From 3c90c4e16b0b3831d63fe8f053cb45841d525f10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Sun, 14 Aug 2022 16:49:30 +0200
Subject: [PATCH] run nixpkgs-fmt
---
build02/packages-with-update-script.nix | 40 +++++++-------
build03/configuration.nix | 1 +
build04/configuration.nix | 20 +++----
build04/hardware-configuration.nix | 12 +++--
roles/aarch64-builder.nix | 6 +--
roles/builder.nix | 4 +-
roles/builder/users.nix | 11 ++--
roles/hardware/hetzner-amd.nix | 4 +-
roles/hercules-ci/default.nix | 3 +-
roles/hetzner-network.nix | 3 +-
roles/nix-daemon.nix | 2 +-
roles/raid.nix | 2 +-
roles/security.nix | 8 +--
roles/telegraf/default.nix | 69 ++++++++++++++-----------
roles/zfs.nix | 2 +-
services/hydra/default.nix | 41 +++++++++------
users/adisbladis.nix | 3 +-
users/flokli.nix | 3 +-
users/lewo.nix | 3 +-
users/mic92.nix | 3 +-
users/ryantm.nix | 3 +-
users/zimbatm.nix | 3 +-
22 files changed, 137 insertions(+), 109 deletions(-)
diff --git a/build02/packages-with-update-script.nix b/build02/packages-with-update-script.nix
index ef3d9dd..5534106 100644
--- a/build02/packages-with-update-script.nix
+++ b/build02/packages-with-update-script.nix
@@ -1,22 +1,22 @@
let
- pkgs = import /var/cache/nixpkgs-update/updatescript/nixpkgs {};
+ pkgs = import /var/cache/nixpkgs-update/updatescript/nixpkgs { };
in
# code in the following let block was copied from nixos/nixpkgs under
-# the MIT License
+ # the MIT License
let
inherit (pkgs) lib;
/* Remove duplicate elements from the list based on some extracted value. O(n^2) complexity.
*/
nubOn = f: list:
- if list == [] then
- []
+ if list == [ ] then
+ [ ]
else
let
x = lib.head list;
xs = lib.filter (p: f x != f p) (lib.drop 1 list);
in
- [x] ++ nubOn f xs;
+ [ x ] ++ nubOn f xs;
/* Recursively find all packages (derivations) in `pkgs` matching `cond` predicate.
@@ -35,25 +35,25 @@ let
dedupResults = lst: nubOn ({ package, attrPath }: package.updateScript) (lib.concatLists lst);
in
- if result.success then
- let
- evaluatedPathContent = result.value;
- in
- if lib.isDerivation evaluatedPathContent then
- lib.optional (cond path evaluatedPathContent) { attrPath = lib.concatStringsSep "." path; package = evaluatedPathContent; }
- else if lib.isAttrs evaluatedPathContent then
- # If user explicitly points to an attrSet or it is marked for recursion, we recur.
- if path == rootPath || evaluatedPathContent.recurseForDerivations or false || evaluatedPathContent.recurseForRelease or false then
- dedupResults (lib.mapAttrsToList (name: elem: packagesWithPathInner (path ++ [name]) elem) evaluatedPathContent)
- else []
- else []
- else [];
+ if result.success then
+ let
+ evaluatedPathContent = result.value;
+ in
+ if lib.isDerivation evaluatedPathContent then
+ lib.optional (cond path evaluatedPathContent) { attrPath = lib.concatStringsSep "." path; package = evaluatedPathContent; }
+ else if lib.isAttrs evaluatedPathContent then
+ # If user explicitly points to an attrSet or it is marked for recursion, we recur.
+ if path == rootPath || evaluatedPathContent.recurseForDerivations or false || evaluatedPathContent.recurseForRelease or false then
+ dedupResults (lib.mapAttrsToList (name: elem: packagesWithPathInner (path ++ [ name ]) elem) evaluatedPathContent)
+ else [ ]
+ else [ ]
+ else [ ];
in
- packagesWithPathInner rootPath pkgs;
+ packagesWithPathInner rootPath pkgs;
/* Recursively find all packages (derivations) in `pkgs` matching `cond` predicate.
*/
- packagesWith = packagesWithPath [];
+ packagesWith = packagesWithPath [ ];
/* Recursively find all packages in `pkgs` with updateScript matching given predicate.
