diff --git a/flake.lock b/flake.lock index eaab60a..50a66b5 100644 --- a/flake.lock +++ b/flake.lock @@ -279,6 +279,21 @@ "type": "github" } }, + "flake-utils_2": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "glados": { "inputs": { "nixCargoIntegration": "nixCargoIntegration_2" @@ -675,7 +690,8 @@ "qmk-udev-rules": "qmk-udev-rules", "radicale_infcloud": "radicale_infcloud", "rip": "rip", - "sops-nix": "sops-nix" + "sops-nix": "sops-nix", + "utils": "utils_3" } }, "rust-analyzer-src": { @@ -861,6 +877,24 @@ "repo": "flake-utils", "type": "github" } + }, + "utils_3": { + "inputs": { + "flake-utils": "flake-utils_2" + }, + "locked": { + "lastModified": 1647259887, + "narHash": "sha256-yEkMbEHVO9qydluQ3uHGWX1PkfZhgDKxnd1rhZYZ72w=", + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "rev": "06dba5f3b4fa2cc0bfc98ce9cd6f9a4d8db11d46", + "type": "github" + }, + "original": { + "owner": "gytis-ivaskevicius", + "repo": "flake-utils-plus", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index cfe5587..67f53b7 100644 --- a/flake.nix +++ b/flake.nix @@ -3,10 +3,10 @@ inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; - nixos-hardware = { - url = "github:NixOS/nixos-hardware"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + nixos-hardware.url = "github:NixOS/nixos-hardware"; + utils.url = "github:gytis-ivaskevicius/flake-utils-plus"; + custom-udev-rules.url = "github:MalteT/custom-udev-rules"; + nixpkgs-wayland = { url = "github:nix-community/nixpkgs-wayland"; inputs.nixpkgs.follows = "nixpkgs"; @@ -19,10 +19,6 @@ url = "github:MalteT/mensa/main"; inputs.nixpkgs.follows = "nixpkgs"; }; - custom-udev-rules = { - url = "github:MalteT/custom-udev-rules"; - inputs.nixpkgs.follows = "nixpkgs"; - }; fenix = { url = "github:nix-community/fenix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -43,6 +39,11 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + fend = { + url = "github:MalteT/fend/flake"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + gruvbox-material-gtk = { url = "github:sainnhe/gruvbox-material-gtk"; flake = false; @@ -63,335 +64,259 @@ url = "github:Unrud/RadicaleInfCloud"; flake = false; }; - fend = { - url = "github:MalteT/fend/flake"; - inputs.nixpkgs.follows = "nixpkgs"; - }; qmk-udev-rules = { url = "github:qmk/qmk_firmware"; flake = false; }; }; - outputs = { self, nixpkgs, nixos-hardware, home-manager, ... }@inputs: { + outputs = { + self, + utils, + nixpkgs, + nixos-hardware, + ... + } @ inputs: let + pkgs = self.pkgs.x86_64-linux.nixpkgs; - colmena = { - meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; }; + hosts = [ + "helix-texta" + "murex-pecten" + "cornu-aspersum" + "elysia-clarki" + "trochulus-hispidus" + ]; - helix-texta = { name, nodes, pkgs, ... }: { - imports = [ self.nixosModules.helix-texta ]; - config.deployment = { - allowLocalDeployment = true; - targetHost = "helix-texta"; - targetUser = "root"; + defaultModules = [ + inputs.home-manager.nixosModules.home-manager + self.nixosModules.home-manager-config + inputs.custom-udev-rules.nixosModule + inputs.sops-nix.nixosModules.sops + self.nixosModules.nixUnstable + ./modules/base-system.nix + ]; + in + utils.lib.mkFlake { + inherit self inputs; + + supportedSystems = ["x86_64-linux"]; + + sharedOverlays = [ + inputs.fenix.overlay + inputs.nixpkgs-wayland.overlay + inputs.colmena.overlay + utils.overlay + (self: super: { + # Add FiraCode as a package, but use NerdFonts + firaCodeNerd = super.nerdfonts.override {fonts = ["FiraCode"];}; + # Add the emulator + "2a-emulator" = + inputs.emulator-2a.packages.x86_64-linux."2a-emulator"; + # Add my mensa tool + mensa = inputs.mensa.packages.x86_64-linux.mensa; + # TODO: Replace with upstream + fend = inputs.fend.packages.x86_64-linux.fend; + }) + # Override cataclysm to use git + (import ./overlays/cataclysm-dda.nix) + (import ./overlays/qmk-udev-rules.nix) + (import ./overlays/sane-backends.nix) + (import ./overlays/logisim.nix) + ]; + + hostDefaults.system = "x86_64-linux"; + hostDefaults.modules = defaultModules; + + hosts = builtins.listToAttrs (map (host: { + name = host; + value = {modules = [self.nixosModules.${host}];}; + }) + hosts); + + nixosModules = { + home-manager-config = {...}: { + home-manager.verbose = true; + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; }; - }; - murex-pecten = { name, nodes, pkgs, ... }: { - imports = [ self.nixosModules.murex-pecten ]; - config.deployment = { - allowLocalDeployment = true; - targetHost = "murex-pecten"; - targetUser = "root"; - }; - }; - - cornu-aspersum = { ... }: { - imports = [ self.nixosModules.cornu-aspersum ]; - config.deployment = { - targetHost = "cornu-aspersum"; - targetUser = "root"; - }; - }; - - elysia-clarki = { ... }: { - imports = [ self.nixosModules.elysia-clarki ]; - config.deployment = { - targetHost = "elysia-clarki"; - targetUser = "root"; - }; - }; - - trochulus-hispidus = { ... }: { - imports = [ self.nixosModules.trochulus-hispidus ]; - config.deployment = { - targetHost = "trochulus-hispidus"; - targetUser = "root"; - }; - }; - }; - - nixosModules = { - helix-texta = { pkgs, config, ... }: { - imports = [ - ./hosts/helix-texta.nix - ./modules/light-actkbd.nix - ./modules/scanner.nix - self.nixosModules.thinkpad-p1-gen3 - home-manager.nixosModules.home-manager - self.nixosModules.home-manager-config - self.nixosModules.x86_64-linux-basics - ]; - - config = { - nix.settings = { - # add binary caches - trusted-public-keys = [ - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" - ]; - substituters = nixpkgs.lib.mkForce [ - "https://cache.nixos.org" - "https://nixpkgs-wayland.cachix.org" - ]; + nixUnstable = {pkgs, ...}: { + nix.registry.nixpkgs.flake = nixpkgs; + nix.package = pkgs.nixUnstable; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + nixpkgs.overlays = [(self: super: {nix = super.nixUnstable;})]; + # Enable store optimiser + nix.optimise = { + automatic = true; + dates = ["04:00"]; }; + }; - environment.systemPackages = - [ inputs.colmena.packages.${config.nixpkgs.system}.colmena ]; + helix-texta = { + pkgs, + config, + ... + }: { + imports = [ + ./hosts/helix-texta.nix + ./modules/light-actkbd.nix + ./modules/scanner.nix + self.nixosModules.thinkpad-p1-gen3 + ]; - # Overwrite basics - services.openssh.enable = false; - programs.mosh.enable = false; - - # Overlays only relevant to my primary laptop - nixpkgs.overlays = [ - inputs.nixpkgs-wayland.overlay - inputs.fenix.overlay - (import ./overlays/sane-backends.nix) - (import ./overlays/logisim.nix) + config = { + # Overwrite basics + services.openssh.enable = false; + programs.mosh.enable = false; + }; + }; + murex-pecten = {...}: { + imports = [ + nixos-hardware.nixosModules.common-pc + nixos-hardware.nixosModules.common-pc-ssd + nixos-hardware.nixosModules.common-cpu-amd + nixos-hardware.nixosModules.common-gpu-amd + ./hosts/murex-pecten.nix + ./hardware/aorus.nix + ]; + }; + cornu-aspersum = {...}: { + imports = [ + ./hosts/cornu-aspersum.nix + ./hardware/netcup-rs-2000-g9.nix + ./modules/nginx-reverse-proxy.nix + ./modules/ccqcraft.nix + inputs.glados.nixosModules.glados + ]; + }; + elysia-clarki = {pkgs, ...}: { + imports = [ + ./hosts/elysia-clarki.nix + ./hardware/intel-nuc.nix + ./modules/local-build-service.nix + ./modules/nginx-reverse-proxy.nix + #./modules/binary-cache.nix + ./modules/ccqcraft-backups.nix + ]; + config = { + # Override kernel version for zfs + boot.kernelPackages = pkgs.linuxPackages_5_10; + }; + }; + trochulus-hispidus = {pkgs, ...}: { + imports = [ + ./modules/scanner.nix + ./hosts/trochulus-hispidus.nix + ./hardware/latitude-e7440.nix + ]; + }; + thinkpad-p1-gen3 = {...}: { + imports = [ + nixos-hardware.nixosModules.common-cpu-intel + nixos-hardware.nixosModules.common-gpu-nvidia + nixos-hardware.nixosModules.common-pc-laptop + nixos-hardware.nixosModules.common-pc-laptop-ssd + nixos-hardware.nixosModules.common-pc-laptop-acpi_call + ./hardware/thinkpad-p1-gen3.nix ]; }; }; - murex-pecten = { ... }: { - imports = [ - self.nixosModules.x86_64-linux-basics - nixos-hardware.nixosModules.common-pc - nixos-hardware.nixosModules.common-pc-ssd - nixos-hardware.nixosModules.common-cpu-amd - nixos-hardware.nixosModules.common-gpu-amd - home-manager.nixosModules.home-manager - self.nixosModules.home-manager-config + colmena = + { + meta = {nixpkgs = pkgs;}; + defaults = {...}: {imports = defaultModules;}; + } + // (builtins.listToAttrs (map ( + host: { + name = host; + value = { + imports = [self.nixosModules.${host}]; + config.deployment = { + targetHost = host; + targetUser = "root"; + }; + }; + } + ) + hosts)); - ./hosts/murex-pecten.nix - ./hardware/aorus.nix - ]; - - config = { nixpkgs.overlays = [ inputs.fenix.overlay ]; }; - }; - - cornu-aspersum = { ... }: { - imports = [ - self.nixosModules.x86_64-linux-basics - ./hosts/cornu-aspersum.nix - ./hardware/netcup-rs-2000-g9.nix - ./modules/nginx-reverse-proxy.nix - ./modules/ccqcraft.nix - inputs.glados.nixosModules.glados - ]; - }; - - elysia-clarki = { pkgs, ... }: { - imports = [ - self.nixosModules.x86_64-linux-basics - ./hosts/elysia-clarki.nix - ./hardware/intel-nuc.nix - ./modules/local-build-service.nix - ./modules/nginx-reverse-proxy.nix - #./modules/binary-cache.nix - ./modules/ccqcraft-backups.nix - ]; - - config = { - # Override kernel version for zfs - boot.kernelPackages = pkgs.linuxPackages_5_10; - }; - }; - - trochulus-hispidus = { pkgs, ... }: { - imports = [ - home-manager.nixosModules.home-manager - self.nixosModules.x86_64-linux-basics - self.nixosModules.home-manager-config - ./modules/scanner.nix - ./hosts/trochulus-hispidus.nix - ./hardware/latitude-e7440.nix - ]; - - config = { - nixpkgs.overlays = [ (import ./overlays/sane-backends.nix) ]; - }; - }; - }; - - nixosModules.thinkpad-p1-gen3 = { ... }: { - imports = [ - nixos-hardware.nixosModules.common-cpu-intel - nixos-hardware.nixosModules.common-gpu-nvidia - nixos-hardware.nixosModules.common-pc-laptop - nixos-hardware.nixosModules.common-pc-laptop-ssd - nixos-hardware.nixosModules.common-pc-laptop-acpi_call - ./hardware/thinkpad-p1-gen3.nix - ]; - }; - - nixosModules.home-manager-config = { ... }: { - home-manager.verbose = true; - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - }; - - # Necessary for flakes to work - nixosModules.nixUnstable = { pkgs, ... }: { - nix.registry.nixpkgs.flake = nixpkgs; - nix.package = pkgs.nixUnstable; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; - nixpkgs.overlays = [ (self: super: { nix = super.nixUnstable; }) ]; - # Enable store optimiser - nix.optimise = { - automatic = true; - dates = [ "04:00" ]; - }; - }; - - # Some basics that every machine should have - nixosModules.x86_64-linux-basics = { pkgs, config, ... }: { - imports = [ - inputs.custom-udev-rules.nixosModule - inputs.sops-nix.nixosModules.sops - self.nixosModules.nixUnstable - ./modules/base-system.nix - ]; - - config = { - # Set the system revision if this flake has it - system.configurationRevision = pkgs.lib.mkIf (self ? rev) self.rev; - - # Add some useful overlays - # TODO: How would I do this inside ./modules/base-system.nix? - nixpkgs.overlays = [ - (self: super: { - # Add FiraCode as a package, but use NerdFonts - firaCodeNerd = super.nerdfonts.override { fonts = [ "FiraCode" ]; }; - # Add the emulator - "2a-emulator" = - inputs.emulator-2a.packages.x86_64-linux."2a-emulator"; - # Add my mensa tool - mensa = inputs.mensa.packages.x86_64-linux.mensa; - # TODO: Replace with upstream - fend = inputs.fend.packages.x86_64-linux.fend; - }) - # Override cataclysm to use git - (import ./overlays/cataclysm-dda.nix) - (import ./overlays/qmk-udev-rules.nix) - ]; - }; - }; - - # My thinkpad P1 - nixosConfigurations.helix-texta = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ self.nixosModules.helix-texta ]; - }; - - # My tower - nixosConfigurations.murex-pecten = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ self.nixosModules.murex-pecten ]; - }; - - # Currently hosted by NetCup - nixosConfigurations.cornu-aspersum = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ self.nixosModules.cornu-aspersum ]; - }; - - # Server @home - nixosConfigurations.elysia-clarki = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ self.nixosModules.elysia-clarki ]; - }; - - # Marie's laptop - nixosConfigurations.trochulus-hispidus = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ self.nixosModules.trochulus-hispidus ]; - }; - - devShell.x86_64-linux = - let pkgs = import nixpkgs { system = "x86_64-linux"; }; - in pkgs.mkShell { - packages = [ - (with pkgs; - writeScriptBin "rebuild" '' - #!${stdenv.shell} - if [ -z $1 ]; then - echo "Need 'switch|boot|...'" - exit 1 - fi - - today=`${coreutils}/bin/date +%Y-%m-%d` - branch=`${git}/bin/git branch --show-current` - rev=`${git}/bin/git log -1 --format=%h` - dirty=`${git}/bin/git diff --quiet || echo '~'` - - NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty - - # Extract build secrets - echo Extracting build secrets.. - ${sops}/bin/sops --extract '["polymc-client-id"]' -d secrets/secrets.yaml > build-secrets/polymc-client-id - - sudo ${nixos-rebuild}/bin/nixos-rebuild $1 --flake . - '') - (with pkgs; - writeScriptBin "all-hosts" '' - nix eval --json .#nixosConfigurations --apply builtins.attrNames 2>/dev/null | jq -r .[] - '') - (with pkgs; - writeScriptBin "push-to" '' - if [ -z $2 ]; then - echo "Need 'switch|boot|...'" - exit 1 - fi - host=$1 - action=$2 - nixos-rebuild --flake .#$host --build-host root@$host --target-host root@$host $action - '') - (with pkgs; - writeScriptBin "option" '' - host=$1 - option=$2 - nix eval .#nixosConfigurations.$host.config.$option - '') - (with pkgs; - writeScriptBin "hm-option" '' - host=$1 - option=$2 - user=$3 - if [[ -z $user ]]; then - user=$USER - fi - nix eval .#nixosConfigurations.$host.config.home-manager.users.$user.$option 2>/dev/null - '') - (with pkgs; - writeScriptBin "test-config" '' - #!${stdenv.shell} - for host in $(all-hosts); do - echo == Checking ''${host}.. - nixos-rebuild --flake .