reformat all files using alejandra

This commit is contained in:
Cyryl Płotnicki 2023-08-13 17:00:41 +01:00
parent d9543e17a4
commit df4d72c06e
74 changed files with 1351 additions and 972 deletions

383
flake.nix
View file

@ -1,198 +1,211 @@
{ {
description = "NixOS configuration with flakes"; description = "NixOS configuration with flakes";
outputs = { self, flake-utils, flake-compat, home-manager outputs = {
, nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin self,
, nixos-hardware, nur, sops, nil, helix, alejandra, nixpkgs-rust-analyzer flake-utils,
, endless-sky, disko }@inputs: flake-compat,
let home-manager,
mkServer = pkgs: system: hostname: nixpkgs-nixos-unstable,
pkgs.lib.nixosSystem { nixpkgs-master,
inherit system; nixpkgs-stable,
modules = [ darwin,
(./. + "/nixos/boxes/${hostname}") nixos-hardware,
(import ./nixos/server-common.nix) nur,
sops.nixosModules.sops sops,
disko.nixosModules.disko nil,
]; helix,
specialArgs = { inherit inputs system; }; alejandra,
}; nixpkgs-rust-analyzer,
mkRaspi = pkgs: hostname: endless-sky,
pkgs.lib.nixosSystem { disko,
system = "aarch64-linux"; } @ inputs: let
modules = [ (./. + "/nixos/boxes/${hostname}") mkServer = pkgs: system: hostname:
sops.nixosModules.sops pkgs.lib.nixosSystem {
]; inherit system;
specialArgs = { inherit inputs; }; modules = [
}; (./. + "/nixos/boxes/${hostname}")
mkKiosk = pkgs: system: hostname: (import ./nixos/server-common.nix)
pkgs.lib.nixosSystem { sops.nixosModules.sops
inherit system; disko.nixosModules.disko
modules = [ ];
(./. + "/nixos/boxes/${hostname}") specialArgs = {inherit inputs system;};
(import ./nixos/common.nix)
sops.nixosModules.sops
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports =
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
_module.args.inputs = inputs;
_module.args.system = system;
};
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = { allowUnfree = true; };
};
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = { allowUnfree = true; };
};
};
};
mkWorkstation = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
modules = [
(./. + "/nixos/boxes/${hostname}")
(import ./nixos/email-accounts.nix)
(import ./nixos/common.nix)
sops.nixosModules.sops
disko.nixosModules.disko
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports =
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
_module.args.inputs = inputs;
_module.args.system = system;
};
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = { allowUnfree = true; };
};
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = { allowUnfree = true; };
};
};
};
mkShell = packageSet: system:
let pkgs = packageSet.legacyPackages.${system};
in pkgs.mkShell {
packages = with pkgs; [
inputs.alejandra.defaultPackage.${system}
cacert
git
git-lfs
nixpkgs-fmt
openssh
openssl
pkg-config
statix
];
};
in {
devShells = {
"x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
}; };
darwinConfigurations = { mkRaspi = pkgs: hostname:
"FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { pkgs.lib.nixosSystem {
system = "x86_64-darwin"; system = "aarch64-linux";
modules = [ modules = [
(./. + "/nixos/boxes/form3") (./. + "/nixos/boxes/${hostname}")
home-manager.darwinModules.home-manager sops.nixosModules.sops
{ ];
home-manager.useGlobalPkgs = true; specialArgs = {inherit inputs;};
home-manager.useUserPackages = true; };
home-manager.users.cyryl = { mkKiosk = pkgs: system: hostname:
imports = [ ./nixos/home-manager ]; pkgs.lib.nixosSystem {
_module.args.inputs = inputs; inherit system;
_module.args.system = system; modules = [
}; (./. + "/nixos/boxes/${hostname}")
} (import ./nixos/common.nix)
]; sops.nixosModules.sops
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
_module.args.inputs = inputs;
_module.args.system = system;
};
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = {allowUnfree = true;};
};
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
};
}; };
}; };
mkWorkstation = pkgs: system: hostname:
nixosConfigurations = { pkgs.lib.nixosSystem {
foryog = mkWorkstation nixpkgs-stable "x86_64-linux" "foryog"; inherit system;
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; modules = [
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; (./. + "/nixos/boxes/${hostname}")
vpsfree1 = mkServer nixpkgs-stable"x86_64-linux" "vpsfree1"; (import ./nixos/email-accounts.nix)
mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1"; (import ./nixos/common.nix)
homescreen = mkRaspi nixpkgs-stable "homescreen"; sops.nixosModules.sops
disko.nixosModules.disko
bootstrap = nixpkgs-stable.lib.nixosSystem rec { home-manager.nixosModules.home-manager
system = "x86_64-linux"; {
modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ]; home-manager.useGlobalPkgs = true;
specialArgs = { home-manager.useUserPackages = true;
inherit inputs system; home-manager.users.cyryl = {
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
inherit system; _module.args.inputs = inputs;
config = { allowUnfree = true; }; _module.args.system = system;
}; };
}
];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable {
inherit system;
config = {allowUnfree = true;};
};
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
}; };
}; };
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage };
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress mkShell = packageSet: system: let
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes pkgs = packageSet.legacyPackages.${system};
raspiimage = nixpkgs-stable.lib.nixosSystem { in
system = "aarch64-linux"; pkgs.mkShell {
modules = [ packages = with pkgs; [
(import inputs.alejandra.defaultPackage.${system}
"${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix") cacert
{ git
environment.systemPackages = git-lfs
with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [ nixpkgs-fmt
neovim openssh
htop openssl
btop pkg-config
atop statix
]; ];
};
networking.networkmanager.enable = false; in {
hardware.enableRedistributableFirmware = true; devShells = {
networking.wireless.enable = true; "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin";
"x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux";
services.openssh = { };
enable = true; darwinConfigurations = {
permitRootLogin = "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec {
nixpkgs-stable.lib.mkForce "prohibit-password"; system = "x86_64-darwin";
passwordAuthentication = false; modules = [
}; (./. + "/nixos/boxes/form3")
home-manager.darwinModules.home-manager
services.xserver = { {
enable = true; home-manager.useGlobalPkgs = true;
displayManager.lightdm.enable = true; home-manager.useUserPackages = true;
desktopManager.gnome.enable = true; home-manager.users.cyryl = {
libinput.enable = true; imports = [./nixos/home-manager];
}; _module.args.inputs = inputs;
_module.args.system = system;
users.extraUsers.root.openssh.authorizedKeys.keys = [ };
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" }
]; ];
sdImage.compressImage = false;
console.earlySetup = true;
}
];
specialArgs = { inherit inputs; };
};
}; };
}; };
nixosConfigurations = {
foryog = mkWorkstation nixpkgs-stable "x86_64-linux" "foryog";
thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky";
bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1";
mb1 = mkServer nixpkgs-stable "x86_64-linux" "mb1";
homescreen = mkRaspi nixpkgs-stable "homescreen";
bootstrap = nixpkgs-stable.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [(./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops];
specialArgs = {
inherit inputs system;
nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
inherit system;
config = {allowUnfree = true;};
};
};
};
# nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage
# sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress
# make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes
raspiimage = nixpkgs-stable.lib.nixosSystem {
system = "aarch64-linux";
modules = [
(import
"${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
{
environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
neovim
htop
btop
atop
];
networking.networkmanager.enable = false;
hardware.enableRedistributableFirmware = true;
networking.wireless.enable = true;
services.openssh = {
enable = true;
permitRootLogin =
nixpkgs-stable.lib.mkForce "prohibit-password";
passwordAuthentication = false;
};
services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
desktopManager.gnome.enable = true;
libinput.enable = true;
};
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
];
sdImage.compressImage = false;
console.earlySetup = true;
}
];
specialArgs = {inherit inputs;};
};
};
};
inputs = { inputs = {
nixpkgs-master = { nixpkgs-master = {
type = "github"; type = "github";

View file

@ -1,5 +1,10 @@
{ config, pkgs, lib, ... }: { {
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; config,
pkgs,
lib,
...
}: {
fileSystems."/".options = ["noatime" "nodiratime" "discard"];
hardware.enableRedistributableFirmware = lib.mkDefault true; hardware.enableRedistributableFirmware = lib.mkDefault true;
boot = { boot = {

View file

@ -1,26 +1,29 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
boot = { boot = {
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
initrd.availableKernelModules = initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"];
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ]; initrd.kernelModules = ["dm-snapshot"];
initrd.kernelModules = [ "dm-snapshot" ]; kernelModules = ["kvm-amd"];
kernelModules = [ "kvm-amd" ]; extraModulePackages = [];
extraModulePackages = [ ];
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = false; loader.efi.canTouchEfiVariables = false;
supportedFilesystems = [ "zfs" ]; supportedFilesystems = ["zfs"];
zfs.forceImportRoot = false; zfs.forceImportRoot = false;
}; };
services.btrfs.autoScrub.enable = true; services.btrfs.autoScrub.enable = true;
services.zfs.autoScrub.enable = true; services.zfs.autoScrub.enable = true;
services.zfs.trim.enable = true; services.zfs.trim.enable = true;
boot.kernelParams = [ "zfs.zfs_arc_max=8589934592" ];
boot.zfs.extraPools = [ "data" ]; boot.kernelParams = ["zfs.zfs_arc_max=8589934592"];
fileSystems."/" = { boot.zfs.extraPools = ["data"];
fileSystems."/" = {
device = "/dev/disk/by-uuid/28afab71-ff3d-4f1a-b7e4-2129572706dd"; device = "/dev/disk/by-uuid/28afab71-ff3d-4f1a-b7e4-2129572706dd";
fsType = "btrfs"; fsType = "btrfs";
}; };
@ -30,7 +33,7 @@
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
nix.settings = { nix.settings = {
max-jobs = 8; max-jobs = 8;

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
imports = [ imports = [
../cli.nix ../cli.nix
./bolty-boot.nix ./bolty-boot.nix
@ -15,7 +21,7 @@
./tailscale-cert.nix ./tailscale-cert.nix
./virtualisation.nix ./virtualisation.nix
]; ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = ["aarch64-linux"];
programs.ccache.enable = true; programs.ccache.enable = true;
networking.hostName = "bolty"; networking.hostName = "bolty";
networking.hostId = "f05dd3b4"; networking.hostId = "f05dd3b4";

View file

@ -1,9 +1,14 @@
{ config, pkgs, inputs, lib, system, ... }: {
let config,
pkgs,
inputs,
lib,
system,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable; unstable = inputs.nixpkgs-nixos-unstable;
package = unstable.legacyPackages."${system}".gitea-actions-runner; package = unstable.legacyPackages."${system}".gitea-actions-runner;
in in {
{
sops.secrets."gitea-runner-token" = { sops.secrets."gitea-runner-token" = {
sopsFile = ./gitea-runner-token.sops; sopsFile = ./gitea-runner-token.sops;
format = "binary"; format = "binary";
@ -11,11 +16,11 @@ in
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
autoPrune.enable = true; autoPrune.enable = true;
daemon.settings = { daemon.settings = {
}; };
}; };
disabledModules = [ "services/continuous-integration/gitea-actions-runner.nix" ]; disabledModules = ["services/continuous-integration/gitea-actions-runner.nix"];
imports = [ "${unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix" ]; imports = ["${unstable}/nixos/modules/services/continuous-integration/gitea-actions-runner.nix"];
services.gitea-actions-runner = { services.gitea-actions-runner = {
inherit package; inherit package;

