AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

small cleanup

Browse Source
This commit is contained in:
Dmitriy Kholkin 2023-11-11 03:10:27 +03:00
parent be185675fa
commit 6f19dc41cc
6 changed files with 0 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
flake.nix
View File

@ -6,7 +6,6 @@
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:nixos/nixpkgs/master"; nixpkgs-master.url = "github:nixos/nixpkgs/master";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.05"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.05";
nix.url = "github:nixos/nix/2.17.0";
flake-registry = { flake-registry = {
url = "github:nixos/flake-registry"; url = "github:nixos/flake-registry";
flake = false; flake = false;
@ -114,8 +113,6 @@
customRoles = import ./roles; customRoles = import ./roles;
sharedPatches = patchesPath [ sharedPatches = patchesPath [
"ivpn.patch"
"mullvad-exclude-containers.patch"
"vaultwarden.patch" "vaultwarden.patch"
"webhooks.patch" "webhooks.patch"
]; ];

46
patches/ivpn.patch
View File

@ -1,46 +0,0 @@
From 13a0c99ff5bed75f1991169ff5757936f0e39747 Mon Sep 17 00:00:00 2001
From: Dmitriy Kholkin <ataraxiadev@ataraxiadev.com>
Date: Tue, 16 May 2023 17:59:58 +0300
Subject: [PATCH] ivpn{,-service}: 3.10.15 -> 3.10.23
---
pkgs/tools/networking/ivpn/default.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/pkgs/tools/networking/ivpn/default.nix b/pkgs/tools/networking/ivpn/default.nix
index e8e33f3bc73..fe5d673286e 100644
--- a/pkgs/tools/networking/ivpn/default.nix
+++ b/pkgs/tools/networking/ivpn/default.nix
@@ -15,13 +15,13 @@
builtins.mapAttrs (pname: attrs: buildGoModule (attrs // rec {
inherit pname;
- version = "3.10.15";
+ version = "3.10.23";
src = fetchFromGitHub {
owner = "ivpn";
repo = "desktop-app";
rev = "v${version}";
- hash = "sha256-3yVRVM98tVjot3gIkUb/CDwmwKdOOBjBjzGL6htDtpk=";
+ hash = "sha256-0XIATqidCQdERitYys7Gk0bENRZxdb/A9ieBNsWhbUM=";
};
ldflags = [
@@ -45,11 +45,11 @@ builtins.mapAttrs (pname: attrs: buildGoModule (attrs // rec {
})) {
ivpn = {
modRoot = "cli";
- vendorHash = "sha256-T49AE3SUmdP3Tu9Sp5C/QryKDto/NzEqRuUQ3+aJFL0=";
+ vendorHash = "sha256-aD4QOudazSrsg10c1m6xZUfPkw/aCxYKPxBR46KUVAk=";
};
ivpn-service = {
modRoot = "daemon";
- vendorHash = "sha256-9Rk6ruMpyWtQe+90kw4F8OLq7/JcDSrG6ufkfcrS4W8=";
+ vendorHash = "sha256-1bGh3Yvou+xnQvhj5T3Z3yq0agvk8BCUX+M83f+5qOg=";
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ wirelesstools ];
--
2.40.1

50
patches/mullvad-exclude-containers.patch
View File

@ -1,50 +0,0 @@
diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix
index e1e640c4474..1578f8680c8 100644
--- a/nixos/modules/virtualisation/nixos-containers.nix
+++ b/nixos/modules/virtualisation/nixos-containers.nix
@@ -445,6 +445,7 @@ let
localAddress = null;
localAddress6 = null;
tmpfs = null;
+ mullvadExclude = false;
};
in
@@ -691,6 +692,14 @@ in
'';
};
+ mullvadExclude = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Start container with mullvad-exclude.
+ '';
+ };
+
# Removed option. See `checkAssertion` below for the accompanying error message.
pkgs = mkOption { visible = false; };
} // networkOptions;
@@ -767,6 +776,8 @@ in
postStart = postStartScript dummyConfig;
+ postStop = mkIf dummyConfig.mullvadExclude "";
+
restartIfChanged = false;
serviceConfig = serviceDirectives dummyConfig;
@@ -797,7 +808,12 @@ in
recursiveUpdate unit {
preStart = preStartScript containerConfig;
script = startScript containerConfig;
- postStart = postStartScript containerConfig;
+ postStart = (if containerConfig.mullvadExclude then ''
+ ${config.services.mullvad-vpn.package}/bin/mullvad split-tunnel pid add $MAINPID
+ '' else "") + postStartScript containerConfig;
+ postStop = mkIf containerConfig.mullvadExclude ''
+ ${config.services.mullvad-vpn.package}/bin/mullvad split-tunnel pid delete $MAINPID
+ '';
serviceConfig = serviceDirectives containerConfig;
unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "${stateDirectory}/%i";
environment.root = if containerConfig.ephemeral then "/run/nixos-containers/%i" else "${stateDirectory}/%i";

5
profiles/bluetooth.nix
View File

@ -9,11 +9,6 @@
}; };
}; };
# systemd.services.bluetooth.serviceConfig.ExecStart = lib.mkForce [
# ""
# "${pkgs.bluez}/libexec/bluetooth/bluetoothd -f /etc/bluetooth/main.conf -E"
# ];
persist.state.directories = [ "/var/lib/bluetooth" ]; persist.state.directories = [ "/var/lib/bluetooth" ];
home-manager.users.${config.mainuser}.programs.zsh.shellAliases = let home-manager.users.${config.mainuser}.programs.zsh.shellAliases = let

1
profiles/overlay.nix
View File

@ -32,7 +32,6 @@ with lib; {
nix-index-update = inputs.nix-alien.packages.${system}.nix-index-update; nix-index-update = inputs.nix-alien.packages.${system}.nix-index-update;
prismlauncher = inputs.prismlauncher.packages.${system}.default; prismlauncher = inputs.prismlauncher.packages.${system}.default;
ripgrep-all = stable.ripgrep-all; ripgrep-all = stable.ripgrep-all;
spotify = master.spotify;
wine = prev.wineWowPackages.staging; wine = prev.wineWowPackages.staging;
xray = master.xray; xray = master.xray;
youtube-to-mpv = prev.callPackage ./packages/youtube-to-mpv.nix { term = config.defaultApplications.term.cmd; }; youtube-to-mpv = prev.callPackage ./packages/youtube-to-mpv.nix { term = config.defaultApplications.term.cmd; };

1
profiles/workspace/proxy.nix
View File

@ -8,7 +8,6 @@
}; };
containers.tor = { containers.tor = {
mullvadExclude = config.deviceSpecific.vpn.mullvad.enable;
autoStart = false; autoStart = false;
ephemeral = true; ephemeral = true;
# extraFlags = [ "-U" ]; # unprivileged # extraFlags = [ "-U" ]; # unprivileged