Compare commits
148 Commits
setup-ra-m
...
main
Author | SHA1 | Date | |
---|---|---|---|
3cc4b1473e | |||
6a0f5c8686 | |||
9aaea1c28e | |||
39e718701b | |||
d0d9238c2c | |||
6475f80982 | |||
dc4284a1a0 | |||
fdf5f47462 | |||
2d7577ee99 | |||
e42f0db2dc | |||
fbf3a6bc29 | |||
55582df9f1 | |||
a42e66b9a5 | |||
bc3e2e648f | |||
a9565942fd | |||
77fa595e86 | |||
0e81a9bc81 | |||
029196bc84 | |||
54c53130bd | |||
a369c33a44 | |||
096783c00a | |||
b3cd1f66f0 | |||
f3727dc392 | |||
6d86cce0ff | |||
f5ca2d5050 | |||
8a4a6fc2e3 | |||
637234c492 | |||
0e169d4a26 | |||
4f04827b14 | |||
cd906a2075 | |||
dd1b1dae8b | |||
502503add8 | |||
e4fe666d29 | |||
ac8e5dfe8c | |||
2b9b14b0c1 | |||
163085a548 | |||
28469c1876 | |||
4e98f67748 | |||
102df55379 | |||
7293373b25 | |||
130c794082 | |||
3becdc7da4 | |||
3c6bb656e9 | |||
19e89266a7 | |||
fe50198759 | |||
a2a0356bf6 | |||
ffee26da2b | |||
101f0f6ca0 | |||
acd1ac89e5 | |||
cb3318bc93 | |||
e9fb3d71d8 | |||
c17b068aae | |||
ec0b505f7b | |||
abb5ae9473 | |||
b41c16e234 | |||
a1f48392ed | |||
f0a869d49b | |||
3315535a2f | |||
3bf91d810f | |||
67f156c3b2 | |||
020bc31713 | |||
8a41a97bbf | |||
6a70c086f9 | |||
e75bba4e36 | |||
9393d47390 | |||
5f8001dc86 | |||
f9d175fc43 | |||
387ff505b5 | |||
967ebc0bba | |||
430a223a63 | |||
32077bf639 | |||
967d92ae48 | |||
cf90dd577c | |||
265ba953f0 | |||
82bba20e46 | |||
0abd0c6251 | |||
e0683af8eb | |||
8aaad61fd3 | |||
1301e848ed | |||
fac13db8cb | |||
edf81976ac | |||
1d42923e3e | |||
c332f5dff6 | |||
908c48be89 | |||
8ef308d3e6 | |||
219d364353 | |||
4082011c98 | |||
45c51639ca | |||
ec628240b0 | |||
596d5429ba | |||
0ceeb49c23 | |||
e6d429a970 | |||
7c36272914 | |||
3efeeed023 | |||
4e1eb31336 | |||
b8bd8612bb | |||
dc79a237b3 | |||
a4cc770a08 | |||
9526c31c23 | |||
03aa1c3c39 | |||
e341e72875 | |||
d65273e67a | |||
2b8a661288 | |||
4371bf9bd0 | |||
2c325cf540 | |||
e0a957e448 | |||
35e75ec9ad | |||
fb6cb3f09d | |||
84c9562bfc | |||
a5cad921ff | |||
49f0a457e5 | |||
61a22b96cd | |||
822ec8cb95 | |||
01ad63a473 | |||
942c99b0f6 | |||
0b54e2c090 | |||
50d845a772 | |||
17f019cbc0 | |||
db82ee3419 | |||
b3e782d716 | |||
40d5a8af88 | |||
9115c0c5c2 | |||
1d8c2752f5 | |||
7500197568 | |||
0ea394dbf9 | |||
f7030546a5 | |||
7d80f6941f | |||
ea541f2f2b | |||
7d7d0868ce | |||
d47f1102e6 | |||
bd1cbe53b9 | |||
7c79a6c37b | |||
fbd5b3798b | |||
e8db1d6612 | |||
46e12cfc9e | |||
2b81c752f0 | |||
c533a7df56 | |||
3de3b459ad | |||
28364a66f1 | |||
94bddadd50 | |||
810311bbc2 | |||
0a5e8774c7 | |||
f8bd568bd6 | |||
20296fa754 | |||
d7a6ac7c81 | |||
dc947a2edc | |||
2d34226781 | |||
d7d83da9a6 |
@ -4,6 +4,7 @@ keys:
|
|||||||
- &host_kasei age1eu2a6m3adakfzelfa9pqpl74a5dz0wkyr0v7gegm5ajnx7aqmqcqsp2ftc
|
- &host_kasei age1eu2a6m3adakfzelfa9pqpl74a5dz0wkyr0v7gegm5ajnx7aqmqcqsp2ftc
|
||||||
- &host_dosei age179y7apa80p9unvyjtsphpzyhve90ex986vlxkx43xt9n6m7en3csqnug7c
|
- &host_dosei age179y7apa80p9unvyjtsphpzyhve90ex986vlxkx43xt9n6m7en3csqnug7c
|
||||||
- &host_europa age14mer45e52r2q4uz8n3fmv69tvk8gvwany4m4ndudud8ajv3jm4nqdj9m6a
|
- &host_europa age14mer45e52r2q4uz8n3fmv69tvk8gvwany4m4ndudud8ajv3jm4nqdj9m6a
|
||||||
|
- &host_xps16 age1np3fg9ue2tp4l47x7waapvjxh5zcaye2j54laapy7uklamve2c4qv3gytm
|
||||||
- &home age10f4a5acpar8vwz3v298r3nv7gggfpmyh4wxpkc2hwq9paq0scf8qee8lau
|
- &home age10f4a5acpar8vwz3v298r3nv7gggfpmyh4wxpkc2hwq9paq0scf8qee8lau
|
||||||
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
@ -16,6 +17,7 @@ creation_rules:
|
|||||||
- *host_kasei
|
- *host_kasei
|
||||||
- *host_dosei
|
- *host_dosei
|
||||||
- *host_europa
|
- *host_europa
|
||||||
|
- *host_xps16
|
||||||
- *home
|
- *home
|
||||||
|
|
||||||
- path_regex: secrets/home.yaml
|
- path_regex: secrets/home.yaml
|
||||||
@ -25,6 +27,13 @@ creation_rules:
|
|||||||
age:
|
age:
|
||||||
- *home
|
- *home
|
||||||
|
|
||||||
|
- path_regex: secrets/xps16.yaml
|
||||||
|
key_groups:
|
||||||
|
- pgp:
|
||||||
|
- *gpg_h7x4
|
||||||
|
age:
|
||||||
|
- *host_xps16
|
||||||
|
|
||||||
- path_regex: secrets/kasei.yaml
|
- path_regex: secrets/kasei.yaml
|
||||||
key_groups:
|
key_groups:
|
||||||
- pgp:
|
- pgp:
|
||||||
|
25
README.md
25
README.md
@ -1,5 +1,6 @@
|
|||||||
[![built with nix](https://builtwithnix.org/badge.svg)](https://builtwithnix.org)
|
[![built with nix](https://builtwithnix.org/badge.svg)](https://builtwithnix.org)
|
||||||
|
|
||||||
|
|
||||||
# Nix Dotfiles
|
# Nix Dotfiles
|
||||||
|
|
||||||
These are my dotfiles for several nix machines.
|
These are my dotfiles for several nix machines.
|
||||||
@ -16,6 +17,7 @@ Here are some of the interesting files and dirs:
|
|||||||
| `/secrets` | Encrypted [sops-nix][sops-nix] secrets. |
|
| `/secrets` | Encrypted [sops-nix][sops-nix] secrets. |
|
||||||
| `flake.nix` | The root of everyting. Defines the inputs and outputs of the project. Also applies misc overlays and adds config-wide modules. See [Nix Flakes][nix-flakes] for more information. |
|
| `flake.nix` | The root of everyting. Defines the inputs and outputs of the project. Also applies misc overlays and adds config-wide modules. See [Nix Flakes][nix-flakes] for more information. |
|
||||||
|
|
||||||
|
|
||||||
## Hosts
|
## Hosts
|
||||||
|
|
||||||
| Host | Machine type | Purpose |
|
| Host | Machine type | Purpose |
|
||||||
@ -25,6 +27,7 @@ Here are some of the interesting files and dirs:
|
|||||||
| `Dosei` | Dell Optiplex | Work computer, mostly used for development and testing. |
|
| `Dosei` | Dell Optiplex | Work computer, mostly used for development and testing. |
|
||||||
| `Europa` | Dell Optiplex | Other work computer, used as nix builder for `Dosei`. |
|
| `Europa` | Dell Optiplex | Other work computer, used as nix builder for `Dosei`. |
|
||||||
|
|
||||||
|
|
||||||
## home-manager configuration
|
## home-manager configuration
|
||||||
|
|
||||||
| Path | Purpose |
|
| Path | Purpose |
|
||||||
@ -36,6 +39,28 @@ Here are some of the interesting files and dirs:
|
|||||||
| `/home/services` | Configuration for services/daemons that are user-specific. |
|
| `/home/services` | Configuration for services/daemons that are user-specific. |
|
||||||
| `/home/shell.nix` | Shell-agnostic configuration. This includes aliases, envvars, functions, etc. |
|
| `/home/shell.nix` | Shell-agnostic configuration. This includes aliases, envvars, functions, etc. |
|
||||||
|
|
||||||
|
|
||||||
|
## Some useful long commands
|
||||||
|
|
||||||
|
Build configuration without switching:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix build .#nixosConfigurations.tsuki.config.system.build.toplevel -L
|
||||||
|
```
|
||||||
|
|
||||||
|
Check why configuration depends on package:
|
||||||
|
|
||||||
|
```
|
||||||
|
NIXPKGS_ALLOW_INSECURE=1 nix why-depends .#nixosConfigurations.tsuki.config.system.build.toplevel .#pkgs.suspiciousPackage
|
||||||
|
```
|
||||||
|
|
||||||
|
Re-encrypt sops secrets with new key:
|
||||||
|
|
||||||
|
```
|
||||||
|
sops updatekeys secrets/hosts/file.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
[home-manager]: https://github.com/nix-community/home-manager
|
[home-manager]: https://github.com/nix-community/home-manager
|
||||||
[nixos-search]: https://search.nixos.org/options
|
[nixos-search]: https://search.nixos.org/options
|
||||||
[sops-nix]: https://github.com/Mic92/sops-nix
|
[sops-nix]: https://github.com/Mic92/sops-nix
|
||||||
|
218
flake.lock
generated
218
flake.lock
generated
@ -1,5 +1,28 @@
|
|||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"anyrun": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-parts": "flake-parts",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"systems": "systems"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1733604390,
|
||||||
|
"narHash": "sha256-i1V+K46e0OSu3T9q2QsZ3GqpIrSIZx39sRpfcDPa6wU=",
|
||||||
|
"ref": "plugins-application-preprocess-exec",
|
||||||
|
"rev": "f9ef5665febcabd03ad2f0ce561c79974194a953",
|
||||||
|
"revCount": 197,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.pvv.ntnu.no/oysteikt/anyrun"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"ref": "plugins-application-preprocess-exec",
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://git.pvv.ntnu.no/oysteikt/anyrun"
|
||||||
|
}
|
||||||
|
},
|
||||||
"dotfiles": {
|
"dotfiles": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
@ -33,25 +56,28 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils": {
|
"flake-parts": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems"
|
"nixpkgs-lib": [
|
||||||
|
"anyrun",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681202837,
|
"lastModified": 1727826117,
|
||||||
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
|
||||||
"owner": "numtide",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-parts",
|
||||||
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "numtide",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-parts",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_2": {
|
"flake-utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_2"
|
"systems": "systems_2"
|
||||||
},
|
},
|
||||||
@ -69,17 +95,22 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fonts": {
|
"flake-utils_2": {
|
||||||
"flake": false,
|
"inputs": {
|
||||||
|
"systems": "systems_3"
|
||||||
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1668957008,
|
"lastModified": 1681202837,
|
||||||
"narHash": "sha256-er2eUfNSG9qdBh0JvtxtftQjFfTFjRqqD8dnk5nZ1qw=",
|
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
|
||||||
"path": "/home/h7x4/git/fonts",
|
"owner": "numtide",
|
||||||
"type": "path"
|
"repo": "flake-utils",
|
||||||
|
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
|
||||||
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"path": "/home/h7x4/git/fonts",
|
"owner": "numtide",
|
||||||
"type": "path"
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
@ -89,40 +120,20 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718530513,
|
"lastModified": 1734366194,
|
||||||
"narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=",
|
"narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "a1fddf0967c33754271761d91a3d921772b30d0e",
|
"rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"ref": "release-24.05",
|
"ref": "release-24.11",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"home-manager-local": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs-unstable"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1719170506,
|
|
||||||
"narHash": "sha256-AROqng7/S3mTByq8DBVR6r0iW1yZH+otJkqOwLHvELE=",
|
|
||||||
"ref": "refs/heads/fix-stalonetrayrc-path",
|
|
||||||
"rev": "0e5656163c2f9ac6e2cc4de3b44beb7a137abbe6",
|
|
||||||
"revCount": 3588,
|
|
||||||
"type": "git",
|
|
||||||
"url": "file:///home/h7x4/git/home-manager"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "file:///home/h7x4/git/home-manager"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"matrix-synapse-next": {
|
"matrix-synapse-next": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
@ -191,11 +202,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719278718,
|
"lastModified": 1734832422,
|
||||||
"narHash": "sha256-gWQb4P9CZgKzTn4F4eWMYeUv2AQOXFlcFmFXh2apoyA=",
|
"narHash": "sha256-Ot9HidtOWkKIX65o5KH6GrnQ3CefYLJx0nk0G99BTk8=",
|
||||||
"owner": "infinidoge",
|
"owner": "infinidoge",
|
||||||
"repo": "nix-minecraft",
|
"repo": "nix-minecraft",
|
||||||
"rev": "b6ff85f3b416a700ac35e33c214d7c9f4fe071fa",
|
"rev": "bab1c34f0a1009b516c4cc3b30d663db43d993ce",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -204,50 +215,51 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixos-hardware": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1734862644,
|
||||||
|
"narHash": "sha256-04xesW7HITdF5WUmNM39WD4tkEERk3Ez2W1nNvdIvIw=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixos-hardware",
|
||||||
|
"rev": "e8516a23524cc9083f5a02a8d64d14770e4c7c09",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "master",
|
||||||
|
"repo": "nixos-hardware",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719145550,
|
"lastModified": 1734737257,
|
||||||
"narHash": "sha256-K0i/coxxTEl30tgt4oALaylQfxqbotTSNb1/+g+mKMQ=",
|
"narHash": "sha256-GIMyMt1pkkoXdCq9un859bX6YQZ/iYtukb9R5luazLM=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "e4509b3a560c87a8d4cb6f9992b8915abf9e36d8",
|
"rev": "1c6e20d41d6a9c1d737945962160e8571df55daa",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"id": "nixpkgs",
|
"id": "nixpkgs",
|
||||||
"ref": "nixos-24.05",
|
"ref": "nixos-24.11",
|
||||||
"type": "indirect"
|
"type": "indirect"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-stable": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1719099622,
|
|
||||||
"narHash": "sha256-YzJECAxFt+U5LPYf/pCwW/e1iUd2PF21WITHY9B/BAs=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "5e8e3b89adbd0be63192f6e645e0a54080004924",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "NixOS",
|
|
||||||
"ref": "release-23.11",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719254875,
|
"lastModified": 1734906031,
|
||||||
"narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
|
"narHash": "sha256-/x8rO3cpVyD/iw/vxIrpOy9wvq1GJSRIU/A+OhWptwc=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
|
"rev": "31942f20f4625ec1c7371a338527e75d3ab0c926",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"id": "nixpkgs",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-unstable",
|
"ref": "master",
|
||||||
"type": "indirect"
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"osuchan": {
|
"osuchan": {
|
||||||
@ -257,11 +269,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1672838459,
|
"lastModified": 1684092181,
|
||||||
"narHash": "sha256-SIXzj9fbSvr/jfhhil+0cS7I6KONijdH80PFGxJi+CA=",
|
"narHash": "sha256-Oi6G8Jx2RkEMi3UndtAnZw61hfgKGEe7l/ILdB9ump4=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "392fb541ce39f1f52908eee336d5ed409cd798ed",
|
"rev": "028ed8774d1cf4650fc15253146cf14451eb608c",
|
||||||
"revCount": 42,
|
"revCount": 43,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "file:///home/h7x4/git/osuchan-line-bot"
|
"url": "file:///home/h7x4/git/osuchan-line-bot"
|
||||||
},
|
},
|
||||||
@ -272,53 +284,32 @@
|
|||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"anyrun": "anyrun",
|
||||||
"dotfiles": "dotfiles",
|
"dotfiles": "dotfiles",
|
||||||
"fonts": "fonts",
|
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"home-manager-local": "home-manager-local",
|
|
||||||
"matrix-synapse-next": "matrix-synapse-next",
|
"matrix-synapse-next": "matrix-synapse-next",
|
||||||
"maunium-stickerpicker": "maunium-stickerpicker",
|
"maunium-stickerpicker": "maunium-stickerpicker",
|
||||||
"minecraft": "minecraft",
|
"minecraft": "minecraft",
|
||||||
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||||
"osuchan": "osuchan",
|
"osuchan": "osuchan",
|
||||||
"secrets": "secrets",
|
|
||||||
"sops-nix": "sops-nix",
|
"sops-nix": "sops-nix",
|
||||||
"vscode-server": "vscode-server"
|
"vscode-server": "vscode-server"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"secrets": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"dirtyRev": "1d1e3c1a3293e22be504749eb92ac3b050cd8622-dirty",
|
|
||||||
"dirtyShortRev": "1d1e3c1-dirty",
|
|
||||||
"lastModified": 1683506783,
|
|
||||||
"narHash": "sha256-iwnpd6v4tKXFDTRomzJxwYPr2mm2JR9DCCnkqsofX5c=",
|
|
||||||
"type": "git",
|
|
||||||
"url": "file:///home/h7x4/git/nix-secrets"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "file:///home/h7x4/git/nix-secrets"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"sops-nix": {
|
"sops-nix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
],
|
]
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719268571,
|
"lastModified": 1734546875,
|
||||||
"narHash": "sha256-pcUk2Fg5vPXLUEnFI97qaB8hto/IToRfqskFqsjvjb8=",
|
"narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "c2ea1186c0cbfa4d06d406ae50f3e4b085ddc9b3",
|
"rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -328,6 +319,21 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems": {
|
"systems": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1689347949,
|
||||||
|
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default-linux",
|
||||||
|
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default-linux",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
@ -342,7 +348,7 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"systems_2": {
|
"systems_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1681028828,
|
"lastModified": 1681028828,
|
||||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
@ -365,11 +371,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713958148,
|
"lastModified": 1729422940,
|
||||||
"narHash": "sha256-8PDNi/dgoI2kyM7uSiU4eoLBqUKoA+3TXuz+VWmuCOc=",
|
"narHash": "sha256-DlvJv33ml5UTKgu4b0HauOfFIoDx6QXtbqUF3vWeRCY=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixos-vscode-server",
|
"repo": "nixos-vscode-server",
|
||||||
"rev": "fc900c16efc6a5ed972fb6be87df018bcf3035bc",
|
"rev": "8b6db451de46ecf9b4ab3d01ef76e59957ff549f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
123
flake.nix
123
flake.nix
@ -1,13 +1,16 @@
|
|||||||
{
|
{
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "nixpkgs/nixos-24.05";
|
nixpkgs.url = "nixpkgs/nixos-24.11";
|
||||||
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
|
# nixpkgs-unstable.url = "nixpkgs/nixpkgs-unstable";
|
||||||
|
nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager/release-24.05";
|
url = "github:nix-community/home-manager/release-24.11";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||||
|
|
||||||
dotfiles = {
|
dotfiles = {
|
||||||
url = "git+https://git.pvv.ntnu.no/oysteikt/dotfiles?ref=master";
|
url = "git+https://git.pvv.ntnu.no/oysteikt/dotfiles?ref=master";
|
||||||
flake = false;
|
flake = false;
|
||||||
@ -50,18 +53,8 @@
|
|||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
ra-multiplex = {
|
anyrun = {
|
||||||
url = "github:pr2502/ra-multiplex";
|
url = "git+https://git.pvv.ntnu.no/oysteikt/anyrun?ref=plugins-application-preprocess-exec";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Nix expressions and keys (TODO: move keys to another solution like agenix)
