[*] Redo flake.nix, use utils-plus, new formatter

This commit is contained in:
Malte Tammena 2022-03-23 13:10:18 +01:00
parent 0c25556826
commit b41bb0bea3
63 changed files with 1363 additions and 1405 deletions

View file

@ -279,6 +279,21 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": {
"locked": {
"lastModified": 1644229661,
"narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"glados": { "glados": {
"inputs": { "inputs": {
"nixCargoIntegration": "nixCargoIntegration_2" "nixCargoIntegration": "nixCargoIntegration_2"
@ -675,7 +690,8 @@
"qmk-udev-rules": "qmk-udev-rules", "qmk-udev-rules": "qmk-udev-rules",
"radicale_infcloud": "radicale_infcloud", "radicale_infcloud": "radicale_infcloud",
"rip": "rip", "rip": "rip",
"sops-nix": "sops-nix" "sops-nix": "sops-nix",
"utils": "utils_3"
} }
}, },
"rust-analyzer-src": { "rust-analyzer-src": {
@ -861,6 +877,24 @@
"repo": "flake-utils", "repo": "flake-utils",
"type": "github" "type": "github"
} }
},
"utils_3": {
"inputs": {
"flake-utils": "flake-utils_2"
},
"locked": {
"lastModified": 1647259887,
"narHash": "sha256-yEkMbEHVO9qydluQ3uHGWX1PkfZhgDKxnd1rhZYZ72w=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "06dba5f3b4fa2cc0bfc98ce9cd6f9a4d8db11d46",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

435
flake.nix
View file

@ -3,10 +3,10 @@
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs.url = "nixpkgs/nixos-unstable";
nixos-hardware = { nixos-hardware.url = "github:NixOS/nixos-hardware";
url = "github:NixOS/nixos-hardware"; utils.url = "github:gytis-ivaskevicius/flake-utils-plus";
inputs.nixpkgs.follows = "nixpkgs"; custom-udev-rules.url = "github:MalteT/custom-udev-rules";
};
nixpkgs-wayland = { nixpkgs-wayland = {
url = "github:nix-community/nixpkgs-wayland"; url = "github:nix-community/nixpkgs-wayland";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -19,10 +19,6 @@
url = "github:MalteT/mensa/main"; url = "github:MalteT/mensa/main";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
custom-udev-rules = {
url = "github:MalteT/custom-udev-rules";
inputs.nixpkgs.follows = "nixpkgs";
};
fenix = { fenix = {
url = "github:nix-community/fenix"; url = "github:nix-community/fenix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -43,6 +39,11 @@
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
fend = {
url = "github:MalteT/fend/flake";
inputs.nixpkgs.follows = "nixpkgs";
};
gruvbox-material-gtk = { gruvbox-material-gtk = {
url = "github:sainnhe/gruvbox-material-gtk"; url = "github:sainnhe/gruvbox-material-gtk";
flake = false; flake = false;
@ -63,218 +64,51 @@
url = "github:Unrud/RadicaleInfCloud"; url = "github:Unrud/RadicaleInfCloud";
flake = false; flake = false;
}; };
fend = {
url = "github:MalteT/fend/flake";
inputs.nixpkgs.follows = "nixpkgs";
};
qmk-udev-rules = { qmk-udev-rules = {
url = "github:qmk/qmk_firmware"; url = "github:qmk/qmk_firmware";
flake = false; flake = false;
}; };
}; };
outputs = { self, nixpkgs, nixos-hardware, home-manager, ... }@inputs: { outputs = {
self,
utils,
nixpkgs,
nixos-hardware,
...
} @ inputs: let
pkgs = self.pkgs.x86_64-linux.nixpkgs;
colmena = { hosts = [
meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; }; "helix-texta"
"murex-pecten"
"cornu-aspersum"
"elysia-clarki"
"trochulus-hispidus"
];
helix-texta = { name, nodes, pkgs, ... }: { defaultModules = [
imports = [ self.nixosModules.helix-texta ]; inputs.home-manager.nixosModules.home-manager
config.deployment = {
allowLocalDeployment = true;
targetHost = "helix-texta";
targetUser = "root";
};
};
murex-pecten = { name, nodes, pkgs, ... }: {
imports = [ self.nixosModules.murex-pecten ];
config.deployment = {
allowLocalDeployment = true;
targetHost = "murex-pecten";
targetUser = "root";
};
};
cornu-aspersum = { ... }: {
imports = [ self.nixosModules.cornu-aspersum ];
config.deployment = {
targetHost = "cornu-aspersum";
targetUser = "root";
};
};
elysia-clarki = { ... }: {
imports = [ self.nixosModules.elysia-clarki ];
config.deployment = {
targetHost = "elysia-clarki";
targetUser = "root";
};
};
trochulus-hispidus = { ... }: {
imports = [ self.nixosModules.trochulus-hispidus ];
config.deployment = {
targetHost = "trochulus-hispidus";
targetUser = "root";
};
};
};
nixosModules = {
helix-texta = { pkgs, config, ... }: {
imports = [
./hosts/helix-texta.nix
./modules/light-actkbd.nix
./modules/scanner.nix
self.nixosModules.thinkpad-p1-gen3
home-manager.nixosModules.home-manager
self.nixosModules.home-manager-config self.nixosModules.home-manager-config
self.nixosModules.x86_64-linux-basics
];
config = {
nix.settings = {
# add binary caches
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
substituters = nixpkgs.lib.mkForce [
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
];
};
environment.systemPackages =
[ inputs.colmena.packages.${config.nixpkgs.system}.colmena ];
# Overwrite basics
services.openssh.enable = false;
programs.mosh.enable = false;
# Overlays only relevant to my primary laptop
nixpkgs.overlays = [
inputs.nixpkgs-wayland.overlay
inputs.fenix.overlay
(import ./overlays/sane-backends.nix)
(import ./overlays/logisim.nix)
];
};
};
murex-pecten = { ... }: {
imports = [
self.nixosModules.x86_64-linux-basics
nixos-hardware.nixosModules.common-pc
nixos-hardware.nixosModules.common-pc-ssd
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
home-manager.nixosModules.home-manager
self.nixosModules.home-manager-config
./hosts/murex-pecten.nix
./hardware/aorus.nix
];
config = { nixpkgs.overlays = [ inputs.fenix.overlay ]; };
};
cornu-aspersum = { ... }: {
imports = [
self.nixosModules.x86_64-linux-basics
./hosts/cornu-aspersum.nix
./hardware/netcup-rs-2000-g9.nix
./modules/nginx-reverse-proxy.nix
./modules/ccqcraft.nix
inputs.glados.nixosModules.glados
];
};
elysia-clarki = { pkgs, ... }: {
imports = [
self.nixosModules.x86_64-linux-basics
./hosts/elysia-clarki.nix
./hardware/intel-nuc.nix
./modules/local-build-service.nix
./modules/nginx-reverse-proxy.nix
#./modules/binary-cache.nix
./modules/ccqcraft-backups.nix
];
config = {
# Override kernel version for zfs
boot.kernelPackages = pkgs.linuxPackages_5_10;
};
};
trochulus-hispidus = { pkgs, ... }: {
imports = [
home-manager.nixosModules.home-manager
self.nixosModules.x86_64-linux-basics
self.nixosModules.home-manager-config
./modules/scanner.nix
./hosts/trochulus-hispidus.nix
./hardware/latitude-e7440.nix
];
config = {
nixpkgs.overlays = [ (import ./overlays/sane-backends.nix) ];
};
};
};
nixosModules.thinkpad-p1-gen3 = { ... }: {
imports = [
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-gpu-nvidia
nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd
nixos-hardware.nixosModules.common-pc-laptop-acpi_call
./hardware/thinkpad-p1-gen3.nix
];
};
nixosModules.home-manager-config = { ... }: {
home-manager.verbose = true;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
};
# Necessary for flakes to work
nixosModules.nixUnstable = { pkgs, ... }: {
nix.registry.nixpkgs.flake = nixpkgs;
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nixpkgs.overlays = [ (self: super: { nix = super.nixUnstable; }) ];
# Enable store optimiser
nix.optimise = {
automatic = true;
dates = [ "04:00" ];
};
};
# Some basics that every machine should have
nixosModules.x86_64-linux-basics = { pkgs, config, ... }: {
imports = [
inputs.custom-udev-rules.nixosModule inputs.custom-udev-rules.nixosModule
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
self.nixosModules.nixUnstable self.nixosModules.nixUnstable
./modules/base-system.nix ./modules/base-system.nix
]; ];
in
utils.lib.mkFlake {
inherit self inputs;
config = { supportedSystems = ["x86_64-linux"];
# Set the system revision if this flake has it
system.configurationRevision = pkgs.lib.mkIf (self ? rev) self.rev;
# Add some useful overlays sharedOverlays = [
# TODO: How would I do this inside ./modules/base-system.nix? inputs.fenix.overlay
nixpkgs.overlays = [ inputs.nixpkgs-wayland.overlay
inputs.colmena.overlay
utils.overlay
(self: super: { (self: super: {
# Add FiraCode as a package, but use NerdFonts # Add FiraCode as a package, but use NerdFonts
firaCodeNerd = super.nerdfonts.override { fonts = [ "FiraCode" ]; }; firaCodeNerd = super.nerdfonts.override {fonts = ["FiraCode"];};
# Add the emulator # Add the emulator
"2a-emulator" = "2a-emulator" =
inputs.emulator-2a.packages.x86_64-linux."2a-emulator"; inputs.emulator-2a.packages.x86_64-linux."2a-emulator";
@ -286,87 +120,177 @@
# Override cataclysm to use git # Override cataclysm to use git
(import ./overlays/cataclysm-dda.nix) (import ./overlays/cataclysm-dda.nix)
(import ./overlays/qmk-udev-rules.nix) (import ./overlays/qmk-udev-rules.nix)
(import ./overlays/sane-backends.nix)
(import ./overlays/logisim.nix)
];
hostDefaults.system = "x86_64-linux";
hostDefaults.modules = defaultModules;
hosts = builtins.listToAttrs (map (host: {
name = host;
value = {modules = [self.nixosModules.${host}];};
})
hosts);
nixosModules = {
home-manager-config = {...}: {
home-manager.verbose = true;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
};
nixUnstable = {pkgs, ...}: {
nix.registry.nixpkgs.flake = nixpkgs;
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nixpkgs.overlays = [(self: super: {nix = super.nixUnstable;})];
# Enable store optimiser
nix.optimise = {
automatic = true;
dates = ["04:00"];
};
};
helix-texta = {
pkgs,
config,
...
}: {
imports = [
./hosts/helix-texta.nix
./modules/light-actkbd.nix
./modules/scanner.nix
self.nixosModules.thinkpad-p1-gen3
];
config = {
# Overwrite basics
services.openssh.enable = false;
programs.mosh.enable = false;
};
};
murex-pecten = {...}: {
imports = [
nixos-hardware.nixosModules.common-pc
nixos-hardware.nixosModules.common-pc-ssd
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
./hosts/murex-pecten.nix
./hardware/aorus.nix
];
};
cornu-aspersum = {...}: {
imports = [
./hosts/cornu-aspersum.nix
./hardware/netcup-rs-2000-g9.nix
./modules/nginx-reverse-proxy.nix
./modules/ccqcraft.nix
inputs.glados.nixosModules.glados
];
};
elysia-clarki = {pkgs, ...}: {
imports = [
./hosts/elysia-clarki.nix
./hardware/intel-nuc.nix
./modules/local-build-service.nix
./modules/nginx-reverse-proxy.nix
#./modules/binary-cache.nix
./modules/ccqcraft-backups.nix
];
config = {
# Override kernel version for zfs
boot.kernelPackages = pkgs.linuxPackages_5_10;
};
};
trochulus-hispidus = {pkgs, ...}: {
imports = [
./modules/scanner.nix
./hosts/trochulus-hispidus.nix
./hardware/latitude-e7440.nix
];
};
thinkpad-p1-gen3 = {...}: {
imports = [
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-gpu-nvidia
nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd
nixos-hardware.nixosModules.common-pc-laptop-acpi_call
./hardware/thinkpad-p1-gen3.nix
]; ];
}; };
}; };
# My thinkpad P1 colmena =
nixosConfigurations.helix-texta = nixpkgs.lib.nixosSystem { {
system = "x86_64-linux"; meta = {nixpkgs = pkgs;};
modules = [ self.nixosModules.helix-texta ]; defaults = {...}: {imports = defaultModules;};
}
// (builtins.listToAttrs (map (
host: {
name = host;
value = {
imports = [self.nixosModules.${host}];
config.deployment = {
targetHost = host;
targetUser = "root";
}; };
# My tower
nixosConfigurations.murex-pecten = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.murex-pecten ];
}; };
}
)
hosts));
# Currently hosted by NetCup outputsBuilder = channels: {
nixosConfigurations.cornu-aspersum = nixpkgs.lib.nixosSystem { devShell = channels.nixpkgs.mkShell {
system = "x86_64-linux"; packages = let
modules = [ self.nixosModules.cornu-aspersum ]; date = "${pkgs.coreutils}/bin/date";
}; git = "${pkgs.git}/bin/git";
nixos-rebuild = "${pkgs.nixos-rebuild}/bin/nixos-rebuild";
# Server @home sops = "${pkgs.sops}/bin/sops";
nixosConfigurations.elysia-clarki = nixpkgs.lib.nixosSystem { bat = "${pkgs.bat}/bin/bat";
system = "x86_64-linux"; in
modules = [ self.nixosModules.elysia-clarki ]; with pkgs; [
}; (writeScriptBin "rebuild" ''
# Marie's laptop
nixosConfigurations.trochulus-hispidus = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ self.nixosModules.trochulus-hispidus ];
};
devShell.x86_64-linux =
let pkgs = import nixpkgs { system = "x86_64-linux"; };
in pkgs.mkShell {
packages = [
(with pkgs;
writeScriptBin "rebuild" ''
#!${stdenv.shell} #!${stdenv.shell}
if [ -z $1 ]; then if [ -z $1 ]; then
echo "Need 'switch|boot|...'" echo "Need 'switch|boot|...'"
exit 1 exit 1
fi fi
today=`${coreutils}/bin/date +%Y-%m-%d` today=`${date} +%Y-%m-%d`
branch=`${git}/bin/git branch --show-current` branch=`${git} branch --show-current`
rev=`${git}/bin/git log -1 --format=%h` rev=`${git} log -1 --format=%h`
dirty=`${git}/bin/git diff --quiet || echo '~'` dirty=`${git} diff --quiet || echo '~'`
NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty
# Extract build secrets # Extract build secrets
echo Extracting build secrets.. echo Extracting build secrets..
${sops}/bin/sops --extract '["polymc-client-id"]' -d secrets/secrets.yaml > build-secrets/polymc-client-id ${sops} --extract '["polymc-client-id"]' -d secrets/secrets.yaml > build-secrets/polymc-client-id
sudo ${nixos-rebuild}/bin/nixos-rebuild $1 --flake . sudo ${nixos-rebuild} $1 --flake .
'') '')
(with pkgs; (writeScriptBin "all-hosts" ''
writeScriptBin "all-hosts" ''
nix eval --json .#nixosConfigurations --apply builtins.attrNames 2>/dev/null | jq -r .[] nix eval --json .#nixosConfigurations --apply builtins.attrNames 2>/dev/null | jq -r .[]
'') '')
(with pkgs; (writeScriptBin "push-to" ''
writeScriptBin "push-to" ''
if [ -z $2 ]; then if [ -z $2 ]; then
echo "Need 'switch|boot|...'" echo "Need 'switch|boot|...'"
exit 1 exit 1
fi fi
host=$1 host=$1
action=$2 action=$2
nixos-rebuild --flake .#$host --build-host root@$host --target-host root@$host $action ${nixos-rebuild} --flake .#$host --build-host root@$host --target-host root@$host $action
'') '')
(with pkgs; (writeScriptBin "option" ''
writeScriptBin "option" ''
host=$1 host=$1
option=$2 option=$2
nix eval .#nixosConfigurations.$host.config.$option nix eval .#nixosConfigurations.$host.config.$option
'') '')
(with pkgs; (writeScriptBin "hm-option" ''
writeScriptBin "hm-option" ''
host=$1 host=$1
option=$2 option=$2
user=$3 user=$3
@ -375,14 +299,13 @@
fi fi
nix eval .#nixosConfigurations.$host.config.home-manager.users.$user.$option 2>/dev/null nix eval .#nixosConfigurations.$host.config.home-manager.users.$user.$option 2>/dev/null
'') '')
(with pkgs; (writeScriptBin "test-config" ''
writeScriptBin "test-config" ''
#!${stdenv.shell} #!${stdenv.shell}
for host in $(all-hosts); do for host in $(all-hosts); do
echo == Checking ''${host}.. echo == Checking ''${host}..
nixos-rebuild --flake .#$host dry-build 2> /tmp/build-output ${nixos-rebuild} --flake .#$host dry-build 2> /tmp/build-output
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
bat --file-name "Failed to verify config for $host" /tmp/build-output ${bat} --file-name "Failed to verify config for $host" /tmp/build-output
exit 1 exit 1
fi fi
done done
@ -390,8 +313,10 @@
echo === All checks passed echo === All checks passed
'') '')
inputs.colmena.packages.x86_64-linux.colmena inputs.colmena.packages.x86_64-linux.colmena
fup-repl
alejandra
]; ];
}; };
};
}; };
} }