#$host dry-build 2> /tmp/build-output - if [[ $? -ne 0 ]]; then - bat --file-name "Failed to verify config for $host" /tmp/build-output + outputsBuilder = channels: { + devShell = channels.nixpkgs.mkShell { + packages = let + date = "${pkgs.coreutils}/bin/date"; + git = "${pkgs.git}/bin/git"; + nixos-rebuild = "${pkgs.nixos-rebuild}/bin/nixos-rebuild"; + sops = "${pkgs.sops}/bin/sops"; + bat = "${pkgs.bat}/bin/bat"; + in + with pkgs; [ + (writeScriptBin "rebuild" '' + #!${stdenv.shell} + if [ -z $1 ]; then + echo "Need 'switch|boot|...'" exit 1 fi - done - echo === All checks passed - '') - inputs.colmena.packages.x86_64-linux.colmena - ]; + today=`${date} +%Y-%m-%d` + branch=`${git} branch --show-current` + rev=`${git} log -1 --format=%h` + dirty=`${git} diff --quiet || echo '~'` + + NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty + + # Extract build secrets + echo Extracting build secrets.. + ${sops} --extract '["polymc-client-id"]' -d secrets/secrets.yaml > build-secrets/polymc-client-id + + sudo ${nixos-rebuild} $1 --flake . + '') + (writeScriptBin "all-hosts" '' + nix eval --json .#nixosConfigurations --apply builtins.attrNames 2>/dev/null | jq -r .[] + '') + (writeScriptBin "push-to" '' + if [ -z $2 ]; then + echo "Need 'switch|boot|...'" + exit 1 + fi + host=$1 + action=$2 + ${nixos-rebuild} --flake .#$host --build-host root@$host --target-host root@$host $action + '') + (writeScriptBin "option" '' + host=$1 + option=$2 + nix eval .#nixosConfigurations.$host.config.$option + '') + (writeScriptBin "hm-option" '' + host=$1 + option=$2 + user=$3 + if [[ -z $user ]]; then + user=$USER + fi + nix eval .#nixosConfigurations.$host.config.home-manager.users.$user.$option 2>/dev/null + '') + (writeScriptBin "test-config" '' + #!${stdenv.shell} + for host in $(all-hosts); do + echo == Checking ''${host}.. + ${nixos-rebuild} --flake .#$host dry-build 2> /tmp/build-output + if [[ $? -ne 0 ]]; then + ${bat} --file-name "Failed to verify config for $host" /tmp/build-output + exit 1 + fi + done + + echo === All checks passed + '') + inputs.colmena.packages.x86_64-linux.colmena + fup-repl + alejandra + ]; + }; }; - - }; + }; } diff --git a/hardware/aorus.nix b/hardware/aorus.nix index f498610..31ed863 100644 --- a/hardware/aorus.nix +++ b/hardware/aorus.nix @@ -1,26 +1,27 @@ -{ config, lib, pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; boot = { initrd = { - - availableKernelModules = - [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - kernelModules = [ "dm-snapshot" "amdgpu" ]; - luks.devices."enc".device = - "/dev/disk/by-uuid/037d5dc5-17c3-4643-9ad8-7403d280b191"; + availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"]; + kernelModules = ["dm-snapshot" "amdgpu"]; + luks.devices."enc".device = "/dev/disk/by-uuid/037d5dc5-17c3-4643-9ad8-7403d280b191"; }; - kernelModules = [ "kvm-amd" ]; + kernelModules = ["kvm-amd"]; }; fileSystems = { "/" = { device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a"; fsType = "btrfs"; - options = [ "subvol=nixos" ]; + options = ["subvol=nixos"]; }; "/boot" = { device = "/dev/disk/by-uuid/6B2D-BD5B"; @@ -29,12 +30,12 @@ "/home" = { device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a"; fsType = "btrfs"; - options = [ "subvol=home" ]; + options = ["subvol=home"]; }; "/home/malte/games" = rec { device = "/dev/mapper/${encrypted.label}"; fsType = "btrfs"; - options = [ "subvol=malte/games" ]; + options = ["subvol=malte/games"]; encrypted = { enable = true; label = "luks-media"; @@ -44,8 +45,7 @@ }; }; - swapDevices = - [{ device = "/dev/disk/by-uuid/a8d98aa8-47e4-4d32-bc95-1f4a9a1c1d91"; }]; + swapDevices = [{device = "/dev/disk/by-uuid/a8d98aa8-47e4-4d32-bc95-1f4a9a1c1d91";}]; # Enable bluetooth hardware.bluetooth.enable = true; @@ -57,11 +57,11 @@ spinDown5Secs = 1; powerDownOnStart = true; }; - "ata-ST3000DM001-1ER166_Z500FQ9H" = { spinDown5Secs = 60; }; + "ata-ST3000DM001-1ER166_Z500FQ9H" = {spinDown5Secs = 60;}; }; # Prevent GPP0 from waking up the device! - wakeup.toggleDevice = [ "GPP0" ]; + wakeup.toggleDevice = ["GPP0"]; - services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ]; + services.xserver.videoDrivers = lib.mkForce ["amdgpu"]; } diff --git a/hardware/intel-nuc.nix b/hardware/intel-nuc.nix index d291308..b3a53ef 100644 --- a/hardware/intel-nuc.nix +++ b/hardware/intel-nuc.nix @@ -1,14 +1,18 @@ -{ config, lib, pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + config, + lib, + pkgs, + modulesPath, + ... +}: +{ + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; # === Boot options === - boot.initrd.availableKernelModules = - [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "uas" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "uas" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; # === Internal drive === fileSystems."/" = { @@ -32,17 +36,17 @@ }; # === Swap === - swapDevices = - [{ device = "/dev/disk/by-uuid/efc7e294-1c18-4dd9-aca5-f868eb9c47fc"; }]; -} // ( + swapDevices = [{device = "/dev/disk/by-uuid/efc7e294-1c18-4dd9-aca5-f868eb9c47fc";}]; +} +// ( # === External drives === let cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup"; unlockLuksService = label: keyfile: overwrites: lib.attrsets.recursiveUpdate { description = "Unlock luks encrypted device '${label}'"; - bindsTo = [ "dev-${label}.device" ]; - after = [ "dev-${label}.device" ]; + bindsTo = ["dev-${label}.device"]; + after = ["dev-${label}.device"]; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; @@ -53,7 +57,8 @@ ${cryptsetup} luksClose ${label}opened ''; }; - } overwrites; + } + overwrites; disks = { FRA = "8ae45289-82ed-4cf1-9d68-a0e26e5d9bb5"; @@ -64,44 +69,45 @@ in { # Unlock all luks devices and import the zfs pools if necessary systemd.services."luks-open-FRA" = - unlockLuksService "FRA" "/root/keys/fra" { }; - systemd.services."luks-open-BER" = - unlockLuksService "BER" "/root/keys/ber" { - serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zBER"; - }; - systemd.services."luks-open-HND" = - unlockLuksService "HND" "/root/keys/hnd" { - serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zHND"; - }; + unlockLuksService "FRA" "/root/keys/fra" {}; + systemd.services."luks-open-BER" = unlockLuksService "BER" "/root/keys/ber" { + serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zBER"; + }; + systemd.services."luks-open-HND" = unlockLuksService "HND" "/root/keys/hnd" { + serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zHND"; + }; systemd.services."luks-open-LEJ" = - unlockLuksService "LEJ" "/root/keys/lej" { }; + unlockLuksService "LEJ" "/root/keys/lej" {}; systemd.mounts = [ { what = "/dev/mapper/FRAopened"; where = "/srv/fra"; type = "ext4"; - wantedBy = [ "default.target" ]; - requires = [ "luks-open-FRA.service" ]; - after = [ "luks-open-FRA.service" ]; + wantedBy = ["default.target"]; + requires = ["luks-open-FRA.service"]; + after = ["luks-open-FRA.service"]; } { what = "/dev/mapper/vg_lej-lv_lej"; where = "/srv/lej"; type = "ext4"; - wantedBy = [ "default.target" ]; - requires = [ "luks-open-LEJ.service" ]; - after = [ "luks-open-LEJ.service" ]; + wantedBy = ["default.target"]; + requires = ["luks-open-LEJ.service"]; + after = ["luks-open-LEJ.service"]; } ]; # Add udev rules for every disk - services.udev.customRules = [{ - name = "85-rename-and-unlock-disks"; - rules = lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList - (alias: uuid: '' - SUBSYSTEM=="block", ENV{ID_FS_UUID}=="${uuid}", SYMLINK+="${alias}", TAG+="systemd" - '') disks); - }]; - - }) + services.udev.customRules = [ + { + name = "85-rename-and-unlock-disks"; + rules = lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList + (alias: uuid: '' + SUBSYSTEM=="block", ENV{ID_FS_UUID}=="${uuid}", SYMLINK+="${alias}", TAG+="systemd" + '') + disks); + } + ]; + } +) diff --git a/hardware/latitude-e7440.nix b/hardware/latitude-e7440.nix index 8a775a8..1acb68b 100644 --- a/hardware/latitude-e7440.nix +++ b/hardware/latitude-e7440.nix @@ -1,28 +1,30 @@ -{ config, lib, pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - boot.initrd.availableKernelModules = - [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/595d4130-1aa8-4779-9dd9-6707929f0981"; fsType = "ext4"; }; - boot.initrd.luks.devices."nixos".device = - "/dev/disk/by-uuid/52caf614-e56e-46f4-9604-222ea98fc106"; + boot.initrd.luks.devices."nixos".device = "/dev/disk/by-uuid/52caf614-e56e-46f4-9604-222ea98fc106"; fileSystems."/boot" = { device = "/dev/disk/by-uuid/D70A-4148"; fsType = "vfat"; }; - swapDevices = [ ]; + swapDevices = []; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hardware/netcup-minimal.nix b/hardware/netcup-minimal.nix index e6d43cb..87060e0 100644 --- a/hardware/netcup-minimal.nix +++ b/hardware/netcup-minimal.nix @@ -1,17 +1,18 @@ -{ config, lib, pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/profiles/qemu-guest.nix")]; - boot.initrd.availableKernelModules = - [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; fileSystems."/" = { device = "/dev/disk/by-uuid/652432d2-a452-496c-b29d-b22c479a8545"; fsType = "ext4"; }; - swapDevices = - [{ device = "/dev/disk/by-uuid/2c090f4d-4163-43b8-8b76-b1ac1c30e755"; }]; - + swapDevices = [{device = "/dev/disk/by-uuid/2c090f4d-4163-43b8-8b76-b1ac1c30e755";}]; } diff --git a/hardware/netcup-rs-2000-g9.nix b/hardware/netcup-rs-2000-g9.nix index 3778ee9..0a8c9ad 100644 --- a/hardware/netcup-rs-2000-g9.nix +++ b/hardware/netcup-rs-2000-g9.nix @@ -1,17 +1,20 @@ -{ config, lib, pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/profiles/qemu-guest.nix")]; - boot.initrd.availableKernelModules = - [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; - swapDevices = [{ device = "/dev/disk/by-label/swap"; }]; + swapDevices = [{device = "/dev/disk/by-label/swap";}]; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hardware/thinkpad-p1-gen3.nix b/hardware/thinkpad-p1-gen3.nix index c363f5f..48171db 100644 --- a/hardware/thinkpad-p1-gen3.nix +++ b/hardware/thinkpad-p1-gen3.nix @@ -1,16 +1,18 @@ -{ config, lib, pkgs, modulesPath, ... }: - { + config, + lib, + pkgs, + modulesPath, + ... +}: { boot = { initrd = { - availableKernelModules = - [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - luks.devices."enc".device = - "/dev/disk/by-uuid/1f1e51d6-3084-4f4d-9b4b-6caa0352f542"; + availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; + luks.devices."enc".device = "/dev/disk/by-uuid/1f1e51d6-3084-4f4d-9b4b-6caa0352f542"; }; - kernelModules = [ "kvm-intel" "acpi-call" ]; + kernelModules = ["kvm-intel" "acpi-call"]; #blacklistedKernelModules = [ "nvidia" ]; - supportedFilesystems = [ "btrfs" ]; + supportedFilesystems = ["btrfs"]; }; powerManagement = { @@ -61,10 +63,10 @@ }; services.blueman.enable = true; - services.xserver.videoDrivers = lib.mkForce [ "nvidia" ]; + services.xserver.videoDrivers = lib.mkForce ["nvidia"]; nixpkgs.config.packageOverrides = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; + vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;}; }; services.fprintd.enable = true; @@ -74,7 +76,7 @@ "/" = { device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; fsType = "btrfs"; - options = [ "subvol=root" "compress=zstd" ]; + options = ["subvol=root" "compress=zstd"]; }; "/boot" = { @@ -85,29 +87,28 @@ "/home" = { device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; fsType = "btrfs"; - options = [ "subvol=home" "compress=zstd" ]; + options = ["subvol=home" "compress=zstd"]; }; "/nix" = { device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" ]; + options = ["subvol=nix" "compress=zstd"]; }; "/persist" = { device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; fsType = "btrfs"; - options = [ "subvol=persist" "compress=zstd" ]; + options = ["subvol=persist" "compress=zstd"]; }; "/var/log" = { device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; fsType = "btrfs"; - options = [ "subvol=log" "compress=zstd" ]; + options = ["subvol=log" "compress=zstd"]; neededForBoot = true; }; }; - swapDevices = - [{ device = "/dev/disk/by-uuid/6948f567-03b3-4a38-b3c4-e05e0bbfbf55"; }]; + swapDevices = [{device = "/dev/disk/by-uuid/6948f567-03b3-4a38-b3c4-e05e0bbfbf55";}]; } diff --git a/hosts/cornu-aspersum.nix b/hosts/cornu-aspersum.nix index c32e892..6c7e62b 100644 --- a/hosts/cornu-aspersum.nix +++ b/hosts/cornu-aspersum.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: - { + config, + pkgs, + ... +}: { boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; @@ -11,15 +13,14 @@ users.users = { root = { - hashedPassword = - "$6$Yb1gdlKIpY1hRW1X$uUcNFuNnK2JFFN55Tkc.fPV.4I7RJvIfLEQayVP1utfkmjF0f/EHjtypxq11jR5NUUIJFQLW6ffajjduA2689."; + hashedPassword = "$6$Yb1gdlKIpY1hRW1X$uUcNFuNnK2JFFN55Tkc.fPV.4I7RJvIfLEQayVP1utfkmjF0f/EHjtypxq11jR5NUUIJFQLW6ffajjduA2689."; }; }; sops.defaultSopsFile = ../secrets/hosts/cornu-aspersum/secrets.yaml; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; - sops.secrets.gladosEnv = { }; + sops.secrets.gladosEnv = {}; services.glados = { enable = true; dataCollector.enable = true; @@ -32,8 +33,7 @@ # Run radicale with infcloud interface for me and Marie services.radicaleWithInfcloud.enable = true; - systemd.services.glados.serviceConfig.SupplementaryGroups = - [ config.users.groups.keys.name ]; + systemd.services.glados.serviceConfig.SupplementaryGroups = [config.users.groups.keys.name]; services.qemuGuest.enable = true; @@ -41,7 +41,7 @@ services.nginx.virtualHosts."img.tammena.rocks" = { enableACME = true; forceSSL = true; - locations."/" = { proxyPass = "http://elysia-clarki:2342/"; }; + locations."