|
|
||||||
# which should be kept from the main repo for privacy reasons.
|
|
||||||
#
|
|
||||||
# Includes stuff like usernames, emails, ports, other server users, ssh hosts, etc.
|
|
||||||
secrets = {
|
|
||||||
# TODO: Push this to a remote.
|
|
||||||
url = "git+file:///home/h7x4/git/nix-secrets";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -71,16 +64,16 @@
|
|||||||
nixpkgs,
|
nixpkgs,
|
||||||
nixpkgs-unstable,
|
nixpkgs-unstable,
|
||||||
home-manager,
|
home-manager,
|
||||||
|
nixos-hardware,
|
||||||
|
|
||||||
dotfiles,
|
dotfiles,
|
||||||
matrix-synapse-next,
|
matrix-synapse-next,
|
||||||
maunium-stickerpicker,
|
maunium-stickerpicker,
|
||||||
minecraft,
|
minecraft,
|
||||||
osuchan,
|
osuchan,
|
||||||
secrets,
|
|
||||||
sops-nix,
|
sops-nix,
|
||||||
vscode-server,
|
vscode-server,
|
||||||
ra-multiplex
|
anyrun,
|
||||||
# website
|
# website
|
||||||
}: let
|
}: let
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
@ -93,7 +86,10 @@
|
|||||||
android_sdk.accept_license = true;
|
android_sdk.accept_license = true;
|
||||||
segger-jlink.acceptLicense = true;
|
segger-jlink.acceptLicense = true;
|
||||||
permittedInsecurePackages = [
|
permittedInsecurePackages = [
|
||||||
"segger-jlink-qt4-794l"
|
"segger-jlink-qt4-796s"
|
||||||
|
"dotnet-core-combined"
|
||||||
|
"dotnet-sdk-6.0.428"
|
||||||
|
"dotnet-sdk-wrapped-6.0.428"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -101,26 +97,37 @@
|
|||||||
nonrecursive-unstable-pkgs = import nixpkgs-unstable {
|
nonrecursive-unstable-pkgs = import nixpkgs-unstable {
|
||||||
inherit system;
|
inherit system;
|
||||||
config.allowUnfree = true;
|
config.allowUnfree = true;
|
||||||
|
config.segger-jlink.acceptLicense = true;
|
||||||
|
config.permittedInsecurePackages = [
|
||||||
|
"segger-jlink-qt4-796s"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
in [
|
in [
|
||||||
(self: super: {
|
(import ./overlays/wayland-ime-integration.nix)
|
||||||
inherit (nonrecursive-unstable-pkgs) atuin wstunnel;
|
|
||||||
})
|
|
||||||
|
|
||||||
(self: super: {
|
(final: prev: {
|
||||||
ra-multiplex = ra-multiplex.packages.${system}.default;
|
mpd = prev.mpd.overrideAttrs (prev': {
|
||||||
})
|
version = "v0.23.16-unstable";
|
||||||
|
src = final.fetchFromGitHub {
|
||||||
|
owner = "MusicPlayerDaemon";
|
||||||
|
repo = "MPD";
|
||||||
|
rev = "b6e187efd8520ca9e3541e630559246c893cc304";
|
||||||
|
hash = "sha256-EGpBiH/Sp7xgcSpj/zKgFqDfjdr2djveC+qV57imr3E=";
|
||||||
|
};
|
||||||
|
|
||||||
# https://github.com/NixOS/nixpkgs/pull/251706
|
postPatch = prev'.postPatch + ''
|
||||||
(self: super: {
|
substituteInPlace src/lib/yajl/Handle.hxx \
|
||||||
mozc = self.qt6Packages.callPackage ./package-overrides/mozc.nix { };
|
--replace-fail '<yajl_parse.h>' '<yajl/yajl_parse.h>'
|
||||||
fcitx5-mozc = self.callPackage ./package-overrides/fcitx5-mozc.nix { };
|
substituteInPlace src/lib/yajl/Callbacks.hxx \
|
||||||
})
|
--replace-fail '<yajl_parse.h>' '<yajl/yajl_parse.h>'
|
||||||
|
substituteInPlace src/lib/yajl/Gen.hxx \
|
||||||
|
--replace-fail '<yajl_gen.h>' '<yajl/yajl_gen.h>'
|
||||||
|
'';
|
||||||
|
|
||||||
(self: super: {
|
nativeBuildInputs = prev'.nativeBuildInputs ++ [
|
||||||
mpv-unwrapped = super.mpv-unwrapped.override {
|
final.python3Packages.sphinx-rtd-theme
|
||||||
ffmpeg = super.ffmpeg_6-full;
|
];
|
||||||
};
|
});
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
@ -132,9 +139,7 @@
|
|||||||
|
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
|
|
||||||
packages.${system} = {
|
inputs = pkgs.lib.mapAttrs (_: src: src.outPath) inputs;
|
||||||
inherit (pkgs) kanidm pcloud;
|
|
||||||
};
|
|
||||||
|
|
||||||
devShells.${system}.default = pkgs.mkShell {
|
devShells.${system}.default = pkgs.mkShell {
|
||||||
packages = with pkgs; [ sops ];
|
packages = with pkgs; [ sops ];
|
||||||
@ -177,7 +182,6 @@
|
|||||||
inherit inputs;
|
inherit inputs;
|
||||||
inherit unstable-pkgs;
|
inherit unstable-pkgs;
|
||||||
inherit (self) extendedLib;
|
inherit (self) extendedLib;
|
||||||
secrets = secrets.outputs.settings;
|
|
||||||
} // (extraConfig.specialArgs or { });
|
} // (extraConfig.specialArgs or { });
|
||||||
|
|
||||||
modules = [
|
modules = [
|
||||||
@ -189,7 +193,6 @@
|
|||||||
./modules/machineVars.nix
|
./modules/machineVars.nix
|
||||||
./modules/socketActivation.nix
|
./modules/socketActivation.nix
|
||||||
|
|
||||||
secrets.outputs.nixos-config
|
|
||||||
sops-nix.nixosModules.sops
|
sops-nix.nixosModules.sops
|
||||||
|
|
||||||
({ config, ... }:
|
({ config, ... }:
|
||||||
@ -198,13 +201,14 @@
|
|||||||
useGlobalPkgs = true;
|
useGlobalPkgs = true;
|
||||||
extraSpecialArgs = {
|
extraSpecialArgs = {
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
|
inherit unstable-pkgs;
|
||||||
inherit (self) extendedLib;
|
inherit (self) extendedLib;
|
||||||
inherit (config) machineVars;
|
inherit (config) machineVars;
|
||||||
secrets = secrets.outputs.settings;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
sharedModules = [
|
sharedModules = [
|
||||||
inputs.sops-nix.homeManagerModules.sops
|
inputs.sops-nix.homeManagerModules.sops
|
||||||
|
inputs.anyrun.homeManagerModules.default
|
||||||
];
|
];
|
||||||
|
|
||||||
users.h7x4.imports = [
|
users.h7x4.imports = [
|
||||||
@ -221,9 +225,44 @@
|
|||||||
"specialArgs"
|
"specialArgs"
|
||||||
]));
|
]));
|
||||||
in {
|
in {
|
||||||
dosei = nixSys "dosei" { };
|
dosei = nixSys "dosei" {
|
||||||
kasei = nixSys "kasei" { };
|
modules = [
|
||||||
europa = nixSys "europa" { };
|
{
|
||||||
|
home-manager.users.h7x4.home.uid = 1001;
|
||||||
|
}
|
||||||
|
|
||||||
|
nixos-hardware.nixosModules.common-pc
|
||||||
|
nixos-hardware.nixosModules.common-pc-ssd
|
||||||
|
nixos-hardware.nixosModules.common-cpu-intel
|
||||||
|
nixos-hardware.nixosModules.common-gpu-intel
|
||||||
|
];
|
||||||
|
};
|
||||||
|
kasei = nixSys "kasei" {
|
||||||
|
modules = [
|
||||||
|
nixos-hardware.nixosModules.common-pc
|
||||||
|
nixos-hardware.nixosModules.common-pc-ssd
|
||||||
|
nixos-hardware.nixosModules.common-cpu-amd
|
||||||
|
nixos-hardware.nixosModules.common-cpu-amd-pstate
|
||||||
|
nixos-hardware.nixosModules.common-gpu-nvidia-nonprime
|
||||||
|
];
|
||||||
|
};
|
||||||
|
xps16 = nixSys "xps16" {
|
||||||
|
modules = [
|
||||||
|
nixos-hardware.nixosModules.common-hidpi
|
||||||
|
nixos-hardware.nixosModules.common-pc-laptop
|
||||||
|
nixos-hardware.nixosModules.common-pc-laptop-ssd
|
||||||
|
nixos-hardware.nixosModules.common-cpu-intel
|
||||||
|
nixos-hardware.nixosModules.common-gpu-intel
|
||||||
|
];
|
||||||
|
};
|
||||||
|
europa = nixSys "europa" {
|
||||||
|
modules = [
|
||||||
|
nixos-hardware.nixosModules.common-pc
|
||||||
|
nixos-hardware.nixosModules.common-pc-ssd
|
||||||
|
nixos-hardware.nixosModules.common-cpu-intel
|
||||||
|
nixos-hardware.nixosModules.common-gpu-intel
|
||||||
|
];
|
||||||
|
};
|
||||||
tsuki = nixSys "tsuki" {
|
tsuki = nixSys "tsuki" {
|
||||||
modules = [
|
modules = [
|
||||||
matrix-synapse-next.nixosModules.default
|
matrix-synapse-next.nixosModules.default
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ config, ... }:
|
{ config, lib, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./mimetypes.nix
|
./mimetypes.nix
|
||||||
@ -8,14 +8,14 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
userDirs = {
|
userDirs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
desktop = "${config.home.homeDirectory}/Desktop";
|
desktop = lib.mkDefault "${config.home.homeDirectory}/Desktop";
|
||||||
documents = "${config.home.homeDirectory}/documents";
|
documents = lib.mkDefault "${config.home.homeDirectory}/documents";
|
||||||
download = "${config.home.homeDirectory}/Downloads";
|
download = lib.mkDefault "${config.home.homeDirectory}/Downloads";
|
||||||
music = "${config.home.homeDirectory}/music";
|
music = lib.mkDefault "${config.home.homeDirectory}/music";
|
||||||
pictures = "${config.home.homeDirectory}/pictures";
|
pictures = lib.mkDefault "${config.home.homeDirectory}/pictures";
|
||||||
publicShare = "${config.home.homeDirectory}/public";
|
publicShare = lib.mkDefault "${config.home.homeDirectory}/public";
|
||||||
templates = "${config.home.homeDirectory}/templates";
|
templates = lib.mkDefault "${config.home.homeDirectory}/templates";
|
||||||
videos = "${config.home.homeDirectory}/videos";
|
videos = lib.mkDefault "${config.home.homeDirectory}/videos";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
home.sessionVariables = let
|
home.sessionVariables = let
|
||||||
inherit (config.xdg) dataHome cacheHome configHome userDirs;
|
inherit (config.xdg) dataHome cacheHome configHome userDirs;
|
||||||
|
runtimeDir = "/run/user/${toString config.home.uid}";
|
||||||
in {
|
in {
|
||||||
TEXMFHOME = "${dataHome}/texmf";
|
TEXMFHOME = "${dataHome}/texmf";
|
||||||
TEXMFVAR = "${cacheHome}/texlive";
|
TEXMFVAR = "${cacheHome}/texlive";
|
||||||
@ -18,8 +19,12 @@
|
|||||||
|
|
||||||
GHCUP_USE_XDG_DIRS = "true";
|
GHCUP_USE_XDG_DIRS = "true";
|
||||||
|
|
||||||
|
__GL_SHADER_DISK_CACHE_PATH = "${cacheHome}/nv";
|
||||||
ANDROID_USER_HOME = "${dataHome}/android";
|
ANDROID_USER_HOME = "${dataHome}/android";
|
||||||
AZURE_CONFIG_DIR = "${dataHome}/azure";
|
AZURE_CONFIG_DIR = "${dataHome}/azure";
|
||||||
|
BZRPATH = "${configHome}/bazaar";
|
||||||
|
BZR_PLUGIN_PATH = "${dataHome}/bazaar";
|
||||||
|
BZR_HOME = "${cacheHome}/bazaar";
|
||||||
CARGO_HOME = "${dataHome}/cargo";
|
CARGO_HOME = "${dataHome}/cargo";
|
||||||
CUDA_CACHE_PATH = "${cacheHome}/nv";
|
CUDA_CACHE_PATH = "${cacheHome}/nv";
|
||||||
DOCKER_CONFIG = "${configHome}/docker";
|
DOCKER_CONFIG = "${configHome}/docker";
|
||||||
@ -32,6 +37,9 @@
|
|||||||
ICEAUTHORITY = "${cacheHome}/ICEauthority";
|
ICEAUTHORITY = "${cacheHome}/ICEauthority";
|
||||||
NIMBLE_DIR = "${dataHome}/nimble";
|
NIMBLE_DIR = "${dataHome}/nimble";
|
||||||
NLTK_DATA = "${dataHome}/nltk_data";
|
NLTK_DATA = "${dataHome}/nltk_data";
|
||||||
|
NPM_CONFIG_CACHE="${cacheHome}/npm";
|
||||||
|
NPM_CONFIG_INIT_MODULE="${configHome}/npm/config/npm-init.js";
|
||||||
|
NPM_CONFIG_TMP="${runtimeDir}/npm";
|
||||||
NRFUTIL_HOME = "${dataHome}/nrfutil";
|
NRFUTIL_HOME = "${dataHome}/nrfutil";
|
||||||
NUGET_PACKAGES = "${cacheHome}/nuget-packages";
|
NUGET_PACKAGES = "${cacheHome}/nuget-packages";
|
||||||
PARALLEL_HOME = "${configHome}/parallel";
|
PARALLEL_HOME = "${configHome}/parallel";
|
||||||
|
@ -95,7 +95,7 @@ let
|
|||||||
vscode = "code.desktop";
|
vscode = "code.desktop";
|
||||||
mpv = "mpv.desktop";
|
mpv = "mpv.desktop";
|
||||||
zathura = "org.pwmt.zathura.desktop";
|
zathura = "org.pwmt.zathura.desktop";
|
||||||
sxiv = "sxiv.desktop";
|
nsxiv = "nsxiv.desktop";
|
||||||
font-viewer = "org.gnome.font-viewer.desktop";
|
font-viewer = "org.gnome.font-viewer.desktop";
|
||||||
in {
|
in {
|
||||||
xdg.configFile."mimeapps.list".force = true;
|
xdg.configFile."mimeapps.list".force = true;
|
||||||
@ -104,7 +104,7 @@ in {
|
|||||||
# associations.added = {};
|
# associations.added = {};
|
||||||
# associations.removed = {};
|
# associations.removed = {};
|
||||||
defaultApplications =
|
defaultApplications =
|
||||||
(lib.mapAttrs' (_: v: lib.nameValuePair v sxiv) mime.image)
|
(lib.mapAttrs' (_: v: lib.nameValuePair v nsxiv) mime.image)
|
||||||
// (lib.mapAttrs' (_: v: lib.nameValuePair v mpv) mime.audio)
|
// (lib.mapAttrs' (_: v: lib.nameValuePair v mpv) mime.audio)
|
||||||
// (lib.mapAttrs' (_: v: lib.nameValuePair v mpv) mime.video)
|
// (lib.mapAttrs' (_: v: lib.nameValuePair v mpv) mime.video)
|
||||||
// (lib.mapAttrs' (_: v: lib.nameValuePair v font-viewer) mime.font)
|
// (lib.mapAttrs' (_: v: lib.nameValuePair v font-viewer) mime.font)
|
||||||
|
110
home/home.nix
110
home/home.nix
@ -8,19 +8,36 @@ in {
|
|||||||
|
|
||||||
./config/xdg
|
./config/xdg
|
||||||
|
|
||||||
|
./programs/aria2.nix
|
||||||
./programs/atuin.nix
|
./programs/atuin.nix
|
||||||
|
./programs/bash.nix
|
||||||
|
./programs/bat.nix
|
||||||
|
./programs/beets.nix
|
||||||
|
./programs/bottom.nix
|
||||||
./programs/comma.nix
|
./programs/comma.nix
|
||||||
./programs/direnv
|
./programs/direnv
|
||||||
|
./programs/eza.nix
|
||||||
|
./programs/fzf.nix
|
||||||
./programs/gdb.nix
|
./programs/gdb.nix
|
||||||
|
./programs/gh-dash.nix
|
||||||
./programs/gh.nix
|
./programs/gh.nix
|
||||||
./programs/git
|
./programs/git
|
||||||
./programs/gpg
|
./programs/gpg
|
||||||
|
./programs/home-manager.nix
|
||||||
|
./programs/jq.nix
|
||||||
./programs/less.nix
|
./programs/less.nix
|
||||||
|
./programs/man.nix
|
||||||
./programs/neovim
|
./programs/neovim
|
||||||
./programs/nix-index
|
./programs/nix-index
|
||||||
|
./programs/pandoc.nix
|
||||||
|
./programs/ripgrep.nix
|
||||||
./programs/ssh
|
./programs/ssh
|
||||||
./programs/tealdeer
|
./programs/tealdeer
|
||||||
./programs/tmux.nix
|
./programs/texlive.nix
|
||||||
|
./programs/thunderbird.nix
|
||||||
|
./programs/tmux
|
||||||
|
./programs/yt-dlp.nix
|
||||||
|
./programs/zoxide.nix
|
||||||
./programs/zsh
|
./programs/zsh
|
||||||
|
|
||||||
./services/nix-channel-update.nix
|
./services/nix-channel-update.nix
|
||||||
@ -28,35 +45,48 @@ in {
|
|||||||
|
|
||||||
./modules/colors.nix
|
./modules/colors.nix
|
||||||
./modules/shellAliases.nix
|
./modules/shellAliases.nix
|
||||||
] ++ optionals graphics [
|
./modules/uidGid.nix
|
||||||
|
] ++ (optionals graphics [
|
||||||
./config/gtk.nix
|
./config/gtk.nix
|
||||||
|
|
||||||
./programs/alacritty.nix
|
./programs/alacritty.nix
|
||||||
./programs/emacs
|
./programs/emacs
|
||||||
|
./programs/feh.nix
|
||||||
./programs/firefox.nix
|
./programs/firefox.nix
|
||||||
|
./programs/mpv.nix
|
||||||
./programs/ncmpcpp.nix
|
./programs/ncmpcpp.nix
|
||||||
./programs/newsboat
|
./programs/newsboat
|
||||||
|
./programs/obs-studio.nix
|
||||||
./programs/qutebrowser.nix
|
./programs/qutebrowser.nix
|
||||||
./programs/rofi.nix
|
./programs/rofi.nix
|
||||||
./programs/taskwarrior.nix
|
./programs/taskwarrior.nix
|
||||||
./programs/vscode
|
./programs/vscode
|
||||||
# ./programs/xmobar
|
|
||||||
./programs/xmonad
|
|
||||||
./programs/zathura.nix
|
./programs/zathura.nix
|
||||||
./programs/zed
|
./programs/zed
|
||||||
|
|
||||||
./services/copyq.nix
|
./services/copyq.nix
|
||||||
./services/dunst.nix
|
./services/dunst.nix
|
||||||
./services/fcitx5.nix
|
./services/fcitx5.nix
|
||||||
|
./services/gnome-keyring.nix
|
||||||
|
./services/keybase.nix
|
||||||
./services/mpd.nix
|
./services/mpd.nix
|
||||||
|
./services/network-manager.nix
|
||||||
|
./services/psd.nix
|
||||||
|
./services/tumblerd.nix
|
||||||
|
]) ++ (optionals machineVars.wayland [
|
||||||
|
./programs/hyprland.nix
|
||||||
|
./programs/waybar.nix
|
||||||
|
./programs/anyrun
|
||||||
|
]) ++ (optionals (!machineVars.wayland) [
|
||||||
|
./programs/xmonad
|
||||||
|
# ./programs/xmobar
|
||||||
|
|
||||||
./services/picom.nix
|
./services/picom.nix
|
||||||
./services/polybar.nix
|
./services/polybar.nix
|
||||||
./services/ra-multiplex.nix
|
|
||||||
./services/screen-locker.nix
|
./services/screen-locker.nix
|
||||||
# ./services/stalonetray.nix
|
# ./services/stalonetray.nix
|
||||||
./services/sxhkd.nix
|
./services/sxhkd.nix
|
||||||
./services/tumblerd.nix
|
]);
|
||||||
];
|
|
||||||
|
|
||||||
sops.defaultSopsFile = ../secrets/home.yaml;
|
sops.defaultSopsFile = ../secrets/home.yaml;
|
||||||
sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519_home_sops" ];
|
sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519_home_sops" ];
|
||||||
@ -97,9 +127,23 @@ in {
|
|||||||
sessionVariables = {
|
sessionVariables = {
|
||||||
CARGO_NET_GIT_FETCH_WITH_CLI = "true";
|
CARGO_NET_GIT_FETCH_WITH_CLI = "true";
|
||||||
PYTHONSTARTUP = "${config.xdg.configHome}/python/pyrc";
|
PYTHONSTARTUP = "${config.xdg.configHome}/python/pyrc";
|
||||||
|
_JAVA_AWT_WM_NONREPARENTING = "1";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
dconf.settings = {
|
||||||
|
"org/gnome/desktop/interface" = {
|
||||||
|
color-scheme = "prefer-dark";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
xsession = {
|
||||||
|
enable = !machineVars.wayland;
|
||||||
|
# TODO: declare using xdg config home
|
||||||
|
scriptPath = ".config/X11/xsession";
|
||||||
|
profilePath = ".config/X11/xprofile";
|
||||||
|
};
|
||||||
|
|
||||||
xdg.configFile = {
|
xdg.configFile = {
|
||||||
"ghc/ghci.conf".text = ''
|
"ghc/ghci.conf".text = ''
|
||||||
:set prompt "${extendedLib.termColors.front.magenta "[GHCi]λ"} "
|
:set prompt "${extendedLib.termColors.front.magenta "[GHCi]λ"} "
|
||||||
@ -120,51 +164,6 @@ in {
|
|||||||
|
|
||||||
fonts.fontconfig.enable = mkForce true;
|
fonts.fontconfig.enable = mkForce true;
|
||||||
|
|
||||||
programs = {
|
|
||||||
home-manager.enable = true;
|
|
||||||
|
|
||||||
bash = {
|
|
||||||
enable = true;
|
|
||||||
historyFile = "${config.xdg.dataHome}/bash_history";
|
|
||||||
historySize = 100000;
|
|
||||||
bashrcExtra = ''
|
|
||||||
source "${config.xdg.configHome}/mutable_env.sh"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
bat.enable = true;
|
|
||||||
bottom = {
|
|
||||||
enable = true;
|
|
||||||
settings.flags.enable_gpu = true;
|
|
||||||
};
|
|
||||||
eza.enable = true;
|
|
||||||
feh.enable = mkIf graphics true;
|
|
||||||
fzf = {
|
|
||||||
enable = true;
|
|
||||||
defaultCommand = "fd --type f";
|
|
||||||
};
|
|
||||||
man = {
|
|
||||||
enable = true;
|
|
||||||
generateCaches = true;
|
|
||||||
};
|
|
||||||
mpv.enable = mkIf graphics true;
|
|
||||||
obs-studio.enable = mkIf graphics true;
|
|
||||||
ssh = {
|
|
||||||
enable = true;
|
|
||||||
includes = [ "mutable_config" ];
|
|
||||||
};
|
|
||||||
texlive = {
|
|
||||||
enable = true;
|
|
||||||
# packageSet = pkgs.texlive.combined.scheme-medium;
|
|
||||||
};
|
|
||||||
zoxide.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
gnome-keyring.enable = mkIf graphics true;
|
|
||||||
network-manager-applet.enable = mkIf graphics true;
|
|
||||||
};
|
|
||||||
|
|
||||||
manual = {
|
manual = {
|
||||||
html.enable = true;
|
html.enable = true;
|
||||||
manpages.enable = true;
|
manpages.enable = true;
|
||||||
@ -173,10 +172,7 @@ in {
|
|||||||
|
|
||||||
qt = mkIf graphics {
|
qt = mkIf graphics {
|
||||||
enable = true;
|
enable = true;
|
||||||
platformTheme.name = "gtk";
|
platformTheme.name = "adwaita";
|
||||||
style = {
|
style.name = "adwaita-dark";
|
||||||
name = "adwaita-dark";
|
|
||||||
package = pkgs.adwaita-qt;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
13
home/modules/uidGid.nix
Normal file
13
home/modules/uidGid.nix
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
{ lib, ... }:
|
||||||
|
{
|
||||||
|
options.home = {
|
||||||
|
uid = lib.mkOption {
|
||||||
|
default = 1000;
|
||||||
|
type = lib.types.ints.between 0 60000;
|
||||||
|
};
|
||||||
|
gid = lib.mkOption {
|
||||||
|
default = 1000;
|
||||||
|
type = lib.types.ints.between 0 60000;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,29 +1,28 @@
|
|||||||
{ pkgs, config, machineVars, ... }:
|
{ pkgs, config, machineVars, ... }:
|
||||||
{
|
{
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
beets
|
|
||||||
binutils
|
binutils
|
||||||
cloc
|
cloc
|
||||||
cyme
|
cyme
|
||||||
czkawka
|
czkawka
|
||||||
delta
|
|
||||||
diskonaut
|
diskonaut
|
||||||
duf
|
duf
|
||||||
duff
|
duff
|
||||||
ffmpeg
|
ffmpeg
|
||||||
file
|
file
|
||||||
gh-dash
|
|
||||||
glances
|
glances
|
||||||
|
gpauth
|
||||||
|
gpclient
|
||||||
gpg-tui
|
gpg-tui
|
||||||
gping
|
gping
|
||||||
graphviz
|
graphviz
|
||||||
|
hexyl
|
||||||
httpie
|
httpie
|
||||||
imagemagick
|
imagemagick
|
||||||
jq
|
|
||||||
kepubify
|
kepubify
|
||||||
# keybase
|
|
||||||
keymapviz
|
keymapviz
|
||||||
libwebp
|
libwebp
|
||||||
|
lnav
|
||||||
lolcat
|
lolcat
|
||||||
mdcat
|
mdcat
|
||||||
mediainfo
|
mediainfo
|
||||||
@ -33,7 +32,6 @@
|
|||||||
mtr
|
mtr
|
||||||
neofetch
|
neofetch
|
||||||
nix-diff
|
nix-diff
|
||||||
nix-index
|
|
||||||
nix-output-monitor
|
nix-output-monitor
|
||||||
nix-tree
|
nix-tree
|
||||||
nix-update
|
nix-update
|
||||||
@ -41,17 +39,15 @@
|
|||||||
# nixops
|
# nixops
|
||||||
nmap
|
nmap
|
||||||
ouch
|
ouch
|
||||||
pandoc
|
|
||||||
parallel
|
parallel
|
||||||
progress
|
progress
|
||||||
|
pwntools
|
||||||
python3
|
python3
|
||||||
rclone
|
rclone
|
||||||
ripgrep
|
|
||||||
rsync
|
rsync
|
||||||
# sc-im
|
# sc-im
|
||||||
slack-term
|
slack-term
|
||||||
tea
|
tea
|
||||||
tealdeer
|
|
||||||
terminal-parrot
|
terminal-parrot
|
||||||
termtosvg
|
termtosvg
|
||||||
toilet
|
toilet
|
||||||
@ -63,7 +59,6 @@
|
|||||||
waifu2x-converter-cpp
|
waifu2x-converter-cpp
|
||||||
wavemon
|
wavemon
|
||||||
wiki-tui
|
wiki-tui
|
||||||
yt-dlp
|
|
||||||
yubico-pam
|
yubico-pam
|
||||||
yubikey-agent
|
yubikey-agent
|
||||||
yubikey-manager
|
yubikey-manager
|
||||||
@ -82,17 +77,18 @@
|
|||||||
alsa-utils
|
alsa-utils
|
||||||
anki
|
anki
|
||||||
ark
|
ark
|
||||||
birdtray
|
|
||||||
calibre
|
calibre
|
||||||
cool-retro-term
|
cool-retro-term
|
||||||
darktable
|
darktable
|
||||||
discord
|
discord
|
||||||
element-desktop
|
element-desktop
|
||||||
geogebra
|
geogebra
|
||||||
|
ghidra
|
||||||
gimp
|
gimp
|
||||||
gnome.gnome-font-viewer
|
gnome-font-viewer
|