View file

@ -1,26 +1,27 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = { boot = {
initrd = { initrd = {
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
availableKernelModules = kernelModules = ["dm-snapshot" "amdgpu"];
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; luks.devices."enc".device = "/dev/disk/by-uuid/037d5dc5-17c3-4643-9ad8-7403d280b191";
kernelModules = [ "dm-snapshot" "amdgpu" ];
luks.devices."enc".device =
"/dev/disk/by-uuid/037d5dc5-17c3-4643-9ad8-7403d280b191";
}; };
kernelModules = [ "kvm-amd" ]; kernelModules = ["kvm-amd"];
}; };
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a"; device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos" ]; options = ["subvol=nixos"];
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/6B2D-BD5B"; device = "/dev/disk/by-uuid/6B2D-BD5B";
@ -29,12 +30,12 @@
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a"; device = "/dev/disk/by-uuid/58415934-fb8e-4e36-996e-ddb61d24602a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=home" ]; options = ["subvol=home"];
}; };
"/home/malte/games" = rec { "/home/malte/games" = rec {
device = "/dev/mapper/${encrypted.label}"; device = "/dev/mapper/${encrypted.label}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=malte/games" ]; options = ["subvol=malte/games"];
encrypted = { encrypted = {
enable = true; enable = true;
label = "luks-media"; label = "luks-media";
@ -44,8 +45,7 @@
}; };
}; };
swapDevices = swapDevices = [{device = "/dev/disk/by-uuid/a8d98aa8-47e4-4d32-bc95-1f4a9a1c1d91";}];
[{ device = "/dev/disk/by-uuid/a8d98aa8-47e4-4d32-bc95-1f4a9a1c1d91"; }];
# Enable bluetooth # Enable bluetooth
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
@ -57,11 +57,11 @@
spinDown5Secs = 1; spinDown5Secs = 1;
powerDownOnStart = true; powerDownOnStart = true;
}; };
"ata-ST3000DM001-1ER166_Z500FQ9H" = { spinDown5Secs = 60; }; "ata-ST3000DM001-1ER166_Z500FQ9H" = {spinDown5Secs = 60;};
}; };
# Prevent GPP0 from waking up the device! # Prevent GPP0 from waking up the device!
wakeup.toggleDevice = [ "GPP0" ]; wakeup.toggleDevice = ["GPP0"];
services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ]; services.xserver.videoDrivers = lib.mkForce ["amdgpu"];
} }

View file

@ -1,14 +1,18 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
# === Boot options === # === Boot options ===
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usbhid" "uas" "usb_storage" "sd_mod"];
[ "xhci_pci" "ehci_pci" "ahci" "usbhid" "uas" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [];
boot.initrd.kernelModules = [ ]; boot.kernelModules = ["kvm-intel"];
boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [];
boot.extraModulePackages = [ ];
# === Internal drive === # === Internal drive ===
fileSystems."/" = { fileSystems."/" = {
@ -32,17 +36,17 @@
}; };
# === Swap === # === Swap ===
swapDevices = swapDevices = [{device = "/dev/disk/by-uuid/efc7e294-1c18-4dd9-aca5-f868eb9c47fc";}];
[{ device = "/dev/disk/by-uuid/efc7e294-1c18-4dd9-aca5-f868eb9c47fc"; }]; }
} // ( // (
# === External drives === # === External drives ===
let let
cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup"; cryptsetup = "${pkgs.cryptsetup}/bin/cryptsetup";
unlockLuksService = label: keyfile: overwrites: unlockLuksService = label: keyfile: overwrites:
lib.attrsets.recursiveUpdate { lib.attrsets.recursiveUpdate {
description = "Unlock luks encrypted device '${label}'"; description = "Unlock luks encrypted device '${label}'";
bindsTo = [ "dev-${label}.device" ]; bindsTo = ["dev-${label}.device"];
after = [ "dev-${label}.device" ]; after = ["dev-${label}.device"];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
@ -53,7 +57,8 @@
${cryptsetup} luksClose ${label}opened ${cryptsetup} luksClose ${label}opened
''; '';
}; };
} overwrites; }
overwrites;
disks = { disks = {
FRA = "8ae45289-82ed-4cf1-9d68-a0e26e5d9bb5"; FRA = "8ae45289-82ed-4cf1-9d68-a0e26e5d9bb5";
@ -64,44 +69,45 @@
in { in {
# Unlock all luks devices and import the zfs pools if necessary # Unlock all luks devices and import the zfs pools if necessary
systemd.services."luks-open-FRA" = systemd.services."luks-open-FRA" =
unlockLuksService "FRA" "/root/keys/fra" { }; unlockLuksService "FRA" "/root/keys/fra" {};
systemd.services."luks-open-BER" = systemd.services."luks-open-BER" = unlockLuksService "BER" "/root/keys/ber" {
unlockLuksService "BER" "/root/keys/ber" {
serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zBER"; serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zBER";
}; };
systemd.services."luks-open-HND" = systemd.services."luks-open-HND" = unlockLuksService "HND" "/root/keys/hnd" {
unlockLuksService "HND" "/root/keys/hnd" {
serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zHND"; serviceConfig.ExecStartPost = "${pkgs.zfs}/bin/zpool import zHND";
}; };
systemd.services."luks-open-LEJ" = systemd.services."luks-open-LEJ" =
unlockLuksService "LEJ" "/root/keys/lej" { }; unlockLuksService "LEJ" "/root/keys/lej" {};
systemd.mounts = [ systemd.mounts = [
{ {
what = "/dev/mapper/FRAopened"; what = "/dev/mapper/FRAopened";
where = "/srv/fra"; where = "/srv/fra";
type = "ext4"; type = "ext4";
wantedBy = [ "default.target" ]; wantedBy = ["default.target"];
requires = [ "luks-open-FRA.service" ]; requires = ["luks-open-FRA.service"];
after = [ "luks-open-FRA.service" ]; after = ["luks-open-FRA.service"];
} }
{ {
what = "/dev/mapper/vg_lej-lv_lej"; what = "/dev/mapper/vg_lej-lv_lej";
where = "/srv/lej"; where = "/srv/lej";
type = "ext4"; type = "ext4";
wantedBy = [ "default.target" ]; wantedBy = ["default.target"];
requires = [ "luks-open-LEJ.service" ]; requires = ["luks-open-LEJ.service"];
after = [ "luks-open-LEJ.service" ]; after = ["luks-open-LEJ.service"];
} }
]; ];
# Add udev rules for every disk # Add udev rules for every disk
services.udev.customRules = [{ services.udev.customRules = [
{
name = "85-rename-and-unlock-disks"; name = "85-rename-and-unlock-disks";
rules = lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList rules = lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList
(alias: uuid: '' (alias: uuid: ''
SUBSYSTEM=="block", ENV{ID_FS_UUID}=="${uuid}", SYMLINK+="${alias}", TAG+="systemd" SUBSYSTEM=="block", ENV{ID_FS_UUID}=="${uuid}", SYMLINK+="${alias}", TAG+="systemd"
'') disks); '')
}]; disks);
}
}) ];
}
)

View file

@ -1,28 +1,30 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci"];
[ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [];
boot.initrd.kernelModules = [ ]; boot.kernelModules = ["kvm-intel"];
boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [];
boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/595d4130-1aa8-4779-9dd9-6707929f0981"; device = "/dev/disk/by-uuid/595d4130-1aa8-4779-9dd9-6707929f0981";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."nixos".device = boot.initrd.luks.devices."nixos".device = "/dev/disk/by-uuid/52caf614-e56e-46f4-9604-222ea98fc106";
"/dev/disk/by-uuid/52caf614-e56e-46f4-9604-222ea98fc106";
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D70A-4148"; device = "/dev/disk/by-uuid/D70A-4148";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
hardware.cpu.intel.updateMicrocode = hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware; lib.mkDefault config.hardware.enableRedistributableFirmware;

View file

@ -1,17 +1,18 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
[ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/652432d2-a452-496c-b29d-b22c479a8545"; device = "/dev/disk/by-uuid/652432d2-a452-496c-b29d-b22c479a8545";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = swapDevices = [{device = "/dev/disk/by-uuid/2c090f4d-4163-43b8-8b76-b1ac1c30e755";}];
[{ device = "/dev/disk/by-uuid/2c090f4d-4163-43b8-8b76-b1ac1c30e755"; }];
} }

View file

@ -1,17 +1,20 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
[ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-label/nixos"; device = "/dev/disk/by-label/nixos";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = [{ device = "/dev/disk/by-label/swap"; }]; swapDevices = [{device = "/dev/disk/by-label/swap";}];
hardware.cpu.amd.updateMicrocode = hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware; lib.mkDefault config.hardware.enableRedistributableFirmware;

View file

@ -1,16 +1,18 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
config,
lib,
pkgs,
modulesPath,
...
}: {
boot = { boot = {
initrd = { initrd = {
availableKernelModules = availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
[ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; luks.devices."enc".device = "/dev/disk/by-uuid/1f1e51d6-3084-4f4d-9b4b-6caa0352f542";
luks.devices."enc".device =
"/dev/disk/by-uuid/1f1e51d6-3084-4f4d-9b4b-6caa0352f542";
}; };
kernelModules = [ "kvm-intel" "acpi-call" ]; kernelModules = ["kvm-intel" "acpi-call"];
#blacklistedKernelModules = [ "nvidia" ]; #blacklistedKernelModules = [ "nvidia" ];
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = ["btrfs"];
}; };
powerManagement = { powerManagement = {
@ -61,10 +63,10 @@
}; };
services.blueman.enable = true; services.blueman.enable = true;
services.xserver.videoDrivers = lib.mkForce [ "nvidia" ]; services.xserver.videoDrivers = lib.mkForce ["nvidia"];
nixpkgs.config.packageOverrides = pkgs: { nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
@ -74,7 +76,7 @@
"/" = { "/" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ]; options = ["subvol=root" "compress=zstd"];
}; };
"/boot" = { "/boot" = {
@ -85,29 +87,28 @@
"/home" = { "/home" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ]; options = ["subvol=home" "compress=zstd"];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ]; options = ["subvol=nix" "compress=zstd"];
}; };
"/persist" = { "/persist" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" ]; options = ["subvol=persist" "compress=zstd"];
}; };
"/var/log" = { "/var/log" = {
device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d"; device = "/dev/disk/by-uuid/d9fd201a-f9f5-4d6f-9706-cc698699704d";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ]; options = ["subvol=log" "compress=zstd"];
neededForBoot = true; neededForBoot = true;
}; };
}; };
swapDevices = swapDevices = [{device = "/dev/disk/by-uuid/6948f567-03b3-4a38-b3c4-e05e0bbfbf55";}];
[{ device = "/dev/disk/by-uuid/6948f567-03b3-4a38-b3c4-e05e0bbfbf55"; }];
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.version = 2; boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
@ -11,15 +13,14 @@
users.users = { users.users = {
root = { root = {
hashedPassword = hashedPassword = "$6$Yb1gdlKIpY1hRW1X$uUcNFuNnK2JFFN55Tkc.fPV.4I7RJvIfLEQayVP1utfkmjF0f/EHjtypxq11jR5NUUIJFQLW6ffajjduA2689.";
"$6$Yb1gdlKIpY1hRW1X$uUcNFuNnK2JFFN55Tkc.fPV.4I7RJvIfLEQayVP1utfkmjF0f/EHjtypxq11jR5NUUIJFQLW6ffajjduA2689.";
}; };
}; };
sops.defaultSopsFile = ../secrets/hosts/cornu-aspersum/secrets.yaml; sops.defaultSopsFile = ../secrets/hosts/cornu-aspersum/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.secrets.gladosEnv = { }; sops.secrets.gladosEnv = {};
services.glados = { services.glados = {
enable = true; enable = true;
dataCollector.enable = true; dataCollector.enable = true;
@ -32,8 +33,7 @@
# Run radicale with infcloud interface for me and Marie # Run radicale with infcloud interface for me and Marie
services.radicaleWithInfcloud.enable = true; services.radicaleWithInfcloud.enable = true;
systemd.services.glados.serviceConfig.SupplementaryGroups = systemd.services.glados.serviceConfig.SupplementaryGroups = [config.users.groups.keys.name];
[ config.users.groups.keys.name ];
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
@ -41,7 +41,7 @@
services.nginx.virtualHosts."img.tammena.rocks" = { services.nginx.virtualHosts."img.tammena.rocks" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { proxyPass = "http://elysia-clarki:2342/"; }; locations."/" = {proxyPass = "http://elysia-clarki:2342/";};
}; };
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
@ -51,6 +51,4 @@
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment? system.stateVersion = "21.05"; # Did you read the comment?
} }