View file

@ -1,12 +1,17 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
fqdn = "bolty.raptor-carp.ts.net"; fqdn = "bolty.raptor-carp.ts.net";
port = 30001; port = 30001;
path = "/data/grafana"; path = "/data/grafana";
certPath = "${path}/cert.pem"; certPath = "${path}/cert.pem";
keyPath = "${path}/key.pem"; keyPath = "${path}/key.pem";
in { in {
networking.firewall.allowedTCPPorts = [ port ]; networking.firewall.allowedTCPPorts = [port];
systemd.services.grafana-prep = { systemd.services.grafana-prep = {
script = '' script = ''
@ -19,15 +24,15 @@ in {
Type = "oneshot"; Type = "oneshot";
ReloadPropagatedFrom = "tailscale-cert.service"; ReloadPropagatedFrom = "tailscale-cert.service";
}; };
before = [ "grafana.service" ]; before = ["grafana.service"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
after = [ after = [
"network.target" "network.target"
"network-online.target" "network-online.target"
"tailscaled.service" "tailscaled.service"
"tailscale-cert.service" "tailscale-cert.service"
]; ];
wants = [ "tailscale-cert.service" ]; wants = ["tailscale-cert.service"];
}; };
systemd.services.grafana = { systemd.services.grafana = {

View file

@ -1,15 +1,20 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
port = 8123; port = 8123;
path = "/data/nginx"; path = "/data/nginx";
certPath = "${path}/cert.pem"; certPath = "${path}/cert.pem";
keyPath = "${path}/key.pem"; keyPath = "${path}/key.pem";
in { in {
imports = [ ../nginx.nix ./virtualisation.nix ]; imports = [../nginx.nix ./virtualisation.nix];
networking.firewall.allowedTCPPorts = [ port 1883 ]; networking.firewall.allowedTCPPorts = [port 1883];
services.mosquitto = { services.mosquitto = {
enable = true; enable = true;
listeners = [ listeners = [
{ {
port = 1883; port = 1883;
@ -18,8 +23,9 @@ in {
settings = { settings = {
allow_anonymous = true; allow_anonymous = true;
}; };
acl = [ "topic readwrite #" ]; acl = ["topic readwrite #"];
}]; }
];
}; };
services.nginx = { services.nginx = {
@ -48,15 +54,14 @@ in {
Type = "oneshot"; Type = "oneshot";
ReloadPropagatedFrom = "tailscale-cert.service"; ReloadPropagatedFrom = "tailscale-cert.service";
}; };
before = [ "nginx.service" ]; before = ["nginx.service"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
after = [ after = [
"network.target" "network.target"
"network-online.target" "network-online.target"
"tailscaled.service" "tailscaled.service"
"tailscale-cert.service" "tailscale-cert.service"
]; ];
wants = [ "tailscale-cert.service" ]; wants = ["tailscale-cert.service"];
}; };
} }

View file

@ -1,2 +1,8 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
} }

View file

@ -1,12 +1,17 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
fqdn = "bolty.raptor-carp.ts.net"; fqdn = "bolty.raptor-carp.ts.net";
port = 8086; port = 8086;
path = "/data/influxdb"; path = "/data/influxdb";
certPath = "${path}/cert.pem"; certPath = "${path}/cert.pem";
keyPath = "${path}/key.pem"; keyPath = "${path}/key.pem";
in { in {
networking.firewall.allowedTCPPorts = [ port ]; networking.firewall.allowedTCPPorts = [port];
systemd.services.influxdb2-prep = { systemd.services.influxdb2-prep = {
script = '' script = ''
@ -19,15 +24,15 @@ in {
Type = "oneshot"; Type = "oneshot";
ReloadPropagatedFrom = "tailscale-cert.service"; ReloadPropagatedFrom = "tailscale-cert.service";
}; };
before = [ "influxdb2.service" ]; before = ["influxdb2.service"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
after = [ after = [
"network.target" "network.target"
"network-online.target" "network-online.target"
"tailscaled.service" "tailscaled.service"
"tailscale-cert.service" "tailscale-cert.service"
]; ];
wants = [ "tailscale-cert.service" ]; wants = ["tailscale-cert.service"];
}; };
systemd.services.influxdb2 = { systemd.services.influxdb2 = {
@ -48,5 +53,4 @@ in {
tls-key = "${keyPath}"; tls-key = "${keyPath}";
}; };
}; };
} }

View file

@ -1,5 +1,11 @@
{ config, pkgs, inputs, lib, ... }: { {
networking.firewall.allowedTCPPorts = [ 2049 ]; config,
pkgs,
inputs,
lib,
...
}: {
networking.firewall.allowedTCPPorts = [2049];
services.nfs.server.enable = true; services.nfs.server.enable = true;
services.nfs.server.exports = '' services.nfs.server.exports = ''
/data/nfs 10.0.0.244/24(rw,sync,insecure,no_subtree_check,fsid=0) 100.81.212.51(rw,sync,insecure,no_subtree_check) /data/nfs 10.0.0.244/24(rw,sync,insecure,no_subtree_check,fsid=0) 100.81.212.51(rw,sync,insecure,no_subtree_check)
@ -7,5 +13,4 @@
/data/nfs/home_assistant/media 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check) /data/nfs/home_assistant/media 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
/data/nfs/home_assistant/backups 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check) /data/nfs/home_assistant/backups 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
''; '';
}
}

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
networking.hostName = "bolty"; networking.hostName = "bolty";
systemd.network.enable = true; systemd.network.enable = true;
networking.networkmanager.enable = false; networking.networkmanager.enable = false;
@ -8,10 +14,10 @@
}; };
systemd.network.networks."br0" = { systemd.network.networks."br0" = {
name = "br0"; name = "br0";
address = [ "10.0.0.8/24" ]; address = ["10.0.0.8/24"];
gateway = [ "10.0.0.1" ]; gateway = ["10.0.0.1"];
DHCP = "no"; DHCP = "no";
dns = [ "100.100.100.100" "9.9.9.9" ]; dns = ["100.100.100.100" "9.9.9.9"];
}; };
systemd.network.networks."eth" = { systemd.network.networks."eth" = {

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
nix.settings.trusted-users = [ "nix-ssh" ]; config,
pkgs,
...
}: {
nix.settings.trusted-users = ["nix-ssh"];
nix.sshServe = { nix.sshServe = {
enable = true; enable = true;
write = true; write = true;

View file

@ -1,39 +1,45 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 631 6566 ]; networking.firewall.allowedTCPPorts = [631 6566];
networking.firewall.allowedUDPPorts = [ 631 6566 ]; networking.firewall.allowedUDPPorts = [631 6566];
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ epson-escpr ]; drivers = with pkgs; [epson-escpr];
listenAddresses = [ "*:631" ]; listenAddresses = ["*:631"];
defaultShared = true; defaultShared = true;
browsing = true; browsing = true;
allowFrom = [ "all" ]; allowFrom = ["all"];
extraConf = '' extraConf = ''
ServerAlias * ServerAlias *
DefaultEncryption Never DefaultEncryption Never
''; '';
}; };
hardware.printers.ensurePrinters = [{ hardware.printers.ensurePrinters = [
description = "Epson XP-540"; {
location = "connected to bolty"; description = "Epson XP-540";
name = "epson_xp540"; location = "connected to bolty";
deviceUri = name = "epson_xp540";
"usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1"; deviceUri = "usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1";
model = "raw"; model = "raw";
ppdOptions = { PageSize = "A4"; }; ppdOptions = {PageSize = "A4";};
}]; }
];
hardware.sane = { hardware.sane = {
enable = true; enable = true;
extraBackends = with pkgs; [ sane-airscan gawk ]; extraBackends = with pkgs; [sane-airscan gawk];
snapshot = true; snapshot = true;
}; };
services.udev.packages = [ ]; services.udev.packages = [];
environment.systemPackages = with pkgs; [ gawk ]; environment.systemPackages = with pkgs; [gawk];
services.saned = { services.saned = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''

View file

@ -1,34 +1,39 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
fqdn = "bolty.raptor-carp.ts.net"; fqdn = "bolty.raptor-carp.ts.net";
basePath = "/var/lib/tailscale-certs"; basePath = "/var/lib/tailscale-certs";
keyPath = "${basePath}/key.pem"; keyPath = "${basePath}/key.pem";
certPath = "${basePath}/cert.pem"; certPath = "${basePath}/cert.pem";
in { in {
imports = [ ]; imports = [];
systemd.services.tailscale-cert-make-path = { systemd.services.tailscale-cert-make-path = {
script = '' script = ''
mkdir -p ${basePath} mkdir -p ${basePath}
''; '';
serviceConfig = { Type = "oneshot"; }; serviceConfig = {Type = "oneshot";};
before = [ "tailscale-cert.service" ]; before = ["tailscale-cert.service"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
}; };
systemd.services.tailscale-cert = { systemd.services.tailscale-cert = {
after = [ "network.target" "network-online.target" "tailscaled.service" ]; after = ["network.target" "network-online.target" "tailscaled.service"];
wants = [ "tailscaled.service" ]; wants = ["tailscaled.service"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
path = with pkgs; [ tailscale ]; path = with pkgs; [tailscale];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
UMask = 22; UMask = 22;
StateDirectoryMode = 750; StateDirectoryMode = 750;
ProtectSystem = "strict"; ProtectSystem = "strict";
ReadWritePaths = [ "${basePath}" ]; ReadWritePaths = ["${basePath}"];
PrivateTmp = true; PrivateTmp = true;
WorkingDirectory = "${basePath}"; WorkingDirectory = "${basePath}";
NoNewPrivileges = true; NoNewPrivileges = true;
@ -36,16 +41,16 @@ in {
ProtectClock = true; ProtectClock = true;
ProtectHome = true; ProtectHome = true;
ProtectHostname = true; ProtectHostname = true;
StateDirectory = [ "${basePath}" ]; StateDirectory = ["${basePath}"];
}; };
script = '' script = ''
tailscale cert --cert-file ${certPath} --key-file ${keyPath} ${fqdn} tailscale cert --cert-file ${certPath} --key-file ${keyPath} ${fqdn}
''; '';
}; };
systemd.timers.tailscale-renew = { systemd.timers.tailscale-renew = {
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
description = "Renew tailscale server cert"; description = "Renew tailscale server cert";
timerConfig = { timerConfig = {
OnCalendar = "weekly"; OnCalendar = "weekly";

View file

@ -1,10 +1,16 @@
{ config, pkgs, inputs, lib, ... }: { {
boot.kernelModules = [ "kvm_amd" ]; config,
pkgs,
inputs,
lib,
...
}: {
boot.kernelModules = ["kvm_amd"];
virtualisation = { virtualisation = {
libvirtd = { libvirtd = {
enable = true; enable = true;
qemu.ovmf.enable = true; qemu.ovmf.enable = true;
allowedBridges = [ "br0" ]; allowedBridges = ["br0"];
}; };
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -14,8 +20,7 @@
virt-viewer virt-viewer
lm_sensors lm_sensors
]; ];
networking.firewall.allowedTCPPorts = [ 5900 ]; networking.firewall.allowedTCPPorts = [5900];
security.allowUserNamespaces = true; security.allowUserNamespaces = true;
} }

View file

@ -16,5 +16,5 @@
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
programs.zsh.enable=true; programs.zsh.enable = true;
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
atop atop
btop btop