*/
diff --git a/build03/configuration.nix b/build03/configuration.nix
index 788d51d..7838136 100644
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@@ -17,6 +17,7 @@
../roles/hetzner-network.nix
../roles/nginx.nix
../roles/raid.nix
+ ../roles/aarch64-builder.nix
../services/hound
../services/matterbridge.nix
diff --git a/build04/configuration.nix b/build04/configuration.nix
index e0f77f5..c63039d 100644
--- a/build04/configuration.nix
+++ b/build04/configuration.nix
@@ -34,14 +34,14 @@
# after loading kexec, be patient. The kexec image can take up to 5 minutes to boot
# partition guide
/*
-sgdisk -n 1:0:+800M -N 2 -t 1:ef00 -t 2:8304 /dev/sda
-mkfs.vfat -b32 /dev/sda1
-zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 /dev/sda2
-zfs create -o mountpoint=none zroot/root
-zfs create -o mountpoint=legacy zroot/root/nixos
-zfs create -o mountpoint=legacy zroot/root/home
-mount -t zfs zroot/root/nixos /mnt
-mkdir /mnt/{home,boot}
-mount -t zfs zroot/root/home /mnt/home
-mount /dev/sda1 /mnt/boot
+ sgdisk -n 1:0:+800M -N 2 -t 1:ef00 -t 2:8304 /dev/sda
+ mkfs.vfat -b32 /dev/sda1
+ zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 /dev/sda2
+ zfs create -o mountpoint=none zroot/root
+ zfs create -o mountpoint=legacy zroot/root/nixos
+ zfs create -o mountpoint=legacy zroot/root/home
+ mount -t zfs zroot/root/nixos /mnt
+ mkdir /mnt/{home,boot}
+ mount -t zfs zroot/root/home /mnt/home
+ mount /dev/sda1 /mnt/boot
*/
diff --git a/build04/hardware-configuration.nix b/build04/hardware-configuration.nix
index a65ffe2..593d66d 100644
--- a/build04/hardware-configuration.nix
+++ b/build04/hardware-configuration.nix
@@ -5,7 +5,8 @@
{
imports =
- [ (modulesPath + "/profiles/qemu-guest.nix")
+ [
+ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" ];
@@ -14,17 +15,20 @@
boot.extraModulePackages = [ ];
fileSystems."/" =
- { device = "zroot/root/nixos";
+ {
+ device = "zroot/root/nixos";
fsType = "zfs";
};
fileSystems."/home" =
- { device = "zroot/root/home";
+ {
+ device = "zroot/root/home";
fsType = "zfs";
};
fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/E6D6-572B";
+ {
+ device = "/dev/disk/by-uuid/E6D6-572B";
fsType = "vfat";
};
diff --git a/roles/aarch64-builder.nix b/roles/aarch64-builder.nix
index f46a6d2..17c92c3 100644
--- a/roles/aarch64-builder.nix
+++ b/roles/aarch64-builder.nix
@@ -3,10 +3,10 @@
nix.distributedBuilds = true;
nix.buildMachines = [
{
- hostName = "aarch64.nixos.community";
+ hostName = "build04.nixos-community.org";
maxJobs = 4;
sshKey = config.sops.secrets.id_buildfarm.path;
- sshUser = "ssh-ng://nix";
+ sshUser = "nix";
system = "aarch64-linux";
supportedFeatures = [
"big-parallel"
@@ -15,5 +15,5 @@
];
}
];
- sops.secrets.id_buildfarm = {};
+ sops.secrets.id_buildfarm = { };
}
diff --git a/roles/builder.nix b/roles/builder.nix
index 62c7d9f..85ffa2a 100644
--- a/roles/builder.nix
+++ b/roles/builder.nix
@@ -8,6 +8,6 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmdo1x1QkRepZf7nSe+OdEWX+wOjkBLF70vX9F+xf68 builder"
];
};
- users.groups.nix = {};
- nix.settings.trusted-users = ["nix"];
+ users.groups.nix = { };
+ nix.settings.trusted-users = [ "nix" ];
}
diff --git a/roles/builder/users.nix b/roles/builder/users.nix
