Add /etc/localtime file in test container

lib/modules/software.nix

@@ -12,7 +12,7 @@
             let
               optionalAttrs = lib.attrsets.optionalAttrs;
               cfg = config;
-              inherit (cfg.software) coding desktopExperience essential gaming socialMedia;
+              inherit (cfg.software) coding desktopExperience essential gaming server socialMedia;
 
               mkPrograms = programs: builtins.foldl' (
                 programs: name: programs // {
@@ -118,6 +118,8 @@
                   "pyenv"
                 ])) // (optionalAttrs gaming (mkPrograms [
                   "lutris"
+                ])) // (optionalAttrs server (mkPrograms [
+                  "nginx"
                 ]));
 
                 # Essentials

profiles/machines/manuel/defaults.nix

@@ -1,6 +1,5 @@
 { ... }: {
   imports = [
-    ../../users/manuel/config.nix
+    ../../users/manuel/desktop.nix
-    ../../../lib/modules/valhalla.nix
   ];
 }

profiles/users/manuel/config.nix

@@ -3,14 +3,6 @@
 
   config = {
     valhalla = {
-      programs = {
-        nextcloud.enable = true;
-      };
-
-      linux.programs = {
-        rclone.enable = true;
-      };
-
       users.manuel = {
         displayName = "Manuel Thalmann";
         mailAddress = "m@nuth.ch";
@@ -31,42 +23,6 @@
           "wheel"
           "nix-users"
         ];
-
-        programs = {
-          rclone = {
-            configurations = {
-              nextcloud = {
-                dirName = "Nextcloud";
-              };
-
-              proton = {
-                dirName = "Proton";
-                cacheDuration = "2w";
-              };
-            };
-          };
-        };
-      };
-
-      windows.users.manuel = {
-        programs = {
-          nextcloud = {
-            folderSyncs = let
-              localPath = "C:/tools/RetroArch-Win64";
-              remotePath = "/Saved Games/RetroArch";
-            in [
-              {
-                remotePath = "${remotePath}/Saves";
-                localPath = "${localPath}/saves";
-                virtualFiles = false;
-              }
-              {
-                remotePath = "${remotePath}/System";
-                localPath = "${localPath}/system";
-              }
-            ];
-          };
-        };
       };
     };
   };

profiles/users/manuel/desktop.nix

@@ -0,0 +1,51 @@
+{ ... }: {
+  imports = [ ./config.nix ];
+
+  config = {
+    valhalla = {
+      programs = {
+        nextcloud.enable = true;
+      };
+
+      linux.programs = {
+        rclone.enable = true;
+      };
+
+      linux.users.manuel.programs = {
+        rclone = {
+          configurations = {
+            nextcloud = {
+              dirName = "Nextcloud";
+            };
+
+            proton = {
+              dirName = "Proton";
+              cacheDuration = "2w";
+            };
+          };
+        };
+      };
+
+      windows.users.manuel = {
+        programs = {
+          nextcloud = {
+            folderSyncs = let
+              localPath = "C:/tools/RetroArch-Win64";
+              remotePath = "/Saved Games/RetroArch";
+            in [
+              {
+                remotePath = "${remotePath}/Saves";
+                localPath = "${localPath}/saves";
+                virtualFiles = false;
+              }
+              {
+                remotePath = "${remotePath}/System";
+                localPath = "${localPath}/system";
+              }
+            ];
+          };
+        };
+      };
+    };
+  };
+}

scripts/Arch/Drivers/SurfaceBook2/main.fish

@@ -21,6 +21,9 @@ begin
         sudo systemctl enable --global surface-dtx-userd.service
     end
 
-    runInstaller --force $argv
+    function installSWDependencies
         fish "$dir/../Surface/main.fish" $argv
     end
+
+    runInstaller --force $argv
+end

scripts/Arch/OS/backup.fish

@@ -0,0 +1,15 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+
+    function installValhallaDeps -V dir
+        source "$dir/../lib/software.fish"
+        and pacinst fish git jq nix sudo tmux
+    end
+
+    function getDeploymentScript -V dir
+        echo "$dir/../lib/deploy.fish"
+    end
+
+    source "$dir/../../Common/OS/backup.fish"
+end

scripts/Arch/Software/nginx/main.fish

@@ -0,0 +1,23 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+    source "$dir/../../lib/software.fish"
+    inherit "$dir/../../../Common/Software/aliae/main.fish"
+
+    function installSW
+        yayinst nginx
+    end
+
+    function configureSW
+        set -l file "/etc/nginx/nginx.conf"
+        set -l config "include /etc/nginx/conf.d/*.conf;"
+
+        if not grep --fixed-strings "$config" "$file" >/dev/null
+            sudo sed -i "$file" -e "/^http {/,/^}/{ /^}/{" -e "i\\" -e "" -e "i \    $config" -e "} }"
+        end
+
+        sudo systemctl enable --now nginx
+    end
+
+    runInstaller $argv
+end

scripts/Arch/Software/nix/main.fish

@@ -14,7 +14,7 @@ begin
 
     function configureSW -V dir
         sudo systemctl enable --now nix-daemon
-        configureSWBase configure $argv
+        configureSWBase $argv
     end
 
     runInstaller $argv

scripts/Arch/Software/vscode/main.fish

@@ -3,7 +3,9 @@ begin
     set -l dir (status dirname)
     source "$dir/../../lib/software.fish"
 
