Compare commits

..

1 Commits

Author SHA1 Message Date
Oystein Kristoffer Tveit 6977f6f399
WIP: home/{hyprland,waybar}: init 2024-08-05 17:48:48 +02:00
43 changed files with 271 additions and 620 deletions

View File

@ -16,16 +16,14 @@
gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
gtk3.bookmarks = map (s: "file://${config.home.homeDirectory}/${s}") [ gtk3.bookmarks = map (s: "file://${config.home.homeDirectory}/${s}") [
"Dropbox"
"Downloads" "Downloads"
"pictures"
"documents"
"music"
".config"
".local/share"
# "Dropbox"
"git"
"git/pvv" "git/pvv"
"nix" "nix"
"NTNU"
"ng"
"git"
"music"
]; ];
}; };
} }

View File

@ -9,13 +9,13 @@
userDirs = { userDirs = {
enable = true; enable = true;
desktop = "${config.home.homeDirectory}/Desktop"; desktop = "${config.home.homeDirectory}/Desktop";
documents = "${config.home.homeDirectory}/documents"; documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads"; download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/music"; music = "${config.home.homeDirectory}/music";
pictures = "${config.home.homeDirectory}/pictures"; pictures = "${config.home.homeDirectory}/Pictures";
publicShare = "${config.home.homeDirectory}/public"; publicShare = "${config.home.homeDirectory}/public";
templates = "${config.home.homeDirectory}/templates"; templates = "${config.home.homeDirectory}/templates";
videos = "${config.home.homeDirectory}/videos"; videos = "${config.home.homeDirectory}/Videos";
}; };
}; };
} }

View File

@ -11,18 +11,19 @@ in {
./programs/atuin.nix ./programs/atuin.nix
./programs/comma.nix ./programs/comma.nix
./programs/direnv ./programs/direnv.nix
./programs/gdb.nix ./programs/gdb.nix
./programs/gh.nix ./programs/gh.nix
./programs/git ./programs/git
./programs/gpg ./programs/gpg
./programs/less.nix ./programs/less.nix
./programs/neovim ./programs/neovim.nix
./programs/nix-index ./programs/nix-index
./programs/tealdeer ./programs/tealdeer.nix
./programs/tmux.nix ./programs/tmux.nix
./programs/zsh ./programs/zsh
./services/git-maintenance.nix
./services/nix-channel-update.nix ./services/nix-channel-update.nix
./services/pueue.nix ./services/pueue.nix
@ -40,12 +41,11 @@ in {
./programs/qutebrowser.nix ./programs/qutebrowser.nix
./programs/rofi.nix ./programs/rofi.nix
./programs/taskwarrior.nix ./programs/taskwarrior.nix
./programs/vscode ./programs/vscode.nix
./programs/waybar.nix ./programs/waybar.nix
# ./programs/xmobar # ./programs/xmobar
./programs/xmonad ./programs/xmonad
./programs/zathura.nix ./programs/zathura.nix
./programs/zed
./services/copyq.nix ./services/copyq.nix
./services/dunst.nix ./services/dunst.nix

View File

@ -13,9 +13,7 @@
ffmpeg ffmpeg
file file
gh-dash gh-dash
glances
gpg-tui gpg-tui
gping
graphviz graphviz
httpie httpie
imagemagick imagemagick

View File

@ -1,9 +1,5 @@
{ ... }: { ... }:
{ {
imports = [
./auto-prune.nix
];
programs.direnv = { programs.direnv = {
enable = true; enable = true;
enableZshIntegration = true; enableZshIntegration = true;

View File

@ -1,38 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.programs.direnv;
in
{
config = {
systemd.user.services.prune-allowed-direnv-dirs = {
Unit = {
Description = "Prune unused allowed directories for direnv";
Documentation = [ "man:direnv(1)" ];
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} prune";
};
};
systemd.user.timers.prune-allowed-direnv-dirs = {
Unit = {
Description = "Prune unused allowed directories for direnv";
Documentation = [ "man:direnv(1)" ];
};
Timer = {
Unit = "prune-allowed-direnv-dirs.service";
OnCalendar = "daily";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}

