Compare commits
210 Commits
Author | SHA1 | Date |
---|---|---|
Sam | 2ef417b6b1 | |
Sam | 592309f30a | |
Sam | c85215b5b4 | |
Sam | d224d55c1a | |
Sam | cdc75090ff | |
Sam | 2d78446105 | |
Sam | d058b2cf72 | |
Sam | 86c59bb27b | |
Sam | ac6a9d2c21 | |
Sam | a154d2df79 | |
Sam | a95ac4ef25 | |
Sam | de5c1edf1b | |
Sam | ac5833c8af | |
Sam | b9c0b70fc8 | |
Sam | b2f849d80b | |
Sam | 4d0335d99a | |
Sam | ec7f879c6d | |
Sam | 2c44487796 | |
Sam | 45ee82da0e | |
Sam | 5d0b1b9be7 | |
Sam | 7be587d7b1 | |
Sam | 7e4f15496f | |
Sam | 9a26bbe7c5 | |
Sam | d725852387 | |
Sam | 4bee1bffbd | |
Sam | 8561f44963 | |
Sam | dde54c9aa7 | |
Sam | 16436da1e4 | |
Sam | 13dad7b532 | |
Sam | a9f321a847 | |
Sam | 7cffeffca9 | |
Sam | 70a788f588 | |
Sam | 4e6f1f6f01 | |
Sam | 8242c29cf7 | |
Sam | bd3f24056e | |
Sam | 71ac9901dd | |
Sam | b106d1cb6e | |
Sam | ca9dff8442 | |
Sam | 2516f9de21 | |
Sam | a9fc820d61 | |
Sam | c255cdbb2c | |
Sam | 6f4187b95e | |
Sam | 89141ff555 | |
Sam | e6c3917942 | |
Sam | 2793c3cfe0 | |
Sam | 2005bc293f | |
Sam | d9fce8a1c9 | |
Sam | 37768683d7 | |
Sam | 3092630c08 | |
Sam | dbd3dd5584 | |
Sam | 92fb9f5519 | |
Sam | 00d5c7db47 | |
Sam | 8eeea08472 | |
Sam | 5430e70bd4 | |
Sam | 62a3630a5c | |
Sam | 51320794e6 | |
Sam | bd3924fda3 | |
Sam | e0093f134b | |
Sam | f57afcc50c | |
Sam | 9096d69f9a | |
Sam | 74a2c3f930 | |
Sam | 2533603b65 | |
Sam | 25dfe2cf37 | |
Sam | 37901f3937 | |
Sam | 4c857eded4 | |
Sam | 2e90b1ae46 | |
Sam | 0038dbf8ce | |
Sam | 612affe2fd | |
Sam | 53d2343f04 | |
Sam | afaf3c4697 | |
Sam | 16fee36e96 | |
Sam | e374498aa4 | |
Sam | f7ffba2266 | |
Sam | a8e0ae35da | |
Sam | 564d4f6230 | |
Sam | 55d96ce54e | |
Sam | d86a05d7c3 | |
Sam | 5a6dca3b5d | |
Sam | d418d16fa4 | |
Sam | 9fe49f4d79 | |
Sam | 1af24715ff | |
Sam | 6f5f8867fd | |
Sam | c25d56f350 | |
Sam | 3d90deadf9 | |
Sam | f3ad132675 | |
Sam | f6b8aeca69 | |
Sam | 9f5e92d452 | |
Sam | dd94dea696 | |
Sam | 19f0057503 | |
Sam | dabff16a37 | |
Sam | 5fae14f4fc | |
Sam | c51cb70732 | |
Sam | c4ac477d6f | |
Sam | ff300d8542 | |
Sam | e30e731d61 | |
Sam | 07d19c4535 | |
Sam | 2ec9f2db77 | |
Sam | 0e0e2b2ae7 | |
Sam | b26aceec76 | |
Sam | 06f6aa1ffd | |
Sam | 3421360317 | |
Sam | 154b474868 | |
Sam | d5f72ee2fd | |
Sam | 46018fb461 | |
Sam | 621e97d8f1 | |
Sam | ae64001bc7 | |
Sam | 9d287792c6 | |
Sam | c448a8c0cd | |
Sam | 87f30f8ace | |
Sam | a5e41acf63 | |
Sam | 21bdc107eb | |
Sam | d56fc29336 | |
Sam | 9788e0d6e2 | |
Sam | bf30739d8b | |
Sam | f8f662daf7 | |
Sam | 04782f64f5 | |
Sam | cf8c449e5e | |
Sam | f7e23e39c7 | |
Sam | 86f27abb2f | |
Sam | fa060dba70 | |
Sam | f411adbf20 | |
Sam | 5e0230dcdd | |
Sam | 1049ecbd76 | |
Sam | e3a1143ca5 | |
Sam | b991fa4236 | |
Sam | 5f672c2665 | |
Sam | 22ce3e08c2 | |
Sam | 5147d02fa9 | |
Sam | 6fbd5447b8 | |
Sam | 1743869b07 | |
Sam | 0fb3056a4c | |
Sam | 32bf8eca1f | |
Sam | c9409866b7 | |
Sam | c5da58fc3b | |
Sam | 82b0838f5c | |
Sam | 7440a6662f | |
mrsu | 959d734fd1 | |
mrsu | 394a24567b | |
Sam | 6472e085c7 | |
Sam | 937b53db87 | |
Sam | fb7cf9e280 | |
Sam | efb6128704 | |
sam | 539ac37b8a | |
Sam | 22aa6d3fa4 | |
sam | 8e527473ac | |
Sam | db7bce57e7 | |
Sam | 614b9765dd | |
Sam | 4b85810128 | |
Sam | a7c8b86b1f | |
Sam | 89ab4e8f9d | |
Sam | 01ad0238a7 | |
Sam | 688c2c9bcd | |
Sam | b8973040d5 | |
Sam | ba9f593bcd | |
Sam | 3dbe85853e | |
Sam | ba19ee9125 | |
Sam | 8173a0dc94 | |
Sam | 600160bd9a | |
Sam | 5205e606c1 | |
Sam | 5b8a1430fe | |
Sam | 8f458590e2 | |
Sam | bcea6919fb | |
Sam | aa8d4ca3ae | |
Sam | 653901f823 | |
sam | febc33faee | |
Sam | 2f99d05406 | |
Sam | 947ddaca43 | |
Sam | 529fc394ef | |
Sam | 89646a5d6a | |
Sam | 804d6bf4d0 | |
Sam | 491350bc58 | |
Sam | baaaa3e8d6 | |
Sam | 591a9ce48f | |
Sam | 7df7970414 | |
Sam | 052c941e81 | |
Sam | f7695f4d15 | |
Sam | 52a3b85c8f | |
Sam | c9ee7c7e80 | |
Sam | fc2f6f4ca3 | |
Sam | 67e3d9dded | |
Sam | 4fbfbee45b | |
Sam | b8f85256a7 | |
Sam | 271b5958b8 | |
Sam | 2f0ddf8375 | |
Sam | e419389862 | |
Sam | fec1dae750 | |
Sam | 3b7a597d8f | |
Sam | 1e95ba6c36 | |
Sam | d29250a2a6 | |
Sam | f71ece31f1 | |
Sam | a71ee506d3 | |
Sam | 7f9c3535ef | |
Sam | 9ace130029 | |
Sam | 92d09646fa | |
Sam | 33981eea6d | |
Sam | bd719c72fa | |
sam | 37192edd83 | |
Sam | 911d7d6905 | |
Sam | 74dab0c38d | |
Sam | f6290f3215 | |
Sam | 8c13a24cc8 | |
Sam | 60b6064ded | |
Sam | 5000138b85 | |
Sam | 20bdddf472 | |
Sam | bcf6db040e | |
Sam | 63ba2ebaba | |
mrsu | e6f0770f97 | |
mrsu | 05ee6da5ee | |
mrsu | 739018e98f | |
mrsu | 906d11b3b0 |
299
flake.lock
299
flake.lock
|
@ -1,5 +1,27 @@
|
||||||
{
|
{
|
||||||
"nodes": {
|
"nodes": {
|
||||||
|
"arion": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-parts": "flake-parts",
|
||||||
|
"haskell-flake": "haskell-flake",
|
||||||
|
"hercules-ci-effects": "hercules-ci-effects",
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1720147808,
|
||||||
|
"narHash": "sha256-hlWEQGUbIwYb+vnd8egzlW/P++yKu3HjV/rOdOPVank=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "arion",
|
||||||
|
"rev": "236f9dd82d6ef6a2d9987c7a7df3e75f1bc8b318",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "arion",
|
||||||
|
"rev": "236f9dd82d6ef6a2d9987c7a7df3e75f1bc8b318",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"base16-schemes": {
|
"base16-schemes": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -18,18 +40,17 @@
|
||||||
},
|
},
|
||||||
"devshell": {
|
"devshell": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils",
|
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixvim",
|
"nixvim",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717408969,
|
"lastModified": 1728330715,
|
||||||
"narHash": "sha256-Q0OEFqe35fZbbRPPRdrjTUUChKVhhWXz3T9ZSKmaoVY=",
|
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "devshell",
|
"repo": "devshell",
|
||||||
"rev": "1ebbe68d57457c8cae98145410b164b5477761f4",
|
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -59,6 +80,31 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"extra-container": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-utils": [
|
||||||
|
"nix-bitcoin",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
|
"nixpkgs": [
|
||||||
|
"nix-bitcoin",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1722175938,
|
||||||
|
"narHash": "sha256-HKyB4HD+NdX3T233bY31hm76v3/tdQBNeLLvopKbZeY=",
|
||||||
|
"owner": "erikarvstedt",
|
||||||
|
"repo": "extra-container",
|
||||||
|
"rev": "37e7207ac9f857eedb58b208b9dc91cd6b24e651",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "erikarvstedt",
|
||||||
|
"repo": "extra-container",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1696426674,
|
"lastModified": 1696426674,
|
||||||
|
@ -90,6 +136,48 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-parts": {
|
"flake-parts": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs-lib": [
|
||||||
|
"arion",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1719994518,
|
||||||
|
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-parts_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs-lib": [
|
||||||
|
"arion",
|
||||||
|
"hercules-ci-effects",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1712014858,
|
||||||
|
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"id": "flake-parts",
|
||||||
|
"type": "indirect"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-parts_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs-lib": [
|
"nixpkgs-lib": [
|
||||||
"nixvim",
|
"nixvim",
|
||||||
|
@ -97,11 +185,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1717285511,
|
"lastModified": 1727826117,
|
||||||
"narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=",
|
"narHash": "sha256-K5ZLCyfO/Zj9mPFldf3iwS6oZStJcU4tSpiXTMYaaL0=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8",
|
"rev": "3d04084d54bedc3d6b8b736c70ef449225c361b1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -115,11 +203,11 @@
|
||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1701680307,
|
"lastModified": 1726560853,
|
||||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -142,11 +230,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718879355,
|
"lastModified": 1729104314,
|
||||||
"narHash": "sha256-RTyqP4fBX2MdhNuMP+fnR3lIwbdtXhyj7w7fwtvgspc=",
|
"narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=",
|
||||||
"owner": "cachix",
|
"owner": "cachix",
|
||||||
"repo": "git-hooks.nix",
|
"repo": "git-hooks.nix",
|
||||||
"rev": "8cd35b9496d21a6c55164d8547d9d5280162b07a",
|
"rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -177,6 +265,44 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"haskell-flake": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1675296942,
|
||||||
|
"narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=",
|
||||||
|
"owner": "srid",
|
||||||
|
"repo": "haskell-flake",
|
||||||
|
"rev": "c2cafce9d57bfca41794dc3b99c593155006c71e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "srid",
|
||||||
|
"ref": "0.1.0",
|
||||||
|
"repo": "haskell-flake",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"hercules-ci-effects": {
|
||||||
|
"inputs": {
|
||||||
|
"flake-parts": "flake-parts_2",
|
||||||
|
"nixpkgs": [
|
||||||
|
"arion",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1719226092,
|
||||||
|
"narHash": "sha256-YNkUMcCUCpnULp40g+svYsaH1RbSEj6s4WdZY/SHe38=",
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "hercules-ci-effects",
|
||||||
|
"rev": "11e4b8dc112e2f485d7c97e1cee77f9958f498f5",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "hercules-ci-effects",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -184,11 +310,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718530513,
|
"lastModified": 1726989464,
|
||||||
"narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=",
|
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "a1fddf0967c33754271761d91a3d921772b30d0e",
|
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -206,11 +332,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718530513,
|
"lastModified": 1726989464,
|
||||||
"narHash": "sha256-BmO8d0r+BVlwWtMLQEYnwmngqdXIuyFzMwvmTcLMee8=",
|
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "a1fddf0967c33754271761d91a3d921772b30d0e",
|
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -222,11 +348,11 @@
|
||||||
},
|
},
|
||||||
"impermanence": {
|
"impermanence": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719091691,
|
"lastModified": 1730403150,
|
||||||
"narHash": "sha256-AxaLX5cBEcGtE02PeGsfscSb/fWMnyS7zMWBXQWDKbE=",
|
"narHash": "sha256-W1FH5aJ/GpRCOA7DXT/sJHFpa5r8sq2qAUncWwRZ3Gg=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "impermanence",
|
"repo": "impermanence",
|
||||||
"rev": "23c1f06316b67cb5dabdfe2973da3785cfe9c34a",
|
"rev": "0d09341beeaa2367bac5d718df1404bf2ce45e6f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -235,6 +361,30 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nix-bitcoin": {
|
||||||
|
"inputs": {
|
||||||
|
"extra-container": "extra-container",
|
||||||
|
"flake-utils": "flake-utils",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1727247704,
|
||||||
|
"narHash": "sha256-Jl1CYXNIdJ4Ac0MK15e8+vflFOgPxZZNw24CKfLC6QY=",
|
||||||
|
"owner": "fort-nix",
|
||||||
|
"repo": "nix-bitcoin",
|
||||||
|
"rev": "a0d36d59248ac54f1b42a668326346a77640c7f5",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "fort-nix",
|
||||||
|
"ref": "nixos-24.05",
|
||||||
|
"repo": "nix-bitcoin",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nix-colors": {
|
"nix-colors": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"base16-schemes": "base16-schemes",
|
"base16-schemes": "base16-schemes",
|
||||||
|
@ -262,11 +412,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719128254,
|
"lastModified": 1729826725,
|
||||||
"narHash": "sha256-I7jMpq0CAOZA/i70+HDQO/ulLttyQu/K70cSESiMX7A=",