-    function setFlags -a user
+    function setFlags
+        argparse -i "user=" -- $argv
+        set -l user "$_flag_user"
         set -l flags
         set -l bins codium code
 

scripts/Arch/lib/deploy.fish

@@ -1,6 +1,7 @@
 function deploySoftware -d "Deploys a the specified software action" -a action
     set -l dir (status dirname)
     . "$dir/software.fish"
+    . "$dir/../../lib/settings.fish"
 
     if [ -z "$action" ]
         set action install
@@ -79,6 +80,7 @@ function deploySoftware -d "Deploys a the specified software action" -a action
     and source "$dir/../Software/git/main.fish" $argv
     and source "$dir/../Software/zoxide/main.fish" $argv
     and source "$dir/../Software/logo-ls/main.fish" $argv
+    and source "$dir/../../Common/Software/linux/main.fish" $argv
 
     # GRUB Shenanigans - if that's not essential I don't know what is!
     and source "$dir/../Software/minegrub-theme/main.fish" $argv

scripts/Common/OS/backup.fish

@@ -0,0 +1,60 @@
+#!/bin/env fish
+set -l dir (status dirname)
+source "$dir/../../lib/action.fish"
+
+function backupAction -V dir
+    source "$dir/../../lib/hooks.fish"
+
+    if not type -q getDeploymentScript
+        function getDeploymentScript
+            echo "No deployment script specified! No software will be installed." 1>&2
+            false
+        end
+    end
+
+    set -l deployScript (getDeploymentScript)
+
+    if fish "$dir/../../../lib/modules/partition/confirm.fish" "Do you wish to store the backup on an SSH server?" n
+        read -xP "Please specify the host name of the SSH server: " VALHALLA_BACKUP_SERVER
+        read -xP "Please specify the port of the SSH server (default 22): " VALHALLA_BACKUP_SERVER_PORT
+        read -xP "Please specify the name of the user to log in to the SSH server: " VALHALLA_BACKUP_SERVER_USER
+
+        if [ -z "$VALHALLA_BACKUP_SERVER_PORT" ]
+            set -x VALHALLA_BACKUP_SERVER_PORT 22
+        end
+
+        if [ -n "$VALHALLA_BACKUP_USER" ]
+            set -x VALHALLA_BACKUP_SERVER "$VALHALLA_BACKUP_SERVER_USER@$VALHALLA_BACKUP_SERVER"
+        end
+
+        echo
+        echo "$(tput setaf 3)==== WARNING ====$(tput sgr0)"
+        echo "For a seamless experience, please make sure that you are able to establish an unattended ssh connection using key authentication."
+        echo
+        echo "$(tput bold)This command should succeed without user interaction:$(tput sgr0)"
+        echo "ssh -o PasswordAuthentication=no -P $VALHALLA_BACKUP_SERVER_PORT $VALHALLA_BACKUP_SERVER true"
+        read -P "Press enter once you're done: "
+        echo
+    end
+
+    read -xP "Please specify the path to the directory to save the backup to: " BACKUP_DIR
+
+    runHook backupSoftware || begin
+        echo "Backing up software..."
+
+        and if [ -n "$deployScript" ]
+            source $deployScript backup
+        end
+    end
+
+    runHook backupUsers || begin
+        if [ -n "$deployScript" ]
+            for name in (getUsers | jq '.[]' --raw-output0 | string split0)
+                echo "Backing up user `$name`..."
+                and source $deployScript userBackup $name
+            end
+        end
+    end
+end
+
+runSetupUserAction backupAction

scripts/Common/OS/install.fish

@@ -1,55 +1,10 @@
 #!/bin/env fish
 set -l dir (status dirname)
-set -l cmdline (cat /proc/$fish_pid/cmdline | string split0)
+source "$dir/../../lib/action.fish"
-source "$dir/../../lib/settings.fish"
+
+function installAction -V dir
     source "$dir/../../lib/hooks.fish"
 
-if [ (id -u) -eq 0 ]
-    source "$dir/../../lib/config.fish"
-    source "$dir/../../lib/nix.fish"
-    set -l sudoConfig "/etc/sudoers.d/PortValhalla"
-    rm ~/.bash_profile
-
-    if ! git status -C (status dirname) &> /dev/null
-        git config --system --add safe.directory (realpath "$(status dirname)/../../..")
-    end
-
-    if [ -z "$TMUX" ]
-        if [ -z "$CONFIG_NAME" ]
-            selectProfile config
-            and set -x CONFIG_NAME "$config"
-        end
-
-        and runHook --force installValhallaDeps 'Please set up a function `installValhallaDeps` for installing `fish`, `git`, `jq`, `nix`, `sudo` and `tmux`.'
-        installNixPkgs
-        and tmux new-session $cmdline
-    else
-        set -l name (getOSConfig setupUser.name)
-
-        begin
-            echo "Creating setup user"
-
-            and useradd \
-                --comment "PortValhalla Setup User" \
-                --system \
-                --no-user-group \
-                --groups nix-users \
-                --create-home \
-                --uid (getOSConfig setupUser.id --json) \
-                "$name"
-        end
-
-        and begin
-            echo "$name ALL=(ALL:ALL) NOPASSWD: ALL"
-        end >"$sudoConfig"
-
-        and sudo --preserve-env --set-home --user "$name" $cmdline
-        rm "$sudoConfig"
-        userdel -rf "$name"
-        uninstallNixPkgs
-        read -P "finished. press enter"
-    end
-else
     if not type -q getDeploymentScript
         function getDeploymentScript
             echo "No deployment script specified! No software will be installed." 1>&2
@@ -85,7 +40,6 @@ else
     end
 