View file

@ -1,14 +1,21 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: {
let config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
form3_cert_path = ./form3-palo-alto.pem; form3_cert_path = ./form3-palo-alto.pem;
form3_cert_bundle = builtins.toFile "form3-cert-bundle.crt" form3_cert_bundle =
builtins.toFile "form3-cert-bundle.crt"
(builtins.readFile system_cert_bundle_path (builtins.readFile system_cert_bundle_path
+ builtins.readFile form3_cert_path); + builtins.readFile form3_cert_path);
in { in {
environment.systemPackages = with pkgs; [ vim nixfmt ]; environment.systemPackages = with pkgs; [vim nixfmt];
imports = [ ../../git ../../mercurial ]; imports = [../../git ../../mercurial];
services.nix-daemon.enable = true; services.nix-daemon.enable = true;
nix = { nix = {
useDaemon = true; useDaemon = true;
@ -30,7 +37,7 @@ in {
source-code-pro source-code-pro
weather-icons weather-icons
]; ];
security.pki.certificateFiles = [ form3_cert_path system_cert_bundle_path ]; security.pki.certificateFiles = [form3_cert_path system_cert_bundle_path];
environment.variables = { environment.variables = {
SSL_CERT_FILE = form3_cert_bundle; SSL_CERT_FILE = form3_cert_bundle;
NIX_SSL_CERT_FILE = form3_cert_bundle; NIX_SSL_CERT_FILE = form3_cert_bundle;
@ -41,9 +48,9 @@ in {
system.stateVersion = 4; system.stateVersion = 4;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ]; imports = [];
home.packages = with pkgs; [ awscli kubectl cargo-update ]; home.packages = with pkgs; [awscli kubectl cargo-update];
programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech"; programs.git.userEmail = lib.mkForce "cyryl.plotnicki@form3.tech";
programs.git.extraConfig = { programs.git.extraConfig = {
user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED"; user.signingkey = "6441B1BC81F8FB1561C9AFF5534222210FE423ED";

View file

@ -26,7 +26,7 @@
fileSystems."/" = {options = ["compress=zstd"];}; fileSystems."/" = {options = ["compress=zstd"];};
services.restic.backups.home-to-b2 = { services.restic.backups.home-to-b2 = {
repository = lib.mkForce "b2:cyplo-restic-foureighty:/"; repository = lib.mkForce "b2:cyplo-restic-foureighty:/";
}; };
boot.kernelParams = ["initcall_debug" ''dyndbg="file suspend.c +p"'' "no_console_suspend"]; boot.kernelParams = ["initcall_debug" ''dyndbg="file suspend.c +p"'' "no_console_suspend"];
boot.tmp.cleanOnBoot = true; boot.tmp.cleanOnBoot = true;

View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: { {
config,
lib,
pkgs,
inputs,
...
}: {
boot = { boot = {
kernelModules = [ "kvm-intel" ]; kernelModules = ["kvm-intel"];
initrd = { initrd = {
kernelModules = [ "dm-snapshot" ]; kernelModules = ["dm-snapshot"];
availableKernelModules = availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
[ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
}; };
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
@ -13,9 +18,8 @@
loader.efi.efiSysMountPoint = "/boot/efi"; loader.efi.efiSysMountPoint = "/boot/efi";
}; };
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = "/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
"/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
fileSystems."/boot/efi" = { fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/D6C0-1A9D"; device = "/dev/disk/by-uuid/D6C0-1A9D";
@ -25,8 +29,8 @@
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a"; device = "/dev/disk/by-uuid/98f3597c-183a-45fb-b2a4-b598c18d089a";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" ]; options = ["subvol=@"];
}; };
swapDevices = [ ]; swapDevices = [];
} }

View file

@ -1,4 +1,11 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: { {
config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "foureighty"; networking.hostName = "foureighty";
imports = [ imports = [
@ -17,9 +24,9 @@
../../sdr.nix ../../sdr.nix
]; ];
fileSystems."/" = { options = [ "compress=zstd" ]; }; fileSystems."/" = {options = ["compress=zstd"];};
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = ["aarch64-linux"];
boot.plymouth = { boot.plymouth = {
enable = true; enable = true;
logo = ./boot.png; logo = ./boot.png;
@ -56,9 +63,9 @@
}; };
}; };
}; };
services.fprintd = { enable = true; }; services.fprintd = {enable = true;};
programs.ccache.enable = true; programs.ccache.enable = true;
hardware.opengl.extraPackages = with pkgs; [ libva ]; hardware.opengl.extraPackages = with pkgs; [libva];
programs.steam.enable = true; programs.steam.enable = true;
nixpkgs.config.allowUnfreePredicate = pkg: nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [ builtins.elem (lib.getName pkg) [
@ -71,15 +78,11 @@
"vscode" "vscode"
]; ];
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = imports = [../../home-manager/programs/alacritty.nix ../../gui/vscode.nix];
[ ../../home-manager/programs/alacritty.nix ../../gui/vscode.nix ]; home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
home.packages = [bisq-desktop]
with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux"; ++ (with pkgs; [lutris])
[ bisq-desktop ] ++ ++ (with inputs.endless-sky.legacyPackages."x86_64-linux"; [endless-sky]);
(with pkgs; [ lutris ])
++ (with inputs.endless-sky.legacyPackages."x86_64-linux";
[ endless-sky ]);
}; };
} }

View file

@ -1,14 +1,19 @@
{ config, pkgs, inputs, lib, ... }: { {
imports = config,
[ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale ]; pkgs,
inputs,
lib,
...
}: {
imports = [inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale];
networking = { networking = {
hostName = "homescreen"; hostName = "homescreen";
networkmanager = { enable = true; }; networkmanager = {enable = true;};
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
environment.systemPackages = with pkgs; [ neovim htop btop atop ]; environment.systemPackages = with pkgs; [neovim htop btop atop];
services.fail2ban.enable = true; services.fail2ban.enable = true;
@ -33,7 +38,7 @@
users = { users = {
mutableUsers = false; mutableUsers = false;
users.kiosk = { isNormalUser = true; }; users.kiosk = {isNormalUser = true;};
}; };
users.extraUsers.root.openssh.authorizedKeys.keys = [ users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
@ -42,12 +47,12 @@
"/" = { "/" = {
device = "/dev/disk/by-label/NIXOS_SD"; device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4"; fsType = "ext4";
options = [ "noatime" ]; options = ["noatime"];
}; };
"/boot/firmware" = { "/boot/firmware" = {
device = "/dev/disk/by-label/FIRMWARE"; device = "/dev/disk/by-label/FIRMWARE";
fsType = "vfat"; fsType = "vfat";
options = [ "nofail" "noauto" ]; options = ["nofail" "noauto"];
}; };
}; };
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";

View file

@ -1,16 +1,22 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
imports = [ imports = [
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/services/misc/atuin.nix" "${inputs.nixpkgs-nixos-unstable}/nixos/modules/services/misc/atuin.nix"
../nginx.nix ../nginx.nix
]; ];
disabledModules = [ "services/misc/atuin.nix" ]; disabledModules = ["services/misc/atuin.nix"];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"atuin.cyplo.dev" = { "atuin.cyplo.dev" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:8888"; }; locations."/" = {proxyPass = "http://127.0.0.1:8888";};
}; };
}; };
}; };

View file

@ -1,16 +1,18 @@
{ config, pkgs, ... }:
let
path = "/var/www/blog/";
in
{ {
imports = [ ../nginx.nix ]; config,
pkgs,
...
}: let
path = "/var/www/blog/";
in {
imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"blog.cyplo.dev" = { "blog.cyplo.dev" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
root = path; root = path;
}; };
}; };
"blog.cyplo.net" = { "blog.cyplo.net" = {
@ -24,12 +26,12 @@ in
users.extraUsers.blog = { users.extraUsers.blog = {
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog"
]; ];
group = "nginx"; group = "nginx";
isSystemUser = false; isSystemUser = false;
isNormalUser = true; isNormalUser = true;
home = path; home = path;
createHome = true; createHome = true;
homeMode = "750"; homeMode = "750";
}; };
} }

View file

@ -1,10 +1,15 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
boot.loader.grub = { boot.loader.grub = {
devices = [ "/dev/vda" ]; devices = ["/dev/vda"];
efiSupport = true; efiSupport = true;
efiInstallAsRemovable = true; efiInstallAsRemovable = true;
}; };
} }

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
imports = [ imports = [
"${inputs.nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix" "${inputs.nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix"
../cli.nix ../cli.nix
@ -10,7 +16,6 @@
]; ];
networking.hostName = "mb1"; networking.hostName = "mb1";
zramSwap = { zramSwap = {
enable = true; enable = true;
algorithm = "zstd"; algorithm = "zstd";
@ -18,5 +23,4 @@
}; };
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
} }

View file

@ -12,7 +12,7 @@ _: {
name = "boot"; name = "boot";
start = "0"; start = "0";
end = "1M"; end = "1M";
flags = [ "bios_grub" ]; flags = ["bios_grub"];
} }
{ {
name = "ESP"; name = "ESP";

View file

@ -1,11 +1,14 @@
{ config, pkgs, ... }: { {
imports = [ ../nginx.nix ]; config,
pkgs,
...
}: {
imports = [../nginx.nix];
virtualisation.oci-containers.containers.searxng = { virtualisation.oci-containers.containers.searxng = {
image = image = "searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06";
"searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06"; volumes = [];
volumes = [ ]; environment = {BASE_URL = "https://search.cyplo.dev";};
environment = { BASE_URL = "https://search.cyplo.dev"; }; ports = ["9999:8080"];
ports = [ "9999:8080" ];
}; };
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
@ -28,5 +31,4 @@
}; };
}; };
}; };
} }

View file

@ -1,4 +1,9 @@
{ config, pkgs, lib,... }: { {
config,
pkgs,
lib,
...
}: {
networking.hostName = "thinky"; networking.hostName = "thinky";
imports = [ imports = [
@ -28,7 +33,7 @@
builtins.elem (lib.getName pkg) [ builtins.elem (lib.getName pkg) [
"spotify" "spotify"
]; ];
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ../../home-manager/programs/termite.nix ]; imports = [../../home-manager/programs/termite.nix];
}; };
} }

View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: { {
config,
lib,
pkgs,
inputs,
...
}: {
boot = { boot = {
kernelModules = [ "kvm-intel" ]; kernelModules = ["kvm-intel"];
initrd = { initrd = {
kernelModules = [ "dm-snapshot" ]; kernelModules = ["dm-snapshot"];
availableKernelModules = availableKernelModules = ["ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"];
[ "ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
}; };
loader.grub.enable = true; loader.grub.enable = true;
@ -17,15 +22,14 @@
fsType = "btrfs"; fsType = "btrfs";
}; };
boot.initrd.luks.devices."crypt".device = boot.initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
"/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317"; device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317";
fsType = "ext2"; fsType = "ext2";
}; };
swapDevices = [ ]; swapDevices = [];
nix.settings = { nix.settings = {
max-jobs = 2; max-jobs = 2;

