reformat all files using alejandra
This commit is contained in:
parent
d9543e17a4
commit
df4d72c06e
74 changed files with 1351 additions and 972 deletions
383
flake.nix
383
flake.nix
|
@ -1,198 +1,211 @@
|
||||||
{
|
{
|
||||||
description = "NixOS configuration with flakes";
|
description = "NixOS configuration with flakes";
|
||||||
outputs = { self, flake-utils, flake-compat, home-manager
|
outputs = {
|
||||||
, nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin
|
self,
|
||||||
, nixos-hardware, nur, sops, nil, helix, alejandra, nixpkgs-rust-analyzer
|
flake-utils,
|
||||||
, endless-sky, disko }@inputs:
|
flake-compat,
|
||||||
let
|
home-manager,
|
||||||
mkServer = pkgs: system: hostname:
|
nixpkgs-nixos-unstable,
|
||||||
pkgs.lib.nixosSystem {
|
nixpkgs-master,
|
||||||
inherit system;
|
nixpkgs-stable,
|
||||||
modules = [
|
darwin,
|
||||||
(./. + "/nixos/boxes/${hostname}")
|
nixos-hardware,
|
||||||
(import ./nixos/server-common.nix)
|
nur,
|
||||||
sops.nixosModules.sops
|
sops,
|
||||||
disko.nixosModules.disko
|
nil,
|
||||||
];
|
helix,
|
||||||
specialArgs = { inherit inputs system; };
|
alejandra,
|
||||||
};
|
nixpkgs-rust-analyzer,
|
||||||
mkRaspi = pkgs: hostname:
|
endless-sky,
|
||||||
pkgs.lib.nixosSystem {
|
disko,
|
||||||
system = "aarch64-linux";
|
} @ inputs: let
|
||||||
modules = [ (./. + "/nixos/boxes/${hostname}")
|
mkServer = pkgs: system: hostname:
|
||||||
sops.nixosModules.sops
|
pkgs.lib.nixosSystem {
|
||||||
];
|
inherit system;
|
||||||
specialArgs = { inherit inputs; };
|
modules = [
|
||||||
};
|
(./. + "/nixos/boxes/${hostname}")
|
||||||
mkKiosk = pkgs: system: hostname:
|
(import ./nixos/server-common.nix)
|
||||||
pkgs.lib.nixosSystem {
|
sops.nixosModules.sops
|
||||||
inherit system;
|
disko.nixosModules.disko
|
||||||
modules = [
|
];
|
||||||
(./. + "/nixos/boxes/${hostname}")
|
specialArgs = {inherit inputs system;};
|
||||||
(import ./nixos/common.nix)
|
|
||||||
sops.nixosModules.sops
|
|
||||||
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
|
||||||
home-manager.useGlobalPkgs = true;
|
|
||||||
home-manager.useUserPackages = true;
|
|
||||||
home-manager.users.cyryl = {
|
|
||||||
imports =
|
|
||||||
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
|
|
||||||
_module.args.inputs = inputs;
|
|
||||||
_module.args.system = system;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
specialArgs = {
|
|
||||||
inherit inputs system;
|
|
||||||
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
|
|
||||||
inherit system;
|
|
||||||
config = { allowUnfree = true; };
|
|
||||||
};
|
|
||||||
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
|
|
||||||
inherit system;
|
|
||||||
config = { allowUnfree = true; };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
mkWorkstation = pkgs: system: hostname:
|
|
||||||
pkgs.lib.nixosSystem {
|
|
||||||
inherit system;
|
|
||||||
modules = [
|
|
||||||
(./. + "/nixos/boxes/${hostname}")
|
|
||||||
(import ./nixos/email-accounts.nix)
|
|
||||||
(import ./nixos/common.nix)
|
|
||||||
sops.nixosModules.sops
|
|
||||||
disko.nixosModules.disko
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
|
||||||
home-manager.useGlobalPkgs = true;
|
|
||||||
home-manager.useUserPackages = true;
|
|
||||||
home-manager.users.cyryl = {
|
|
||||||
imports =
|
|
||||||
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
|
|
||||||
_module.args.inputs = inputs;
|
|
||||||
_module.args.system = system;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
specialArgs = {
|
|
||||||
inherit inputs system;
|
|
||||||
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
|
|
||||||
inherit system;
|
|
||||||
config = { allowUnfree = true; };
|
|
||||||
};
|
|
||||||
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
|
|
||||||
inherit system;
|
|
||||||
config = { allowUnfree = true; };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
mkShell = packageSet: system:
|
|
||||||
let pkgs = packageSet.legacyPackages.${system};
|
|
||||||
in pkgs.mkShell {
|
|
||||||
packages = with pkgs; [
|
|
||||||
inputs.alejandra.defaultPackage.${system}
|
|
||||||
cacert
|
|
||||||
git
|
|
||||||
git-lfs
|
|
||||||
nixpkgs-fmt
|
|
||||||
openssh
|
|
||||||
openssl
|
|
||||||
pkg-config
|
|
||||||
statix
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
devShells = {
|
|
||||||
"x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
|
|
||||||
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
|
|
||||||
};
|
};
|
||||||
darwinConfigurations = {
|
mkRaspi = pkgs: hostname:
|
||||||
"FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec {
|
pkgs.lib.nixosSystem {
|
||||||
system = "x86_64-darwin";
|
system = "aarch64-linux";
|
||||||
modules = [
|
modules = [
|
||||||
(./. + "/nixos/boxes/form3")
|
(./. + "/nixos/boxes/${hostname}")
|
||||||
home-manager.darwinModules.home-manager
|
sops.nixosModules.sops
|
||||||
{
|
];
|
||||||
home-manager.useGlobalPkgs = true;
|
specialArgs = {inherit inputs;};
|
||||||
home-manager.useUserPackages = true;
|
};
|
||||||
home-manager.users.cyryl = {
|
mkKiosk = pkgs: system: hostname:
|
||||||
imports = [ ./nixos/home-manager ];
|
pkgs.lib.nixosSystem {
|
||||||
_module.args.inputs = inputs;
|
inherit system;
|
||||||
_module.args.system = system;
|
modules = [
|
||||||
};
|
(./. + "/nixos/boxes/${hostname}")
|
||||||
}
|
(import ./nixos/common.nix)
|
||||||
];
|
sops.nixosModules.sops
|
||||||
|
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager.useGlobalPkgs = true;
|
||||||
|
home-manager.useUserPackages = true;
|
||||||
|
home-manager.users.cyryl = {
|
||||||
|
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
|
||||||
|
_module.args.inputs = inputs;
|
||||||
|
_module.args.system = system;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs system;
|
||||||
|
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
|
||||||
|
inherit system;
|
||||||
|
config = {allowUnfree = true;};
|
||||||
|
};
|
||||||
|
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
|
||||||
|
inherit system;
|
||||||
|
config = {allowUnfree = true;};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
mkWorkstation = pkgs: system: hostname:
|
||||||
nixosConfigurations = {
|
pkgs.lib.nixosSystem {
|
||||||
foryog = mkWorkstation nixpkgs-stable "x86_64-linux" "foryog";
|
inherit system;
|
||||||
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
|
modules = [
|
||||||
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
|
(./. + "/nixos/boxes/${hostname}")
|
||||||
vpsfree1 = mkServer nixpkgs-stable"x86_64-linux" "vpsfree1";
|
(import ./nixos/email-accounts.nix)
|
||||||
mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1";
|
(import ./nixos/common.nix)
|
||||||
homescreen = mkRaspi nixpkgs-stable "homescreen";
|
sops.nixosModules.sops
|
||||||
|
disko.nixosModules.disko
|
||||||
bootstrap = nixpkgs-stable.lib.nixosSystem rec {
|
home-manager.nixosModules.home-manager
|
||||||
system = "x86_64-linux";
|
{
|
||||||
modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ];
|
home-manager.useGlobalPkgs = true;
|
||||||
specialArgs = {
|
home-manager.useUserPackages = true;
|
||||||
inherit inputs system;
|
home-manager.users.cyryl = {
|
||||||
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
|
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
|
||||||
inherit system;
|
_module.args.inputs = inputs;
|
||||||
config = { allowUnfree = true; };
|
_module.args.system = system;
|
||||||
};
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs system;
|
||||||
|
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
|
||||||
|
inherit system;
|
||||||
|
config = {allowUnfree = true;};
|
||||||
|
};
|
||||||
|
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
|
||||||
|
inherit system;
|
||||||
|
config = {allowUnfree = true;};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
|
};
|
||||||
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
|
mkShell = packageSet: system: let
|
||||||
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
|
pkgs = packageSet.legacyPackages.${system};
|
||||||
raspiimage = nixpkgs-stable.lib.nixosSystem {
|
in
|
||||||
system = "aarch64-linux";
|
pkgs.mkShell {
|
||||||
modules = [
|
packages = with pkgs; [
|
||||||
(import
|
inputs.alejandra.defaultPackage.${system}
|
||||||
"${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
|
cacert
|
||||||
{
|
git
|
||||||
environment.systemPackages =
|
git-lfs
|
||||||
with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
|
nixpkgs-fmt
|
||||||
neovim
|
openssh
|
||||||
htop
|
openssl
|
||||||
btop
|
pkg-config
|
||||||
atop
|
statix
|
||||||
];
|
];
|
||||||
|
};
|
||||||
networking.networkmanager.enable = false;
|
in {
|
||||||
hardware.enableRedistributableFirmware = true;
|
devShells = {
|
||||||
networking.wireless.enable = true;
|
"x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
|
||||||
|
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
|
||||||
services.openssh = {
|
};
|
||||||
enable = true;
|
darwinConfigurations = {
|
||||||
permitRootLogin =
|
"FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec {
|
||||||
nixpkgs-stable.lib.mkForce "prohibit-password";
|
system = "x86_64-darwin";
|
||||||
passwordAuthentication = false;
|
modules = [
|
||||||
};
|
(./. + "/nixos/boxes/form3")
|
||||||
|
home-manager.darwinModules.home-manager
|
||||||
services.xserver = {
|
{
|
||||||
enable = true;
|
home-manager.useGlobalPkgs = true;
|
||||||
displayManager.lightdm.enable = true;
|
home-manager.useUserPackages = true;
|
||||||
desktopManager.gnome.enable = true;
|
home-manager.users.cyryl = {
|
||||||
libinput.enable = true;
|
imports = [./nixos/home-manager];
|
||||||
};
|
_module.args.inputs = inputs;
|
||||||
|
_module.args.system = system;
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
};
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
|
}
|
||||||
];
|
];
|
||||||
sdImage.compressImage = false;
|
|
||||||
console.earlySetup = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
specialArgs = { inherit inputs; };
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixosConfigurations = {
|
||||||
|
foryog = mkWorkstation nixpkgs-stable "x86_64-linux" "foryog";
|
||||||
|
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
|
||||||
|
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
|
||||||
|
vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1";
|
||||||
|
mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1";
|
||||||
|
homescreen = mkRaspi nixpkgs-stable "homescreen";
|
||||||
|
|
||||||
|
bootstrap = nixpkgs-stable.lib.nixosSystem rec {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
modules = [(./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops];
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs system;
|
||||||
|
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
|
||||||
|
inherit system;
|
||||||
|
config = {allowUnfree = true;};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
|
||||||
|
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
|
||||||
|
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
|
||||||
|
raspiimage = nixpkgs-stable.lib.nixosSystem {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
modules = [
|
||||||
|
(import
|
||||||
|
"${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
|
||||||
|
{
|
||||||
|
environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
|
||||||
|
neovim
|
||||||
|
htop
|
||||||
|
btop
|
||||||
|
atop
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.networkmanager.enable = false;
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
networking.wireless.enable = true;
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
permitRootLogin =
|
||||||
|
nixpkgs-stable.lib.mkForce "prohibit-password";
|
||||||
|
passwordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.xserver = {
|
||||||
|
enable = true;
|
||||||
|
displayManager.lightdm.enable = true;
|
||||||
|
desktopManager.gnome.enable = true;
|
||||||
|
libinput.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
|
||||||
|
];
|
||||||
|
sdImage.compressImage = false;
|
||||||
|
console.earlySetup = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
specialArgs = {inherit inputs;};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs-master = {
|
nixpkgs-master = {
|
||||||
type = "github";
|
type = "github";
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ config, pkgs, lib, ... }: {
|
{
|
||||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
fileSystems."/".options = ["noatime" "nodiratime" "discard"];
|
||||||
|
|
||||||
hardware.enableRedistributableFirmware = lib.mkDefault true;
|
hardware.enableRedistributableFirmware = lib.mkDefault true;
|
||||||
boot = {
|
boot = {
|
||||||
|
|
|
@ -1,14 +1,17 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
boot = {
|
boot = {
|
||||||
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||||
initrd.availableKernelModules =
|
initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"];
|
||||||
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ];
|
initrd.kernelModules = ["dm-snapshot"];
|
||||||
initrd.kernelModules = [ "dm-snapshot" ];
|
kernelModules = ["kvm-amd"];
|
||||||
kernelModules = [ "kvm-amd" ];
|
extraModulePackages = [];
|
||||||
extraModulePackages = [ ];
|
|
||||||
loader.systemd-boot.enable = true;
|
loader.systemd-boot.enable = true;
|
||||||
loader.efi.canTouchEfiVariables = false;
|
loader.efi.canTouchEfiVariables = false;
|
||||||
supportedFilesystems = [ "zfs" ];
|
supportedFilesystems = ["zfs"];
|
||||||
zfs.forceImportRoot = false;
|
zfs.forceImportRoot = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -16,11 +19,11 @@
|
||||||
services.zfs.autoScrub.enable = true;
|
services.zfs.autoScrub.enable = true;
|
||||||
services.zfs.trim.enable = true;
|
services.zfs.trim.enable = true;
|
||||||
|
|
||||||
boot.kernelParams = [ "zfs.zfs_arc_max=8589934592" ];
|
boot.kernelParams = ["zfs.zfs_arc_max=8589934592"];
|
||||||
|
|
||||||
boot.zfs.extraPools = [ "data" ];
|
boot.zfs.extraPools = ["data"];
|
||||||
|
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-uuid/28afab71-ff3d-4f1a-b7e4-2129572706dd";
|
device = "/dev/disk/by-uuid/28afab71-ff3d-4f1a-b7e4-2129572706dd";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
};
|
};
|
||||||
|
@ -30,7 +33,7 @@
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [];
|
||||||
|
|
||||||
nix.settings = {
|
nix.settings = {
|
||||||
max-jobs = 8;
|
max-jobs = 8;
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
../cli.nix
|
../cli.nix
|
||||||
./bolty-boot.nix
|
./bolty-boot.nix
|
||||||
|
@ -15,7 +21,7 @@
|
||||||
./tailscale-cert.nix
|
./tailscale-cert.nix
|
||||||
./virtualisation.nix
|
./virtualisation.nix
|
||||||
];
|
];
|
||||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
boot.binfmt.emulatedSystems = ["aarch64-linux"];
|
||||||
programs.ccache.enable = true;
|
programs.ccache.enable = true;
|
||||||
networking.hostName = "bolty";
|
networking.hostName = "bolty";
|
||||||
networking.hostId = "f05dd3b4";
|
networking.hostId = "f05dd3b4";
|
||||||
|
|
|
@ -1,9 +1,14 @@
|
||||||
{ config, pkgs, inputs, lib, system, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
system,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
unstable = inputs.nixpkgs-nixos-unstable;
|
unstable = inputs.nixpkgs-nixos-unstable;
|
||||||
package = unstable.legacyPackages."${system}".gitea-actions-runner;
|
package = unstable.legacyPackages."${system}".gitea-actions-runner;
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
sops.secrets."gitea-runner-token" = {
|
sops.secrets."gitea-runner-token" = {
|
||||||
sopsFile = ./gitea-runner-token.sops;
|
sopsFile = ./gitea-runner-token.sops;