||||||
gnome.seahorse
|
seahorse
|
||||||
google-chrome
|
google-chrome
|
||||||
|
imhex
|
||||||
inkscape
|
inkscape
|
||||||
insomnia
|
insomnia
|
||||||
iwgtk
|
iwgtk
|
||||||
@ -103,12 +99,14 @@
|
|||||||
libnotify
|
libnotify
|
||||||
libreoffice
|
libreoffice
|
||||||
light
|
light
|
||||||
|
mission-center
|
||||||
mopidy
|
mopidy
|
||||||
mopidy-mpd
|
mopidy-mpd
|
||||||
mopidy-soundcloud
|
mopidy-soundcloud
|
||||||
mopidy-youtube
|
mopidy-youtube
|
||||||
mpc_cli
|
mpc_cli
|
||||||
naps2
|
naps2
|
||||||
|
nsxiv
|
||||||
nyxt
|
nyxt
|
||||||
obsidian
|
obsidian
|
||||||
# pcloud
|
# pcloud
|
||||||
@ -119,13 +117,11 @@
|
|||||||
slack
|
slack
|
||||||
# sublime3
|
# sublime3
|
||||||
# swiPrologWithGui
|
# swiPrologWithGui
|
||||||
sxiv
|
|
||||||
tagainijisho
|
tagainijisho
|
||||||
|
|
||||||
tenacity
|
tenacity
|
||||||
thunderbird
|
|
||||||
# transcribe
|
# transcribe
|
||||||
wireshark
|
webcamoid
|
||||||
xcalib
|
xcalib
|
||||||
xclip
|
xclip
|
||||||
xdotool
|
xdotool
|
||||||
|
@ -43,9 +43,9 @@
|
|||||||
duration = 20;
|
duration = 20;
|
||||||
};
|
};
|
||||||
|
|
||||||
live_config_reload = true;
|
general.live_config_reload = true;
|
||||||
|
|
||||||
shell = {
|
terminal.shell = {
|
||||||
program = "${pkgs.zsh}/bin/zsh";
|
program = "${pkgs.zsh}/bin/zsh";
|
||||||
args = [ "--login" ];
|
args = [ "--login" ];
|
||||||
};
|
};
|
||||||
|
37
home/programs/anyrun/default.nix
Normal file
37
home/programs/anyrun/default.nix
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
{ pkgs, lib, inputs, ... }:
|
||||||
|
{
|
||||||
|
programs.anyrun = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
config = {
|
||||||
|
y.fraction = 0.3;
|
||||||
|
width.fraction = 0.25;
|
||||||
|
plugins = [
|
||||||
|
inputs.anyrun.packages.${pkgs.system}.applications
|
||||||
|
];
|
||||||
|
hidePluginInfo = true;
|
||||||
|
closeOnClick = true;
|
||||||
|
showResultsImmediately = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
extraCss = builtins.readFile (./. + "/style.css");
|
||||||
|
|
||||||
|
extraConfigFiles."applications.ron".text = let
|
||||||
|
preprocess_script = pkgs.writeShellApplication {
|
||||||
|
name = "anyrun-preprocess-application-exec";
|
||||||
|
runtimeInputs = [ ];
|
||||||
|
text = ''
|
||||||
|
shift # Remove term|no-term
|
||||||
|
echo "uwsm app -- $*"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in ''
|
||||||
|
Config(
|
||||||
|
desktop_actions: false,
|
||||||
|
max_entries: 10,
|
||||||
|
preprocess_exec_script: Some("${lib.getExe preprocess_script}"),
|
||||||
|
terminal: Some("${lib.getExe pkgs.alacritty}"),
|
||||||
|
)
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
48
home/programs/anyrun/style.css
Normal file
48
home/programs/anyrun/style.css
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
* {
|
||||||
|
all: unset;
|
||||||
|
font-size: 1.2rem;
|
||||||
|
}
|
||||||
|
|
||||||
|
#window,
|
||||||
|
#match,
|
||||||
|
#entry,
|
||||||
|
#plugin,
|
||||||
|
#main {
|
||||||
|
background: transparent;
|
||||||
|
}
|
||||||
|
|
||||||
|
#match.activatable {
|
||||||
|
border-radius: 8px;
|
||||||
|
margin: 4px 0;
|
||||||
|
padding: 4px;
|
||||||
|
/* transition: 100ms ease-out; */
|
||||||
|
}
|
||||||
|
#match.activatable:first-child {
|
||||||
|
margin-top: 12px;
|
||||||
|
}
|
||||||
|
#match.activatable:last-child {
|
||||||
|
margin-bottom: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
#match:hover {
|
||||||
|
background: rgba(255, 255, 255, 0.05);
|
||||||
|
}
|
||||||
|
#match:selected {
|
||||||
|
background: rgba(255, 255, 255, 0.1);
|
||||||
|
}
|
||||||
|
|
||||||
|
#entry {
|
||||||
|
background: rgba(255, 255, 255, 0.05);
|
||||||
|
border: 1px solid rgba(255, 255, 255, 0.1);
|
||||||
|
border-radius: 8px;
|
||||||
|
padding: 4px 8px;
|
||||||
|
}
|
||||||
|
|
||||||
|
box#main {
|
||||||
|
background: rgba(0, 0, 0, 0.5);
|
||||||
|
box-shadow:
|
||||||
|
inset 0 0 0 1px rgba(255, 255, 255, 0.1),
|
||||||
|
0 30px 30px 15px rgba(0, 0, 0, 0.5);
|
||||||
|
border-radius: 20px;
|
||||||
|
padding: 12px;
|
||||||
|
}
|
4
home/programs/aria2.nix
Normal file
4
home/programs/aria2.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.aria2.enable = true;
|
||||||
|
}
|
@ -1,9 +1,7 @@
|
|||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
let
|
let
|
||||||
cfg = config.programs.atuin;
|
cfg = config.programs.atuin;
|
||||||
|
xdg_runtime_dir = "/run/user/${toString config.home.uid}";
|
||||||
# TODO: retrieve this in a more dynamic and correct manner
|
|
||||||
xdg_runtime_dir = "/run/user/1000";
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
programs.atuin = {
|
programs.atuin = {
|
||||||
|
11
home/programs/bash.nix
Normal file
11
home/programs/bash.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{ config, ... }:
|
||||||
|
{
|
||||||
|
programs.bash = {
|
||||||
|
enable = true;
|
||||||
|
historyFile = "${config.xdg.dataHome}/bash_history";
|
||||||
|
historySize = 100000;
|
||||||
|
bashrcExtra = ''
|
||||||
|
source "${config.xdg.configHome}/mutable_env.sh"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
4
home/programs/bat.nix
Normal file
4
home/programs/bat.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.bat.enable = true;
|
||||||
|
}
|
4
home/programs/beets.nix
Normal file
4
home/programs/beets.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.beets.enable = true;
|
||||||
|
}
|
7
home/programs/bottom.nix
Normal file
7
home/programs/bottom.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.bottom = {
|
||||||
|
enable = true;
|
||||||
|
settings.flags.enable_gpu = true;
|
||||||
|
};
|
||||||
|
}
|
@ -9,7 +9,7 @@ in [
|
|||||||
(link "GitHub" "http://github.com")
|
(link "GitHub" "http://github.com")
|
||||||
(short "/u/" "danger/u/" "https://dangeru.us/")
|
(short "/u/" "danger/u/" "https://dangeru.us/")
|
||||||
(link "PVV" "https://www.pvv.ntnu.no/")
|
(link "PVV" "https://www.pvv.ntnu.no/")
|
||||||
(short "PVVM" "PVV Mail" "https://webmail2.pvv.ntnu.no/roundcube/")
|
(short "PVVM" "PVV Mail" "https://webmail.pvv.ntnu.no/roundcube/")
|
||||||
(short "ΩV" "Omega Verksted" "https://omegav.no/")
|
(short "ΩV" "Omega Verksted" "https://omegav.no/")
|
||||||
|
|
||||||
(dir "Nix" [
|
(dir "Nix" [
|
||||||
@ -31,21 +31,34 @@ in [
|
|||||||
])
|
])
|
||||||
|
|
||||||
(dir "CTF" [
|
(dir "CTF" [
|
||||||
(link "HackTheBox" "https://www.hackthebox.eu/")
|
(link "Revshells" "https://revshells.com/")
|
||||||
(link "TryHackMe" "https://tryhackme.com/dashboard")
|
|
||||||
(link "OverTheWire" "https://overthewire.org/wargames/")
|
|
||||||
(link "NetGarage" "https://io.netgarage.org/")
|
|
||||||
(link "Exploit Education" "http://exploit.education/")
|
(link "Exploit Education" "http://exploit.education/")
|
||||||
|
(link "Webhook" "https://webhook.site")
|
||||||
|
(link "CyberChef" "https://gchq.github.io/CyberChef/")
|
||||||
|
(link "Aperisolve" "https://www.aperisolve.com/")
|
||||||
|
(link "how2heap" "https://github.com/shellphish/how2heap")
|
||||||
|
(link "Heap Search" "https://kissprogramming.com/heap/heap-search")
|
||||||
|
(link "CrackStation" "https://crackstation.net/")
|
||||||
|
(link "FactorDB" "http://factordb.com/")
|
||||||
|
(link "Syscalls" "https://syscalls.w3challs.com/")
|
||||||
|
(link "DogBolt" "https://dogbolt.org/")
|
||||||
|
(link "HackTricks" "https://book.hacktricks.xyz/")
|
||||||
|
(dir "Practise" [
|
||||||
|
(link "S2G" "https://s2gctf.ncr.ntnu.no")
|
||||||
|
(link "Pico CTF" "https://play.picoctf.org/practice")
|
||||||
|
(link "Pwn college" "https://pwn.college/")
|
||||||
|
(link "HackTheBox" "https://www.hackthebox.eu")
|
||||||
|
(link "Crackmes" "https://crackmes.one")
|
||||||
|
(link "Nightmare" "https://guyinatuxedo.github.io/")
|
||||||
|
])
|
||||||
])
|
])
|
||||||
|
|
||||||
(dir "Misc & Tools" [
|
(dir "Misc & Tools" [
|
||||||
(link "ASCIIFlow" "https://asciiflow.com/#/")
|
(link "ASCIIFlow" "https://asciiflow.com/#/")
|
||||||
(link "CopyChar" "https://copychar.cc/")
|
(link "CopyChar" "https://copychar.cc/")
|
||||||
(link "CyberChef" "https://gchq.github.io/CyberChef/")
|
|
||||||
(link "Device Info" "https://www.deviceinfo.me/")
|
(link "Device Info" "https://www.deviceinfo.me/")
|
||||||
(link "Diagrams" "https://app.diagrams.net/")
|
(link "Diagrams" "https://app.diagrams.net/")
|
||||||
(link "FakeMail" "http://www.fakemailgenerator.com/")
|
(link "FakeMail" "http://www.fakemailgenerator.com/")
|
||||||
(link "FilePizza" "https://file.pizza/")
|
|
||||||
(link "IPLeak" "https://ipleak.net/")
|
(link "IPLeak" "https://ipleak.net/")
|
||||||
(link "LaTeX" "https://www.codecogs.com/latex/eqneditor.php")
|
(link "LaTeX" "https://www.codecogs.com/latex/eqneditor.php")
|
||||||
(link "ManualsLib" "https://www.manualslib.com/")
|
(link "ManualsLib" "https://www.manualslib.com/")
|
||||||
|
@ -8,6 +8,7 @@ in
|
|||||||
Unit = {
|
Unit = {
|
||||||
Description = "Prune unused allowed directories for direnv";
|
Description = "Prune unused allowed directories for direnv";
|
||||||
Documentation = [ "man:direnv(1)" ];
|
Documentation = [ "man:direnv(1)" ];
|
||||||
|
ConditionPathExists = "${config.xdg.dataHome}/direnv/allow";
|
||||||
};
|
};
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
|
4
home/programs/eza.nix
Normal file
4
home/programs/eza.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.eza.enable = true;
|
||||||
|
}
|
4
home/programs/feh.nix
Normal file
4
home/programs/feh.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ machineVars, ... }:
|
||||||
|
{
|
||||||
|
programs.feh.enable = !machineVars.headless;
|
||||||
|
}
|
7
home/programs/fzf.nix
Normal file
7
home/programs/fzf.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.fzf = {
|
||||||
|
enable = true;
|
||||||
|
defaultCommand = "fd --type f";
|
||||||
|
};
|
||||||
|
}
|
4
home/programs/gh-dash.nix
Normal file
4
home/programs/gh-dash.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.gh-dash.enable = true;
|
||||||
|
}
|
@ -4,7 +4,7 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
gitProtocol = "ssh";
|
gitProtocol = "ssh";
|
||||||
pager = "${pkgs.bat}/git/bat";
|
pager = "${pkgs.bat}/bin/bat";
|
||||||
aliases = {
|
aliases = {
|
||||||
co = "pr checkout";
|
co = "pr checkout";
|
||||||
pv = "pr view";
|
pv = "pr view";
|
||||||
|
@ -48,14 +48,71 @@ in
|
|||||||
aliases = {
|
aliases = {
|
||||||
aliases = "!git config --get-regexp alias | sed -re 's/alias\\.(\\S*)\\s(.*)$/\\1 = \\2/g'";
|
aliases = "!git config --get-regexp alias | sed -re 's/alias\\.(\\S*)\\s(.*)$/\\1 = \\2/g'";
|
||||||
delete-merged = "!git branch --merged | grep -v '\\*' | xargs -n 1 git branch -d";
|
delete-merged = "!git branch --merged | grep -v '\\*' | xargs -n 1 git branch -d";
|
||||||
graph = "log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all";
|
|
||||||
graphv = "log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset)%C(bold yellow)%d%C(reset)%n'' %C(white)%s%C(reset) %C(dim white)- %an%C(reset)' --all";
|
|
||||||
forcepush = "push --force-with-lease --force-if-includes";
|
forcepush = "push --force-with-lease --force-if-includes";
|
||||||
authors = "shortlog --summary --numbered --email";
|
authors = "shortlog --summary --numbered --email";
|
||||||
si = "switch-interactive";
|
si = "switch-interactive";
|
||||||
|
ff = "fixup-fixup";
|
||||||
|
fi = "fixup-interactive";
|
||||||
|
rf = "rebase-fixups";
|
||||||
|
pp = "post-pr";
|
||||||
|
subs = "submodule update --init --recursive";
|
||||||
rebase-author = "rebase -i -x \"git commit --amend --reset-author -CHEAD\"";
|
rebase-author = "rebase -i -x \"git commit --amend --reset-author -CHEAD\"";
|
||||||
git = "!git";
|
git = "!git";
|
||||||
};
|
} // (let
|
||||||
|
c = c: s: "%C(${c})${s}%C(reset)";
|
||||||
|
in {
|
||||||
|
graph = let
|
||||||
|
fmt = lib.concatStringsSep "" [
|
||||||
|
" - "
|
||||||
|
(c "bold blue" "%h")
|
||||||
|
" - "
|
||||||
|
(c "bold green" "(%ar)")
|
||||||
|
" "
|
||||||
|
(c "white" "> %s")
|
||||||
|
" "
|
||||||
|
(c "dim white" "- %an")
|
||||||
|
(c "bold yellow" "%d")
|
||||||
|
];
|
||||||
|
in "log --graph --abbrev-commit --decorate --format=format:'${fmt}' --all";
|
||||||
|
|
||||||
|
graphv = let
|
||||||
|
fmt = lib.concatStringsSep "" [
|
||||||
|
(c "bold blue" "%h")
|
||||||
|
" - "
|
||||||
|
(c "bold cyan" "%aD")
|
||||||
|
" "
|
||||||
|
(c "bold green" "(%ar)")
|
||||||
|
(c "bold yellow" "%d")
|
||||||
|
"%n"
|
||||||
|
" "
|
||||||
|
(c "white" "%s")
|
||||||
|
" "
|
||||||
|
(c "dim white" "- %an")
|
||||||
|
];
|
||||||
|
in "log --graph --abbrev-commit --decorate --format=format:'${fmt}' --all";
|
||||||
|
|
||||||
|
l = let
|
||||||
|
fmt = lib.concatStringsSep "%n" (map (x: if builtins.isList x then lib.concatStringsSep " " x else x) [
|
||||||
|
[ (c "bold yellow" "%H") (c "auto" "%d") ]
|
||||||
|
[ (c "bold white" "Author:") (c "bold cyan" "%aN <%aE>") (c "bold green" "(%ah)") ]
|
||||||
|
[ (c "bold white" "Committer:") (c "bold cyan" "%cN <%cE>") (c "bold green" "(%ah)") ]
|
||||||
|
[ (c "bold white" "GPG: (%G?)") (c "bold magenta" "%GF") "-" (c "bold cyan" "%GS") (c "bold blue" "(%GT) ") ]
|
||||||
|
""
|
||||||
|
(c "bold white" "# %s")
|
||||||
|
"%+b"
|
||||||
|
(c "dim yellow" "%+N")
|
||||||
|
]);
|
||||||
|
# sedExpressions = let
|
||||||
|
# colorExpr = "\\x1B\\[([0-9]{1,3}(;[0-9]{1,2};?)?)?[mGK]";
|
||||||
|
# colorEndExpr = "\\x1B\\[m";
|
||||||
|
# colored = x: "${colorExpr}${x}${colorEndExpr}";
|
||||||
|
# in lib.concatMapStringsSep " " (x: "-e '${x}'") [
|
||||||
|
# "s|${colored "GPG: \\(N\\)"} ${colored "F3CDA86CC55A9F10D7A069819F2F7D8250F35146"} - ${colored "h7x4 <h7x4@nani.wtf>"} ${colored "\\(ultimate\\)"}|GPG: h7x4|"
|
||||||
|
# "s|${colored "GPG: \\(N\\)"} ${colored ""} - ${colored ""} ${colored "\\(undefined\\)"}||"
|
||||||
|
# ];
|
||||||
|
in "log --decorate --format=tformat:'${fmt}'";
|
||||||
|
# in "!git log --color=always --format=format:'${fmt}' | sed -E ${sedExpressions} | $PAGER";
|
||||||
|
});
|
||||||
|
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
core = {
|
core = {
|
||||||
@ -128,6 +185,8 @@ in
|
|||||||
submodule = "log";
|
submodule = "log";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
pager.show = lib.getExe pkgs.bat;
|
||||||
|
|
||||||
status = {
|
status = {
|
||||||
showUntrackedFiles = "all";
|
showUntrackedFiles = "all";
|
||||||
relativePaths = true;
|
relativePaths = true;
|
||||||
@ -259,6 +318,29 @@ in
|
|||||||
runtimeInputs = with pkgs; [ cfg.package coreutils ];
|
runtimeInputs = with pkgs; [ cfg.package coreutils ];
|
||||||
text = lib.fileContents ./scripts/git-tcommit.sh;
|
text = lib.fileContents ./scripts/git-tcommit.sh;
|
||||||
})
|
})
|
||||||
|
(pkgs.writeShellApplication {
|
||||||
|
name = "git-tmcommit";
|
||||||
|
runtimeInputs = with pkgs; [ cfg.package coreutils ];
|
||||||
|
text = lib.pipe ./scripts/git-tcommit.sh [
|
||||||
|
lib.fileContents
|
||||||
|
(builtins.replaceStrings ["hours" "tcommit"] ["minutes" "tmcommit"])
|
||||||
|
];
|
||||||
|
})
|
||||||
|
(pkgs.writeShellApplication {
|
||||||
|
name = "git-fixup-fixup";
|
||||||
|
runtimeInputs = with pkgs; [ cfg.package ];
|
||||||
|
text = lib.fileContents ./scripts/git-fixup-fixup.sh;
|
||||||
|
})
|
||||||
|
(pkgs.writeShellApplication {
|
||||||
|
name = "git-rebase-fixups";
|
||||||
|
runtimeInputs = with pkgs; [ cfg.package gnused ];
|
||||||
|
text = lib.fileContents ./scripts/git-rebase-fixups.sh;
|
||||||
|
})
|
||||||
|
(pkgs.writeShellApplication {
|
||||||
|
name = "git-fixup-interactive";
|
||||||
|
runtimeInputs = with pkgs; [ cfg.package gnused gnugrep fzf ];
|
||||||
|
text = lib.fileContents ./scripts/git-fixup-interactive.sh;
|
||||||
|
})
|
||||||
(pkgs.writeShellApplication {
|
(pkgs.writeShellApplication {
|
||||||
name = "git-switch-interactive";
|
name = "git-switch-interactive";
|
||||||
runtimeInputs = with pkgs; [ cfg.package fzf gnused coreutils ];
|
runtimeInputs = with pkgs; [ cfg.package fzf gnused coreutils ];
|
||||||
@ -267,6 +349,21 @@ in
|
|||||||
"SC2001" # (style): See if you can use ${variable//search/replace} instead. (sed invocation)
|
"SC2001" # (style): See if you can use ${variable//search/replace} instead. (sed invocation)
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
|
((pkgs.writers.writePython3Bin "git-post-pr" {
|
||||||
|
libraries = with pkgs.python3Packages; [
|
||||||
|
tkinter
|
||||||
|
];
|
||||||
|
flakeIgnore = [
|
||||||
|
"E501" # I like long lines grr
|
||||||
|
];
|
||||||
|
} (lib.fileContents ./scripts/git-post-pr.py)).overrideAttrs (_: {
|
||||||
|
postFixup = ''
|
||||||
|
wrapProgram $out/bin/git-post-pr \
|
||||||
|
--prefix PATH : ${lib.makeBinPath [
|
||||||
|
pkgs.github-cli
|
||||||
|
]}
|
||||||
|
'';
|
||||||
|
}))
|
||||||
|
|
||||||
pkgs.git-absorb
|
pkgs.git-absorb
|
||||||
];
|
];
|
||||||
|
14
home/programs/git/scripts/git-fixup-fixup.sh
Normal file
14
home/programs/git/scripts/git-fixup-fixup.sh
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
if [ -n "${1:-}" ]; then
|
||||||
|
TARGET_COMMIT="$1"
|
||||||
|
shift
|
||||||
|
else
|
||||||
|
TARGET_COMMIT="HEAD"
|
||||||
|
fi
|
||||||
|
|
||||||
|
COMMIT_MESSAGE=$(git log -1 --pretty=format:'%s' "$TARGET_COMMIT")
|
||||||
|
|
||||||
|
if [[ $COMMIT_MESSAGE =~ ^fixup!* ]]; then
|
||||||
|
git commit -m "$COMMIT_MESSAGE" "$@"
|
||||||
|
else
|
||||||
|
git commit --fixup "$TARGET_COMMIT" "$@"
|
||||||
|
fi
|
18
home/programs/git/scripts/git-fixup-interactive.sh
Normal file
18
home/programs/git/scripts/git-fixup-interactive.sh
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
if [ -n "${1:-}" ]; then
|
||||||
|
TARGET_BRANCH="$1"
|
||||||
|
shift
|
||||||
|
else
|
||||||
|
TARGET_BRANCH=$(git remote show origin | sed -n '/HEAD branch/s/.*: //p')
|
||||||
|
fi
|
||||||
|
|
||||||
|
FORK_POINT=$(git merge-base --fork-point "$TARGET_BRANCH")
|
||||||
|
|
||||||
|
COMMITS_SINCE_FORK_POINT=$(git log --format=format:'%s' "$FORK_POINT"..HEAD | grep -v -E '^fixup!')
|
||||||
|
|
||||||
|
RESULT=$(fzf <<<"$COMMITS_SINCE_FORK_POINT")
|
||||||
|
|
||||||
|
if [ "$RESULT" == "" ]; then
|
||||||
|
echo "Doing nothing..."
|
||||||
|
else
|
||||||
|
git commit -m "fixup! $RESULT" "$@"
|
||||||
|
fi
|
130
home/programs/git/scripts/git-post-pr.py
Normal file
130
home/programs/git/scripts/git-post-pr.py
Normal file
@ -0,0 +1,130 @@
|
|||||||
|
import argparse
|
||||||
|
import json
|
||||||
|
import subprocess
|
||||||
|
import tkinter
|
||||||
|
|
||||||
|
# TODO: add support for gitea, and maybe other git hosting options.
|
||||||
|
|
||||||
|
|
||||||
|
def parse_args() -> argparse.Namespace:
|
||||||
|
parser = argparse.ArgumentParser(
|
||||||
|
prog="post-pr",
|
||||||
|
description="Post links to PRs",
|
||||||
|
)
|
||||||
|
|
||||||
|
parser.add_argument("-n", "--no-clipboard", action="store_true", help="do not copy the message to the clipboard")
|
||||||
|
|
||||||
|
pr_id = parser.add_mutually_exclusive_group()
|
||||||
|
pr_id.add_argument("-c", "--current-branch", action="store_true", help="generate post for the PR for the current branch")
|
||||||
|
pr_id.add_argument("-l", "--latest", action="store_true", help="generate post for the latest PR for the current user")
|
||||||
|
pr_id.add_argument("pr_id", nargs="?", default=None, help="generate post for the PR with the given ID")
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
if not any([args.current_branch, args.latest, args.pr_id,]):
|
||||||
|
args.current_branch = True
|
||||||
|
|
||||||
|
return args
|
||||||
|
|
||||||
|
|
||||||
|
def _gh(args: list[str]) -> str:
|
||||||
|
try:
|
||||||
|
return subprocess.check_output(["gh"] + args).decode("utf8")
|
||||||
|
except subprocess.CalledProcessError as e:
|
||||||
|
raise RuntimeError(f"GitHub CLI command failed: 'gh {' '.join(args)}'") from e
|
||||||
|
|
||||||
|
|
||||||
|
def _gh_retcode(args: list[str]) -> int:
|
||||||
|
return subprocess.run(["gh"] + args, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL).returncode
|
||||||
|
|
||||||
|
|
||||||
|
def ensure_gh_installed():
|
||||||
|
try:
|
||||||
|
if _gh_retcode(["--version"]) != 0:
|
||||||
|
raise RuntimeError("GitHub CLI (gh) is not installed, please install it")
|
||||||
|
except FileNotFoundError:
|
||||||
|
raise RuntimeError("GitHub CLI (gh) is not installed, please install it")
|
||||||
|
|
||||||
|
|
||||||
|
def ensure_gh_authenticated():
|
||||||
|
if _gh_retcode(["auth", "status"]) != 0:
|
||||||
|
raise RuntimeError("Failed to authenticate with GitHub, please run 'gh auth login'")
|
||||||
|
|
||||||
|
|
||||||
|
GH_PR_JSON_FIELDS = ",".join([
|
||||||
|
"additions",
|
||||||
|
"deletions",
|
||||||
|
"state",
|
||||||
|
"title",
|
||||||
|
"url",
|
||||||
|
])
|
||||||
|
|
||||||
|
|
||||||
|
def fetch_pr_data(current_branch: bool, latest: bool, pr_id: str | None) -> dict[str, any]:
|
||||||
|
if pr_id:
|
||||||
|
pr_data = _gh(["pr", "view", pr_id, "--json", GH_PR_JSON_FIELDS])
|
||||||
|
pr_data = json.loads(pr_data)
|
||||||
|
|
||||||
|
elif latest:
|
||||||
|
pr_list = _gh(["pr", "list", "--author", "@me", "--limit", "1", "--json", GH_PR_JSON_FIELDS])
|
||||||
|
pr_list = json.loads(pr_list)
|
||||||
|
|
||||||
|
if len(pr_list) == 0:
|
||||||
|
raise RuntimeError("Failed to find PR, are you sure you have any open PRs?")