View file

@ -1,9 +1,12 @@
{ config, pkgs, ... }: {
let config,
pkgs,
...
}: let
genericBackupPath = "/var/lib/backups/"; genericBackupPath = "/var/lib/backups/";
containersBackupPath = "${genericBackupPath}/oci-containers/"; containersBackupPath = "${genericBackupPath}/oci-containers/";
in rec { in rec {
environment.systemPackages = with pkgs; [ restic ]; environment.systemPackages = with pkgs; [restic];
sops.secrets."restic-backups-b2-repo-password" = { sops.secrets."restic-backups-b2-repo-password" = {
sopsFile = ./restic.sops.yaml; sopsFile = ./restic.sops.yaml;
@ -31,14 +34,13 @@ in rec {
backupCleanupCommand = '' backupCleanupCommand = ''
systemctl start container@mastodon.service systemctl start container@mastodon.service
''; '';
timerConfig = { OnCalendar = "daily"; }; timerConfig = {OnCalendar = "daily";};
environmentFile = environmentFile = "${config.sops.secrets.restic-backups-b2-environment.path}";
"${config.sops.secrets.restic-backups-b2-environment.path}";
}; };
}; };
systemd.services.restic-backups-b2 = { systemd.services.restic-backups-b2 = {
environment = { GOMAXPROCS = "1"; }; environment = {GOMAXPROCS = "1";};
serviceConfig = { serviceConfig = {
Nice = 19; Nice = 19;
IOSchedulingClass = "idle"; IOSchedulingClass = "idle";

View file

@ -1,12 +1,18 @@
{ config, pkgs, inputs, lib, ... }: { {
imports = [ ../nginx.nix ]; config,
pkgs,
inputs,
lib,
...
}: {
imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"notes.purrfect.estate" = { "notes.purrfect.estate" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
serverAliases = [ "notes-sandbox.purrfect.estate" ]; serverAliases = ["notes-sandbox.purrfect.estate"];
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:9005"; proxyPass = "http://127.0.0.1:9005";
proxyWebsockets = true; proxyWebsockets = true;
@ -15,8 +21,7 @@
}; };
}; };
virtualisation.oci-containers.containers.cryptpad = { virtualisation.oci-containers.containers.cryptpad = {
image = image = "promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87";
"promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87";
volumes = [ volumes = [
"${./cryptpad.config.js}:/cryptpad/config/config.js" "${./cryptpad.config.js}:/cryptpad/config/config.js"
@ -34,6 +39,6 @@
CPAD_TRUSTED_PROXY = "0.0.0.0/0"; CPAD_TRUSTED_PROXY = "0.0.0.0/0";
CPAD_HTTP2_DISABLE = "true"; CPAD_HTTP2_DISABLE = "true";
}; };
ports = [ "9005:80" ]; ports = ["9005:80"];
}; };
} }

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: { {
config,
pkgs,
inputs,
lib,
...
}: {
networking.hostName = "vpsfree1"; networking.hostName = "vpsfree1";
imports = [ imports = [
@ -20,7 +26,7 @@
DefaultTimeoutStartSec=900s DefaultTimeoutStartSec=900s
''; '';
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = ["aarch64-linux"];
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
nix.settings.cores = 8; nix.settings.cores = 8;
} }

View file

@ -1,71 +1,85 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
port = 8081; port = 8081;
domain = "fossil.cyplo.dev"; domain = "fossil.cyplo.dev";
baseurl = "https://${domain}"; baseurl = "https://${domain}";
path = "/var/lib/fossil"; path = "/var/lib/fossil";
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = { "${domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { proxyPass = "http://localhost:" + toString port; }; locations."/" = {proxyPass = "http://localhost:" + toString port;};
}; };
}; };
}; };
containers.fossil = { containers.fossil = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = port; {
hostPort = port; containerPort = port;
}]; hostPort = port;
}
];
bindMounts = { bindMounts = {
"${path}" = { "${path}" = {
hostPath = "${path}"; hostPath = "${path}";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { config, pkgs, ... }: config = {
let config,
user = "fossil"; pkgs,
group = "fossil"; ...
in { }: let
system.stateVersion = "23.05"; user = "fossil";
environment.systemPackages = [ pkgs.fossil ]; group = "fossil";
users.groups = { "${group}" = { }; }; in {
users.users = { system.stateVersion = "23.05";
fossil = { environment.systemPackages = [pkgs.fossil];
inherit group; users.groups = {"${group}" = {};};
description = "Fossil Service"; users.users = {
home = path; fossil = {
useDefaultShell = true; inherit group;
isSystemUser = true; description = "Fossil Service";
}; home = path;
}; useDefaultShell = true;
isSystemUser = true;
systemd.tmpfiles.rules = [ "d '${path}' 0770 ${user} ${group} - -" ];
systemd.services.fossil = {
description = "fossil server";
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
path = [ pkgs.fossil pkgs.git ];
serviceConfig = {
User = user;
Group = group;
WorkingDirectory = path;
ReadWritePaths = [ path ];
ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost"
+ " --https" + " --port ${toString port}"
+ " --baseurl ${baseurl}" + " --repolist ${path}";
Restart = "always";
RestartSec = 3;
};
}; };
}; };
systemd.tmpfiles.rules = ["d '${path}' 0770 ${user} ${group} - -"];
systemd.services.fossil = {
description = "fossil server";
after = ["network-online.target"];
wantedBy = ["multi-user.target"];
path = [pkgs.fossil pkgs.git];
serviceConfig = {
User = user;
Group = group;
WorkingDirectory = path;
ReadWritePaths = [path];
ExecStart =
"${pkgs.fossil}/bin/fossil server"
+ " --localhost"
+ " --https"
+ " --port ${toString port}"
+ " --baseurl ${baseurl}"
+ " --repolist ${path}";
Restart = "always";
RestartSec = 3;
};
};
};
}; };
} }

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
foundryvtt = pkgs.fetchzip { foundryvtt = pkgs.fetchzip {
name = "foundryvtt"; name = "foundryvtt";
url = "file:///" + ./FoundryVTT-11.306.zip; url = "file:///" + ./FoundryVTT-11.306.zip;
@ -8,7 +13,7 @@ let
stripRoot = false; stripRoot = false;
}; };
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
clientMaxBodySize = "300M"; clientMaxBodySize = "300M";
@ -26,21 +31,27 @@ in {
containers.foundryvtt = { containers.foundryvtt = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = 30000; {
hostPort = 30000; containerPort = 30000;
}]; hostPort = 30000;
}
];
bindMounts = { bindMounts = {
"/var/lib/foundryvtt" = { "/var/lib/foundryvtt" = {
hostPath = "/var/lib/foundryvtt"; hostPath = "/var/lib/foundryvtt";
isReadOnly = false; isReadOnly = false;
}; };
}; };
config = { config, pkgs, ... }: { config = {
config,
pkgs,
...
}: {
system.stateVersion = "23.05"; system.stateVersion = "23.05";
systemd.services."foundryvtt" = { systemd.services."foundryvtt" = {
requires = [ "network-online.target" ]; requires = ["network-online.target"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
script = '' script = ''
mkdir -p /var/lib/foundryvtt mkdir -p /var/lib/foundryvtt
${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt ${pkgs.nodejs-18_x}/bin/node ${foundryvtt}/resources/app/main.js --dataPath=/var/lib/foundryvtt

View file

@ -1,5 +1,11 @@
{ config, pkgs, inputs, lib, system, ... }: {
let config,
pkgs,
inputs,
lib,
system,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable; unstable = inputs.nixpkgs-nixos-unstable;
package = unstable.legacyPackages."${system}".gitea; package = unstable.legacyPackages."${system}".gitea;
httpPort = 8083; httpPort = 8083;
@ -23,18 +29,18 @@ let
}; };
groups."${systemGroupName}" = { groups."${systemGroupName}" = {
inherit gid; inherit gid;
members = [ "${systemUserName}" "nginx" ]; members = ["${systemUserName}" "nginx"];
}; };
}; };
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
inherit users; inherit users;
boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; }; boot.kernel.sysctl = {"net.ipv4.ip_unprivileged_port_start" = 0;};
systemd.services.systemd-sysctl.enable = lib.mkForce true; systemd.services.systemd-sysctl.enable = lib.mkForce true;
networking.firewall.allowedTCPPorts = [ sshPort ]; networking.firewall.allowedTCPPorts = [sshPort];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = { "${domain}" = {
@ -76,15 +82,21 @@ in {
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { config, pkgs, lib, ... }: { config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "23.05"; system.stateVersion = "23.05";
users = users // { users =
mutableUsers = false; users
allowNoPasswordLogin = true; // {
}; mutableUsers = false;
disabledModules = [ "services/misc/gitea.nix" ]; allowNoPasswordLogin = true;
imports = };
[ "${unstable}/nixos/modules/services/misc/gitea.nix" ]; disabledModules = ["services/misc/gitea.nix"];
imports = ["${unstable}/nixos/modules/services/misc/gitea.nix"];
services.gitea = { services.gitea = {
enable = true; enable = true;
inherit package; inherit package;
@ -101,8 +113,7 @@ in {
"markup.mermaid" = { "markup.mermaid" = {
ENABLED = true; ENABLED = true;
FILE_EXTENSIONS = ".md"; FILE_EXTENSIONS = ".md";
RENDER_COMMAND = RENDER_COMMAND = "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
"${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
IS_INPUT_FILE = false; IS_INPUT_FILE = false;
}; };
server = { server = {

View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
newestPackages = inputs.nixpkgs-master.legacyPackages.${pkgs.system}; newestPackages = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
package = newestPackages.mastodon; package = newestPackages.mastodon;
domain = "peninsula.industries"; domain = "peninsula.industries";
@ -24,7 +29,7 @@ let
}; };
groups."${systemGroupName}" = { groups."${systemGroupName}" = {
inherit gid; inherit gid;
members = [ "${systemUserName}" "nginx" ]; members = ["${systemUserName}" "nginx"];
}; };
}; };
secretSettings = { secretSettings = {
@ -33,7 +38,7 @@ let
}; };
publicPath = "${path}/public-system/"; publicPath = "${path}/public-system/";
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
services.nginx = { services.nginx = {
@ -43,7 +48,7 @@ in {
enableACME = true; enableACME = true;
root = "${package}/public/"; root = "${package}/public/";
locations."/" = { tryFiles = "$uri @proxy"; }; locations."/" = {tryFiles = "$uri @proxy";};
locations."/system/".alias = "${publicPath}"; locations."/system/".alias = "${publicPath}";
locations."@proxy" = { locations."@proxy" = {
@ -58,14 +63,18 @@ in {
}; };
}; };
sops.secrets."${mailgunSmtpSecretName}" = { sops.secrets."${mailgunSmtpSecretName}" =
sopsFile = ./mailgun.sops.yaml; {
path = mailgunSmtpPasswordPath; sopsFile = ./mailgun.sops.yaml;
} // secretSettings; path = mailgunSmtpPasswordPath;
sops.secrets."${mastodonDbSecretName}" = { }
sopsFile = ./mastodon-db.sops.yaml; // secretSettings;
path = mastodonDbSecretPath; sops.secrets."${mastodonDbSecretName}" =
} // secretSettings; {
sopsFile = ./mastodon-db.sops.yaml;
path = mastodonDbSecretPath;
}
// secretSettings;
inherit users; inherit users;
@ -80,8 +89,8 @@ in {
chmod -R g+r ${publicPath} chmod -R g+r ${publicPath}
chmod -R u+rwX ${publicPath} chmod -R u+rwX ${publicPath}
''; '';
serviceConfig = { Type = "oneshot"; }; serviceConfig = {Type = "oneshot";};
before = [ "container@mastodon.service" ]; before = ["container@mastodon.service"];
}; };
containers.mastodon = { containers.mastodon = {
@ -110,13 +119,20 @@ in {
isReadOnly = true; isReadOnly = true;
}; };
}; };
config = { config, pkgs, lib, ... }: { config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "23.05"; system.stateVersion = "23.05";
services.postgresql.port = postgresPort; services.postgresql.port = postgresPort;
users = users // { users =
mutableUsers = false; users
allowNoPasswordLogin = true; // {
}; mutableUsers = false;
allowNoPasswordLogin = true;
};
systemd.services.mastodon-media-auto-remove = { systemd.services.mastodon-media-auto-remove = {
description = "Mastodon media auto remove"; description = "Mastodon media auto remove";
serviceConfig = { serviceConfig = {