View File

@ -14,10 +14,6 @@ let
]; ];
in in
{ {
imports = [
./maintenance-timers.nix
];
# TODO: convert to template once nix-sops supports it in hm module # TODO: convert to template once nix-sops supports it in hm module
sops.secrets."git/nordicsemi-config" = { }; sops.secrets."git/nordicsemi-config" = { };
@ -54,7 +50,6 @@ in
authors = "shortlog --summary --numbered --email"; authors = "shortlog --summary --numbered --email";
si = "switch-interactive"; si = "switch-interactive";
rebase-author = "rebase -i -x \"git commit --amend --reset-author -CHEAD\""; rebase-author = "rebase -i -x \"git commit --amend --reset-author -CHEAD\"";
git = "!git";
}; };
extraConfig = { extraConfig = {
@ -89,10 +84,6 @@ in
maintenance.strategy = "incremental"; maintenance.strategy = "incremental";
scalar = {
repo = [ "${config.home.homeDirectory}/nixpkgs" ];
};
transfer.fsckObjects = true; transfer.fsckObjects = true;
receive.fsckObjects = true; receive.fsckObjects = true;

View File

@ -1,61 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.programs.gpg;
in
{
options = {
programs.gpg.auto-update-trust-db = {
enable = lib.mkEnableOption "a timer that automatically updates your trust db";
frequency = lib.mkOption {
default = "daily";
type = lib.types.str;
description = ''
How often to update trust db
:::{.note}
This value is passed to the systemd
timer configuration as the onCalendar option. See
{manpage}`systemd.time(7)`
for more information about the format.
:::
'';
};
};
};
config = {
systemd.user.services.update-trust-db = lib.mkIf cfg.auto-update-trust-db.enable {
Unit = {
Description = "Update gpg trust database";
Documentation = [ "man:gpg(1)" ];
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} --update-trustdb";
Environment = [
"GNUPGHOME=${cfg.homedir}"
];
};
};
systemd.user.timers.gpg-refresh-keys = lib.mkIf cfg.auto-update-trust-db.enable {
Unit = {
Description = "Update gpg trust database";
Documentation = [ "man:gpg(1)" ];
};
Timer = {
Unit = "update-trust-db.service";
OnCalendar = cfg.auto-update-trust-db.frequency;
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}

View File

@ -2,7 +2,6 @@
{ {
imports = [ imports = [
./auto-refresh-keys.nix ./auto-refresh-keys.nix
./auto-update-trust-db.nix
./declarative-key-fetcher.nix ./declarative-key-fetcher.nix
]; ];

View File

@ -1,9 +1,5 @@
{ pkgs, home, ... }: { pkgs, home, ... }:
{ {
imports = [
./auto-clean-swapfiles.nix
];
programs.neovim = { programs.neovim = {
enable = true; enable = true;

View File

@ -1,56 +0,0 @@
{ config, pkgs, lib, ... }:
let
daysBeforeDeletion = 2;
in
{
config = {
systemd.user.services.clean-neovim-swap-files = {
Unit = {
Description = "Clean old swap files for neovim";
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = lib.getExe (pkgs.writeShellApplication {
name = "clean-neovim-swap-files";
runtimeInputs = with pkgs; [ findutils ];
text = ''
echo "Cleaning old swap files for neovim"
OLD_SWAPFILES=$(find "${config.xdg.stateHome}/nvim/swap" -type f -name '*.swp' -mtime +${toString daysBeforeDeletion})
if [ -z "$OLD_SWAPFILES" ]; then
echo "No old swap files found"
exit 0
fi
for swapfile in $OLD_SWAPFILES; do
echo "Removing $swapfile"
rm -- "$swapfile"
done
echo "Done"
'';
});
};
};
systemd.user.timers.clean-neovim-swap-files = {
Unit = {
Description = "Clean old swap files for neovim";
};
Timer = {
Unit = "clean-neovim-swap-files.service";
OnCalendar = "daily";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}

