with.";
};
extraSettings = mkOption {
type = attrsOf (either bool (either int str));
default = {};
default = { };
description = "Additional Firefox profile settings.";
};
@ -119,7 +141,11 @@ in {
};
theme = mkOption {
type = enum ["dark" "light" "system"];
type = enum [
"dark"
"light"
"system"
];
default = "system";
description = "The application CSS theme to use, if supported.";
};
@ -138,7 +164,11 @@ in {
mimeType = mkOption {
description = "The MIME type(s) supported by this application.";
type = nullOr (listOf str);
default = ["text/html" "text/xml" "application/xhtml_xml"];
default = [
"text/html"
"text/xml"
"application/xhtml_xml"
];
};
# Copied verbatim from xdg.desktopEntries.
@ -183,40 +213,48 @@ in {
config = {
programs.firefox.profiles = make-app-profiles (enumerate config.programs.firefox.webapps);
xdg.desktopEntries =
mapAttrs (name: cfg: {
inherit (cfg) genericName comment categories icon mimeType prefersNonDefaultGPU;
xdg.desktopEntries = mapAttrs (name: cfg: {
inherit (cfg)
genericName
comment
categories
icon
mimeType
prefersNonDefaultGPU
;
name =
if cfg.name == null
then (toUpper (substring 0 1 name)) + (substring 1 (stringLength name) name)
else cfg.name;
name =
if cfg.name == null then
(toUpper (substring 0 1 name)) + (substring 1 (stringLength name) name)
else
cfg.name;
startupNotify = true;
terminal = false;
type = "Application";
startupNotify = true;
terminal = false;
type = "Application";
exec = concatStringsSep " " ([
"${getExe config.programs.firefox.package}"
"--name"
"${name}"
"--app-id"
"${name}"
"--class"
"${name}"
"-P"
"${config.programs.firefox.profiles."home-manager-webapp-${name}".path}"
"--no-remote"
]
++ cfg.extraArgs
++ ["${cfg.url}"]);
exec = concatStringsSep " " (
[
"${getExe config.programs.firefox.package}"
"--name"
"${name}"
"--app-id"
"${name}"
"--class"
"${name}"
"-P"
"${config.programs.firefox.profiles."home-manager-webapp-${name}".path}"
"--no-remote"
]
++ cfg.extraArgs
++ [ "${cfg.url}" ]
);
settings = {
X-MultipleArgs = "false"; # Consider enabling, don't know what this does
StartupWMClass = "${name}";
NoDisplay = lib.boolToString cfg.hidden;
};
})
config.programs.firefox.webapps;
settings = {
X-MultipleArgs = "false"; # Consider enabling, don't know what this does
StartupWMClass = "${name}";
NoDisplay = lib.boolToString cfg.hidden;
};
}) config.programs.firefox.webapps;
};
}

92
home/util/flatpak.nix
View file

@ -2,62 +2,60 @@
config,
lib,
...
}: let
}:
let
inherit (lib) mkOption;
inherit (builtins) typeOf listToAttrs;
in {
in
{
options.flatpaks = mkOption {
default = [];
type = with lib.types;
listOf (either str (submodule {
options = {
name = mkOption {
type = str;
default = [ ];
type =
with lib.types;
listOf (
either str (submodule {
options = {
name = mkOption {
type = str;
};
overrides = mkOption {
type = attrsOf (attrsOf (either str (listOf str)));
default = { };
};
};
overrides = mkOption {
type = attrsOf (attrsOf (either str (listOf str)));
default = {};
};
};
}));
})
);
};
config.services.flatpak = let
userOverrides = listToAttrs (
map (
fp:
if (typeOf fp == "string")
then {
name = fp;
value = {};
}
else {
inherit (fp) name;
value = fp.overrides;
}
)
config.flatpaks
);
in {
enable = true;
uninstallUnmanaged = true;
update.auto.enable = true;
packages =
map (
fp:
if (typeOf fp == "set")
then fp.name
else fp
)
config.flatpaks;
overrides =
userOverrides
// {
config.services.flatpak =
let
userOverrides = listToAttrs (
map (
fp:
if (typeOf fp == "string") then
{
name = fp;
value = { };
}
else
{
inherit (fp) name;
value = fp.overrides;
}
) config.flatpaks
);
in
{
enable = true;
uninstallUnmanaged = true;
update.auto.enable = true;
packages = map (fp: if (typeOf fp == "set") then fp.name else fp) config.flatpaks;
overrides = userOverrides // {
global = {
Context.sockets = ["wayland"];
Context.sockets = [ "wayland" ];
Environment = {
ELECTRON_OZONE_PLATFORM_HINT = "auto";
};
};
};
};
};
}

