| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
| |
This is because `enableAllFirmware` now contains a new entry that is unfree.
Other machines probably want to move as well, cc @aszlig @sternenseemann.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Evaluation error introduced by 736e0da1e251df836b1669ffee80cecfd6bbf0e9.
The attribute "hledger" isn't a top-level pkgs attribute but resides
within haskellPackages.
This fixes evaluation, as tested by:
nix-instantiate machines -A profpatsch.katara.build
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
| |
|
| |
|
|
|
|
| |
Written by @aszlig.
|
| |
|
| |
|
| |
|
|
|
|
| |
Hopefully temporarily.
|
| |
|
|
|
|
|
|
|
|
| |
This is for the time being until either NixOS/nixpkgs#21671 has been
resolved or the next major version of Gajim has been released, because
the latter no longer uses pycrypto.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
Now the pkgs/default.nix is a lot more readable because it has only the
top-level derivations and the callPackageScope invocations for the
corresponding sub-scopes.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
Tested evaluation using:
nix-instantiate pkgs -A vuizvui.profpatsch.show-qr-code
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should remove a lot of clutter from pkgs/default.nix into
corresponding sub-scopes, eg. pkgs/openlab/default.nix.
Apart from restructuring there is no change of runtime functionality
involved.
Tested by evaluating with "nix-env -f pkgs -qaP".
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch, @sternenseemann
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default callPackageWith adds an overrideDerivation attribute, but
that won't work with our new package scopes, so we add an override
attribute by ourselves without the overrideDerivation attribute.
That aside, we now use functionArgs on not only the superset of packages
but also for the scope utility functions (callPackage/callPackage_i686)
that we pass down to our new package scope. If we didn't do that, the
Nix expression of the subscope would always need to define callPackage
and callPackage_i686 in their function arguments, regardless of whether
it's needed or not.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This already has started in e0abe1dbbda54c1f048b5d38df05e1a3289216a6
with @Profpatsch putting his packages into its own namespace, so let's
continue on that and move my crap into my own namespace as well.
The only difference in my approach is that I'm now also using a new
function called callPackageScope, which declutters pkgs/default.nix a
bit and moves the individual callPackage invocations into
aszlig/default.nix.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
This clearly is something currently only @Profpatsch wants, so lets move
it into the user namespace.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @Profpatsch
|
|
|
|
|
|
|
| |
A lot of crap has been accumulated there over the years, so I'm removing
at least the stuff that I have introduced.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes sense to put into the core module here, because we already
have the public key in there as well and if we want to use the binary
cache outside of a channel it's a good idea to provide it here by
default.
Being a default of course also means that users can easily override this
using:
nix.binaryCaches = mkForce [ "something else" ];
I've also removed the redundant setting of that option in all of the
machine configurations.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @sternenseemann
|
|
|
|
|
|
| |
Added in NixOS/nixpkgs@dc87b5587e3fb39e96e6b965a26f324daf7508f8.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nix 1.12 already got rid of most of the Perl stuff so the Perl script
backing taalo-build doesn't work anymore because Nix/CopyClosure.pm is
no longer available.
One way to fix this properly is to part the backend to C++ and use the
new ssh-ng store backend. This would also have the advantage that we
don't need to hardcode protocol internals here anymore.
Unfortunately, Nix 1.12 isn't stable yet and we would break Nix 1.11 if
we use the new store API.
So that's why I'm pinning the backend to use Nix 1.11 instead and leave
that ugly Perl script until Nix 1.2 is stable.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously in d6848012b86088cbfd70666a0cfae95c567e7199 I've just rebased
the patch I had against 4.10 against kernel 4.11, but that didn't work
out so well.
So this is now a rebase against the new branch from Paolo Valente at:
https://github.com/linusw/linux-bfq/tree/bfq-v8
Hopefully this time it will compile ;-)
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
Miro is unmaintained and very buggy, while gpodder is a bit more minimal
it's still maintained and also more reliable.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @dwenola
|
|
|
|
|
|
|
|
| |
I'm fed up with fixing up Chromium beta and currently the included GN
doesn't bootstrap as well. So for now let's run with Chromium stable
until I'm masochistic enough to dig into Chromium again.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's basically only a very small change, because block/Makefile now
contains objects for block-MQ schedulers (one of these will also include
BFQ in possibly the next mainline kernel) and thus the patch no longer
applies.
Having that potch here in the source tree is a lot of crap lying around,
so we better get rid of it ASAP.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
Compiling nix-repl with Nix 1.12pre5152_915f62fa will only work by
enabling support for ISO C++ 2014, because nix/util.hh uses includes
from <experimental/*>.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
WebKitGTK+ has a bunch of security vulnerabilities:
* WSA-2017-0002
* WSA-2017-0001
* WSA-2016-0006
* WSA-2016-0005
* WSA-2016-0004
We're using dwb in conjunction with this insecure version only for *one*
specific application with *one* specific web site, so the attack surface
is relatively low.