View File

@ -16,10 +16,6 @@ in {
maxItems = 50; maxItems = 50;
browser = ''"${defaultBrowser}"''; browser = ''"${defaultBrowser}"'';
extraConfig = lib.strings.concatStringsSep "\n" [ extraConfig = lib.strings.concatStringsSep "\n" [
''
auto-reload no
''
'' ''
macro m set browser "${videoViewer}"; open-in-browser ; set browser "${defaultBrowser}" macro m set browser "${videoViewer}"; open-in-browser ; set browser "${defaultBrowser}"
macro l set browser "${defaultBrowser}"; open-in-browser ; set browser "${defaultBrowser}" macro l set browser "${defaultBrowser}"; open-in-browser ; set browser "${defaultBrowser}"

View File

@ -37,6 +37,5 @@ in {
(mkSource [ "tech" "linux" "nixos" ] "https://myme.no/feed.xml") (mkSource [ "tech" "linux" "nixos" ] "https://myme.no/feed.xml")
(mkSource [ "tech" "linux" "nixos" "compilers" ] "https://flyx.org/feed.xml") (mkSource [ "tech" "linux" "nixos" "compilers" ] "https://flyx.org/feed.xml")
(mkSource [ "tech" "linux" ] "https://blog.jfx.ac/feed.xml") (mkSource [ "tech" "linux" ] "https://blog.jfx.ac/feed.xml")
(mkSource [ "tech" "linux" "nixos" ] "https://dandellion.xyz/atom.xml")
]; ];
} }

View File

@ -34,7 +34,6 @@ in
ExecStart = lib.getExe (pkgs.writeShellApplication { ExecStart = lib.getExe (pkgs.writeShellApplication {
name = "fetch-nix-index-database"; name = "fetch-nix-index-database";
runtimeInputs = with pkgs; [ runtimeInputs = with pkgs; [
coreutils
gnused gnused
wget wget
]; ];

View File

@ -1,8 +1,10 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }:
{ {
systemd.user.services.update-tldr-db = { programs.tealdeer.enable = true;
systemd.user.services.tealdeer-refresh = {
Unit = { Unit = {
Description = "Update tealdeer database"; Description = "Refresh tealdeer contents";
}; };
Service = { Service = {
@ -13,13 +15,13 @@
}; };
}; };
systemd.user.timers.update-tldr-db = { systemd.user.timers.tealdeer-refresh = {
Unit = { Unit = {
Description = "Update tealdeer database"; Description = "Refresh tealdeer contents";
}; };
Timer = { Timer = {
Unit = "update-tldr-db.service"; Unit = "tealdeer-refresh.service";
OnCalendar = "daily"; OnCalendar = "daily";
Persistent = true; Persistent = true;
}; };

View File

@ -1,8 +0,0 @@
{ pkgs, lib, ... }:
{
imports = [
./auto-update-tldr-db.nix
];
programs.tealdeer.enable = true;
}

View File

@ -14,11 +14,6 @@ let
configFilePath = "${userDir}/settings.json"; configFilePath = "${userDir}/settings.json";
in in
{ {
imports = [
./auto-update-extensions.nix
# ./extensions
];
home.file.${configFilePath} = { home.file.${configFilePath} = {
target = "${configFilePath}.ro"; target = "${configFilePath}.ro";
onChange = ''install -m660 $(realpath "${configFilePath}.ro") "${configFilePath}"''; onChange = ''install -m660 $(realpath "${configFilePath}.ro") "${configFilePath}"'';

View File

@ -1,35 +0,0 @@
{ config, lib, ... }:
let
cfg = config.programs.vscode;
in
{
# TODO: add `dirname` to $PATH upstream
systemd.user.services.update-vscode-extensions = {
Unit = {
Description = "Update vscode extensions";
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} --update-extensions";
};
};
systemd.user.timers.update-vscode-extensions = {
Unit = {
Description = "Update vscode extensions";
};
Timer = {
Unit = "update-vscode-extensions.service";
OnCalendar = "daily";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
}