View file

@ -1,65 +1,77 @@
{ config, pkgs, inputs, lib, ... }: {
let config,
pkgs,
inputs,
lib,
...
}: let
port = 8080; port = 8080;
domain = "news.cyplo.dev"; domain = "news.cyplo.dev";
postgresPort = 5435; postgresPort = 5435;
in { in {
imports = [ ../nginx.nix ]; imports = [../nginx.nix];
services.nginx = { services.nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = { "${domain}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:" + toString port; }; locations."/" = {proxyPass = "http://127.0.0.1:" + toString port;};
}; };
}; };
}; };
containers.rss = { containers.rss = {
autoStart = true; autoStart = true;
forwardPorts = [{ forwardPorts = [
containerPort = port; {
hostPort = port; containerPort = port;
}]; hostPort = port;
config = { config, pkgs, ... }: }
let ];
inherit (config.services.tt-rss) pool; config = {
inherit (config.services.tt-rss) root; config,
in { pkgs,
system.stateVersion = "23.05"; ...
services.postgresql.port = postgresPort; }: let
services.tt-rss = { inherit (config.services.tt-rss) pool;
enable = true; inherit (config.services.tt-rss) root;
selfUrlPath = "https://${domain}"; in {
virtualHost = null; system.stateVersion = "23.05";
registration.enable = false; services.postgresql.port = postgresPort;
simpleUpdateMode = true; services.tt-rss = {
database.port = postgresPort; enable = true;
}; selfUrlPath = "https://${domain}";
services.nginx = { virtualHost = null;
enable = true; registration.enable = false;
virtualHosts = { simpleUpdateMode = true;
"${domain}" = { database.port = postgresPort;
listen = [{ };
services.nginx = {
enable = true;
virtualHosts = {
"${domain}" = {
listen = [
{
inherit port; inherit port;
addr = "0.0.0.0"; addr = "0.0.0.0";
}]; }
root = "${root}/www"; ];
locations."/" = { index = "index.php"; }; root = "${root}/www";
locations."^~ /feed-icons" = { root = "${root}"; }; locations."/" = {index = "index.php";};
locations."~ \\.php$" = { locations."^~ /feed-icons" = {root = "${root}";};
extraConfig = '' locations."~ \\.php$" = {
fastcgi_split_path_info ^(.+\.php)(/.+)$; extraConfig = ''
fastcgi_pass unix:${ fastcgi_split_path_info ^(.+\.php)(/.+)$;
config.services.phpfpm.pools.${pool}.socket fastcgi_pass unix:${
}; config.services.phpfpm.pools.${pool}.socket
fastcgi_index index.php; };
''; fastcgi_index index.php;
}; '';
}; };
}; };
}; };
}; };
};
}; };
} }

View file

@ -1,18 +1,30 @@
{ config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: { {
config,
pkgs,
inputs,
lib,
system,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "yoga"; networking.hostName = "yoga";
imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ../../gui imports = [
./hardware-configuration.nix
../../boot.nix
../../git
../../gui
../../vim ../../vim
]; ];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
hardware.trackpoint.enable = true; hardware.trackpoint.enable = true;
services.hardware.bolt.enable = true; services.hardware.bolt.enable = true;
services.fprintd = { enable = true; }; services.fprintd = {enable = true;};
home-manager.users.cyryl = { lib, ... }: { home.packages = with pkgs; [ ]; }; home-manager.users.cyryl = {lib, ...}: {home.packages = with pkgs; [];};
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
@ -61,8 +73,8 @@
users.users.cyryl = { users.users.cyryl = {
isNormalUser = true; isNormalUser = true;
description = "cyryl"; description = "cyryl";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = ["networkmanager" "wheel"];
packages = with pkgs; [ ]; packages = with pkgs; [];
}; };
services.fwupd.enable = true; services.fwupd.enable = true;
@ -73,5 +85,4 @@
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229 # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
systemd.services."getty@tty1".enable = false; systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false; systemd.services."autovt@tty1".enable = false;
} }

View file

@ -1,33 +1,37 @@
{ config, lib, pkgs, modulesPath, ... }: { {
imports = [ ]; config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
[ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [];
boot.initrd.kernelModules = [ ]; boot.kernelModules = ["kvm-intel"];
boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [];
boot.extraModulePackages = [ ];
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Setup keyfile # Setup keyfile
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/a43a1c42-9166-47dc-9e78-20e0975c75c5"; device = "/dev/disk/by-uuid/a43a1c42-9166-47dc-9e78-20e0975c75c5";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" ]; options = ["subvol=@"];
}; };
boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device = boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device = "/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943";
"/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943";
fileSystems."/boot/efi" = { fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/F179-A4EA"; device = "/dev/disk/by-uuid/F179-A4EA";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

View file

@ -1,33 +1,41 @@
{ config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: { {
boot.kernelModules = [ "fuse" ]; config,
pkgs,
nixpkgs-nixos-unstable-and-unfree,
lib,
...
}: {
boot.kernelModules = ["fuse"];
services.smartd.enable = true; services.smartd.enable = true;
sound.enable = true; sound.enable = true;
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
dispatcherScripts = [{ dispatcherScripts = [
source = pkgs.writeText "upHook" '' {
enable_disable_wifi () source = pkgs.writeText "upHook" ''
{ enable_disable_wifi ()
result=$(nmcli dev | grep "ethernet" | grep -w "connected") {
if [ -n "$result" ]; then result=$(nmcli dev | grep "ethernet" | grep -w "connected")
nmcli radio wifi off if [ -n "$result" ]; then
else nmcli radio wifi off
nmcli radio wifi on else
nmcli radio wifi on
fi
}
if [ "$2" = "up" ]; then
enable_disable_wifi
fi fi
}
if [ "$2" = "up" ]; then if [ "$2" = "down" ]; then
enable_disable_wifi enable_disable_wifi
fi fi
'';
if [ "$2" = "down" ]; then type = "basic";
enable_disable_wifi }
fi ];
'';
type = "basic";
}];
}; };
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
@ -36,7 +44,7 @@
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
package = pkgs.bluezFull; package = pkgs.bluezFull;
settings = { General = { Enable = "Source,Sink,Media,Socket"; }; }; settings = {General = {Enable = "Source,Sink,Media,Socket";};};
}; };
services.blueman.enable = true; services.blueman.enable = true;
@ -55,7 +63,7 @@
# no need to redefine it in your config for now) # no need to redefine it in your config for now)
#media-session.enable = true; #media-session.enable = true;
}; };
environment.systemPackages = with pkgs; [ ghostscript poppler ]; environment.systemPackages = with pkgs; [ghostscript poppler];
services.printing = { services.printing = {
enable = true; enable = true;
drivers = with pkgs; [ drivers = with pkgs; [
@ -73,8 +81,7 @@
description = "Epson XP-540 via bolty"; description = "Epson XP-540 via bolty";
name = "epson_xp540_via_bolty"; name = "epson_xp540_via_bolty";
deviceUri = "ipp://bolty:631/printers/epson_xp540"; deviceUri = "ipp://bolty:631/printers/epson_xp540";
model = model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
"epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
ppdOptions = { ppdOptions = {
PageSize = "A4"; PageSize = "A4";
Duplex = "DuplexNoTumble"; Duplex = "DuplexNoTumble";
@ -83,8 +90,7 @@
{ {
description = "Samsung SCX-4623 Series"; description = "Samsung SCX-4623 Series";
name = "samsung-SCX-4623"; name = "samsung-SCX-4623";
deviceUri = deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
"usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
model = "samsung/SCX-4623FW.ppd"; model = "samsung/SCX-4623FW.ppd";
ppdOptions = { ppdOptions = {
PageSize = "A4"; PageSize = "A4";
@ -93,7 +99,7 @@
} }
]; ];
services.udev.packages = [ ]; services.udev.packages = [];
hardware.sane = { hardware.sane = {
enable = true; enable = true;
snapshot = true; snapshot = true;

View file

@ -1,9 +1,12 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
console.keyMap = "pl2"; console.keyMap = "pl2";
imports = [ ./tailscale ]; imports = [./tailscale];
services = { services = {
udev.packages = [ pkgs.android-udev-rules ]; udev.packages = [pkgs.android-udev-rules];
ratbagd.enable = true; ratbagd.enable = true;
fwupd = { fwupd = {

View file

@ -1,5 +1,11 @@
{ config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }: {
let config,
pkgs,
lib,
inputs,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
stateVersion = "23.05"; stateVersion = "23.05";
username = "cyryl"; username = "cyryl";
in { in {
@ -54,10 +60,9 @@ in {
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
networking.nameservers = networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"];
[ "9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9" ];
networking.hosts = { "10.11.99.1" = [ "remarkable" ]; }; networking.hosts = {"10.11.99.1" = ["remarkable"];};
programs.light.enable = true; programs.light.enable = true;
programs.adb.enable = true; programs.adb.enable = true;
@ -74,13 +79,13 @@ in {
enable = true; enable = true;
autoPrune.enable = true; autoPrune.enable = true;
daemon.settings = { daemon.settings = {
"insecure-registries" = [ "vpsfree1.raptor-carp.ts.net:5000" ]; "insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"];
}; };
}; };
fonts.fontconfig = { fonts.fontconfig = {
enable = true; enable = true;
defaultFonts.monospace = [ "BerkeleyMono Nerd Font" ]; defaultFonts.monospace = ["BerkeleyMono Nerd Font"];
}; };
fonts.fonts = with pkgs; [ fonts.fonts = with pkgs; [
@ -106,7 +111,7 @@ in {
''; '';
}; };
system = { inherit stateVersion; }; system = {inherit stateVersion;};
system.activationScripts.diff = '' system.activationScripts.diff = ''
${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig" ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
''; '';

View file

@ -1,21 +1,25 @@
{ config, pkgs, ... }: { {
nix.buildMachines = [{ config,
hostName = "bolty"; pkgs,
sshUser = "nix-builder"; ...
sshKey = "/home/cyryl/.ssh/id_ed25519"; }: {
systems = [ "i686-linux" "x86_64-linux" "aarch64-linux" ]; nix.buildMachines = [
maxJobs = 2; {
speedFactor = 1; hostName = "bolty";
supportedFeatures = [ "kvm" "big-parallel" ]; sshUser = "nix-builder";
mandatoryFeatures = [ ]; sshKey = "/home/cyryl/.ssh/id_ed25519";
}]; systems = ["i686-linux" "x86_64-linux" "aarch64-linux"];
maxJobs = 2;
speedFactor = 1;
supportedFeatures = ["kvm" "big-parallel"];
mandatoryFeatures = [];
}
];
nix.extraOptions = '' nix.extraOptions = ''
builders-use-substitutes = true builders-use-substitutes = true
''; '';
nix.distributedBuilds = true; nix.distributedBuilds = true;
nix.settings.substituters = nix.settings.substituters = ["https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net"];
[ "https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net" ]; nix.settings.trusted-public-keys = ["cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8="];
nix.settings.trusted-public-keys =
[ "cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8=" ];
} }

View file

@ -23,7 +23,7 @@
(setq make-backup-files nil) (setq make-backup-files nil)
(setq auto-save-default nil) (setq auto-save-default nil)
(require 'helm) (require 'helm)
(require 'helm-config) (require 'helm-config)