|
"narHash": "sha256-w3WNlYxqWYsuzm/jgFPyhncduoDNjot28aC8j39TW0U=",
|
||||||
"owner": "lnl7",
|
"owner": "lnl7",
|
||||||
"repo": "nix-darwin",
|
"repo": "nix-darwin",
|
||||||
"rev": "50581970f37f06a4719001735828519925ef8310",
|
"rev": "7840909b00fbd5a183008a6eb251ea307fe4a76e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -276,13 +426,12 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nix-secrets": {
|
"nix-secrets": {
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719345965,
|
"lastModified": 1730130467,
|
||||||
"narHash": "sha256-ZxnKEatJu/wVxLy0M7UnCVvemU3P5vVvVoueAR289fk=",
|
"narHash": "sha256-mcyG1iu8hNmkDjgDEdFQyCZ3bBxBHFKd4nxT8NreMmY=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "24db3bffa6b914d0389ff801c054dd48535872a4",
|
"rev": "c82ff6f7e995503acabb9cf2478e5b4e401968ce",
|
||||||
"revCount": 121,
|
"revCount": 188,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
||||||
},
|
},
|
||||||
|
@ -293,16 +442,16 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719145550,
|
"lastModified": 1720031269,
|
||||||
"narHash": "sha256-K0i/coxxTEl30tgt4oALaylQfxqbotTSNb1/+g+mKMQ=",
|
"narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "e4509b3a560c87a8d4cb6f9992b8915abf9e36d8",
|
"rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-24.05",
|
"ref": "nixos-unstable",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -324,27 +473,43 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-stable": {
|
"nixpkgs-stable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719099622,
|
"lastModified": 1729973466,
|
||||||
"narHash": "sha256-YzJECAxFt+U5LPYf/pCwW/e1iUd2PF21WITHY9B/BAs=",
|
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "5e8e3b89adbd0be63192f6e645e0a54080004924",
|
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "release-23.11",
|
"ref": "release-24.05",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719254875,
|
"lastModified": 1726871744,
|
||||||
"narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
|
"narHash": "sha256-V5LpfdHyQkUF7RfOaDPrZDP+oqz88lTJrMT1+stXNwo=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "a1d92660c6b3b7c26fb883500a80ea9d33321be2",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-unstable_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730200266,
|
||||||
|
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
|
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -354,11 +519,27 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1730481737,
|
||||||
|
"narHash": "sha256-HaUCfqLIFX/4wiSKkKKSTwUNmZd1EMy+lGB+faadQXU=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "f18ab3b08f56abc54bcc2ef9bbca627d45926fee",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "release-24.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixvim": {
|
"nixvim": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"devshell": "devshell",
|
"devshell": "devshell",
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat",
|
||||||
"flake-parts": "flake-parts",
|
"flake-parts": "flake-parts_3",
|
||||||
"git-hooks": "git-hooks",
|
"git-hooks": "git-hooks",
|
||||||
"home-manager": "home-manager_2",
|
"home-manager": "home-manager_2",
|
||||||
"nix-darwin": "nix-darwin",
|
"nix-darwin": "nix-darwin",
|
||||||
|
@ -368,11 +549,11 @@
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719340721,
|
"lastModified": 1729945968,
|
||||||
"narHash": "sha256-SfjI1Ir3Zs7w5lXXsmJ/MhB3V1Z1gHl9K2dFaEiy/GM=",
|
"narHash": "sha256-4u+nbBSMuXWGCtXxUPPEflRm54+y/HLIbhIep9do8Ew=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixvim",
|
"repo": "nixvim",
|
||||||
"rev": "1fdbf40c177fc2edfcd3c63fadf4a6f596edc6af",
|
"rev": "c05ac01070425ed0797b1ff678dc690c333cea74",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -384,11 +565,11 @@
|
||||||
},
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719344711,
|
"lastModified": 1730472538,
|
||||||
"narHash": "sha256-k389PPp1HG9xk3yXn4Q/eAY/K+qm/+kbHLq9hfo+m14=",
|
"narHash": "sha256-3m4OVGKsbPzMlnS0gVptIZBRlxgqQz+WhfwT+rT823Y=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "NUR",
|
"repo": "NUR",
|
||||||
"rev": "85596df878b1b71a54e1de3835ac6135c1bb8744",
|
"rev": "52c21ec8fde46366b1a5555e18d854ee18012ac8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -399,13 +580,15 @@
|
||||||
},
|
},
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"arion": "arion",
|
||||||
"disko": "disko",
|
"disko": "disko",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"impermanence": "impermanence",
|
"impermanence": "impermanence",
|
||||||
|
"nix-bitcoin": "nix-bitcoin",
|
||||||
"nix-colors": "nix-colors",
|
"nix-colors": "nix-colors",
|
||||||
"nix-secrets": "nix-secrets",
|
"nix-secrets": "nix-secrets",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs_2",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable_2",
|
||||||
"nixvim": "nixvim",
|
"nixvim": "nixvim",
|
||||||
"nur": "nur",
|
"nur": "nur",
|
||||||
"sops-nix": "sops-nix"
|
"sops-nix": "sops-nix"
|
||||||
|
@ -419,11 +602,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719268571,
|
"lastModified": 1729999681,
|
||||||
"narHash": "sha256-pcUk2Fg5vPXLUEnFI97qaB8hto/IToRfqskFqsjvjb8=",
|
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=",
|
||||||
"owner": "mic92",
|
"owner": "mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "c2ea1186c0cbfa4d06d406ae50f3e4b085ddc9b3",
|
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -455,11 +638,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718522839,
|
"lastModified": 1729613947,
|
||||||
"narHash": "sha256-ULzoKzEaBOiLRtjeY3YoGFJMwWSKRYOic6VNw2UyTls=",
|
"narHash": "sha256-XGOvuIPW1XRfPgHtGYXd5MAmJzZtOuwlfKDgxX5KT3s=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"rev": "68eb1dc333ce82d0ab0c0357363ea17c31ea1f81",
|
"rev": "aac86347fb5063960eccb19493e0cadcdb4205ca",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
76
flake.nix
76
flake.nix
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
# Nixpkgs
|
# Nixpkgs
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
nixpkgs.url = "github:nixos/nixpkgs/release-24.05";
|
||||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
|
|
||||||
# NUR
|
# NUR
|
||||||
|
@ -21,6 +21,17 @@
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Arion for docker
|
||||||
|
arion = {
|
||||||
|
url = "github:hercules-ci/arion/236f9dd82d6ef6a2d9987c7a7df3e75f1bc8b318";
|
||||||
|
};
|
||||||
|
|
||||||
|
# nix-bitcoin
|
||||||
|
nix-bitcoin = {
|
||||||
|
url = "github:fort-nix/nix-bitcoin/nixos-24.05";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
# Nix colors
|
# Nix colors
|
||||||
nix-colors.url = "github:misterio77/nix-colors";
|
nix-colors.url = "github:misterio77/nix-colors";
|
||||||
|
|
||||||
|
@ -42,53 +53,38 @@
|
||||||
|
|
||||||
nix-secrets = {
|
nix-secrets = {
|
||||||
url = "git+ssh://git@git.bitlab21.com/sam/nix-secrets.git";
|
url = "git+ssh://git@git.bitlab21.com/sam/nix-secrets.git";
|
||||||
flake = false;
|
inputs = {};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs =
|
outputs = {
|
||||||
{ self
|
self,
|
||||||
, nixpkgs
|
nixpkgs,
|
||||||
, home-manager
|
home-manager,
|
||||||
, ...
|
...
|
||||||
} @ inputs:
|
} @ inputs: let
|
||||||
let
|
|
||||||
inherit (self) outputs;
|
inherit (self) outputs;
|
||||||
systems = [
|
systems = [
|
||||||
"x86_64-linux"
|
"x86_64-linux"
|
||||||
];
|
];
|
||||||
forAllSystems = nixpkgs.lib.genAttrs systems;
|
forAllSystems = nixpkgs.lib.genAttrs systems;
|
||||||
specialArgs = { inherit inputs outputs; };
|
inherit (nixpkgs) lib;
|
||||||
in
|
configVars = import ./vars {inherit inputs lib;};
|
||||||
{
|
specialArgs = {
|
||||||
|
inherit
|
||||||
|
inputs
|
||||||
|
outputs
|
||||||
|
configVars
|
||||||
|
;
|
||||||
|
};
|
||||||
|
in {
|
||||||
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
|
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
|
||||||
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
|
overlays = import ./overlays {inherit inputs;};
|
||||||
overlays = import ./overlays { inherit inputs; };
|
|
||||||
nixosModules = import ./modules/nixos;
|
nixosModules = import ./modules/nixos;
|
||||||
homeManagerModules = import ./modules/home-manager;
|
homeManagerModules = import ./modules/home-manager;
|
||||||
|
|
||||||
# System level configs
|
# System level configs
|
||||||
nixosConfigurations = {
|
nixosConfigurations = {
|
||||||
nixdev = nixpkgs.lib.nixosSystem {
|
|
||||||
inherit specialArgs;
|
|
||||||
modules = [
|
|
||||||
./hosts/nixdev
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
|
||||||
home-manager.extraSpecialArgs = specialArgs;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
fileserver = nixpkgs.lib.nixosSystem {
|
|
||||||
inherit specialArgs;
|
|
||||||
modules = [
|
|
||||||
./hosts/fileserver
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
|
||||||
home-manager.extraSpecialArgs = specialArgs;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
bootstrap = nixpkgs.lib.nixosSystem {
|
bootstrap = nixpkgs.lib.nixosSystem {
|
||||||
inherit specialArgs;
|
inherit specialArgs;
|
||||||
modules = [
|
modules = [
|
||||||
|
@ -115,7 +111,7 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
nebula = nixpkgs.lib.nixosSystem {
|
merlin = nixpkgs.lib.nixosSystem {
|
||||||
inherit specialArgs;
|
inherit specialArgs;
|
||||||
modules = [
|
modules = [
|
||||||
./hosts/nebula
|
./hosts/nebula
|
||||||
|
@ -125,6 +121,16 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
citadel = nixpkgs.lib.nixosSystem {
|
||||||
|
inherit specialArgs;
|
||||||
|
modules = [
|
||||||
|
./hosts/citadel
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager.extraSpecialArgs = specialArgs;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,84 @@
|
||||||
|
{config, pkgs, ...}: {
|
||||||
|
imports = [
|
||||||
|
# Import users
|
||||||
|
./users/sam
|
||||||
|
|
||||||
|
./common/core
|
||||||
|
|
||||||
|
# Import optional
|
||||||
|
./common/optional/git.nix
|
||||||
|
./common/optional/sops.nix
|
||||||
|
./common/optional/syncthing.nix
|
||||||
|
./common/optional/desktop/dwm
|
||||||
|
./common/optional/desktop/common/themes/standard-dark.nix
|
||||||
|
./common/optional/notes.nix
|
||||||
|
./common/optional/yazi.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
home.packages = [
|
||||||
|
pkgs.qgis
|
||||||
|
];
|
||||||
|
|
||||||
|
colorScheme = {
|
||||||
|
slug = "serene";
|
||||||
|
name = "Serene";
|
||||||
|
author = "Bitlab21";
|
||||||
|
palette = {
|
||||||
|
base00 = "#1F1F28";
|
||||||
|
base01 = "#16161D";
|
||||||
|
base02 = "#223249";
|
||||||
|
base03 = "#363646";
|
||||||
|
base04 = "#727169";
|
||||||
|
base05 = "#DCD7BA";
|
||||||
|
base06 = "#C8C093";
|
||||||
|
base07 = "#717C7C";
|
||||||
|
base08 = "#C34043";
|
||||||
|
base09 = "#FFA066";
|
||||||
|
base0A = "#C0A36E";
|
||||||
|
base0B = "#76946A";
|
||||||
|
base0C = "#6A9589";
|
||||||
|
base0D = "#7E9CD8";
|
||||||
|
base0E = "#957FB8";
|
||||||
|
base0F = "#D27E99";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
home.file.".Xresources" = {
|
||||||
|
recursive = true;
|
||||||
|
text = ''
|
||||||
|
! st
|
||||||
|
st.alpha: 0.8
|
||||||
|
St.font: monospace:pixelsize=31:antialias=true:autohint=true;
|
||||||
|
St.font2: NotoColorEmoji:pixelsize=24:antialias=true:autohint=true;
|
||||||
|
|
||||||
|
! dwm
|
||||||
|
dwm.borderpx: 6
|
||||||
|
dwm.font: monospace:size=14
|
||||||
|
dwm.col_base00: #${config.colorScheme.colors.base00}
|
||||||
|
dwm.col_base03: #${config.colorScheme.colors.base03}
|
||||||
|
dwm.col_base04: #${config.colorScheme.colors.base04}
|
||||||
|
dwm.col_base05: #${config.colorScheme.colors.base05}
|
||||||
|
dwm.col_base08: #${config.colorScheme.colors.base08}
|
||||||
|
dwm.col_base0B: #${config.colorScheme.colors.base0B}