View file

@ -1,9 +1,12 @@
{ config, pkgs, lib, ... }:
{ {
config,
pkgs,
lib,
...
}: {
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = ["zfs"];
networking.hostName = "elysia-clarki"; networking.hostName = "elysia-clarki";
networking.interfaces.eno1.useDHCP = true; networking.interfaces.eno1.useDHCP = true;
@ -16,7 +19,7 @@
dockerCompat = true; dockerCompat = true;
dockerSocket.enable = true; dockerSocket.enable = true;
defaultNetwork.dnsname.enable = true; defaultNetwork.dnsname.enable = true;
extraPackages = with pkgs; [ zfs ]; extraPackages = with pkgs; [zfs];
}; };
oci-containers.backend = "podman"; oci-containers.backend = "podman";
# Override storage driver # Override storage driver
@ -35,7 +38,7 @@
rootDir = "/srv/hnd/photoprism"; rootDir = "/srv/hnd/photoprism";
environmentFile = config.sops.secrets."photoprism-env".path; environmentFile = config.sops.secrets."photoprism-env".path;
}; };
sops.secrets."photoprism-env" = { }; sops.secrets."photoprism-env" = {};
services.resticConfigured = { services.resticConfigured = {
enable = true; enable = true;
@ -46,7 +49,7 @@
services.fwupd.enable = true; services.fwupd.enable = true;
sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml; sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions

View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
let pkgs,
lib,
...
}: let
pamLogin = '' pamLogin = ''
# Account management. # Account management.
account required pam_unix.so account required pam_unix.so
@ -18,7 +21,6 @@ let
session required ${pkgs.linux-pam}/lib/security/pam_lastlog.so silent session required ${pkgs.linux-pam}/lib/security/pam_lastlog.so silent
session optional ${pkgs.systemd}/lib/security/pam_systemd.so session optional ${pkgs.systemd}/lib/security/pam_systemd.so
''; '';
in { in {
boot = { boot = {
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
@ -33,7 +35,7 @@ in {
networkmanager.enable = true; networkmanager.enable = true;
}; };
system.fsPackages = [ pkgs.sshfs ]; system.fsPackages = [pkgs.sshfs];
# Pipewire for my wayland # Pipewire for my wayland
sound.enable = false; sound.enable = false;
@ -50,26 +52,29 @@ in {
"channelmix.lfe-cutoff" = 150; "channelmix.lfe-cutoff" = 150;
}; };
config.pipewire = { "default.clock.allowed-rates" = [ 48000 44100 ]; }; config.pipewire = {"default.clock.allowed-rates" = [48000 44100];};
media-session.config.alsa-monitor = { media-session.config.alsa-monitor = {
rules = [{ rules = [
matches = [{ {
"node.name" = matches = [
"alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0"; {
}]; "node.name" = "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0";
}
];
actions = { actions = {
update-props = { update-props = {
#"audio.rate" = 96000; #"audio.rate" = 96000;
"api.alsa.headroom" = 1024; "api.alsa.headroom" = 1024;
}; };
}; };
}]; }
];
}; };
}; };
xdg.portal = { xdg.portal = {
enable = true; enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk ]; extraPortals = [pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk];
gtkUsePortal = true; gtkUsePortal = true;
}; };
@ -110,42 +115,16 @@ in {
}; };
services.fprintd.enable = true; services.fprintd.enable = true;
users = { users.mutableUsers = false;
# I like my users unmutable users.custom.malte.enable = true;
mutableUsers = false;
# Myself
users.malte = {
description = "Malte Tammena";
hashedPassword =
"$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"kvm"
"libvirtd"
"podman"
"scanner"
config.users.groups.keys.name
];
# Yes, use the best, please
shell = pkgs.fish;
};
};
home-manager.users.malte.imports = [ ../users/malte/home.nix ];
programs.fish.enable = true;
# Use some fonts # Use some fonts
fonts = { fonts = {
enableDefaultFonts = true; enableDefaultFonts = true;
fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ]; fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels];
fontconfig = { fontconfig = {
enable = true; enable = true;
defaultFonts.monospace = [ "FiraCode Nerd Font" ]; defaultFonts.monospace = ["FiraCode Nerd Font"];
}; };
}; };
@ -170,15 +149,12 @@ in {
programs.steam.enable = true; programs.steam.enable = true;
nixpkgs.config.packageOverrides = pkgs: { nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override { steam = pkgs.steam.override {extraPkgs = pkgs: [pkgs.openssl];};
extraPkgs = pkgs: [ pkgs.openssl ];
#nativeOnly = true;
};
}; };
programs.sway.enable = true; programs.sway.enable = true;
services.dbus.packages = [ pkgs.dconf ]; services.dbus.packages = [pkgs.dconf];
services.udev.packages = with pkgs; [ yubikey-personalization chrysalis ]; services.udev.packages = with pkgs; [yubikey-personalization chrysalis];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
thunderbolt thunderbolt
@ -191,19 +167,7 @@ in {
services.devmon.enable = true; services.devmon.enable = true;
sops.defaultSopsFile = ../secrets/hosts/helix-texta/secrets.yaml; sops.defaultSopsFile = ../secrets/hosts/helix-texta/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# TODO: Improve this
sops.secrets."restic-backup-malte" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
key = "restic-backup";
};
sops.secrets."radicale-password" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
};
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
@ -213,4 +177,3 @@ in {
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment? system.stateVersion = "20.09"; # Did you read the comment?
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader = { boot.loader = {
systemd-boot.enable = true; systemd-boot.enable = true;
@ -12,7 +14,7 @@
networkmanager.enable = true; networkmanager.enable = true;
}; };
system.fsPackages = [ pkgs.sshfs ]; system.fsPackages = [pkgs.sshfs];
sound.enable = true; sound.enable = true;
security.rtkit.enable = true; security.rtkit.enable = true;
@ -28,27 +30,30 @@
"channelmix.lfe-cutoff" = 150; "channelmix.lfe-cutoff" = 150;
}; };
config.pipewire."default.clock.allowed-rates" = [ 48000 44100 ]; config.pipewire."default.clock.allowed-rates" = [48000 44100];
media-session.config.alsa-monitor = { media-session.config.alsa-monitor = {
rules = [{ rules = [
matches = [{ {
"node.name" = matches = [
"alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0"; {
}]; "node.name" = "alsa_output.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-output-0";
}
];
actions = { actions = {
update-props = { update-props = {
#"audio.rate" = 96000; #"audio.rate" = 96000;
"api.alsa.headroom" = 1024; "api.alsa.headroom" = 1024;
}; };
}; };
}]; }
];
}; };
}; };
xdg.portal = { xdg.portal = {
enable = true; enable = true;
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ]; extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-wlr];
gtkUsePortal = true; gtkUsePortal = true;
}; };
@ -57,65 +62,21 @@
enable = true; enable = true;
driSupport = true; driSupport = true;
driSupport32Bit = true; driSupport32Bit = true;
extraPackages = with pkgs; [ amdvlk ]; extraPackages = with pkgs; [amdvlk];
extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; extraPackages32 = with pkgs; [driversi686Linux.amdvlk];
}; };
}; };
# Define a user account. Don't forget to set a password with passwd. users.mutableUsers = false;
users = { users.custom.marie.enable = true;
# I like my users unmutable users.custom.malte.enable = true;
mutableUsers = false;
# Myself
users.malte = {
description = "Malte Tammena";
hashedPassword =
"$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"kvm"
"libvirtd"
"podman"
"corectrl"
"scanner"
config.users.groups.keys.name
];
# Yes, use the best, please
shell = pkgs.fish;
};
users.marie = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"scanner"
config.users.groups.keys.name
];
hashedPassword =
"$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0";
# This is really just for my comfort
shell = pkgs.fish;
};
};
home-manager.users.malte.imports = [ ../users/malte/home.nix ];
home-manager.users.marie.imports = [ ../users/marie/home.nix ];
programs.fish.enable = true;
fonts = { fonts = {
enableDefaultFonts = true; enableDefaultFonts = true;
fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ]; fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels];
fontconfig = { fontconfig = {
enable = true; enable = true;
defaultFonts.monospace = [ "FiraCode Nerd Font" ]; defaultFonts.monospace = ["FiraCode Nerd Font"];
}; };
}; };
@ -129,20 +90,9 @@
security.pam = { security.pam = {
yubico = { yubico = {
enable = true; enable = true;
#id = "ccccccvblrrf";
mode = "challenge-response"; mode = "challenge-response";
control = "sufficient"; control = "sufficient";
}; };
#services.login = {
#name = "login";
## Fix when https://github.com/NixOS/nixpkgs/pull/105319 lands..
#text = pamLogin;
#};
#services.swaylock = {
# name = "swaylock";
# fprintAuth = true;
# unixAuth = true;
#};
}; };
services.udev.customRules = [ services.udev.customRules = [
@ -176,7 +126,7 @@
programs.steam.enable = true; programs.steam.enable = true;
programs.corectrl.enable = true; programs.corectrl.enable = true;
services.dbus.packages = with pkgs; [ dconf openrgb ]; services.dbus.packages = with pkgs; [dconf openrgb];
services.udev.packages = with pkgs; [ services.udev.packages = with pkgs; [
yubikey-personalization yubikey-personalization
chrysalis chrysalis
@ -190,25 +140,7 @@
programs.sway.enable = true; programs.sway.enable = true;
sops.defaultSopsFile = ../secrets/hosts/murex-pecten/secrets.yaml; sops.defaultSopsFile = ../secrets/hosts/murex-pecten/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# TODO: Improve this
sops.secrets."restic-backup-malte" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
key = "restic-backup";
};
sops.secrets."restic-backup-marie" = {
sopsFile = ../secrets/users/marie/secrets.yaml;
owner = "marie";
mode = "0400";
key = "restic-backup";
};
sops.secrets."radicale-password" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
qt5.qtwayland qt5.qtwayland
@ -232,6 +164,4 @@
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -41,33 +43,17 @@
users = { users = {
mutableUsers = false; mutableUsers = false;
custom.marie.enable = true;
users.marie = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"scanner"
config.users.groups.keys.name
];
hashedPassword =
"$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0";
# This is really just for my comfort
shell = pkgs.fish;
}; };
};
home-manager.users.marie.imports = [ ../users/marie/home.nix ];
fonts = { fonts = {
enableDefaultFonts = true; enableDefaultFonts = true;
fonts = with pkgs; [ firaCodeNerd noto-fonts noto-fonts-cjk joypixels ]; fonts = with pkgs; [firaCodeNerd noto-fonts noto-fonts-cjk joypixels];
fontconfig = { enable = true; }; fontconfig = {enable = true;};
}; };
sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml; sops.defaultSopsFile = ../secrets/hosts/elysia-clarki/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# TODO: Improve this # TODO: Improve this
sops.secrets."restic-backup-marie" = { sops.secrets."restic-backup-marie" = {
sopsFile = ../secrets/users/marie/secrets.yaml; sopsFile = ../secrets/users/marie/secrets.yaml;
@ -90,6 +76,4 @@
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
} }

View file

@ -1,21 +1,23 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
ports = { ports = {
tcp = [ 26900 ]; tcp = [26900];
udp = [ 26900 26901 26902 ]; udp = [26900 26901 26902];
}; };
uid = 459; uid = 459;
gid = 459; gid = 459;
cfg = config.services."7-days-to-die"; cfg = config.services."7-days-to-die";
portsTcp = map (port: portsTcp = map (port: let
let portStr = builtins.toString port; portStr = builtins.toString port;
in "${portStr}:${portStr}/tcp"); in "${portStr}:${portStr}/tcp");
portsUdp = map (port: portsUdp = map (port: let
let portStr = builtins.toString port; portStr = builtins.toString port;
in "${portStr}:${portStr}/udp"); in "${portStr}:${portStr}/udp");
in { in {
options.services."7-days-to-die" = with lib; { options.services."7-days-to-die" = with lib; {
enable = mkEnableOption "7 Days to die game server service"; enable = mkEnableOption "7 Days to die game server service";
@ -26,8 +28,7 @@ in {
openFirewall = mkOption { openFirewall = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = description = "Whether to open the firewall for ports ${builtins.toString ports}";
"Whether to open the firewall for ports ${builtins.toString ports}";
}; };
}; };
@ -66,4 +67,3 @@ in {
}; };
}; };
} }

View file

@ -1,9 +1,11 @@
# Settings that most of my hosts can agree on, but # Settings that most of my hosts can agree on, but
# some of these settings are overriden on a per-host basis. # some of these settings are overriden on a per-host basis.
{ pkgs, lib, config, ... }:
{ {
pkgs,
lib,
config,
...
}: {
imports = [ imports = [
./photoprism.nix ./photoprism.nix
./7-days-to-die.nix ./7-days-to-die.nix
@ -12,6 +14,8 @@
./restic.nix ./restic.nix
./wakeup.nix ./wakeup.nix
./hdparm.nix ./hdparm.nix
./malte.nix
./marie.nix
]; ];
options.settings = with lib; { options.settings = with lib; {
@ -32,12 +36,29 @@
hardware.enableAllFirmware = true; hardware.enableAllFirmware = true;
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
# Use some binary caches
nix.settings = {
# add binary caches
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"2a-emulator.cachix.org-1:ijJDEqNsMqhamxxWvqOiaCQNoYhWNw7A+gGICgAH1mE="
"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
];
substituters = [
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
"https://2a-emulator.cachix.org"
"https://colmena.cachix.org"
];
};
# Make sure that I can login over the tailscale infrastructure # Make sure that I can login over the tailscale infrastructure
# while increasing security # while increasing security
# TODO: Restrict openssh interface, move port # TODO: Restrict openssh interface, move port
services.openssh.enable = pkgs.lib.mkDefault true; services.openssh.enable = pkgs.lib.mkDefault true;
users.users.root = { users.users.root = {
openssh.authorizedKeys.keyFiles = [ ../users/malte/yubikey.pub ]; openssh.authorizedKeys.keyFiles = [../users/malte/yubikey.pub];
}; };
# Enable mosh for some SSH superpower # Enable mosh for some SSH superpower
programs.mosh.enable = pkgs.lib.mkDefault true; programs.mosh.enable = pkgs.lib.mkDefault true;
@ -77,7 +98,6 @@
enable = true; enable = true;
interfaceName = "looking-glas"; interfaceName = "looking-glas";
}; };
networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ]; networking.firewall.allowedUDPPorts = [config.services.tailscale.port];
}; };
} }

