megamanmalte/nixos
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

[*] Redo flake.nix, use utils-plus, new formatter

Browse source
This commit is contained in:
Malte Tammena 2022-03-23 13:10:18 +01:00
parent 0c25556826
commit b41bb0bea3
63 changed files with 1363 additions and 1405 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
flake.lock
View file

@ -279,6 +279,21 @@
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1644229661,
"narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"glados": {
"inputs": {
"nixCargoIntegration": "nixCargoIntegration_2"
@ -675,7 +690,8 @@
"qmk-udev-rules": "qmk-udev-rules",
"radicale_infcloud": "radicale_infcloud",
"rip": "rip",
"sops-nix": "sops-nix"
"sops-nix": "sops-nix",
"utils": "utils_3"
}
},
"rust-analyzer-src": {
@ -861,6 +877,24 @@
"repo": "flake-utils",
"type": "github"
}
},
"utils_3": {
"inputs": {
"flake-utils": "flake-utils_2"
},
"locked": {
"lastModified": 1647259887,
"narHash": "sha256-yEkMbEHVO9qydluQ3uHGWX1PkfZhgDKxnd1rhZYZ72w=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "06dba5f3b4fa2cc0bfc98ce9cd6f9a4d8db11d46",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"type": "github"
}
}
},
"root": "root",

559
flake.nix
View file

@ -3,10 +3,10 @@
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
nixos-hardware = {
url = "github:NixOS/nixos-hardware";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
custom-udev-rules.url = "github:MalteT/custom-udev-rules";
nixpkgs-wayland = {
url = "github:nix-community/nixpkgs-wayland";
inputs.nixpkgs.follows = "nixpkgs";
@ -19,10 +19,6 @@
url = "github:MalteT/mensa/main";
inputs.nixpkgs.follows = "nixpkgs";
};
custom-udev-rules = {
url = "github:MalteT/custom-udev-rules";
inputs.nixpkgs.follows = "nixpkgs";
};
fenix = {
url = "github:nix-community/fenix";
inputs.nixpkgs.follows = "nixpkgs";
@ -43,6 +39,11 @@
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
fend = {
url = "github:MalteT/fend/flake";
inputs.nixpkgs.follows = "nixpkgs";
};
gruvbox-material-gtk = {
url = "github:sainnhe/gruvbox-material-gtk";
flake = false;
@ -63,335 +64,259 @@
url = "github:Unrud/RadicaleInfCloud";
flake = false;
};
fend = {
url = "github:MalteT/fend/flake";
inputs.nixpkgs.follows = "nixpkgs";
};
qmk-udev-rules = {
url = "github:qmk/qmk_firmware";
flake = false;
};
};
outputs = { self, nixpkgs, nixos-hardware, home-manager, ... }@inputs: {
outputs = {
self,
utils,
nixpkgs,
nixos-hardware,
...
} @ inputs: let
pkgs = self.pkgs.x86_64-linux.nixpkgs;
colmena = {
meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; };
hosts = [
"helix-texta"
"murex-pecten"
"cornu-aspersum"
"elysia-clarki"
"trochulus-hispidus"
];
helix-texta = { name, nodes, pkgs, ... }: {
imports = [ self.nixosModules.helix-texta ];
config.deployment = {
allowLocalDeployment = true;
targetHost = "helix-texta";
targetUser = "root";
defaultModules = [
inputs.home-manager.nixosModules.home-manager
self.nixosModules.home-manager-config
inputs.custom-udev-rules.nixosModule
inputs.sops-nix.nixosModules.sops
self.nixosModules.nixUnstable
./modules/base-system.nix
];
in
utils.lib.mkFlake {
inherit self inputs;
supportedSystems = ["x86_64-linux"];
sharedOverlays = [
inputs.fenix.overlay
inputs.nixpkgs-wayland.overlay
inputs.colmena.overlay
utils.overlay
(self: super: {
# Add FiraCode as a package, but use NerdFonts
firaCodeNerd = super.nerdfonts.override {fonts = ["FiraCode"];};
# Add the emulator
"2a-emulator" =
inputs.emulator-2a.packages.x86_64-linux."2a-emulator";
# Add my mensa tool
mensa = inputs.mensa.packages.x86_64-linux.mensa;
# TODO: Replace with upstream
fend = inputs.fend.packages.x86_64-linux.fend;
})
# Override cataclysm to use git
(import ./overlays/cataclysm-dda.nix)
(import ./overlays/qmk-udev-rules.nix)
(import ./overlays/sane-backends.nix)
(import ./overlays/logisim.nix)
];
hostDefaults.system = "x86_64-linux";
hostDefaults.modules = defaultModules;
hosts = builtins.listToAttrs (map (host: {
name = host;
value = {modules = [self.nixosModules.${host}];};
})
hosts);
nixosModules = {
home-manager-config = {...}: {
home-manager.verbose = true;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
};
};
murex-pecten = { name, nodes, pkgs, ... }: {
imports = [ self.nixosModules.murex-pecten ];
config.deployment = {
allowLocalDeployment = true;
targetHost = "murex-pecten";
targetUser = "root";
};
};
cornu-aspersum = { ... }: {
imports = [ self.nixosModules.cornu-aspersum ];
config.deployment = {
targetHost = "cornu-aspersum";
targetUser = "root";
};
};
elysia-clarki = { ... }: {
imports = [ self.nixosModules.elysia-clarki ];
config.deployment = {
targetHost = "elysia-clarki";
targetUser = "root";
};
};
trochulus-hispidus = { ... }: {
imports = [ self.nixosModules.trochulus-hispidus ];
config.deployment = {
targetHost = "trochulus-hispidus";
targetUser = "root";
};
};
};
nixosModules = {
helix-texta = { pkgs, config, ... }: {
imports = [
./hosts/helix-texta.nix
./modules/light-actkbd.nix
./modules/scanner.nix
self.nixosModules.thinkpad-p1-gen3
home-manager.nixosModules.home-manager
self.nixosModules.home-manager-config
self.nixosModules.x86_64-linux-basics
];
config = {
nix.settings = {
# add binary caches
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
substituters = nixpkgs.lib.mkForce [
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
];
nixUnstable = {pkgs, ...}: {
nix.registry.nixpkgs.flake = nixpkgs;
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nixpkgs.overlays = [(self: super: {nix = super.nixUnstable;})];
# Enable store optimiser
nix.optimise = {
automatic = true;
dates = ["04:00"];
};
};
environment.systemPackages =
[ inputs.colmena.packages.${config.nixpkgs.system}.colmena ];
helix-texta = {
pkgs,
config,
...
}: {
imports = [
./hosts/helix-texta.nix
./modules/light-actkbd.nix
./modules/scanner.nix
self.nixosModules.thinkpad-p1-gen3
];
# Overwrite basics
services.openssh.enable = false;
programs.mosh.enable = false;
# Overlays only relevant to my primary laptop
nixpkgs.overlays = [
inputs.nixpkgs-wayland.overlay
inputs.fenix.overlay
(import ./overlays/sane-backends.nix)
(import ./overlays/logisim.nix)
config = {
# Overwrite basics
services.openssh.enable = false;
programs.mosh.enable = false;
};
};
murex-pecten = {...}: {
imports = [
nixos-hardware.nixosModules.common-pc
nixos-hardware.nixosModules.common-pc-ssd
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
./hosts/murex-pecten.nix
./hardware/aorus.nix
];
};
cornu-aspersum = {...}: {
imports = [
./hosts/cornu-aspersum.nix
./hardware/netcup-rs-2000-g9.nix
./modules/nginx-reverse-proxy.nix
./modules/ccqcraft.nix
inputs.glados.nixosModules.glados
];
};
elysia-clarki = {pkgs, ...}: {
imports = [
./hosts/elysia-clarki.nix
./hardware/intel-nuc.nix
./modules/local-build-service.nix
./modules/nginx-reverse-proxy.nix
#./modules/binary-cache.nix
./modules/ccqcraft-backups.nix
];
config = {
# Override kernel version for zfs
boot.kernelPackages = pkgs.linuxPackages_5_10;
};
};
trochulus-hispidus = {pkgs, ...}: {
imports = [
./modules/scanner.nix
./hosts/trochulus-hispidus.nix
./hardware/latitude-e7440.nix
];
};
thinkpad-p1-gen3 = {...}: {
imports = [
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-gpu-nvidia
nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd
nixos-hardware.nixosModules.common-pc-laptop-acpi_call
./hardware/thinkpad-p1-gen3.nix
];
};
};
murex-pecten = { ... }: {
imports = [
self.nixosModules.x86_64-linux-basics
nixos-hardware.nixosModules.common-pc
nixos-hardware.nixosModules.common-pc-ssd
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
home-manager.nixosModules.home-manager
self.nixosModules.home-manager-config
colmena =
{
meta = {nixpkgs = pkgs;};
defaults = {...}: {imports = defaultModules;};
}
// (builtins.listToAttrs (map (
host: {
name = host;
value = {
imports = [self.nixosModules.${host}];
config.deployment = {
targetHost = host;
targetUser = "root";
};
};
}
)
hosts));
./hosts/murex-pecten.nix
./hardware/aorus.nix
];
config = { nixpkgs.overlays = [ inputs.fenix.overlay ]; };
};
cornu-aspersum = { ... }: {
imports = [
self.nixosModules.x86_64-linux-basics
./hosts/cornu-aspersum.nix
./hardware/netcup-rs-2000-g9.nix
./modules/nginx-reverse-proxy.nix
./modules/ccqcraft.nix
inputs.glados.nixosModules.glados
];
};
elysia-clarki = { pkgs, ... }: {
imports = [
self.nixosModules.x86_64-linux-basics
./hosts/elysia-clarki.nix
./hardware/intel-nuc.nix
./modules/local-build-service.nix
./modules/nginx-reverse-proxy.nix
#./modules/binary-cache.nix
./modules/ccqcraft-backups.nix
];
config = {
# Override kernel version for zfs
boot.kernelPackages = pkgs.linuxPackages_5_10;
};
};
trochulus-hispidus = { pkgs, ... }: {
imports = [
home-manager.nixosModules.home-manager
self.nixosModules.x86_64-linux-basics
self.nixosModules.home-manager-config
./modules/scanner.nix
./hosts/trochulus-hispidus.nix
./hardware/latitude-e7440.nix
];
config = {
nixpkgs.overlays = [ (import ./overlays/sane-backends.nix) ];
};
};
};
nixosModules.thinkpad-p1-gen3 = { ... }: {
imports = [
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-gpu-nvidia
nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd
nixos-hardware.nixosModules.common-pc-laptop-acpi_call
./hardware/thinkpad-p1-gen3.nix
];
};
nixosModules.home-manager-config = { ... }: {
home-manager.verbose = true;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
};
# Necessary for flakes to work
nixosModules.nixUnstable = { pkgs, ... }: {
nix.registry.nixpkgs.flake = nixpkgs;
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nixpkgs.overlays = [ (self: super: { nix = super.nixUnstable; }) ];
# Enable store optimiser
nix.optimise = {
automatic = true;
dates = [ "04:00" ];
};
};
# Some basics that every machine should have
nixosModules.x86_64-linux-basics = { pkgs, config, ... }: {
imports = [
inputs.custom-udev-rules.nixosModule
inputs.sops-nix.nixosModules.sops
self.nixosModules.nixUnstable
./modules/base-system.nix
];
config = {
# Set the system revision if this flake has it
system.configurationRevision = pkgs.lib.mkIf (self ? rev) self.rev;
# Add some useful overlays
# TODO: How would I do this inside ./modules/base-system.nix?
nixpkgs.overlays = [
(self: super: {
# Add FiraCode as a package, but use NerdFonts
firaCodeNerd = super.nerdfonts.override { fonts = [ "FiraCode" ]; };
# Add the emulator
"2a-emulator" =
inputs.emulator-2a.packages.x86_64-linux."2a-emulator";
# Add my mensa tool
mensa = inputs.mensa.packages.x86_64-linux.mensa;
# TODO: Replace with upstream
fend = inputs.fend.packages.x86_64-linux.fend;
})
# Override cataclysm to use git
(import ./overlays/cataclysm-dda.nix)
(import ./overlays/qmk-udev-rules.nix)
];
};
};
# My thinkpad P1
nixosConfigurations.helix-texta = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.helix-texta ];
};
# My tower
nixosConfigurations.murex-pecten = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.murex-pecten ];
};
# Currently hosted by NetCup
nixosConfigurations.cornu-aspersum = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.cornu-aspersum ];
};
# Server @home
nixosConfigurations.elysia-clarki = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.elysia-clarki ];
};
# Marie's laptop
nixosConfigurations.trochulus-hispidus = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.trochulus-hispidus ];
};
devShell.x86_64-linux =
let pkgs = import nixpkgs { system = "x86_64-linux"; };
in pkgs.mkShell {
packages = [
(with pkgs;
writeScriptBin "rebuild" ''
#!${stdenv.shell}
if [ -z $1 ]; then
echo "Need 'switch|boot|...'"
exit 1
fi
today=`${coreutils}/bin/date +%Y-%m-%d`
branch=`${git}/bin/git branch --show-current`
rev=`${git}/bin/git log -1 --format=%h`
dirty=`${git}/bin/git diff --quiet || echo '~'`
NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty
# Extract build secrets
echo Extracting build secrets..
${sops}/bin/sops --extract '["polymc-client-id"]' -d secrets/secrets.yaml > build-secrets/polymc-client-id
sudo ${nixos-rebuild}/bin/nixos-rebuild $1 --flake .
'')
(with pkgs;
writeScriptBin "all-hosts" ''
nix eval --json .#nixosConfigurations --apply builtins.attrNames 2>/dev/null | jq -r .[]
'')
(with pkgs;
writeScriptBin "push-to" ''
if [ -z $2 ]; then
echo "Need 'switch|boot|...'"
exit 1
fi
host=$1
action=$2
nixos-rebuild --flake .#$host --build-host root@$host --target-host root@$host $action
'')
(with pkgs;
writeScriptBin "option" ''
host=$1
option=$2
nix eval .#nixosConfigurations.$host.config.$option
'')
(with pkgs;
writeScriptBin "hm-option" ''
host=$1
option=$2
user=$3
if [[ -z $user ]]; then
user=$USER
fi
nix eval .#nixosConfigurations.$host.config.home-manager.users.$user.$option 2>/dev/null
'')
(with pkgs;
writeScriptBin "test-config" ''
#!${stdenv.shell}
for host in $(all-hosts); do
echo == Checking ''${host}..
nixos-rebuild --flake .#$host dry-build 2> /tmp/build-output
if [[ $? -ne 0 ]]; then
bat --file-name "Failed to verify config for $host" /tmp/build-output
outputsBuilder = channels: {
devShell = channels.nixpkgs.mkShell {
packages = let
date = "${pkgs.coreutils}/bin/date";
git = "${pkgs.git}/bin/git";
nixos-rebuild = "${pkgs.nixos-rebuild}/bin/nixos-rebuild";
sops = "${pkgs.sops}/bin/sops";
bat = "${pkgs.bat}/bin/bat";
in
with pkgs; [
(writeScriptBin "rebuild" ''
#!${stdenv.shell}
if [ -z $1 ]; then
echo "Need 'switch|boot|...'"
exit 1
fi
done
echo === All checks passed
'')
inputs.colmena.packages.x86_64-linux.colmena
];
today=`${date} +%Y-%m-%d`
branch=`${git} branch --show-current`
rev=`${git} log -1 --format=%h`
dirty=`${git} diff --quiet || echo '~'`
NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty
# Extract build secrets
echo Extracting build secrets..
${sops} --extract '["polymc-client-id"]' -d secrets/secrets.yaml > build-secrets/polymc-client-id
sudo ${nixos-rebuild} $1 --flake .
'')
(writeScriptBin "all-hosts" ''
nix eval --json .#nixosConfigurations --apply builtins.attrNames 2>/dev/null | jq -r .[]
'')
(writeScriptBin "push-to" ''
if [ -z $2 ]; then
echo "Need 'switch|boot|...'"
exit 1
fi
host=$1
action=$2
${nixos-rebuild} --flake .#$host --build-host root@$host --target-host root@$host $action
'')
(writeScriptBin "option" ''
host=$1
option=$2
nix eval .#nixosConfigurations.$host.config.$option
'')
(writeScriptBin "hm-option" ''
host=$1
option=$2
user=$3
if [[ -z $user ]]; then
user=$USER
fi
nix eval .#nixosConfigurations.$host.config.home-manager.users.$user.$option 2>/dev/null
'')
(writeScriptBin "test-config" ''
#!${stdenv.shell}
for host in $(all-hosts); do
echo == Checking ''${host}..
${nixos-rebuild} --flake .#$host dry-build 2> /tmp/build-output
if [[ $? -ne 0 ]]; then
${bat} --file-name "Failed to verify config for $host" /tmp/build-output
exit 1
fi
done
echo === All checks passed
'')
inputs.colmena.packages.x86_64-linux.colmena
fup-repl
alejandra
];
};
};
};
};
}

