| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This already has started in e0abe1dbbda54c1f048b5d38df05e1a3289216a6
with @Profpatsch putting his packages into its own namespace, so let's
continue on that and move my crap into my own namespace as well.
The only difference in my approach is that I'm now also using a new
function called callPackageScope, which declutters pkgs/default.nix a
bit and moves the individual callPackage invocations into
aszlig/default.nix.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
This clearly is something currently only @Profpatsch wants, so lets move
it into the user namespace.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
|
| |
A lot of crap has been accumulated there over the years, so I'm removing
at least the stuff that I have introduced.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes sense to put into the core module here, because we already
have the public key in there as well and if we want to use the binary
cache outside of a channel it's a good idea to provide it here by
default.
Being a default of course also means that users can easily override this
using:
nix.binaryCaches = mkForce [ "something else" ];
I've also removed the redundant setting of that option in all of the
machine configurations.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @sternenseemann
|
|
|
|
|
|
| |
Added in NixOS/nixpkgs@dc87b5587e3fb39e96e6b965a26f324daf7508f8.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nix 1.12 already got rid of most of the Perl stuff so the Perl script
backing taalo-build doesn't work anymore because Nix/CopyClosure.pm is
no longer available.
One way to fix this properly is to part the backend to C++ and use the
new ssh-ng store backend. This would also have the advantage that we
don't need to hardcode protocol internals here anymore.
Unfortunately, Nix 1.12 isn't stable yet and we would break Nix 1.11 if
we use the new store API.
So that's why I'm pinning the backend to use Nix 1.11 instead and leave
that ugly Perl script until Nix 1.2 is stable.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously in d6848012b86088cbfd70666a0cfae95c567e7199 I've just rebased
the patch I had against 4.10 against kernel 4.11, but that didn't work
out so well.
So this is now a rebase against the new branch from Paolo Valente at:
https://github.com/linusw/linux-bfq/tree/bfq-v8
Hopefully this time it will compile ;-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
Miro is unmaintained and very buggy, while gpodder is a bit more minimal
it's still maintained and also more reliable.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @dwenola
|
|
|
|
|
|
|
|
| |
I'm fed up with fixing up Chromium beta and currently the included GN
doesn't bootstrap as well. So for now let's run with Chromium stable
until I'm masochistic enough to dig into Chromium again.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's basically only a very small change, because block/Makefile now
contains objects for block-MQ schedulers (one of these will also include
BFQ in possibly the next mainline kernel) and thus the patch no longer
applies.
Having that potch here in the source tree is a lot of crap lying around,
so we better get rid of it ASAP.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
Compiling nix-repl with Nix 1.12pre5152_915f62fa will only work by
enabling support for ISO C++ 2014, because nix/util.hh uses includes
from <experimental/*>.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WebKitGTK+ has a bunch of security vulnerabilities:
* WSA-2017-0002
* WSA-2017-0001
* WSA-2016-0006
* WSA-2016-0005
* WSA-2016-0004
We're using dwb in conjunction with this insecure version only for *one*
specific application with *one* specific web site, so the attack surface
is relatively low.
The main issue with this is that the plugin required for the Santander
page is based on NPAPI and most of the browsers out there do not support
NPAPI, except a few ones:
https://en.wikipedia.org/wiki/NPAPI#Browser_support
I've tried to embed the plugin within Midori but I couldn't get it to
work so far (Midori just says "No plugin available"), so I'm sticking
with dwb for now, because the other browsers listed here either have the
same problem (uzbl) or are simply too heavyweight.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The derivation name now is just "hplip-VERSION" (eg. "hplip-3.16.11")
instead of "pythonX.Y-hplip-VERSION".
The upstream commit changing this was:
NixOS/nixpkgs@3760c8c7fde6e8b15d19b063579d05018fc2d8b3
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
We can now safely drop the patch for NixOS/nixops#508, because it has
long been applied to master and also partially reverted as well in
NixOS/nixops@4bbceb294fc50146a4fd47352fba786ee1af6654.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New tests as of NixOS/nixpkgs@b0179351036a870da8c1a89c991a359a73aab0e2:
* containers-restart_networking
* nginx
* pgjwt
* postgresql (now with subtests per package)
* sddm (now with subtest "autoLogin" and "default")
* wordpress
The following tests were renamed:
* kde5 -> plasma5
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
I'm no longer using Tomahawk at the moment, so I'm not very ambitous to
get this build running in a *clean* way. So this is more or less a "get
this shit to build no matter what" fix rather than investigating why it
really fails to discover the dependencies.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts the following commits:
* f34f60216a94f41e684b2b2a29be9ca5f8f72940
* fb6cd06936a469fad708e1095b5ee25ad1298375
Using permittedInsecurePackages on all my machines isn't something I
want to pursue, because this really affects *one* single package and I
really don't want to whitelist webkitgtk-2.4.11 across all of my
machines.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately, mmrnmhrm has died because of three blown up capacitors
which resulted in hard shut downs due to CPU0 temperature values that
were out of range.
