Home

dotnix @main - refs - log -
- 
https://git.jolheiser.com/dotnix.git
My nix dotfiles
tree log patch
feat: tclip Signed-off-by: jolheiser <git@jolheiser.com>
Signature
-----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgBTEvCQk6VqUAdN2RuH6bj1dNkY oOpbPWj+jw4ua1B1cAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5 AAAAQKkCTtoOeB38nIHaSAGlfqNj/q3NuTOsDApfj5ny0Dem14TeEJwHw/56r8IFbNb/Nx NdSoFGKwsCWI17HSSs0wA= -----END SSH SIGNATURE-----
jolheiser <git@jolheiser.com>
10 months ago
5 changed files, 148 additions(+), 13 deletions(-)
flake.lockflake.nixmachines/dragonwell/default.nixmachines/dragonwell/tclip.nixmodules/tclip/default.nix
M flake.lockflake.lock
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

diff --git a/flake.lock b/flake.lock
index a01b3232d62f3f397e60a0ea6d228606d4576867..6e678aef991d061c1d3b3eb29fd5974064ef97a5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -310,11 +310,11 @@           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1694616124,
-        "narHash": "sha256-c49BVhQKw3XDRgt+y+uPAbArtgUlMXCET6VxEBmzHXE=",
+        "lastModified": 1717050755,
+        "narHash": "sha256-C9IEHABulv2zEDFA+Bf0E1nmfN4y6MIUe5eM2RCrDC0=",
         "owner": "tweag",
         "repo": "gomod2nix",
-        "rev": "f95720e89af6165c8c0aa77f180461fe786f3c21",
+        "rev": "31b6d2e40b36456e792cd6cf50d5a8ddd2fa59a1",
         "type": "github"
       },
       "original": {
@@ -477,6 +477,21 @@         "owner": "nixos",
         "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1721562059,
+        "narHash": "sha256-Tybxt65eyOARf285hMHIJ2uul8SULjFZbT9ZaEeUnP8=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "68c9ed8bbed9dfce253cc91560bf9043297ef2fe",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
       }
     },
     "nur": {
@@ -693,19 +708,17 @@     },
     "tclip": {
       "inputs": {
         "gomod2nix": "gomod2nix",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
+        "nixpkgs": "nixpkgs_2",
         "utils": [
           "flake-utils"
         ]
       },
       "locked": {
-        "lastModified": 1695233959,
-        "narHash": "sha256-5H0Bz6m6aw0Nt4fV7QkU9gIZUS0Jo/Vkqk6pTk1mkBk=",
+        "lastModified": 1721358387,
+        "narHash": "sha256-vkZvaLttczCfwQDHx7DGuIdV+K8QUQXHyMXZmn0df1M=",
         "owner": "tailscale-dev",
         "repo": "tclip",
-        "rev": "99fc19f91adb0e095189e7ba2771269696386ed2",
+        "rev": "5382625af90019d2b4ef29be8e15de3a8cb21238",
         "type": "github"
       },
       "original": {
M flake.nixflake.nix
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

diff --git a/flake.nix b/flake.nix
index ab4a5a72fcb4904d576edd7382dd5594705fa70a..5787a3d0ac28b2ba4900f418162542e969668417 100644
--- a/flake.nix
+++ b/flake.nix
@@ -96,7 +96,7 @@     };
     tclip = {
       url = "github:tailscale-dev/tclip";
       inputs = {
-        nixpkgs.follows = "nixpkgs";
+        #nixpkgs.follows = "nixpkgs";
         utils.follows = "flake-utils";
       };
     };
@@ -149,7 +149,6 @@           bennet = inputs.bennet.packages.${prev.system}.default;
         };
         tclip = inputs.tclip.packages.${prev.system}.tclip;
         templ = inputs.templ.packages.${prev.system}.templ;
-        dagger = inputs.dagger.packages.${prev.system}.dagger;
       })
       inputs.golink.overlay
     ];
@@ -235,7 +234,7 @@         nixpkgs = import nixpkgs {
           inherit overlays system;
         };
       };
-      dragonwell = {
+      dragonwell = {pkgs, ...}: {
         imports = [
           inputs.agenix.nixosModules.default
           inputs.golink.nixosModules.default
@@ -243,8 +242,10 @@           inputs.ugit.nixosModules.default
           inputs.git-pr.nixosModules.default
           inputs.actual.nixosModules.default
           inputs.tsnet-serve.nixosModules.default
+          ./modules/tclip
           ./machines/dragonwell
         ];
+        services.tclip.package = inputs.tclip.packages.${pkgs.system}.tclipd;
       };
     };
     nixConfig = {
M machines/dragonwell/default.nixmachines/dragonwell/default.nix
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
index 91429c7501bb73afee40d7e07baf8406e3e76810..b0f13919164ed17a3a21234dbd8c82253827ebef 100644
--- a/machines/dragonwell/default.nix
+++ b/machines/dragonwell/default.nix
@@ -2,7 +2,7 @@ let
   username = "jolheiser";
   key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
 in {
-  imports = [./actual.nix ./caddy.nix ./dex.nix ./git-pr.nix ./golink.nix ./gotosocial.nix ./restic.nix ./soju.nix ./tandoor.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
+  imports = [./actual.nix ./caddy.nix ./dex.nix ./git-pr.nix ./golink.nix ./gotosocial.nix ./restic.nix ./soju.nix ./tandoor.nix ./tclip.nix ./ugit.nix ./vikunja.nix ./hardware.nix];
 
