diff --git a/.gitmodules b/.gitmodules index 4aae1de..052a3d3 100644 --- a/.gitmodules +++ b/.gitmodules @@ -2,3 +2,6 @@ path = qois-infrastructure url = git@gitlab.com:qo.is/infrastructure.git branch = master +[submodule "defaults/threema"] + path = defaults/threema + url = git@git.threema.ch:fah/nixos-config.git diff --git a/defaults/threema b/defaults/threema new file mode 160000 index 0000000..730ebce --- /dev/null +++ b/defaults/threema @@ -0,0 +1 @@ +Subproject commit 730ebce63dea4fb3eed6432b9b5dcd610e5b1de5 diff --git a/flake.lock b/flake.lock index 3ddd827..956eed1 100644 --- a/flake.lock +++ b/flake.lock @@ -90,11 +90,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1649537291, - "narHash": "sha256-V6VYIwTeI5BCfYK9f5EsMbjsjsis1rUDHMsaDbTvt+A=", + "lastModified": 1649619156, + "narHash": "sha256-p0q4zpuKMwrzGF+5ZU7Thnpac5TinhDI9jr2mBxhV4w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "715dc137b08213aabbbe0965b78ab938e5d8d3b7", + "rev": "e7d63bd0d50df412f5a1d8acfa3caae75522e347", "type": "github" }, "original": { @@ -126,7 +126,7 @@ "nixpkgs-nixos-unstable": "nixpkgs-nixos-unstable" }, "locked": { - "narHash": "sha256-td+qvLGjYw0oRFYsMR4LKciDWyOoPGJJJ2phMFwN1ME=", + "narHash": "sha256-UV3bsGWywqN6sDKyK0DetIEgCSMHhsBACLJNXclxj94=", "path": "/etc/nixos/qois-infrastructure", "type": "path" }, @@ -142,7 +142,24 @@ "nixos-hardware": "nixos-hardware", "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable", - "qois-infrastructure": "qois-infrastructure" + "qois-infrastructure": "qois-infrastructure", + "threema": "threema" + } + }, + "threema": { + "inputs": { + "nixpkgs-unstable": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "narHash": "sha256-Z4q+KnV4c28TVC7Hmn5fTn5nPd6LhBzL4iwDBAFa8Lo=", + "path": "/etc/nixos/defaults/threema", + "type": "path" + }, + "original": { + "path": "/etc/nixos/defaults/threema", + "type": "path" } } }, diff --git a/flake.nix b/flake.nix index c5f7696..df3be74 100644 --- a/flake.nix +++ b/flake.nix @@ -6,12 +6,15 @@ home-manager.url = "github:nix-community/home-manager/release-21.11"; home-manager.inputs.nixpkgs.follows = "nixpkgs-stable"; qois-infrastructure.url = "path:/etc/nixos/qois-infrastructure"; + threema.url = "path:/etc/nixos/defaults/threema"; + threema.inputs.nixpkgs-unstable.follows = "nixpkgs-unstable"; fabianhauser-etaxes-sg.url = "github:fabianhauser/etaxes-sg-nix"; fabianhauser-etaxes-sg.inputs.nixpkgs.follows = "nixpkgs-stable"; }; outputs = { self, nixpkgs-unstable, nixpkgs-stable, home-manager - , qois-infrastructure, fabianhauser-etaxes-sg, nixos-hardware, ... }@inputs: + , qois-infrastructure, fabianhauser-etaxes-sg, nixos-hardware, threema, ... + }@inputs: let system = "x86_64-linux"; pkgsUnstable = import nixpkgs-unstable { @@ -37,6 +40,7 @@ useUserPackages = true; extraSpecialArgs = { inherit pkgsUnstable; + threemaModules = threema.nixosModules; pkgsEtaxesSg = fabianhauser-etaxes-sg.packages.${system}; }; users.fhauser = import ./home/fhauser/default.nix; @@ -45,7 +49,10 @@ mapHostnameToAttr = host: nixpkgs-stable.lib.nixosSystem { inherit system; - specialArgs.hardwareModules = nixos-hardware.nixosModules; + specialArgs = { + hardwareModules = nixos-hardware.nixosModules; + threemaModules = threema.nixosModules; + }; modules = [ qois-infrastructure.nixosModule home-manager.nixosModules.home-manager @@ -60,7 +67,10 @@ inherit system; username = "fhauser"; configuration = import ./home/${username}/default.nix; - extraSpecialArgs = { inherit pkgsUnstable; }; + extraSpecialArgs = { + inherit pkgsUnstable; + threemaModules = threema.nixosModules; + }; # Update the state version as needed. # See the changelog here: @@ -69,5 +79,15 @@ }; }; devShell.${system} = import ./shell.nix { pkgs = pkgsUnstable; }; + + apps.