ops/nixos: switch to more standard NixOS module system
Sorry tazjin.
This commit is contained in:
parent
9a250f78df
commit
f9b63a858f
5 changed files with 21 additions and 29 deletions
|
@ -3,4 +3,5 @@ ops/secrets/
|
||||||
syntax: glob
|
syntax: glob
|
||||||
*.sw?
|
*.sw?
|
||||||
*.pyc
|
*.pyc
|
||||||
|
*.orig
|
||||||
*~
|
*~
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
{ depot, lib, pkgs, ... }@args:
|
{ depot, lib, pkgs, ... }@args:
|
||||||
let
|
let
|
||||||
inherit (builtins) foldl' mapAttrs;
|
inherit (builtins) foldl' mapAttrs;
|
||||||
systemFor = configs:
|
systemFor = config:
|
||||||
(depot.third_party.nixos {
|
(depot.third_party.nixos {
|
||||||
configuration = lib.fix
|
configuration = config;
|
||||||
(config: foldl' lib.recursiveUpdate { } (map (c: c config) configs));
|
|
||||||
}).system;
|
}).system;
|
||||||
systems = [ "porcorosso" "ixvm-fra01" "marukuru" ];
|
systems = [ "porcorosso" "ixvm-fra01" "marukuru" ];
|
||||||
rebuilder = system:
|
rebuilder = system:
|
||||||
|
@ -21,5 +20,5 @@ let
|
||||||
systemCfgs = lib.genAttrs systems
|
systemCfgs = lib.genAttrs systems
|
||||||
(name: import (./. + "/${name}") (args // { rebuilder = rebuilder name; }));
|
(name: import (./. + "/${name}") (args // { rebuilder = rebuilder name; }));
|
||||||
mapAttrValues = (f: set: mapAttrs (name: f) set);
|
mapAttrValues = (f: set: mapAttrs (name: f) set);
|
||||||
systemDrvs = mapAttrValues (systemCfg: systemFor [ systemCfg ]) systemCfgs;
|
systemDrvs = mapAttrValues (systemCfg: systemFor systemCfg) systemCfgs;
|
||||||
in systemDrvs
|
in systemDrvs
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
{ depot, lib, pkgs, rebuilder, ... }:
|
{ depot, lib, pkgs, rebuilder, ... }:
|
||||||
config:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
inherit (depot.ops) secrets;
|
inherit (depot.ops) secrets;
|
||||||
in lib.fix (self: {
|
in {
|
||||||
boot.initrd.availableKernelModules = [
|
boot.initrd.availableKernelModules = [
|
||||||
"ata_piix"
|
"ata_piix"
|
||||||
"vmw_pvscsi"
|
"vmw_pvscsi"
|
||||||
|
@ -134,4 +134,4 @@ in lib.fix (self: {
|
||||||
boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel";
|
boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel";
|
||||||
|
|
||||||
system.stateVersion = "20.03";
|
system.stateVersion = "20.03";
|
||||||
})
|
}
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
{ depot, lib, pkgs, rebuilder, ... }:
|
{ depot, lib, pkgs, rebuilder, ... }:
|
||||||
config:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
inherit (depot.ops) secrets;
|
inherit (depot.ops) secrets;
|
||||||
in lib.fix (self: {
|
myPhp = pkgs.php.withExtensions ({ enabled, all }: enabled ++ [ all.apcu all.mailparse ]);
|
||||||
|
in {
|
||||||
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
|
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
|
||||||
boot.kernelModules = [ "tcp_bbr" ];
|
boot.kernelModules = [ "tcp_bbr" ];
|
||||||
boot.kernel.sysctl = {
|
boot.kernel.sysctl = {
|
||||||
|
@ -20,8 +21,6 @@ in lib.fix (self: {
|
||||||
nix.maxJobs = lib.mkDefault 2;
|
nix.maxJobs = lib.mkDefault 2;
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
nixpkgs.config = { allowUnfree = true; };
|
|
||||||
|
|
||||||
nix.nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ];
|
nix.nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ];
