sam/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: sam:master
Branches Tags
sam:master
sam:cloudnix
sam:development
sam:metrics-server
sam:nixvim
sam:bitcoin
sam:docker
sam:docker-entrypoint
sam:incus
sam:lxd
sam:nebula
sam:overseer
sam:disko
sam:change-decrypt-key
sam:media
sam:impermanence
sam:fileserver-host
sam:sops
sam:modules
..
compare: sam:docker-entrypoint
Branches Tags
sam:master
sam:cloudnix
sam:development
sam:metrics-server
sam:nixvim
sam:bitcoin
sam:docker
sam:docker-entrypoint
sam:incus
sam:lxd
sam:nebula
sam:overseer
sam:disko
sam:change-decrypt-key
sam:media
sam:impermanence
sam:fileserver-host
sam:sops
sam:modules

1 commit
master ... docker-ent

Author SHA1 Message Date
Sam
7367f73216 always init pg database script in entrypoint 2024-07-06 17:14:44 +01:00
151 changed files with 1253 additions and 6703 deletions
Show stats Expand all files Collapse all files

0
.gitignore vendored
View file

20
.tmux.conf
View file

@ -1,20 +0,0 @@
# improve colors
set -g default-terminal 'screen-256color
# remap leader key to ctrl-s
set -g prefix2 C-s
# vim keymaps for switching panes
setw -g mode-keys vi
bind-key h select-pane -L
bind-key j select-pane -D
bind-key k select-pane -U
bind-key l select-pane -R
bind-key r C-h select-window -t :-
bind-key r C-h select-window -t :+
# plugins
set -g @plugin 'tmux-plugins/tpm'
set -g @plugin 'Nybkox/tmux-kanagawa'
run '~/.tmux/plugins/tpm/tpm'

128
bin/auto-update-nixos
View file

@ -1,128 +0,0 @@
#!/usr/bin/env bash
# Wrapper script for nixos-rebuild
# Configuration parameters
operation="switch" # The nixos-rebuild operation to use
hostname=$(/run/current-system/sw/bin/hostname) # The name of the host to build
flakeDir="${FLAKE_DIR}" # Path to the flake file (and optionally the hostname). Defaults to the FLAKE_DIR environment variable.
update=false # Whether to update flake.lock (false by default)
user=$(/run/current-system/sw/bin/whoami) # Which user account to use for git commands (defaults to whoever called the script)
reboot=false
remote=false
remainingArgs="" # All remaining arguments that haven't yet been processed (will be passed to nixos-rebuild)
function usage() {
echo "nixos-rebuild Operations Script (NOS) updates your system and your flake.lock file by pulling the latest versions."
echo ""
echo "Running the script with no parameters performs the following operations:"
echo " 1. Pull the latest version of the config"
echo " 2. Update your flake.lock file"
echo " 3. Commit any changes back to the repository"
echo " 4. Run 'nixos-rebuild switch'."
echo ""
echo "Advanced usage: nixos-upgrade-script.sh [-o|--operation operation] [-f|--flake path-to-flake] [extra nixos-rebuild parameters]"
echo "Options:"
echo " -h, --help Show this help screen."
echo " -o, --operation The nixos-rebuild operation to perform."
echo " -f, --flake <path> The path to your flake.nix file (and optionally, the hostname to build)."
echo " -U, --update Update and commit flake.lock."
echo " -R, --build-host <user@host> Attempt build on remote host."
echo " -r, --reboot Reboots system is there is a kernel or init update"
echo " -u, --user Which user account to run git commands under."
echo ""
exit 2
}
POSITIONAL_ARGS=()
while [[ $# -gt 0 ]]; do
case "$1" in
--flake | -f)
flakeDir="$2"
shift
shift
;;
--operation | -o)
operation="$2"
shift
shift
;;
--user | -u)
user="$2"
shift
shift
;;
--build-host | -R)
remote=true
host="$2"
shift
shift
;;
--update | --upgrade | -U)
update=true
shift
;;
--reboot | -r)
reboot=true
shift
;;
--help | -h)
usage
exit 0
;;
*)
POSITIONAL_ARGS+=("$1") # save positional arg
shift
;;
esac
done
remainingArgs=${POSITIONAL_ARGS[@]}
set -- "${POSITIONAL_ARGS[@]}" # restore positional parameters
if [ -z "${flakeDir}" ]; then
echo "Flake directory not specified. Use '--flake <path>' or set \$FLAKE_DIR."
exit 1
fi
# wait for wifi networks to come online.
sleep 10
cd $flakeDir
current_branch=$(git branch --show-current)
[ "$current_branch" != "master" ] && echo "Not on master branch. Aborting auto-update" && exit 0
echo "Pulling the latest version of the repository..."
/run/wrappers/bin/sudo -u $user git stash
/run/wrappers/bin/sudo -u $user git pull
if [ $update = true ]; then
echo "Updating flake.lock..."
/run/wrappers/bin/sudo -u $user nix flake update --commit-lock-file && /run/wrappers/bin/sudo -u $user git push
else
echo "Skipping 'nix flake update'..."
fi
options="--flake $flakeDir $remainingArgs --use-remote-sudo"
echo "Running this operation: nixos-rebuild $operation $options"
if [ $remote = true ]; then
echo "Attempting remote build..."
/run/wrappers/bin/sudo -u root /run/current-system/sw/bin/nixos-rebuild $operation $options --build-host "$host"
else
/run/wrappers/bin/sudo -u root /run/current-system/sw/bin/nixos-rebuild $operation $options
fi
echo "Checking if reboot is necessary"
reboot_diff=$(diff <(readlink /run/booted-system/{initrd,kernel,kernel-modules}) <(readlink /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules}))
if [ -n "$reboot_diff" ] && [ $reboot == true ]; then
echo "System requires a reboot. Rebooting now..."
reboot
else
echo "No reboot necessary."
echo "Update complete."
exit 0
fi
echo "Update complete."
exit 0

530
flake.lock generated
View file

@ -40,17 +40,18 @@
},
"devshell": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735644329,
"narHash": "sha256-tO3HrHriyLvipc4xr+Ewtdlo7wM1OjXNjlWRgmM7peY=",
"lastModified": 1717408969,
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
"owner": "numtide",
"repo": "devshell",
"rev": "f7795ede5b02664b57035b3b757876703e2c3eac",
"rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
"type": "github"
},
"original": {
@ -80,46 +81,36 @@
"type": "github"
}
},
"extra-container": {
"inputs": {
"flake-utils": [
"nix-bitcoin",
"flake-utils"
],
"nixpkgs": [
"nix-bitcoin",
"nixpkgs"
]
},
"locked": {
"lastModified": 1734005403,
"narHash": "sha256-vgh3TqfkFdnPxREBedw4MQehIDc3N8YyxBOB45n+AvU=",
"owner": "erikarvstedt",
"repo": "extra-container",
"rev": "f4de6c329b306a9d3a9798a30e060c166f781baa",
"type": "github"
},
"original": {
"owner": "erikarvstedt",
"ref": "0.13",
"repo": "extra-container",
"type": "github"
}
},
"flake-compat": {
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"revCount": 69,
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"revCount": 57,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz"
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -170,32 +161,11 @@
]
},
"locked": {
"lastModified": 1738453229,
"narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
"lastModified": 1719877454,
"narHash": "sha256-g5N1yyOSsPNiOlFfkuI/wcUjmtah+nxdImJqrSATjOU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"rev": "4e3583423212f9303aa1a6337f8dffb415920e4f",
"type": "github"
},
"original": {
@ -209,47 +179,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1710146030,
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
@ -260,22 +194,23 @@
},
"git-hooks": {
"inputs": {
"flake-compat": [
"nixvim",
"flake-compat"
],
"flake-compat": "flake-compat_2",
"gitignore": "gitignore",
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1737465171,
"narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=",
"lastModified": 1719259945,
"narHash": "sha256-F1h+XIsGKT9TkGO3omxDLEb/9jOOsI6NnzsXFsZhry4=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17",
"rev": "0ff4381bbb8f7a52ca4a851660fc7a437a4c6e07",
"type": "github"
},
"original": {
@ -351,16 +286,16 @@
]
},
"locked": {
"lastModified": 1739757849,
"narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=",
"lastModified": 1718530513,
"narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe",
"rev": "a1fddf0967c33754271761d91a3d921772b30d0e",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
@ -373,27 +308,27 @@
]
},
"locked": {
"lastModified": 1739570999,
"narHash": "sha256-eCc0/Q4bPpe4/AS+uzIrHLJcR6BxPQ69q2kD0/Qe6rU=",
"lastModified": 1719827385,
"narHash": "sha256-qs+nU20Sm8czHg3bhGCqiH+8e13BJyRrKONW34g3i50=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "254d47082e23dbf72fdeca1da6fe1da420f478d8",
"rev": "391ca6e950c2525b4f853cbe29922452c14eda82",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "release-24.05",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1737831083,
"narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
"lastModified": 1719091691,
"narHash": "sha256-AxaLX5cBEcGtE02PeGsfscSb/fWMnyS7zMWBXQWDKbE=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
"rev": "23c1f06316b67cb5dabdfe2973da3785cfe9c34a",
"type": "github"
},
"original": {
@ -402,98 +337,6 @@
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729958008,
"narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.0.6",
"repo": "ixx",
"type": "github"
}
},
"lnbits": {
"inputs": {
"nixpkgs": "nixpkgs_2",
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1729199171,
"narHash": "sha256-NX/fzZfGppFkP7yoRJyg/0pKo9y4+agBnO4XCgbzp3U=",
"owner": "lnbits",
"repo": "lnbits",
"rev": "51c9d294cdb40c777b1048bbee267b49cdaf7a34",
"type": "github"
},
"original": {
"owner": "lnbits",
"ref": "v0.12.12",
"repo": "lnbits",
"type": "github"
}
},
"minimal-tmux": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1730695632,
"narHash": "sha256-JtbuSxWFR94HiUdQL9uIm2V/kwGz0gbVbqvYWmEncbc=",
"owner": "niksingh710",
"repo": "minimal-tmux-status",
"rev": "d7188c1aeb1c7dd03230982445b7360f5e230131",
"type": "github"
},
"original": {
"owner": "niksingh710",
"repo": "minimal-tmux-status",
"type": "github"
}
},
"nix-bitcoin": {
"inputs": {
"extra-container": "extra-container",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-unstable": "nixpkgs-unstable"
},
"locked": {
"lastModified": 1739709805,
"narHash": "sha256-8/OuhPELneYOtncScsPrAwmlzBNSAFotoTKd6JxU6OA=",
"owner": "fort-nix",
"repo": "nix-bitcoin",
"rev": "bff10a66e50f6a3387b3e5acbbdf2519c624e8bc",
"type": "github"
},
"original": {
"owner": "fort-nix",
"ref": "nixos-24.11",
"repo": "nix-bitcoin",
"type": "github"
}
},
"nix-colors": {
"inputs": {
"base16-schemes": "base16-schemes",
@ -521,49 +364,27 @@
]
},
"locked": {
"lastModified": 1739553546,
"narHash": "sha256-L4ou3xfOr17EAe836djRoQ7auVkYOREMtiQa82wVGqU=",
"lastModified": 1719845423,
"narHash": "sha256-ZLHDmWAsHQQKnmfyhYSHJDlt8Wfjv6SQhl2qek42O7A=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "353846417f985e74fdc060555f17939e4472ea2c",
"rev": "ec12b88104d6c117871fad55e931addac4626756",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "nix-darwin-24.11",
"repo": "nix-darwin",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"lnbits",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703863825,
"narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "5163432afc817cf8bd1f031418d1869e4c9d5547",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-secrets": {
"flake": false,
"locked": {
"lastModified": 1740164526,
"narHash": "sha256-lpKNY9qLoIT1XbLzeY+tmkV1DjQQ3mWYWjko+necYhM=",
"lastModified": 1720263046,
"narHash": "sha256-6tJLK4EtB4IXBO4i6P/Ulf03Bd7GaEezT7AebN3VPHA=",
"ref": "refs/heads/master",
"rev": "ddf31a3a72504f36577ec341fbc84aa8f3dd3318",
"revCount": 283,
"rev": "33d677fea187322e503f8a56d9c75ff7e7df057c",
"revCount": 151,
"type": "git",
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
},
@ -603,29 +424,29 @@
"type": "github"
}
},
"nixpkgs-unstable": {
"nixpkgs-stable": {
"locked": {
"lastModified": 1739451785,
"narHash": "sha256-3ebRdThRic9bHMuNi2IAA/ek9b32bsy8F5R4SvGTIog=",
"lastModified": 1719099622,
"narHash": "sha256-YzJECAxFt+U5LPYf/pCwW/e1iUd2PF21WITHY9B/BAs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1128e89fd5e11bb25aedbfc287733c6502202ea9",
"rev": "5e8e3b89adbd0be63192f6e645e0a54080004924",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"ref": "release-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable_2": {
"nixpkgs-unstable": {
"locked": {
"lastModified": 1739866667,
"narHash": "sha256-EO1ygNKZlsAC9avfcwHkKGMsmipUk1Uc0TbrEZpkn64=",
"lastModified": 1719254875,
"narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "73cf49b8ad837ade2de76f87eb53fc85ed5d4680",
"rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
"type": "github"
},
"original": {
@ -637,11 +458,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1723938990,
"narHash": "sha256-9tUadhnZQbWIiYVXH8ncfGXGvkNq3Hag4RCBEMUk7MI=",
"lastModified": 1719426051,
"narHash": "sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c42fcfbdfeae23e68fc520f9182dde9f38ad1890",
"rev": "89c49874fb15f4124bf71ca5f42a04f2ee5825fd",
"type": "github"
},
"original": {
@ -651,38 +472,6 @@
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1740162160,
"narHash": "sha256-SSYxFhqCOb3aiPb6MmN68yEzBIltfom8IgRz7phHscM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "11415c7ae8539d6292f2928317ee7a8410b28bb9",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "release-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1739866667,
"narHash": "sha256-EO1ygNKZlsAC9avfcwHkKGMsmipUk1Uc0TbrEZpkn64=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "73cf49b8ad837ade2de76f87eb53fc85ed5d4680",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"devshell": "devshell",
@ -694,36 +483,30 @@
"nixpkgs": [
"nixpkgs"
],
"nuschtosSearch": "nuschtosSearch",
"treefmt-nix": "treefmt-nix_2"
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1739623149,
"narHash": "sha256-9hyreNdQtQaFzWAx38CHiKHFQ8vAc/J2/kXeT7Nwy6s=",
"lastModified": 1719923896,
"narHash": "sha256-/hfE2x9NbT13d53o9uq6MuMipV19pJUQzpsZIhlvsiM=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "6b2c62b91a10a773e705f55e8b34a19c8b1f3728",
"rev": "d384cf656cb1b21d90eee1b007a6ade6f90768f5",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "nixos-24.11",
"ref": "nixos-24.05",
"repo": "nixvim",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": "flake-parts_4",
"nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix_3"
},
"locked": {
"lastModified": 1740190061,
"narHash": "sha256-hhOK+U42wxh5PQr3GUdNR6i/xgjv6e+dq+AefaleGu4=",
"lastModified": 1719596768,
"narHash": "sha256-quSWztqqMxvSJIKddYp1D0GdR7Kg8JjEVCIzMbtBTQ4=",
"owner": "nix-community",
"repo": "NUR",
"rev": "c730bf6c124d3bbb66ee6aac920d5ad7f0e15759",
"rev": "35e48702118124ec52a071e300f55c78a4b7b338",
"type": "github"
},
"original": {
@ -732,67 +515,16 @@
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_3",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1738508923,
"narHash": "sha256-4DaDrQDAIxlWhTjH6h/+xfG05jt3qDZrZE/7zDLQaS4=",
"owner": "NuschtOS",
"repo": "search",
"rev": "86e2038290859006e05ca7201425ea5b5de4aecb",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": "flake-utils",
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"lnbits",
"nixpkgs"
],
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1724134185,
"narHash": "sha256-nDqpGjz7cq3ThdC98BPe1ANCNlsJds/LLZ3/MdIXjA0=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "5ee730a8752264e463c0eaf06cc060fd07f6dae9",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"root": {
"inputs": {
"arion": "arion",
"disko": "disko",
"home-manager": "home-manager",
"impermanence": "impermanence",
"lnbits": "lnbits",
"minimal-tmux": "minimal-tmux",
"nix-bitcoin": "nix-bitcoin",
"nix-colors": "nix-colors",
"nix-secrets": "nix-secrets",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable_2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixvim": "nixvim",
"nur": "nur",
"sops-nix": "sops-nix"
@ -802,14 +534,15 @@
"inputs": {
"nixpkgs": [
"nixpkgs"
]
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1739262228,
"narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=",
"lastModified": 1719268571,
"narHash": "sha256-pcUk2Fg5vPXLUEnFI97qaB8hto/IToRfqskFqsjvjb8=",
"owner": "mic92",
"repo": "sops-nix",
"rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975",
"rev": "c2ea1186c0cbfa4d06d406ae50f3e4b085ddc9b3",
"type": "github"
},
"original": {
@ -833,73 +566,7 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"lnbits",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719749022,
"narHash": "sha256-ddPKHcqaKCIFSFc/cvxS14goUhCOAwsM1PbMr0ZtHMg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "8df5ff62195d4e67e2264df0b7f5e8c9995fd0bd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"nixvim",
@ -907,32 +574,11 @@
]
},
"locked": {
"lastModified": 1738953846,
"narHash": "sha256-yrK3Hjcr8F7qS/j2F+r7C7o010eVWWlm4T1PrbKBOxQ=",
"lastModified": 1719887753,
"narHash": "sha256-p0B2r98UtZzRDM5miGRafL4h7TwGRC4DII+XXHDHqek=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "4f09b473c936d41582dd744e19f34ec27592c5fd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733222881,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53",
"rev": "bdb6355009562d8f9313d9460c0d3860f525bc6c",
"type": "github"
},
"original": {