index 1316c6a..70b8a00 100644
--- a/roles/builder/users.nix
+++ b/roles/builder/users.nix
@@ -32,11 +32,11 @@ let
ifAttr = key: default: result: opts:
if (opts ? "${key}") && opts."${key}"
- then result
- else default;
+ then result
+ else default;
- maybeTrusted = ifAttr "trusted" [] [ "trusted" ];
- maybeWheel = ifAttr "sudo" [] [ "wheel" ];
+ maybeTrusted = ifAttr "trusted" [ ] [ "trusted" ];
+ maybeWheel = ifAttr "sudo" [ ] [ "wheel" ];
userGroups = opts:
(maybeTrusted opts) ++
@@ -53,7 +53,8 @@ let
opts.keys
];
};
-in {
+in
+{
users = {
mutableUsers = false;
users = lib.mapAttrs descToUser users;
diff --git a/roles/hardware/hetzner-amd.nix b/roles/hardware/hetzner-amd.nix
index 1e54571..76716b1 100644
--- a/roles/hardware/hetzner-amd.nix
+++ b/roles/hardware/hetzner-amd.nix
@@ -18,8 +18,8 @@
];
fileSystems."/" = {
- device = "zroot/root/nixos";
- fsType = "zfs";
+ device = "zroot/root/nixos";
+ fsType = "zfs";
};
fileSystems."/home" = {
diff --git a/roles/hercules-ci/default.nix b/roles/hercules-ci/default.nix
index 88f3670..ce75bbc 100644
--- a/roles/hercules-ci/default.nix
+++ b/roles/hercules-ci/default.nix
@@ -5,7 +5,8 @@ let
sopsFile = ./secrets.yaml;
};
secrets = config.sops.secrets;
-in {
+in
+{
sops.secrets."binary-caches.json" = herculesSecret;
sops.secrets."cluster-join-token.key" = herculesSecret;
sops.secrets."hercules-secrets" = herculesSecret;
diff --git a/roles/hetzner-network.nix b/roles/hetzner-network.nix
index 77b9fa4..9e2313e 100644
--- a/roles/hetzner-network.nix
+++ b/roles/hetzner-network.nix
@@ -2,7 +2,8 @@
with lib;
let
cfg = config.networking.nix-community;
-in {
+in
+{
options = {
networking.nix-community.ipv6.address = mkOption {
type = types.str;
diff --git a/roles/nix-daemon.nix b/roles/nix-daemon.nix
index 464c3f7..0f906cf 100644
--- a/roles/nix-daemon.nix
+++ b/roles/nix-daemon.nix
@@ -42,5 +42,5 @@ in
Restart = "on-failure";
};
- users.groups.trusted = {};
+ users.groups.trusted = { };
}
diff --git a/roles/raid.nix b/roles/raid.nix
index 1a007ad..9b99931 100644
--- a/roles/raid.nix
+++ b/roles/raid.nix
@@ -1,5 +1,5 @@
{
# for mdraid 1.1
boot.loader.grub.extraConfig = "insmod mdraid1x";
- services.telegraf.extraConfig.inputs.mdstat = {};
+ services.telegraf.extraConfig.inputs.mdstat = { };
}
diff --git a/roles/security.nix b/roles/security.nix
index 91a17b6..fafade0 100644
--- a/roles/security.nix
+++ b/roles/security.nix
@@ -26,19 +26,19 @@
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
};
build01 = {
- hostNames = ["build01.nix-community.org"];
+ hostNames = [ "build01.nix-community.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIElIQ54qAy7Dh63rBudYKdbzJHrrbrrMXLYl7Pkmk88H";
};
build02 = {
- hostNames = ["build02.nix-community.org"];
+ hostNames = [ "build02.nix-community.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMm3/o1HguyRL1z/nZxLBY9j/YUNXeNuDoiBLZAyt88Z";
};
build03 = {
- hostNames = ["build03.nix-community.org"];
+ hostNames = [ "build03.nix-community.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFiozp1A1+SUfJQPa5DZUQcVc6CZK2ZxL6FJtNdh+2TP";
};
build04 = {
- hostNames = ["build04.nix-community.org"];