|
||||||
|
|
||||||
|
pr_data = pr_list[0]
|
||||||
|
|
||||||
|
elif current_branch:
|
||||||
|
pr_data = _gh(["pr", "view", "--json", GH_PR_JSON_FIELDS])
|
||||||
|
pr_data = json.loads(pr_data)
|
||||||
|
|
||||||
|
return pr_data
|
||||||
|
|
||||||
|
|
||||||
|
def format_message(pr_data: dict[str, any]) -> str:
|
||||||
|
additions = pr_data["additions"]
|
||||||
|
deletions = pr_data["deletions"]
|
||||||
|
|
||||||
|
title = pr_data["title"]
|
||||||
|
pr_url = pr_data["url"]
|
||||||
|
pr_state = pr_data["state"]
|
||||||
|
|
||||||
|
state_html = f"({pr_state.lower()}) " if pr_state != "OPEN" else ""
|
||||||
|
additions_html = f"+{additions}" if additions > 0 else str(additions)
|
||||||
|
deletions_html = f"-{deletions}" if deletions > 0 else str(deletions)
|
||||||
|
|
||||||
|
return f"""{state_html}{pr_url} {title} [diff: {additions_html}/{deletions_html}]"""
|
||||||
|
|
||||||
|
|
||||||
|
def copy_to_clipboard(message: str):
|
||||||
|
r = tkinter.Tk()
|
||||||
|
r.withdraw()
|
||||||
|
r.clipboard_clear()
|
||||||
|
r.clipboard_append(message)
|
||||||
|
r.update()
|
||||||
|
r.destroy()
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
args = parse_args()
|
||||||
|
|
||||||
|
ensure_gh_installed()
|
||||||
|
ensure_gh_authenticated()
|
||||||
|
|
||||||
|
pr_data = fetch_pr_data(args.current_branch, args.latest, args.pr_id)
|
||||||
|
message = format_message(pr_data)
|
||||||
|
|
||||||
|
print("Message:\n")
|
||||||
|
print(f" {message}\n")
|
||||||
|
|
||||||
|
if not args.no_clipboard:
|
||||||
|
copy_to_clipboard(message)
|
||||||
|
print("Copied to clipboard")
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
try:
|
||||||
|
main()
|
||||||
|
except Exception as e:
|
||||||
|
print(f"Error: {e}")
|
||||||
|
exit(1)
|
||||||
|
|
10
home/programs/git/scripts/git-rebase-fixups.sh
Normal file
10
home/programs/git/scripts/git-rebase-fixups.sh
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
if [ -n "${1:-}" ]; then
|
||||||
|
TARGET_BRANCH="$1"
|
||||||
|
shift
|
||||||
|
else
|
||||||
|
TARGET_BRANCH=$(git remote show origin | sed -n '/HEAD branch/s/.*: //p')
|
||||||
|
fi
|
||||||
|
|
||||||
|
FORK_POINT=$(git merge-base --fork-point "$TARGET_BRANCH")
|
||||||
|
|
||||||
|
git rebase "$FORK_POINT" --autosquash "$@"
|
@ -1,5 +1,10 @@
|
|||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
|
if [[ $# -lt 1 ]]; then
|
||||||
|
echo "Usage: git tcommit [-]<hours>"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
HOUR_SHIFT="$1"
|
HOUR_SHIFT="$1"
|
||||||
shift
|
shift
|
||||||
|
|
||||||
|
4
home/programs/home-manager.nix
Normal file
4
home/programs/home-manager.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.home-manager.enable = true;
|
||||||
|
}
|
356
home/programs/hyprland.nix
Normal file
356
home/programs/hyprland.nix
Normal file
@ -0,0 +1,356 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.wayland.windowManager.hyprland;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
home.sessionVariables = {
|
||||||
|
WLR_NO_HARDWARE_CURSORS = "1";
|
||||||
|
WLR_RENDERER_ALLOW_SOFTWARE = "1";
|
||||||
|
XDG_CURRENT_DESKTOP = "Hyprland";
|
||||||
|
XDG_SESSION_DESKTOP = "Hyprland";
|
||||||
|
XDG_SESSION_TYPE = "wayland";
|
||||||
|
GDK_BACKEND = "wayland,x11,*";
|
||||||
|
QT_QPA_PLATFORM = "wayland;xcb";
|
||||||
|
NIXOS_OZONE_WL = "1";
|
||||||
|
MOZ_ENABLE_WAYLAND = "1";
|
||||||
|
SDL_VIDEODRIVER = "wayland";
|
||||||
|
OZONE_PLATFORM = "wayland";
|
||||||
|
CLUTTER_BACKEND = "wayland";
|
||||||
|
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
|
||||||
|
# QT_QPA_PLATFORMTHEME = "qt6ct";
|
||||||
|
QT_AUTO_SCREEN_SCALE_FACTOR = "1";
|
||||||
|
|
||||||
|
# LIBVA_DRIVER_NAME = "nvidia";
|
||||||
|
# GBM_BACKEND = "nvidia-drm";
|
||||||
|
# __GLX_VENDOR_LIBRARY_NAME = "nvidia";
|
||||||
|
};
|
||||||
|
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
wl-clipboard-rs
|
||||||
|
];
|
||||||
|
|
||||||
|
programs.hyprlock = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
general = {
|
||||||
|
disable_loading_bar = true;
|
||||||
|
grace = 300;
|
||||||
|
hide_cursor = true;
|
||||||
|
no_fade_in = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
background = [
|
||||||
|
{
|
||||||
|
path = "screenshot";
|
||||||
|
blur_passes = 3;
|
||||||
|
blur_size = 8;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
input-field = [
|
||||||
|
{
|
||||||
|
size = "200, 50";
|
||||||
|
position = "0, -80";
|
||||||
|
monitor = "";
|
||||||
|
dots_center = true;
|
||||||
|
fade_on_empty = false;
|
||||||
|
font_color = "rgb(202, 211, 245)";
|
||||||
|
inner_color = "rgb(91, 96, 120)";
|
||||||
|
outer_color = "rgb(24, 25, 38)";
|
||||||
|
outline_thickness = 5;
|
||||||
|
placeholder_text = ''Password...'';
|
||||||
|
shadow_passes = 2;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.hypridle = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
general = {
|
||||||
|
ignore_dbus_inhibit = false;
|
||||||
|
lock_cmd = "pidof hyprlock || ${config.programs.hyprlock.package}/bin/hyprlock";
|
||||||
|
before_sleep_cmd = "${pkgs.systemd}/bin/loginctl lock-session";
|
||||||
|
after_sleep_cmd = "${cfg.finalPackage}/bin/hyprctl dispatch dpms on";
|
||||||
|
};
|
||||||
|
|
||||||
|
listener = [
|
||||||
|
{
|
||||||
|
timeout = 900;
|
||||||
|
on-timeout = "${config.programs.hyprlock.package}/bin/hyprlock";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
timeout = 1200;
|
||||||
|
on-timeout = "${cfg.finalPackage}/bin/hyprctl dispatch dpms off";
|
||||||
|
on-resume = "${cfg.finalPackage}/bin/hyprctl dispatch dpms on";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
wayland.windowManager.hyprland = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
systemd.enable = false;
|
||||||
|
systemd.enableXdgAutostart = false;
|
||||||
|
|
||||||
|
settings = let
|
||||||
|
exe = lib.getExe;
|
||||||
|
scratchpads = [
|
||||||
|
(rec {
|
||||||
|
title = "Floating terminal";
|
||||||
|
class = "floatingTerminal";
|
||||||
|
command = "uwsm app -- ${exe pkgs.alacritty} --class ${class} -e ${exe pkgs.tmux} new-session -A -s f";
|
||||||
|
size = { h = 90; w = 95; };
|
||||||
|
keys = [
|
||||||
|
"$mod, RETURN"
|
||||||
|
"$mod, SPACE"
|
||||||
|
];
|
||||||
|
})
|
||||||
|
(rec {
|
||||||
|
title = "Ncmpcpp";
|
||||||
|
class = "floatingNcmpcpp";
|
||||||
|
command = "uwsm app -- ${exe pkgs.alacritty} --class ${class} -e ${exe pkgs.ncmpcpp}";
|
||||||
|
size = { h = 95; w = 95; };
|
||||||
|
keys = [ "$mod, Q" ];
|
||||||
|
})
|
||||||
|
# "$mod, W, emacs"
|
||||||
|
# "$mod, E, filebrowser"
|
||||||
|
# "$mod, X, taskwarriortui"
|
||||||
|
];
|
||||||
|
in {
|
||||||
|
"$mod" = "SUPER";
|
||||||
|
|
||||||
|
# https://github.com/xkbcommon/libxkbcommon/blob/master/include/xkbcommon/xkbcommon-keysyms.h
|
||||||
|
bind = [
|
||||||
|
"$mod SHIFT, Q, exec, ${pkgs.systemd}/bin/loginctl terminate-user \"\""
|
||||||
|
"$mod ALT SHIFT, Q, exit"
|
||||||
|
"$mod, R, exec, uwsm app -- ${exe config.programs.anyrun.package}"
|
||||||
|
"$mod, T, togglefloating"
|
||||||
|
|
||||||
|
"$mod, F, fullscreenstate, 1"
|
||||||
|
"$mod SHIFT, F, fullscreenstate, 3"
|
||||||
|
"$mod, C, exec, ${cfg.finalPackage}/bin/hyprctl reload"
|
||||||
|
|
||||||
|
"$mod, BACKSPACE, killactive"
|
||||||
|
|
||||||
|
"$mod SHIFT, RETURN, exec, uwsm app -- ${exe pkgs.alacritty} --class termTerminal -e ${exe pkgs.tmux} new-session -A -s term"
|
||||||
|
"$mod SHIFT, SPACE, exec, uwsm app -- ${exe pkgs.alacritty} --class termTerminal -e ${exe pkgs.tmux} new-session -A -s term"
|
||||||
|
|
||||||
|
"$mod, j, layoutmsg,cyclenext"
|
||||||
|
"$mod, k, layoutmsg,cycleprev"
|
||||||
|
"$mod SHIFT, j, layoutmsg, swapnext"
|
||||||
|
"$mod SHIFT, k, layoutmsg, swapprev"
|
||||||
|
|
||||||
|
"$mod, 1, focusworkspaceoncurrentmonitor, 1"
|
||||||
|
"$mod, 2, focusworkspaceoncurrentmonitor, 2"
|
||||||
|
"$mod, 3, focusworkspaceoncurrentmonitor, 3"
|
||||||
|
"$mod, 4, focusworkspaceoncurrentmonitor, 4"
|
||||||
|
"$mod, 5, focusworkspaceoncurrentmonitor, 5"
|
||||||
|
"$mod, 6, focusworkspaceoncurrentmonitor, 6"
|
||||||
|
"$mod, 7, focusworkspaceoncurrentmonitor, 7"
|
||||||
|
"$mod, 8, focusworkspaceoncurrentmonitor, 8"
|
||||||
|
"$mod, 9, focusworkspaceoncurrentmonitor, 9"
|
||||||
|
|
||||||
|
"$mod SHIFT, 1, movetoworkspacesilent, 1"
|
||||||
|
"$mod SHIFT, 2, movetoworkspacesilent, 2"
|
||||||
|
"$mod SHIFT, 3, movetoworkspacesilent, 3"
|
||||||
|
"$mod SHIFT, 4, movetoworkspacesilent, 4"
|
||||||
|
"$mod SHIFT, 5, movetoworkspacesilent, 5"
|
||||||
|
"$mod SHIFT, 6, movetoworkspacesilent, 6"
|
||||||
|
"$mod SHIFT, 7, movetoworkspacesilent, 7"
|
||||||
|
"$mod SHIFT, 8, movetoworkspacesilent, 8"
|
||||||
|
"$mod SHIFT, 9, movetoworkspacesilent, 9"
|
||||||
|
|
||||||
|
"$mod, b, exec, ${pkgs.fcitx5}/bin/fcitx5-remote -s mozc"
|
||||||
|
"$mod, n, exec, ${pkgs.fcitx5}/bin/fcitx5-remote -s keyboard-no"
|
||||||
|
"$mod, m, exec, ${pkgs.fcitx5}/bin/fcitx5-remote -s keyboard-us"
|
||||||
|
|
||||||
|
# TODO: ensure exists in environment
|
||||||
|
"$mod, l, exec, ${pkgs.systemd}/bin/loginctl lock-session"
|
||||||
|
|
||||||
|
# TODO: fix
|
||||||
|
# "super + minus" = "${pkgs.xcalib}/bin/xcalib -invert -alter"
|
||||||
|
|
||||||
|
# TODO: fix
|
||||||
|
", Print, exec, ${exe pkgs.grimblast} copy area"
|
||||||
|
|
||||||
|
# "SHIFT, Print, exec, ${lib.getExe pkgs.grimblast} copy area"
|
||||||
|
# "shift + @Print" = "${pkgs.maim}/bin/maim --hidecursor --nokeyboard $SCREENSHOT_DIR/$(date +%s).png"
|
||||||
|
|
||||||
|
# TODO: Add boomer as package
|
||||||
|
# "super + @Print" = "boomer"
|
||||||
|
]
|
||||||
|
++
|
||||||
|
(lib.pipe scratchpads [
|
||||||
|
(map ({ keys, command, class, ... }:
|
||||||
|
(map (key: let
|
||||||
|
# TODO: rewrite this to take arguments instead of creating n copies
|
||||||
|
invokeIfNotRunningAndToggleWorkspace = pkgs.writeShellApplication {
|
||||||
|
name = "hyprland-toggle-scratchpad-${class}";
|
||||||
|
runtimeInputs = [ cfg.finalPackage pkgs.jq ];
|
||||||
|
text = ''
|
||||||
|
SCRATCHPAD_PROGRAM_EXISTS=$(hyprctl clients -j | jq -r '[.[].class]|any(. == "${class}")')
|
||||||
|
CURRENT_WORKSPACE_ID=$(hyprctl activeworkspace -j | jq -r '.id')
|
||||||
|
|
||||||
|
if [ "$SCRATCHPAD_PROGRAM_EXISTS" != "true" ]; then
|
||||||
|
${command} &
|
||||||
|
hyprctl dispatch movetoworkspacesilent "''${CURRENT_WORKSPACE_ID},class:${class}"
|
||||||
|
hyprctl dispatch focuswindow "class:${class}"
|
||||||
|
else
|
||||||
|
SCRATCHPAD_PROGRAM_WORKSPACE_ID=$(hyprctl clients -j | jq '.[] | select( .class == "${class}") | .workspace.id')
|
||||||
|
if [ "$SCRATCHPAD_PROGRAM_WORKSPACE_ID" != "$CURRENT_WORKSPACE_ID" ]; then
|
||||||
|
hyprctl dispatch movetoworkspacesilent "''${CURRENT_WORKSPACE_ID},class:${class}"
|
||||||
|
hyprctl dispatch focuswindow "class:${class}"
|
||||||
|
else
|
||||||
|
hyprctl dispatch movetoworkspacesilent "special:${class}Ws,class:${class}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in "${key}, exec, ${lib.getExe invokeIfNotRunningAndToggleWorkspace}"
|
||||||
|
) keys)
|
||||||
|
))
|
||||||
|
lib.flatten
|
||||||
|
]);
|
||||||
|
|
||||||
|
bindm = [
|
||||||
|
"$mod, mouse:272, movewindow"
|
||||||
|
"$mod, Control_L, movewindow"
|
||||||
|
"$mod, mouse:273, resizewindow"
|
||||||
|
"$mod, ALT_L, resizewindow"
|
||||||
|
];
|
||||||
|
|
||||||
|
bindl = [
|
||||||
|
"$mod, p, exec, ${exe pkgs.mpc_cli} toggle"
|
||||||
|
",XF86AudioPlay, exec, ${exe pkgs.mpc_cli} toggle"
|
||||||
|
",XF86AudioPrev, exec, ${exe pkgs.mpc_cli} prev"
|
||||||
|
",XF86AudioNext, exec, ${exe pkgs.mpc_cli} next"
|
||||||
|
];
|
||||||
|
|
||||||
|
bindle = [
|
||||||
|
",XF86MonBrightnessUp, exec, ${exe pkgs.brightnessctl} s +5%"
|
||||||
|
",XF86MonBrightnessDown, exec, ${exe pkgs.brightnessctl} s 5%-"
|
||||||
|
",XF86AudioLowerVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
|
||||||
|
",XF86AudioRaiseVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%+"
|
||||||
|
"$mod ,F7, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
|
||||||
|
"$mod ,F8, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%+"
|
||||||
|
];
|
||||||
|
|
||||||
|
exec-once = [
|
||||||
|
"uwsm finalize"
|
||||||
|
];
|
||||||
|
|
||||||
|
windowrulev2 = [
|
||||||
|
"float,class:(Rofi)"
|
||||||
|
"float,class:^(xdg-desktop-portal-gtk)$"
|
||||||
|
"float, title:^(.*Bitwarden Password Manager.*)$"
|
||||||
|
|
||||||
|
"dimaround, class:^(xdg-desktop-portal-gtk)$"
|
||||||
|
|
||||||
|
"workspace special silent, title:^(Firefox — Sharing Indicator)$"
|
||||||
|
"workspace special silent, title:^(Zen — Sharing Indicator)$"
|
||||||
|
"workspace special silent, title:^(.*is sharing (your screen|a window)\.)$"
|
||||||
|
|
||||||
|
"workspace 2,class:(firefox)"
|
||||||
|
"workspace 2,class:(google-chrome)"
|
||||||
|
|
||||||
|
"workspace 3,class:(Emacs)"
|
||||||
|
"workspace 3,class:(code)"
|
||||||
|
"workspace 3,class:(code-url-handler)"
|
||||||
|
|
||||||
|
"workspace 5,class:(discord)"
|
||||||
|
"workspace 5,class:(Element)"
|
||||||
|
]
|
||||||
|
++
|
||||||
|
(lib.pipe scratchpads [
|
||||||
|
(map ({ class, size, ... }: [
|
||||||
|
"workspace special:${class}Ws, class:^${class}$"
|
||||||
|
"float, class:^${class}$"
|
||||||
|
"size ${toString size.w}% ${toString size.h}%, class:^${class}$"
|
||||||
|
"move ${toString ((100 - size.w) / 2)}% ${toString ((100 - size.h) / 2)}%, class:^${class}$"
|
||||||
|
]))
|
||||||
|
lib.flatten
|
||||||
|
]);
|
||||||
|
|
||||||
|
monitor = [
|
||||||
|
# TODO: host specific
|
||||||
|
"eDP-1, 3840x2400@90.00Hz, 0x0, 2"
|
||||||
|
",preferred,auto,1"
|
||||||
|
];
|
||||||
|
|
||||||
|
general = {
|
||||||
|
gaps_in = 5;
|
||||||
|
gaps_out = 15;
|
||||||
|
|
||||||
|
border_size = 2;
|
||||||
|
|
||||||
|
"col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg";
|
||||||
|
"col.inactive_border" = "rgba(595959aa)";
|
||||||
|
|
||||||
|
resize_on_border = false;
|
||||||
|
allow_tearing = false;
|
||||||
|
layout = "master";
|
||||||
|
};
|
||||||
|
|
||||||
|
decoration = {
|
||||||
|
rounding = 10;
|
||||||
|
|
||||||
|
# Change transparency of focused and unfocused windows
|
||||||
|
active_opacity = 1.0;
|
||||||
|
inactive_opacity = 1.0;
|
||||||
|
|
||||||
|
# drop_shadow = true;
|
||||||
|
# shadow_range = 4;
|
||||||
|
# shadow_render_power = 3;
|
||||||
|
# "col.shadow" = "rgba(1a1a1aee)";
|
||||||
|
|
||||||
|
# https://wiki.hyprland.org/Configuring/Variables/#blur
|
||||||
|
blur = {
|
||||||
|
enabled = true;
|
||||||
|
size = 3;
|
||||||
|
passes = 1;
|
||||||
|
|
||||||
|
vibrancy = 0.1696;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
animations.enabled = false;
|
||||||
|
|
||||||
|
master = {
|
||||||
|
new_status = "slave";
|
||||||
|
};
|
||||||
|
|
||||||
|
misc = {
|
||||||
|
force_default_wallpaper = 0; # Set to 0 or 1 to disable the anime mascot wallpapers
|
||||||
|
disable_hyprland_logo = false; # If true disables the random hyprland logo / anime girl background. :(
|
||||||
|
};
|
||||||
|
|
||||||
|
input ={
|
||||||
|
kb_layout = "us";
|
||||||
|
kb_variant = "";
|
||||||
|
kb_model = "";
|
||||||
|
kb_options = "caps:escape";
|
||||||
|
kb_rules = "";
|
||||||
|
|
||||||
|
follow_mouse = 1;
|
||||||
|
|
||||||
|
sensitivity = 0; # -1.0 - 1.0, 0 means no modification.
|
||||||
|
|
||||||
|
touchpad = {
|
||||||
|
natural_scroll = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# UWSM
|
||||||
|
systemd.user.services = {
|
||||||
|
hypridle.Unit.After = lib.mkForce "graphical-session.target";
|
||||||
|
waybar.Unit.After = lib.mkForce "graphical-session.target";
|
||||||
|
network-manager-applet.Unit.After = lib.mkForce "graphical-session.target";
|
||||||
|
fcitx5-daemon.Unit.After = lib.mkForce "graphical-session.target";
|
||||||
|
# hyprpaper.Unit.After = lib.mkForce "graphical-session.target";
|
||||||
|
};
|
||||||
|
}
|
4
home/programs/jq.nix
Normal file
4
home/programs/jq.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.jq.enable = true;
|
||||||
|
}
|
7
home/programs/man.nix
Normal file
7
home/programs/man.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.man = {
|
||||||
|
enable = true;
|
||||||
|
generateCaches = true;
|
||||||
|
};
|
||||||
|
}
|
4
home/programs/mpv.nix
Normal file
4
home/programs/mpv.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ machineVars, ... }:
|
||||||
|
{
|
||||||
|
programs.mpv.enable = !machineVars.headless;
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
{pkgs, ...}:
|
{ config, pkgs, ... }:
|
||||||
{
|
{
|
||||||
programs.ncmpcpp = {
|
programs.ncmpcpp = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -332,11 +332,11 @@
|
|||||||
window_border_color = "green";
|
window_border_color = "green";
|
||||||
active_window_border = "red";
|
active_window_border = "red";
|
||||||
|
|
||||||
visualizer_data_source = "/tmp/mpd.fifo";
|
visualizer_data_source = "/run/user/${toString config.home.uid}/mpd/visualizer.fifo";
|
||||||
visualizer_output_name = "Visualizer feed";
|
visualizer_output_name = "Visualizer feed";
|
||||||
visualizer_in_stereo = "no";
|
visualizer_in_stereo = "no";
|
||||||
visualizer_type = "spectrum"; # spectrum, ellipse, wave_filled, wave
|
# visualizer_type = "spectrum"; # spectrum, ellipse, wave_filled, wave
|
||||||
visualizer_look = "+█"; # wave | spectrum, ellipse, wave_filled
|
# visualizer_look = "+█"; # wave | spectrum, ellipse, wave_filled
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ pkgs, home, ... }:
|
{ pkgs, lib, machineVars, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./auto-clean-swapfiles.nix
|
./auto-clean-swapfiles.nix
|
||||||
@ -21,6 +21,9 @@
|
|||||||
vim-surround
|
vim-surround
|
||||||
vim-fugitive
|
vim-fugitive
|
||||||
vim-css-color
|
vim-css-color
|
||||||
|
] ++ (lib.optionals machineVars.wayland [
|
||||||
|
vim-wayland-clipboard
|
||||||
|
]) ++ [
|
||||||
semshi
|
semshi
|
||||||
{
|
{
|
||||||
plugin = goyo-vim;
|
plugin = goyo-vim;
|
||||||
@ -66,25 +69,58 @@
|
|||||||
}
|
}
|
||||||
limelight-vim
|
limelight-vim
|
||||||
vim-tmux-navigator
|
vim-tmux-navigator
|
||||||
vim-polyglot
|
|
||||||
lightline-vim
|
lightline-vim
|
||||||
|
vim-better-whitespace
|
||||||
{
|
{
|
||||||
plugin = rainbow;
|
plugin = nvim-treesitter.withAllGrammars;
|
||||||
config = ''
|
config = ''
|
||||||
let g:rainbow_active = 1
|
packadd! nvim-treesitter
|
||||||
|
lua << EOF
|
||||||
|
require'nvim-treesitter.configs'.setup {
|
||||||
|
highlight = {
|
||||||
|
enable = true,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
{
|
||||||
|
plugin = rainbow-delimiters-nvim;
|
||||||
|
config = ''
|
||||||
|
lua << EOF
|
||||||
|
local rainbow_delimiters = require 'rainbow-delimiters'
|
||||||
|
vim.g.rainbow_delimiters = {
|
||||||
|
["highlight"] = {
|
||||||
|
'RainbowDelimiterRed',
|
||||||
|
'RainbowDelimiterYellow',
|
||||||
|
'RainbowDelimiterBlue',
|
||||||
|
'RainbowDelimiterGreen',
|
||||||
|
'RainbowDelimiterViolet',
|
||||||
|
'RainbowDelimiterCyan',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
EOF
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
plugin = vim-monokai;
|
plugin = vim-monokai;
|
||||||
config = ''
|
config = ''
|
||||||
colorscheme monokai
|
colorscheme monokai
|
||||||
autocmd ColorScheme * highlight Normal ctermbg=0
|
|
||||||
autocmd ColorScheme * highlight LineNr ctermbg=0
|
autocmd ColorScheme monokai highlight Normal ctermbg=0
|
||||||
autocmd ColorScheme * highlight CursorLineNR ctermbg=0 ctermfg=208
|
autocmd ColorScheme monokai highlight LineNr ctermbg=0
|
||||||
autocmd ColorScheme * highlight SignColumn ctermbg=0
|
autocmd ColorScheme monokai highlight CursorLineNR ctermbg=0 ctermfg=208
|
||||||
autocmd ColorScheme * highlight GitGutterAdd ctermbg=0
|
autocmd ColorScheme monokai highlight SignColumn ctermbg=0
|
||||||
autocmd ColorScheme * highlight GitGutterChange ctermbg=0
|
autocmd ColorScheme monokai highlight GitGutterAdd ctermbg=0
|
||||||
autocmd ColorScheme * highlight GitGutterDelete ctermbg=0
|
autocmd ColorScheme monokai highlight GitGutterChange ctermbg=0
|
||||||
|
autocmd ColorScheme monokai highlight GitGutterDelete ctermbg=0
|
||||||
|
|
||||||
|
autocmd ColorScheme monokai highlight RainbowDelimiterRed { fg = g:terminal_color_9 }
|
||||||
|
autocmd ColorScheme monokai highlight RainbowDelimiterYellow { fg = g:terminal_color_11 }
|
||||||
|
autocmd ColorScheme monokai highlight RainbowDelimiterBlue { fg = g:terminal_color_12 }
|
||||||
|
autocmd ColorScheme monokai highlight RainbowDelimiterGreen { fg = g:terminal_color_10 }
|
||||||
|
autocmd ColorScheme monokai highlight RainbowDelimiterViolet { fg = g:terminal_color_13 }
|
||||||
|
autocmd ColorScheme monokai highlight RainbowDelimiterCyan { fg = g:terminal_color_14 }
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -3,40 +3,46 @@ let
|
|||||||
mkSource = tags: url: { inherit tags url; };
|
mkSource = tags: url: { inherit tags url; };
|
||||||
in {
|
in {
|
||||||
programs.newsboat.urls = [
|
programs.newsboat.urls = [
|
||||||
(mkSource [ "tech" "linux" ] "https://lukesmith.xyz/rss.xml")
|
|
||||||
(mkSource [ "tech" "vim" "old" ] "https://castel.dev/rss.xml")
|
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://christine.website/blog.rss")
|
|
||||||
(mkSource [ "japanese" "language" "old" ] "http://feeds.feedburner.com/LocalizingJapan")
|
|
||||||
(mkSource [ "tech" "linux" ] "http://xahlee.info/comp/blog.xml")
|
|
||||||
(mkSource [ "japanese" "language" ] "https://www.outlier-linguistics.com/blogs/japanese.atom")
|
|
||||||
(mkSource [ "tech" "linux" ] "https://archlinux.org/feeds/news/")
|
(mkSource [ "tech" "linux" ] "https://archlinux.org/feeds/news/")
|
||||||
(mkSource [ "tech" "linux" ] "https://bartoszmilewski.com/feed/")
|
(mkSource [ "tech" "linux" "nixos" ] "https://nixos.org/blog/announcements-rss.xml")
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://nixos.org//blog/announcements-rss.xml")
|
|
||||||
(mkSource [ "tech" "linux" ] "https://www.digitalneanderthal.com/index.xml")
|
|
||||||
(mkSource [ "tech" "ntnu" ] "https://omegav.no/newsrss")
|
(mkSource [ "tech" "ntnu" ] "https://omegav.no/newsrss")
|
||||||
(mkSource [ "tech" ] "https://code.visualstudio.com/feed.xml")
|
(mkSource [ "ntnu" ] "https://varsel.it.ntnu.no/subscribe/rss/")
|
||||||
|
(mkSource [ "tech" ] "https://blog.hackeriet.no/feed.xml")
|
||||||
|
(mkSource [ "tech" ] "https://fribyte.no/rss.xml")
|
||||||
|
(mkSource [ "tech" ] "https://existentialtype.wordpress.com/feed/")
|
||||||
|
(mkSource [ "tech" "linux" "ntnu" ] "https://wiki.pvv.ntnu.no/w/api.php?hidebots=1&urlversion=1&days=90&limit=50&action=feedrecentchanges&format=xml")
|
||||||
|
(mkSource [ "tech" "linux" "nixos" ] "https://dandellion.xyz/atom.xml")
|
||||||
|
(mkSource [ "tech" "linux" ] "http://xahlee.info/comp/blog.xml")
|
||||||
|
(mkSource [ "tech" ] "https://branchfree.org/feed/")
|
||||||
|
(mkSource [ "tech" ] "https://search.marginalia.nu/news.xml")
|
||||||
|
(mkSource [ "tech" "linux" ] "https://bartoszmilewski.com/feed/")
|
||||||
|
(mkSource [ "tech" "linux" "nixos" ] "https://myme.no/atom-feed.xml")
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://blog.ysndr.de/atom.xml")
|
(mkSource [ "tech" "linux" "nixos" ] "https://blog.ysndr.de/atom.xml")
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://kaushikc.org/atom.xml")
|
(mkSource [ "tech" "linux" "nixos" ] "https://kaushikc.org/atom.xml")
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://ianthehenry.com/feed.xml")
|
(mkSource [ "tech" "linux" "nixos" ] "https://ianthehenry.com/feed.xml")
|
||||||
(mkSource [ "tech" "linux" "ntnu" ] "https://www.pvv.ntnu.no/w/api.php?hidebots=1&urlversion=1&days=7&limit=50&action=feedrecentchanges&feedformat=atom")
|
|
||||||
(mkSource [ "ntnu" ] "https://varsel.it.ntnu.no/subscribe/rss/")
|
|
||||||
(mkSource [ "tech" "linux" "japanese" ] "https://www.ncaq.net/feed.atom")
|
(mkSource [ "tech" "linux" "japanese" ] "https://www.ncaq.net/feed.atom")
|
||||||
(mkSource [ "tech" "linux" "haskell" "nixos" "functional-programming" ] "https://www.haskellforall.com/feeds/posts/default")
|
(mkSource [ "tech" "linux" "nixos" "emacs" "japanese" ] "https://apribase.net/program/feed")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" ] "https://williamyaoh.com/feed.atom")
|
(mkSource [ "tech" "linux" "nixos" "functional-programming" ] "https://www.haskellforall.com/feeds/posts/default")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" ] "https://www.parsonsmatt.org/feed.xml")
|
(mkSource [ "tech" "linux" "nixos" ] "https://christine.website/blog.rss")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" "python" ] "http://blog.ezyang.com/feed/")
|
(mkSource [ "tech" "functional-programming" "nixos" ] "https://markkarpov.com/feed.atom")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" ] "https://lexi-lambda.github.io/feeds/all.rss.xml")
|
(mkSource [ "tech" "functional-programming" ] "https://williamyaoh.com/feed.atom")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" ] "https://www.stephendiehl.com/feed.rss")
|
(mkSource [ "tech" "functional-programming" ] "https://www.parsonsmatt.org/feed.xml")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" "emacs" ] "https://chrisdone.com/rss.xml")
|
(mkSource [ "tech" "functional-programming" "python" ] "http://blog.ezyang.com/feed/")
|
||||||
(mkSource [ "tech" "haskell" "functional-programming" "nixos" ] "https://markkarpov.com/feed.atom")
|
(mkSource [ "tech" "functional-programming" ] "https://lexi-lambda.github.io/feeds/all.rss.xml")
|
||||||
(mkSource [ "tech" "flutter" ] "https://resocoder.com/feed/")
|
(mkSource [ "tech" "functional-programming" ] "https://www.stephendiehl.com/feed.rss")
|
||||||
(mkSource [ "tech" "compilers" ] "https://existentialtype.wordpress.com/feed/")
|
(mkSource [ "tech" "functional-programming" "emacs" ] "https://chrisdone.com/rss.xml")
|
||||||
(mkSource [ "tech" "compilers" "haskell" "functional-programming" "old" ] "https://skilpat.tumblr.com/rss")
|
(mkSource [ "tech" ] "https://go.dev/blog/feed.atom")
|
||||||
|
(mkSource [ "tech" "linux" ] "https://jfx.ac/blog/index.xml")
|
||||||
|
(mkSource [ "tech" "linux" ] "https://lukesmith.xyz/rss.xml")
|
||||||
|
(mkSource [ "japanese" "language" ] "https://www.outlier-linguistics.com/blogs/japanese.atom")
|
||||||
(mkSource [ "language" ] "https://feeds.feedburner.com/blogspot/Ckyi")
|
(mkSource [ "language" ] "https://feeds.feedburner.com/blogspot/Ckyi")
|
||||||
(mkSource [ "tech" "compilers" ] "https://go.dev/blog/feed.atom")
|
(mkSource [ "japanese" "language" "old" ] "http://feeds.feedburner.com/LocalizingJapan")
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://myme.no/feed.xml")
|
(mkSource [ "japanese" "language" ] "https://wesleycrobertson.wordpress.com/feed/")
|
||||||
(mkSource [ "tech" "linux" "nixos" "compilers" ] "https://flyx.org/feed.xml")
|
(mkSource [ "tech" "vim" "old" ] "https://castel.dev/rss.xml")
|
||||||
(mkSource [ "tech" "linux" ] "https://blog.jfx.ac/feed.xml")
|
(mkSource [ "tech" "functional-programming" "old" ] "https://skilpat.tumblr.com/rss")
|
||||||
(mkSource [ "tech" "linux" "nixos" ] "https://dandellion.xyz/atom.xml")
|
(mkSource [ "tech" ] "https://resocoder.com/feed/")