199
flake.nix
View file

@ -1,9 +1,9 @@
{
description = "Nixos Config";
description = "Nix Config";
inputs = {
# Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/release-24.11";
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# NUR
@ -11,13 +11,13 @@
# Home manager
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
url = "github:nix-community/home-manager/release-24.05";
inputs.nixpkgs.follows = "nixpkgs";
};
# Nixvim
nixvim = {
url = "github:nix-community/nixvim/nixos-24.11";
url = "github:nix-community/nixvim/nixos-24.05";
inputs.nixpkgs.follows = "nixpkgs";
};
@ -26,16 +26,6 @@
url = "github:hercules-ci/arion/236f9dd82d6ef6a2d9987c7a7df3e75f1bc8b318";
};
# nix-bitcoin
nix-bitcoin = {
url = "github:fort-nix/nix-bitcoin/nixos-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
lnbits = {
url = "github:lnbits/lnbits/v0.12.12";
};
# Nix colors
nix-colors.url = "github:misterio77/nix-colors";
@ -57,112 +47,89 @@
nix-secrets = {
url = "git+ssh://git@git.bitlab21.com/sam/nix-secrets.git";
inputs = {};
};
minimal-tmux = {
url = "github:niksingh710/minimal-tmux-status";
inputs.nixpkgs.follows = "nixpkgs";
flake = false;
};
};
outputs = {
self,
nixpkgs,
home-manager,
...
} @ inputs: let
inherit (self) outputs;
systems = [
"x86_64-linux"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
inherit (nixpkgs) lib;
configVars = import ./vars {inherit inputs lib;};
specialArgs = {
inherit
inputs
outputs
configVars
;
};
in {
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
overlays = import ./overlays {inherit inputs;};
nixosModules = import ./modules/nixos;
homeManagerModules = import ./modules/home-manager;
outputs =
{ self
, nixpkgs
, home-manager
, ...
} @ inputs:
let
inherit (self) outputs;
systems = [
"x86_64-linux"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
specialArgs = { inherit inputs outputs; };
in
{
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
overlays = import ./overlays { inherit inputs; };
nixosModules = import ./modules/nixos;
homeManagerModules = import ./modules/home-manager;
# System level configs
nixosConfigurations = {
bootstrap = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/bootstrap
];
};
sparky = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/sparky
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
semita = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/semita
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
merlin = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/merlin
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
citadel = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/citadel
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
cloudnix = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/cloudnix
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
iso = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/iso
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
# System level configs
nixosConfigurations = {
nixdev = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/nixdev
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
fileserver = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/fileserver
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
bootstrap = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/bootstrap
];
};
sparky = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/sparky
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
semita = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/semita
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
nebula = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/nebula
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
};
};
};
}

86
home/citadel.nix
View file

@ -1,86 +0,0 @@
{config, pkgs, ...}: {
imports = [
# Import users
./users/sam
./common/core
# Import optional
./common/optional/git.nix
./common/optional/sops.nix
./common/optional/syncthing.nix
./common/optional/desktop/dwm
./common/optional/desktop/common/themes/standard-dark.nix
./common/optional/notes.nix
./common/optional/yazi.nix
./common/optional/desktop/common/kodi.nix
./common/optional/desktop/common/xdg
];
home.packages = [
pkgs.qgis
];
colorScheme = {
slug = "serene";
name = "Serene";
author = "Bitlab21";
palette = {
base00 = "#1F1F28";
base01 = "#16161D";
base02 = "#223249";
base03 = "#363646";
base04 = "#727169";
base05 = "#DCD7BA";
base06 = "#C8C093";
base07 = "#717C7C";
base08 = "#C34043";
base09 = "#FFA066";
base0A = "#C0A36E";
base0B = "#76946A";
base0C = "#6A9589";
base0D = "#7E9CD8";
base0E = "#957FB8";
base0F = "#D27E99";
};
};
home.file.".Xresources" = {
recursive = true;
text = ''
! st
st.alpha: 0.8
St.font: monospace:pixelsize=31:antialias=true:autohint=true;
St.font2: NotoColorEmoji:pixelsize=24:antialias=true:autohint=true;
! dwm
dwm.borderpx: 6
dwm.font: monospace:size=14
dwm.col_base00: #${config.colorScheme.palette.base00}
dwm.col_base03: #${config.colorScheme.palette.base03}
dwm.col_base04: #${config.colorScheme.palette.base04}
dwm.col_base05: #${config.colorScheme.palette.base05}
dwm.col_base08: #${config.colorScheme.palette.base08}
dwm.col_base0B: #${config.colorScheme.palette.base0B}
! dmenu
dmenu.font: monospace:size=14
dmenu.font2: NotoColorEmoji:pixelsize=44:antialias=true:autohint=true
dmenu.topbar: 1
dmenu.normfgcolor: #${config.colorScheme.palette.base05}
dmenu.normbgcolor: #${config.colorScheme.palette.base03}
dmenu.selfgcolor: #${config.colorScheme.palette.base00}
dmenu.selbgcolor: #${config.colorScheme.palette.base0B}
Nsxiv.window.background: #${config.colorScheme.palette.base03}
Nsxiv.window.foreground: #${config.colorScheme.palette.base05}
Nsxiv.mark.foreground: #${config.colorScheme.palette.base08}
Nsxiv.bar.background: #${config.colorScheme.palette.base00}
Nsxiv.bar.foreground: #${config.colorScheme.palette.base05}
Nsxiv.bar.font: monospace:size=12
'';
};
}

9
home/common/core/default.nix
View file

@ -4,11 +4,10 @@
inputs.nix-colors.homeManagerModules.default
./zsh.nix
./nixvim
./tmux.nix
];
nixpkgs.overlays = [
inputs.nur.overlays.default
inputs.nur.overlay
outputs.overlays.additions
outputs.overlays.unstable-packages
];
@ -19,18 +18,14 @@
ripgrep
fzf
eza
bat
killall
pciutils
tree
jq
coreutils
btop
htop
postgresql_16
postgresql
libqalculate
tmux
tealdeer
;
};
home.stateVersion = "24.05";

29
home/common/core/nixvim/default.nix
View file

@ -1,8 +1,5 @@
{ inputs, pkgs, ... }:
{
inputs,
pkgs,
...
}: {
imports = [
inputs.nixvim.homeManagerModules.nixvim
./plugins
@ -14,22 +11,12 @@
# Install home packages needed for nixvim
home.packages = [
pkgs.nixpkgs-fmt
pkgs.black
pkgs.yamllint
pkgs.yamlfmt
pkgs.prettierd
pkgs.sqlfmt
pkgs.nodePackages_latest.sql-formatter
pkgs.alejandra
pkgs.shellcheck
pkgs.shellharden
pkgs.shfmt
pkgs.stylua
pkgs.glow
];
programs.nixvim = {
enable = true;
package = pkgs.neovim-unwrapped;
enableMan = true; # install man pages for nixvim options
clipboard.register = "unnamedplus"; # use system clipboard instead of internal registers
globals.mapleader = " ";
@ -55,17 +42,7 @@
let wiki_0.index = 'home'
let wiki_0.syntax = 'markdown'
let wiki_0.ext = '.md'
" ==== dbui
let g:db_ui_hide_schemas = ['pg_catalog', 'pg_toast_temp.*', 'pg_toast']
let g:db_ui_use_nerd_fonts = 1
let g:db_ui_execute_on_save = 0
" == custom surround
augroup initvim
au!
autocmd FileType markdown,vimwiki let b:surround_{char2nr('b')} = "**\r**"
augroup END
'';
};
}

101
home/common/core/nixvim/keymaps.nix
View file

@ -1,31 +1,33 @@
{
programs.nixvim.keymaps = [
programs.nixvim.keymaps = [
# Switching buffers
{
mode = ["n"];
action = "<C-w>h";
mode = [ "n" ];
action = "<C-W>h";
key = "<S-h>";
options = {silent = true;};
options = {
silent = true;
};
}
{
mode = ["n"];
action = "<C-w>j";
mode = [ "n" ];
action = "<C-W>j";
key = "<S-j>";
options = {
silent = true;
};
}
{
mode = ["n"];
action = "<C-w>k";
mode = [ "n" ];
action = "<C-W>k";
key = "<S-k>";
options = {
silent = true;
};
}
{
mode = ["n"];
action = "<C-w>l";
mode = [ "n" ];
action = "<C-W>l";
key = "<S-l>";
options = {
silent = true;
@ -34,7 +36,7 @@ programs.nixvim.keymaps = [
# Toggle nvim-tree
{
mode = ["n"];
mode = [ "n" ];
action = "<cmd>NvimTreeFindFileToggle<CR>";
key = "tt";
options = {
@ -44,71 +46,40 @@ programs.nixvim.keymaps = [
# Clear search highlighting
{
mode = ["n"];
mode = [ "n" ];
key = "<space><space>";
action = "<cmd>nohlsearch<CR>";
options = {noremap = true;};
options = { noremap = true; };
}
# paste over selected text without yanking it
# Telescope Plugin
{
mode = ["v"];
key = "p";
action = "\"_dP";
options = {noremap = true;};
}
# resize window
{
mode = ["n"];
key = "<Right>";
action = ":vertical resize +1<CR>";
options = {noremap = true;};
# find files
mode = [ "n" ];
key = "<Leader>ff";
action = "<cmd>Telescope find_files<CR>";
options = { noremap = true; };
}
{
mode = ["n"];
key = "<Left>";
action = ":vertical resize -1<CR>";
options = {noremap = true;};
# live grep
mode = [ "n" ];
key = "<Leader>fg";
action = "<cmd>Telescope live_grep<CR>";
options = { noremap = true; };
}
{
mode = ["n"];
key = "<Down>";
action = ":resize -1<CR>";
options = {noremap = true;};
# buffers
mode = [ "n" ];
key = "<Leader>fb";
action = "<cmd>Telescope buffers<CR>";
options = { noremap = true; };
}
{
mode = ["n"];
key = "<Up>";
action = ": resize +1<CR>";
options = {noremap = true;};
}
# indent line in or out
{
mode = ["v"];
key = "<";
action = "<gv";
options = {noremap = true;};
}
{
mode = ["v"];
key = ">";
action = ">gv";
options = {noremap = true;};
}
# move selected line up or down
{
mode = ["v"];
key = "<C-d>";
action = ":m '>+1<CR>gv=gv";
options = {noremap = true;};
}
{
mode = ["v"];
key = "<C-u>";
action = ":m '<-2<CR>gv=gv";
options = {noremap = true;};
# help tags
mode = [ "n" ];
key = "<Leader>fh";
action = "<cmd>Telescope help_tags<CR>";
options = { noremap = true; };
}
];
}

2
home/common/core/nixvim/options.nix
View file

@ -31,7 +31,5 @@
ignorecase = true;
smartcase = true;
backspace = "indent,eol,start"; # allow backspace in insert mode
spell = true;
spelllang = "en_gb";
};
}

10
home/common/core/nixvim/plugins/alpha.nix Normal file
View file

@ -0,0 +1,10 @@
{
programs.nixvim.plugins = {
alpha = {
enable = true;
iconsEnabled = true;
theme = "dashboard";
};
};
}

22
home/common/core/nixvim/plugins/cmp.nix
View file

@ -3,7 +3,6 @@
cmp-emoji = { enable = true; };
cmp = {
enable = true;
cmdline = {};
settings = {
autoEnableSources = true;
experimental = { ghost_text = true; };
@ -12,7 +11,7 @@
fetchingTimeout = 200;
maxViewEntries = 30;
};
snippet = { expand = "function(args) require('luasnip').lsp_expand(args.body) end"; };
snippet = { expand = "luasnip"; };
formatting = {
fields = [ "kind" "abbr" "menu" ];
format = ''
@ -44,10 +43,14 @@
};
mapping = {
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
"<S-Tab>" = "cmp.mapping.select_prev_item()";
"<C-j>" = "cmp.mapping.select_next_item()";
"<C-k>" = "cmp.mapping.select_prev_item()";
"<C-e>" = "cmp.mapping.abort()";
"<C-b>" = "cmp.mapping.scroll_docs(-4)";
"<C-f>" = "cmp.mapping.scroll_docs(4)";
"<C-Space>" = "cmp.mapping.complete()";
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<S-CR>" = "cmp.mapping.confirm({ behavior = cmp.ConfirmBehavior.Replace, select = true })";
};
};
};
@ -55,7 +58,7 @@
cmp-buffer = { enable = true; };
cmp-path = { enable = true; }; # file system paths
cmp_luasnip = { enable = true; }; # snippets
cmp-cmdline = { enable = true; }; # autocomplete for cmdline
cmp-cmdline = { enable = false; }; # autocomplete for cmdline
};
programs.nixvim.extraConfigLua = ''
luasnip = require("luasnip")
@ -91,15 +94,22 @@
-- Use buffer source for `/` (if you enabled `native_menu`, this won't work anymore).
cmp.setup.cmdline({'/', "?" }, {
mapping = cmp.mapping.preset.cmdline(),
sources = {
{ name = 'buffer' }
}
})
-- Set configuration for specific filetype.
cmp.setup.filetype('gitcommit', {
sources = cmp.config.sources({
{ name = 'cmp_git' }, -- You can specify the `cmp_git` source if you were installed it.
}, {
{ name = 'buffer' },
})
})
-- Use cmdline & path source for ':' (if you enabled `native_menu`, this won't work anymore).
cmp.setup.cmdline(':', {
mapping = cmp.mapping.preset.cmdline(),
sources = cmp.config.sources({
{ name = 'path' }
}, {

