diff options
author | Azat Bahawi <azat@bahawi.net> | 2022-08-24 13:46:57 +0300 |
---|---|---|
committer | Azat Bahawi <azat@bahawi.net> | 2022-08-24 13:46:57 +0300 |
commit | 63f085f0b035bee67254918c7b17bcc31984580c (patch) | |
tree | 06dfe93521c1d905a948328197edfc2f0aeeab82 /modules | |
parent | 2022-08-21 (diff) |
2022-08-24
Diffstat (limited to '')
-rw-r--r-- | modules/nixfiles/common/default.nix | 2 | ||||
-rw-r--r-- | modules/nixfiles/common/nix/default.nix (renamed from modules/nixfiles/common/nix.nix) | 41 | ||||
-rw-r--r-- | modules/nixfiles/common/nix/patches/alejandra-no-ads.patch | 33 | ||||
-rw-r--r-- | modules/nixfiles/emacs/default.nix | 18 | ||||
-rw-r--r-- | modules/nixfiles/games/minecraft.nix | 35 | ||||
-rw-r--r-- | modules/nixfiles/nmap.nix | 64 | ||||
-rw-r--r-- | modules/nixfiles/profiles/dev/containers/default.nix | 14 |
7 files changed, 133 insertions, 74 deletions
diff --git a/modules/nixfiles/common/default.nix b/modules/nixfiles/common/default.nix index d73ac53..7f60f77 100644 --- a/modules/nixfiles/common/default.nix +++ b/modules/nixfiles/common/default.nix @@ -6,7 +6,7 @@ _: { ./kernel.nix ./locale.nix ./networking.nix - ./nix.nix + ./nix ./secrets.nix ./security.nix ./services.nix diff --git a/modules/nixfiles/common/nix.nix b/modules/nixfiles/common/nix/default.nix index 2447d96..4213a29 100644 --- a/modules/nixfiles/common/nix.nix +++ b/modules/nixfiles/common/nix/default.nix @@ -8,9 +8,7 @@ this, ... }: -with lib; let - nixfilesSrc = "${config.my.home}/src/nixfiles"; -in { +with lib; { _module.args = let importNixpkgs = nixpkgs: import nixpkgs { @@ -46,7 +44,7 @@ in { nixPath = mapAttrsToList (n: v: "${n}=${v}") filteredInputs - ++ ["nixfiles=${nixfilesSrc}"]; + ++ ["nixfiles=${config.my.home}/src/nixfiles"]; registry = mapAttrs (_: flake: {inherit flake;}) filteredInputs @@ -79,30 +77,18 @@ in { self.overlays.default (_: super: { - # Splitting this into a separate package could be a good PR. - logcli = super.grafana-loki.overrideAttrs (_: _: { - subPackages = ["cmd/logcli"]; - preFixup = ""; - doCheck = false; + nix-bash-completions = super.nix-bash-completions.overrideAttrs (_: _: { + postPatch = '' + substituteInPlace _nix \ + --replace 'nix nixos-option' 'nixos-option' + ''; }); - nix-bash-completions = - super.nix-bash-completions.overrideAttrs - (_: _: { - postPatch = '' - substituteInPlace _nix --replace 'nix nixos-option' 'nixos-option' - ''; - }); - - helm = super.kubernetes-helm-wrapped.override { - plugins = with super.kubernetes-helmPlugins; [ - helm-diff - helm-secrets - ]; - }; + alejandra = super.alejandra.overrideAttrs (_: _: { + patches = [./patches/alejandra-no-ads.patch]; + }); - # https://github.com/matrix-org/dendrite/issues/2650 - # Wait till 0.9.4 + # FIXME https://github.com/NixOS/nixpkgs/pull/187519 dendrite = super.dendrite.overrideAttrs (_: _: { doCheck = false; }); @@ -120,7 +106,6 @@ in { lua-language-server = sumneko-lua-language-server; nix-language-server = rnix-lsp; omnisharp = omnisharp-roslyn; - telepresence = telepresence2; tor-browser = tor-browser-bundle-bin; })) agenix.overlay @@ -145,10 +130,6 @@ in { systemPackages = with pkgs; optionals config.profile.headful [ - (pkgs.nixfiles.override { - nix = config.nix.package; - inherit nixfilesSrc; - }) nix-top nix-tree ]; diff --git a/modules/nixfiles/common/nix/patches/alejandra-no-ads.patch b/modules/nixfiles/common/nix/patches/alejandra-no-ads.patch new file mode 100644 index 0000000..6eaac66 --- /dev/null +++ b/modules/nixfiles/common/nix/patches/alejandra-no-ads.patch @@ -0,0 +1,33 @@ +diff --git i/src/alejandra_cli/src/cli.rs w/src/alejandra_cli/src/cli.rs +index bab102c..b90bf1d 100644 +--- i/src/alejandra_cli/src/cli.rs ++++ w/src/alejandra_cli/src/cli.rs +@@ -7,7 +7,6 @@ use futures::future::RemoteHandle; + use futures::stream::FuturesUnordered; + use futures::task::SpawnExt; + +-use crate::ads::random_ad; + use crate::verbosity::Verbosity; + + /// The Uncompromising Nix Code Formatter. +@@ -203,11 +202,6 @@ pub fn main() -> std::io::Result<()> { + (true, false) => "requires formatting", + } + ); +- +- if in_place { +- eprintln!