|
||||||
|
|
||||||
|
# Broken?
|
||||||
|
(mkSource [ "tech" "linux" "nixos" ] "https://flyx.org/feed.xml")
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
4
home/programs/obs-studio.nix
Normal file
4
home/programs/obs-studio.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ machineVars, ... }:
|
||||||
|
{
|
||||||
|
programs.obs-studio.enable = !machineVars.headless;
|
||||||
|
}
|
4
home/programs/pandoc.nix
Normal file
4
home/programs/pandoc.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.pandoc.enable = true;
|
||||||
|
}
|
4
home/programs/ripgrep.nix
Normal file
4
home/programs/ripgrep.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.ripgrep.enable = true;
|
||||||
|
}
|
@ -10,5 +10,11 @@
|
|||||||
mode = "0444";
|
mode = "0444";
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.ssh.includes = [ config.sops.secrets."ssh/secret-config".path ];
|
programs.ssh = {
|
||||||
|
enable = true;
|
||||||
|
includes = [
|
||||||
|
config.sops.secrets."ssh/secret-config".path
|
||||||
|
"mutable_config"
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,94 +1,84 @@
|
|||||||
{ pkgs, lib, extendedLib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
let
|
let # http://www.pvv.ntnu.no/pvv/Maskiner
|
||||||
adminUser = "root";
|
|
||||||
normalUser = "oysteikt";
|
|
||||||
|
|
||||||
# http://www.pvv.ntnu.no/pvv/Maskiner
|
|
||||||
normalMachines = [
|
normalMachines = [
|
||||||
{
|
{
|
||||||
names = [ "hildring" "pvv-login" "pvv" ];
|
names = [ "hildring" "pvv-login" ];
|
||||||
|
proxyJump = lib.mkDefault null;
|
||||||
|
addressFamily = "inet";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
names = [ "drolsum" "pvv-login2" "pvv" ];
|
||||||
proxyJump = lib.mkDefault null;
|
proxyJump = lib.mkDefault null;
|
||||||
addressFamily = "inet";
|
addressFamily = "inet";
|
||||||
}
|
}
|
||||||
"dagali"
|
|
||||||
"drolsum"
|
|
||||||
"demiurgen"
|
|
||||||
"eirin"
|
|
||||||
[ "bekkalokk" "pvv-web" "pvv-wiki" "pvv-webmail" ]
|
[ "bekkalokk" "pvv-web" "pvv-wiki" "pvv-webmail" ]
|
||||||
"ildkule"
|
|
||||||
"shark"
|
|
||||||
"buskerud"
|
|
||||||
[ "bicep" "pvv-databases" ]
|
[ "bicep" "pvv-databases" ]
|
||||||
"bob"
|
"bob"
|
||||||
"knutsen"
|
[ "brzeczyszczykiewicz" "brez" "bokhylle" ]
|
||||||
|
"buskerud"
|
||||||
|
"dagali"
|
||||||
|
"demiurgen"
|
||||||
|
"eirin"
|
||||||
|
"georg"
|
||||||
|
"ildkule"
|
||||||
"isvegg"
|
"isvegg"
|
||||||
"tom"
|
"knutsen"
|
||||||
[ "microbel" "pvv-users" "pvv-mail" ]
|
[ "microbel" "pvv-users" "pvv-mail" ]
|
||||||
|
"orchid"
|
||||||
|
"shark"
|
||||||
|
"tallulah"
|
||||||
|
"tom"
|
||||||
|
"ustetind"
|
||||||
|
"venture"
|
||||||
];
|
];
|
||||||
|
|
||||||
rootMachines = [
|
rootMachines = [
|
||||||
[ "sleipner" "pvv-salt" ]
|
[ "ameno" "pvv-dns" ]
|
||||||
[ "balduzius" "pvv-krb" ]
|
[ "balduzius" "pvv-krb" ]
|
||||||
[ "innovation" "pvv-minecraft" ]
|
[ "innovation" "pvv-minecraft" ]
|
||||||
|
"ludvigsen"
|
||||||
|
[ "principal" "pvv-backup" ]
|
||||||
|
[ "skrott" "dibbler" ]
|
||||||
|
{
|
||||||
|
names = [ "sleipner" "pvv-salt" ];
|
||||||
|
user = "oysteikt/admin";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
# Either( String [String] AttrSet{String} ) -> AttrSet{String}
|
overrideIfNotExists = b: a: a // (builtins.removeAttrs b (builtins.attrNames a));
|
||||||
coerceToSSHMatchBlock =
|
|
||||||
machine:
|
|
||||||
if builtins.isString machine then { names = [machine]; }
|
|
||||||
else if builtins.isList machine then { names = machine; }
|
|
||||||
else machine;
|
|
||||||
|
|
||||||
# ListOf(String) -> AttrSet
|
coerce = user: machines: lib.pipe machines [
|
||||||
machineWithNames = let
|
(m: if builtins.isString m then { names = [m]; } else m)
|
||||||
inherit (lib.lists) head;
|
(m: if builtins.isList m then { names = m; } else m)
|
||||||
inherit (lib.strings) split;
|
(overrideIfNotExists { inherit user; })
|
||||||
in
|
];
|
||||||
names: { hostname = "${head names}.pvv.ntnu.no"; };
|
|
||||||
|
|
||||||
# AttrSet -> AttrSet -> AttrSet
|
normalUser = "oysteikt";
|
||||||
convertMachineWithDefaults = defaults: normalizedMachine: let
|
|
||||||
inherit (lib.attrsets) nameValuePair;
|
|
||||||
inherit (lib.strings) concatStringsSep;
|
|
||||||
inherit (normalizedMachine) names;
|
|
||||||
|
|
||||||
name = concatStringsSep " " names;
|
matchConfig = let
|
||||||
value =
|
machines = (map (coerce normalUser) normalMachines) ++ (map (coerce "root") rootMachines);
|
||||||
(machineWithNames names)
|
setVars = orig@{ names, ... }: {
|
||||||
// defaults
|
name = builtins.concatStringsSep " " names;
|
||||||
// removeAttrs normalizedMachine ["names"];
|
value = overrideIfNotExists {
|
||||||
in
|
hostname = "${builtins.head names}.pvv.ntnu.no";
|
||||||
nameValuePair name value;
|
proxyJump = "pvv";
|
||||||
|
addressFamily = "inet";
|
||||||
|
} (builtins.removeAttrs orig ["names"]);
|
||||||
|
};
|
||||||
|
in builtins.listToAttrs (map setVars machines);
|
||||||
|
|
||||||
# AttrSet -> AttrSet
|
|
||||||
convertNormalMachine = convertMachineWithDefaults { user = normalUser; proxyJump = "pvv"; };
|
|
||||||
# AttrSet -> AttrSet
|
|
||||||
convertAdminMachine =
|
|
||||||
convertMachineWithDefaults { user = adminUser; proxyJump = "pvv"; };
|
|
||||||
|
|
||||||
# ListOf (Either(String ListOf(String) AttrsOf(String))) -> (AttrSet -> AttrSet) -> AttrSet
|
|
||||||
convertMachinesWith = convertMachineFunction: let
|
|
||||||
inherit (lib.attrsets) listToAttrs;
|
|
||||||
inherit (lib.trivial) pipe;
|
|
||||||
pipeline = [
|
|
||||||
(map coerceToSSHMatchBlock)
|
|
||||||
(map convertMachineFunction)
|
|
||||||
listToAttrs
|
|
||||||
];
|
|
||||||
in
|
|
||||||
machines: pipe machines pipeline;
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
programs.ssh.matchBlocks = (extendedLib.attrsets.concatAttrs [
|
programs.ssh.matchBlocks = lib.mergeAttrsList [
|
||||||
(convertMachinesWith convertNormalMachine normalMachines)
|
matchConfig
|
||||||
(convertMachinesWith convertAdminMachine rootMachines)
|
{
|
||||||
]) // {
|
"pvv-git git.pvv.ntnu.no" = {
|
||||||
"pvv-git git.pvv.ntnu.no" = {
|
hostname = "git.pvv.ntnu.no";
|
||||||
hostname = "git.pvv.ntnu.no";
|
user = "gitea";
|
||||||
user = "gitea";
|
addressFamily = "inet";
|
||||||
addressFamily = "inet";
|
port = 2222;
|
||||||
port = 2222;
|
proxyJump = "pvv";
|
||||||
proxyJump = "pvv";
|
};
|
||||||
};
|
}
|
||||||
};
|
];
|
||||||
}
|
}
|
||||||
|
7
home/programs/texlive.nix
Normal file
7
home/programs/texlive.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.texlive = {
|
||||||
|
enable = true;
|
||||||
|
# packageSet = pkgs.texlive.combined.scheme-medium;
|
||||||
|
};
|
||||||
|
}
|
18
home/programs/thunderbird.nix
Normal file
18
home/programs/thunderbird.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{ config, pkgs, lib, machineVars, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.programs.thunderbird;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
programs.thunderbird = {
|
||||||
|
enable = !machineVars.headless;
|
||||||
|
profiles.h7x4 = {
|
||||||
|
isDefault = true;
|
||||||
|
withExternalGnupg = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
home.packages = lib.mkIf cfg.enable (with pkgs; [
|
||||||
|
birdtray
|
||||||
|
]);
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
{pkgs, ...}:
|
{ pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
programs.tmux = {
|
programs.tmux = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -19,7 +19,25 @@
|
|||||||
tmux-fzf
|
tmux-fzf
|
||||||
urlview
|
urlview
|
||||||
];
|
];
|
||||||
extraConfig = ''
|
extraConfig = let
|
||||||
|
fileContentsWithoutShebang = script: lib.pipe script [
|
||||||
|
lib.fileContents
|
||||||
|
(lib.splitString "\n")
|
||||||
|
(lib.drop 3) # remove shebang
|
||||||
|
(lib.concatStringsSep "\n")
|
||||||
|
];
|
||||||
|
|
||||||
|
fcitx5-status = (pkgs.writeShellApplication {
|
||||||
|
name = "tmux-fcitx5-status";
|
||||||
|
runtimeInputs = with pkgs; [ dbus ];
|
||||||
|
text = fileContentsWithoutShebang ./scripts/fcitx5-status.sh;
|
||||||
|
});
|
||||||
|
mpd-status = (pkgs.writeShellApplication {
|
||||||
|
name = "tmux-mpd-status";
|
||||||
|
runtimeInputs = with pkgs; [ mpc-cli gawk gnugrep ];
|
||||||
|
text = fileContentsWithoutShebang ./scripts/mpd-status.sh;
|
||||||
|
});
|
||||||
|
in ''
|
||||||
# Don't rename windows automatically after rename with ','
|
# Don't rename windows automatically after rename with ','
|
||||||
set-option -g allow-rename off
|
set-option -g allow-rename off
|
||||||
|
|
||||||
@ -91,8 +109,8 @@
|
|||||||
### DESIGN CHANGES ###
|
### DESIGN CHANGES ###
|
||||||
######################
|
######################
|
||||||
|
|
||||||
set-option -g status-left '#{prefix_highlight} #[bg=blue]#[fg=black,bold] ###S #[bg=default] #[fg=green]#(~/.scripts/tmux/fcitx) #[fg=red]%H:%M '
|
set-option -g status-left '#{prefix_highlight} #[bg=blue]#[fg=black,bold] ###S #[bg=default] #[fg=green]#(${lib.getExe fcitx5-status}) #[fg=red]%H:%M '
|
||||||
set-option -g status-right '#[fg=red]#(~/.scripts/tmux/mpd)'
|
set-option -g status-right '#[fg=red]#(${lib.getExe mpd-status})'
|
||||||
set-window-option -g window-status-current-style fg=magenta
|
set-window-option -g window-status-current-style fg=magenta
|
||||||
set-option -g status-style 'bg=black fg=default'
|
set-option -g status-style 'bg=black fg=default'
|
||||||
set-option -g default-shell '${pkgs.zsh}/bin/zsh'
|
set-option -g default-shell '${pkgs.zsh}/bin/zsh'
|
26
home/programs/tmux/scripts/fcitx5-status.sh
Executable file
26
home/programs/tmux/scripts/fcitx5-status.sh
Executable file
@ -0,0 +1,26 @@
|
|||||||
|
#!/usr/bin/env nix-shell
|
||||||
|
#!nix-shell -i bash -p dbus
|
||||||
|
|
||||||
|
printState() {
|
||||||
|
STATUS=$(dbus-send --session --print-reply=literal --dest='org.fcitx.Fcitx5' '/controller' 'org.fcitx.Fcitx.Controller1.CurrentInputMethod' | tr -d '[:space:]')
|
||||||
|
|
||||||
|
case $STATUS in
|
||||||
|
keyboard-us)
|
||||||
|
echo 'US'
|
||||||
|
;;
|
||||||
|
keyboard-no)
|
||||||
|
echo 'NO'
|
||||||
|
;;
|
||||||
|
mozc)
|
||||||
|
echo '日本語'
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "$STATUS?"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
}
|
||||||
|
|
||||||
|
while :; do
|
||||||
|
printState
|
||||||
|
sleep 1
|
||||||
|
done
|
29
home/programs/tmux/scripts/mpd-status.sh
Executable file
29
home/programs/tmux/scripts/mpd-status.sh
Executable file
@ -0,0 +1,29 @@
|
|||||||
|
#!/usr/bin/env nix-shell
|
||||||
|
#!nix-shell -i sh -p mpc-cli gawk gnugrep
|
||||||
|
|
||||||
|
while true; do
|
||||||
|
MPC_OUTPUT=$(mpc --format '[[%artist% - ]%title%]|[%file%]')
|
||||||
|
|
||||||
|
TITLE=$(head -n 1 <<<"$MPC_OUTPUT")
|
||||||
|
|
||||||
|
if [ ${#TITLE} -gt 60 ]; then
|
||||||
|
TITLE=$(awk '{print substr($0,0,57) "..."}' <<<"$TITLE")
|
||||||
|
fi
|
||||||
|
|
||||||
|
LINE2=$(head -n 2 <<<"$MPC_OUTPUT" | tail -n 1)
|
||||||
|
|
||||||
|
PLAY_STATUS_RAW=$(awk '{print $1}' <<<"$LINE2")
|
||||||
|
|
||||||
|
if [ "$PLAY_STATUS_RAW" == "[playing]" ]; then
|
||||||
|
PLAY_STATUS="▶"
|
||||||
|
elif [ "$PLAY_STATUS_RAW" == "[paused]" ]; then
|
||||||
|
PLAY_STATUS="⏸"
|
||||||
|
else
|
||||||
|
PLAY_STATUS="??"
