about summary refs log tree commit diff
path: root/modules
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2023-05-02 01:27:41 +0300
committerAzat Bahawi <azat@bahawi.net>2023-05-02 01:27:41 +0300
commit1e9d5f05b350cec8568b6c2eb4fb4d124e73e926 (patch)
tree1ae63982779fef6b367dc8dc4777a1ab89cab7f2 /modules
parent2023-04-14 (diff)
2023-05-02
Diffstat (limited to '')
-rw-r--r--modules/common/common/nix/default.nix61
-rw-r--r--modules/common/profiles/dev/default.nix4
-rw-r--r--modules/nixos/acme.nix2
-rw-r--r--modules/nixos/endlessh.nix5
-rw-r--r--modules/nixos/fail2ban.nix2
-rw-r--r--modules/nixos/games/steam-run.nix20
-rw-r--r--modules/nixos/git/default.nix4
-rw-r--r--modules/nixos/grafana.nix2
-rw-r--r--modules/nixos/ipfs.nix4
-rw-r--r--modules/nixos/lidarr.nix6
-rw-r--r--modules/nixos/loki.nix2
-rw-r--r--modules/nixos/matrix/dendrite.nix5
-rw-r--r--modules/nixos/matrix/synapse.nix2
-rw-r--r--modules/nixos/murmur.nix2
-rw-r--r--modules/nixos/ntfy.nix2
-rw-r--r--modules/nixos/postgresql.nix2
-rw-r--r--modules/nixos/radarr.nix2
-rw-r--r--modules/nixos/radicale.nix2
-rw-r--r--modules/nixos/redis.nix2
-rw-r--r--modules/nixos/rss-bridge.nix2
-rw-r--r--modules/nixos/rtorrent.nix2
-rw-r--r--modules/nixos/sonarr.nix2
-rw-r--r--modules/nixos/unbound.nix2
-rw-r--r--modules/nixos/vaultwarden.nix2
24 files changed, 108 insertions, 33 deletions
diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix
index dea9358..723a2b8 100644
--- a/modules/common/common/nix/default.nix
+++ b/modules/common/common/nix/default.nix
@@ -99,7 +99,23 @@ with lib; {
           patches = [./patches/alejandra-no-ads.patch];
         });
 
-        inherit (pkgsPR "225985" "sha256-wS8vyIEH2gFt3cLvSrROTULu8N8FCUle6cy2zqHN+VI=") mangohud;
+        openmw = super.openmw.overrideAttrs (_: final: {
+          src = super.fetchFromGitHub {
+            owner = "OpenMW";
+            repo = "openmw";
+            rev = "openmw-48-rc9";
+            hash = "sha256-3x+pwtZh+moLN3l1x5Q0rr9TKo3BMaul73ZgywrRBCk=";
+          };
+          patches = [];
+          buildInputs =
+            final.buildInputs
+            ++ (with super; [
+              yaml-cpp
+              luajit
+            ]);
+        });
+
+        inherit (pkgsPR "228852" "sha256-NKZySJ3IVMMeSmpc1zYwse52kxGg0dIrsHTMcO8a73Y=") soju;
       }
       // (with super; let
         np = nodePackages;
@@ -129,33 +145,28 @@ with lib; {
 
   environment.systemPackages = with pkgs;
     optionals this.isHeadful [
-      hydra-check
       nix-top
       nix-tree
     ];
 
-  hm.home = {
-    packages = with pkgs; [nix-index];
-
-    file.".nix-defexpr/default.nix".text =
-      optionalString this.isHeadful
-      (
+  hm.home.file.".nix-defexpr/default.nix".text =
+    optionalString this.isHeadful
+    (
+      let
+        hostname = strings.escapeNixIdentifier this.hostname;
+      in ''
         let
-          hostname = strings.escapeNixIdentifier this.hostname;
-        in ''
-          let
-            self = builtins.getFlake "nixfiles";
-            configurations = self.nixosConfigurations;
-            local = configurations.${hostname};
-          in rec {
-            inherit self;
-            inherit (self) inputs lib;
-            inherit (lib) my;
-            this = my.configurations.${hostname};
-            inherit (local) config;
-            inherit (local.config.system.build) toplevel vm vmWithBootLoader manual;
-          } // configurations // local._module.args
-        ''
-      );
-  };
+          self = builtins.getFlake "nixfiles";
+          configurations = self.nixosConfigurations;
+          local = configurations.${hostname};
+        in rec {
+          inherit self;
+          inherit (self) inputs lib;
+          inherit (lib) my;
+          this = my.configurations.${hostname};
+          inherit (local) config;
+          inherit (local.config.system.build) toplevel vm vmWithBootLoader manual;
+        } // configurations // local._module.args
+      ''
+    );
 }
diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix
index 210924a..442a03a 100644
--- a/modules/common/profiles/dev/default.nix
+++ b/modules/common/profiles/dev/default.nix
@@ -80,7 +80,11 @@ in {
 