5
home/common/core/nixvim/plugins/comment.nix
View file

@ -1,5 +0,0 @@
{
programs.nixvim.plugins.comment = {
enable = true;
};
}

50
home/common/core/nixvim/plugins/conform.nix
View file

@ -1,53 +1,21 @@
{
programs.nixvim.plugins.conform-nvim = {
enable = true;
formatOnSave = {
lspFallback = true;
timeoutMs = 500;
};
notifyOnError = true;
logLevel = "debug";
formattersByFt = {
html = ["prettierd"];
css = ["prettierd"];
javascript = ["prettierd"];
html = [["prettierd" "prettier"]];
css = [["prettierd" "prettier"]];
javascript = [["prettierd" "prettier"]];
python = ["black"];
lua = ["stylua"];
nix = ["alejandra"];
markdown = ["prettierd"];
yaml = ["yamlfmt"];
markdown = [["prettierd" "prettier"]];
yaml = ["yamllint" "yamlfmt"];
sql = ["sqlfmt"];
#sql = ["sql-formatter"];
bash = [
"shellcheck"
"shellharden"
"shfmt"
];
};
# formatters = {
# sql-formatter = {
# command = "sql-formatter";
# args = "--config ~/.config/sql-formatter/config.json";
# };
# };
};
home.file.".config/sql-formatter/config.json".text = ''
{
"language": "postgresql",
"tabWidth": 2,
"linesBetweenQueries": 1,
"expressionWidth": 88,
"newlineBeforeSemicolon": true
}
'';
programs.nixvim.keymaps = [
# format document with Conform
{
mode = ["n"];
key = "<leader>cf";
action = "<CMD>Format<CR>";
options = {
silent = true;
desc = "Conform auto-format document";
};
}
];
}

103
home/common/core/nixvim/plugins/default.nix
View file

@ -1,11 +1,5 @@
{ pkgs, ... }:
{
pkgs,
config,
...
}: let
user = config.home.username;
in {
imports = [
./cmp.nix
./colorizer.nix
@ -19,15 +13,9 @@ in {
./surround.nix
./telescope.nix
./treesitter.nix
./fold.nix
./todo-comments.nix
./oil.nix
./comment.nix
./git-workree.nix
./alpha.nix
];
programs.nixvim.plugins.web-devicons.enable = true;
# Load Plugins that aren't provided as modules by nixvim
programs.nixvim.extraPlugins = [
pkgs.vimPlugins.vim-numbertoggle
@ -39,15 +27,26 @@ in {
(pkgs.vimUtils.buildVimPlugin
{
name = "glow.nvim";
name = "precognition.nvim";
src = pkgs.fetchFromGitHub {
owner = "ellisonleao";
repo = "glow.nvim";
rev = "238070a";
sha256 = "sha256-GsNcASzVvY0066kak2nvUY5luzanoBclqcUOsODww8g=";
owner = "tris203";
repo = "precognition.nvim";
rev = "v1.0.0";
sha256 = "sha256-AqWYV/59ugKyOWALOCdycWVm0bZ7qb981xnuw/mAVzM=";
};
})
# (pkgs.vimUtils.buildVimPlugin
# {
# name = "hardtime";
# src = pkgs.fetchFromGitHub {
# owner = "m4xshen";
# repo = "hardtime.nvim ";
# rev = "9a4e24f";
# #sha256 = "sha256-abe9ZGmL7U9rC+LxC3LO5/bOn8lHke1FCKO0V3TZGs0=";
# };
# })
#
(pkgs.vimUtils.buildVimPlugin
{
name = "buffer_manager.nvim";
@ -59,36 +58,19 @@ in {
};
})
(pkgs.vimUtils.buildVimPlugin
{
name = "vimwiki-sync";
src = pkgs.fetchFromGitHub {
owner = "michal-h21";
repo = "vimwiki-sync";
rev = "99eeab3";
sha256 = "sha256-cz0dSFphIbQAI4AOqwIUpDBTuj/3xlOkhSlIVMdgsqM=";
};
})
# Keep vim-devicons as last entry
pkgs.vimPlugins.vim-devicons
];
programs.nixvim.extraConfigLua = ''
-- function to read api key from secrets file
local function read_api_key(file_path)
local file = io.open(file_path, "r")
if file then
local api_key = file:read("*all")
file:close()
return api_key
else
error("Failed to open file: " .. file_path)
end
end
-- buffer_manager.nvim
local opts = {noremap = true}
require("precognition").setup(
{
}
)
require("buffer_manager").setup(
{
line_keys = "1234567890",
@ -112,24 +94,14 @@ in {
}
)
require('glow').setup({
border = "shadow",
style = "dark",
pager = false,
width = 80,
height = 100,
width_ratio = 0.7,
height_ratio = 0.7,
})
-- Custom color for modified buffers
vim.api.nvim_set_hl(0, "BufferManagerModified", { fg = "#988100" })
local bmui = require("buffer_manager.ui")
vim.keymap.set('n', '<leader>b', bmui.toggle_quick_menu, opts)
vim.keymap.set('n', '<leader>n', bmui.nav_next, opts)
vim.keymap.set('n', '<leader>p', bmui.nav_prev, opts)
local keys="1234567890"
for i = 1, #keys do
local key = keys:sub(i,i)
@ -138,28 +110,7 @@ in {
opts
)
end
-- Setup vimwiki
vim.g.vimwiki_list = {
{
syntax = "markdown",
ext = ".md",
path = "/home/${user}/.local/share/notes",
},
}
-- Format function for conform.nvim
vim.api.nvim_create_user_command("Format", function(args)
local range = nil
if args.count ~= -1 then
local end_line = vim.api.nvim_buf_get_lines(0, args.line2 - 1, args.line2, true)[1]
range = {
start = { args.line1, 0 },
["end"] = { args.line2, end_line:len() },
}
end
require("conform").format({ async = true, lsp_format = "fallback", range = range })
end, { range = true })
'';
}

31
home/common/core/nixvim/plugins/fold.nix
View file

@ -1,31 +0,0 @@
{
programs.nixvim.plugins.nvim-ufo = {
enable = true;
};
programs.nixvim.extraConfigLua = ''
-- default fold options
vim.o.foldcolumn = '1'
vim.o.foldlevel = 99
vim.o.foldlevelstart = 99
vim.o.foldenable = true
-- nvim_ufo options
vim.keymap.set('n', 'zR', require('ufo').openAllFolds, { desc = "Open all folds" })
vim.keymap.set('n', 'zM', require('ufo').closeAllFolds, { desc = "Close all folds" })
vim.keymap.set('n', 'zK', function()
local winid = require("ufo").peekFoldedLinesUnderCursor()
if not winid then
vim.lsp.buf.hover()
end
end , { desc = "Peed fold" })
require("ufo").setup({
provider_selector = function(bufnr, filetype, buftype)
return { 'lsp', 'indent' }
end
})
'';
}

26
home/common/core/nixvim/plugins/git-workree.nix
View file

@ -1,26 +0,0 @@
{
programs.nixvim.keymaps = [
# Switching worktrees
{
mode = ["n"];
key = "<leader>fws";
action = "<cmd>lua require('telescope').extensions.git_worktree.git_worktrees()<CR>";
options = {noremap = true;};
}
{
mode = ["n"];
key = "<leader>fwc";
action = "<cmd>lua require('telescope').extensions.git_worktree.create_git_worktree()<CR>";
options = {noremap = true;};
}
];
programs.nixvim.plugins.git-worktree = {
enable = true;
enableTelescope = true;
autopush = true;
changeDirectoryCommand = "cd";
clearJumpsOnChange = true;
updateOnChange = true;
updateOnChangeCommand = "e .";
};
}

20
home/common/core/nixvim/plugins/gitsigns.nix
View file

@ -2,24 +2,34 @@
programs.nixvim.plugins.gitsigns = {
enable = true;
settings.signs.add = {
set_hl = "GitSignsAdd";
hl = "GitSignsAdd";
text = " ";
numhl = "GitSignsAddNr";
linehl = "GitSignsAddLn";
};
settings.signs.change = {
set_hl = "GitSignsChange";
hl = "GitSignsChange";
text = " ";
numhl = "GitSignsChangeNr";
linehl = "GitSignsChangeLn";
};
settings.signs.delete = {
set_hl = "GitSignsDelete";
hl = "GitSignsDelete";
text = " ";
numhl = "GitSignsDeleteNr";
linehl = "GitSignsDeleteLn";
};
settings.signs.topdelete = {
set_hl = "GitSignsDelete";
hl = "GitSignsDelete";
text = " ";
numhl = "GitSignsDeleteNr";
linehl = "GitSignsDeleteLn";
};
settings.signs.changedelete = {
set_hl = "GitSignsChange";
hl = "GitSignsChange";
text = " ";
numhl = "GitSignsChangeNr";
linehl = "GitSignsChangeLn";
};
};
}

1
home/common/core/nixvim/plugins/harpoon.nix
View file

@ -3,7 +3,6 @@
enable = true;
keymaps = {
toggleQuickMenu = "<leader>h";
addFile = "<leader>a";
};
};
}

110
home/common/core/nixvim/plugins/lsp.nix
View file

@ -1,73 +1,51 @@
{ osConfig , ... }:
let
hostname = osConfig.networking.hostName;
in
{
programs.nixvim.plugins = {
lsp = {
enable = true;
servers = {
lua_ls = {enable = true;};
nixd = {
enable = true;
cmd = ["nixd"];
settings = {
nixpkgs.expr = "import <nixpkgs> { }";
options = {
nixos.expr = "(builtins.getFlake \"/etc/nixos\").nixosConfigurations.${hostname}.options";
# TODO get home-manager options working when hm imported as submodule
# home_manager.expr = "(builtins.getFlake \"github:nix-community/home-manager\").homeConfigurations.${hostname}.options";
};
};
programs.nixvim.plugins.lsp = {
enable = true;
servers = {
lua-ls = { enable = true; };
nixd = { enable = true; };
bashls = { enable = true; };
pyright = { enable = true; };
html = { enable = true; };
yamlls = { enable = true; };
marksman = { enable = true; };
#sqls = {enable = true;};
};
keymaps = {
lspBuf = {
gd = {
action = "definition";
desc = "Goto Definition";
};
bashls = {enable = true;};
pyright = {enable = true;};
html = {enable = true;};
marksman = {enable = true;};
ccls = {enable = true;};
cssls = {enable = true;};
ts_ls = {enable = true;};
};
keymaps = {
lspBuf = {
gd = {
action = "definition";
desc = "Goto Definition";
};
gr = {
action = "references";
desc = "Goto References";
};
gD = {
action = "declaration";
desc = "Goto Declaration";
};
gI = {
action = "implementation";
desc = "Goto Implementation";
};
gT = {
action = "type_definition";
desc = "Type Definition";
};
gK = {
action = "hover";
desc = "Hover";
};
"<leader>cw" = {
action = "workspace_symbol";
desc = "Workspace Symbol";
};
"<leader>cr" = {
action = "rename";
desc = "Rename";
};
gr = {
action = "references";
desc = "Goto References";
};
gD = {
action = "declaration";
desc = "Goto Declaration";
};
gI = {
action = "implementation";
desc = "Goto Implementation";
};
gT = {
action = "type_definition";
desc = "Type Definition";
};
K = {
action = "hover";
desc = "Hover";
};
"<leader>cw" = {
action = "workspace_symbol";
desc = "Workspace Symbol";
};
"<leader>cr" = {
action = "rename";
desc = "Rename";
};
};
};
# TODO: enable otter.nvim when merged into nixvim stable
# otter = {
# enable = true;
# };
};
}

36
home/common/core/nixvim/plugins/lualine.nix
View file

@ -1,26 +1,22 @@
{
programs.nixvim.plugins.lualine = {
enable = true;
settings = {
options = {
theme = "auto";
sectionSeparators = {
left = "";
right = "";
};
componentSeparators = {
left = "";
right = "";
};
};
sections = {
lualine_a = ["mode"];
lualine_b = ["branch" "diff" "diagnostics"];
lualine_c = ["filename"];
lualine_x = ["encoding" "fileformat" "filetype"];
lualine_y = ["progress"];
lualine_z = ["locations"];
};
theme = "auto";
componentSeparators = {
left = "";
right = "";
};
sectionSeparators = {
left = "";
right = "";
};
sections = {
lualine_a = [ "mode" ];
lualine_b = [ "branch" "diff" "diagnostics" ];
lualine_c = [ "filename" ];
lualine_x = [ "encoding" "fileformat" "filetype" ];
lualine_y = [ "progress" ];
lualine_z = [ "locations" ];
};
};
}

2
home/common/core/nixvim/plugins/luasnip.nix
View file

@ -1,7 +1,7 @@
{ pkgs, ... }: {
programs.nixvim.plugins.luasnip = {
enable = true;
settings = {
extraConfig = {
enable_autosnippets = true;
store_selection_keys = "<Tab>";
};

9
home/common/core/nixvim/plugins/oil.nix
View file

@ -1,9 +0,0 @@
{
programs.nixvim.plugins.oil = {
enable = true;
settings = {
columns = ["icon"];
view_options.show_hidden = true;
};
};
}

2
home/common/core/nixvim/plugins/surround.nix
View file

@ -1,3 +1,3 @@
{
programs.nixvim.plugins.vim-surround.enable = true; # vim-surround
programs.nixvim.plugins.surround.enable = true; # vim-surround
}

51
home/common/core/nixvim/plugins/telescope.nix
View file

@ -3,55 +3,4 @@
enable = true;
extensions.fzy-native.enable = true;
};
programs.nixvim.keymaps = [
{
# find files
mode = ["n"];
key = "<Leader>ff";
action = "<cmd>Telescope find_files<CR>";
options = {noremap = true;};
}
{
# live grep
mode = ["n"];
key = "<Leader>fg";
action = "<cmd>Telescope live_grep<CR>";
options = {noremap = true;};
}
{
# grep string under cursor
mode = ["n"];
key = "<Leader>fs";
action = "<cmd>Telescope grep_string<CR>";
options = {noremap = true;};
}
{
# buffers
mode = ["n"];
key = "<Leader>fb";
action = "<cmd>Telescope buffers<CR>";
options = {noremap = true;};
}
{
# help tags
mode = ["n"];
key = "<Leader>fh";
action = "<cmd>Telescope help_tags<CR>";
options = {noremap = true;};
}
{
# show recently opened files
mode = ["n"];
key = "<Leader>fo";
action = "<cmd>Telescope oldfiles<CR>";
options = {noremap = true;};
}
{
# show recently opened files
mode = ["n"];
key = "<Leader>fk";
action = "<cmd>Telescope keymaps<CR>";
options = {noremap = true;};
}
];
}

19
home/common/core/nixvim/plugins/todo-comments.nix
View file

@ -1,19 +0,0 @@
{
programs = {
nixvim = {
plugins.todo-comments = {
enable = true;
};
keymaps = [
{
mode = [ "n" ];
action = "<cmd>TodoTelescope<cr>";
key = "<leader>ft";
options = {
silent = true;
};
}
];
};
};
}