     and runHook postInstall || true
-    and sudo git config remove-section --system safe || true
 
     and begin
         echo "Cleaning installation scripts..."
@@ -100,3 +54,5 @@ else
     and sleep 5
     and systemctl reboot -i
 end
+
+runSetupUserAction installAction

scripts/Common/OS/setup.fish

@@ -1,19 +1,15 @@
 #!/bin/env fish
 function runSetup
     set -l dir (status dirname)
-    source "$dir/../../lib/settings.fish"
+    source "$dir/../../lib/action.fish"
-    source "$dir/../../lib/hooks.fish"
-    source "$dir/../../lib/nix.fish"
-
-    if [ -z "$CONFIG_NAME" ]
-        selectProfile config
-        set -x CONFIG_NAME "$config"
-    end
-
-    set -l mountDir (getOSConfig partition.rootDir)
     set -l projectRoot (realpath "$dir/../../..")
     set -l projectName (basename "$projectRoot")
     set -l PROJECT_CLONE_ROOT "/opt/$(basename "$projectName")"
+
+    function setupAction -V projectRoot -V PROJECT_CLONE_ROOT
+        source "$dir/../../lib/hooks.fish"
+        source "$dir/../../lib/settings.fish"
+        set -l mountDir (getOSConfig partition.rootDir)
         set -l script (mktemp)
         chmod +x "$script"
 
@@ -43,22 +39,6 @@ function runSetup
                 "$argv"
         end
 
-    echo "Partitioning drives..."
-    and getOSConfig partition.script >"$script"
-    and "$script"
-    and rm "$script"
-
-    # Copy `nixpkgs` channel
-    and echo "Preparing nix..."
-
-    and begin
-        mkdir -p (dirname "$mountDir/$nixPkgsDir")
-        cp -r "$nixPkgsDir" "$mountDir/$nixPkgsDir"
-    end
-
-    and echo "Installing dependencies..."
-    and runHook --force installValhallaDeps 'Please set up a function `installValhallaDeps` for installing `fish`, `git`, `jq`, `nix`, `sudo` and `tmux`.'
-
         and echo "Cloning project..."
         and source "$dir/../../lib/copy-repo.fish" "$mountDir$PROJECT_CLONE_ROOT"
         runChroot "$mountDir" git config --system --add safe.directory "$PROJECT_CLONE_ROOT"
@@ -76,10 +56,30 @@ function runSetup
                     (string escape $script))
 
         end | runChroot "$mountDir" tee /root/.bash_profile >/dev/null
+    end
 
-    and echo "Setup finished!"
+    function prepareNix
+        source "$dir/../../lib/nix.fish"
+
+        # Copy `nixpkgs` channel
+        mkdir -p (dirname "$mountDir/$nixPkgsDir")
+        cp -r "$nixPkgsDir" "$mountDir/$nixPkgsDir"
+    end
+
+    function actionPreRun
+        echo "Partitioning drives..."
+        and getOSConfig partition.script >"$script"
+        and "$script"
+        and rm "$script"
+    end
+
+    function actionPostRun
+        echo "Setup finished!"
         and echo "This machine will reboot in 5 seconds..."
         and echo "Press CTRL-C to abort..."
         and sleep 5
         and systemctl reboot
     end
+
+    runAction setupAction
+end

scripts/Common/Software/aliae/main.fish

@@ -42,8 +42,17 @@ begin
         sudo -HE pwsh "$dir/Main.ps1" Configure
     end
 
-    function userConfig -V dir -a user
+    function getBackupArgs
-        runPSUserConfig "$dir/Main.ps1" $user
+        printf "%s\n" --full-path "/etc/aliae/aliae.yml" /
+    end
+
+    function userConfig -V dir
+        runPSUserConfig "$dir/Main.ps1" $argv
+    end
+
+    function getUserBackupArgs
+        argparse -i "user=" -- $argv
+        printf "%s\n" --base-directory ~"$_flag_user" --hidden --exact-depth 1 --glob ".aliae.yaml"
     end
 
     runInstaller $argv

scripts/Common/Software/docker/main.fish

@@ -7,8 +7,9 @@ begin
         sudo systemctl enable --now docker
     end
 
-    function userConfig -a name
+    function userConfig
-        sudo usermod -aG docker "$name"
+        argparse -i "user=" -- $argv
+        sudo usermod -aG docker "$_flag_user"
     end
 
     runInstaller $argv

scripts/Common/Software/docker/services/anki-sync/anki.conf

@@ -0,0 +1,12 @@
+server {
+    listen 80;
+    server_name anki.nuth.ch;
+
+    location / {
+        proxy_pass http://127.0.0.1:1337;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}

scripts/Common/Software/docker/services/anki-sync/docker-compose.secrets.yml

@@ -0,0 +1,6 @@
+services:
+  anki:
+    environment:
+      SYNC_USER1: scott:tiger
+    ports:
+      - 127.0.0.1:1337:8080