|
||||||
format = "binary";
|
format = "binary";
|
||||||
|
@ -14,8 +19,8 @@ in
|
||||||
daemon.settings = {
|
daemon.settings = {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
disabledModules = [ "services/continuous-integration/gitea-actions-runner.nix" ];
|
disabledModules = ["services/continuous-integration/gitea-actions-runner.nix"];
|
||||||
imports = [ "${unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix" ];
|
imports = ["${unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix"];
|
||||||
|
|
||||||
services.gitea-actions-runner = {
|
services.gitea-actions-runner = {
|
||||||
inherit package;
|
inherit package;
|
||||||
|
|
|
@ -1,12 +1,17 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
fqdn = "bolty.raptor-carp.ts.net";
|
fqdn = "bolty.raptor-carp.ts.net";
|
||||||
port = 30001;
|
port = 30001;
|
||||||
path = "/data/grafana";
|
path = "/data/grafana";
|
||||||
certPath = "${path}/cert.pem";
|
certPath = "${path}/cert.pem";
|
||||||
keyPath = "${path}/key.pem";
|
keyPath = "${path}/key.pem";
|
||||||
in {
|
in {
|
||||||
networking.firewall.allowedTCPPorts = [ port ];
|
networking.firewall.allowedTCPPorts = [port];
|
||||||
|
|
||||||
systemd.services.grafana-prep = {
|
systemd.services.grafana-prep = {
|
||||||
script = ''
|
script = ''
|
||||||
|
@ -19,15 +24,15 @@ in {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ReloadPropagatedFrom = "tailscale-cert.service";
|
ReloadPropagatedFrom = "tailscale-cert.service";
|
||||||
};
|
};
|
||||||
before = [ "grafana.service" ];
|
before = ["grafana.service"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
after = [
|
after = [
|
||||||
"network.target"
|
"network.target"
|
||||||
"network-online.target"
|
"network-online.target"
|
||||||
"tailscaled.service"
|
"tailscaled.service"
|
||||||
"tailscale-cert.service"
|
"tailscale-cert.service"
|
||||||
];
|
];
|
||||||
wants = [ "tailscale-cert.service" ];
|
wants = ["tailscale-cert.service"];
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.grafana = {
|
systemd.services.grafana = {
|
||||||
|
|
|
@ -1,15 +1,20 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
port = 8123;
|
port = 8123;
|
||||||
path = "/data/nginx";
|
path = "/data/nginx";
|
||||||
certPath = "${path}/cert.pem";
|
certPath = "${path}/cert.pem";
|
||||||
keyPath = "${path}/key.pem";
|
keyPath = "${path}/key.pem";
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ./virtualisation.nix ];
|
imports = [../nginx.nix ./virtualisation.nix];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ port 1883 ];
|
networking.firewall.allowedTCPPorts = [port 1883];
|
||||||
services.mosquitto = {
|
services.mosquitto = {
|
||||||
enable = true;
|
enable = true;
|
||||||
listeners = [
|
listeners = [
|
||||||
{
|
{
|
||||||
port = 1883;
|
port = 1883;
|
||||||
|
@ -18,8 +23,9 @@ in {
|
||||||
settings = {
|
settings = {
|
||||||
allow_anonymous = true;
|
allow_anonymous = true;
|
||||||
};
|
};
|
||||||
acl = [ "topic readwrite #" ];
|
acl = ["topic readwrite #"];
|
||||||
}];
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
|
@ -48,15 +54,14 @@ in {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ReloadPropagatedFrom = "tailscale-cert.service";
|
ReloadPropagatedFrom = "tailscale-cert.service";
|
||||||
};
|
};
|
||||||
before = [ "nginx.service" ];
|
before = ["nginx.service"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
after = [
|
after = [
|
||||||
"network.target"
|
"network.target"
|
||||||
"network-online.target"
|
"network-online.target"
|
||||||
"tailscaled.service"
|
"tailscaled.service"
|
||||||
"tailscale-cert.service"
|
"tailscale-cert.service"
|
||||||
];
|
];
|
||||||
wants = [ "tailscale-cert.service" ];
|
wants = ["tailscale-cert.service"];
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,2 +1,8 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,12 +1,17 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
fqdn = "bolty.raptor-carp.ts.net";
|
fqdn = "bolty.raptor-carp.ts.net";
|
||||||
port = 8086;
|
port = 8086;
|
||||||
path = "/data/influxdb";
|
path = "/data/influxdb";
|
||||||
certPath = "${path}/cert.pem";
|
certPath = "${path}/cert.pem";
|
||||||
keyPath = "${path}/key.pem";
|
keyPath = "${path}/key.pem";
|
||||||
in {
|
in {
|
||||||
networking.firewall.allowedTCPPorts = [ port ];
|
networking.firewall.allowedTCPPorts = [port];
|
||||||
|
|
||||||
systemd.services.influxdb2-prep = {
|
systemd.services.influxdb2-prep = {
|
||||||
script = ''
|
script = ''
|
||||||
|
@ -19,15 +24,15 @@ in {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ReloadPropagatedFrom = "tailscale-cert.service";
|
ReloadPropagatedFrom = "tailscale-cert.service";
|
||||||
};
|
};
|
||||||
before = [ "influxdb2.service" ];
|
before = ["influxdb2.service"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
after = [
|
after = [
|
||||||
"network.target"
|
"network.target"
|
||||||
"network-online.target"
|
"network-online.target"
|
||||||
"tailscaled.service"
|
"tailscaled.service"
|
||||||
"tailscale-cert.service"
|
"tailscale-cert.service"
|
||||||
];
|
];
|
||||||
wants = [ "tailscale-cert.service" ];
|
wants = ["tailscale-cert.service"];
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.influxdb2 = {
|
systemd.services.influxdb2 = {
|
||||||
|
@ -48,5 +53,4 @@ in {
|
||||||
tls-key = "${keyPath}";
|
tls-key = "${keyPath}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
networking.firewall.allowedTCPPorts = [ 2049 ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
networking.firewall.allowedTCPPorts = [2049];
|
||||||
services.nfs.server.enable = true;
|
services.nfs.server.enable = true;
|
||||||
services.nfs.server.exports = ''
|
services.nfs.server.exports = ''
|
||||||
/data/nfs 10.0.0.244/24(rw,sync,insecure,no_subtree_check,fsid=0) 100.81.212.51(rw,sync,insecure,no_subtree_check)
|
/data/nfs 10.0.0.244/24(rw,sync,insecure,no_subtree_check,fsid=0) 100.81.212.51(rw,sync,insecure,no_subtree_check)
|
||||||
|
@ -7,5 +13,4 @@
|
||||||
/data/nfs/home_assistant/media 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
|
/data/nfs/home_assistant/media 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
|
||||||
/data/nfs/home_assistant/backups 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
|
/data/nfs/home_assistant/backups 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
|
||||||
'';
|
'';
|
||||||
|
|
||||||
}
|
}
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.hostName = "bolty";
|
networking.hostName = "bolty";
|
||||||
systemd.network.enable = true;
|
systemd.network.enable = true;
|
||||||
networking.networkmanager.enable = false;
|
networking.networkmanager.enable = false;
|
||||||
|
@ -8,10 +14,10 @@
|
||||||
};
|
};
|
||||||
systemd.network.networks."br0" = {
|
systemd.network.networks."br0" = {
|
||||||
name = "br0";
|
name = "br0";
|
||||||
address = [ "10.0.0.8/24" ];
|
address = ["10.0.0.8/24"];
|
||||||
gateway = [ "10.0.0.1" ];
|
gateway = ["10.0.0.1"];
|
||||||
DHCP = "no";
|
DHCP = "no";
|
||||||
dns = [ "100.100.100.100" "9.9.9.9" ];
|
dns = ["100.100.100.100" "9.9.9.9"];
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.network.networks."eth" = {
|
systemd.network.networks."eth" = {
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
nix.settings.trusted-users = [ "nix-ssh" ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
nix.settings.trusted-users = ["nix-ssh"];
|
||||||
nix.sshServe = {
|
nix.sshServe = {
|
||||||
enable = true;
|
enable = true;
|
||||||
write = true;
|
write = true;
|
||||||
|
|
|
@ -1,39 +1,45 @@
|
||||||
{ config, pkgs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.firewall.enable = true;
|
networking.firewall.enable = true;
|
||||||
networking.firewall.allowedTCPPorts = [ 631 6566 ];
|
networking.firewall.allowedTCPPorts = [631 6566];
|
||||||
networking.firewall.allowedUDPPorts = [ 631 6566 ];
|
networking.firewall.allowedUDPPorts = [631 6566];
|
||||||
services.printing = {
|
services.printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
drivers = with pkgs; [ epson-escpr ];
|
drivers = with pkgs; [epson-escpr];
|
||||||
listenAddresses = [ "*:631" ];
|
listenAddresses = ["*:631"];
|
||||||
defaultShared = true;
|
defaultShared = true;
|
||||||
browsing = true;
|
browsing = true;
|
||||||
allowFrom = [ "all" ];
|
allowFrom = ["all"];
|
||||||
extraConf = ''
|
extraConf = ''
|
||||||
ServerAlias *
|
ServerAlias *
|
||||||
DefaultEncryption Never
|
DefaultEncryption Never
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
hardware.printers.ensurePrinters = [{
|
hardware.printers.ensurePrinters = [
|
||||||
description = "Epson XP-540";
|
{
|
||||||
location = "connected to bolty";
|
description = "Epson XP-540";
|
||||||
name = "epson_xp540";
|
location = "connected to bolty";
|
||||||
deviceUri =
|
name = "epson_xp540";
|
||||||
"usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1";
|
deviceUri = "usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1";
|
||||||
model = "raw";
|
model = "raw";
|
||||||
ppdOptions = { PageSize = "A4"; };
|
ppdOptions = {PageSize = "A4";};
|
||||||
}];
|
}
|
||||||
|
];
|
||||||
|
|
||||||
hardware.sane = {
|
hardware.sane = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraBackends = with pkgs; [ sane-airscan gawk ];
|
extraBackends = with pkgs; [sane-airscan gawk];
|
||||||
snapshot = true;
|
snapshot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.udev.packages = [ ];
|
services.udev.packages = [];
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ gawk ];
|
environment.systemPackages = with pkgs; [gawk];
|
||||||
services.saned = {
|
services.saned = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
|
|
|
@ -1,34 +1,39 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
fqdn = "bolty.raptor-carp.ts.net";
|
fqdn = "bolty.raptor-carp.ts.net";
|
||||||
basePath = "/var/lib/tailscale-certs";
|
basePath = "/var/lib/tailscale-certs";
|
||||||
keyPath = "${basePath}/key.pem";
|
keyPath = "${basePath}/key.pem";
|
||||||
certPath = "${basePath}/cert.pem";
|
certPath = "${basePath}/cert.pem";
|
||||||
in {
|
in {
|
||||||
imports = [ ];
|
imports = [];
|
||||||
|
|
||||||
systemd.services.tailscale-cert-make-path = {
|
systemd.services.tailscale-cert-make-path = {
|
||||||
script = ''
|
script = ''
|
||||||
mkdir -p ${basePath}
|
mkdir -p ${basePath}
|
||||||
'';
|
'';
|
||||||
serviceConfig = { Type = "oneshot"; };
|
serviceConfig = {Type = "oneshot";};
|
||||||
before = [ "tailscale-cert.service" ];
|
before = ["tailscale-cert.service"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.tailscale-cert = {
|
systemd.services.tailscale-cert = {
|
||||||
after = [ "network.target" "network-online.target" "tailscaled.service" ];
|
after = ["network.target" "network-online.target" "tailscaled.service"];
|
||||||
wants = [ "tailscaled.service" ];
|
wants = ["tailscaled.service"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
|
|
||||||
path = with pkgs; [ tailscale ];
|
path = with pkgs; [tailscale];
|
||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
UMask = 22;
|
UMask = 22;
|
||||||
StateDirectoryMode = 750;
|
StateDirectoryMode = 750;
|
||||||
ProtectSystem = "strict";
|
ProtectSystem = "strict";
|
||||||
ReadWritePaths = [ "${basePath}" ];
|
ReadWritePaths = ["${basePath}"];
|
||||||
PrivateTmp = true;
|
PrivateTmp = true;
|
||||||
WorkingDirectory = "${basePath}";
|
WorkingDirectory = "${basePath}";
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
|
@ -36,7 +41,7 @@ in {
|
||||||
ProtectClock = true;
|
ProtectClock = true;
|
||||||
ProtectHome = true;
|
ProtectHome = true;
|
||||||
ProtectHostname = true;
|
ProtectHostname = true;
|
||||||
StateDirectory = [ "${basePath}" ];
|
StateDirectory = ["${basePath}"];
|
||||||
};
|
};
|
||||||
|
|
||||||
script = ''
|
script = ''
|
||||||
|
@ -45,7 +50,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.timers.tailscale-renew = {
|
systemd.timers.tailscale-renew = {
|
||||||
wantedBy = [ "timers.target" ];
|
wantedBy = ["timers.target"];
|
||||||
description = "Renew tailscale server cert";
|
description = "Renew tailscale server cert";
|
||||||
timerConfig = {
|
timerConfig = {
|
||||||
OnCalendar = "weekly";
|
OnCalendar = "weekly";
|
||||||
|
|
|
@ -1,10 +1,16 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
boot.kernelModules = [ "kvm_amd" ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
boot.kernelModules = ["kvm_amd"];
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
libvirtd = {
|
libvirtd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
qemu.ovmf.enable = true;
|
qemu.ovmf.enable = true;
|
||||||
allowedBridges = [ "br0" ];
|
allowedBridges = ["br0"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -14,8 +20,7 @@
|
||||||
virt-viewer
|
virt-viewer
|
||||||
lm_sensors
|
lm_sensors
|
||||||
];
|
];
|
||||||
networking.firewall.allowedTCPPorts = [ 5900 ];
|
networking.firewall.allowedTCPPorts = [5900];
|
||||||
|
|
||||||
security.allowUserNamespaces = true;
|
security.allowUserNamespaces = true;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,5 +16,5 @@
|
||||||
|
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
programs.zsh.enable=true;
|
programs.zsh.enable = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
atop
|
atop
|
||||||
btop
|
btop
|
||||||
|
|
|
@ -1,14 +1,21 @@
|
||||||
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
nixpkgs-nixos-unstable-and-unfree,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||||
form3_cert_path = ./form3-palo-alto.pem;
|
form3_cert_path = ./form3-palo-alto.pem;
|
||||||
form3_cert_bundle = builtins.toFile "form3-cert-bundle.crt"
|
form3_cert_bundle =
|
||||||
|
builtins.toFile "form3-cert-bundle.crt"
|
||||||
(builtins.readFile system_cert_bundle_path
|
(builtins.readFile system_cert_bundle_path
|
||||||
+ builtins.readFile form3_cert_path);
|
+ builtins.readFile form3_cert_path);
|
||||||
in {
|
in {
|
||||||
environment.systemPackages = with pkgs; [ vim nixfmt ];
|
environment.systemPackages = with pkgs; [vim nixfmt];
|
||||||
|
|
||||||
imports = [ ../../git ../../mercurial ];
|
imports = [../../git ../../mercurial];
|
||||||
services.nix-daemon.enable = true;
|
services.nix-daemon.enable = true;
|
||||||
nix = {
|
nix = {
|
||||||
useDaemon = true;
|
useDaemon = true;
|
||||||
|
@ -30,7 +37,7 @@ in {
|
||||||
source-code-pro
|
source-code-pro
|
||||||
weather-icons
|
weather-icons
|
||||||
];
|
];
|
||||||
security.pki.certificateFiles = [ form3_cert_path system_cert_bundle_path ];
|
security.pki.certificateFiles = [form3_cert_path system_cert_bundle_path];
|
||||||
environment.variables = {
|
environment.variables = {
|
||||||
SSL_CERT_FILE = form3_cert_bundle;
|
SSL_CERT_FILE = form3_cert_bundle;
|
||||||
NIX_SSL_CERT_FILE = form3_cert_bundle;
|
NIX_SSL_CERT_FILE = form3_cert_bundle;
|
||||||
|
@ -41,9 +48,9 @@ in {
|
||||||
|
|
||||||
system.stateVersion = 4;
|
system.stateVersion = 4;
|
||||||
|
|
||||||
home-manager.users.cyryl = { ... }: {
|
home-manager.users.cyryl = {...}: {
|
||||||
imports = [ ];
|
imports = [];
|
||||||
home.packages = with pkgs; [ awscli kubectl cargo-update ];
|
home.packages = with pkgs; [awscli kubectl cargo-update];
|
||||||
programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech";
|
programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech";
|
||||||
programs.git.extraConfig = {
|
programs.git.extraConfig = {
|
||||||
user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED";
|
user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED";
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
fileSystems."/" = {options = ["compress=zstd"];};
|
fileSystems."/" = {options = ["compress=zstd"];};
|
||||||
|
|
||||||
services.restic.backups.home-to-b2 = {