/" = {proxyPass = "http://elysia-clarki:2342/";}; }; # This value determines the NixOS release from which the default @@ -51,6 +51,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? - } - diff --git a/hosts/elysia-clarki.nix b/hosts/elysia-clarki.nix index de9bb9c..81c11f5 100644 --- a/hosts/elysia-clarki.nix +++ b/hosts/elysia-clarki.nix @@ -1,9 +1,12 @@ -{ config, pkgs, lib, ... }: - { + config, + pkgs, + lib, + ... +}: { boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.supportedFilesystems = [ "zfs" ]; + boot.supportedFilesystems = ["zfs"]; networking.hostName = "elysia-clarki"; networking.interfaces.eno1.useDHCP = true; @@ -16,7 +19,7 @@ dockerCompat = true; dockerSocket.enable = true; defaultNetwork.dnsname.enable = true; - extraPackages = with pkgs; [ zfs ]; + extraPackages = with pkgs; [zfs]; }; oci-containers.backend = "podman"; # Override storage driver @@ -35,7 +38,7 @@ rootDir = "/srv/hnd/photoprism"; environmentFile = config.sops.secrets."photoprism-env".path; }; - sops.secrets."photoprism-env" = { }; + sops.secrets."photoprism-env" = {}; services.resticConfigured = { enable = true; @@ -46,7 +49,7 @@ services.fwupd.enable = true; sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions diff --git a/hosts/helix-texta.nix b/hosts/helix-texta.nix index 04e8d48..7c4c652 100644 --- a/hosts/helix-texta.nix +++ b/hosts/helix-texta.nix @@ -1,6 +1,9 @@ -{ config, pkgs, lib, ... }: - -let +{ + config, + pkgs, + lib, + ... +}: let pamLogin = '' # Account management. account required pam_unix.so @@ -18,7 +21,6 @@ let session required ${pkgs.linux-pam}/lib/security/pam_lastlog.so silent session optional ${pkgs.systemd}/lib/security/pam_systemd.so ''; - in { boot = { # Use the systemd-boot EFI boot loader. @@ -33,7 +35,7 @@ in { networkmanager.enable = true; }; - system.fsPackages = [ pkgs.sshfs ]; + system.fsPackages = [pkgs.sshfs]; # Pipewire for my wayland sound.enable = false; @@ -50,26 +52,29 @@ in { "channelmix.lfe-cutoff" = 150; }; - config.pipewire = { "default.clock.allowed-rates" = [ 48000 44100 ]; }; + config.pipewire = {"default.clock.allowed-rates" = [48000 44100];}; media-session.config.alsa-monitor = { - rules = [{ - matches = [{ - "node.name" = - "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0"; - }]; - actions = { - update-props = { - #"audio.rate" = 96000; - "api.alsa.headroom" = 1024; + rules = [ + { + matches = [ + { + "node.name" = "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0"; + } + ]; + actions = { + update-props = { + #"audio.rate" = 96000; + "api.alsa.headroom" = 1024; + }; }; - }; - }]; + } + ]; }; }; xdg.portal = { enable = true; - extraPortals = [ pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk ]; + extraPortals = [pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk]; gtkUsePortal = true; }; @@ -110,42 +115,16 @@ in { }; services.fprintd.enable = true; - users = { - # I like my users unmutable - mutableUsers = false; - - # Myself - users.malte = { - description = "Malte Tammena"; - hashedPassword = - "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh."; - isNormalUser = true; - extraGroups = [ - "wheel" - "networkmanager" - "video" - "lp" - "kvm" - "libvirtd" - "podman" - "scanner" - config.users.groups.keys.name - ]; - # Yes, use the best, please - shell = pkgs.fish; - }; - }; - home-manager.users.malte.imports = [ ../users/malte/home.nix ]; - - programs.fish.enable = true; + users.mutableUsers = false; + users.custom.malte.enable = true; # Use some fonts fonts = { enableDefaultFonts = true; - fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ]; + fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels]; fontconfig = { enable = true; - defaultFonts.monospace = [ "FiraCode Nerd Font" ]; + defaultFonts.monospace = ["FiraCode Nerd Font"]; }; }; @@ -170,15 +149,12 @@ in { programs.steam.enable = true; nixpkgs.config.packageOverrides = pkgs: { - steam = pkgs.steam.override { - extraPkgs = pkgs: [ pkgs.openssl ]; - #nativeOnly = true; - }; + steam = pkgs.steam.override {extraPkgs = pkgs: [pkgs.openssl];}; }; programs.sway.enable = true; - services.dbus.packages = [ pkgs.dconf ]; - services.udev.packages = with pkgs; [ yubikey-personalization chrysalis ]; + services.dbus.packages = [pkgs.dconf]; + services.udev.packages = with pkgs; [yubikey-personalization chrysalis]; environment.systemPackages = with pkgs; [ thunderbolt @@ -191,19 +167,7 @@ in { services.devmon.enable = true; sops.defaultSopsFile = ../secrets/hosts/helix-texta/secrets.yaml; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - # TODO: Improve this - sops.secrets."restic-backup-malte" = { - sopsFile = ../secrets/users/malte/secrets.yaml; - owner = "malte"; - mode = "0400"; - key = "restic-backup"; - }; - sops.secrets."radicale-password" = { - sopsFile = ../secrets/users/malte/secrets.yaml; - owner = "malte"; - mode = "0400"; - }; + sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -213,4 +177,3 @@ in { # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "20.09"; # Did you read the comment? } - diff --git a/hosts/murex-pecten.nix b/hosts/murex-pecten.nix index a01f46a..81ee8f9 100644 --- a/hosts/murex-pecten.nix +++ b/hosts/murex-pecten.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: - { + config, + pkgs, + ... +}: { # Use the systemd-boot EFI boot loader. boot.loader = { systemd-boot.enable = true; @@ -12,7 +14,7 @@ networkmanager.enable = true; }; - system.fsPackages = [ pkgs.sshfs ]; + system.fsPackages = [pkgs.sshfs]; sound.enable = true; security.rtkit.enable = true; @@ -28,27 +30,30 @@ "channelmix.lfe-cutoff" = 150; }; - config.pipewire."default.clock.allowed-rates" = [ 48000 44100 ]; + config.pipewire."default.clock.allowed-rates" = [48000 44100]; media-session.config.alsa-monitor = { - rules = [{ - matches = [{ - "node.name" = - "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0"; - }]; - actions = { - update-props = { - #"audio.rate" = 96000; - "api.alsa.headroom" = 1024; + rules = [ + { + matches = [ + { + "node.name" = "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0"; + } + ]; + actions = { + update-props = { + #"audio.rate" = 96000; + "api.alsa.headroom" = 1024; + }; }; - }; - }]; + } + ]; }; }; xdg.portal = { enable = true; - extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ]; + extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-wlr]; gtkUsePortal = true; }; @@ -57,65 +62,21 @@ enable = true; driSupport = true; driSupport32Bit = true; - extraPackages = with pkgs; [ amdvlk ]; - extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; + extraPackages = with pkgs; [amdvlk]; + extraPackages32 = with pkgs; [driversi686Linux.amdvlk]; }; }; - # Define a user account. Don't forget to set a password with ‘passwd’. - users = { - # I like my users unmutable - mutableUsers = false; - - # Myself - users.malte = { - description = "Malte Tammena"; - hashedPassword = - "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh."; - isNormalUser = true; - extraGroups = [ - "wheel" - "networkmanager" - "video" - "lp" - "kvm" - "libvirtd" - "podman" - "corectrl" - "scanner" - config.users.groups.keys.name - ]; - # Yes, use the best, please - shell = pkgs.fish; - }; - - users.marie = { - isNormalUser = true; - extraGroups = [ - "wheel" - "networkmanager" - "video" - "lp" - "scanner" - config.users.groups.keys.name - ]; - hashedPassword = - "$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0"; - # This is really just for my comfort - shell = pkgs.fish; - }; - }; - home-manager.users.malte.imports = [ ../users/malte/home.nix ]; - home-manager.users.marie.imports = [ ../users/marie/home.nix ]; - - programs.fish.enable = true; + users.mutableUsers = false; + users.custom.marie.enable = true; + users.custom.malte.enable = true; fonts = { enableDefaultFonts = true; - fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ]; + fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels]; fontconfig = { enable = true; - defaultFonts.monospace = [ "FiraCode Nerd Font" ]; + defaultFonts.monospace = ["FiraCode Nerd Font"]; }; }; @@ -129,20 +90,9 @@ security.pam = { yubico = { enable = true; - #id = "ccccccvblrrf"; mode = "challenge-response"; control = "sufficient"; }; - #services.login = { - #name = "login"; - ## Fix when https://github.com/NixOS/nixpkgs/pull/105319 lands.. - #text = pamLogin; - #}; - #services.swaylock = { - # name = "swaylock"; - # fprintAuth = true; - # unixAuth = true; - #}; }; services.udev.customRules = [ @@ -176,7 +126,7 @@ programs.steam.enable = true; programs.corectrl.enable = true; - services.dbus.packages = with pkgs; [ dconf openrgb ]; + services.dbus.packages = with pkgs; [dconf openrgb]; services.udev.packages = with pkgs; [ yubikey-personalization chrysalis @@ -190,25 +140,7 @@ programs.sway.enable = true; sops.defaultSopsFile = ../secrets/hosts/murex-pecten/secrets.yaml; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - # TODO: Improve this - sops.secrets."restic-backup-malte" = { - sopsFile = ../secrets/users/malte/secrets.yaml; - owner = "malte"; - mode = "0400"; - key = "restic-backup"; - }; - sops.secrets."restic-backup-marie" = { - sopsFile = ../secrets/users/marie/secrets.yaml; - owner = "marie"; - mode = "0400"; - key = "restic-backup"; - }; - sops.secrets."radicale-password" = { - sopsFile = ../secrets/users/malte/secrets.yaml; - owner = "malte"; - mode = "0400"; - }; + sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; environment.systemPackages = with pkgs; [ qt5.qtwayland @@ -232,6 +164,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - } - diff --git a/hosts/trochulus-hispidus.nix b/hosts/trochulus-hispidus.nix index d07931c..037cb4b 100644 --- a/hosts/trochulus-hispidus.nix +++ b/hosts/trochulus-hispidus.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: - { + config, + pkgs, + ... +}: { boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -41,33 +43,17 @@ users = { mutableUsers = false; - - users.marie = { - isNormalUser = true; - extraGroups = [ - "wheel" - "networkmanager" - "video" - "lp" - "scanner" - config.users.groups.keys.name - ]; - hashedPassword = - "$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0"; - # This is really just for my comfort - shell = pkgs.fish; - }; + custom.marie.enable = true; }; - home-manager.users.marie.imports = [ ../users/marie/home.nix ]; fonts = { enableDefaultFonts = true; - fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ]; - fontconfig = { enable = true; }; + fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels]; + fontconfig = {enable = true;}; }; sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml; - sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; # TODO: Improve this sops.secrets."restic-backup-marie" = { sopsFile = ../secrets/users/marie/secrets.yaml; @@ -90,6 +76,4 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.11"; # Did you read the comment? - } - diff --git a/modules/7-days-to-die.nix b/modules/7-days-to-die.nix index ffbb14c..0781f3a 100644 --- a/modules/7-days-to-die.nix +++ b/modules/7-days-to-die.nix @@ -1,21 +1,23 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let ports = { - tcp = [ 26900 ]; - udp = [ 26900 26901 26902 ]; + tcp = [26900]; + udp = [26900 26901 26902]; }; uid = 459; gid = 459; cfg = config.services."7-days-to-die"; - portsTcp = map (port: - let portStr = builtins.toString port; - in "${portStr}:${portStr}/tcp"); - portsUdp = map (port: - let portStr = builtins.toString port; - in "${portStr}:${portStr}/udp"); - + portsTcp = map (port: let + portStr = builtins.toString port; + in "${portStr}:${portStr}/tcp"); + portsUdp = map (port: let + portStr = builtins.toString port; + in "${portStr}:${portStr}/udp"); in { options.services."7-days-to-die" = with lib; { enable = mkEnableOption "7 Days to die game server service"; @@ -26,8 +28,7 @@ in { openFirewall = mkOption { type = types.bool; default = false; - description = - "Whether to open the firewall for ports ${builtins.toString ports}"; + description = "Whether to open the firewall for ports ${builtins.toString ports}"; }; }; @@ -66,4 +67,3 @@ in { }; }; } - diff --git a/modules/base-system.nix b/modules/base-system.nix index c63f8c9..bbd60ef 100644 --- a/modules/base-system.nix +++ b/modules/base-system.nix @@ -1,9 +1,11 @@ # Settings that most of my hosts can agree on, but # some of these settings are overriden on a per-host basis. - -{ pkgs, lib, config, ... }: - { + pkgs, + lib, + config, + ... +}: { imports = [ ./photoprism.nix ./7-days-to-die.nix @@ -12,6 +14,8 @@ ./restic.nix ./wakeup.nix ./hdparm.nix + ./malte.nix + ./marie.nix ]; options.settings = with lib; { @@ -32,12 +36,29 @@ hardware.enableAllFirmware = true; hardware.enableRedistributableFirmware = true; + # Use some binary caches + nix.settings = { + # add binary caches + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" + "2a-emulator.cachix.org-1:ijJDEqNsMqhamxxWvqOiaCQNoYhWNw7A+gGICgAH1mE=" + "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" + ]; + substituters = [ + "https://cache.nixos.org" + "https://nixpkgs-wayland.cachix.org" + "https://2a-emulator.cachix.org" + "https://colmena.cachix.org" + ]; + }; + # Make sure that I can login over the tailscale infrastructure # while increasing security # TODO: Restrict openssh interface, move port services.openssh.enable = pkgs.lib.mkDefault true; users.users.root = { - openssh.authorizedKeys.keyFiles = [ ../users/malte/yubikey.pub ]; + openssh.authorizedKeys.keyFiles = [../users/malte/yubikey.pub]; }; # Enable mosh for some SSH superpower programs.mosh.enable = pkgs.lib.mkDefault true; @@ -77,7 +98,6 @@ enable = true; interfaceName = "looking-glas"; }; - networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ]; - + networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; }; } diff --git a/modules/binary-cache.nix b/modules/binary-cache.nix index 59a2802..918decb 100644 --- a/modules/binary-cache.nix +++ b/modules/binary-cache.nix @@ -1,16 +1,17 @@ -{ pkgs, config, ... }: - { + pkgs, + config, + ... +}: { services.nix-serve = { enable = true; secretKeyFile = "/var/cache-priv.pem"; }; services.nginx.virtualHosts."cache.home.dyn.tammena.rocks" = { - serverAliases = [ "cache.elysia-clarki" ]; + serverAliases = ["cache.elysia-clarki"]; locations."/" = { - proxyPass = - "http://localhost:${builtins.toString config.services.nix-serve.port}"; + proxyPass = "http://localhost:${builtins.toString config.services.nix-serve.port}"; extraConfig = '' proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; diff --git a/modules/ccqcraft-backups.nix b/modules/ccqcraft-backups.nix index d8844e0..3fdc667 100644 --- a/modules/ccqcraft-backups.nix +++ b/modules/ccqcraft-backups.