scripts/Common/Software/docker/services/anki-sync/docker-compose.yml

@@ -0,0 +1,9 @@
+services:
+  anki:
+    image: yangchuansheng/anki-sync-server
+    restart: unless-stopped
+    extends:
+      file: docker-compose.secrets.yml
+      service: anki
+    volumes:
+      - ./data:/ankisyncdir

scripts/Common/Software/docker/services/anki-sync/main.fish

@@ -0,0 +1,32 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+    set -l source "$dir/docker-compose.secrets.yml"
+    source "$dir/../service.fish"
+
+    function installSW -V dir -V source
+        set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
+        set -l userKey ".services.anki.environment.SYNC_USER1"
+        set -l user (yq --raw-output "$userKey" "$source" | sed "s/:.*\$/:$pw/")
+        sudo cp "$dir/docker-compose.yml" (getServiceRoot $argv)
+
+        USER=$user yq "$userKey = env.USER" "$source" | \
+            sudo tee (__getServiceSecretsConfig $argv) >/dev/null
+
+        installDockerService $argv
+    end
+
+    function configureSW -V dir
+        configureDockerService $argv
+    end
+
+    function getServiceNginxConfigSource -V dir
+        echo "$dir/anki.conf"
+    end
+
+    function getServiceConfigs
+        printf "%s\0" "anki" "/"
+    end
+
+    runInstaller --force $argv
+end

scripts/Common/Software/docker/services/service.fish

@@ -0,0 +1,73 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+    set -l root /usr/local/lib
+    set -l secretsFile "docker-compose.secrets.yml"
+    set -l nginxRoot "/etc/nginx/conf.d"
+    set -l portPattern "^\([.[:digit:]]\+:\)\([[:digit:]]\+\)\(:[[:digit:]]\+\)"
+    source "$dir/../../../../lib/software.fish"
+
+    function getServiceName
+        argparse -i "name=" -- $argv
+        echo "$_flag_name"
+    end
+
+    function getServiceRoot -V root
+        echo "$root/$(getServiceName $argv)"
+    end
+
+    function __getServiceNginxConfig -V nginxRoot
+        echo "$nginxRoot/$(getServiceName $argv).conf"
+    end
+
+    function __getServiceSecretsConfig -V secretsFile
+        echo "$(getServiceRoot $argv)/$secretsFile"
+    end
+
+    function __getServicePortKey -V secretsFile -a name
+        echo ".services.$name.ports[0]"
+    end
+
+    function installDockerService -V dir -V nginxRoot -V portPattern
+        set -l services (getServiceConfigs $argv | string split0)
+        sudo cp (getServiceNginxConfigSource $argv) (__getServiceNginxConfig $argv)
+
+        for i in (seq 1 2 (count $services))
+            set -l file (mktemp)
+            set -l config (__getServiceSecretsConfig $argv)
+            set -l service $services[$i]
+            set -l port (random 49152 65535)
+            set -l portKey (__getServicePortKey "$service")
+            set -l exposedPort
+            sudo mkdir -p (getServiceRoot $argv)
+            sudo mkdir -p "$nginxRoot"
+            cp "$config" "$file"
+            set exposedPort (yq --raw-output "$portKey" "$file" | sed "s/$portPattern/\1$port\3/")
+            PORT=$exposedPort yq -y "$portKey = env.PORT" "$file" | sudo tee "$config" >/dev/null
+        end
+    end
+
+    function configureDockerService -V portPattern
+        set -l services (getServiceConfigs $argv | string split0)
+
+        for i in (seq 1 2 (count $services))
+            set -l config (__getServiceSecretsConfig $argv)
+            set -l service $services[$i]
+            set -l location $services[(math $i + 1)]
+            set -l portKey (__getServicePortKey "$service")
+            set -l port (yq --raw-output "$portKey" "$config" | sed "s/$portPattern/\2/")
+            set -l nginxConfig (__getServiceNginxConfig $argv)
+
+            cat "$nginxConfig" | sed \
+                -e "\;location $location {;,/}/{" \
+                -e "s/\(proxy_pass \)\(.\+:\)\?[[:digit:]]\+\(;\)/\1\2$port\3/;" \
+                -e "}" | sudo tee "$nginxConfig" >/dev/null
+        end
+
+        sudo systemctl restart nginx
+    end
+
+    function getBackupArgs -V root
+        printf "%s\n" --hidden --no-ignore . --exclude "docker-compose.yml" "$root"
+    end
+end

scripts/Common/Software/docker/services/vaultwarden/docker-compose.secrets.yml

@@ -0,0 +1,11 @@
+services:
+  vaultwarden:
+    environment:
+      DATABASE_URL: mysql://vaultwarden:pw@db/vault
+    ports:
+      - 127.0.0.1:1337:80
+  db:
+    environment:
+      MARIADB_USER: vaultwarden
+      MARIADB_PASSWORD: pw
+      MARIADB_DATABASE: vault

scripts/Common/Software/docker/services/vaultwarden/docker-compose.yml

@@ -0,0 +1,35 @@
+services:
+  vaultwarden:
+    image: vaultwarden/server
+    restart: unless-stopped
+    extends:
+      file: docker-compose.secrets.yml
+      service: vaultwarden
+    volumes:
+      - ./data:/data
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      DOMAIN: https://passwords.nuth.ch
+      SMTP_HOST: bridge
+      SMTP_FROM: no-reply@nuth.ch
+      SMTP_FROM_VALUE: vaultwarden
+      SMTP_PORT: 25
+      SMTP_ACCEPT_INVALID_CERTS: "true"
+      SIGNUPS_ALLOWED: "false"
+      SIGNUPS_VERIFY: "true"
+  db:
+    image: mariadb
+    restart: unless-stopped
+    extends:
+      file: docker-compose.secrets.yml
+      service: db
+    volumes:
+      - ./db:/var/lib/mysql
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      MARIADB_RANDOM_ROOT_PASSWORD: "yes"
+  bridge:
+    image: shenxn/protonmail-bridge
+    restart: unless-stopped
+    volumes:
+      - ./bridge:/root