+ hostNames = [ "build04.nix-community.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPU/gbREwVuI1p3ag1iG72jxl2/92yGl38c+TPOfFMH8";
};
};
diff --git a/roles/telegraf/default.nix b/roles/telegraf/default.nix
index efa1747..c8734d9 100644
--- a/roles/telegraf/default.nix
+++ b/roles/telegraf/default.nix
@@ -25,7 +25,7 @@ in
exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@"
'';
};
- mdstat = {};
+ mdstat = { };
system = { };
mem = { };
file = [{
@@ -37,7 +37,7 @@ in
files = [ "/sys/fs/ext4/*/errors_count" ];
data_format = "value";
};
- exec = [{
+ exec = [{
## Commands array
commands = (lib.optional (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems)
(pkgs.writeScript "zpool-health" ''
@@ -52,40 +52,47 @@ in
}
}
'')
- ) ++ (let
+ ) ++ (
+ let
collectHosts = shares: fs:
- if builtins.elem fs.fsType ["nfs" "nfs3" "nfs4"] then
- shares // (let
- # also match ipv6 addresses
- group = builtins.match "\\[?([^\]]+)]?:([^:]+)$" fs.device;
- host = builtins.head group;
- path = builtins.elemAt group 1;
- in {
- ${host} = (shares.${host} or []) ++ [ path ];
- })
+ if builtins.elem fs.fsType [ "nfs" "nfs3" "nfs4" ] then
+ shares // (
+ let
+ # also match ipv6 addresses
+ group = builtins.match "\\[?([^\]]+)]?:([^:]+)$" fs.device;
+ host = builtins.head group;
+ path = builtins.elemAt group 1;
+ in
+ {
+ ${host} = (shares.${host} or [ ]) ++ [ path ];
+ }
+ )
else
shares;
- nfsHosts = lib.foldl collectHosts {} (builtins.attrValues config.fileSystems);
- in lib.mapAttrsToList (host: args:
- (pkgs.writeScript "zpool-health" ''
- #!${pkgs.gawk}/bin/awk -f
- BEGIN {
- for (i = 2; i < ARGC; i++) {
- mounts[ARGV[i]] = 1
- }
- while ("${pkgs.nfs-utils}/bin/showmount -e " ARGV[1] | getline) {
- if (NR == 1) { continue }
- if (mounts[$1] == 1) {
- printf "nfs_export,host=%s,path=%s present=1\n", ARGV[1], $1
+ nfsHosts = lib.foldl collectHosts { } (builtins.attrValues config.fileSystems);
+ in
+ lib.mapAttrsToList
+ (host: args:
+ (pkgs.writeScript "zpool-health" ''
+ #!${pkgs.gawk}/bin/awk -f
+ BEGIN {
+ for (i = 2; i < ARGC; i++) {
+ mounts[ARGV[i]] = 1
+ }
+ while ("${pkgs.nfs-utils}/bin/showmount -e " ARGV[1] | getline) {
+ if (NR == 1) { continue }
+ if (mounts[$1] == 1) {
+ printf "nfs_export,host=%s,path=%s present=1\n", ARGV[1], $1
+ }
+ delete mounts[$1]
+ }
+ for (mount in mounts) {
+ printf "nfs_export,host=%s,path=%s present=0\n", ARGV[1], $1
}
- delete mounts[$1]
}
- for (mount in mounts) {
- printf "nfs_export,host=%s,path=%s present=0\n", ARGV[1], $1
- }
- }
- '') + " ${host} ${builtins.concatStringsSep " " args}"
- ) nfsHosts
+ '') + " ${host} ${builtins.concatStringsSep " " args}"
+ )
+ nfsHosts
);
data_format = "influx";
}];
diff --git a/roles/zfs.nix b/roles/zfs.nix
index cb02ec7..c24b1c0 100644
--- a/roles/zfs.nix
+++ b/roles/zfs.nix
@@ -1,4 +1,4 @@
-{...}: {
+{ ... }: {
services.zfs = {
autoSnapshot.enable = true;
# defaults to 12, which is a bit much given how much data is written
diff --git a/services/hydra/default.nix b/services/hydra/default.nix
index 68dfc81..b73e9a0 100644
--- a/services/hydra/default.nix
+++ b/services/hydra/default.nix
@@ -1,8 +1,9 @@
-{ hydra }:
-{ lib, pkgs, config, ... }:
-
-with lib;
-let
+{ hydra }: { lib
+ , pkgs
+ , config
+ , ...