36
hardware/aorus.nix
View file

@ -1,26 +1,27 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
initrd = {
availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ "dm-snapshot" "amdgpu" ];
luks.devices."enc".device =
"/dev/disk/by-uuid/037d5dc5-17c3-4643-9ad8-7403d280b191";
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = ["dm-snapshot" "amdgpu"];
luks.devices."enc".device = "/dev/disk/by-uuid/037d5dc5-17c3-4643-9ad8-7403d280b191";
};
kernelModules = [ "kvm-amd" ];
kernelModules = ["kvm-amd"];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a";
fsType = "btrfs";
options = [ "subvol=nixos" ];
options = ["subvol=nixos"];
};
"/boot" = {
device = "/dev/disk/by-uuid/6B2D-BD5B";
@ -29,12 +30,12 @@
"/home" = {
device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a";
fsType = "btrfs";
options = [ "subvol=home" ];
options = ["subvol=home"];
};
"/home/malte/games" = rec {
device = "/dev/mapper/${encrypted.label}";
fsType = "btrfs";
options = [ "subvol=malte/games" ];
options = ["subvol=malte/games"];
encrypted = {
enable = true;
label = "luks-media";
@ -44,8 +45,7 @@
};
};
swapDevices =
[{ device = "/dev/disk/by-uuid/a8d98aa8-47e4-4d32-bc95-1f4a9a1c1d91"; }];
swapDevices = [{device = "/dev/disk/by-uuid/a8d98aa8-47e4-4d32-bc95-1f4a9a1c1d91";}];
# Enable bluetooth
hardware.bluetooth.enable = true;
@ -57,11 +57,11 @@
spinDown5Secs = 1;
powerDownOnStart = true;
};
"ata-ST3000DM001-1ER166_Z500FQ9H" = { spinDown5Secs = 60; };
"ata-ST3000DM001-1ER166_Z500FQ9H" = {spinDown5Secs = 60;};
};
# Prevent GPP0 from waking up the device!
wakeup.toggleDevice = [ "GPP0" ];
wakeup.toggleDevice = ["GPP0"];
services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ];
services.xserver.videoDrivers = lib.mkForce ["amdgpu"];
}

84
hardware/intel-nuc.nix
View file

@ -1,14 +1,18 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
# === Boot options ===
boot.initrd.availableKernelModules =
[ "xhci_pci" "ehci_pci" "ahci" "usbhid" "uas" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "uas" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
# === Internal drive ===
fileSystems."/" = {
@ -32,17 +36,17 @@
};
# === Swap ===
swapDevices =
[{ device = "/dev/disk/by-uuid/efc7e294-1c18-4dd9-aca5-f868eb9c47fc"; }];
} // (
swapDevices = [{device = "/dev/disk/by-uuid/efc7e294-1c18-4dd9-aca5-f868eb9c47fc";}];
}
// (
# === External drives ===
let
cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup";
unlockLuksService = label: keyfile: overwrites:
lib.attrsets.recursiveUpdate {
description = "Unlock luks encrypted device '${label}'";
bindsTo = [ "dev-${label}.device" ];
after = [ "dev-${label}.device" ];
bindsTo = ["dev-${label}.device"];
after = ["dev-${label}.device"];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
@ -53,7 +57,8 @@
${cryptsetup} luksClose ${label}opened
'';
};
} overwrites;
}
overwrites;
disks = {
FRA = "8ae45289-82ed-4cf1-9d68-a0e26e5d9bb5";
@ -64,44 +69,45 @@
in {
# Unlock all luks devices and import the zfs pools if necessary
systemd.services."luks-open-FRA" =
unlockLuksService "FRA" "/root/keys/fra" { };
systemd.services."luks-open-BER" =
unlockLuksService "BER" "/root/keys/ber" {
serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zBER";
};
systemd.services."luks-open-HND" =
unlockLuksService "HND" "/root/keys/hnd" {
serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zHND";
};
unlockLuksService "FRA" "/root/keys/fra" {};
systemd.services."luks-open-BER" = unlockLuksService "BER" "/root/keys/ber" {
serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zBER";
};
systemd.services."luks-open-HND" = unlockLuksService "HND" "/root/keys/hnd" {
serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zHND";
};
systemd.services."luks-open-LEJ" =
unlockLuksService "LEJ" "/root/keys/lej" { };
unlockLuksService "LEJ" "/root/keys/lej" {};
systemd.mounts = [
{
what = "/dev/mapper/FRAopened";
where = "/srv/fra";
type = "ext4";
wantedBy = [ "default.target" ];
requires = [ "luks-open-FRA.service" ];
after = [ "luks-open-FRA.service" ];
wantedBy = ["default.target"];
requires = ["luks-open-FRA.service"];
after = ["luks-open-FRA.service"];
}
{
what = "/dev/mapper/vg_lej-lv_lej";
where = "/srv/lej";
type = "ext4";
wantedBy = [ "default.target" ];
requires = [ "luks-open-LEJ.service" ];
after = [ "luks-open-LEJ.service" ];
wantedBy = ["default.target"];
requires = ["luks-open-LEJ.service"];
after = ["luks-open-LEJ.service"];
}
];
# Add udev rules for every disk
services.udev.customRules = [{
name = "85-rename-and-unlock-disks";
rules = lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList
(alias: uuid: ''
SUBSYSTEM=="block", ENV{ID_FS_UUID}=="${uuid}", SYMLINK+="${alias}", TAG+="systemd"
'') disks);
}];
})
services.udev.customRules = [
{
name = "85-rename-and-unlock-disks";
rules = lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList
(alias: uuid: ''
SUBSYSTEM=="block", ENV{ID_FS_UUID}=="${uuid}", SYMLINK+="${alias}", TAG+="systemd"
'')
disks);
}
];
}
)

24
hardware/latitude-e7440.nix
View file

@ -1,28 +1,30 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/595d4130-1aa8-4779-9dd9-6707929f0981";
fsType = "ext4";
};
boot.initrd.luks.devices."nixos".device =
"/dev/disk/by-uuid/52caf614-e56e-46f4-9604-222ea98fc106";
boot.initrd.luks.devices."nixos".device = "/dev/disk/by-uuid/52caf614-e56e-46f4-9604-222ea98fc106";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D70A-4148";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;

17
hardware/netcup-minimal.nix
View file

@ -1,17 +1,18 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.initrd.availableKernelModules =
[ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
fileSystems."/" = {
device = "/dev/disk/by-uuid/652432d2-a452-496c-b29d-b22c479a8545";
fsType = "ext4";
};
swapDevices =
[{ device = "/dev/disk/by-uuid/2c090f4d-4163-43b8-8b76-b1ac1c30e755"; }];
swapDevices = [{device = "/dev/disk/by-uuid/2c090f4d-4163-43b8-8b76-b1ac1c30e755";}];
}

15
hardware/netcup-rs-2000-g9.nix
View file

@ -1,17 +1,20 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.initrd.availableKernelModules =
[ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
swapDevices = [{ device = "/dev/disk/by-label/swap"; }];
swapDevices = [{device = "/dev/disk/by-label/swap";}];
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;

35
hardware/thinkpad-p1-gen3.nix
View file

@ -1,16 +1,18 @@
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}: {
boot = {
initrd = {
availableKernelModules =
[ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
luks.devices."enc".device =
"/dev/disk/by-uuid/1f1e51d6-3084-4f4d-9b4b-6caa0352f542";
availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
luks.devices."enc".device = "/dev/disk/by-uuid/1f1e51d6-3084-4f4d-9b4b-6caa0352f542";
};
kernelModules = [ "kvm-intel" "acpi-call" ];
kernelModules = ["kvm-intel" "acpi-call"];
#blacklistedKernelModules = [ "nvidia" ];
supportedFilesystems = [ "btrfs" ];
supportedFilesystems = ["btrfs"];
};
powerManagement = {
@ -61,10 +63,10 @@
};
services.blueman.enable = true;
services.xserver.videoDrivers = lib.mkForce [ "nvidia" ];
services.xserver.videoDrivers = lib.mkForce ["nvidia"];
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
};
services.fprintd.enable = true;
@ -74,7 +76,7 @@
"/" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
options = ["subvol=root" "compress=zstd"];
};
"/boot" = {
@ -85,29 +87,28 @@
"/home" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
options = ["subvol=home" "compress=zstd"];
};
"/nix" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
options = ["subvol=nix" "compress=zstd"];
};
"/persist" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" ];
options = ["subvol=persist" "compress=zstd"];
};
"/var/log" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
options = ["subvol=log" "compress=zstd"];
neededForBoot = true;
};
};
swapDevices =
[{ device = "/dev/disk/by-uuid/6948f567-03b3-4a38-b3c4-e05e0bbfbf55"; }];
swapDevices = [{device = "/dev/disk/by-uuid/6948f567-03b3-4a38-b3c4-e05e0bbfbf55";}];
}

20
hosts/cornu-aspersum.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
@ -11,15 +13,14 @@
users.users = {
root = {
hashedPassword =
"$6$Yb1gdlKIpY1hRW1X$uUcNFuNnK2JFFN55Tkc.fPV.4I7RJvIfLEQayVP1utfkmjF0f/EHjtypxq11jR5NUUIJFQLW6ffajjduA2689.";
hashedPassword = "$6$Yb1gdlKIpY1hRW1X$uUcNFuNnK2JFFN55Tkc.fPV.4I7RJvIfLEQayVP1utfkmjF0f/EHjtypxq11jR5NUUIJFQLW6ffajjduA2689.";
};
};
sops.defaultSopsFile = ../secrets/hosts/cornu-aspersum/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.secrets.gladosEnv = { };
sops.secrets.gladosEnv = {};
services.glados = {
enable = true;
dataCollector.enable = true;
@ -32,8 +33,7 @@
# Run radicale with infcloud interface for me and Marie
services.radicaleWithInfcloud.enable = true;
systemd.services.glados.serviceConfig.SupplementaryGroups =
[ config.users.groups.keys.name ];
systemd.services.glados.serviceConfig.SupplementaryGroups = [config.users.groups.keys.name];
services.qemuGuest.enable = true;
@ -41,7 +41,7 @@
services.nginx.virtualHosts."img.tammena.rocks" = {
enableACME = true;
forceSSL = true;
locations."/" = { proxyPass = "http://elysia-clarki:2342/"; };
locations."/" = {proxyPass = "http://elysia-clarki:2342/";};
};
# This value determines the NixOS release from which the default
@ -51,6 +51,4 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
}

15
hosts/elysia-clarki.nix
View file

@ -1,9 +1,12 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "zfs" ];
boot.supportedFilesystems = ["zfs"];
networking.hostName = "elysia-clarki";
networking.interfaces.eno1.useDHCP = true;
@ -16,7 +19,7 @@
dockerCompat = true;
dockerSocket.enable = true;
defaultNetwork.dnsname.enable = true;
extraPackages = with pkgs; [ zfs ];
extraPackages = with pkgs; [zfs];
};
oci-containers.backend = "podman";
# Override storage driver
@ -35,7 +38,7 @@
rootDir = "/srv/hnd/photoprism";
environmentFile = config.sops.secrets."photoprism-env".path;
};
sops.secrets."photoprism-env" = { };
sops.secrets."photoprism-env" = {};
services.resticConfigured = {
enable = true;
@ -46,7 +49,7 @@
services.fwupd.enable = true;
sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