(); +- eprint!("{}", random_ad()); +- } + } + + std::process::exit(if in_place { 0 } else { 2 }); +@@ -218,8 +212,6 @@ pub fn main() -> std::io::Result<()> { + eprintln!( + "Congratulations! Your code complies with the Alejandra style." + ); +- eprintln!(); +- eprint!("{}", random_ad()); + } + + std::process::exit(0); diff --git a/modules/nixfiles/emacs/default.nix b/modules/nixfiles/emacs/default.nix index a972060..86db0f7 100644 --- a/modules/nixfiles/emacs/default.nix +++ b/modules/nixfiles/emacs/default.nix @@ -8,8 +8,7 @@ with lib; let cfg = config.nixfiles.modules.emacs; in { - options.nixfiles.modules.emacs.enable = - mkEnableOption "GNU Emacs"; + options.nixfiles.modules.emacs.enable = mkEnableOption "GNU Emacs"; config = mkIf cfg.enable { # TODO Make magit-forge to work with this. @@ -33,16 +32,13 @@ in { programs.doom-emacs = { enable = true; doomPrivateDir = ./doom; - # NOTE NativeComp breaks non-latin fonts and takes a long time to - # perform updates while giving miniscule speed improvements. Emacs is - # still a laggy and slow piece of shit regardless of enabling this flag - # or not. - # emacsPackage = pkgs.emacs28.override {nativeComp = true;}; - emacsPackage = pkgs.emacs28; + emacsPackage = pkgs.emacs28; # Package is pinned to avoid surprises. extraPackages = with pkgs; [ mu # :email mu4e ]; extraConfig = let + # NOTE gopls will require a Go executable, which must be provided by + # the project's flake. extraBins = with pkgs; [ (aspellWithDicts (p: with p; [en ru])) # :checkers spell (+aspell) asmfmt # :editor format @@ -81,6 +77,7 @@ in { python3Packages.isort # :lang python python3Packages.pyflakes # :lang python ripgrep # core + rust-analyzer # :lang rust shellcheck # :lang sh shfmt # :lang sh :editor format sqlite # :lang (org +roam2) :tools lookup @@ -115,9 +112,8 @@ in { circe-default-realname "${my.fullname}" circe-default-user circe-default-nick) - (setq doom-font (font-spec - :family "${config.fontScheme.monospaceFont.family}" - :size ${toString config.fontScheme.monospaceFont.size}) + (setq doom-font (font-spec :family "${config.fontScheme.monospaceFont.family}" + :size ${toString config.fontScheme.monospaceFont.size}) doom-unicode-font doom-font) ''; }; diff --git a/modules/nixfiles/games/minecraft.nix b/modules/nixfiles/games/minecraft.nix index 4825a7b..3936eaa 100644 --- a/modules/nixfiles/games/minecraft.nix +++ b/modules/nixfiles/games/minecraft.nix @@ -10,7 +10,15 @@ with lib; let in { options.nixfiles.modules.games.minecraft = { client.enable = mkEnableOption "Minecraft client"; - server.enable = mkEnableOption "Minecraft server"; + server = { + enable = mkEnableOption "Minecraft server"; + + memory = mkOption { + description = "Amount of RAM to allocate."; + type = types.str; + default = "2G"; + }; + }; }; # Configurations, opslist, whitelist and plugins are managed imperatively. @@ -30,7 +38,30 @@ in { package = (pkgsPR "187458" "sha256-kOYkuXvcmqt8Lsh0yMr8reurzU1qTrzh0Z/Tjan0IF0=").papermc; # TODO Make PR fixing trailing whitespace on this. - jvmOpts = mkDefault "-Xmx4096M -Xms4096M "; + jvmOpts = + (concatStringsSep " " [ + "-Xmx${cfg.server.memory}" + "-Xms${cfg.server.memory}" + # "-XX:+AlwaysPreTouch" + # "-XX:+DisableExplicitGC" + # "-XX:+ParallelRefProcEnabled" + # "-XX:+PerfDisableSharedMem" + # "-XX:+UnlockExperimentalVMOptions" + # "-XX:+UseG1GC" + # "-XX:G1HeapRegionSize=8M" + # "-XX:G1HeapWastePercent=5" + # "-XX:G1MaxNewSizePercent=40" + # "-XX:G1MixedGCCountTarget=4" + # "-XX:G1MixedGCLiveThresholdPercent=90" + # "-XX:G1NewSizePercent=30" + # "-XX:G1RSetUpdatingPauseTimePercent=5" + # "-XX:G1ReservePercent=20" + # "-XX:InitiatingHeapOccupancyPercent=15" + # "-XX:MaxGCPauseMillis=200" + # "-XX:MaxTenuringThreshold=1" + # "-XX:SurvivorRatio=32" + ]) + + " "; openFirewall = true; }; diff --git a/modules/nixfiles/nmap.nix b/modules/nixfiles/nmap.nix index 56ac88f..27a36bb 100644 --- a/modules/nixfiles/nmap.nix +++ b/modules/nixfiles/nmap.nix @@ -11,31 +11,49 @@ in { options.nixfiles.modules.nmap.enable = mkEnableOption "Nmap"; config = mkIf cfg.enable { - hm.home = { - file = { - ".nmap/scripts/vulners/vulners.nse".source = "${inputs.nmap-vulners}/vulners.nse"; - ".nmap/scripts/vulscan/vulscan.nse".source = "${inputs.nmap-vulscan}/vulscan.nse"; + hm = { + home = { + file = { + ".nmap/scripts/vulners/vulners.nse".source = "${inputs.nmap-vulners}/vulners.nse"; + ".nmap/scripts/vulscan/vulscan.nse".source = "${inputs.nmap-vulscan}/vulscan.nse"; + }; + + packages = with pkgs; [nmap nmap-formatter]; + + activation.regenerateNmapScriptDatabase = with pkgs; '' + # TODO Add an update timestamp and pull files only when they are old. + # declare -a vulscandbs=( + # "cve" + # "exploitdb" + # "openvas" + # "osvdb" + # "scipvuldb" + # "securityfocus" + # "securitytracker" + # "xforce" + # ) + # for i in "''${vulscandbs[@]}"; do + # ${curl}/bin/curl \ + # -o "$HOME/.nmap/scripts/vulscan/$i.csv" \ + # "https://www.computec.ch/projekte/vulscan/download/$i.csv" + # done + + ${nmap}/bin/nmap --script-updatedb + ''; }; - packages = with pkgs; [nmap nmap-formatter]; - activation.regenerateNmapScriptDatabase = with pkgs; '' - # declare -a vulscandbs=( - # "cve" - # "exploitdb" - # "openvas" - # "osvdb" - # "scipvuldb" - # "securityfocus" - # "securitytracker" - # "xforce" - # ) - # for i in "''${vulscandbs[@]}"; do - # ${curl}/bin/curl \ - # -o "$HOME/.nmap/scripts/vulscan/$i.csv" \ - # "https://www.computec.ch/projekte/vulscan/download/$i.csv" - # done - ${nmap}/bin/nmap --script-updatedb - ''; + programs.bash = { + shellAliases = let + base = "${pkgs.nmap}/bin/nmap -sV"; + in { + nmap-vulscan = "${base} --script=vulscan/vulscan.nse"; + nmap-vulners = "${base} --script=vulners/vulners.nse"; + }; + initExtra = mkAfter '' + _complete_alias nmap-vulscan _nmap nmap + _complete_alias nmap-vulners _nmap nmap + ''; + }; }; }; } diff --git a/modules/nixfiles/profiles/dev/containers/default.nix b/modules/nixfiles/profiles/dev/containers/default.nix index 3196654..b533626 100644 --- a/modules/nixfiles/profiles/dev/containers/default.nix +++ b/modules/nixfiles/profiles/dev/containers/default.nix @@ -19,14 +19,14 @@ in { hm = { home = { sessionVariables = { - MINIKUBE_IN_STYLE = "false"; - WERF_DEV = "true"; - WERF_INSECURE_REGISTRY = "true"; - WERF_LOG_DEBUG = "true"; - WERF_LOG_PRETTY = "false"; - WERF_LOG_VERBOSE = "true"; + MINIKUBE_IN_STYLE = false; + WERF_DEV = true; + WERF_INSECURE_REGISTRY = true; + WERF_LOG_DEBUG = true; + WERF_LOG_PRETTY = false; + WERF_LOG_VERBOSE = true; WERF_SYNCHRONIZATION = ":local"; - WERF_TELEMETRY = 0; + WERF_TELEMETRY = false; }; file.".minikube/config/config.json".text = generators.toJSON {} { |