|
services.restic.backups.home-to-b2 = {
|
||||||
repository = lib.mkForce "b2:cyplo-restic-foureighty:/";
|
repository = lib.mkForce "b2:cyplo-restic-foureighty:/";
|
||||||
};
|
};
|
||||||
boot.kernelParams = ["initcall_debug" ''dyndbg="file suspend.c +p"'' "no_console_suspend"];
|
boot.kernelParams = ["initcall_debug" ''dyndbg="file suspend.c +p"'' "no_console_suspend"];
|
||||||
boot.tmp.cleanOnBoot = true;
|
boot.tmp.cleanOnBoot = true;
|
||||||
|
|
|
@ -1,11 +1,16 @@
|
||||||
{ config, lib, pkgs, inputs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
boot = {
|
boot = {
|
||||||
kernelModules = [ "kvm-intel" ];
|
kernelModules = ["kvm-intel"];
|
||||||
|
|
||||||
initrd = {
|
initrd = {
|
||||||
kernelModules = [ "dm-snapshot" ];
|
kernelModules = ["dm-snapshot"];
|
||||||
availableKernelModules =
|
availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
|
||||||
[ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
loader.systemd-boot.enable = true;
|
loader.systemd-boot.enable = true;
|
||||||
|
@ -13,9 +18,8 @@
|
||||||
loader.efi.efiSysMountPoint = "/boot/efi";
|
loader.efi.efiSysMountPoint = "/boot/efi";
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; };
|
boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
|
||||||
boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device =
|
boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = "/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
|
||||||
"/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
|
|
||||||
|
|
||||||
fileSystems."/boot/efi" = {
|
fileSystems."/boot/efi" = {
|
||||||
device = "/dev/disk/by-uuid/D6C0-1A9D";
|
device = "/dev/disk/by-uuid/D6C0-1A9D";
|
||||||
|
@ -25,8 +29,8 @@
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a";
|
device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@" ];
|
options = ["subvol=@"];
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,11 @@
|
||||||
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
nixpkgs-nixos-unstable-and-unfree,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.hostName = "foureighty";
|
networking.hostName = "foureighty";
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -17,9 +24,9 @@
|
||||||
../../sdr.nix
|
../../sdr.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
fileSystems."/" = { options = [ "compress=zstd" ]; };
|
fileSystems."/" = {options = ["compress=zstd"];};
|
||||||
|
|
||||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
boot.binfmt.emulatedSystems = ["aarch64-linux"];
|
||||||
boot.plymouth = {
|
boot.plymouth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
logo = ./boot.png;
|
logo = ./boot.png;
|
||||||
|
@ -56,9 +63,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
services.fprintd = { enable = true; };
|
services.fprintd = {enable = true;};
|
||||||
programs.ccache.enable = true;
|
programs.ccache.enable = true;
|
||||||
hardware.opengl.extraPackages = with pkgs; [ libva ];
|
hardware.opengl.extraPackages = with pkgs; [libva];
|
||||||
programs.steam.enable = true;
|
programs.steam.enable = true;
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg:
|
nixpkgs.config.allowUnfreePredicate = pkg:
|
||||||
builtins.elem (lib.getName pkg) [
|
builtins.elem (lib.getName pkg) [
|
||||||
|
@ -71,15 +78,11 @@
|
||||||
"vscode"
|
"vscode"
|
||||||
];
|
];
|
||||||
|
|
||||||
home-manager.users.cyryl = { ... }: {
|
home-manager.users.cyryl = {...}: {
|
||||||
imports =
|
imports = [../../home-manager/programs/alacritty.nix ../../gui/vscode.nix];
|
||||||
[ ../../home-manager/programs/alacritty.nix ../../gui/vscode.nix ];
|
home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
|
||||||
home.packages =
|
[bisq-desktop]
|
||||||
with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
|
++ (with pkgs; [lutris])
|
||||||
[ bisq-desktop ] ++
|
++ (with inputs.endless-sky.legacyPackages."x86_64-linux"; [endless-sky]);
|
||||||
|
|
||||||
(with pkgs; [ lutris ])
|
|
||||||
++ (with inputs.endless-sky.legacyPackages."x86_64-linux";
|
|
||||||
[ endless-sky ]);
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,19 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
imports =
|
config,
|
||||||
[ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale ];
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "homescreen";
|
hostName = "homescreen";
|
||||||
networkmanager = { enable = true; };
|
networkmanager = {enable = true;};
|
||||||
};
|
};
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ neovim htop btop atop ];
|
environment.systemPackages = with pkgs; [neovim htop btop atop];
|
||||||
|
|
||||||
services.fail2ban.enable = true;
|
services.fail2ban.enable = true;
|
||||||
|
|
||||||
|
@ -33,7 +38,7 @@
|
||||||
|
|
||||||
users = {
|
users = {
|
||||||
mutableUsers = false;
|
mutableUsers = false;
|
||||||
users.kiosk = { isNormalUser = true; };
|
users.kiosk = {isNormalUser = true;};
|
||||||
};
|
};
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
|
||||||
|
@ -42,12 +47,12 @@
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-label/NIXOS_SD";
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
options = [ "noatime" ];
|
options = ["noatime"];
|
||||||
};
|
};
|
||||||
"/boot/firmware" = {
|
"/boot/firmware" = {
|
||||||
device = "/dev/disk/by-label/FIRMWARE";
|
device = "/dev/disk/by-label/FIRMWARE";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
options = [ "nofail" "noauto" ];
|
options = ["nofail" "noauto"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
|
|
@ -1,16 +1,22 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/services/misc/atuin.nix"
|
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/services/misc/atuin.nix"
|
||||||
../nginx.nix
|
../nginx.nix
|
||||||
];
|
];
|
||||||
disabledModules = [ "services/misc/atuin.nix" ];
|
disabledModules = ["services/misc/atuin.nix"];
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"atuin.cyplo.dev" = {
|
"atuin.cyplo.dev" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = { proxyPass = "http://127.0.0.1:8888"; };
|
locations."/" = {proxyPass = "http://127.0.0.1:8888";};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,16 +1,18 @@
|
||||||
{ config, pkgs, ... }:
|
|
||||||
let
|
|
||||||
path = "/var/www/blog/";
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
imports = [ ../nginx.nix ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
path = "/var/www/blog/";
|
||||||
|
in {
|
||||||
|
imports = [../nginx.nix];
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"blog.cyplo.dev" = {
|
"blog.cyplo.dev" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
root = path;
|
root = path;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
"blog.cyplo.net" = {
|
"blog.cyplo.net" = {
|
||||||
|
@ -24,12 +26,12 @@ in
|
||||||
users.extraUsers.blog = {
|
users.extraUsers.blog = {
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog"
|
||||||
];
|
];
|
||||||
group = "nginx";
|
group = "nginx";
|
||||||
isSystemUser = false;
|
isSystemUser = false;
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
home = path;
|
home = path;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
homeMode = "750";
|
homeMode = "750";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,15 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
boot.loader.grub = {
|
boot.loader.grub = {
|
||||||
devices = [ "/dev/vda" ];
|
devices = ["/dev/vda"];
|
||||||
efiSupport = true;
|
efiSupport = true;
|
||||||
efiInstallAsRemovable = true;
|
efiInstallAsRemovable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
"${inputs.nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix"
|
"${inputs.nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix"
|
||||||
../cli.nix
|
../cli.nix
|
||||||
|
@ -10,7 +16,6 @@
|
||||||
];
|
];
|
||||||
networking.hostName = "mb1";
|
networking.hostName = "mb1";
|
||||||
|
|
||||||
|
|
||||||
zramSwap = {
|
zramSwap = {
|
||||||
enable = true;
|
enable = true;
|
||||||
algorithm = "zstd";
|
algorithm = "zstd";
|
||||||
|
@ -18,5 +23,4 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ _: {
|
||||||
name = "boot";
|
name = "boot";
|
||||||
start = "0";
|
start = "0";
|
||||||
end = "1M";
|
end = "1M";
|
||||||
flags = [ "bios_grub" ];
|
flags = ["bios_grub"];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "ESP";
|
name = "ESP";
|
||||||
|
|
|
@ -1,11 +1,14 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
imports = [ ../nginx.nix ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [../nginx.nix];
|
||||||
virtualisation.oci-containers.containers.searxng = {
|
virtualisation.oci-containers.containers.searxng = {
|
||||||
image =
|
image = "searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06";
|
||||||
"searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06";
|
volumes = [];
|
||||||
volumes = [ ];
|
environment = {BASE_URL = "https://search.cyplo.dev";};
|
||||||
environment = { BASE_URL = "https://search.cyplo.dev"; };
|
ports = ["9999:8080"];
|
||||||
ports = [ "9999:8080" ];
|
|
||||||
};
|
};
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
|
@ -28,5 +31,4 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, lib,... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.hostName = "thinky";
|
networking.hostName = "thinky";
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -28,7 +33,7 @@
|
||||||
builtins.elem (lib.getName pkg) [
|
builtins.elem (lib.getName pkg) [
|
||||||
"spotify"
|
"spotify"
|
||||||
];
|
];
|
||||||
home-manager.users.cyryl = { ... }: {
|
home-manager.users.cyryl = {...}: {
|
||||||
imports = [ ../../home-manager/programs/termite.nix ];
|
imports = [../../home-manager/programs/termite.nix];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +1,16 @@
|
||||||
{ config, lib, pkgs, inputs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
boot = {
|
boot = {
|
||||||
kernelModules = [ "kvm-intel" ];
|
kernelModules = ["kvm-intel"];
|
||||||
|
|
||||||
initrd = {
|
initrd = {
|
||||||
kernelModules = [ "dm-snapshot" ];
|
kernelModules = ["dm-snapshot"];
|
||||||
availableKernelModules =
|
availableKernelModules = ["ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"];
|
||||||
[ "ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
loader.grub.enable = true;
|
loader.grub.enable = true;
|
||||||
|
@ -17,15 +22,14 @@
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.initrd.luks.devices."crypt".device =
|
boot.initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
|
||||||
"/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
|
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
fileSystems."/boot" = {
|
||||||
device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317";
|
device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317";
|
||||||
fsType = "ext2";
|
fsType = "ext2";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [];
|
||||||
|
|
||||||
nix.settings = {
|
nix.settings = {
|
||||||
max-jobs = 2;
|
max-jobs = 2;
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
{ config, pkgs, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
genericBackupPath = "/var/lib/backups/";
|
genericBackupPath = "/var/lib/backups/";
|
||||||
containersBackupPath = "${genericBackupPath}/oci-containers/";
|
containersBackupPath = "${genericBackupPath}/oci-containers/";
|
||||||
in rec {
|
in rec {
|
||||||
environment.systemPackages = with pkgs; [ restic ];
|
environment.systemPackages = with pkgs; [restic];
|
||||||
|
|
||||||
sops.secrets."restic-backups-b2-repo-password" = {
|
sops.secrets."restic-backups-b2-repo-password" = {
|
||||||
sopsFile = ./restic.sops.yaml;
|
sopsFile = ./restic.sops.yaml;
|
||||||
|
@ -31,14 +34,13 @@ in rec {
|
||||||
backupCleanupCommand = ''
|
backupCleanupCommand = ''
|
||||||
systemctl start container@mastodon.service
|
systemctl start container@mastodon.service
|
||||||
'';
|
'';
|
||||||
timerConfig = { OnCalendar = "daily"; };
|
timerConfig = {OnCalendar = "daily";};
|
||||||
environmentFile =
|
environmentFile = "${config.sops.secrets.restic-backups-b2-environment.path}";
|
||||||
"${config.sops.secrets.restic-backups-b2-environment.path}";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.restic-backups-b2 = {
|
systemd.services.restic-backups-b2 = {
|
||||||
environment = { GOMAXPROCS = "1"; };
|
environment = {GOMAXPROCS = "1";};
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Nice = 19;
|
Nice = 19;
|
||||||
IOSchedulingClass = "idle";
|
IOSchedulingClass = "idle";
|
||||||
|
|
|
@ -1,12 +1,18 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
imports = [ ../nginx.nix ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [../nginx.nix];
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"notes.purrfect.estate" = {
|
"notes.purrfect.estate" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
serverAliases = [ "notes-sandbox.purrfect.estate" ];
|
serverAliases = ["notes-sandbox.purrfect.estate"];
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:9005";
|
proxyPass = "http://127.0.0.1:9005";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
|
@ -15,8 +21,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
virtualisation.oci-containers.containers.cryptpad = {
|
virtualisation.oci-containers.containers.cryptpad = {
|
||||||
image =
|
image = "promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87";
|
||||||
"promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87";
|
|
||||||
volumes = [
|
volumes = [
|
||||||
"${./cryptpad.config.js}:/cryptpad/config/config.js"
|
"${./cryptpad.config.js}:/cryptpad/config/config.js"
|
||||||
|
|
||||||
|
@ -34,6 +39,6 @@
|
||||||
CPAD_TRUSTED_PROXY = "0.0.0.0/0";
|
CPAD_TRUSTED_PROXY = "0.0.0.0/0";
|
||||||
CPAD_HTTP2_DISABLE = "true";
|
CPAD_HTTP2_DISABLE = "true";
|
||||||
};
|
};
|
||||||
ports = [ "9005:80" ];
|
ports = ["9005:80"];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, pkgs, inputs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.hostName = "vpsfree1";
|
networking.hostName = "vpsfree1";
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -20,7 +26,7 @@
|
||||||
DefaultTimeoutStartSec=900s
|
DefaultTimeoutStartSec=900s
|
||||||
'';
|
'';
|
||||||
|
|
||||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
boot.binfmt.emulatedSystems = ["aarch64-linux"];
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
nix.settings.cores = 8;
|
nix.settings.cores = 8;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,71 +1,85 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
port = 8081;
|
port = 8081;
|
||||||
domain = "fossil.cyplo.dev";
|
domain = "fossil.cyplo.dev";
|
||||||
baseurl = "https://${domain}";
|
baseurl = "https://${domain}";
|
||||||
path = "/var/lib/fossil";
|
path = "/var/lib/fossil";
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ];
|
imports = [../nginx.nix];
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"${domain}" = {
|
"${domain}" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = { proxyPass = "http://localhost:" + toString port; };
|
locations."/" = {proxyPass = "http://localhost:" + toString port;};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
containers.fossil = {
|
containers.fossil = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
forwardPorts = [{
|
forwardPorts = [
|
||||||
containerPort = port;
|
{
|
||||||
hostPort = port;
|
containerPort = port;
|
||||||
}];
|
hostPort = port;
|
||||||
|
}
|
||||||
|
];
|
||||||
bindMounts = {
|
bindMounts = {
|
||||||
"${path}" = {
|
"${path}" = {
|
||||||
hostPath = "${path}";
|
hostPath = "${path}";
|
||||||
isReadOnly = false;
|
isReadOnly = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = { config, pkgs, ... }:
|
config = {
|
||||||
let
|
config,
|
||||||
user = "fossil";
|
pkgs,
|
||||||
group = "fossil";
|
...