View file

@ -1,16 +1,17 @@
{ pkgs, config, ... }:
{ {
pkgs,
config,
...
}: {
services.nix-serve = { services.nix-serve = {
enable = true; enable = true;
secretKeyFile = "/var/cache-priv.pem"; secretKeyFile = "/var/cache-priv.pem";
}; };
services.nginx.virtualHosts."cache.home.dyn.tammena.rocks" = { services.nginx.virtualHosts."cache.home.dyn.tammena.rocks" = {
serverAliases = [ "cache.elysia-clarki" ]; serverAliases = ["cache.elysia-clarki"];
locations."/" = { locations."/" = {
proxyPass = proxyPass = "http://localhost:${builtins.toString config.services.nix-serve.port}";
"http://localhost:${builtins.toString config.services.nix-serve.port}";
extraConfig = '' extraConfig = ''
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
user = "ccqcraft"; user = "ccqcraft";
host = "ccqcraft.de"; host = "ccqcraft.de";
path = "~/server/mc/plugins/EasyBackup/backups"; path = "~/server/mc/plugins/EasyBackup/backups";
@ -14,7 +12,6 @@ let
DATE=$(${coreutils}/bin/date +backup_%Y-%m-%d_%H:%M:%S%z.reset) DATE=$(${coreutils}/bin/date +backup_%Y-%m-%d_%H:%M:%S%z.reset)
touch ./''${DATE} touch ./''${DATE}
''; '';
in { in {
systemd.services = { systemd.services = {
ccqcraft-pull-backups = { ccqcraft-pull-backups = {
@ -22,7 +19,7 @@ in {
Description = '' Description = ''
Pull backups from CCQCraft Minecraft Server via rsync Pull backups from CCQCraft Minecraft Server via rsync
''; '';
After = [ "network.target" ]; After = ["network.target"];
}; };
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
@ -39,33 +36,31 @@ in {
Description = '' Description = ''
Restart incremental backups for CCQCraft server Restart incremental backups for CCQCraft server
''; '';
Requires = [ "ccqcraft-pull-backups.service" ]; Requires = ["ccqcraft-pull-backups.service"];
After = [ "network.target" "ccqcraft-pull-backups.service" ]; After = ["network.target" "ccqcraft-pull-backups.service"];
}; };
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
WorkingDirectory = "/srv/hnd/ccqcraft-backups"; WorkingDirectory = "/srv/hnd/ccqcraft-backups";
ExecStart = ExecStart = [''${pkgs.openssh}/bin/ssh "${user}@${host}" rm ${path}/*''];
[ ''${pkgs.openssh}/bin/ssh "${user}@${host}" rm ${path}/*'' ]; ExecStartPost = ["${insertResetNoteCmd}/bin/insert-reset-note"];
ExecStartPost = [ "${insertResetNoteCmd}/bin/insert-reset-note" ];
}; };
}; };
}; };
systemd.timers = { systemd.timers = {
ccqcraft-pull-backups = { ccqcraft-pull-backups = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
unitConfig = { Description = "Run CCQCraft Backups every day"; }; unitConfig = {Description = "Run CCQCraft Backups every day";};
timerConfig = { OnCalendar = fetchTime; }; timerConfig = {OnCalendar = fetchTime;};
}; };
ccqcraft-restart-incremental-backups = { ccqcraft-restart-incremental-backups = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
unitConfig = { unitConfig = {
Description = "Restart CCQCraft incremental backups weekly"; Description = "Restart CCQCraft incremental backups weekly";
}; };
timerConfig = { OnCalendar = clearTime; }; timerConfig = {OnCalendar = clearTime;};
}; };
}; };
} }

View file

@ -1,21 +1,17 @@
{ pkgs, ... }: {pkgs, ...}: let
let
ports = { ports = {
minecraft = 25565; minecraft = 25565;
rcon = 24738; rcon = 24738;
voicechat = 24454; voicechat = 24454;
dynmap = 8123; dynmap = 8123;
}; };
in { in {
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
users.users.ccqcraft = { users.users.ccqcraft = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "docker" ]; extraGroups = ["docker"];
hashedPassword = hashedPassword = "$6$D69mzkGZAitfCQOL$oL/7SmSqGwRhZgyiOEgp6N5NkZ/NpdzggomtPFa4XB33Kb3aZMBiLWQS3VSHZhRo2y9mPgXy3mFPSvtvCzoKz/";
"$6$D69mzkGZAitfCQOL$oL/7SmSqGwRhZgyiOEgp6N5NkZ/NpdzggomtPFa4XB33Kb3aZMBiLWQS3VSHZhRo2y9mPgXy3mFPSvtvCzoKz/";
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -26,7 +22,7 @@ in {
]; ];
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ ports.minecraft ports.rcon ]; allowedTCPPorts = [ports.minecraft ports.rcon];
allowedUDPPorts = [ allowedUDPPorts = [
# Port used for Voicechat plugin # Port used for Voicechat plugin
ports.voicechat ports.voicechat
@ -35,7 +31,7 @@ in {
# Expose dynmap map through nginx # Expose dynmap map through nginx
services.nginx.virtualHosts."map.ccqcraft.de" = { services.nginx.virtualHosts."map.ccqcraft.de" = {
serverAliases = [ "ccqcraft.de" ]; serverAliases = ["ccqcraft.de"];
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
@ -48,5 +44,4 @@ in {
#"proxy_pass_header Authorization;"; #"proxy_pass_header Authorization;";
}; };
}; };
} }

View file

@ -1,7 +1,10 @@
{ pkgs, lib, config, ... }: {
pkgs,
let cfg = config.services.grafanaWithNginx; lib,
config,
...
}: let
cfg = config.services.grafanaWithNginx;
in { in {
options.services."grafanaWithNginx" = with lib; { options.services."grafanaWithNginx" = with lib; {
enable = enable =
@ -20,7 +23,7 @@ in {
services.nginx.virtualHosts.${config.services.grafana.domain} = { services.nginx.virtualHosts.${config.services.grafana.domain} = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
serverAliases = [ "data.tammena.rocks" ]; serverAliases = ["data.tammena.rocks"];
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}"; proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true; proxyWebsockets = true;

View file

@ -1,11 +1,15 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
cfg = config.services.hdparm; cfg = config.services.hdparm;
diskPath = disk: path: diskPath = disk: path:
if path == null then "/dev/disk/by-id/${disk}" else path; if path == null
then "/dev/disk/by-id/${disk}"
else path;
mkService = disk: settings: { mkService = disk: settings: {
name = "hdparm-${disk}"; name = "hdparm-${disk}";
@ -20,20 +24,17 @@ let
diskPath disk settings.path diskPath disk settings.path
} }
''; '';
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
}; };
}; };
in { in {
options.services.hdparm = with lib; options.services.hdparm = with lib;
mkOption { mkOption {
type = types.attrsOf (types.submodule { type = types.attrsOf (types.submodule {
options = { options = {
path = mkOption { path = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
description = description = "Path to the disk. Will assume <name> is the id in `/dev/disk/by-id/` if left null";
"Path to the disk. Will assume <name> is the id in `/dev/disk/by-id/` if left null";
default = null; default = null;
}; };
spinDown5Secs = mkOption { spinDown5Secs = mkOption {
@ -48,7 +49,7 @@ in {
}; };
}; };
}); });
default = { }; default = {};
description = "Settings for HDDs"; description = "Settings for HDDs";
}; };

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
light = "${pkgs.light}/bin/light"; light = "${pkgs.light}/bin/light";
decLight = pkgs.writeScriptBin "decrease-light-smartly" '' decLight = pkgs.writeScriptBin "decrease-light-smartly" ''
#!${pkgs.fish}/bin/fish #!${pkgs.fish}/bin/fish
@ -28,19 +26,19 @@ let
in { in {
programs.light.enable = true; programs.light.enable = true;
environment.systemPackages = [ incLight decLight pkgs.fish ]; environment.systemPackages = [incLight decLight pkgs.fish];
services.actkbd = { services.actkbd = {
enable = true; enable = true;
bindings = [ bindings = [
{ {
keys = [ 225 ]; keys = [225];
events = [ "key" ]; events = ["key"];
command = "${incLight}/bin/increase-light-smartly"; command = "${incLight}/bin/increase-light-smartly";
} }
{ {
keys = [ 224 ]; keys = [224];
events = [ "key" ]; events = ["key"];
command = "${decLight}/bin/decrease-light-smartly"; command = "${decLight}/bin/decrease-light-smartly";
} }
]; ];

View file

@ -1,7 +1,5 @@
{ pkgs, ... }: {pkgs, ...}: let
targetHosts = ["helix-texta" "elysia-clarki"];
let
targetHosts = [ "helix-texta" "elysia-clarki" ];
remote = "https://git.sr.ht/~megamanmalte/nixos"; remote = "https://git.sr.ht/~megamanmalte/nixos";
@ -20,23 +18,21 @@ let
${builtins.concatStringsSep "\n" (map buildForHost targetHosts)} ${builtins.concatStringsSep "\n" (map buildForHost targetHosts)}
rm result rm result
''; '';
in { in {
systemd.services.local-build-service = { systemd.services.local-build-service = {
unitConfig = { unitConfig = {
Description = '' Description = ''
Regularly pull and build various configuration to populate the local store Regularly pull and build various configuration to populate the local store
''; '';
After = [ "network.target" ]; After = ["network.target"];
}; };
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
ExecStart = [ "${build}/bin/build" ]; ExecStart = ["${build}/bin/build"];
RuntimeDirectory = "local-build-service"; RuntimeDirectory = "local-build-service";
CacheDirectory = "local-build-service"; CacheDirectory = "local-build-service";
CacheDirectoryMode = "0777"; CacheDirectoryMode = "0777";
Environment = with pkgs; Environment = with pkgs; "PATH=${git}/bin:${coreutils}/bin:${nixos-rebuild}/bin";
"PATH=${git}/bin:${coreutils}/bin:${nixos-rebuild}/bin";
}; };
}; };
} }

51
modules/malte.nix Normal file
View file

@ -0,0 +1,51 @@
{
pkgs,
lib,
config,
...
}: let
cfg = config.users.custom.malte;
in {
options.users.custom.malte = with lib; {
enable = mkEnableOption "Enable user 'malte' on this machine";
};
config = lib.mkIf cfg.enable {
users.users.malte = {
description = "Malte Tammena";
hashedPassword = "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"kvm"
"libvirtd"
"podman"
"corectrl"
"scanner"
config.users.groups.keys.name
];
# Yes, use the best, please
shell = pkgs.fish;
};
home-manager.users.malte.imports = [../users/malte/home.nix];
programs.fish.enable = true;
sops.secrets = {
"restic-backup-malte" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
key = "restic-backup";
};
"radicale-password" = {
sopsFile = ../secrets/users/malte/secrets.yaml;
owner = "malte";
mode = "0400";
};
};
};
}

39
modules/marie.nix Normal file
View file

@ -0,0 +1,39 @@
{
pkgs,
lib,
config,
...
}: let
cfg = config.users.custom.marie;
in {
options.users.custom.marie = with lib; {
enable = mkEnableOption "Enable user 'marie' on this machine";
};
config = lib.mkIf cfg.enable {
users.users.marie = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"video"
"lp"
"scanner"
config.users.groups.keys.name
];
hashedPassword = "$6$Fo/q41zf1/tI4dgX$.Y1bnBkGjwkRCOM2gg1yZtAjFQadjAVX8Eq8Llw5Y12ENOycBWtNaCVPli2P7gwNpLSg3p80iG.Zy.T1GR0NG0";
# This is really just for my comfort
shell = pkgs.fish;
};
programs.fish.enable = true;
home-manager.users.marie.imports = [../users/marie/home.nix];
sops.secrets."restic-backup-marie" = {
sopsFile = ../secrets/users/marie/secrets.yaml;
owner = "marie";
mode = "0400";
key = "restic-backup";
};
};
}

View file

@ -1,16 +1,12 @@
{ pkgs, ... }: {pkgs, ...}: {
{
security.acme.defaults.email = "malte.tammena@pm.me"; security.acme.defaults.email = "malte.tammena@pm.me";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
networking.firewall.allowedTCPPorts = [ 443 80 ]; networking.firewall.allowedTCPPorts = [443 80];
services.nginx = { services.nginx = {
enable = true; enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
}; };
} }

View file

@ -1,13 +1,15 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
# TODO: Improve with mariadb database # TODO: Improve with mariadb database
let let
port = 2342; port = 2342;
uid = 458; uid = 458;
gid = 458; gid = 458;
cfg = config.services.photoprism; cfg = config.services.photoprism;
in { in {
options.services.photoprism = with lib; { options.services.photoprism = with lib; {
enable = mkEnableOption "Photoprism service"; enable = mkEnableOption "Photoprism service";
@ -21,8 +23,7 @@ in {
}; };
environmentFile = mkOption { environmentFile = mkOption {
type = types.str; type = types.str;
description = description = "Additional environment file. I.e. for specifying PHOTOPRISM_ADMIN_PASSWORD";
"Additional environment file. I.e. for specifying PHOTOPRISM_ADMIN_PASSWORD";
}; };
}; };
@ -38,13 +39,13 @@ in {
}; };
# Open the port in the firewall # Open the port in the firewall
networking.firewall.allowedTCPPorts = [ port ]; networking.firewall.allowedTCPPorts = [port];
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
# Configure the main container # Configure the main container
"photoprism" = { "photoprism" = {
image = "photoprism/photoprism:latest"; image = "photoprism/photoprism:latest";
ports = [ "${builtins.toString port}:2342" ]; ports = ["${builtins.toString port}:2342"];
environment = { environment = {
PHOTOPRISM_UPLOAD_NSFW = "true"; PHOTOPRISM_UPLOAD_NSFW = "true";
PHOTOPRISM_DETECT_NSFW = "true"; PHOTOPRISM_DETECT_NSFW = "true";
@ -56,7 +57,7 @@ in {
PHOTOPRISM_SITE_DESCRIPTION = ""; PHOTOPRISM_SITE_DESCRIPTION = "";
PHOTOPRISM_SITE_AUTHOR = ""; PHOTOPRISM_SITE_AUTHOR = "";
}; };
environmentFiles = [ cfg.environmentFile ]; environmentFiles = [cfg.environmentFile];
volumes = [ volumes = [
"${cfg.rootDir}/storage:/photoprism/storage" "${cfg.rootDir}/storage:/photoprism/storage"
"${cfg.rootDir}/import:/photoprism/import" "${cfg.rootDir}/import:/photoprism/import"

View file

@ -1,6 +1,9 @@
{ config, pkgs, lib, ... }: {
config,
let pkgs,
lib,
...
}: let
internalPort = 5232; internalPort = 5232;
cfg = config.services.radicaleWithInfcloud; cfg = config.services.radicaleWithInfcloud;
lock = builtins.fromJSON (builtins.readFile ../flake.lock); lock = builtins.fromJSON (builtins.readFile ../flake.lock);
@ -16,33 +19,32 @@ let
}; };
# Remove depend on radicale to fix infinite recursion # Remove depend on radicale to fix infinite recursion
# and set some of my own settings # and set some of my own settings
patches = (old.patches or [ ]) ++ [ ../patches/radicale_infcloud.patch ]; patches = (old.patches or []) ++ [../patches/radicale_infcloud.patch];
}); });
overlay = self: super: { overlay = self: super: {
radicale = super.radicale.overrideAttrs (old: { radicale = super.radicale.overrideAttrs (old: {
propagatedBuildInputs = old.propagatedBuildInputs propagatedBuildInputs =
++ [ radicale_infcloud ]; old.propagatedBuildInputs
++ [radicale_infcloud];
}); });
}; };
htpasswd_filename = "/etc/radicale/users"; htpasswd_filename = "/etc/radicale/users";
in { in {
options.services."radicaleWithInfcloud" = with lib; { options.services."radicaleWithInfcloud" = with lib; {
enable = enable =
mkEnableOption "Radicale service with Infcloud frontend and nginx config"; mkEnableOption "Radicale service with Infcloud frontend and nginx config";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
nixpkgs.overlays = [ overlay ]; nixpkgs.overlays = [overlay];
services.radicale = { services.radicale = {
enable = true; enable = true;
settings = { settings = {
server = { server = {
hosts = [ "[::1]:${builtins.toString internalPort}" ]; hosts = ["[::1]:${builtins.toString internalPort}"];
max_connections = 8; max_connections = 8;
max_content_length = 100000000; max_content_length = 100000000;
timeout = 30; timeout = 30;
@ -57,14 +59,13 @@ in {
request = "utf-8"; request = "utf-8";
stock = "utf-8"; stock = "utf-8";
}; };
storage = { filesystem_folder = "/var/lib/radicale/collections"; }; storage = {filesystem_folder = "/var/lib/radicale/collections";};
web = { type = "radicale_infcloud"; }; web = {type = "radicale_infcloud";};
logging = { mask_passwords = true; }; logging = {mask_passwords = true;};
}; };
}; };
# Make sure our service user can access the `htpasswd_filename` file # Make sure our service user can access the `htpasswd_filename` file
systemd.services.radicale.serviceConfig.SupplementaryGroups = systemd.services.radicale.serviceConfig.SupplementaryGroups = [config.users.groups.keys.name];
[ config.users.groups.keys.name ];
sops.secrets."radicale-htpasswd" = { sops.secrets."radicale-htpasswd" = {
owner = config.systemd.services.radicale.serviceConfig.User; owner = config.systemd.services.radicale.serviceConfig.User;