25
home/common/core/tmux.nix
View file

@ -1,25 +0,0 @@
{
pkgs,
inputs,
...
}: {
programs.tmux = {
enable = true;
clock24 = true;
extraConfig = ''
# vim keymaps for switching panes
setw -g mode-keys vi
bind-key h select-pane -L
bind-key j select-pane -D
bind-key k select-pane -U
bind-key l select-pane -R
bind-key -r C-h select-window -t :-
bind-key -r C-h select-window -t :+
'';
plugins = [
{ plugin = inputs.minimal-tmux.packages.${pkgs.system}.default; }
pkgs.tmuxPlugins.yank
];
};
}

6
home/common/core/zsh.nix
View file

@ -8,10 +8,6 @@
shellAliases = {
ll = "ls -l";
src = "cd ~/.local/share/src";
no = "cd /etc/nixos";
cat = "bat --decorations=never";
ls = "eza";
};
history.size = 10000;
history.path = "${config.xdg.dataHome}/zsh/history";
@ -103,8 +99,6 @@
echo -ne '\e[5 q' # Use beam shape cursor on startup.
preexec() { echo -ne '\e[5 q' ;} # Use beam shape cursor for each new prompt.
export MANPAGER="nvim +Man\!"
'';
};
}

18
home/common/optional/desktop/common/default.nix
View file

@ -1,4 +1,4 @@
{pkgs, ...}: {
{ pkgs, ... }: {
imports = [
./firefox.nix
./alacritty.nix
@ -14,21 +14,5 @@
pkgs.xfce.thunar
pkgs.kcolorchooser
pkgs.zotero
pkgs.transmission_3
pkgs.mpv
pkgs.simple-scan
pkgs.pandoc
pkgs.texlive.combined.scheme-small
pkgs.libreoffice-fresh
pkgs.hunspell
pkgs.hunspellDicts.en-gb-large
pkgs.hunspellDicts.en-gb-large
pkgs.hunspellDicts.en_US
pkgs.set_wm_class
pkgs.xorg.xkill
pkgs.R
pkgs.gimp
pkgs.gajim
pkgs.vlc
];
}

87
home/common/optional/desktop/common/firefox.nix
View file

@ -1,45 +1,38 @@
{
pkgs,
config,
configVars,
...
}: let
{ pkgs, config, ... }:
let
user = config.home.username;
dockerContainerIp = configVars.networking.addresses.docker.ip;
in {
in
{
programs.firefox = {
package = pkgs.firefox-bin;
enable = true;
profiles.${user} = {
search = {
force = true;
default = "Searx";
order = ["Searx" "DuckDuckGo"];
order = [ "Searx" "DuckDuckGo" ];
engines = {
"Nix Packages" = {
urls = [
{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}
];
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}];
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"];
definedAliases = [ "@np" ];
};
"NixOS Wiki" = {
urls = [{template = "https://nixos.wiki/index.php?search={searchTerms}";}];
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@nw"];
definedAliases = [ "@nw" ];
};
"Searx" = {
urls = [{template = "http://searx.lan/?q={searchTerms}";}];
urls = [{ template = "http://10.0.10.35:8855/?q={searchTerms}"; }];
iconUpdateURL = "https://docs.searxng.org/_static/searxng-wordmark.svg";
updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@searx"];
definedAliases = [ "@searx" ];
};
"Bing".metaData.hidden = true;
"Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias
@ -48,38 +41,16 @@ in {
bookmarks = [
{
name = "toolbar";
toolbar = true;
bookmarks = [
{
name = "Jellyfin";
url = "http://jellyfin.lan";
}
{
name = "Pihole";
url = "http://dns.lan/admin";
}
{
name = "Searx";
url = "http://searx.lan";
}
{
name = "Mempool";
url = "http://mempool.lan";
}
{
name = "Grafana";
url = "http://grafana.lan";
}
{
name = "Prometheus";
url = "http://metrics.lan";
}
{
name = "Nixos Package Search";
url = "https://search.nixos.org/packages";
}
];
name = "wikipedia";
tags = [ "wiki" ];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
}
{
name = "bitlab21";
tags = [ "bitcoin" ];
keyword = "bitcoin";
url = "https://bitlab21.com";
}
];
@ -89,7 +60,7 @@ in {
"identity.fxaccounts.enabled" = false;
"signon.rememberSignons" = false;
"browser.compactmode.show" = true;
"browser.startup.homepage" = "http://searx.lan";
"browser.startup.homepage" = "http://10.0.10.35:8855";
"browser.search.defaultenginename" = "Searx";
"browser.search.order.1" = "Searx";
};
@ -100,9 +71,11 @@ in {
bitwarden
sponsorblock
darkreader
vimium
privacy-badger
zotero-connector
];
};
};
}

2
home/common/optional/desktop/common/fontconfig.nix
View file

@ -3,7 +3,7 @@
home.packages = with pkgs; [
nerdfonts
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk
noto-fonts-emoji
hack-font
liberation_ttf

13
home/common/optional/desktop/common/kodi.nix
View file

@ -1,13 +0,0 @@
{
pkgs,
...
}: {
programs.kodi = {
enable = true;
package = pkgs.kodi.withPackages (kodiPkgs:
with kodiPkgs; [
netflix
jellycon
]);
};
}

51
home/common/optional/desktop/common/themes/standard-dark.nix
View file

@ -1,48 +1,21 @@
{pkgs, ...}: {
{ pkgs, ... }:
{
# Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113
# error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files
home.packages = [
pkgs.dconf
];
home.packages = [ pkgs.dconf ];
gtk.enable = true;
# Get details about theme package
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
gtk = {
enable = true;
theme = {
name = "Kanagawa-B";
package = pkgs.kanagawa-gtk-theme;
};
iconTheme = {
package = pkgs.adwaita-icon-theme;
name = "Adwaita";
};
gtk3.extraConfig = {
Settings = ''
gtk-application-prefer-dark-theme=1
'';
};
gtk4.extraConfig = {
Settings = ''
gtk-application-prefer-dark-theme=1
'';
};
home.file = {
".icons/bibata".source = "${pkgs.bibata-cursors}/share/icons/Bibata-Modern-Classic";
};
#gtk.theme.package = pkgs.kanagawa-gtk-theme;
# Get details about theme package
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
gtk.theme.package = pkgs.kanagawa-gtk-theme;
gtk.theme.name = "Kanagawa-B";
# gtk.cursorTheme = {
# name = "Vimix-Cursors";
# package = pkgs.vimix-cursor-theme;
# };
# gtk.theme.name = "Kanagawa-B";
# gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
# gtk.iconTheme.name = "Kanagawa";
gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
gtk.iconTheme.name = "Kanagawa";
qt.enable = true;
qt.platformTheme.name = "gtk";

6
home/common/optional/desktop/common/wayland/mako.nix
View file

@ -2,11 +2,11 @@
{
services.mako = {
enable = true;
backgroundColor = "#${config.colorScheme.palette.base00}";
borderColor = "#${config.colorScheme.palette.base0D}";
backgroundColor = "#${config.colorScheme.colors.base00}";
borderColor = "#${config.colorScheme.colors.base0D}";
borderRadius = 5;
borderSize = 2;
textColor = "#${config.colorScheme.palette.base05}";
textColor = "#${config.colorScheme.colors.base05}";
layer = "overlay";
};
}

5
home/common/optional/desktop/common/x11/default.nix
View file

@ -11,9 +11,4 @@
pkgs.feh
];
programs.chromium = {
enable = true;
package = pkgs.brave;
};
}

67
home/common/optional/desktop/common/xdg/default.nix
View file

@ -1,67 +0,0 @@
{pkgs, config, lib, ...}: {
xdg.desktopEntries = {
firefox = {
name = "Firefox";
exec = "${pkgs.firefox}/bin/firefox";
};
zathura-wrapper = {
name = "Zathura-wrapper";
exec = "st -T st-float -g 150x50 -e zathura %F";
terminal = false;
mimeType = ["application/pdf"];
};
nsxiv-wrapper = {
name = "Nsxiv-wrapper";
# exec = "nsxiv-wrapper %f";
exec = "st -T st-float -g 150x50 -e nsxiv %F";
terminal = false;
mimeType = ["image/*"];
};
nvim-wrapper = {
name = "Nvim-wrapper";
exec = "st -T st-float -g 150x50 -e nvim %F";
terminal = false;
mimeType = ["text/*"];
};
mpv-wrapper = {
name = "Mpv-wrapper";
exec = "st -T st-float -g 150x50 -e mpv %F";
terminal = false;
mimeType = ["video/*"];
};
};
# Forces creation of mimeapps.list if hm link has been overwritten by another application
# https://discourse.nixos.org/t/home-manager-and-the-mimeapps-list-file-on-plasma-kde-desktops/37694
xdg.configFile."mimeapps.list" = lib.mkIf config.xdg.mimeApps.enable { force = true; };
xdg.mimeApps = {
enable = lib.mkDefault true;
defaultApplications = {
"application/pdf" = "zathura-wrapper.desktop";
# text
"text/html" = "firefox.desktop";
"text/plain" = "nvim-wrapper.desktop";
# images
"image/jpeg" = "nsxiv-wrapper.desktop";
"image/jpg" = "nsxiv-wrapper.desktop";
"image/png" = "nsxiv-wrapper.desktop";
"image/tiff" = "nsxiv-wrapper.desktop";
"image/gif" = "nsxiv-wrapper.desktop";
"image/heic" = "nsxiv-wrapper.desktop";
"image/bmp" = "nsxiv-wrapper.desktop";
"image/webp" = "nsxiv-wrapper.desktop";
# video
"video/mp4" = "mpv-wrapper.desktop";
"video/mpeg" = "mpv-wrapper.desktop";
"x-scheme-handler/http" = "firefox.desktop";
"x-scheme-handler/https" = "firefox.desktop";
"x-scheme-handler/about" = "firefox.desktop";
"x-scheme-handler/unknown" = "firefox.desktop";
};
};
}

7
home/common/optional/desktop/dwm/default.nix
View file

@ -7,6 +7,7 @@
./xinitrc.nix
./sxhkdrc.nix
./picom.nix
./xresources.nix
./dunst.nix
./music_player.nix
@ -16,11 +17,9 @@
./scripts/sb-volume.nix
./scripts/sb-network-status.nix
./scripts/sb-updates.nix
./scripts/sb-battery.nix
# Notification scripts
./scripts/dunstify-volume-notification.nix
./scripts/dunstify-battery-notification.nix
# Helper scripts
./scripts/emoji-picker.nix
@ -29,10 +28,6 @@
./scripts/get-focused-monitor.nix
./scripts/git-commit-ai.nix
./scripts/aichat-wrapper.nix
./scripts/dmenu-wifi.nix
./scripts/battery-status.nix
./scripts/dmenu-set-wm-class.nix
./scripts/key-remaps.nix
];
home.packages = [

19
home/common/optional/desktop/dwm/dunst.nix
View file

@ -8,7 +8,7 @@
enable = true;
iconTheme = {
name = "Adwaita";
package = pkgs.adwaita-icon-theme;
package = pkgs.gnome.adwaita-icon-theme;
size = "16x16";
};
settings = {
@ -30,6 +30,7 @@
#format = ''%I %s %p\n%b'';
format = ''<b>%s:</b>\n%b\n\n%a '';
#TODO dynamic fonts
font = "monospace";
# Options are "left", "center", and "right".
@ -131,7 +132,7 @@
offset = "15x60";
origin = "top-right";
frame_color = "#${config.colorScheme.palette.base0B}";
frame_color = "#${config.colorScheme.colors.base0B}";
frame_width = 2;
# Browser for opening urls in context menu.
@ -157,21 +158,21 @@
};
urgency_low = {
background = "#${config.colorScheme.palette.base03}";
foreground = "#${config.colorScheme.palette.base05}";
background = "#${config.colorScheme.colors.base03}";
foreground = "#${config.colorScheme.colors.base05}";
timeout = 15;
};
urgency_normal = {
background = "#${config.colorScheme.palette.base03}";
foreground = "#${config.colorScheme.palette.base05}";
background = "#${config.colorScheme.colors.base03}";
foreground = "#${config.colorScheme.colors.base05}";
timeout = 15;
};
urgency_critical = {
background = "#${config.colorScheme.palette.base08}";
foreground = "#${config.colorScheme.palette.base05}";
frame_color = "#${config.colorScheme.palette.base05}";
background = "#${config.colorScheme.colors.base08}";
foreground = "#${config.colorScheme.colors.base05}";
frame_color = "#${config.colorScheme.colors.base00}";
timeout = 0;
};
};

4
home/common/optional/desktop/dwm/music_player.nix
View file

@ -1,6 +1,6 @@
{ pkgs, config, ... }:
{
home.file."mus/music_data".source = config.lib.file.mkOutOfStoreSymlink /media/media/music/music_data;
home.file."mus/music_data".source = config.lib.file.mkOutOfStoreSymlink /media/music/music_data;
home.packages = [
pkgs.ffmpeg
@ -39,7 +39,7 @@
format "44100:16:2"
}
'';
bind_to_address "127.0.0.1" '';
musicDirectory = "~/mus/music_data";
};

54
home/common/optional/desktop/dwm/scripts/battery-status.nix
View file

@ -1,54 +0,0 @@
{ pkgs, ... }:
{
home.packages = [
(pkgs.writeShellScriptBin "battery-status" ''
# Get the current power consumption of the laptop battery
power=$(cat /sys/class/power_supply/BAT0/power_now)
power_watts=$(${pkgs.bc}/bin/bc <<< "scale=3; $power / 1000000")
# Get the current battery charge capacity
energy=$(cat /sys/class/power_supply/BAT0/energy_now)
# Get the current battery status (charging or discharging)
battery_status=$(cat /sys/class/power_supply/BAT0/status)
# Calculate the time remaining until the battery is empty or full
if [ "$battery_status" == "Charging" ]; then
# Calculate the time remaining until the battery is full
hours=$(${pkgs.bc}/bin/bc <<< "scale=2; $power / $energy")
hours_int=$(${pkgs.bc}/bin/bc <<< "scale=0; $hours / 1")
minutes=$(${pkgs.bc}/bin/bc <<< "scale=0; 60 * ($hours - $hours_int)/1")
if [ "$hours_int" -gt "0" ]; then
# Show hours and minutes if time remaining is greater than or equal to 1 hour
echo "Full in: $hours_int hours $minutes minutes"
else
# Show minutes if time remaining is less than 1 hour
echo "Full in: $minutes minutes"
fi
elif [ "$battery_status" == "Discharging" ]; then
# Calculate the time remaining until the battery is empty
hours=$(${pkgs.bc}/bin/bc <<< "scale=2; $energy / $power")
hours_int=$(${pkgs.bc}/bin/bc <<< "scale=0; $hours / 1")
minutes=$(${pkgs.bc}/bin/bc <<< "scale=0; 60 * ($hours - $hours_int)/1")
if [ "$hours_int" -gt "0" ]; then
# Show hours and minutes if time remaining is greater than or equal to 1 hour
echo "Empty in: $hours_int hours $minutes minutes"
else
# Show minutes if time remaining is less than 1 hour
echo "Empty in: $minutes minutes"
fi
elif [ "$battery_status" == "Full" ]; then
echo "Battery full"
elif [ "$battery_status" == "Not charging" ]; then
echo "Battery full - not charging"
fi
echo "Power consumption: $power_watts W"
'')
];
}