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let user = "ccqcraft"; host = "ccqcraft.de"; path = "~/server/mc/plugins/EasyBackup/backups"; @@ -14,7 +12,6 @@ let DATE=$(${coreutils}/bin/date +backup_%Y-%m-%d_%H:%M:%S%z.reset) touch ./''${DATE} ''; - in { systemd.services = { ccqcraft-pull-backups = { @@ -22,7 +19,7 @@ in { Description = '' Pull backups from CCQCraft Minecraft Server via rsync ''; - After = [ "network.target" ]; + After = ["network.target"]; }; serviceConfig = { Type = "oneshot"; @@ -39,33 +36,31 @@ in { Description = '' Restart incremental backups for CCQCraft server ''; - Requires = [ "ccqcraft-pull-backups.service" ]; - After = [ "network.target" "ccqcraft-pull-backups.service" ]; + Requires = ["ccqcraft-pull-backups.service"]; + After = ["network.target" "ccqcraft-pull-backups.service"]; }; serviceConfig = { Type = "oneshot"; WorkingDirectory = "/srv/hnd/ccqcraft-backups"; - ExecStart = - [ ''${pkgs.openssh}/bin/ssh "${user}@${host}" rm ${path}/*'' ]; - ExecStartPost = [ "${insertResetNoteCmd}/bin/insert-reset-note" ]; + ExecStart = [''${pkgs.openssh}/bin/ssh "${user}@${host}" rm ${path}/*'']; + ExecStartPost = ["${insertResetNoteCmd}/bin/insert-reset-note"]; }; }; }; systemd.timers = { ccqcraft-pull-backups = { - wantedBy = [ "timers.target" ]; - unitConfig = { Description = "Run CCQCraft Backups every day"; }; - timerConfig = { OnCalendar = fetchTime; }; + wantedBy = ["timers.target"]; + unitConfig = {Description = "Run CCQCraft Backups every day";}; + timerConfig = {OnCalendar = fetchTime;}; }; ccqcraft-restart-incremental-backups = { - wantedBy = [ "timers.target" ]; + wantedBy = ["timers.target"]; unitConfig = { Description = "Restart CCQCraft incremental backups weekly"; }; - timerConfig = { OnCalendar = clearTime; }; + timerConfig = {OnCalendar = clearTime;}; }; }; - } diff --git a/modules/ccqcraft.nix b/modules/ccqcraft.nix index cacc594..99f4ea7 100644 --- a/modules/ccqcraft.nix +++ b/modules/ccqcraft.nix @@ -1,21 +1,17 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let ports = { minecraft = 25565; rcon = 24738; voicechat = 24454; dynmap = 8123; }; - in { virtualisation.docker.enable = true; users.users.ccqcraft = { isNormalUser = true; - extraGroups = [ "docker" ]; - hashedPassword = - "$6$D69mzkGZAitfCQOL$oL/7SmSqGwRhZgyiOEgp6N5NkZ/NpdzggomtPFa4XB33Kb3aZMBiLWQS3VSHZhRo2y9mPgXy3mFPSvtvCzoKz/"; + extraGroups = ["docker"]; + hashedPassword = "$6$D69mzkGZAitfCQOL$oL/7SmSqGwRhZgyiOEgp6N5NkZ/NpdzggomtPFa4XB33Kb3aZMBiLWQS3VSHZhRo2y9mPgXy3mFPSvtvCzoKz/"; }; environment.systemPackages = with pkgs; [ @@ -26,7 +22,7 @@ in { ]; networking.firewall = { - allowedTCPPorts = [ ports.minecraft ports.rcon ]; + allowedTCPPorts = [ports.minecraft ports.rcon]; allowedUDPPorts = [ # Port used for Voicechat plugin ports.voicechat @@ -35,7 +31,7 @@ in { # Expose dynmap map through nginx services.nginx.virtualHosts."map.ccqcraft.de" = { - serverAliases = [ "ccqcraft.de" ]; + serverAliases = ["ccqcraft.de"]; enableACME = true; forceSSL = true; locations."/" = { @@ -48,5 +44,4 @@ in { #"proxy_pass_header Authorization;"; }; }; - } diff --git a/modules/grafana.nix b/modules/grafana.nix index 0ffcc06..482d166 100644 --- a/modules/grafana.nix +++ b/modules/grafana.nix @@ -1,7 +1,10 @@ -{ pkgs, lib, config, ... }: - -let cfg = config.services.grafanaWithNginx; - +{ + pkgs, + lib, + config, + ... +}: let + cfg = config.services.grafanaWithNginx; in { options.services."grafanaWithNginx" = with lib; { enable = @@ -20,7 +23,7 @@ in { services.nginx.virtualHosts.${config.services.grafana.domain} = { enableACME = true; forceSSL = true; - serverAliases = [ "data.tammena.rocks" ]; + serverAliases = ["data.tammena.rocks"]; locations."/" = { proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}"; proxyWebsockets = true; diff --git a/modules/hdparm.nix b/modules/hdparm.nix index b528397..0d7a753 100644 --- a/modules/hdparm.nix +++ b/modules/hdparm.nix @@ -1,11 +1,15 @@ -{ pkgs, lib, config, ... }: - -let - +{ + pkgs, + lib, + config, + ... +}: let cfg = config.services.hdparm; diskPath = disk: path: - if path == null then "/dev/disk/by-id/${disk}" else path; + if path == null + then "/dev/disk/by-id/${disk}" + else path; mkService = disk: settings: { name = "hdparm-${disk}"; @@ -20,20 +24,17 @@ let diskPath disk settings.path } ''; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; }; }; - in { - options.services.hdparm = with lib; mkOption { type = types.attrsOf (types.submodule { options = { path = mkOption { type = types.nullOr types.str; - description = - "Path to the disk. Will assume is the id in `/dev/disk/by-id/` if left null"; + description = "Path to the disk. Will assume is the id in `/dev/disk/by-id/` if left null"; default = null; }; spinDown5Secs = mkOption { @@ -48,7 +49,7 @@ in { }; }; }); - default = { }; + default = {}; description = "Settings for HDDs"; }; diff --git a/modules/light-actkbd.nix b/modules/light-actkbd.nix index 03038ad..81da4d1 100644 --- a/modules/light-actkbd.nix +++ b/modules/light-actkbd.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let light = "${pkgs.light}/bin/light"; decLight = pkgs.writeScriptBin "decrease-light-smartly" '' #!${pkgs.fish}/bin/fish @@ -28,19 +26,19 @@ let in { programs.light.enable = true; - environment.systemPackages = [ incLight decLight pkgs.fish ]; + environment.systemPackages = [incLight decLight pkgs.fish]; services.actkbd = { enable = true; bindings = [ { - keys = [ 225 ]; - events = [ "key" ]; + keys = [225]; + events = ["key"]; command = "${incLight}/bin/increase-light-smartly"; } { - keys = [ 224 ]; - events = [ "key" ]; + keys = [224]; + events = ["key"]; command = "${decLight}/bin/decrease-light-smartly"; } ]; diff --git a/modules/local-build-service.nix b/modules/local-build-service.nix index 3e7c1ff..adf13fb 100644 --- a/modules/local-build-service.nix +++ b/modules/local-build-service.nix @@ -1,7 +1,5 @@ -{ pkgs, ... }: - -let - targetHosts = [ "helix-texta" "elysia-clarki" ]; +{pkgs, ...}: let + targetHosts = ["helix-texta" "elysia-clarki"]; remote = "https://git.sr.ht/~megamanmalte/nixos"; @@ -20,23 +18,21 @@ let ${builtins.concatStringsSep "\n" (map buildForHost targetHosts)} rm result ''; - in { systemd.services.local-build-service = { unitConfig = { Description = '' Regularly pull and build various configuration to populate the local store ''; - After = [ "network.target" ]; + After = ["network.target"]; }; serviceConfig = { Type = "oneshot"; - ExecStart = [ "${build}/bin/build" ]; + ExecStart = ["${build}/bin/build"]; RuntimeDirectory = "local-build-service"; CacheDirectory = "local-build-service"; CacheDirectoryMode = "0777"; - Environment = with pkgs; - "PATH=${git}/bin:${coreutils}/bin:${nixos-rebuild}/bin"; + Environment = with pkgs; "PATH=${git}/bin:${coreutils}/bin:${nixos-rebuild}/bin"; }; }; } diff --git a/modules/malte.nix b/modules/malte.nix new file mode 100644 index 0000000..ef450a8 --- /dev/null +++ b/modules/malte.nix @@ -0,0 +1,51 @@ +{ + pkgs, + lib, + config, + ... +}: let + cfg = config.users.custom.malte; +in { + options.users.custom.malte = with lib; { + enable = mkEnableOption "Enable user 'malte' on this machine"; + }; + + config = lib.mkIf cfg.enable { + users.users.malte = { + description = "Malte Tammena"; + hashedPassword = "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh."; + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "lp" + "kvm" + "libvirtd" + "podman" + "corectrl" + "scanner" + config.users.groups.keys.name + ]; + # Yes, use the best, please + shell = pkgs.fish; + }; + + home-manager.users.malte.imports = [../users/malte/home.nix]; + programs.fish.enable = true; + + sops.secrets = { + "restic-backup-malte" = { + sopsFile = ../secrets/users/malte/secrets.yaml; + owner = "malte"; + mode = "0400"; + key = "restic-backup"; + }; + "radicale-password" = { + sopsFile = ../secrets/users/malte/secrets.yaml; + owner = "malte"; + mode = "0400"; + }; + }; + }; +} diff --git a/modules/marie.nix b/modules/marie.nix new file mode 100644 index 0000000..6b4ffa2 --- /dev/null +++ b/modules/marie.nix @@ -0,0 +1,39 @@ +{ + pkgs, + lib, + config, + ... +}: let + cfg = config.users.custom.marie; +in { + options.users.custom.marie = with lib; { + enable = mkEnableOption "Enable user 'marie' on this machine"; + }; + + config = lib.mkIf cfg.enable { + users.users.marie = { + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "video" + "lp" + "scanner" + config.users.groups.keys.name + ]; + hashedPassword = "$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0"; + # This is really just for my comfort + shell = pkgs.fish; + }; + + programs.fish.enable = true; + home-manager.users.marie.imports = [../users/marie/home.nix]; + + sops.secrets."restic-backup-marie" = { + sopsFile = ../secrets/users/marie/secrets.yaml; + owner = "marie"; + mode = "0400"; + key = "restic-backup"; + }; + }; +} diff --git a/modules/nginx-reverse-proxy.nix b/modules/nginx-reverse-proxy.nix index 23e5b02..c056efd 100644 --- a/modules/nginx-reverse-proxy.nix +++ b/modules/nginx-reverse-proxy.nix @@ -1,16 +1,12 @@ -{ pkgs, ... }: - -{ - +{pkgs, ...}: { security.acme.defaults.email = "malte.tammena@pm.me"; security.acme.acceptTerms = true; - networking.firewall.allowedTCPPorts = [ 443 80 ]; + networking.firewall.allowedTCPPorts = [443 80]; services.nginx = { enable = true; recommendedProxySettings = true; recommendedTlsSettings = true; }; - } diff --git a/modules/photoprism.nix b/modules/photoprism.nix index 4cdda3e..e956e4f 100644 --- a/modules/photoprism.nix +++ b/modules/photoprism.nix @@ -1,13 +1,15 @@ -{ pkgs, lib, config, ... }: - +{ + pkgs, + lib, + config, + ... +}: # TODO: Improve with mariadb database - let port = 2342; uid = 458; gid = 458; cfg = config.services.photoprism; - in { options.services.photoprism = with lib; { enable = mkEnableOption "Photoprism service"; @@ -21,8 +23,7 @@ in { }; environmentFile = mkOption { type = types.str; - description = - "Additional environment file. I.e. for specifying PHOTOPRISM_ADMIN_PASSWORD"; + description = "Additional environment file. I.e. for specifying PHOTOPRISM_ADMIN_PASSWORD"; }; }; @@ -38,13 +39,13 @@ in { }; # Open the port in the firewall - networking.firewall.allowedTCPPorts = [ port ]; + networking.firewall.allowedTCPPorts = [port]; virtualisation.oci-containers.containers = { # Configure the main container "photoprism" = { image = "photoprism/photoprism:latest"; - ports = [ "${builtins.toString port}:2342" ]; + ports = ["${builtins.toString port}:2342"]; environment = { PHOTOPRISM_UPLOAD_NSFW = "true"; PHOTOPRISM_DETECT_NSFW = "true"; @@ -56,7 +57,7 @@ in { PHOTOPRISM_SITE_DESCRIPTION = ""; PHOTOPRISM_SITE_AUTHOR = ""; }; - environmentFiles = [ cfg.environmentFile ]; + environmentFiles = [cfg.environmentFile]; volumes = [ "${cfg.rootDir}/storage:/photoprism/storage" "${cfg.rootDir}/import:/photoprism/import" diff --git a/modules/radicale.nix b/modules/radicale.nix index 77200df..2330b75 100644 --- a/modules/radicale.nix +++ b/modules/radicale.nix @@ -1,6 +1,9 @@ -{ config, pkgs, lib, ... }: - -let +{ + config, + pkgs, + lib, + ... +}: let internalPort = 5232; cfg = config.services.radicaleWithInfcloud; lock = builtins.fromJSON (builtins.readFile ../flake.lock); @@ -16,33 +19,32 @@ let }; # Remove depend on radicale to fix infinite recursion # and set some of my own settings - patches = (old.patches or [ ]) ++ [ ../patches/radicale_infcloud.patch ]; + patches = (old.patches or []) ++ [../patches/radicale_infcloud.patch]; }); overlay = self: super: { radicale = super.radicale.overrideAttrs (old: { - propagatedBuildInputs = old.propagatedBuildInputs - ++ [ radicale_infcloud ]; + propagatedBuildInputs = + old.propagatedBuildInputs + ++ [radicale_infcloud]; }); }; htpasswd_filename = "/etc/radicale/users"; - in { - options.services."radicaleWithInfcloud" = with lib; { enable = mkEnableOption "Radicale service with Infcloud frontend and nginx config"; }; config = lib.mkIf cfg.enable { - nixpkgs.overlays = [ overlay ]; + nixpkgs.overlays = [overlay]; services.radicale = { enable = true; settings = { server = { - hosts = [ "[::1]:${builtins.toString internalPort}" ]; + hosts = ["[::1]:${builtins.toString internalPort}"]; max_connections = 8; max_content_length = 100000000; timeout = 30; @@ -57,14 +59,13 @@ in { request = "utf-8"; stock = "utf-8"; }; - storage = { filesystem_folder = "/var/lib/radicale/collections"; }; - web = { type = "radicale_infcloud"; }; - logging = { mask_passwords = true; }; + storage = {filesystem_folder = "/var/lib/radicale/collections";}; + web = {type = "radicale_infcloud";}; + logging = {mask_passwords = true;}; }; }; # Make sure our service user can access the `htpasswd_filename` file - systemd.services.radicale.serviceConfig.SupplementaryGroups = - [ config.users.groups.keys.name ]; + systemd.services.radicale.serviceConfig.SupplementaryGroups = [config.users.groups.keys.name]; sops.secrets."radicale-htpasswd" = { owner = config.systemd.services.radicale.serviceConfig.User; diff --git a/modules/restic.nix b/modules/restic.nix index 4774e4d..e6ee33c 100644 --- a/modules/restic.nix +++ b/modules/restic.nix @@ -1,9 +1,11 @@ -{ pkgs, lib, config, ... }: - -let cfg = config.services.resticConfigured; - +{ + pkgs, + lib, + config, + ... +}: let + cfg = config.services.resticConfigured; in { - options.services.resticConfigured = with lib; { enable = mkEnableOption "Configured Restic rest server service"; rootDir = mkOption { @@ -18,28 +20,25 @@ in { openFirewall = mkOption { type = types.bool; default = false; - description = - "Whether to open the firewall for port ${builtins.toString cfg.port}"; + description = "Whether to open the firewall for port ${builtins.toString cfg.port}"; }; }; config = lib.mkIf cfg.enable { - services.restic.server = { enable = true; dataDir = cfg.rootDir; listenAddress = "0.0.0.0:${builtins.toString cfg.port}"; - extraFlags = [ "--no-auth" ]; + extraFlags = ["--no-auth"]; }; networking.firewall.allowedTCPPorts = - lib.mkIf cfg.openFirewall [ cfg.port ]; + lib.mkIf cfg.openFirewall [cfg.port]; # TODO: This should be moved systemd.services.restic-rest-server.unitConfig = { - Requires = lib.mkForce [ "network.target" "luks-open-HND.service" ]; - After = lib.mkForce [ "network.target" "luks-open-HND.service" ]; + Requires = lib.mkForce ["network.target" "luks-open-HND.service"]; + After = lib.mkForce ["network.target" "luks-open-HND.service"]; }; - }; } diff --git a/modules/scanner.nix b/modules/scanner.nix index 2f3baed..65dcb99 100644 --- a/modules/scanner.nix +++ b/modules/scanner.