View file

@ -1,9 +1,14 @@
{ config, pkgs, ... }: { {
services = { }; config,
pkgs,
...
}: {
services = {};
xsession = { enable = false; }; xsession = {enable = false;};
home.packages = (with pkgs; [ gnome-usage gnome3.gnome-tweaks ]) home.packages =
(with pkgs; [gnome-usage gnome3.gnome-tweaks])
++ (with pkgs.gnomeExtensions; [ ++ (with pkgs.gnomeExtensions; [
caffeine caffeine
clipboard-indicator clipboard-indicator
@ -13,7 +18,7 @@
dconf.settings = { dconf.settings = {
"org/gnome/mutter" = { "org/gnome/mutter" = {
# https://github.com/NixOS/nixpkgs/issues/114514#issuecomment-1177709271 # https://github.com/NixOS/nixpkgs/issues/114514#issuecomment-1177709271
experimental-features = [ "scale-monitor-framebuffer" ]; experimental-features = ["scale-monitor-framebuffer"];
}; };
"org/gnome/shell" = { "org/gnome/shell" = {
disable-user-extensions = false; disable-user-extensions = false;

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.xserver = { services.xserver = {
enable = true; enable = true;
displayManager.gdm.enable = true; displayManager.gdm.enable = true;

View file

@ -1,12 +1,18 @@
{ config, pkgs, discord, inputs, nixpkgs-nixos-stable-and-unfree {
, nixpkgs-nixos-unstable-and-unfree, ... }: config,
let pkgs,
discord,
inputs,
nixpkgs-nixos-stable-and-unfree,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system}; unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system}; nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
in { in {
security.chromiumSuidSandbox.enable = true; security.chromiumSuidSandbox.enable = true;
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
gtk = { gtk = {
enable = true; enable = true;
iconTheme = { iconTheme = {
@ -21,13 +27,13 @@ in {
style.package = pkgs.adwaita-qt; style.package = pkgs.adwaita-qt;
}; };
imports = [ ]; imports = [];
programs.chromium.enable = true; programs.chromium.enable = true;
programs.firefox.enable = true; programs.firefox.enable = true;
home.packages = with pkgs; home.packages = with pkgs;
with pkgs.gnome3; with pkgs.gnome3;
with pkgs.python38Packages; with pkgs.python38Packages;
[ [
anarchism anarchism
calibre calibre
@ -81,7 +87,9 @@ in {
yubikey-manager-qt yubikey-manager-qt
yubikey-personalization yubikey-personalization
yubikey-personalization-gui yubikey-personalization-gui
] ++ (with unstable; [ glaxnimate gnucash kicad thunderbird ]) ++ [ ]
++ (with unstable; [glaxnimate gnucash kicad thunderbird])
++ [
nixpkgs-nixos-stable-and-unfree.discord nixpkgs-nixos-stable-and-unfree.discord
nixpkgs-nixos-unstable-and-unfree.hopper nixpkgs-nixos-unstable-and-unfree.hopper
]; ];

View file

@ -1,159 +1,163 @@
{ config, pkgs, inputs, ... }: { {
home.packages = with pkgs; config,
[ pkgs,
(vscode-with-extensions.override { inputs,
vscodeExtensions = with vscode-extensions; ...
[ }: {
ms-python.python home.packages = with pkgs; [
inputs.nixpkgs-rust-analyzer.legacyPackages.x86_64-linux.vscode-extensions.rust-lang.rust-analyzer (vscode-with-extensions.override {
(vscode-utils.buildVscodeExtension { vscodeExtensions = with vscode-extensions;
vscodeExtUniqueId = "vadimcn.vscode-lldb"; [
vscodeExtPublisher = "vadimcn"; ms-python.python
vscodeExtName = "vscode-lldb"; inputs.nixpkgs-rust-analyzer.legacyPackages.x86_64-linux.vscode-extensions.rust-lang.rust-analyzer
version = "1.6.10"; (vscode-utils.buildVscodeExtension {
name = "vadimcn.vscode-lldb-1.6.10"; vscodeExtUniqueId = "vadimcn.vscode-lldb";
src = fetchurl { vscodeExtPublisher = "vadimcn";
name = "vadimcn.vscode-lldb.zip"; vscodeExtName = "vscode-lldb";
url = version = "1.6.10";
"https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix"; name = "vadimcn.vscode-lldb-1.6.10";
sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw="; src = fetchurl {
}; name = "vadimcn.vscode-lldb.zip";
buildInputs = with pkgs; [ llvm lldb python38 autoPatchelfHook ]; url = "https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix";
}) sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw=";
] ++ vscode-utils.extensionsFromVscodeMarketplace [ };
{ buildInputs = with pkgs; [llvm lldb python38 autoPatchelfHook];
publisher = "bierner"; })
name = "markdown-mermaid"; ]
version = "1.18.1"; ++ vscode-utils.extensionsFromVscodeMarketplace [
sha256 = "sha256-JWeSs7V/LZ345vGWOLeUgGi68Fot/eA2k+CzWL/Wp4w="; {
} publisher = "bierner";
{ name = "markdown-mermaid";
publisher = "arrterian"; version = "1.18.1";
name = "nix-env-selector"; sha256 = "sha256-JWeSs7V/LZ345vGWOLeUgGi68Fot/eA2k+CzWL/Wp4w=";
version = "1.0.9"; }
sha256 = "sha256-TkxqWZ8X+PAonzeXQ+sI9WI+XlqUHll7YyM7N9uErk0="; {
} publisher = "arrterian";
{ name = "nix-env-selector";
publisher = "vscodevim"; version = "1.0.9";
name = "vim"; sha256 = "sha256-TkxqWZ8X+PAonzeXQ+sI9WI+XlqUHll7YyM7N9uErk0=";
version = "1.21.7"; }
sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg="; {
} publisher = "vscodevim";
{ name = "vim";
publisher = "bbenoist"; version = "1.21.7";
name = "nix"; sha256 = "sha256-nCcDafZ2CUhTjVha+6Mjxoil61xMGboO5lajc7dGEJg=";
version = "1.0.1"; }
sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0="; {
} publisher = "bbenoist";
{ name = "nix";
publisher = "hashicorp"; version = "1.0.1";
name = "terraform"; sha256 = "sha256-qwxqOGublQeVP2qrLF94ndX/Be9oZOn+ZMCFX1yyoH0=";
version = "2.19.0"; }
sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY="; {
} publisher = "hashicorp";
{ name = "terraform";
publisher = "be5invis"; version = "2.19.0";
name = "toml"; sha256 = "sha256-k/fcEJuELz0xkwivSrP6Nxtz861BLq1wR2ZDMXVrvkY=";
version = "0.6.0"; }
sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E="; {
} publisher = "be5invis";
{ name = "toml";
publisher = "ms-vscode"; version = "0.6.0";
name = "cpptools-extension-pack"; sha256 = "sha256-yk7buEyQIw6aiUizAm+sgalWxUibIuP9crhyBaOjC2E=";
version = "1.1.0"; }
sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc="; {
} publisher = "ms-vscode";
{ name = "cpptools-extension-pack";
publisher = "tiehuis"; version = "1.1.0";
name = "zig"; sha256 = "sha256-XKHBwoRXNHIpy7gDR9/xEFdEdB4S0B9L9Jbk53f/Vbc=";
version = "0.2.5"; }
sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4="; {
} publisher = "tiehuis";
{ name = "zig";
publisher = "sjhuangx"; version = "0.2.5";
name = "vscode-scheme"; sha256 = "sha256-P8Sep0OtdchTfnudxFNvIK+SW++TyibGVI9zd+B5tu4=";
version = "0.4.0"; }
sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4"; {
} publisher = "sjhuangx";
{ name = "vscode-scheme";
publisher = "shaunlebron"; version = "0.4.0";
name = "vscode-parinfer"; sha256 = "07vjfymvfv98s5r5a4b5iqhgfz1wpgq2l8h3wlq1bnhhhvmq5pq4";
version = "0.6.2"; }
sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd"; {
} publisher = "shaunlebron";
{ name = "vscode-parinfer";
publisher = "swyphcosmo"; version = "0.6.2";
name = "spellchecker"; sha256 = "0h4v4rnximy6rbh83y4s2qj1cqbj66g9wld39mzd0zwgi6ig9syd";
version = "1.2.13"; }
sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w"; {
} publisher = "swyphcosmo";
{ name = "spellchecker";
publisher = "asabil"; version = "1.2.13";
name = "meson"; sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w";
version = "1.1.1"; }
sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl"; {
} publisher = "asabil";
{ name = "meson";
publisher = "codezombiech"; version = "1.1.1";
name = "gitignore"; sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl";
version = "0.6.0"; }
sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b"; {
} publisher = "codezombiech";
{ name = "gitignore";
publisher = "DavidAnson"; version = "0.6.0";
name = "vscode-markdownlint"; sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b";
version = "0.26.0"; }
sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj"; {
} publisher = "DavidAnson";
{ name = "vscode-markdownlint";
publisher = "esbenp"; version = "0.26.0";
name = "prettier-vscode"; sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj";
version = "1.8.1"; }
sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln"; {
} publisher = "esbenp";
{ name = "prettier-vscode";
publisher = "hbenl"; version = "1.8.1";
name = "vscode-test-explorer"; sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln";
version = "2.9.3"; }
sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0"; {
} publisher = "hbenl";
{ name = "vscode-test-explorer";
publisher = "lextudio"; version = "2.9.3";
name = "restructuredtext"; sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0";
version = "106.0.0"; }
sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa"; {
} publisher = "lextudio";
{ name = "restructuredtext";
publisher = "lostintangent"; version = "106.0.0";
name = "vsls-pomodoro"; sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa";
version = "0.1.0"; }
sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p"; {
} publisher = "lostintangent";
{ name = "vsls-pomodoro";
publisher = "lostintangent"; version = "0.1.0";
name = "vsls-whiteboard"; sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p";
version = "0.0.8"; }
sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p"; {
} publisher = "lostintangent";
{ name = "vsls-whiteboard";
publisher = "mechatroner"; version = "0.0.8";
name = "rainbow-csv"; sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p";
version = "1.0.0"; }
sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6"; {
} publisher = "mechatroner";
{ name = "rainbow-csv";
publisher = "ronnidc"; version = "1.0.0";
name = "nunjucks"; sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6";
version = "0.2.3"; }
sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf"; {
} publisher = "ronnidc";
{ name = "nunjucks";
publisher = "serayuzgur"; version = "0.2.3";
name = "crates"; sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf";
version = "0.4.2"; }
sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj"; {
} publisher = "serayuzgur";
]; name = "crates";
}) version = "0.4.2";
]; sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj";
}
];
})
];
} }

View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, system, ... }: { {
config,
pkgs,
inputs,
system,
...
}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
(pass.withExtensions (ext: [ (pass.withExtensions (ext: [
ext.pass-otp ext.pass-otp

View file

@ -1,5 +1,11 @@
{ config, pkgs, inputs, lib, ... }: {
let username = "cyryl"; config,
pkgs,
inputs,
lib,
...
}: let
username = "cyryl";
in { in {
home.sessionVariables = { home.sessionVariables = {
LC_ALL = "en_GB.UTF-8"; LC_ALL = "en_GB.UTF-8";
@ -9,7 +15,7 @@ in {
news.display = "show"; news.display = "show";
home.packages = with pkgs; [ ]; home.packages = with pkgs; [];
home.username = username; home.username = username;
home.homeDirectory = lib.mkDefault "/home/${username}"; home.homeDirectory = lib.mkDefault "/home/${username}";