scripts/Common/Software/docker/services/vaultwarden/main.fish

@@ -0,0 +1,38 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+    set -l source "$dir/docker-compose.secrets.yml"
+    source "$dir/../service.fish"
+
+    function installSW -V dir -V source
+        set -l pw (nix-shell -p keepassxc --run "keepassxc-cli generate --length 32")
+        set -l dbKey ".services.vaultwarden.environment.DATABASE_URL"
+        set -l dbUrl (yq --raw-output "$dbKey" "$source" | sed "s/^\(.*:\/\/.*:\).*\(@.*\/.*\)\$/\1$pw\2/")
+        sudo cp "$dir/docker-compose.yml" (getServiceRoot $argv)
+
+        URL=$dbUrl yq "$dbKey = env.URL" "$source" | \
+            PW=$pw yq ".services.db.environment.MARIADB_PASSWORD = env.PW" | \
+            sudo tee (__getServiceSecretsConfig $argv) >/dev/null
+
+        installDockerService $argv
+    end
+
+    function configureSW -V dir
+        configureDockerService $argv
+    end
+
+    function getServiceNginxConfigSource -V dir
+        echo "$dir/vaultwarden.conf"
+    end
+
+    function getServiceConfigs
+        argparse -i "name=" -- $argv
+        printf "%s\0" "$_flag_name" "/"
+    end
+
+    function getBackupArgs -V root
+        printf "%s\n" --hidden --no-ignore . --exclude "docker-compose.yml" "$root"
+    end
+
+    runInstaller --force $argv
+end

scripts/Common/Software/docker/services/vaultwarden/vaultwarden.conf

@@ -0,0 +1,12 @@
+server {
+    listen 80;
+    server_name passwords.nuth.ch;
+
+    location / {
+        proxy_pass http://127.0.0.1:1337;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}

scripts/Common/Software/git/main.fish

@@ -8,8 +8,9 @@ begin
         pwsh "$base" Configure
     end
 
-    function userConfig -S -V base -a name
+    function userConfig -S -V base
-        runPSUserConfig "$base" $name
+        argparse -i "user=" -- $argv
+        runPSUserConfig "$base" $_flag_user
     end
 
     runInstaller $argv

scripts/Common/Software/linux/main.fish

@@ -0,0 +1,10 @@
+#!/bin/env fish
+begin
+    set -l dir (status dirname)
+    source "$dir/../../../lib/software.fish"
+
+    function getUserBackupArgs
+        argparse -i "user=" -- $argv
+        printf "%s\n" --base-directory ~"$_flag_user" --exact-depth 1 --hidden "^(\\.ssh|[^.])" --exclude "Games" --exclude "Desktop" ~ --exec fd . {}
+    end
+end

scripts/Common/Software/rclone/main.fish

@@ -7,8 +7,10 @@ begin
         sudo cp "$dir/rclone.service" "$dir/rclone.target" "$dir/rclone@.service" /etc/systemd/user
     end
 
-    function userConfig -V dir -a name
+    function userConfig -V dir
         source "$dir/../../../lib/settings.fish"
+        argparse -i "user=" -- $argv
+        set -l name $_flag_user
         set -l key "programs.rclone.configurations"
         set -l configs (getUserConfig "$name" "$key" --apply "builtins.attrNames" --json)
 

scripts/Common/Software/virt-manager/main.fish

@@ -12,8 +12,9 @@ begin
         or true
     end
 
-    function userConfig -a name
+    function userConfig
-        sudo usermod -aG libvirt "$name"
+        argparse -i "user=" -- $argv
+        sudo usermod -aG libvirt "$_flag_user"
     end
 
     runInstaller $argv

scripts/arch-install.fish

@@ -0,0 +1,4 @@
+#!/bin/env fish
+begin
+    fish "$(status dirname)/Arch/OS/install.fish"
+end