|
||||||
|
|
||||||
# Use GRUB2.
|
# Use GRUB2.
|
||||||
|
@ -68,17 +67,12 @@ in lib.fix (self: {
|
||||||
vim
|
vim
|
||||||
mercurial
|
mercurial
|
||||||
gitAndTools.gitFull
|
gitAndTools.gitFull
|
||||||
php phpPackages.mailparse
|
|
||||||
nodejs
|
nodejs
|
||||||
rxvt_unicode.terminfo
|
rxvt_unicode.terminfo
|
||||||
rebuilder
|
rebuilder
|
||||||
];
|
];
|
||||||
environment.etc."php.d/mailparse.ini".text = ''
|
|
||||||
extension=${pkgs.phpPackages.mailparse}/lib/php/extensions/mailparse.so
|
|
||||||
'';
|
|
||||||
environment.etc."php.d/cache.ini".text = ''
|
environment.etc."php.d/cache.ini".text = ''
|
||||||
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
|
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
|
||||||
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
|
|
||||||
|
|
||||||
opcache.validate_timestamps=0
|
opcache.validate_timestamps=0
|
||||||
opcache.enable_cli=1
|
opcache.enable_cli=1
|
||||||
|
@ -267,14 +261,13 @@ in lib.fix (self: {
|
||||||
|
|
||||||
services.phpfpm.phpOptions = ''
|
services.phpfpm.phpOptions = ''
|
||||||
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
|
zend_extension=${pkgs.php}/lib/php/extensions/opcache.so
|
||||||
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
|
|
||||||
extension=${pkgs.phpPackages.mailparse}/lib/php/extensions/mailparse.so
|
|
||||||
|
|
||||||
opcache.validate_timestamps=0
|
opcache.validate_timestamps=0
|
||||||
opcache.enable_cli=1
|
opcache.enable_cli=1
|
||||||
'';
|
'';
|
||||||
services.phpfpm.pools.phabricator = {
|
services.phpfpm.pools.phabricator = {
|
||||||
user = "phabricator";
|
user = "phabricator";
|
||||||
|
phpPackage = myPhp;
|
||||||
settings = {
|
settings = {
|
||||||
"listen.owner" = config.services.nginx.user;
|
"listen.owner" = config.services.nginx.user;
|
||||||
"pm" = "dynamic";
|
"pm" = "dynamic";
|
||||||
|
@ -298,12 +291,12 @@ in lib.fix (self: {
|
||||||
services.mysql = {
|
services.mysql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.mariadb;
|
package = pkgs.mariadb;
|
||||||
extraOptions = ''
|
settings.mysqld = {
|
||||||
max_allowed_packet = 128M
|
max_allowed_packet = "128M";
|
||||||
sql_mode = STRICT_ALL_TABLES
|
sql_mode = "STRICT_ALL_TABLES";
|
||||||
innodb_buffer_pool_size = 1600M
|
innodb_buffer_pool_size = "1600M";
|
||||||
local_infile = 0
|
local_infile = "0";
|
||||||
'';
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.postfix = {
|
services.postfix = {
|
||||||
|
@ -338,4 +331,4 @@ in lib.fix (self: {
|
||||||
boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel";
|
boot.kernel.sysctl."net.core.default_qdisc" = "fq_codel";
|
||||||
|
|
||||||
system.stateVersion = "20.03";
|
system.stateVersion = "20.03";
|
||||||
})
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{ depot, lib, pkgs, rebuilder, ... }:
|
{ depot, lib, pkgs, rebuilder, ... }:
|
||||||
config:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
inherit (depot.ops) secrets;
|
inherit (depot.ops) secrets;
|
||||||
nvidia-offload-profile = ''
|
nvidia-offload-profile = ''
|
||||||
|
@ -12,7 +12,7 @@ let
|
||||||
(nvidia-offload-profile + ''
|
(nvidia-offload-profile + ''
|
||||||
exec -a "$0" "$@"
|
exec -a "$0" "$@"
|
||||||
'');
|
'');
|
||||||
in lib.fix (self: {
|
in {
|
||||||
boot.initrd.availableKernelModules = [
|
boot.initrd.availableKernelModules = [
|
||||||
"xhci_pci"
|
"xhci_pci"
|
||||||
"ahci"
|
"ahci"
|
||||||
|
@ -221,5 +221,4 @@ in lib.fix (self: {
|
||||||
# servers. You should change this only after NixOS release notes say you
|
# servers. You should change this only after NixOS release notes say you
|
||||||
# should.
|
# should.
|
||||||
system.stateVersion = "19.09"; # Did you read the comment?
|
system.stateVersion = "19.09"; # Did you read the comment?
|
||||||
|
}
|
||||||
})
|
|
||||||
|
|
Loading…
Reference in a new issue