style: reformat all nix files
This commit is contained in:
parent
0b5daa99ed
commit
2dcb901ae1
GPG key ID:
671E39E6744C807D
8 changed files with 51 additions and 47 deletions
|
|
@ -21,7 +21,8 @@ let
|
||||||
home.username = user;
|
home.username = user;
|
||||||
home.homeDirectory = "/home/${user}";
|
home.homeDirectory = "/home/${user}";
|
||||||
}
|
}
|
||||||
] ++ modules;
|
]
|
||||||
|
++ modules;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,8 @@ let
|
||||||
configPath = [
|
configPath = [
|
||||||
"config"
|
"config"
|
||||||
"content" # due to mkIf
|
"content" # due to mkIf
|
||||||
] ++ modulePath;
|
]
|
||||||
|
++ modulePath;
|
||||||
in
|
in
|
||||||
lib.updateManyAttrsByPath
|
lib.updateManyAttrsByPath
|
||||||
[
|
[
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,8 @@ let
|
||||||
categories = [
|
categories = [
|
||||||
"Network"
|
"Network"
|
||||||
"WebBrowser"
|
"WebBrowser"
|
||||||
] ++ lib.optional isSecure "Security";
|
]
|
||||||
|
++ lib.optional isSecure "Security";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
pkgs.runCommand pname { } ''
|
pkgs.runCommand pname { } ''
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,8 @@
|
||||||
count = 60000000;
|
count = 60000000;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
} // user;
|
}
|
||||||
|
// user;
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
useGlobalPkgs = true;
|
useGlobalPkgs = true;
|
||||||
|
|
|
||||||
|
|
@ -30,7 +30,8 @@ in
|
||||||
"luci-ssl"
|
"luci-ssl"
|
||||||
"nextdns"
|
"nextdns"
|
||||||
"tailscale"
|
"tailscale"
|
||||||
] ++ packages;
|
]
|
||||||
|
++ packages;
|
||||||
|
|
||||||
# TODO set up SSH config (register public keys, disable password login, ...)
|
# TODO set up SSH config (register public keys, disable password login, ...)
|
||||||
files = pkgs.runCommand "image-files" { } ''
|
files = pkgs.runCommand "image-files" { } ''
|
||||||
|
|
|
||||||
|
|
@ -85,34 +85,33 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd.services."notify@" =
|
systemd.services."notify@" = {
|
||||||
{
|
onFailure = lib.mkForce [ ];
|
||||||
onFailure = lib.mkForce [ ];
|
}
|
||||||
}
|
// optionalAttrs (cfg.method == "libnotify") {
|
||||||
// optionalAttrs (cfg.method == "libnotify") {
|
description = "Desktop notifications for %i service failure";
|
||||||
description = "Desktop notifications for %i service failure";
|
environment = {
|
||||||
environment = {
|
DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/${
|
||||||
DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/${
|
toString config.users.users.${cfg.libnotify.user}.uid
|
||||||
toString config.users.users.${cfg.libnotify.user}.uid
|
}/bus";
|
||||||
}/bus";
|
INSTANCE = "%i";
|
||||||
INSTANCE = "%i";
|
|
||||||
};
|
|
||||||
script = ''
|
|
||||||
${pkgs.libnotify}/bin/notify-send --urgency=critical \
|
|
||||||
"Service '$INSTANCE' failed" \
|
|
||||||
"$(journalctl -n 6 -o cat -u $INSTANCE)"
|
|
||||||
'';
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "oneshot";
|
|
||||||
User = cfg.libnotify.user;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
// optionalAttrs (cfg.method == "email") {
|
|
||||||
description = "E-Mail notifications for %i service failure";
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStart = "${sendmail} %i";
|
|
||||||
Type = "oneshot";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
script = ''
|
||||||
|
${pkgs.libnotify}/bin/notify-send --urgency=critical \
|
||||||
|
"Service '$INSTANCE' failed" \
|
||||||
|
"$(journalctl -n 6 -o cat -u $INSTANCE)"
|
||||||
|
'';
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
User = cfg.libnotify.user;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
// optionalAttrs (cfg.method == "email") {
|
||||||
|
description = "E-Mail notifications for %i service failure";
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${sendmail} %i";
|
||||||
|
Type = "oneshot";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,8 @@ in
|
||||||
# reduce download bandwidth
|
# reduce download bandwidth
|
||||||
"--max-unused 10%"
|
"--max-unused 10%"
|
||||||
"--repack-cacheable-only"
|
"--repack-cacheable-only"
|
||||||
] ++ extraPruneOpts;
|
]
|
||||||
|
++ extraPruneOpts;
|
||||||
}
|
}
|
||||||
// (removeAttrs args [
|
// (removeAttrs args [
|
||||||
"name"
|
"name"
|
||||||
|
|
|
||||||
|
|
@ -89,21 +89,20 @@ in
|
||||||
wants = [ "tailscaled.service" ];
|
wants = [ "tailscaled.service" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
script =
|
script = ''
|
||||||
''
|
status=$(${config.systemd.package}/bin/systemctl show -P StatusText tailscaled.service)
|
||||||
status=$(${config.systemd.package}/bin/systemctl show -P StatusText tailscaled.service)
|
if [[ $status != Connected* ]]; then
|
||||||
if [[ $status != Connected* ]]; then
|
${cfg.package}/bin/tailscale up
|
||||||
${cfg.package}/bin/tailscale up
|
fi
|
||||||
fi
|
|
||||||
|
|
||||||
# some options cannot be set immediately
|
# some options cannot be set immediately
|
||||||
${cfg.package}/bin/tailscale up ${lib.escapeShellArgs cfg.extraUpFlags}
|
${cfg.package}/bin/tailscale up ${lib.escapeShellArgs cfg.extraUpFlags}
|
||||||
|
|
||||||
${cfg.package}/bin/tailscale cert ${tailnetHost}
|
${cfg.package}/bin/tailscale cert ${tailnetHost}
|
||||||
''
|
''
|
||||||
+ lib.optionalString config.services.nginx.enable ''
|
+ lib.optionalString config.services.nginx.enable ''
|
||||||
chown nginx:nginx /var/lib/tailscale/certs/${tailnetHost}.{key,crt}
|
chown nginx:nginx /var/lib/tailscale/certs/${tailnetHost}.{key,crt}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx.virtualHosts.${tailnetHost} = {
|
services.nginx.virtualHosts.${tailnetHost} = {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue