reformat with alejandra

This commit is contained in:
Cyryl Płotnicki 2022-12-19 09:09:08 +00:00
parent 2c324ccaf7
commit 1c9bae290c
120 changed files with 2199 additions and 1759 deletions

352
flake.nix
View file

@ -1,187 +1,194 @@
{ {
description = "NixOS configuration with flakes"; description = "NixOS configuration with flakes";
outputs = { self, flake-utils, flake-compat, home-manager outputs = {
, nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin self,
, nixos-hardware, nur, sops, nil, helix, alejandra }@inputs: flake-utils,
flake-compat,
home-manager,
nixpkgs-nixos-unstable,
nixpkgs-master,
nixpkgs-stable,
darwin,
nixos-hardware,
nur,
sops,
nil,
helix,
alejandra,
} @ inputs: let
mkServer = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
(import ./nixos/server-common.nix)
sops.nixosModules.sops
];
specialArgs = {inherit inputs;};
};
mkRaspi = pkgs: hostname:
pkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [(./. + "/nixos/boxes/${hostname}")];
specialArgs = {inherit inputs;};
};
mkKiosk = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
let sops.nixosModules.sops
mkServer = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
(import ./nixos/server-common.nix)
sops.nixosModules.sops
];
specialArgs = { inherit inputs; };
};
mkRaspi = pkgs: hostname:
pkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [ (./. + "/nixos/boxes/${hostname}") ];
specialArgs = { inherit inputs; };
};
mkKiosk = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
sops.nixosModules.sops home-manager.nixosModules.home-manager
{
home-manager.nixosModules.home-manager home-manager.useGlobalPkgs = true;
{ home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true; home-manager.users.cyryl = {
home-manager.useUserPackages = true; imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
home-manager.users.cyryl = { _module.args.inputs = inputs;
imports = _module.args.system = system;
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
_module.args.inputs = inputs;
_module.args.system = system;
};
}
];
specialArgs = { inherit inputs system; };
};
mkWorkstation = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
(import ./nixos/email-accounts.nix)
(import ./nixos/common.nix)
sops.nixosModules.sops
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports =
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
_module.args.inputs = inputs;
_module.args.system = system;
};
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = { allowUnfree = true; };
}; };
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { }
inherit system; ];
config = { allowUnfree = true; }; specialArgs = {inherit inputs system;};
};
mkWorkstation = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
(import ./nixos/email-accounts.nix)
(import ./nixos/common.nix)
sops.nixosModules.sops
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
_module.args.inputs = inputs;
_module.args.system = system;
}; };
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = {allowUnfree = true;};
};
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
}; };
}; };
mkShell = packageSet: system:
let pkgs = packageSet.legacyPackages.${system};
in pkgs.mkShell {
packages = with pkgs; [
cacert
git
git-lfs
nixpkgs-fmt
openssh
openssl
pkg-config
statix
];
};
in {
devShells = {
"x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
}; };
darwinConfigurations = { mkShell = packageSet: system: let
"FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { pkgs = packageSet.legacyPackages.${system};
system = "x86_64-darwin"; in
modules = [ pkgs.mkShell {
(./. + "/nixos/boxes/form3") packages = with pkgs; [
home-manager.darwinModules.home-manager cacert
{ git
home-manager.useGlobalPkgs = true; git-lfs
home-manager.useUserPackages = true; nixpkgs-fmt
home-manager.users.cyryl = { openssh
imports = [ ./nixos/home-manager ]; openssl
_module.args.inputs = inputs; pkg-config
_module.args.system = system; statix
}; ];
}
];
};
}; };
in {
nixosConfigurations = { devShells = {
foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty"; "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv"; "x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; };
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; darwinConfigurations = {
vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1"; "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec {
yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga"; system = "x86_64-darwin";
homescreen = mkRaspi nixpkgs-stable "homescreen"; modules = [
(./. + "/nixos/boxes/form3")
bootstrap = nixpkgs-stable.lib.nixosSystem rec { home-manager.darwinModules.home-manager
system = "x86_64-linux"; {
modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ]; home-manager.useGlobalPkgs = true;
specialArgs = { home-manager.useUserPackages = true;
inherit inputs system; home-manager.users.cyryl = {
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { imports = [./nixos/home-manager];
inherit system; _module.args.inputs = inputs;
config = { allowUnfree = true; }; _module.args.system = system;
}; };
}; }
}; ];
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
raspiimage = nixpkgs-stable.lib.nixosSystem {
system = "aarch64-linux";
modules = [
(import
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
{
environment.systemPackages =
with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
neovim
htop
btop
atop
];
networking.networkmanager.enable = false;
hardware.enableRedistributableFirmware = true;
networking.wireless.enable = true;
services.openssh = {
enable = true;
permitRootLogin =
nixpkgs-stable.lib.mkForce "prohibit-password";
passwordAuthentication = false;
};
services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
];
sdImage.compressImage = false;
console.earlySetup = true;
}
];
specialArgs = { inherit inputs; };
};
}; };
}; };
nixosConfigurations = {
foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty";
skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv";
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1";
yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga";
homescreen = mkRaspi nixpkgs-stable "homescreen";
bootstrap = nixpkgs-stable.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [(./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
};
};
};
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
raspiimage = nixpkgs-stable.lib.nixosSystem {
system = "aarch64-linux";
modules = [
(import
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
{
environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
neovim
htop
btop
atop
];
networking.networkmanager.enable = false;
hardware.enableRedistributableFirmware = true;
networking.wireless.enable = true;
services.openssh = {
enable = true;
permitRootLogin =
nixpkgs-stable.lib.mkForce "prohibit-password";
passwordAuthentication = false;
};
services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
];
sdImage.compressImage = false;
console.earlySetup = true;
}
];
specialArgs = {inherit inputs;};
};
};
};
inputs = { inputs = {
nixpkgs-master = { nixpkgs-master = {
type = "github"; type = "github";
@ -262,7 +269,7 @@
inputs.nixpkgs.follows = "nixpkgs-stable"; inputs.nixpkgs.follows = "nixpkgs-stable";
inputs.nixpkgs-stable.follows = "nixpkgs-stable"; inputs.nixpkgs-stable.follows = "nixpkgs-stable";
}; };
alejandra = { alejandra = {
type = "github"; type = "github";
owner = "kamadorueda"; owner = "kamadorueda";
repo = "alejandra"; repo = "alejandra";
@ -274,5 +281,4 @@ alejandra = {
flake = false; flake = false;
}; };
}; };
} }

View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }: {
let config,
pkgs,
...
}: let
extraArgs = [ extraArgs = [
"--exclude='.cache'" "--exclude='.cache'"
"--exclude='.rustup'" "--exclude='.rustup'"
@ -12,21 +15,20 @@ let
IOSchedulingClass = "idle"; IOSchedulingClass = "idle";
}; };
in { in {
services = { services = {
restic.backups.home-to-bolty = { restic.backups.home-to-bolty = {
passwordFile = "/etc/nixos/secrets/restic-password-bolty"; passwordFile = "/etc/nixos/secrets/restic-password-bolty";
paths = [ "/home" ]; paths = ["/home"];
repository = "rest:http://bolty:8000/"; repository = "rest:http://bolty:8000/";
timerConfig = { OnCalendar = "hourly"; }; timerConfig = {OnCalendar = "hourly";};
extraBackupArgs = extraArgs; extraBackupArgs = extraArgs;
}; };
restic.backups.home-to-b2 = { restic.backups.home-to-b2 = {
passwordFile = "/etc/nixos/secrets/restic-password-b2"; passwordFile = "/etc/nixos/secrets/restic-password-b2";
paths = [ "/home" ]; paths = ["/home"];
repository = "b2:cyplo-restic-${config.networking.hostName}:/"; repository = "b2:cyplo-restic-${config.networking.hostName}:/";
timerConfig = { OnCalendar = "hourly"; }; timerConfig = {OnCalendar = "hourly";};
extraBackupArgs = extraArgs; extraBackupArgs = extraArgs;
environmentFile = "/etc/nixos/secrets/b2-env"; environmentFile = "/etc/nixos/secrets/b2-env";
}; };

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; config,
pkgs,
...
}: {
fileSystems."/".options = ["noatime" "nodiratime" "discard"];
boot = { boot = {
kernel.sysctl = { kernel.sysctl = {
@ -10,6 +14,4 @@
"net.core.bpf_jit_harden" = true; "net.core.bpf_jit_harden" = true;
}; };
}; };
} }

View file

@ -1,12 +1,14 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
boot = { boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
initrd.availableKernelModules = initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"];
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ]; initrd.kernelModules = ["dm-snapshot"];
initrd.kernelModules = [ "dm-snapshot" ]; kernelModules = ["kvm-amd"];
kernelModules = [ "kvm-amd" ]; extraModulePackages = [];
extraModulePackages = [ ];
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = false; loader.efi.canTouchEfiVariables = false;
}; };
@ -35,7 +37,7 @@
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
nix.settings = { nix.settings = {
max-jobs = 8; max-jobs = 8;

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
physicalInterface = "enp4s0"; physicalInterface = "enp4s0";
bridgeInterface = "br0"; bridgeInterface = "br0";
in { in {
@ -13,7 +18,7 @@ in {
./print-server.nix ./print-server.nix
./restic-server.nix ./restic-server.nix
]; ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = ["aarch64-linux"];
programs.ccache.enable = true; programs.ccache.enable = true;
networking = { networking = {
hostName = "bolty"; hostName = "bolty";
@ -22,22 +27,24 @@ in {
address = "10.0.0.1"; address = "10.0.0.1";
interface = "${bridgeInterface}"; interface = "${bridgeInterface}";
}; };
nameservers = [ "91.239.100.100" "89.233.43.71" "1.1.1.1" ]; nameservers = ["91.239.100.100" "89.233.43.71" "1.1.1.1"];
interfaces = { interfaces = {
"${physicalInterface}" = { "${physicalInterface}" = {
useDHCP = false; useDHCP = false;
wakeOnLan.enable = true; wakeOnLan.enable = true;
}; };
"${bridgeInterface}" = { "${bridgeInterface}" = {
ipv4.addresses = [{ ipv4.addresses = [
"address" = "10.0.0.8"; {
"prefixLength" = 24; "address" = "10.0.0.8";
}]; "prefixLength" = 24;
}
];
}; };
}; };
bridges = { "${bridgeInterface}".interfaces = [ "${physicalInterface}" ]; }; bridges = {"${bridgeInterface}".interfaces = ["${physicalInterface}"];};
}; };
boot.kernelModules = [ "kvm_amd" ]; boot.kernelModules = ["kvm_amd"];
virtualisation = { virtualisation = {
libvirtd = { libvirtd = {
enable = true; enable = true;
@ -51,11 +58,10 @@ in {
virt-viewer virt-viewer
lm_sensors lm_sensors
]; ];
networking.firewall.allowedTCPPorts = [ 5900 ]; networking.firewall.allowedTCPPorts = [5900];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
security.allowUserNamespaces = true; security.allowUserNamespaces = true;
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
} }

View file

@ -1,8 +1,13 @@
{ config, pkgs, inputs, lib, ... }: {
let port = 8123; config,
pkgs,
inputs,
lib,
...
}: let
port = 8123;
in { in {
imports = [ ]; imports = [];
networking.firewall.allowedTCPPorts = [ port ];
networking.firewall.allowedTCPPorts = [port];
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.i2pd = { services.i2pd = {
enable = true; enable = true;
bandwidth = 1024; # kb/s bandwidth = 1024; # kb/s

View file

@ -1,4 +1,9 @@
{ config, pkgs, inputs, ... }: { {
config,
pkgs,
inputs,
...
}: {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
initialScript = pkgs.writeText "synapse-init.sql" '' initialScript = pkgs.writeText "synapse-init.sql" ''
@ -14,18 +19,22 @@
enable = true; enable = true;
settings = { settings = {
server_name = "cyplo.dev"; server_name = "cyplo.dev";
listeners = [{ listeners = [
port = 8008; {
bind_addresses = [ "bolty.cyplo.github.beta.tailscale.net" ]; port = 8008;
type = "http"; bind_addresses = ["bolty.cyplo.github.beta.tailscale.net"];
tls = false; type = "http";
x_forwarded = true; tls = false;
resources = [{ x_forwarded = true;
names = [ "client" "federation" ]; resources = [
compress = false; {
}]; names = ["client" "federation"];
}]; compress = false;
experimental_features = { spaces_enabled = true; }; }
];
}
];
experimental_features = {spaces_enabled = true;};
enable_registration = false; enable_registration = false;
suppress_key_server_warning = true; suppress_key_server_warning = true;
}; };
@ -33,5 +42,5 @@
inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux".matrix-synapse; inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux".matrix-synapse;
}; };
networking.firewall.allowedTCPPorts = [ 8008 ]; networking.firewall.allowedTCPPorts = [8008];
} }

View file

@ -1,10 +1,13 @@
{ config, pkgs, ... }: { {
config,
networking.firewall.allowedTCPPorts = [ 9000 9001 ]; pkgs,
...
}: {
networking.firewall.allowedTCPPorts = [9000 9001];
services.minio = { services.minio = {
enable = true; enable = true;
region = "home"; region = "home";
dataDir = [ "/var/lib/minio/data" ]; dataDir = ["/var/lib/minio/data"];
configDir = "/var/lib/minio/config"; configDir = "/var/lib/minio/config";
listenAddress = ":9000"; listenAddress = ":9000";
consoleAddress = ":9001"; consoleAddress = ":9001";

View file

@ -1,40 +1,45 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 631 6566 ]; networking.firewall.allowedTCPPorts = [631 6566];
networking.firewall.allowedUDPPorts = [ 631 6566 ]; networking.firewall.allowedUDPPorts = [631 6566];
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ epson-escpr ]; drivers = with pkgs; [epson-escpr];
listenAddresses = [ "*:631" ]; listenAddresses = ["*:631"];
defaultShared = true; defaultShared = true;
browsing = true; browsing = true;
allowFrom = [ "all" ]; allowFrom = ["all"];
extraConf = '' extraConf = ''
ServerAlias * ServerAlias *
DefaultEncryption Never DefaultEncryption Never
''; '';
}; };
hardware.printers.ensurePrinters = [{ hardware.printers.ensurePrinters = [
description = "Epson XP-540"; {
location = "connected to bolty"; description = "Epson XP-540";
name = "epson_xp540"; location = "connected to bolty";
deviceUri = name = "epson_xp540";
"usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1"; deviceUri = "usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1";
model = "raw"; model = "raw";
ppdOptions = { PageSize = "A4"; }; ppdOptions = {PageSize = "A4";};
}]; }
];
hardware.sane = { hardware.sane = {
enable = true; enable = true;
extraBackends = with pkgs; [ utsushi sane-airscan gawk ]; extraBackends = with pkgs; [utsushi sane-airscan gawk];
snapshot = true; snapshot = true;
}; };
services.udev.packages = [ pkgs.utsushi ]; services.udev.packages = [pkgs.utsushi];
environment.systemPackages = with pkgs; [ gawk ]; environment.systemPackages = with pkgs; [gawk];
services.saned = { services.saned = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''
@ -45,5 +50,4 @@
hagath hagath
''; '';
}; };
} }

View file

@ -1,5 +1,10 @@
{ config, pkgs, lib, ... }: { {
networking.firewall.allowedTCPPorts = [ 9100 ]; config,
pkgs,
lib,
...
}: {
networking.firewall.allowedTCPPorts = [9100];
services.prometheus = { services.prometheus = {
enable = true; enable = true;
exporters.node.enable = true; exporters.node.enable = true;

View file

@ -1,8 +1,13 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
services.smartd.enable = true; services.smartd.enable = true;
services.fstrim.enable = true; services.fstrim.enable = true;
environment.systemPackages = with pkgs; [ smartmontools ]; environment.systemPackages = with pkgs; [smartmontools];
services.fwupd.enable = true; services.fwupd.enable = true;
services.thermald.enable = true; services.thermald.enable = true;
services.haveged.enable = true; services.haveged.enable = true;

View file

@ -1,12 +1,15 @@
{ config, pkgs, ... }: { {
environment.systemPackages = with pkgs; [ restic ]; config,
networking.firewall.allowedTCPPorts = [ 8000 ]; pkgs,
...
}: {
environment.systemPackages = with pkgs; [restic];
networking.firewall.allowedTCPPorts = [8000];
services.restic.server = { services.restic.server = {
enable = true; enable = true;
dataDir = "/data/restic"; dataDir = "/data/restic";
appendOnly = true; appendOnly = true;
prometheus = true; prometheus = true;
extraFlags = [ "--no-auth" ]; extraFlags = ["--no-auth"];
}; };
} }

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, nixpkgs-nixos-unstable-and-unfree, ... }: { {
config,
pkgs,
inputs,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "fixme"; networking.hostName = "fixme";
imports = [ imports = [

View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: { {
config,
lib,
pkgs,
inputs,
...
}: {
boot = { boot = {
kernelModules = [ "kvm-intel" ]; kernelModules = ["kvm-intel"];
initrd = { initrd = {
kernelModules = [ "dm-snapshot" ]; kernelModules = ["dm-snapshot"];
availableKernelModules = availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
[ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
}; };
loader.efi.canTouchEfiVariables = true; loader.efi.canTouchEfiVariables = true;
@ -24,7 +29,7 @@
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
nix.settings = { nix.settings = {
max-jobs = "auto"; max-jobs = "auto";