View file

@ -1,9 +1,11 @@
{ pkgs, lib, config, ... }: {
pkgs,
let cfg = config.services.resticConfigured; lib,
config,
...
}: let
cfg = config.services.resticConfigured;
in { in {
options.services.resticConfigured = with lib; { options.services.resticConfigured = with lib; {
enable = mkEnableOption "Configured Restic rest server service"; enable = mkEnableOption "Configured Restic rest server service";
rootDir = mkOption { rootDir = mkOption {
@ -18,28 +20,25 @@ in {
openFirewall = mkOption { openFirewall = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = description = "Whether to open the firewall for port ${builtins.toString cfg.port}";
"Whether to open the firewall for port ${builtins.toString cfg.port}";
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
services.restic.server = { services.restic.server = {
enable = true; enable = true;
dataDir = cfg.rootDir; dataDir = cfg.rootDir;
listenAddress = "0.0.0.0:${builtins.toString cfg.port}"; listenAddress = "0.0.0.0:${builtins.toString cfg.port}";
extraFlags = [ "--no-auth" ]; extraFlags = ["--no-auth"];
}; };
networking.firewall.allowedTCPPorts = networking.firewall.allowedTCPPorts =
lib.mkIf cfg.openFirewall [ cfg.port ]; lib.mkIf cfg.openFirewall [cfg.port];
# TODO: This should be moved # TODO: This should be moved
systemd.services.restic-rest-server.unitConfig = { systemd.services.restic-rest-server.unitConfig = {
Requires = lib.mkForce [ "network.target" "luks-open-HND.service" ]; Requires = lib.mkForce ["network.target" "luks-open-HND.service"];
After = lib.mkForce [ "network.target" "luks-open-HND.service" ]; After = lib.mkForce ["network.target" "luks-open-HND.service"];
}; };
}; };
} }

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
scan = "${pkgs.sane-backends}/bin/scanimage"; scan = "${pkgs.sane-backends}/bin/scanimage";
convert = "${pkgs.imagemagick}/bin/convert"; convert = "${pkgs.imagemagick}/bin/convert";
# TODO: Can I specify this in a better way? # TODO: Can I specify this in a better way?
@ -23,5 +21,5 @@ let
in { in {
hardware.sane.enable = true; hardware.sane.enable = true;
environment.systemPackages = [ scan-a4 ]; environment.systemPackages = [scan-a4];
} }

View file

@ -1,6 +1,9 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
cfg = config.wakeup; cfg = config.wakeup;
createServiceName = dev: "toggle-acpi-${dev}"; createServiceName = dev: "toggle-acpi-${dev}";
@ -10,14 +13,13 @@ let
serviceConfig.ExecStart = '' serviceConfig.ExecStart = ''
/bin/sh -c "${pkgs.coreutils}/bin/echo ${dev} > /proc/acpi/wakeup" /bin/sh -c "${pkgs.coreutils}/bin/echo ${dev} > /proc/acpi/wakeup"
''; '';
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
}; };
in { in {
options.wakeup = with lib; { options.wakeup = with lib; {
toggleDevice = mkOption { toggleDevice = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "ACPI devices to toggle as wakeup devices"; description = "ACPI devices to toggle as wakeup devices";
}; };
}; };
@ -27,6 +29,7 @@ in {
pairs = map (dev: pairs = map (dev:
lib.attrsets.nameValuePair (createServiceName dev) (createService dev)) lib.attrsets.nameValuePair (createServiceName dev) (createService dev))
cfg.toggleDevice; cfg.toggleDevice;
in builtins.listToAttrs pairs; in
builtins.listToAttrs pairs;
}; };
} }

View file

@ -1,11 +1,12 @@
self: super: self: super: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in { in {
cataclysm-dda-git = (super.cataclysm-dda-git.override { cataclysm-dda-git =
(super.cataclysm-dda-git.override {
useXdgDir = true; useXdgDir = true;
version = lock.nodes.cataclysm-dda.locked.rev; version = lock.nodes.cataclysm-dda.locked.rev;
rev = lock.nodes.cataclysm-dda.locked.rev; rev = lock.nodes.cataclysm-dda.locked.rev;
sha256 = lock.nodes.cataclysm-dda.locked.narHash; sha256 = lock.nodes.cataclysm-dda.locked.narHash;
}).overrideAttrs (old: { enableParallelBuilding = true; }); })
.overrideAttrs (old: {enableParallelBuilding = true;});
} }

View file

@ -1,12 +1,10 @@
self: super: self: super: let
font-flags = "-Dawt.useSystemAAFontSettings=lcd -Dswing.aatext=true";
let font-flags = "-Dawt.useSystemAAFontSettings=lcd -Dswing.aatext=true";
in { in {
logisim = super.logisim.overrideAttrs (old: { logisim = super.logisim.overrideAttrs (old: {
pname = "logisim-evolution"; pname = "logisim-evolution";
src = super.fetchurl { src = super.fetchurl {
url = url = "https://mathcs.holycross.edu/~kwalsh/logisim-evolution-4.0.4hc.jar";
"https://mathcs.holycross.edu/~kwalsh/logisim-evolution-4.0.4hc.jar";
sha256 = "0nmvzpdhgfrzx0x6799a1jnsbgipbszd312crf865nzvsi2p046i"; sha256 = "0nmvzpdhgfrzx0x6799a1jnsbgipbszd312crf865nzvsi2p046i";
}; };
installPhase = '' installPhase = ''

View file

@ -1,6 +1,5 @@
self: super: self: super: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in { in {
qmk-udev-rules = super.qmk-udev-rules.overrideAttrs (old: { qmk-udev-rules = super.qmk-udev-rules.overrideAttrs (old: {
version = lock.nodes.qmk-udev-rules.locked.rev; version = lock.nodes.qmk-udev-rules.locked.rev;
@ -12,4 +11,3 @@ in {
}; };
}); });
} }

View file

@ -1,16 +1,18 @@
self: super: self: super: {
sane-backends =
{ (super.sane-backends.override {
sane-backends = (super.sane-backends.override { extraFirmware = [
extraFirmware = [{ {
src = super.fetchurl { src = super.fetchurl {
url = "www.meier-geinitz.de/sane/gt68xx-backend/firmware/sbfw.usb"; url = "www.meier-geinitz.de/sane/gt68xx-backend/firmware/sbfw.usb";
sha256 = "12hnacivpy153alfjyr7k92y90nmb5d7z1ca7aix5w7wi0w4jdjv"; sha256 = "12hnacivpy153alfjyr7k92y90nmb5d7z1ca7aix5w7wi0w4jdjv";
}; };
name = "sbfw.usb"; name = "sbfw.usb";
backend = "gt68xx"; backend = "gt68xx";
}]; }
}).overrideAttrs (old: { ];
patches = (old.patches or [ ]) ++ [ ../patches/gt68xx.conf.patch ]; })
.overrideAttrs (old: {
patches = (old.patches or []) ++ [../patches/gt68xx.conf.patch];
}); });
} }

View file

@ -1,7 +1,11 @@
{ lib, fetchFromGitHub, rustPlatform }: {
lib,
let lock = builtins.fromJSON (builtins.readFile ../flake.lock); fetchFromGitHub,
in rustPlatform.buildRustPackage { rustPlatform,
}: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in
rustPlatform.buildRustPackage {
pname = lock.nodes."2i-emulator".original.repo; pname = lock.nodes."2i-emulator".original.repo;
version = lock.nodes."2i-emulator".locked.rev; version = lock.nodes."2i-emulator".locked.rev;
@ -15,10 +19,9 @@ in rustPlatform.buildRustPackage {
cargoSha256 = "sha256-FUtOLYFPRFkUAXixcUzMfDmKju/GN6r/KQYqKCK8vBk="; cargoSha256 = "sha256-FUtOLYFPRFkUAXixcUzMfDmKju/GN6r/KQYqKCK8vBk=";
meta = with lib; { meta = with lib; {
description = description = "Cli emulator for the micro computer 2i used in the computer science hardware course at Leipzig University";
"Cli emulator for the micro computer 2i used in the computer science hardware course at Leipzig University";
homepage = "https://github.com/klemens/2i-emulator"; homepage = "https://github.com/klemens/2i-emulator";
license = licenses.gpl3; license = licenses.gpl3;
maintainers = [ ]; maintainers = [];
}; };
} }

View file

@ -1,10 +1,16 @@
{ lib, stdenv, fetchFromGitHub, hiDPI ? false }: {
lib,
let stdenv,
fetchFromGitHub,
hiDPI ? false,
}: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock); lock = builtins.fromJSON (builtins.readFile ../flake.lock);
variant = variant =
if hiDPI then "Gruvbox-Material-Dark-HIDPI" else "Gruvbox-Material-Dark"; if hiDPI
in stdenv.mkDerivation rec { then "Gruvbox-Material-Dark-HIDPI"
else "Gruvbox-Material-Dark";
in
stdenv.mkDerivation rec {
pname = lock.nodes.gruvbox-material-gtk.locked.repo; pname = lock.nodes.gruvbox-material-gtk.locked.repo;
version = lock.nodes.gruvbox-material-gtk.locked.rev; version = lock.nodes.gruvbox-material-gtk.locked.rev;
@ -26,7 +32,6 @@ in stdenv.mkDerivation rec {
homepage = "https://github.com/sainnhe/gruvbox-material-gtk"; homepage = "https://github.com/sainnhe/gruvbox-material-gtk";
license = licenses.mit; license = licenses.mit;
platforms = platforms.unix; platforms = platforms.unix;
maintainers = [ ]; maintainers = [];
}; };
} }

View file

@ -1,7 +1,13 @@
{ lib, stdenv, rustPlatform, fetchFromGitHub, pkg-config }: {
lib,
let lock = builtins.fromJSON (builtins.readFile ../flake.lock); stdenv,
in rustPlatform.buildRustPackage rec { rustPlatform,
fetchFromGitHub,
pkg-config,
}: let
lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in
rustPlatform.buildRustPackage rec {
pname = "rip"; pname = "rip";
version = ""; version = "";
@ -14,13 +20,12 @@ in rustPlatform.buildRustPackage rec {
cargoSha256 = "sha256-gzdmDOpWSnX0CVihMf8ODi85P3EFHqdSBVKVQ9FZH7s="; cargoSha256 = "sha256-gzdmDOpWSnX0CVihMf8ODi85P3EFHqdSBVKVQ9FZH7s=";
nativeBuildInputs = [ pkg-config ]; nativeBuildInputs = [pkg-config];
meta = with lib; { meta = with lib; {
description = "A safe and ergonomic alternative to rm"; description = "A safe and ergonomic alternative to rm";
homepage = "https://github.com/nivekuil/rip"; homepage = "https://github.com/nivekuil/rip";
license = with licenses; [ gpl3 ]; license = with licenses; [gpl3];
maintainers = with maintainers; [ ]; maintainers = with maintainers; [];
}; };
} }

View file

@ -1,5 +1,4 @@
{ pkgs, ... }: {pkgs, ...}:
pkgs.writeScriptBin "bemenu-run-configured" '' pkgs.writeScriptBin "bemenu-run-configured" ''
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}

View file

@ -1,13 +1,10 @@
{ pkgs, ... }: {pkgs, ...}: {
{
programs.broot = { programs.broot = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
skin = { skin = {
# TODO: Fix all these colors, make them dependent on config.colors # TODO: Fix all these colors, make them dependent on config.colors
default = default = "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(189, 174, 147) rgb(40, 40, 40)";
"rgb(235, 219, 178) rgb(40, 40, 40) / rgb(189, 174, 147) rgb(40, 40, 40)";
tree = "rgb(168, 153, 132) None / rgb(102, 92, 84) None"; tree = "rgb(168, 153, 132) None / rgb(102, 92, 84) None";
file = "None None / None None Italic"; file = "None None / None None Italic";
directory = "rgb(131, 165, 152) None Bold / rgb(69, 133, 136) None"; directory = "rgb(131, 165, 152) None Bold / rgb(69, 133, 136) None";
@ -59,10 +56,8 @@
help_code = "rgb(142, 192, 124) rgb(50, 48, 47)"; help_code = "rgb(142, 192, 124) rgb(50, 48, 47)";
help_headers = "rgb(254, 128, 25) None Bold"; help_headers = "rgb(254, 128, 25) None Bold";
help_table_border = "rgb(80, 73, 69) None"; help_table_border = "rgb(80, 73, 69) None";
preview = preview = "rgb(235, 219, 178) rgb(40, 40, 40) / rgb(235, 219, 178) rgb(40, 40, 40)";
"rgb(235, 219, 178) rgb(40, 40, 40) / rgb(235, 219, 178) rgb(40, 40, 40)"; preview_line_number = "rgb(124, 111, 100) None / rgb(124, 111, 100) rgb(40, 40, 40)";
preview_line_number =
"rgb(124, 111, 100) None / rgb(124, 111, 100) rgb(40, 40, 40)";
preview_match = "None rgb(80, 73, 69) Bold Underlined"; preview_match = "None rgb(80, 73, 69) Bold Underlined";
hex_null = "rgb(189, 174, 147) None"; hex_null = "rgb(189, 174, 147) None";
hex_ascii_graphic = "rgb(213, 196, 161) None"; hex_ascii_graphic = "rgb(213, 196, 161) None";

View file

@ -1,24 +1,18 @@
{ pkgs, ... }: {pkgs, ...}: let
font = "${pkgs.firaCodeNerd}/share/fonts/truetype/NerdFonts/Fira Code Bold Nerd Font Complete Mono.ttf";
let
font =
"${pkgs.firaCodeNerd}/share/fonts/truetype/NerdFonts/Fira Code Bold Nerd Font Complete Mono.ttf";
# Set SDL_VIDEODRIVER=wayland to run it natively. Currently still needs the patch # Set SDL_VIDEODRIVER=wayland to run it natively. Currently still needs the patch
# in ../patches/cdda-wayland-sdl-fix.patch. # in ../patches/cdda-wayland-sdl-fix.patch.
cataclysm-dda-wayland-sdl = pkgs.symlinkJoin { cataclysm-dda-wayland-sdl = pkgs.symlinkJoin {
name = "cataclysm-tiles"; name = "cataclysm-tiles";
buildInputs = [ pkgs.makeWrapper ]; buildInputs = [pkgs.makeWrapper];
postBuild = '' postBuild = ''
wrapProgram $out/bin/cataclysm-tiles --set SDL_VIDEODRIVER wayland wrapProgram $out/bin/cataclysm-tiles --set SDL_VIDEODRIVER wayland
''; '';
paths = [ pkgs.cataclysm-dda-git ]; paths = [pkgs.cataclysm-dda-git];
}; };
in { in {
home.packages = [cataclysm-dda-wayland-sdl pkgs.firaCodeNerd];
home.packages = [ cataclysm-dda-wayland-sdl pkgs.firaCodeNerd ];
# Configure the fonts being used # Configure the fonts being used
# TODO: Cataclysm replaces this with a file.. # TODO: Cataclysm replaces this with a file..