${system}.format = let + pkgs = pkgsUnstable; + formatter = pkgsUnstable.writeShellScriptBin "formatter" '' + ${pkgs.findutils}/bin/find . -type f -name '*.nix' -exec ${pkgs.nixfmt}/bin/nixfmt {} + + ''; + in { + type = "app"; + program = "${formatter}/bin/formatter"; + }; }; } diff --git a/home/fhauser/applications/scripts.nix b/home/fhauser/applications/scripts.nix index 5bcc3bb..aad62d1 100644 --- a/home/fhauser/applications/scripts.nix +++ b/home/fhauser/applications/scripts.nix @@ -25,42 +25,6 @@ let ${pkgs.pass-wayland}/bin/pass show -c "$password" 2>/dev/null ''; - threema-vpn = pkgs.writeScriptBin "threema-vpn" ""; # '' - # #!${pkgs.stdenv.shell} - # set -eo pipefail - - # SERVICE=openvpn-threema - # SERVICE_EXEC="${config.systemd.services.openvpn-threema.serviceConfig.ExecStart}" - - # exec sudo ${pkgs.openvpn}/sbin/openvpn''${SERVICE_EXEC#@* openvpn} - - #''; - threema-env = pkgs.writeScriptBin "threema-env" '' - #!/usr/bin/env bash - set -eo pipefail - - # Nix shell might fail on some PWDs, so go to home - OLD_PWD=`pwd` - cd $HOME - - ENV_NAME="$1" - ENV_FILE="$HOME/shares/cloud.threema.ch/envs/''${ENV_NAME}.nix" - COMMAND="''${2-bash}" - - if [ -z "$ENV_NAME" ]; then - echo "Error: No env name provided" >&2 - exit 2 - fi - - if [ ! -f "$ENV_FILE" ]; then - echo "Error: Env file does not exist" >&2 - exit 3 - fi - - echo "Starting '$COMMAND' in env '$ENV_FILE'" - ${pkgs.nix}/bin/nix-shell ''${ENV_FILE} --run "(cd $OLD_PWD; $COMMAND)" - ''; - wsudo = with pkgs.xorg; pkgs.writeScriptBin "wsudo" '' #!/usr/bin/env bash @@ -73,4 +37,4 @@ let ed ${xhost}/bin/xhost ''; -in { home.packages = [ passbemenu threema-vpn threema-env wsudo ]; } +in { home.packages = [ passbemenu wsudo ]; } diff --git a/home/fhauser/default.nix b/home/fhauser/default.nix index b680a07..78ae766 100644 --- a/home/fhauser/default.nix +++ b/home/fhauser/default.nix @@ -1,6 +1,12 @@ -{ config, pkgs, lib, nixosConfig, ... }: { - imports = - [ ./multimedia.nix ./applications ./work ./mimetypes.nix ./games.nix ]; +{ config, pkgs, lib, threemaModules, nixosConfig, ... }: { + imports = [ + ./multimedia.nix + ./applications + ./mimetypes.nix + ./games.nix + + threemaModules.home + ]; home.stateVersion = nixosConfig.system.stateVersion; systemd.user.targets.tray = { Unit = { diff --git a/home/fhauser/work/.gitignore b/home/fhauser/work/.gitignore deleted file mode 100644 index d03ae53..0000000 --- a/home/fhauser/work/.gitignore +++ /dev/null @@ -1 +0,0 @@ -openvpn.nix diff --git a/home/fhauser/work/default.nix b/home/fhauser/work/default.nix deleted file mode 100644 index 610341a..0000000 --- a/home/fhauser/work/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ config, pkgs, lib, ... }: -{ - # Note: Some of these files might not be provided by this repository. - # TODO - #imports = [ ./openvpn.nix ]; -} diff --git a/host/hummelberg/default.nix b/host/hummelberg/default.nix index 11f5287..6f93f46 100644 --- a/host/hummelberg/default.nix +++ b/host/hummelberg/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: { +{ config, pkgs, threemaModules, ... }: { imports = [ ./filesystems.nix @@ -11,6 +11,8 @@ ../../defaults/desktop ../../defaults/hardware/thinkpad-p14s.nix #../../defaults/printing + + threemaModules.openvpn ]; #TODO: Clean up next section diff --git a/host/speer/default.nix b/host/speer/default.nix index cb6b8ee..181c18c 100644 --- a/host/speer/default.nix +++ b/host/speer/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: { +{ config, pkgs, threemaModules, ... }: { imports = [ ./filesystems.nix @@ -12,6 +12,8 @@ ../../defaults/hardware/amd-board.nix ../../defaults/hardware/ecc-memory.nix #../../defaults/printing + + threemaModules.openvpn ]; virtualisation = { # TODO: This should probably be somewhere else. diff --git a/qois-infrastructure b/qois-infrastructure index 52b4f49..f7e0a51 160000 --- a/qois-infrastructure +++ b/qois-infrastructure @@ -1 +1 @@ -Subproject commit 52b4f4942f53f67780e6b119ce8b93c1453cf676 +Subproject commit f7e0a51e165a6f2cd35e9edd001db504ea6fe5f7