4
home/common/optional/desktop/dwm/scripts/clipboard-recall.nix
View file

@ -53,7 +53,7 @@
(writeShellScriptBin "clipboard-image-recall" ''
# Script to view and select and output images in image clipboard dir to clipboard.
monitor_name=$(get-focused-monitor)
monitor_info=$(${xorg.xrandr}/bin/xrandr | grep "$monitor_name")
monitor_info=$(xrandr | grep "$monitor_name")
width=$(echo $monitor_info | grep -oP '\d+x\d+' | cut -dx -f1)
height=$(echo $monitor_info | grep -oP '\d+x\d+' | cut -dx -f2)
@ -68,7 +68,7 @@
filesdir="$(find $1 -type f -printf '%T@ %p\n' | sort -rn | cut -d ' ' -f 2-)"
[ "$filesdir" == "" ] && notify-send -t 1000 "Clipboard Recall" "No images in directory" && exit 1
output="$(echo "$filesdir" | ${nsxiv}/bin/nsxiv -tioq -g "$scale_width"x"$scale_height" -N float )"
output="$(echo "$filesdir" | ${nsxiv}/bin/nsxiv -tioq -g "$scale_width"x"$scale_height" -N nsxiv-float )"
num_lines=$( echo "$output" | wc -l)
if [ "$num_lines" -gt 1 ]; then

4
home/common/optional/desktop/dwm/scripts/clipboard-save.nix
View file

@ -14,7 +14,7 @@
*image*)
echo "$(${xclip}/bin/xclip -selection clipboard -t TARGETS -o)"
filename=$(${xclip}/bin/xclip -selection clipboard -t image/png -o | ${openssl}/bin/openssl sha1 | cut -b 49-)
file_exists=$(ls $image_location | grep $filename | sed "s/\..*//")
file_exists=$(/bin/ls $image_location | grep $filename | sed "s/\..*//")
[[ $filename != "$file_exists" ]] &&
xclip -selection clipboard -t image/png -o > "$image_location/$filename.png" &&
notify-send -t 5000 "Image Copied" "$image_location/$filename.png"
@ -22,7 +22,7 @@
*UTF8_STRING*)
echo "$(${xclip}/bin/xclip -selection clipboard -t TARGETS -o)"
filename=$(${xclip}/bin/xclip -selection clipboard -t UTF8_STRING -o | ${openssl}/bin/openssl sha1 | cut -b 49-)
file_exists=$(ls "$text_location" | grep "$filename" | sed "s/\..*//")
file_exists=$(/bin/ls "$text_location" | grep "$filename" | sed "s/\..*//")
echo "$filename" "$file_exists"
[[ "$filename" != "$file_exists" ]] &&
xclip -selection clipboard -t UTF8_STRING -o > "$text_location/$filename"

13
home/common/optional/desktop/dwm/scripts/dmenu-set-wm-class.nix
View file

@ -1,13 +0,0 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
(writeShellScriptBin "dmenu-set-wm-class" ''
${libnotify}/bin/notify-send "Set Window Class" "Select window..."
winid=$(${xorg.xwininfo}/bin/xwininfo | grep "Window id:" | grep -o "0x[0-9a-fA-F]*")
class=$(${xorg.xprop}/bin/xprop -id "$winid" WM_CLASS | grep -o "\".*\"$")
new_class=$( echo "" | ${dmenu}/bin/dmenu -p "Selected: $class. Set class name of window:")
[ -z "$new_class" ] && ${libnotify}/bin/notify-send "Set Window Class" "Nothing set, exiting" && exit
${set_wm_class}/bin/set_wm_class "$winid" "$new_class"
'')
];
}

51
home/common/optional/desktop/dwm/scripts/dmenu-wifi.nix
View file

@ -1,51 +0,0 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
(writeShellScriptBin "dmenu-wifi" ''
nmcli dev wifi rescan
ssid_list=$(nmcli -f in-use,bssid,ssid,mode,chan,freq,rate,signal,bars,security dev wifi)
available_connections=$(echo "$ssid_list" | sed '/--.*Infra/d')
connection=$( echo "$available_connections" | dmenu -l 20)
bssid=$(echo "$connection" | sed 's/^.\s*//;s/\s\s.*$//')
ssid=$(echo "$connection" | sed 's/^.\s*[0-9;A-Z;:]*\s\s//;s/\s*Infra\s*[0-9].*$//')
[[ "$connection" = "" ]] && notify-send -t 5000 "Wifi Connect" "Cancelled" && exit 0
[[ $( echo "$connection" | grep "IN-USE" -o) = "IN-USE" ]] && notify-send -t 5000 "Wifi Connect" "Please select valid network" && exit 0
[[ -n "$(echo "$connection" | grep '\*')" ]] && notify-send -t 5000 "Wifi Connect" "Already Connected to: $(echo "$ssid")" && exit 0
notify-send -t 5000 "Network Manager" "Attempting to connect to $ssid..."
nmcli connection modify "$ssid" 802-11-wireless.bssid "$bssid"
nmcli device wifi connect "$bssid"
return_code=$?
if [ $return_code == 4 ];
then
notify-send -t 5000 "Wifi Connect" "Please enter password for '$ssid'..."
prompt="Enter Password for '$ssid'"
pwd=$(echo "" | dmenu -p "$prompt")
nmcli device wifi connect "$bssid" password "$pwd"
return_code=$?
fi
case "$return_code" in
0) notify-send -t 5000 "Wifi Connect" "Successfully connected to: $ssid!"
pkill -RTMIN+12 dwmblocks
exit 0
;;
3) notify-send -t 5000 "Wifi Connect" "Connection to $ssid failed. Timeout expired?"
pkill -RTMIN+12 dwmblocks
exit 1
;;
4)
notify-send -t 5000 "Wifi Connect" "Connection to $ssid failed. Possibly wrong password?"
nmcli connection delete id "$ssid"
pkill -RTMIN+12 dwmblocks
exit 1
;;
*) notify-send -t 5000 "Wifi Connect" "Connection to $ssid failed. Error code $?"
echo "Failed. Exiting"
pkill -RTMIN+12 dwmblocks
exit 1
esac
'')
];
}

9
home/common/optional/desktop/dwm/scripts/dunstify-battery-notification.nix
View file

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
home.packages = [
(pkgs.writeShellScriptBin "dunstify-battery-notification" ''
msgTag="battery-notify"
${pkgs.dunst}/bin/dunstify -a "batteryNotify" -u critical -i battery-notify -h string:x-dunst-stack-tag:$msgTag "Battery Status" "$(battery-status)" -t 5000
'')
];
}

2
home/common/optional/desktop/dwm/scripts/get-focused-monitor.nix
View file

@ -3,7 +3,7 @@
home.packages = with pkgs; [
(writeShellScriptBin "get-focused-monitor" ''
# get the current cursor location into X and Y variables
eval $(${xdotool}/bin/xdotool getmouselocation --shell)
eval $(xdotool getmouselocation --shell)
# compare mouse location to monitor coordinates
while IFS= read -r line; do

11
home/common/optional/desktop/dwm/scripts/key-remaps.nix
View file

@ -1,11 +0,0 @@
{pkgs, ...}: {
home.packages = with pkgs; [
(writeShellScriptBin "key-remaps" ''
${xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
${xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
${xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
${xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
${xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
'')
];
}

37
home/common/optional/desktop/dwm/scripts/sb-battery.nix
View file

@ -1,37 +0,0 @@
{ pkgs, ... }:
{
home.packages = with pkgs; [
(writeShellScriptBin "sb-battery" ''
BAT=/sys/class/power_supply/BAT0/capacity
# Exit script if no battery detected
[ ! -f "$BAT" ] && exit
STATUS=$(cat /sys/class/power_supply/BAT0/uevent | grep "POWER_SUPPLY_STATUS" | sed "s/^.*=//")
capacity=$(cat "$BAT")
if [ "$STATUS" == "Charging" ] || [ "$STATUS" == "Not charging" ]; then
echo "[󰂄 $capacity%] "
else
case $capacity in
100) echo "[󰁹 $capacity%] ";;
9[0-9]) echo "[󰂂 $capacity%] ";;
8[0-9]) echo "[󰂁 $capacity%] ";;
7[0-9]) echo "[󰂀 $capacity%] ";;
6[0-9]) echo "[󰁿 $capacity%] ";;
5[0-9]) echo "[󰁾 $capacity%] ";;
4[0-9]) echo "[󰁽 $capacity%] ";;
3[0-9]) echo "[󰁼 $capacity%] ";;
2[0-9]) echo "[󰁻 $capacity%] ";;
1[0-9]) echo "[󰁺 $capacity%] ";;
[6-9]) echo "[󰁺 $capacity%] ";;
[0-5]) echo "[󰂃 $capacity%] ";;
esac
fi
if [[ $capacity -le 20 && $STATUS != "Charging" ]]; then
dunstify-battery-notification
fi
'')
];
}

2
home/common/optional/desktop/dwm/scripts/sb-network-status.nix
View file

@ -41,7 +41,7 @@
if [ -z "$IP_ADDRESS" ];
then
printf "[$network_symbol] "
printf "$network_symbol"
else
printf "[$network_symbol|$IP_ADDRESS] "
fi

12
home/common/optional/desktop/dwm/scripts/sb-updates.nix
View file

@ -2,12 +2,12 @@
{
home.packages = with pkgs; [
(writeShellScriptBin "sb-updates" ''
# Gets number of flake inputs that are ready for update
# Checks every 60 minutes
# inputs=$(cd /etc/nixos &&
# nix flake update --output-lock-file <(cat flake.nix) 2> /tmp/update &&
# cat /tmp/update | grep -c Update)
# printf "[ $inputs] "
# Gets number of flake inputs that are ready for update
# Checks every 60 minutes
inputs=$(cd /etc/nixos &&
nix flake update --output-lock-file <(cat flake.nix) 2> /tmp/update &&
cat /tmp/update | grep -c Update)
printf "[ $inputs] "
'')
];
}

21
home/common/optional/desktop/dwm/sxhkdrc.nix
View file

@ -1,5 +1,5 @@
{
# TODO: add emoji and dmenu-dict scripts
# TODO add emoji and dmenu-dict scripts
home.file.".config/sxhkd/sxhkdrc" = {
recursive = true;
text = ''
@ -15,20 +15,29 @@
XF86AudioMicMute
pamixer --default-source --toggle-mute && dunstify-volume-notification && pkill -RTMIN+10 dwmblocks && exit 1
control + F9
XF86MonBrightnessUp
light -A 5 && dunstify-brightness-notification
XF86MonBrightnessDown
light -U 5 && dunstify-brightness-notification
XF86Messenger
dunstify-battery-notification
control + Home
bookmark-add
control + Insert
bookmark-insert
control + F8
clipboard-image-recall /tmp/clipboard/images/
Print
env QT_AUTO_SCREEN_SCALE_FACTOR=1.5 QT_SCREEN_SCALE_FACTORS="" flameshot gui
flameshot gui
control + F7
emoji-picker
control + F4
dmenu-set-wm-class
'';
};
}

19
home/common/optional/desktop/dwm/xinitrc.nix
View file

@ -1,14 +1,21 @@
{...}: {
# TODO: configure x11 to look in .config/x11
{ config, ... }:
let
monitor = "${toString (builtins.map (m: "xrandr --output ${ m.name } --mode ${ toString( m.width )}x${ toString( m.height )} --pos ${ toString( m.x)}x${ toString( m.y)}" ) config.monitors)}";
in
{
# TODO configure x11 to look in .config/x11
home.file.".xinitrc" = {
recursive = true;
text = ''
picom -b --config ~/.config/picom/picom.conf
xrdb -merge ~/.Xresources
xrdb ~/.Xresources
autostart="clipboard-save dwmblocks feh-wallpaper-changer sxhkd key-remaps"
${monitor}
autostart="clipboard-save dwmblocks feh-wallpaper-changer sxhkd"
for program in $autostart; do
pidof -sx "$program" || "$program" &
done >/dev/null 2>&1
@ -18,10 +25,10 @@
eval $(dbus-launch --exit-with-session --sh-syntax)
fi
systemctl --user import-environment DISPLAY XAUTHORITY
if command -v dbus-update-activation-environment >/dev/null 2>&1; then
dbus-update-activation-environment DISPLAY XAUTHORITY
fi
fi
export XSESSION_PID="$$"
exec dwm

44
home/common/optional/desktop/dwm/xresources.nix Normal file
View file

@ -0,0 +1,44 @@
{ config, ... }:
{
home.file.".Xresources" = {
recursive = true;
text = ''
! scale
Xft.dpi: 144
! st
st.alpha: 0.8
St.font: monospace:pixelsize=21:antialias=true:autohint=true;
St.font2: NotoColorEmoji:pixelsize=19:antialias=true:autohint=true;
! dwm
dwm.borderpx: 3
dwm.font: monospace:size=12
dwm.col_base00: #${config.colorScheme.colors.base00}
dwm.col_base03: #${config.colorScheme.colors.base03}
dwm.col_base04: #${config.colorScheme.colors.base04}
dwm.col_base05: #${config.colorScheme.colors.base05}
dwm.col_base08: #${config.colorScheme.colors.base08}
dwm.col_base0B: #${config.colorScheme.colors.base0B}
! dmenu
dmenu.font: monospace:size=12
dmenu.font2: NotoColorEmoji:pixelsize=22:antialias=true:autohint=true
dmenu.topbar: 1
dmenu.normfgcolor: #${config.colorScheme.colors.base05}
dmenu.normbgcolor: #${config.colorScheme.colors.base03}
dmenu.selfgcolor: #${config.colorScheme.colors.base00}
dmenu.selbgcolor: #${config.colorScheme.colors.base0B}
Nsxiv.window.background: #${config.colorScheme.colors.base03}
Nsxiv.window.foreground: #${config.colorScheme.colors.base05}
Nsxiv.mark.foreground: #${config.colorScheme.colors.base08}
Nsxiv.bar.background: #${config.colorScheme.colors.base00}
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
Nsxiv.bar.font: monospace:size=12
'';
};
}

4
home/common/optional/desktop/hyprland/default.nix
View file

@ -22,8 +22,8 @@
extraConfig =
let
monitor = "${toString (builtins.map (m: "monitor=${ m.name },${ toString( m.width ) }x${ toString( m.height ) }@${ toString( m.refreshRate ) },${ toString( m.x ) }x${ toString( m.y ) },${ toString( m.scale ) }\n") config.monitors)}";
active = "rgba(${config.colorScheme.palette.base08}ee)";
inactive = "rgba(${config.colorScheme.palette.base0C}ee)";
active = "rgba(${config.colorScheme.colors.base08}ee)";
inactive = "rgba(${config.colorScheme.colors.base0C}ee)";
in
''

7
home/common/optional/git.nix
View file

@ -1,13 +1,10 @@
{ pkgs, configVars, ... }:
let
email = configVars.email.user;
in
{ pkgs, ... }:
{
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
userName = "Sam";
userEmail = "${email}";
userEmail = "samual.shop@proton.me";
aliases = { };
extraConfig = {
pull.rebase = false;

22
home/common/optional/notes.nix
View file

@ -1,22 +0,0 @@
{ pkgs, config, lib, ... }:
let
user = config.home.username;
in
{
home.activation.getNotes = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
touch /tmp/notes
notes_dir=/home/${user}/.local/share/notes
remote=git@git.bitlab21.com:sam/notes
if [ -d "$notes_dir" ];
then
cd "$notes_dir"
[ ! -d .git ] && PATH="${pkgs.git}/bin:${pkgs.openssh}/bin:$PATH" git clone "$remote" "$notes_dir"
else
mkdir -p "$notes_dir" && PATH="${pkgs.git}/bin:${pkgs.openssh}/bin:$PATH" git clone "$remote" "$notes_dir"
fi
'';
home.activation.foo = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
touch /tmp/foo
'';
}