scripts/lib/action.fish

@@ -0,0 +1,75 @@
+set -l dir (status dirname)
+
+function runActionSetup -V dir
+    source "$dir/hooks.fish"
+    source "$dir/nix.fish"
+    source "$dir/settings.fish"
+    echo "Installing dependencies..."
+    and runHook --force installValhallaDeps 'Please set up a function `installValhallaDeps` for installing `fish`, `git`, `jq`, `nix`, `sudo` and `tmux`.'
+    and echo "Preparing nix..."
+    and runHook prepareNix || installNixPkgs
+
+    and echo "Flagging repository as safe..."
+    and sudo git config --system --add safe.directory (realpath "$(status dirname)/../..")
+    and runHook actionPreRun || true
+end
+
+function runActionConfigure
+    and if [ -z "$CONFIG_NAME" ]
+        selectProfile config
+        set -x CONFIG_NAME "$config"
+    end
+end
+
+function disposeAction
+    runHook actionPostRun || true
+    and uninstallNixPkgs
+    and sudo git config remove-section --system safe || true
+end
+
+function runAction -V dir
+    runActionSetup
+    and runActionConfigure
+    and $argv
+    and disposeAction
+end
+
+function runSetupUserAction -V dir
+    if [ (id -u) -eq 0 ]
+        set -l cmdline (cat /proc/$fish_pid/cmdline | string split0)
+
+        if [ -z "$TMUX" ]
+            runActionSetup
+            tmux new-session -e "CONFIG_NAME=$CONFIG_NAME" $cmdline
+        else
+            source "$dir/settings.fish"
+            runActionConfigure
+            set -l sudoConfig "/etc/sudoers.d/PortValhalla"
+            set -l name (getOSConfig setupUser.name)
+
+            and begin
+                echo "Creating setup user"
+
+                and useradd \
+                    --comment "PortValhalla Setup User" \
+                    --system \
+                    --no-user-group \
+                    --groups nix-users \
+                    --create-home \
+                    --uid (getOSConfig setupUser.id --json) \
+                    "$name"
+            end
+
+            and begin
+                echo "$name ALL=(ALL:ALL) NOPASSWD: ALL"
+            end >"$sudoConfig"
+
+            and sudo --preserve-env --set-home --user "$name" $cmdline
+            disposeAction
+            rm "$sudoConfig"
+            userdel -rf "$name"
+        end
+    else
+        $argv
+    end
+end

scripts/lib/config.fish

@@ -1,4 +1,4 @@
 set projectName port-valhalla
 set nixPkgsVersion nixos-24.05
-set cacheRoot ~/".cache/$projectName"
+set valhallaCache ~/".cache/$projectName"
-set nixPkgsCache "$cacheRoot/nixpkgs/$nixPkgsVersion"
+set nixPkgsCache "$valhallaCache/nixpkgs/$nixPkgsVersion"

scripts/lib/nix.fish

@@ -15,12 +15,18 @@ begin
 
     function installNixPkgs -V config -V nixPkgsDir
         source "$config"
+
+        if [ ! -d "$nixPkgsDir" ]
+            if [ ! -d "$nixPkgsCache" ]
                 downloadNixPkgs
-        mkdir -p "$nixPkgsDir"
+            end
-        cp -r "$nixPkgsCache"/* "$nixPkgsDir"
+
+            sudo mkdir -p "$nixPkgsDir"
+            sudo cp -r "$nixPkgsCache"/* "$nixPkgsDir"
+        end
     end
 
     function uninstallNixPkgs -V nixPkgsDir
-        rm -rf "$nixPkgsDir"
+        sudo rm -rf (dirname "$nixPkgsDir")
     end
 end

scripts/lib/restoration.fish

@@ -0,0 +1,80 @@
+function backupFiles
+    if [ -n "$VALHALLA_BACKUP_DIR" ]
+        argparse -i "u/user=" "n/name=" "base-directory=" -- $argv
+        set -l tarArgs
+    
+        if [ -n "$_flag_base_directory" ]
+            set -a argv --base-directory "$_flag_base_directory"
+            set -a tarArgs -C "$_flag_base_directory"
+        else
+            set -a tarArgs -P
+        end
+    
+        tar $tarArgs -cvz (fd $argv) | createArchive $argv --user "$_flag_user" --name "$_flag_name"
+    end
+end
+
+function restoreFiles
+    if [ -n "$VALHALLA_BACKUP_DIR" ]
+        argparse -i "user=" "base-directory=" -- $argv
+        set -l tarArgs
+        set -l sudoArgs
+
+        if [ -n "$_flag_base_directory" ]
+            set -a tarArgs -C "$_flag_base_directory"
+        else
+            set -a tarArgs -P
+        end
+
+        if [ -n "$_flag_user" ]
+            set -a sudoArgs -u "$_flag_user"
+        end
+
+        fetchArchive $argv | begin
+            sudo $sudoArgs tar $tarArgs -xvz
+        end
+    end
+end
+
+function createArchive
+    set -l path (getArchivePath $argv)
+
+    if [ ! -d (dirname "$path") ]
+        mkdir -p (dirname "$path")
+    end
+
+    runRestorationCommand tee "$path" >/dev/null
+end
+
+function fetchArchive
+    set -l path (getArchivePath $argv)
+    runRestorationCommand cat "$path"
+end
+
+function runRestorationCommand
+    if [ -z "$VALHALLA_BACKUP_SERVER" ]
+        $argv
+    else
+        set -l args
+
+        if [ -n "$VALHALLA_BACKUP_SERVER_PORT" ]
+            set -a args -p $VALHALLA_BACKUP_SERVER_PORT
+        end
+
+        ssh $args "$VALHALLA_BACKUP_SERVER" $argv
+    end
+end
+
+function getArchivePath
+    argparse -i "u/user=" "n/name=" -- $argv
+    set -l path "$VALHALLA_BACKUP_DIR"
+
+    if [ -b "$_flag_user" ]
+        set -a path Users "$_flag_user"
+    else
+        set -a path System
+    end
+
+    set -a path "$_flag_name.tar.gz"
+    realpath -m (string join / $path)
+end

scripts/lib/settings.fish

@@ -40,13 +40,21 @@ function getOSConfig -S -a property
     getConfig "$(getOSConfigRoot).$property" $argv[2..]
 end
 