|
||||||
|
fi
|
||||||
|
|
||||||
|
TIME=$(awk '{print $3}' <<<"$LINE2")
|
||||||
|
|
||||||
|
echo -e "$PLAY_STATUS $TITLE | [$TIME]"
|
||||||
|
sleep 1
|
||||||
|
done
|
@ -24,10 +24,18 @@ in
|
|||||||
onChange = ''install -m660 $(realpath "${configFilePath}.ro") "${configFilePath}"'';
|
onChange = ''install -m660 $(realpath "${configFilePath}.ro") "${configFilePath}"'';
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.vscode ={
|
programs.vscode = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
package = pkgs.vscode;
|
package = pkgs.vscode.overrideAttrs (prev: {
|
||||||
|
# NOTE: this messes up zsh's tab completion in the terminal whenever code is started
|
||||||
|
# from within a shell
|
||||||
|
preFixup = prev.preFixup + ''
|
||||||
|
gappsWrapperArgs+=(
|
||||||
|
--unset TMUX_PANE
|
||||||
|
)
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
|
||||||
userSettings = let
|
userSettings = let
|
||||||
editor = mapPrefixToSet "editor" {
|
editor = mapPrefixToSet "editor" {
|
||||||
@ -159,11 +167,9 @@ in
|
|||||||
"telemetry.telemetryLevel" = "off";
|
"telemetry.telemetryLevel" = "off";
|
||||||
"terminal.integrated.fontSize" = 14;
|
"terminal.integrated.fontSize" = 14;
|
||||||
"vsintellicode.modify.editor.suggestSelection" = "automaticallyOverrodeDefaultValue";
|
"vsintellicode.modify.editor.suggestSelection" = "automaticallyOverrodeDefaultValue";
|
||||||
|
"keyboard.dispatch" = "keyCode";
|
||||||
"window.zoomLevel" = 1;
|
"window.zoomLevel" = 1;
|
||||||
|
|
||||||
"rust-analyzer.server.path" =
|
|
||||||
toString (pkgs.writeShellScript "ra-multiplex-client" "${lib.getExe pkgs.ra-multiplex} client");
|
|
||||||
|
|
||||||
"search.exclude" = {
|
"search.exclude" = {
|
||||||
"**/node_modules" = true;
|
"**/node_modules" = true;
|
||||||
"**/bower_components" = true;
|
"**/bower_components" = true;
|
||||||
@ -196,8 +202,6 @@ in
|
|||||||
"errorLens.errorBackground" = "rgba(240,0,0,0.1)";
|
"errorLens.errorBackground" = "rgba(240,0,0,0.1)";
|
||||||
"errorLens.warningBackground" = "rgba(180,180,0,0.1)";
|
"errorLens.warningBackground" = "rgba(180,180,0,0.1)";
|
||||||
|
|
||||||
"keyboard-quickfix.showActionNotification" = false;
|
|
||||||
|
|
||||||
"liveshare.presence" = true;
|
"liveshare.presence" = true;
|
||||||
"liveshare.showInStatusBar" = "whileCollaborating";
|
"liveshare.showInStatusBar" = "whileCollaborating";
|
||||||
|
|
||||||
@ -232,9 +236,15 @@ in
|
|||||||
|
|
||||||
keybindings = [
|
keybindings = [
|
||||||
{
|
{
|
||||||
key = "ctrl+[Period]";
|
key = "alt+k";
|
||||||
command = "keyboard-quickfix.openQuickFix";
|
when = "codeActionMenuVisible";
|
||||||
when = "editorHasCodeActionsProvider && editorTextFocus && !editorReadonly";
|
command = "selectPrevCodeAction";
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
key = "alt+j";
|
||||||
|
when = "codeActionMenuVisible";
|
||||||
|
command = "selectNextCodeAction";
|
||||||
}
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
@ -299,7 +309,7 @@ in
|
|||||||
# jock.svg
|
# jock.svg
|
||||||
# ms-azuretools.vscode-docker
|
# ms-azuretools.vscode-docker
|
||||||
# ms-toolsai.jupyter
|
# ms-toolsai.jupyter
|
||||||
ms-vscode-remote.remote-ssh
|
# ms-vscode-remote.remote-ssh
|
||||||
# ms-vsliveshare.vsliveshare
|
# ms-vsliveshare.vsliveshare
|
||||||
bbenoist.nix
|
bbenoist.nix
|
||||||
christian-kohler.path-intellisense
|
christian-kohler.path-intellisense
|
||||||
@ -321,8 +331,12 @@ in
|
|||||||
rust-lang.rust-analyzer
|
rust-lang.rust-analyzer
|
||||||
mkhl.direnv
|
mkhl.direnv
|
||||||
waderyan.gitblame
|
waderyan.gitblame
|
||||||
# vs-liveshare
|
|
||||||
vscodevim.vim
|
vscodevim.vim
|
||||||
|
hbenl.vscode-test-explorer
|
||||||
|
# vitaliymaz.vscode-svg-previewer
|
||||||
|
ms-vscode.test-adapter-converter
|
||||||
|
visualstudioexptteam.vscodeintellicode
|
||||||
|
tamasfe.even-better-toml
|
||||||
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
|
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
|
||||||
{
|
{
|
||||||
name = "monokai-st3";
|
name = "monokai-st3";
|
||||||
@ -330,47 +344,17 @@ in
|
|||||||
version = "0.2.0";
|
version = "0.2.0";
|
||||||
sha256 = "1rvz5hlrfshy9laybxzvrdklx328s13j0lb8ljbda9zkadi3wcad";
|
sha256 = "1rvz5hlrfshy9laybxzvrdklx328s13j0lb8ljbda9zkadi3wcad";
|
||||||
}
|
}
|
||||||
{
|
|
||||||
name = "vscode-svgviewer";
|
|
||||||
publisher = "cssho";
|
|
||||||
version = "2.0.0";
|
|
||||||
sha256 = "06swlqiv3gc7plcbmzz795y6zwpxsdhg79k1n3jj6qngfwnv2p6z";
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
name = "comment-anchors";
|
name = "comment-anchors";
|
||||||
publisher = "ExodiusStudios";
|
publisher = "ExodiusStudios";
|
||||||
version = "1.10.3";
|
version = "1.10.4";
|
||||||
sha256 = "sha256-IyiiS4jpcghwKI0j8s69uGNZlKnZ0o78ZCT0oZeJER0=";
|
sha256 = "sha256-FvfjPpQsgCsnY1BylhLCM/qDQChf9/iTr3cKkCGfMVI=";
|
||||||
}
|
|
||||||
{
|
|
||||||
name = "vscode-test-explorer";
|
|
||||||
publisher = "hbenl";
|
|
||||||
version = "2.21.1";
|
|
||||||
sha256 = "022lnkq278ic0h9ggpqcwb3x3ivpcqjimhgirixznq0zvwyrwz3w";
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "vscode-gutter-preview";
|
name = "vscode-gutter-preview";
|
||||||
publisher = "kisstkondoros";
|
publisher = "kisstkondoros";
|
||||||
version = "0.29.0";
|
version = "0.31.2";
|
||||||
sha256 = "00vibv9xmhwaqiqzp0y2c246pqiqfjsw4bqx4vcdd67pz1wnqhg1";
|
sha256 = "sha256-2/RvDSsVL06UmNG9HchXaJMJ4FYtnpuJ2Bn53JVv1t8=";
|
||||||
}
|
|
||||||
{
|
|
||||||
name = "test-adapter-converter";
|
|
||||||
publisher = "ms-vscode";
|
|
||||||
version = "0.1.9";
|
|
||||||
sha256 = "sha256-M53jhAVawk2yCeSrLkWrUit3xbDc0zgCK2snbK+BaSs=";
|
|
||||||
}
|
|
||||||
# {
|
|
||||||
# name = "indent-rainbow";
|
|
||||||
# publisher = "oderwat";
|
|
||||||
# version = "8.2.2";
|
|
||||||
# sha256 = "1xxljwh66f21fzmhw8icrmxxmfww1s67kf5ja65a8qb1x1rhjjgf";
|
|
||||||
# }
|
|
||||||
{
|
|
||||||
name = "vscodeintellicode";
|
|
||||||
publisher = "VisualStudioExptTeam";
|
|
||||||
version = "1.2.30";
|
|
||||||
sha256 = "sha256-f2Gn+W0QHN8jD5aCG+P93Y+JDr/vs2ldGL7uQwBK4lE=";
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "keyboard-quickfix";
|
name = "keyboard-quickfix";
|
||||||
|
245
home/programs/waybar.nix
Normal file
245
home/programs/waybar.nix
Normal file
@ -0,0 +1,245 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.programs.waybar;
|
||||||
|
cfgs = cfg.settings.mainBar;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
programs.waybar = {
|
||||||
|
enable = true;
|
||||||
|
systemd.enable = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
mainBar = {
|
||||||
|
layer = "top";
|
||||||
|
position = "top";
|
||||||
|
height = 30;
|
||||||
|
|
||||||
|
# TODO: configure this per machine
|
||||||
|
# output = [ "DP-2" ];
|
||||||
|
|
||||||
|
modules-left = [ "hyprland/workspaces" ];
|
||||||
|
modules-center = [ "clock" ];
|
||||||
|
modules-right = [ "mpd" "cpu" "memory" "wireplumber" "pulseaudio/slider" "battery" "tray" ];
|
||||||
|
|
||||||
|
"hyprland/workspaces" = {
|
||||||
|
all-outputs = true;
|
||||||
|
disable-scroll = true;
|
||||||
|
persistent-workspaces = {
|
||||||
|
${lib.head cfgs.output} = [ 1 2 3 4 5 6 7 8 ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
"mpd" = {
|
||||||
|
format = "{filename}";
|
||||||
|
};
|
||||||
|
|
||||||
|
"cpu" = {
|
||||||
|
format = "[#] {usage}%";
|
||||||
|
};
|
||||||
|
|
||||||
|
"memory" = {
|
||||||
|
format = "{used}/{total}Gb";
|
||||||
|
};
|
||||||
|
|
||||||
|
"wireplumber" = {
|
||||||
|
format = "{volume}% {icon}";
|
||||||
|
format-muted = "[M]";
|
||||||
|
};
|
||||||
|
|
||||||
|
"pulseaudio/slider" = {
|
||||||
|
orientation = "horizontal";
|
||||||
|
};
|
||||||
|
|
||||||
|
"tray" = {
|
||||||
|
icon-size = 20;
|
||||||
|
spacing = 8;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
style = let
|
||||||
|
c = config.colors.defaultColorSet;
|
||||||
|
in ''
|
||||||
|
* {
|
||||||
|
font-family: FiraCode, FontAwesome, Roboto, Helvetica, Arial, sans-serif;
|
||||||
|
font-size: 13px;
|
||||||
|
}
|
||||||
|
|
||||||
|
window#waybar {
|
||||||
|
background-color: ${c.background};
|
||||||
|
color: ${c.foreground};
|
||||||
|
}
|
||||||
|
|
||||||
|
#pulseaudio-slider trough {
|
||||||
|
min-height: 10px;
|
||||||
|
min-width: 100px;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**** DEFAULT ****/
|
||||||
|
|
||||||
|
window#waybar.hidden {
|
||||||
|
opacity: 0.2;
|
||||||
|
}
|
||||||
|
|
||||||
|
button {
|
||||||
|
/* Use box-shadow instead of border so the text isn't offset */
|
||||||
|
box-shadow: inset 0 -3px transparent;
|
||||||
|
/* Avoid rounded borders under each button name */
|
||||||
|
border: none;
|
||||||
|
border-radius: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */
|
||||||
|
button:hover {
|
||||||
|
background: inherit;
|
||||||
|
box-shadow: inset 0 -3px #ffffff;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#workspaces button.empty {
|
||||||
|
color: ${c.yellow};
|
||||||
|
}
|
||||||
|
|
||||||
|
#workspaces button {
|
||||||
|
padding: 0 5px;
|
||||||
|
color: ${c.magenta};
|
||||||
|
background-color: transparent;
|
||||||
|
}
|
||||||
|
|
||||||
|
#workspaces button.visible {
|
||||||
|
color: ${c.green};
|
||||||
|
}
|
||||||
|
|
||||||
|
#workspaces button.urgent {
|
||||||
|
background-color: ${c.red};
|
||||||
|
}
|
||||||
|
|
||||||
|
#workspaces button:hover {
|
||||||
|
background: rgba(0, 0, 0, 0.2);
|
||||||
|
}
|
||||||
|
|
||||||
|
#mode {
|
||||||
|
background-color: #64727D;
|
||||||
|
box-shadow: inset 0 -3px #ffffff;
|
||||||
|
}
|
||||||
|
|
||||||
|
#clock,
|
||||||
|
#battery,
|
||||||
|
#cpu,
|
||||||
|
#memory,
|
||||||
|
#disk,
|
||||||
|
#temperature,
|
||||||
|
#backlight,
|
||||||
|
#network,
|
||||||
|
#pulseaudio,
|
||||||
|
#wireplumber,
|
||||||
|
#custom-media,
|
||||||
|
#tray,
|
||||||
|
#mode,
|
||||||
|
#idle_inhibitor,
|
||||||
|
#scratchpad,
|
||||||
|
#power-profiles-daemon,
|
||||||
|
#mpd {
|
||||||
|
padding: 0 10px;
|
||||||
|
color: ${c.foreground};
|
||||||
|
}
|
||||||
|
|
||||||
|
#window,
|
||||||
|
#workspaces {
|
||||||
|
margin: 0 4px;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* If workspaces is the leftmost module, omit left margin */
|
||||||
|
.modules-left > widget:first-child > #workspaces {
|
||||||
|
margin-left: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* If workspaces is the rightmost module, omit right margin */
|
||||||
|
.modules-right > widget:last-child > #workspaces {
|
||||||
|
margin-right: 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
#clock {
|
||||||
|
background-color: #64727D;
|
||||||
|
}
|
||||||
|
|
||||||
|
#cpu {
|
||||||
|
background-color: ${c.cyan};
|
||||||
|
color: #000000;
|
||||||
|
}
|
||||||
|
|
||||||
|
#memory {
|
||||||
|
background-color: ${c.yellow};
|
||||||
|
color: #000000;
|
||||||
|
}
|
||||||
|
|
||||||
|
#network {
|
||||||
|
background-color: #2980b9;
|
||||||
|
}
|
||||||
|
|
||||||
|
#network.disconnected {
|
||||||
|
background-color: #f53c3c;
|
||||||
|
}
|
||||||
|
|
||||||
|
#pulseaudio {
|
||||||
|
background-color: #f1c40f;
|
||||||
|
color: #000000;
|
||||||
|
}
|
||||||
|
|
||||||
|
#pulseaudio.muted {
|
||||||
|
background-color: #90b1b1;
|
||||||
|
color: #2a5c45;
|
||||||
|
}
|
||||||
|
|
||||||
|
#wireplumber {
|
||||||
|
background-color: #fff0f5;
|
||||||
|
color: #000000;
|
||||||
|
}
|
||||||
|
|
||||||
|
#wireplumber.muted {
|
||||||
|
background-color: #f53c3c;
|
||||||
|
}
|
||||||
|
|
||||||
|
#tray {
|
||||||
|
background-color: #2980b9;
|
||||||
|
}
|
||||||
|
|
||||||
|
#tray > .passive {
|
||||||
|
-gtk-icon-effect: dim;
|
||||||
|
}
|
||||||
|
|
||||||
|
#tray > .needs-attention {
|
||||||
|
-gtk-icon-effect: highlight;
|
||||||
|
background-color: #eb4d4b;
|
||||||
|
}
|
||||||
|
|
||||||
|
#mpd {
|
||||||
|
background-color: #66cc99;
|
||||||
|
color: #2a5c45;
|
||||||
|
}
|
||||||
|
|
||||||
|
#mpd.disconnected {
|
||||||
|
background-color: #f53c3c;
|
||||||
|
}
|
||||||
|
|
||||||
|
#mpd.stopped {
|
||||||
|
background-color: #90b1b1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#mpd.paused {
|
||||||
|
background-color: #51a37a;
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
# background-color: rgba(0,0,0,0);
|
||||||
|
# border-bottom: 3px solid rgba(100, 114, 125, 0.5);
|
||||||
|
|
||||||
|
#style = ''
|
||||||
|
#'';
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.user.services.waybar = {
|
||||||
|
Service.Environment = [
|
||||||
|
"DISPLAY=:0"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
@ -89,7 +89,7 @@ myScratchpads = [ NS "ncmpcpp" spawnNC findNC layoutA
|
|||||||
-- spawnMX = "element"
|
-- spawnMX = "element"
|
||||||
spawnFB = "thunar --class=floatingThunar"
|
spawnFB = "thunar --class=floatingThunar"
|
||||||
spawnEX = "emacs --name=floatingEmacs"
|
spawnEX = "emacs --name=floatingEmacs"
|
||||||
spawnSC = "sxiv -N floatingSchedule ~/uni/schedule.png"
|
spawnSC = "nsxiv -N floatingSchedule ~/uni/schedule.png"
|
||||||
spawnHP = "echo \"" ++ help ++ "\" | xmessage -file -"
|
spawnHP = "echo \"" ++ help ++ "\" | xmessage -file -"
|
||||||
|
|
||||||
findNC = title =? "ncmpcppScratchpad"
|
findNC = title =? "ncmpcppScratchpad"
|
||||||
@ -168,7 +168,7 @@ myKeys conf@(XConfig {XMonad.modMask = modm}) = M.fromList $
|
|||||||
, ((modm .|. shiftMask , xK_space ), spawn $ myTerminal ++ " -e tmux")
|
, ((modm .|. shiftMask , xK_space ), spawn $ myTerminal ++ " -e tmux")
|
||||||
|
|
||||||
-- , ((modm , xK_v ), spawn "rofi -modi lpass:$HOME/.scripts/rofi/lpass//rofi-lpass -show lpass")
|
-- , ((modm , xK_v ), spawn "rofi -modi lpass:$HOME/.scripts/rofi/lpass//rofi-lpass -show lpass")
|
||||||
, ((modm .|. shiftMask, xK_d ), viewDropboxStatus)
|
-- , ((modm .|. shiftMask, xK_d ), viewDropboxStatus)
|
||||||
]
|
]
|
||||||
|
|
||||||
termIsOpen :: X Bool
|
termIsOpen :: X Bool
|
||||||
|
4
home/programs/yt-dlp.nix
Normal file
4
home/programs/yt-dlp.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.yt-dlp.enable = true;
|
||||||
|
}
|
@ -1,26 +1,75 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
home.packages = with pkgs; [ zed-editor ];
|
programs.zed-editor = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
xdg.configFile."zed/settings.json".source = let
|
userSettings = {
|
||||||
format = pkgs.formats.json { };
|
load_direnv = "shell_hook";
|
||||||
in format.generate "zed-settings.json" {
|
base_keymap = "VSCode";
|
||||||
autosave = "off";
|
|
||||||
buffer_font_family = "Fira Code";
|
|
||||||
load_direnv = "shell_hook";
|
|
||||||
format_on_save = "off";
|
|
||||||
|
|
||||||
telemetry = {
|
autosave = "off";
|
||||||
diagnostics = false;
|
format_on_save = "off";
|
||||||
metrics = false;
|
remove_trailing_whitespace_on_save = false;
|
||||||
|
|
||||||
|
tab_size = 2;
|
||||||
|
|
||||||
|
ui_font_family = "Noto Sans";
|
||||||
|
buffer_font_family = "Fira Code";
|
||||||
|
terminal.font_family = "Fira Code";
|
||||||
|
|
||||||
|
telemetry = {
|
||||||
|
diagnostics = false;
|
||||||
|
metrics = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
vim_mode = true;
|
||||||
|
|
||||||
|
theme = {
|
||||||
|
mode = "dark";
|
||||||
|
light = "monokai Classic";
|
||||||
|
dark = "monokai Darker Classic";
|
||||||
|
};
|
||||||
|
|
||||||
|
file_scan_exclusions = [
|
||||||
|
"**/.git"
|
||||||
|
"**/.svn"
|
||||||
|
"**/.hg"
|
||||||
|
"**/.jj"
|
||||||
|
"**/CVS"
|
||||||
|
"**/.DS_Store"
|
||||||
|
"**/Thumbs.db"
|
||||||
|
"**/.classpath"
|
||||||
|
"**/.settings"
|
||||||
|
|
||||||
|
"**/.direnv"
|
||||||
|
];
|
||||||
|
|
||||||
|
git.inline_blame.enable = false;
|
||||||
|
|
||||||
|
indent_guides = {
|
||||||
|
enabled = true;
|
||||||
|
coloring = "indent_aware";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
vim_mode = true;
|
userKeymaps = [
|
||||||
|
{
|
||||||
|
context = "Workspace";
|
||||||
|
bindings = {
|
||||||
|
ctrl-j = "workspace::NewTerminal";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
theme = {
|
extensions = [
|
||||||
mod = "dark";
|
"basher"
|
||||||
dark = "monokai Classic";
|
"dart"
|
||||||
};
|
"dockerfile"
|
||||||
|
"html"
|
||||||
|
"nix"
|
||||||
|
"sql"
|
||||||
|
"toml"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
xdg.configFile."zed/themes/monokai.json".source = let
|
xdg.configFile."zed/themes/monokai.json".source = let
|
||||||
|
4
home/programs/zoxide.nix
Normal file
4
home/programs/zoxide.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
programs.zoxide.enable = true;
|
||||||
|
}
|
@ -1,9 +1,9 @@
|
|||||||
{ pkgs, config, ... }:
|
{ config, pkgs, lib, machineVars, ... }:
|
||||||
{
|
{
|
||||||
services.dunst = {
|
services.dunst = {
|
||||||
enable = true;
|
enable = true;
|
||||||
iconTheme = {
|
iconTheme = {
|
||||||
package = pkgs.gnome.adwaita-icon-theme;
|
package = pkgs.adwaita-icon-theme;
|
||||||
name = "Adwaita";
|
name = "Adwaita";
|
||||||
size = "32x32";
|
size = "32x32";
|
||||||
};
|
};
|
||||||
@ -13,9 +13,9 @@
|
|||||||
class = "Dunst";
|
class = "Dunst";
|
||||||
browser = "${pkgs.xdg-utils}/bin/xdg-open";
|
browser = "${pkgs.xdg-utils}/bin/xdg-open";
|
||||||
|
|
||||||
offset = let
|
offset = lib.mkIf (!machineVars.wayland) (let
|
||||||
status-bar-height = config.services.polybar.settings."bar/top".height;
|
status-bar-height = config.services.polybar.settings."bar/top".height;
|
||||||
in "15x${toString (status-bar-height + 10)}";
|
in "15x${toString (status-bar-height + 10)}");
|
||||||
|
|
||||||
corner_radius = 0;
|
corner_radius = 0;
|
||||||
font = "Droid Sans 9";
|
font = "Droid Sans 9";
|
||||||
@ -47,14 +47,14 @@
|
|||||||
background = config.colors.defaultColorSet.background;
|
background = config.colors.defaultColorSet.background;
|
||||||
timeout = 4;
|
timeout = 4;
|
||||||
};
|
};
|
||||||
|
|
||||||
urgency_normal = {
|
urgency_normal = {
|
||||||
frame_color = config.colors.defaultColorSet.green;
|
frame_color = config.colors.defaultColorSet.green;
|
||||||
foreground = config.colors.defaultColorSet.foreground;
|
foreground = config.colors.defaultColorSet.foreground;
|
||||||
background = config.colors.defaultColorSet.background;
|
background = config.colors.defaultColorSet.background;
|
||||||
timeout = 6;
|
timeout = 6;
|
||||||
};
|
};
|
||||||
|
|
||||||
urgency_critical = {
|
urgency_critical = {
|
||||||
frame_color = config.colors.defaultColorSet.red;
|
frame_color = config.colors.defaultColorSet.red;
|
||||||
foreground = config.colors.defaultColorSet.red;
|
foreground = config.colors.defaultColorSet.red;
|
||||||
|
@ -132,5 +132,6 @@ in
|
|||||||
Service.Restart="on-failure";
|
Service.Restart="on-failure";
|
||||||
Service.ExecStart = lib.mkForce "${fcitx5Package}/bin/fcitx5";
|
Service.ExecStart = lib.mkForce "${fcitx5Package}/bin/fcitx5";
|
||||||
Service.ExecReload = "/bin/kill -HUP $MAINPID";
|
Service.ExecReload = "/bin/kill -HUP $MAINPID";
|
||||||
|
Install.Alias = "fcitx5.service";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
4
home/services/gnome-keyring.nix
Normal file
4
home/services/gnome-keyring.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ machineVars, ... }:
|
||||||
|
{
|
||||||
|
services.gnome-keyring.enable = !machineVars.headless;
|
||||||
|
}
|
5
home/services/keybase.nix
Normal file
5
home/services/keybase.nix
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.keybase.enable = true;
|
||||||
|
services.kbfs.enable = true;
|
||||||
|
}
|
@ -1,28 +1,141 @@
|
|||||||
{ config, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.services.mpd;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
services.mpd = rec {
|
services.mpd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
musicDirectory = config.xdg.userDirs.music;
|
musicDirectory = config.xdg.userDirs.music;
|
||||||
playlistDirectory = "${musicDirectory}/playlists/MPD";
|
playlistDirectory = "${cfg.musicDirectory}/playlists/MPD";
|
||||||
network.startWhenNeeded = true;
|
network.startWhenNeeded = true;
|
||||||
|
|
||||||
# TODO: make the path specific to the user unit
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
audio_output {
|
pid_file "/run/user/${toString config.home.uid}/mpd/pid"
|
||||||
type "fifo"
|
|
||||||
name "Visualizer feed"
|
zeroconf_enabled "no"
|
||||||
path "/tmp/mpd.fifo"
|
|
||||||
format "44100:16:2"
|
replaygain "auto"
|
||||||
}
|
|
||||||
|
restore_paused "yes"
|
||||||
|
|
||||||
|
auto_update "no"
|
||||||
|
|
||||||
audio_output {
|
audio_output {
|
||||||
type "pipewire"
|
type "pipewire"
|
||||||
name "PipeWire Sound Server"
|
name "PipeWire Sound Server"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
audio_output {
|
||||||
|
type "fifo"
|
||||||
|
name "Visualizer feed"
|
||||||
|
path "/run/user/${toString config.home.uid}/mpd/visualizer.fifo"
|
||||||
|
format "44100:16:2"
|
||||||
|
}
|
||||||
|
|
||||||
|
resampler {
|
||||||
|
plugin "soxr"
|
||||||
|
quality "very high"
|
||||||
|
}
|
||||||
|
|
||||||
|
playlist_plugin {
|
||||||
|
name "cue"
|
||||||
|
enabled "true"
|
||||||
|
}
|
||||||
|
|
||||||
|
playlist_plugin {
|
||||||
|
name "m3u"
|
||||||
|
enabled "true"
|
||||||
|
}
|
||||||
|
|
||||||
|
playlist_plugin {
|
||||||
|
name "extm3u"
|
||||||
|
enabled "true"
|
||||||
|
}
|
||||||
|
|
||||||
|
playlist_plugin {
|
||||||
|
name "flac"
|
||||||
|
enabled "true"
|
||||||
|
}
|
||||||
|
|
||||||
|
playlist_plugin {
|
||||||
|
name "rss"
|
||||||
|
enabled "true"
|
||||||
|
}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: disable auto_update and use systemd path to listen for changes
|
|
||||||
# TODO: upstream unix socket support to home-manager
|
# TODO: upstream unix socket support to home-manager
|
||||||
|
|
||||||
|
systemd.user.services.mpd = {
|
||||||
|
Unit = {
|
||||||
|
Documentation = [
|
||||||
|
"man:mpd(1)"
|
||||||
|
"man:mpd.conf(5)"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
Service = {
|
||||||
|
WatchdogSec = 120;
|
||||||
|
|
||||||
|
# for io_uring
|
||||||
|
LimitMEMLOCK = "64M";
|
||||||
|
|
||||||
|
# allow MPD to use real-time priority 40
|
||||||
|
LimitRTPRIO = 40;
|
||||||
|
LimitRTTIME = "infinity";
|
||||||
|
|
||||||
|
PrivateUsers = true;
|
||||||
|
ProtectSystem = true;
|
||||||
|
NoNewPrivileges = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
RestrictAddressFamilies = [
|
||||||
|
"AF_INET"
|
||||||
|
"AF_UNIX"
|
||||||
|
];
|
||||||
|
RestrictNamespaces = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.user.paths.mpd-update-library = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Watchdog that updates the mpd library whenever the files are modified";
|
||||||
|
Documentation = [
|
||||||
|
"man:mpd(1)"
|
||||||
|
"man:mpd.conf(5)"
|
||||||
|
];
|
||||||
|
WantedBy = [ "paths.target" ];
|
||||||
|
};
|
||||||
|
Path = {
|
||||||
|
PathChanged = cfg.musicDirectory;
|
||||||
|
Unit = "mpd-update-library.service";
|
||||||
|
TriggerLimitIntervalSec = "1s";
|
||||||
|
TriggerLimitBurst = "1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.user.services.mpd-update-library = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Watchdog that updates the mpd library whenever the files are modified";
|
||||||
|
Documentation = [
|
||||||
|
"man:mpd(1)"
|
||||||
|
"man:mpd.conf(5)"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
Service = {
|
||||||
|
Type = "oneshot";
|
||||||
|
ExecStart = "${lib.getExe pkgs.mpc-cli} update --wait";
|
||||||
|
|
||||||
|
PrivateUsers = true;
|
||||||
|
ProtectSystem = true;
|
||||||
|
NoNewPrivileges = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
RestrictAddressFamilies = [
|
||||||
|
"AF_INET"
|
||||||
|
"AF_UNIX"
|
||||||
|
];
|
||||||
|
RestrictNamespaces = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
4
home/services/network-manager.nix
Normal file
4
home/services/network-manager.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ machineVars, ... }:
|
||||||
|
{
|
||||||
|
services.network-manager-applet.enable = !machineVars.headless;
|
||||||
|
}
|
4
home/services/psd.nix
Normal file
4
home/services/psd.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.psd.enable = true;
|
||||||
|
}
|
@ -1,36 +0,0 @@
|
|||||||
{ pkgs, lib, ... }:
|
|
||||||
let
|
|
||||||
format = pkgs.formats.toml { };
|
|
||||||
package = pkgs.ra-multiplex;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
xdg.configFile."ra-multiplex/config.toml".source = format.generate "ra-multiplex-config.toml" {
|
|
||||||
# listen = "/var/run/user/1001/ra-mux/ra-multiplex.sock";
|
|
||||||
# connect = "/var/run/user/1001/ra-mux/ra-multiplex.sock";
|
|
||||||
listen = [ "127.0.0.1" 27631 ];
|
|
||||||
connect = [ "127.0.0.1" 27631 ];
|
|
||||||
pass_environment = [
|
|
||||||
"RUST_SRC_PATH"
|
|
||||||
"RUSTC_WRAPPER"
|
|
||||||
"SCCACHE_DIR"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.user.services.ra-multiplex = {
|
|
||||||
Unit = {
|
|
||||||
Description = "Rust analyzer multiplex server";
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
|
||||||
Type = "simple";
|
|
||||||
ExecStart = "${lib.getExe package} server";
|
|
||||||
Environment = [
|
|
||||||
"PATH=${lib.makeBinPath [ pkgs.rust-analyzer ]}"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "default.target" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -22,11 +22,11 @@ in
|
|||||||
|
|
||||||
# Volume
|
# Volume
|
||||||
|
|
||||||
"super + {@F7,@F8}" = "${pkgs.alsaUtils}/bin/amixer set Master 2%{-,+}";
|
"super + {@F7,@F8}" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%{-,+}";
|
||||||
|
|
||||||
"{XF86AudioLowerVolume,XF86AudioRaiseVolume}" = "${pkgs.alsaUtils}/bin/amixer set Master 2%{-,+}";
|
"{XF86AudioLowerVolume,XF86AudioRaiseVolume}" = "${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%{-,+}";
|
||||||
|
|
||||||
"XF86AudioMute" = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
"XF86AudioMute" = "${pkgs.wireplumber}/bin/wpctl set-mute toggle";
|
||||||
|
|
||||||
# Music
|
# Music
|
||||||
|
|
||||||
|
@ -14,6 +14,19 @@
|
|||||||
exe = if pkg.meta ? mainProgram then pkg.meta.mainProgram else name;
|
exe = if pkg.meta ? mainProgram then pkg.meta.mainProgram else name;
|
||||||
in "${pkg}/bin/${exe}";
|
in "${pkg}/bin/${exe}";
|
||||||
in {
|
in {
|
||||||
|
sops.secrets."nordicsemi/envvars" = {
|
||||||
|
sopsFile = ../secrets/home.yaml;