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let scan = "${pkgs.sane-backends}/bin/scanimage"; convert = "${pkgs.imagemagick}/bin/convert"; # TODO: Can I specify this in a better way? @@ -23,5 +21,5 @@ let in { hardware.sane.enable = true; - environment.systemPackages = [ scan-a4 ]; + environment.systemPackages = [scan-a4]; } diff --git a/modules/wakeup.nix b/modules/wakeup.nix index 350d9dd..bfbb2f9 100644 --- a/modules/wakeup.nix +++ b/modules/wakeup.nix @@ -1,6 +1,9 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let cfg = config.wakeup; createServiceName = dev: "toggle-acpi-${dev}"; @@ -10,14 +13,13 @@ let serviceConfig.ExecStart = '' /bin/sh -c "${pkgs.coreutils}/bin/echo ${dev} > /proc/acpi/wakeup" ''; - wantedBy = [ "multi-user.target" ]; + wantedBy = ["multi-user.target"]; }; - in { options.wakeup = with lib; { toggleDevice = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = "ACPI devices to toggle as wakeup devices"; }; }; @@ -26,7 +28,8 @@ in { systemd.services = let pairs = map (dev: lib.attrsets.nameValuePair (createServiceName dev) (createService dev)) - cfg.toggleDevice; - in builtins.listToAttrs pairs; + cfg.toggleDevice; + in + builtins.listToAttrs pairs; }; } diff --git a/overlays/cataclysm-dda.nix b/overlays/cataclysm-dda.nix index 0c39a82..e7db42d 100644 --- a/overlays/cataclysm-dda.nix +++ b/overlays/cataclysm-dda.nix @@ -1,11 +1,12 @@ -self: super: - -let lock = builtins.fromJSON (builtins.readFile ../flake.lock); +self: super: let + lock = builtins.fromJSON (builtins.readFile ../flake.lock); in { - cataclysm-dda-git = (super.cataclysm-dda-git.override { - useXdgDir = true; - version = lock.nodes.cataclysm-dda.locked.rev; - rev = lock.nodes.cataclysm-dda.locked.rev; - sha256 = lock.nodes.cataclysm-dda.locked.narHash; - }).overrideAttrs (old: { enableParallelBuilding = true; }); + cataclysm-dda-git = + (super.cataclysm-dda-git.override { + useXdgDir = true; + version = lock.nodes.cataclysm-dda.locked.rev; + rev = lock.nodes.cataclysm-dda.locked.rev; + sha256 = lock.nodes.cataclysm-dda.locked.narHash; + }) + .overrideAttrs (old: {enableParallelBuilding = true;}); } diff --git a/overlays/logisim.nix b/overlays/logisim.nix index fbba44f..bac44dc 100644 --- a/overlays/logisim.nix +++ b/overlays/logisim.nix @@ -1,12 +1,10 @@ -self: super: - -let font-flags = "-Dawt.useSystemAAFontSettings=lcd -Dswing.aatext=true"; +self: super: let + font-flags = "-Dawt.useSystemAAFontSettings=lcd -Dswing.aatext=true"; in { logisim = super.logisim.overrideAttrs (old: { pname = "logisim-evolution"; src = super.fetchurl { - url = - "https://mathcs.holycross.edu/~kwalsh/logisim-evolution-4.0.4hc.jar"; + url = "https://mathcs.holycross.edu/~kwalsh/logisim-evolution-4.0.4hc.jar"; sha256 = "0nmvzpdhgfrzx0x6799a1jnsbgipbszd312crf865nzvsi2p046i"; }; installPhase = '' diff --git a/overlays/qmk-udev-rules.nix b/overlays/qmk-udev-rules.nix index 00c83a2..af85b03 100644 --- a/overlays/qmk-udev-rules.nix +++ b/overlays/qmk-udev-rules.nix @@ -1,6 +1,5 @@ -self: super: - -let lock = builtins.fromJSON (builtins.readFile ../flake.lock); +self: super: let + lock = builtins.fromJSON (builtins.readFile ../flake.lock); in { qmk-udev-rules = super.qmk-udev-rules.overrideAttrs (old: { version = lock.nodes.qmk-udev-rules.locked.rev; @@ -12,4 +11,3 @@ in { }; }); } - diff --git a/overlays/sane-backends.nix b/overlays/sane-backends.nix index b7c0465..8aafb46 100644 --- a/overlays/sane-backends.nix +++ b/overlays/sane-backends.nix @@ -1,16 +1,18 @@ -self: super: - -{ - sane-backends = (super.sane-backends.override { - extraFirmware = [{ - src = super.fetchurl { - url = "www.meier-geinitz.de/sane/gt68xx-backend/firmware/sbfw.usb"; - sha256 = "12hnacivpy153alfjyr7k92y90nmb5d7z1ca7aix5w7wi0w4jdjv"; - }; - name = "sbfw.usb"; - backend = "gt68xx"; - }]; - }).overrideAttrs (old: { - patches = (old.patches or [ ]) ++ [ ../patches/gt68xx.conf.patch ]; - }); +self: super: { + sane-backends = + (super.sane-backends.override { + extraFirmware = [ + { + src = super.fetchurl { + url = "www.meier-geinitz.de/sane/gt68xx-backend/firmware/sbfw.usb"; + sha256 = "12hnacivpy153alfjyr7k92y90nmb5d7z1ca7aix5w7wi0w4jdjv"; + }; + name = "sbfw.usb"; + backend = "gt68xx"; + } + ]; + }) + .overrideAttrs (old: { + patches = (old.patches or []) ++ [../patches/gt68xx.conf.patch]; + }); } diff --git a/pkgs/2i-emulator.nix b/pkgs/2i-emulator.nix index 38d31c6..ea04306 100644 --- a/pkgs/2i-emulator.nix +++ b/pkgs/2i-emulator.nix @@ -1,24 +1,27 @@ -{ lib, fetchFromGitHub, rustPlatform }: +{ + lib, + fetchFromGitHub, + rustPlatform, +}: let + lock = builtins.fromJSON (builtins.readFile ../flake.lock); +in + rustPlatform.buildRustPackage { + pname = lock.nodes."2i-emulator".original.repo; + version = lock.nodes."2i-emulator".locked.rev; -let lock = builtins.fromJSON (builtins.readFile ../flake.lock); -in rustPlatform.buildRustPackage { - pname = lock.nodes."2i-emulator".original.repo; - version = lock.nodes."2i-emulator".locked.rev; + src = fetchFromGitHub { + owner = lock.nodes."2i-emulator".locked.owner; + repo = lock.nodes."2i-emulator".locked.repo; + rev = lock.nodes."2i-emulator".locked.rev; + sha256 = lock.nodes."2i-emulator".locked.narHash; + }; - src = fetchFromGitHub { - owner = lock.nodes."2i-emulator".locked.owner; - repo = lock.nodes."2i-emulator".locked.repo; - rev = lock.nodes."2i-emulator".locked.rev; - sha256 = lock.nodes."2i-emulator".locked.narHash; - }; + cargoSha256 = "sha256-FUtOLYFPRFkUAXixcUzMfDmKju/GN6r/KQYqKCK8vBk="; - cargoSha256 = "sha256-FUtOLYFPRFkUAXixcUzMfDmKju/GN6r/KQYqKCK8vBk="; - - meta = with lib; { - description = - "Cli emulator for the micro computer 2i used in the computer science hardware course at Leipzig University"; - homepage = "https://github.com/klemens/2i-emulator"; - license = licenses.gpl3; - maintainers = [ ]; - }; -} + meta = with lib; { + description = "Cli emulator for the micro computer 2i used in the computer science hardware course at Leipzig University"; + homepage = "https://github.com/klemens/2i-emulator"; + license = licenses.gpl3; + maintainers = []; + }; + } diff --git a/pkgs/gruvbox-material-gtk.nix b/pkgs/gruvbox-material-gtk.nix index e5ed152..5c5a15e 100644 --- a/pkgs/gruvbox-material-gtk.nix +++ b/pkgs/gruvbox-material-gtk.nix @@ -1,32 +1,37 @@ -{ lib, stdenv, fetchFromGitHub, hiDPI ? false }: - -let +{ + lib, + stdenv, + fetchFromGitHub, + hiDPI ? false, +}: let lock = builtins.fromJSON (builtins.readFile ../flake.lock); variant = - if hiDPI then "Gruvbox-Material-Dark-HIDPI" else "Gruvbox-Material-Dark"; -in stdenv.mkDerivation rec { - pname = lock.nodes.gruvbox-material-gtk.locked.repo; - version = lock.nodes.gruvbox-material-gtk.locked.rev; + if hiDPI + then "Gruvbox-Material-Dark-HIDPI" + else "Gruvbox-Material-Dark"; +in + stdenv.mkDerivation rec { + pname = lock.nodes.gruvbox-material-gtk.locked.repo; + version = lock.nodes.gruvbox-material-gtk.locked.rev; - src = fetchFromGitHub { - owner = lock.nodes.gruvbox-material-gtk.locked.owner; - repo = lock.nodes.gruvbox-material-gtk.locked.repo; - rev = lock.nodes.gruvbox-material-gtk.locked.rev; - sha256 = lock.nodes.gruvbox-material-gtk.locked.narHash; - }; + src = fetchFromGitHub { + owner = lock.nodes.gruvbox-material-gtk.locked.owner; + repo = lock.nodes.gruvbox-material-gtk.locked.repo; + rev = lock.nodes.gruvbox-material-gtk.locked.rev; + sha256 = lock.nodes.gruvbox-material-gtk.locked.narHash; + }; - installPhase = '' - mkdir -p $out/share/themes/gruvbox-material - rm -rf README.md LICENSE demo.png icons - cp -r themes/${variant}/* $out/share/themes/gruvbox-material - ''; - - meta = with lib; { - description = "Gruvbox Material for GTK"; - homepage = "https://github.com/sainnhe/gruvbox-material-gtk"; - license = licenses.mit; - platforms = platforms.unix; - maintainers = [ ]; - }; -} + installPhase = '' + mkdir -p $out/share/themes/gruvbox-material + rm -rf README.md LICENSE demo.png icons + cp -r themes/${variant}/* $out/share/themes/gruvbox-material + ''; + meta = with lib; { + description = "Gruvbox Material for GTK"; + homepage = "https://github.com/sainnhe/gruvbox-material-gtk"; + license = licenses.mit; + platforms = platforms.unix; + maintainers = []; + }; + } diff --git a/pkgs/rip.nix b/pkgs/rip.nix index 2965166..b83a362 100644 --- a/pkgs/rip.nix +++ b/pkgs/rip.nix @@ -1,26 +1,31 @@ -{ lib, stdenv, rustPlatform, fetchFromGitHub, pkg-config }: +{ + lib, + stdenv, + rustPlatform, + fetchFromGitHub, + pkg-config, +}: let + lock = builtins.fromJSON (builtins.readFile ../flake.lock); +in + rustPlatform.buildRustPackage rec { + pname = "rip"; + version = ""; -let lock = builtins.fromJSON (builtins.readFile ../flake.lock); -in rustPlatform.buildRustPackage rec { - pname = "rip"; - version = ""; + src = fetchFromGitHub { + owner = lock.nodes.rip.locked.owner; + repo = lock.nodes.rip.locked.repo; + rev = lock.nodes.rip.locked.rev; + sha256 = lock.nodes.rip.locked.narHash; + }; - src = fetchFromGitHub { - owner = lock.nodes.rip.locked.owner; - repo = lock.nodes.rip.locked.repo; - rev = lock.nodes.rip.locked.rev; - sha256 = lock.nodes.rip.locked.narHash; - }; + cargoSha256 = "sha256-gzdmDOpWSnX0CVihMf8ODi85P3EFHqdSBVKVQ9FZH7s="; - cargoSha256 = "sha256-gzdmDOpWSnX0CVihMf8ODi85P3EFHqdSBVKVQ9FZH7s="; - - nativeBuildInputs = [ pkg-config ]; - - meta = with lib; { - description = "A safe and ergonomic alternative to rm"; - homepage = "https://github.com/nivekuil/rip"; - license = with licenses; [ gpl3 ]; - maintainers = with maintainers; [ ]; - }; -} + nativeBuildInputs = [pkg-config]; + meta = with lib; { + description = "A safe and ergonomic alternative to rm"; + homepage = "https://github.com/nivekuil/rip"; + license = with licenses; [gpl3]; + maintainers = with maintainers; []; + }; + } diff --git a/users/malte/bemenu.nix b/users/malte/bemenu.nix index 06c16b1..9a3ddd8 100644 --- a/users/malte/bemenu.nix +++ b/users/malte/bemenu.nix @@ -1,5 +1,4 @@ -{ pkgs, ... }: - +{pkgs, ...}: pkgs.writeScriptBin "bemenu-run-configured" '' #!${pkgs.stdenv.shell} diff --git a/users/malte/broot.nix b/users/malte/broot.nix index accd67a..ec7486a 100644 --- a/users/malte/broot.nix +++ b/users/malte/broot.nix @@ -1,13 +1,10 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { programs.broot = { enable = true; enableFishIntegration = true; skin = { # TODO: Fix all these colors, make them dependent on config.colors - default = - "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(189, 174, 147) rgb(40, 40, 40)"; + default = "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(189, 174, 147) rgb(40, 40, 40)"; tree = "rgb(168, 153, 132) None / rgb(102, 92, 84) None"; file = "None None / None None Italic"; directory = "rgb(131, 165, 152) None Bold / rgb(69, 133, 136) None"; @@ -59,10 +56,8 @@ help_code = "rgb(142, 192, 124) rgb(50, 48, 47)"; help_headers = "rgb(254, 128, 25) None Bold"; help_table_border = "rgb(80, 73, 69) None"; - preview = - "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(235, 219, 178) rgb(40, 40, 40)"; - preview_line_number = - "rgb(124, 111, 100) None / rgb(124, 111, 100) rgb(40, 40, 40)"; + preview = "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(235, 219, 178) rgb(40, 40, 40)"; + preview_line_number = "rgb(124, 111, 100) None / rgb(124, 111, 100) rgb(40, 40, 40)"; preview_match = "None rgb(80, 73, 69) Bold Underlined"; hex_null = "rgb(189, 174, 147) None"; hex_ascii_graphic = "rgb(213, 196, 161) None"; diff --git a/users/malte/cataclysm-dda.nix b/users/malte/cataclysm-dda.nix index b482ee0..083e320 100644 --- a/users/malte/cataclysm-dda.nix +++ b/users/malte/cataclysm-dda.nix @@ -1,24 +1,18 @@ -{ pkgs, ... }: - -let - - font = - "${pkgs.firaCodeNerd}/share/fonts/truetype/NerdFonts/Fira Code Bold Nerd Font Complete Mono.ttf"; +{pkgs, ...}: let + font = "${pkgs.firaCodeNerd}/share/fonts/truetype/NerdFonts/Fira Code Bold Nerd Font Complete Mono.ttf"; # Set SDL_VIDEODRIVER=wayland to run it natively. Currently still needs the patch # in ../patches/cdda-wayland-sdl-fix.patch. cataclysm-dda-wayland-sdl = pkgs.symlinkJoin { name = "cataclysm-tiles"; - buildInputs = [ pkgs.makeWrapper ]; + buildInputs = [pkgs.makeWrapper]; postBuild = '' wrapProgram $out/bin/cataclysm-tiles --set SDL_VIDEODRIVER wayland ''; - paths = [ pkgs.cataclysm-dda-git ]; + paths = [pkgs.cataclysm-dda-git]; }; - in { - - home.packages = [ cataclysm-dda-wayland-sdl pkgs.firaCodeNerd ]; + home.packages = [cataclysm-dda-wayland-sdl pkgs.firaCodeNerd]; # Configure the fonts being used # TODO: Cataclysm replaces this with a file.. diff --git a/users/malte/colors.nix b/users/malte/colors.nix index 39a4e8f..e93f592 100644 --- a/users/malte/colors.nix +++ b/users/malte/colors.nix @@ -1,111 +1,111 @@ -{ pkgs, lib, config, ... }: - -let - +{ + pkgs, + lib, + config, + ... +}: let # Create a color from a hexadezimal 6 digit description, like 'FF0000' for pure red # mkcolor :: hex -> Color - mkColor = rgb: - - let - # Mapping hex digits to actual numbers - hexDigitMap = { - "0" = 0; - "1" = 1; - "2" = 2; - "3" = 3; - "4" = 4; - "5" = 5; - "6" = 6; - "7" = 7; - "8" = 8; - "9" = 9; - "A" = 10; - "B" = 11; - "C" = 12; - "D" = 13; - "E" = 14; - "F" = 15; - }; - - # Convert a single hexadezimal character to a number - # hexCharToInt :: char -> int - hexCharToInt = char: hexDigitMap.