|
||||||
in {
|
}: let
|
||||||
system.stateVersion = "23.05";
|
user = "fossil";
|
||||||
environment.systemPackages = [ pkgs.fossil ];
|
group = "fossil";
|
||||||
users.groups = { "${group}" = { }; };
|
in {
|
||||||
users.users = {
|
system.stateVersion = "23.05";
|
||||||
fossil = {
|
environment.systemPackages = [pkgs.fossil];
|
||||||
inherit group;
|
users.groups = {"${group}" = {};};
|
||||||
description = "Fossil Service";
|
users.users = {
|
||||||
home = path;
|
fossil = {
|
||||||
useDefaultShell = true;
|
inherit group;
|
||||||
isSystemUser = true;
|
description = "Fossil Service";
|
||||||
};
|
home = path;
|
||||||
};
|
useDefaultShell = true;
|
||||||
|
isSystemUser = true;
|
||||||
systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
|
|
||||||
systemd.services.fossil = {
|
|
||||||
description = "fossil server";
|
|
||||||
after = [ "network-online.target" ];
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
path = [ pkgs.fossil pkgs.git ];
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
User = user;
|
|
||||||
Group = group;
|
|
||||||
WorkingDirectory = path;
|
|
||||||
ReadWritePaths = [ path ];
|
|
||||||
ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost"
|
|
||||||
+ " --https" + " --port ${toString port}"
|
|
||||||
+ " --baseurl ${baseurl}" + " --repolist ${path}";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = 3;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = ["d '${path}' 0770 ${user} ${group} - -"];
|
||||||
|
systemd.services.fossil = {
|
||||||
|
description = "fossil server";
|
||||||
|
after = ["network-online.target"];
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
path = [pkgs.fossil pkgs.git];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
User = user;
|
||||||
|
Group = group;
|
||||||
|
WorkingDirectory = path;
|
||||||
|
ReadWritePaths = [path];
|
||||||
|
ExecStart =
|
||||||
|
"${pkgs.fossil}/bin/fossil server"
|
||||||
|
+ " --localhost"
|
||||||
|
+ " --https"
|
||||||
|
+ " --port ${toString port}"
|
||||||
|
+ " --baseurl ${baseurl}"
|
||||||
|
+ " --repolist ${path}";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = 3;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
foundryvtt = pkgs.fetchzip {
|
foundryvtt = pkgs.fetchzip {
|
||||||
name = "foundryvtt";
|
name = "foundryvtt";
|
||||||
url = "file:///" + ./FoundryVTT-11.306.zip;
|
url = "file:///" + ./FoundryVTT-11.306.zip;
|
||||||
|
@ -8,7 +13,7 @@ let
|
||||||
stripRoot = false;
|
stripRoot = false;
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ];
|
imports = [../nginx.nix];
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
clientMaxBodySize = "300M";
|
clientMaxBodySize = "300M";
|
||||||
|
@ -26,21 +31,27 @@ in {
|
||||||
|
|
||||||
containers.foundryvtt = {
|
containers.foundryvtt = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
forwardPorts = [{
|
forwardPorts = [
|
||||||
containerPort = 30000;
|
{
|
||||||
hostPort = 30000;
|
containerPort = 30000;
|
||||||
}];
|
hostPort = 30000;
|
||||||
|
}
|
||||||
|
];
|
||||||
bindMounts = {
|
bindMounts = {
|
||||||
"/var/lib/foundryvtt" = {
|
"/var/lib/foundryvtt" = {
|
||||||
hostPath = "/var/lib/foundryvtt";
|
hostPath = "/var/lib/foundryvtt";
|
||||||
isReadOnly = false;
|
isReadOnly = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = { config, pkgs, ... }: {
|
config = {
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
systemd.services."foundryvtt" = {
|
systemd.services."foundryvtt" = {
|
||||||
requires = [ "network-online.target" ];
|
requires = ["network-online.target"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
script = ''
|
script = ''
|
||||||
mkdir -p /var/lib/foundryvtt
|
mkdir -p /var/lib/foundryvtt
|
||||||
${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt
|
${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
{ config, pkgs, inputs, lib, system, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
system,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
unstable = inputs.nixpkgs-nixos-unstable;
|
unstable = inputs.nixpkgs-nixos-unstable;
|
||||||
package = unstable.legacyPackages."${system}".gitea;
|
package = unstable.legacyPackages."${system}".gitea;
|
||||||
httpPort = 8083;
|
httpPort = 8083;
|
||||||
|
@ -23,18 +29,18 @@ let
|
||||||
};
|
};
|
||||||
groups."${systemGroupName}" = {
|
groups."${systemGroupName}" = {
|
||||||
inherit gid;
|
inherit gid;
|
||||||
members = [ "${systemUserName}" "nginx" ];
|
members = ["${systemUserName}" "nginx"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ];
|
imports = [../nginx.nix];
|
||||||
|
|
||||||
inherit users;
|
inherit users;
|
||||||
|
|
||||||
boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };
|
boot.kernel.sysctl = {"net.ipv4.ip_unprivileged_port_start" = 0;};
|
||||||
systemd.services.systemd-sysctl.enable = lib.mkForce true;
|
systemd.services.systemd-sysctl.enable = lib.mkForce true;
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ sshPort ];
|
networking.firewall.allowedTCPPorts = [sshPort];
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"${domain}" = {
|
"${domain}" = {
|
||||||
|
@ -76,15 +82,21 @@ in {
|
||||||
isReadOnly = true;
|
isReadOnly = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = { config, pkgs, lib, ... }: {
|
config = {
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
users = users // {
|
users =
|
||||||
mutableUsers = false;
|
users
|
||||||
allowNoPasswordLogin = true;
|
// {
|
||||||
};
|
mutableUsers = false;
|
||||||
disabledModules = [ "services/misc/gitea.nix" ];
|
allowNoPasswordLogin = true;
|
||||||
imports =
|
};
|
||||||
[ "${unstable}/nixos/modules/services/misc/gitea.nix" ];
|
disabledModules = ["services/misc/gitea.nix"];
|
||||||
|
imports = ["${unstable}/nixos/modules/services/misc/gitea.nix"];
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = true;
|
enable = true;
|
||||||
inherit package;
|
inherit package;
|
||||||
|
@ -101,8 +113,7 @@ in {
|
||||||
"markup.mermaid" = {
|
"markup.mermaid" = {
|
||||||
ENABLED = true;
|
ENABLED = true;
|
||||||
FILE_EXTENSIONS = ".md";
|
FILE_EXTENSIONS = ".md";
|
||||||
RENDER_COMMAND =
|
RENDER_COMMAND = "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
|
||||||
"${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
|
|
||||||
IS_INPUT_FILE = false;
|
IS_INPUT_FILE = false;
|
||||||
};
|
};
|
||||||
server = {
|
server = {
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
newestPackages = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
|
newestPackages = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
|
||||||
package = newestPackages.mastodon;
|
package = newestPackages.mastodon;
|
||||||
domain = "peninsula.industries";
|
domain = "peninsula.industries";
|
||||||
|
@ -24,7 +29,7 @@ let
|
||||||
};
|
};
|
||||||
groups."${systemGroupName}" = {
|
groups."${systemGroupName}" = {
|
||||||
inherit gid;
|
inherit gid;
|
||||||
members = [ "${systemUserName}" "nginx" ];
|
members = ["${systemUserName}" "nginx"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
secretSettings = {
|
secretSettings = {
|
||||||
|
@ -33,7 +38,7 @@ let
|
||||||
};
|
};
|
||||||
publicPath = "${path}/public-system/";
|
publicPath = "${path}/public-system/";
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ];
|
imports = [../nginx.nix];
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
|
@ -43,7 +48,7 @@ in {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
root = "${package}/public/";
|
root = "${package}/public/";
|
||||||
|
|
||||||
locations."/" = { tryFiles = "$uri @proxy"; };
|
locations."/" = {tryFiles = "$uri @proxy";};
|
||||||
locations."/system/".alias = "${publicPath}";
|
locations."/system/".alias = "${publicPath}";
|
||||||
|
|
||||||
locations."@proxy" = {
|
locations."@proxy" = {
|
||||||
|
@ -58,14 +63,18 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets."${mailgunSmtpSecretName}" = {
|
sops.secrets."${mailgunSmtpSecretName}" =
|
||||||
sopsFile = ./mailgun.sops.yaml;
|
{
|
||||||
path = mailgunSmtpPasswordPath;
|
sopsFile = ./mailgun.sops.yaml;
|
||||||
} // secretSettings;
|
path = mailgunSmtpPasswordPath;
|
||||||
sops.secrets."${mastodonDbSecretName}" = {
|
}
|
||||||
sopsFile = ./mastodon-db.sops.yaml;
|
// secretSettings;
|
||||||
path = mastodonDbSecretPath;
|
sops.secrets."${mastodonDbSecretName}" =
|
||||||
} // secretSettings;
|
{
|
||||||
|
sopsFile = ./mastodon-db.sops.yaml;
|
||||||
|
path = mastodonDbSecretPath;
|
||||||
|
}
|
||||||
|
// secretSettings;
|
||||||
|
|
||||||
inherit users;
|
inherit users;
|
||||||
|
|
||||||
|
@ -80,8 +89,8 @@ in {
|
||||||
chmod -R g+r ${publicPath}
|
chmod -R g+r ${publicPath}
|
||||||
chmod -R u+rwX ${publicPath}
|
chmod -R u+rwX ${publicPath}
|
||||||
'';
|
'';
|
||||||
serviceConfig = { Type = "oneshot"; };
|
serviceConfig = {Type = "oneshot";};
|
||||||
before = [ "container@mastodon.service" ];
|
before = ["container@mastodon.service"];
|
||||||
};
|
};
|
||||||
|
|
||||||
containers.mastodon = {
|
containers.mastodon = {
|
||||||
|
@ -110,13 +119,20 @@ in {
|
||||||
isReadOnly = true;
|
isReadOnly = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = { config, pkgs, lib, ... }: {
|
config = {
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
services.postgresql.port = postgresPort;
|
services.postgresql.port = postgresPort;
|
||||||
users = users // {
|
users =
|
||||||
mutableUsers = false;
|
users
|
||||||
allowNoPasswordLogin = true;
|
// {
|
||||||
};
|
mutableUsers = false;
|
||||||
|
allowNoPasswordLogin = true;
|
||||||
|
};
|
||||||
systemd.services.mastodon-media-auto-remove = {
|
systemd.services.mastodon-media-auto-remove = {
|
||||||
description = "Mastodon media auto remove";
|
description = "Mastodon media auto remove";
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
|
|
|
@ -1,65 +1,77 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
port = 8080;
|
port = 8080;
|
||||||
domain = "news.cyplo.dev";
|
domain = "news.cyplo.dev";
|
||||||
postgresPort = 5435;
|
postgresPort = 5435;
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ];
|
imports = [../nginx.nix];
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
virtualHosts = {
|
virtualHosts = {
|
||||||
"${domain}" = {
|
"${domain}" = {
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/" = { proxyPass = "http://127.0.0.1:" + toString port; };
|
locations."/" = {proxyPass = "http://127.0.0.1:" + toString port;};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
containers.rss = {
|
containers.rss = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
forwardPorts = [{
|
forwardPorts = [
|
||||||
containerPort = port;
|
{
|
||||||
hostPort = port;
|
containerPort = port;
|
||||||
}];
|
hostPort = port;
|
||||||
config = { config, pkgs, ... }:
|
}
|
||||||
let
|
];
|
||||||
inherit (config.services.tt-rss) pool;
|
config = {
|
||||||
inherit (config.services.tt-rss) root;
|
config,
|
||||||
in {
|
pkgs,
|
||||||
system.stateVersion = "23.05";
|
...
|
||||||
services.postgresql.port = postgresPort;
|
}: let
|
||||||
services.tt-rss = {
|
inherit (config.services.tt-rss) pool;
|
||||||
enable = true;
|
inherit (config.services.tt-rss) root;
|
||||||
selfUrlPath = "https://${domain}";
|
in {
|
||||||
virtualHost = null;
|
system.stateVersion = "23.05";
|
||||||
registration.enable = false;
|
services.postgresql.port = postgresPort;
|
||||||
simpleUpdateMode = true;
|
services.tt-rss = {
|
||||||
database.port = postgresPort;
|
enable = true;
|
||||||
};
|
selfUrlPath = "https://${domain}";
|
||||||
services.nginx = {
|
virtualHost = null;
|
||||||
enable = true;
|
registration.enable = false;
|
||||||
virtualHosts = {
|
simpleUpdateMode = true;
|
||||||
"${domain}" = {
|
database.port = postgresPort;
|
||||||
listen = [{
|
};
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts = {
|
||||||
|
"${domain}" = {
|
||||||
|
listen = [
|
||||||
|
{
|
||||||
inherit port;
|
inherit port;
|
||||||
addr = "0.0.0.0";
|
addr = "0.0.0.0";
|
||||||
}];
|
}
|
||||||
root = "${root}/www";
|
];
|
||||||
locations."/" = { index = "index.php"; };
|
root = "${root}/www";
|
||||||
locations."^~ /feed-icons" = { root = "${root}"; };
|
locations."/" = {index = "index.php";};
|
||||||
locations."~ \\.php$" = {
|
locations."^~ /feed-icons" = {root = "${root}";};
|
||||||
extraConfig = ''
|
locations."~ \\.php$" = {
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
extraConfig = ''
|
||||||
fastcgi_pass unix:${
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
config.services.phpfpm.pools.${pool}.socket
|
fastcgi_pass unix:${
|
||||||
};
|
config.services.phpfpm.pools.${pool}.socket
|
||||||
fastcgi_index index.php;
|
};
|
||||||
'';
|
fastcgi_index index.php;
|
||||||
};
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,18 +1,30 @@
|
||||||
{ config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
system,
|
||||||
|
nixpkgs-nixos-unstable-and-unfree,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
networking.hostName = "yoga";
|
networking.hostName = "yoga";
|
||||||
|
|
||||||
imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ../../gui
|
imports = [
|
||||||
|
./hardware-configuration.nix
|
||||||
|
../../boot.nix
|
||||||
|
../../git
|
||||||
|
../../gui
|
||||||
../../vim
|
../../vim
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
hardware.trackpoint.enable = true;
|
hardware.trackpoint.enable = true;
|
||||||
services.hardware.bolt.enable = true;
|
services.hardware.bolt.enable = true;
|
||||||
|
|
||||||
services.fprintd = { enable = true; };
|
services.fprintd = {enable = true;};
|
||||||
|
|
||||||
home-manager.users.cyryl = { lib, ... }: { home.packages = with pkgs; [ ]; };
|
home-manager.users.cyryl = {lib, ...}: {home.packages = with pkgs; [];};
|
||||||
|
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
@ -61,8 +73,8 @@
|
||||||
users.users.cyryl = {
|
users.users.cyryl = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
description = "cyryl";
|
description = "cyryl";
|
||||||
extraGroups = [ "networkmanager" "wheel" ];
|
extraGroups = ["networkmanager" "wheel"];
|
||||||
packages = with pkgs; [ ];
|
packages = with pkgs; [];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.fwupd.enable = true;
|
services.fwupd.enable = true;
|
||||||
|
@ -73,5 +85,4 @@
|
||||||
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
|
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
|
||||||
systemd.services."getty@tty1".enable = false;
|
systemd.services."getty@tty1".enable = false;
|
||||||
systemd.services."autovt@tty1".enable = false;
|
systemd.services."autovt@tty1".enable = false;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,33 +1,37 @@
|
||||||
{ config, lib, pkgs, modulesPath, ... }: {
|
{
|
||||||
imports = [ ];
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules =
|
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
|
||||||
[ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
boot.initrd.kernelModules = [];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.kernelModules = ["kvm-intel"];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.extraModulePackages = [];
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||||
|
|
||||||
# Setup keyfile
|
# Setup keyfile
|
||||||
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; };
|
boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-uuid/a43a1c42-9166-47dc-9e78-20e0975c75c5";
|
device = "/dev/disk/by-uuid/a43a1c42-9166-47dc-9e78-20e0975c75c5";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = [ "subvol=@" ];
|
options = ["subvol=@"];
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device =
|
boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device = "/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943";
|
||||||
"/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943";
|
|
||||||
|
|
||||||
fileSystems."/boot/efi" = {
|
fileSystems."/boot/efi" = {
|
||||||
device = "/dev/disk/by-uuid/F179-A4EA";
|
device = "/dev/disk/by-uuid/F179-A4EA";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [];
|
||||||
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
|
|
@ -1,33 +1,41 @@
|
||||||
{ config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: {
|
{
|
||||||
boot.kernelModules = [ "fuse" ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
nixpkgs-nixos-unstable-and-unfree,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
boot.kernelModules = ["fuse"];
|
||||||
services.smartd.enable = true;
|
services.smartd.enable = true;
|
||||||
|
|
||||||
sound.enable = true;
|
sound.enable = true;
|
||||||
|
|
||||||
networking.networkmanager = {
|
networking.networkmanager = {
|
||||||
enable = true;
|
enable = true;
|
||||||
dispatcherScripts = [{
|
dispatcherScripts = [
|
||||||
source = pkgs.writeText "upHook" ''
|
{
|
||||||
enable_disable_wifi ()
|
source = pkgs.writeText "upHook" ''
|
||||||
{
|
enable_disable_wifi ()
|
||||||
result=$(nmcli dev | grep "ethernet" | grep -w "connected")
|
{
|
||||||
if [ -n "$result" ]; then
|
result=$(nmcli dev | grep "ethernet" | grep -w "connected")
|
||||||
nmcli radio wifi off
|
if [ -n "$result" ]; then
|
||||||
else
|
nmcli radio wifi off
|
||||||
nmcli radio wifi on
|
else
|
||||||
|
nmcli radio wifi on
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
if [ "$2" = "up" ]; then
|
||||||
|
enable_disable_wifi
|
||||||
fi
|
fi
|
||||||
}
|
|
||||||
|
|
||||||
if [ "$2" = "up" ]; then
|
if [ "$2" = "down" ]; then
|
||||||
enable_disable_wifi
|
enable_disable_wifi
|
||||||
fi
|
fi
|
||||||
|
'';
|
||||||
if [ "$2" = "down" ]; then
|
type = "basic";
|
||||||
enable_disable_wifi
|
}
|
||||||
fi
|
];
|
||||||
'';
|
|
||||||
type = "basic";
|
|
||||||
}];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
@ -36,7 +44,7 @@
|
||||||
hardware.bluetooth = {
|
hardware.bluetooth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.bluezFull;
|
package = pkgs.bluezFull;
|
||||||
settings = { General = { Enable = "Source,Sink,Media,Socket"; }; };
|
settings = {General = {Enable = "Source,Sink,Media,Socket";};};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.blueman.enable = true;
|
services.blueman.enable = true;
|
||||||
|
@ -55,7 +63,7 @@
|
||||||
# no need to redefine it in your config for now)
|
# no need to redefine it in your config for now)
|
||||||
#media-session.enable = true;
|
#media-session.enable = true;
|
||||||
};
|
};
|
||||||
environment.systemPackages = with pkgs; [ ghostscript poppler ];
|
environment.systemPackages = with pkgs; [ghostscript poppler];
|
||||||
services.printing = {
|
services.printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
drivers = with pkgs; [
|
drivers = with pkgs; [
|
||||||
|
@ -73,8 +81,7 @@
|
||||||
description = "Epson XP-540 via bolty";
|
description = "Epson XP-540 via bolty";
|
||||||
name = "epson_xp540_via_bolty";
|
name = "epson_xp540_via_bolty";
|
||||||
deviceUri = "ipp://bolty:631/printers/epson_xp540";
|
deviceUri = "ipp://bolty:631/printers/epson_xp540";
|
||||||
model =
|
model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
|
||||||
"epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
|
|
||||||
ppdOptions = {
|
ppdOptions = {
|
||||||
PageSize = "A4";
|
PageSize = "A4";
|
||||||
Duplex = "DuplexNoTumble";
|
Duplex = "DuplexNoTumble";
|
||||||
|
@ -83,8 +90,7 @@
|
||||||
{
|
{
|
||||||
description = "Samsung SCX-4623 Series";
|
description = "Samsung SCX-4623 Series";
|
||||||
name = "samsung-SCX-4623";
|
name = "samsung-SCX-4623";
|
||||||
deviceUri =
|
deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
|
||||||
"usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
|
|
||||||
model = "samsung/SCX-4623FW.ppd";
|
model = "samsung/SCX-4623FW.ppd";
|
||||||
ppdOptions = {
|
ppdOptions = {
|
||||||
PageSize = "A4";
|
PageSize = "A4";
|
||||||
|
@ -93,7 +99,7 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
services.udev.packages = [ ];
|
services.udev.packages = [];
|
||||||
hardware.sane = {
|
hardware.sane = {
|
||||||
enable = true;
|
enable = true;
|
||||||
snapshot = true;
|
snapshot = true;
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
console.keyMap = "pl2";
|
console.keyMap = "pl2";
|
||||||
imports = [ ./tailscale ];
|
imports = [./tailscale];
|
||||||
services = {
|
services = {
|
||||||
udev.packages = [ pkgs.android-udev-rules ];
|
udev.packages = [pkgs.android-udev-rules];
|
||||||
ratbagd.enable = true;
|
ratbagd.enable = true;
|
||||||
|
|
||||||
fwupd = {
|
fwupd = {
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
{ config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
nixpkgs-nixos-unstable-and-unfree,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
stateVersion = "23.05";
|
stateVersion = "23.05";
|
||||||
username = "cyryl";
|
username = "cyryl";
|
||||||
in {
|
in {
|
||||||
|
@ -54,10 +60,9 @@ in {
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.nameservers =
|
networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"];
|
||||||
[ "9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9" ];
|
|
||||||
|
|
||||||
networking.hosts = { "10.11.99.1" = [ "remarkable" ]; };
|
networking.hosts = {"10.11.99.1" = ["remarkable"];};
|
||||||
|
|
||||||
programs.light.enable = true;
|
programs.light.enable = true;
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
|
@ -74,13 +79,13 @@ in {
|
||||||
enable = true;
|
enable = true;
|
||||||
autoPrune.enable = true;
|
autoPrune.enable = true;
|
||||||
daemon.settings = {
|
daemon.settings = {
|
||||||
"insecure-registries" = [ "vpsfree1.raptor-carp.ts.net:5000" ];
|
"insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
fonts.fontconfig = {
|
fonts.fontconfig = {
|
||||||
enable = true;
|
enable = true;
|
||||||
defaultFonts.monospace = [ "BerkeleyMono Nerd Font" ];
|
defaultFonts.monospace = ["BerkeleyMono Nerd Font"];
|
||||||
};
|
};
|
||||||
|
|
||||||
fonts.fonts = with pkgs; [
|
fonts.fonts = with pkgs; [
|
||||||
|
@ -106,7 +111,7 @@ in {
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
system = { inherit stateVersion; };
|
system = {inherit stateVersion;};
|
||||||
system.activationScripts.diff = ''
|
system.activationScripts.diff = ''
|
||||||
${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
|
${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -1,21 +1,25 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
nix.buildMachines = [{
|
config,
|
||||||
hostName = "bolty";
|
pkgs,
|
||||||
sshUser = "nix-builder";
|
...