255
home/util/local-webapp.nix
View file

@ -3,9 +3,9 @@
pkgs,
lib,
...
}: let
inherit
(lib)
}:
let
inherit (lib)
mkOption
mkForce
getExe
@ -20,106 +20,104 @@
replaceStrings
concatMapStringsSep
;
partOf = cfg: "${replaceStrings [" "] ["-"] (toLower cfg.name)}.target";
partOf = cfg: "${replaceStrings [ " " ] [ "-" ] (toLower cfg.name)}.target";
# make a firefox webapp + hidden .desktop entry for the client app
make-firefox = cfg:
make-firefox =
cfg:
mapAttrs' (
name: cfg:
nameValuePair "${name}-client"
{
inherit (cfg) name;
url = "http://127.0.0.1:${builtins.toString cfg.port}";
extraSettings = config.programs.firefox.profiles.default.settings;
hidden = true;
}
)
cfg;
# make a systemd service for running the frontend
make-systemd-service = cfg:
mapAttrs' (
name: cfg:
if
(cfg.service
!= null)
then
nameValuePair "${cfg.name}-frontend" {
Unit = {
Description = "${cfg.name} Frontend";
WantedBy = mkForce [];
};
Service = cfg.service;
}
else nameValuePair "" {}
)
cfg;
# modify systemd units to be PartOf this target
modify-systemd-services = cfg:
listToAttrs (flatten (mapAttrsToList (
name: cfg: (map (
req: {
name = "${req}";
value = {
Unit = {
PartOf = partOf cfg;
};
};
}
)
cfg.requires.services)
)
cfg));
modify-quadlets = cfg:
listToAttrs (flatten (mapAttrsToList (
name: cfg: (map (
req: {
name = "${req}";
value = {
extraConfig.Unit.PartOf = partOf cfg;
};
}
)
cfg.requires.containers)
)
cfg));
# make a systemd target to collate dependencies
make-systemd-target = cfg:
mapAttrs (
name: cfg: {
Unit = {
Description = "${cfg.name} Target";
WantedBy = mkForce [];
Requires =
(map (req: req + ".service") cfg.requires.services)
++ (map (req: "podman-" + req + ".service") cfg.requires.containers);
};
nameValuePair "${name}-client" {
inherit (cfg) name;
url = "http://127.0.0.1:${builtins.toString cfg.port}";
extraSettings = config.programs.firefox.profiles.default.settings;
hidden = true;
}
)
cfg;
) cfg;
# make a systemd service for running the frontend
make-systemd-service =
cfg:
mapAttrs' (
name: cfg:
if (cfg.service != null) then
nameValuePair "${cfg.name}-frontend" {
Unit = {
Description = "${cfg.name} Frontend";
WantedBy = mkForce [ ];
};
Service = cfg.service;
}
else
nameValuePair "" { }
) cfg;
# modify systemd units to be PartOf this target
modify-systemd-services =
cfg:
listToAttrs (
flatten (
mapAttrsToList (
name: cfg:
(map (req: {
name = "${req}";
value = {
Unit = {
PartOf = partOf cfg;
};
};
}) cfg.requires.services)
) cfg
)
);
modify-quadlets =
cfg:
listToAttrs (
flatten (
mapAttrsToList (
name: cfg:
(map (req: {
name = "${req}";
value = {
extraConfig.Unit.PartOf = partOf cfg;
};
}) cfg.requires.containers)
) cfg
)
);
# make a systemd target to collate dependencies
make-systemd-target =
cfg:
mapAttrs (name: cfg: {
Unit = {
Description = "${cfg.name} Target";
WantedBy = mkForce [ ];
Requires =
(map (req: req + ".service") cfg.requires.services)
++ (map (req: "podman-" + req + ".service") cfg.requires.containers);
};
}) cfg;
# make desktop shortcuts and a script which will handle starting everything
make-xdg = cfg:
mapAttrs (
name: cfg: {
inherit (cfg) name icon genericName;
type = "Application";
exec = "${let
make-xdg =
cfg:
mapAttrs (name: cfg: {
inherit (cfg) name icon genericName;
type = "Application";
exec = "${
let
notify-send = "${getExe' pkgs.libnotify "notify-send"} -a \"${cfg.name}\"";
systemctl = "${getExe' pkgs.systemd "systemctl"}";
dex = "${getExe pkgs.dex}";
podman = "${getExe pkgs.podman}";
makeContainerCheck = container: ''[ "$(${podman} inspect -f {{.State.Health.Status}} ${container})" == "healthy" ]'';
makeContainerCheck =
container: ''[ "$(${podman} inspect -f {{.State.Health.Status}} ${container})" == "healthy" ]'';
# makeContainerCheck = container: ''
# [ ${podman} inspect -f {{.State.Status}} ${container})" != "running" ]
# '';
containerChecks =
if (cfg.requires.containers != [])
then
if (cfg.requires.containers != [ ]) then
''
container_checks() {
if ''
+ (concatMapStringsSep " && "
(container: makeContainerCheck container)
cfg.requires.containers)
+ (concatMapStringsSep " && " makeContainerCheck cfg.requires.containers)
+ ''
; then
return 0
@ -128,54 +126,55 @@
fi
}
''
else ''
container_checks() {
return 0
}
'';
else
''
container_checks() {
return 0
}
'';
in
pkgs.writeShellScript "${name}"
''
set -euo pipefail
pkgs.writeShellScript "${name}" ''
set -euo pipefail
exit_error() {
${notify-send} -w "Failure" $1
exit 1
}
exit_error() {
${notify-send} -w "Failure" $1
exit 1
}
${containerChecks}
${containerChecks}
${notify-send} "Launching ${name} backend.." "Please be patient."
${systemctl} --user start ${name}.target || exit_error "Failed to launch!"
${notify-send} "Launching ${name} backend.." "Please be patient."
${systemctl} --user start ${name}.target || exit_error "Failed to launch!"
checks=0
until container_checks; do
sleep 2
checks=$((checks+1))
if [ $((checks%10)) -eq 0 ]; then
${notify-send} "Waiting for backend."
fi
if [ $checks -ge 60 ]; then
${systemctl} --no-block --user stop ${name}.target
exit_error "Failed to launch!"
fi
done
checks=0
until container_checks; do
sleep 2
checks=$((checks+1))
if [ $((checks%10)) -eq 0 ]; then
${notify-send} "Waiting for backend."
fi
if [ $checks -ge 60 ]; then
${systemctl} --no-block --user stop ${name}.target
exit_error "Failed to launch!"
fi
done
${notify-send} "Launching ${name}.."
${dex} -w ~/.nix-profile/share/applications/${name}-client.desktop
${notify-send} "Launching ${name}.."
${dex} -w ~/.nix-profile/share/applications/${name}-client.desktop
${notify-send} "Goodbye" "Shutting down."
${systemctl} --user stop ${name}.target
exit 0
''}";
}
)
cfg;
${notify-send} "Goodbye" "Shutting down."
${systemctl} --user stop ${name}.target
exit 0
''
}";
}) cfg;
cfg = config.localWebApps;
in {
in
{
options.localWebApps = mkOption {
default = {};
type = with lib.types;
default = { };
type =
with lib.types;
attrsOf (submodule {
options = {
name = mkOption {
@ -200,11 +199,11 @@ in {
options = {
containers = mkOption {
type = listOf str;
default = [];
default = [ ];
};
services = mkOption {
type = listOf str;
default = [];
default = [ ];
};
};
});