View file

@ -1,4 +1,9 @@
{ config, pkgs, inputs, ... }: { {
config,
pkgs,
inputs,
...
}: {
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
pinentryFlavor = "curses"; pinentryFlavor = "curses";

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs = { programs = {
home-manager.enable = true; home-manager.enable = true;
@ -11,7 +15,7 @@
gpg = { gpg = {
enable = true; enable = true;
settings = { }; settings = {};
}; };
taskwarrior.enable = true; taskwarrior.enable = true;

View file

@ -1,16 +1,22 @@
{ config, pkgs, ... }: { {
home.sessionVariables = { TERMINAL = "alacritty"; }; config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "alacritty";};
programs.alacritty = { programs.alacritty = {
enable = true; enable = true;
settings = { settings = {
window.decorations = "none"; window.decorations = "none";
mouse_bindings = [{ mouse_bindings = [
mouse = "Middle"; {
mode = "~Vi"; mouse = "Middle";
action = "None"; mode = "~Vi";
}]; action = "None";
}
];
scrolling = { scrolling = {
history = 32000; history = 32000;
multiplier = 3; multiplier = 3;

View file

@ -9,10 +9,18 @@
alejandra = lib.getExe inputs.alejandra.packages.${system}.default; alejandra = lib.getExe inputs.alejandra.packages.${system}.default;
nil = lib.getExe inputs.nil.packages.${system}.default; nil = lib.getExe inputs.nil.packages.${system}.default;
in { in {
home.sessionVariables = {
home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; EDITOR = "vim";
programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; VISUAL = "vim";
systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; };
programs.zsh.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
systemd.user.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
programs.helix = { programs.helix = {
enable = true; enable = true;

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
home.sessionVariables = { TERMINAL = "kitty"; }; config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "kitty";};
programs.kitty = { programs.kitty = {
enable = true; enable = true;

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''
Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net
HostName vpsfree1 HostName vpsfree1

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
home.sessionVariables = { TERMINAL = "termite"; }; config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "termite";};
programs.termite = { programs.termite = {
enable = true; enable = true;
allowBold = true; allowBold = true;

View file

@ -1,28 +1,36 @@
{ config, pkgs, ... }: { {
imports = [ ./autorandr.nix ./openweathermap-secrets.nix ]; config,
environment.systemPackages = with pkgs; [ dconf ]; pkgs,
...
}: {
imports = [./autorandr.nix ./openweathermap-secrets.nix];
environment.systemPackages = with pkgs; [dconf];
programs.dconf.enable = true; programs.dconf.enable = true;
security.sudo.extraRules = [ security.sudo.extraRules = [
{ {
users = [ "cyryl" ]; users = ["cyryl"];
commands = [{ commands = [
command = "${pkgs.i3}/bin/i3-msg"; {
options = [ "NOPASSWD" ]; command = "${pkgs.i3}/bin/i3-msg";
}]; options = ["NOPASSWD"];
}
];
} }
{ {
users = [ "cyryl" ]; users = ["cyryl"];
commands = [{ commands = [
command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top"; {
options = [ "NOPASSWD" ]; command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top";
}]; options = ["NOPASSWD"];
}
];
} }
]; ];
xdg.portal = { xdg.portal = {
enable = true; enable = true;
extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-kde ]; extraPortals = with pkgs; [xdg-desktop-portal-gtk xdg-desktop-portal-kde];
}; };
services = { services = {
@ -32,7 +40,7 @@
allowAnyUser = true; allowAnyUser = true;
}; };
dbus = { packages = with pkgs; [ gnome2.GConf dconf ]; }; dbus = {packages = with pkgs; [gnome2.GConf dconf];};
fractalart.enable = true; fractalart.enable = true;
colord.enable = true; colord.enable = true;
@ -42,8 +50,8 @@
enableHidpi = true; enableHidpi = true;
}; };
}; };
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
imports = [ ./home.nix ]; imports = [./home.nix];
home.packages = with pkgs; [ ]; home.packages = with pkgs; [];
}; };
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
services.dunst = { services.dunst = {
enable = true; enable = true;
settings = { settings = {

View file

@ -1,12 +1,16 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.i3status = { programs.i3status = {
enable = true; enable = true;
enableDefault = false; enableDefault = false;
modules = { modules = {
"load" = { position = 1; }; "load" = {position = 1;};
"disk /" = { "disk /" = {
position = 2; position = 2;
settings = { format = " %avail"; }; settings = {format = " %avail";};
}; };
"memory" = { "memory" = {
settings = { settings = {
@ -27,7 +31,7 @@
position = 3; position = 3;
}; };
"time" = { "time" = {
settings = { format = "%a %d/%m %H:%M"; }; settings = {format = "%a %d/%m %H:%M";};
position = 9; position = 9;
}; };
}; };

View file

@ -1,7 +1,11 @@
{ config, pkgs, ... }: {
let mod = "Mod4"; config,
pkgs,
...
}: let
mod = "Mod4";
in { in {
home.packages = with pkgs; [ font-awesome intel-gpu-tools ]; home.packages = with pkgs; [font-awesome intel-gpu-tools];
xsession.windowManager.i3 = { xsession.windowManager.i3 = {
enable = true; enable = true;
@ -23,8 +27,7 @@ in {
notification = false; notification = false;
} }
{ {
command = command = "exec xdg-mime default org.gnome.Evince.desktop application/pdf";
"exec xdg-mime default org.gnome.Evince.desktop application/pdf";
always = false; always = false;
notification = false; notification = false;
} }
@ -42,18 +45,20 @@ in {
}; };
workspaceLayout = "tabbed"; workspaceLayout = "tabbed";
bars = [{ bars = [
statusCommand = "${pkgs.i3status}/bin/i3status"; {
position = "top"; statusCommand = "${pkgs.i3status}/bin/i3status";
colors.background = "#001e26"; position = "top";
colors.statusline = "#708183"; colors.background = "#001e26";
fonts = { colors.statusline = "#708183";
names = [ "BerkeleyMono Nerd Font" ]; fonts = {
size = 10.0; names = ["BerkeleyMono Nerd Font"];
}; size = 10.0;
};
trayOutput = "primary"; trayOutput = "primary";
}]; }
];
modifier = mod; modifier = mod;
keybindings = { keybindings = {
@ -64,25 +69,17 @@ in {
"${mod}+Shift+l" = "exec physlock -d"; "${mod}+Shift+l" = "exec physlock -d";
"${mod}+Return" = "exec i3-sensible-terminal"; "${mod}+Return" = "exec i3-sensible-terminal";
"XF86AudioRaiseVolume" = "XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioLowerVolume" = "XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; "XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86AudioMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessUp" = "XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
"exec light -s sysfs/backlight/intel_backlight -A 5"; "XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
"XF86MonBrightnessDown" =
"exec light -s sysfs/backlight/intel_backlight -U 5";
"Print" = "Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
"exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
"${mod}+r" = "${mod}+r" = "exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
"exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
"${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu"; "${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu";
"${mod}+q" = "kill"; "${mod}+q" = "kill";
"${mod}+f" = "fullscreen toggle"; "${mod}+f" = "fullscreen toggle";

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.rofi = { programs.rofi = {
enable = true; enable = true;
font = "BerkeleyMono Nerd Font 16"; font = "BerkeleyMono Nerd Font 16";

View file

@ -1,20 +1,21 @@
{ config, pkgs, inputs, ... }:
{ {
home-manager.users.cyryl = { ... }: { config,
imports = [ ]; pkgs,
home.packages = inputs,
with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux"; ...
with gnuradio3_8Packages; }: {
[ gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum ] ++ home-manager.users.cyryl = {...}: {
imports = [];
(with pkgs; [ ]); home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
with gnuradio3_8Packages;
[gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum]
++ (with pkgs; []);
}; };
users.extraUsers.cyryl.extraGroups = [ "plugdev" ]; users.extraUsers.cyryl.extraGroups = ["plugdev"];
users.groups = { "plugdev" = { }; }; users.groups = {"plugdev" = {};};
services.udev = { services.udev = {
packages = [ pkgs.rtl-sdr ]; packages = [pkgs.rtl-sdr];
extraRules = '' extraRules = ''
# RTL2832U OEM vid/pid, e.g. ezcap EzTV668 (E4000), Newsky TV28T (E4000/R820T) etc. # RTL2832U OEM vid/pid, e.g. ezcap EzTV668 (E4000), Newsky TV28T (E4000/R820T) etc.
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev" SUBSYSTEMS=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", ENV{ID_SOFTWARE_RADIO}="1", MODE="0660", GROUP="plugdev"
@ -22,5 +23,5 @@
}; };
# dont load DVB-T modules automatically # dont load DVB-T modules automatically
boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" ]; boot.blacklistedKernelModules = ["dvb_usb_rtl28xxu"];
} }

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: { {
imports = [ ./server-security.nix ./tailscale ]; config,
pkgs,
...
}: {
imports = [./server-security.nix ./tailscale];
networking.nameservers = [ networking.nameservers = [
"100.100.100.100" "100.100.100.100"
"9.9.9.9" "9.9.9.9"

View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }: {
let config,
pkgs,
...
}: let
authorizedKeys = [ authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDN/2C59i+ucvSa9FLCHlVPJp0zebLOcw0+hnBYwy0cY cyryl@skinnyv" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDN/2C59i+ucvSa9FLCHlVPJp0zebLOcw0+hnBYwy0cY cyryl@skinnyv"
@ -7,7 +10,7 @@ let
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDa2qAxpUEFeBYl2wlzDa/x37TAAy5pOBHv50OXUrV5 cyryl@thinky" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDa2qAxpUEFeBYl2wlzDa/x37TAAy5pOBHv50OXUrV5 cyryl@thinky"
]; ];
in { in {
imports = [ ./security.nix ]; imports = [./security.nix];
security.acme.defaults.email = "admin@cyplo.dev"; security.acme.defaults.email = "admin@cyplo.dev";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
@ -27,7 +30,7 @@ in {
openssh.authorizedKeys.keys = authorizedKeys; openssh.authorizedKeys.keys = authorizedKeys;
}; };
nix.settings.trusted-users = [ "root" "nix-builder" ]; nix.settings.trusted-users = ["root" "nix-builder"];
nix.sshServe.enable = true; nix.sshServe.enable = true;
nix.sshServe.keys = authorizedKeys; nix.sshServe.keys = authorizedKeys;
} }