99
hosts/helix-texta.nix
View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
{
config,
pkgs,
lib,
...
}: let
pamLogin = ''
# Account management.
account required pam_unix.so
@ -18,7 +21,6 @@ let
session required ${pkgs.linux-pam}/lib/security/pam_lastlog.so silent
session optional ${pkgs.systemd}/lib/security/pam_systemd.so
'';
in {
boot = {
# Use the systemd-boot EFI boot loader.
@ -33,7 +35,7 @@ in {
networkmanager.enable = true;
};
system.fsPackages = [ pkgs.sshfs ];
system.fsPackages = [pkgs.sshfs];
# Pipewire for my wayland
sound.enable = false;
@ -50,26 +52,29 @@ in {
"channelmix.lfe-cutoff" = 150;
};
config.pipewire = { "default.clock.allowed-rates" = [ 48000 44100 ]; };
config.pipewire = {"default.clock.allowed-rates" = [48000 44100];};
media-session.config.alsa-monitor = {
rules = [{
matches = [{
"node.name" =
"alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0";
}];
actions = {
update-props = {
#"audio.rate" = 96000;
"api.alsa.headroom" = 1024;
rules = [
{
matches = [
{
"node.name" = "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0";
}
];
actions = {
update-props = {
#"audio.rate" = 96000;
"api.alsa.headroom" = 1024;
};
};
};
}];
}
];
};
};
xdg.portal = {
enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk ];
extraPortals = [pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk];
gtkUsePortal = true;
};
@ -110,42 +115,16 @@ in {
};
services.fprintd.enable = true;
users = {
# I like my users unmutable
mutableUsers = false;
# Myself
users.malte = {
description = "Malte Tammena";
hashedPassword =
"$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"kvm"
"libvirtd"
"podman"
"scanner"
config.users.groups.keys.name
];
# Yes, use the best, please
shell = pkgs.fish;
};
};
home-manager.users.malte.imports = [ ../users/malte/home.nix ];
programs.fish.enable = true;
users.mutableUsers = false;
users.custom.malte.enable = true;
# Use some fonts
fonts = {
enableDefaultFonts = true;
fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ];
fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels];
fontconfig = {
enable = true;
defaultFonts.monospace = [ "FiraCode Nerd Font" ];
defaultFonts.monospace = ["FiraCode Nerd Font"];
};
};
@ -170,15 +149,12 @@ in {
programs.steam.enable = true;
nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override {
extraPkgs = pkgs: [ pkgs.openssl ];
#nativeOnly = true;
};
steam = pkgs.steam.override {extraPkgs = pkgs: [pkgs.openssl];};
};
programs.sway.enable = true;
services.dbus.packages = [ pkgs.dconf ];
services.udev.packages = with pkgs; [ yubikey-personalization chrysalis ];
services.dbus.packages = [pkgs.dconf];
services.udev.packages = with pkgs; [yubikey-personalization chrysalis];
environment.systemPackages = with pkgs; [
thunderbolt
@ -191,19 +167,7 @@ in {
services.devmon.enable = true;
sops.defaultSopsFile = ../secrets/hosts/helix-texta/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# TODO: Improve this
sops.secrets."restic-backup-malte" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
key = "restic-backup";
};
sops.secrets."radicale-password" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
};
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
@ -213,4 +177,3 @@ in {
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}

130
hosts/murex-pecten.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
# Use the systemd-boot EFI boot loader.
boot.loader = {
systemd-boot.enable = true;
@ -12,7 +14,7 @@
networkmanager.enable = true;
};
system.fsPackages = [ pkgs.sshfs ];
system.fsPackages = [pkgs.sshfs];
sound.enable = true;
security.rtkit.enable = true;
@ -28,27 +30,30 @@
"channelmix.lfe-cutoff" = 150;
};
config.pipewire."default.clock.allowed-rates" = [ 48000 44100 ];
config.pipewire."default.clock.allowed-rates" = [48000 44100];
media-session.config.alsa-monitor = {
rules = [{
matches = [{
"node.name" =
"alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0";
}];
actions = {
update-props = {
#"audio.rate" = 96000;
"api.alsa.headroom" = 1024;
rules = [
{
matches = [
{
"node.name" = "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0";
}
];
actions = {
update-props = {
#"audio.rate" = 96000;
"api.alsa.headroom" = 1024;
};
};
};
}];
}
];
};
};
xdg.portal = {
enable = true;
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-wlr];
gtkUsePortal = true;
};
@ -57,65 +62,21 @@
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [ amdvlk ];
extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
extraPackages = with pkgs; [amdvlk];
extraPackages32 = with pkgs; [driversi686Linux.amdvlk];
};
};
# Define a user account. Don't forget to set a password with passwd.
users = {
# I like my users unmutable
mutableUsers = false;
# Myself
users.malte = {
description = "Malte Tammena";
hashedPassword =
"$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"kvm"
"libvirtd"
"podman"
"corectrl"
"scanner"
config.users.groups.keys.name
];
# Yes, use the best, please
shell = pkgs.fish;
};
users.marie = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"scanner"
config.users.groups.keys.name
];
hashedPassword =
"$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0";
# This is really just for my comfort
shell = pkgs.fish;
};
};
home-manager.users.malte.imports = [ ../users/malte/home.nix ];
home-manager.users.marie.imports = [ ../users/marie/home.nix ];
programs.fish.enable = true;
users.mutableUsers = false;
users.custom.marie.enable = true;
users.custom.malte.enable = true;
fonts = {
enableDefaultFonts = true;
fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ];
fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels];
fontconfig = {
enable = true;
defaultFonts.monospace = [ "FiraCode Nerd Font" ];
defaultFonts.monospace = ["FiraCode Nerd Font"];
};
};
@ -129,20 +90,9 @@
security.pam = {
yubico = {
enable = true;
#id = "ccccccvblrrf";
mode = "challenge-response";
control = "sufficient";
};
#services.login = {
#name = "login";
## Fix when https://github.com/NixOS/nixpkgs/pull/105319 lands..
#text = pamLogin;
#};
#services.swaylock = {
# name = "swaylock";
# fprintAuth = true;
# unixAuth = true;
#};
};
services.udev.customRules = [
@ -176,7 +126,7 @@
programs.steam.enable = true;
programs.corectrl.enable = true;
services.dbus.packages = with pkgs; [ dconf openrgb ];
services.dbus.packages = with pkgs; [dconf openrgb];
services.udev.packages = with pkgs; [
yubikey-personalization
chrysalis
@ -190,25 +140,7 @@
programs.sway.enable = true;
sops.defaultSopsFile = ../secrets/hosts/murex-pecten/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# TODO: Improve this
sops.secrets."restic-backup-malte" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
key = "restic-backup";
};
sops.secrets."restic-backup-marie" = {
sopsFile = ../secrets/users/marie/secrets.yaml;
owner = "marie";
mode = "0400";
key = "restic-backup";
};
sops.secrets."radicale-password" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
};
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
environment.systemPackages = with pkgs; [
qt5.qtwayland
@ -232,6 +164,4 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment?
}

32
hosts/trochulus-hispidus.nix
View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
@ -41,33 +43,17 @@
users = {
mutableUsers = false;
users.marie = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"scanner"
config.users.groups.keys.name
];
hashedPassword =
"$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0";
# This is really just for my comfort
shell = pkgs.fish;
};
custom.marie.enable = true;
};
home-manager.users.marie.imports = [ ../users/marie/home.nix ];
fonts = {
enableDefaultFonts = true;
fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ];
fontconfig = { enable = true; };
fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels];
fontconfig = {enable = true;};
};
sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# TODO: Improve this
sops.secrets."restic-backup-marie" = {
sopsFile = ../secrets/users/marie/secrets.yaml;
@ -90,6 +76,4 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment?
}

30
modules/7-days-to-die.nix
View file

@ -1,21 +1,23 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
ports = {
tcp = [ 26900 ];
udp = [ 26900 26901 26902 ];
tcp = [26900];
udp = [26900 26901 26902];
};
uid = 459;
gid = 459;
cfg = config.services."7-days-to-die";
portsTcp = map (port:
let portStr = builtins.toString port;
in "${portStr}:${portStr}/tcp");
portsUdp = map (port:
let portStr = builtins.toString port;
in "${portStr}:${portStr}/udp");
portsTcp = map (port: let
portStr = builtins.toString port;
in "${portStr}:${portStr}/tcp");
portsUdp = map (port: let
portStr = builtins.toString port;
in "${portStr}:${portStr}/udp");
in {
options.services."7-days-to-die" = with lib; {
enable = mkEnableOption "7 Days to die game server service";
@ -26,8 +28,7 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
description =
"Whether to open the firewall for ports ${builtins.toString ports}";
description = "Whether to open the firewall for ports ${builtins.toString ports}";
};
};
@ -66,4 +67,3 @@ in {
};
};
}

32
modules/base-system.nix
View file

@ -1,9 +1,11 @@
# Settings that most of my hosts can agree on, but
# some of these settings are overriden on a per-host basis.
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}: {
imports = [
./photoprism.nix
./7-days-to-die.nix
@ -12,6 +14,8 @@
./restic.nix
./wakeup.nix
./hdparm.nix
./malte.nix
./marie.nix
];
options.settings = with lib; {
@ -32,12 +36,29 @@
hardware.enableAllFirmware = true;
hardware.enableRedistributableFirmware = true;
# Use some binary caches
nix.settings = {
# add binary caches
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"2a-emulator.cachix.org-1:ijJDEqNsMqhamxxWvqOiaCQNoYhWNw7A+gGICgAH1mE="
"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
];
substituters = [
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
"https://2a-emulator.cachix.org"
"https://colmena.cachix.org"
];
};
# Make sure that I can login over the tailscale infrastructure
# while increasing security
# TODO: Restrict openssh interface, move port
services.openssh.enable = pkgs.lib.mkDefault true;
users.users.root = {
openssh.authorizedKeys.keyFiles = [ ../users/malte/yubikey.pub ];
openssh.authorizedKeys.keyFiles = [../users/malte/yubikey.pub];
};
# Enable mosh for some SSH superpower
programs.mosh.enable = pkgs.lib.mkDefault true;
@ -77,7 +98,6 @@
enable = true;
interfaceName = "looking-glas";
};
networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
networking.firewall.allowedUDPPorts = [config.services.tailscale.port];
};
}

11
modules/binary-cache.nix
View file

@ -1,16 +1,17 @@
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
services.nix-serve = {
enable = true;
secretKeyFile = "/var/cache-priv.pem";
};
services.nginx.virtualHosts."cache.home.dyn.tammena.rocks" = {
serverAliases = [ "cache.elysia-clarki" ];
serverAliases = ["cache.elysia-clarki"];
locations."/" = {
proxyPass =
"http://localhost:${builtins.toString config.services.nix-serve.port}";
proxyPass = "http://localhost:${builtins.toString config.services.nix-serve.port}";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;

27
modules/ccqcraft-backups.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
user = "ccqcraft";
host = "ccqcraft.de";
path = "~/server/mc/plugins/EasyBackup/backups";
@ -14,7 +12,6 @@ let
DATE=$(${coreutils}/bin/date +backup_%Y-%m-%d_%H:%M:%S%z.reset)
touch ./''${DATE}
'';
in {
systemd.services = {
ccqcraft-pull-backups = {
@ -22,7 +19,7 @@ in {
Description = ''
Pull backups from CCQCraft Minecraft Server via rsync
'';
After = [ "network.target" ];
After = ["network.target"];
};
serviceConfig = {
Type = "oneshot";
@ -39,33 +36,31 @@ in {
Description = ''
Restart incremental backups for CCQCraft server
'';
Requires = [ "ccqcraft-pull-backups.service" ];
After = [ "network.target" "ccqcraft-pull-backups.service" ];
Requires = ["ccqcraft-pull-backups.service"];
After = ["network.target" "ccqcraft-pull-backups.service"];
};
serviceConfig = {
Type = "oneshot";
WorkingDirectory = "/srv/hnd/ccqcraft-backups";
ExecStart =
[ ''${pkgs.openssh}/bin/ssh "${user}@${host}" rm ${path}/*'' ];
ExecStartPost = [ "${insertResetNoteCmd}/bin/insert-reset-note" ];
ExecStart = [''${pkgs.openssh}/bin/ssh "${user}@${host}" rm ${path}/*''];
ExecStartPost = ["${insertResetNoteCmd}/bin/insert-reset-note"];
};
};
};
systemd.timers = {
ccqcraft-pull-backups = {
wantedBy = [ "timers.target" ];
unitConfig = { Description = "Run CCQCraft Backups every day"; };
timerConfig = { OnCalendar = fetchTime; };
wantedBy = ["timers.target"];
unitConfig = {Description = "Run CCQCraft Backups every day";};
timerConfig = {OnCalendar = fetchTime;};
};
ccqcraft-restart-incremental-backups = {
wantedBy = [ "timers.target" ];
wantedBy = ["timers.target"];
unitConfig = {
Description = "Restart CCQCraft incremental backups weekly";
};
timerConfig = { OnCalendar = clearTime; };
timerConfig = {OnCalendar = clearTime;};
};
};
}

15
modules/ccqcraft.nix
View file

@ -1,21 +1,17 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
ports = {
minecraft = 25565;
rcon = 24738;
voicechat = 24454;
dynmap = 8123;
};
in {
virtualisation.docker.enable = true;
users.users.ccqcraft = {
isNormalUser = true;
extraGroups = [ "docker" ];
hashedPassword =
"$6$D69mzkGZAitfCQOL$oL/7SmSqGwRhZgyiOEgp6N5NkZ/NpdzggomtPFa4XB33Kb3aZMBiLWQS3VSHZhRo2y9mPgXy3mFPSvtvCzoKz/";
extraGroups = ["docker"];
hashedPassword = "$6$D69mzkGZAitfCQOL$oL/7SmSqGwRhZgyiOEgp6N5NkZ/NpdzggomtPFa4XB33Kb3aZMBiLWQS3VSHZhRo2y9mPgXy3mFPSvtvCzoKz/";
};
environment.systemPackages = with pkgs; [
@ -26,7 +22,7 @@ in {
];
networking.firewall = {
allowedTCPPorts = [ ports.minecraft ports.rcon ];
allowedTCPPorts = [ports.minecraft ports.rcon];
allowedUDPPorts = [
# Port used for Voicechat plugin
ports.voicechat
@ -35,7 +31,7 @@ in {
# Expose dynmap map through nginx
services.nginx.virtualHosts."map.ccqcraft.de" = {
serverAliases = [ "ccqcraft.de" ];
serverAliases = ["ccqcraft.de"];
enableACME = true;
forceSSL = true;
locations."/" = {
@ -48,5 +44,4 @@ in {
#"proxy_pass_header Authorization;";
};
};
}

