| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Generates a wireguard configuration based on
https://nixos.wiki/wiki/Wireguard and sets up the iptables firewall in
a way that only enables forwarding between `eth0` and the `wg`
interfaces.
The standard NixOS firewall configuration allows `FORWARD` between all
interfaces, and `networking.nat.enable` enables the `ip_forward` rule
in the kernel, meaning packages can suddenly hop interfaces without a
firewall that `DROP`s forwards by default.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
First working mockup of a dhall Haskell API that can read files of
the (normalized) form
```
\(CustomType: Type) ->
\(AnotherType: Type) ->
…
```
and set their actual representation on the Haskell side.
This has various advantages:
- dhall files still type check & normalize with the normal dhall
tooling, they are standalone (and the types can be instantiated from
dhall as well without any workarounds)
- It can be used like the default `input` function, no injection of
custom symbols in the Normalizer is reqired
- Brings this style of dhall integration to Haskell, where it was only
feasible in nix before, because that is untyped
The dhall types can be instantiated by every Haskell type that has an
`Interpret` instance. The “name” of the type lambda variable is
compared on the Haskell side with a type-level string that the user
provides, to prevent mixups.
TODO:
- Improve error messages (!)
- Provide a way to re-use the type mapping on the Haskell side, so
that the returned values are not just the normal `Interpret` types,
but the mapped ones (with name phantom type)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Currently marked as broken in nixpkgs.
|
|
|
|
|
|
|
|
| |
I've had these packages in here disabled in case I'd ever have to get
back to them. I've not had to for, what feels like, an eternity.
Additionally to slimming the config down, removing them will also
somewhat slim down closure size since Nix will build them anyway even
though they're not actively used.
|
|
|
|
|
| |
Pulse used to work fine without this, something changed, and so I'm
adding `dev` to `audio` as that seems to fix it.
|
|
|
|
| |
Without this `programs.light.enable` has no effect.
|
|
|
|
| |
The battery life is displayed as an [sft] timespan.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
The previous commit was wrong in that it was not the correct way to
include the 'light' package. According to the manual, this is the
correct way.
|
|
|
|
|
|
| |
Since the 'modesetting' driver does not work with 'xbacklight' we have
the choice of either 'light' or 'backlightctl'. For now we'll choose
'light' and see how it goes.
|
|
|
|
|
| |
The release notes for NixOS 19.03 state that the 'intel' driver has
been superseded by the 'modesetting' driver.
|
|
|
|
|
|
| |
Enables us to run nix *inside* of a sandbox.
We have to mount the whole store, because otherwise realized store
paths built inside of the sandbox are not accessible.
|
|
|
|
|
| |
Since we want to create a transparent sandbox, returning the same exit
code as the wrapped process is very important.
|
|
|
|
|
| |
This fits a bit better to the overall NixOS default background than the
default hot pink window color and style.
|
|
|
|
| |
Much more visually pleaseing thane the default gtk greeter.
|
|
|
|
| |
Can't decide yet which one I'll prefer.
|
| |
|
|
|
|
|
| |
First version of a way to build s6 services using `dhall-to-nix`.
Includes a small library that formalizes the tables in `man 7 signal`.
|
|
|
|
| |
VBox and BFQ issues solved.
|
|
|
|
|
|
|
| |
A set of utilities to generate and query a git commit index, which is
a database that knows which revs (that is: commits) are in which git
repository. That way we can query for the project that contains a
commit and show them, e.g. with xdg-open.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far I mostly used this implementation for the games we have packaged,
where we pretty much patch out all commands that execute external
programs.
However in order to be useful in a more generic way, it makes sense to
provide a /bin/sh implementation, especially when you have to deal with
scripting languages.
I'm using dash here, because it's a more minimal implementation rather
than the default shell (bash) we use in nixpkgs and it practically only
needs to be able to run constructs like "/bin/sh -c foo".
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
| |
This machine was used for controlling the LED lighting bars at
Rockfabrik. I no longer work there and the machine has subsequently been
replaced by something else, so I don't need kzerza anymore.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
| |
I no longer use last.fm nor do I use this project (even though it's my
own one), so let's remove it.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
| |
This option was removed in Linux 5.0, so let's make its absence
non-fatal for the build of the config.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
|
| |
When writing that module back then in 88a10f1a6e2ea172ff985f64bfcf82e2,
I had to work around a systemd limitation (which I need to check whether
this is still the case today) and hardcoded the user name for the time
being.
While it's still quite ugly, there was interest from @Profpatsch, so I
decided to add an internal option to change that username.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
| |
This will prevent version pinning and always install the latest and
greatest.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream changes:
* Improved performance in locations with lots of light sources (e.g.
torches).
* Improved performance on farms with lots of animals.
* Tweaked new "H" health icon.
Upstream bug fixes:
* Fixed multiplayer visual glitch when another player uses a tool and
then starts moving in a new direction.
* Fixed "fishing stance" visual glitches in multiplayer.
Signed-off-by: aszlig <aszlig@nix.build>
|
|
|
|
|
|
|
|
|
|
|
| |
I checked the archives against the previous versions and the contents
match, however the archives themselves had differences with the file
order so the hashes are different now.
In the long term, we probably should use fetchzip instead so we don't
get a hash mismatch if none of the actual contents change.
Signed-off-by: aszlig <aszlig@nix.build>
|