|
||||||
sshKey = "/home/cyryl/.ssh/id_ed25519";
|
}: {
|
||||||
systems = [ "i686-linux" "x86_64-linux" "aarch64-linux" ];
|
nix.buildMachines = [
|
||||||
maxJobs = 2;
|
{
|
||||||
speedFactor = 1;
|
hostName = "bolty";
|
||||||
supportedFeatures = [ "kvm" "big-parallel" ];
|
sshUser = "nix-builder";
|
||||||
mandatoryFeatures = [ ];
|
sshKey = "/home/cyryl/.ssh/id_ed25519";
|
||||||
}];
|
systems = ["i686-linux" "x86_64-linux" "aarch64-linux"];
|
||||||
|
maxJobs = 2;
|
||||||
|
speedFactor = 1;
|
||||||
|
supportedFeatures = ["kvm" "big-parallel"];
|
||||||
|
mandatoryFeatures = [];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
nix.extraOptions = ''
|
nix.extraOptions = ''
|
||||||
builders-use-substitutes = true
|
builders-use-substitutes = true
|
||||||
'';
|
'';
|
||||||
nix.distributedBuilds = true;
|
nix.distributedBuilds = true;
|
||||||
nix.settings.substituters =
|
nix.settings.substituters = ["https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net"];
|
||||||
[ "https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net" ];
|
nix.settings.trusted-public-keys = ["cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8="];
|
||||||
nix.settings.trusted-public-keys =
|
|
||||||
[ "cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8=" ];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,14 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
services = { };
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
services = {};
|
||||||
|
|
||||||
xsession = { enable = false; };
|
xsession = {enable = false;};
|
||||||
|
|
||||||
home.packages = (with pkgs; [ gnome-usage gnome3.gnome-tweaks ])
|
home.packages =
|
||||||
|
(with pkgs; [gnome-usage gnome3.gnome-tweaks])
|
||||||
++ (with pkgs.gnomeExtensions; [
|
++ (with pkgs.gnomeExtensions; [
|
||||||
caffeine
|
caffeine
|
||||||
clipboard-indicator
|
clipboard-indicator
|
||||||
|
@ -13,7 +18,7 @@
|
||||||
dconf.settings = {
|
dconf.settings = {
|
||||||
"org/gnome/mutter" = {
|
"org/gnome/mutter" = {
|
||||||
# https://github.com/NixOS/nixpkgs/issues/114514#issuecomment-1177709271
|
# https://github.com/NixOS/nixpkgs/issues/114514#issuecomment-1177709271
|
||||||
experimental-features = [ "scale-monitor-framebuffer" ];
|
experimental-features = ["scale-monitor-framebuffer"];
|
||||||
};
|
};
|
||||||
"org/gnome/shell" = {
|
"org/gnome/shell" = {
|
||||||
disable-user-extensions = false;
|
disable-user-extensions = false;
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
displayManager.gdm.enable = true;
|
displayManager.gdm.enable = true;
|
||||||
|
|
|
@ -1,12 +1,18 @@
|
||||||
{ config, pkgs, discord, inputs, nixpkgs-nixos-stable-and-unfree
|
{
|
||||||
, nixpkgs-nixos-unstable-and-unfree, ... }:
|
config,
|
||||||
let
|
pkgs,
|
||||||
|
discord,
|
||||||
|
inputs,
|
||||||
|
nixpkgs-nixos-stable-and-unfree,
|
||||||
|
nixpkgs-nixos-unstable-and-unfree,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
|
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
|
||||||
nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
|
nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
|
||||||
in {
|
in {
|
||||||
security.chromiumSuidSandbox.enable = true;
|
security.chromiumSuidSandbox.enable = true;
|
||||||
|
|
||||||
home-manager.users.cyryl = { ... }: {
|
home-manager.users.cyryl = {...}: {
|
||||||
gtk = {
|
gtk = {
|
||||||
enable = true;
|
enable = true;
|
||||||
iconTheme = {
|
iconTheme = {
|
||||||
|
@ -21,13 +27,13 @@ in {
|
||||||
style.package = pkgs.adwaita-qt;
|
style.package = pkgs.adwaita-qt;
|
||||||
};
|
};
|
||||||
|
|
||||||
imports = [ ];
|
imports = [];
|
||||||
|
|
||||||
programs.chromium.enable = true;
|
programs.chromium.enable = true;
|
||||||
programs.firefox.enable = true;
|
programs.firefox.enable = true;
|
||||||
home.packages = with pkgs;
|
home.packages = with pkgs;
|
||||||
with pkgs.gnome3;
|
with pkgs.gnome3;
|
||||||
with pkgs.python38Packages;
|
with pkgs.python38Packages;
|
||||||
[
|
[
|
||||||
anarchism
|
anarchism
|
||||||
calibre
|
calibre
|
||||||
|
@ -81,7 +87,9 @@ in {
|
||||||
yubikey-manager-qt
|
yubikey-manager-qt
|
||||||
yubikey-personalization
|
yubikey-personalization
|
||||||
yubikey-personalization-gui
|
yubikey-personalization-gui
|
||||||
] ++ (with unstable; [ glaxnimate gnucash kicad thunderbird ]) ++ [
|
]
|
||||||
|
++ (with unstable; [glaxnimate gnucash kicad thunderbird])
|
||||||
|
++ [
|
||||||
nixpkgs-nixos-stable-and-unfree.discord
|
nixpkgs-nixos-stable-and-unfree.discord
|
||||||
nixpkgs-nixos-unstable-and-unfree.hopper
|
nixpkgs-nixos-unstable-and-unfree.hopper
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,159 +1,163 @@
|
||||||
{ config, pkgs, inputs, ... }: {
|
{
|
||||||
home.packages = with pkgs;
|
config,
|
||||||
[
|
pkgs,
|
||||||
(vscode-with-extensions.override {
|
inputs,
|
||||||
vscodeExtensions = with vscode-extensions;
|
...
|
||||||
[
|
}: {
|
||||||
ms-python.python
|
home.packages = with pkgs; [
|
||||||
inputs.nixpkgs-rust-analyzer.legacyPackages.x86_64-linux.vscode-extensions.rust-lang.rust-analyzer
|
(vscode-with-extensions.override {
|
||||||
(vscode-utils.buildVscodeExtension {
|
vscodeExtensions = with vscode-extensions;
|
||||||
vscodeExtUniqueId = "vadimcn.vscode-lldb";
|
[
|
||||||
vscodeExtPublisher = "vadimcn";
|
ms-python.python
|
||||||
vscodeExtName = "vscode-lldb";
|
inputs.nixpkgs-rust-analyzer.legacyPackages.x86_64-linux.vscode-extensions.rust-lang.rust-analyzer
|
||||||
version = "1.6.10";
|
(vscode-utils.buildVscodeExtension {
|
||||||
name = "vadimcn.vscode-lldb-1.6.10";
|
vscodeExtUniqueId = "vadimcn.vscode-lldb";
|
||||||
src = fetchurl {
|
vscodeExtPublisher = "vadimcn";
|
||||||
name = "vadimcn.vscode-lldb.zip";
|
vscodeExtName = "vscode-lldb";
|
||||||
url =
|
version = "1.6.10";
|
||||||
"https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix";
|
name = "vadimcn.vscode-lldb-1.6.10";
|
||||||
sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw=";
|
src = fetchurl {
|
||||||
};
|
name = "vadimcn.vscode-lldb.zip";
|
||||||
buildInputs = with pkgs; [ llvm lldb python38 autoPatchelfHook ];
|
url = "https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix";
|
||||||
})
|
sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw=";
|
||||||
] ++ vscode-utils.extensionsFromVscodeMarketplace [
|
};
|
||||||
{
|
buildInputs = with pkgs; [llvm lldb python38 autoPatchelfHook];
|
||||||
publisher = "bierner";
|
})
|
||||||
name = "markdown-mermaid";
|
]
|
||||||
version = "1.18.1";
|
++ vscode-utils.extensionsFromVscodeMarketplace [
|
||||||
sha256 = "sha256-JWeSs7V/LZ345vGWOLeUgGi68Fot/eA2k+CzWL/Wp4w=";
|
{
|
||||||
}
|
publisher = "bierner";
|
||||||
{
|
name = "markdown-mermaid";
|
||||||
publisher = "arrterian";
|
version = "1.18.1";
|
||||||
name = "nix-env-selector";
|
sha256 = "sha256-JWeSs7V/LZ345vGWOLeUgGi68Fot/eA2k+CzWL/Wp4w=";
|
||||||
version = "1.0.9";
|
}
|
||||||
sha256 = "sha256-TkxqWZ8X+PAonzeXQ+sI9WI+XlqUHll7YyM7N9uErk0=";
|
{
|
||||||
}
|
publisher = "arrterian";
|
||||||
{
|
name = "nix-env-selector";
|
||||||
publisher = "vscodevim";
|
version = "1.0.9";
|
||||||
name = "vim";
|
sha256 = "sha256-TkxqWZ8X+PAonzeXQ+sI9WI+XlqUHll7YyM7N9uErk0=";
|
||||||
version = "1.21.7";
|
}
|
||||||
sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg=";
|
{
|
||||||
}
|
publisher = "vscodevim";
|
||||||
{
|
name = "vim";
|
||||||
publisher = "bbenoist";
|
version = "1.21.7";
|
||||||
name = "nix";
|
sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg=";
|
||||||
version = "1.0.1";
|
}
|
||||||
sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0=";
|
{
|
||||||
}
|
publisher = "bbenoist";
|
||||||
{
|
name = "nix";
|
||||||
publisher = "hashicorp";
|
version = "1.0.1";
|
||||||
name = "terraform";
|
sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0=";
|
||||||
version = "2.19.0";
|
}
|
||||||
sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY=";
|
{
|
||||||
}
|
publisher = "hashicorp";
|
||||||
{
|
name = "terraform";
|
||||||
publisher = "be5invis";
|
version = "2.19.0";
|
||||||
name = "toml";
|
sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY=";
|
||||||
version = "0.6.0";
|
}
|
||||||
sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E=";
|
{
|
||||||
}
|
publisher = "be5invis";
|
||||||
{
|
name = "toml";
|
||||||
publisher = "ms-vscode";
|
version = "0.6.0";
|
||||||
name = "cpptools-extension-pack";
|
sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E=";
|
||||||
version = "1.1.0";
|
}
|
||||||
sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc=";
|
{
|
||||||
}
|
publisher = "ms-vscode";
|
||||||
{
|
name = "cpptools-extension-pack";
|
||||||
publisher = "tiehuis";
|
version = "1.1.0";
|
||||||
name = "zig";
|
sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc=";
|
||||||
version = "0.2.5";
|
}
|
||||||
sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4=";
|
{
|
||||||
}
|
publisher = "tiehuis";
|
||||||
{
|
name = "zig";
|
||||||
publisher = "sjhuangx";
|
version = "0.2.5";
|
||||||
name = "vscode-scheme";
|
sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4=";
|
||||||
version = "0.4.0";
|
}
|
||||||
sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4";
|
{
|
||||||
}
|
publisher = "sjhuangx";
|
||||||
{
|
name = "vscode-scheme";
|
||||||
publisher = "shaunlebron";
|
version = "0.4.0";
|
||||||
name = "vscode-parinfer";
|
sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4";
|
||||||
version = "0.6.2";
|
}
|
||||||
sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd";
|
{
|
||||||
}
|
publisher = "shaunlebron";
|
||||||
{
|
name = "vscode-parinfer";
|
||||||
publisher = "swyphcosmo";
|
version = "0.6.2";
|
||||||
name = "spellchecker";
|
sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd";
|
||||||
version = "1.2.13";
|
}
|
||||||
sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w";
|
{
|
||||||
}
|
publisher = "swyphcosmo";
|
||||||
{
|
name = "spellchecker";
|
||||||
publisher = "asabil";
|
version = "1.2.13";
|
||||||
name = "meson";
|
sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w";
|
||||||
version = "1.1.1";
|
}
|
||||||
sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl";
|
{
|
||||||
}
|
publisher = "asabil";
|
||||||
{
|
name = "meson";
|
||||||
publisher = "codezombiech";
|
version = "1.1.1";
|
||||||
name = "gitignore";
|
sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl";
|
||||||
version = "0.6.0";
|
}
|
||||||
sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b";
|
{
|
||||||
}
|
publisher = "codezombiech";
|
||||||
{
|
name = "gitignore";
|
||||||
publisher = "DavidAnson";
|
version = "0.6.0";
|
||||||
name = "vscode-markdownlint";
|
sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b";
|
||||||
version = "0.26.0";
|
}
|
||||||
sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj";
|
{
|
||||||
}
|
publisher = "DavidAnson";
|
||||||
{
|
name = "vscode-markdownlint";
|
||||||
publisher = "esbenp";
|
version = "0.26.0";
|
||||||
name = "prettier-vscode";
|
sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj";
|
||||||
version = "1.8.1";
|
}
|
||||||
sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln";
|
{
|
||||||
}
|
publisher = "esbenp";
|
||||||
{
|
name = "prettier-vscode";
|
||||||
publisher = "hbenl";
|
version = "1.8.1";
|
||||||
name = "vscode-test-explorer";
|
sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln";
|
||||||
version = "2.9.3";
|
}
|
||||||
sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0";
|
{
|
||||||
}
|
publisher = "hbenl";
|
||||||
{
|
name = "vscode-test-explorer";
|
||||||
publisher = "lextudio";
|
version = "2.9.3";
|
||||||
name = "restructuredtext";
|
sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0";
|
||||||
version = "106.0.0";
|
}
|
||||||
sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa";
|
{
|
||||||
}
|
publisher = "lextudio";
|
||||||
{
|
name = "restructuredtext";
|
||||||
publisher = "lostintangent";
|
version = "106.0.0";
|
||||||
name = "vsls-pomodoro";
|
sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa";
|
||||||
version = "0.1.0";
|
}
|
||||||
sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p";
|
{
|
||||||
}
|
publisher = "lostintangent";
|
||||||
{
|
name = "vsls-pomodoro";
|
||||||
publisher = "lostintangent";
|
version = "0.1.0";
|
||||||
name = "vsls-whiteboard";
|
sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p";
|
||||||
version = "0.0.8";
|
}
|
||||||
sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p";
|
{
|
||||||
}
|
publisher = "lostintangent";
|
||||||
{
|
name = "vsls-whiteboard";
|
||||||
publisher = "mechatroner";
|
version = "0.0.8";
|
||||||
name = "rainbow-csv";
|
sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p";
|
||||||