|
||||||
|
|
||||||
|
! dmenu
|
||||||
|
dmenu.font: monospace:size=14
|
||||||
|
dmenu.font2: NotoColorEmoji:pixelsize=44:antialias=true:autohint=true
|
||||||
|
dmenu.topbar: 1
|
||||||
|
dmenu.normfgcolor: #${config.colorScheme.colors.base05}
|
||||||
|
dmenu.normbgcolor: #${config.colorScheme.colors.base03}
|
||||||
|
dmenu.selfgcolor: #${config.colorScheme.colors.base00}
|
||||||
|
dmenu.selbgcolor: #${config.colorScheme.colors.base0B}
|
||||||
|
|
||||||
|
Nsxiv.window.background: #${config.colorScheme.colors.base03}
|
||||||
|
Nsxiv.window.foreground: #${config.colorScheme.colors.base05}
|
||||||
|
Nsxiv.mark.foreground: #${config.colorScheme.colors.base08}
|
||||||
|
|
||||||
|
Nsxiv.bar.background: #${config.colorScheme.colors.base00}
|
||||||
|
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
|
||||||
|
Nsxiv.bar.font: monospace:size=12
|
||||||
|
|
||||||
|
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,10 +1,9 @@
|
||||||
{ pkgs, inputs, outputs, ... }:
|
{ pkgs, inputs, outputs, lib, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
inputs.nix-colors.homeManagerModules.default
|
inputs.nix-colors.homeManagerModules.default
|
||||||
./zsh.nix
|
./zsh.nix
|
||||||
./nixvim
|
./nixvim
|
||||||
./fonts.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
|
@ -19,14 +18,17 @@
|
||||||
ripgrep
|
ripgrep
|
||||||
fzf
|
fzf
|
||||||
eza
|
eza
|
||||||
|
bat
|
||||||
|
killall
|
||||||
pciutils
|
pciutils
|
||||||
tree
|
tree
|
||||||
jq
|
jq
|
||||||
coreutils
|
coreutils
|
||||||
btop
|
btop
|
||||||
htop
|
htop
|
||||||
postgresql
|
postgresql_16
|
||||||
libqalculate
|
libqalculate
|
||||||
|
tmux
|
||||||
;
|
;
|
||||||
};
|
};
|
||||||
home.stateVersion = "24.05";
|
home.stateVersion = "24.05";
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
{ pkgs, ... }:
|
|
||||||
{
|
|
||||||
fonts.fontconfig.enable = true;
|
|
||||||
home.packages = with pkgs; [
|
|
||||||
nerdfonts
|
|
||||||
noto-fonts
|
|
||||||
noto-fonts-cjk
|
|
||||||
noto-fonts-emoji
|
|
||||||
hack-font
|
|
||||||
liberation_ttf
|
|
||||||
libertine
|
|
||||||
font-awesome
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,5 +1,8 @@
|
||||||
{ inputs, pkgs, ... }:
|
|
||||||
{
|
{
|
||||||
|
inputs,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
inputs.nixvim.homeManagerModules.nixvim
|
inputs.nixvim.homeManagerModules.nixvim
|
||||||
./plugins
|
./plugins
|
||||||
|
@ -11,12 +14,22 @@
|
||||||
# Install home packages needed for nixvim
|
# Install home packages needed for nixvim
|
||||||
home.packages = [
|
home.packages = [
|
||||||
pkgs.nixpkgs-fmt
|
pkgs.nixpkgs-fmt
|
||||||
|
pkgs.black
|
||||||
|
pkgs.yamllint
|
||||||
|
pkgs.yamlfmt
|
||||||
pkgs.prettierd
|
pkgs.prettierd
|
||||||
pkgs.sqlfmt
|
pkgs.sqlfmt
|
||||||
|
pkgs.nodePackages_latest.sql-formatter
|
||||||
|
pkgs.alejandra
|
||||||
|
pkgs.shellcheck
|
||||||
|
pkgs.shellharden
|
||||||
|
pkgs.shfmt
|
||||||
|
pkgs.stylua
|
||||||
|
pkgs.glow
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.nixvim = {
|
programs.nixvim = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
package = pkgs.neovim-unwrapped;
|
||||||
enableMan = true; # install man pages for nixvim options
|
enableMan = true; # install man pages for nixvim options
|
||||||
clipboard.register = "unnamedplus"; # use system clipboard instead of internal registers
|
clipboard.register = "unnamedplus"; # use system clipboard instead of internal registers
|
||||||
globals.mapleader = " ";
|
globals.mapleader = " ";
|
||||||
|
@ -42,7 +55,11 @@
|
||||||
let wiki_0.index = 'home'
|
let wiki_0.index = 'home'
|
||||||
let wiki_0.syntax = 'markdown'
|
let wiki_0.syntax = 'markdown'
|
||||||
let wiki_0.ext = '.md'
|
let wiki_0.ext = '.md'
|
||||||
'';
|
|
||||||
|
|
||||||
|
" ==== dbui
|
||||||
|
let g:db_ui_hide_schemas = ['pg_catalog', 'pg_toast_temp.*', 'pg_toast']
|
||||||
|
let g:db_ui_use_nerd_fonts = 1
|
||||||
|
let g:db_ui_execute_on_save = 0
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,33 +1,31 @@
|
||||||
{
|
{
|
||||||
programs.nixvim.keymaps = [
|
programs.nixvim.keymaps = [
|
||||||
# Switching buffers
|
# Switching buffers
|
||||||
{
|
{
|
||||||
mode = [ "n" ];
|
mode = ["n"];
|
||||||
action = "<C-W>h";
|
action = "<C-w>h";
|
||||||
key = "<S-h>";
|
key = "<S-h>";
|
||||||
options = {
|
options = {silent = true;};
|
||||||
silent = true;
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
mode = [ "n" ];
|
mode = ["n"];
|
||||||
action = "<C-W>j";
|
action = "<C-w>j";
|
||||||
key = "<S-j>";
|
key = "<S-j>";
|
||||||
options = {
|
options = {
|
||||||
silent = true;
|
silent = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
mode = [ "n" ];
|
mode = ["n"];
|
||||||
action = "<C-W>k";
|
action = "<C-w>k";
|
||||||
key = "<S-k>";
|
key = "<S-k>";
|
||||||
options = {
|
options = {
|
||||||
silent = true;
|
silent = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
mode = [ "n" ];
|
mode = ["n"];
|
||||||
action = "<C-W>l";
|
action = "<C-w>l";
|
||||||
key = "<S-l>";
|
key = "<S-l>";
|
||||||
options = {
|
options = {
|
||||||
silent = true;
|
silent = true;
|
||||||
|
@ -36,7 +34,7 @@
|
||||||
|
|
||||||
# Toggle nvim-tree
|
# Toggle nvim-tree
|
||||||
{
|
{
|
||||||
mode = [ "n" ];
|
mode = ["n"];
|
||||||
action = "<cmd>NvimTreeFindFileToggle<CR>";
|
action = "<cmd>NvimTreeFindFileToggle<CR>";
|
||||||
key = "tt";
|
key = "tt";
|
||||||
options = {
|
options = {
|
||||||
|
@ -46,40 +44,71 @@
|
||||||
|
|
||||||
# Clear search highlighting
|
# Clear search highlighting
|
||||||
{
|
{
|
||||||
mode = [ "n" ];
|
mode = ["n"];
|
||||||
key = "<space><space>";
|
key = "<space><space>";
|
||||||
action = "<cmd>nohlsearch<CR>";
|
action = "<cmd>nohlsearch<CR>";
|
||||||
options = { noremap = true; };
|
options = {noremap = true;};
|
||||||
}
|
}
|
||||||
|
|
||||||
# Telescope Plugin
|
# paste over selected text without yanking it
|
||||||
{
|
{
|
||||||
# find files
|
mode = ["v"];
|
||||||
mode = [ "n" ];
|
key = "p";
|
||||||
key = "<Leader>ff";
|
action = "\"_dP";
|
||||||
action = "<cmd>Telescope find_files<CR>";
|
options = {noremap = true;};
|
||||||
options = { noremap = true; };
|
}
|
||||||
|
# resize window
|
||||||
|
{
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Right>";
|
||||||
|
action = ":vertical resize +1<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# live grep
|
mode = ["n"];
|
||||||
mode = [ "n" ];
|
key = "<Left>";
|
||||||
key = "<Leader>fg";
|
action = ":vertical resize -1<CR>";
|
||||||
action = "<cmd>Telescope live_grep<CR>";
|
options = {noremap = true;};
|
||||||
options = { noremap = true; };
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# buffers
|
mode = ["n"];
|
||||||
mode = [ "n" ];
|
key = "<Down>";
|
||||||
key = "<Leader>fb";
|
action = ":resize -1<CR>";
|
||||||
action = "<cmd>Telescope buffers<CR>";
|
options = {noremap = true;};
|
||||||
options = { noremap = true; };
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# help tags
|
mode = ["n"];
|
||||||
mode = [ "n" ];
|
key = "<Up>";
|
||||||
key = "<Leader>fh";
|
action = ": resize +1<CR>";
|
||||||
action = "<cmd>Telescope help_tags<CR>";
|
options = {noremap = true;};
|
||||||
options = { noremap = true; };
|
}
|
||||||
|
|
||||||
|
# indent line in or out
|
||||||
|
{
|
||||||
|
mode = ["v"];
|
||||||
|
key = "<";
|
||||||
|
action = "<gv";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
mode = ["v"];
|
||||||
|
key = ">";
|
||||||
|
action = ">gv";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
|
||||||
|
# move selected line up or down
|
||||||
|
{
|
||||||
|
mode = ["v"];
|
||||||
|
key = "J";
|
||||||
|
action = ":m '>+1<CR>gv=gv";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
mode = ["v"];
|
||||||
|
key = "K";
|
||||||
|
action = ":m '<-2<CR>gv=gv";
|
||||||
|
options = {noremap = true;};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,5 +31,7 @@
|
||||||
ignorecase = true;
|
ignorecase = true;
|
||||||
smartcase = true;
|
smartcase = true;
|
||||||
backspace = "indent,eol,start"; # allow backspace in insert mode
|
backspace = "indent,eol,start"; # allow backspace in insert mode
|
||||||
|
spell = true;
|
||||||
|
spelllang = "en_gb";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
{
|
|
||||||
programs.nixvim.plugins = {
|
|
||||||
alpha = {
|
|
||||||
enable = true;
|
|
||||||
iconsEnabled = true;
|
|
||||||
theme = "dashboard";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
cmp-emoji = { enable = true; };
|
cmp-emoji = { enable = true; };
|
||||||
cmp = {
|
cmp = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
cmdline = {};
|
||||||
settings = {
|
settings = {
|
||||||
autoEnableSources = true;
|
autoEnableSources = true;
|
||||||
experimental = { ghost_text = true; };
|
experimental = { ghost_text = true; };
|
||||||
|
@ -11,7 +12,7 @@
|
||||||
fetchingTimeout = 200;
|
fetchingTimeout = 200;
|
||||||
maxViewEntries = 30;
|
maxViewEntries = 30;
|
||||||
};
|
};
|
||||||
snippet = { expand = "luasnip"; };
|
snippet = { expand = "function(args) require('luasnip').lsp_expand(args.body) end"; };
|
||||||
formatting = {
|
formatting = {
|
||||||
fields = [ "kind" "abbr" "menu" ];
|
fields = [ "kind" "abbr" "menu" ];
|
||||||
format = ''
|
format = ''
|
||||||
|
@ -43,14 +44,10 @@
|
||||||
};
|
};
|
||||||
mapping = {
|
mapping = {
|
||||||
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
|
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
|
||||||
"<C-j>" = "cmp.mapping.select_next_item()";
|
"<S-Tab>" = "cmp.mapping.select_prev_item()";
|
||||||
"<C-k>" = "cmp.mapping.select_prev_item()";
|
|
||||||
"<C-e>" = "cmp.mapping.abort()";
|
|
||||||
"<C-b>" = "cmp.mapping.scroll_docs(-4)";
|
"<C-b>" = "cmp.mapping.scroll_docs(-4)";
|
||||||
"<C-f>" = "cmp.mapping.scroll_docs(4)";
|
"<C-f>" = "cmp.mapping.scroll_docs(4)";
|
||||||
"<C-Space>" = "cmp.mapping.complete()";
|
|
||||||
"<CR>" = "cmp.mapping.confirm({ select = true })";
|
"<CR>" = "cmp.mapping.confirm({ select = true })";
|
||||||
"<S-CR>" = "cmp.mapping.confirm({ behavior = cmp.ConfirmBehavior.Replace, select = true })";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -58,7 +55,7 @@
|
||||||
cmp-buffer = { enable = true; };
|
cmp-buffer = { enable = true; };
|
||||||
cmp-path = { enable = true; }; # file system paths
|
cmp-path = { enable = true; }; # file system paths
|
||||||
cmp_luasnip = { enable = true; }; # snippets
|
cmp_luasnip = { enable = true; }; # snippets
|
||||||
cmp-cmdline = { enable = false; }; # autocomplete for cmdline
|
cmp-cmdline = { enable = true; }; # autocomplete for cmdline
|
||||||
};
|
};
|
||||||
programs.nixvim.extraConfigLua = ''
|
programs.nixvim.extraConfigLua = ''
|
||||||
luasnip = require("luasnip")
|
luasnip = require("luasnip")
|
||||||
|
@ -94,22 +91,15 @@
|
||||||
|
|
||||||
-- Use buffer source for `/` (if you enabled `native_menu`, this won't work anymore).
|
-- Use buffer source for `/` (if you enabled `native_menu`, this won't work anymore).
|
||||||
cmp.setup.cmdline({'/', "?" }, {
|
cmp.setup.cmdline({'/', "?" }, {
|
||||||
|
mapping = cmp.mapping.preset.cmdline(),
|
||||||
sources = {
|
sources = {
|
||||||
{ name = 'buffer' }
|
{ name = 'buffer' }
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
-- Set configuration for specific filetype.
|
|
||||||
cmp.setup.filetype('gitcommit', {
|
|
||||||
sources = cmp.config.sources({
|
|
||||||
{ name = 'cmp_git' }, -- You can specify the `cmp_git` source if you were installed it.
|
|
||||||
}, {
|
|
||||||
{ name = 'buffer' },
|
|
||||||
})
|
|
||||||
})
|
|
||||||
|
|
||||||
-- Use cmdline & path source for ':' (if you enabled `native_menu`, this won't work anymore).
|
-- Use cmdline & path source for ':' (if you enabled `native_menu`, this won't work anymore).