53
home/common/optional/transmission.nix
View file

@ -1,53 +0,0 @@
{
config,
pkgs,
...
}: let
in {
systemd.user.services.transmission-daemon = {
Unit = {
Description = "Transmission Bittorrent Daemon";
Wants = "network-online.target";
After = "network-online.target";
Documentation = "man:transmission-daemon(1)";
};
Install = {
WantedBy = ["multi-user.target"];
};
Service = {
User = "transmission";
Type = "notify";
ExecStart = "${pkgs.transmission}/bin/transmission-daemon -f --log-level=error";
ExecReload = "${pkgs.coreutils}/bin/kill -s HUP $MAINPID";
CapabilityBoundingSet = "";
DevicePolicy = "closed";
KeyringMode = "private";
LockPersonality = "true";
NoNewPrivileges = "true";
MemoryDenyWriteExecute = "true";
PrivateTmp = "true";
PrivateDevices = "true";
ProtectClock = "true";
ProtectKernelLogs = "true";
ProtectControlGroups = "true";
ProtectKernelModules = "true";
ProtectSystem = "true";
ProtectHostname = "true";
ProtectKernelTunables = "true";
ProtectProc = "invisible";
RestrictNamespaces = "true";
RestrictSUIDSGID = "true";
RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";
RestrictRealtime = "true";
SystemCallFilter = "@system - service";
SystemCallArchitectures = "native";
SystemCallErrorNumber = "EPERM";
};
};
# home.file.".config/transmission-daemon/settings.json" = {
# recursive = true;
# text = ''
#
# '';
# };
}

120
home/common/optional/yazi.nix
View file

@ -1,120 +0,0 @@
{ pkgs, ... }:
{
programs.yazi = {
enable = true;
package = pkgs.yazi;
enableBashIntegration = true;
enableZshIntegration = true;
settings = {
log = {
enabled = true;
};
manager = {
show_hidden = false;
sort_by = "modified";
sort_dir_first = true;
sort_reverse = true;
};
};
theme = {
manager = {
marker_copied = { fg = "#98bb6c"; bg = "#98bb6c"; };
marker_cut = { fg = "#e46876"; bg = "#e46876"; };
marker_marked = { fg = "#957fb8"; bg = "#957fb8"; };
marker_selected = { fg = "#ffa066"; bg = "#ffa066"; };
cwd = { fg = "#e6c384"; };
hovered = { reversed = true; };
preview_hovered = { reversed = true; };
tab_active = { reversed = true; };
tab_inactive = { };
tab_width = 1;
count_copied = { fg = "#1f1f28"; bg = "#98bb6c"; };
count_cut = { fg = "#1f1f28"; bg = "#e46876"; };
count_selected = { fg = "#1f1f28"; bg = "#e6c384"; };
border_symbol = "";
border_style = { fg = "#dcd7ba"; };
};
status = {
separator_open = "";
separator_close = "";
separator_style = { fg = "reset"; bg = "#363646"; };
mode_normal = { fg = "#1f1f28"; bg = "#85a6ea"; bold = true; };
mode_select = { fg = "#1f1f28"; bg = "#957fb8"; bold = true; };
mode_unset = { fg = "#1f1f28"; bg = "#e6c384"; bold = true; };
progress_label = { fg = "#85a6ea"; bg = "#363646"; bold = true; };
progress_normal = { fg = "#363646"; bg = "#1f1f28"; };
progress_error = { fg = "#363646"; bg = "#1f1f28"; };
permissions_t = { fg = "#98bb6c"; };
permissions_r = { fg = "#e6c384"; };
permissions_w = { fg = "#e82424"; };
permissions_x = { fg = "#7aa89f"; };
permissions_s = { fg = "#938aa9"; };
};
select = {
border = { fg = "#7fb4ca"; };
active = { fg = "#938aa9"; bold = true; };
inactive = { };
};
input = {
border = { fg = "#7fb4ca"; };
title = { };
value = { };
selected = { reversed = true; };
};
completion = {
border = { fg = "#7fb4ca"; };
active = { reversed = true; };
inactive = { };
};
tasks = {
border = { fg = "#7fb4ca"; };
title = { };
hovered = { fg = "#938aa9"; };
};
which = {
cols = 2;
separator = " - ";
separator_style = { fg = "#727169"; };
mask = { bg = "#16161d"; };
rest = { fg = "#727169"; };
cand = { fg = "#85a6ea"; };
desc = { fg = "#565666"; };
};
help = {
on = { fg = "#7aa89f"; };
run = { fg = "#938aa9"; };
desc = { };
hovered = { reversed = true; bold = true; };
footer = { fg = "#090618"; bg = "#dcd7ba"; };
};
notify = {
title_info = { fg = "#98bb6c"; };
title_warn = { fg = "#e6c384"; };
title_error = { fg = "#e82424"; };
};
filetype = {
rules = [
{ mime = "image/*"; fg = "#e6c384"; }
{ mime = "{audio,video}/*"; fg = "#957fb8"; }
{ mime = "application/{,g}zip"; fg = "#e46876"; }
{ mime = "application/x-{tar,bzip*,7z-compressed,xz,rar}"; fg = "#e46876"; }
{ mime = "application/{pdf,doc,rtf,vnd.*}"; fg = "#6a9589"; }
{ name = "*"; is = "orphan"; fg = "#e46876"; }
{ name = "*"; is = "exec"; fg = "#957fb8"; }
{ name = "*/"; fg = "#85a6ea"; }
];
};
};
};
}

15
home/cloudnix.nix → home/fileserver.nix
View file

@ -1,11 +1,14 @@
{
...
{ ...
}: {
imports = [
# Import users
./users/admin
./common/core
./common/optional/git.nix
./common/optional/sops.nix
];
./common/core
./common/optional/sops.nix
# Import optional
./common/optional/git.nix
];
}

14
home/merlin.nix → home/nebula.nix
View file

@ -1,11 +1,13 @@
{
...
{ ...
}: {
imports = [
# Import users
./users/admin
./common/core
./common/optional/git.nix
./common/optional/sops.nix
];
./common/core
# Import optional
./common/optional/git.nix
];
}

29
home/nixdev.nix Normal file
View file

@ -0,0 +1,29 @@
{ ...
}: {
imports = [
# Import users
./users/sam
./common/core
./common/optional/desktop/hyprland
./common/optional/desktop/waybar.nix
./common/optional/sops.nix
# Import optional
./common/optional/git.nix
];
# ------
# | DP-1
# ------
monitors = [
{
name = "Virtual-1";
width = 2048;
height = 1152;
x = 0;
workspace = "1";
primary = true;
}
];
}

66
home/semita.nix
View file

@ -1,7 +1,4 @@
{
pkgs,
config,
...
{ ...
}: {
imports = [
# Import users
@ -15,14 +12,28 @@
./common/optional/syncthing.nix
./common/optional/desktop/dwm
./common/optional/desktop/common/themes/standard-dark.nix
./common/optional/notes.nix
./common/optional/yazi.nix
./common/optional/transmission.nix
./common/optional/desktop/common/xdg
];
home.packages = [
pkgs.qgis
];
# ------
# | DP-1
# ------
monitors = [
{
name = "DP-1";
width = 2560;
height = 1440;
x = 0;
y = 0;
workspace = "1";
primary = true;
}
{
name = "DP-2";
width = 2560;
height = 1440;
x = 2560;
y = 0;
}
];
colorScheme = {
@ -49,37 +60,4 @@
};
};
xresources.extraConfig = ''
! st
st.alpha: 0.8
St.font: monospace:pixelsize=21:antialias=true:autohint=true;
St.font2: NotoColorEmoji:pixelsize=19:antialias=true:autohint=true;
! dwm
dwm.borderpx: 3
dwm.font: monospace:size=12
dwm.col_base00: #${config.colorScheme.palette.base00}
dwm.col_base03: #${config.colorScheme.palette.base03}
dwm.col_base04: #${config.colorScheme.palette.base04}
dwm.col_base05: #${config.colorScheme.palette.base05}
dwm.col_base08: #${config.colorScheme.palette.base08}
dwm.col_base0B: #${config.colorScheme.palette.base0B}
! dmenu
dmenu.font: monospace:size=12
dmenu.font2: NotoColorEmoji:pixelsize=22:antialias=true:autohint=true
dmenu.topbar: 1
dmenu.normfgcolor: #${config.colorScheme.palette.base05}
dmenu.normbgcolor: #${config.colorScheme.palette.base03}
dmenu.selfgcolor: #${config.colorScheme.palette.base00}
dmenu.selbgcolor: #${config.colorScheme.palette.base0B}
Nsxiv.window.background: #${config.colorScheme.palette.base03}
Nsxiv.window.foreground: #${config.colorScheme.palette.base05}
Nsxiv.mark.foreground: #${config.colorScheme.palette.base08}
Nsxiv.bar.background: #${config.colorScheme.palette.base00}
Nsxiv.bar.foreground: #${config.colorScheme.palette.base05}
Nsxiv.bar.font: monospace:size=12
'';
}

1
home/sparky.nix
View file

@ -11,7 +11,6 @@
./common/optional/git.nix
./common/optional/syncthing.nix
./common/optional/desktop/cinnamon
./common/optional/desktop/common/kodi.nix
];

13
home/users/admin/default.nix
View file

@ -1,4 +1,4 @@
{ outputs, ... }:
{ config, pkgs, lib, outputs, ... }:
{
home.username = "admin";
@ -7,16 +7,6 @@
imports = [
] ++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
programs.ssh = {
enable = true;
matchBlocks = {
"git.bitlab21.com" = {
identitiesOnly = true;
identityFile = ["~/.ssh/deploy_key-ssh-ed25519"];
};
};
};
home.packages = [
];
@ -27,7 +17,6 @@
];
home.sessionVariables = {
EDITOR = "nvim";
};
programs.home-manager.enable = true;

18
home/users/sam/default.nix
View file

@ -1,27 +1,25 @@
{
outputs,
...
}:
{ outputs, ... }:
{
home.username = "sam";
home.homeDirectory = "/home/sam";
imports =
[
]
++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
imports = [
] ++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
programs.ssh = {
enable = true;
matchBlocks = {
"git.bitlab21.com" = {
identitiesOnly = true;
identityFile = ["~/.ssh/id_ed25519"];
identityFile = [ "~/.ssh/id_ed25519" ];
};
};
};
home.sessionPath = [
];
xdg.userDirs = {
enable = true;
createDirectories = true;
@ -41,6 +39,6 @@
READER = "zathura";
IMAGE_VIEWER = "nsxiv";
IMAGE_EDITOR = "drawing";
PATH = "$PATH:$HOME/.scripts";
};
}

200
hosts/citadel/default.nix
View file

@ -1,200 +0,0 @@
{
inputs,
lib,
pkgs,
config,
configVars,
outputs,
...
}: let
# Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
dev = "/dev/nvme0n1"; # depends on target hardware
encrypted = true; # currrently only applies to btrfs
btrfsMountDevice = "/dev/mapper/crypted";
user = "sam";
impermanence = true;
piholeIp = configVars.networking.addresses.pihole.ip;
merlinIp = configVars.networking.addresses.merlin.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
in {
imports = [
# Create users for this host
../common/users/${user}
# Disk configuration
inputs.disko.nixosModules.disko
(import ../common/disks {
device = dev;
impermanence = impermanence;
fsType = fsType;
encrypted = encrypted;
})
# Impermanence
(import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
# Import core options
./hardware-configuration.nix
../common/core
# Import optional options
../common/optional/persistence.nix
../common/optional/pipewire.nix
../common/optional/openssh.nix
../common/optional/dwm.nix
../common/optional/fileserver/nfs-client/media.nix
../common/optional/fileserver/nfs-client/photos.nix
../common/optional/fileserver/nfs-client/personal.nix
../common/optional/printing.nix
../common/optional/backlight.nix
../common/optional/xmodmap-arrow-remaps.nix
../common/optional/nix-ld.nix
../common/optional/gaming.nix
../common/optional/powersave.nix
../common/optional/restic-backup.nix
../common/optional/distributed-builds/local-machine.nix
# ../../modules/nixos
outputs.nixosModules.nixosAutoUpgrade
];
boot = {
supportedFilesystems = ["nfs"];
blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
kernelModules = ["iwlwifi"];
initrd.kernelModules = ["thinkpad-acpi" "acpi-call" "nfs"];
# BUG: Using older linux kernel because of build errors
# see https://github.com/NixOS/nixpkgs/issues/375605
# kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
kernelPackages = pkgs.linuxKernel.packages.linux_6_12;
extraModulePackages = [
config.boot.kernelPackages.acpi_call
];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = 3;
};
};
swapDevices = [
{
device = "/.swapvol/swapfile";
size = 4 * 1024;
}
];
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;
reboot = false;
remote = "remotebuild@${merlinIp}";
pushUpdates = false;
configDir = "/etc/nixos";
onCalendar = "*-*-* 08:00:00";
user = "sam";
};
services = {
libinput.touchpad.accelSpeed = "0.5";
xserver = {
xkb.options = "caps:swapescape";
dpi = 196;
upscaleDefaultCursor = true;
};
# enable oom killer when system ram drops below 5% free
earlyoom = {
enable = true;
freeMemThreshold = 5; # <%5 free
};
};
# fix cpu throttling on Lenovo Thinkpad
# see: https://github.com/erpalma/throttled
services.throttled.enable = true;
environment.variables = {
GDK_SCALE = "2.2";
GDK_DPI_SCALE = "0.8";
_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2.2";
QT_AUTO_SCREEN_SCALE_FACTOR = "1";
XCURSOR_SIZE = "64";
};
hardware = {
bluetooth = {
enable = true;
powerOnBoot = true;
};
enableRedistributableFirmware = true;
firmware = [
pkgs.sof-firmware
];
};
# nvidia
hardware.opengl = {
enable = true;
};
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia = {
prime = {
offload = {
enable = true;
enableOffloadCmd = true;
};
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
};
nvidiaPersistenced = true;
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
};
# https://bbs.archlinux.org/viewtopic.php?id=297276 for NVreg_EnableGpuFirmware fix
# https://discourse.nixos.org/t/how-to-use-nvidia-prime-offload-to-run-the-x-server-on-the-integrated-board/9091/15
# for udev rules to disable dGPU when not in use
boot.extraModprobeConfig = ''
options nvidia NVreg_EnableGpuFirmware=0
'';
services.udev.extraRules = ''
# Remove NVIDIA USB xHCI Host Controller devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1"
# Remove NVIDIA USB Type-C UCSI devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{remove}="1"
# Remove NVIDIA Audio devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1"
# Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto"
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto"
# Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on"
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on"
'';
programs.fuse.userAllowOther = true;
networking = {
hostName = "citadel";
networkmanager.enable = true;
enableIPv6 = false;
nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"];
};
services.libinput.enable = true;
}

