about summary refs log tree commit diff
path: root/ops
diff options
context:
space:
mode:
Diffstat (limited to 'ops')
-rw-r--r--ops/journaldriver/default.nix10
-rw-r--r--ops/kms_pass.nix4
-rw-r--r--ops/kontemplate/default.nix4
-rw-r--r--ops/mq_cli/default.nix4
-rw-r--r--ops/nixos/camden/default.nix23
-rw-r--r--ops/nixos/default.nix12
-rw-r--r--ops/nixos/nugget/default.nix23
-rw-r--r--ops/posix_mq.rs/default.nix4
-rw-r--r--ops/sync-gcsr/default.nix6
9 files changed, 44 insertions, 46 deletions
diff --git a/ops/journaldriver/default.nix b/ops/journaldriver/default.nix
index 2df5e58fc8df..cc274094a962 100644
--- a/ops/journaldriver/default.nix
+++ b/ops/journaldriver/default.nix
@@ -1,9 +1,11 @@
-{ pkgs, ... }:
+{ depot, ... }:
 
-pkgs.third_party.naersk.buildPackage {
+with depot.third_party;
+
+naersk.buildPackage {
   src = ./.;
 
-  buildInputs = with pkgs.third_party; [
-    pkgconfig openssl systemd.dev    
+  buildInputs = [
+    pkgconfig openssl systemd.dev
   ];
 }
diff --git a/ops/kms_pass.nix b/ops/kms_pass.nix
index b8a97d1332f8..2399559b4da8 100644
--- a/ops/kms_pass.nix
+++ b/ops/kms_pass.nix
@@ -6,9 +6,9 @@
 #
 # Only the 'show' and 'insert' commands are supported.
 
-{ pkgs, kms, ... }:
+{ depot, kms, ... }:
 
-let inherit (pkgs.third_party) google-cloud-sdk tree writeShellScriptBin;
+let inherit (depot.third_party) google-cloud-sdk tree writeShellScriptBin;
 in (writeShellScriptBin "pass" ''
   set -eo pipefail
 
diff --git a/ops/kontemplate/default.nix b/ops/kontemplate/default.nix
index 8a56bba7fe88..9085f31c304b 100644
--- a/ops/kontemplate/default.nix
+++ b/ops/kontemplate/default.nix
@@ -10,9 +10,9 @@
 # This file is the Nix derivation used to install Kontemplate on
 # Nix-based systems.
 
-{ pkgs, ... }:
+{ depot, ... }:
 
-with pkgs.third_party; buildGoPackage rec {
+with depot.third_party; buildGoPackage rec {
   name = "kontemplate-${version}";
   version = "master";
   src = ./.;
diff --git a/ops/mq_cli/default.nix b/ops/mq_cli/default.nix
index 190a05c80577..6b0e32009a66 100644
--- a/ops/mq_cli/default.nix
+++ b/ops/mq_cli/default.nix
@@ -1,3 +1,3 @@
-{ pkgs, ... }:
+{ depot, ... }:
 
-pkgs.third_party.naersk.buildPackage ./.
+depot.third_party.naersk.buildPackage ./.
diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix
index 7c9c2a4c598d..e60385e8fe08 100644
--- a/ops/nixos/camden/default.nix
+++ b/ops/nixos/camden/default.nix
@@ -1,12 +1,11 @@
 # This file configures camden.tazj.in, my homeserver.
-
-{ pkgs, lib, ... }:
+{ depot, lib, ... }:
 
 config: let
-  nixpkgs = import pkgs.third_party.nixpkgsSrc {
+  nixpkgs = import depot.third_party.nixpkgsSrc {
     config.allowUnfree = true;
   };
-in pkgs.lib.fix(self: {
+in lib.fix(self: {
   imports = [ ../modules/tailscale.nix ];
 
   # camden is intended to boot unattended, despite having an encrypted
@@ -64,7 +63,7 @@ in pkgs.lib.fix(self: {
 
     nixPath = [
       "depot=/home/tazjin/depot"
-      "nixpkgs=${pkgs.third_party.nixpkgsSrc}"
+      "nixpkgs=${depot.third_party.nixpkgsSrc}"
     ];
 
     trustedUsers = [ "root" "tazjin" ];
@@ -87,7 +86,7 @@ in pkgs.lib.fix(self: {
 
   environment.systemPackages =
     # programs from the depot
-    (with pkgs; [
+    (with depot; [
       third_party.git
       third_party.tailscale
       third_party.pounce
@@ -129,8 +128,8 @@ in pkgs.lib.fix(self: {
   services.tailscale = {
     enable = true;
     relayConf = "/etc/tailscale.conf";
-    package = pkgs.third_party.tailscale;
-    aclFile = pkgs.nix.tailscale {
+    package = depot.third_party.tailscale;
+    aclFile = depot.nix.tailscale {
       ACLs = [
         # Allow any traffic from myself
         {
@@ -145,7 +144,7 @@ in pkgs.lib.fix(self: {
   # Run cgit for the depot. The onion here is nginx(thttpd(cgit)).
   systemd.services.cgit = {
     wantedBy = [ "multi-user.target" ];
-    script = "${pkgs.web.cgit-taz}/bin/cgit-launch";
+    script = "${depot.web.cgit-taz}/bin/cgit-launch";
 
     serviceConfig = {
       Restart = "on-failure";
@@ -202,18 +201,18 @@ in pkgs.lib.fix(self: {
       serverAliases = [ "camden.tazj.in" ];
       default = true;
       useACMEHost = "tazj.in";
-      root = pkgs.web.homepage;
+      root = depot.web.homepage;
       addSSL = true;
 
       extraConfig = ''
-        ${pkgs.web.blog.oldRedirects}
+        ${depot.web.blog.oldRedirects}
 
         location ~* \.(webp|woff2)$ {
           add_header Cache-Control "public, max-age=31536000";
         }
 
         location /blog/ {
-          alias ${pkgs.web.blog.rendered}/;
+          alias ${depot.web.blog.rendered}/;
 
           if ($request_uri ~ ^/(.*)\.html$) {
             return 302 /$1;
diff --git a/ops/nixos/default.nix b/ops/nixos/default.nix
index 0182d9bd09d3..040bfeb6e23e 100644
--- a/ops/nixos/default.nix
+++ b/ops/nixos/default.nix
@@ -1,17 +1,15 @@
-# TODO(tazjin): rename 'pkgs' -> 'depot'?
-{ pkgs, ... }:
+{ depot, lib, ... }:
 
 let
-  inherit (pkgs) lib;
   inherit (builtins) foldl';
 