At first I assumed a real temperature problem and thus vacuumed the fan
and everything else, applied new thermal paste and it still failed after
a few minutes. What I found a bit odd was the fact that the machine
powered off even though the last reading of the CPU temperature was 40
degrees Celsius, so that definitly wasn't the problem.
So I went on to look for any blown capacitors on the main board, because
that's probably one of the most frequent cause of hardware failure... at
least for mainboards and monitors. One of the three capacitors I found
to be leaking seems to be leading to the CPU temperature sensor as far
as I can tell (I didn't test with a multimeter though, because I have
lent it out to someone else).
While it shouldn't be hard to fix the blown capacitors (apart from the
fact that we had national holiday during the Easter week), my long-term
goal was to make mmrnmhrm obsolete anyway, so it was a good opportunity
to do exactly that.
The reason why I wanted to get rid of mmrnmhrm was that it has been a
very slow machine since commit 2df7ee103a01da34c9c82235bc286dde35e0f1ba,
which was essentially a hardware downgrade back then.
Dnyarri always has been the better machine hardware-wise but I couldn't
use it to its full potential because it had a cooling issue. The latter
has been resolved a few weeks ago, where I replaced the CPU fan and it's
now not only less noisy but stays at below 50 degrees Celsius even on
high load.
Merging mmrnmhrm into dnyarri also means, that we now have a new disk
layout:
+---------------+--------------+--------------+--------------+
| Disk 1 | Disk 2 | Whole disk 3 | Whole disk 4 |
+---------------+--------------+--------------+--------------+
| EFI partition | crypt-vault | crypt-root-3 | crypt-root-4 |
| crypt-swap-1 | crypt-swap-2 +-----------------------------+
| crypt-root-1 | crypt-root-2 |
+---------------+--------------+
Disk 1 and 2 use GUID partitions while disk 3 and 4 don't have a
partition table but use btrfs across the whole device. The crypt-vault
partition is solely for unlocking other crypto volumes so that a single
passphrase unlocks all of the LUKS containers rather than needing to
provide 6 passphrases.
Also, I've migrated to using UEFI for booting, which is why there now is
an EFI partition as well. Having no redundancy on the EFI and the
crypt-vault partitions doesn't hurt so much because in the event of
drive failure all of the containers can still be unlocked via a
passphrase instead of the vault key.
Disk 3 and 4 are the disks that were formerly installed into mmrnmhrm
and now comprise one big btrfs volume together with the two disks (1 and
2) already present inside dnyarri.
Instead of RAID1 on data and metadata, the btrfs file system layout now
is RAID10 for data and metadata.
This merge also removes synergy for obvious reasons (no other machine
anymore) and disables kmscon because it was just a test in the first
place and I found it a bit annoying to work with.
Summary: Mmrnmhrm is (are?) dead, long live dnyarri!
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
| |
|
| |
|
|
|
|
| |
Fixes evaluation.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
<3
|
| |
|
|
|
|
|
|
|
|
| |
webkitgtk-2.4.11 is insecure, I am whitelisting it for now to fix the
evaluation errors on the hydra.
Consider, what you want to do on the issue long term, or just revert
this commit as soon as the CVEs are fixed upstream, @aszlig!
|
| |
|
| |
|
|
|
|
| |
pkgs.haskellPackages.gopher-proxy
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This still doesn't build yet because libsForQt5.vlc is failing right
now. But at least it should evaluate until I've got time to fix the
build properly.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the attributes accordingly to the following two upstream
commits:
* NixOS/nixpkgs@f21d4d00152726c02f870cb20faba4aca18ef49a
* NixOS/nixpkgs@8eb4d2afbc1d61d316073f25f5885a46ccb37ea2
The first renames desktopManager.kde5 to desktopManager.plasma5 and the
second one removes the kde5 attribute from the top-level packages set
and puts applications in kdeApplications instead.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
|
|
|
| |
Patching the requirements.txt caused searx build to fail in the newer version.
|
|
|
|
| |
New-style bond wifi & ethernet, default to the faster ethernet if plugged in.
|
| |
|
|
|
|
|
| |
Non-laptop machines should not connect to the wifi automatically (they probably
don’t even have a wifi module …)
|
| |
|
|
|
|
|
|
|
| |
Pulse works just fine as system process by now,
even with avahi zeroconf.
Add mpd & an nfs music mount from the fileserver.
|
| |
|