${lib.strings.toUpper char}; - - # Convert a hexadezimal string to a number - # hexStringToInt :: string -> int - hexStringToInt = string: - let - chars = lib.strings.stringToCharacters string; - nums = map hexCharToInt chars; - fun = sum: el: sum * 16 + el; - in lib.foldl fun 0 nums; - - # Convert a float from [0.0, 1.0] to a hex string from [0, 255] - # floatToFF :: float -> string - floatToFF = float: lib.toHexString (builtins.floor (255 * float)); - - # Red part of the given color - # red :: int - red = hexStringToInt (lib.strings.substring 0 2 rgb); - - # Green part of the given color - # green :: int - green = hexStringToInt (lib.strings.substring 2 2 rgb); - - # Blue part of the given color - # blue :: int - blue = hexStringToInt (lib.strings.substring 4 2 rgb); - - # Create an RGB hex string from red, green, and blue parts - # rgbFromParts :: int -> int -> int -> string - rgbFromParts = r: g: b: - let - rHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString r); - gHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString g); - bHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString b); - in rHex + gHex + bHex; - - # Create a Color darker than the color given by the rgb parts. - # amount is in range [0.0, 1.0], r,g, and b in range [0, 255] - # darkenColor :: int -> int -> int -> float -> Color - darkenColor = r: g: b: amount: - let - r' = builtins.floor ((1.0 - amount) * r); - g' = builtins.floor ((1.0 - amount) * g); - b' = builtins.floor ((1.0 - amount) * b); - in mkColor (rgbFromParts r' g' b'); - - # Create a Color lighter than the color given by the rgb parts. See darkenColor. - # darkenColor :: int -> int -> int -> float -> Color - lightenColor = r: g: b: amount: - let - r' = lib.min (builtins.floor ((1.0 + amount) * r)) 255; - g' = lib.min (builtins.floor ((1.0 + amount) * g)) 255; - b' = lib.min (builtins.floor ((1.0 + amount) * b)) 255; - in mkColor (rgbFromParts r' g' b'); - in { - inherit rgb red green blue; - # e.g. "#FF0000" - hashRgb = "#" + rgb; - # e.g. rgbWithAlpha 1.0 -> "FF0000FF" - # rgbWithAlpha :: float -> string - rgbWithAlpha = alpha: rgb + (floatToFF alpha); - # e.g. hashRgbWithAlpha 1.0 -> "#FF0000FF" - # rgbWithAlpha :: float -> string - hashRgbWithAlpha = alpha: "#" + rgb + (floatToFF alpha); - # darker :: float -> Color - darker = darkenColor red green blue; - # lighter :: float -> Color - lighter = lightenColor red green blue; + mkColor = rgb: let + # Mapping hex digits to actual numbers + hexDigitMap = { + "0" = 0; + "1" = 1; + "2" = 2; + "3" = 3; + "4" = 4; + "5" = 5; + "6" = 6; + "7" = 7; + "8" = 8; + "9" = 9; + "A" = 10; + "B" = 11; + "C" = 12; + "D" = 13; + "E" = 14; + "F" = 15; }; + + # Convert a single hexadezimal character to a number + # hexCharToInt :: char -> int + hexCharToInt = char: hexDigitMap.${lib.strings.toUpper char}; + + # Convert a hexadezimal string to a number + # hexStringToInt :: string -> int + hexStringToInt = string: let + chars = lib.strings.stringToCharacters string; + nums = map hexCharToInt chars; + fun = sum: el: sum * 16 + el; + in + lib.foldl fun 0 nums; + + # Convert a float from [0.0, 1.0] to a hex string from [0, 255] + # floatToFF :: float -> string + floatToFF = float: lib.toHexString (builtins.floor (255 * float)); + + # Red part of the given color + # red :: int + red = hexStringToInt (lib.strings.substring 0 2 rgb); + + # Green part of the given color + # green :: int + green = hexStringToInt (lib.strings.substring 2 2 rgb); + + # Blue part of the given color + # blue :: int + blue = hexStringToInt (lib.strings.substring 4 2 rgb); + + # Create an RGB hex string from red, green, and blue parts + # rgbFromParts :: int -> int -> int -> string + rgbFromParts = r: g: b: let + rHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString r); + gHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString g); + bHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString b); + in + rHex + gHex + bHex; + + # Create a Color darker than the color given by the rgb parts. + # amount is in range [0.0, 1.0], r,g, and b in range [0, 255] + # darkenColor :: int -> int -> int -> float -> Color + darkenColor = r: g: b: amount: let + r' = builtins.floor ((1.0 - amount) * r); + g' = builtins.floor ((1.0 - amount) * g); + b' = builtins.floor ((1.0 - amount) * b); + in + mkColor (rgbFromParts r' g' b'); + + # Create a Color lighter than the color given by the rgb parts. See darkenColor. + # darkenColor :: int -> int -> int -> float -> Color + lightenColor = r: g: b: amount: let + r' = lib.min (builtins.floor ((1.0 + amount) * r)) 255; + g' = lib.min (builtins.floor ((1.0 + amount) * g)) 255; + b' = lib.min (builtins.floor ((1.0 + amount) * b)) 255; + in + mkColor (rgbFromParts r' g' b'); + in { + inherit rgb red green blue; + # e.g. "#FF0000" + hashRgb = "#" + rgb; + # e.g. rgbWithAlpha 1.0 -> "FF0000FF" + # rgbWithAlpha :: float -> string + rgbWithAlpha = alpha: rgb + (floatToFF alpha); + # e.g. hashRgbWithAlpha 1.0 -> "#FF0000FF" + # rgbWithAlpha :: float -> string + hashRgbWithAlpha = alpha: "#" + rgb + (floatToFF alpha); + # darker :: float -> Color + darker = darkenColor red green blue; + # lighter :: float -> Color + lighter = lightenColor red green blue; + }; in { options.colorDef = lib.mkOption { - default = { }; + default = {}; type = with lib.types; attrsOf (uniq (strMatching "[0-9A-F]{6}")); }; options.colors = lib.mkOption { - default = { }; + default = {}; type = with lib.types; attrsOf (uniq anything); }; diff --git a/users/malte/git.nix b/users/malte/git.nix index c0bf4dc..3a5fb81 100644 --- a/users/malte/git.nix +++ b/users/malte/git.nix @@ -1,6 +1,5 @@ -{ ... }: - -let conf = import ./conf.nix; +{...}: let + conf = import ./conf.nix; in { programs.git = { enable = true; @@ -8,11 +7,11 @@ in { userName = "Malte Tammena"; signing.key = "BCE9E4BF632E7CED"; - includes = [{ contents = { diff.colorMoved = "default"; }; }]; + includes = [{contents = {diff.colorMoved = "default";};}]; extraConfig = { - pull = { rebase = true; }; - init = { defaultBranch = "main"; }; + pull = {rebase = true;}; + init = {defaultBranch = "main";}; }; delta = { diff --git a/users/malte/gpg.nix b/users/malte/gpg.nix index 4a66721..6a16800 100644 --- a/users/malte/gpg.nix +++ b/users/malte/gpg.nix @@ -1,16 +1,15 @@ -{ pkgs, ... }: - -let conf = import ./conf.nix; +{pkgs, ...}: let + conf = import ./conf.nix; in { - home.packages = with pkgs; [ yubikey-personalization ]; + home.packages = with pkgs; [yubikey-personalization]; - programs.gpg = { enable = true; }; + programs.gpg = {enable = true;}; services.gpg-agent = { enable = true; enableScDaemon = true; enableSshSupport = true; - sshKeys = [ conf.gpg.grip ]; + sshKeys = [conf.gpg.grip]; pinentryFlavor = "qt"; }; } diff --git a/users/malte/gtk.nix b/users/malte/gtk.nix index 39892be..55dd90a 100644 --- a/users/malte/gtk.nix +++ b/users/malte/gtk.nix @@ -1,7 +1,10 @@ -{ pkgs, lib, nixosConfig, ... }: - -let hiDPI = nixosConfig.hardware.video.hidpi.enable; - +{ + pkgs, + lib, + nixosConfig, + ... +}: let + hiDPI = nixosConfig.hardware.video.hidpi.enable; in rec { home.packages = with pkgs; [ numix-cursor-theme @@ -12,7 +15,7 @@ in rec { enable = true; theme = { package = - pkgs.callPackage ../../pkgs/gruvbox-material-gtk.nix { inherit hiDPI; }; + pkgs.callPackage ../../pkgs/gruvbox-material-gtk.nix {inherit hiDPI;}; name = "gruvbox-material"; }; iconTheme = { @@ -21,16 +24,17 @@ in rec { }; gtk2 = { - extraConfig = '' - gtk-cursor-theme-name = "Numix-Cursor-Light" - '' + (lib.optionalString hiDPI '' - gtk-cursor-theme-size = 48 - ''); + extraConfig = + '' + gtk-cursor-theme-name = "Numix-Cursor-Light" + '' + + (lib.optionalString hiDPI '' + gtk-cursor-theme-size = 48 + ''); }; gtk3 = { bookmarks = [ - ]; extraConfig = { gtk-cursor-theme-name = "Numix-Cursor-Light"; diff --git a/users/malte/home.nix b/users/malte/home.nix index cff472e..fbe7065 100644 --- a/users/malte/home.nix +++ b/users/malte/home.nix @@ -1,14 +1,17 @@ -{ pkgs, lib, config, nixosConfig, ... }: - -let - +{ + pkgs, + lib, + config, + nixosConfig, + ... +}: let script = name: path: pkgs.writeScriptBin name (builtins.readFile path); wrap = name: pkg: postBuild: pkgs.symlinkJoin { inherit name postBuild; - paths = [ pkg ]; - buildInputs = [ pkgs.makeWrapper ]; + paths = [pkg]; + buildInputs = [pkgs.makeWrapper]; }; fixGdk = name: pkg: @@ -34,11 +37,9 @@ let # Provides libXss.1 xorg.libXScrnSaver ]; - extraPkgs = pkgs: with pkgs; [ ]; + extraPkgs = pkgs: with pkgs; []; }; - in { - imports = [ ./git.nix ./shell.nix @@ -59,18 +60,18 @@ in { ]; config = { - settings.sway.enable = true; home = { packages = with pkgs; [ aseprite + alejandra element-desktop # FIXME: Once it works again? (fixElectron "element-desktop" element-desktop) signal-desktop # FIXME: Once it works again? (fixElectron "signal-desktop" signal-desktop) (fixGdk "Discord" discord) (fixGdk "losslesscut" losslesscut-bin) (fixGdk "skypeforlinux" skypeforlinux) - (pkgs.callPackage ../../pkgs/2i-emulator.nix { }) + (pkgs.callPackage ../../pkgs/2i-emulator.nix {}) (fenix.latest.withComponents [ "cargo" "clippy" @@ -85,6 +86,7 @@ in { cargo-readme cargo-edit cargo-udeps + colmena feh geekbench gimp @@ -101,7 +103,6 @@ in { lutrisWithLibs mensa mosh - nixfmt patchelf pavucontrol pdftk @@ -137,7 +138,7 @@ in { keyboard = { layout = "us,us"; variant = ",workman"; - options = [ "compose:rctrl" "grp:alt_space_toggle" "grp_led:caps" ]; + options = ["compose:rctrl" "grp:alt_space_toggle" "grp_led:caps"]; }; # Use some german units and formats but with the english language! @@ -151,7 +152,6 @@ in { telephone = "de_DE.UTF-8"; time = "de_DE.UTF-8"; }; - }; # Make sure firefox is my default browser diff --git a/users/malte/kakoune.nix b/users/malte/kakoune.nix index 03e6079..e83b46b 100644 --- a/users/malte/kakoune.nix +++ b/users/malte/kakoune.nix @@ -1,27 +1,37 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let # Configuration for kakoune plugins pluginConfigs = with pkgs.kakounePlugins; [ - { # FZF for kakoune + { + # FZF for kakoune pkg = fzf-kak; - mappings = [{ - docstring = "FZF mode"; - mode = "user"; - key = "f"; - effect = ":fzf-mode"; - }]; - hooks = [{ # Change fzf settings before first use - name = "ModuleLoaded"; - option = "fzf-file"; - commands = '' - set-option global fzf_file_command "fd" - set-option global fzf_highlight_command "bat" - ''; - }]; + mappings = [ + { + docstring = "FZF mode"; + mode = "user"; + key = "f"; + effect = ":fzf-mode"; + } + ]; + hooks = [ + { + # Change fzf settings before first use + name = "ModuleLoaded"; + option = "fzf-file"; + commands = '' + set-option global fzf_file_command "fd" + set-option global fzf_highlight_command "bat" + ''; + } + ]; } - { # Languange Server Config + { + # Languange Server Config pkg = kak-lsp; config = '' eval %sh{kak-lsp --kakoune -s $kak_session} @@ -35,27 +45,35 @@ let } } ''; - mappings = [{ # Enter LSP Usermode - docstring = "LSP mode"; - mode = "user"; - key = "l"; - effect = ":enter-user-mode lsp"; - }]; - hooks = [{ # Start kak-lsp for specific windows - name = "WinSetOption"; - commands = "lsp-enable-window"; - option = "filetype=(rust|nix|python|latex|typescript|javascript)"; - }]; + mappings = [ + { + # Enter LSP Usermode + docstring = "LSP mode"; + mode = "user"; + key = "l"; + effect = ":enter-user-mode lsp"; + } + ]; + hooks = [ + { + # Start kak-lsp for specific windows + name = "WinSetOption"; + commands = "lsp-enable-window"; + option = "filetype=(rust|nix|python|latex|typescript|javascript)"; + } + ]; } - ]; - additionalMappings = [{ # Switch to last buffer - docstring = "Previous buffer"; - mode = "user"; - key = ","; - effect = ":buffer-previous"; - }]; + additionalMappings = [ + { + # Switch to last buffer + docstring = "Previous buffer"; + mode = "user"; + key = ","; + effect = ":buffer-previous"; + } + ]; additionalConfig = '' add-highlighter global/ number-lines -relative @@ -69,10 +87,8 @@ let ''; selectOr = attr: default: map (conf: conf.${attr} or default) pluginConfigs; - selectList = attr: lib.flatten (selectOr attr [ ]); - + selectList = attr: lib.flatten (selectOr attr []); in { - programs.kakoune = { enable = true; diff --git a/users/malte/kanshi.nix b/users/malte/kanshi.nix index d6cd3fa..c1f69a5 100644 --- a/users/malte/kanshi.nix +++ b/users/malte/kanshi.nix @@ -1,17 +1,13 @@ -{ pkgs, ... }: - -let - +{pkgs, ...}: let notify = profile: '' ${pkgs.libnotify}/bin/notify-send -t 10000 -a 'Kanshi' '${profile}' 'Profile activated' ''; - in { services.kanshi = { enable = true; profiles = { undocked = { - outputs = [{ criteria = "eDP-1"; }]; + outputs = [{criteria = "eDP-1";}]; exec = notify "Undocked"; }; docked = { diff --git a/users/malte/kitty.nix b/users/malte/kitty.nix index d4940d2..d504d48 100644 --- a/users/malte/kitty.nix +++ b/users/malte/kitty.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { programs.kitty = { enable = true; diff --git a/users/malte/mako.nix b/users/malte/mako.nix index 0a20ad8..e5e975d 100644 --- a/users/malte/mako.nix +++ b/users/malte/mako.nix @@ -1,13 +1,15 @@ -{ pkgs, config, ... }: - -let +{ + pkgs, + config, + ... +}: let col = config.colors; - format = { bg, fg }: - '' - %s %b''; - + format = { + bg, + fg, + }: '' + %s %b''; in { - programs.mako = { enable = true; anchor = "top-right"; @@ -66,8 +68,8 @@ in { ExecReload = "${pkgs.mako}/bin/makoctl reload"; Restart = "always"; }; - Install = { WantedBy = [ "graphical-session.target" ]; }; + Install = {WantedBy = ["graphical-session.target"];}; }; - home.packages = [ pkgs.firaCodeNerd ]; + home.packages = [pkgs.firaCodeNerd]; } diff --git a/users/malte/mpv.nix b/users/malte/mpv.nix index 9758f19..d0d91b4 100644 --- a/users/malte/mpv.nix +++ b/users/malte/mpv.nix @@ -1,6 +1,9 @@ -{ pkgs, config, ... }: - -let col = config.colors; +{ + pkgs, + config, + ... +}: let + col = config.colors; in { programs.mpv = { enable = true; diff --git a/users/malte/pass.nix b/users/malte/pass.nix index ac3aa52..e547438 100644 --- a/users/malte/pass.nix +++ b/users/malte/pass.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -let +{pkgs, ...