-  systemFor = configs: (pkgs.third_party.nixos {
+  systemFor = configs: (depot.third_party.nixos {
     configuration = lib.fix(config:
       foldl' lib.recursiveUpdate {} (map (c: c config) configs)
     );
   }).system;
 
-  rebuilder = pkgs.third_party.writeShellScriptBin "rebuilder" ''
+  rebuilder = depot.third_party.writeShellScriptBin "rebuilder" ''
     set -ue
     if [[ $EUID -ne 0 ]]; then
       echo "Oh no! Only root is allowed to rebuild the system!" >&2
@@ -39,6 +37,6 @@ let
 in {
   inherit rebuilder;
 
-  nuggetSystem = systemFor [ pkgs.ops.nixos.nugget ];
-  camdenSystem = systemFor [ pkgs.ops.nixos.camden ];
+  nuggetSystem = systemFor [ depot.ops.nixos.nugget ];
+  camdenSystem = systemFor [ depot.ops.nixos.camden ];
 }
diff --git a/ops/nixos/nugget/default.nix b/ops/nixos/nugget/default.nix
index 4bc88d277b76..877f7d4948e9 100644
--- a/ops/nixos/nugget/default.nix
+++ b/ops/nixos/nugget/default.nix
@@ -1,14 +1,13 @@
 # This file configures nugget, my home desktop machine.
-
-{ pkgs, lib, ... }:
+{ depot, lib, ... }:
 
 config: let
-  nixpkgs = import pkgs.third_party.nixpkgsSrc {
+  nixpkgs = import depot.third_party.nixpkgsSrc {
     config.allowUnfree = true;
   };
 
-  lieer = (pkgs.third_party.lieer {});
-in pkgs.lib.fix(self: {
+  lieer = (depot.third_party.lieer {});
+in depot.lib.fix(self: {
   imports = [
     ../modules/tailscale.nix
   ];
@@ -39,7 +38,7 @@ in pkgs.lib.fix(self: {
   nix = {
     nixPath = [
       "depot=/home/tazjin/depot"
-      "nixpkgs=${pkgs.third_party.nixpkgsSrc}"
+      "nixpkgs=${depot.third_party.nixpkgsSrc}"
     ];
   };
 
@@ -79,8 +78,8 @@ in pkgs.lib.fix(self: {
 
   # Generate an immutable /etc/resolv.conf from the nameserver settings
   # above (otherwise DHCP overwrites it):
-  environment.etc."resolv.conf" = with lib; with pkgs; {
-    source = writeText "resolv.conf" ''
+  environment.etc."resolv.conf" = with lib; {
+    source = depot.third_party.writeText "resolv.conf" ''
       ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)}
       options edns0
     '';
@@ -90,7 +89,7 @@ in pkgs.lib.fix(self: {
 
   environment.systemPackages =
     # programs from the depot
-    (with pkgs; [
+    (with depot; [
       lieer
       ops.kontemplate
       third_party.git
@@ -217,9 +216,9 @@ in pkgs.lib.fix(self: {
         lightdm.greeters.gtk.clock-format = "%H·%M";
       };
 
-      windowManager.session = pkgs.lib.singleton {
+      windowManager.session = lib.singleton {
         name = "exwm";
-        start = "${pkgs.tools.emacs}/bin/tazjins-emacs";
+        start = "${depot.tools.emacs}/bin/tazjins-emacs";
       };
     };
 
@@ -251,7 +250,7 @@ in pkgs.lib.fix(self: {
       enable = true;
       relayConf = "/etc/tailscale/relay.conf";
       aclFile = null; # allow all traffic for testing
-      package = pkgs.third_party.tailscale;
+      package = depot.third_party.tailscale;
     };
 
     # ... and other nonsense.
diff --git a/ops/posix_mq.rs/default.nix b/ops/posix_mq.rs/default.nix
index 190a05c80577..6b0e32009a66 100644
--- a/ops/posix_mq.rs/default.nix
+++ b/ops/posix_mq.rs/default.nix
@@ -1,3 +1,3 @@
-{ pkgs, ... }:
+{ depot, ... }:
 
-pkgs.third_party.naersk.buildPackage ./.
+depot.third_party.naersk.buildPackage ./.
diff --git a/ops/sync-gcsr/default.nix b/ops/sync-gcsr/default.nix
index ae88b34124dc..ea5d0594a871 100644
--- a/ops/sync-gcsr/default.nix
+++ b/ops/sync-gcsr/default.nix
@@ -1,10 +1,10 @@
-{ pkgs, ... }:
+{ depot, ... }:
 
-pkgs.buildGo.program {
+depot.nix.buildGo.program {
   name = "sync-gcsr";
   srcs = [ ./main.go ];
 
-  deps = with pkgs.third_party; map (p: p.gopkg) [
+  deps = with depot.third_party; map (p: p.gopkg) [
     gopkgs."gopkg.in".src-d.go-git
   ];