       packages = with pkgs; [
         htmlq
+        hydra-check
         jq
+        nix-index
+        nix-update
+        nixpkgs-review
         yq
       ];
     };
diff --git a/modules/nixos/acme.nix b/modules/nixos/acme.nix
index d3ad661..49be684 100644
--- a/modules/nixos/acme.nix
+++ b/modules/nixos/acme.nix
@@ -21,6 +21,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/acme"];
+
     security.acme = {
       acceptTerms = true;
       defaults = {
diff --git a/modules/nixos/endlessh.nix b/modules/nixos/endlessh.nix
index 1350a6a..caf9a38 100644
--- a/modules/nixos/endlessh.nix
+++ b/modules/nixos/endlessh.nix
@@ -12,6 +12,11 @@ in {
     port = 22;
   in
     mkIf cfg.enable {
+      ark.directories = [
+        "/var/lib/gotify-server"
+        "/var/lib/private/gotify-server"
+      ];
+
       services.endlessh = {
         enable = true;
         inherit port;
diff --git a/modules/nixos/fail2ban.nix b/modules/nixos/fail2ban.nix
index 5ac3c9c..a42aab3 100644
--- a/modules/nixos/fail2ban.nix
+++ b/modules/nixos/fail2ban.nix
@@ -11,6 +11,8 @@ in {
     mkEnableOption "fail2ban";
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/fail2ban"];
+
     services.fail2ban = {
       enable = true;
 
diff --git a/modules/nixos/games/steam-run.nix b/modules/nixos/games/steam-run.nix
index 1a1e61f..ba18849 100644
--- a/modules/nixos/games/steam-run.nix
+++ b/modules/nixos/games/steam-run.nix
@@ -11,8 +11,9 @@ in {
     enable = mkEnableOption "native Steam runtime";
 
     quirks = {
-      mountAndBladeWarband = mkEnableOption ''fixes for "Mount & Blade: Warband" issues'';
+      crusaderKings3 = mkEnableOption ''fixes for "Crusader Kings III" issues'';
       cryptOfTheNecrodancer = mkEnableOption ''fixes for "Crypt of the NecroDancer" issues'';
+      mountAndBladeWarband = mkEnableOption ''fixes for "Mount & Blade: Warband" issues'';
     };
   };
 
@@ -31,6 +32,16 @@ in {
         extraLibraries = _:
           with cfg.quirks;
             []
+            ++ optionals crusaderKings3 [
+              ncurses
+            ]
+            ++ optionals cryptOfTheNecrodancer [
+              (import (builtins.fetchTarball {
+                url = "https://github.com/NixOS/nixpkgs/archive/d1c3fea7ecbed758168787fe4e4a3157e52bc808.tar.gz";
+                sha256 = "0ykm15a690v8lcqf2j899za3j6hak1rm3xixdxsx33nz7n3swsyy";
+              }) {inherit (config.nixpkgs) config localSystem;})
+              .flac
+            ]
             ++ optionals mountAndBladeWarband [
               (glew.overrideAttrs (_: super: let
                 opname = super.pname;
@@ -58,13 +69,6 @@ in {
                   patchelf --set-rpath ${libPath} $out/lib/libfmodex64.so
                 '';
               }))
-            ]
-            ++ optionals cryptOfTheNecrodancer [
-              (import (builtins.fetchTarball {
-                url = "https://github.com/NixOS/nixpkgs/archive/d1c3fea7ecbed758168787fe4e4a3157e52bc808.tar.gz";
-                sha256 = "0ykm15a690v8lcqf2j899za3j6hak1rm3xixdxsx33nz7n3swsyy";
-              }) {inherit (config.nixpkgs) config localSystem;})
-              .flac
             ];
       })
       .run
diff --git a/modules/nixos/git/default.nix b/modules/nixos/git/default.nix
index 62a200c..9236437 100644
--- a/modules/nixos/git/default.nix
+++ b/modules/nixos/git/default.nix
@@ -24,6 +24,10 @@ in {
   };
 