-function getProgramConfig -S -a name user
+function getProgramConfig -S
+    argparse -i "name=" "user=" -- $argv
+    set -l name $_flag_name
+    set -l user $_flag_user
     set -l option "programs.$name"
 
+    if [ -z "$name" ]
+        set name $argv[1]
+        set argv $argv[2..]
+    end
+
     if [ -z "$user" ]
-        getOSConfig "$option" $argv[3..] --fallback "{}"
+        getOSConfig "$option" $argv --fallback "{}"
     else
-        getUserConfig "$user" "$option" $argv[3..] --fallback "{}"
+        getUserConfig "$user" "$option" $argv --fallback "{}"
     end
 end
 
@@ -78,8 +86,9 @@ function isEnabled -S -a property
     getConfig "$property" --json | jq --exit-status >/dev/null
 end
 
-function isProgramEnabled -S -a name user
+function isProgramEnabled -S
-    getProgramConfig "$name" "$user" --json 2>/dev/null | jq --exit-status ".enable" >/dev/null
+    argparse -i "user=" "name=" -- $argv
+    getProgramConfig --user "$_flag_user" --name "$_flag_name" --json 2>/dev/null | jq --exit-status ".enable" >/dev/null
 end
 
 function isOSEnabled -S -a property

scripts/lib/software.fish

@@ -2,52 +2,116 @@
 begin
     set -l dir (status dirname)
 
-    functions -e installSW
+    set -l backupActions \
-    functions -e configureSW
+        backup backupSW prepareBackup prepareBackup backupArgs getBackupArgs restore restoreSW \
-    functions -e userConfig
+        userBackup userBackup prepareUserBackup prepareUserBackup userBackupArgs getUserBackupArgs userRestore userRestore
 
-    function runPSUserAction -a script action name
-        pwsh -CommandWithArgs '& $args[0] $args[1] @{ name=$args[2]; }' "$script" "$action" "$name"
-    end
-
-    function runPSUserConfig -a script name
-        runPSUserAction "$script" ConfigureUser "$name"
-    end
-
-    function inherit -a script -d "Inherits the installer from the specified script."
     set -l actions \
-            installSW \
+        install installSW \
-            install \
+        configure configureSW \
-            configureSW \
+        userConfig userConfig \
-            configure \
+        dependencies installSWDependencies
-            userConfig \
-            userConfig
 
-        for i in (seq 1 2 (count $actions))
+    set -a actions $backupActions
-            set -l functionName "$actions[$i]Base"
 
-            function $functionName -V script -V actions -V i
+    for i in (seq 2 2 (count $actions))
-                fish "$script" $actions[(math $i + 1)] $argv
+        functions -e "$actions[$i]"
     end
 
-            function $actions[$i] -V functionName
+    for i in (seq 1 6 (count $backupActions))
-                $functionName $argv
+        set -l preRun $backupActions[(math $i + 3)]
+        set -l function $backupActions[(math $i + 1)]
+        set -l getArgs $backupActions[(math $i + 5)]
+        set -l restore $backupActions[(math $i + 7)]
+
+        for functionName in $function $restore
+            function $functionName -V dir -V getArgs -V functionName -V restore
+                set -l args
+
+                if functions -q $getArgs
+                    set args ($getArgs $argv)
+                end
+
+                if [ "$functionName" = "$restore" ] || [ -n "$args" ]
+                    for arg in name user
+                        set -l varName "_flag_$arg"
+
+                        begin
+                            set -l backup $argv
+                            argparse -i "$arg=" -- $args
+                            set -l argv $backup
+                        end
+    
+                        if [ -z "$$varName" ]
+                            argparse -i "$arg=" -- $argv
+                            set -a args "--$arg" "$$varName"
+                        end
+                    end
+
+                    source "$dir/restoration.fish"
+
+                    if [ "$functionName" != "$restore" ]
+                        argparse -i "action=" -- $argv
+                        $preRun $argv
+                        backupFiles $args
+                    else
+                        restoreFiles $args
+                    end
+                end
+            end
+        end
+    end
+
+    function runPSUserAction
+        argparse -i "script=" "action=" "user=" -- $argv
+
+        if [ -z "$_flag_script" ]
+            set _flag_script $argv[1]
+        end
+
+        pwsh -CommandWithArgs '& $args[0] $args[1] @{ name=$args[2]; }' "$_flag_script" "$_flag_action" "$_flag_user"
+    end
+
+    function runPSUserConfig
+        runPSUserAction $argv --action ConfigureUser
+    end
+
+    function inherit -V actions -a script -d "Inherits the installer from the specified script."
+        for i in (seq 1 2 (count $actions))
+            set -l action $actions[$i]
+            set -l functionName $actions[(math $i + 1)]
+            set -l baseName $functionName"Base"
+
+            function $baseName -V script -V action
+                argparse -i "action=" -- $argv
+                fish "$script" $action $argv
+            end
+
+            function $functionName -V baseName
+                $baseName $argv
             end
         end
     end
 
     function runInstaller -V dir -a action
+        argparse -i "name=" -- $argv
+
+        if [ -z "$_flag_name" ]
             set -l path (status stack-trace | head -n4 | tail -n1 | string replace --regex -- '^\s*called on line \d+ of file (.*)$' '$1')
-        set -l name (basename (dirname $path))
+            set _flag_name (basename (dirname $path))
-        runInstallerAction $name $argv
         end
 
