Add threema submodule

2022-04-11 15:28:30 +02:00 · 2022-04-11 15:28:30 +02:00 · 66092ec8e5
commit 66092ec8e5
parent 4064593e44
11 changed files with 66 additions and 58 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -2,3 +2,6 @@
 	path = qois-infrastructure
 	url = git@gitlab.com:qo.is/infrastructure.git
 	branch = master
 [submodule "defaults/threema"]
 	path = defaults/threema
 	url = git@git.threema.ch:fah/nixos-config.git
--- a/defaults/threema
+++ b/defaults/threema
@ -0,0 +1 @@
 Subproject commit 730ebce63dea4fb3eed6432b9b5dcd610e5b1de5
--- a/flake.lock
+++ b/flake.lock
@ -90,11 +90,11 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1649537291,
+        "lastModified": 1649619156,
-        "narHash": "sha256-V6VYIwTeI5BCfYK9f5EsMbjsjsis1rUDHMsaDbTvt+A=",
+        "narHash": "sha256-p0q4zpuKMwrzGF+5ZU7Thnpac5TinhDI9jr2mBxhV4w=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "715dc137b08213aabbbe0965b78ab938e5d8d3b7",
+        "rev": "e7d63bd0d50df412f5a1d8acfa3caae75522e347",
        "type": "github"
      },
      "original": {
@ -126,7 +126,7 @@
        "nixpkgs-nixos-unstable": "nixpkgs-nixos-unstable"
      },
      "locked": {
-        "narHash": "sha256-td+qvLGjYw0oRFYsMR4LKciDWyOoPGJJJ2phMFwN1ME=",
+        "narHash": "sha256-UV3bsGWywqN6sDKyK0DetIEgCSMHhsBACLJNXclxj94=",
        "path": "/etc/nixos/qois-infrastructure",
        "type": "path"
      },
@ -142,7 +142,24 @@
        "nixos-hardware": "nixos-hardware",
        "nixpkgs-stable": "nixpkgs-stable",
        "nixpkgs-unstable": "nixpkgs-unstable",
-        "qois-infrastructure": "qois-infrastructure"
+        "qois-infrastructure": "qois-infrastructure",
        "threema": "threema"
      }
    },
    "threema": {
      "inputs": {
        "nixpkgs-unstable": [
          "nixpkgs-unstable"
        ]
      },
      "locked": {
        "narHash": "sha256-Z4q+KnV4c28TVC7Hmn5fTn5nPd6LhBzL4iwDBAFa8Lo=",
        "path": "/etc/nixos/defaults/threema",
        "type": "path"
      },
      "original": {
        "path": "/etc/nixos/defaults/threema",
        "type": "path"
      }
    }
  },
--- a/flake.nix
+++ b/flake.nix
@ -6,12 +6,15 @@
    home-manager.url = "github:nix-community/home-manager/release-21.11";
    home-manager.inputs.nixpkgs.follows = "nixpkgs-stable";
    qois-infrastructure.url = "path:/etc/nixos/qois-infrastructure";
    threema.url = "path:/etc/nixos/defaults/threema";
    threema.inputs.nixpkgs-unstable.follows = "nixpkgs-unstable";
    fabianhauser-etaxes-sg.url = "github:fabianhauser/etaxes-sg-nix";
    fabianhauser-etaxes-sg.inputs.nixpkgs.follows = "nixpkgs-stable";
  };
  outputs = { self, nixpkgs-unstable, nixpkgs-stable, home-manager
-    , qois-infrastructure, fabianhauser-etaxes-sg, nixos-hardware, ... }@inputs:
+    , qois-infrastructure, fabianhauser-etaxes-sg, nixos-hardware, threema, ...
    }@inputs:
    let
      system = "x86_64-linux";
      pkgsUnstable = import nixpkgs-unstable {
@ -37,6 +40,7 @@
            useUserPackages = true;
            extraSpecialArgs = {
              inherit pkgsUnstable;
              threemaModules = threema.nixosModules;
              pkgsEtaxesSg = fabianhauser-etaxes-sg.packages.${system};
            };
            users.fhauser = import ./home/fhauser/default.nix;
@ -45,7 +49,10 @@
        mapHostnameToAttr = host:
          nixpkgs-stable.lib.nixosSystem {
            inherit system;
-            specialArgs.hardwareModules = nixos-hardware.nixosModules;
+            specialArgs = {
              hardwareModules = nixos-hardware.nixosModules;
              threemaModules = threema.nixosModules;
            };
            modules = [
              qois-infrastructure.nixosModule
              home-manager.nixosModules.home-manager
@ -60,7 +67,10 @@
          inherit system;
          username = "fhauser";
          configuration = import ./home/${username}/default.nix;
-          extraSpecialArgs = { inherit pkgsUnstable; };
+          extraSpecialArgs = {
            inherit pkgsUnstable;
            threemaModules = threema.nixosModules;
          };