}: let sed = "${pkgs.gnused}/bin/sed"; pass = "${pkgs.pass}/bin/pass"; wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy"; @@ -43,8 +41,8 @@ let in { programs.password-store = { enable = true; - settings = { PASSWORD_STORE_KEY = "BCE9E4BF632E7CED"; }; + settings = {PASSWORD_STORE_KEY = "BCE9E4BF632E7CED";}; }; - home.packages = [ passmenu-bemenu pkgs.firaCodeNerd ]; + home.packages = [passmenu-bemenu pkgs.firaCodeNerd]; } diff --git a/users/malte/qt.nix b/users/malte/qt.nix index d028d89..43893ed 100644 --- a/users/malte/qt.nix +++ b/users/malte/qt.nix @@ -1,6 +1,4 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { qt = { enable = true; platformTheme = "gtk"; diff --git a/users/malte/scarlett-solo.nix b/users/malte/scarlett-solo.nix index c7a8a35..9be5885 100644 --- a/users/malte/scarlett-solo.nix +++ b/users/malte/scarlett-solo.nix @@ -1,18 +1,20 @@ -{ pkgs, ... }: - -let - +{pkgs, ...}: let pipewire = "pipewire.service"; device = "dev-scarlett_solo.device"; - alsa-input = - "alsa_input.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-input-0"; + alsa-input = "alsa_input.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-input-0"; - channelMapService = { dev, name, desc, from, to }: { + channelMapService = { + dev, + name, + desc, + from, + to, + }: { Unit = { Description = desc; Requires = pipewire; BindsTo = device; - After = [ pipewire device ]; + After = [pipewire device]; }; Service = { Type = "simple"; @@ -27,11 +29,9 @@ let -C ${alsa-input} ''; }; - Install.WantedBy = [ "default.target" device ]; + Install.WantedBy = ["default.target" device]; }; - in { - systemd.user.services = { scarlett-voice = channelMapService { dev = "scarlett-voice"; @@ -55,5 +55,4 @@ in { to = "MONO"; }; }; - } diff --git a/users/malte/shell.nix b/users/malte/shell.nix index 71b82c3..c3f3a89 100644 --- a/users/malte/shell.nix +++ b/users/malte/shell.nix @@ -1,8 +1,6 @@ -{ pkgs, ... }: - -{ +{pkgs, ...}: { home.packages = with pkgs; [ - (pkgs.callPackage ../../pkgs/rip.nix { }) + (pkgs.callPackage ../../pkgs/rip.nix {}) bottom fd fishPlugins.done @@ -58,8 +56,7 @@ zat = "zathura --fork"; - discord-hack = - "NIXPKGS_ALLOW_UNFREE=1 nix run 'github:NixOS/nixpkgs?ref=master#discord' --impure"; + discord-hack = "NIXPKGS_ALLOW_UNFREE=1 nix run 'github:NixOS/nixpkgs?ref=master#discord' --impure"; }; shellAliases = { kal = "khal list (date '+%d.%m.%Y') (date --date='+1week' '+%d.%m.%Y')"; @@ -121,6 +118,6 @@ programs.bat = { enable = true; - config = { theme = "gruvbox-dark"; }; + config = {theme = "gruvbox-dark";}; }; } diff --git a/users/malte/sway.nix b/users/malte/sway.nix index 6ccc7ca..9a0e027 100644 --- a/users/malte/sway.nix +++ b/users/malte/sway.nix @@ -1,7 +1,10 @@ -{ pkgs, config, lib, nixosConfig, ... }: - -let - +{ + pkgs, + config, + lib, + nixosConfig, + ... +}: let col = config.colors; backgrounds = pkgs.fetchFromGitHub { @@ -17,22 +20,18 @@ let wf-recorder = "${pkgs.wf-recorder}/bin/wf-recorder"; slurp = "${pkgs.slurp}/bin/slurp -db '#000000AA' -c '#EBDBB2' -w1"; fuser = "${pkgs.psmisc}/bin/fuser"; - alsa_rec = - "alsa_output.pci-0000_00_1f.3-platform-skl_hda_dsp_generic.HiFi__hw_sofhdadsp__sink.monitor"; + alsa_rec = "alsa_output.pci-0000_00_1f.3-platform-skl_hda_dsp_generic.HiFi__hw_sofhdadsp__sink.monitor"; screenshot-path = "/home/malte/Pictures/screenshots/screenshot.png"; - screenshot-all = - "${grim} ${screenshot-path} && ${wl-copy} < ${screenshot-path}"; + screenshot-all = "${grim} ${screenshot-path} && ${wl-copy} < ${screenshot-path}"; screenshot-region = '' ${grim} -g "$(${slurp})" ${screenshot-path} && ${wl-copy} < ${screenshot-path}''; screencast-path = "/home/malte/Videos/screencasts/screencast.mp4"; - screencast-all = - ''${wf-recorder} --audio="${alsa_rec}" -f ${screencast-path}''; + screencast-all = ''${wf-recorder} --audio="${alsa_rec}" -f ${screencast-path}''; screencast-region = '' ${wf-recorder} --audio="${alsa_rec}" -g "$$(${slurp})" -f ${screencast-path}''; - screencast-stop = - "killall -s SIGINT wf-recorder && ${wl-copy} < ${screencast-path}"; + screencast-stop = "killall -s SIGINT wf-recorder && ${wl-copy} < ${screencast-path}"; swaylockConfig = '' screenshots @@ -79,17 +78,14 @@ let cfg = config.settings.sway; nvidiaUsed = nixosConfig.settings.nvidiaUsed; hiDPI = nixosConfig.hardware.video.hidpi.enable; - in { - imports = - [ ./waybar.nix ./gtk.nix ./qt.nix ./pass.nix ./mako.nix ./kanshi.nix ]; + imports = [./waybar.nix ./gtk.nix ./qt.nix ./pass.nix ./mako.nix ./kanshi.nix]; options.settings.sway = with lib; { enable = mkEnableOption "Enable sway config"; }; config = lib.mkIf cfg.enable { - home.packages = [ pkgs.firaCodeNerd pkgs.grim @@ -112,18 +108,20 @@ in { gtk = true; }; - extraSessionCommands = '' - # needs qt5.qtwayland in systemPackages - export QT_QPA_PLATFORM=wayland - export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" - export MOZ_ENABLE_WAYLAND=1 - export GDK_BACKEND=wayland - # Fix for some Java AWT applications (e.g. Android Studio), - # use this if they aren't displayed properly: - export _JAVA_AWT_WM_NONREPARENTING=1 - export XDG_CURRENT_DESKTOP=Sway - export XDG_SESSION_TYPE=wayland - '' + + extraSessionCommands = + '' + # needs qt5.qtwayland in systemPackages + export QT_QPA_PLATFORM=wayland + export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" + export MOZ_ENABLE_WAYLAND=1 + export GDK_BACKEND=wayland + # Fix for some Java AWT applications (e.g. Android Studio), + # use this if they aren't displayed properly: + export _JAVA_AWT_WM_NONREPARENTING=1 + export XDG_CURRENT_DESKTOP=Sway + export XDG_SESSION_TYPE=wayland + '' + + # TODO: See what actually is required here! (lib.optionalString nvidiaUsed '' # Set DRM devices and fix cursor @@ -147,7 +145,7 @@ in { commands = [ { command = ''title_format "[X] %title"''; - criteria = { shell = "xwayland"; }; + criteria = {shell = "xwayland";}; } { command = "floating enable; kill"; @@ -158,67 +156,69 @@ in { } { command = "floating enable"; - criteria = { app_id = "org.gnome.Nautilus"; }; + criteria = {app_id = "org.gnome.Nautilus";}; } { command = "floating enable"; - criteria = { class = "Mojosetup"; }; + criteria = {class = "Mojosetup";}; } ]; }; - bars = [{ - command = "${pkgs.waybar}/bin/waybar"; - position = "top"; - }]; + bars = [ + { + command = "${pkgs.waybar}/bin/waybar"; + position = "top"; + } + ]; seat."*".xcursor_theme = - if hiDPI then "Numix-Cursor-Light 48" else "Numix-Cursor-Light 32"; + if hiDPI + then "Numix-Cursor-Light 48" + else "Numix-Cursor-Light 32"; keybindings = let mod = config.wayland.windowManager.sway.config.modifier; - move_follow = workspace: - "move container to workspace ${workspace}; workspace ${workspace}"; - in lib.mkOptionDefault { - "${mod}+Shift+e" = "exit"; - # Move focused container to workspace and follow - "${mod}+Ctrl+Shift+1" = move_follow "1"; - "${mod}+Ctrl+Shift+2" = move_follow "2"; - "${mod}+Ctrl+Shift+3" = move_follow "3"; - "${mod}+Ctrl+Shift+4" = move_follow "4"; - "${mod}+Ctrl+Shift+5" = move_follow "5"; - "${mod}+Ctrl+Shift+6" = move_follow "6"; - "${mod}+Ctrl+Shift+7" = move_follow "7"; - "${mod}+Ctrl+Shift+8" = move_follow "8"; - "${mod}+Ctrl+Shift+9" = move_follow "9"; - # Move workspaces between displays - "${mod}+Ctrl+Shift+l" = "move workspace to output right"; - "${mod}+Ctrl+Shift+k" = "move workspace to output up"; - "${mod}+Ctrl+Shift+j" = "move workspace to output down"; - "${mod}+Ctrl+Shift+h" = "move workspace to output left"; - # Sound control - "XF86AudioRaiseVolume" = - "exec ${pkgs.ponymix}/bin/ponymix increase 5%"; - "XF86AudioLowerVolume" = - "exec ${pkgs.ponymix}/bin/ponymix decrease 5%"; - "XF86AudioMute" = "exec ${pkgs.ponymix}/bin/ponymix toggle"; - "XF86AudioMicMute" = - "exec ${pkgs.ponymix}/bin/ponymix --input toggle"; - # Additional menus - "${mod}+p" = "exec passmenu-bemenu"; - # Screenshots - "${mod}+Ctrl+s" = "exec ${screenshot-all}"; - "${mod}+Ctrl+Shift+s" = "exec ${screenshot-region}"; - # Screencasts - "${mod}+Ctrl+r" = "exec ${screencast-all}; mode recording"; - "${mod}+Ctrl+Shift+r" = "exec ${screencast-region}; mode recording"; - # Special window actions - "${mod}+Ctrl+Shift+w" = "mode window"; - # Screenlocking - "XF86Favorites" = "exec swaylock"; - }; + move_follow = workspace: "move container to workspace ${workspace}; workspace ${workspace}"; + in + lib.mkOptionDefault { + "${mod}+Shift+e" = "exit"; + # Move focused container to workspace and follow + "${mod}+Ctrl+Shift+1" = move_follow "1"; + "${mod}+Ctrl+Shift+2" = move_follow "2"; + "${mod}+Ctrl+Shift+3" = move_follow "3"; + "${mod}+Ctrl+Shift+4" = move_follow "4"; + "${mod}+Ctrl+Shift+5" = move_follow "5"; + "${mod}+Ctrl+Shift+6" = move_follow "6"; + "${mod}+Ctrl+Shift+7" = move_follow "7"; + "${mod}+Ctrl+Shift+8" = move_follow "8"; + "${mod}+Ctrl+Shift+9" = move_follow "9"; + # Move workspaces between displays + "${mod}+Ctrl+Shift+l" = "move workspace to output right"; + "${mod}+Ctrl+Shift+k" = "move workspace to output up"; + "${mod}+Ctrl+Shift+j" = "move workspace to output down"; + "${mod}+Ctrl+Shift+h" = "move workspace to output left"; + # Sound control + "XF86AudioRaiseVolume" = "exec ${pkgs.ponymix}/bin/ponymix increase 5%"; + "XF86AudioLowerVolume" = "exec ${pkgs.ponymix}/bin/ponymix decrease 5%"; + "XF86AudioMute" = "exec ${pkgs.ponymix}/bin/ponymix toggle"; + "XF86AudioMicMute" = "exec ${pkgs.ponymix}/bin/ponymix --input toggle"; + # Additional menus + "${mod}+p" = "exec passmenu-bemenu"; + # Screenshots + "${mod}+Ctrl+s" = "exec ${screenshot-all}"; + "${mod}+Ctrl+Shift+s" = "exec ${screenshot-region}"; + # Screencasts + "${mod}+Ctrl+r" = "exec ${screencast-all}; mode recording"; + "${mod}+Ctrl+Shift+r" = "exec ${screencast-region}; mode recording"; + # Special window actions + "${mod}+Ctrl+Shift+w" = "mode window"; + # Screenlocking + "XF86Favorites" = "exec swaylock"; + }; - gaps = let size = 3; + gaps = let + size = 3; in { smartBorders = "on"; smartGaps = true; @@ -227,42 +227,44 @@ in { }; assigns = { - "2" = [{ app_id = "firefox"; }]; + "2" = [{app_id = "firefox";}]; "5" = [ - { title = "Korrektur.pdf(.xopp)? . Xournal++"; } - { title = ".*HWP Betreuung/Skript.pdf"; } + {title = "Korrektur.pdf(.xopp)? . Xournal++";} + {title = ".*HWP Betreuung/Skript.pdf";} ]; - "6" = [{ class = "com-cburch-logisim-Main"; }]; - "7" = [{ app_id = "Element"; }]; - "8" = [ { app_id = "telegramdesktop"; } { class = "discord"; } ]; - "9" = [{ app_id = "pavucontrol"; }]; + "6" = [{class = "com-cburch-logisim-Main";}]; + "7" = [{app_id = "Element";}]; + "8" = [{app_id = "telegramdesktop";} {class = "discord";}]; + "9" = [{app_id = "pavucontrol";}]; }; fonts = { - names = [ "FiraCode Nerd Font" ]; + names = ["FiraCode Nerd Font"]; size = 8.0; }; - modes = let mod = config.wayland.windowManager.sway.config.modifier; - in lib.mkOptionDefault { - recording = { - "${mod}+Escape" = "exec ${screencast-stop}; mode default"; - }; + modes = let + mod = config.wayland.windowManager.sway.config.modifier; + in + lib.mkOptionDefault { + recording = { + "${mod}+Escape" = "exec ${screencast-stop}; mode default"; + }; - window = { - "Escape" = "mode default"; - "1" = let - width = 1920; - win_width = 500; - win_height = 500 * 9 / 16; - str = builtins.toString; - in "floating enable; sticky enable; resize set width ${ - str win_width - }px height ${str win_height}px; move position ${ - str (1920 - win_width) - }px 0px"; + window = { + "Escape" = "mode default"; + "1" = let + width = 1920; + win_width = 500; + win_height = 500 * 9 / 16; + str = builtins.toString; + in "floating enable; sticky enable; resize set width ${ + str win_width + }px height ${str win_height}px; move position ${ + str (1920 - win_width) + }px 0px"; + }; }; - }; input = { # Build into the Thinkpad @@ -301,10 +303,8 @@ in { output = { "Unknown 0x1500 0x00000000".bg = "${backgrounds}/forest2.jpg fill"; - "Goldstar Company Ltd IPS226 SerialNumber".bg = - "${backgrounds}/future-town.jpg fill"; - "BenQ Corporation BenQ GW2270 P9J02423SL0".bg = - "${backgrounds}/leaves3.jpg fill"; + "Goldstar Company Ltd IPS226 SerialNumber".bg = "${backgrounds}/future-town.jpg fill"; + "BenQ Corporation BenQ GW2270 P9J02423SL0".bg = "${backgrounds}/leaves3.jpg fill"; }; colors = let @@ -346,7 +346,6 @@ in { }; }; }; - }; services.wlsunset = { diff --git a/users/malte/taskwarrior.nix b/users/malte/taskwarrior.nix index 8727973..1a34bc4 100644 --- a/users/malte/taskwarrior.nix +++ b/users/malte/taskwarrior.nix @@ -1,10 +1,13 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let # Data storage location for taskwarrior dataLocation = "/home/malte/Tasks"; # A usable (with dateutil) python interpreter for timewarrior's totals.py extension - pythonWithLibs = pkgs.python3.withPackages (ps: [ ps.dateutil ]); + pythonWithLibs = pkgs.python3.withPackages (ps: [ps.dateutil]); # This is a patched version of the upstream `totals.py` script # so sum up timewarrior stats # This just patches the first line to use a python interpreter that has @@ -18,9 +21,9 @@ let rev = "v1.4.3"; sha256 = "+HsUiU287bWZ5Ytl+N5i+STuG9YlqlaKWxd69y0PRds="; }; - buildInputs = [ pkgs.coreutils ]; - propagatedBuildInputs = [ pythonWithLibs ]; - phases = [ "unpackPhase" "patchPhase" "installPhase" ]; + buildInputs = [pkgs.coreutils]; + propagatedBuildInputs = [pythonWithLibs]; + phases = ["unpackPhase" "patchPhase" "installPhase"]; patchPhase = '' sed -i 's|^#!/usr/bin/env python3$|#!${pythonWithLibs}/bin/python3|' \ ext/totals.py \ @@ -31,11 +34,10 @@ let cp ext/totals.py ext/on-modify.timewarrior $out/ ''; }; - in { # Install timewarrior aswell! # Timewarrior hook needs Python3.. or a patch.. to lazy for the latter - home.packages = with pkgs; [ timewarrior python3 ]; + home.packages = with pkgs; [timewarrior python3]; programs.taskwarrior = { inherit dataLocation; @@ -57,17 +59,14 @@ in { description = "Tasksh review report. Adjust the filter to your needs."; columns = "uuid"; sort = "reviewed+,modified+"; - filter = - "( reviewed.none: or reviewed.before:now-6days ) and ( +PENDING )"; + filter = "( reviewed.none: or reviewed.before:now-6days ) and ( +PENDING )"; }; }; }; - home.file.".timewarrior/extensions/totals.py".source = - "${timewarriorExtensions}/totals.py"; + home.file.".timewarrior/extensions/totals.py".source = "${timewarriorExtensions}/totals.py"; home.file."