chaos/nixfiles
1
0
Fork 0
Code Issues 2 Releases Activity

fix tmpos on wsl, fix public webdav, add better tarball builder for wsl

Browse source
This commit is contained in:
chaos 2023-10-14 13:51:03 +01:00
parent cc38aac91f
commit 13afaf15a4
No known key found for this signature in database
6 changed files with 66 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
hosts/hetzner-arm/containers/storage/default.nix
View file

@ -69,6 +69,7 @@ in {
"/Main/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_main}"; "/Main/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_main}";
"/Media/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_media}"; "/Media/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_media}";
"/MusicRO/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_music_ro}"; "/MusicRO/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_music_ro}";
"/Public/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_public}";
"/Uploads/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_uploads}"; "/Uploads/".proxyPass = "http://${containerIP}:${toString ports.rclone_serve_webdav_uploads}";
}; };
extraConfig = '' extraConfig = ''

3
hosts/hetzner-arm/containers/storage/secrets.nix
View file

@ -36,6 +36,7 @@
"api-keys/data/storage/webdav/Main" "api-keys/data/storage/webdav/Main"
"api-keys/data/storage/webdav/Media" "api-keys/data/storage/webdav/Media"
"api-keys/data/storage/webdav/Public" "api-keys/data/storage/webdav/Public"
"api-keys/data/storage/webdav/Uploads"
"private-public-keys/data/rclone/Chaos-Media-Crypt" "private-public-keys/data/rclone/Chaos-Media-Crypt"
]; ];
@ -82,7 +83,7 @@
if [ -f "$2" ]; then if [ -f "$2" ]; then
rm "$2" rm "$2"
fi fi
touch "$2" touch "$2"
data=$(kv_get "$1" | base64) data=$(kv_get "$1" | base64)

1
hosts/nixos.nix
View file

@ -38,6 +38,7 @@
tree.modules.nixos.rcloneSync tree.modules.nixos.rcloneSync
tree.modules.nixos.secrets tree.modules.nixos.secrets
tree.modules.nixos.postgreSQLRemoteBackup tree.modules.nixos.postgreSQLRemoteBackup
tree.modules.nixos.wslBuildTarballExt
]; ];
nixosUnstableSystem = nixpkgs-unstable.lib.nixosSystem; nixosUnstableSystem = nixpkgs-unstable.lib.nixosSystem;

52
modules/nixos/wslBuildTarballExt.nix Normal file
View file

@ -0,0 +1,52 @@
{ config, pkgs, lib, ... }: let
inherit (lib.modules) mkIf;
cfg = config.wsl;
in
{
config = mkIf cfg.enable {
system.build.tarballBuilderExt = pkgs.writeShellApplication {
name = "nixos-wsl-tarball-builder-ext";
runtimeInputs = with pkgs; [
coreutils
gnutar
zstd
nixos-install-tools
config.nix.package
];
text = ''
if ! [ $EUID -eq 0 ]; then
echo "This script must be run as root!"
exit 1
fi
out=''${1:-nixos-wsl.tar.zst}
root=$(mktemp -p "''${TMPDIR:-/tmp}" -d nixos-wsl-tarball.XXXXXXXXXX)
# FIXME: fails in CI for some reason, but we don't really care because it's CI
trap 'rm -rf "$root" || true' INT TERM EXIT
chmod o+rx "$root"
echo "[NixOS-WSL] Installing..."
nixos-install \
--root "$root" \
--no-root-passwd \
--system ${config.system.build.toplevel} \
--substituters ""
echo "[NixOS-WSL] Compressing..."
tar -C "$root" \
-cz \
--sort=name \
--mtime='@1' \
--owner=0 \
--group=0 \
--numeric-owner \
. \
> "$out"
'';
};
};
}

4
outputs.nix
View file

@ -9,6 +9,10 @@
in in
{ {
nixosConfigurations = hosts.nixosConfigurations; nixosConfigurations = hosts.nixosConfigurations;
extras = {
wsl-tarball-builder = hosts.nixosConfigurations.wsl.config.system.build.tarballBuilderExt;
};
} }
// (inputs.flake-utils.lib.eachDefaultSystem ( // (inputs.flake-utils.lib.eachDefaultSystem (
system: let system: let

7
profiles/base/boot.nix
View file

@ -1 +1,6 @@
{...}: {boot.tmp.useTmpfs = true;} {config, ...}: {
boot.tmp.useTmpfs =
if config ? "wsl" && config.wsl.enable
then false
else true;
}