   config = mkIf cfg.server.enable {
+    ark.directories = [
+      config.services.gitolite.dataDir
+    ];
+
     nixfiles.modules.nginx = {
       enable = true;
       virtualHosts.${cfg.server.domain} = {
diff --git a/modules/nixos/grafana.nix b/modules/nixos/grafana.nix
index e8630c4..c191e38 100644
--- a/modules/nixos/grafana.nix
+++ b/modules/nixos/grafana.nix
@@ -27,6 +27,8 @@ in {
     db = "grafana";
   in
     mkIf cfg.enable {
+      ark.directories = [config.services.grafana.dataDir];
+
       secrets = {
         grafana-key = {
           file = "${inputs.self}/secrets/grafana-key";
diff --git a/modules/nixos/ipfs.nix b/modules/nixos/ipfs.nix
index 6d32ec6..16e986c 100644
--- a/modules/nixos/ipfs.nix
+++ b/modules/nixos/ipfs.nix
@@ -108,6 +108,10 @@ in {
             }
           )
         ];
+
+        localDiscovery = true;
+
+        startWhenNeeded = true;
       };
 
       networking.firewall = rec {
diff --git a/modules/nixos/lidarr.nix b/modules/nixos/lidarr.nix
index 8439ec0..ffa0735 100644
--- a/modules/nixos/lidarr.nix
+++ b/modules/nixos/lidarr.nix
@@ -17,6 +17,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/lidarr"];
+
     nixfiles.modules.nginx = {
       enable = true;
       upstreams.lidarr.servers."127.0.0.1:8686" = {};
@@ -31,5 +33,9 @@ in {
       user = "rtorrent";
       group = "rtorrent";
     };
+
+    systemd.tmpfiles.rules = with config.services.lidarr; [
+      "d /var/lib/lidarr/root 0755 ${user} ${group} - -"
+    ];
   };
 }
diff --git a/modules/nixos/loki.nix b/modules/nixos/loki.nix
index fe3c2eb..90a051c 100644
--- a/modules/nixos/loki.nix
+++ b/modules/nixos/loki.nix
@@ -24,6 +24,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.directories = [config.services.loki.configuration.common.path_prefix];
+
     nixfiles.modules.nginx = with cfg; {
       enable = true;
       upstreams.loki.servers."127.0.0.1:${toString cfg.port}" = {};
diff --git a/modules/nixos/matrix/dendrite.nix b/modules/nixos/matrix/dendrite.nix
index 35647cb..bd19f8b 100644
--- a/modules/nixos/matrix/dendrite.nix
+++ b/modules/nixos/matrix/dendrite.nix
@@ -28,6 +28,11 @@ in {
     db = "dendrite";
   in
     mkIf cfg.enable {
+      ark.directories = [
+        "/var/lib/dendrite"
+        "/var/lib/private/dendrite"
+      ];
+
       secrets.dendrite-private-key = {
         file = "${inputs.self}/secrets/dendrite-private-key";
         mode = "0444"; # The user is dynamic so the file must be world-readable.
diff --git a/modules/nixos/matrix/synapse.nix b/modules/nixos/matrix/synapse.nix
index 1117f23..a74ebb4 100644
--- a/modules/nixos/matrix/synapse.nix
+++ b/modules/nixos/matrix/synapse.nix
@@ -21,6 +21,8 @@ in {
     port = 8448;
   in
     mkIf cfg.enable {
+      ark.directories = ["/var/lib/matrix-synapse"];
+
       nixfiles.modules = {
         nginx = {
           enable = true;
diff --git a/modules/nixos/murmur.nix b/modules/nixos/murmur.nix
index cbd90d4..8ac7899 100644
--- a/modules/nixos/murmur.nix
+++ b/modules/nixos/murmur.nix
@@ -10,6 +10,8 @@ in {
   options.nixfiles.modules.murmur.enable = mkEnableOption "Murmur";
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/murmur"];
+
     secrets.murmur-environment = {
       file = "${inputs.self}/secrets/murmur-environment";
       owner = "murmur";
diff --git a/modules/nixos/ntfy.nix b/modules/nixos/ntfy.nix
index f8510d5..edbe7e5 100644
--- a/modules/nixos/ntfy.nix
+++ b/modules/nixos/ntfy.nix
@@ -40,6 +40,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.files = [config.services.ntfy-sh.settings.auth-file];
+
     nixfiles.modules.nginx = {
       enable = true;
       upstreams.ntfy.servers.${config.services.ntfy-sh.settings.listen-http} = {};
diff --git a/modules/nixos/postgresql.nix b/modules/nixos/postgresql.nix
index c7085ce..89b24b8 100644
--- a/modules/nixos/postgresql.nix
+++ b/modules/nixos/postgresql.nix
@@ -37,6 +37,8 @@ in {
       }
     ];
 