109
hosts/cloudnix/default.nix
View file

@ -1,109 +0,0 @@
{
configVars,
outputs,
lib,
...
}: let
user = "admin";
merlinIp = configVars.networking.addresses.merlin.ip;
cloudnixIp = configVars.networking.addresses.cloudnix.ip;
btrfsMountDevice = "/dev/disk/by-uuid/2aec8052-68fc-4bac-9b8d-c10b9b659ad8";
in {
imports = [
# Create users for this host
../common/users/${user}
# Import core options
./hardware-configuration.nix
../common/core
# Impermanence
../common/optional/persistence.nix
(import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
# Import optional options
../common/optional/persistence.nix
../common/optional/openssh.nix
../common/optional/distributed-builds/local-machine.nix
# ../common/optional/nixos-containers/semitamaps.nix
# ../common/optional/nixos-containers/vaultwarden.nix
# ../common/optional/nixos-containers/xmpp.nix
../common/optional/fail2ban.nix
../common/optional/restic-backup.nix
../common/optional/forgejo.nix
outputs.nixosModules.nixosAutoUpgrade
];
services.restic.backups = {
daily = {
paths = [
"/persist/"
];
exclude = [
];
};
};
boot = {
loader = {
efi.canTouchEfiVariables = false;
grub = {
enable = true;
devices = ["/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_57492184"];
};
};
};
services = {
earlyoom = {
enable = true;
freeMemThreshold = 5; # <%5 free
};
};
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;
remote = "remotebuild@${merlinIp}";
reboot = false;
pushUpdates = false;
configDir = "/etc/nixos";
onCalendar = "*-*-* 06:00:00";
user = "admin";
};
environment.persistence."/persist" = {
directories = [
"/var/lib/tailscale"
];
};
# enable tailscale
services.tailscale.enable = true;
networking = {
hostName = "cloudnix";
nameservers = ["8.8.8.8"];
firewall.enable = true;
};
systemd.network.networks."10-wan" = {
networkConfig.DHCP = "no";
address = [
"${cloudnixIp}/32"
];
routes = [
{ routeConfig = { Destination = "172.31.1.1"; }; }
{ routeConfig = { Gateway = "172.31.1.1"; GatewayOnLink = true; }; }
];
};
services.libinput.enable = true;
}

18
hosts/common/core/default.nix
View file

@ -14,7 +14,7 @@ in
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
inputs.nur.overlays.default
inputs.nur.overlay
];
config = {
allowUnfree = true;
@ -37,27 +37,13 @@ in
};
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
environment.systemPackages = [
pkgs.rsync
pkgs.curl
pkgs.just
pkgs.git
pkgs.vim
];
programs.git = {
enable = true;
package = pkgs.git;
config = {
# need to set /etc/nixos as safe directory to enable root to interact with non-root nix config repo
safe = {directory = ["/etc/nixos"]; };
};
};
system.stateVersion = "24.05";
}

19
hosts/common/core/sops.nix
View file

@ -1,13 +1,13 @@
{
lib,
inputs,
config,
...
}: let
{ pkgs, lib, inputs, config, ... }:
let
secretsDirectory = builtins.toString inputs.nix-secrets;
secretsFile = "${secretsDirectory}/secrets.yaml";
hasOptinPersistence = config.environment.persistence ? "/persist";
in {
hostname = config.networking.hostName;
in
{
imports = [
inputs.sops-nix.nixosModules.sops
];
@ -17,13 +17,10 @@ in {
validateSopsFiles = false;
age = {
sshKeyPaths = ["${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key"];
sshKeyPaths = [ "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key" ];
};
secrets = {
"passwords/root".neededForUsers = true;
"ssh_keys/deploy_key/id_ed25519" = {
path = "/etc/ssh/deploy_key-ssh-ed25519";
};
};
};
}

36
hosts/common/disks/basic.nix
View file

@ -1,36 +0,0 @@
{
device ? throw "Must define a device, e.g. /dev/sda",
fsModule ? "Must specify submodule"
}:
{
disko.devices = {
disk = {
main = {
type = "disk";
inherit device;
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
start = "1M";
end = "128M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
root = {
size = "100%";
content = import "${fsModule}";
};
};
};
};
};
};
}

57
hosts/common/disks/btrfs/legacy.nix
View file

@ -1,57 +0,0 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
BOOT = {
size = "1M";
type = "EF02";
priority = 1;
};
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
};
"/persist" = {
mountOptions = ["subvol=persist"];
mountpoint = "/persist";
};
"/nix" = {
mountOptions = ["subvol=nix" "noatime"];
mountpoint = "/nix";
};
"/swap" = {
mountOptions = ["noatime"];
mountpoint = "/.swapvol";
};
};
};
};
};
};
};
};
};
}

1
hosts/common/disks/btrfs/persist.nix
View file

@ -19,6 +19,7 @@
"/swap" = {
mountOptions = [ "noatime" ];
mountpoint = "/.swapvol";
swap.swapfile.size = "8192M";
};
};
}

9
hosts/common/disks/default.nix
View file

@ -1,8 +1,11 @@
{ device, fsType, encrypted, impermanence, ... }:
let
fsModule = if impermanence then ./${fsType}/persist.nix else ./${fsType}/standard.nix;
basic = import ./basic.nix { inherit device; fsModule = fsModule; };
basic = import ./${fsType}/basic.nix { inherit device; };
lvm = import ./lvm.nix { inherit device; fsModule = fsModule; };
luks = import ./luks.nix { inherit device; fsModule = fsModule; };
in
if fsType == "btrfs" && encrypted then luks
else basic
if fsType == "ext4" then basic
else if fsType == "btrfs" && encrypted then luks
else if fsType == "btrfs" then lvm
else null

0
hosts/common/disks/ext4/ext4.nix → hosts/common/disks/ext4/basic.nix
View file

7
hosts/common/optional/backlight.nix
View file

@ -1,7 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = [
pkgs.brightnessctl
];
services.illum.enable = true;
}

42
hosts/common/optional/distributed-builds/local-machine.nix
View file

@ -1,42 +0,0 @@
{ pkgs, configVars, ... }:
let
remoteMachineIp = configVars.networking.addresses.remote-builder.ip;
in
{
# nix.distributedBuilds = true;
# nix.settings.builders-use-substitutes = true;
# nix.settings.max-jobs = 0;
# nix.settings.trusted-substituters = ["ssh://${remoteMachineIp}"];
# nix.settings.substituters = ["ssh://${remoteMachineIp}"];
#
# nix.buildMachines = [
# {
# hostName = "remotebuild@${remoteMachineIp}";
# speedFactor = 1;
# maxJobs = 10;
# sshKey = "/root/.ssh/remotebuild";
# system = pkgs.stdenv.hostPlatform.system;
# supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
# }
# ];
programs.ssh.knownHosts = {
"merlin" = {
publicKey = "${remoteMachineIp} ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFSGyrQvwa7gj0tG/EX3siWzGT9badUkD0yw0YGkcNeQ";
};
};
programs.ssh.extraConfig = ''
Host ${remoteMachineIp}
Port 22
User remotebuild
IdentitiesOnly yes
IdentityFile /root/.ssh/remotebuild
'';
sops.secrets = {
"ssh_keys/root/remotebuild" = {
path = "/root/.ssh/remotebuild";
};
};
}

15
hosts/common/optional/distributed-builds/remote-builder-machine.nix
View file

@ -1,15 +0,0 @@
{
users.users.remotebuild = {
isNormalUser = true;
createHome = false;
group = "remotebuild";
openssh.authorizedKeys.keyFiles = [
./remotebuild.pub
];
};
users.groups.remotebuild = {};
nix.settings.trusted-users = ["remotebuild"];
}

1
hosts/common/optional/distributed-builds/remotebuild.pub
View file

@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUPnjP4eql1QT4b9ewbyy7Dyk26PrlQlilO7/RBKCHz remote

70
hosts/common/optional/docker-containers/arrstack.nix
View file

@ -1,70 +0,0 @@
{config, ...}: let
openVpnPwd = config.sops.secrets."software/proton/openvpn_password".path;
openVpnUser = config.sops.secrets."software/proton/openvpn_user".path;
in {
sops.secrets = {
"software/proton/openvpn_password" = {};
"software/proton/openvpn_user" = {};
};
networking = {
firewall = {
enable = true;
allowedTCPPorts = [
6887
];
allowedUDPPorts = [
6887
];
};
};
virtualisation.arion = {
backend = "podman-socket";
projects.arrstack = {
settings = {
services.gluetun.service = {
ports = [
"8076:8076" # qbittorrent webui port
"6887:6887" # qbittorrent torrenting port
"6887:6887/udp" # qbittorrent torrenting port
];
image = "qmcgaw/gluetun";
capabilities = {NET_ADMIN = true;};
container_name = "glutun";
restart = "always";
volumes = [
"/srv/docker/media-server/arrstack/gluetun:/gluetun"
"${openVpnPwd}:/run/secrets/openvpn_password"
"${openVpnUser}:/run/secrets/openvpn_user"
];
environment = {
VPN_SERVICE_PROVIDER = "protonvpn";
VPN_TYPE = "openvpn";
SERVER_COUNTRIES = "Switzerland";
VPN_PORT_FORWARDING = "on";
};
devices = ["/dev/net/tun:/dev/net/tun"];
};
services.qbittorrent.service = {
image = "lscr.io/linuxserver/qbittorrent:latest";
container_name = "qbittorrent";
restart = "always";
volumes = [
"/srv/docker/media-server/arrstack/qbittorrent:/config"
"/media/media/downloads:/downloads"
];
environment = {
TZ = "Europe/London";
WEBUI_PORT = 8076;
TORRENTING_PORT = 6887;
PUID = 1000;
PGID = 1000;
};
network_mode = "service:gluetun";
};
};
};
};
}

17
hosts/common/optional/docker-containers/baikal.nix
View file

@ -1,17 +0,0 @@
{
config.virtualisation.oci-containers = {
backend = "podman";
containers = {
baikal = {
image = "ckulka/baikal:nginx";
ports = [
"6734:80"
];
volumes = [
"/srv/docker/baikal/config:/var/www/baikal/config"
"/srv/docker/baikal/data:/var/www/baikal/Specific"
];
};
};
};
}

31
hosts/common/optional/docker-containers/jellyfin.nix
View file

@ -1,31 +0,0 @@
{
config.virtualisation.oci-containers = {
backend = "podman";
containers = {
jellyfin = {
image = "lscr.io/linuxserver/jellyfin:latest";
ports = [
"8096:8096"
];
volumes = [
"/srv/docker/media-server/jellyfin/config:/config"
"/media/media/tv:/data/tvshows:ro"
"/media/media/movies:/data/movies:ro"
"/media/media/music/music_data:/data/music:ro"
"/media/media/youtube:/data/youtube:ro"
"/media/media/podcasts:/data/podcasts:ro"
"/srv/docker/media-server/jellyfin/config/custom-cont-init.d:/custom-cont-init.d:ro"
];
environment = {
PUID = "1000";
PGID = "1000";
DOCKER_MODS = "linuxserver/mods:jellyfin-opencl-intel";
NVIDIA_VISIBLE_DEVICES = "all";
};
extraOptions = [
"--device=nvidia.com/gpu=all"
];
};
};
};
}

78
hosts/common/optional/docker-containers/photoprism.nix
View file

@ -1,78 +0,0 @@
{config, ...}: {
sops.secrets = {
"software/photoprism" = {
path = "/etc/photoprism/options.yml";
};
};
virtualisation.arion = {
backend = "podman-socket";
projects.photoprism = {
settings = {
services.photoprism.service = {
ports = [
"2342:2342"
];
container_name = "photoprism";
image = "photoprism/photoprism:latest";
restart = "always";
depends_on = ["mariadb"];
volumes = [
"/media/photos/sam/originals:/photoprism/originals"
"/media/photos/sam/imports:/photoprism/import"
"/srv/docker/photoprism/storage:/photoprism/storage"
"${config.sops.secrets."software/photoprism".path}:/etc/photoprism/options.yml"
];
environment = {
PHOTOPRISM_CONFIG_PATH = "/etc/photoprism";
PHOTOPRISM_INIT = "intel";
PHOTOPRISM_ORIGINALS_LIMIT = 5000;
PHOTOPRISM_HTTP_COMPRESSION = "gzip";
PHOTOPRISM_DEBUG = "false";
PHOTOPRISM_LOG = "trace";
PHOTOPRISM_PUBLIC = "false";
PHOTOPRISM_READONLY = "false";
PHOTOPRISM_EXPERIMENTAL = "false";
PHOTOPRISM_DISABLE_CHOWN = "false";
PHOTOPRISM_DISABLE_WEBDAV = "false";
PHOTOPRISM_DISABLE_SETTINGS = "false";
PHOTOPRISM_DISABLE_TENSORFLOW = "false";
PHOTOPRISM_DISABLE_FACES = "false";
PHOTOPRISM_DISABLE_CLASSIFICATION = "false";
PHOTOPRISM_DARKTABLE_PRESETS = "false";
PHOTOPRISM_DETECT_NSFW = "false";
PHOTOPRISM_UPLOAD_NSFW = "true";
PHOTOPRISM_DATABASE_DRIVER = "mysql";
PHOTOPRISM_DATABASE_SERVER = "mariadb:3306";
PHOTOPRISM_DATABASE_NAME = "photoprism";
PHOTOPRISM_DATABASE_USER = "photoprism";
PHOTOPRISM_SITE_TITLE = "PhotoPrism";
PHOTOPRISM_SITE_CAPTION = "AI-Powered Photos App";
PHOTOPRISM_UID = 0;
PHOTOPRISM_GID = 0;
PHOTOPRISM_FFMPEG_ENCODER = "intel";
PHOTOPRISM_FFMPEG_SIZE = "1920";
PHOTOPRISM_FFMPEG_BITRATE = "50";
HOME = "/photoprism";
};
devices = ["/dev/dri:/dev/dri"];
};
services.mariadb.service = {
container_name = "photoprism-mariadb";
image = "mariadb:10.11";
restart = "always";
command = "mysqld --innodb-buffer-pool-size=4G --innodb_log_file_size=1G --transaction-isolation=READ-COMMITTED --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --max-connections=512 --innodb-rollback-on-timeout=OFF --innodb-lock-wait-timeout=120";
volumes = [
"/srv/docker/photoprism/database:/var/lib/mysql"
];
environment = {
MARIADB_AUTO_UPGRADE = "1";
MARIADB_INITDB_SKIP_TZINFO = "1";
MYSQL_DATABASE = "photoprism";
MYSQL_USER = "photoprism";
};
};
};
};
};
}

26
hosts/common/optional/docker-containers/pihole.nix
View file

@ -1,26 +0,0 @@
{
virtualisation.arion = {
backend = "podman-socket";
projects.pihole = {
settings = {
services.pihole.service = {
ports = [
"53:53/tcp"
"53:53/udp"
"80:80/tcp"
];
container_name = "pihole";
image = "pihole/pihole:latest";
restart = "always";
volumes = [
"/srv/docker/pihole/etc-pihole:/etc/pihole"
"/srv/docker/pihole/etc-dnsmasq.d:/etc/dnsmasq.d"
];
environment = {
TZ = "Europe/London";
};
};
};
};
};
}

32
hosts/common/optional/docker-containers/searxng.nix
View file

@ -1,32 +0,0 @@
{configVars, ...}:
let
# configVars = import ../../../../vars {inherit inputs};
piholeIp = configVars.networking.addresses.pihole.ip;
in
{
virtualisation.arion = {
backend = "podman-socket";
projects.searxng = {
settings = {
services.redis.service = {
container_name = "redis";
image = "redis:alpine";
restart = "always";
command = [ "redis-server" "--save" "" "--appendonly" "no" ];
tmpfs = [ "/var/lib/redis" ];
capabilities = { ALL = false; SETGID = true; SETUID = true; DAC_OVERRIDE = true; };
};
services.searxng.service = {
container_name = "searxng";
image = "searxng/searxng:latest";
restart = "always";
ports = [ "8855:8080" ];
dns = [ piholeIp ];
volumes = [ "/srv/docker/searxng-docker/searxng:/etc/searxng:rw" ];
capabilities = { ALL = false; CHOWN = true; SETGID = true; SETUID = true; DAC_OVERRIDE = true; };
};
};
};
};
}