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;
I machines/dragonwell/tclip.nix
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

diff --git a/machines/dragonwell/tclip.nix b/machines/dragonwell/tclip.nix
new file mode 100644
index 0000000000000000000000000000000000000000..db4dcd802fb6603260966715df18c83518968242
--- /dev/null
+++ b/machines/dragonwell/tclip.nix
@@ -0,0 +1,9 @@
+{
+  services.tclip = {
+    enable = true;
+    hostname = "paste";
+    useFunnel = true;
+    hideFunnelUsers = true;
+    authKey = "tskey-auth-k1VerP4gam11CNTRL-89rpeDcfTdJqkF9AECWmdJLVgo1jQcSAB"; # One-time key
+  };
+}
I modules/tclip/default.nix
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

diff --git a/modules/tclip/default.nix b/modules/tclip/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..69b5a35bc3fd9409c979ca7d099aa69be97e2f48
--- /dev/null
+++ b/modules/tclip/default.nix
@@ -0,0 +1,112 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  cfg = config.services.tclip;
+in {
+  options.services.tclip = {
+    enable = lib.mkEnableOption "tclip service";
+
+    hostname = lib.mkOption {
+      type = lib.types.str;
+      default = "paste";
+      description = "The hostname to use on your tailnet";
+    };
+
+    dataLocation = lib.mkOption {
+      type = lib.types.str;
+      default = "/var/lib/tclip";
+      description = "Where program data is stored";
+    };
+
+    tsnetVerbose = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Log verbosely to stderr";
+    };
+
+    useFunnel = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Expose pastes with tailscale funnel";
+    };
+
+    hideFunnelUsers = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Hide usernamd/image on funnel";
+    };
+
+    httpPort = lib.mkOption {
+      type = lib.types.nullOr lib.types.port;
+      default = null;
+      description = "Expose pastes on an HTTP server at the given port";
+    };
+
+    controlURL = lib.mkOption {
+      type = lib.types.nullOr lib.types.str;
+      default = null;
+      description = "Custom control server (e.g. headscale)";
+    };
+
+    disableHTTPS = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = "Disable serving on HTTPS";
+    };
+
+    package = lib.mkOption {
+      type = lib.types.package;
+      description = "The tclip package to use";
+    };
+
+    authKey = lib.mkOption {
+      type = lib.types.nullOr lib.types.str;
+      default = null;
+      description = "Tailscale auth key";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.tclip = {
+      description = "tclip Service";
+      after = ["network.target"];
+      wantedBy = ["multi-user.target"];
+
+      serviceConfig = {
+        ExecStart = let
+          args =
+            lib.optionals (cfg.httpPort != null) [
+              "--http-port=${cfg.httpPort}"
+            ]
+            ++ lib.optionals (cfg.controlURL != null) [
+              "--control-url=${cfg.controlURL}"
+            ]
+            ++ [
+              (lib.optionalString cfg.disableHTTPS "--disable-https")
+              "--hostname=${cfg.hostname}"
+              "--data-location=${cfg.dataLocation}"
+              (lib.optionalString cfg.tsnetVerbose "--tsnet-verbose")
+              (lib.optionalString cfg.useFunnel "--use-funnel")
+              (lib.optionalString cfg.hideFunnelUsers "--hide-funnel-users")
+            ];
+        in "${cfg.package}/bin/tclipd ${lib.concatStringsSep " " args}";
+        Restart = "always";
+        User = "tclip";
+        Group = "tclip";
+        Environment = ["TS_AUTHKEY=${cfg.authKey}"];
+      };
+    };
+
+    # Create user and group
+    users.users.tclip = {
+      isSystemUser = true;
+      group = "tclip";
+      home = cfg.dataLocation;
+      createHome = true;
+    };
+
+    users.groups.tclip = {};
+  };
+}