version = "1.0.0";
|
}
|
||||||
sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6";
|
{
|
||||||
}
|
publisher = "mechatroner";
|
||||||
{
|
name = "rainbow-csv";
|
||||||
publisher = "ronnidc";
|
version = "1.0.0";
|
||||||
name = "nunjucks";
|
sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6";
|
||||||
version = "0.2.3";
|
}
|
||||||
sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf";
|
{
|
||||||
}
|
publisher = "ronnidc";
|
||||||
{
|
name = "nunjucks";
|
||||||
publisher = "serayuzgur";
|
version = "0.2.3";
|
||||||
name = "crates";
|
sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf";
|
||||||
version = "0.4.2";
|
}
|
||||||
sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj";
|
{
|
||||||
}
|
publisher = "serayuzgur";
|
||||||
];
|
name = "crates";
|
||||||
})
|
version = "0.4.2";
|
||||||
];
|
sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
})
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, pkgs, inputs, system, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
system,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
(pass.withExtensions (ext: [
|
(pass.withExtensions (ext: [
|
||||||
ext.pass-otp
|
ext.pass-otp
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
{ config, pkgs, inputs, lib, ... }:
|
{
|
||||||
let username = "cyryl";
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
username = "cyryl";
|
||||||
in {
|
in {
|
||||||
home.sessionVariables = {
|
home.sessionVariables = {
|
||||||
LC_ALL = "en_GB.UTF-8";
|
LC_ALL = "en_GB.UTF-8";
|
||||||
|
@ -9,7 +15,7 @@ in {
|
||||||
|
|
||||||
news.display = "show";
|
news.display = "show";
|
||||||
|
|
||||||
home.packages = with pkgs; [ ];
|
home.packages = with pkgs; [];
|
||||||
|
|
||||||
home.username = username;
|
home.username = username;
|
||||||
home.homeDirectory = lib.mkDefault "/home/${username}";
|
home.homeDirectory = lib.mkDefault "/home/${username}";
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, inputs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
services.gpg-agent = {
|
services.gpg-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
pinentryFlavor = "curses";
|
pinentryFlavor = "curses";
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs = {
|
programs = {
|
||||||
home-manager.enable = true;
|
home-manager.enable = true;
|
||||||
|
|
||||||
|
@ -11,7 +15,7 @@
|
||||||
|
|
||||||
gpg = {
|
gpg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = { };
|
settings = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
taskwarrior.enable = true;
|
taskwarrior.enable = true;
|
||||||
|
|
|
@ -1,16 +1,22 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
home.sessionVariables = { TERMINAL = "alacritty"; };
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
home.sessionVariables = {TERMINAL = "alacritty";};
|
||||||
|
|
||||||
programs.alacritty = {
|
programs.alacritty = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
window.decorations = "none";
|
window.decorations = "none";
|
||||||
|
|
||||||
mouse_bindings = [{
|
mouse_bindings = [
|
||||||
mouse = "Middle";
|
{
|
||||||
mode = "~Vi";
|
mouse = "Middle";
|
||||||
action = "None";
|
mode = "~Vi";
|
||||||
}];
|
action = "None";
|
||||||
|
}
|
||||||
|
];
|
||||||
scrolling = {
|
scrolling = {
|
||||||
history = 32000;
|
history = 32000;
|
||||||
multiplier = 3;
|
multiplier = 3;
|
||||||
|
|
|
@ -9,10 +9,18 @@
|
||||||
alejandra = lib.getExe inputs.alejandra.packages.${system}.default;
|
alejandra = lib.getExe inputs.alejandra.packages.${system}.default;
|
||||||
nil = lib.getExe inputs.nil.packages.${system}.default;
|
nil = lib.getExe inputs.nil.packages.${system}.default;
|
||||||
in {
|
in {
|
||||||
|
home.sessionVariables = {
|
||||||
home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
|
EDITOR = "vim";
|
||||||
programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
|
VISUAL = "vim";
|
||||||
systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
|
};
|
||||||
|
programs.zsh.sessionVariables = {
|
||||||
|
EDITOR = "vim";
|
||||||
|
VISUAL = "vim";
|
||||||
|
};
|
||||||
|
systemd.user.sessionVariables = {
|
||||||
|
EDITOR = "vim";
|
||||||
|
VISUAL = "vim";
|
||||||
|
};
|
||||||
|
|
||||||
programs.helix = {
|
programs.helix = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
home.sessionVariables = { TERMINAL = "kitty"; };
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
home.sessionVariables = {TERMINAL = "kitty";};
|
||||||
|
|
||||||
programs.kitty = {
|
programs.kitty = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs.ssh.extraConfig = ''
|
programs.ssh.extraConfig = ''
|
||||||
Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net
|
Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net
|
||||||
HostName vpsfree1
|
HostName vpsfree1
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
home.sessionVariables = { TERMINAL = "termite"; };
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
home.sessionVariables = {TERMINAL = "termite";};
|
||||||
programs.termite = {
|
programs.termite = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowBold = true;
|
allowBold = true;
|
||||||
|
|
|
@ -1,28 +1,36 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
imports = [ ./autorandr.nix ./openweathermap-secrets.nix ];
|
config,
|
||||||
environment.systemPackages = with pkgs; [ dconf ];
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [./autorandr.nix ./openweathermap-secrets.nix];
|
||||||
|
environment.systemPackages = with pkgs; [dconf];
|
||||||
programs.dconf.enable = true;
|
programs.dconf.enable = true;
|
||||||
|
|
||||||
security.sudo.extraRules = [
|
security.sudo.extraRules = [
|
||||||
{
|
{
|
||||||
users = [ "cyryl" ];
|
users = ["cyryl"];
|
||||||
commands = [{
|
commands = [
|
||||||
command = "${pkgs.i3}/bin/i3-msg";
|
{
|
||||||
options = [ "NOPASSWD" ];
|
command = "${pkgs.i3}/bin/i3-msg";
|
||||||
}];
|
options = ["NOPASSWD"];
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
users = [ "cyryl" ];
|
users = ["cyryl"];
|
||||||
commands = [{
|
commands = [
|
||||||
command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top";
|
{
|
||||||
options = [ "NOPASSWD" ];
|
command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top";
|
||||||
}];
|
options = ["NOPASSWD"];
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
xdg.portal = {
|
xdg.portal = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-kde ];
|
extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-kde];
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
|
@ -32,7 +40,7 @@
|
||||||
allowAnyUser = true;
|
allowAnyUser = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
dbus = { packages = with pkgs; [ gnome2.GConf dconf ]; };
|
dbus = {packages = with pkgs; [gnome2.GConf dconf];};
|
||||||
|
|
||||||
fractalart.enable = true;
|
fractalart.enable = true;
|
||||||
colord.enable = true;
|
colord.enable = true;
|
||||||
|
@ -42,8 +50,8 @@
|
||||||
enableHidpi = true;
|
enableHidpi = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
home-manager.users.cyryl = { ... }: {
|
home-manager.users.cyryl = {...}: {
|
||||||
imports = [ ./home.nix ];
|
imports = [./home.nix];
|
||||||
home.packages = with pkgs; [ ];
|
home.packages = with pkgs; [];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
services.dunst = {
|
services.dunst = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
|
|
@ -1,12 +1,16 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs.i3status = {
|
programs.i3status = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableDefault = false;
|
enableDefault = false;
|
||||||
modules = {
|
modules = {
|
||||||
"load" = { position = 1; };
|
"load" = {position = 1;};
|
||||||
"disk /" = {
|
"disk /" = {
|
||||||
position = 2;
|
position = 2;
|
||||||
settings = { format = " %avail"; };
|
settings = {format = " %avail";};
|
||||||
};
|
};
|
||||||
"memory" = {
|
"memory" = {
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -27,7 +31,7 @@
|
||||||
position = 3;
|
position = 3;
|
||||||
};
|
};
|
||||||
"time" = {
|
"time" = {
|
||||||
settings = { format = "%a %d/%m %H:%M"; };
|
settings = {format = "%a %d/%m %H:%M";};
|
||||||
position = 9;
|
position = 9;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, pkgs, ... }:
|
{
|
||||||
let mod = "Mod4";
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
mod = "Mod4";
|
||||||
in {
|
in {
|
||||||
home.packages = with pkgs; [ font-awesome intel-gpu-tools ];
|
home.packages = with pkgs; [font-awesome intel-gpu-tools];
|
||||||
|
|
||||||
xsession.windowManager.i3 = {
|
xsession.windowManager.i3 = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -23,8 +27,7 @@ in {
|
||||||
notification = false;
|
notification = false;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
command =
|
command = "exec xdg-mime default org.gnome.Evince.desktop application/pdf";
|
||||||
"exec xdg-mime default org.gnome.Evince.desktop application/pdf";
|
|
||||||
always = false;
|
always = false;
|
||||||
notification = false;
|
notification = false;
|
||||||
}
|
}
|
||||||
|
@ -42,18 +45,20 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
workspaceLayout = "tabbed";
|
workspaceLayout = "tabbed";
|
||||||
bars = [{
|
bars = [
|
||||||
statusCommand = "${pkgs.i3status}/bin/i3status";
|
{
|
||||||
position = "top";
|
statusCommand = "${pkgs.i3status}/bin/i3status";
|
||||||
colors.background = "#001e26";
|
position = "top";
|
||||||
colors.statusline = "#708183";
|
colors.background = "#001e26";
|
||||||
fonts = {
|
colors.statusline = "#708183";
|
||||||
names = [ "BerkeleyMono Nerd Font" ];
|
fonts = {
|
||||||
size = 10.0;
|
names = ["BerkeleyMono Nerd Font"];
|
||||||
};
|
size = 10.0;
|
||||||
|
};
|
||||||
|
|
||||||
trayOutput = "primary";
|
trayOutput = "primary";
|
||||||
}];
|
}
|
||||||
|
];
|
||||||
|
|
||||||
modifier = mod;
|
modifier = mod;
|
||||||
keybindings = {
|
keybindings = {
|
||||||
|
@ -64,25 +69,17 @@ in {
|
||||||
"${mod}+Shift+l" = "exec physlock -d";
|
"${mod}+Shift+l" = "exec physlock -d";
|
||||||
"${mod}+Return" = "exec i3-sensible-terminal";
|
"${mod}+Return" = "exec i3-sensible-terminal";
|
||||||
|
|
||||||
"XF86AudioRaiseVolume" =
|
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||||
"XF86AudioLowerVolume" =
|
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
"XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||||
"XF86AudioMute" =
|
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
|
||||||
"XF86AudioMicMute" =
|
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
|
||||||
|
|
||||||
"XF86MonBrightnessUp" =
|
"XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
|
||||||
"exec light -s sysfs/backlight/intel_backlight -A 5";
|
"XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
|
||||||
"XF86MonBrightnessDown" =
|
|
||||||
"exec light -s sysfs/backlight/intel_backlight -U 5";
|
|
||||||
|
|
||||||
"Print" =
|
"Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
|
||||||
"exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
|
|
||||||
|
|
||||||
"${mod}+r" =
|
"${mod}+r" = "exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
|
||||||
"exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
|
|
||||||
"${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu";
|
"${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu";
|
||||||
"${mod}+q" = "kill";
|
"${mod}+q" = "kill";
|
||||||
"${mod}+f" = "fullscreen toggle";
|
"${mod}+f" = "fullscreen toggle";
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs.rofi = {
|
programs.rofi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
font = "BerkeleyMono Nerd Font 16";
|
font = "BerkeleyMono Nerd Font 16";
|
||||||
|
|
|
@ -1,20 +1,21 @@
|
||||||
{ config, pkgs, inputs, ... }:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
home-manager.users.cyryl = { ... }: {
|
config,
|
||||||
imports = [ ];
|
pkgs,
|
||||||
home.packages =
|
inputs,
|
||||||
with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
|
...
|
||||||
with gnuradio3_8Packages;
|
}: {
|
||||||
[ gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum ] ++
|
home-manager.users.cyryl = {...}: {
|
||||||
|
imports = [];
|
||||||
(with pkgs; [ ]);
|
home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
|
||||||
|
with gnuradio3_8Packages;
|
||||||
|
[gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum]
|
||||||
|
++ (with pkgs; []);
|
||||||
};
|
};
|
||||||
|
|
||||||
users.extraUsers.cyryl.extraGroups = [ "plugdev" ];
|
users.extraUsers.cyryl.extraGroups = ["plugdev"];
|
||||||
users.groups = { "plugdev" = { }; };
|
users.groups = {"plugdev" = {};};
|
||||||
services.udev = {
|
services.udev = {
|
||||||
packages = [ pkgs.rtl-sdr ];
|
packages = [pkgs.rtl-sdr];
|
||||||
extraRules = ''
|
extraRules = ''