View file

@ -1,12 +1,12 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
# Create a color from a hexadezimal 6 digit description, like 'FF0000' for pure red # Create a color from a hexadezimal 6 digit description, like 'FF0000' for pure red
# mkcolor :: hex -> Color # mkcolor :: hex -> Color
mkColor = rgb: mkColor = rgb: let
let
# Mapping hex digits to actual numbers # Mapping hex digits to actual numbers
hexDigitMap = { hexDigitMap = {
"0" = 0; "0" = 0;
@ -33,12 +33,12 @@ let
# Convert a hexadezimal string to a number # Convert a hexadezimal string to a number
# hexStringToInt :: string -> int # hexStringToInt :: string -> int
hexStringToInt = string: hexStringToInt = string: let
let
chars = lib.strings.stringToCharacters string; chars = lib.strings.stringToCharacters string;
nums = map hexCharToInt chars; nums = map hexCharToInt chars;
fun = sum: el: sum * 16 + el; fun = sum: el: sum * 16 + el;
in lib.foldl fun 0 nums; in
lib.foldl fun 0 nums;
# Convert a float from [0.0, 1.0] to a hex string from [0, 255] # Convert a float from [0.0, 1.0] to a hex string from [0, 255]
# floatToFF :: float -> string # floatToFF :: float -> string
@ -58,31 +58,31 @@ let
# Create an RGB hex string from red, green, and blue parts # Create an RGB hex string from red, green, and blue parts
# rgbFromParts :: int -> int -> int -> string # rgbFromParts :: int -> int -> int -> string
rgbFromParts = r: g: b: rgbFromParts = r: g: b: let
let
rHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString r); rHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString r);
gHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString g); gHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString g);
bHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString b); bHex = lib.strings.fixedWidthString 2 "0" (lib.toHexString b);
in rHex + gHex + bHex; in
rHex + gHex + bHex;
# Create a Color darker than the color given by the rgb parts. # Create a Color darker than the color given by the rgb parts.
# amount is in range [0.0, 1.0], r,g, and b in range [0, 255] # amount is in range [0.0, 1.0], r,g, and b in range [0, 255]
# darkenColor :: int -> int -> int -> float -> Color # darkenColor :: int -> int -> int -> float -> Color
darkenColor = r: g: b: amount: darkenColor = r: g: b: amount: let
let
r' = builtins.floor ((1.0 - amount) * r); r' = builtins.floor ((1.0 - amount) * r);
g' = builtins.floor ((1.0 - amount) * g); g' = builtins.floor ((1.0 - amount) * g);
b' = builtins.floor ((1.0 - amount) * b); b' = builtins.floor ((1.0 - amount) * b);
in mkColor (rgbFromParts r' g' b'); in
mkColor (rgbFromParts r' g' b');
# Create a Color lighter than the color given by the rgb parts. See darkenColor. # Create a Color lighter than the color given by the rgb parts. See darkenColor.
# darkenColor :: int -> int -> int -> float -> Color # darkenColor :: int -> int -> int -> float -> Color
lightenColor = r: g: b: amount: lightenColor = r: g: b: amount: let
let
r' = lib.min (builtins.floor ((1.0 + amount) * r)) 255; r' = lib.min (builtins.floor ((1.0 + amount) * r)) 255;
g' = lib.min (builtins.floor ((1.0 + amount) * g)) 255; g' = lib.min (builtins.floor ((1.0 + amount) * g)) 255;
b' = lib.min (builtins.floor ((1.0 + amount) * b)) 255; b' = lib.min (builtins.floor ((1.0 + amount) * b)) 255;
in mkColor (rgbFromParts r' g' b'); in
mkColor (rgbFromParts r' g' b');
in { in {
inherit rgb red green blue; inherit rgb red green blue;
# e.g. "#FF0000" # e.g. "#FF0000"
@ -100,12 +100,12 @@ let
}; };
in { in {
options.colorDef = lib.mkOption { options.colorDef = lib.mkOption {
default = { }; default = {};
type = with lib.types; attrsOf (uniq (strMatching "[0-9A-F]{6}")); type = with lib.types; attrsOf (uniq (strMatching "[0-9A-F]{6}"));
}; };
options.colors = lib.mkOption { options.colors = lib.mkOption {
default = { }; default = {};
type = with lib.types; attrsOf (uniq anything); type = with lib.types; attrsOf (uniq anything);
}; };

View file

@ -1,6 +1,5 @@
{ ... }: {...}: let
conf = import ./conf.nix;
let conf = import ./conf.nix;
in { in {
programs.git = { programs.git = {
enable = true; enable = true;
@ -8,11 +7,11 @@ in {
userName = "Malte Tammena"; userName = "Malte Tammena";
signing.key = "BCE9E4BF632E7CED"; signing.key = "BCE9E4BF632E7CED";
includes = [{ contents = { diff.colorMoved = "default"; }; }]; includes = [{contents = {diff.colorMoved = "default";};}];
extraConfig = { extraConfig = {
pull = { rebase = true; }; pull = {rebase = true;};
init = { defaultBranch = "main"; }; init = {defaultBranch = "main";};
}; };
delta = { delta = {

View file

@ -1,16 +1,15 @@
{ pkgs, ... }: {pkgs, ...}: let
conf = import ./conf.nix;
let conf = import ./conf.nix;
in { in {
home.packages = with pkgs; [ yubikey-personalization ]; home.packages = with pkgs; [yubikey-personalization];
programs.gpg = { enable = true; }; programs.gpg = {enable = true;};
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableScDaemon = true; enableScDaemon = true;
enableSshSupport = true; enableSshSupport = true;
sshKeys = [ conf.gpg.grip ]; sshKeys = [conf.gpg.grip];
pinentryFlavor = "qt"; pinentryFlavor = "qt";
}; };
} }

View file

@ -1,7 +1,10 @@
{ pkgs, lib, nixosConfig, ... }: {
pkgs,
let hiDPI = nixosConfig.hardware.video.hidpi.enable; lib,
nixosConfig,
...
}: let
hiDPI = nixosConfig.hardware.video.hidpi.enable;
in rec { in rec {
home.packages = with pkgs; [ home.packages = with pkgs; [
numix-cursor-theme numix-cursor-theme
@ -12,7 +15,7 @@ in rec {
enable = true; enable = true;
theme = { theme = {
package = package =
pkgs.callPackage ../../pkgs/gruvbox-material-gtk.nix { inherit hiDPI; }; pkgs.callPackage ../../pkgs/gruvbox-material-gtk.nix {inherit hiDPI;};
name = "gruvbox-material"; name = "gruvbox-material";
}; };
iconTheme = { iconTheme = {
@ -21,16 +24,17 @@ in rec {
}; };
gtk2 = { gtk2 = {
extraConfig = '' extraConfig =
''
gtk-cursor-theme-name = "Numix-Cursor-Light" gtk-cursor-theme-name = "Numix-Cursor-Light"
'' + (lib.optionalString hiDPI '' ''
+ (lib.optionalString hiDPI ''
gtk-cursor-theme-size = 48 gtk-cursor-theme-size = 48
''); '');
}; };
gtk3 = { gtk3 = {
bookmarks = [ bookmarks = [
]; ];
extraConfig = { extraConfig = {
gtk-cursor-theme-name = "Numix-Cursor-Light"; gtk-cursor-theme-name = "Numix-Cursor-Light";

View file

@ -1,14 +1,17 @@
{ pkgs, lib, config, nixosConfig, ... }: {
pkgs,
let lib,
config,
nixosConfig,
...
}: let
script = name: path: pkgs.writeScriptBin name (builtins.readFile path); script = name: path: pkgs.writeScriptBin name (builtins.readFile path);
wrap = name: pkg: postBuild: wrap = name: pkg: postBuild:
pkgs.symlinkJoin { pkgs.symlinkJoin {
inherit name postBuild; inherit name postBuild;
paths = [ pkg ]; paths = [pkg];
buildInputs = [ pkgs.makeWrapper ]; buildInputs = [pkgs.makeWrapper];
}; };
fixGdk = name: pkg: fixGdk = name: pkg:
@ -34,11 +37,9 @@ let
# Provides libXss.1 # Provides libXss.1
xorg.libXScrnSaver xorg.libXScrnSaver
]; ];
extraPkgs = pkgs: with pkgs; [ ]; extraPkgs = pkgs: with pkgs; [];
}; };
in { in {
imports = [ imports = [
./git.nix ./git.nix
./shell.nix ./shell.nix
@ -59,18 +60,18 @@ in {
]; ];
config = { config = {
settings.sway.enable = true; settings.sway.enable = true;
home = { home = {
packages = with pkgs; [ packages = with pkgs; [
aseprite aseprite
alejandra
element-desktop # FIXME: Once it works again? (fixElectron "element-desktop" element-desktop) element-desktop # FIXME: Once it works again? (fixElectron "element-desktop" element-desktop)
signal-desktop # FIXME: Once it works again? (fixElectron "signal-desktop" signal-desktop) signal-desktop # FIXME: Once it works again? (fixElectron "signal-desktop" signal-desktop)
(fixGdk "Discord" discord) (fixGdk "Discord" discord)
(fixGdk "losslesscut" losslesscut-bin) (fixGdk "losslesscut" losslesscut-bin)
(fixGdk "skypeforlinux" skypeforlinux) (fixGdk "skypeforlinux" skypeforlinux)
(pkgs.callPackage ../../pkgs/2i-emulator.nix { }) (pkgs.callPackage ../../pkgs/2i-emulator.nix {})
(fenix.latest.withComponents [ (fenix.latest.withComponents [
"cargo" "cargo"
"clippy" "clippy"
@ -85,6 +86,7 @@ in {
cargo-readme cargo-readme
cargo-edit cargo-edit
cargo-udeps cargo-udeps
colmena
feh feh
geekbench geekbench
gimp gimp
@ -101,7 +103,6 @@ in {
lutrisWithLibs lutrisWithLibs
mensa mensa
mosh mosh
nixfmt
patchelf patchelf
pavucontrol pavucontrol
pdftk pdftk
@ -137,7 +138,7 @@ in {
keyboard = { keyboard = {
layout = "us,us"; layout = "us,us";
variant = ",workman"; variant = ",workman";
options = [ "compose:rctrl" "grp:alt_space_toggle" "grp_led:caps" ]; options = ["compose:rctrl" "grp:alt_space_toggle" "grp_led:caps"];
}; };
# Use some german units and formats but with the english language! # Use some german units and formats but with the english language!
@ -151,7 +152,6 @@ in {
telephone = "de_DE.UTF-8"; telephone = "de_DE.UTF-8";
time = "de_DE.UTF-8"; time = "de_DE.UTF-8";
}; };
}; };
# Make sure firefox is my default browser # Make sure firefox is my default browser

View file

@ -1,27 +1,37 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
# Configuration for kakoune plugins # Configuration for kakoune plugins
pluginConfigs = with pkgs.kakounePlugins; [ pluginConfigs = with pkgs.kakounePlugins; [
{ # FZF for kakoune {
# FZF for kakoune
pkg = fzf-kak; pkg = fzf-kak;
mappings = [{ mappings = [
{
docstring = "FZF mode"; docstring = "FZF mode";
mode = "user"; mode = "user";
key = "f"; key = "f";
effect = ":fzf-mode<ret>"; effect = ":fzf-mode<ret>";
}]; }
hooks = [{ # Change fzf settings before first use ];
hooks = [
{
# Change fzf settings before first use
name = "ModuleLoaded"; name = "ModuleLoaded";
option = "fzf-file"; option = "fzf-file";
commands = '' commands = ''
set-option global fzf_file_command "fd" set-option global fzf_file_command "fd"
set-option global fzf_highlight_command "bat" set-option global fzf_highlight_command "bat"
''; '';
}]; }
];
} }
{ # Languange Server Config {
# Languange Server Config
pkg = kak-lsp; pkg = kak-lsp;
config = '' config = ''
eval %sh{kak-lsp --kakoune -s $kak_session} eval %sh{kak-lsp --kakoune -s $kak_session}
@ -35,27 +45,35 @@ let
} }
} }
''; '';
mappings = [{ # Enter LSP Usermode mappings = [
{
# Enter LSP Usermode
docstring = "LSP mode"; docstring = "LSP mode";
mode = "user"; mode = "user";
key = "l"; key = "l";
effect = ":enter-user-mode lsp<ret>"; effect = ":enter-user-mode lsp<ret>";
}]; }
hooks = [{ # Start kak-lsp for specific windows ];
hooks = [
{
# Start kak-lsp for specific windows
name = "WinSetOption"; name = "WinSetOption";
commands = "lsp-enable-window"; commands = "lsp-enable-window";
option = "filetype=(rust|nix|python|latex|typescript|javascript)"; option = "filetype=(rust|nix|python|latex|typescript|javascript)";
}];
} }
];
}
]; ];
additionalMappings = [{ # Switch to last buffer additionalMappings = [
{
# Switch to last buffer
docstring = "Previous buffer"; docstring = "Previous buffer";
mode = "user"; mode = "user";
key = ","; key = ",";
effect = ":buffer-previous<ret>"; effect = ":buffer-previous<ret>";
}]; }
];
additionalConfig = '' additionalConfig = ''
add-highlighter global/ number-lines -relative add-highlighter global/ number-lines -relative
@ -69,10 +87,8 @@ let
''; '';
selectOr = attr: default: map (conf: conf.${attr} or default) pluginConfigs; selectOr = attr: default: map (conf: conf.${attr} or default) pluginConfigs;
selectList = attr: lib.flatten (selectOr attr [ ]); selectList = attr: lib.flatten (selectOr attr []);
in { in {
programs.kakoune = { programs.kakoune = {
enable = true; enable = true;

View file

@ -1,17 +1,13 @@
{ pkgs, ... }: {pkgs, ...}: let
let
notify = profile: '' notify = profile: ''
${pkgs.libnotify}/bin/notify-send -t 10000 -a 'Kanshi' '${profile}' 'Profile activated' ${pkgs.libnotify}/bin/notify-send -t 10000 -a 'Kanshi' '${profile}' 'Profile activated'
''; '';
in { in {
services.kanshi = { services.kanshi = {
enable = true; enable = true;
profiles = { profiles = {
undocked = { undocked = {
outputs = [{ criteria = "eDP-1"; }]; outputs = [{criteria = "eDP-1";}];
exec = notify "Undocked"; exec = notify "Undocked";
}; };
docked = { docked = {

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
programs.kitty = { programs.kitty = {
enable = true; enable = true;