+    ark.directories = [config.services.postgresql.dataDir];
+
     services = {
       postgresql = {
         enable = true;
diff --git a/modules/nixos/radarr.nix b/modules/nixos/radarr.nix
index c706eae..1551934 100644
--- a/modules/nixos/radarr.nix
+++ b/modules/nixos/radarr.nix
@@ -17,6 +17,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/radarr"];
+
     nixfiles.modules.nginx = {
       enable = true;
       upstreams.radarr.servers."127.0.0.1:7878" = {};
diff --git a/modules/nixos/radicale.nix b/modules/nixos/radicale.nix
index c903d39..d072899 100644
--- a/modules/nixos/radicale.nix
+++ b/modules/nixos/radicale.nix
@@ -21,6 +21,8 @@ in {
     port = 5232;
   in
     mkIf cfg.enable {
+      ark.directories = ["/var/lib/radicale"];
+
       secrets.radicale-htpasswd = {
         file = "${inputs.self}/secrets/radicale-htpasswd";
         owner = "radicale";
diff --git a/modules/nixos/redis.nix b/modules/nixos/redis.nix
index 166407e..ca25101 100644
--- a/modules/nixos/redis.nix
+++ b/modules/nixos/redis.nix
@@ -10,6 +10,8 @@ in {
   options.nixfiles.modules.redis.enable = mkEnableOption "Redis";
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/redis-default"];
+
     services = {
       redis = {
         servers.default = {
diff --git a/modules/nixos/rss-bridge.nix b/modules/nixos/rss-bridge.nix
index fef1070..1fcaac8 100644
--- a/modules/nixos/rss-bridge.nix
+++ b/modules/nixos/rss-bridge.nix
@@ -17,6 +17,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/rss-bridge"];
+
     nixfiles.modules.nginx = {
       enable = true;
       virtualHosts.${cfg.domain}.extraConfig = nginxInternalOnly;
diff --git a/modules/nixos/rtorrent.nix b/modules/nixos/rtorrent.nix
index 4014a3b..a4cade7 100644
--- a/modules/nixos/rtorrent.nix
+++ b/modules/nixos/rtorrent.nix
@@ -31,6 +31,8 @@ in {
       (let
         port = 50000;
       in {
+        ark.directories = [baseDir];
+
         systemd = {
           services.rtorrent = {
             description = "rTorrent";
diff --git a/modules/nixos/sonarr.nix b/modules/nixos/sonarr.nix
index 5990ff1..2d2feb9 100644
--- a/modules/nixos/sonarr.nix
+++ b/modules/nixos/sonarr.nix
@@ -17,6 +17,8 @@ in {
   };
 
   config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/sonarr"];
+
     nixfiles.modules.nginx = {
       enable = true;
       upstreams.sonarr.servers."127.0.0.1:8989" = {};
diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix
index 79d52eb..d24b79e 100644
--- a/modules/nixos/unbound.nix
+++ b/modules/nixos/unbound.nix
@@ -22,6 +22,8 @@ in {
     adblock-conf = "${config.services.unbound.stateDir}/adblock.conf";
   in
     mkIf cfg.enable {
+      ark.directories = [config.services.unbound.stateDir];
+
       nixfiles.modules.redis.enable = true;
 
       services = {
diff --git a/modules/nixos/vaultwarden.nix b/modules/nixos/vaultwarden.nix
index 7d51667..2475ed3 100644
--- a/modules/nixos/vaultwarden.nix
+++ b/modules/nixos/vaultwarden.nix
@@ -21,6 +21,8 @@ in {
     db = "vaultwarden";
   in
     mkIf cfg.enable {
+      ark.directories = ["/var/lib/bitwarden_rs"];
+
       secrets.vaultwarden-environment = {
         file = "${inputs.self}/secrets/vaultwarden-environment";
         owner = "vaultwarden";

Consider giving Nix/NixOS a try! <3