13
modules/grafana.nix
View file

@ -1,7 +1,10 @@
{ pkgs, lib, config, ... }:
let cfg = config.services.grafanaWithNginx;
{
pkgs,
lib,
config,
...
}: let
cfg = config.services.grafanaWithNginx;
in {
options.services."grafanaWithNginx" = with lib; {
enable =
@ -20,7 +23,7 @@ in {
services.nginx.virtualHosts.${config.services.grafana.domain} = {
enableACME = true;
forceSSL = true;
serverAliases = [ "data.tammena.rocks" ];
serverAliases = ["data.tammena.rocks"];
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;

23
modules/hdparm.nix
View file

@ -1,11 +1,15 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
cfg = config.services.hdparm;
diskPath = disk: path:
if path == null then "/dev/disk/by-id/${disk}" else path;
if path == null
then "/dev/disk/by-id/${disk}"
else path;
mkService = disk: settings: {
name = "hdparm-${disk}";
@ -20,20 +24,17 @@ let
diskPath disk settings.path
}
'';
wantedBy = [ "multi-user.target" ];
wantedBy = ["multi-user.target"];
};
};
in {
options.services.hdparm = with lib;
mkOption {
type = types.attrsOf (types.submodule {
options = {
path = mkOption {
type = types.nullOr types.str;
description =
"Path to the disk. Will assume <name> is the id in `/dev/disk/by-id/` if left null";
description = "Path to the disk. Will assume <name> is the id in `/dev/disk/by-id/` if left null";
default = null;
};
spinDown5Secs = mkOption {
@ -48,7 +49,7 @@ in {
};
};
});
default = { };
default = {};
description = "Settings for HDDs";
};

14
modules/light-actkbd.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
light = "${pkgs.light}/bin/light";
decLight = pkgs.writeScriptBin "decrease-light-smartly" ''
#!${pkgs.fish}/bin/fish
@ -28,19 +26,19 @@ let
in {
programs.light.enable = true;
environment.systemPackages = [ incLight decLight pkgs.fish ];
environment.systemPackages = [incLight decLight pkgs.fish];
services.actkbd = {
enable = true;
bindings = [
{
keys = [ 225 ];
events = [ "key" ];
keys = [225];
events = ["key"];
command = "${incLight}/bin/increase-light-smartly";
}
{
keys = [ 224 ];
events = [ "key" ];
keys = [224];
events = ["key"];
command = "${decLight}/bin/decrease-light-smartly";
}
];

14
modules/local-build-service.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }:
let
targetHosts = [ "helix-texta" "elysia-clarki" ];
{pkgs, ...}: let
targetHosts = ["helix-texta" "elysia-clarki"];
remote = "https://git.sr.ht/~megamanmalte/nixos";
@ -20,23 +18,21 @@ let
${builtins.concatStringsSep "\n" (map buildForHost targetHosts)}
rm result
'';
in {
systemd.services.local-build-service = {
unitConfig = {
Description = ''
Regularly pull and build various configuration to populate the local store
'';
After = [ "network.target" ];
After = ["network.target"];
};
serviceConfig = {
Type = "oneshot";
ExecStart = [ "${build}/bin/build" ];
ExecStart = ["${build}/bin/build"];
RuntimeDirectory = "local-build-service";
CacheDirectory = "local-build-service";
CacheDirectoryMode = "0777";
Environment = with pkgs;
"PATH=${git}/bin:${coreutils}/bin:${nixos-rebuild}/bin";
Environment = with pkgs; "PATH=${git}/bin:${coreutils}/bin:${nixos-rebuild}/bin";
};
};
}

51
modules/malte.nix Normal file
View file

@ -0,0 +1,51 @@
{
pkgs,
lib,
config,
...
}: let
cfg = config.users.custom.malte;
in {
options.users.custom.malte = with lib; {
enable = mkEnableOption "Enable user 'malte' on this machine";
};
config = lib.mkIf cfg.enable {
users.users.malte = {
description = "Malte Tammena";
hashedPassword = "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"kvm"
"libvirtd"
"podman"
"corectrl"
"scanner"
config.users.groups.keys.name
];
# Yes, use the best, please
shell = pkgs.fish;
};
home-manager.users.malte.imports = [../users/malte/home.nix];
programs.fish.enable = true;
sops.secrets = {
"restic-backup-malte" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
key = "restic-backup";
};
"radicale-password" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
};
};
};
}

39
modules/marie.nix Normal file
View file

@ -0,0 +1,39 @@
{
pkgs,
lib,
config,
...
}: let
cfg = config.users.custom.marie;
in {
options.users.custom.marie = with lib; {
enable = mkEnableOption "Enable user 'marie' on this machine";
};
config = lib.mkIf cfg.enable {
users.users.marie = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"scanner"
config.users.groups.keys.name
];
hashedPassword = "$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0";
# This is really just for my comfort
shell = pkgs.fish;
};
programs.fish.enable = true;
home-manager.users.marie.imports = [../users/marie/home.nix];
sops.secrets."restic-backup-marie" = {
sopsFile = ../secrets/users/marie/secrets.yaml;
owner = "marie";
mode = "0400";
key = "restic-backup";
};
};
}

8
modules/nginx-reverse-proxy.nix
View file

@ -1,16 +1,12 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
security.acme.defaults.email = "malte.tammena@pm.me";
security.acme.acceptTerms = true;
networking.firewall.allowedTCPPorts = [ 443 80 ];
networking.firewall.allowedTCPPorts = [443 80];
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
}

19
modules/photoprism.nix
View file

@ -1,13 +1,15 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
# TODO: Improve with mariadb database
let
port = 2342;
uid = 458;
gid = 458;
cfg = config.services.photoprism;
in {
options.services.photoprism = with lib; {
enable = mkEnableOption "Photoprism service";
@ -21,8 +23,7 @@ in {
};
environmentFile = mkOption {
type = types.str;
description =
"Additional environment file. I.e. for specifying PHOTOPRISM_ADMIN_PASSWORD";
description = "Additional environment file. I.e. for specifying PHOTOPRISM_ADMIN_PASSWORD";
};
};
@ -38,13 +39,13 @@ in {
};
# Open the port in the firewall
networking.firewall.allowedTCPPorts = [ port ];
networking.firewall.allowedTCPPorts = [port];
virtualisation.oci-containers.containers = {
# Configure the main container
"photoprism" = {
image = "photoprism/photoprism:latest";
ports = [ "${builtins.toString port}:2342" ];
ports = ["${builtins.toString port}:2342"];
environment = {
PHOTOPRISM_UPLOAD_NSFW = "true";
PHOTOPRISM_DETECT_NSFW = "true";
@ -56,7 +57,7 @@ in {
PHOTOPRISM_SITE_DESCRIPTION = "";
PHOTOPRISM_SITE_AUTHOR = "";
};
environmentFiles = [ cfg.environmentFile ];
environmentFiles = [cfg.environmentFile];
volumes = [
"${cfg.rootDir}/storage:/photoprism/storage"
"${cfg.rootDir}/import:/photoprism/import"

31
modules/radicale.nix
View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }:
let
{
config,
pkgs,
lib,
...
}: let
internalPort = 5232;
cfg = config.services.radicaleWithInfcloud;
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
@ -16,33 +19,32 @@ let
};
# Remove depend on radicale to fix infinite recursion
# and set some of my own settings
patches = (old.patches or [ ]) ++ [ ../patches/radicale_infcloud.patch ];
patches = (old.patches or []) ++ [../patches/radicale_infcloud.patch];
});
overlay = self: super: {
radicale = super.radicale.overrideAttrs (old: {
propagatedBuildInputs = old.propagatedBuildInputs
++ [ radicale_infcloud ];
propagatedBuildInputs =
old.propagatedBuildInputs
++ [radicale_infcloud];
});
};
htpasswd_filename = "/etc/radicale/users";
in {
options.services."radicaleWithInfcloud" = with lib; {
enable =
mkEnableOption "Radicale service with Infcloud frontend and nginx config";
};
config = lib.mkIf cfg.enable {
nixpkgs.overlays = [ overlay ];
nixpkgs.overlays = [overlay];
services.radicale = {
enable = true;
settings = {
server = {
hosts = [ "[::1]:${builtins.toString internalPort}" ];
hosts = ["[::1]:${builtins.toString internalPort}"];
max_connections = 8;
max_content_length = 100000000;
timeout = 30;
@ -57,14 +59,13 @@ in {
request = "utf-8";
stock = "utf-8";
};
storage = { filesystem_folder = "/var/lib/radicale/collections"; };
web = { type = "radicale_infcloud"; };
logging = { mask_passwords = true; };
storage = {filesystem_folder = "/var/lib/radicale/collections";};
web = {type = "radicale_infcloud";};
logging = {mask_passwords = true;};
};
};
# Make sure our service user can access the `htpasswd_filename` file
systemd.services.radicale.serviceConfig.SupplementaryGroups =
[ config.users.groups.keys.name ];
systemd.services.radicale.serviceConfig.SupplementaryGroups = [config.users.groups.keys.name];
sops.secrets."radicale-htpasswd" = {
owner = config.systemd.services.radicale.serviceConfig.User;

25
modules/restic.nix
View file

@ -1,9 +1,11 @@
{ pkgs, lib, config, ... }:
let cfg = config.services.resticConfigured;
{
pkgs,
lib,
config,
...
}: let
cfg = config.services.resticConfigured;
in {
options.services.resticConfigured = with lib; {
enable = mkEnableOption "Configured Restic rest server service";
rootDir = mkOption {
@ -18,28 +20,25 @@ in {
openFirewall = mkOption {
type = types.bool;
default = false;
description =
"Whether to open the firewall for port ${builtins.toString cfg.port}";
description = "Whether to open the firewall for port ${builtins.toString cfg.port}";
};
};
config = lib.mkIf cfg.enable {
services.restic.server = {
enable = true;
dataDir = cfg.rootDir;
listenAddress = "0.0.0.0:${builtins.toString cfg.port}";
extraFlags = [ "--no-auth" ];
extraFlags = ["--no-auth"];
};
networking.firewall.allowedTCPPorts =
lib.mkIf cfg.openFirewall [ cfg.port ];
lib.mkIf cfg.openFirewall [cfg.port];
# TODO: This should be moved
systemd.services.restic-rest-server.unitConfig = {
Requires = lib.mkForce [ "network.target" "luks-open-HND.service" ];
After = lib.mkForce [ "network.target" "luks-open-HND.service" ];
Requires = lib.mkForce ["network.target" "luks-open-HND.service"];
After = lib.mkForce ["network.target" "luks-open-HND.service"];
};
};
}

6
modules/scanner.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
scan = "${pkgs.sane-backends}/bin/scanimage";
convert = "${pkgs.imagemagick}/bin/convert";
# TODO: Can I specify this in a better way?
@ -23,5 +21,5 @@ let
in {
hardware.sane.enable = true;
environment.systemPackages = [ scan-a4 ];
environment.systemPackages = [scan-a4];
}

19
modules/wakeup.nix
View file

@ -1,6 +1,9 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
cfg = config.wakeup;
createServiceName = dev: "toggle-acpi-${dev}";
@ -10,14 +13,13 @@ let
serviceConfig.ExecStart = ''
/bin/sh -c "${pkgs.coreutils}/bin/echo ${dev} > /proc/acpi/wakeup"
'';
wantedBy = [ "multi-user.target" ];
wantedBy = ["multi-user.target"];
};
in {
options.wakeup = with lib; {
toggleDevice = mkOption {
type = types.listOf types.str;
default = [ ];
default = [];
description = "ACPI devices to toggle as wakeup devices";
};
};
@ -26,7 +28,8 @@ in {
systemd.services = let
pairs = map (dev:
lib.attrsets.nameValuePair (createServiceName dev) (createService dev))
cfg.toggleDevice;
in builtins.listToAttrs pairs;
cfg.toggleDevice;
in
builtins.listToAttrs pairs;
};
}

19
overlays/cataclysm-dda.nix
View file

@ -1,11 +1,12 @@
self: super:
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
self: super: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in {
cataclysm-dda-git = (super.cataclysm-dda-git.override {
useXdgDir = true;
version = lock.nodes.cataclysm-dda.locked.rev;
rev = lock.nodes.cataclysm-dda.locked.rev;
sha256 = lock.nodes.cataclysm-dda.locked.narHash;
}).overrideAttrs (old: { enableParallelBuilding = true; });
cataclysm-dda-git =
(super.cataclysm-dda-git.override {
useXdgDir = true;
version = lock.nodes.cataclysm-dda.locked.rev;
rev = lock.nodes.cataclysm-dda.locked.rev;
sha256 = lock.nodes.cataclysm-dda.locked.narHash;
})
.overrideAttrs (old: {enableParallelBuilding = true;});
}

8
overlays/logisim.nix
View file

@ -1,12 +1,10 @@
self: super:
let font-flags = "-Dawt.useSystemAAFontSettings=lcd -Dswing.aatext=true";
self: super: let
font-flags = "-Dawt.useSystemAAFontSettings=lcd -Dswing.aatext=true";
in {
logisim = super.logisim.overrideAttrs (old: {
pname = "logisim-evolution";
src = super.fetchurl {
url =
"https://mathcs.holycross.edu/~kwalsh/logisim-evolution-4.0.4hc.jar";
url = "https://mathcs.holycross.edu/~kwalsh/logisim-evolution-4.0.4hc.jar";
sha256 = "0nmvzpdhgfrzx0x6799a1jnsbgipbszd312crf865nzvsi2p046i";
};
installPhase = ''

6
overlays/qmk-udev-rules.nix
View file

@ -1,6 +1,5 @@
self: super:
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
self: super: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in {
qmk-udev-rules = super.qmk-udev-rules.overrideAttrs (old: {
version = lock.nodes.qmk-udev-rules.locked.rev;
@ -12,4 +11,3 @@ in {
};
});
}