|
||||||
cmp.setup.cmdline(':', {
|
cmp.setup.cmdline(':', {
|
||||||
|
mapping = cmp.mapping.preset.cmdline(),
|
||||||
sources = cmp.config.sources({
|
sources = cmp.config.sources({
|
||||||
{ name = 'path' }
|
{ name = 'path' }
|
||||||
}, {
|
}, {
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
{
|
||||||
|
programs.nixvim.plugins.comment = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,21 +1,53 @@
|
||||||
{
|
{
|
||||||
programs.nixvim.plugins.conform-nvim = {
|
programs.nixvim.plugins.conform-nvim = {
|
||||||
enable = true;
|
enable = true;
|
||||||
formatOnSave = {
|
|
||||||
lspFallback = true;
|
|
||||||
timeoutMs = 500;
|
|
||||||
};
|
|
||||||
notifyOnError = true;
|
notifyOnError = true;
|
||||||
|
logLevel = "debug";
|
||||||
formattersByFt = {
|
formattersByFt = {
|
||||||
html = [["prettierd" "prettier"]];
|
html = ["prettierd"];
|
||||||
css = [["prettierd" "prettier"]];
|
css = ["prettierd"];
|
||||||
javascript = [["prettierd" "prettier"]];
|
javascript = ["prettierd"];
|
||||||
python = ["black"];
|
python = ["black"];
|
||||||
lua = ["stylua"];
|
lua = ["stylua"];
|
||||||
nix = ["alejandra"];
|
nix = ["alejandra"];
|
||||||
markdown = [["prettierd" "prettier"]];
|
markdown = ["prettierd"];
|
||||||
yaml = ["yamllint" "yamlfmt"];
|
yaml = ["yamlfmt"];
|
||||||
sql = ["sqlfmt"];
|
sql = ["sqlfmt"];
|
||||||
|
#sql = ["sql-formatter"];
|
||||||
|
bash = [
|
||||||
|
"shellcheck"
|
||||||
|
"shellharden"
|
||||||
|
"shfmt"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
# formatters = {
|
||||||
|
# sql-formatter = {
|
||||||
|
# command = "sql-formatter";
|
||||||
|
# args = "--config ~/.config/sql-formatter/config.json";
|
||||||
|
# };
|
||||||
|
# };
|
||||||
};
|
};
|
||||||
|
|
||||||
|
home.file.".config/sql-formatter/config.json".text = ''
|
||||||
|
{
|
||||||
|
"language": "postgresql",
|
||||||
|
"tabWidth": 2,
|
||||||
|
"linesBetweenQueries": 1,
|
||||||
|
"expressionWidth": 88,
|
||||||
|
"newlineBeforeSemicolon": true
|
||||||
|
}
|
||||||
|
|
||||||
|
'';
|
||||||
|
programs.nixvim.keymaps = [
|
||||||
|
# format document with Conform
|
||||||
|
{
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<leader>cf";
|
||||||
|
action = "<CMD>Format<CR>";
|
||||||
|
options = {
|
||||||
|
silent = true;
|
||||||
|
desc = "Conform auto-format document";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
{ pkgs, ... }:
|
|
||||||
{
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
user = config.home.username;
|
||||||
|
in {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./cmp.nix
|
./cmp.nix
|
||||||
./colorizer.nix
|
./colorizer.nix
|
||||||
|
@ -13,7 +19,10 @@
|
||||||
./surround.nix
|
./surround.nix
|
||||||
./telescope.nix
|
./telescope.nix
|
||||||
./treesitter.nix
|
./treesitter.nix
|
||||||
./alpha.nix
|
./fold.nix
|
||||||
|
./todo-comments.nix
|
||||||
|
./oil.nix
|
||||||
|
./comment.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Load Plugins that aren't provided as modules by nixvim
|
# Load Plugins that aren't provided as modules by nixvim
|
||||||
|
@ -27,26 +36,15 @@
|
||||||
|
|
||||||
(pkgs.vimUtils.buildVimPlugin
|
(pkgs.vimUtils.buildVimPlugin
|
||||||
{
|
{
|
||||||
name = "precognition.nvim";
|
name = "glow.nvim";
|
||||||
src = pkgs.fetchFromGitHub {
|
src = pkgs.fetchFromGitHub {
|
||||||
owner = "tris203";
|
owner = "ellisonleao";
|
||||||
repo = "precognition.nvim";
|
repo = "glow.nvim";
|
||||||
rev = "v1.0.0";
|
rev = "238070a";
|
||||||
sha256 = "sha256-AqWYV/59ugKyOWALOCdycWVm0bZ7qb981xnuw/mAVzM=";
|
sha256 = "sha256-GsNcASzVvY0066kak2nvUY5luzanoBclqcUOsODww8g=";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
# (pkgs.vimUtils.buildVimPlugin
|
|
||||||
# {
|
|
||||||
# name = "hardtime";
|
|
||||||
# src = pkgs.fetchFromGitHub {
|
|
||||||
# owner = "m4xshen";
|
|
||||||
# repo = "hardtime.nvim ";
|
|
||||||
# rev = "9a4e24f";
|
|
||||||
# #sha256 = "sha256-abe9ZGmL7U9rC+LxC3LO5/bOn8lHke1FCKO0V3TZGs0=";
|
|
||||||
# };
|
|
||||||
# })
|
|
||||||
#
|
|
||||||
(pkgs.vimUtils.buildVimPlugin
|
(pkgs.vimUtils.buildVimPlugin
|
||||||
{
|
{
|
||||||
name = "buffer_manager.nvim";
|
name = "buffer_manager.nvim";
|
||||||
|
@ -58,19 +56,36 @@
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
|
(pkgs.vimUtils.buildVimPlugin
|
||||||
|
{
|
||||||
|
name = "vimwiki-sync";
|
||||||
|
src = pkgs.fetchFromGitHub {
|
||||||
|
owner = "michal-h21";
|
||||||
|
repo = "vimwiki-sync";
|
||||||
|
rev = "99eeab3";
|
||||||
|
sha256 = "sha256-cz0dSFphIbQAI4AOqwIUpDBTuj/3xlOkhSlIVMdgsqM=";
|
||||||
|
};
|
||||||
|
})
|
||||||
|
|
||||||
# Keep vim-devicons as last entry
|
# Keep vim-devicons as last entry
|
||||||
pkgs.vimPlugins.vim-devicons
|
pkgs.vimPlugins.vim-devicons
|
||||||
];
|
];
|
||||||
programs.nixvim.extraConfigLua = ''
|
programs.nixvim.extraConfigLua = ''
|
||||||
|
-- function to read api key from secrets file
|
||||||
|
local function read_api_key(file_path)
|
||||||
|
local file = io.open(file_path, "r")
|
||||||
|
if file then
|
||||||
|
local api_key = file:read("*all")
|
||||||
|
file:close()
|
||||||
|
return api_key
|
||||||
|
else
|
||||||
|
error("Failed to open file: " .. file_path)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
-- buffer_manager.nvim
|
-- buffer_manager.nvim
|
||||||
local opts = {noremap = true}
|
local opts = {noremap = true}
|
||||||
|
|
||||||
require("precognition").setup(
|
|
||||||
{
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
require("buffer_manager").setup(
|
require("buffer_manager").setup(
|
||||||
{
|
{
|
||||||
line_keys = "1234567890",
|
line_keys = "1234567890",
|
||||||
|
@ -94,6 +109,16 @@
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
require('glow').setup({
|
||||||
|
border = "shadow",
|
||||||
|
style = "dark",
|
||||||
|
pager = false,
|
||||||
|
width = 80,
|
||||||
|
height = 100,
|
||||||
|
width_ratio = 0.7,
|
||||||
|
height_ratio = 0.7,
|
||||||
|
})
|
||||||
|
|
||||||
-- Custom color for modified buffers
|
-- Custom color for modified buffers
|
||||||
vim.api.nvim_set_hl(0, "BufferManagerModified", { fg = "#988100" })
|
vim.api.nvim_set_hl(0, "BufferManagerModified", { fg = "#988100" })
|
||||||
|
|
||||||
|
@ -110,7 +135,28 @@
|
||||||
opts
|
opts
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
-- Setup vimwiki
|
||||||
|
|
||||||
|
vim.g.vimwiki_list = {
|
||||||
|
{
|
||||||
|
syntax = "markdown",
|
||||||
|
ext = ".md",
|
||||||
|
path = "/home/${user}/.local/share/notes",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
-- Format function for conform.nvim
|
||||||
|
vim.api.nvim_create_user_command("Format", function(args)
|
||||||
|
local range = nil
|
||||||
|
if args.count ~= -1 then
|
||||||
|
local end_line = vim.api.nvim_buf_get_lines(0, args.line2 - 1, args.line2, true)[1]
|
||||||
|
range = {
|
||||||
|
start = { args.line1, 0 },
|
||||||
|
["end"] = { args.line2, end_line:len() },
|
||||||
|
}
|
||||||
|
end
|
||||||
|
require("conform").format({ async = true, lsp_format = "fallback", range = range })
|
||||||
|
end, { range = true })
|
||||||
'';
|
'';
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
{
|
||||||
|
programs.nixvim.plugins.nvim-ufo = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
};
|
||||||
|
programs.nixvim.extraConfigLua = ''
|
||||||
|
-- default fold options
|
||||||
|
vim.o.foldcolumn = '1'
|
||||||
|
vim.o.foldlevel = 99
|
||||||
|
vim.o.foldlevelstart = 99
|
||||||
|
vim.o.foldenable = true
|
||||||
|
|
||||||
|
-- nvim_ufo options
|
||||||
|
vim.keymap.set('n', 'zR', require('ufo').openAllFolds, { desc = "Open all folds" })
|
||||||
|
vim.keymap.set('n', 'zM', require('ufo').closeAllFolds, { desc = "Close all folds" })
|
||||||
|
vim.keymap.set('n', 'zK', function()
|
||||||
|
local winid = require("ufo").peekFoldedLinesUnderCursor()
|
||||||
|
if not winid then
|
||||||
|
vim.lsp.buf.hover()
|
||||||
|
end
|
||||||
|
end , { desc = "Peed fold" })
|
||||||
|
|
||||||
|
require("ufo").setup({
|
||||||
|
provider_selector = function(bufnr, filetype, buftype)
|
||||||
|
return { 'lsp', 'indent' }
|
||||||
|
end
|
||||||
|
})
|
||||||
|
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
keymaps = {
|
keymaps = {
|
||||||
toggleQuickMenu = "<leader>h";
|
toggleQuickMenu = "<leader>h";
|
||||||
|
addFile = "<leader>a";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,33 @@
|
||||||
|
{ osConfig , ... }:
|
||||||
|
let
|
||||||
|
hostname = osConfig.networking.hostName;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
programs.nixvim.plugins.lsp = {
|
programs.nixvim.plugins = {
|
||||||
|
lsp = {
|
||||||
enable = true;
|
enable = true;
|
||||||
servers = {
|
servers = {
|
||||||
lua-ls = { enable = true; };
|
lua-ls = {enable = true;};
|
||||||
nixd = { enable = true; };
|
nixd = {
|
||||||
bashls = { enable = true; };
|
enable = true;
|
||||||
pyright = { enable = true; };
|
cmd = ["nixd"];
|
||||||
html = { enable = true; };
|
settings = {
|
||||||
yamlls = { enable = true; };
|
nixpkgs.expr = "import <nixpkgs> { }";
|
||||||
marksman = { enable = true; };
|
options = {
|
||||||
#sqls = {enable = true;};
|
nixos.expr = "(builtins.getFlake \"/etc/nixos\").nixosConfigurations.${hostname}.options";
|
||||||
|
# TODO get home-manager options working when hm imported as submodule
|
||||||
|
# home_manager.expr = "(builtins.getFlake \"github:nix-community/home-manager\").homeConfigurations.${hostname}.options";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
bashls = {enable = true;};
|
||||||
|
pyright = {enable = true;};
|
||||||
|
html = {enable = true;};
|
||||||
|
marksman = {enable = true;};
|
||||||
|
ccls = {enable = true;};
|
||||||
|
cssls = {enable = true;};
|
||||||
|
r-language-server = {enable = true;};
|
||||||
|
tsserver = {enable = true;};
|
||||||
};
|
};
|
||||||
keymaps = {
|
keymaps = {
|
||||||
lspBuf = {
|
lspBuf = {
|
||||||
|
@ -33,7 +51,7 @@
|
||||||
action = "type_definition";
|
action = "type_definition";
|
||||||
desc = "Type Definition";
|
desc = "Type Definition";
|
||||||
};
|
};
|
||||||
K = {
|
gK = {
|
||||||
action = "hover";
|
action = "hover";
|
||||||
desc = "Hover";
|
desc = "Hover";
|
||||||
};
|
};
|
||||||
|
@ -48,4 +66,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
# TODO: enable otter.nvim when merged into nixvim stable
|
||||||
|
# otter = {
|
||||||
|
# enable = true;
|
||||||
|
# };
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
{
|
||||||
|
programs.nixvim.plugins.oil = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
columns = ["icon"];
|
||||||
|
view_options.show_hidden = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -3,4 +3,48 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
extensions.fzy-native.enable = true;
|
extensions.fzy-native.enable = true;
|
||||||
};
|
};
|
||||||
|
programs.nixvim.keymaps = [
|
||||||
|
{
|
||||||
|
# find files
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Leader>ff";
|
||||||
|
action = "<cmd>Telescope find_files<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# live grep
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Leader>fg";
|
||||||
|
action = "<cmd>Telescope live_grep<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# grep string under cursor
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Leader>fs";
|
||||||
|
action = "<cmd>Telescope string_grep<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# buffers
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Leader>fb";
|
||||||
|
action = "<cmd>Telescope buffers<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# help tags
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Leader>fh";
|
||||||
|
action = "<cmd>Telescope help_tags<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
# show recently opened files
|
||||||
|
mode = ["n"];
|
||||||
|
key = "<Leader>fo";
|
||||||
|
action = "<cmd>Telescope oldfiles<CR>";
|
||||||
|
options = {noremap = true;};
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
{
|
||||||
|
programs = {
|
||||||
|
nixvim = {
|
||||||
|
plugins.todo-comments = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
keymaps = [
|
||||||
|
{
|
||||||
|
mode = [ "n" ];
|
||||||
|
action = "<cmd>TodoTelescope<cr>";
|
||||||
|
key = "<leader>ft";
|
||||||
|
options = {
|
||||||
|
silent = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -8,6 +8,10 @@
|
||||||
|
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
ll = "ls -l";
|
ll = "ls -l";
|
||||||
|
src = "cd ~/.local/share/src";
|
||||||
|
no = "cd /etc/nixos";
|
||||||
|
cat = "bat --decorations=never";
|
||||||
|
ls = "eza";
|
||||||
};
|
};
|
||||||
history.size = 10000;
|
history.size = 10000;
|
||||||
history.path = "${config.xdg.dataHome}/zsh/history";
|
history.path = "${config.xdg.dataHome}/zsh/history";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, ... }: {
|
{pkgs, ...}: {
|
||||||
imports = [
|
imports = [
|
||||||
./firefox.nix
|
./firefox.nix
|
||||||
./alacritty.nix
|
./alacritty.nix
|
||||||
|
@ -14,5 +14,21 @@
|
||||||
pkgs.xfce.thunar
|
pkgs.xfce.thunar
|
||||||
pkgs.kcolorchooser
|
pkgs.kcolorchooser
|
||||||
pkgs.zotero
|
pkgs.zotero
|
||||||
|
pkgs.transmission
|
||||||
|
pkgs.mpv
|
||||||
|
pkgs.gnome.simple-scan
|
||||||
|
pkgs.pandoc
|
||||||
|
pkgs.texlive.combined.scheme-small
|
||||||
|
pkgs.libreoffice-fresh
|
||||||
|
pkgs.hunspell
|
||||||
|
pkgs.hunspellDicts.en-gb-large
|
||||||
|
pkgs.hunspellDicts.en-gb-large
|
||||||
|
pkgs.hunspellDicts.en_US
|
||||||
|
pkgs.set_wm_class
|
||||||
|
pkgs.xorg.xkill
|
||||||
|
pkgs.krita
|
||||||
|
pkgs.R
|
||||||
|
pkgs.gimp
|
||||||
|
pkgs.gajim
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,38 +1,53 @@
|
||||||
{ pkgs, config, ... }:
|
|
||||||
let
|
|
||||||
user = config.home.username;
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
user = config.home.username;
|
||||||
|
jellyfinIp = configVars.networking.addresses.jellyfin.ip;
|
||||||
|
jellyfinPort = configVars.networking.addresses.jellyfin.port;
|
||||||
|
bitcoinNodeIp = configVars.networking.addresses.bitcoin-node.ip;
|
||||||
|
mempoolPort = configVars.networking.addresses.bitcoin-node.services.mempool.port;
|
||||||
|
in {
|
||||||
programs.firefox = {
|
programs.firefox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
profiles.${user} = {
|
profiles.${user} = {
|
||||||
search = {
|
search = {
|
||||||
force = true;
|
force = true;
|
||||||
default = "Searx";
|
default = "Searx";
|
||||||
order = [ "Searx" "DuckDuckGo" ];
|
order = ["Searx" "DuckDuckGo"];
|
||||||
engines = {
|
engines = {
|
||||||
"Nix Packages" = {
|
"Nix Packages" = {
|
||||||
urls = [{
|
urls = [
|
||||||
|
{
|
||||||
template = "https://search.nixos.org/packages";
|
template = "https://search.nixos.org/packages";
|
||||||