View File

@ -1,34 +0,0 @@
{ config, pkgs, lib, ... }:
{
home.packages = with pkgs; [ zed-editor ];
xdg.configFile."zed/settings.json".source = let
format = pkgs.formats.json { };
in format.generate "zed-settings.json" {
autosave = "off";
buffer_font_family = "Fira Code";
load_direnv = "shell_hook";
format_on_save = "off";
telemetry = {
diagnostics = false;
metrics = false;
};
vim_mode = true;
theme = {
mod = "dark";
dark = "monokai Classic";
};
};
xdg.configFile."zed/themes/monokai.json".source = let
package = pkgs.fetchFromGitHub {
owner = "billgo";
repo = "monokai";
rev = "061a86ff4845b11ac2f183c2e26c77b15cfae7d0";
hash = "sha256-mlEcgnLStYH1pV3p1iqNSvfVu4MpvpEOc+vxI+90MJs=";
};
in "${package}/themes/monokai.json";
}

View File

@ -42,7 +42,6 @@ in
Timer = { Timer = {
Persistent = true; Persistent = true;
OnCalendar = "%i";
}; };
Install = { Install = {

View File

@ -3,28 +3,102 @@ let
inherit (config) machineVars; inherit (config) machineVars;
in { in {
imports = [ imports = [
./fonts.nix ./nix-builders/bob.nix
./nix.nix ./nix-builders/isvegg.nix
./nix-builders/tsuki.nix
./programs/gnupg.nix
./programs/neovim.nix
./programs/nix-ld.nix
./programs/ssh.nix
./programs/usbtop.nix
./services/dbus.nix
./services/openssh.nix
./services/pcscd.nix
./services/pipewire.nix
./services/printing.nix
./services/resolved.nix
./services/smartd.nix
./services/systemd-lock-handler.nix
./services/xserver.nix
]; ];
sops.defaultSopsFile = ./../.. + "/secrets/${config.networking.hostName}.yaml"; sops.defaultSopsFile = ./../.. + "/secrets/${config.networking.hostName}.yaml";
sops.secrets = {
"nix/access-tokens" = { sopsFile = ./../../secrets/common.yaml; };
"ssh/secret-config" = {
sopsFile = ./../../secrets/common.yaml;
mode = "0444";
};
};
nix = {
package = unstable-pkgs.nixVersions.stable;
distributedBuilds = config.networking.hostName != "tsuki";
settings = {
allow-dirty = true;
allowed-uris = [ "http://" "https://" ];
auto-optimise-store = true;
binary-caches = [ "https://cache.nixos.org/" ];
builders-use-substitutes = true;
experimental-features = [ "nix-command" "flakes" ];
log-lines = 50;
trusted-users = [ "h7x4" "nix-builder" ];
use-xdg-base-directories = true;
};
extraOptions = ''
!include ${config.sops.secrets."nix/access-tokens".path}
'';
registry = {
home.to = {
type = "path";
path = "/home/h7x4/nix";
};
wack.to = {
type = "path";
path = "/home/h7x4/git/wack-ctf-flake";
};
nxpt.to = {
type = "path";
path = "/home/h7x4/git/nixpkgs-tools";
};
};
};
programs.nix-ld = {
enable = true;
libraries = with pkgs; [
libusb1
];
};
programs.ssh = {
extraConfig = ''
Include ${config.sops.secrets."ssh/secret-config".path}
'';
knownHosts = {
bob = {
hostNames = [
"bob.pvv.ntnu.no"
"bob.pvv.org"
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJSgh20qDIYEXiK4MUZhc879dJIyH0K/s0RZ+9wFI0F";
};
hildring = {
hostNames = [
"hildring.pvv.ntnu.no"
"hildring.pvv.org"
"login.pvv.ntnu.no"
"login.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
isvegg = {
hostNames = [
"isvegg.pvv.ntnu.no"
"isvegg.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
# tsukir = {
# hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
# # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
# publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
# };
};
};
time.timeZone = "Europe/Oslo"; time.timeZone = "Europe/Oslo";
console = { console = {
@ -88,6 +162,49 @@ in {