32
overlays/sane-backends.nix
View file

@ -1,16 +1,18 @@
self: super:
{
sane-backends = (super.sane-backends.override {
extraFirmware = [{
src = super.fetchurl {
url = "www.meier-geinitz.de/sane/gt68xx-backend/firmware/sbfw.usb";
sha256 = "12hnacivpy153alfjyr7k92y90nmb5d7z1ca7aix5w7wi0w4jdjv";
};
name = "sbfw.usb";
backend = "gt68xx";
}];
}).overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [ ../patches/gt68xx.conf.patch ];
});
self: super: {
sane-backends =
(super.sane-backends.override {
extraFirmware = [
{
src = super.fetchurl {
url = "www.meier-geinitz.de/sane/gt68xx-backend/firmware/sbfw.usb";
sha256 = "12hnacivpy153alfjyr7k92y90nmb5d7z1ca7aix5w7wi0w4jdjv";
};
name = "sbfw.usb";
backend = "gt68xx";
}
];
})
.overrideAttrs (old: {
patches = (old.patches or []) ++ [../patches/gt68xx.conf.patch];
});
}

45
pkgs/2i-emulator.nix
View file

@ -1,24 +1,27 @@
{ lib, fetchFromGitHub, rustPlatform }:
{
lib,
fetchFromGitHub,
rustPlatform,
}: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in
rustPlatform.buildRustPackage {
pname = lock.nodes."2i-emulator".original.repo;
version = lock.nodes."2i-emulator".locked.rev;
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in rustPlatform.buildRustPackage {
pname = lock.nodes."2i-emulator".original.repo;
version = lock.nodes."2i-emulator".locked.rev;
src = fetchFromGitHub {
owner = lock.nodes."2i-emulator".locked.owner;
repo = lock.nodes."2i-emulator".locked.repo;
rev = lock.nodes."2i-emulator".locked.rev;
sha256 = lock.nodes."2i-emulator".locked.narHash;
};
src = fetchFromGitHub {
owner = lock.nodes."2i-emulator".locked.owner;
repo = lock.nodes."2i-emulator".locked.repo;
rev = lock.nodes."2i-emulator".locked.rev;
sha256 = lock.nodes."2i-emulator".locked.narHash;
};
cargoSha256 = "sha256-FUtOLYFPRFkUAXixcUzMfDmKju/GN6r/KQYqKCK8vBk=";
cargoSha256 = "sha256-FUtOLYFPRFkUAXixcUzMfDmKju/GN6r/KQYqKCK8vBk=";
meta = with lib; {
description =
"Cli emulator for the micro computer 2i used in the computer science hardware course at Leipzig University";
homepage = "https://github.com/klemens/2i-emulator";
license = licenses.gpl3;
maintainers = [ ];
};
}
meta = with lib; {
description = "Cli emulator for the micro computer 2i used in the computer science hardware course at Leipzig University";
homepage = "https://github.com/klemens/2i-emulator";
license = licenses.gpl3;
maintainers = [];
};
}

59
pkgs/gruvbox-material-gtk.nix
View file

@ -1,32 +1,37 @@
{ lib, stdenv, fetchFromGitHub, hiDPI ? false }:
let
{
lib,
stdenv,
fetchFromGitHub,
hiDPI ? false,
}: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
variant =
if hiDPI then "Gruvbox-Material-Dark-HIDPI" else "Gruvbox-Material-Dark";
in stdenv.mkDerivation rec {
pname = lock.nodes.gruvbox-material-gtk.locked.repo;
version = lock.nodes.gruvbox-material-gtk.locked.rev;
if hiDPI
then "Gruvbox-Material-Dark-HIDPI"
else "Gruvbox-Material-Dark";
in
stdenv.mkDerivation rec {
pname = lock.nodes.gruvbox-material-gtk.locked.repo;
version = lock.nodes.gruvbox-material-gtk.locked.rev;
src = fetchFromGitHub {
owner = lock.nodes.gruvbox-material-gtk.locked.owner;
repo = lock.nodes.gruvbox-material-gtk.locked.repo;
rev = lock.nodes.gruvbox-material-gtk.locked.rev;
sha256 = lock.nodes.gruvbox-material-gtk.locked.narHash;
};
src = fetchFromGitHub {
owner = lock.nodes.gruvbox-material-gtk.locked.owner;
repo = lock.nodes.gruvbox-material-gtk.locked.repo;
rev = lock.nodes.gruvbox-material-gtk.locked.rev;
sha256 = lock.nodes.gruvbox-material-gtk.locked.narHash;
};
installPhase = ''
mkdir -p $out/share/themes/gruvbox-material
rm -rf README.md LICENSE demo.png icons
cp -r themes/${variant}/* $out/share/themes/gruvbox-material
'';
meta = with lib; {
description = "Gruvbox Material for GTK";
homepage = "https://github.com/sainnhe/gruvbox-material-gtk";
license = licenses.mit;
platforms = platforms.unix;
maintainers = [ ];
};
}
installPhase = ''
mkdir -p $out/share/themes/gruvbox-material
rm -rf README.md LICENSE demo.png icons
cp -r themes/${variant}/* $out/share/themes/gruvbox-material
'';
meta = with lib; {
description = "Gruvbox Material for GTK";
homepage = "https://github.com/sainnhe/gruvbox-material-gtk";
license = licenses.mit;
platforms = platforms.unix;
maintainers = [];
};
}

49
pkgs/rip.nix
View file

@ -1,26 +1,31 @@
{ lib, stdenv, rustPlatform, fetchFromGitHub, pkg-config }:
{
lib,
stdenv,
rustPlatform,
fetchFromGitHub,
pkg-config,
}: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in
rustPlatform.buildRustPackage rec {
pname = "rip";
version = "";
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in rustPlatform.buildRustPackage rec {
pname = "rip";
version = "";
src = fetchFromGitHub {
owner = lock.nodes.rip.locked.owner;
repo = lock.nodes.rip.locked.repo;
rev = lock.nodes.rip.locked.rev;
sha256 = lock.nodes.rip.locked.narHash;
};
src = fetchFromGitHub {
owner = lock.nodes.rip.locked.owner;
repo = lock.nodes.rip.locked.repo;
rev = lock.nodes.rip.locked.rev;
sha256 = lock.nodes.rip.locked.narHash;
};
cargoSha256 = "sha256-gzdmDOpWSnX0CVihMf8ODi85P3EFHqdSBVKVQ9FZH7s=";
cargoSha256 = "sha256-gzdmDOpWSnX0CVihMf8ODi85P3EFHqdSBVKVQ9FZH7s=";
nativeBuildInputs = [ pkg-config ];
meta = with lib; {
description = "A safe and ergonomic alternative to rm";
homepage = "https://github.com/nivekuil/rip";
license = with licenses; [ gpl3 ];
maintainers = with maintainers; [ ];
};
}
nativeBuildInputs = [pkg-config];
meta = with lib; {
description = "A safe and ergonomic alternative to rm";
homepage = "https://github.com/nivekuil/rip";
license = with licenses; [gpl3];
maintainers = with maintainers; [];
};
}

3
users/malte/bemenu.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{pkgs, ...}:
pkgs.writeScriptBin "bemenu-run-configured" ''
#!${pkgs.stdenv.shell}

13
users/malte/broot.nix
View file

@ -1,13 +1,10 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.broot = {
enable = true;
enableFishIntegration = true;
skin = {
# TODO: Fix all these colors, make them dependent on config.colors
default =
"rgb(235, 219, 178) rgb(40, 40, 40) / rgb(189, 174, 147) rgb(40, 40, 40)";
default = "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(189, 174, 147) rgb(40, 40, 40)";
tree = "rgb(168, 153, 132) None / rgb(102, 92, 84) None";
file = "None None / None None Italic";
directory = "rgb(131, 165, 152) None Bold / rgb(69, 133, 136) None";
@ -59,10 +56,8 @@
help_code = "rgb(142, 192, 124) rgb(50, 48, 47)";
help_headers = "rgb(254, 128, 25) None Bold";
help_table_border = "rgb(80, 73, 69) None";
preview =
"rgb(235, 219, 178) rgb(40, 40, 40) / rgb(235, 219, 178) rgb(40, 40, 40)";
preview_line_number =
"rgb(124, 111, 100) None / rgb(124, 111, 100) rgb(40, 40, 40)";
preview = "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(235, 219, 178) rgb(40, 40, 40)";
preview_line_number = "rgb(124, 111, 100) None / rgb(124, 111, 100) rgb(40, 40, 40)";
preview_match = "None rgb(80, 73, 69) Bold Underlined";
hex_null = "rgb(189, 174, 147) None";
hex_ascii_graphic = "rgb(213, 196, 161) None";

16
users/malte/cataclysm-dda.nix
View file

@ -1,24 +1,18 @@
{ pkgs, ... }:
let
font =
"${pkgs.firaCodeNerd}/share/fonts/truetype/NerdFonts/Fira Code Bold Nerd Font Complete Mono.ttf";
{pkgs, ...}: let
font = "${pkgs.firaCodeNerd}/share/fonts/truetype/NerdFonts/Fira Code Bold Nerd Font Complete Mono.ttf";
# Set SDL_VIDEODRIVER=wayland to run it natively. Currently still needs the patch
# in ../patches/cdda-wayland-sdl-fix.patch.
cataclysm-dda-wayland-sdl = pkgs.symlinkJoin {
name = "cataclysm-tiles";
buildInputs = [ pkgs.makeWrapper ];
buildInputs = [pkgs.makeWrapper];
postBuild = ''
wrapProgram $out/bin/cataclysm-tiles --set SDL_VIDEODRIVER wayland
'';
paths = [ pkgs.cataclysm-dda-git ];
paths = [pkgs.cataclysm-dda-git];
};
in {
home.packages = [ cataclysm-dda-wayland-sdl pkgs.firaCodeNerd ];
home.packages = [cataclysm-dda-wayland-sdl pkgs.firaCodeNerd];
# Configure the fonts being used
# TODO: Cataclysm replaces this with a file..

198
users/malte/colors.nix
View file

@ -1,111 +1,111 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
# Create a color from a hexadezimal 6 digit description, like 'FF0000' for pure red
# mkcolor :: hex -> Color
mkColor = rgb:
let
# Mapping hex digits to actual numbers
hexDigitMap = {
"0" = 0;
"1" = 1;
"2" = 2;
"3" = 3;
"4" = 4;
"5" = 5;
"6" = 6;
"7" = 7;
"8" = 8;
"9" = 9;
"A" = 10;
"B" = 11;
"C" = 12;
"D" = 13;
"E" = 14;
"F" = 15;
};
# Convert a single hexadezimal character to a number
# hexCharToInt :: char -> int
hexCharToInt = char: hexDigitMap.${lib.strings.toUpper char};
# Convert a hexadezimal string to a number
# hexStringToInt :: string -> int
hexStringToInt = string:
let
chars = lib.strings.stringToCharacters string;
nums = map hexCharToInt chars;
fun = sum: el: sum * 16 + el;
in lib.foldl fun 0 nums;
# Convert a float from [0.0, 1.0] to a hex string from [0, 255]
# floatToFF :: float -> string
floatToFF = float: lib.toHexString (builtins.floor (255 * float));
# Red part of the given color
# red :: int
red = hexStringToInt (lib.strings.substring 0 2 rgb);
# Green part of the given color
# green :: int
green = hexStringToInt (lib.strings.substring 2 2 rgb);
# Blue part of the given color
# blue :: int
blue = hexStringToInt (lib.strings.substring 4 2 rgb);
# Create an RGB hex string from red, green, and blue parts
# rgbFromParts :: int -> int -> int -> string
rgbFromParts = r: g: b:
let
rHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString r);
gHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString g);
bHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString b);
in rHex + gHex + bHex;
# Create a Color darker than the color given by the rgb parts.
# amount is in range [0.0, 1.0], r,g, and b in range [0, 255]
# darkenColor :: int -> int -> int -> float -> Color
darkenColor = r: g: b: amount:
let
r' = builtins.floor ((1.0 - amount) * r);
g' = builtins.floor ((1.0 - amount) * g);
b' = builtins.floor ((1.0 - amount) * b);
in mkColor (rgbFromParts r' g' b');
# Create a Color lighter than the color given by the rgb parts. See darkenColor.
# darkenColor :: int -> int -> int -> float -> Color
lightenColor = r: g: b: amount:
let
r' = lib.min (builtins.floor ((1.0 + amount) * r)) 255;
g' = lib.min (builtins.floor ((1.0 + amount) * g)) 255;
b' = lib.min (builtins.floor ((1.0 + amount) * b)) 255;
in mkColor (rgbFromParts r' g' b');
in {
inherit rgb red green blue;
# e.g. "#FF0000"
hashRgb = "#" + rgb;
# e.g. rgbWithAlpha 1.0 -> "FF0000FF"
# rgbWithAlpha :: float -> string
rgbWithAlpha = alpha: rgb + (floatToFF alpha);
# e.g. hashRgbWithAlpha 1.0 -> "#FF0000FF"
# rgbWithAlpha :: float -> string
hashRgbWithAlpha = alpha: "#" + rgb + (floatToFF alpha);
# darker :: float -> Color
darker = darkenColor red green blue;
# lighter :: float -> Color
lighter = lightenColor red green blue;
mkColor = rgb: let
# Mapping hex digits to actual numbers
hexDigitMap = {
"0" = 0;
"1" = 1;
"2" = 2;
"3" = 3;
"4" = 4;
"5" = 5;
"6" = 6;
"7" = 7;
"8" = 8;
"9" = 9;
"A" = 10;
"B" = 11;
"C" = 12;
"D" = 13;
"E" = 14;
"F" = 15;
};
# Convert a single hexadezimal character to a number
# hexCharToInt :: char -> int
hexCharToInt = char: hexDigitMap.${lib.strings.toUpper char};
# Convert a hexadezimal string to a number
# hexStringToInt :: string -> int
hexStringToInt = string: let
chars = lib.strings.stringToCharacters string;
nums = map hexCharToInt chars;
fun = sum: el: sum * 16 + el;
in
lib.foldl fun 0 nums;
# Convert a float from [0.0, 1.0] to a hex string from [0, 255]
# floatToFF :: float -> string
floatToFF = float: lib.toHexString (builtins.floor (255 * float));
# Red part of the given color
# red :: int
red = hexStringToInt (lib.strings.substring 0 2 rgb);
# Green part of the given color
# green :: int
green = hexStringToInt (lib.strings.substring 2 2 rgb);
# Blue part of the given color
# blue :: int
blue = hexStringToInt (lib.strings.substring 4 2 rgb);
# Create an RGB hex string from red, green, and blue parts
# rgbFromParts :: int -> int -> int -> string
rgbFromParts = r: g: b: let
rHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString r);
gHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString g);
bHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString b);
in
rHex + gHex + bHex;
# Create a Color darker than the color given by the rgb parts.
# amount is in range [0.0, 1.0], r,g, and b in range [0, 255]
# darkenColor :: int -> int -> int -> float -> Color
darkenColor = r: g: b: amount: let
r' = builtins.floor ((1.0 - amount) * r);
g' = builtins.floor ((1.0 - amount) * g);
b' = builtins.floor ((1.0 - amount) * b);
in
mkColor (rgbFromParts r' g' b');
# Create a Color lighter than the color given by the rgb parts. See darkenColor.
# darkenColor :: int -> int -> int -> float -> Color
lightenColor = r: g: b: amount: let
r' = lib.min (builtins.floor ((1.0 + amount) * r)) 255;
g' = lib.min (builtins.floor ((1.0 + amount) * g)) 255;
b' = lib.min (builtins.floor ((1.0 + amount) * b)) 255;
in
mkColor (rgbFromParts r' g' b');
in {
inherit rgb red green blue;
# e.g. "#FF0000"
hashRgb = "#" + rgb;
# e.g. rgbWithAlpha 1.0 -> "FF0000FF"
# rgbWithAlpha :: float -> string
rgbWithAlpha = alpha: rgb + (floatToFF alpha);
# e.g. hashRgbWithAlpha 1.0 -> "#FF0000FF"
# rgbWithAlpha :: float -> string
hashRgbWithAlpha = alpha: "#" + rgb + (floatToFF alpha);
# darker :: float -> Color
darker = darkenColor red green blue;
# lighter :: float -> Color
lighter = lightenColor red green blue;
};
in {
options.colorDef = lib.mkOption {
default = { };
default = {};
type = with lib.types; attrsOf (uniq (strMatching "[0-9A-F]{6}"));
};
options.colors = lib.mkOption {
default = { };
default = {};
type = with lib.types; attrsOf (uniq anything);
};