View file

@ -1,13 +1,15 @@
{ pkgs, config, ... }: {
pkgs,
let config,
...
}: let
col = config.colors; col = config.colors;
format = { bg, fg }: format = {
'' bg,
fg,
}: ''
<span background="${bg.hashRgb}" foreground="${fg.hashRgb}"><b> %s </b></span> %b''; <span background="${bg.hashRgb}" foreground="${fg.hashRgb}"><b> %s </b></span> %b'';
in { in {
programs.mako = { programs.mako = {
enable = true; enable = true;
anchor = "top-right"; anchor = "top-right";
@ -66,8 +68,8 @@ in {
ExecReload = "${pkgs.mako}/bin/makoctl reload"; ExecReload = "${pkgs.mako}/bin/makoctl reload";
Restart = "always"; Restart = "always";
}; };
Install = { WantedBy = [ "graphical-session.target" ]; }; Install = {WantedBy = ["graphical-session.target"];};
}; };
home.packages = [ pkgs.firaCodeNerd ]; home.packages = [pkgs.firaCodeNerd];
} }

View file

@ -1,6 +1,9 @@
{ pkgs, config, ... }: {
pkgs,
let col = config.colors; config,
...
}: let
col = config.colors;
in { in {
programs.mpv = { programs.mpv = {
enable = true; enable = true;

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
sed = "${pkgs.gnused}/bin/sed"; sed = "${pkgs.gnused}/bin/sed";
pass = "${pkgs.pass}/bin/pass"; pass = "${pkgs.pass}/bin/pass";
wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy"; wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy";
@ -43,8 +41,8 @@ let
in { in {
programs.password-store = { programs.password-store = {
enable = true; enable = true;
settings = { PASSWORD_STORE_KEY = "BCE9E4BF632E7CED"; }; settings = {PASSWORD_STORE_KEY = "BCE9E4BF632E7CED";};
}; };
home.packages = [ passmenu-bemenu pkgs.firaCodeNerd ]; home.packages = [passmenu-bemenu pkgs.firaCodeNerd];
} }

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: {
{
qt = { qt = {
enable = true; enable = true;
platformTheme = "gtk"; platformTheme = "gtk";

View file

@ -1,18 +1,20 @@
{ pkgs, ... }: {pkgs, ...}: let
let
pipewire = "pipewire.service"; pipewire = "pipewire.service";
device = "dev-scarlett_solo.device"; device = "dev-scarlett_solo.device";
alsa-input = alsa-input = "alsa_input.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-input-0";
"alsa_input.usb-Focusrite_Scarlett_Solo_USB_Y7ENM550A6399B-00.pro-input-0";
channelMapService = { dev, name, desc, from, to }: { channelMapService = {
dev,
name,
desc,
from,
to,
}: {
Unit = { Unit = {
Description = desc; Description = desc;
Requires = pipewire; Requires = pipewire;
BindsTo = device; BindsTo = device;
After = [ pipewire device ]; After = [pipewire device];
}; };
Service = { Service = {
Type = "simple"; Type = "simple";
@ -27,11 +29,9 @@ let
-C ${alsa-input} -C ${alsa-input}
''; '';
}; };
Install.WantedBy = [ "default.target" device ]; Install.WantedBy = ["default.target" device];
}; };
in { in {
systemd.user.services = { systemd.user.services = {
scarlett-voice = channelMapService { scarlett-voice = channelMapService {
dev = "scarlett-voice"; dev = "scarlett-voice";
@ -55,5 +55,4 @@ in {
to = "MONO"; to = "MONO";
}; };
}; };
} }

View file

@ -1,8 +1,6 @@
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
(pkgs.callPackage ../../pkgs/rip.nix { }) (pkgs.callPackage ../../pkgs/rip.nix {})
bottom bottom
fd fd
fishPlugins.done fishPlugins.done
@ -58,8 +56,7 @@
zat = "zathura --fork"; zat = "zathura --fork";
discord-hack = discord-hack = "NIXPKGS_ALLOW_UNFREE=1 nix run 'github:NixOS/nixpkgs?ref=master#discord' --impure";
"NIXPKGS_ALLOW_UNFREE=1 nix run 'github:NixOS/nixpkgs?ref=master#discord' --impure";
}; };
shellAliases = { shellAliases = {
kal = "khal list (date '+%d.%m.%Y') (date --date='+1week' '+%d.%m.%Y')"; kal = "khal list (date '+%d.%m.%Y') (date --date='+1week' '+%d.%m.%Y')";
@ -121,6 +118,6 @@
programs.bat = { programs.bat = {
enable = true; enable = true;
config = { theme = "gruvbox-dark"; }; config = {theme = "gruvbox-dark";};
}; };
} }

View file

@ -1,7 +1,10 @@
{ pkgs, config, lib, nixosConfig, ... }: {
pkgs,
let config,
lib,
nixosConfig,
...
}: let
col = config.colors; col = config.colors;
backgrounds = pkgs.fetchFromGitHub { backgrounds = pkgs.fetchFromGitHub {
@ -17,22 +20,18 @@ let
wf-recorder = "${pkgs.wf-recorder}/bin/wf-recorder"; wf-recorder = "${pkgs.wf-recorder}/bin/wf-recorder";
slurp = "${pkgs.slurp}/bin/slurp -db '#000000AA' -c '#EBDBB2' -w1"; slurp = "${pkgs.slurp}/bin/slurp -db '#000000AA' -c '#EBDBB2' -w1";
fuser = "${pkgs.psmisc}/bin/fuser"; fuser = "${pkgs.psmisc}/bin/fuser";
alsa_rec = alsa_rec = "alsa_output.pci-0000_00_1f.3-platform-skl_hda_dsp_generic.HiFi__hw_sofhdadsp__sink.monitor";
"alsa_output.pci-0000_00_1f.3-platform-skl_hda_dsp_generic.HiFi__hw_sofhdadsp__sink.monitor";
screenshot-path = "/home/malte/Pictures/screenshots/screenshot.png"; screenshot-path = "/home/malte/Pictures/screenshots/screenshot.png";
screenshot-all = screenshot-all = "${grim} ${screenshot-path} && ${wl-copy} < ${screenshot-path}";
"${grim} ${screenshot-path} && ${wl-copy} < ${screenshot-path}";
screenshot-region = '' screenshot-region = ''
${grim} -g "$(${slurp})" ${screenshot-path} && ${wl-copy} < ${screenshot-path}''; ${grim} -g "$(${slurp})" ${screenshot-path} && ${wl-copy} < ${screenshot-path}'';
screencast-path = "/home/malte/Videos/screencasts/screencast.mp4"; screencast-path = "/home/malte/Videos/screencasts/screencast.mp4";
screencast-all = screencast-all = ''${wf-recorder} --audio="${alsa_rec}" -f ${screencast-path}'';
''${wf-recorder} --audio="${alsa_rec}" -f ${screencast-path}'';
screencast-region = '' screencast-region = ''
${wf-recorder} --audio="${alsa_rec}" -g "$$(${slurp})" -f ${screencast-path}''; ${wf-recorder} --audio="${alsa_rec}" -g "$$(${slurp})" -f ${screencast-path}'';
screencast-stop = screencast-stop = "killall -s SIGINT wf-recorder && ${wl-copy} < ${screencast-path}";
"killall -s SIGINT wf-recorder && ${wl-copy} < ${screencast-path}";
swaylockConfig = '' swaylockConfig = ''
screenshots screenshots
@ -79,17 +78,14 @@ let
cfg = config.settings.sway; cfg = config.settings.sway;
nvidiaUsed = nixosConfig.settings.nvidiaUsed; nvidiaUsed = nixosConfig.settings.nvidiaUsed;
hiDPI = nixosConfig.hardware.video.hidpi.enable; hiDPI = nixosConfig.hardware.video.hidpi.enable;
in { in {
imports = imports = [./waybar.nix ./gtk.nix ./qt.nix ./pass.nix ./mako.nix ./kanshi.nix];
[ ./waybar.nix ./gtk.nix ./qt.nix ./pass.nix ./mako.nix ./kanshi.nix ];
options.settings.sway = with lib; { options.settings.sway = with lib; {
enable = mkEnableOption "Enable sway config"; enable = mkEnableOption "Enable sway config";
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = [ home.packages = [
pkgs.firaCodeNerd pkgs.firaCodeNerd
pkgs.grim pkgs.grim
@ -112,7 +108,8 @@ in {
gtk = true; gtk = true;
}; };
extraSessionCommands = '' extraSessionCommands =
''
# needs qt5.qtwayland in systemPackages # needs qt5.qtwayland in systemPackages
export QT_QPA_PLATFORM=wayland export QT_QPA_PLATFORM=wayland
export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
@ -123,7 +120,8 @@ in {
export _JAVA_AWT_WM_NONREPARENTING=1 export _JAVA_AWT_WM_NONREPARENTING=1
export XDG_CURRENT_DESKTOP=Sway export XDG_CURRENT_DESKTOP=Sway
export XDG_SESSION_TYPE=wayland export XDG_SESSION_TYPE=wayland
'' + ''
+
# TODO: See what actually is required here! # TODO: See what actually is required here!
(lib.optionalString nvidiaUsed '' (lib.optionalString nvidiaUsed ''
# Set DRM devices and fix cursor # Set DRM devices and fix cursor
@ -147,7 +145,7 @@ in {
commands = [ commands = [
{ {
command = ''title_format "[<b>X</b>] %title"''; command = ''title_format "[<b>X</b>] %title"'';
criteria = { shell = "xwayland"; }; criteria = {shell = "xwayland";};
} }
{ {
command = "floating enable; kill"; command = "floating enable; kill";
@ -158,28 +156,32 @@ in {
} }
{ {
command = "floating enable"; command = "floating enable";
criteria = { app_id = "org.gnome.Nautilus"; }; criteria = {app_id = "org.gnome.Nautilus";};
} }
{ {
command = "floating enable"; command = "floating enable";
criteria = { class = "Mojosetup"; }; criteria = {class = "Mojosetup";};
} }
]; ];
}; };
bars = [{ bars = [
{
command = "${pkgs.waybar}/bin/waybar"; command = "${pkgs.waybar}/bin/waybar";
position = "top"; position = "top";
}]; }
];
seat."*".xcursor_theme = seat."*".xcursor_theme =
if hiDPI then "Numix-Cursor-Light 48" else "Numix-Cursor-Light 32"; if hiDPI
then "Numix-Cursor-Light 48"
else "Numix-Cursor-Light 32";
keybindings = let keybindings = let
mod = config.wayland.windowManager.sway.config.modifier; mod = config.wayland.windowManager.sway.config.modifier;
move_follow = workspace: move_follow = workspace: "move container to workspace ${workspace}; workspace ${workspace}";
"move container to workspace ${workspace}; workspace ${workspace}"; in
in lib.mkOptionDefault { lib.mkOptionDefault {
"${mod}+Shift+e" = "exit"; "${mod}+Shift+e" = "exit";
# Move focused container to workspace and follow # Move focused container to workspace and follow
"${mod}+Ctrl+Shift+1" = move_follow "1"; "${mod}+Ctrl+Shift+1" = move_follow "1";
@ -197,13 +199,10 @@ in {
"${mod}+Ctrl+Shift+j" = "move workspace to output down"; "${mod}+Ctrl+Shift+j" = "move workspace to output down";
"${mod}+Ctrl+Shift+h" = "move workspace to output left"; "${mod}+Ctrl+Shift+h" = "move workspace to output left";
# Sound control # Sound control
"XF86AudioRaiseVolume" = "XF86AudioRaiseVolume" = "exec ${pkgs.ponymix}/bin/ponymix increase 5%";
"exec ${pkgs.ponymix}/bin/ponymix increase 5%"; "XF86AudioLowerVolume" = "exec ${pkgs.ponymix}/bin/ponymix decrease 5%";
"XF86AudioLowerVolume" =
"exec ${pkgs.ponymix}/bin/ponymix decrease 5%";
"XF86AudioMute" = "exec ${pkgs.ponymix}/bin/ponymix toggle"; "XF86AudioMute" = "exec ${pkgs.ponymix}/bin/ponymix toggle";
"XF86AudioMicMute" = "XF86AudioMicMute" = "exec ${pkgs.ponymix}/bin/ponymix --input toggle";
"exec ${pkgs.ponymix}/bin/ponymix --input toggle";
# Additional menus # Additional menus
"${mod}+p" = "exec passmenu-bemenu"; "${mod}+p" = "exec passmenu-bemenu";
# Screenshots # Screenshots
@ -218,7 +217,8 @@ in {
"XF86Favorites" = "exec swaylock"; "XF86Favorites" = "exec swaylock";
}; };
gaps = let size = 3; gaps = let
size = 3;
in { in {
smartBorders = "on"; smartBorders = "on";
smartGaps = true; smartGaps = true;
@ -227,24 +227,26 @@ in {
}; };
assigns = { assigns = {
"2" = [{ app_id = "firefox"; }]; "2" = [{app_id = "firefox";}];
"5" = [ "5" = [
{ title = "Korrektur.pdf(.xopp)? . Xournal++"; } {title = "Korrektur.pdf(.xopp)? . Xournal++";}
{ title = ".*HWP Betreuung/Skript.pdf"; } {title = ".*HWP Betreuung/Skript.pdf";}
]; ];
"6" = [{ class = "com-cburch-logisim-Main"; }]; "6" = [{class = "com-cburch-logisim-Main";}];
"7" = [{ app_id = "Element"; }]; "7" = [{app_id = "Element";}];
"8" = [ { app_id = "telegramdesktop"; } { class = "discord"; } ]; "8" = [{app_id = "telegramdesktop";} {class = "discord";}];
"9" = [{ app_id = "pavucontrol"; }]; "9" = [{app_id = "pavucontrol";}];
}; };
fonts = { fonts = {
names = [ "FiraCode Nerd Font" ]; names = ["FiraCode Nerd Font"];
size = 8.0; size = 8.0;
}; };
modes = let mod = config.wayland.windowManager.sway.config.modifier; modes = let
in lib.mkOptionDefault { mod = config.wayland.windowManager.sway.config.modifier;
in
lib.mkOptionDefault {
recording = { recording = {
"${mod}+Escape" = "exec ${screencast-stop}; mode default"; "${mod}+Escape" = "exec ${screencast-stop}; mode default";
}; };
@ -301,10 +303,8 @@ in {
output = { output = {
"Unknown 0x1500 0x00000000".bg = "${backgrounds}/forest2.jpg fill"; "Unknown 0x1500 0x00000000".bg = "${backgrounds}/forest2.jpg fill";
"Goldstar Company Ltd IPS226 SerialNumber".bg = "Goldstar Company Ltd IPS226 SerialNumber".bg = "${backgrounds}/future-town.jpg fill";
"${backgrounds}/future-town.jpg fill"; "BenQ Corporation BenQ GW2270 P9J02423SL0".bg = "${backgrounds}/leaves3.jpg fill";
"BenQ Corporation BenQ GW2270 P9J02423SL0".bg =
"${backgrounds}/leaves3.jpg fill";
}; };
colors = let colors = let
@ -346,7 +346,6 @@ in {
}; };
}; };
}; };
}; };
services.wlsunset = { services.wlsunset = {