else (lib.mkIf (fixDisplayCommand != null) fixDisplayCommand)); else (lib.mkIf (fixDisplayCommand != null) fixDisplayCommand));
}; };
fonts = {
fontDir.enable = true;
enableDefaultPackages = true;
packages = with pkgs; [
ark-pixel-font
cm_unicode
corefonts
dejavu_fonts
fira-code
fira-code-symbols
iosevka
ipaexfont
ipafont
liberation_ttf
migmix
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
ocr-a
open-sans
powerline-fonts
source-han-sans
source-sans
symbola
texlivePackages.asana-math
ubuntu_font_family
victor-mono
yasashisa-gothic
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
];
fontconfig = {
defaultFonts = {
serif = [ "Droid Sans Serif" "Ubuntu" ];
sansSerif = [ "Droid Sans" "Ubuntu" ];
monospace = [ "Fira Code" "Ubuntu" ];
emoji = [ "Noto Sans Emoji" ];
};
};
};
users = { users = {
users.h7x4 = { users.h7x4 = {
isNormalUser = true; isNormalUser = true;
@ -116,7 +233,21 @@ in {
}; };
services = { services = {
tumbler.enable = !config.machineVars.headless;
gnome.gnome-keyring.enable = !config.machineVars.headless; gnome.gnome-keyring.enable = !config.machineVars.headless;
printing.enable = !config.machineVars.headless;
resolved.enable = true;
openssh = {
startWhenNeeded = true;
settings = {
StreamLocalBindUnlink = true;
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
udev.packages = with pkgs; [ udev.packages = with pkgs; [
yubikey-personalization yubikey-personalization
@ -124,10 +255,54 @@ in {
light light
]; ];
pcscd.enable = true;
dbus = {
enable = true;
packages = with pkgs; [
gcr
dconf
];
};
libinput = { libinput = {
enable = !config.machineVars.headless; enable = !config.machineVars.headless;
touchpad.disableWhileTyping = true; touchpad.disableWhileTyping = true;
}; };
displayManager = {
enable = true;
defaultSession = "none+xmonad";
sddm = {
enable = !config.machineVars.headless;
wayland.enable = true;
};
};
xserver = {
enable = !config.machineVars.headless;
xkb = {
layout = "us";
options = "caps:escape";
};
# desktopManager = {
# xterm.enable = false;
# xfce.enable = !config.machineVars.headless;
# };
# displayManager.lightdm.enable = !config.machineVars.headless;
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
enableConfiguredRecompile = true;
extraPackages = hPkgs: with hPkgs; [
dbus
];
};
};
}; };
programs = { programs = {
@ -135,7 +310,40 @@ in {
git.enable = true; git.enable = true;
tmux.enable = true; tmux.enable = true;
zsh.enable = true; zsh.enable = true;
hyprland.enable = true; hyprland.enable = true;
gnupg.agent.enable = true;
gnupg.agent.pinentryPackage = pkgs.pinentry-curses;
neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
configure = {
packages.myVimPackage = with pkgs.vimPlugins; {
start = [
direnv-vim
vim-nix
vim-polyglot
];
opt = [
vim-monokai
];
};
customRC = ''
set number relativenumber
set undofile
set undodir=~/.cache/vim/undodir
packadd! vim-monokai
colorscheme monokai
'';
};
};
}; };
system.extraDependencies = system.extraDependencies =
@ -178,6 +386,12 @@ in {
]); ]);
security.rtkit.enable = !config.machineVars.headless; security.rtkit.enable = !config.machineVars.headless;
services.pipewire = {
enable = !config.machineVars.headless;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
security.sudo.extraConfig = let security.sudo.extraConfig = let
sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n"); sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n");