11
users/malte/git.nix
View file

@ -1,6 +1,5 @@
{ ... }:
let conf = import ./conf.nix;
{...}: let
conf = import ./conf.nix;
in {
programs.git = {
enable = true;
@ -8,11 +7,11 @@ in {
userName = "Malte Tammena";
signing.key = "BCE9E4BF632E7CED";
includes = [{ contents = { diff.colorMoved = "default"; }; }];
includes = [{contents = {diff.colorMoved = "default";};}];
extraConfig = {
pull = { rebase = true; };
init = { defaultBranch = "main"; };
pull = {rebase = true;};
init = {defaultBranch = "main";};
};
delta = {

11
users/malte/gpg.nix
View file

@ -1,16 +1,15 @@
{ pkgs, ... }:
let conf = import ./conf.nix;
{pkgs, ...}: let
conf = import ./conf.nix;
in {
home.packages = with pkgs; [ yubikey-personalization ];
home.packages = with pkgs; [yubikey-personalization];
programs.gpg = { enable = true; };
programs.gpg = {enable = true;};
services.gpg-agent = {
enable = true;
enableScDaemon = true;
enableSshSupport = true;
sshKeys = [ conf.gpg.grip ];
sshKeys = [conf.gpg.grip];
pinentryFlavor = "qt";
};
}

26
users/malte/gtk.nix
View file

@ -1,7 +1,10 @@
{ pkgs, lib, nixosConfig, ... }:
let hiDPI = nixosConfig.hardware.video.hidpi.enable;
{
pkgs,
lib,
nixosConfig,
...
}: let
hiDPI = nixosConfig.hardware.video.hidpi.enable;
in rec {
home.packages = with pkgs; [
numix-cursor-theme
@ -12,7 +15,7 @@ in rec {
enable = true;
theme = {
package =
pkgs.callPackage ../../pkgs/gruvbox-material-gtk.nix { inherit hiDPI; };
pkgs.callPackage ../../pkgs/gruvbox-material-gtk.nix {inherit hiDPI;};
name = "gruvbox-material";
};
iconTheme = {
@ -21,16 +24,17 @@ in rec {
};
gtk2 = {
extraConfig = ''
gtk-cursor-theme-name = "Numix-Cursor-Light"
'' + (lib.optionalString hiDPI ''
gtk-cursor-theme-size = 48
'');
extraConfig =
''
gtk-cursor-theme-name = "Numix-Cursor-Light"
''
+ (lib.optionalString hiDPI ''
gtk-cursor-theme-size = 48
'');
};
gtk3 = {
bookmarks = [
];
extraConfig = {
gtk-cursor-theme-name = "Numix-Cursor-Light";

28
users/malte/home.nix
View file

@ -1,14 +1,17 @@
{ pkgs, lib, config, nixosConfig, ... }:
let
{
pkgs,
lib,
config,
nixosConfig,
...
}: let
script = name: path: pkgs.writeScriptBin name (builtins.readFile path);
wrap = name: pkg: postBuild:
pkgs.symlinkJoin {
inherit name postBuild;
paths = [ pkg ];
buildInputs = [ pkgs.makeWrapper ];
paths = [pkg];
buildInputs = [pkgs.makeWrapper];
};
fixGdk = name: pkg:
@ -34,11 +37,9 @@ let
# Provides libXss.1
xorg.libXScrnSaver
];
extraPkgs = pkgs: with pkgs; [ ];
extraPkgs = pkgs: with pkgs; [];
};
in {
imports = [
./git.nix
./shell.nix
@ -59,18 +60,18 @@ in {
];
config = {
settings.sway.enable = true;
home = {
packages = with pkgs; [
aseprite
alejandra
element-desktop # FIXME: Once it works again? (fixElectron "element-desktop" element-desktop)
signal-desktop # FIXME: Once it works again? (fixElectron "signal-desktop" signal-desktop)
(fixGdk "Discord" discord)
(fixGdk "losslesscut" losslesscut-bin)
(fixGdk "skypeforlinux" skypeforlinux)
(pkgs.callPackage ../../pkgs/2i-emulator.nix { })
(pkgs.callPackage ../../pkgs/2i-emulator.nix {})
(fenix.latest.withComponents [
"cargo"
"clippy"
@ -85,6 +86,7 @@ in {
cargo-readme
cargo-edit
cargo-udeps
colmena
feh
geekbench
gimp
@ -101,7 +103,6 @@ in {
lutrisWithLibs
mensa
mosh
nixfmt
patchelf
pavucontrol
pdftk
@ -137,7 +138,7 @@ in {
keyboard = {
layout = "us,us";
variant = ",workman";
options = [ "compose:rctrl" "grp:alt_space_toggle" "grp_led:caps" ];
options = ["compose:rctrl" "grp:alt_space_toggle" "grp_led:caps"];
};
# Use some german units and formats but with the english language!
@ -151,7 +152,6 @@ in {
telephone = "de_DE.UTF-8";
time = "de_DE.UTF-8";
};
};
# Make sure firefox is my default browser

96
users/malte/kakoune.nix
View file

@ -1,27 +1,37 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
# Configuration for kakoune plugins
pluginConfigs = with pkgs.kakounePlugins; [
{ # FZF for kakoune
{
# FZF for kakoune
pkg = fzf-kak;
mappings = [{
docstring = "FZF mode";
mode = "user";
key = "f";
effect = ":fzf-mode<ret>";
}];
hooks = [{ # Change fzf settings before first use
name = "ModuleLoaded";
option = "fzf-file";
commands = ''
set-option global fzf_file_command "fd"
set-option global fzf_highlight_command "bat"
'';
}];
mappings = [
{
docstring = "FZF mode";
mode = "user";
key = "f";
effect = ":fzf-mode<ret>";
}
];
hooks = [
{
# Change fzf settings before first use
name = "ModuleLoaded";
option = "fzf-file";
commands = ''
set-option global fzf_file_command "fd"
set-option global fzf_highlight_command "bat"
'';
}
];
}
{ # Languange Server Config
{
# Languange Server Config
pkg = kak-lsp;
config = ''
eval %sh{kak-lsp --kakoune -s $kak_session}
@ -35,27 +45,35 @@ let
}
}
'';
mappings = [{ # Enter LSP Usermode
docstring = "LSP mode";
mode = "user";
key = "l";
effect = ":enter-user-mode lsp<ret>";
}];
hooks = [{ # Start kak-lsp for specific windows
name = "WinSetOption";
commands = "lsp-enable-window";
option = "filetype=(rust|nix|python|latex|typescript|javascript)";
}];
mappings = [
{
# Enter LSP Usermode
docstring = "LSP mode";
mode = "user";
key = "l";
effect = ":enter-user-mode lsp<ret>";
}
];
hooks = [
{
# Start kak-lsp for specific windows
name = "WinSetOption";
commands = "lsp-enable-window";
option = "filetype=(rust|nix|python|latex|typescript|javascript)";
}
];
}
];
additionalMappings = [{ # Switch to last buffer
docstring = "Previous buffer";
mode = "user";
key = ",";
effect = ":buffer-previous<ret>";
}];
additionalMappings = [
{
# Switch to last buffer
docstring = "Previous buffer";
mode = "user";
key = ",";
effect = ":buffer-previous<ret>";
}
];
additionalConfig = ''
add-highlighter global/ number-lines -relative
@ -69,10 +87,8 @@ let
'';
selectOr = attr: default: map (conf: conf.${attr} or default) pluginConfigs;
selectList = attr: lib.flatten (selectOr attr [ ]);
selectList = attr: lib.flatten (selectOr attr []);
in {
programs.kakoune = {
enable = true;

8
users/malte/kanshi.nix
View file

@ -1,17 +1,13 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
notify = profile: ''
${pkgs.libnotify}/bin/notify-send -t 10000 -a 'Kanshi' '${profile}' 'Profile activated'
'';
in {
services.kanshi = {
enable = true;
profiles = {
undocked = {
outputs = [{ criteria = "eDP-1"; }];
outputs = [{criteria = "eDP-1";}];
exec = notify "Undocked";
};
docked = {

4
users/malte/kitty.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.kitty = {
enable = true;

22
users/malte/mako.nix
View file

@ -1,13 +1,15 @@
{ pkgs, config, ... }:
let
{
pkgs,
config,
...
}: let
col = config.colors;
format = { bg, fg }:
''
<span background="${bg.hashRgb}" foreground="${fg.hashRgb}"><b> %s </b></span> %b'';
format = {
bg,
fg,
}: ''
<span background="${bg.hashRgb}" foreground="${fg.hashRgb}"><b> %s </b></span> %b'';
in {
programs.mako = {
enable = true;
anchor = "top-right";
@ -66,8 +68,8 @@ in {
ExecReload = "${pkgs.mako}/bin/makoctl reload";
Restart = "always";
};
Install = { WantedBy = [ "graphical-session.target" ]; };
Install = {WantedBy = ["graphical-session.target"];};
};
home.packages = [ pkgs.firaCodeNerd ];
home.packages = [pkgs.firaCodeNerd];
}

9
users/malte/mpv.nix
View file

@ -1,6 +1,9 @@
{ pkgs, config, ... }:
let col = config.colors;
{
pkgs,
config,
...
}: let
col = config.colors;
in {
programs.mpv = {
enable = true;

8
users/malte/pass.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
sed = "${pkgs.gnused}/bin/sed";
pass = "${pkgs.pass}/bin/pass";
wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy";
@ -43,8 +41,8 @@ let
in {
programs.password-store = {
enable = true;
settings = { PASSWORD_STORE_KEY = "BCE9E4BF632E7CED"; };
settings = {PASSWORD_STORE_KEY = "BCE9E4BF632E7CED";};
};
home.packages = [ passmenu-bemenu pkgs.firaCodeNerd ];
home.packages = [passmenu-bemenu pkgs.firaCodeNerd];
}

4
users/malte/qt.nix
View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
qt = {
enable = true;
platformTheme = "gtk";

23
users/malte/scarlett-solo.nix
View file

@ -1,18 +1,20 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
pipewire = "pipewire.service";
device = "dev-scarlett_solo.device";
alsa-input =
"alsa_input.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-input-0";
alsa-input = "alsa_input.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-input-0";
channelMapService = { dev, name, desc, from, to }: {
channelMapService = {
dev,
name,
desc,
from,
to,
}: {
Unit = {
Description = desc;
Requires = pipewire;
BindsTo = device;
After = [ pipewire device ];
After = [pipewire device];
};
Service = {
Type = "simple";
@ -27,11 +29,9 @@ let
-C ${alsa-input}
'';
};
Install.WantedBy = [ "default.target" device ];
Install.WantedBy = ["default.target" device];
};
in {
systemd.user.services = {
scarlett-voice = channelMapService {
dev = "scarlett-voice";
@ -55,5 +55,4 @@ in {
to = "MONO";
};
};
}

11
users/malte/shell.nix
View file

@ -1,8 +1,6 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
(pkgs.callPackage ../../pkgs/rip.nix { })
(pkgs.callPackage ../../pkgs/rip.nix {})
bottom
fd
fishPlugins.done
@ -58,8 +56,7 @@
zat = "zathura --fork";
discord-hack =
"NIXPKGS_ALLOW_UNFREE=1 nix run 'github:NixOS/nixpkgs?ref=master#discord' --impure";
discord-hack = "NIXPKGS_ALLOW_UNFREE=1 nix run 'github:NixOS/nixpkgs?ref=master#discord' --impure";
};
shellAliases = {
kal = "khal list (date '+%d.%m.%Y') (date --date='+1week' '+%d.%m.%Y')";
@ -121,6 +118,6 @@
programs.bat = {
enable = true;
config = { theme = "gruvbox-dark"; };
config = {theme = "gruvbox-dark";};
};
}