View file

@ -1,10 +1,13 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
# Data storage location for taskwarrior # Data storage location for taskwarrior
dataLocation = "/home/malte/Tasks"; dataLocation = "/home/malte/Tasks";
# A usable (with dateutil) python interpreter for timewarrior's totals.py extension # A usable (with dateutil) python interpreter for timewarrior's totals.py extension
pythonWithLibs = pkgs.python3.withPackages (ps: [ ps.dateutil ]); pythonWithLibs = pkgs.python3.withPackages (ps: [ps.dateutil]);
# This is a patched version of the upstream `totals.py` script # This is a patched version of the upstream `totals.py` script
# so sum up timewarrior stats # so sum up timewarrior stats
# This just patches the first line to use a python interpreter that has # This just patches the first line to use a python interpreter that has
@ -18,9 +21,9 @@ let
rev = "v1.4.3"; rev = "v1.4.3";
sha256 = "+HsUiU287bWZ5Ytl+N5i+STuG9YlqlaKWxd69y0PRds="; sha256 = "+HsUiU287bWZ5Ytl+N5i+STuG9YlqlaKWxd69y0PRds=";
}; };
buildInputs = [ pkgs.coreutils ]; buildInputs = [pkgs.coreutils];
propagatedBuildInputs = [ pythonWithLibs ]; propagatedBuildInputs = [pythonWithLibs];
phases = [ "unpackPhase" "patchPhase" "installPhase" ]; phases = ["unpackPhase" "patchPhase" "installPhase"];
patchPhase = '' patchPhase = ''
sed -i 's|^#!/usr/bin/env python3$|#!${pythonWithLibs}/bin/python3|' \ sed -i 's|^#!/usr/bin/env python3$|#!${pythonWithLibs}/bin/python3|' \
ext/totals.py \ ext/totals.py \
@ -31,11 +34,10 @@ let
cp ext/totals.py ext/on-modify.timewarrior $out/ cp ext/totals.py ext/on-modify.timewarrior $out/
''; '';
}; };
in { in {
# Install timewarrior aswell! # Install timewarrior aswell!
# Timewarrior hook needs Python3.. or a patch.. to lazy for the latter # Timewarrior hook needs Python3.. or a patch.. to lazy for the latter
home.packages = with pkgs; [ timewarrior python3 ]; home.packages = with pkgs; [timewarrior python3];
programs.taskwarrior = { programs.taskwarrior = {
inherit dataLocation; inherit dataLocation;
@ -57,17 +59,14 @@ in {
description = "Tasksh review report. Adjust the filter to your needs."; description = "Tasksh review report. Adjust the filter to your needs.";
columns = "uuid"; columns = "uuid";
sort = "reviewed+,modified+"; sort = "reviewed+,modified+";
filter = filter = "( reviewed.none: or reviewed.before:now-6days ) and ( +PENDING )";
"( reviewed.none: or reviewed.before:now-6days ) and ( +PENDING )";
}; };
}; };
}; };
home.file.".timewarrior/extensions/totals.py".source = home.file.".timewarrior/extensions/totals.py".source = "${timewarriorExtensions}/totals.py";
"${timewarriorExtensions}/totals.py";
home.file."${dataLocation}/hooks/on-modify-timewarrior" = { home.file."${dataLocation}/hooks/on-modify-timewarrior" = {
source = "${timewarriorExtensions}/on-modify.timewarrior"; source = "${timewarriorExtensions}/on-modify.timewarrior";
executable = true; executable = true;
}; };
} }

View file

@ -1,12 +1,10 @@
{ pkgs, ... }: {pkgs, ...}: {
home.packages = with pkgs; [x11_ssh_askpass openssh];
{
home.packages = with pkgs; [ x11_ssh_askpass openssh ];
services.unison = { services.unison = {
enable = true; enable = true;
pairs.university = { pairs.university = {
roots = [ "/home/malte/Uni" "ssh://malte@helix-pomatia//home/malte/Uni" ]; roots = ["/home/malte/Uni" "ssh://malte@helix-pomatia//home/malte/Uni"];
commandOptions = { auto = "true"; }; commandOptions = {auto = "true";};
}; };
}; };
} }

View file

@ -1,19 +1,20 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
darkenBorder = 0.4; darkenBorder = 0.4;
col = config.colors; col = config.colors;
task-activity = with pkgs; task-activity = with pkgs; let
let
task = "${pkgs.taskwarrior}/bin/task"; task = "${pkgs.taskwarrior}/bin/task";
jq = "${pkgs.jq}/bin/jq"; jq = "${pkgs.jq}/bin/jq";
timew = "${pkgs.timewarrior}/bin/timew"; timew = "${pkgs.timewarrior}/bin/timew";
getTaskwarriorDesc = "${task} +ACTIVE export | ${jq} '.[0].description'"; getTaskwarriorDesc = "${task} +ACTIVE export | ${jq} '.[0].description'";
getTimewarriorDesc = getTimewarriorDesc = "${timew} get dom.active.json | ${jq} '.tags|join(\", \")'";
"${timew} get dom.active.json | ${jq} '.tags|join(\", \")'"; in
in writeScriptBin "task-activity" '' writeScriptBin "task-activity" ''
#!${stdenv.shell} #!${stdenv.shell}
task +ACTIVE >/dev/null 2>/dev/null task +ACTIVE >/dev/null 2>/dev/null
@ -43,8 +44,10 @@ let
systemctl = "${pkgs.systemd}/bin/systemctl"; systemctl = "${pkgs.systemd}/bin/systemctl";
jq = "${pkgs.jq}/bin/jq"; jq = "${pkgs.jq}/bin/jq";
extractJson = "${jq} '.[].unit' --raw-output"; extractJson = "${jq} '.[].unit' --raw-output";
replaceNewlines = "${pkgs.coreutils}/bin/tr '\n' ' '"; newline = "\n";
in pkgs.writeScriptBin "check-system" '' replaceNewlines = "${pkgs.coreutils}/bin/tr '${newline}' ' '";
in
pkgs.writeScriptBin "check-system" ''
#!${pkgs.stdenv.shell} #!${pkgs.stdenv.shell}
failed_user=$(${systemctl} --user --output json list-units --failed | ${extractJson} | ${replaceNewlines}) failed_user=$(${systemctl} --user --output json list-units --failed | ${extractJson} | ${replaceNewlines})
@ -64,20 +67,20 @@ let
}" | ${jq} --unbuffered --compact-output }" | ${jq} --unbuffered --compact-output
fi fi
''; '';
in { in {
home.packages = [ pkgs.firaCodeNerd task-activity ]; home.packages = [pkgs.firaCodeNerd task-activity];
programs.waybar = { programs.waybar = {
enable = true; enable = true;
settings = [{ settings = [
{
layer = "top"; layer = "top";
position = "top"; position = "top";
modules-left = [ "sway/workspaces" "sway/mode" "sway/window" ]; modules-left = ["sway/workspaces" "sway/mode" "sway/window"];
modules-center = [ "clock#time" "custom/check-system" "clock#date" ]; modules-center = ["clock#time" "custom/check-system" "clock#date"];
modules-right = [ "custom/taskwarrior" "network" "battery" "tray" ]; modules-right = ["custom/taskwarrior" "network" "battery" "tray"];
modules = { modules = {
"sway/workspaces" = { "sway/workspaces" = {
@ -87,7 +90,7 @@ in {
"sway/mode" = { "sway/mode" = {
format = "<span foreground='${col.background.hashRgb}'>{}</span>"; format = "<span foreground='${col.background.hashRgb}'>{}</span>";
}; };
"sway/window" = { tooltip = false; }; "sway/window" = {tooltip = false;};
"clock#time" = { "clock#time" = {
interval = 1; interval = 1;
@ -127,7 +130,7 @@ in {
format-charging = " {capacity}%"; format-charging = " {capacity}%";
format-plugged = ""; format-plugged = "";
design-capacity = true; design-capacity = true;
format-icons = [ "" "" "" "" "" ]; format-icons = ["" "" "" "" ""];
tooltip = false; tooltip = false;
}; };
"network" = { "network" = {
@ -139,7 +142,8 @@ in {
interval = 5; interval = 5;
}; };
}; };
}]; }
];
style = '' style = ''
* { * {

View file

@ -1,6 +1,4 @@
{ ... }: {...}: {
{
services.wlsunset = { services.wlsunset = {
enable = true; enable = true;
latitude = 51.3; latitude = 51.3;

View file

@ -1,7 +1,5 @@
{ pkgs, ... }: {pkgs, ...}: {
home.packages = [pkgs.firaCodeNerd];
{
home.packages = [ pkgs.firaCodeNerd ];
programs.zathura = { programs.zathura = {
enable = true; enable = true;

View file

@ -1,17 +1,18 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
mkTuple = lib.hm.gvariant.mkTuple; mkTuple = lib.hm.gvariant.mkTuple;
bg = pkgs.fetchurl { bg = pkgs.fetchurl {
url = "https://images.pexels.com/photos/2559941/pexels-photo-2559941.jpeg"; url = "https://images.pexels.com/photos/2559941/pexels-photo-2559941.jpeg";
sha256 = "sha256-Su2UwFpZKj5sa80UrcDSX9O2GuVI6XR2gSLpp4gJZP0="; sha256 = "sha256-Su2UwFpZKj5sa80UrcDSX9O2GuVI6XR2gSLpp4gJZP0=";
}; };
in { in {
imports = [ ../modules/restic-backup.nix ]; imports = [../modules/restic-backup.nix];
config = { config = {
home.packages = with pkgs; [ home.packages = with pkgs; [
bitwarden bitwarden
element-desktop element-desktop
@ -39,7 +40,7 @@ in {
services.restic = { services.restic = {
enable = true; enable = true;
paths = [ "/home/marie/Uni" "/home/marie/Bilder" ]; paths = ["/home/marie/Uni" "/home/marie/Bilder"];
}; };
programs.mpv = { programs.mpv = {
@ -54,14 +55,14 @@ in {
}; };
"org/gnome/desktop/input-sources" = { "org/gnome/desktop/input-sources" = {
per-window = false; per-window = false;
sources = [ (mkTuple [ "xkb" "de" ]) (mkTuple [ "xkb" "us+workman" ]) ]; sources = [(mkTuple ["xkb" "de"]) (mkTuple ["xkb" "us+workman"])];
xkb-options = [ "compose:rctrl" ]; xkb-options = ["compose:rctrl"];
}; };
"org/gnome/desktop/interface" = { "org/gnome/desktop/interface" = {
enable-hot-corners = false; enable-hot-corners = false;
show-battery-percentage = true; show-battery-percentage = true;
}; };
"org/gnome/desktop/background" = { picture-uri = "file://${bg}"; }; "org/gnome/desktop/background" = {picture-uri = "file://${bg}";};
}; };
}; };
} }

View file

@ -3,10 +3,13 @@
# This _assumes_ a few things: # This _assumes_ a few things:
# - There is a sops.secrets with the name "restic-backup-USERNAME" # - There is a sops.secrets with the name "restic-backup-USERNAME"
# - That the repository is actually reachable, which is a little flaky still # - That the repository is actually reachable, which is a little flaky still
{
{ nixosConfig, pkgs, lib, config, ... }: nixosConfig,
pkgs,
let lib,
config,
...
}: let
resticCmd = "${pkgs.restic}/bin/restic"; resticCmd = "${pkgs.restic}/bin/restic";
username = config.home.username; username = config.home.username;
@ -25,15 +28,13 @@ let
}; };
cfg = config.services.restic; cfg = config.services.restic;
in { in {
options.services.restic = with lib; { options.services.restic = with lib; {
enable = mkEnableOption "restic backup service"; enable = mkEnableOption "restic backup service";
paths = mkOption { paths = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "Paths to backup"; description = "Paths to backup";
}; };
@ -46,14 +47,14 @@ in {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Add restic for the user (they will need to initialize the repo) # Add restic for the user (they will need to initialize the repo)
home.packages = [ pkgs.restic ]; home.packages = [pkgs.restic];
# Add the above env variables, so that using restic is easy for them # Add the above env variables, so that using restic is easy for them
home.sessionVariables = sessionVars; home.sessionVariables = sessionVars;
# Create a systemd service for the backup # Create a systemd service for the backup
systemd.user.services.restic-backups-to-elysia-clarki = { systemd.user.services.restic-backups-to-elysia-clarki = {
Unit = { Unit = {
Description = "Backup to elysia-clarki using restic"; Description = "Backup to elysia-clarki using restic";
After = [ "network.target" ]; After = ["network.target"];
}; };
Service = { Service = {
@ -71,15 +72,16 @@ in {
CacheDirectoryMode = "0700"; CacheDirectoryMode = "0700";
# Convert the above map of environment variables into a list # Convert the above map of environment variables into a list
# of "KEY=VALUE" entrie # of "KEY=VALUE" entrie
Environment = builtins.attrValues Environment =
builtins.attrValues
(builtins.mapAttrs (k: v: "${k}=${v}") sessionVars); (builtins.mapAttrs (k: v: "${k}=${v}") sessionVars);
}; };
}; };
# Run the above service every hour # Run the above service every hour
systemd.user.timers.restic-backups-to-elysia-clarki = { systemd.user.timers.restic-backups-to-elysia-clarki = {
Unit = { Description = "Run restic backups every hour"; }; Unit = {Description = "Run restic backups every hour";};
Install = { WantedBy = [ "timers.target" ]; }; Install = {WantedBy = ["timers.target"];};
Timer = { OnCalendar = "hourly"; }; Timer = {OnCalendar = "hourly";};
}; };
}; };
} }

View file

@ -1,8 +1,10 @@
# Synchronize calendars from https://cal.tammena.rocks # Synchronize calendars from https://cal.tammena.rocks
{
{ pkgs, lib, config, ... }: pkgs,
lib,
let config,
...
}: let
cfg = config.services.synchronize-calendars; cfg = config.services.synchronize-calendars;
khalConfig = '' khalConfig = ''
@ -45,10 +47,11 @@ let
username = "${cfg.user}" username = "${cfg.user}"
password.fetch = ["command", "cat", "${cfg.passwordFile}"] password.fetch = ["command", "cat", "${cfg.passwordFile}"]
''; '';
in { in {
options.services.synchronize-calendars = with lib; { options.services.synchronize-calendars = with lib; {
enable = mkEnableOption "Enable service to synchronize my calendars and add some necessary programs"; enable =
mkEnableOption
"Enable service to synchronize my calendars and add some necessary programs";
user = mkOption { user = mkOption {
type = types.str; type = types.str;
@ -67,7 +70,7 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
home.packages = [ pkgs.vdirsyncer pkgs.khal ]; home.packages = [pkgs.vdirsyncer pkgs.khal];
# == Systemd settings to automatically run the sync == # == Systemd settings to automatically run the sync ==
systemd.user.services."synchronize-calendars" = { systemd.user.services."synchronize-calendars" = {
@ -83,7 +86,7 @@ in {
systemd.user.timers."synchronize-calendars" = { systemd.user.timers."synchronize-calendars" = {
Unit.Description = "Run synchronize-calendars.service every 15 minutes"; Unit.Description = "Run synchronize-calendars.service every 15 minutes";
Timer.OnCalendar = "*:0/10"; Timer.OnCalendar = "*:0/10";
Install.WantedBy = [ "timers.target" ]; Install.WantedBy = ["timers.target"];
}; };
# == Configuration == # == Configuration ==