${dataLocation}/hooks/on-modify-timewarrior" = { source = "${timewarriorExtensions}/on-modify.timewarrior"; executable = true; }; - } diff --git a/users/malte/unison.nix b/users/malte/unison.nix index bddab55..a69ff2f 100644 --- a/users/malte/unison.nix +++ b/users/malte/unison.nix @@ -1,12 +1,10 @@ -{ pkgs, ... }: - -{ - home.packages = with pkgs; [ x11_ssh_askpass openssh ]; +{pkgs, ...}: { + home.packages = with pkgs; [x11_ssh_askpass openssh]; services.unison = { enable = true; pairs.university = { - roots = [ "/home/malte/Uni" "ssh://malte@helix-pomatia//home/malte/Uni" ]; - commandOptions = { auto = "true"; }; + roots = ["/home/malte/Uni" "ssh://malte@helix-pomatia//home/malte/Uni"]; + commandOptions = {auto = "true";}; }; }; } diff --git a/users/malte/waybar.nix b/users/malte/waybar.nix index 89a8e05..425d7fa 100644 --- a/users/malte/waybar.nix +++ b/users/malte/waybar.nix @@ -1,19 +1,20 @@ -{ pkgs, lib, config, ... }: - -let - +{ + pkgs, + lib, + config, + ... +}: let darkenBorder = 0.4; col = config.colors; - task-activity = with pkgs; - let - task = "${pkgs.taskwarrior}/bin/task"; - jq = "${pkgs.jq}/bin/jq"; - timew = "${pkgs.timewarrior}/bin/timew"; - getTaskwarriorDesc = "${task} +ACTIVE export | ${jq} '.[0].description'"; - getTimewarriorDesc = - "${timew} get dom.active.json | ${jq} '.tags|join(\", \")'"; - in writeScriptBin "task-activity" '' + task-activity = with pkgs; let + task = "${pkgs.taskwarrior}/bin/task"; + jq = "${pkgs.jq}/bin/jq"; + timew = "${pkgs.timewarrior}/bin/timew"; + getTaskwarriorDesc = "${task} +ACTIVE export | ${jq} '.[0].description'"; + getTimewarriorDesc = "${timew} get dom.active.json | ${jq} '.tags|join(\", \")'"; + in + writeScriptBin "task-activity" '' #!${stdenv.shell} task +ACTIVE >/dev/null 2>/dev/null @@ -43,103 +44,106 @@ let systemctl = "${pkgs.systemd}/bin/systemctl"; jq = "${pkgs.jq}/bin/jq"; extractJson = "${jq} '.[].unit' --raw-output"; - replaceNewlines = "${pkgs.coreutils}/bin/tr '\n' ' '"; - in pkgs.writeScriptBin "check-system" '' - #!${pkgs.stdenv.shell} + newline = "\n"; + replaceNewlines = "${pkgs.coreutils}/bin/tr '${newline}' ' '"; + in + pkgs.writeScriptBin "check-system" '' + #!${pkgs.stdenv.shell} - failed_user=$(${systemctl} --user --output json list-units --failed | ${extractJson} | ${replaceNewlines}) - failed_system=$(${systemctl} --output json list-units --failed | ${extractJson} | ${replaceNewlines}) + failed_user=$(${systemctl} --user --output json list-units --failed | ${extractJson} | ${replaceNewlines}) + failed_system=$(${systemctl} --output json list-units --failed | ${extractJson} | ${replaceNewlines}) - if [[ -n $failed_system ]]; then - # Some system services failed - echo "{ \"text\": \" \", \ - \"tooltip\": \"$failed_system\" \ - }" | ${jq} --unbuffered --compact-output - fi - - if [[ -n $failed_user ]]; then - # Some user services failed - echo "{ \"text\": \" \", \ - \"tooltip\": \"$failed_user\" \ - }" | ${jq} --unbuffered --compact-output - fi - ''; + if [[ -n $failed_system ]]; then + # Some system services failed + echo "{ \"text\": \" \", \ + \"tooltip\": \"$failed_system\" \ + }" | ${jq} --unbuffered --compact-output + fi + if [[ -n $failed_user ]]; then + # Some user services failed + echo "{ \"text\": \" \", \ + \"tooltip\": \"$failed_user\" \ + }" | ${jq} --unbuffered --compact-output + fi + ''; in { - home.packages = [ pkgs.firaCodeNerd task-activity ]; + home.packages = [pkgs.firaCodeNerd task-activity]; programs.waybar = { enable = true; - settings = [{ - layer = "top"; - position = "top"; + settings = [ + { + layer = "top"; + position = "top"; - modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ]; - modules-center = [ "clock#time" "custom/check-system" "clock#date" ]; - modules-right = [ "custom/taskwarrior" "network" "battery" "tray" ]; + modules-left = ["sway/workspaces" "sway/mode" "sway/window"]; + modules-center = ["clock#time" "custom/check-system" "clock#date"]; + modules-right = ["custom/taskwarrior" "network" "battery" "tray"]; - modules = { - "sway/workspaces" = { - disable-scroll = true; - all-outputs = true; - }; - "sway/mode" = { - format = "{}"; - }; - "sway/window" = { tooltip = false; }; - - "clock#time" = { - interval = 1; - format = "{:%T}"; - tooltip = false; - }; - "custom/check-system" = { - exec = "${checkSystem}/bin/check-system"; - return-type = "json"; - interval = 5; - }; - "clock#date" = { - format = "{:%d.%m.%y}"; - tooltip = false; - }; - - "custom/taskwarrior" = { - exec = "${task-activity}/bin/task-activity"; - return-type = "json"; - interval = 1; - }; - "idle_inhibitor" = { - format = "{icon}"; - format-icons = { - activated = " "; - deactivated = " "; + modules = { + "sway/workspaces" = { + disable-scroll = true; + all-outputs = true; }; - tooltip = false; - }; - "battery" = { - states = { - good = 95; - warning = 30; - critical = 15; + "sway/mode" = { + format = "{}"; + }; + "sway/window" = {tooltip = false;}; + + "clock#time" = { + interval = 1; + format = "{:%T}"; + tooltip = false; + }; + "custom/check-system" = { + exec = "${checkSystem}/bin/check-system"; + return-type = "json"; + interval = 5; + }; + "clock#date" = { + format = "{:%d.%m.%y}"; + tooltip = false; + }; + + "custom/taskwarrior" = { + exec = "${task-activity}/bin/task-activity"; + return-type = "json"; + interval = 1; + }; + "idle_inhibitor" = { + format = "{icon}"; + format-icons = { + activated = " "; + deactivated = " "; + }; + tooltip = false; + }; + "battery" = { + states = { + good = 95; + warning = 30; + critical = 15; + }; + format = "{icon} {capacity}%"; + format-charging = " {capacity}%"; + format-plugged = ""; + design-capacity = true; + format-icons = ["" "" "" "" ""]; + tooltip = false; + }; + "network" = { + format-wifi = "{essid} ({signalStrength}%)  "; + format-ethernet = "{ifname}: {ipaddr}/{cidr}  "; + format-linked = "{ifname} (No IP)  "; + format-disconnected = "睊 "; + tooltip = false; + interval = 5; }; - format = "{icon} {capacity}%"; - format-charging = " {capacity}%"; - format-plugged = ""; - design-capacity = true; - format-icons = [ "" "" "" "" "" ]; - tooltip = false; }; - "network" = { - format-wifi = "{essid} ({signalStrength}%)  "; - format-ethernet = "{ifname}: {ipaddr}/{cidr}  "; - format-linked = "{ifname} (No IP)  "; - format-disconnected = "睊 "; - tooltip = false; - interval = 5; - }; - }; - }]; + } + ]; style = '' * { @@ -153,8 +157,8 @@ in { window#waybar { background-color: ${col.background.hashRgb}; border-bottom: 3px solid ${ - (col.background.darker darkenBorder).hashRgb - }; + (col.background.darker darkenBorder).hashRgb + }; color: ${col.primary.hashRgb}; } @@ -184,8 +188,8 @@ in { font-weight: bolder; min-width: 20px; border-bottom: 3px solid ${ - (col.background.darker darkenBorder).hashRgb - }; + (col.background.darker darkenBorder).hashRgb + }; } #workspaces button.urgent { @@ -255,8 +259,8 @@ in { background-color: ${col.foregroundDimmed.hashRgb}; color: ${col.background.hashRgb}; border-bottom: 3px solid ${ - (col.foregroundDimmed.darker darkenBorder).hashRgb - }; + (col.foregroundDimmed.darker darkenBorder).hashRgb + }; } #network.disconnected { @@ -273,8 +277,8 @@ in { background-color: ${col.foregroundDimmed.hashRgb}; color: ${col.background.hashRgb}; border-bottom: 3px solid ${ - (col.foregroundDimmed.darker darkenBorder).hashRgb - }; + (col.foregroundDimmed.darker darkenBorder).hashRgb + }; } #idle_inhibitor.activated { @@ -318,8 +322,8 @@ in { #battery { background-color: ${col.foregroundDimmed.hashRgb}; border-bottom: 3px solid ${ - (col.foregroundDimmed.darker darkenBorder).hashRgb - }; + (col.foregroundDimmed.darker darkenBorder).hashRgb + }; color: ${col.background.hashRgb}; } diff --git a/users/malte/wlsunset.nix b/users/malte/wlsunset.nix index 7c51da1..552641a 100644 --- a/users/malte/wlsunset.nix +++ b/users/malte/wlsunset.nix @@ -1,6 +1,4 @@ -{ ... }: - -{ +{...}: { services.wlsunset = { enable = true; latitude = 51.3; diff --git a/users/malte/zathura.nix b/users/malte/zathura.nix index d0905ed..de5ba88 100644 --- a/users/malte/zathura.nix +++ b/users/malte/zathura.nix @@ -1,7 +1,5 @@ -{ pkgs, ... }: - -{ - home.packages = [ pkgs.firaCodeNerd ]; +{pkgs, ...}: { + home.packages = [pkgs.firaCodeNerd]; programs.zathura = { enable = true; diff --git a/users/marie/home.nix b/users/marie/home.nix index dc6308f..365a368 100644 --- a/users/marie/home.nix +++ b/users/marie/home.nix @@ -1,17 +1,18 @@ -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let mkTuple = lib.hm.gvariant.mkTuple; bg = pkgs.fetchurl { url = "https://images.pexels.com/photos/2559941/pexels-photo-2559941.jpeg"; sha256 = "sha256-Su2UwFpZKj5sa80UrcDSX9O2GuVI6XR2gSLpp4gJZP0="; }; - in { - imports = [ ../modules/restic-backup.nix ]; + imports = [../modules/restic-backup.nix]; config = { - home.packages = with pkgs; [ bitwarden element-desktop @@ -39,7 +40,7 @@ in { services.restic = { enable = true; - paths = [ "/home/marie/Uni" "/home/marie/Bilder" ]; + paths = ["/home/marie/Uni" "/home/marie/Bilder"]; }; programs.mpv = { @@ -54,14 +55,14 @@ in { }; "org/gnome/desktop/input-sources" = { per-window = false; - sources = [ (mkTuple [ "xkb" "de" ]) (mkTuple [ "xkb" "us+workman" ]) ]; - xkb-options = [ "compose:rctrl" ]; + sources = [(mkTuple ["xkb" "de"]) (mkTuple ["xkb" "us+workman"])]; + xkb-options = ["compose:rctrl"]; }; "org/gnome/desktop/interface" = { enable-hot-corners = false; show-battery-percentage = true; }; - "org/gnome/desktop/background" = { picture-uri = "file://${bg}"; }; + "org/gnome/desktop/background" = {picture-uri = "file://${bg}";}; }; }; } diff --git a/users/modules/restic-backup.nix b/users/modules/restic-backup.nix index b447510..3ce646a 100644 --- a/users/modules/restic-backup.nix +++ b/users/modules/restic-backup.nix @@ -3,10 +3,13 @@ # This _assumes_ a few things: # - There is a sops.secrets with the name "restic-backup-USERNAME" # - That the repository is actually reachable, which is a little flaky still - -{ nixosConfig, pkgs, lib, config, ... }: - -let +{ + nixosConfig, + pkgs, + lib, + config, + ... +}: let resticCmd = "${pkgs.restic}/bin/restic"; username = config.home.username; @@ -25,15 +28,13 @@ let }; cfg = config.services.restic; - in { - options.services.restic = with lib; { enable = mkEnableOption "restic backup service"; paths = mkOption { type = types.listOf types.str; - default = [ ]; + default = []; description = "Paths to backup"; }; @@ -46,14 +47,14 @@ in { config = lib.mkIf cfg.enable { # Add restic for the user (they will need to initialize the repo) - home.packages = [ pkgs.restic ]; + home.packages = [pkgs.restic]; # Add the above env variables, so that using restic is easy for them home.sessionVariables = sessionVars; # Create a systemd service for the backup systemd.user.services.restic-backups-to-elysia-clarki = { Unit = { Description = "Backup to elysia-clarki using restic"; - After = [ "network.target" ]; + After = ["network.target"]; }; Service = { @@ -71,15 +72,16 @@ in { CacheDirectoryMode = "0700"; # Convert the above map of environment variables into a list # of "KEY=VALUE" entrie - Environment = builtins.attrValues + Environment = + builtins.attrValues (builtins.mapAttrs (k: v: "${k}=${v}") sessionVars); }; }; # Run the above service every hour systemd.user.timers.restic-backups-to-elysia-clarki = { - Unit = { Description = "Run restic backups every hour"; }; - Install = { WantedBy = [ "timers.target" ]; }; - Timer = { OnCalendar = "hourly"; }; + Unit = {Description = "Run restic backups every hour";}; + Install = {WantedBy = ["timers.target"];}; + Timer = {OnCalendar = "hourly";}; }; }; } diff --git a/users/modules/synchronize-calendars.nix b/users/modules/synchronize-calendars.nix index 30ca85c..0780caf 100644 --- a/users/modules/synchronize-calendars.nix +++ b/users/modules/synchronize-calendars.nix @@ -1,8 +1,10 @@ # Synchronize calendars from https://cal.tammena.rocks - -{ pkgs, lib, config, ... }: - -let +{ + pkgs, + lib, + config, + ... +}: let cfg = config.services.synchronize-calendars; khalConfig = '' @@ -45,10 +47,11 @@ let username = "${cfg.user}" password.fetch = ["command", "cat", "${cfg.passwordFile}"] ''; - in { options.services.synchronize-calendars = with lib; { - enable = mkEnableOption "Enable service to synchronize my calendars and add some necessary programs"; + enable = + mkEnableOption + "Enable service to synchronize my calendars and add some necessary programs"; user = mkOption { type = types.str; @@ -67,27 +70,27 @@ in { }; config = lib.mkIf cfg.enable { - home.packages = [ pkgs.vdirsyncer pkgs.khal ]; + home.packages = [pkgs.vdirsyncer pkgs.khal]; - # == Systemd settings to automatically run the sync == - systemd.user.services."synchronize-calendars" = { - Unit.Description = "Synchronize my calendars using vdirsyncer"; - Service = { - Type = "oneshot"; - ExecStart = '' - ${pkgs.vdirsyncer}/bin/vdirsyncer sync - ''; + # == Systemd settings to automatically run the sync == + systemd.user.services."synchronize-calendars" = { + Unit.Description = "Synchronize my calendars using vdirsyncer"; + Service = { + Type = "oneshot"; + ExecStart = '' + ${pkgs.vdirsyncer}/bin/vdirsyncer sync + ''; + }; }; - }; - systemd.user.timers."synchronize-calendars" = { - Unit.Description = "Run synchronize-calendars.service every 15 minutes"; - Timer.OnCalendar = "*:0/10"; - Install.WantedBy = [ "timers.target" ]; - }; + systemd.user.timers."synchronize-calendars" = { + Unit.Description = "Run synchronize-calendars.service every 15 minutes"; + Timer.OnCalendar = "*:0/10"; + Install.WantedBy = ["timers.target"]; + }; - # == Configuration == - xdg.configFile."khal/config".text = khalConfig; - xdg.configFile."vdirsyncer/config".text = vdirsyncerConfig; + # == Configuration == + xdg.configFile."khal/config".text = khalConfig; + xdg.configFile."vdirsyncer/config".text = vdirsyncerConfig; }; }