View file

@ -1,7 +1,11 @@
{ config, pkgs, ... }: {
let mod = "Mod4"; config,
pkgs,
...
}: let
mod = "Mod4";
in { in {
services.dbus.packages = with pkgs; [ ]; services.dbus.packages = with pkgs; [];
programs.dconf.enable = true; programs.dconf.enable = true;
systemd.defaultUnit = "graphical.target"; systemd.defaultUnit = "graphical.target";
security.polkit.enable = true; security.polkit.enable = true;
@ -13,10 +17,10 @@ in {
fi fi
''; '';
home-manager.users.cyryl = { ... }: { home-manager.users.cyryl = {...}: {
programs.mako.enable = true; programs.mako.enable = true;
imports = [ ./keybindings.nix ../home-manager/programs/alacritty.nix ]; imports = [./keybindings.nix ../home-manager/programs/alacritty.nix];
home.pointerCursor = { home.pointerCursor = {
name = "Adwaita"; name = "Adwaita";
@ -73,16 +77,17 @@ in {
titlebar = false; titlebar = false;
border = 0; border = 0;
}; };
bars = [{ bars = [
position = "top"; {
command = "${pkgs.waybar}/bin/waybar"; position = "top";
}]; command = "${pkgs.waybar}/bin/waybar";
}
];
startup = [ startup = [
{ {
command = command = "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store";
"${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store";
} }
{ command = "${pkgs.clipman}/bin/clipman restore"; } {command = "${pkgs.clipman}/bin/clipman restore";}
{ {
command = '' command = ''
swayidle -w timeout 300 'swaylock -f -c 000000' timeout 600 'swaymsg "output * dpms off" && systemctl suspend' resume 'swaymsg "output * dpms on"' before-sleep 'swaylock -f -c 657b83' swayidle -w timeout 300 'swaylock -f -c 000000' timeout 600 'swaymsg "output * dpms off" && systemctl suspend' resume 'swaymsg "output * dpms on"' before-sleep 'swaylock -f -c 657b83'
@ -94,7 +99,7 @@ in {
xkb_layout = "pl"; xkb_layout = "pl";
xkb_options = "caps:ctrl_modifier"; xkb_options = "caps:ctrl_modifier";
}; };
input."2:7:SynPS/2_Synaptics_TouchPad" = { tap = "enabled"; }; input."2:7:SynPS/2_Synaptics_TouchPad" = {tap = "enabled";};
}; };
}; };
}; };

View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }: {
let mod = "Mod4"; config,
pkgs,
...
}: let
mod = "Mod4";
in { in {
wayland.windowManager.sway.config.keybindings = { wayland.windowManager.sway.config.keybindings = {
"${mod}+Shift+e" = "exit"; "${mod}+Shift+e" = "exit";
@ -7,19 +11,13 @@ in {
"${mod}+Shift+l" = "exec swaylock -c 657b83"; "${mod}+Shift+l" = "exec swaylock -c 657b83";
"${mod}+Return" = "exec ${pkgs.alacritty}/bin/alacritty"; "${mod}+Return" = "exec ${pkgs.alacritty}/bin/alacritty";
"XF86AudioRaiseVolume" = "XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%"; "XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioLowerVolume" = "XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%"; "XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86AudioMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessUp" = "XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
"exec light -s sysfs/backlight/intel_backlight -A 5"; "XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
"XF86MonBrightnessDown" =
"exec light -s sysfs/backlight/intel_backlight -U 5";
"Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i"; "Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";

View file

@ -1,7 +1,11 @@
{ config, pkgs, inputs, ... }: {
let config,
workstations = [ "skinnyv" "foryog" "thinky" ]; pkgs,
workstations_plus_phone = [ "OnePlus9" ] ++ workstations; inputs,
...
}: let
workstations = ["skinnyv" "foryog" "thinky"];
workstations_plus_phone = ["OnePlus9"] ++ workstations;
in { in {
services.syncthing = { services.syncthing = {
enable = true; enable = true;
@ -41,12 +45,12 @@ in {
"/home/cyryl/vaults" = { "/home/cyryl/vaults" = {
id = "vaults"; id = "vaults";
label = "vaults"; label = "vaults";
devices = workstations_plus_phone ++ [ "hagath" ]; devices = workstations_plus_phone ++ ["hagath"];
}; };
"/home/cyryl/Documents" = { "/home/cyryl/Documents" = {
id = "documents"; id = "documents";
label = "documents"; label = "documents";
devices = workstations_plus_phone ++ [ "hagath" ]; devices = workstations_plus_phone ++ ["hagath"];
}; };
"/home/cyryl/camera" = { "/home/cyryl/camera" = {
id = "camera"; id = "camera";
@ -71,7 +75,7 @@ in {
"/home/cyryl/Photos" = { "/home/cyryl/Photos" = {
id = "photos"; id = "photos";
label = "photos"; label = "photos";
devices = workstations ++ [ "hagath" ]; devices = workstations ++ ["hagath"];
}; };
"/home/cyryl/gopro" = { "/home/cyryl/gopro" = {
id = "gopro"; id = "gopro";
@ -81,12 +85,12 @@ in {
"/home/cyryl/Videos" = { "/home/cyryl/Videos" = {
id = "videos"; id = "videos";
label = "videos"; label = "videos";
devices = workstations ++ [ "hagath" ]; devices = workstations ++ ["hagath"];
}; };
"/home/cyryl/rodzice_sync" = { "/home/cyryl/rodzice_sync" = {
id = "rodzice"; id = "rodzice";
label = "rodzice"; label = "rodzice";
devices = workstations ++ [ "hagath" "mama" "janusz" "danuta" ]; devices = workstations ++ ["hagath" "mama" "janusz" "danuta"];
}; };
}; };
extraOptions = { extraOptions = {

View file

@ -1,28 +1,34 @@
{ config, pkgs, inputs, ... }: {
let config,
inherit (inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux") pkgs,
tailscale; inputs,
...
}: let
inherit
(inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux")
tailscale
;
in { in {
environment.systemPackages = [ tailscale ]; environment.systemPackages = [tailscale];
services.tailscale = { services.tailscale = {
enable = true; enable = true;
package = tailscale; package = tailscale;
}; };
networking.firewall = { networking.firewall = {
trustedInterfaces = [ "tailscale0" ]; trustedInterfaces = ["tailscale0"];
allowedUDPPorts = [ config.services.tailscale.port ]; allowedUDPPorts = [config.services.tailscale.port];
}; };
sops.secrets."tailscale-key-${config.networking.hostName}" = { sops.secrets."tailscale-key-${config.networking.hostName}" = {
sopsFile = ./keys.sops.yaml; sopsFile = ./keys.sops.yaml;
restartUnits = [ "tailscale-auth.service" ]; restartUnits = ["tailscale-auth.service"];
}; };
systemd.services.tailscale-auth = { systemd.services.tailscale-auth = {
description = "Auth with tailscale"; description = "Auth with tailscale";
after = [ "network-pre.target" "tailscale.service" ]; after = ["network-pre.target" "tailscale.service"];
wants = [ "network-pre.target" "tailscale.service" ]; wants = ["network-pre.target" "tailscale.service"];
wantedBy = [ "multi-user.target" ]; wantedBy = ["multi-user.target"];
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";

View file

@ -1,5 +1,10 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
programs.zsh.enable = true; programs.zsh.enable = true;
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; home-manager.users.cyryl = {...}: {imports = [./home.nix];};
} }

View file

@ -1,15 +1,30 @@
{ config, pkgs, lib, inputs, system, ... }: {
let config,
pkgs,
lib,
inputs,
system,
...
}: let
unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}"; unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}";
nil = inputs.nil.packages."${system}".default; nil = inputs.nil.packages."${system}".default;
cocPackage = unstablePackages.vimPlugins.coc-nvim; cocPackage = unstablePackages.vimPlugins.coc-nvim;
nvimPackage = unstablePackages.neovim-unwrapped; nvimPackage = unstablePackages.neovim-unwrapped;
in { in {
home.file.".vimrc".source = ../../.vimrc; home.file.".vimrc".source = ../../.vimrc;
home.packages = with pkgs; [ ripgrep ]; home.packages = with pkgs; [ripgrep];
home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; home.sessionVariables = {
programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; EDITOR = "vim";
systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; }; VISUAL = "vim";
};
programs.zsh.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
systemd.user.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
programs.neovim = { programs.neovim = {
enable = true; enable = true;
@ -26,8 +41,8 @@ in {
languageserver = { languageserver = {
nix = { nix = {
command = "${nil}/bin/nil"; command = "${nil}/bin/nil";
rootPatterns = [ "flake.nix" ]; rootPatterns = ["flake.nix"];
filetypes = [ "nix" ]; filetypes = ["nix"];
}; };
}; };
}; };
@ -40,58 +55,58 @@ in {
withRuby = true; withRuby = true;
plugins = with pkgs; plugins = with pkgs;
with pkgs.vimPlugins; [ with pkgs.vimPlugins; [
(vimUtils.buildVimPluginFrom2Nix rec { (vimUtils.buildVimPluginFrom2Nix rec {
pname = "vim-tada"; pname = "vim-tada";
version = "2022-04-22"; version = "2022-04-22";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "dewyze"; owner = "dewyze";
repo = pname; repo = pname;
rev = "acfda7229fc487ee6da44650164cb770d1cc608c"; rev = "acfda7229fc487ee6da44650164cb770d1cc608c";
sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY="; sha256 = "sha256-9kvLbzrVjtBTjbXmhJ7JTggXgFvGVF7sc2YiVW9fUGY=";
}; };
}) })
(vimUtils.buildVimPluginFrom2Nix rec { (vimUtils.buildVimPluginFrom2Nix rec {
pname = "srht.vim"; pname = "srht.vim";
version = "2022-01-04"; version = "2022-01-04";
src = fetchFromSourcehut { src = fetchFromSourcehut {
owner = "~willdurand"; owner = "~willdurand";
repo = pname; repo = pname;
rev = "825e685f75464cbd41a5f8eded974e46f416355e"; rev = "825e685f75464cbd41a5f8eded974e46f416355e";
sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco="; sha256 = "sha256-9/Yeqmq/1ZIIsEgsrLLZ7o0cjOt/wlUgeLEzJoK7eco=";
}; };
}) })
ack-vim ack-vim
coc-go coc-go
coc-highlight coc-highlight
coc-rust-analyzer coc-rust-analyzer
coc-yaml coc-yaml
committia-vim committia-vim
ctrlp-vim ctrlp-vim
editorconfig-vim editorconfig-vim
fzf-vim fzf-vim
lsp-colors-nvim lsp-colors-nvim
nvim-tree-lua nvim-tree-lua
nvim-web-devicons nvim-web-devicons
quickfix-reflector-vim quickfix-reflector-vim
rainbow rainbow
tabular tabular
vim-airline vim-airline
vim-airline-themes vim-airline-themes
vim-autoformat vim-autoformat
vim-colors-solarized vim-colors-solarized
vim-devicons vim-devicons
vim-dirdiff vim-dirdiff
vim-dispatch vim-dispatch
vim-fugitive vim-fugitive
vim-gitgutter vim-gitgutter
vim-markdown vim-markdown
vim-nix vim-nix
vim-sensible vim-sensible
vim-startify vim-startify
vim-surround vim-surround
vim-toml vim-toml
]; ];
extraConfig = '' extraConfig = ''
if filereadable($HOME . "/.vimrc") if filereadable($HOME . "/.vimrc")
source $HOME/.vimrc source $HOME/.vimrc

View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}: {
programs.zsh.enable = true; programs.zsh.enable = true;
home-manager.users.cyryl = { ... }: { imports = [ ./home.nix ]; }; home-manager.users.cyryl = {...}: {imports = [./home.nix];};
} }

View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: { {
config,
pkgs,
...
}: {
programs.atuin.enableZshIntegration = true; programs.atuin.enableZshIntegration = true;
programs.zsh = { programs.zsh = {
enable = true; enable = true;
@ -15,7 +19,7 @@
oh-my-zsh = { oh-my-zsh = {
enable = true; enable = true;
plugins = [ "vi-mode" "git" "python" "history-substring-search" "tmux" ]; plugins = ["vi-mode" "git" "python" "history-substring-search" "tmux"];
}; };
initExtra = '' initExtra = ''
@ -65,7 +69,7 @@
programs.direnv = { programs.direnv = {
enable = true; enable = true;
enableZshIntegration = true; enableZshIntegration = true;
nix-direnv = { enable = true; }; nix-direnv = {enable = true;};
}; };
home.file.".config/starship.toml".text = '' home.file.".config/starship.toml".text = ''