View File

@ -1,45 +0,0 @@
{ pkgs, ... }:
{
fonts = {
fontDir.enable = true;
enableDefaultPackages = true;
packages = with pkgs; [
ark-pixel-font
cm_unicode
corefonts
dejavu_fonts
fira-code
fira-code-symbols
iosevka
ipaexfont
ipafont
liberation_ttf
migmix
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
ocr-a
open-sans
powerline-fonts
source-han-sans
source-sans
symbola
texlivePackages.asana-math
ubuntu_font_family
victor-mono
yasashisa-gothic
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
];
fontconfig = {
defaultFonts = {
serif = [ "Droid Sans Serif" "Ubuntu" ];
sansSerif = [ "Droid Sans" "Ubuntu" ];
monospace = [ "Fira Code" "Ubuntu" ];
emoji = [ "Noto Sans Emoji" ];
};
};
};
}

View File

@ -18,21 +18,11 @@
# sshKey = config.sops.secrets."ssh/nix-builders/bob/key".path; # sshKey = config.sops.secrets."ssh/nix-builders/bob/key".path;
}]; }];
programs.ssh = { programs.ssh.extraConfig = ''
extraConfig = ''
Host nix-builder-bob Host nix-builder-bob
HostName bob.pvv.ntnu.no HostName bob.pvv.ntnu.no
ProxyJump nix-builder-isvegg ProxyJump nix-builder-isvegg
User oysteikt User oysteikt
IdentityFile ${config.sops.secrets."ssh/nix-builders/bob/key".path} IdentityFile ${config.sops.secrets."ssh/nix-builders/bob/key".path}
''; '';
knownHosts.bob = {
hostNames = [
"bob.pvv.ntnu.no"
"bob.pvv.org"
];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJSgh20qDIYEXiK4MUZhc879dJIyH0K/s0RZ+9wFI0F";
};
};
} }

View File

@ -22,17 +22,9 @@
sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path; sshKey = config.sops.secrets."ssh/nix-builders/tsuki/key".path;
}]; }];
programs.ssh = { programs.ssh.extraConfig = ''
extraConfig = ''
Host nix-builder-tsukir Host nix-builder-tsukir
HostName gingakei.loginto.me HostName gingakei.loginto.me
Port ${toString secrets.ports.ssh.home-in} Port ${toString secrets.ports.ssh.home-in}
''; '';
# knownHosts.tsukir = {
# hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
# # publicKeyFile = config.sops.secrets."ssh/nix-builders/tsuki/pub".path;
# publicKeyFile = "/var/keys/tsuki_nix-builder.pub";
# };
};
} }

View File

@ -1,48 +0,0 @@
{ config, unstable-pkgs, ... }:
{
imports = [
./nix-builders/bob.nix
./nix-builders/isvegg.nix
./nix-builders/tsuki.nix
];
sops.secrets = {
"nix/access-tokens" = { sopsFile = ./../../secrets/common.yaml; };
};
nix = {
package = unstable-pkgs.nixVersions.stable;
distributedBuilds = config.networking.hostName != "tsuki";
settings = {
allow-dirty = true;
allowed-uris = [ "http://" "https://" ];
auto-optimise-store = true;
binary-caches = [ "https://cache.nixos.org/" ];
builders-use-substitutes = true;
experimental-features = [ "nix-command" "flakes" ];
log-lines = 50;
trusted-users = [ "h7x4" "nix-builder" ];
use-xdg-base-directories = true;
};
extraOptions = ''
!include ${config.sops.secrets."nix/access-tokens".path}
'';
registry = {
home.to = {
type = "path";
path = "/home/h7x4/nix";
};
wack.to = {
type = "path";
path = "/home/h7x4/git/wack-ctf-flake";
};
nxpt.to = {
type = "path";
path = "/home/h7x4/git/nixpkgs-tools";
};
};
};
}