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
atop atop
btop btop

View file

@ -1,14 +1,21 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: {
let config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
form3_cert_path = ./form3-palo-alto.pem; form3_cert_path = ./form3-palo-alto.pem;
form3_cert_bundle = builtins.toFile "form3-cert-bundle.crt" form3_cert_bundle =
builtins.toFile "form3-cert-bundle.crt"
(builtins.readFile system_cert_bundle_path (builtins.readFile system_cert_bundle_path
+ builtins.readFile form3_cert_path); + builtins.readFile form3_cert_path);
in { in {
environment.systemPackages = with pkgs; [ vim nixfmt ]; environment.systemPackages = with pkgs; [vim nixfmt];
imports = [ ../../git ../../mercurial ]; imports = [../../git ../../mercurial];
services.nix-daemon.enable = true; services.nix-daemon.enable = true;
nix = { nix = {
useDaemon = true; useDaemon = true;
@ -21,15 +28,11 @@ in {
fonts.fontDir.enable = true; fonts.fontDir.enable = true;
fonts.fonts = with pkgs; [ fonts.fonts = with pkgs; [
(runCommand "berkeley-fonts" { } '' (runCommand "berkeley-fonts" {} ''
mkdir -vp "$out/share/fonts/opentype" mkdir -vp "$out/share/fonts/opentype"
mkdir -vp "$out/share/fonts/truetype" mkdir -vp "$out/share/fonts/truetype"
${pkgs.unzip}/bin/unzip ${ ${pkgs.unzip}/bin/unzip ${../../fonts.zip} \*.otf -d $out/share/fonts/opentype
../../fonts.zip ${pkgs.unzip}/bin/unzip ${../../fonts.zip} \*.ttf -d $out/share/fonts/truetype
} \*.otf -d $out/share/fonts/opentype
${pkgs.unzip}/bin/unzip ${
../../fonts.zip
} \*.ttf -d $out/share/fonts/truetype
'') '')
nerdfonts nerdfonts
@ -40,7 +43,7 @@ in {
source-code-pro source-code-pro
weather-icons weather-icons
]; ];
security.pki.certificateFiles = [ form3_cert_path system_cert_bundle_path ]; security.pki.certificateFiles = [form3_cert_path system_cert_bundle_path];
environment.variables = { environment.variables = {
SSL_CERT_FILE = form3_cert_bundle; SSL_CERT_FILE = form3_cert_bundle;
NIX_SSL_CERT_FILE = form3_cert_bundle; NIX_SSL_CERT_FILE = form3_cert_bundle;
@ -51,15 +54,13 @@ in {
system.stateVersion = 4; system.stateVersion = 4;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ]; imports = [];
home.packages = with pkgs; [ awscli kubectl cargo-update ]; home.packages = with pkgs; [awscli kubectl cargo-update];
programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech"; programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech";
programs.git.extraConfig.user.signingkey = programs.git.extraConfig.user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED";
"6441B1BC81F8FB1561C9AFF5534222210FE423ED";
programs.git.extraConfig.commit.gpgsign = true; programs.git.extraConfig.commit.gpgsign = true;
programs.git.extraConfig."url \"git@github.com:\"".insteadOf = programs.git.extraConfig."url \"git@github.com:\"".insteadOf = "https://github.com/";
"https://github.com/";
programs.gpg.enable = true; programs.gpg.enable = true;
programs.gpg.homedir = "/Users/cyryl/.gnupg"; programs.gpg.homedir = "/Users/cyryl/.gnupg";
programs.zsh.loginExtra = '' programs.zsh.loginExtra = ''

View file

@ -1,93 +1,100 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
nixpkgs.overlays = [ nixpkgs.overlays = [
(self: super: { (self: super: {
buildLinux = x: buildLinux = x:
super.buildLinux ({ super.buildLinux ({
ignoreConfigErrors = true; ignoreConfigErrors = true;
enableParallelBuilding = true; enableParallelBuilding = true;
} // x); }
// x);
}) })
]; ];
boot.kernelPatches = [{ boot.kernelPatches = [
name = "foureighty"; {
patch = null; name = "foureighty";
extraConfig = '' patch = null;
ACPI_CUSTOM_METHOD n extraConfig = ''
ACPI_DPTF y ACPI_CUSTOM_METHOD n
BUG y ACPI_DPTF y
CC_STACKPROTECTOR_STRONG y BUG y
CPU_IDLE_GOV_HALTPOLL y CC_STACKPROTECTOR_STRONG y
CPU_IDLE_GOV_TEO y CPU_IDLE_GOV_HALTPOLL y
DEBUG_CREDENTIALS y CPU_IDLE_GOV_TEO y
DEBUG_NOTIFIERS y DEBUG_CREDENTIALS y
DEBUG_PI_LIST y DEBUG_NOTIFIERS y
DEBUG_PLIST y DEBUG_PI_LIST y
DEBUG_RODATA y DEBUG_PLIST y
DEBUG_SET_MODULE_RONX y DEBUG_RODATA y
DEBUG_SG y DEBUG_SET_MODULE_RONX y
DEVMEM y DEBUG_SG y
DPTF_PCH_FIVR m DEVMEM y
DPTF_POWER m DPTF_PCH_FIVR m
ENERGY_MODEL y DPTF_POWER m
FORTIFY_SOURCE y ENERGY_MODEL y
GCC_PLUGINS y FORTIFY_SOURCE y
GCC_PLUGIN_LATENT_ENTROPY y GCC_PLUGINS y
GCC_PLUGIN_RANDSTRUCT y GCC_PLUGIN_LATENT_ENTROPY y
GCC_PLUGIN_RANDSTRUCT_PERFORMANCE y GCC_PLUGIN_RANDSTRUCT y
GCC_PLUGIN_STACKLEAK y GCC_PLUGIN_RANDSTRUCT_PERFORMANCE y
GCC_PLUGIN_STRUCTLEAK y GCC_PLUGIN_STACKLEAK y
GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y GCC_PLUGIN_STRUCTLEAK y
HARDENED_USERCOPY y GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y
HARDENED_USERCOPY_FALLBACK y HARDENED_USERCOPY y
HARDLOCKUP_DETECTOR y HARDENED_USERCOPY_FALLBACK y
HZ_300 y HARDLOCKUP_DETECTOR y
INET_DIAG n HZ_300 y
INET_DIAG_DESTROY option no INET_DIAG n
INET_MPTCP_DIAG option no INET_DIAG_DESTROY option no
INET_RAW_DIAG option no INET_MPTCP_DIAG option no
INET_TCP_DIAG option no INET_RAW_DIAG option no
INET_UDP_DIAG option no INET_TCP_DIAG option no
INIT_ON_ALLOC_DEFAULT_ON y INET_UDP_DIAG option no
INIT_ON_FREE_DEFAULT_ON y INIT_ON_ALLOC_DEFAULT_ON y
INTEL_TXT y INIT_ON_FREE_DEFAULT_ON y
KEXEC n INTEL_TXT y
KFENCE y KEXEC n
LEGACY_VSYSCALL_NONE y KFENCE y
LOCKUP_DETECTOR y LEGACY_VSYSCALL_NONE y
MCORE2 y LOCKUP_DETECTOR y
NR_CPUS 16 MCORE2 y
NUMA_BALANCING y NR_CPUS 16
NUMA_BALANCING_DEFAULT_ENABLED y NUMA_BALANCING y
PAGE_POISONING y NUMA_BALANCING_DEFAULT_ENABLED y
PAGE_POISONING_NO_SANITY y PAGE_POISONING y
PAGE_POISONING_ZERO y PAGE_POISONING_NO_SANITY y
PANIC_TIMEOUT -1 PAGE_POISONING_ZERO y
PM_AUTOSLEEP y PANIC_TIMEOUT -1
POWER_EFFICIENT_DEFAULT y PM_AUTOSLEEP y
PREEMPT y POWER_EFFICIENT_DEFAULT y
PREEMPTION y PREEMPT y
PREEMPT_COUNT y PREEMPTION y
PREEMPT_DYNAMIC y PREEMPT_COUNT y
PREEMPT_RCU y PREEMPT_DYNAMIC y
PROC_KCORE n PREEMPT_RCU y
RANDOMIZE_KSTACK_OFFSET_DEFAULT y PROC_KCORE n
SCHED_CORE y RANDOMIZE_KSTACK_OFFSET_DEFAULT y
SCHED_STACK_END_CHECK y SCHED_CORE y
SECURITY_SAFESETID y SCHED_STACK_END_CHECK y
SECURITY_SELINUX_DISABLE n SECURITY_SAFESETID y
SECURITY_WRITABLE_HOOKS n SECURITY_SELINUX_DISABLE n
SHUFFLE_PAGE_ALLOCATOR y SECURITY_WRITABLE_HOOKS n
SLAB_FREELIST_HARDENED y SHUFFLE_PAGE_ALLOCATOR y
SLAB_FREELIST_RANDOM y SLAB_FREELIST_HARDENED y
SLUB_DEBUG y SLAB_FREELIST_RANDOM y
STRICT_DEVMEM y SLUB_DEBUG y
STRICT_KERNEL_RWX y STRICT_DEVMEM y
UNINLINE_SPIN_UNLOCK y STRICT_KERNEL_RWX y
WATCH_QUEUE y UNINLINE_SPIN_UNLOCK y
X86_INTEL_TSX_MODE_AUTO y WATCH_QUEUE y
X86_SGX y X86_INTEL_TSX_MODE_AUTO y
X86_SGX_KVM y X86_SGX y
''; X86_SGX_KVM y
}]; '';
}
];
} }

View file

@ -1,4 +1,11 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: { {
config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "foureighty"; networking.hostName = "foureighty";
imports = [ imports = [
@ -16,9 +23,9 @@
../../mercurial ../../mercurial
]; ];
fileSystems."/" = { options = [ "compress=zstd" ]; }; fileSystems."/" = {options = ["compress=zstd"];};
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = ["aarch64-linux"];
boot.plymouth = { boot.plymouth = {
enable = true; enable = true;
logo = ./boot.png; logo = ./boot.png;
@ -55,13 +62,12 @@
buttonMapping = "1 0 3 4 5 6 7 8 9 10"; buttonMapping = "1 0 3 4 5 6 7 8 9 10";
}; };
}; };
}; };
services.fprintd = { enable = true; }; services.fprintd = {enable = true;};
programs.ccache.enable = true; programs.ccache.enable = true;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ../../home-manager/programs/alacritty.nix ]; imports = [../../home-manager/programs/alacritty.nix];
home.packages = [ home.packages = [
inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux".bisq-desktop inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux".bisq-desktop
]; ];

View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: { {
config,
lib,
pkgs,
inputs,
...
}: {
boot = { boot = {
kernelModules = [ "kvm-intel" ]; kernelModules = ["kvm-intel"];
initrd = { initrd = {
kernelModules = [ "dm-snapshot" ]; kernelModules = ["dm-snapshot"];
availableKernelModules = availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
[ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
}; };
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
@ -13,9 +18,8 @@
loader.efi.efiSysMountPoint = "/boot/efi"; loader.efi.efiSysMountPoint = "/boot/efi";
}; };
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = "/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
"/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
fileSystems."/boot/efi" = { fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/D6C0-1A9D"; device = "/dev/disk/by-uuid/D6C0-1A9D";
@ -25,10 +29,10 @@
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a"; device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" ]; options = ["subvol=@"];
}; };
swapDevices = [ ]; swapDevices = [];
nix.settings = { nix.settings = {
max-jobs = 7; max-jobs = 7;

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
environment.systemPackages = with pkgs; [ libqmi ]; config,
boot.extraModulePackages = with pkgs; [ libqmi ]; pkgs,
boot.kernelModules = [ "qmi_wwan" "qcserial" ]; ...
}: {
environment.systemPackages = with pkgs; [libqmi];
boot.extraModulePackages = with pkgs; [libqmi];
boot.kernelModules = ["qmi_wwan" "qcserial"];
} }

View file

@ -1,6 +1,4 @@
{ pkgs, ... }: {pkgs, ...}: let
let
nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
export __NV_PRIME_RENDER_OFFLOAD=1 export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
@ -17,11 +15,11 @@ let
glxinfo | grep vendor; echo OK!; glxinfo | grep vendor; echo OK!;
''; '';
in { in {
environment.systemPackages = [ nvidia-offload whichgpu nvidiaon ]; environment.systemPackages = [nvidia-offload whichgpu nvidiaon];
hardware.opengl.enable = true; hardware.opengl.enable = true;
hardware.opengl.driSupport32Bit = true; hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [libva];
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia.prime = { hardware.nvidia.prime = {
offload.enable = true; offload.enable = true;
# Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA

View file

@ -1,46 +1,50 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
boot.extraModprobeConfig = "options thinkpad_acpi fan_control=1"; boot.extraModprobeConfig = "options thinkpad_acpi fan_control=1";
services.thinkfan = { services.thinkfan = {
enable = true; enable = true;
levels = [ levels = [
[ 0 0 55 ] [0 0 55]
[ 1 48 60 ] [1 48 60]
[ 2 50 61 ] [2 50 61]
[ 3 52 63 ] [3 52 63]
[ 6 56 70 ] [6 56 70]
[ 7 65 85 ] [7 65 85]
[ "level full-speed" 80 32767 ] ["level full-speed" 80 32767]
]; ];
sensors = [ sensors = [
{ {
type = "hwmon"; type = "hwmon";
query = "/sys/class/hwmon"; query = "/sys/class/hwmon";
name = "coretemp"; name = "coretemp";
indices = [ 1 2 3 4 5 ]; indices = [1 2 3 4 5];
} }
{ {
type = "hwmon"; type = "hwmon";
query = "/sys/class/hwmon"; query = "/sys/class/hwmon";
name = "nvme"; name = "nvme";
indices = [ 1 ]; indices = [1];
} }
{ {
type = "hwmon"; type = "hwmon";
query = "/sys/class/hwmon"; query = "/sys/class/hwmon";
name = "acpitz"; name = "acpitz";
indices = [ 1 ]; indices = [1];
} }
{ {
type = "hwmon"; type = "hwmon";
query = "/sys/class/hwmon"; query = "/sys/class/hwmon";
name = "pch_skylake"; name = "pch_skylake";
indices = [ 1 ]; indices = [1];
} }
{ {
type = "tpacpi"; type = "tpacpi";
query = "/proc/acpi/ibm/thermal"; query = "/proc/acpi/ibm/thermal";
indices = [ 0 1 ]; indices = [0 1];
} }
]; ];
}; };

View file

@ -1,13 +1,19 @@
{ config, pkgs, inputs, lib, ... }: { {
imports = [ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ]; config,
pkgs,
inputs,
lib,
...
}: {
imports = [inputs.nixos-hardware.nixosModules.raspberry-pi-4];
networking = { networking = {
hostName = "homescreen"; hostName = "homescreen";
networkmanager = { enable = true; }; networkmanager = {enable = true;};
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
environment.systemPackages = with pkgs; [ neovim htop btop atop ]; environment.systemPackages = with pkgs; [neovim htop btop atop];
services.fail2ban.enable = true; services.fail2ban.enable = true;
@ -32,7 +38,7 @@
users = { users = {
mutableUsers = false; mutableUsers = false;
users.kiosk = { isNormalUser = true; }; users.kiosk = {isNormalUser = true;};
}; };
users.extraUsers.root.openssh.authorizedKeys.keys = [ users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
@ -41,12 +47,12 @@
"/" = { "/" = {
device = "/dev/disk/by-label/NIXOS_SD"; device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4"; fsType = "ext4";
options = [ "noatime" ]; options = ["noatime"];
}; };
"/boot/firmware" = { "/boot/firmware" = {
device = "/dev/disk/by-label/FIRMWARE"; device = "/dev/disk/by-label/FIRMWARE";
fsType = "vfat"; fsType = "vfat";
options = [ "nofail" "noauto" ]; options = ["nofail" "noauto"];
}; };
}; };
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";

View file

@ -1,29 +1,33 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
package = (pkgs.home-assistant.override { package =
extraPackages = ps: with ps; [ ]; (pkgs.home-assistant.override {
extraComponents = [ extraPackages = ps: with ps; [];
"api" extraComponents = [
"auth" "api"
"cloud" "auth"
"config" "cloud"
"default_config" "config"
"http" "default_config"
"mobile_app" "http"
"onboarding" "mobile_app"
"search" "onboarding"
"ssdp" "search"
"system_log" "ssdp"
"tts" "system_log"
"websocket_api" "tts"
"zeroconf" "websocket_api"
"zwave" "zeroconf"
]; "zwave"
}).overridePythonAttrs { doCheck = false; }; ];
})
.overridePythonAttrs {doCheck = false;};
}; };
} }

View file

@ -1,7 +1,14 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: { {
environment.systemPackages = with pkgs; [ vim nixfmt ]; config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
environment.systemPackages = with pkgs; [vim nixfmt];
imports = [ ../../git ../../mercurial ]; imports = [../../git ../../mercurial];
services.nix-daemon.enable = true; services.nix-daemon.enable = true;
nix = { nix = {
useDaemon = true; useDaemon = true;
@ -38,8 +45,8 @@
system.stateVersion = 4; system.stateVersion = 4;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ]; imports = [];
home.packages = [ ]; home.packages = [];
}; };
} }

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
networking.firewall.allowedTCPPorts = [ 80 443 ]; config,
pkgs,
...
}: {
networking.firewall.allowedTCPPorts = [80 443];
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
networking.hostName = "skinnyv"; networking.hostName = "skinnyv";
imports = [ imports = [
@ -19,7 +23,7 @@
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
services.thermald.enable = true; services.thermald.enable = true;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ../../home-manager/programs/kitty.nix ]; imports = [../../home-manager/programs/kitty.nix];
}; };
} }

View file

@ -1,33 +1,37 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"];
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [];
boot.initrd.kernelModules = [ ]; boot.kernelModules = ["kvm-intel"];
boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [];
boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/9dba116f-c9fe-403a-a8e2-f9fdab23f1f1"; device = "/dev/disk/by-uuid/9dba116f-c9fe-403a-a8e2-f9fdab23f1f1";
fsType = "btrfs"; fsType = "btrfs";
options = [ "compress=zstd" ]; options = ["compress=zstd"];
}; };
boot.initrd.luks.devices."crypt".device = boot.initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/0c192a18-178f-4598-a1ed-5295ef2abdc4";
"/dev/disk/by-uuid/0c192a18-178f-4598-a1ed-5295ef2abdc4";
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/0A6A-AAFC"; device = "/dev/disk/by-uuid/0A6A-AAFC";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [{ swapDevices = [
device = "/swapfile"; {
size = 16 * 1024; device = "/swapfile";
priority = 1; size = 16 * 1024;
}]; priority = 1;
}
];
zramSwap = { zramSwap = {
enable = true; enable = true;

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
networking.hostName = "thinky"; networking.hostName = "thinky";
imports = [ imports = [
@ -23,7 +27,7 @@
algorithm = "zstd"; algorithm = "zstd";
memoryPercent = 50; memoryPercent = 50;
}; };
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ../../home-manager/programs/termite.nix ]; imports = [../../home-manager/programs/termite.nix];
}; };
} }

View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: { {
config,
lib,
pkgs,
inputs,
...
}: {
boot = { boot = {
kernelModules = [ "kvm-intel" ]; kernelModules = ["kvm-intel"];
initrd = { initrd = {
kernelModules = [ "dm-snapshot" ]; kernelModules = ["dm-snapshot"];
availableKernelModules = availableKernelModules = ["ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"];
[ "ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
}; };
loader.grub.enable = true; loader.grub.enable = true;
@ -18,15 +23,14 @@
fsType = "btrfs"; fsType = "btrfs";
}; };
boot.initrd.luks.devices."crypt".device = boot.initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
"/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317"; device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317";
fsType = "ext2"; fsType = "ext2";
}; };
swapDevices = [ ]; swapDevices = [];
nix.settings = { nix.settings = {
max-jobs = 2; max-jobs = 2;

View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
services.xserver.desktopManager.plasma5.enable = lib.mkForce false; services.xserver.desktopManager.plasma5.enable = lib.mkForce false;
@ -7,6 +12,5 @@
virtualisation.virtualbox.guest.enable = true; virtualisation.virtualbox.guest.enable = true;
virtualisation.virtualbox.guest.x11 = true; virtualisation.virtualbox.guest.x11 = true;
imports = imports = [<nixpkgs/nixos/modules/installer/virtualbox-demo.nix> ../common.nix];
[ <nixpkgs/nixos/modules/installer/virtualbox-demo.nix> ../common.nix ];
} }

View file

@ -1,10 +1,12 @@
{ config, pkgs, ... }: {
let config,
pkgs,
...
}: let
genericBackupPath = "/var/lib/backups/"; genericBackupPath = "/var/lib/backups/";
containersBackupPath = "${genericBackupPath}/oci-containers/"; containersBackupPath = "${genericBackupPath}/oci-containers/";
in rec { in rec {
environment.systemPackages = with pkgs; [restic];
environment.systemPackages = with pkgs; [ restic ];
sops.secrets."restic-backups-b2-repo-password" = { sops.secrets."restic-backups-b2-repo-password" = {
sopsFile = ./restic.sops.yaml; sopsFile = ./restic.sops.yaml;
@ -28,9 +30,8 @@ in rec {
mkdir -p ${containersBackupPath}/ mkdir -p ${containersBackupPath}/
${pkgs.podman}/bin/podman volume export woodpecker-server-data -o ${containersBackupPath}/woodpecker.tar ${pkgs.podman}/bin/podman volume export woodpecker-server-data -o ${containersBackupPath}/woodpecker.tar
''; '';
timerConfig = { OnCalendar = "hourly"; }; timerConfig = {OnCalendar = "hourly";};
environmentFile = environmentFile = "${config.sops.secrets.restic-backups-b2-environment.path}";
"${config.sops.secrets.restic-backups-b2-environment.path}";
}; };
}; };

View file

@ -1,8 +1,11 @@
{ config, pkgs, inputs, lib, ... }:
{ {
config,
imports = [ ../nginx.nix ]; pkgs,
inputs,
lib,
...
}: {
imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
@ -13,5 +16,4 @@
}; };
}; };
}; };
} }

View file

@ -1,15 +1,18 @@
{ config, pkgs, inputs, lib, ... }:
{ {
config,
imports = [ ../nginx.nix ]; pkgs,
inputs,
lib,
...
}: {
imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"notes.purrfect.estate" = { "notes.purrfect.estate" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
serverAliases = [ "notes-sandbox.purrfect.estate" ]; serverAliases = ["notes-sandbox.purrfect.estate"];
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:9005"; proxyPass = "http://127.0.0.1:9005";
proxyWebsockets = true; proxyWebsockets = true;
@ -36,7 +39,6 @@
CPAD_TRUSTED_PROXY = "0.0.0.0/0"; CPAD_TRUSTED_PROXY = "0.0.0.0/0";
CPAD_HTTP2_DISABLE = "true"; CPAD_HTTP2_DISABLE = "true";
}; };
ports = [ "9005:80" ]; ports = ["9005:80"];
}; };
} }

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
networking.hostName = "vpsfree1"; networking.hostName = "vpsfree1";
imports = [ imports = [
@ -24,7 +30,7 @@
DefaultTimeoutStartSec=900s DefaultTimeoutStartSec=900s
''; '';
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = ["aarch64-linux"];
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
nix.settings.cores = 8; nix.settings.cores = 8;
} }

View file

@ -1,72 +1,85 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
port = 8081; port = 8081;
domain = "fossil.cyplo.dev"; domain = "fossil.cyplo.dev";
baseurl = "https://${domain}"; baseurl = "https://${domain}";
path = "/var/lib/fossil"; path = "/var/lib/fossil";
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = { "${domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { proxyPass = "http://localhost:" + toString port; }; locations."/" = {proxyPass = "http://localhost:" + toString port;};
}; };
}; };
}; };
containers.fossil = { containers.fossil = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = port; {
hostPort = port; containerPort = port;
}]; hostPort = port;
}
];
bindMounts = { bindMounts = {
"${path}" = { "${path}" = {
hostPath = "${path}"; hostPath = "${path}";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { config, pkgs, ... }: config = {
let config,
user = "fossil"; pkgs,
group = "fossil"; ...
in { }: let
system.stateVersion = "22.05"; user = "fossil";
environment.systemPackages = [ pkgs.fossil ]; group = "fossil";
users.groups = { "${group}" = { }; }; in {
users.users = { system.stateVersion = "22.05";
fossil = { environment.systemPackages = [pkgs.fossil];
inherit group; users.groups = {"${group}" = {};};
description = "Fossil Service"; users.users = {
home = path; fossil = {
useDefaultShell = true; inherit group;
isSystemUser = true; description = "Fossil Service";
}; home = path;
}; useDefaultShell = true;
isSystemUser = true;
systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
systemd.services.fossil = {
description = "fossil server";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.fossil pkgs.git ];
serviceConfig = {
User = user;
Group = group;
WorkingDirectory = path;
ReadWritePaths = [ path ];
ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost"
+ " --https" + " --port ${toString port}"
+ " --baseurl ${baseurl}" + " --repolist ${path}";
Restart = "always";
RestartSec = 3;
};
}; };
}; };
systemd.tmpfiles.rules = ["d '${path}' 0770 ${user} ${group} - -"];
systemd.services.fossil = {
description = "fossil server";
after = ["network-online.target"];
wantedBy = ["multi-user.target"];
path = [pkgs.fossil pkgs.git];
serviceConfig = {
User = user;
Group = group;
WorkingDirectory = path;
ReadWritePaths = [path];
ExecStart =
"${pkgs.fossil}/bin/fossil server"
+ " --localhost"
+ " --https"
+ " --port ${toString port}"
+ " --baseurl ${baseurl}"
+ " --repolist ${path}";
Restart = "always";
RestartSec = 3;
};
};
};
}; };
} }

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
foundryvtt = pkgs.fetchzip { foundryvtt = pkgs.fetchzip {
name = "foundryvtt"; name = "foundryvtt";
url = "file:///" + ./FoundryVTT-10.290.zip; url = "file:///" + ./FoundryVTT-10.290.zip;
@ -8,7 +13,7 @@ let
stripRoot = false; stripRoot = false;
}; };
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
clientMaxBodySize = "300M"; clientMaxBodySize = "300M";
@ -36,21 +41,27 @@ in {
containers.foundryvtt = { containers.foundryvtt = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = 30000; {
hostPort = 30000; containerPort = 30000;
}]; hostPort = 30000;
}
];
bindMounts = { bindMounts = {
"/var/lib/foundryvtt" = { "/var/lib/foundryvtt" = {
hostPath = "/var/lib/foundryvtt"; hostPath = "/var/lib/foundryvtt";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { config, pkgs, ... }: { config = {
config,
pkgs,
...
}: {
system.stateVersion = "22.05"; system.stateVersion = "22.05";
systemd.services."foundryvtt" = { systemd.services."foundryvtt" = {
requires = [ "network-online.target" ]; requires = ["network-online.target"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
script = '' script = ''
mkdir -p /var/lib/foundryvtt mkdir -p /var/lib/foundryvtt
${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt ${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt
@ -61,15 +72,21 @@ in {
}; };
containers.foundryvtt-test = { containers.foundryvtt-test = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = 30001; {
hostPort = 30001; containerPort = 30001;
}]; hostPort = 30001;
config = { config, pkgs, ... }: { }
];
config = {
config,
pkgs,
...
}: {
system.stateVersion = "22.05"; system.stateVersion = "22.05";
systemd.services."foundryvtt" = { systemd.services."foundryvtt" = {
requires = [ "network-online.target" ]; requires = ["network-online.target"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
script = '' script = ''
mkdir -p /var/lib/foundryvtt mkdir -p /var/lib/foundryvtt
${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt --port=30001 ${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt --port=30001

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
httpPort = 8083; httpPort = 8083;
sshPort = 22; sshPort = 22;
domain = "git.cyplo.dev"; domain = "git.cyplo.dev";
@ -21,18 +26,18 @@ let
}; };
groups."${systemGroupName}" = { groups."${systemGroupName}" = {
inherit gid; inherit gid;
members = [ "${systemUserName}" "nginx" ]; members = ["${systemUserName}" "nginx"];
}; };
}; };
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
inherit users; inherit users;
boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; }; boot.kernel.sysctl = {"net.ipv4.ip_unprivileged_port_start" = 0;};
systemd.services.systemd-sysctl.enable = lib.mkForce true; systemd.services.systemd-sysctl.enable = lib.mkForce true;
networking.firewall.allowedTCPPorts = [ sshPort ]; networking.firewall.allowedTCPPorts = [sshPort];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = { "${domain}" = {
@ -74,12 +79,19 @@ in {
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { config, pkgs, lib, ... }: { config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "22.05"; system.stateVersion = "22.05";
users = users // { users =
mutableUsers = false; users
allowNoPasswordLogin = true; // {
}; mutableUsers = false;
allowNoPasswordLogin = true;
};
services.gitea = { services.gitea = {
inherit domain httpPort; inherit domain httpPort;
enable = true; enable = true;
@ -104,7 +116,6 @@ in {
IS_TLS_ENABLED = true; IS_TLS_ENABLED = true;
USER = "postmaster@${emailDomain}"; USER = "postmaster@${emailDomain}";
}; };
}; };
}; };
}; };

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
domain = "peninsula.industries"; domain = "peninsula.industries";
streamingPort = 55000; streamingPort = 55000;
webPort = 55001; webPort = 55001;
@ -22,7 +27,7 @@ let
}; };
groups."${systemGroupName}" = { groups."${systemGroupName}" = {
inherit gid; inherit gid;
members = [ "${systemUserName}" "nginx" ]; members = ["${systemUserName}" "nginx"];
}; };
}; };
secretSettings = { secretSettings = {
@ -33,7 +38,7 @@ let
package = package =
inputs.nixpkgs-nixos-unstable.legacyPackages."${pkgs.system}".mastodon; inputs.nixpkgs-nixos-unstable.legacyPackages."${pkgs.system}".mastodon;
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
@ -42,7 +47,7 @@ in {
enableACME = true; enableACME = true;
root = "${package}/public/"; root = "${package}/public/";
locations."/" = { tryFiles = "$uri @proxy"; }; locations."/" = {tryFiles = "$uri @proxy";};
locations."/system/".alias = "${publicPath}"; locations."/system/".alias = "${publicPath}";
locations."@proxy" = { locations."@proxy" = {
@ -57,14 +62,18 @@ in {
}; };
}; };
sops.secrets."${mailgunSmtpSecretName}" = { sops.secrets."${mailgunSmtpSecretName}" =
sopsFile = ./mailgun.sops.yaml; {
path = mailgunSmtpPasswordPath; sopsFile = ./mailgun.sops.yaml;
} // secretSettings; path = mailgunSmtpPasswordPath;
sops.secrets."${mastodonDbSecretName}" = { }
sopsFile = ./mastodon-db.sops.yaml; // secretSettings;
path = mastodonDbSecretPath; sops.secrets."${mastodonDbSecretName}" =
} // secretSettings; {
sopsFile = ./mastodon-db.sops.yaml;
path = mastodonDbSecretPath;
}
// secretSettings;
inherit users; inherit users;
@ -84,7 +93,7 @@ in {
ProtectSystem = "strict"; ProtectSystem = "strict";
ReadWritePaths = path; ReadWritePaths = path;
}; };
before = [ "container@mastodon.service" ]; before = ["container@mastodon.service"];
}; };
containers.mastodon = { containers.mastodon = {
@ -113,13 +122,20 @@ in {
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { config, pkgs, lib, ... }: { config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "22.05"; system.stateVersion = "22.05";
services.postgresql.port = postgresPort; services.postgresql.port = postgresPort;
users = users // { users =
mutableUsers = false; users
allowNoPasswordLogin = true; // {
}; mutableUsers = false;
allowNoPasswordLogin = true;
};
services.mastodon = { services.mastodon = {
enable = true; enable = true;
inherit package; inherit package;
@ -151,6 +167,5 @@ in {
}; };
}; };
}; };
}; };
} }

View file

@ -1,21 +1,24 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"cyplo.dev" = { "cyplo.dev" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."= /.well-known/matrix/server".extraConfig = locations."= /.well-known/matrix/server".extraConfig = let
let server = { "m.server" = "cyplo.dev:443"; }; server = {"m.server" = "cyplo.dev:443";};
in '' in ''
add_header Content-Type application/json; add_header Content-Type application/json;
return 200 '${builtins.toJSON server}'; return 200 '${builtins.toJSON server}';
''; '';
locations."= /.well-known/matrix/client".extraConfig = let locations."= /.well-known/matrix/client".extraConfig = let
client = { client = {
"m.homeserver" = { "base_url" = "https://cyplo.dev"; }; "m.homeserver" = {"base_url" = "https://cyplo.dev";};
"m.identity_server" = { "base_url" = "https://vector.im"; }; "m.identity_server" = {"base_url" = "https://vector.im";};
}; };
in '' in ''
add_header Content-Type application/json; add_header Content-Type application/json;
@ -33,5 +36,4 @@
}; };
}; };
}; };
} }

View file

@ -1,63 +1,74 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
port = 8080; port = 8080;
domain = "news.cyplo.dev"; domain = "news.cyplo.dev";
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = { "${domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:" + toString port; }; locations."/" = {proxyPass = "http://127.0.0.1:" + toString port;};
}; };
}; };
}; };
containers.rss = { containers.rss = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = port; {
hostPort = port; containerPort = port;
}]; hostPort = port;
config = { config, pkgs, ... }: }
let ];
inherit (config.services.tt-rss) pool; config = {
inherit (config.services.tt-rss) root; config,
in { pkgs,
system.stateVersion = "22.05"; ...
services.tt-rss = { }: let
enable = true; inherit (config.services.tt-rss) pool;
selfUrlPath = "https://${domain}"; inherit (config.services.tt-rss) root;
virtualHost = null; in {
registration.enable = false; system.stateVersion = "22.05";
simpleUpdateMode = true; services.tt-rss = {
}; enable = true;
services.nginx = { selfUrlPath = "https://${domain}";
enable = true; virtualHost = null;
virtualHosts = { registration.enable = false;
"${domain}" = { simpleUpdateMode = true;
listen = [{ };
services.nginx = {
enable = true;
virtualHosts = {
"${domain}" = {
listen = [
{
inherit port; inherit port;
addr = "0.0.0.0"; addr = "0.0.0.0";
}]; }
root = "${root}/www"; ];
locations."/" = { index = "index.php"; }; root = "${root}/www";
locations."^~ /feed-icons" = { root = "${root}"; }; locations."/" = {index = "index.php";};
locations."~ \\.php$" = { locations."^~ /feed-icons" = {root = "${root}";};
extraConfig = '' locations."~ \\.php$" = {
fastcgi_split_path_info ^(.+\.php)(/.+)$; extraConfig = ''
fastcgi_pass unix:${ fastcgi_split_path_info ^(.+\.php)(/.+)$;
config.services.phpfpm.pools.${pool}.socket fastcgi_pass unix:${
}; config.services.phpfpm.pools.${pool}.socket
fastcgi_index index.php; };
''; fastcgi_index index.php;
}; '';
}; };
}; };
}; };
}; };
};
}; };
} }

View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"search.cyplo.dev" = { "search.cyplo.dev" = {
@ -12,7 +15,7 @@
proxy_send_timeout 60s; proxy_send_timeout 60s;
proxy_read_timeout 60s; proxy_read_timeout 60s;
''; '';
locations."/" = { proxyPass = "http://localhost:8888"; }; locations."/" = {proxyPass = "http://localhost:8888";};
}; };
}; };
}; };
@ -25,4 +28,3 @@
}; };
}; };
} }

View file

@ -1,9 +1,13 @@
{ config, pkgs, ... }: {
let port = 2222; config,
pkgs,
...
}: let
port = 2222;
in { in {
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = [ port ]; ports = [port];
}; };
networking.firewall.allowedTCPPorts = [ port ]; networking.firewall.allowedTCPPorts = [port];
} }

View file

@ -1,9 +1,14 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
networking.firewall.allowedTCPPorts = [ 22067 22070 ]; pkgs,
inputs,
lib,
...
}: {
networking.firewall.allowedTCPPorts = [22067 22070];
services.syncthing.relay = { services.syncthing.relay = {
enable = true; enable = true;
listenAddress = "vpsfree1.cyplo.github.beta.tailscale.net"; listenAddress = "vpsfree1.cyplo.github.beta.tailscale.net";
pools = [ "" ]; # private relay pools = [""]; # private relay
}; };
} }

View file

@ -5,21 +5,27 @@
# from vpsAdminOS repository: # from vpsAdminOS repository:
# #
# https://github.com/vpsfreecz/vpsadminos/blob/staging/os/lib/nixos-container/vpsadminos.nix # https://github.com/vpsfreecz/vpsadminos/blob/staging/os/lib/nixos-container/vpsadminos.nix
{
{ config, pkgs, lib, ... }: config,
with lib; pkgs,
let nameservers = [ "1.1.1.1" "2606:4700:4700::1111" ]; lib,
...
}:
with lib; let
nameservers = ["1.1.1.1" "2606:4700:4700::1111"];
in { in {
networking.nameservers = mkDefault nameservers; networking.nameservers = mkDefault nameservers;
services.resolved = mkDefault { fallbackDns = nameservers; }; services.resolved = mkDefault {fallbackDns = nameservers;};
networking.dhcpcd.extraConfig = "noipv4ll"; networking.dhcpcd.extraConfig = "noipv4ll";
systemd.services.systemd-sysctl.enable = false; systemd.services.systemd-sysctl.enable = false;
systemd.sockets."systemd-journald-audit".enable = false; systemd.sockets."systemd-journald-audit".enable = false;
systemd.mounts = [{ systemd.mounts = [
where = "/sys/kernel/debug"; {
enable = false; where = "/sys/kernel/debug";
}]; enable = false;
}
];
systemd.services.systemd-udev-trigger.enable = false; systemd.services.systemd-udev-trigger.enable = false;
systemd.services.rpc-gssd.enable = false; systemd.services.rpc-gssd.enable = false;
@ -27,7 +33,8 @@ in {
boot.enableContainers = mkDefault true; boot.enableContainers = mkDefault true;
boot.loader.initScript.enable = true; boot.loader.initScript.enable = true;
boot.specialFileSystems."/run/keys".fsType = mkForce "tmpfs"; boot.specialFileSystems."/run/keys".fsType = mkForce "tmpfs";
boot.systemdExecutable = mkDefault boot.systemdExecutable =
mkDefault
"/run/current-system/systemd/lib/systemd/systemd systemd.unified_cgroup_hierarchy=0"; "/run/current-system/systemd/lib/systemd/systemd systemd.unified_cgroup_hierarchy=0";
# Overrides for <nixpkgs/nixos/modules/virtualisation/container-config.nix> # Overrides for <nixpkgs/nixos/modules/virtualisation/container-config.nix>
@ -39,10 +46,10 @@ in {
# Bring up the network, /ifcfg.{add,del} are supplied by the vpsAdminOS host # Bring up the network, /ifcfg.{add,del} are supplied by the vpsAdminOS host
systemd.services.networking-setup = { systemd.services.networking-setup = {
description = "Load network configuration provided by the vpsAdminOS host"; description = "Load network configuration provided by the vpsAdminOS host";
before = [ "network.target" ]; before = ["network.target"];
wantedBy = [ "network.target" ]; wantedBy = ["network.target"];
after = [ "network-pre.target" ]; after = ["network-pre.target"];
path = [ pkgs.iproute ]; path = [pkgs.iproute];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;

View file

@ -1,27 +1,30 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
httpPort = 8000; httpPort = 8000;
agentPort = 9000; agentPort = 9000;
domain = "ci.cyplo.dev"; domain = "ci.cyplo.dev";
path = "/var/lib/woodpecker"; path = "/var/lib/woodpecker";
serverContainerName = "woodpecker-server"; serverContainerName = "woodpecker-server";
agent = { agent = {
dependsOn = [ "${serverContainerName}" ]; dependsOn = ["${serverContainerName}"];
volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock" ]; volumes = ["/var/run/podman/podman.sock:/var/run/docker.sock"];
image = image = "woodpeckerci/woodpecker-agent@sha256:9a98e25ca6fcf7c437ad355cfce53a696c55b9864399a4d456429a20bfb44545";
"woodpeckerci/woodpecker-agent@sha256:9a98e25ca6fcf7c437ad355cfce53a696c55b9864399a4d456429a20bfb44545"; environmentFiles = ["${config.sops.secrets.gitea-env.path}"];
environmentFiles = [ "${config.sops.secrets.gitea-env.path}" ];
environment = { environment = {
WOODPECKER_SERVER = "${serverContainerName}:${toString agentPort}"; WOODPECKER_SERVER = "${serverContainerName}:${toString agentPort}";
WOODPECKER_MAX_PROCS = "1"; WOODPECKER_MAX_PROCS = "1";
WOODPECKER_DEBUG_PRETTY = "true"; WOODPECKER_DEBUG_PRETTY = "true";
WOODPECKER_LOG_LEVEL = "info"; WOODPECKER_LOG_LEVEL = "info";
}; };
extraOptions = [ "--network=woodpecker" ]; extraOptions = ["--network=woodpecker"];
}; };
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
@ -43,10 +46,9 @@ in {
virtualisation.podman.defaultNetwork.dnsname.enable = true; virtualisation.podman.defaultNetwork.dnsname.enable = true;
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
"${serverContainerName}" = { "${serverContainerName}" = {
image = image = "woodpeckerci/woodpecker-server@sha256:e6027e46a782d50790183b7274a2a2ad3a6c6fb9a645e6af81a16419613c28ea";
"woodpeckerci/woodpecker-server@sha256:e6027e46a782d50790183b7274a2a2ad3a6c6fb9a645e6af81a16419613c28ea"; volumes = ["woodpecker-server-data:${path}"];
volumes = [ "woodpecker-server-data:${path}" ]; environmentFiles = ["${config.sops.secrets.gitea-env.path}"];
environmentFiles = [ "${config.sops.secrets.gitea-env.path}" ];
environment = { environment = {
WOODPECKER_OPEN = "false"; WOODPECKER_OPEN = "false";
WOODPECKER_ADMIN = "cyplo"; WOODPECKER_ADMIN = "cyplo";
@ -54,13 +56,12 @@ in {
WOODPECKER_GITEA = "true"; WOODPECKER_GITEA = "true";
WOODPECKER_GITEA_URL = "https://git.cyplo.dev"; WOODPECKER_GITEA_URL = "https://git.cyplo.dev";
}; };
ports = [ "${toString httpPort}:${toString httpPort}" ]; ports = ["${toString httpPort}:${toString httpPort}"];
extraOptions = [ "--network=woodpecker" ]; extraOptions = ["--network=woodpecker"];
}; };
woodpecker-agent1 = agent; woodpecker-agent1 = agent;
woodpecker-agent2 = agent; woodpecker-agent2 = agent;
woodpecker-agent3 = agent; woodpecker-agent3 = agent;
woodpecker-agent4 = agent; woodpecker-agent4 = agent;
}; };
} }

View file

@ -1,18 +1,25 @@
{ config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: { {
config,
pkgs,
inputs,
lib,
system,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "yoga"; networking.hostName = "yoga";
imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ]; imports = [./hardware-configuration.nix ../../boot.nix ../../git];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
hardware.trackpoint.enable = true; hardware.trackpoint.enable = true;
services.hardware.bolt.enable = true; services.hardware.bolt.enable = true;
services.fprintd = { enable = true; }; services.fprintd = {enable = true;};
home-manager.users.cyryl = { lib, ... }: { home-manager.users.cyryl = {lib, ...}: {
home.packages = with pkgs; [ firefox vim gnome3.gedit git ]; home.packages = with pkgs; [firefox vim gnome3.gedit git];
}; };
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
@ -49,11 +56,9 @@
users.users.cyryl = { users.users.cyryl = {
isNormalUser = true; isNormalUser = true;
description = "cyryl"; description = "cyryl";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = ["networkmanager" "wheel"];
packages = with pkgs; packages = with pkgs; [
[ ];
];
}; };
services.fwupd.enable = true; services.fwupd.enable = true;
@ -75,6 +80,5 @@
''; '';
}; };
system = { stateVersion = "22.05"; }; system = {stateVersion = "22.05";};
} }

View file

@ -1,40 +1,39 @@
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = [ ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [];
boot.initrd.kernelModules = [ ]; boot.kernelModules = ["kvm-intel"];
boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [];
boot.extraModulePackages = [ ];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
boot.initrd.luks.devices."luks-e6cb9de6-a571-4462-ba9e-6f8dafdd3d21".device = boot.initrd.luks.devices."luks-e6cb9de6-a571-4462-ba9e-6f8dafdd3d21".device = "/dev/disk/by-uuid/e6cb9de6-a571-4462-ba9e-6f8dafdd3d21";
"/dev/disk/by-uuid/e6cb9de6-a571-4462-ba9e-6f8dafdd3d21"; boot.initrd.luks.devices."luks-e6cb9de6-a571-4462-ba9e-6f8dafdd3d21".keyFile = "/crypto_keyfile.bin";
boot.initrd.luks.devices."luks-e6cb9de6-a571-4462-ba9e-6f8dafdd3d21".keyFile =
"/crypto_keyfile.bin";
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/d19afedb-d03b-4a85-9ad7-d99d2ed057c5"; device = "/dev/disk/by-uuid/d19afedb-d03b-4a85-9ad7-d99d2ed057c5";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."luks-10f9ad25-cff6-4a5c-ae92-4847e1374b2d".device = boot.initrd.luks.devices."luks-10f9ad25-cff6-4a5c-ae92-4847e1374b2d".device = "/dev/disk/by-uuid/10f9ad25-cff6-4a5c-ae92-4847e1374b2d";
"/dev/disk/by-uuid/10f9ad25-cff6-4a5c-ae92-4847e1374b2d";
fileSystems."/boot/efi" = { fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/5A4D-EDA3"; device = "/dev/disk/by-uuid/5A4D-EDA3";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices = [{device = "/dev/disk/by-uuid/5c9ab30b-9128-4c31-b392-785e7acbc0d2";}];
[{ device = "/dev/disk/by-uuid/5c9ab30b-9128-4c31-b392-785e7acbc0d2"; }];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

View file

@ -1,33 +1,41 @@
{ config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: { {
boot.kernelModules = [ "fuse" ]; config,
pkgs,
nixpkgs-nixos-unstable-and-unfree,
lib,
...
}: {
boot.kernelModules = ["fuse"];
services.smartd.enable = true; services.smartd.enable = true;
sound.enable = true; sound.enable = true;
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
dispatcherScripts = [{ dispatcherScripts = [
source = pkgs.writeText "upHook" '' {
enable_disable_wifi () source = pkgs.writeText "upHook" ''
{ enable_disable_wifi ()
result=$(nmcli dev | grep "ethernet" | grep -w "connected") {
if [ -n "$result" ]; then result=$(nmcli dev | grep "ethernet" | grep -w "connected")
nmcli radio wifi off if [ -n "$result" ]; then
else nmcli radio wifi off
nmcli radio wifi on else
nmcli radio wifi on
fi
}
if [ "$2" = "up" ]; then
enable_disable_wifi
fi fi
}
if [ "$2" = "up" ]; then if [ "$2" = "down" ]; then
enable_disable_wifi enable_disable_wifi
fi fi
'';
if [ "$2" = "down" ]; then type = "basic";
enable_disable_wifi }
fi ];
'';
type = "basic";
}];
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
@ -36,7 +44,7 @@
enable = true; enable = true;
package = pkgs.pulseaudioFull; package = pkgs.pulseaudioFull;
support32Bit = true; support32Bit = true;
extraModules = [ ]; extraModules = [];
daemon.config = { daemon.config = {
nice-level = -15; nice-level = -15;
realtime-scheduling = "yes"; realtime-scheduling = "yes";
@ -46,12 +54,12 @@
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
package = pkgs.bluezFull; package = pkgs.bluezFull;
settings = { General = { Enable = "Source,Sink,Media,Socket"; }; }; settings = {General = {Enable = "Source,Sink,Media,Socket";};};
}; };
services.blueman.enable = true; services.blueman.enable = true;
environment.systemPackages = with pkgs; [ ghostscript poppler ]; environment.systemPackages = with pkgs; [ghostscript poppler];
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [
@ -69,8 +77,7 @@
description = "Epson XP-540 via bolty"; description = "Epson XP-540 via bolty";
name = "epson_xp540_via_bolty"; name = "epson_xp540_via_bolty";
deviceUri = "ipp://bolty:631/printers/epson_xp540"; deviceUri = "ipp://bolty:631/printers/epson_xp540";
model = model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
"epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
ppdOptions = { ppdOptions = {
PageSize = "A4"; PageSize = "A4";
Duplex = "DuplexNoTumble"; Duplex = "DuplexNoTumble";
@ -79,8 +86,7 @@
{ {
description = "Samsung SCX-4623 Series"; description = "Samsung SCX-4623 Series";
name = "samsung-SCX-4623"; name = "samsung-SCX-4623";
deviceUri = deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
"usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
model = "samsung/SCX-4623FW.ppd"; model = "samsung/SCX-4623FW.ppd";
ppdOptions = { ppdOptions = {
PageSize = "A4"; PageSize = "A4";
@ -89,7 +95,7 @@
} }
]; ];
services.udev.packages = [ pkgs.utsushi ]; services.udev.packages = [pkgs.utsushi];
hardware.sane = { hardware.sane = {
enable = true; enable = true;
snapshot = true; snapshot = true;

View file

@ -1,8 +1,12 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
console.keyMap = "pl"; console.keyMap = "pl";
imports = [ ./tailscale ]; imports = [./tailscale];
services = { services = {
udev.packages = [ pkgs.android-udev-rules ]; udev.packages = [pkgs.android-udev-rules];
ratbagd.enable = true; ratbagd.enable = true;
fwupd = { fwupd = {
@ -12,7 +16,7 @@
tlp = { tlp = {
enable = true; enable = true;
settings = { "DISK_IOSCHED" = "mq-deadline"; }; settings = {"DISK_IOSCHED" = "mq-deadline";};
}; };
upower.enable = true; upower.enable = true;
@ -41,7 +45,6 @@
Option "TearFree" "true" Option "TearFree" "true"
Option "AccelMethod" "sna" Option "AccelMethod" "sna"
''; '';
}; };
}; };
} }

View file

@ -1,5 +1,11 @@
{ config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }: {
let config,
pkgs,
lib,
inputs,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
stateVersion = "22.05"; stateVersion = "22.05";
username = "cyryl"; username = "cyryl";
in { in {
@ -51,10 +57,9 @@ in {
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
networking.nameservers = networking.nameservers = ["91.239.100.100" "89.233.43.71" "1.1.1.1" "8.8.8.8"];
[ "91.239.100.100" "89.233.43.71" "1.1.1.1" "8.8.8.8" ];
networking.hosts = { "10.11.99.1" = [ "remarkable" ]; }; networking.hosts = {"10.11.99.1" = ["remarkable"];};
programs.light.enable = true; programs.light.enable = true;
programs.adb.enable = true; programs.adb.enable = true;
@ -64,29 +69,24 @@ in {
enable = true; enable = true;
autoPrune.enable = true; autoPrune.enable = true;
daemon.settings = { daemon.settings = {
"insecure-registries" = [ "vpsfree1.raptor-carp.ts.net:5000" ]; "insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"];
}; };
}; };
fonts.fontconfig = { fonts.fontconfig = {
enable = true; enable = true;
defaultFonts.monospace = [ "Berkeley Mono" ]; defaultFonts.monospace = ["Berkeley Mono"];
}; };
fonts.fonts = with pkgs; fonts.fonts = with pkgs; [
[ (runCommand "berkeley-fonts" {} ''
(runCommand "berkeley-fonts" { } '' mkdir -vp "$out/share/fonts/opentype"
mkdir -vp "$out/share/fonts/opentype" mkdir -vp "$out/share/fonts/truetype"
mkdir -vp "$out/share/fonts/truetype" ${pkgs.unzip}/bin/unzip ${./fonts.zip} \*.otf -d $out/share/fonts/opentype
${pkgs.unzip}/bin/unzip ${ ${pkgs.unzip}/bin/unzip ${./fonts.zip} \*.ttf -d $out/share/fonts/truetype
./fonts.zip
} \*.otf -d $out/share/fonts/opentype
${pkgs.unzip}/bin/unzip ${
./fonts.zip
} \*.ttf -d $out/share/fonts/truetype
'') '')
]; ];
nix = { nix = {
settings.auto-optimise-store = true; settings.auto-optimise-store = true;
@ -98,5 +98,5 @@ in {
''; '';
}; };
system = { inherit stateVersion; }; system = {inherit stateVersion;};
} }

View file

@ -1,25 +1,30 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''
Host vpsfree1 Host vpsfree1
HostName vpsfree1 HostName vpsfree1
Port 2222 Port 2222
StrictHostKeyChecking=accept-new StrictHostKeyChecking=accept-new
''; '';
nix.buildMachines = [{ nix.buildMachines = [
hostName = "bolty"; {
sshUser = "nix-builder"; hostName = "bolty";
sshKey = "/home/cyryl/.ssh/id_ed25519"; sshUser = "nix-builder";
systems = [ "i686-linux" "x86_64-linux" "aarch64-linux" ]; sshKey = "/home/cyryl/.ssh/id_ed25519";
maxJobs = 2; systems = ["i686-linux" "x86_64-linux" "aarch64-linux"];
speedFactor = 1; maxJobs = 2;
supportedFeatures = [ "kvm" "big-parallel" ]; speedFactor = 1;
mandatoryFeatures = [ ]; supportedFeatures = ["kvm" "big-parallel"];
}]; mandatoryFeatures = [];
}
];
nix.extraOptions = '' nix.extraOptions = ''
builders-use-substitutes = true builders-use-substitutes = true
''; '';
nix.distributedBuilds = true; nix.distributedBuilds = true;
} }

View file

@ -1,11 +1,16 @@
{ config, pkgs, inputs, ... }: {
let unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system}; config,
pkgs,
inputs,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
in { in {
home-manager.users.cyryl = { home-manager.users.cyryl = {
accounts.email.accounts.cyplo = { accounts.email.accounts.cyplo = {
primary = true; primary = true;
address = "cyplo@cyplo.dev"; address = "cyplo@cyplo.dev";
aliases = [ "cyplo@cyplo.net" ]; aliases = ["cyplo@cyplo.net"];
realName = "Cyryl Płotnicki"; realName = "Cyryl Płotnicki";
userName = "cyplo@cyplo.dev"; userName = "cyplo@cyplo.dev";
imap = { imap = {
@ -52,14 +57,14 @@ in {
programs.mbsync.enable = true; programs.mbsync.enable = true;
programs.msmtp.enable = true; programs.msmtp.enable = true;
programs.neomutt = { enable = true; }; programs.neomutt = {enable = true;};
programs.notmuch = { programs.notmuch = {
enable = true; enable = true;
hooks.preNew = "${pkgs.isync}/bin/mbsync -a"; hooks.preNew = "${pkgs.isync}/bin/mbsync -a";
}; };
programs.alot = { enable = true; }; programs.alot = {enable = true;};
home.packages = with pkgs; [ unstable.protonmail-bridge ]; home.packages = with pkgs; [unstable.protonmail-bridge];
services.mbsync.enable = true; services.mbsync.enable = true;
@ -69,11 +74,9 @@ in {
systemd.user.services."proton-bridge" = { systemd.user.services."proton-bridge" = {
Unit.Description = "Bridge to ProtonMail"; Unit.Description = "Bridge to ProtonMail";
Install.WantedBy = [ "default.target" "mbsync.service" ]; Install.WantedBy = ["default.target" "mbsync.service"];
Service.ExecStart = Service.ExecStart = "${unstable.protonmail-bridge}/bin/protonmail-bridge --noninteractive";
"${unstable.protonmail-bridge}/bin/protonmail-bridge --noninteractive";
Service.Environment = "PATH=${pkgs.pass}/bin:${pkgs.gnupg}/bin"; Service.Environment = "PATH=${pkgs.pass}/bin:${pkgs.gnupg}/bin";
}; };
}; };
} }

View file

@ -1,7 +1,11 @@
{ config, pkgs, ... }: { {
services = { }; config,
pkgs,
...
}: {
services = {};
xsession = { enable = false; }; xsession = {enable = false;};
programs.gnome-terminal = { programs.gnome-terminal = {
enable = true; enable = true;

View file

@ -1,8 +1,11 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.xserver = { services.xserver = {
enable = true; enable = true;
desktopManager.enlightenment.enable = true; desktopManager.enlightenment.enable = true;
}; };
users.users.cyryl.packages = with pkgs; [ ]; users.users.cyryl.packages = with pkgs; [];
} }

View file

@ -1,6 +1,10 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.xserver = { services.xserver = {
videoDrivers = [ "intel" ]; videoDrivers = ["intel"];
deviceSection = '' deviceSection = ''
Option "DRI" "2" Option "DRI" "2"
Option "TearFree" "true" Option "TearFree" "true"
@ -20,8 +24,7 @@
nixpkgs.config = { nixpkgs.config = {
packageOverrides = pkgs: { packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
}; };
}; };
} }

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
services.xserver = { videoDrivers = [ "modesetting" ]; }; config,
pkgs,
...
}: {
services.xserver = {videoDrivers = ["modesetting"];};
hardware.opengl = { hardware.opengl = {
enable = true; enable = true;
@ -14,8 +18,7 @@
nixpkgs.config = { nixpkgs.config = {
packageOverrides = pkgs: { packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
}; };
}; };
} }

View file

@ -1,3 +1,8 @@
{ config, pkgs, lib, ... }: { {
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; config,
pkgs,
lib,
...
}: {
home-manager.users.cyryl = {...}: {imports = [./home.nix];};
} }

View file

@ -1,4 +1,9 @@
{ config, pkgs, inputs, ... }: { {
config,
pkgs,
inputs,
...
}: {
programs.git = { programs.git = {
enable = true; enable = true;
lfs.enable = true; lfs.enable = true;
@ -13,7 +18,7 @@
}; };
extraConfig = { extraConfig = {
colour.ui = true; colour.ui = true;
credential = { helper = "cache"; }; credential = {helper = "cache";};
diff.algorithm = "histogram"; diff.algorithm = "histogram";
diff.renameLimit = 2048; diff.renameLimit = 2048;
diff.renames = "copy"; diff.renames = "copy";
@ -25,13 +30,10 @@
push.default = "simple"; push.default = "simple";
}; };
aliases = { aliases = {
tree = tree = "log --show-signature --color --decorate --date=short --all --graph -n 3";
"log --show-signature --color --decorate --date=short --all --graph -n 3"; newbranch = "!git checkout master && git fetch -p && git reset --hard origin/master && git checkout -b $2";
newbranch =
"!git checkout master && git fetch -p && git reset --hard origin/master && git checkout -b $2";
head = "log HEAD -n1"; head = "log HEAD -n1";
vacuum = vacuum = "!git fetch -p && git branch -vv | awk '/: gone]/{print $1}' | xargs -r git branch -D && git gc --aggressive --auto";
"!git fetch -p && git branch -vv | awk '/: gone]/{print $1}' | xargs -r git branch -D && git gc --aggressive --auto";
}; };
}; };
} }

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
imports = [ ./system.nix ]; config,
pkgs,
...
}: {
imports = [./system.nix];
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; home-manager.users.cyryl = {...}: {imports = [./home.nix];};
} }

View file

@ -1,9 +1,13 @@
{ config, pkgs, ... }: { {
services = { }; config,
pkgs,
...
}: {
services = {};
xsession = { enable = false; }; xsession = {enable = false;};
home.packages = with pkgs; [ gnome-usage gnome3.gnome-tweaks ]; home.packages = with pkgs; [gnome-usage gnome3.gnome-tweaks];
programs.gnome-terminal = { programs.gnome-terminal = {
enable = true; enable = true;

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.xserver = { services.xserver = {
enable = true; enable = true;
displayManager.gdm.enable = true; displayManager.gdm.enable = true;
@ -7,7 +11,7 @@
desktopManager.gnome3.enable = true; desktopManager.gnome3.enable = true;
}; };
services.flatpak.enable = true; services.flatpak.enable = true;
services.dbus.packages = with pkgs; [ gnome2.GConf gnome3.dconf gcr ]; services.dbus.packages = with pkgs; [gnome2.GConf gnome3.dconf gcr];
users.users.cyryl.packages = with pkgs.gnomeExtensions; [ users.users.cyryl.packages = with pkgs.gnomeExtensions; [
caffeine caffeine
clipboard-indicator clipboard-indicator
@ -15,4 +19,3 @@
gsconnect gsconnect
]; ];
} }

View file

@ -1,10 +1,18 @@
{ config, pkgs, ... }: { {
networking.firewall.allowedTCPPortRanges = [{ config,
from = 1716; pkgs,
to = 1764; ...
}]; }: {
networking.firewall.allowedUDPPortRanges = [{ networking.firewall.allowedTCPPortRanges = [
from = 1716; {
to = 1764; from = 1716;
}]; to = 1764;
}
];
networking.firewall.allowedUDPPortRanges = [
{
from = 1716;
to = 1764;
}
];
} }

View file

@ -1,13 +1,18 @@
{ config, pkgs, discord, inputs, nixpkgs-nixos-stable-and-unfree {
, nixpkgs-nixos-unstable-and-unfree, ... }: config,
let pkgs,
discord,
inputs,
nixpkgs-nixos-stable-and-unfree,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system}; unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system}; nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
in { in {
security.chromiumSuidSandbox.enable = true; security.chromiumSuidSandbox.enable = true;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
gtk = { gtk = {
enable = true; enable = true;
iconTheme = { iconTheme = {
@ -22,13 +27,13 @@ in {
style.package = pkgs.adwaita-qt; style.package = pkgs.adwaita-qt;
}; };
imports = [ ]; imports = [];
programs.chromium.enable = true; programs.chromium.enable = true;
programs.firefox.enable = true; programs.firefox.enable = true;
home.packages = with pkgs; home.packages = with pkgs;
with pkgs.gnome3; with pkgs.gnome3;
with pkgs.python38Packages; with pkgs.python38Packages;
[ [
anarchism anarchism
calibre calibre
@ -76,7 +81,9 @@ in {
yubikey-manager-qt yubikey-manager-qt
yubikey-personalization yubikey-personalization
yubikey-personalization-gui yubikey-personalization-gui
] ++ [ unstable.gnucash unstable.thunderbird ] ++ [ ]
++ [unstable.gnucash unstable.thunderbird]
++ [
nixpkgs-nixos-stable-and-unfree.discord nixpkgs-nixos-stable-and-unfree.discord
nixpkgs-nixos-unstable-and-unfree.hopper nixpkgs-nixos-unstable-and-unfree.hopper
]; ];

View file

@ -1,7 +1,15 @@
{ config, pkgs, lib, ... }: { {
home.file.".config/firejail/firefox.profile".text = '' config,
include ${pkgs.firejail}/etc/firejail/firefox.profile pkgs,
lib,
...
}: {
home.file.".config/firejail/firefox.profile".text =
''
include ${pkgs.firejail}/etc/firejail/firefox.profile
ignore apparmor ignore apparmor
ignore noexec '' + "$" + "{HOME}"; ignore noexec ''
+ "$"
+ "{HOME}";
} }

View file

@ -1,153 +1,152 @@
{ config, pkgs, ... }: { {
home.packages = with pkgs; config,
[ pkgs,
(vscode-with-extensions.override { ...
vscodeExtensions = with vscode-extensions; }: {
[ home.packages = with pkgs; [
ms-python.python (vscode-with-extensions.override {
(vscode-utils.buildVscodeExtension { vscodeExtensions = with vscode-extensions;
vscodeExtUniqueId = "vadimcn.vscode-lldb"; [
name = "vadimcn.vscode-lldb-1.6.10"; ms-python.python
src = fetchurl { (vscode-utils.buildVscodeExtension {
name = "vadimcn.vscode-lldb.zip"; vscodeExtUniqueId = "vadimcn.vscode-lldb";
url = name = "vadimcn.vscode-lldb-1.6.10";
"https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix"; src = fetchurl {
sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw="; name = "vadimcn.vscode-lldb.zip";
}; url = "https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix";
buildInputs = with pkgs; [ llvm lldb python37 autoPatchelfHook ]; sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw=";
}) };
] buildInputs = with pkgs; [llvm lldb python37 autoPatchelfHook];
})
++ ]
++ vscode-utils.extensionsFromVscodeMarketplace [
vscode-utils.extensionsFromVscodeMarketplace [ {
{ publisher = "vscodevim";
publisher = "vscodevim"; name = "vim";
name = "vim"; version = "1.21.7";
version = "1.21.7"; sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg=";
sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg="; }
} {
{ publisher = "bbenoist";
publisher = "bbenoist"; name = "nix";
name = "nix"; version = "1.0.1";
version = "1.0.1"; sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0=";
sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0="; }
} {
{ publisher = "matklad";
publisher = "matklad"; name = "rust-analyzer";
name = "rust-analyzer"; version = "0.3.937";
version = "0.3.937"; sha256 = "sha256-aGBFKnntycpgNFdWwxFPVtQ2ryUvFCx7oet9uILiUTY=";
sha256 = "sha256-aGBFKnntycpgNFdWwxFPVtQ2ryUvFCx7oet9uILiUTY="; }
} {
{ publisher = "hashicorp";
publisher = "hashicorp"; name = "terraform";
name = "terraform"; version = "2.19.0";
version = "2.19.0"; sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY=";
sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY="; }
} {
{ publisher = "be5invis";
publisher = "be5invis"; name = "toml";
name = "toml"; version = "0.6.0";
version = "0.6.0"; sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E=";
sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E="; }
} {
{ publisher = "ms-vscode";
publisher = "ms-vscode"; name = "cpptools-extension-pack";
name = "cpptools-extension-pack"; version = "1.1.0";
version = "1.1.0"; sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc=";
sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc="; }
} {
{ publisher = "tiehuis";
publisher = "tiehuis"; name = "zig";
name = "zig"; version = "0.2.5";
version = "0.2.5"; sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4=";
sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4="; }
} {
{ publisher = "sjhuangx";
publisher = "sjhuangx"; name = "vscode-scheme";
name = "vscode-scheme"; version = "0.4.0";
version = "0.4.0"; sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4";
sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4"; }
} {
{ publisher = "shaunlebron";
publisher = "shaunlebron"; name = "vscode-parinfer";
name = "vscode-parinfer"; version = "0.6.2";
version = "0.6.2"; sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd";
sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd"; }
} {
{ publisher = "swyphcosmo";
publisher = "swyphcosmo"; name = "spellchecker";
name = "spellchecker"; version = "1.2.13";
version = "1.2.13"; sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w";
sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w"; }
} {
{ publisher = "asabil";
publisher = "asabil"; name = "meson";
name = "meson"; version = "1.1.1";
version = "1.1.1"; sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl";
sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl"; }
} {
{ publisher = "codezombiech";
publisher = "codezombiech"; name = "gitignore";
name = "gitignore"; version = "0.6.0";
version = "0.6.0"; sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b";
sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b"; }
} {
{ publisher = "DavidAnson";
publisher = "DavidAnson"; name = "vscode-markdownlint";
name = "vscode-markdownlint"; version = "0.26.0";
version = "0.26.0"; sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj";
sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj"; }
} {
{ publisher = "esbenp";
publisher = "esbenp"; name = "prettier-vscode";
name = "prettier-vscode"; version = "1.8.1";
version = "1.8.1"; sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln";
sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln"; }
} {
{ publisher = "hbenl";
publisher = "hbenl"; name = "vscode-test-explorer";
name = "vscode-test-explorer"; version = "2.9.3";
version = "2.9.3"; sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0";
sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0"; }
} {
{ publisher = "lextudio";
publisher = "lextudio"; name = "restructuredtext";
name = "restructuredtext"; version = "106.0.0";
version = "106.0.0"; sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa";
sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa"; }
} {
{ publisher = "lostintangent";
publisher = "lostintangent"; name = "vsls-pomodoro";
name = "vsls-pomodoro"; version = "0.1.0";
version = "0.1.0"; sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p";
sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p"; }
} {
{ publisher = "lostintangent";
publisher = "lostintangent"; name = "vsls-whiteboard";
name = "vsls-whiteboard"; version = "0.0.8";
version = "0.0.8"; sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p";
sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p"; }
} {
{ publisher = "mechatroner";
publisher = "mechatroner"; name = "rainbow-csv";
name = "rainbow-csv"; version = "1.0.0";
version = "1.0.0"; sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6";
sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6"; }
} {
{ publisher = "ronnidc";
publisher = "ronnidc"; name = "nunjucks";
name = "nunjucks"; version = "0.2.3";
version = "0.2.3"; sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf";
sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf"; }
} {
{ publisher = "serayuzgur";
publisher = "serayuzgur"; name = "crates";
name = "crates"; version = "0.4.2";
version = "0.4.2"; sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj";
sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj"; }
} ];
]; })
}) ];
];
} }

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, ... }: { {
config,
pkgs,
inputs,
system,
...
}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
(pass.withExtensions (ext: [ (pass.withExtensions (ext: [
ext.pass-otp ext.pass-otp
@ -7,6 +13,7 @@
ext.pass-audit ext.pass-audit
ext.pass-update ext.pass-update
])) ]))
inputs.alejandra.packages.${system}.default
age age
android-tools android-tools
aria aria
@ -53,6 +60,5 @@
wget wget
whois whois
inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux".youtube-dl inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux".youtube-dl
]; ];
} }

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, ... }: {
let username = "cyryl"; config,
pkgs,
inputs,
...
}: let
username = "cyryl";
in { in {
home.sessionVariables = { home.sessionVariables = {
LC_ALL = "en_GB.UTF-8"; LC_ALL = "en_GB.UTF-8";
@ -9,7 +14,7 @@ in {
news.display = "show"; news.display = "show";
home.packages = with pkgs; [ ]; home.packages = with pkgs; [];
home.username = username; home.username = username;
home.homeDirectory = "/home/${username}"; home.homeDirectory = "/home/${username}";
@ -30,5 +35,4 @@ in {
./programs/vim.nix ./programs/vim.nix
./programs/zsh.nix ./programs/zsh.nix
]; ];
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
home.file.".config/nixpkgs/config.nix".source = ../shell-config.nix; home.file.".config/nixpkgs/config.nix".source = ../shell-config.nix;
home.file.".gdbinit".text = '' home.file.".gdbinit".text = ''
set auto-load python-scripts on set auto-load python-scripts on

View file

@ -1,4 +1,9 @@
{ config, pkgs, inputs, ... }: { {
config,
pkgs,
inputs,
...
}: {
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
pinentryFlavor = "curses"; pinentryFlavor = "curses";

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
programs = { programs = {
home-manager.enable = true; home-manager.enable = true;
@ -13,7 +15,7 @@
gpg = { gpg = {
enable = true; enable = true;
settings = { }; settings = {};
}; };
taskwarrior.enable = true; taskwarrior.enable = true;

View file

@ -1,16 +1,22 @@
{ config, pkgs, ... }: { {
home.sessionVariables = { TERMINAL = "alacritty"; }; config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "alacritty";};
programs.alacritty = { programs.alacritty = {
enable = true; enable = true;
settings = { settings = {
window.decorations = "none"; window.decorations = "none";
mouse_bindings = [{ mouse_bindings = [
mouse = "Middle"; {
mode = "~Vi"; mouse = "Middle";
action = "None"; mode = "~Vi";
}]; action = "None";
}
];
scrolling = { scrolling = {
history = 32000; history = 32000;
multiplier = 3; multiplier = 3;

View file

@ -1,3 +1,8 @@
{ config, pkgs, lib, ... }: { {
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; config,
pkgs,
lib,
...
}: {
home-manager.users.cyryl = {...}: {imports = [./home.nix];};
} }

View file

@ -1,22 +1,25 @@
{ pkgs }: {pkgs}: let
let
myEmacs = pkgs.emacs-nox; myEmacs = pkgs.emacs-nox;
inherit ((pkgs.emacsPackagesFor myEmacs)) emacsWithPackages; inherit ((pkgs.emacsPackagesFor myEmacs)) emacsWithPackages;
in emacsWithPackages (epkgs: in
(with epkgs.melpaStablePackages; [ ]) ++ (with epkgs.melpaPackages; [ emacsWithPackages (epkgs:
color-theme-sanityinc-solarized (with epkgs.melpaStablePackages; [])
evil ++ (with epkgs.melpaPackages; [
evil-collection color-theme-sanityinc-solarized
helm evil
helm-projectile evil-collection
helm-rg helm
magit helm-projectile
nix-mode helm-rg
projectile magit
xterm-color nix-mode
]) ++ (with epkgs.elpaPackages; [ projectile
beacon # ; highlight my cursor when scrolling xterm-color
nameless # ; hide current package name everywhere in elisp code ])
]) ++ [ ++ (with epkgs.elpaPackages; [
pkgs.notmuch # From main packages set beacon # ; highlight my cursor when scrolling
]) nameless # ; hide current package name everywhere in elisp code
])
++ [
pkgs.notmuch # From main packages set
])

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
home.file.".emacs".text = '' home.file.".emacs".text = ''
(require 'package) (require 'package)
@ -31,7 +35,6 @@
''; '';
programs.emacs = { programs.emacs = {
enable = true; enable = true;
package = import ./emacs.nix { inherit pkgs; }; package = import ./emacs.nix {inherit pkgs;};
}; };
} }

View file

@ -1,24 +1,24 @@
{ pkgs ? import <nixpkgs> { } }: {pkgs ? import <nixpkgs> {}}:
with pkgs; with pkgs;
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "genpass"; pname = "genpass";
version = "0.4.1"; version = "0.4.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "cyplo"; owner = "cyplo";
repo = pname; repo = pname;
rev = "v" + version; rev = "v" + version;
sha256 = "1b22m7g55k5ry0vwyd8pakh8rmfkhk37qy5r74cn3n5pv3fcwini"; sha256 = "1b22m7g55k5ry0vwyd8pakh8rmfkhk37qy5r74cn3n5pv3fcwini";
}; };
cargoSha256 = "1p6l64s9smhwka8bh3pamqimamxziad859i62nrmxzqc49nq5s7m"; cargoSha256 = "1p6l64s9smhwka8bh3pamqimamxziad859i62nrmxzqc49nq5s7m";
buildInputs = [ openssl pkgconfig git ]; buildInputs = [openssl pkgconfig git];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "A simple yet robust commandline random password generator."; description = "A simple yet robust commandline random password generator.";
homepage = "https://github.com/cyplo/genpass"; homepage = "https://github.com/cyplo/genpass";
license = licenses.agpl3; license = licenses.agpl3;
platforms = platforms.all; platforms = platforms.all;
}; };
} }

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
home.sessionVariables = { TERMINAL = "kitty"; }; config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "kitty";};
programs.kitty = { programs.kitty = {
enable = true; enable = true;
@ -33,7 +37,6 @@
color13 = "#5856b9"; color13 = "#5856b9";
color14 = "#81908f"; color14 = "#81908f";
color15 = "#fcf4dc"; color15 = "#fcf4dc";
}; };
}; };
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.newsboat = { programs.newsboat = {
enable = true; enable = true;
autoReload = true; autoReload = true;
@ -16,294 +20,291 @@
color article default default color article default default
''; '';
urls = [ urls = [
{ url = "https://www.scattered-thoughts.net/atom.xml"; } {url = "https://www.scattered-thoughts.net/atom.xml";}
{ url = "https://acoup.blog/feed/"; } {url = "https://acoup.blog/feed/";}
{ url = "https://gaymingmag.com/feed/"; } {url = "https://gaymingmag.com/feed/";}
{ url = "https://blog.benjojo.co.uk/rss.xml"; } {url = "https://blog.benjojo.co.uk/rss.xml";}
{ url = "https://electronicsdeli.net/feed/"; } {url = "https://electronicsdeli.net/feed/";}
{ url = "https://michael.stapelberg.ch/feed.xml"; } {url = "https://michael.stapelberg.ch/feed.xml";}
{ url = "https://blog.nelhage.com/atom.xml"; } {url = "https://blog.nelhage.com/atom.xml";}
{ url = "https://deninet.com/rss.xml"; } {url = "https://deninet.com/rss.xml";}
{ url = "https://berthub.eu/articles/index.xml"; } {url = "https://berthub.eu/articles/index.xml";}
{ url = "https://ciko.io/index.xml"; } {url = "https://ciko.io/index.xml";}
{ url = "https://blog.thea.codes/feed.xml"; } {url = "https://blog.thea.codes/feed.xml";}
{ url = "https://ambrevar.xyz/atom.xml"; } {url = "https://ambrevar.xyz/atom.xml";}
{ url = "https://openprivacy.ca/feed/discreet-log.xml"; } {url = "https://openprivacy.ca/feed/discreet-log.xml";}
{ url = "https://shealevy.com/blog/index.xml"; } {url = "https://shealevy.com/blog/index.xml";}
{ url = "https://oxide.computer/blog/index.xml"; } {url = "https://oxide.computer/blog/index.xml";}
{ url = "https://alecmuffett.com/article/tag/essay/feed"; } {url = "https://alecmuffett.com/article/tag/essay/feed";}
{ url = "https://osarch.org/feed/"; } {url = "https://osarch.org/feed/";}
{ url = "https://fosdem.org/2021/atom.xml"; } {url = "https://fosdem.org/2021/atom.xml";}
{ url = "https://tailscale.com/blog/index.xml"; } {url = "https://tailscale.com/blog/index.xml";}
{ url = "https://nrdxp.dev/feed.xml"; } {url = "https://nrdxp.dev/feed.xml";}
{ url = "https://ww.telent.net/news.rss"; } {url = "https://ww.telent.net/news.rss";}
{ url = "https://guix.gnu.org/feeds/blog.atom"; } {url = "https://guix.gnu.org/feeds/blog.atom";}
{ url = "https://blog.servo.org/feed.xml"; } {url = "https://blog.servo.org/feed.xml";}
{ url = "https://www.radicalroutes.org.uk/?format=feed&type=atom"; } {url = "https://www.radicalroutes.org.uk/?format=feed&type=atom";}
{ url = "https://matklad.github.io/feed.xml"; } {url = "https://matklad.github.io/feed.xml";}
{ url = "https://sfconservancy.org/feeds/blog/"; } {url = "https://sfconservancy.org/feeds/blog/";}
{ url = "https://sourcehut.org/blog/index.xml"; } {url = "https://sourcehut.org/blog/index.xml";}
{ {
url = url = "https://openwrt.org/feed.php?type=rss&mode=list&sort=date&ns=advisory&linkto=current&content=html";
"https://openwrt.org/feed.php?type=rss&mode=list&sort=date&ns=advisory&linkto=current&content=html";
} }
{ url = "https://nora.codes/index.xml"; } {url = "https://nora.codes/index.xml";}
{ url = "http://hackedfrompieces.wordpress.com/feed/"; } {url = "http://hackedfrompieces.wordpress.com/feed/";}
{ url = "http://notonlyzeroesandones.site40.net/feed/"; } {url = "http://notonlyzeroesandones.site40.net/feed/";}
{ url = "https://tonyarcieri.com/feed"; } {url = "https://tonyarcieri.com/feed";}
{ url = "https://www.destroyallsoftware.com/screencasts/feed"; } {url = "https://www.destroyallsoftware.com/screencasts/feed";}
{ url = "https://blog.liftsecurity.io/rss"; } {url = "https://blog.liftsecurity.io/rss";}
{ url = "http://mightyohm.com/blog/feed/"; } {url = "http://mightyohm.com/blog/feed/";}
{ url = "http://feeds.falkvinge.net/Falkvinge-on-Infopolicy"; } {url = "http://feeds.falkvinge.net/Falkvinge-on-Infopolicy";}
{ url = "http://www.veronicabelmont.com/feed/"; } {url = "http://www.veronicabelmont.com/feed/";}
{ url = "https://perplexinglyemma.blogspot.com/feeds/posts/default"; } {url = "https://perplexinglyemma.blogspot.com/feeds/posts/default";}
{ url = "http://www.davecooper.org/blog/feed/"; } {url = "http://www.davecooper.org/blog/feed/";}
{ url = "http://hackaweek.com/hacks/?feed=rss2"; } {url = "http://hackaweek.com/hacks/?feed=rss2";}
{ url = "https://www.hadean.com/blog/rss.xml"; } {url = "https://www.hadean.com/blog/rss.xml";}
{ url = "http://feeds.feedburner.com/malukah"; } {url = "http://feeds.feedburner.com/malukah";}
{ url = "http://jonasdn.blogspot.com/feeds/posts/default"; } {url = "http://jonasdn.blogspot.com/feeds/posts/default";}
{ url = "https://www.destroyallsoftware.com/blog/index.xml"; } {url = "https://www.destroyallsoftware.com/blog/index.xml";}
{ url = "http://metajack.im/"; } {url = "http://metajack.im/";}
{ url = "https://haskell-at-work.com/feed.xml"; } {url = "https://haskell-at-work.com/feed.xml";}
{ url = "http://temporal.pr0.pl/devblog/feed/"; } {url = "http://temporal.pr0.pl/devblog/feed/";}
{ url = "https://superevr.com/blog/feed/"; } {url = "https://superevr.com/blog/feed/";}
{ url = "http://thejoysofcode.com/rss"; } {url = "http://thejoysofcode.com/rss";}
{ url = "http://www.rsspect.com/rss/threeps.xml"; } {url = "http://www.rsspect.com/rss/threeps.xml";}
{ url = "http://brianzawesomeblog.blogspot.com/feeds/posts/default"; } {url = "http://brianzawesomeblog.blogspot.com/feeds/posts/default";}
{ url = "http://ssj3gohan.tweakblogs.net/feed/"; } {url = "http://ssj3gohan.tweakblogs.net/feed/";}
{ url = "http://planet.mozilla.org/releng/atom.xml"; } {url = "http://planet.mozilla.org/releng/atom.xml";}
{ url = "https://grahamc.com/feed/"; } {url = "https://grahamc.com/feed/";}
{ url = "http://www.h-online.com/grand-atom.xml"; } {url = "http://www.h-online.com/grand-atom.xml";}
{ url = "https://jneem.github.io/feed.xml"; } {url = "https://jneem.github.io/feed.xml";}
{ url = "http://blog.opensourceecology.org/feed/"; } {url = "http://blog.opensourceecology.org/feed/";}
{ url = "http://pepijndevos.nl/atom.xml"; } {url = "http://pepijndevos.nl/atom.xml";}
{ url = "https://wedistribute.org/feed/"; } {url = "https://wedistribute.org/feed/";}
{ url = "http://www.wattnotions.com/feed/"; } {url = "http://www.wattnotions.com/feed/";}
{ url = "https://blondihacks.com/feed/"; } {url = "https://blondihacks.com/feed/";}
{ url = "http://ghcarm.wordpress.com/feed/"; } {url = "http://ghcarm.wordpress.com/feed/";}
{ url = "http://blog.tkjelectronics.dk/feed/"; } {url = "http://blog.tkjelectronics.dk/feed/";}
{ url = "https://www.circuitlab.com/blog/feed/"; } {url = "https://www.circuitlab.com/blog/feed/";}
{ url = "http://danluu.com/atom.xml"; } {url = "http://danluu.com/atom.xml";}
{ url = "http://silverwingedseraph.net/feed"; } {url = "http://silverwingedseraph.net/feed";}
{ url = "http://takbardzozle.blogspot.com/feeds/posts/default"; } {url = "http://takbardzozle.blogspot.com/feeds/posts/default";}
{ url = "https://weekly.nixos.org/feeds/all.rss.xml"; } {url = "https://weekly.nixos.org/feeds/all.rss.xml";}
{ url = "http://www.hscott.net/feed/"; } {url = "http://www.hscott.net/feed/";}
{ url = "http://feeds.feedburner.com/kernelmag?format=xml"; } {url = "http://feeds.feedburner.com/kernelmag?format=xml";}
{ url = "http://www.malwaretech.com/feeds/posts/default"; } {url = "http://www.malwaretech.com/feeds/posts/default";}
{ url = "https://nixos.org/blogs.xml"; } {url = "https://nixos.org/blogs.xml";}
{ url = "http://spaceismore.com/feed/"; } {url = "http://spaceismore.com/feed/";}
{ url = "https://blog.cyplo.dev/index.xml"; } {url = "https://blog.cyplo.dev/index.xml";}
{ url = "https://blog.kobol.io/feed.xml"; } {url = "https://blog.kobol.io/feed.xml";}
{ url = "http://blog.ffwll.ch/feeds/posts/default"; } {url = "http://blog.ffwll.ch/feeds/posts/default";}
{ url = "http://blog.pnkfx.org/atom.xml"; } {url = "http://blog.pnkfx.org/atom.xml";}
{ url = "http://metaltronics.wordpress.com/feed/"; } {url = "http://metaltronics.wordpress.com/feed/";}
{ url = "http://ncrmnt.org/wp/feed/"; } {url = "http://ncrmnt.org/wp/feed/";}
{ url = "http://www.arachnidlabs.com/atom.xml"; } {url = "http://www.arachnidlabs.com/atom.xml";}
{ url = "http://blogs.valvesoftware.com/feed/"; } {url = "http://blogs.valvesoftware.com/feed/";}
{ url = "http://billmccloskey.wordpress.com/feed/"; } {url = "http://billmccloskey.wordpress.com/feed/";}
{ url = "http://sparkleshare.org/feed/"; } {url = "http://sparkleshare.org/feed/";}
{ url = "http://osprintingllc.com/feed/"; } {url = "http://osprintingllc.com/feed/";}
{ {
url = url = "https://forum.openwrt.org/extern.php?action=feed&fid=11&type=rss";
"https://forum.openwrt.org/extern.php?action=feed&fid=11&type=rss";
} }
{ url = "http://corgibytes.com/feed.xml"; } {url = "http://corgibytes.com/feed.xml";}
{ url = "http://chatolandia.pl/feed/"; } {url = "http://chatolandia.pl/feed/";}
{ url = "http://niczsoft.com/feed/"; } {url = "http://niczsoft.com/feed/";}
{ url = "http://blog.macrofab.net/feed/"; } {url = "http://blog.macrofab.net/feed/";}
{ url = "http://hackaday.com/feed/"; } {url = "http://hackaday.com/feed/";}
{ url = "https://blog.uncensoreddns.org/feeds/atom/all/"; } {url = "https://blog.uncensoreddns.org/feeds/atom/all/";}
{ url = "http://www.paulallenengineering.com/1/feed"; } {url = "http://www.paulallenengineering.com/1/feed";}
{ {
url = url = "http://komornik.wroclaw.pl/index.php?option=com_rss&feed=RSS2.0&no_html=1";
"http://komornik.wroclaw.pl/index.php?option=com_rss&feed=RSS2.0&no_html=1";
} }
{ url = "https://rachelbythebay.com/w/atom.xml"; } {url = "https://rachelbythebay.com/w/atom.xml";}
{ url = "http://sliptonic.com/feed/"; } {url = "http://sliptonic.com/feed/";}
{ url = "http://blog.unsecu.re/feeds/posts/default"; } {url = "http://blog.unsecu.re/feeds/posts/default";}
{ url = "http://neverworkintheory.org/feed.xml"; } {url = "http://neverworkintheory.org/feed.xml";}
{ url = "http://kocikocizabci.blogspot.com/feeds/posts/default"; } {url = "http://kocikocizabci.blogspot.com/feeds/posts/default";}
{ url = "https://blog.christophersmart.com/feed/"; } {url = "https://blog.christophersmart.com/feed/";}
{ url = "http://sarah.thesharps.us/feed/"; } {url = "http://sarah.thesharps.us/feed/";}
{ url = "http://explique.me/feed.xml"; } {url = "http://explique.me/feed.xml";}
{ url = "http://www.arcfn.com/feeds/posts/default"; } {url = "http://www.arcfn.com/feeds/posts/default";}
{ url = "http://sunrider-vn.com/feed/"; } {url = "http://sunrider-vn.com/feed/";}
{ url = "http://www.wrocnet.org/syndication.axd"; } {url = "http://www.wrocnet.org/syndication.axd";}
{ url = "http://www.goldsborough.me/feed.xml"; } {url = "http://www.goldsborough.me/feed.xml";}
{ url = "http://blog.tilaa.nl/feeds/posts/default"; } {url = "http://blog.tilaa.nl/feeds/posts/default";}
{ url = "http://latkin.org/blog/index.xml"; } {url = "http://latkin.org/blog/index.xml";}
{ url = "https://ind.ie/blog/rss/index.xml"; } {url = "https://ind.ie/blog/rss/index.xml";}
{ url = "http://spritesmods.com/rss.php"; } {url = "http://spritesmods.com/rss.php";}
{ url = "http://codeascraft.etsy.com/feed/"; } {url = "http://codeascraft.etsy.com/feed/";}
{ url = "http://chrisgammell.com/feed/"; } {url = "http://chrisgammell.com/feed/";}
{ url = "https://www.stellar.org/feed/"; } {url = "https://www.stellar.org/feed/";}
{ url = "http://shenzhentrip.blogspot.com/feeds/posts/default"; } {url = "http://shenzhentrip.blogspot.com/feeds/posts/default";}
{ url = "https://aphyr.com/posts.atom"; } {url = "https://aphyr.com/posts.atom";}
{ url = "http://www.latentlaboratories.com/blog?format=RSS"; } {url = "http://www.latentlaboratories.com/blog?format=RSS";}
{ url = "http://zentasrobots.com/feed/"; } {url = "http://zentasrobots.com/feed/";}
{ url = "http://grugq.github.io/atom.xml"; } {url = "http://grugq.github.io/atom.xml";}
{ url = "http://gusclass.com/blog/feed/"; } {url = "http://gusclass.com/blog/feed/";}
{ url = "http://www.devttys0.com/feed/"; } {url = "http://www.devttys0.com/feed/";}
{ url = "https://www.ruma.io/news/feed.atom"; } {url = "https://www.ruma.io/news/feed.atom";}
{ url = "http://runawaybrainz.blogspot.com/feeds/posts/default"; } {url = "http://runawaybrainz.blogspot.com/feeds/posts/default";}
{ url = "http://blog.ploeh.dk/rss.xml"; } {url = "http://blog.ploeh.dk/rss.xml";}
{ url = "http://lab.whitequark.org/atom.xml"; } {url = "http://lab.whitequark.org/atom.xml";}
{ url = "http://rroarr.blog.pl/index.rss"; } {url = "http://rroarr.blog.pl/index.rss";}
{ url = "http://slic3r.org/rss"; } {url = "http://slic3r.org/rss";}
{ url = "http://feeds.feedburner.com/EmbeddedInAcademia"; } {url = "http://feeds.feedburner.com/EmbeddedInAcademia";}
{ url = "http://mightydevices.com/?feed=rss2"; } {url = "http://mightydevices.com/?feed=rss2";}
{ url = "http://www.cppwroclaw.pl/dokuwiki/feed.php"; } {url = "http://www.cppwroclaw.pl/dokuwiki/feed.php";}
{ url = "http://pagekite.net/Blog?rss=1"; } {url = "http://pagekite.net/Blog?rss=1";}
{ url = "http://iradan.com/?feed=rss2"; } {url = "http://iradan.com/?feed=rss2";}
{ url = "http://tirania.org/blog/miguel.rss2"; } {url = "http://tirania.org/blog/miguel.rss2";}
{ url = "http://the-missing-link-of-agile.com/feed/"; } {url = "http://the-missing-link-of-agile.com/feed/";}
{ url = "http://www.kroah.com/log/index.rss"; } {url = "http://www.kroah.com/log/index.rss";}
{ url = "http://ebldc.com/?feed=rss2"; } {url = "http://ebldc.com/?feed=rss2";}
{ url = "http://codegangsta.io/atom.xml"; } {url = "http://codegangsta.io/atom.xml";}
{ url = "http://intorust.com/feed.xml"; } {url = "http://intorust.com/feed.xml";}
{ url = "http://carol-nichols.com/feed.xml"; } {url = "http://carol-nichols.com/feed.xml";}
{ url = "http://blogs.msdn.com/b/ericlippert/atom.aspx"; } {url = "http://blogs.msdn.com/b/ericlippert/atom.aspx";}
{ url = "http://kroah.com/log/index.rss"; } {url = "http://kroah.com/log/index.rss";}
{ url = "http://quinndunki.com/blondihacks/?feed=rss2"; } {url = "http://quinndunki.com/blondihacks/?feed=rss2";}
{ url = "http://gerrysweeney.com/feed/"; } {url = "http://gerrysweeney.com/feed/";}
{ url = "http://cybergibbons.com/feed/"; } {url = "http://cybergibbons.com/feed/";}
{ url = "https://freedom-to-tinker.com/feed/"; } {url = "https://freedom-to-tinker.com/feed/";}
{ url = "http://sealedabstract.com/feed/"; } {url = "http://sealedabstract.com/feed/";}
{ url = "http://hermanradtke.com/atom.xml"; } {url = "http://hermanradtke.com/atom.xml";}
{ url = "http://feeds.feedburner.com/plainlystated/xtwL?format=xml"; } {url = "http://feeds.feedburner.com/plainlystated/xtwL?format=xml";}
{ url = "http://www.mdswanson.com/atom.xml"; } {url = "http://www.mdswanson.com/atom.xml";}
{ url = "http://feeds.feedburner.com/thegrue"; } {url = "http://feeds.feedburner.com/thegrue";}
{ url = "https://gergely.imreh.net/blog/feed/"; } {url = "https://gergely.imreh.net/blog/feed/";}
{ url = "http://www.sigrok.org/blog/rss.xml"; } {url = "http://www.sigrok.org/blog/rss.xml";}
{ url = "https://thesquareplanet.com/feed.xml"; } {url = "https://thesquareplanet.com/feed.xml";}
{ url = "http://feedpress.me/inessential"; } {url = "http://feedpress.me/inessential";}
{ url = "http://wheningit.tumblr.com/rss"; } {url = "http://wheningit.tumblr.com/rss";}
{ url = "http://b.truzzi.me/?feed=rss2"; } {url = "http://b.truzzi.me/?feed=rss2";}
{ url = "https://blog.conformal.com/feed/"; } {url = "https://blog.conformal.com/feed/";}
{ url = "http://windytan.blogspot.com/feeds/posts/default"; } {url = "http://windytan.blogspot.com/feeds/posts/default";}
{ url = "http://www.logicalelegance.com/journey/feed/"; } {url = "http://www.logicalelegance.com/journey/feed/";}
{ url = "https://www.adafruit.com/blog/feed/"; } {url = "https://www.adafruit.com/blog/feed/";}
{ url = "https://electronichamsters.wordpress.com/feed/"; } {url = "https://electronichamsters.wordpress.com/feed/";}
{ url = "http://security.goatse.fr/feed"; } {url = "http://security.goatse.fr/feed";}
{ url = "http://panoptykon.org/rss.xml"; } {url = "http://panoptykon.org/rss.xml";}
{ url = "http://blog.piston.rs/atom.xml"; } {url = "http://blog.piston.rs/atom.xml";}
{ url = "http://tenderlovemaking.com/atom.xml"; } {url = "http://tenderlovemaking.com/atom.xml";}
{ url = "http://www.wired.com/threatlevel/feed/"; } {url = "http://www.wired.com/threatlevel/feed/";}
{ url = "http://onethingwell.org/rss"; } {url = "http://onethingwell.org/rss";}
{ url = "http://serialized.net/rss.xml"; } {url = "http://serialized.net/rss.xml";}
{ url = "http://aosabook.org/blog/feeds/all.atom.xml"; } {url = "http://aosabook.org/blog/feeds/all.atom.xml";}
{ url = "http://www.alicegrove.com/rss"; } {url = "http://www.alicegrove.com/rss";}
{ url = "http://www.konradokonski.com/KWD/feed/"; } {url = "http://www.konradokonski.com/KWD/feed/";}
{ url = "http://way-cooler.org/feed.xml"; } {url = "http://way-cooler.org/feed.xml";}
{ url = "http://antygea.blogspot.com/feeds/posts/default"; } {url = "http://antygea.blogspot.com/feeds/posts/default";}
{ url = "http://blog.gameagent.com/feed/"; } {url = "http://blog.gameagent.com/feed/";}
{ url = "http://llogiq.github.io/feed.xml"; } {url = "http://llogiq.github.io/feed.xml";}
{ url = "http://lambda-the-ultimate.org/rss.xml"; } {url = "http://lambda-the-ultimate.org/rss.xml";}
{ url = "https://soldernerd.com/feed/"; } {url = "https://soldernerd.com/feed/";}
{ url = "http://www.0xrage.com/?feed=rss2"; } {url = "http://www.0xrage.com/?feed=rss2";}
{ url = "http://www.bitscope.com/blog/feed.xml"; } {url = "http://www.bitscope.com/blog/feed.xml";}
{ url = "http://theprofoundprogrammer.com/rss"; } {url = "http://theprofoundprogrammer.com/rss";}
{ url = "http://essentialscrap.com/rss.xml"; } {url = "http://essentialscrap.com/rss.xml";}
{ url = "http://handmade.hackaday.com/feed/"; } {url = "http://handmade.hackaday.com/feed/";}
{ url = "http://events.ccc.de/feed/"; } {url = "http://events.ccc.de/feed/";}
{ url = "http://www.estechnical.co.uk/blog/latest?format=feed&type=rss"; } {url = "http://www.estechnical.co.uk/blog/latest?format=feed&type=rss";}
{ url = "http://perso.aquilenet.fr/~sven337/feeds/feed_english.xml"; } {url = "http://perso.aquilenet.fr/~sven337/feeds/feed_english.xml";}
{ url = "http://blog.trailofbits.com/feed/"; } {url = "http://blog.trailofbits.com/feed/";}
{ url = "https://michaelwoerister.github.io/feed.xml"; } {url = "https://michaelwoerister.github.io/feed.xml";}
{ url = "http://nitschinger.at//index.xml"; } {url = "http://nitschinger.at//index.xml";}
{ url = "http://lambdaops.com/feed"; } {url = "http://lambdaops.com/feed";}
{ url = "http://simon-says-architecture.com/feed/"; } {url = "http://simon-says-architecture.com/feed/";}
{ url = "https://sha2017.org/rss.xml"; } {url = "https://sha2017.org/rss.xml";}
{ url = "http://www.davidhunt.ie/feed/"; } {url = "http://www.davidhunt.ie/feed/";}
{ url = "https://begriffs.com/atom.xml"; } {url = "https://begriffs.com/atom.xml";}
{ url = "http://dankaminsky.com/feed/"; } {url = "http://dankaminsky.com/feed/";}
{ url = "http://www.analogzoo.com/feed/"; } {url = "http://www.analogzoo.com/feed/";}
{ url = "http://blog.makezine.com/feed/"; } {url = "http://blog.makezine.com/feed/";}
{ url = "http://wot.lv/feeds/all.atom.xml"; } {url = "http://wot.lv/feeds/all.atom.xml";}
{ url = "http://www.bunniestudios.com/blog/?feed=rss2"; } {url = "http://www.bunniestudios.com/blog/?feed=rss2";}
{ url = "http://lukelectro.wordpress.com/feed/"; } {url = "http://lukelectro.wordpress.com/feed/";}
{ url = "http://buffered.io/index.xml"; } {url = "http://buffered.io/index.xml";}
{ url = "http://www.yesodweb.com/feed"; } {url = "http://www.yesodweb.com/feed";}
{ url = "http://lcamtuf.blogspot.com/feeds/posts/default"; } {url = "http://lcamtuf.blogspot.com/feeds/posts/default";}
{ url = "http://feeds.feedburner.com/schneier/fulltext"; } {url = "http://feeds.feedburner.com/schneier/fulltext";}
{ url = "https://simplysecure.org/feed.xml"; } {url = "https://simplysecure.org/feed.xml";}
{ url = "http://maryrosecook.com/blog/feed"; } {url = "http://maryrosecook.com/blog/feed";}
{ url = "https://nathanleclaire.com/index.xml"; } {url = "https://nathanleclaire.com/index.xml";}
{ url = "http://downingsbasement.com/feed/"; } {url = "http://downingsbasement.com/feed/";}
{ url = "http://www.pxdojo.net/feeds/posts/default"; } {url = "http://www.pxdojo.net/feeds/posts/default";}
{ url = "http://fulmicoton.com/atom.xml"; } {url = "http://fulmicoton.com/atom.xml";}
{ url = "http://rys.io/en/rss"; } {url = "http://rys.io/en/rss";}
{ url = "https://rust-embedded.github.io/blog/rss.xml"; } {url = "https://rust-embedded.github.io/blog/rss.xml";}
{ url = "https://pointersgonewild.com/feed/"; } {url = "https://pointersgonewild.com/feed/";}
{ url = "http://blog.cryptographyengineering.com/feeds/posts/default"; } {url = "http://blog.cryptographyengineering.com/feeds/posts/default";}
{ url = "http://www.hardhack.org/feed/"; } {url = "http://www.hardhack.org/feed/";}
{ url = "http://blog.system76.com/rss"; } {url = "http://blog.system76.com/rss";}
{ url = "https://www.mailpile.is/blog/index.rss"; } {url = "https://www.mailpile.is/blog/index.rss";}
{ url = "https://blog.rustfest.eu/feed.xml"; } {url = "https://blog.rustfest.eu/feed.xml";}
{ url = "http://nullr0ute.com/feed/"; } {url = "http://nullr0ute.com/feed/";}
{ url = "http://xion.io/feeds/atom.xml"; } {url = "http://xion.io/feeds/atom.xml";}
{ url = "http://blog.mozilla.org/nfroyd/feed/"; } {url = "http://blog.mozilla.org/nfroyd/feed/";}
{ url = "http://anniemachon.ch/feed"; } {url = "http://anniemachon.ch/feed";}
{ url = "http://befinitiv.wordpress.com/feed/"; } {url = "http://befinitiv.wordpress.com/feed/";}
{ url = "http://www.2600.com/rss.xml"; } {url = "http://www.2600.com/rss.xml";}
{ url = "http://www.planet-rust.com/atom.xml"; } {url = "http://www.planet-rust.com/atom.xml";}
{ url = "http://www.elidedbranches.com/feeds/posts/default"; } {url = "http://www.elidedbranches.com/feeds/posts/default";}
{ url = "http://www.eevblog.com/feed/"; } {url = "http://www.eevblog.com/feed/";}
{ url = "http://www.questionablecontent.net/QCRSS.xml"; } {url = "http://www.questionablecontent.net/QCRSS.xml";}
{ url = "http://davidegironi.blogspot.com/feeds/posts/default"; } {url = "http://davidegironi.blogspot.com/feeds/posts/default";}
{ url = "http://intorust.com/blog/feed.xml"; } {url = "http://intorust.com/blog/feed.xml";}
{ url = "http://londyn.msz.gov.pl/rss/ambasadalondynaktualnosci.xml450"; } {url = "http://londyn.msz.gov.pl/rss/ambasadalondynaktualnosci.xml450";}
{ url = "http://www.thegamercat.com/feed/"; } {url = "http://www.thegamercat.com/feed/";}
{ url = "http://feeds.feedburner.com/gadgetfactory/zjHC"; } {url = "http://feeds.feedburner.com/gadgetfactory/zjHC";}
{ url = "http://embedderslife.wordpress.com/feed/"; } {url = "http://embedderslife.wordpress.com/feed/";}
{ url = "http://blog.ctf365.com/feed/"; } {url = "http://blog.ctf365.com/feed/";}
{ url = "http://owncloud.org/news/feed/"; } {url = "http://owncloud.org/news/feed/";}
{ url = "http://jreeblog.wordpress.com/feed/"; } {url = "http://jreeblog.wordpress.com/feed/";}
{ url = "http://www.wildcircuits.com/feeds/posts/default"; } {url = "http://www.wildcircuits.com/feeds/posts/default";}
{ url = "http://www.raspberrypi.org/feed"; } {url = "http://www.raspberrypi.org/feed";}
{ url = "https://apollo.open-resource.org/mission:log:feed"; } {url = "https://apollo.open-resource.org/mission:log:feed";}
{ url = "http://bikerglen.com/blog/feed/"; } {url = "http://bikerglen.com/blog/feed/";}
{ url = "http://www.crypto.com/blog/rss20.xml"; } {url = "http://www.crypto.com/blog/rss20.xml";}
{ url = "https://www.platymuus.com/feed.xml"; } {url = "https://www.platymuus.com/feed.xml";}
{ url = "http://oneweekwonder.blogspot.com/feeds/posts/default"; } {url = "http://oneweekwonder.blogspot.com/feeds/posts/default";}
{ url = "https://blog.mozilla.org/thunderbird/feed/"; } {url = "https://blog.mozilla.org/thunderbird/feed/";}
{ url = "https://blog.mozilla.org/research/feed/"; } {url = "https://blog.mozilla.org/research/feed/";}
{ url = "http://thesignalpath.com/blogs/feed/"; } {url = "http://thesignalpath.com/blogs/feed/";}
{ url = "http://www.daemonology.net/blog/index.rss"; } {url = "http://www.daemonology.net/blog/index.rss";}
{ url = "http://dangerousprototypes.com/feed/"; } {url = "http://dangerousprototypes.com/feed/";}
{ url = "https://www.trueos.org/feed/"; } {url = "https://www.trueos.org/feed/";}
{ url = "http://nautil.us/rss/all"; } {url = "http://nautil.us/rss/all";}
{ url = "http://blog.computationalcomplexity.org/feeds/posts/default"; } {url = "http://blog.computationalcomplexity.org/feeds/posts/default";}
{ url = "http://blog.humblebundle.com/rss"; } {url = "http://blog.humblebundle.com/rss";}
{ url = "https://copperhead.co/feed.xml"; } {url = "https://copperhead.co/feed.xml";}
{ url = "http://blog.xamarin.com/feed/"; } {url = "http://blog.xamarin.com/feed/";}
{ url = "http://coreos.com/atom.xml"; } {url = "http://coreos.com/atom.xml";}
{ url = "http://lowpowerlab.com/feed/"; } {url = "http://lowpowerlab.com/feed/";}
{ url = "http://feeds.feedburner.com/TheBitBangTheory_en?format=xml"; } {url = "http://feeds.feedburner.com/TheBitBangTheory_en?format=xml";}
{ url = "http://feeds.feedburner.com/TheLifeOfKenneth"; } {url = "http://feeds.feedburner.com/TheLifeOfKenneth";}
{ url = "http://corporat.blox.pl/rss2"; } {url = "http://corporat.blox.pl/rss2";}
{ url = "http://www.willowgarage.com/news/feed"; } {url = "http://www.willowgarage.com/news/feed";}
{ url = "http://nakedsecurity.sophos.com/feed/"; } {url = "http://nakedsecurity.sophos.com/feed/";}
{ url = "http://edri.org/feed/"; } {url = "http://edri.org/feed/";}
{ url = "https://ruudvanasseldonk.com/feed.xml"; } {url = "https://ruudvanasseldonk.com/feed.xml";}
{ url = "http://www.lowrisc.org//index.xml"; } {url = "http://www.lowrisc.org//index.xml";}
{ url = "http://feeds.feedburner.com/Phoronix"; } {url = "http://feeds.feedburner.com/Phoronix";}
{ url = "http://jvns.ca/atom.xml"; } {url = "http://jvns.ca/atom.xml";}
{ url = "http://feeds.feedburner.com/steveklabnik/words"; } {url = "http://feeds.feedburner.com/steveklabnik/words";}
{ url = "https://blog.torproject.org/blog/feed"; } {url = "https://blog.torproject.org/blog/feed";}
{ url = "http://this-week-in-rust.org/atom.xml"; } {url = "http://this-week-in-rust.org/atom.xml";}
{ url = "http://opensource.com/feed"; } {url = "http://opensource.com/feed";}
{ url = "http://blog.elementary.io/rss"; } {url = "http://blog.elementary.io/rss";}
{ url = "https://www.insinuator.net/feed/"; } {url = "https://www.insinuator.net/feed/";}
{ url = "https://www.mapbox.com/blog/blog.rss"; } {url = "https://www.mapbox.com/blog/blog.rss";}
{ url = "http://www.harmj0y.net/blog/feed/"; } {url = "http://www.harmj0y.net/blog/feed/";}
{ url = "http://codurance.com/atom.xml"; } {url = "http://codurance.com/atom.xml";}
{ url = "https://blog.makersacademy.com/feed"; } {url = "https://blog.makersacademy.com/feed";}
{ url = "https://sensepost.com/rss.xml"; } {url = "https://sensepost.com/rss.xml";}
{ url = "https://www.evilsocket.net/atom.xml"; } {url = "https://www.evilsocket.net/atom.xml";}
{ url = "https://krebsonsecurity.com/feed/"; } {url = "https://krebsonsecurity.com/feed/";}
{ url = "https://tisiphone.net/feed/"; } {url = "https://tisiphone.net/feed/";}
{ url = "https://blog.bastion.rs/feed.xml"; } {url = "https://blog.bastion.rs/feed.xml";}
]; ];
}; };
} }

View file

@ -1,7 +1,9 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''
StrictHostKeyChecking=accept-new StrictHostKeyChecking=accept-new
''; '';
} }

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
home.sessionVariables = { TERMINAL = "termite"; }; config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "termite";};
programs.termite = { programs.termite = {
enable = true; enable = true;
allowBold = true; allowBold = true;

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.tmux = { programs.tmux = {
enable = true; enable = true;
shortcut = "a"; shortcut = "a";

View file

@ -1,12 +1,18 @@
{ config, pkgs, lib, inputs, system, ... }: {
let config,
pkgs,
lib,
inputs,
system,
...
}: let
unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}"; unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}";
nil = inputs.nil.packages."${system}".default; nil = inputs.nil.packages."${system}".default;
cocPackage = unstablePackages.vimPlugins.coc-nvim; cocPackage = unstablePackages.vimPlugins.coc-nvim;
nvimPackage = unstablePackages.neovim-unwrapped; nvimPackage = unstablePackages.neovim-unwrapped;
in { in {
home.file.".vimrc".source = ../../../.vimrc; home.file.".vimrc".source = ../../../.vimrc;
home.packages = with pkgs; [ ripgrep ]; home.packages = with pkgs; [ripgrep];
programs.neovim = { programs.neovim = {
enable = true; enable = true;
package = nvimPackage; package = nvimPackage;
@ -22,12 +28,11 @@ in {
languageserver = { languageserver = {
nix = { nix = {
command = "${nil}/bin/nil"; command = "${nil}/bin/nil";
rootPatterns = [ "flake.nix" ]; rootPatterns = ["flake.nix"];
filetypes = [ "nix" ]; filetypes = ["nix"];
}; };
}; };
}; };
}; };
viAlias = true; viAlias = true;
vimAlias = true; vimAlias = true;
@ -37,58 +42,58 @@ in {
withRuby = true; withRuby = true;
plugins = with pkgs; plugins = with pkgs;
with pkgs.vimPlugins; [ with pkgs.vimPlugins; [
(vimUtils.buildVimPluginFrom2Nix rec { (vimUtils.buildVimPluginFrom2Nix rec {
pname = "vim-tada"; pname = "vim-tada";
version = "2022-04-22"; version = "2022-04-22";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "dewyze"; owner = "dewyze";
repo = pname; repo = pname;
rev = "acfda7229fc487ee6da44650164cb770d1cc608c"; rev = "acfda7229fc487ee6da44650164cb770d1cc608c";
sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY="; sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY=";
}; };
}) })
(vimUtils.buildVimPluginFrom2Nix rec { (vimUtils.buildVimPluginFrom2Nix rec {
pname = "srht.vim"; pname = "srht.vim";
version = "2022-01-04"; version = "2022-01-04";
src = fetchFromSourcehut { src = fetchFromSourcehut {
owner = "~willdurand"; owner = "~willdurand";
repo = pname; repo = pname;
rev = "825e685f75464cbd41a5f8eded974e46f416355e"; rev = "825e685f75464cbd41a5f8eded974e46f416355e";
sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco="; sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco=";
}; };
}) })
ack-vim ack-vim
coc-go coc-go
coc-highlight coc-highlight
coc-rust-analyzer coc-rust-analyzer
coc-yaml coc-yaml
committia-vim committia-vim
ctrlp-vim ctrlp-vim
editorconfig-vim editorconfig-vim
fzf-vim fzf-vim
lsp-colors-nvim lsp-colors-nvim
nvim-tree-lua nvim-tree-lua
nvim-web-devicons nvim-web-devicons
quickfix-reflector-vim quickfix-reflector-vim
rainbow rainbow
tabular tabular
vim-airline vim-airline
vim-airline-themes vim-airline-themes
vim-autoformat vim-autoformat
vim-colors-solarized vim-colors-solarized
vim-devicons vim-devicons
vim-dirdiff vim-dirdiff
vim-dispatch vim-dispatch
vim-fugitive vim-fugitive
vim-gitgutter vim-gitgutter
vim-markdown vim-markdown
vim-nix vim-nix
vim-sensible vim-sensible
vim-startify vim-startify
vim-surround vim-surround
vim-toml vim-toml
]; ];
extraConfig = '' extraConfig = ''
if filereadable($HOME . "/.vimrc") if filereadable($HOME . "/.vimrc")
source $HOME/.vimrc source $HOME/.vimrc