25
hosts/common/optional/docker-containers/semitamaps-tileserver.nix
View file

@ -1,25 +0,0 @@
{
config.virtualisation.oci-containers = {
backend = "podman";
containers = {
tileserver-gl = {
image = "maptiler/tileserver-gl";
ports = [
"8080:8080"
];
volumes = [
"/data/semitamaps-data/tileserver-gl/data:/data"
];
};
mbgl-renderer = {
image = "mbgl-renderer";
ports = [
"8081:80"
];
volumes = [
"/data/semitamaps-data/tileserver-gl/data:/data"
];
};
};
};
}

29
hosts/common/optional/docker-containers/syncthing.nix
View file

@ -1,29 +0,0 @@
{
virtualisation.arion = {
backend = "podman-socket";
projects.syncthing = {
settings = {
services.syncthing.service = {
ports = [
"8384:8384"
"22000:22000/tcp"
"22000:22000/udp"
"21027:21027/udp"
];
container_name = "syncthing";
image = "lscr.io/linuxserver/syncthing:latest";
restart = "always";
environment = {
PUID = "1000";
GUID = "1000";
};
volumes = [
"/srv/docker/syncthing/appdata/config:/config"
"/srv/docker/syncthing/data:/data"
];
};
};
};
};
}

29
hosts/common/optional/docker.nix
View file

@ -1,29 +0,0 @@
{
pkgs,
inputs,
...
}: {
imports = [inputs.arion.nixosModules.arion];
environment.systemPackages = [
pkgs.arion
pkgs.docker-client
];
virtualisation = {
podman = {
enable = true;
dockerSocket.enable = true;
defaultNetwork.settings.dns_enabled = true;
};
};
# need to open firewall for dns resolving. see https://github.com/NixOS/nixpkgs/issues/226365#issuecomment-1814296639
networking.firewall.interfaces."podman+".allowedUDPPorts = [ 53 ];
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/lib/containers"
];
};
}

26
hosts/common/optional/docker/default.nix Normal file
View file

@ -0,0 +1,26 @@
{ pkgs, inputs, ... }:
{
imports = [ inputs.arion.nixosModules.arion ];
environment.systemPackages = [
pkgs.arion
];
# Arion works with Docker, but for NixOS-based containers, you need Podman
# since NixOS 21.05.
virtualisation = {
podman = {
enable = true;
defaultNetwork.settings.dns_enabled = true;
};
docker = {
enable = true;
storageDriver = "btrfs";
rootless = {
enable = true;
setSocketVariable = true;
};
};
};
}

163
hosts/common/optional/docker/postgres.nix Normal file
View file

@ -0,0 +1,163 @@
{ pkgs, lib, inputs, config, ... }:
let
admin_dbPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/admin_db/password".path;
customEntryPointScript = pkgs.writeScript "custom-entrypoint.sh" ''
#!/usr/bin/env bash
## copied from: https://github.com/docker-library/postgres/pull/496#issue-358838955
set -Eeo pipefail
echo "🐘 custom-entry-point"
# Example using the functions of the postgres entrypoint to customize startup to always run files in /always-initdb.d/
source "$(which docker-entrypoint.sh)"
docker_setup_env
docker_create_db_directories
# assumption: we are already running as the owner of PGDATA
# This is needed if the container is started as `root`
#if [ "$1" = 'postgres' ] && [ "$(id -u)" = '0' ]; then
if [ "$(id -u)" = '0' ]; then
exec gosu postgres "$BASH_SOURCE" "$@"
fi
if [ -z "$DATABASE_ALREADY_EXISTS" ]; then
echo "🐘 db is missing"
docker_verify_minimum_env
docker_init_database_dir
pg_setup_hba_conf
# only required for '--auth[-local]=md5' on POSTGRES_INITDB_ARGS
export PGPASSWORD="''${PGPASSWORD:-$POSTGRES_PASSWORD}"
docker_temp_server_start "$@" -c max_locks_per_transaction=256
docker_setup_db
docker_process_init_files /docker-entrypoint-initdb.d/*
docker_temp_server_stop
else
echo "🐘 db already exists"
docker_temp_server_start "$@"
docker_process_init_files /always-initdb.d/*
docker_temp_server_stop
fi
echo "🐘 .. starting!"
exec postgres "$@"
'';
initScript = pkgs.writeScript "init.sh" ''
#!/bin/bash
function create_user_and_database() {
local database=$1
local user=$2
local extensions=$3
echo "### admin user: $POSTGRES_USER ###"
echo " Creating database '$database'"
echo " Creating user '$user'"
psql -v --username "$POSTGRES_USER" -d "$POSTGRES_DB" <<-EOSQL
CREATE USER $user;
CREATE DATABASE $database;
GRANT ALL PRIVILEGES ON DATABASE $database TO $user;
EOSQL
# Loop through extensions and create them
for ext in $(echo "$extensions" | tr ',' ' '); do
echo " - Installing extention $ext"
psql -v --username "$POSTGRES_USER" -d "$database" -c "CREATE EXTENSION $ext;"
done
}
if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
# Parse the JSON string
database_names=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r '.[0] | keys[]')
echo "Multiple database creation requested: $(echo "$database_names" | tr "\n" " ")"
# Loop through each database and create it
for db_name in $database_names; do
user=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r ".[0] | .''${db_name} | .user")
extensions=$(echo "$POSTGRES_MULTIPLE_DATABASES" | jq -r ".[0] | .''${db_name} | .extensions | join(\",\")")
create_user_and_database "$db_name" "$user" "$extensions"
done
fi
'';
in
{
sops.secrets = {
"software/postgres/admin_db/password" = { };
};
virtualisation.arion = {
backend = "docker";
projects = {
"db".settings.services."db".service = {
restart = "unless-stopped";
build.context = "/nix/store";
build.dockerfile = builtins.baseNameOf "${pkgs.writeScript "pgDockerfile" ''
FROM postgres:16
# install packages
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
postgresql-16-postgis \
jq \
&& rm -rf /var/lib/apt/lists/*
RUN mkdir -p /scripts/ /always-initdb.d/
COPY ${builtins.baseNameOf customEntryPointScript} /scripts/custom-entrypoint.sh
RUN chmod -R a+x /scripts
ENTRYPOINT /scripts/custom-entrypoint.sh
''}";
environment = {
POSTGRES_PASSWORD_FILE = admin_dbPasswordFile;
POSTGRES_USER = "admin";
POSTGRES_DB = "admin_db";
PGDATA = "/var/lib/postgresql/data/pgdata";
POSTGRES_MULTIPLE_DATABASES = ''
[
{
"osm": {
"user": "gis",
"extensions": [
"hstore",
"postgis"
]
},
"bitcoin": {
"user": "satoshi",
"extensions": []
},
"btc_models": {
"user": "dbt",
"extensions": []
},
"dev_btc_models": {
"user": "dbt",
"extensions": []
}
"test": {
"user": "test",
"extensions": [hstore]
}
}
]
'';
};
ports = [ "5432:5432" ];
volumes = [
"/mnt/postgres:/var/lib/postgresql/data"
# Need to mount secret file
"${admin_dbPasswordFile}:${admin_dbPasswordFile}"
# PG init script to parse json specified in POSTGRES_MULTIPLE_DATABASES
# creates databases, users and installs extensions for each database.
"${initScript}:/always-initdb.d/init.sh"
];
};
};
};
}

17
hosts/common/optional/dwm.nix
View file

@ -3,8 +3,8 @@
services = {
libinput.enable = true;
xserver = {
autoRepeatDelay = 300;
autoRepeatInterval = 15;
autoRepeatDelay = 250;
autoRepeatInterval = 30;
enable = true;
xkb.layout = "gb";
displayManager.startx.enable = true;
@ -12,12 +12,13 @@
windowManager.dwm = {
enable = true;
package = pkgs.dwm.overrideAttrs {
# src = /home/sam/.local/share/src/dwm;
src = pkgs.fetchgit {
url = "https://git.bitlab21.com/sam/dwm";
rev = "26c82bae50ed580f651fd8316d9b162620872035";
sha256 = "sha256-Qx71t1d7RMVaWKIJ71SPIF49+jjhwN7xI2ZubAoHO8E=";
};
src = pkgs.fetchFromGitea {
domain = "git.bitlab21.com";
owner = "sam";
repo = "dwm";
rev = "ee95ad6795dc51217008363e56fe313d1cfdbaf4";
sha256 = "sha256-L+TAv0g9VhvM+O5gpbKoCk5fCsktWzjQCa2JkN0Xjt4=";
};
};
};
};

34
hosts/common/optional/fail2ban.nix
View file

@ -1,34 +0,0 @@
{pkgs, ...}: {
environment.systemPackages = [pkgs.fail2ban];
environment.etc = {
"fail2ban/filter.d/nginx-bruteforce.conf".text = ''
[Definition]
failregex = ^<HOST>.*(GET|POST).* (404|444|403|400) .*$
'';
};
services.fail2ban = {
enable = true;
maxretry = 5;
ignoreIP = [
];
bantime-increment = {
enable = true;
multipliers = "1 2 4 8 16 32 64";
maxtime = "168h";
};
jails = {
nginx-spam.settings = {
filter = "nginx-bruteforce";
action = "iptables-allports";
logpath = "/var/log/nginx/access.log";
backend = "auto";
findtime = 600;
bantime = 600;
maxretry = 10;
};
};
};
}

27
hosts/common/optional/fileserver-nfs-mount.nix Normal file
View file

@ -0,0 +1,27 @@
{...}:
{
fileSystems."/exports" = {
device = "/dev/vdb1";
fsType = "ext4";
};
services.nfs.server = {
enable = true;
# fixed rpc.statd port; for firewall
lockdPort = 4001;
mountdPort = 4002;
statdPort = 4000;
extraNfsdConfig = '''';
exports = ''
/exports *(rw,insecure,all_squash)
'';
};
# open nfs ports
networking.firewall = {
enable = true;
# for NFSv3; view with `rpcinfo -p`
allowedTCPPorts = [ 111 2049 4000 4001 4002 20048 ];
allowedUDPPorts = [ 111 2049 4000 4001 4002 20048 ];
};
}

10
hosts/common/optional/fileserver/nfs-client/media.nix
View file

@ -1,10 +0,0 @@
{configVars, pkgs, ...}: let
fileserverIp = configVars.networking.addresses.fileserver.ip;
in {
environment.systemPackages = [pkgs.nfs-utils];
fileSystems."/media/media" = {
device = "${fileserverIp}:/srv/export/media";
fsType = "nfs";
options = ["noatime" "_netdev"];
};
}

10
hosts/common/optional/fileserver/nfs-client/personal.nix
View file

@ -1,10 +0,0 @@
{configVars, pkgs, ...}: let
fileserverIp = configVars.networking.addresses.fileserver.ip;
in {
environment.systemPackages = [pkgs.nfs-utils];
fileSystems."/media/personal" = {
device = "${fileserverIp}:/srv/export/personal";
fsType = "nfs";
options = ["noatime" "_netdev"];
};
}

10
hosts/common/optional/fileserver/nfs-client/photos.nix
View file

@ -1,10 +0,0 @@
{configVars, pkgs, ...}: let
fileserverIp = configVars.networking.addresses.fileserver.ip;
in {
environment.systemPackages = [pkgs.nfs-utils];
fileSystems."/media/photos" = {
device = "${fileserverIp}:/srv/export/photos";
fsType = "nfs";
options = ["noatime" "_netdev"];
};
}

42
hosts/common/optional/fileserver/nfs-server/homeshare.nix
View file

@ -1,42 +0,0 @@
{configVars, ...}:
let
homeshareDataLocation = configVars.locations.homeshareDataLocation;
subnetIp = configVars.networking.addresses.subnet.ip;
in {
fileSystems."/srv/export/photos" = {
device = "${homeshareDataLocation}/photos";
options = [ "bind" ];
};
fileSystems."/srv/export/personal" = {
device = "${homeshareDataLocation}/personal";
options = [ "bind" ];
};
fileSystems."/srv/export/media" = {
device = "${homeshareDataLocation}/media";
options = [ "bind" ];
};
services.nfs.server = {
enable = true;
# fixed rpc.statd port; for firewall
lockdPort = 4001;
mountdPort = 4002;
statdPort = 4000;
extraNfsdConfig = '''';
exports = ''
/srv/export/photos ${subnetIp}/24(rw,sync,no_subtree_check)
/srv/export/media ${subnetIp}/24(rw,sync,no_subtree_check)
/srv/export/personal ${subnetIp}/24(rw,sync,no_subtree_check)
'';
};
# open nfs ports
networking.firewall = {
enable = true;
# for NFSv3; view with `rpcinfo -p`
allowedTCPPorts = [ 111 2049 4000 4001 4002 20048 ];
allowedUDPPorts = [ 111 2049 4000 4001 4002 20048 ];
};
}

57
hosts/common/optional/forgejo.nix
View file

@ -1,57 +0,0 @@
{
pkgs,
configVars,
lib,
...
}: let
forgejoDomain = configVars.domains.forgejo;
forgejoPort = configVars.networking.addresses.forgejo.port;
in {
imports = [./nginx/forgejo.nix];
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/lib/forgejo"
];
};
users.groups.git = {
gid = 1009;
};
users.users.git = {
isNormalUser = true;
home = "/var/lib/forgejo";
uid = 1009;
extraGroups = ["git"];
};
services.openssh = {
authorizedKeysFiles = lib.mkForce [ "/var/lib/forgejo/.ssh/authorized_keys" ];
};
services.forgejo = {
enable = true;
package = pkgs.forgejo;
database.type = "sqlite3";
lfs.enable = true;
user = "git";
group = "git";
settings = {
server = {
RUN_USER = "git";
DOMAIN = "git.${forgejoDomain}";
ROOT_URL = "https://git.${forgejoDomain}/";
HTTP_PORT = forgejoPort;
SSH_USER = "git";
};
service.DISABLE_REGISTRATION = false;
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
};
};
}

10
hosts/common/optional/gaming.nix
View file

@ -1,15 +1,15 @@
{ pkgs, lib, ... }:
{
# Gaming
# xone failing to build - https://github.com/NixOS/nixpkgs/pull/347471
# hardware.xone.enable = true;
hardware.xone.enable = true;
environment.systemPackages = with pkgs; [
#Xbox controller
# linuxKernel.packages.linux_zen.xone
linuxKernel.packages.linux_zen.xone
# Steam
mangohud
gamemode
gamescope
# WINE
wine
@ -23,7 +23,7 @@
# Extra dependencies
gnutls
openldap
libgpg-error
libgpgerror
freetype
sqlite
libxml2
@ -41,9 +41,11 @@
programs.steam = {
enable = true;
gamescopeSession.enable = true;
};
programs.gamemode.enable = true;
programs.gamescope.enable = true;
nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override {

8
hosts/common/optional/nfs-mounts/music.nix Normal file
View file

@ -0,0 +1,8 @@
{
fileSystems."/media/music" = {
device = "10.0.10.30:/mnt/media/music";
fsType = "nfs";
options = [ "noatime" "_netdev" ];
};
}

27
hosts/common/optional/nginx/forgejo.nix
View file

@ -1,27 +0,0 @@
{configVars, ...}: let
email = configVars.email.user;
domain = configVars.domains.forgejo;
forgejoIp = configVars.networking.addresses.forgejo.localAddress;
forgejoPort = configVars.networking.addresses.forgejo.port;
in {
networking.firewall.allowedTCPPorts = [80 443];
security.acme = {
acceptTerms = true;
defaults.email = email;
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."git.${domain}" = {
enableACME = true;
forceSSL = true;
extraConfig = ''
client_max_body_size 1024M;
'';
locations."/" = {
proxyPass = "http://${forgejoIp}:${toString forgejoPort}";
};
};
};
}

Some files were not shown because too many files have changed in this diff Show more