-    function runInstallerAction -V dir
+        runInstallerAction --name "$_flag_name" $argv
-        argparse "force" -- $argv
+    end
+
+    function runInstallerAction -V dir -V actions
+        argparse -i "force" "name=" "action=" -- $argv
         set -l install
-        set -l args $_flag_force
+        set -l name $_flag_name
-        set -l name $argv[1]
+        set -l action $_flag_action
-        set -l action $argv[2]
+        set -l args $_flag_force --name "$name"
+        set -l dependencyFunction "installSWDependencies"
+        set -l installDependencies
         source "$dir/settings.fish"
 
         if [ -n "$_flag_force" ]
@@ -56,45 +120,104 @@ begin
             set force false
         end
 
-        if isProgramEnabled $name || $force
+        if functions -q "$dependencyFunction"
+            set installDependencies __runSosftwareDependencyInstaller
+            functions -c "$dependencyFunction" "$installDependencies"
+            functions -e "$dependencyFunction"
+        end
+
+        if isProgramEnabled $args || $force
             set install true
         else
             set install false
         end
 
-        if [ -z "$action" ] || [ "$action" = install ]
+        if [ -z "$action" ]
-            if functions -q installSW && $install
+            if [ -n "$argv[1]" ]
-                echo "Installing `$name`..."
+                set action $argv[1]
-                installSW $argv[3..]
+                set argv $argv[2..]
+            else
+                set action install
+            end
         end
 
-            runInstallerAction $args $name configure
+        for i in (seq 1 2 (count $actions))
+            if [ "$action" = "$actions[$i]" ]
+                set -l message
+                set -l function $actions[(math $i + 1)]
+                set -l preRun "__preRun"
+                set -l postRun "__postRun"
+                functions -e $preRun
+                functions -e $postRun
+
+                switch "$action"
+                    case install
+                        set message "Installing `$name`..."
+
+                        function $postRun -V args
+                            runInstallerAction $args --action configure
 
                             if not isConfigured || [ "$USER" != (getConfig "valhalla.setupUser.name") ]
-                runInstallerAction $args $name userConfig
+                                runInstallerAction $args --action userConfig
                             end
-        else if [ "$action" = configure ]
-            if functions -q configureSW && $install
-                echo "Configuring `$name`..."
-                configureSW $argv[3..]
                         end
-        else if [ "$action" = userConfig ]
+                    case configure
-            set -l user $argv[3]
+                        set message "Configuring `$name`..."
+
+                        function $preRun -V args
+                            runInstallerAction $args --action restore
+                        end
+                    case userConfig userBackup userRestore
+                        argparse -i "user=" -- $argv
+                        set -l user "$_flag_user"
 
                         if [ -z "$user" ]
                             set user "$USER"
+                            set -a args --user "$user"
                         end
 
-            if isProgramEnabled "$name" "$user" || $force
+                        if isProgramEnabled $args || $force
                             set install true
                         else
                             set install false
                         end
 
-            if functions -q userConfig && $install
+                        switch "$action"
-                echo "Configuring `$name` for `$user`..."
+                            case userConfig
-                userConfig "$user" $argv[4..]
+                                set message "Configuring `$name` for `$user`..."
+
+                                function $preRun -V args
+                                    runInstallerAction $args --action userRestore
+                                end
+                            case userBackup
+                                set message "Backing up `$name` for `$user`..."
+                            case userRestore
+                                set message "Restoring `$name` for `$user`..."
+                        end
+                end
+
+                if functions -q $preRun
+                    $preRun
+                end
+
+                if functions -q "$function" && $install
+                    if [ -n "$message" ]
+                        echo $message
+                    end
+
+                    "$function" $args $argv
+                end
+
+                if functions -q $postRun
+                    $postRun
                 end
             end
         end
+
+        if [ -n "$installDependencies" ]
+            "$installDependencies" --action "$action" $args $argv
+            functions -c "$installDependencies" "$dependencyFunction"
+            functions -e "$installDependencies"
+        end
+    end
 end

scripts/test/arch-install.fish

@@ -0,0 +1,29 @@
+#!/bin/env fish
+set -l dir (status dirname)
+set -l container valhalla-test
+set -l containerDir "/var/lib/lxc/$container"
+set -l valhallaRoot "opt/PortValhalla"
+sudo lxc-stop "$container"
+sudo lxc-destroy "$container"
+sudo lxc-create "$container" -t download -- --dist archlinux --release current --arch amd64
+sudo mkdir -p "$containerDir/rootfs/$valhallaRoot"
+
+begin
+    printf "%s\n" \
+        "# For docker" \
+        "lxc.apparmor.profile = unconfined" \
+        "" \
+        "# Shared Folder" \
+        "lxc.mount.entry = $(realpath "$dir/../..") $valhallaRoot none bind 0 0"
+end | sudo tee -a "$containerDir/config" > /dev/null
+
+sudo lxc-start "$container"
+
+while not sudo lxc-attach "$container" -- ping -q -c1 5.9.164.112 &>/dev/null
+    sleep .1
+end
+
+sudo lxc-attach "$container" -- systemctl start systemd-networkd-wait-online.service
+sudo lxc-attach "$container" -- ln -s (readlink /etc/localtime) /etc/localtime
+sudo lxc-attach "$container" -- pacman --noconfirm -Syu fish
+sudo lxc-attach "$container" -- "/$valhallaRoot/scripts/arch-install.fish"