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.zsh = { programs.zsh = {
enable = true; enable = true;
history = { history = {
@ -14,7 +18,7 @@
oh-my-zsh = { oh-my-zsh = {
enable = true; enable = true;
plugins = [ "vi-mode" "git" "python" "history-substring-search" "tmux" ]; plugins = ["vi-mode" "git" "python" "history-substring-search" "tmux"];
}; };
initExtra = '' initExtra = ''
@ -65,7 +69,7 @@
programs.direnv = { programs.direnv = {
enable = true; enable = true;
enableZshIntegration = true; enableZshIntegration = true;
nix-direnv = { enable = true; }; nix-direnv = {enable = true;};
}; };
home.file.".config/starship.toml".text = '' home.file.".config/starship.toml".text = ''

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
imports = [ imports = [
./scripts/mount-vault.nix ./scripts/mount-vault.nix
./scripts/umount-vault.nix ./scripts/umount-vault.nix

View file

@ -1,11 +1,11 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
download = pkgs.writeShellScriptBin "download" '' download = pkgs.writeShellScriptBin "download" ''
${pkgs.aria}/bin/aria2c -x 16 -s 16 $@ ${pkgs.aria}/bin/aria2c -x 16 -s 16 $@
''; '';
in { in {
home.packages = with pkgs; [download];
home.packages = with pkgs; [ download ];
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
mount-vault = pkgs.writeTextFile { mount-vault = pkgs.writeTextFile {
name = "mount-vault"; name = "mount-vault";
executable = true; executable = true;
@ -49,8 +51,6 @@ let
fi fi
''; '';
}; };
in { in {
home.packages = with pkgs; [mount-vault];
home.packages = with pkgs; [ mount-vault ];
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }: {
config,
let pkgs,
...
}: let
umount-vault = pkgs.writeTextFile { umount-vault = pkgs.writeTextFile {
name = "umount-vault"; name = "umount-vault";
executable = true; executable = true;
@ -16,5 +18,4 @@ let
$VERACRYPT -t -d $VERACRYPT -t -d
''; '';
}; };
in {home.packages = with pkgs; [umount-vault];}
in { home.packages = with pkgs; [ umount-vault ]; }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.autorandr.enable = true; services.autorandr.enable = true;
home-manager.users.cyryl = _: { home-manager.users.cyryl = _: {
programs.autorandr = { programs.autorandr = {
@ -23,15 +27,12 @@
}; };
profiles = { profiles = {
"foureighty-docked" = { "foureighty-docked" = {
fingerprint = { fingerprint = {
eDP1 = eDP1 = "00ffffffffffff0030e4ee0500000000001c0104a51f1178e272e5a15148a2280e505400000001010101010101010101010101010101695e00a0a0a029503020a50035ae1000001a000000000000000000000000000000000000000000fe004c4720446973706c61790a2020000000fe004c503134305148322d535044310060";
"00ffffffffffff0030e4ee0500000000001c0104a51f1178e272e5a15148a2280e505400000001010101010101010101010101010101695e00a0a0a029503020a50035ae1000001a000000000000000000000000000000000000000000fe004c4720446973706c61790a2020000000fe004c503134305148322d535044310060"; DP1 = "00ffffffffffff0026cd4e66f3030000271d0104b53c22783ef6d5a7544b9e250d5054bfef80714f8140818081c09500b300d1c001014dd000a0f0703e8030203500544f2100001a000000ff0031313636333933393031303131000000fd00184c1fa03c000a202020202020000000fc00504c3237393255480a202020200176020320f15390050403020716011f121314201511065d5e5f2309070783010000023a801871382d40582c4500544f2100001f011d8018711c1620582c2500544f2100009fa76600a0f0701f8030205500544f2100001ff45100a0f070198030203500544f2100001f565e00a0a0a0295030203500544f2100001b000000000059";
DP1 =
"00ffffffffffff0026cd4e66f3030000271d0104b53c22783ef6d5a7544b9e250d5054bfef80714f8140818081c09500b300d1c001014dd000a0f0703e8030203500544f2100001a000000ff0031313636333933393031303131000000fd00184c1fa03c000a202020202020000000fc00504c3237393255480a202020200176020320f15390050403020716011f121314201511065d5e5f2309070783010000023a801871382d40582c4500544f2100001f011d8018711c1620582c2500544f2100009fa76600a0f0701f8030205500544f2100001ff45100a0f070198030203500544f2100001f565e00a0a0a0295030203500544f2100001b000000000059";
}; };
config = { config = {
eDP1 = { enable = false; }; eDP1 = {enable = false;};
DP1 = { DP1 = {
enable = true; enable = true;
primary = true; primary = true;
@ -42,8 +43,7 @@
}; };
"foureighty" = { "foureighty" = {
fingerprint = { fingerprint = {
eDP1 = eDP1 = "00ffffffffffff0030e4ee0500000000001c0104a51f1178e272e5a15148a2280e505400000001010101010101010101010101010101695e00a0a0a029503020a50035ae1000001a000000000000000000000000000000000000000000fe004c4720446973706c61790a2020000000fe004c503134305148322d535044310060";
"00ffffffffffff0030e4ee0500000000001c0104a51f1178e272e5a15148a2280e505400000001010101010101010101010101010101695e00a0a0a029503020a50035ae1000001a000000000000000000000000000000000000000000fe004c4720446973706c61790a2020000000fe004c503134305148322d535044310060";
}; };
config = { config = {
eDP1 = { eDP1 = {
@ -57,5 +57,4 @@
}; };
}; };
}; };
} }

View file

@ -1,28 +1,36 @@
{ config, pkgs, ... }: { {
imports = [ ./autorandr.nix ./openweathermap-secrets.nix ]; config,
environment.systemPackages = with pkgs; [ dconf ]; pkgs,
...
}: {
imports = [./autorandr.nix ./openweathermap-secrets.nix];
environment.systemPackages = with pkgs; [dconf];
programs.dconf.enable = true; programs.dconf.enable = true;
security.sudo.extraRules = [ security.sudo.extraRules = [
{ {
users = [ "cyryl" ]; users = ["cyryl"];
commands = [{ commands = [
command = "${pkgs.i3}/bin/i3-msg"; {
options = [ "NOPASSWD" ]; command = "${pkgs.i3}/bin/i3-msg";
}]; options = ["NOPASSWD"];
}
];
} }
{ {
users = [ "cyryl" ]; users = ["cyryl"];
commands = [{ commands = [
command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top"; {
options = [ "NOPASSWD" ]; command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top";
}]; options = ["NOPASSWD"];
}
];
} }
]; ];
xdg.portal = { xdg.portal = {
enable = true; enable = true;
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-kde ]; extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-kde];
}; };
services = { services = {
@ -31,7 +39,7 @@
allowAnyUser = true; allowAnyUser = true;
}; };
dbus = { packages = with pkgs; [ gnome2.GConf dconf ]; }; dbus = {packages = with pkgs; [gnome2.GConf dconf];};
fractalart.enable = true; fractalart.enable = true;
colord.enable = true; colord.enable = true;
@ -41,8 +49,8 @@
enableHidpi = true; enableHidpi = true;
}; };
}; };
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ./home.nix ]; imports = [./home.nix];
home.packages = with pkgs; [ ]; home.packages = with pkgs; [];
}; };
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.dunst = { services.dunst = {
enable = true; enable = true;
settings = { settings = {

View file

@ -1,6 +1,9 @@
{ config, pkgs, ... }: { {
config,
home.packages = with pkgs; [ grobi ]; pkgs,
...
}: {
home.packages = with pkgs; [grobi];
services.grobi = { services.grobi = {
enable = true; enable = true;
executeAfter = [ executeAfter = [
@ -10,7 +13,7 @@
rules = [ rules = [
{ {
name = "foureighty-docked"; name = "foureighty-docked";
outputs_connected = [ "eDP1" "DP1" ]; outputs_connected = ["eDP1" "DP1"];
configure_single = "DP1"; configure_single = "DP1";
execute_after = [ execute_after = [
"${pkgs.xorg.xrandr}/bin/xrandr --dpi 192" "${pkgs.xorg.xrandr}/bin/xrandr --dpi 192"
@ -19,7 +22,7 @@
} }
{ {
name = "foureighty"; name = "foureighty";
outputs_connected = [ "eDP1-AUO-9014-0--" ]; outputs_connected = ["eDP1-AUO-9014-0--"];
configure_single = "eDP1"; configure_single = "eDP1";
execute_after = [ execute_after = [
"${pkgs.xorg.xrandr}/bin/xrandr --dpi 144" "${pkgs.xorg.xrandr}/bin/xrandr --dpi 144"
@ -28,7 +31,7 @@
} }
{ {
name = "skinnyv"; name = "skinnyv";
outputs_connected = [ "eDP1-AUO-8493-0--" ]; outputs_connected = ["eDP1-AUO-8493-0--"];
configure_single = "eDP1"; configure_single = "eDP1";
execute_after = [ execute_after = [
"${pkgs.xorg.xrandr}/bin/xrandr --dpi 120" "${pkgs.xorg.xrandr}/bin/xrandr --dpi 120"

View file

@ -1,8 +1,11 @@
{ config, pkgs, ... }: { {
imports = config,
[ ./i3.nix ./i3status-rust.nix ./dunst.nix ./rofi.nix ./xidlehook.nix ]; pkgs,
...
}: {
imports = [./i3.nix ./i3status-rust.nix ./dunst.nix ./rofi.nix ./xidlehook.nix];
home.sessionVariables = { CM_LAUNCHER = "rofi"; }; home.sessionVariables = {CM_LAUNCHER = "rofi";};
services = { services = {
picom = { picom = {
@ -13,7 +16,7 @@
pasystray.enable = true; pasystray.enable = true;
gnome-keyring = { gnome-keyring = {
enable = true; enable = true;
components = [ "pkcs11" "secrets" "ssh" ]; components = ["pkcs11" "secrets" "ssh"];
}; };
}; };
@ -26,6 +29,5 @@
longitude = -1.0; longitude = -1.0;
}; };
xsession = { enable = true; }; xsession = {enable = true;};
} }

View file

@ -1,12 +1,16 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.i3status = { programs.i3status = {
enable = true; enable = true;
enableDefault = false; enableDefault = false;
modules = { modules = {
"load" = { position = 1; }; "load" = {position = 1;};
"disk /" = { "disk /" = {
position = 2; position = 2;
settings = { format = " %avail"; }; settings = {format = " %avail";};
}; };
"memory" = { "memory" = {
settings = { settings = {
@ -27,10 +31,9 @@
position = 3; position = 3;
}; };
"time" = { "time" = {
settings = { format = "%a %d/%m %H:%M"; }; settings = {format = "%a %d/%m %H:%M";};
position = 9; position = 9;
}; };
}; };
}; };
} }

View file

@ -1,7 +1,11 @@
{ config, pkgs, ... }: {
let mod = "Mod4"; config,
pkgs,
...
}: let
mod = "Mod4";
in { in {
home.packages = with pkgs; [ font-awesome intel-gpu-tools ]; home.packages = with pkgs; [font-awesome intel-gpu-tools];
xsession.windowManager.i3 = { xsession.windowManager.i3 = {
enable = true; enable = true;
@ -23,8 +27,7 @@ in {
notification = false; notification = false;
} }
{ {
command = command = "exec xdg-mime default org.gnome.Evince.desktop application/pdf";
"exec xdg-mime default org.gnome.Evince.desktop application/pdf";
always = false; always = false;
notification = false; notification = false;
} }
@ -42,19 +45,20 @@ in {
}; };
workspaceLayout = "tabbed"; workspaceLayout = "tabbed";
bars = [{ bars = [
statusCommand = {
"${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-top.toml"; statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-top.toml";
position = "top"; position = "top";
colors.background = "#001e26"; colors.background = "#001e26";
colors.statusline = "#708183"; colors.statusline = "#708183";
fonts = { fonts = {
names = [ "Berkeley Mono" "Font Awesome 6 Free" ]; names = ["Berkeley Mono" "Font Awesome 6 Free"];
size = 10.0; size = 10.0;
}; };
trayOutput = "primary"; trayOutput = "primary";
}]; }
];
modifier = mod; modifier = mod;
keybindings = { keybindings = {
@ -65,25 +69,17 @@ in {
"${mod}+Shift+l" = "exec physlock -d"; "${mod}+Shift+l" = "exec physlock -d";
"${mod}+Return" = "exec i3-sensible-terminal"; "${mod}+Return" = "exec i3-sensible-terminal";
"XF86AudioRaiseVolume" = "XF86AudioRaiseVolume" = "exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ +5%";
"exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ +5%"; "XF86AudioLowerVolume" = "exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioLowerVolume" = "XF86AudioMute" = "exec --no-startup-id pactl set-sink-mute @DEFAULT_SINK@ toggle";
"exec --no-startup-id pactl set-sink-volume @DEFAULT_SINK@ -5%"; "XF86AudioMicMute" = "exec --no-startup-id pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86AudioMute" =
"exec --no-startup-id pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" =
"exec --no-startup-id pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessUp" = "XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
"exec light -s sysfs/backlight/intel_backlight -A 5"; "XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
"XF86MonBrightnessDown" =
"exec light -s sysfs/backlight/intel_backlight -U 5";
"Print" = "Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
"exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
"${mod}+r" = "${mod}+r" = "exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
"exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
"${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu"; "${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu";
"${mod}+q" = "kill"; "${mod}+q" = "kill";
"${mod}+f" = "fullscreen toggle"; "${mod}+f" = "fullscreen toggle";
@ -120,8 +116,6 @@ in {
"${mod}+Ctrl+Up" = "move workspace to output up"; "${mod}+Ctrl+Up" = "move workspace to output up";
"${mod}+Ctrl+Down" = "move workspace to output down"; "${mod}+Ctrl+Down" = "move workspace to output down";
}; };
}; };
}; };
} }

View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.i3status-rust = { programs.i3status-rust = {
enable = true; enable = true;
bars = { bars = {

View file

@ -1,11 +1,13 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
sops.secrets.openweathermap-api-key = { sops.secrets.openweathermap-api-key = {
inherit (config.users.users.cyryl) group; inherit (config.users.users.cyryl) group;
mode = "0440"; mode = "0440";
owner = config.users.users.cyryl.name; owner = config.users.users.cyryl.name;
sopsFile = ./openweathermap.sops.yaml; sopsFile = ./openweathermap.sops.yaml;
}; };
home-manager.users.cyryl = { home.sessionVariables = { }; }; home-manager.users.cyryl = {home.sessionVariables = {};};
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.polybar = { services.polybar = {
enable = true; enable = true;
script = "polybar -r main_bar &"; script = "polybar -r main_bar &";
@ -10,7 +14,7 @@
githubSupport = true; githubSupport = true;
}; };
config = { config = {
"settings" = { screenchange-reload = "true"; }; "settings" = {screenchange-reload = "true";};
"bar/main_bar" = { "bar/main_bar" = {
font-0 = "DejaVu Sans Mono for Powerline:size=12.0;weight=bold"; font-0 = "DejaVu Sans Mono for Powerline:size=12.0;weight=bold";
font-1 = "Weather Icons:size=12;0"; font-1 = "Weather Icons:size=12;0";
@ -40,12 +44,11 @@
"module/weather" = { "module/weather" = {
type = "custom/script"; type = "custom/script";
interval = 600; interval = 600;
exec = exec = "${pkgs.bash}/bin/bash -c 'source ~/dev/dotfiles/nixos/i3/polybar/openweathermap-fullfeatured.sh'";
"${pkgs.bash}/bin/bash -c 'source ~/dev/dotfiles/nixos/i3/polybar/openweathermap-fullfeatured.sh'";
label-font = 2; label-font = 2;
}; };
"module/i3" = { type = "internal/i3"; }; "module/i3" = {type = "internal/i3";};
"module/cpu" = { "module/cpu" = {
type = "internal/cpu"; type = "internal/cpu";
@ -56,8 +59,7 @@
"module/temperature" = { "module/temperature" = {
type = "custom/script"; type = "custom/script";
interval = 5; interval = 5;
exec = exec = "${pkgs.bash}/bin/bash -c 'source ~/dev/dotfiles/nixos/i3/polybar/cpu-temp.sh'";
"${pkgs.bash}/bin/bash -c 'source ~/dev/dotfiles/nixos/i3/polybar/cpu-temp.sh'";
}; };
"module/memory" = { "module/memory" = {
@ -89,8 +91,6 @@
format-discharging = "<label-discharging>"; format-discharging = "<label-discharging>";
label-discharging = "%time%"; label-discharging = "%time%";
}; };
}; };
}; };
} }

View file

@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
programs.rofi = { programs.rofi = {
enable = true; enable = true;
font = "Berkeley Mono 16"; font = "Berkeley Mono 16";

View file

@ -1,11 +1,14 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.xidlehook = { services.xidlehook = {
enable = true; enable = true;
not-when-audio = true; not-when-audio = true;
not-when-fullscreen = true; not-when-fullscreen = true;
environment = { environment = {
"PRIMARY_DISPLAY" = "PRIMARY_DISPLAY" = "$(${pkgs.xorg.xrandr}/bin/xrandr | awk '/ primary/{print $1}')";
"$(${pkgs.xorg.xrandr}/bin/xrandr | awk '/ primary/{print $1}')";
}; };
timers = [ timers = [
{ {
@ -24,6 +27,5 @@
''}"; ''}";
} }
]; ];
}; };
} }

Some files were not shown because too many files have changed in this diff Show more