          # Update the state version as needed.
          # See the changelog here:
@ -69,5 +79,15 @@
        };
      };
      devShell.${system} = import ./shell.nix { pkgs = pkgsUnstable; };
      apps.${system}.format = let
        pkgs = pkgsUnstable;
        formatter = pkgsUnstable.writeShellScriptBin "formatter" ''
          ${pkgs.findutils}/bin/find . -type f -name '*.nix' -exec ${pkgs.nixfmt}/bin/nixfmt {} +
        '';
      in {
        type = "app";
        program = "${formatter}/bin/formatter";
      };
    };
 }
--- a/home/fhauser/applications/scripts.nix
+++ b/home/fhauser/applications/scripts.nix
@ -25,42 +25,6 @@ let
    ${pkgs.pass-wayland}/bin/pass show -c "$password" 2>/dev/null
  '';
  threema-vpn = pkgs.writeScriptBin "threema-vpn" ""; # ''
  #  #!${pkgs.stdenv.shell}
  #  set -eo pipefail
  #  SERVICE=openvpn-threema
  #  SERVICE_EXEC="${config.systemd.services.openvpn-threema.serviceConfig.ExecStart}"
  #  exec sudo ${pkgs.openvpn}/sbin/openvpn''${SERVICE_EXEC#@* openvpn}
  #'';
  threema-env = pkgs.writeScriptBin "threema-env" ''
    #!/usr/bin/env bash
    set -eo pipefail
    # Nix shell might fail on some PWDs, so go to home
    OLD_PWD=`pwd`
    cd $HOME
    ENV_NAME="$1"
    ENV_FILE="$HOME/shares/cloud.threema.ch/envs/''${ENV_NAME}.nix"
    COMMAND="''${2-bash}"
    if [ -z "$ENV_NAME" ]; then
      echo "Error: No env name provided" >&2
      exit 2
    fi
    if [ ! -f "$ENV_FILE" ]; then
      echo "Error: Env file does not exist" >&2
      exit 3
    fi
    echo "Starting '$COMMAND' in env '$ENV_FILE'"
    ${pkgs.nix}/bin/nix-shell ''${ENV_FILE} --run "(cd $OLD_PWD; $COMMAND)"
  '';
  wsudo = with pkgs.xorg;
    pkgs.writeScriptBin "wsudo" ''
      #!/usr/bin/env bash
@ -73,4 +37,4 @@ let
      ed
      ${xhost}/bin/xhost
    '';
-in { home.packages = [ passbemenu threema-vpn threema-env wsudo ]; }
+in { home.packages = [ passbemenu wsudo ]; }
--- a/home/fhauser/default.nix
+++ b/home/fhauser/default.nix
@ -1,6 +1,12 @@
-{ config, pkgs, lib, nixosConfig, ... }: {
+{ config, pkgs, lib, threemaModules, nixosConfig, ... }: {
-  imports =
+  imports = [
-    [ ./multimedia.nix ./applications ./work ./mimetypes.nix ./games.nix ];
+    ./multimedia.nix
    ./applications
    ./mimetypes.nix
    ./games.nix
    threemaModules.home
  ];
  home.stateVersion = nixosConfig.system.stateVersion;
  systemd.user.targets.tray = {
    Unit = {
--- a/home/fhauser/work/.gitignore
+++ b/home/fhauser/work/.gitignore
@ -1 +0,0 @@
 openvpn.nix
--- a/home/fhauser/work/default.nix
+++ b/home/fhauser/work/default.nix
@ -1,6 +0,0 @@
 { config, pkgs, lib, ... }:
 {
  # Note: Some of these files might not be provided by this repository.
  # TODO
  #imports = [ ./openvpn.nix ];
 }
--- a/host/hummelberg/default.nix
+++ b/host/hummelberg/default.nix
@ -1,4 +1,4 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, threemaModules, ... }: {
  imports = [
    ./filesystems.nix
@ -11,6 +11,8 @@
    ../../defaults/desktop
    ../../defaults/hardware/thinkpad-p14s.nix
    #../../defaults/printing
    threemaModules.openvpn
  ];
  #TODO: Clean up next section
--- a/host/speer/default.nix
+++ b/host/speer/default.nix
@ -1,4 +1,4 @@
-{ config, pkgs, ... }: {
+{ config, pkgs, threemaModules, ... }: {
  imports = [
    ./filesystems.nix
@ -12,6 +12,8 @@
    ../../defaults/hardware/amd-board.nix
    ../../defaults/hardware/ecc-memory.nix
    #../../defaults/printing
    threemaModules.openvpn
  ];
  virtualisation = { # TODO: This should probably be somewhere else.
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 52b4f4942f53f67780e6b119ce8b93c1453cf676
+Subproject commit f7e0a51e165a6f2cd35e9edd001db504ea6fe5f7
		`@ -0,0 +1 @@`
							`Subproject commit 730ebce63dea4fb3eed6432b9b5dcd610e5b1de5`
		`@ -1 +1 @@`
			`Subproject commit 52b4f4942f53f67780e6b119ce8b93c1453cf676`				`Subproject commit f7e0a51e165a6f2cd35e9edd001db504ea6fe5f7`