215
users/malte/sway.nix
View file

@ -1,7 +1,10 @@
{ pkgs, config, lib, nixosConfig, ... }:
let
{
pkgs,
config,
lib,
nixosConfig,
...
}: let
col = config.colors;
backgrounds = pkgs.fetchFromGitHub {
@ -17,22 +20,18 @@ let
wf-recorder = "${pkgs.wf-recorder}/bin/wf-recorder";
slurp = "${pkgs.slurp}/bin/slurp -db '#000000AA' -c '#EBDBB2' -w1";
fuser = "${pkgs.psmisc}/bin/fuser";
alsa_rec =
"alsa_output.pci-0000_00_1f.3-platform-skl_hda_dsp_generic.HiFi__hw_sofhdadsp__sink.monitor";
alsa_rec = "alsa_output.pci-0000_00_1f.3-platform-skl_hda_dsp_generic.HiFi__hw_sofhdadsp__sink.monitor";
screenshot-path = "/home/malte/Pictures/screenshots/screenshot.png";
screenshot-all =
"${grim} ${screenshot-path} && ${wl-copy} < ${screenshot-path}";
screenshot-all = "${grim} ${screenshot-path} && ${wl-copy} < ${screenshot-path}";
screenshot-region = ''
${grim} -g "$(${slurp})" ${screenshot-path} && ${wl-copy} < ${screenshot-path}'';
screencast-path = "/home/malte/Videos/screencasts/screencast.mp4";
screencast-all =
''${wf-recorder} --audio="${alsa_rec}" -f ${screencast-path}'';
screencast-all = ''${wf-recorder} --audio="${alsa_rec}" -f ${screencast-path}'';
screencast-region = ''
${wf-recorder} --audio="${alsa_rec}" -g "$$(${slurp})" -f ${screencast-path}'';
screencast-stop =
"killall -s SIGINT wf-recorder && ${wl-copy} < ${screencast-path}";
screencast-stop = "killall -s SIGINT wf-recorder && ${wl-copy} < ${screencast-path}";
swaylockConfig = ''
screenshots
@ -79,17 +78,14 @@ let
cfg = config.settings.sway;
nvidiaUsed = nixosConfig.settings.nvidiaUsed;
hiDPI = nixosConfig.hardware.video.hidpi.enable;
in {
imports =
[ ./waybar.nix ./gtk.nix ./qt.nix ./pass.nix ./mako.nix ./kanshi.nix ];
imports = [./waybar.nix ./gtk.nix ./qt.nix ./pass.nix ./mako.nix ./kanshi.nix];
options.settings.sway = with lib; {
enable = mkEnableOption "Enable sway config";
};
config = lib.mkIf cfg.enable {
home.packages = [
pkgs.firaCodeNerd
pkgs.grim
@ -112,18 +108,20 @@ in {
gtk = true;
};
extraSessionCommands = ''
# needs qt5.qtwayland in systemPackages
export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
export MOZ_ENABLE_WAYLAND=1
export GDK_BACKEND=wayland
# Fix for some Java AWT applications (e.g. Android Studio),
# use this if they aren't displayed properly:
export _JAVA_AWT_WM_NONREPARENTING=1
export XDG_CURRENT_DESKTOP=Sway
export XDG_SESSION_TYPE=wayland
'' +
extraSessionCommands =
''
# needs qt5.qtwayland in systemPackages
export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
export MOZ_ENABLE_WAYLAND=1
export GDK_BACKEND=wayland
# Fix for some Java AWT applications (e.g. Android Studio),
# use this if they aren't displayed properly:
export _JAVA_AWT_WM_NONREPARENTING=1
export XDG_CURRENT_DESKTOP=Sway
export XDG_SESSION_TYPE=wayland
''
+
# TODO: See what actually is required here!
(lib.optionalString nvidiaUsed ''
# Set DRM devices and fix cursor
@ -147,7 +145,7 @@ in {
commands = [
{
command = ''title_format "[<b>X</b>] %title"'';
criteria = { shell = "xwayland"; };
criteria = {shell = "xwayland";};
}
{
command = "floating enable; kill";
@ -158,67 +156,69 @@ in {
}
{
command = "floating enable";
criteria = { app_id = "org.gnome.Nautilus"; };
criteria = {app_id = "org.gnome.Nautilus";};
}
{
command = "floating enable";
criteria = { class = "Mojosetup"; };
criteria = {class = "Mojosetup";};
}
];
};
bars = [{
command = "${pkgs.waybar}/bin/waybar";
position = "top";
}];
bars = [
{
command = "${pkgs.waybar}/bin/waybar";
position = "top";
}
];
seat."*".xcursor_theme =
if hiDPI then "Numix-Cursor-Light 48" else "Numix-Cursor-Light 32";
if hiDPI
then "Numix-Cursor-Light 48"
else "Numix-Cursor-Light 32";
keybindings = let
mod = config.wayland.windowManager.sway.config.modifier;
move_follow = workspace:
"move container to workspace ${workspace}; workspace ${workspace}";
in lib.mkOptionDefault {
"${mod}+Shift+e" = "exit";
# Move focused container to workspace and follow
"${mod}+Ctrl+Shift+1" = move_follow "1";
"${mod}+Ctrl+Shift+2" = move_follow "2";
"${mod}+Ctrl+Shift+3" = move_follow "3";
"${mod}+Ctrl+Shift+4" = move_follow "4";
"${mod}+Ctrl+Shift+5" = move_follow "5";
"${mod}+Ctrl+Shift+6" = move_follow "6";
"${mod}+Ctrl+Shift+7" = move_follow "7";
"${mod}+Ctrl+Shift+8" = move_follow "8";
"${mod}+Ctrl+Shift+9" = move_follow "9";
# Move workspaces between displays
"${mod}+Ctrl+Shift+l" = "move workspace to output right";
"${mod}+Ctrl+Shift+k" = "move workspace to output up";
"${mod}+Ctrl+Shift+j" = "move workspace to output down";
"${mod}+Ctrl+Shift+h" = "move workspace to output left";
# Sound control
"XF86AudioRaiseVolume" =
"exec ${pkgs.ponymix}/bin/ponymix increase 5%";
"XF86AudioLowerVolume" =
"exec ${pkgs.ponymix}/bin/ponymix decrease 5%";
"XF86AudioMute" = "exec ${pkgs.ponymix}/bin/ponymix toggle";
"XF86AudioMicMute" =
"exec ${pkgs.ponymix}/bin/ponymix --input toggle";
# Additional menus
"${mod}+p" = "exec passmenu-bemenu";
# Screenshots
"${mod}+Ctrl+s" = "exec ${screenshot-all}";
"${mod}+Ctrl+Shift+s" = "exec ${screenshot-region}";
# Screencasts
"${mod}+Ctrl+r" = "exec ${screencast-all}; mode recording";
"${mod}+Ctrl+Shift+r" = "exec ${screencast-region}; mode recording";
# Special window actions
"${mod}+Ctrl+Shift+w" = "mode window";
# Screenlocking
"XF86Favorites" = "exec swaylock";
};
move_follow = workspace: "move container to workspace ${workspace}; workspace ${workspace}";
in
lib.mkOptionDefault {
"${mod}+Shift+e" = "exit";
# Move focused container to workspace and follow
"${mod}+Ctrl+Shift+1" = move_follow "1";
"${mod}+Ctrl+Shift+2" = move_follow "2";
"${mod}+Ctrl+Shift+3" = move_follow "3";
"${mod}+Ctrl+Shift+4" = move_follow "4";
"${mod}+Ctrl+Shift+5" = move_follow "5";
"${mod}+Ctrl+Shift+6" = move_follow "6";
"${mod}+Ctrl+Shift+7" = move_follow "7";
"${mod}+Ctrl+Shift+8" = move_follow "8";
"${mod}+Ctrl+Shift+9" = move_follow "9";
# Move workspaces between displays
"${mod}+Ctrl+Shift+l" = "move workspace to output right";
"${mod}+Ctrl+Shift+k" = "move workspace to output up";
"${mod}+Ctrl+Shift+j" = "move workspace to output down";
"${mod}+Ctrl+Shift+h" = "move workspace to output left";
# Sound control
"XF86AudioRaiseVolume" = "exec ${pkgs.ponymix}/bin/ponymix increase 5%";
"XF86AudioLowerVolume" = "exec ${pkgs.ponymix}/bin/ponymix decrease 5%";
"XF86AudioMute" = "exec ${pkgs.ponymix}/bin/ponymix toggle";
"XF86AudioMicMute" = "exec ${pkgs.ponymix}/bin/ponymix --input toggle";
# Additional menus
"${mod}+p" = "exec passmenu-bemenu";
# Screenshots
"${mod}+Ctrl+s" = "exec ${screenshot-all}";
"${mod}+Ctrl+Shift+s" = "exec ${screenshot-region}";
# Screencasts
"${mod}+Ctrl+r" = "exec ${screencast-all}; mode recording";
"${mod}+Ctrl+Shift+r" = "exec ${screencast-region}; mode recording";
# Special window actions
"${mod}+Ctrl+Shift+w" = "mode window";
# Screenlocking
"XF86Favorites" = "exec swaylock";
};
gaps = let size = 3;
gaps = let
size = 3;
in {
smartBorders = "on";
smartGaps = true;
@ -227,42 +227,44 @@ in {
};
assigns = {
"2" = [{ app_id = "firefox"; }];
"2" = [{app_id = "firefox";}];
"5" = [
{ title = "Korrektur.pdf(.xopp)? . Xournal++"; }
{ title = ".*HWP Betreuung/Skript.pdf"; }
{title = "Korrektur.pdf(.xopp)? . Xournal++";}
{title = ".*HWP Betreuung/Skript.pdf";}
];
"6" = [{ class = "com-cburch-logisim-Main"; }];
"7" = [{ app_id = "Element"; }];
"8" = [ { app_id = "telegramdesktop"; } { class = "discord"; } ];
"9" = [{ app_id = "pavucontrol"; }];
"6" = [{class = "com-cburch-logisim-Main";}];
"7" = [{app_id = "Element";}];
"8" = [{app_id = "telegramdesktop";} {class = "discord";}];
"9" = [{app_id = "pavucontrol";}];
};
fonts = {
names = [ "FiraCode Nerd Font" ];
names = ["FiraCode Nerd Font"];
size = 8.0;
};
modes = let mod = config.wayland.windowManager.sway.config.modifier;
in lib.mkOptionDefault {
recording = {
"${mod}+Escape" = "exec ${screencast-stop}; mode default";
};
modes = let
mod = config.wayland.windowManager.sway.config.modifier;
in
lib.mkOptionDefault {
recording = {
"${mod}+Escape" = "exec ${screencast-stop}; mode default";
};
window = {
"Escape" = "mode default";
"1" = let
width = 1920;
win_width = 500;
win_height = 500 * 9 / 16;
str = builtins.toString;
in "floating enable; sticky enable; resize set width ${
str win_width
}px height ${str win_height}px; move position ${
str (1920 - win_width)
}px 0px";
window = {
"Escape" = "mode default";
"1" = let
width = 1920;
win_width = 500;
win_height = 500 * 9 / 16;
str = builtins.toString;
in "floating enable; sticky enable; resize set width ${
str win_width
}px height ${str win_height}px; move position ${
str (1920 - win_width)
}px 0px";
};
};
};
input = {
# Build into the Thinkpad
@ -301,10 +303,8 @@ in {
output = {
"Unknown 0x1500 0x00000000".bg = "${backgrounds}/forest2.jpg fill";
"Goldstar Company Ltd IPS226 SerialNumber".bg =
"${backgrounds}/future-town.jpg fill";
"BenQ Corporation BenQ GW2270 P9J02423SL0".bg =
"${backgrounds}/leaves3.jpg fill";
"Goldstar Company Ltd IPS226 SerialNumber".bg = "${backgrounds}/future-town.jpg fill";
"BenQ Corporation BenQ GW2270 P9J02423SL0".bg = "${backgrounds}/leaves3.jpg fill";
};
colors = let
@ -346,7 +346,6 @@ in {
};
};
};
};
services.wlsunset = {

27
users/malte/taskwarrior.nix
View file

@ -1,10 +1,13 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
# Data storage location for taskwarrior
dataLocation = "/home/malte/Tasks";
# A usable (with dateutil) python interpreter for timewarrior's totals.py extension
pythonWithLibs = pkgs.python3.withPackages (ps: [ ps.dateutil ]);
pythonWithLibs = pkgs.python3.withPackages (ps: [ps.dateutil]);
# This is a patched version of the upstream `totals.py` script
# so sum up timewarrior stats
# This just patches the first line to use a python interpreter that has
@ -18,9 +21,9 @@ let
rev = "v1.4.3";
sha256 = "+HsUiU287bWZ5Ytl+N5i+STuG9YlqlaKWxd69y0PRds=";
};
buildInputs = [ pkgs.coreutils ];
propagatedBuildInputs = [ pythonWithLibs ];
phases = [ "unpackPhase" "patchPhase" "installPhase" ];
buildInputs = [pkgs.coreutils];
propagatedBuildInputs = [pythonWithLibs];
phases = ["unpackPhase" "patchPhase" "installPhase"];
patchPhase = ''
sed -i 's|^#!/usr/bin/env python3$|#!${pythonWithLibs}/bin/python3|' \
ext/totals.py \
@ -31,11 +34,10 @@ let
cp ext/totals.py ext/on-modify.timewarrior $out/
'';
};
in {
# Install timewarrior aswell!
# Timewarrior hook needs Python3.. or a patch.. to lazy for the latter
home.packages = with pkgs; [ timewarrior python3 ];
home.packages = with pkgs; [timewarrior python3];
programs.taskwarrior = {
inherit dataLocation;
@ -57,17 +59,14 @@ in {
description = "Tasksh review report. Adjust the filter to your needs.";
columns = "uuid";
sort = "reviewed+,modified+";
filter =
"( reviewed.none: or reviewed.before:now-6days ) and ( +PENDING )";
filter = "( reviewed.none: or reviewed.before:now-6days ) and ( +PENDING )";
};
};
};
home.file.".timewarrior/extensions/totals.py".source =
"${timewarriorExtensions}/totals.py";
home.file.".timewarrior/extensions/totals.py".source = "${timewarriorExtensions}/totals.py";
home.file."${dataLocation}/hooks/on-modify-timewarrior" = {
source = "${timewarriorExtensions}/on-modify.timewarrior";
executable = true;
};
}