params = [
|
params = [
|
||||||
{ name = "type"; value = "packages"; }
|
{
|
||||||
{ name = "query"; value = "{searchTerms}"; }
|
name = "type";
|
||||||
|
value = "packages";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "query";
|
||||||
|
value = "{searchTerms}";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
}];
|
|
||||||
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||||
definedAliases = [ "@np" ];
|
definedAliases = ["@np"];
|
||||||
};
|
};
|
||||||
"NixOS Wiki" = {
|
"NixOS Wiki" = {
|
||||||
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
urls = [{template = "https://nixos.wiki/index.php?search={searchTerms}";}];
|
||||||
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
||||||
updateInterval = 24 * 60 * 60 * 1000; # every day
|
updateInterval = 24 * 60 * 60 * 1000; # every day
|
||||||
definedAliases = [ "@nw" ];
|
definedAliases = ["@nw"];
|
||||||
};
|
};
|
||||||
"Searx" = {
|
"Searx" = {
|
||||||
urls = [{ template = "http://10.0.10.35:8855/?q={searchTerms}"; }];
|
urls = [{template = "http://10.0.10.35:8855/?q={searchTerms}";}];
|
||||||
iconUpdateURL = "https://docs.searxng.org/_static/searxng-wordmark.svg";
|
iconUpdateURL = "https://docs.searxng.org/_static/searxng-wordmark.svg";
|
||||||
updateInterval = 24 * 60 * 60 * 1000; # every day
|
updateInterval = 24 * 60 * 60 * 1000; # every day
|
||||||
definedAliases = [ "@searx" ];
|
definedAliases = ["@searx"];
|
||||||
};
|
};
|
||||||
"Bing".metaData.hidden = true;
|
"Bing".metaData.hidden = true;
|
||||||
"Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias
|
"Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias
|
||||||
|
@ -41,16 +56,22 @@ in
|
||||||
|
|
||||||
bookmarks = [
|
bookmarks = [
|
||||||
{
|
{
|
||||||
name = "wikipedia";
|
name = "toolbar";
|
||||||
tags = [ "wiki" ];
|
toolbar = true;
|
||||||
keyword = "wiki";
|
bookmarks = [
|
||||||
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
|
{
|
||||||
|
name = "Jellyfin";
|
||||||
|
url = "http://${jellyfinIp}:${jellyfinPort}";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "bitlab21";
|
name = "Mempool";
|
||||||
tags = [ "bitcoin" ];
|
url = "http://${bitcoinNodeIp}:${toString mempoolPort}";
|
||||||
keyword = "bitcoin";
|
}
|
||||||
url = "https://bitlab21.com";
|
{
|
||||||
|
name = "Nixos Package Search";
|
||||||
|
url = "https://search.nixos.org/packages";
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -75,7 +96,6 @@ in
|
||||||
privacy-badger
|
privacy-badger
|
||||||
zotero-connector
|
zotero-connector
|
||||||
];
|
];
|
||||||
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,19 @@
|
||||||
{ ... }: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
nerdfonts
|
||||||
|
noto-fonts
|
||||||
|
noto-fonts-cjk
|
||||||
|
noto-fonts-emoji
|
||||||
|
hack-font
|
||||||
|
liberation_ttf
|
||||||
|
libertine
|
||||||
|
font-awesome
|
||||||
|
];
|
||||||
|
|
||||||
fonts = {
|
fonts = {
|
||||||
fontconfig = {
|
fontconfig = {
|
||||||
|
enable = true;
|
||||||
defaultFonts = {
|
defaultFonts = {
|
||||||
serif = [ "NotoSans Nerd Font" ];
|
serif = [ "NotoSans Nerd Font" ];
|
||||||
sansSerif = [ "Linux Biolinum O" ];
|
sansSerif = [ "Linux Biolinum O" ];
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
programs.kodi = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.kodi.withPackages (kodiPkgs:
|
||||||
|
with kodiPkgs; [
|
||||||
|
netflix
|
||||||
|
jellycon
|
||||||
|
]);
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,21 +1,48 @@
|
||||||
{ pkgs, ... }:
|
{pkgs, ...}: {
|
||||||
{
|
|
||||||
# Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113
|
# Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113
|
||||||
# error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files
|
# error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files
|
||||||
home.packages = [ pkgs.dconf ];
|
home.packages = [
|
||||||
gtk.enable = true;
|
pkgs.dconf
|
||||||
|
];
|
||||||
home.file = {
|
|
||||||
".icons/bibata".source = "${pkgs.bibata-cursors}/share/icons/Bibata-Modern-Classic";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Get details about theme package
|
# Get details about theme package
|
||||||
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
|
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
|
||||||
gtk.theme.package = pkgs.kanagawa-gtk-theme;
|
|
||||||
gtk.theme.name = "Kanagawa-B";
|
|
||||||
|
|
||||||
gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
|
gtk = {
|
||||||
gtk.iconTheme.name = "Kanagawa";
|
enable = true;
|
||||||
|
theme = {
|
||||||
|
name = "Kanagawa-B";
|
||||||
|
package = pkgs.kanagawa-gtk-theme;
|
||||||
|
};
|
||||||
|
iconTheme = {
|
||||||
|
package = pkgs.gnome.adwaita-icon-theme;
|
||||||
|
name = "Adwaita";
|
||||||
|
};
|
||||||
|
|
||||||
|
gtk3.extraConfig = {
|
||||||
|
Settings = ''
|
||||||
|
gtk-application-prefer-dark-theme=1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
gtk4.extraConfig = {
|
||||||
|
Settings = ''
|
||||||
|
gtk-application-prefer-dark-theme=1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
#gtk.theme.package = pkgs.kanagawa-gtk-theme;
|
||||||
|
|
||||||
|
# gtk.cursorTheme = {
|
||||||
|
# name = "Vimix-Cursors";
|
||||||
|
# package = pkgs.vimix-cursor-theme;
|
||||||
|
# };
|
||||||
|
|
||||||
|
# gtk.theme.name = "Kanagawa-B";
|
||||||
|
|
||||||
|
# gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
|
||||||
|
# gtk.iconTheme.name = "Kanagawa";
|
||||||
|
|
||||||
qt.enable = true;
|
qt.enable = true;
|
||||||
qt.platformTheme.name = "gtk";
|
qt.platformTheme.name = "gtk";
|
||||||
|
|
|
@ -11,4 +11,9 @@
|
||||||
pkgs.feh
|
pkgs.feh
|
||||||
];
|
];
|
||||||
|
|
||||||
|
programs.chromium = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.brave;
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,8 +7,8 @@
|
||||||
./xinitrc.nix
|
./xinitrc.nix
|
||||||
./sxhkdrc.nix
|
./sxhkdrc.nix
|
||||||
./picom.nix
|
./picom.nix
|
||||||
./xresources.nix
|
|
||||||
./dunst.nix
|
./dunst.nix
|
||||||
|
./music_player.nix
|
||||||
|
|
||||||
# Status bar scripts
|
# Status bar scripts
|
||||||
./scripts/sb-cpu-pct.nix
|
./scripts/sb-cpu-pct.nix
|
||||||
|
@ -16,9 +16,11 @@
|
||||||
./scripts/sb-volume.nix
|
./scripts/sb-volume.nix
|
||||||
./scripts/sb-network-status.nix
|
./scripts/sb-network-status.nix
|
||||||
./scripts/sb-updates.nix
|
./scripts/sb-updates.nix
|
||||||
|
./scripts/sb-battery.nix
|
||||||
|
|
||||||
# Notification scripts
|
# Notification scripts
|
||||||
./scripts/dunstify-volume-notification.nix
|
./scripts/dunstify-volume-notification.nix
|
||||||
|
./scripts/dunstify-battery-notification.nix
|
||||||
|
|
||||||
# Helper scripts
|
# Helper scripts
|
||||||
./scripts/emoji-picker.nix
|
./scripts/emoji-picker.nix
|
||||||
|
@ -27,6 +29,10 @@
|
||||||
./scripts/get-focused-monitor.nix
|
./scripts/get-focused-monitor.nix
|
||||||
./scripts/git-commit-ai.nix
|
./scripts/git-commit-ai.nix
|
||||||
./scripts/aichat-wrapper.nix
|
./scripts/aichat-wrapper.nix
|
||||||
|
./scripts/dmenu-wifi.nix
|
||||||
|
./scripts/battery-status.nix
|
||||||
|
./scripts/dmenu-set-wm-class.nix
|
||||||
|
./scripts/key-remaps.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
home.packages = [
|
home.packages = [
|
||||||
|
|
|
@ -30,7 +30,6 @@
|
||||||
#format = ''%I %s %p\n%b'';
|
#format = ''%I %s %p\n%b'';
|
||||||
format = ''<b>%s:</b>\n%b\n\n%a '';
|
format = ''<b>%s:</b>\n%b\n\n%a '';
|
||||||
|
|
||||||
#TODO dynamic fonts
|
|
||||||
font = "monospace";
|
font = "monospace";
|
||||||
|
|
||||||
# Options are "left", "center", and "right".
|
# Options are "left", "center", and "right".
|
||||||
|
@ -172,7 +171,7 @@
|
||||||
urgency_critical = {
|
urgency_critical = {
|
||||||
background = "#${config.colorScheme.colors.base08}";
|
background = "#${config.colorScheme.colors.base08}";
|
||||||
foreground = "#${config.colorScheme.colors.base05}";
|
foreground = "#${config.colorScheme.colors.base05}";
|
||||||
frame_color = "#${config.colorScheme.colors.base00}";
|
frame_color = "#${config.colorScheme.colors.base05}";
|
||||||
timeout = 0;
|
timeout = 0;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
home.file."mus/music_data".source = config.lib.file.mkOutOfStoreSymlink /media/media/music/music_data;
|
||||||
|
|
||||||
|
home.packages = [
|
||||||
|
pkgs.ffmpeg
|
||||||
|
pkgs.nsxiv
|
||||||
|
pkgs.kunst
|
||||||
|
pkgs.mpc-cli
|
||||||
|
pkgs.jq
|
||||||
|
pkgs.imagemagick
|
||||||
|
];
|
||||||
|
|
||||||
|
services.mpd = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.mpd;
|
||||||
|
extraConfig = ''
|
||||||
|
|
||||||
|
music_directory "~/mus/music_data"
|
||||||
|
playlist_directory "~/.local/share/mpd/playlists"
|
||||||
|
|
||||||
|
log_file "~/.local/share/mpd/log"
|
||||||
|
db_file "~/.local/share/mpd/database"
|
||||||
|
pid_file "~/.local/share/mpd/pid"
|
||||||
|
state_file "~/.local/share/mpd/state"
|
||||||
|
sticker_file "~/.local/share/mpd/sticker.sql"
|
||||||
|
|
||||||
|
auto_update "yes"
|
||||||
|
|
||||||
|
audio_output {
|
||||||
|
type "pipewire"
|
||||||
|
name "PipeWire Sound Server"
|
||||||
|
}
|
||||||
|
|
||||||
|
audio_output {
|
||||||
|
type "fifo"
|
||||||
|
name "Visualizer feed"
|
||||||
|
path "/tmp/mpd.fifo"
|
||||||
|
format "44100:16:2"
|
||||||
|
}
|
||||||
|
|
||||||
|
'';
|
||||||
|
musicDirectory = "~/mus/music_data";
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.ncmpcpp = {
|
||||||
|
enable = true;
|
||||||
|
package = (pkgs.ncmpcpp.override { visualizerSupport = true; });
|
||||||
|
mpdMusicDir = "~/mus/music_data";
|
||||||
|
settings = {
|
||||||
|
mpd_host = "127.0.0.1";
|
||||||
|
mpd_port = "6600";
|
||||||
|
visualizer_data_source = "/tmp/mpd.fifo";
|
||||||
|
visualizer_output_name = "Visualizer Feed";
|
||||||
|
visualizer_in_stereo = "yes";
|
||||||
|
visualizer_type = "spectrum";
|
||||||
|
visualizer_fps = "60";
|
||||||
|
visualizer_autoscale = "no";
|
||||||
|
visualizer_look = "●▮";
|
||||||
|
visualizer_color = "169, 170, 169, 135, 134, 133, 129, 128, 127, 126, 125, 124";
|
||||||
|
visualizer_spectrum_smooth_look = "yes";
|
||||||
|
visualizer_spectrum_dft_size = "3";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,54 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
home.packages = [
|
||||||
|
(pkgs.writeShellScriptBin "battery-status" ''
|
||||||
|
|
||||||
|
# Get the current power consumption of the laptop battery
|
||||||
|
power=$(cat /sys/class/power_supply/BAT0/power_now)
|
||||||
|
power_watts=$(${pkgs.bc}/bin/bc <<< "scale=3; $power / 1000000")
|
||||||
|
|
||||||
|
# Get the current battery charge capacity
|
||||||
|
energy=$(cat /sys/class/power_supply/BAT0/energy_now)
|
||||||
|
|
||||||
|
# Get the current battery status (charging or discharging)
|
||||||
|
battery_status=$(cat /sys/class/power_supply/BAT0/status)
|
||||||
|
|
||||||
|
# Calculate the time remaining until the battery is empty or full
|
||||||
|
if [ "$battery_status" == "Charging" ]; then
|
||||||
|
# Calculate the time remaining until the battery is full
|
||||||
|
hours=$(${pkgs.bc}/bin/bc <<< "scale=2; $power / $energy")
|
||||||
|
hours_int=$(${pkgs.bc}/bin/bc <<< "scale=0; $hours / 1")
|
||||||
|
minutes=$(${pkgs.bc}/bin/bc <<< "scale=0; 60 * ($hours - $hours_int)/1")
|
||||||
|
|
||||||
|
if [ "$hours_int" -gt "0" ]; then
|
||||||
|
# Show hours and minutes if time remaining is greater than or equal to 1 hour
|
||||||
|
echo "Full in: $hours_int hours $minutes minutes"
|
||||||
|
else
|
||||||
|
# Show minutes if time remaining is less than 1 hour
|
||||||
|
echo "Full in: $minutes minutes"
|
||||||
|
fi
|
||||||
|
|
||||||
|
elif [ "$battery_status" == "Discharging" ]; then
|
||||||
|
# Calculate the time remaining until the battery is empty
|
||||||
|
hours=$(${pkgs.bc}/bin/bc <<< "scale=2; $energy / $power")
|
||||||
|
hours_int=$(${pkgs.bc}/bin/bc <<< "scale=0; $hours / 1")
|
||||||
|
minutes=$(${pkgs.bc}/bin/bc <<< "scale=0; 60 * ($hours - $hours_int)/1")
|
||||||
|
|
||||||
|
if [ "$hours_int" -gt "0" ]; then
|
||||||
|
# Show hours and minutes if time remaining is greater than or equal to 1 hour
|
||||||
|
echo "Empty in: $hours_int hours $minutes minutes"
|
||||||
|
else
|
||||||
|
# Show minutes if time remaining is less than 1 hour
|
||||||
|
echo "Empty in: $minutes minutes"
|
||||||
|
fi
|
||||||
|
|
||||||
|
elif [ "$battery_status" == "Full" ]; then
|
||||||
|
echo "Battery full"
|
||||||
|
elif [ "$battery_status" == "Not charging" ]; then
|
||||||
|
echo "Battery full - not charging"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Power consumption: $power_watts W"
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
|
@ -14,7 +14,7 @@
|
||||||
*image*)
|
*image*)
|
||||||
echo "$(${xclip}/bin/xclip -selection clipboard -t TARGETS -o)"
|
echo "$(${xclip}/bin/xclip -selection clipboard -t TARGETS -o)"
|
||||||
filename=$(${xclip}/bin/xclip -selection clipboard -t image/png -o | ${openssl}/bin/openssl sha1 | cut -b 49-)
|
filename=$(${xclip}/bin/xclip -selection clipboard -t image/png -o | ${openssl}/bin/openssl sha1 | cut -b 49-)
|
||||||
file_exists=$(/bin/ls $image_location | grep $filename | sed "s/\..*//")
|
file_exists=$(ls $image_location | grep $filename | sed "s/\..*//")
|
||||||
[[ $filename != "$file_exists" ]] &&
|
[[ $filename != "$file_exists" ]] &&
|
||||||
xclip -selection clipboard -t image/png -o > "$image_location/$filename.png" &&
|
xclip -selection clipboard -t image/png -o > "$image_location/$filename.png" &&
|
||||||
notify-send -t 5000 "Image Copied" "$image_location/$filename.png"
|
notify-send -t 5000 "Image Copied" "$image_location/$filename.png"
|
||||||
|
@ -22,7 +22,7 @@
|
||||||
*UTF8_STRING*)
|
*UTF8_STRING*)
|
||||||
echo "$(${xclip}/bin/xclip -selection clipboard -t TARGETS -o)"
|
echo "$(${xclip}/bin/xclip -selection clipboard -t TARGETS -o)"
|
||||||
filename=$(${xclip}/bin/xclip -selection clipboard -t UTF8_STRING -o | ${openssl}/bin/openssl sha1 | cut -b 49-)
|
filename=$(${xclip}/bin/xclip -selection clipboard -t UTF8_STRING -o | ${openssl}/bin/openssl sha1 | cut -b 49-)
|
||||||
file_exists=$(/bin/ls "$text_location" | grep "$filename" | sed "s/\..*//")
|
file_exists=$(ls "$text_location" | grep "$filename" | sed "s/\..*//")
|
||||||
echo "$filename" "$file_exists"
|
echo "$filename" "$file_exists"
|
||||||
[[ "$filename" != "$file_exists" ]] &&
|
[[ "$filename" != "$file_exists" ]] &&
|
||||||
xclip -selection clipboard -t UTF8_STRING -o > "$text_location/$filename"
|
xclip -selection clipboard -t UTF8_STRING -o > "$text_location/$filename"
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
(writeShellScriptBin "dmenu-set-wm-class" ''
|
||||||
|
${libnotify}/bin/notify-send "Set Window Class" "Select window..."