+ }:
+with lib; let
cfg = config;
hydraPort = 3000;
@@ -53,16 +54,17 @@ in
unfreeRedistributable
issl
];
- allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
- "cudnn_cudatoolkit"
- "cudatoolkit"
- ];
+ allowUnfreePredicate = pkg:
+ builtins.elem (lib.getName pkg) [
+ "cudnn_cudatoolkit"
+ "cudatoolkit"
+ ];
};
services.hydra.package = hydra.defaultPackage.${pkgs.system};
sops.secrets.nix-community-cachix.sopsFile = ../../roles/nix-community-cache.yaml;
- sops.secrets.id_buildfarm = {};
+ sops.secrets.id_buildfarm = { };
services.hydra = {
enable = true;
@@ -71,19 +73,24 @@ in
port = hydraPort;
useSubstitutes = true;
adminPasswordFile = config.sops.secrets.hydra-admin-password.path;
- buildMachinesFiles = [
- (pkgs.writeText "builders" ''
- localhost x86_64-linux,builtin - 8 1 nixos-test,big-parallel,kvm -
- ssh://nix@build04.nix-community.org aarch64-linux ${config.sops.secrets.id_buildfarm.path} 4 1 nixos-test,big-parallel,kvm -
- '')
- ];
-
usersFile = config.sops.secrets.hydra-users.path;
extraConfig = ''
max_output_size = ${builtins.toString (8 * 1024 * 1024 * 1024)}
'';
};
+ nix = {
+ distributedBuilds = true;
+ buildMachines = [
+ {
+ hostName = "localhost";
+ systems = [ "x86_64-linux" "builtin" ];
+ maxJobs = 8;
+ supportedFeatures = [ "nixos-test" "big-parallel" "kvm" ];
+ }
+ ];
+ };
+
services.postgresql = {
enable = true;
settings = {
diff --git a/users/adisbladis.nix b/users/adisbladis.nix
index a1de3a1..9463939 100644
--- a/users/adisbladis.nix
+++ b/users/adisbladis.nix
@@ -12,7 +12,8 @@ in
useDefaultShell = true;
isNormalUser = true;
extraGroups = [
- "wheel" "trusted"
+ "wheel"
+ "trusted"
];
uid = userLib.mkUid "adis";
};
diff --git a/users/flokli.nix b/users/flokli.nix
index 8bb6a18..37deacc 100644
--- a/users/flokli.nix
+++ b/users/flokli.nix
@@ -11,7 +11,8 @@ in
useDefaultShell = true;
isNormalUser = true;
extraGroups = [
- "wheel" "trusted"
+ "wheel"
+ "trusted"
];
uid = userLib.mkUid "flok";
};
diff --git a/users/lewo.nix b/users/lewo.nix
index 8d1dc16..e17c662 100644
--- a/users/lewo.nix
+++ b/users/lewo.nix
@@ -11,7 +11,8 @@ in
useDefaultShell = true;
isNormalUser = true;
extraGroups = [
- "wheel" "trusted"
+ "wheel"
+ "trusted"
];
uid = userLib.mkUid "lewo";
};
diff --git a/users/mic92.nix b/users/mic92.nix
index ca0d62e..af28a51 100644
--- a/users/mic92.nix
+++ b/users/mic92.nix
@@ -11,7 +11,8 @@ in
useDefaultShell = true;
isNormalUser = true;
extraGroups = [
- "wheel" "trusted"
+ "wheel"
+ "trusted"
];
uid = userLib.mkUid "micc";
};
diff --git a/users/ryantm.nix b/users/ryantm.nix
index 9d0c037..a7b9815 100644
--- a/users/ryantm.nix
+++ b/users/ryantm.nix
@@ -12,7 +12,8 @@ in
useDefaultShell = true;
isNormalUser = true;
extraGroups = [
- "wheel" "trusted"
+ "wheel"
+ "trusted"
];
uid = userLib.mkUid "rytm";
};
diff --git a/users/zimbatm.nix b/users/zimbatm.nix
index fae9567..70f84d3 100644
--- a/users/zimbatm.nix
+++ b/users/zimbatm.nix
@@ -13,7 +13,8 @@ in
useDefaultShell = true;
isNormalUser = true;
extraGroups = [
- "wheel" "trusted"
+ "wheel"
+ "trusted"
];
uid = userLib.mkUid "zimb";
};