|
||||||
# RTL2832U OEM vid/pid, e.g. ezcap EzTV668 (E4000), Newsky TV28T (E4000/R820T) etc.
|
# RTL2832U OEM vid/pid, e.g. ezcap EzTV668 (E4000), Newsky TV28T (E4000/R820T) etc.
|
||||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev"
|
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev"
|
||||||
|
@ -22,5 +23,5 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# dont load DVB-T modules automatically
|
# dont load DVB-T modules automatically
|
||||||
boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" ];
|
boot.blacklistedKernelModules = ["dvb_usb_rtl28xxu"];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
imports = [ ./server-security.nix ./tailscale ];
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [./server-security.nix ./tailscale];
|
||||||
networking.nameservers = [
|
networking.nameservers = [
|
||||||
"100.100.100.100"
|
"100.100.100.100"
|
||||||
"9.9.9.9"
|
"9.9.9.9"
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
{ config, pkgs, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
authorizedKeys = [
|
authorizedKeys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDN/2C59i+ucvSa9FLCHlVPJp0zebLOcw0+hnBYwy0cY cyryl@skinnyv"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDN/2C59i+ucvSa9FLCHlVPJp0zebLOcw0+hnBYwy0cY cyryl@skinnyv"
|
||||||
|
@ -7,7 +10,7 @@ let
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDa2qAxpUEFeBYl2wlzDa/x37TAAy5pOBHv50OXUrV5 cyryl@thinky"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDa2qAxpUEFeBYl2wlzDa/x37TAAy5pOBHv50OXUrV5 cyryl@thinky"
|
||||||
];
|
];
|
||||||
in {
|
in {
|
||||||
imports = [ ./security.nix ];
|
imports = [./security.nix];
|
||||||
security.acme.defaults.email = "admin@cyplo.dev";
|
security.acme.defaults.email = "admin@cyplo.dev";
|
||||||
security.acme.acceptTerms = true;
|
security.acme.acceptTerms = true;
|
||||||
|
|
||||||
|
@ -27,7 +30,7 @@ in {
|
||||||
openssh.authorizedKeys.keys = authorizedKeys;
|
openssh.authorizedKeys.keys = authorizedKeys;
|
||||||
};
|
};
|
||||||
|
|
||||||
nix.settings.trusted-users = [ "root" "nix-builder" ];
|
nix.settings.trusted-users = ["root" "nix-builder"];
|
||||||
nix.sshServe.enable = true;
|
nix.sshServe.enable = true;
|
||||||
nix.sshServe.keys = authorizedKeys;
|
nix.sshServe.keys = authorizedKeys;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, pkgs, ... }:
|
{
|
||||||
let mod = "Mod4";
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
mod = "Mod4";
|
||||||
in {
|
in {
|
||||||
services.dbus.packages = with pkgs; [ ];
|
services.dbus.packages = with pkgs; [];
|
||||||
programs.dconf.enable = true;
|
programs.dconf.enable = true;
|
||||||
systemd.defaultUnit = "graphical.target";
|
systemd.defaultUnit = "graphical.target";
|
||||||
security.polkit.enable = true;
|
security.polkit.enable = true;
|
||||||
|
@ -13,10 +17,10 @@ in {
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
home-manager.users.cyryl = { ... }: {
|
home-manager.users.cyryl = {...}: {
|
||||||
programs.mako.enable = true;
|
programs.mako.enable = true;
|
||||||
|
|
||||||
imports = [ ./keybindings.nix ../home-manager/programs/alacritty.nix ];
|
imports = [./keybindings.nix ../home-manager/programs/alacritty.nix];
|
||||||
|
|
||||||
home.pointerCursor = {
|
home.pointerCursor = {
|
||||||
name = "Adwaita";
|
name = "Adwaita";
|
||||||
|
@ -73,16 +77,17 @@ in {
|
||||||
titlebar = false;
|
titlebar = false;
|
||||||
border = 0;
|
border = 0;
|
||||||
};
|
};
|
||||||
bars = [{
|
bars = [
|
||||||
position = "top";
|
{
|
||||||
command = "${pkgs.waybar}/bin/waybar";
|
position = "top";
|
||||||
}];
|
command = "${pkgs.waybar}/bin/waybar";
|
||||||
|
}
|
||||||
|
];
|
||||||
startup = [
|
startup = [
|
||||||
{
|
{
|
||||||
command =
|
command = "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store";
|
||||||
"${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store";
|
|
||||||
}
|
}
|
||||||
{ command = "${pkgs.clipman}/bin/clipman restore"; }
|
{command = "${pkgs.clipman}/bin/clipman restore";}
|
||||||
{
|
{
|
||||||
command = ''
|
command = ''
|
||||||
swayidle -w timeout 300 'swaylock -f -c 000000' timeout 600 'swaymsg "output * dpms off" && systemctl suspend' resume 'swaymsg "output * dpms on"' before-sleep 'swaylock -f -c 657b83'
|
swayidle -w timeout 300 'swaylock -f -c 000000' timeout 600 'swaymsg "output * dpms off" && systemctl suspend' resume 'swaymsg "output * dpms on"' before-sleep 'swaylock -f -c 657b83'
|
||||||
|
@ -94,7 +99,7 @@ in {
|
||||||
xkb_layout = "pl";
|
xkb_layout = "pl";
|
||||||
xkb_options = "caps:ctrl_modifier";
|
xkb_options = "caps:ctrl_modifier";
|
||||||
};
|
};
|
||||||
input."2:7:SynPS/2_Synaptics_TouchPad" = { tap = "enabled"; };
|
input."2:7:SynPS/2_Synaptics_TouchPad" = {tap = "enabled";};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
{ config, pkgs, ... }:
|
{
|
||||||
let mod = "Mod4";
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
mod = "Mod4";
|
||||||
in {
|
in {
|
||||||
wayland.windowManager.sway.config.keybindings = {
|
wayland.windowManager.sway.config.keybindings = {
|
||||||
"${mod}+Shift+e" = "exit";
|
"${mod}+Shift+e" = "exit";
|
||||||
|
@ -7,19 +11,13 @@ in {
|
||||||
"${mod}+Shift+l" = "exec swaylock -c 657b83";
|
"${mod}+Shift+l" = "exec swaylock -c 657b83";
|
||||||
"${mod}+Return" = "exec ${pkgs.alacritty}/bin/alacritty";
|
"${mod}+Return" = "exec ${pkgs.alacritty}/bin/alacritty";
|
||||||
|
|
||||||
"XF86AudioRaiseVolume" =
|
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||||
"XF86AudioLowerVolume" =
|
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
"XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||||
"XF86AudioMute" =
|
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
|
||||||
"XF86AudioMicMute" =
|
|
||||||
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
|
||||||
|
|
||||||
"XF86MonBrightnessUp" =
|
"XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
|
||||||
"exec light -s sysfs/backlight/intel_backlight -A 5";
|
"XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
|
||||||
"XF86MonBrightnessDown" =
|
|
||||||
"exec light -s sysfs/backlight/intel_backlight -U 5";
|
|
||||||
|
|
||||||
"Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
|
"Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, pkgs, inputs, ... }:
|
{
|
||||||
let
|
config,
|
||||||
workstations = [ "skinnyv" "foryog" "thinky" ];
|
pkgs,
|
||||||
workstations_plus_phone = [ "OnePlus9" ] ++ workstations;
|
inputs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
workstations = ["skinnyv" "foryog" "thinky"];
|
||||||
|
workstations_plus_phone = ["OnePlus9"] ++ workstations;
|
||||||
in {
|
in {
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -41,12 +45,12 @@ in {
|
||||||
"/home/cyryl/vaults" = {
|
"/home/cyryl/vaults" = {
|
||||||
id = "vaults";
|
id = "vaults";
|
||||||
label = "vaults";
|
label = "vaults";
|
||||||
devices = workstations_plus_phone ++ [ "hagath" ];
|
devices = workstations_plus_phone ++ ["hagath"];
|
||||||
};
|
};
|
||||||
"/home/cyryl/Documents" = {
|
"/home/cyryl/Documents" = {
|
||||||
id = "documents";
|
id = "documents";
|
||||||
label = "documents";
|
label = "documents";
|
||||||
devices = workstations_plus_phone ++ [ "hagath" ];
|
devices = workstations_plus_phone ++ ["hagath"];
|
||||||
};
|
};
|
||||||
"/home/cyryl/camera" = {
|
"/home/cyryl/camera" = {
|
||||||
id = "camera";
|
id = "camera";
|
||||||
|
@ -71,7 +75,7 @@ in {
|
||||||
"/home/cyryl/Photos" = {
|
"/home/cyryl/Photos" = {
|
||||||
id = "photos";
|
id = "photos";
|
||||||
label = "photos";
|
label = "photos";
|
||||||
devices = workstations ++ [ "hagath" ];
|
devices = workstations ++ ["hagath"];
|
||||||
};
|
};
|
||||||
"/home/cyryl/gopro" = {
|
"/home/cyryl/gopro" = {
|
||||||
id = "gopro";
|
id = "gopro";
|
||||||
|
@ -81,12 +85,12 @@ in {
|
||||||
"/home/cyryl/Videos" = {
|
"/home/cyryl/Videos" = {
|
||||||
id = "videos";
|
id = "videos";
|
||||||
label = "videos";
|
label = "videos";
|
||||||
devices = workstations ++ [ "hagath" ];
|
devices = workstations ++ ["hagath"];
|
||||||
};
|
};
|
||||||
"/home/cyryl/rodzice_sync" = {
|
"/home/cyryl/rodzice_sync" = {
|
||||||
id = "rodzice";
|
id = "rodzice";
|
||||||
label = "rodzice";
|
label = "rodzice";
|
||||||
devices = workstations ++ [ "hagath" "mama" "janusz" "danuta" ];
|
devices = workstations ++ ["hagath" "mama" "janusz" "danuta"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
extraOptions = {
|
extraOptions = {
|
||||||
|
|
|
@ -1,28 +1,34 @@
|
||||||
{ config, pkgs, inputs, ... }:
|
{
|
||||||
let
|
config,
|
||||||
inherit (inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux")
|
pkgs,
|
||||||
tailscale;
|
inputs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
inherit
|
||||||
|
(inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux")
|
||||||
|
tailscale
|
||||||
|
;
|
||||||
in {
|
in {
|
||||||
environment.systemPackages = [ tailscale ];
|
environment.systemPackages = [tailscale];
|
||||||
services.tailscale = {
|
services.tailscale = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = tailscale;
|
package = tailscale;
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
trustedInterfaces = [ "tailscale0" ];
|
trustedInterfaces = ["tailscale0"];
|
||||||
allowedUDPPorts = [ config.services.tailscale.port ];
|
allowedUDPPorts = [config.services.tailscale.port];
|
||||||
};
|
};
|
||||||
sops.secrets."tailscale-key-${config.networking.hostName}" = {
|
sops.secrets."tailscale-key-${config.networking.hostName}" = {
|
||||||
sopsFile = ./keys.sops.yaml;
|
sopsFile = ./keys.sops.yaml;
|
||||||
restartUnits = [ "tailscale-auth.service" ];
|
restartUnits = ["tailscale-auth.service"];
|
||||||
};
|
};
|
||||||
systemd.services.tailscale-auth = {
|
systemd.services.tailscale-auth = {
|
||||||
description = "Auth with tailscale";
|
description = "Auth with tailscale";
|
||||||
|
|
||||||
after = [ "network-pre.target" "tailscale.service" ];
|
after = ["network-pre.target" "tailscale.service"];
|
||||||
wants = [ "network-pre.target" "tailscale.service" ];
|
wants = ["network-pre.target" "tailscale.service"];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = ["multi-user.target"];
|
||||||
|
|
||||||
serviceConfig.Type = "oneshot";
|
serviceConfig.Type = "oneshot";
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ config, pkgs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
|
|
||||||
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; };
|
home-manager.users.cyryl = {...}: {imports = [./home.nix];};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,30 @@
|
||||||
{ config, pkgs, lib, inputs, system, ... }:
|
{
|
||||||
let
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
system,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}";
|
unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}";
|
||||||
nil = inputs.nil.packages."${system}".default;
|
nil = inputs.nil.packages."${system}".default;
|
||||||
cocPackage = unstablePackages.vimPlugins.coc-nvim;
|
cocPackage = unstablePackages.vimPlugins.coc-nvim;
|
||||||
nvimPackage = unstablePackages.neovim-unwrapped;
|
nvimPackage = unstablePackages.neovim-unwrapped;
|
||||||
in {
|
in {
|
||||||
home.file.".vimrc".source = ../../.vimrc;
|
home.file.".vimrc".source = ../../.vimrc;
|
||||||
home.packages = with pkgs; [ ripgrep ];
|
home.packages = with pkgs; [ripgrep];
|
||||||
home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
|
home.sessionVariables = {
|
||||||
programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
|
EDITOR = "vim";
|
||||||
systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
|
VISUAL = "vim";
|
||||||
|
};
|
||||||
|
programs.zsh.sessionVariables = {
|
||||||
|
EDITOR = "vim";
|
||||||
|
VISUAL = "vim";
|
||||||
|
};
|
||||||
|
systemd.user.sessionVariables = {
|
||||||
|
EDITOR = "vim";
|
||||||
|
VISUAL = "vim";
|
||||||
|
};
|
||||||
|
|
||||||
programs.neovim = {
|
programs.neovim = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -26,8 +41,8 @@ in {
|
||||||
languageserver = {
|
languageserver = {
|
||||||
nix = {
|
nix = {
|
||||||
command = "${nil}/bin/nil";
|
command = "${nil}/bin/nil";
|
||||||
rootPatterns = [ "flake.nix" ];
|
rootPatterns = ["flake.nix"];
|
||||||
filetypes = [ "nix" ];
|
filetypes = ["nix"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -40,58 +55,58 @@ in {
|
||||||
withRuby = true;
|
withRuby = true;
|
||||||
|
|
||||||
plugins = with pkgs;
|
plugins = with pkgs;
|
||||||
with pkgs.vimPlugins; [
|
with pkgs.vimPlugins; [
|
||||||
(vimUtils.buildVimPluginFrom2Nix rec {
|
(vimUtils.buildVimPluginFrom2Nix rec {
|
||||||
pname = "vim-tada";
|
pname = "vim-tada";
|
||||||
version = "2022-04-22";
|
version = "2022-04-22";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "dewyze";
|
owner = "dewyze";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "acfda7229fc487ee6da44650164cb770d1cc608c";
|
rev = "acfda7229fc487ee6da44650164cb770d1cc608c";
|
||||||
sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY=";
|
sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY=";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
(vimUtils.buildVimPluginFrom2Nix rec {
|
(vimUtils.buildVimPluginFrom2Nix rec {
|
||||||
pname = "srht.vim";
|
pname = "srht.vim";
|
||||||
version = "2022-01-04";
|
version = "2022-01-04";
|
||||||
src = fetchFromSourcehut {
|
src = fetchFromSourcehut {
|
||||||
owner = "~willdurand";
|
owner = "~willdurand";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "825e685f75464cbd41a5f8eded974e46f416355e";
|
rev = "825e685f75464cbd41a5f8eded974e46f416355e";
|
||||||
sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco=";
|
sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco=";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
ack-vim
|
ack-vim
|
||||||
coc-go
|
coc-go
|
||||||
coc-highlight
|
coc-highlight
|
||||||
coc-rust-analyzer
|
coc-rust-analyzer
|
||||||
coc-yaml
|
coc-yaml
|
||||||
committia-vim
|
committia-vim
|
||||||
ctrlp-vim
|
ctrlp-vim
|
||||||
editorconfig-vim
|
editorconfig-vim
|
||||||
fzf-vim
|
fzf-vim
|
||||||
lsp-colors-nvim
|
lsp-colors-nvim
|
||||||
nvim-tree-lua
|
nvim-tree-lua
|
||||||
nvim-web-devicons
|
nvim-web-devicons
|
||||||
quickfix-reflector-vim
|
quickfix-reflector-vim
|
||||||
rainbow
|
rainbow
|
||||||
tabular
|
tabular
|
||||||
vim-airline
|
vim-airline
|
||||||
vim-airline-themes
|
vim-airline-themes
|
||||||
vim-autoformat
|
vim-autoformat
|
||||||
vim-colors-solarized
|
vim-colors-solarized
|
||||||
vim-devicons
|
vim-devicons
|
||||||
vim-dirdiff
|
vim-dirdiff
|
||||||
vim-dispatch
|
vim-dispatch
|
||||||
vim-fugitive
|
vim-fugitive
|
||||||
vim-gitgutter
|
vim-gitgutter
|
||||||
vim-markdown
|
vim-markdown
|
||||||
vim-nix
|
vim-nix
|
||||||
vim-sensible
|
vim-sensible
|
||||||
vim-startify
|
vim-startify
|
||||||
vim-surround
|
vim-surround
|
||||||
vim-toml
|
vim-toml
|
||||||
];
|
];
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
if filereadable($HOME . "/.vimrc")
|
if filereadable($HOME . "/.vimrc")
|
||||||
source $HOME/.vimrc
|
source $HOME/.vimrc
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, pkgs, lib, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; };
|
home-manager.users.cyryl = {...}: {imports = [./home.nix];};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,8 @@
|
||||||
{ config, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
programs.atuin.enableZshIntegration = true;
|
programs.atuin.enableZshIntegration = true;
|
||||||
programs.zsh = {
|
programs.zsh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -15,7 +19,7 @@
|
||||||
|
|
||||||
oh-my-zsh = {
|
oh-my-zsh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
plugins = [ "vi-mode" "git" "python" "history-substring-search" "tmux" ];
|
plugins = ["vi-mode" "git" "python" "history-substring-search" "tmux"];
|
||||||
};
|
};
|
||||||
|
|
||||||
initExtra = ''
|
initExtra = ''
|
||||||
|
@ -65,7 +69,7 @@
|
||||||
programs.direnv = {
|
programs.direnv = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableZshIntegration = true;
|
enableZshIntegration = true;
|
||||||
nix-direnv = { enable = true; };
|
nix-direnv = {enable = true;};
|
||||||
};
|
};
|
||||||
|
|
||||||
home.file.".config/starship.toml".text = ''
|
home.file.".config/starship.toml".text = ''
|
||||||
|
|
Loading…
Reference in a new issue