|
||||||
|
winid=$(${xorg.xwininfo}/bin/xwininfo | grep "Window id:" | grep -o "0x[0-9a-fA-F]*")
|
||||||
|
class=$(${xorg.xprop}/bin/xprop -id "$winid" WM_CLASS | grep -o "\".*\"$")
|
||||||
|
new_class=$( echo "" | ${dmenu}/bin/dmenu -p "Selected: $class. Set class name of window:")
|
||||||
|
[ -z "$new_class" ] && ${libnotify}/bin/notify-send "Set Window Class" "Nothing set, exiting" && exit
|
||||||
|
${set_wm_class}/bin/set_wm_class "$winid" "$new_class"
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
|
@ -0,0 +1,51 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
(writeShellScriptBin "dmenu-wifi" ''
|
||||||
|
nmcli dev wifi rescan
|
||||||
|
ssid_list=$(nmcli -f in-use,bssid,ssid,mode,chan,freq,rate,signal,bars,security dev wifi)
|
||||||
|
available_connections=$(echo "$ssid_list" | sed '/--.*Infra/d')
|
||||||
|
|
||||||
|
connection=$( echo "$available_connections" | dmenu -l 20)
|
||||||
|
bssid=$(echo "$connection" | sed 's/^.\s*//;s/\s\s.*$//')
|
||||||
|
ssid=$(echo "$connection" | sed 's/^.\s*[0-9;A-Z;:]*\s\s//;s/\s*Infra\s*[0-9].*$//')
|
||||||
|
[[ "$connection" = "" ]] && notify-send -t 5000 "Wifi Connect" "Cancelled" && exit 0
|
||||||
|
[[ $( echo "$connection" | grep "IN-USE" -o) = "IN-USE" ]] && notify-send -t 5000 "Wifi Connect" "Please select valid network" && exit 0
|
||||||
|
[[ -n "$(echo "$connection" | grep '\*')" ]] && notify-send -t 5000 "Wifi Connect" "Already Connected to: $(echo "$ssid")" && exit 0
|
||||||
|
|
||||||
|
notify-send -t 5000 "Network Manager" "Attempting to connect to $ssid..."
|
||||||
|
nmcli connection modify "$ssid" 802-11-wireless.bssid "$bssid"
|
||||||
|
nmcli device wifi connect "$bssid"
|
||||||
|
return_code=$?
|
||||||
|
if [ $return_code == 4 ];
|
||||||
|
then
|
||||||
|
notify-send -t 5000 "Wifi Connect" "Please enter password for '$ssid'..."
|
||||||
|
prompt="Enter Password for '$ssid'"
|
||||||
|
pwd=$(echo "" | dmenu -p "$prompt")
|
||||||
|
nmcli device wifi connect "$bssid" password "$pwd"
|
||||||
|
return_code=$?
|
||||||
|
fi
|
||||||
|
case "$return_code" in
|
||||||
|
0) notify-send -t 5000 "Wifi Connect" "Successfully connected to: $ssid!"
|
||||||
|
pkill -RTMIN+12 dwmblocks
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
3) notify-send -t 5000 "Wifi Connect" "Connection to $ssid failed. Timeout expired?"
|
||||||
|
pkill -RTMIN+12 dwmblocks
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
4)
|
||||||
|
notify-send -t 5000 "Wifi Connect" "Connection to $ssid failed. Possibly wrong password?"
|
||||||
|
nmcli connection delete id "$ssid"
|
||||||
|
pkill -RTMIN+12 dwmblocks
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
*) notify-send -t 5000 "Wifi Connect" "Connection to $ssid failed. Error code $?"
|
||||||
|
echo "Failed. Exiting"
|
||||||
|
pkill -RTMIN+12 dwmblocks
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
home.packages = [
|
||||||
|
(pkgs.writeShellScriptBin "dunstify-battery-notification" ''
|
||||||
|
msgTag="battery-notify"
|
||||||
|
${pkgs.dunst}/bin/dunstify -a "batteryNotify" -u critical -i battery-notify -h string:x-dunst-stack-tag:$msgTag "Battery Status" "$(battery-status)" -t 5000
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
|
@ -0,0 +1,11 @@
|
||||||
|
{pkgs, ...}: {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
(writeShellScriptBin "key-remaps" ''
|
||||||
|
${xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
|
||||||
|
${xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
|
||||||
|
${xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
|
||||||
|
${xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
|
||||||
|
${xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
(writeShellScriptBin "sb-battery" ''
|
||||||
|
BAT=/sys/class/power_supply/BAT0/capacity
|
||||||
|
|
||||||
|
# Exit script if no battery detected
|
||||||
|
[ ! -f "$BAT" ] && exit
|
||||||
|
|
||||||
|
STATUS=$(cat /sys/class/power_supply/BAT0/uevent | grep "POWER_SUPPLY_STATUS" | sed "s/^.*=//")
|
||||||
|
capacity=$(cat "$BAT")
|
||||||
|
|
||||||
|
if [ "$STATUS" == "Charging" ] || [ "$STATUS" == "Not charging" ]; then
|
||||||
|
echo "[ $capacity%] "
|
||||||
|
else
|
||||||
|
case $capacity in
|
||||||
|
100) echo "[ $capacity%] ";;
|
||||||
|
9[0-9]) echo "[ $capacity%] ";;
|
||||||
|
8[0-9]) echo "[ $capacity%] ";;
|
||||||
|
7[0-9]) echo "[ $capacity%] ";;
|
||||||
|
6[0-9]) echo "[ $capacity%] ";;
|
||||||
|
5[0-9]) echo "[ $capacity%] ";;
|
||||||
|
4[0-9]) echo "[ $capacity%] ";;
|
||||||
|
3[0-9]) echo "[ $capacity%] ";;
|
||||||
|
2[0-9]) echo "[ $capacity%] ";;
|
||||||
|
1[0-9]) echo "[ $capacity%] ";;
|
||||||
|
[6-9]) echo "[ $capacity%] ";;
|
||||||
|
[0-5]) echo "[ $capacity%] ";;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $capacity -le 20 && $STATUS != "Charging" ]]; then
|
||||||
|
dunstify-battery-notification
|
||||||
|
fi
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
|
@ -41,7 +41,7 @@
|
||||||
|
|
||||||
if [ -z "$IP_ADDRESS" ];
|
if [ -z "$IP_ADDRESS" ];
|
||||||
then
|
then
|
||||||
printf "$network_symbol"
|
printf "[$network_symbol] "
|
||||||
else
|
else
|
||||||
printf "[$network_symbol|$IP_ADDRESS] "
|
printf "[$network_symbol|$IP_ADDRESS] "
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -4,10 +4,10 @@
|
||||||
(writeShellScriptBin "sb-updates" ''
|
(writeShellScriptBin "sb-updates" ''
|
||||||
# Gets number of flake inputs that are ready for update
|
# Gets number of flake inputs that are ready for update
|
||||||
# Checks every 60 minutes
|
# Checks every 60 minutes
|
||||||
inputs=$(cd /etc/nixos &&
|
# inputs=$(cd /etc/nixos &&
|
||||||
nix flake update --output-lock-file <(cat flake.nix) 2> /tmp/update &&
|
# nix flake update --output-lock-file <(cat flake.nix) 2> /tmp/update &&
|
||||||
cat /tmp/update | grep -c Update)
|
# cat /tmp/update | grep -c Update)
|
||||||
printf "[ $inputs] "
|
# printf "[ $inputs] "
|
||||||
'')
|
'')
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{
|
{
|
||||||
# TODO add emoji and dmenu-dict scripts
|
# TODO: add emoji and dmenu-dict scripts
|
||||||
home.file.".config/sxhkd/sxhkdrc" = {
|
home.file.".config/sxhkd/sxhkdrc" = {
|
||||||
recursive = true;
|
recursive = true;
|
||||||
text = ''
|
text = ''
|
||||||
|
@ -15,29 +15,20 @@
|
||||||
XF86AudioMicMute
|
XF86AudioMicMute
|
||||||
pamixer --default-source --toggle-mute && dunstify-volume-notification && pkill -RTMIN+10 dwmblocks && exit 1
|
pamixer --default-source --toggle-mute && dunstify-volume-notification && pkill -RTMIN+10 dwmblocks && exit 1
|
||||||
|
|
||||||
XF86MonBrightnessUp
|
|
||||||
light -A 5 && dunstify-brightness-notification
|
|
||||||
|
|
||||||
XF86MonBrightnessDown
|
|
||||||
light -U 5 && dunstify-brightness-notification
|
|
||||||
|
|
||||||
XF86Messenger
|
XF86Messenger
|
||||||
dunstify-battery-notification
|
dunstify-battery-notification
|
||||||
|
|
||||||
control + Home
|
|
||||||
bookmark-add
|
|
||||||
|
|
||||||
control + Insert
|
|
||||||
bookmark-insert
|
|
||||||
|
|
||||||
control + F8
|
control + F8
|
||||||
clipboard-image-recall /tmp/clipboard/images/
|
clipboard-image-recall /tmp/clipboard/images/
|
||||||
|
|
||||||
Print
|
Print
|
||||||
flameshot gui
|
env QT_AUTO_SCREEN_SCALE_FACTOR=1.5 QT_SCREEN_SCALE_FACTORS="" flameshot gui
|
||||||
|
|
||||||
control + F7
|
control + F7
|
||||||
emoji-picker
|
emoji-picker
|
||||||
|
|
||||||
|
control + F4
|
||||||
|
dmenu-set-wm-class
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +1,13 @@
|
||||||
{ config, ... }:
|
{...}: {
|
||||||
let
|
# TODO: configure x11 to look in .config/x11
|
||||||
|
|
||||||
monitor = "${toString (builtins.map (m: "xrandr --output ${ m.name } --mode ${ toString( m.width )}x${ toString( m.height )} --pos ${ toString( m.x)}x${ toString( m.y)}" ) config.monitors)}";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
# TODO configure x11 to look in .config/x11
|
|
||||||
home.file.".xinitrc" = {
|
home.file.".xinitrc" = {
|
||||||
recursive = true;
|
recursive = true;
|
||||||
text = ''
|
text = ''
|
||||||
|
|
||||||
picom -b --config ~/.config/picom/picom.conf
|
picom -b --config ~/.config/picom/picom.conf
|
||||||
xrdb ~/.Xresources
|
xrdb -merge ~/.Xresources
|
||||||
|
|
||||||
${monitor}
|
autostart="clipboard-save dwmblocks feh-wallpaper-changer sxhkd key-remaps"
|
||||||
|
|
||||||
autostart="clipboard-save dwmblocks feh-wallpaper-changer sxhkd"
|
|
||||||
|
|
||||||
for program in $autostart; do
|
for program in $autostart; do
|
||||||
pidof -sx "$program" || "$program" &
|
pidof -sx "$program" || "$program" &
|
||||||
|
|
|
@ -1,44 +0,0 @@
|
||||||
{ config, ... }:
|
|
||||||
{
|
|
||||||
home.file.".Xresources" = {
|
|
||||||
recursive = true;
|
|
||||||
text = ''
|
|
||||||
! scale
|
|
||||||
Xft.dpi: 144
|
|
||||||
|
|
||||||
! st
|
|
||||||
st.alpha: 0.8
|
|
||||||
St.font: monospace:pixelsize=21:antialias=true:autohint=true;
|
|
||||||
St.font2: NotoColorEmoji:pixelsize=19:antialias=true:autohint=true;
|
|
||||||
|
|
||||||
! dwm
|
|
||||||
dwm.borderpx: 3
|
|
||||||
dwm.font: monospace:size=12
|
|
||||||
dwm.col_base00: #${config.colorScheme.colors.base00}
|
|
||||||
dwm.col_base03: #${config.colorScheme.colors.base03}
|
|
||||||
dwm.col_base04: #${config.colorScheme.colors.base04}
|
|
||||||
dwm.col_base05: #${config.colorScheme.colors.base05}
|
|
||||||
dwm.col_base08: #${config.colorScheme.colors.base08}
|
|
||||||
dwm.col_base0B: #${config.colorScheme.colors.base0B}
|
|
||||||
|
|
||||||
! dmenu
|
|
||||||
dmenu.font: monospace:size=12
|
|
||||||
dmenu.font2: NotoColorEmoji:pixelsize=22:antialias=true:autohint=true
|
|
||||||
dmenu.topbar: 1
|
|
||||||
dmenu.normfgcolor: #${config.colorScheme.colors.base05}
|
|
||||||
dmenu.normbgcolor: #${config.colorScheme.colors.base03}
|
|
||||||
dmenu.selfgcolor: #${config.colorScheme.colors.base00}
|
|
||||||
dmenu.selbgcolor: #${config.colorScheme.colors.base0B}
|
|
||||||
|
|
||||||
Nsxiv.window.background: #${config.colorScheme.colors.base03}
|
|
||||||
Nsxiv.window.foreground: #${config.colorScheme.colors.base05}
|
|
||||||
Nsxiv.mark.foreground: #${config.colorScheme.colors.base08}
|
|
||||||
|
|
||||||
Nsxiv.bar.background: #${config.colorScheme.colors.base00}
|
|
||||||
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
|
|
||||||
Nsxiv.bar.font: monospace:size=12
|
|
||||||
|
|
||||||
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,10 +1,13 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, configVars, ... }:
|
||||||
|
let
|
||||||
|
email = configVars.email.user;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
programs.git = {
|
programs.git = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.gitAndTools.gitFull;
|
package = pkgs.gitAndTools.gitFull;
|
||||||
userName = "Sam";
|
userName = "Sam";
|
||||||
userEmail = "samual.shop@proton.me";
|
userEmail = "${email}";
|
||||||
aliases = { };
|
aliases = { };
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
pull.rebase = false;
|
pull.rebase = false;
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
{ pkgs, config, lib, ... }:
|
||||||
|
let
|
||||||
|
user = config.home.username;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
home.activation.get-notes = lib.hm.dag.entryAfter [ "installPackages" ] ''
|
||||||
|
notes_dir=/home/${user}/.local/share/notes
|
||||||
|
remote=git@git.bitlab21.com:sam/notes
|
||||||
|
if [ -d "$notes_dir" ];
|
||||||
|
then
|
||||||
|
cd "$notes_dir"
|
||||||
|
[ ! -d .git ] && PATH="${pkgs.git}/bin:${pkgs.openssh}/bin:$PATH" git clone "$remote" "$notes_dir"
|
||||||
|
else
|
||||||
|
mkdir -p "$notes_dir" && PATH="${pkgs.git}/bin:${pkgs.openssh}/bin:$PATH" git clone "$remote" "$notes_dir"
|
||||||
|
fi
|
||||||
|
exit 0
|
||||||
|
'';
|
||||||
|
}
|
|
@ -0,0 +1,53 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
in {
|
||||||
|
systemd.user.services.transmission-daemon = {
|
||||||
|
Unit = {
|
||||||
|
Description = "Transmission Bittorrent Daemon";
|
||||||
|
Wants = "network-online.target";
|
||||||
|
After = "network-online.target";
|
||||||
|
Documentation = "man:transmission-daemon(1)";
|
||||||
|
};
|
||||||
|
Install = {
|
||||||
|
WantedBy = ["multi-user.target"];
|
||||||
|
};
|
||||||
|
Service = {
|
||||||
|
User = "transmission";
|
||||||
|
Type = "notify";
|
||||||
|
ExecStart = "${pkgs.transmission}/bin/transmission-daemon -f --log-level=error";
|
||||||
|
ExecReload = "${pkgs.coreutils}/bin/kill -s HUP $MAINPID";
|
||||||
|
CapabilityBoundingSet = "";
|
||||||
|
DevicePolicy = "closed";
|
||||||
|
KeyringMode = "private";
|
||||||
|
LockPersonality = "true";
|
||||||
|
NoNewPrivileges = "true";
|
||||||
|
MemoryDenyWriteExecute = "true";
|
||||||
|
PrivateTmp = "true";
|
||||||
|
PrivateDevices = "true";
|
||||||
|
ProtectClock = "true";
|