The main issue with this is that the plugin required for the Santander
page is based on NPAPI and most of the browsers out there do not support
NPAPI, except a few ones:
https://en.wikipedia.org/wiki/NPAPI#Browser_support
I've tried to embed the plugin within Midori but I couldn't get it to
work so far (Midori just says "No plugin available"), so I'm sticking
with dwb for now, because the other browsers listed here either have the
same problem (uzbl) or are simply too heavyweight.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The derivation name now is just "hplip-VERSION" (eg. "hplip-3.16.11")
instead of "pythonX.Y-hplip-VERSION".
The upstream commit changing this was:
NixOS/nixpkgs@3760c8c7fde6e8b15d19b063579d05018fc2d8b3
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
| |
We can now safely drop the patch for NixOS/nixops#508, because it has
long been applied to master and also partially reverted as well in
NixOS/nixops@4bbceb294fc50146a4fd47352fba786ee1af6654.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New tests as of NixOS/nixpkgs@b0179351036a870da8c1a89c991a359a73aab0e2:
* containers-restart_networking
* nginx
* pgjwt
* postgresql (now with subtests per package)
* sddm (now with subtest "autoLogin" and "default")
* wordpress
The following tests were renamed:
* kde5 -> plasma5
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
| |
I'm no longer using Tomahawk at the moment, so I'm not very ambitous to
get this build running in a *clean* way. So this is more or less a "get
this shit to build no matter what" fix rather than investigating why it
really fails to discover the dependencies.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts the following commits:
* f34f60216a94f41e684b2b2a29be9ca5f8f72940
* fb6cd06936a469fad708e1095b5ee25ad1298375
Using permittedInsecurePackages on all my machines isn't something I
want to pursue, because this really affects *one* single package and I
really don't want to whitelist webkitgtk-2.4.11 across all of my
machines.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately, mmrnmhrm has died because of three blown up capacitors
which resulted in hard shut downs due to CPU0 temperature values that
were out of range.
At first I assumed a real temperature problem and thus vacuumed the fan
and everything else, applied new thermal paste and it still failed after
a few minutes. What I found a bit odd was the fact that the machine
powered off even though the last reading of the CPU temperature was 40
degrees Celsius, so that definitly wasn't the problem.
So I went on to look for any blown capacitors on the main board, because
that's probably one of the most frequent cause of hardware failure... at
least for mainboards and monitors. One of the three capacitors I found
to be leaking seems to be leading to the CPU temperature sensor as far
as I can tell (I didn't test with a multimeter though, because I have
lent it out to someone else).
While it shouldn't be hard to fix the blown capacitors (apart from the
fact that we had national holiday during the Easter week), my long-term
goal was to make mmrnmhrm obsolete anyway, so it was a good opportunity
to do exactly that.
The reason why I wanted to get rid of mmrnmhrm was that it has been a
very slow machine since commit 2df7ee103a01da34c9c82235bc286dde35e0f1ba,
which was essentially a hardware downgrade back then.
Dnyarri always has been the better machine hardware-wise but I couldn't
use it to its full potential because it had a cooling issue. The latter
has been resolved a few weeks ago, where I replaced the CPU fan and it's
now not only less noisy but stays at below 50 degrees Celsius even on
high load.
Merging mmrnmhrm into dnyarri also means, that we now have a new disk
layout:
+---------------+--------------+--------------+--------------+
| Disk 1 | Disk 2 | Whole disk 3 | Whole disk 4 |
+---------------+--------------+--------------+--------------+
| EFI partition | crypt-vault | crypt-root-3 | crypt-root-4 |
| crypt-swap-1 | crypt-swap-2 +-----------------------------+
| crypt-root-1 | crypt-root-2 |
+---------------+--------------+
Disk 1 and 2 use GUID partitions while disk 3 and 4 don't have a
partition table but use btrfs across the whole device. The crypt-vault
partition is solely for unlocking other crypto volumes so that a single
passphrase unlocks all of the LUKS containers rather than needing to
provide 6 passphrases.
Also, I've migrated to using UEFI for booting, which is why there now is
an EFI partition as well. Having no redundancy on the EFI and the
crypt-vault partitions doesn't hurt so much because in the event of
drive failure all of the containers can still be unlocked via a
passphrase instead of the vault key.
Disk 3 and 4 are the disks that were formerly installed into mmrnmhrm
and now comprise one big btrfs volume together with the two disks (1 and
2) already present inside dnyarri.
Instead of RAID1 on data and metadata, the btrfs file system layout now
is RAID10 for data and metadata.
This merge also removes synergy for obvious reasons (no other machine
anymore) and disables kmscon because it was just a test in the first
place and I found it a bit annoying to work with.
Summary: Mmrnmhrm is (are?) dead, long live dnyarri!
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
|
| |
|
| |
|
| |
|
|
|
|
| |
Fixes evaluation.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
<3
|