70
home/util/murex.nix
View file

@ -1,20 +1,26 @@
{
lib,
pkgs,
config,
...
}: let
inherit (lib) mkEnableOption mkOption mkIf types;
}:
let
inherit (lib)
mkEnableOption
mkOption
mkIf
types
;
inherit (builtins) listToAttrs;
cfg = config.programs.murex;
in {
in
{
options.programs.murex = {
enable = mkEnableOption "murex shell";
managePlugins = mkEnableOption "plugin management";
direnv = mkEnableOption "direnv integration";
plugins = mkOption {
type = with types; listOf package;
default = [];
default = [ ];
};
profile = mkOption {
type = types.str;
@ -27,16 +33,18 @@ in {
useXdgConfig = mkEnableOption "override MUREX_{PRELOAD,MODULES,PROFILE} env vars to conform to XDG_CONFIG_HOME";
};
config = mkIf cfg.enable {
home.file = let
plugins = listToAttrs (map (plugin: {
name = ".murex_modules/${plugin.pname}";
value = {
recursive = true;
source = plugin;
};
})
cfg.plugins);
in
home.file =
let
plugins = listToAttrs (
map (plugin: {
name = ".murex_modules/${plugin.pname}";
value = {
recursive = true;
source = plugin;
};
}) cfg.plugins
);
in
lib.mergeAttrs plugins {
".murex_preload" = {
text = cfg.preload;
@ -47,31 +55,31 @@ in {
text =
cfg.profile
+ (
if cfg.direnv
then ''
direnv hook murex -> source
''
else ""
if cfg.direnv then
''
direnv hook murex -> source
''
else
""
);
executable = true;
enable = cfg.direnv || cfg.profile != "";
};
".murex_modules/packages.json" = {
text = builtins.toJSON (map (plugin: {
text = builtins.toJSON (
map (plugin: {
Protocol = "nix";
URI = "nix://managed.git";
Package = plugin.pname;
})
cfg.plugins);
enable = cfg.managePlugins && (cfg.plugins != []);
}) cfg.plugins
);
enable = cfg.managePlugins && (cfg.plugins != [ ]);
};
};
home.sessionVariables =
mkIf
cfg.useXdgConfig {
MUREX_PRELOAD = "$XDG_CONFIG_HOME/murex/";
MUREX_MODULES = "$XDG_CONFIG_HOME/murex/";
MUREX_PROFILE = "$XDG_CONFIG_HOME/murex/";
};
home.sessionVariables = mkIf cfg.useXdgConfig {
MUREX_PRELOAD = "$XDG_CONFIG_HOME/murex/";
MUREX_MODULES = "$XDG_CONFIG_HOME/murex/";
MUREX_PROFILE = "$XDG_CONFIG_HOME/murex/";
};
};
}

20
home/util/name.nix
View file

@ -2,16 +2,20 @@
lib,
config,
...
}: let
}:
let
inherit (lib) mkOption;
in {
in
{
options.mainUser = mkOption {
type = lib.types.str;
};
config.home = let
inherit (config) mainUser;
in {
username = mainUser;
homeDirectory = "/home/${mainUser}";
};
config.home =
let
inherit (config) mainUser;
in
{
username = mainUser;
homeDirectory = "/home/${mainUser}";
};
}