||||||
|
ProtectKernelLogs = "true";
|
||||||
|
ProtectControlGroups = "true";
|
||||||
|
ProtectKernelModules = "true";
|
||||||
|
ProtectSystem = "true";
|
||||||
|
ProtectHostname = "true";
|
||||||
|
ProtectKernelTunables = "true";
|
||||||
|
ProtectProc = "invisible";
|
||||||
|
RestrictNamespaces = "true";
|
||||||
|
RestrictSUIDSGID = "true";
|
||||||
|
RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";
|
||||||
|
RestrictRealtime = "true";
|
||||||
|
SystemCallFilter = "@system - service";
|
||||||
|
SystemCallArchitectures = "native";
|
||||||
|
SystemCallErrorNumber = "EPERM";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
# home.file.".config/transmission-daemon/settings.json" = {
|
||||||
|
# recursive = true;
|
||||||
|
# text = ''
|
||||||
|
#
|
||||||
|
# '';
|
||||||
|
# };
|
||||||
|
}
|
|
@ -0,0 +1,120 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
programs.yazi = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.yazi;
|
||||||
|
enableBashIntegration = true;
|
||||||
|
enableZshIntegration = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
log = {
|
||||||
|
enabled = true;
|
||||||
|
};
|
||||||
|
manager = {
|
||||||
|
show_hidden = false;
|
||||||
|
sort_by = "modified";
|
||||||
|
sort_dir_first = true;
|
||||||
|
sort_reverse = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
theme = {
|
||||||
|
manager = {
|
||||||
|
marker_copied = { fg = "#98bb6c"; bg = "#98bb6c"; };
|
||||||
|
marker_cut = { fg = "#e46876"; bg = "#e46876"; };
|
||||||
|
marker_marked = { fg = "#957fb8"; bg = "#957fb8"; };
|
||||||
|
marker_selected = { fg = "#ffa066"; bg = "#ffa066"; };
|
||||||
|
cwd = { fg = "#e6c384"; };
|
||||||
|
hovered = { reversed = true; };
|
||||||
|
preview_hovered = { reversed = true; };
|
||||||
|
tab_active = { reversed = true; };
|
||||||
|
tab_inactive = { };
|
||||||
|
tab_width = 1;
|
||||||
|
count_copied = { fg = "#1f1f28"; bg = "#98bb6c"; };
|
||||||
|
count_cut = { fg = "#1f1f28"; bg = "#e46876"; };
|
||||||
|
count_selected = { fg = "#1f1f28"; bg = "#e6c384"; };
|
||||||
|
border_symbol = "│";
|
||||||
|
border_style = { fg = "#dcd7ba"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
status = {
|
||||||
|
separator_open = "";
|
||||||
|
separator_close = "";
|
||||||
|
separator_style = { fg = "reset"; bg = "#363646"; };
|
||||||
|
mode_normal = { fg = "#1f1f28"; bg = "#85a6ea"; bold = true; };
|
||||||
|
mode_select = { fg = "#1f1f28"; bg = "#957fb8"; bold = true; };
|
||||||
|
mode_unset = { fg = "#1f1f28"; bg = "#e6c384"; bold = true; };
|
||||||
|
progress_label = { fg = "#85a6ea"; bg = "#363646"; bold = true; };
|
||||||
|
progress_normal = { fg = "#363646"; bg = "#1f1f28"; };
|
||||||
|
progress_error = { fg = "#363646"; bg = "#1f1f28"; };
|
||||||
|
permissions_t = { fg = "#98bb6c"; };
|
||||||
|
permissions_r = { fg = "#e6c384"; };
|
||||||
|
permissions_w = { fg = "#e82424"; };
|
||||||
|
permissions_x = { fg = "#7aa89f"; };
|
||||||
|
permissions_s = { fg = "#938aa9"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
select = {
|
||||||
|
border = { fg = "#7fb4ca"; };
|
||||||
|
active = { fg = "#938aa9"; bold = true; };
|
||||||
|
inactive = { };
|
||||||
|
};
|
||||||
|
|
||||||
|
input = {
|
||||||
|
border = { fg = "#7fb4ca"; };
|
||||||
|
title = { };
|
||||||
|
value = { };
|
||||||
|
selected = { reversed = true; };
|
||||||
|
};
|
||||||
|
|
||||||
|
completion = {
|
||||||
|
border = { fg = "#7fb4ca"; };
|
||||||
|
active = { reversed = true; };
|
||||||
|
inactive = { };
|
||||||
|
};
|
||||||
|
|
||||||
|
tasks = {
|
||||||
|
border = { fg = "#7fb4ca"; };
|
||||||
|
title = { };
|
||||||
|
hovered = { fg = "#938aa9"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
which = {
|
||||||
|
cols = 2;
|
||||||
|
separator = " - ";
|
||||||
|
separator_style = { fg = "#727169"; };
|
||||||
|
mask = { bg = "#16161d"; };
|
||||||
|
rest = { fg = "#727169"; };
|
||||||
|
cand = { fg = "#85a6ea"; };
|
||||||
|
desc = { fg = "#565666"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
help = {
|
||||||
|
on = { fg = "#7aa89f"; };
|
||||||
|
run = { fg = "#938aa9"; };
|
||||||
|
desc = { };
|
||||||
|
hovered = { reversed = true; bold = true; };
|
||||||
|
footer = { fg = "#090618"; bg = "#dcd7ba"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
notify = {
|
||||||
|
title_info = { fg = "#98bb6c"; };
|
||||||
|
title_warn = { fg = "#e6c384"; };
|
||||||
|
title_error = { fg = "#e82424"; };
|
||||||
|
};
|
||||||
|
|
||||||
|
filetype = {
|
||||||
|
rules = [
|
||||||
|
{ mime = "image/*"; fg = "#e6c384"; }
|
||||||
|
{ mime = "{audio,video}/*"; fg = "#957fb8"; }
|
||||||
|
{ mime = "application/{,g}zip"; fg = "#e46876"; }
|
||||||
|
{ mime = "application/x-{tar,bzip*,7z-compressed,xz,rar}"; fg = "#e46876"; }
|
||||||
|
{ mime = "application/{pdf,doc,rtf,vnd.*}"; fg = "#6a9589"; }
|
||||||
|
{ name = "*"; is = "orphan"; fg = "#e46876"; }
|
||||||
|
{ name = "*"; is = "exec"; fg = "#957fb8"; }
|
||||||
|
{ name = "*/"; fg = "#85a6ea"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,14 +0,0 @@
|
||||||
{ ...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
# Import users
|
|
||||||
./users/admin
|
|
||||||
|
|
||||||
./common/core
|
|
||||||
./common/optional/sops.nix
|
|
||||||
|
|
||||||
# Import optional
|
|
||||||
./common/optional/git.nix
|
|
||||||
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,13 +0,0 @@
|
||||||
{ ...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
# Import users
|
|
||||||
./users/admin
|
|
||||||
|
|
||||||
./common/core
|
|
||||||
|
|
||||||
# Import optional
|
|
||||||
./common/optional/git.nix
|
|
||||||
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,29 +0,0 @@
|
||||||
{ ...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
# Import users
|
|
||||||
./users/sam
|
|
||||||
|
|
||||||
./common/core
|
|
||||||
./common/optional/desktop/hyprland
|
|
||||||
./common/optional/desktop/waybar.nix
|
|
||||||
./common/optional/sops.nix
|
|
||||||
|
|
||||||
# Import optional
|
|
||||||
./common/optional/git.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
# ------
|
|
||||||
# | DP-1
|
|
||||||
# ------
|
|
||||||
monitors = [
|
|
||||||
{
|
|
||||||
name = "Virtual-1";
|
|
||||||
width = 2048;
|
|
||||||
height = 1152;
|
|
||||||
x = 0;
|
|
||||||
workspace = "1";
|
|
||||||
primary = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,4 +1,7 @@
|
||||||
{ ...
|
{
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
}: {
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
# Import users
|
# Import users
|
||||||
|
@ -12,28 +15,13 @@
|
||||||
./common/optional/syncthing.nix
|
./common/optional/syncthing.nix
|
||||||
./common/optional/desktop/dwm
|
./common/optional/desktop/dwm
|
||||||
./common/optional/desktop/common/themes/standard-dark.nix
|
./common/optional/desktop/common/themes/standard-dark.nix
|
||||||
|
./common/optional/notes.nix
|
||||||
|
./common/optional/yazi.nix
|
||||||
|
./common/optional/transmission.nix
|
||||||
];
|
];
|
||||||
# ------
|
|
||||||
# | DP-1
|
home.packages = [
|
||||||
# ------
|
pkgs.qgis
|
||||||
monitors = [
|
|
||||||
{
|
|
||||||
name = "DP-1";
|
|
||||||
width = 2560;
|
|
||||||
height = 1440;
|
|
||||||
x = 0;
|
|
||||||
y = 0;
|
|
||||||
workspace = "1";
|
|
||||||
primary = true;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
name = "DP-2";
|
|
||||||
width = 2560;
|
|
||||||
height = 1440;
|
|
||||||
x = 2560;
|
|
||||||
y = 0;
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
|
|
||||||
colorScheme = {
|
colorScheme = {
|
||||||
|
@ -60,4 +48,37 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
xresources.extraConfig = ''
|
||||||
|
! st
|
||||||
|
st.alpha: 0.8
|
||||||
|
St.font: monospace:pixelsize=21:antialias=true:autohint=true;
|
||||||
|
St.font2: NotoColorEmoji:pixelsize=19:antialias=true:autohint=true;
|
||||||
|
|
||||||
|
! dwm
|
||||||
|
dwm.borderpx: 3
|
||||||
|
dwm.font: monospace:size=12
|
||||||
|
dwm.col_base00: #${config.colorScheme.colors.base00}
|
||||||
|
dwm.col_base03: #${config.colorScheme.colors.base03}
|
||||||
|
dwm.col_base04: #${config.colorScheme.colors.base04}
|
||||||
|
dwm.col_base05: #${config.colorScheme.colors.base05}
|
||||||
|
dwm.col_base08: #${config.colorScheme.colors.base08}
|
||||||
|
dwm.col_base0B: #${config.colorScheme.colors.base0B}
|
||||||
|
|
||||||
|
! dmenu
|
||||||
|
dmenu.font: monospace:size=12
|
||||||
|
dmenu.font2: NotoColorEmoji:pixelsize=22:antialias=true:autohint=true
|
||||||
|
dmenu.topbar: 1
|
||||||
|
dmenu.normfgcolor: #${config.colorScheme.colors.base05}
|
||||||
|
dmenu.normbgcolor: #${config.colorScheme.colors.base03}
|
||||||
|
dmenu.selfgcolor: #${config.colorScheme.colors.base00}
|
||||||
|
dmenu.selbgcolor: #${config.colorScheme.colors.base0B}
|
||||||
|
|
||||||
|
Nsxiv.window.background: #${config.colorScheme.colors.base03}
|
||||||
|
Nsxiv.window.foreground: #${config.colorScheme.colors.base05}
|
||||||
|
Nsxiv.mark.foreground: #${config.colorScheme.colors.base08}
|
||||||
|
|
||||||
|
Nsxiv.bar.background: #${config.colorScheme.colors.base00}
|
||||||
|
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
|
||||||
|
Nsxiv.bar.font: monospace:size=12
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
./common/optional/git.nix
|
./common/optional/git.nix
|
||||||
./common/optional/syncthing.nix
|
./common/optional/syncthing.nix
|
||||||
./common/optional/desktop/cinnamon
|
./common/optional/desktop/cinnamon
|
||||||
|
./common/optional/desktop/common/kodi.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -1,25 +1,22 @@
|
||||||
{ outputs, ... }:
|
{outputs, ...}: {
|
||||||
|
|
||||||
{
|
|
||||||
home.username = "sam";
|
home.username = "sam";
|
||||||
home.homeDirectory = "/home/sam";
|
home.homeDirectory = "/home/sam";
|
||||||
|
|
||||||
imports = [
|
imports =
|
||||||
] ++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
|
[
|
||||||
|
]
|
||||||
|
++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
|
||||||
|
|
||||||
programs.ssh = {
|
programs.ssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
matchBlocks = {
|
matchBlocks = {
|
||||||
"git.bitlab21.com" = {
|
"git.bitlab21.com" = {
|
||||||
identitiesOnly = true;
|
identitiesOnly = true;
|
||||||
identityFile = [ "~/.ssh/id_ed25519" ];
|
identityFile = ["~/.ssh/id_ed25519"];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
home.sessionPath = [
|
|
||||||
];
|
|
||||||
|
|
||||||
xdg.userDirs = {
|
xdg.userDirs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
createDirectories = true;
|
createDirectories = true;
|
||||||
|
@ -39,6 +36,6 @@
|
||||||
READER = "zathura";
|
READER = "zathura";
|
||||||
IMAGE_VIEWER = "nsxiv";
|
IMAGE_VIEWER = "nsxiv";
|
||||||
IMAGE_EDITOR = "drawing";
|
IMAGE_EDITOR = "drawing";
|
||||||
|
PATH = "$PATH:$HOME/.scripts";
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,202 @@
|
||||||
|
{
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
# Disko setup
|
||||||
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||||
|
dev = "/dev/nvme0n1"; # depends on target hardware
|
||||||
|
encrypted = true; # currrently only applies to btrfs
|
||||||
|
btrfsMountDevice =
|
||||||
|
if encrypted
|
||||||
|
then "/dev/mapper/crypted"
|
||||||
|
else "/dev/root_vg/root";
|
||||||
|
user = "sam";
|
||||||
|
impermanence = true;
|
||||||
|
pieholeIp = configVars.networking.addresses.piehole.ip;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
# Create users for this host
|
||||||
|
../common/users/${user}
|
||||||
|
|
||||||
|
# Disk configuration
|
||||||
|
inputs.disko.nixosModules.disko
|
||||||
|
(import ../common/disks {
|
||||||
|
device = dev;
|
||||||
|
impermanence = impermanence;
|
||||||
|
fsType = fsType;
|
||||||
|
encrypted = encrypted;
|
||||||
|
})
|
||||||
|
|
||||||
|
# Impermanence
|
||||||
|
(import ../common/disks/btrfs/impermanence.nix {
|
||||||
|
btrfsMountDevice = btrfsMountDevice;
|
||||||
|
lib = lib;
|
||||||
|
})
|
||||||
|
|
||||||
|
# Import core options
|
||||||
|
./hardware-configuration.nix
|
||||||
|
../common/core
|
||||||
|
|
||||||
|
# Import optional options
|
||||||
|
../common/optional/persistence.nix
|
||||||
|
../common/optional/pipewire.nix
|
||||||
|
../common/optional/openssh.nix
|
||||||
|
../common/optional/dwm.nix
|
||||||
|
../common/optional/nfs-mounts/media.nix
|
||||||
|
../common/optional/nfs-mounts/homeshare.nix
|
||||||
|
../common/optional/nfs-mounts/photos.nix
|
||||||
|
../common/optional/printing.nix
|
||||||
|
../common/optional/backlight.nix
|
||||||
|
../common/optional/xmodmap-arrow-remaps.nix
|
||||||
|
../common/optional/nix-ld.nix
|
||||||
|
../common/optional/gaming.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
|
||||||
|
kernelModules = ["iwlwifi"];
|
||||||
|