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
programs.bash.bashrcExtra = ''
|
||||||
|
source "${config.sops.secrets."nordicsemi/envvars".path}"
|
||||||
|
'';
|
||||||
|
|
||||||
|
programs.zsh.envExtra = ''
|
||||||
|
source "${config.sops.secrets."nordicsemi/envvars".path}"
|
||||||
|
'';
|
||||||
|
|
||||||
local.shell.aliases = {
|
local.shell.aliases = {
|
||||||
|
|
||||||
# ░█▀▄░█▀▀░█▀█░█░░░█▀█░█▀▀░█▀▀░█▄█░█▀▀░█▀█░▀█▀░█▀▀
|
# ░█▀▄░█▀▀░█▀█░█░░░█▀█░█▀▀░█▀▀░█▄█░█▀▀░█▀█░▀█▀░█▀▀
|
||||||
@ -48,6 +61,7 @@ in {
|
|||||||
findx = p "fd";
|
findx = p "fd";
|
||||||
|
|
||||||
ag = "${pkgs.ripgrep}/bin/rg";
|
ag = "${pkgs.ripgrep}/bin/rg";
|
||||||
|
sxiv = "${pkgs.nsxiv}/bin/nsxiv";
|
||||||
|
|
||||||
lls = "${pkgs.coreutils}/bin/ls --color=always";
|
lls = "${pkgs.coreutils}/bin/ls --color=always";
|
||||||
ls = p "eza";
|
ls = p "eza";
|
||||||
@ -257,6 +271,7 @@ in {
|
|||||||
p = "${pkgs.python3Packages.ipython}/bin/ipython";
|
p = "${pkgs.python3Packages.ipython}/bin/ipython";
|
||||||
s = p "sxiv";
|
s = p "sxiv";
|
||||||
v = p "mpv";
|
v = p "mpv";
|
||||||
|
zed = p "zed-editor";
|
||||||
zt = p "zathura";
|
zt = p "zathura";
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -290,6 +305,11 @@ in {
|
|||||||
view-latex = "${pkgs.texlive.combined.scheme-full}/bin/latexmk -pdf -pvc main.tex";
|
view-latex = "${pkgs.texlive.combined.scheme-full}/bin/latexmk -pdf -pvc main.tex";
|
||||||
|
|
||||||
reload-tmux = "${p "tmux"} source $HOME/.config/tmux/tmux.conf";
|
reload-tmux = "${p "tmux"} source $HOME/.config/tmux/tmux.conf";
|
||||||
|
|
||||||
|
nordic-vpn = lib.concatStringsSep " | " [
|
||||||
|
"${p "gpauth"} \"$NORDIC_VPN_ENDPOINT\" --gateway --browser default 2>/dev/null"
|
||||||
|
"sudo ${p "gpclient"} connect \"$NORDIC_VPN_ENDPOINT\" --as-gateway --cookie-on-stdin"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# ░█▀▀░█▀▀░█▀█░█▀▀░█▀▄░█▀█░▀█▀░█▀▀░█▀▄
|
# ░█▀▀░█▀▀░█▀█░█▀▀░█▀▄░█▀█░▀█▀░█▀▀░█▀▄
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ pkgs, unstable-pkgs, lib, extendedLib, config, inputs, secrets, ... }:
|
{ config, pkgs, lib, extendedLib, ... }:
|
||||||
let
|
let
|
||||||
inherit (config) machineVars;
|
inherit (config) machineVars;
|
||||||
in {
|
in {
|
||||||
@ -11,8 +11,14 @@ in {
|
|||||||
./programs/nix-ld.nix
|
./programs/nix-ld.nix
|
||||||
./programs/ssh.nix
|
./programs/ssh.nix
|
||||||
./programs/usbtop.nix
|
./programs/usbtop.nix
|
||||||
|
./programs/wireshark.nix
|
||||||
|
|
||||||
./services/dbus.nix
|
./services/dbus.nix
|
||||||
|
./services/fwupd.nix
|
||||||
|
./services/irqbalance.nix
|
||||||
|
./services/journald.nix
|
||||||
|
./services/libinput.nix
|
||||||
|
./services/logind.nix
|
||||||
./services/openssh.nix
|
./services/openssh.nix
|
||||||
./services/pcscd.nix
|
./services/pcscd.nix
|
||||||
./services/pipewire.nix
|
./services/pipewire.nix
|
||||||
@ -20,16 +26,20 @@ in {
|
|||||||
./services/resolved.nix
|
./services/resolved.nix
|
||||||
./services/smartd.nix
|
./services/smartd.nix
|
||||||
./services/systemd-lock-handler.nix
|
./services/systemd-lock-handler.nix
|
||||||
|
./services/uptimed.nix
|
||||||
|
./services/userborn.nix
|
||||||
./services/xserver.nix
|
./services/xserver.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# systemd.enableStrictShellChecks = true;
|
||||||
|
|
||||||
sops.defaultSopsFile = ./../.. + "/secrets/${config.networking.hostName}.yaml";
|
sops.defaultSopsFile = ./../.. + "/secrets/${config.networking.hostName}.yaml";
|
||||||
|
|
||||||
time.timeZone = "Europe/Oslo";
|
time.timeZone = "Europe/Oslo";
|
||||||
|
|
||||||
console = {
|
console = {
|
||||||
font = "Lat2-Terminus16";
|
font = lib.mkDefault "Lat2-Terminus16";
|
||||||
keyMap = "us";
|
keyMap = lib.mkDefault "us";
|
||||||
};
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
@ -103,6 +113,7 @@ in {
|
|||||||
"media"
|
"media"
|
||||||
"minecraft"
|
"minecraft"
|
||||||
"networkmanager"
|
"networkmanager"
|
||||||
|
"rtkit"
|
||||||
"scanner"
|
"scanner"
|
||||||
"video"
|
"video"
|
||||||
"wheel"
|
"wheel"
|
||||||
@ -123,13 +134,6 @@ in {
|
|||||||
android-udev-rules
|
android-udev-rules
|
||||||
light
|
light
|
||||||
];
|
];
|
||||||
|
|
||||||
libinput = {
|
|
||||||
enable = !config.machineVars.headless;
|
|
||||||
touchpad.disableWhileTyping = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
displayManager.defaultSession = "none+xmonad";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
@ -137,6 +141,14 @@ in {
|
|||||||
git.enable = true;
|
git.enable = true;
|
||||||
tmux.enable = true;
|
tmux.enable = true;
|
||||||
zsh.enable = true;
|
zsh.enable = true;
|
||||||
|
hyprland = lib.mkIf config.machineVars.wayland {
|
||||||
|
enable = true;
|
||||||
|
withUWSM = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
security.pam.services = lib.mkIf (config.machineVars.wayland) {
|
||||||
|
hyprlock = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
system.extraDependencies =
|
system.extraDependencies =
|
||||||
@ -178,12 +190,48 @@ in {
|
|||||||
sqlite-web
|
sqlite-web
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
# Realtime scheduling for pipewire and mpd
|
||||||
security.rtkit.enable = !config.machineVars.headless;
|
security.rtkit.enable = !config.machineVars.headless;
|
||||||
|
|
||||||
|
security.tpm2.enable = lib.mkDefault true;
|
||||||
|
security.tpm2.abrmd.enable = lib.mkDefault config.security.tpm2.enable;
|
||||||
security.sudo.extraConfig = let
|
security.sudo.extraConfig = let
|
||||||
sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n");
|
sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n");
|
||||||
in ''
|
in ''
|
||||||
Defaults lecture = always
|
Defaults lecture = always
|
||||||
Defaults lecture_file = ${sudoLecture}
|
Defaults lecture_file = ${sudoLecture}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
|
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/profiles/hardened.nix
|
||||||
|
boot.blacklistedKernelModules = [
|
||||||
|
# Obscure network protocols
|
||||||
|
"ax25"
|
||||||
|
"netrom"
|
||||||
|
"rose"
|
||||||
|
|
||||||
|
# Old or rare or insufficiently audited filesystems
|
||||||
|
"adfs"
|
||||||
|
"affs"
|
||||||
|
"bfs"
|
||||||
|
"befs"
|
||||||
|
"cramfs"
|
||||||
|
"efs"
|
||||||
|
# "erofs" // used by systemd
|
||||||
|
"exofs"
|
||||||
|
"freevxfs"
|
||||||
|
"f2fs"
|
||||||
|
"hfs"
|
||||||
|
"hpfs"
|
||||||
|
"jfs"
|
||||||
|
"minix"
|
||||||
|
"nilfs2"
|
||||||
|
"ntfs"
|
||||||
|
"omfs"
|
||||||
|
"qnx4"
|
||||||
|
"qnx6"
|
||||||
|
"sysv"
|
||||||
|
"ufs"
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
@ -35,10 +35,24 @@
|
|||||||
|
|
||||||
fontconfig = {
|
fontconfig = {
|
||||||
defaultFonts = {
|
defaultFonts = {
|
||||||
serif = [ "Droid Sans Serif" "Ubuntu" ];
|
serif = [
|
||||||
sansSerif = [ "Droid Sans" "Ubuntu" ];
|
"Droid Sans Serif"
|
||||||
monospace = [ "Fira Code" "Ubuntu" ];
|
"Noto Serif CJK JP"
|
||||||
emoji = [ "Noto Sans Emoji" ];
|
"Ubuntu"
|
||||||
|
];
|
||||||
|
sansSerif = [
|
||||||
|
"Droid Sans"
|
||||||
|
"Noto Sans Serif CJK JP"
|
||||||
|
"Ubuntu"
|
||||||
|
];
|
||||||
|
monospace = [
|
||||||
|
"Fira Code"
|
||||||
|
"Noto Sans Mono CJK JP"
|
||||||
|
"Ubuntu"
|
||||||
|
];
|
||||||
|
emoji = [
|
||||||
|
"Noto Sans Emoji"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -3,7 +3,6 @@
|
|||||||
sops.secrets."ssh/nix-builders/bob/key" = { sopsFile = ./../../../secrets/common.yaml; };
|
sops.secrets."ssh/nix-builders/bob/key" = { sopsFile = ./../../../secrets/common.yaml; };
|
||||||
|
|
||||||
nix.buildMachines = [{
|
nix.buildMachines = [{
|
||||||
# Login details configured in ssh module in nix-secrets
|
|
||||||
hostName = "nix-builder-bob";
|
hostName = "nix-builder-bob";
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
speedFactor = 5;
|
speedFactor = 5;
|
||||||
@ -14,8 +13,8 @@
|
|||||||
"big-paralell"
|
"big-paralell"
|
||||||
];
|
];
|
||||||
mandatoryFeatures = [ ];
|
mandatoryFeatures = [ ];
|
||||||
# sshUser = secrets.ssh.users.pvv.normalUser;
|
sshUser = "oysteikt";
|
||||||
# sshKey = config.sops.secrets."ssh/nix-builders/bob/key".path;
|
sshKey = config.sops.secrets."ssh/nix-builders/bob/key".path;
|
||||||
}];
|
}];
|
||||||
|
|
||||||
programs.ssh = {
|
programs.ssh = {
|
||||||
|
@ -1,16 +1,15 @@
|
|||||||
{ config, secrets, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
sops.secrets."ssh/nix-builders/isvegg/key" = { sopsFile = ./../../../secrets/common.yaml; };
|
sops.secrets."ssh/nix-builders/isvegg/key" = { sopsFile = ./../../../secrets/common.yaml; };
|
||||||
|
|
||||||
nix.buildMachines = [{
|
nix.buildMachines = [{
|
||||||
# Login details configured in ssh module in nix-secrets
|
|
||||||
hostName = "nix-builder-isvegg";
|
hostName = "nix-builder-isvegg";
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
speedFactor = 1;
|
speedFactor = 1;
|
||||||
maxJobs = 8;
|
maxJobs = 8;
|
||||||
supportedFeatures = [ ];
|
supportedFeatures = [ ];
|
||||||
mandatoryFeatures = [ ];
|
mandatoryFeatures = [ ];
|
||||||
sshUser = secrets.ssh.users.pvv.normalUser;
|
sshUser = "oysteikt";
|
||||||
sshKey = config.sops.secrets."ssh/nix-builders/isvegg/key".path;
|
sshKey = config.sops.secrets."ssh/nix-builders/isvegg/key".path;
|
||||||
}];
|
}];
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ config, secrets, ... }:
|
{ config, ... }:
|
||||||
{
|
{
|
||||||
# TODO: install public key on tsuki declaratively
|
# TODO: install public key on tsuki declaratively
|
||||||
sops.secrets = {
|
sops.secrets = {
|
||||||
@ -7,7 +7,6 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
nix.buildMachines = [{
|
nix.buildMachines = [{
|
||||||
# Login details configured in ssh module in nix-secrets
|
|
||||||
hostName = "nix-builder-tsukir";
|
hostName = "nix-builder-tsukir";
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
speedFactor = 2;
|
speedFactor = 2;
|
||||||
@ -26,7 +25,8 @@
|
|||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
Host nix-builder-tsukir
|
Host nix-builder-tsukir
|
||||||
HostName gingakei.loginto.me
|
HostName gingakei.loginto.me
|
||||||
Port ${toString secrets.ports.ssh.home-in}
|
Port 45497
|
||||||
|
IdentityFile ${config.sops.secrets."ssh/nix-builders/tsuki/key".path}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# knownHosts.tsukir = {
|
# knownHosts.tsukir = {
|
||||||
|
@ -43,6 +43,11 @@
|
|||||||
type = "path";
|
type = "path";
|
||||||
path = "/home/h7x4/git/nixpkgs-tools";
|
path = "/home/h7x4/git/nixpkgs-tools";
|
||||||
};
|
};
|
||||||
|
shells.to = {
|
||||||
|
type = "git";
|
||||||
|
url = "https://git.pvv.ntnu.no/oysteikt/shells.git";
|
||||||
|
ref = "main";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
10
hosts/common/programs/wireshark.nix
Normal file
10
hosts/common/programs/wireshark.nix
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
let
|
||||||
|
inherit (config) machineVars;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
programs.wireshark = {
|
||||||
|
enable = !config.machineVars.headless;
|
||||||
|
package = pkgs.wireshark;
|
||||||
|
};
|
||||||
|
}
|
@ -2,6 +2,7 @@
|
|||||||
{
|
{
|
||||||
services.dbus = {
|
services.dbus = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
implementation = "broker";
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
gcr
|
gcr
|
||||||
dconf
|
dconf
|
||||||
|
4
hosts/common/services/fwupd.nix
Normal file
4
hosts/common/services/fwupd.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.fwupd.enable = true;
|
||||||
|
}
|
4
hosts/common/services/irqbalance.nix
Normal file
4
hosts/common/services/irqbalance.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.irqbalance.enable = true;
|
||||||
|
}
|
6
hosts/common/services/journald.nix
Normal file
6
hosts/common/services/journald.nix
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.journald.extraConfig = ''
|
||||||
|
MaxFileSec=30day
|
||||||
|
'';
|
||||||
|
}
|
7
hosts/common/services/libinput.nix
Normal file
7
hosts/common/services/libinput.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ config, ...}:
|
||||||
|
{
|
||||||
|
services.libinput = {
|
||||||
|
enable = !config.machineVars.headless;
|
||||||
|
touchpad.disableWhileTyping = true;
|
||||||
|
};
|
||||||
|
}
|
6
hosts/common/services/logind.nix
Normal file
6
hosts/common/services/logind.nix
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.logind = {
|
||||||
|
powerKeyLongPress = "poweroff";
|
||||||
|
};
|
||||||
|
}
|
@ -1,4 +1,77 @@
|
|||||||
{ config, ... }:
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.services.printing;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
services.printing.enable = !config.machineVars.headless;
|
# services.printing.enable = !config.machineVars.headless;
|
||||||
|
services.printing.enable = false;
|
||||||
|
|
||||||
|
systemd.services = lib.mkIf cfg.enable {
|
||||||
|
cups.serviceConfig = {
|
||||||
|
PrivateTmp = true;
|
||||||
|
ProtectSystem = "strict";
|
||||||
|
ProtectHome = true;
|
||||||
|
ProtectClock= true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
ProtectHostname = true;
|
||||||
|
ProtectKernelLogs = true;
|
||||||
|
ProtectKernelModules = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
PrivateDevices = true;
|
||||||
|
NoNewPrivileges = true;
|
||||||
|
# User =
|
||||||
|
AmbientCapabilities = [ "" ];
|
||||||
|
CapabilityBoundingSet = [ "" ];
|
||||||
|
DevicePolicy = "closed";
|
||||||
|
KeyringMode = "private";
|
||||||
|
LockPersonality = true;
|
||||||
|
MemoryDenyWriteExecute = true;
|
||||||
|
PrivateUsers = true;
|
||||||
|
RemoveIPC = true;
|
||||||
|
# RestrictAddressFamilies = [ "" ];
|
||||||
|
RestrictNamespaces=true;
|
||||||
|
RestrictRealtime=true;
|
||||||
|
RestrictSUIDSGID=true;
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
SystemCallFilter = [
|
||||||
|
"@system-service"
|
||||||
|
"~@privileged"
|
||||||
|
];
|
||||||
|
UMask = "0077";
|
||||||
|
};
|
||||||
|
cups-browsed.serviceConfig = lib.mkIf cfg.enable {
|
||||||
|
PrivateTmp = true;
|
||||||
|
ProtectSystem = "strict";
|
||||||
|
ProtectHome = true;
|
||||||
|
ProtectClock= true;
|
||||||
|
ProtectControlGroups = true;
|
||||||
|
ProtectHostname = true;
|
||||||
|
ProtectKernelLogs = true;
|
||||||
|
ProtectKernelModules = true;
|
||||||
|
ProtectKernelTunables = true;
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
PrivateDevices = true;
|
||||||
|
NoNewPrivileges = true;
|
||||||
|
# User =
|
||||||
|
AmbientCapabilities = [ "" ];
|
||||||
|
CapabilityBoundingSet = [ "" ];
|
||||||
|
DevicePolicy = "closed";
|
||||||
|
KeyringMode = "private";
|
||||||
|
LockPersonality = true;
|
||||||
|
MemoryDenyWriteExecute = true;
|
||||||
|
PrivateUsers = true;
|
||||||
|
RemoveIPC = true;
|
||||||
|
# RestrictAddressFamilies = [ "" ];
|
||||||
|
RestrictNamespaces=true;
|
||||||
|
RestrictRealtime=true;
|
||||||
|
RestrictSUIDSGID=true;
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
SystemCallFilter = [
|
||||||
|
"@system-service"
|
||||||
|
"~@privileged"
|
||||||
|
];
|
||||||
|
UMask = "0077";
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
4
hosts/common/services/uptimed.nix
Normal file
4
hosts/common/services/uptimed.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.uptimed.enable = true;
|
||||||
|
}
|
4
hosts/common/services/userborn.nix
Normal file
4
hosts/common/services/userborn.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.userborn.enable = true;
|
||||||
|
}
|
@ -1,19 +1,41 @@
|
|||||||
{ config, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
services.xserver = {
|
services.displayManager = lib.mkIf (!config.machineVars.headless) {
|
||||||
enable = !config.machineVars.headless;
|
enable = true;
|
||||||
|
defaultSession = "none+xmonad";
|
||||||
|
sddm = {
|
||||||
|
enable = true;
|
||||||
|
wayland.enable = config.machineVars.wayland;
|
||||||
|
package = pkgs.kdePackages.sddm;
|
||||||
|
theme = "sddm-astronaut-theme";
|
||||||
|
extraPackages = [
|
||||||
|
pkgs.kdePackages.qt5compat
|
||||||
|
# pkgs.sddm-astronaut
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
(pkgs.sddm-astronaut.override {
|
||||||
|
themeConfig = {
|
||||||
|
PartialBlur = false;
|
||||||
|
# Background = "Backgrounds/";
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
services.xserver = lib.mkIf (!config.machineVars.headless) {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
xkb = {
|
xkb = {
|
||||||
layout = "us";
|
layout = "us";
|
||||||
options = "caps:escape";
|
options = "caps:escape";
|
||||||
};
|
};
|
||||||
|
|
||||||
# desktopManager = {
|
desktopManager = {
|
||||||
# xterm.enable = false;
|
xterm.enable = true;
|
||||||
# xfce.enable = !config.machineVars.headless;
|
xfce.enable = true;
|
||||||
# };
|
};
|
||||||
|
|
||||||
displayManager.lightdm.enable = !config.machineVars.headless;
|
|
||||||
|
|
||||||
windowManager.xmonad = {
|
windowManager.xmonad = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -1,8 +1,10 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
||||||
|
./programs/nrfutil.nix
|
||||||
|
|
||||||
./services/avahi.nix
|
./services/avahi.nix
|
||||||
./services/docker.nix
|
./services/docker.nix
|
||||||
./services/jenkins.nix
|
./services/jenkins.nix
|
||||||
@ -32,6 +34,8 @@
|
|||||||
development = true;
|
development = true;
|
||||||
creative = true;
|
creative = true;
|
||||||
|
|
||||||
|
wayland = true;
|
||||||
|
|
||||||
dataDrives = let
|
dataDrives = let
|
||||||
main = "/data";
|
main = "/data";
|
||||||
in {
|
in {
|
||||||
@ -75,14 +79,11 @@
|
|||||||
fstrim.enable = true;
|
fstrim.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nix.buildMachines = lib.mkForce [ ];
|
||||||
|
|
||||||
hardware = {
|
hardware = {
|
||||||
bluetooth.enable = true;
|
bluetooth.enable = true;
|
||||||
enableRedistributableFirmware = true;
|
enableRedistributableFirmware = true;
|
||||||
keyboard.zsa.enable = true;
|
keyboard.zsa.enable = true;
|
||||||
opengl = {
|
|
||||||
enable = true;
|
|
||||||
driSupport = true;
|
|
||||||
driSupport32Bit = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,11 @@
|
|||||||
{ config, ... }:
|
{ config, pkgs, ... }:
|
||||||
{
|
{
|
||||||
home.stateVersion = "24.05";
|
home.stateVersion = "24.05";
|
||||||
|
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
groovy
|
||||||
|
];
|
||||||
|
|
||||||
programs.ssh.matchBlocks = {
|
programs.ssh.matchBlocks = {
|
||||||
"tsuki-ws" = {
|
"tsuki-ws" = {
|
||||||
user = "h7x4";
|
user = "h7x4";
|
||||||
@ -9,7 +13,8 @@
|
|||||||
port = 10022;
|
port = 10022;
|
||||||
};
|
};
|
||||||
|
|
||||||
"hildring pvv-login pvv".proxyJump = "tsuki-ws";
|
"hildring pvv-login".proxyJump = "tsuki-ws";
|
||||||
|
"drolsum pvv-login2 pvv".proxyJump = "tsuki-ws";
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets."git/nordicsemi-maintenance-repos-config" = { };
|
sops.secrets."git/nordicsemi-maintenance-repos-config" = { };
|
||||||
@ -17,4 +22,6 @@
|
|||||||
programs.git.includes = [
|
programs.git.includes = [
|
||||||
{ path = config.sops.secrets."git/nordicsemi-maintenance-repos-config".path; }
|
{ path = config.sops.secrets."git/nordicsemi-maintenance-repos-config".path; }
|
||||||
];
|
];
|
||||||
}
|
|
||||||
|
programs.waybar.settings.mainBar.output = [ "DP-1" ];
|
||||||
|
}
|
||||||
|
13
hosts/dosei/programs/nrfutil.nix
Normal file
13
hosts/dosei/programs/nrfutil.nix
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
nrfutil
|
||||||
|
nrfconnect
|
||||||
|
nrf-command-line-tools
|
||||||
|
];
|
||||||
|
|
||||||
|
services.udev.packages = with pkgs; [
|
||||||
|
nrf-udev
|
||||||
|
segger-jlink
|
||||||
|
];
|
||||||
|
}
|
19
hosts/dosei/services/journald-remote.nix
Normal file
19
hosts/dosei/services/journald-remote.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
# TODO: Reproducible certificates
|
||||||
|
services.journald.remote = {
|
||||||
|
enable = true;
|
||||||
|
settings.Remote = {
|
||||||
|
# ServerKeyFile = "/run/credentials/systemd-journald-remote.service/key.pem";
|
||||||
|
# ServerCertificateFile = "/run/credentials/systemd-journald-remote.service/.pem";
|
||||||
|
ServerKeyFile = "/etc/journald-remote-certs/key.pem";
|
||||||
|
ServerCertificateFile = "/etc/journald-remote-certs/cert.pem";
|
||||||
|
TrustedCertificateFile = "-";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# systemd.services.systemd-journal-remote.serviceConfig.LoadCredential = [
|
||||||
|
# "key.pem:/etc/journald-remote-certs/key.pem"
|
||||||
|
# "cert.pem:/etc/journald-remote-certs/cert.pem"
|
||||||
|
# ];
|
||||||
|
}
|
@ -7,11 +7,16 @@
|
|||||||
"services/networking/wstunnel.nix"
|
"services/networking/wstunnel.nix"
|
||||||
];
|
];
|
||||||
|
|
||||||
# NOTE: Contains
|
sops = {
|
||||||
# - WSTUNNEL_HTTP_UPGRADE_PATH_PREFIX
|
secrets."wstunnel/http-upgrade-path-prefix" = {
|
||||||
# - WSTUNNEL_RESTRICT_HTTP_UPGRADE_PATH_PREFIX
|
sopsFile = ../../../secrets/common.yaml;
|
||||||
sops.secrets."wstunnel/http-upgrade-path-prefix-envvars" = {
|
};
|
||||||
sopsFile = ../../../secrets/common.yaml;
|
templates."wstunnel-environment.env".content = let
|
||||||
|
inherit (config.sops) placeholder;
|
||||||
|
in ''
|
||||||
|
WSTUNNEL_HTTP_UPGRADE_PATH_PREFIX=${placeholder."wstunnel/http-upgrade-path-prefix"}
|
||||||
|
WSTUNNEL_RESTRICT_HTTP_UPGRADE_PATH_PREFIX=${placeholder."wstunnel/http-upgrade-path-prefix"}
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.wstunnel = {
|
services.wstunnel = {
|
||||||
@ -21,7 +26,7 @@
|
|||||||
localToRemote = [
|
localToRemote = [
|
||||||
"tcp://10022:localhost:22"
|
"tcp://10022:localhost:22"
|
||||||
];
|
];
|
||||||
environmentFile = config.sops.secrets."wstunnel/http-upgrade-path-prefix-envvars".path;
|
environmentFile = config.sops.templates."wstunnel-environment.env".path;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
|
|
||||||
./services/avahi.nix
|
./services/avahi.nix
|
||||||
./services/docker.nix
|
./services/docker.nix
|
||||||
|
./services/journald-remote.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
14
hosts/europa/services/journald-remote.nix
Normal file
14
hosts/europa/services/journald-remote.nix
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.journald.upload = {
|
||||||
|
enable = true;
|
||||||
|
settings.Upload = {
|
||||||
|
URL = "https://10.250.14.105:19532";
|
||||||
|
# ServerKeyFile = toString ./key.pem;
|
||||||
|
# ServerCertificateFile = toString ./cert.pem;
|
||||||
|
ServerKeyFile = "-";
|
||||||
|
ServerCertificateFile = "-";
|
||||||
|
TrustedCertificateFile = "-";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -2,6 +2,7 @@
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./services/avahi.nix
|
./services/avahi.nix
|
||||||
|
./services/btrfs.nix
|
||||||
./services/docker.nix
|
./services/docker.nix
|
||||||
./services/libvirtd.nix
|
./services/libvirtd.nix
|
||||||
./services/logiops.nix
|
./services/logiops.nix
|
||||||
@ -10,12 +11,18 @@
|
|||||||
./services/tailscale.nix
|
./services/tailscale.nix
|
||||||
./services/keybase.nix
|
./services/keybase.nix
|
||||||
|
|
||||||
|
./nspawn-containers/arch.nix
|
||||||
|
|
||||||
|
./testconfig.nix
|
||||||
|
];
|
||||||
|
|
||||||
system.stateVersion = "22.05";
|
system.stateVersion = "22.05";
|
||||||
|
|
||||||
boot.binfmt.emulatedSystems = [
|
boot.binfmt.emulatedSystems = [
|
||||||
"x86_64-windows"
|
"x86_64-windows"
|
||||||
"aarch64-linux"
|
"aarch64-linux"
|
||||||
"armv7l-linux"
|
"armv7l-linux"
|
||||||
|
"i686-linux"
|
||||||
];
|
];
|
||||||
|
|
||||||
nix.settings.system-features = [
|
nix.settings.system-features = [
|
||||||
@ -71,11 +78,8 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
openssh = {
|
openssh.enable = true;
|
||||||
enable = true;
|
xserver.videoDrivers = [ "nvidia" ];
|
||||||
settings.X11Forwarding = true;
|
|
||||||
};
|
|
||||||
xserver.videoDrivers = [ "amdgpu" ];
|
|
||||||
tailscale.enable = true;
|
tailscale.enable = true;
|
||||||
avahi = {
|
avahi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -91,12 +95,6 @@
|
|||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
|
initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
|
||||||
initrd.kernelModules = [ "amdgpu" ];
|
|
||||||
|
|
||||||
# kernelPackages = pkgs.linuxKernel.packages.linux_zen.zfs;
|
|
||||||
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
|
||||||
kernelModules = [ "kvm-amd" ];
|
|
||||||
supportedFilesystems = [ "zfs" ];
|
|
||||||
|
|
||||||
loader = {
|
loader = {
|
||||||
efi.canTouchEfiVariables = false;
|
efi.canTouchEfiVariables = false;
|
||||||
@ -140,10 +138,12 @@
|
|||||||
enableRedistributableFirmware = true;
|
enableRedistributableFirmware = true;
|
||||||
keyboard.zsa.enable = true;
|
keyboard.zsa.enable = true;
|
||||||
sane.enable = true;
|
sane.enable = true;
|
||||||
opengl = {
|
|
||||||
enable = true;
|
nvidia = {
|
||||||
driSupport = true;
|
modesetting.enable = true;
|
||||||
driSupport32Bit = true;
|
open = false;
|
||||||
|
nvidiaSettings = true;
|
||||||
|
package = config.boot.kernelPackages.nvidiaPackages.beta;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
28
hosts/kasei/nspawn-containers/arch.nix
Normal file
28
hosts/kasei/nspawn-containers/arch.nix
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
systemd.targets.machines.enable = true;
|
||||||
|
|
||||||
|
systemd.nspawn."arch" = {
|
||||||
|
enable = true;
|
||||||
|
execConfig.Boot = true;
|
||||||
|
|
||||||
|
filesConfig = {
|
||||||
|
BindReadOnly = [
|
||||||
|
"/nix/store"
|
||||||
|
# "/etc/resolv.conf:/etc/resolv.conf"
|
||||||
|
];
|
||||||
|
Bind = [
|
||||||
|
"/home/h7x4/git"
|
||||||
|
"/home/h7x4/pico"
|
||||||
|
"/home/h7x4/Downloads"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
networkConfig.Private = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services."systemd-nspawn@arch" = {
|
||||||
|
enable = true;
|
||||||
|
requiredBy = [ "machines.target" ];
|
||||||
|
overrideStrategy = "asDropin";
|
||||||
|
};
|
||||||
|
}
|
4
hosts/kasei/services/btrfs.nix
Normal file
4
hosts/kasei/services/btrfs.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.btrfs.autoScrub.enable = true;
|
||||||
|
}
|
6
hosts/kasei/testconfig.nix
Normal file
6
hosts/kasei/testconfig.nix
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{ ... }:
|
||||||
|
# NOTE: this file is a space where i put new configuration while i'm testing it.
|
||||||
|
# There shouldn't really be anything here, I'm not planning to commit any config here.
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
{ config, lib, secrets, modulesPath, ... }:
|
{ config, lib, modulesPath, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
@ -71,12 +71,6 @@
|
|||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
group = "media";
|
group = "media";
|
||||||
};
|
};
|
||||||
nix-builder = {
|
|
||||||
description = "User for executing distributed builds via SSH";
|
|
||||||
isSystemUser = true;
|
|
||||||
group = "nix-builder";
|
|
||||||
openssh.authorizedKeys.keyFiles = [ secrets.keys.ssh.nixBuilders.tsuki.public ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
groups = {
|
groups = {
|
||||||
media = {};
|
media = {};
|
||||||
@ -84,7 +78,11 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets."drives/cirno/credentials" = {};
|
sops.secrets."drives/cirno/password" = { };
|
||||||
|
sops.templates."drive-cirno.creds".content = ''
|
||||||
|
username=h7x4
|
||||||
|
password=${config.sops.placeholder."drives/cirno/password"}
|
||||||
|
'';
|
||||||
|
|
||||||
|
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
|
@ -1,71 +1,80 @@
|
|||||||
{ pkgs, lib, config, options, ... }: let
|
{ pkgs, lib, config, ... }: let
|
||||||
cfg = config.services.hedgedoc;
|
cfg = config.services.hedgedoc;
|
||||||
in {
|
in {
|
||||||
config = {
|
sops = {
|
||||||
# Contains CMD_SESSION_SECRET and CMD_OAUTH2_CLIENT_SECRET
|
secrets = {
|
||||||
sops.secrets."hedgedoc/env" = {
|
"hedgedoc/env/cmd_session_secret" = { };
|
||||||
|
"hedgedoc/env/cmd_oauth2_client_secret" = { };
|
||||||
|
};
|
||||||
|
templates."hedgedoc.env" = {
|
||||||
restartUnits = [ "hedgedoc.service" ];
|
restartUnits = [ "hedgedoc.service" ];
|
||||||
owner = "hedgedoc";
|
owner = "hedgedoc";
|
||||||
group = "hedgedoc";
|
group = "hedgedoc";
|
||||||
};
|
content = let
|
||||||
|
inherit (config.sops) placeholder;
|
||||||
users.groups.hedgedoc.members = [ "nginx" ];
|
in ''
|
||||||
|
CMD_SESSION_SECRET=${placeholder."hedgedoc/env/cmd_session_secret"}
|
||||||
services.hedgedoc = {
|
CMD_OAUTH2_CLIENT_SECRET=${placeholder."hedgedoc/env/cmd_oauth2_client_secret"}
|
||||||
enable = true;
|
'';
|
||||||
environmentFile = config.sops.secrets."hedgedoc/env".path;
|
|
||||||
settings = {
|
|
||||||
domain = "docs.nani.wtf";
|
|
||||||
email = false;
|
|
||||||
allowAnonymous = false;
|
|
||||||
allowAnonymousEdits = true;
|
|
||||||
protocolUseSSL = true;
|
|
||||||
|
|
||||||
path = "/run/hedgedoc/hedgedoc.sock";
|
|
||||||
|
|
||||||
db = {
|
|
||||||
username = "hedgedoc";
|
|
||||||
# TODO: set a password
|
|
||||||
database = "hedgedoc";
|
|
||||||
host = "/var/run/postgresql";
|
|
||||||
dialect = "postgres";
|
|
||||||
};
|
|
||||||
|
|
||||||
oauth2 = let
|
|
||||||
authServerUrl = config.services.kanidm.serverSettings.origin;
|
|
||||||
in rec {
|
|
||||||
baseURL = "${authServerUrl}/oauth2";
|
|
||||||
tokenURL = "${authServerUrl}/oauth2/token";
|
|
||||||
authorizationURL = "${authServerUrl}/ui/oauth2";
|
|
||||||
userProfileURL = "${authServerUrl}/oauth2/openid/${clientID}/userinfo";
|
|
||||||
|
|
||||||
clientID = "hedgedoc";
|
|
||||||
|
|
||||||
scope = "openid email profile";
|
|
||||||
userProfileUsernameAttr = "name";
|
|
||||||
userProfileEmailAttr = "email";
|
|
||||||
userProfileDisplayNameAttr = "displayname";
|
|
||||||
|
|
||||||
providerName = "KaniDM";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.postgresql = {
|
|
||||||
ensureDatabases = [ "hedgedoc" ];
|
|
||||||
|
|
||||||
ensureUsers = [{
|
|
||||||
name = "hedgedoc";
|
|
||||||
ensureDBOwnership = true;
|
|
||||||
}];
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.hedgedoc = rec {
|
|
||||||
requires = [
|
|
||||||
"postgresql.service"
|
|
||||||
"kanidm.service"
|
|
||||||
];
|
|
||||||
after = requires;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.groups.hedgedoc.members = [ "nginx" ];
|
||||||
|
|
||||||
|
services.hedgedoc = {
|
||||||
|
enable = true;
|
||||||
|
environmentFile = config.sops.templates."hedgedoc.env".path;
|
||||||
|
settings = {
|
||||||
|
domain = "docs.nani.wtf";
|
||||||
|
email = false;
|
||||||
|
allowAnonymous = false;
|
||||||
|
allowAnonymousEdits = true;
|
||||||
|
protocolUseSSL = true;
|
||||||
|
|
||||||
|
path = "/run/hedgedoc/hedgedoc.sock";
|
||||||
|
|
||||||
|
db = {
|
||||||
|
username = "hedgedoc";
|
||||||
|
# TODO: set a password
|
||||||
|
database = "hedgedoc";
|
||||||
|
host = "/var/run/postgresql";
|
||||||
|
dialect = "postgres";
|
||||||
|
};
|
||||||
|
|
||||||
|
oauth2 = let
|
||||||
|
authServerUrl = config.services.kanidm.serverSettings.origin;
|
||||||
|
in rec {
|
||||||
|
baseURL = "${authServerUrl}/oauth2";
|
||||||
|
tokenURL = "${authServerUrl}/oauth2/token";
|
||||||
|
authorizationURL = "${authServerUrl}/ui/oauth2";
|
||||||
|
userProfileURL = "${authServerUrl}/oauth2/openid/${clientID}/userinfo";
|
||||||
|
|
||||||
|
clientID = "hedgedoc";
|
||||||
|
|
||||||
|
scope = "openid email profile";
|
||||||
|
userProfileUsernameAttr = "name";
|
||||||
|
userProfileEmailAttr = "email";
|
||||||
|
userProfileDisplayNameAttr = "displayname";
|
||||||
|
|
||||||
|
providerName = "KaniDM";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.postgresql = {
|
||||||
|
ensureDatabases = [ "hedgedoc" ];
|
||||||
|
|
||||||
|
ensureUsers = [{
|
||||||
|
name = "hedgedoc";
|
||||||
|
ensureDBOwnership = true;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.hedgedoc = rec {
|
||||||
|
requires = [
|
||||||
|
"postgresql.service"
|
||||||
|
"kanidm.service"
|
||||||
|
];
|
||||||
|
after = requires;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -27,6 +27,7 @@ in {
|
|||||||
tls_chain = "${credsDir}/fullchain.pem";
|
tls_chain = "${credsDir}/fullchain.pem";
|
||||||
tls_key = "${credsDir}/key.pem";
|
tls_key = "${credsDir}/key.pem";
|
||||||
bindaddress = "127.0.0.1:8300";
|
bindaddress = "127.0.0.1:8300";
|
||||||
|
# log_level = "debug";
|
||||||
online_backup = {
|
online_backup = {
|
||||||
path = "/data/backup/kanidm";
|
path = "/data/backup/kanidm";
|
||||||
schedule = "00 22 * * *";
|
schedule = "00 22 * * *";
|
||||||
|
@ -1,6 +1,54 @@
|
|||||||
{ config, ... }: let
|
{ config, pkgs, lib, ... }: let
|
||||||
cfg = config.services.matrix-appservice-irc;
|
cfg = config.services.matrix-appservice-irc;
|
||||||
in {
|
in {
|
||||||
|
sops = {
|
||||||
|
secrets = {
|
||||||
|
"matrix/bridges/irc/id" = {};
|
||||||
|
"matrix/bridges/irc/hs_token" = {};
|
||||||
|
"matrix/bridges/irc/as_token" = {};
|
||||||
|
};
|
||||||
|
|
||||||
|
templates."matrix-appservice-irc-registration.yml" = {
|
||||||
|
owner = "matrix-appservice-irc";
|
||||||
|
group = "matrix-synapse";
|
||||||
|
mode = "0440";
|
||||||
|
file = let
|
||||||
|
inherit (config.sops) placeholder;
|
||||||
|
in (pkgs.formats.yaml {}).generate "matrix-appservice-irc-registration.yml" {
|
||||||
|
id = placeholder."matrix/bridges/irc/id";
|
||||||
|
hs_token = placeholder."matrix/bridges/irc/hs_token";
|
||||||
|
as_token = placeholder."matrix/bridges/irc/as_token";
|
||||||
|
url = cfg.registrationUrl;
|
||||||
|
sender_localpart = cfg.localpart;
|
||||||
|
"de.sorunome.msc2409.push_ephemeral" = true;
|
||||||
|
protocols = [ "irc" ];
|
||||||
|
namespaces = {
|
||||||
|
aliases = [
|
||||||
|
{
|
||||||
|
exclusive = true;
|
||||||
|
regex = "#lainchanirc_.*:nani\\.wtf";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
exclusive = true;
|
||||||
|
regex = "#liberairc_.*:nani\\.wtf";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
users = [
|
||||||
|
{
|
||||||
|
exclusive = true;
|
||||||
|
regex = "@lainanon_.*:nani\\.wtf";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
exclusive = true;
|
||||||
|
regex = "@liberauser_.*:nani\\.wtf";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
rate_limited = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
services.matrix-appservice-irc = {
|
services.matrix-appservice-irc = {
|
||||||
enable = true;
|
enable = true;
|
||||||
registrationUrl = "http://localhost:${toString cfg.port}";
|
registrationUrl = "http://localhost:${toString cfg.port}";
|
||||||
@ -14,64 +62,145 @@ in {
|
|||||||
|
|
||||||
database = {
|
database = {
|
||||||
engine = "postgres";
|
engine = "postgres";
|
||||||
|
# TODO: use unix socket
|
||||||
connectionString = "postgres://matrix-appservice-irc:@localhost:${toString config.services.postgresql.port}/matrix-appservice-irc?sslmode=disable";
|
connectionString = "postgres://matrix-appservice-irc:@localhost:${toString config.services.postgresql.port}/matrix-appservice-irc?sslmode=disable";
|
||||||
};
|
};
|
||||||
|
|
||||||
ircService.servers."irc.lainchan.org" = {
|
ircService = {
|
||||||
name = "lainchan";
|
mediaProxy.publicUrl = "https://irc-matrix.nani.wtf/media";
|
||||||
port = 6697;
|
|
||||||
ssl = true;
|
|
||||||
networkId = "ircLainchanOrg";
|
|
||||||
|
|
||||||
botConfig.enable = false;
|
servers = {
|
||||||
|
"irc.libera.chat" = {
|
||||||
|
name = "libera";
|
||||||
|
port = 6697;
|
||||||
|
ssl = true;
|
||||||
|
networkId = "ircLiberaChat";
|
||||||
|
|
||||||
dynamicChannels = {
|
botConfig.enable = false;
|
||||||
enabled = true;
|
|
||||||
createAlias = true;
|
|
||||||
aliasTemplate = "#lainchanirc_$CHANNEL";
|
|
||||||
published = true;
|
|
||||||
useHomeserverDirectory = true;
|
|
||||||
joinRule = "public";
|
|
||||||
federate = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
matrixClients = {
|
dynamicChannels = {
|
||||||
userTemplate = "@lainanon_$NICK";
|
enabled = true;
|
||||||
};
|
createAlias = true;
|
||||||
|
aliasTemplate = "#liberairc_$CHANNEL";
|
||||||
ircClients = {
|
published = true;
|
||||||
nickTemplate = "$LOCALPART[m]";
|
useHomeserverDirectory = true;
|
||||||
allowNickChanges = true;
|
joinRule = "public";
|
||||||
};
|
federate = true;
|
||||||
|
|
||||||
membershipLists = {
|
|
||||||
enabled = true;
|
|
||||||
global = {
|
|
||||||
ircToMatrix = {
|
|
||||||
initial = true;
|
|
||||||
incremental = true;
|
|
||||||
};
|
};
|
||||||
matrixToIrc = {
|
|
||||||
initial = true;
|
matrixClients = {
|
||||||
incremental = true;
|
userTemplate = "@liberauser_$NICK";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
ircClients = {
|
||||||
|
nickTemplate = "$LOCALPART[m]";
|
||||||
|
allowNickChanges = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
membershipLists = {
|
||||||
|
enabled = true;
|
||||||
|
global = {
|
||||||
|
ircToMatrix = {
|
||||||
|
initial = true;
|
||||||
|
incremental = true;
|
||||||
|
};
|
||||||
|
matrixToIrc = {
|
||||||
|
initial = true;
|
||||||
|
incremental = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
permissions."@h7x4:nani.wtf" = "admin";
|
||||||
|
|
||||||
|
# TODO: Port forward
|
||||||
|
ident.enable = true;
|
||||||
|
|
||||||
|
# TODO: Metrics
|
||||||
|
};
|
||||||
|
|
||||||
|
"irc.lainchan.org" = {
|
||||||
|
name = "lainchan";
|
||||||
|
port = 6697;
|
||||||
|
ssl = true;
|
||||||
|
networkId = "ircLainchanOrg";
|
||||||
|
|
||||||
|
botConfig.enable = false;
|
||||||
|
|
||||||
|
dynamicChannels = {
|
||||||
|
enabled = true;
|
||||||
|
createAlias = true;
|
||||||
|
aliasTemplate = "#lainchanirc_$CHANNEL";
|
||||||
|
published = true;
|
||||||
|
useHomeserverDirectory = true;
|
||||||
|
joinRule = "public";
|
||||||
|
federate = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
matrixClients = {
|
||||||
|
userTemplate = "@lainanon_$NICK";
|
||||||
|
};
|
||||||
|
|
||||||
|
ircClients = {
|
||||||
|
nickTemplate = "$LOCALPART[m]";
|
||||||
|
allowNickChanges = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
membershipLists = {
|
||||||
|
enabled = true;
|
||||||
|
global = {
|
||||||
|
ircToMatrix = {
|
||||||
|
initial = true;
|
||||||
|
incremental = true;
|
||||||
|
};
|
||||||
|
matrixToIrc = {
|
||||||
|
initial = true;
|
||||||
|
incremental = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
permissions."@h7x4:nani.wtf" = "admin";
|
||||||
|
|
||||||
|
# TODO: Port forward
|
||||||
|
ident.enable = true;
|
||||||
|
|
||||||
|
# TODO: Metrics
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
permissions."@h7x4:nani.wtf" = "admin";
|
|
||||||
|
|
||||||
# TODO: Port forward
|
|
||||||
ident.enable = true;
|
|
||||||
|
|
||||||
# TODO: Metrics
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.matrix-synapse-next.settings.app_service_config_files = [
|
||||||
|
config.sops.templates."matrix-appservice-irc-registration.yml".path
|
||||||
|
];
|
||||||
|
|
||||||
systemd.services.matrix-appservice-irc = {
|
systemd.services.matrix-appservice-irc = {
|
||||||
|
enableStrictShellChecks = false;
|
||||||
requires = [
|
requires = [
|
||||||
"matrix-synapse.service"
|
"matrix-synapse.service"
|
||||||
"postgresql.service"
|
"postgresql.service"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
serviceConfig.BindReadOnlyPaths = [
|
||||||
|
"${config.sops.templates."matrix-appservice-irc-registration.yml".path}:/var/lib/matrix-appservice-irc/registration.yml"
|
||||||
|
];
|
||||||
|
|
||||||
|
preStart = lib.mkForce ''
|
||||||
|
umask 077
|
||||||
|
# Generate key for crypting passwords
|
||||||
|
if ! [ -f "${cfg.settings.ircService.passwordEncryptionKeyPath}" ]; then
|
||||||
|
${pkgs.openssl}/bin/openssl genpkey \
|
||||||
|
-out "${cfg.settings.ircService.passwordEncryptionKeyPath}" \
|
||||||
|
-outform PEM \
|
||||||
|
-algorithm RSA \
|
||||||
|
-pkeyopt "rsa_keygen_bits:${toString cfg.passwordEncryptionKeyLength}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! [ -f "${cfg.settings.ircService.mediaProxy.signingKeyPath}"]; then
|
||||||
|
${lib.getExe pkgs.nodejs} ${pkgs.matrix-appservice-irc}/lib/generate-signing-key.js > "${cfg.settings.ircService.mediaProxy.signingKeyPath}"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,16 +1,25 @@
|
|||||||
{ secrets, ... }:
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.services.coturn;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
services.coturn = rec {
|
sops.secrets."matrix_synapse/turn_shared_secret" = { };
|
||||||
enable = true;
|
|
||||||
|
services.coturn = let
|
||||||
|
# certName = config.services.nginx.virtualHosts.${cfg.realm}.useACMEHost;
|
||||||
|
certName = "nani.wtf";
|
||||||
|
certDir = config.security.acme.certs.${certName}.directory;
|
||||||
|
in rec {
|
||||||
|
enable = false;
|
||||||
no-cli = true;
|
no-cli = true;
|
||||||
no-tcp-relay = true;
|
no-tcp-relay = true;
|
||||||
min-port = secrets.ports.matrix.coturn.min;
|
min-port = 46000;
|
||||||
max-port = secrets.ports.matrix.coturn.max;
|
max-port = 47000;
|
||||||
use-auth-secret = true;
|
use-auth-secret = true;
|
||||||
static-auth-secret = secrets.keys.matrix.static-auth-secret;
|
static-auth-secret-file = config.sops.secrets."matrix_synapse/turn_shared_secret".path;
|
||||||
realm = "turn.nani.wtf";
|
realm = "turn.nani.wtf";
|
||||||
cert = "${secrets.keys.certificates.server.crt}";
|
cert = "${certDir}/cert.pem";
|
||||||
pkey = "${secrets.keys.certificates.server.key}";
|
pkey = "${certDir}/key.pem";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
# for debugging
|
# for debugging
|
||||||
verbose
|
verbose
|
||||||
@ -40,4 +49,19 @@
|
|||||||
denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
networking.firewall = lib.mkIf cfg.enable {
|
||||||
|
interfaces.enp2s0 = let
|
||||||
|
range = [{
|
||||||
|
from = cfg.min-port;
|
||||||
|
to = cfg.max-port;
|
||||||
|
}];
|
||||||
|
in
|
||||||
|
{
|
||||||
|
allowedUDPPortRanges = range;
|
||||||
|
allowedUDPPorts = [ cfg.listening-port ];
|
||||||
|
allowedTCPPortRanges = range;
|
||||||
|
allowedTCPPorts = [ cfg.listening-port ];
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,4 @@
|
|||||||
{ pkgs, lib, config, secrets, ... }: {
|
{ pkgs, lib, config, ... }: {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./bridges/matrix-appservice-irc.nix
|
./bridges/matrix-appservice-irc.nix
|
||||||
|
|
||||||
@ -9,6 +8,12 @@
|
|||||||
./coturn.nix
|
./coturn.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
sops.secrets."matrix_synapse/registration_secret" = {
|
||||||
|
owner = "matrix-synapse";
|
||||||
|
group = "matrix-synapse";
|
||||||
|
mode = "0440";
|
||||||
|
};
|
||||||
|
|
||||||
services.matrix-synapse-next = {
|
services.matrix-synapse-next = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableNginx = true;
|
enableNginx = true;
|
||||||
@ -25,9 +30,11 @@
|
|||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
turn_uris = let
|
turn_uris = let
|
||||||
inherit (config.services.coturn) realm;
|
inherit (config.services.coturn) realm listening-port;
|
||||||
p = toString secrets.ports.matrix.default;
|
in [
|
||||||
in ["turn:${realm}:${p}?transport=udp" "turn:${realm}:${p}?transport=tcp"];
|
"turn:${realm}:${toString listening-port}?transport=udp"
|
||||||
|
"turn:${realm}:${toString listening-port}?transport=tcp"
|
||||||
|
];
|
||||||
turn_shared_secret = config.services.coturn.static-auth-secret;
|
turn_shared_secret = config.services.coturn.static-auth-secret;
|
||||||
turn_user_lifetime = "1h";
|
turn_user_lifetime = "1h";
|
||||||
|
|
||||||
@ -56,7 +63,7 @@
|
|||||||
# with the registration shared secret
|
# with the registration shared secret
|
||||||
enable_registration = false;
|
enable_registration = false;
|
||||||
|
|
||||||
registration_shared_secret = secrets.keys.matrix.registration-shared-secret;
|
registration_shared_secret_path = config.sops.secrets."matrix_synapse/registration_secret".path;
|
||||||
allow_public_rooms_over_federation = true;
|
allow_public_rooms_over_federation = true;
|
||||||
|
|
||||||
# password_config.enabled = lib.mkForce false;
|
# password_config.enabled = lib.mkForce false;
|
||||||
@ -67,16 +74,10 @@
|
|||||||
user = "matrix-synapse";
|
user = "matrix-synapse";
|
||||||
database = "matrix-synapse";
|
database = "matrix-synapse";
|
||||||
host = "/var/run/postgresql";
|
host = "/var/run/postgresql";
|
||||||
port = secrets.ports.postgres;
|
port = config.services.postgresql.settings.port;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: Figure out a way to do this declaratively.
|
|
||||||
# The files need to be owned by matrix-synapse
|
|
||||||
app_service_config_files = [
|
|
||||||
"/var/lib/matrix-synapse/irc-registration.yml"
|
|
||||||
];
|
|
||||||
|
|
||||||
# redis.enabled = true;
|
# redis.enabled = true;
|
||||||
max_upload_size = "100M";
|
max_upload_size = "100M";
|
||||||
dynamic_thumbnails = true;
|
dynamic_thumbnails = true;
|
||||||
@ -92,19 +93,4 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
services.redis.servers."".enable = true;
|
services.redis.servers."".enable = true;
|
||||||
|
|
||||||
networking.firewall = {
|
|
||||||
interfaces.enp2s0 = let
|
|
||||||
range = with config.services.coturn; [ {
|
|
||||||
from = secrets.ports.matrix.coturn.min;
|
|
||||||
to = secrets.ports.matrix.coturn.max;
|
|
||||||
} ];
|
|
||||||
in
|
|
||||||
{
|
|
||||||
allowedUDPPortRanges = range;
|
|
||||||
allowedUDPPorts = [ secrets.ports.matrix.default ];
|
|
||||||
allowedTCPPortRanges = range;
|
|
||||||
allowedTCPPorts = [ secrets.ports.matrix.default ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user