10
users/malte/unison.nix
View file

@ -1,12 +1,10 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [ x11_ssh_askpass openssh ];
{pkgs, ...}: {
home.packages = with pkgs; [x11_ssh_askpass openssh];
services.unison = {
enable = true;
pairs.university = {
roots = [ "/home/malte/Uni" "ssh://malte@helix-pomatia//home/malte/Uni" ];
commandOptions = { auto = "true"; };
roots = ["/home/malte/Uni" "ssh://malte@helix-pomatia//home/malte/Uni"];
commandOptions = {auto = "true";};
};
};
}

218
users/malte/waybar.nix
View file

@ -1,19 +1,20 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
darkenBorder = 0.4;
col = config.colors;
task-activity = with pkgs;
let
task = "${pkgs.taskwarrior}/bin/task";
jq = "${pkgs.jq}/bin/jq";
timew = "${pkgs.timewarrior}/bin/timew";
getTaskwarriorDesc = "${task} +ACTIVE export | ${jq} '.[0].description'";
getTimewarriorDesc =
"${timew} get dom.active.json | ${jq} '.tags|join(\", \")'";
in writeScriptBin "task-activity" ''
task-activity = with pkgs; let
task = "${pkgs.taskwarrior}/bin/task";
jq = "${pkgs.jq}/bin/jq";
timew = "${pkgs.timewarrior}/bin/timew";
getTaskwarriorDesc = "${task} +ACTIVE export | ${jq} '.[0].description'";
getTimewarriorDesc = "${timew} get dom.active.json | ${jq} '.tags|join(\", \")'";
in
writeScriptBin "task-activity" ''
#!${stdenv.shell}
task +ACTIVE >/dev/null 2>/dev/null
@ -43,103 +44,106 @@ let
systemctl = "${pkgs.systemd}/bin/systemctl";
jq = "${pkgs.jq}/bin/jq";
extractJson = "${jq} '.[].unit' --raw-output";
replaceNewlines = "${pkgs.coreutils}/bin/tr '\n' ' '";
in pkgs.writeScriptBin "check-system" ''
#!${pkgs.stdenv.shell}
newline = "\n";
replaceNewlines = "${pkgs.coreutils}/bin/tr '${newline}' ' '";
in
pkgs.writeScriptBin "check-system" ''
#!${pkgs.stdenv.shell}
failed_user=$(${systemctl} --user --output json list-units --failed | ${extractJson} | ${replaceNewlines})
failed_system=$(${systemctl} --output json list-units --failed | ${extractJson} | ${replaceNewlines})
failed_user=$(${systemctl} --user --output json list-units --failed | ${extractJson} | ${replaceNewlines})
failed_system=$(${systemctl} --output json list-units --failed | ${extractJson} | ${replaceNewlines})
if [[ -n $failed_system ]]; then
# Some system services failed
echo "{ \"text\": \" \", \
\"tooltip\": \"$failed_system\" \
}" | ${jq} --unbuffered --compact-output
fi
if [[ -n $failed_user ]]; then
# Some user services failed
echo "{ \"text\": \" \", \
\"tooltip\": \"$failed_user\" \
}" | ${jq} --unbuffered --compact-output
fi
'';
if [[ -n $failed_system ]]; then
# Some system services failed
echo "{ \"text\": \" \", \
\"tooltip\": \"$failed_system\" \
}" | ${jq} --unbuffered --compact-output
fi
if [[ -n $failed_user ]]; then
# Some user services failed
echo "{ \"text\": \" \", \
\"tooltip\": \"$failed_user\" \
}" | ${jq} --unbuffered --compact-output
fi
'';
in {
home.packages = [ pkgs.firaCodeNerd task-activity ];
home.packages = [pkgs.firaCodeNerd task-activity];
programs.waybar = {
enable = true;
settings = [{
layer = "top";
position = "top";
settings = [
{
layer = "top";
position = "top";
modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ];
modules-center = [ "clock#time" "custom/check-system" "clock#date" ];
modules-right = [ "custom/taskwarrior" "network" "battery" "tray" ];
modules-left = ["sway/workspaces" "sway/mode" "sway/window"];
modules-center = ["clock#time" "custom/check-system" "clock#date"];
modules-right = ["custom/taskwarrior" "network" "battery" "tray"];
modules = {
"sway/workspaces" = {
disable-scroll = true;
all-outputs = true;
};
"sway/mode" = {
format = "<span foreground='${col.background.hashRgb}'>{}</span>";
};
"sway/window" = { tooltip = false; };
"clock#time" = {
interval = 1;
format = "{:%T}";
tooltip = false;
};
"custom/check-system" = {
exec = "${checkSystem}/bin/check-system";
return-type = "json";
interval = 5;
};
"clock#date" = {
format = "{:%d.%m.%y}";
tooltip = false;
};
"custom/taskwarrior" = {
exec = "${task-activity}/bin/task-activity";
return-type = "json";
interval = 1;
};
"idle_inhibitor" = {
format = "{icon}";
format-icons = {
activated = " ";
deactivated = " ";
modules = {
"sway/workspaces" = {
disable-scroll = true;
all-outputs = true;
};
tooltip = false;
};
"battery" = {
states = {
good = 95;
warning = 30;
critical = 15;
"sway/mode" = {
format = "<span foreground='${col.background.hashRgb}'>{}</span>";
};
"sway/window" = {tooltip = false;};
"clock#time" = {
interval = 1;
format = "{:%T}";
tooltip = false;
};
"custom/check-system" = {
exec = "${checkSystem}/bin/check-system";
return-type = "json";
interval = 5;
};
"clock#date" = {
format = "{:%d.%m.%y}";
tooltip = false;
};
"custom/taskwarrior" = {
exec = "${task-activity}/bin/task-activity";
return-type = "json";
interval = 1;
};
"idle_inhibitor" = {
format = "{icon}";
format-icons = {
activated = " ";
deactivated = " ";
};
tooltip = false;
};
"battery" = {
states = {
good = 95;
warning = 30;
critical = 15;
};
format = "{icon} {capacity}%";
format-charging = " {capacity}%";
format-plugged = "";
design-capacity = true;
format-icons = ["" "" "" "" ""];
tooltip = false;
};
"network" = {
format-wifi = "{essid} ({signalStrength}%) ";
format-ethernet = "{ifname}: {ipaddr}/{cidr} ";
format-linked = "{ifname} (No IP) ";
format-disconnected = " ";
tooltip = false;
interval = 5;
};
format = "{icon} {capacity}%";
format-charging = " {capacity}%";
format-plugged = "";
design-capacity = true;
format-icons = [ "" "" "" "" "" ];
tooltip = false;
};
"network" = {
format-wifi = "{essid} ({signalStrength}%) ";
format-ethernet = "{ifname}: {ipaddr}/{cidr} ";
format-linked = "{ifname} (No IP) ";
format-disconnected = " ";
tooltip = false;
interval = 5;
};
};
}];
}
];
style = ''
* {
@ -153,8 +157,8 @@ in {
window#waybar {
background-color: ${col.background.hashRgb};
border-bottom: 3px solid ${
(col.background.darker darkenBorder).hashRgb
};
(col.background.darker darkenBorder).hashRgb
};
color: ${col.primary.hashRgb};
}
@ -184,8 +188,8 @@ in {
font-weight: bolder;
min-width: 20px;
border-bottom: 3px solid ${
(col.background.darker darkenBorder).hashRgb
};
(col.background.darker darkenBorder).hashRgb
};
}
#workspaces button.urgent {
@ -255,8 +259,8 @@ in {
background-color: ${col.foregroundDimmed.hashRgb};
color: ${col.background.hashRgb};
border-bottom: 3px solid ${
(col.foregroundDimmed.darker darkenBorder).hashRgb
};
(col.foregroundDimmed.darker darkenBorder).hashRgb
};
}
#network.disconnected {
@ -273,8 +277,8 @@ in {
background-color: ${col.foregroundDimmed.hashRgb};
color: ${col.background.hashRgb};
border-bottom: 3px solid ${
(col.foregroundDimmed.darker darkenBorder).hashRgb
};
(col.foregroundDimmed.darker darkenBorder).hashRgb
};
}
#idle_inhibitor.activated {
@ -318,8 +322,8 @@ in {
#battery {
background-color: ${col.foregroundDimmed.hashRgb};
border-bottom: 3px solid ${
(col.foregroundDimmed.darker darkenBorder).hashRgb
};
(col.foregroundDimmed.darker darkenBorder).hashRgb
};
color: ${col.background.hashRgb};
}

4
users/malte/wlsunset.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.wlsunset = {
enable = true;
latitude = 51.3;

6
users/malte/zathura.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }:
{
home.packages = [ pkgs.firaCodeNerd ];
{pkgs, ...}: {
home.packages = [pkgs.firaCodeNerd];
programs.zathura = {
enable = true;

21
users/marie/home.nix
View file

@ -1,17 +1,18 @@
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
mkTuple = lib.hm.gvariant.mkTuple;
bg = pkgs.fetchurl {
url = "https://images.pexels.com/photos/2559941/pexels-photo-2559941.jpeg";
sha256 = "sha256-Su2UwFpZKj5sa80UrcDSX9O2GuVI6XR2gSLpp4gJZP0=";
};
in {
imports = [ ../modules/restic-backup.nix ];
imports = [../modules/restic-backup.nix];
config = {
home.packages = with pkgs; [
bitwarden
element-desktop
@ -39,7 +40,7 @@ in {
services.restic = {
enable = true;
paths = [ "/home/marie/Uni" "/home/marie/Bilder" ];
paths = ["/home/marie/Uni" "/home/marie/Bilder"];
};
programs.mpv = {
@ -54,14 +55,14 @@ in {
};
"org/gnome/desktop/input-sources" = {
per-window = false;
sources = [ (mkTuple [ "xkb" "de" ]) (mkTuple [ "xkb" "us+workman" ]) ];
xkb-options = [ "compose:rctrl" ];
sources = [(mkTuple ["xkb" "de"]) (mkTuple ["xkb" "us+workman"])];
xkb-options = ["compose:rctrl"];
};
"org/gnome/desktop/interface" = {
enable-hot-corners = false;
show-battery-percentage = true;
};
"org/gnome/desktop/background" = { picture-uri = "file://${bg}"; };
"org/gnome/desktop/background" = {picture-uri = "file://${bg}";};
};
};
}

28
users/modules/restic-backup.nix
View file

@ -3,10 +3,13 @@
# This _assumes_ a few things:
# - There is a sops.secrets with the name "restic-backup-USERNAME"
# - That the repository is actually reachable, which is a little flaky still
{ nixosConfig, pkgs, lib, config, ... }:
let
{
nixosConfig,
pkgs,
lib,
config,
...
}: let
resticCmd = "${pkgs.restic}/bin/restic";
username = config.home.username;
@ -25,15 +28,13 @@ let
};
cfg = config.services.restic;
in {
options.services.restic = with lib; {
enable = mkEnableOption "restic backup service";
paths = mkOption {
type = types.listOf types.str;
default = [ ];
default = [];
description = "Paths to backup";
};
@ -46,14 +47,14 @@ in {
config = lib.mkIf cfg.enable {
# Add restic for the user (they will need to initialize the repo)
home.packages = [ pkgs.restic ];
home.packages = [pkgs.restic];
# Add the above env variables, so that using restic is easy for them
home.sessionVariables = sessionVars;
# Create a systemd service for the backup
systemd.user.services.restic-backups-to-elysia-clarki = {
Unit = {
Description = "Backup to elysia-clarki using restic";
After = [ "network.target" ];
After = ["network.target"];
};
Service = {
@ -71,15 +72,16 @@ in {
CacheDirectoryMode = "0700";
# Convert the above map of environment variables into a list
# of "KEY=VALUE" entrie
Environment = builtins.attrValues
Environment =
builtins.attrValues
(builtins.mapAttrs (k: v: "${k}=${v}") sessionVars);
};
};
# Run the above service every hour
systemd.user.timers.restic-backups-to-elysia-clarki = {
Unit = { Description = "Run restic backups every hour"; };
Install = { WantedBy = [ "timers.target" ]; };
Timer = { OnCalendar = "hourly"; };
Unit = {Description = "Run restic backups every hour";};
Install = {WantedBy = ["timers.target"];};
Timer = {OnCalendar = "hourly";};
};
};
}

51
users/modules/synchronize-calendars.nix
View file

@ -1,8 +1,10 @@
# Synchronize calendars from https://cal.tammena.rocks
{ pkgs, lib, config, ... }:
let
{
pkgs,
lib,
config,
...
}: let
cfg = config.services.synchronize-calendars;
khalConfig = ''
@ -45,10 +47,11 @@ let
username = "${cfg.user}"
password.fetch = ["command", "cat", "${cfg.passwordFile}"]
'';
in {
options.services.synchronize-calendars = with lib; {
enable = mkEnableOption "Enable service to synchronize my calendars and add some necessary programs";
enable =
mkEnableOption
"Enable service to synchronize my calendars and add some necessary programs";
user = mkOption {
type = types.str;
@ -67,27 +70,27 @@ in {
};
config = lib.mkIf cfg.enable {
home.packages = [ pkgs.vdirsyncer pkgs.khal ];
home.packages = [pkgs.vdirsyncer pkgs.khal];
# == Systemd settings to automatically run the sync ==
systemd.user.services."synchronize-calendars" = {
Unit.Description = "Synchronize my calendars using vdirsyncer";
Service = {
Type = "oneshot";
ExecStart = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync
'';
# == Systemd settings to automatically run the sync ==
systemd.user.services."synchronize-calendars" = {
Unit.Description = "Synchronize my calendars using vdirsyncer";
Service = {
Type = "oneshot";
ExecStart = ''
${pkgs.vdirsyncer}/bin/vdirsyncer sync
'';
};
};
};
systemd.user.timers."synchronize-calendars" = {
Unit.Description = "Run synchronize-calendars.service every 15 minutes";
Timer.OnCalendar = "*:0/10";
Install.WantedBy = [ "timers.target" ];
};
systemd.user.timers."synchronize-calendars" = {
Unit.Description = "Run synchronize-calendars.service every 15 minutes";
Timer.OnCalendar = "*:0/10";
Install.WantedBy = ["timers.target"];
};
# == Configuration ==
xdg.configFile."khal/config".text = khalConfig;
xdg.configFile."vdirsyncer/config".text = vdirsyncerConfig;
# == Configuration ==
xdg.configFile."khal/config".text = khalConfig;
xdg.configFile."vdirsyncer/config".text = vdirsyncerConfig;
};
}