View File

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
programs.gnupg = {
agent = {
enable = true;
pinentryPackage = pkgs.pinentry-curses;
};
};
}

View File

@ -1,31 +0,0 @@
{ pkgs, ... }:
{
programs.neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
configure = {
packages.myVimPackage = with pkgs.vimPlugins; {
start = [
direnv-vim
vim-nix
vim-polyglot
];
opt = [
vim-monokai
];
};
customRC = ''
set number relativenumber
set undofile
set undodir=~/.cache/vim/undodir
packadd! vim-monokai
colorscheme monokai
'';
};
};
}

View File

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
programs.nix-ld = {
enable = true;
libraries = with pkgs; [
libusb1
];
};
}

View File

@ -1,32 +0,0 @@
{ config, ... }:
{
sops.secrets."ssh/secret-config" = {
sopsFile = ./../../../secrets/common.yaml;
mode = "0444";
};
programs.ssh = {
extraConfig = ''
Include ${config.sops.secrets."ssh/secret-config".path}
'';
knownHosts = {
hildring = {
hostNames = [
"hildring.pvv.ntnu.no"
"hildring.pvv.org"
"login.pvv.ntnu.no"
"login.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
isvegg = {
hostNames = [
"isvegg.pvv.ntnu.no"
"isvegg.pvv.org"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGurF7rdnrDP/VgIK2Tx38of+bX/QGCGL+alrWnZ1Ca5llGneMulUt1RB9xZzNLHiaWIE+HOP0i4spEaeZhilfU=";
};
};
};
}

View File

@ -1,22 +0,0 @@
{ pkgs, lib, ... }:
{
# programs.usbtop.enable = true;
boot.kernelModules = [ "usbmon" ];
security.wrappers."usbtop" = {
owner = "root";
group = "usbmon";
setgid = true;
source = lib.getExe pkgs.usbtop;
};
users.groups.usbmon = {
# NOTE: picked at random
gid = 872;
};
services.udev.extraRules = ''
SUBSYSTEM=="usbmon", MODE="0660", OWNER="root", GROUP="usbmon"
'';
}

View File

@ -1,10 +0,0 @@
{ pkgs, ... }:
{
services.dbus = {
enable = true;
packages = with pkgs; [
gcr
dconf
];
};
}

View File

@ -1,12 +0,0 @@
{ ... }:
{
services.openssh = {
startWhenNeeded = true;
settings = {
StreamLocalBindUnlink = true;
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
}

View File

@ -1,4 +0,0 @@
{ ... }:
{
services.pcscd.enable = true;
}

View File

@ -1,9 +0,0 @@
{ config, ... }:
{
services.pipewire = {
enable = !config.machineVars.headless;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
}

View File

@ -1,4 +0,0 @@
{ config, ... }:
{
services.printing.enable = !config.machineVars.headless;
}

View File

@ -1,4 +0,0 @@
{ ... }:
{
services.resolved.enable = true;
}

View File

@ -1,4 +0,0 @@
{ ... }:
{
services.smartd.enable = true;
}

View File

@ -1,4 +0,0 @@
{ ... }:
{
services.systemd-lock-handler.enable = true;
}

View File

@ -1,36 +0,0 @@
{ config, ... }:
{
services.displayManager = {
enable = true;
defaultSession = "none+xmonad";
sddm = {
enable = !config.machineVars.headless;
wayland.enable = true;
};
};
services.xserver = {
enable = !config.machineVars.headless;
xkb = {
layout = "us";
options = "caps:escape";
};
# desktopManager = {
# xterm.enable = false;
# xfce.enable = !config.machineVars.headless;
# };
# displayManager.lightdm.enable = !config.machineVars.headless;
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
enableConfiguredRecompile = true;
extraPackages = hPkgs: with hPkgs; [
dbus
];
};
};
}

View File

@ -66,6 +66,8 @@
# hostId = ""; # hostId = "";
}; };
programs.usbtop.enable = true;
services = { services = {
openssh = { openssh = {
enable = true; enable = true;