initrd.kernelModules = ["thinkpad-acpi" "acpi-call"];
|
||||||
|
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
||||||
|
extraModulePackages = [
|
||||||
|
config.boot.kernelPackages.acpi_call
|
||||||
|
];
|
||||||
|
loader = {
|
||||||
|
systemd-boot.enable = true;
|
||||||
|
efi.canTouchEfiVariables = true;
|
||||||
|
timeout = 3;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [
|
||||||
|
{
|
||||||
|
device = "/.swapvol/swapfile";
|
||||||
|
size = 32 * 1024;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
services = {
|
||||||
|
libinput.touchpad.accelSpeed = "0.5";
|
||||||
|
xserver = {
|
||||||
|
xkb.options = "caps:swapescape";
|
||||||
|
dpi = 196;
|
||||||
|
upscaleDefaultCursor = true;
|
||||||
|
# FIXME this doesnt work for some reason
|
||||||
|
# displayManager.sessionCommands = pkgs.writeShellScriptBin "key-remaps" ''
|
||||||
|
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
|
||||||
|
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
|
||||||
|
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
|
||||||
|
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
|
||||||
|
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
|
||||||
|
# '';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# fix cpu throttling on Lenovo Thinkpad
|
||||||
|
# see: https://github.com/erpalma/throttled
|
||||||
|
services.throttled.enable = true;
|
||||||
|
|
||||||
|
environment.variables = {
|
||||||
|
GDK_SCALE = "2.2";
|
||||||
|
GDK_DPI_SCALE = "0.8";
|
||||||
|
_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2.2";
|
||||||
|
QT_AUTO_SCREEN_SCALE_FACTOR = "1";
|
||||||
|
XCURSOR_SIZE = "64";
|
||||||
|
};
|
||||||
|
|
||||||
|
# services.tlp = {
|
||||||
|
# enable = true;
|
||||||
|
# settings = {
|
||||||
|
# CPU_SCALING_GOVERNOR_ON_AC = "ondemand";
|
||||||
|
# CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
|
||||||
|
#
|
||||||
|
# START_CHARGE_THRESH_BAT0 = 50;
|
||||||
|
# STOP_CHARGE_THRESH_BAT0 = 95;
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
|
||||||
|
hardware = {
|
||||||
|
bluetooth = {
|
||||||
|
enable = true;
|
||||||
|
powerOnBoot = true;
|
||||||
|
};
|
||||||
|
enableRedistributableFirmware = true;
|
||||||
|
firmware = [
|
||||||
|
pkgs.sof-firmware
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# nvidia
|
||||||
|
hardware.opengl = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.xserver.videoDrivers = [ "nvidia" ];
|
||||||
|
|
||||||
|
hardware.nvidia = {
|
||||||
|
prime = {
|
||||||
|
offload = {
|
||||||
|
enable = true;
|
||||||
|
enableOffloadCmd = true;
|
||||||
|
};
|
||||||
|
intelBusId = "PCI:0:2:0";
|
||||||
|
nvidiaBusId = "PCI:1:0:0";
|
||||||
|
};
|
||||||
|
nvidiaPersistenced = true;
|
||||||
|
modesetting.enable = true;
|
||||||
|
powerManagement.enable = false;
|
||||||
|
powerManagement.finegrained = false;
|
||||||
|
open = false;
|
||||||
|
nvidiaSettings = true;
|
||||||
|
# FIXME issue with stable nvidia driver and latest linux kernel
|
||||||
|
# use mkDriver to specify newer nvidia driver that is compatible
|
||||||
|
# see: https://github.com/NixOS/nixpkgs/issues/341844#issuecomment-2351075413
|
||||||
|
# and https://discourse.nixos.org/t/builder-for-nvidia-x11-550-78-6-10-drv-failed-with-exit-code-2/49360/32
|
||||||
|
package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
|
||||||
|
version = "555.58.02";
|
||||||
|
sha256_64bit = "sha256-xctt4TPRlOJ6r5S54h5W6PT6/3Zy2R4ASNFPu8TSHKM=";
|
||||||
|
sha256_aarch64 = "sha256-wb20isMrRg8PeQBU96lWJzBMkjfySAUaqt4EgZnhyF8=";
|
||||||
|
openSha256 = "sha256-8hyRiGB+m2hL3c9MDA/Pon+Xl6E788MZ50WrrAGUVuY=";
|
||||||
|
settingsSha256 = "sha256-ZpuVZybW6CFN/gz9rx+UJvQ715FZnAOYfHn5jt5Z2C8=";
|
||||||
|
persistencedSha256 = "sha256-a1D7ZZmcKFWfPjjH1REqPM5j/YLWKnbkP9qfRyIyxAw=";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
# https://bbs.archlinux.org/viewtopic.php?id=297276 for NVreg_EnableGpuFirmware fix
|
||||||
|
# https://discourse.nixos.org/t/how-to-use-nvidia-prime-offload-to-run-the-x-server-on-the-integrated-board/9091/15
|
||||||
|
# for udev rules to disable dGPU when not in use
|
||||||
|
boot.extraModprobeConfig = ''
|
||||||
|
options nvidia NVreg_DynamicPowerManagement=0x02
|
||||||
|
options nvidia NVreg_EnableGpuFirmware=0
|
||||||
|
'';
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
# Remove NVIDIA USB xHCI Host Controller devices, if present
|
||||||
|
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1"
|
||||||
|
|
||||||
|
# Remove NVIDIA USB Type-C UCSI devices, if present
|
||||||
|
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{remove}="1"
|
||||||
|
|
||||||
|
# Remove NVIDIA Audio devices, if present
|
||||||
|
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1"
|
||||||
|
|
||||||
|
# Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind
|
||||||
|
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto"
|
||||||
|
|
||||||
|
# Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind
|
||||||
|
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on"
|
||||||
|
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on"
|
||||||
|
'';
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
hostName = "citadel";
|
||||||
|
networkmanager.enable = true;
|
||||||
|
enableIPv6 = false;
|
||||||
|
nameservers = ["${pieholeIp}" "${gatewayIp}" "8.8.8.8"];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.libinput.enable = true;
|
||||||
|
}
|
|
@ -4,6 +4,7 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
inputs.impermanence.nixosModules.impermanence
|
||||||
./sops.nix
|
./sops.nix
|
||||||
./locale.nix
|
./locale.nix
|
||||||
];
|
];
|
||||||
|
@ -36,12 +37,19 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nix.gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 30d";
|
||||||
|
};
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.rsync
|
pkgs.rsync
|
||||||
pkgs.curl
|
pkgs.curl
|
||||||
pkgs.just
|
pkgs.just
|
||||||
pkgs.git
|
pkgs.git
|
||||||
pkgs.vim
|
pkgs.vim
|
||||||
|
pkgs.linuxKernel.packages.linux_zen.cpupower
|
||||||
];
|
];
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
{ pkgs, lib, inputs, config, ... }:
|
{
|
||||||
|
lib,
|
||||||
let
|
inputs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
hasOptinPersistence = config.environment.persistence ? "/persist";
|
hasOptinPersistence = config.environment.persistence ? "/persist";
|
||||||
hostname = config.networking.hostName;
|
in {
|
||||||
|
|
||||||
in
|
|
||||||
{
|
|
||||||
imports = [
|
imports = [
|
||||||
inputs.sops-nix.nixosModules.sops
|
inputs.sops-nix.nixosModules.sops
|
||||||
];
|
];
|
||||||
|
@ -17,7 +17,7 @@ in
|
||||||
validateSopsFiles = false;
|
validateSopsFiles = false;
|
||||||
|
|
||||||
age = {
|
age = {
|
||||||
sshKeyPaths = [ "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key" ];
|
sshKeyPaths = ["${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key"];
|
||||||
};
|
};
|
||||||
secrets = {
|
secrets = {
|
||||||
"passwords/root".neededForUsers = true;
|
"passwords/root".neededForUsers = true;
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
{
|
||||||
|
type = "btrfs";
|
||||||
|
extraArgs = ["-f"];
|
||||||
|
subvolumes = {
|
||||||
|
"/root" = {
|
||||||
|
mountpoint = "/";
|
||||||
|
mountOptions = [ "compress=zstd" "noatime" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/nix" = {
|
||||||
|
mountOptions = [ "subvol=nix" "noatime" ];
|
||||||
|
mountpoint = "/nix";
|
||||||
|
};
|
||||||
|
|
||||||
|
"/swap" = {
|
||||||
|
mountOptions = [ "noatime" ];
|
||||||
|
mountpoint = "/.swapvol";
|
||||||
|
swap.swapfile.size = "8192M";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,11 +1,11 @@
|
||||||
{ device, fsType, encrypted, ... }:
|
{ device, fsType, encrypted, impermanence, ... }:
|
||||||
let
|
let
|
||||||
# basic and perists configs. basic fs = ext4, persist fs = btrfs either encrypted or under lvm
|
fsModule = if impermanence then ./${fsType}/persist.nix else ./${fsType}/standard.nix;
|
||||||
basic = import ./gpt-bios-compact.nix { inherit device; };
|
basic = import ./${fsType}/basic.nix { inherit device; };
|
||||||
btrfs-persist-lvm = import ./btrfs-lvm.nix { inherit device; };
|
lvm = import ./lvm.nix { inherit device; fsModule = fsModule; };
|
||||||
btrfs-persist-luks = import ./btrfs-luks.nix { inherit device; };
|
luks = import ./luks.nix { inherit device; fsModule = fsModule; };
|
||||||
in
|
in
|
||||||
if fsType == "ext4" then basic
|
if fsType == "ext4" then basic
|
||||||
else if fsType == "btrfs" && encrypted then btrfs-persist-luks
|
else if fsType == "btrfs" && encrypted then luks
|
||||||
else if fsType == "btrfs" then btrfs-persist-lvm
|
else if fsType == "btrfs" then lvm
|
||||||
else null # or some default value
|
else null
|
||||||
|
|
|
@ -1,4 +1,7 @@
|
||||||
{device ? throw "Must define a devices, e.g. /dev/sda"}:
|
{
|
||||||
|
device ? throw "Must define a device, e.g. /dev/sda",
|
||||||
|
fsModule ? "Must specify submodule"
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
disko.devices = {
|
disko.devices = {
|
||||||
disk = {
|
disk = {
|
||||||
|
@ -26,7 +29,7 @@
|
||||||
type = "luks";
|
type = "luks";
|
||||||
name = "crypted";
|
name = "crypted";
|
||||||
passwordFile = "/tmp/luks_secret.key"; # Interactive
|
passwordFile = "/tmp/luks_secret.key"; # Interactive
|
||||||
content = (import ./btrfs-persist.nix);
|
content = (import "${fsModule}");
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
|
@ -1,4 +1,7 @@
|
||||||
{device ? throw "Must define a device, e.g. /dev/sda"}:
|
{
|
||||||
|
device ? throw "Must define a device, e.g. /dev/sda",
|
||||||
|
fsModule ? "Must specify submodule"
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
disko.devices = {
|
disko.devices = {
|
||||||
disk.main = {
|
disk.main = {
|
||||||
|
@ -36,7 +39,7 @@
|
||||||
lvs = {
|
lvs = {
|
||||||
root = {
|
root = {
|
||||||
size = "100%FREE";
|
size = "100%FREE";
|
||||||
content = (import ./btrfs-persist.nix);
|
content = (import "${fsModule}");
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
|
@ -0,0 +1,3 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko -- --mode disko ./zspeed.nix
|
|
@ -0,0 +1,70 @@
|
||||||
|
{
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
x = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
zfs = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "zfs";
|
||||||
|
pool = "zspeed";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
y = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi3";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
zfs = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "zfs";
|
||||||
|
pool = "zspeed";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
zpool = {
|
||||||
|
zspeed = {
|
||||||
|
type = "zpool";
|
||||||
|
mode = "mirror";
|
||||||
|
rootFsOptions = {
|
||||||
|
"compression" = "zstd-4";
|
||||||
|
"com.sun:auto-snapshot" = "false";
|
||||||
|
"xattr" = "sa";
|
||||||
|
"atime" = "off";
|
||||||
|
};
|
||||||
|
options = {
|
||||||
|
"ashift" = "13";
|
||||||
|
};
|
||||||
|
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zspeed@blank$' || zfs snapshot zspeed@blank";
|
||||||
|
|
||||||
|
datasets = {
|
||||||
|
postgres = {
|
||||||
|
type = "zfs_volume";
|
||||||
|
size = "10G -s";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "btrfs";
|
||||||
|
mountpoint = "/postgres";
|
||||||
|
};
|
||||||
|
options = {
|
||||||
|
"com.sun:auto-snapshot:daily" = "true";
|
||||||
|
"volblocksize" = "8k";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,7 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.brightnessctl
|
||||||
|
];
|
||||||
|
services.illum.enable = true;
|
||||||
|
}
|
|
@ -0,0 +1,26 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [inputs.arion.nixosModules.arion];
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.arion
|
||||||
|
pkgs.docker-client
|
||||||
|
];
|
||||||
|
|
||||||
|
virtualisation = {
|
||||||
|
podman = {
|
||||||
|
enable = true;
|
||||||
|
dockerSocket.enable = true;
|
||||||
|
defaultNetwork.settings.dns_enabled = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.persistence."/persist" = {
|
||||||
|
hideMounts = true;
|
||||||
|
directories = [
|
||||||
|
"/var/lib/containers"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -3,8 +3,8 @@
|
||||||
services = {
|
services = {
|
||||||
libinput.enable = true;
|
libinput.enable = true;
|
||||||
xserver = {
|
xserver = {
|
||||||
autoRepeatDelay = 250;
|
autoRepeatDelay = 300;
|
||||||
autoRepeatInterval = 30;
|
autoRepeatInterval = 15;
|
||||||
enable = true;
|
enable = true;
|
||||||
xkb.layout = "gb";
|
xkb.layout = "gb";
|
||||||
displayManager.startx.enable = true;
|
displayManager.startx.enable = true;
|
||||||
|
@ -12,12 +12,11 @@
|
||||||
windowManager.dwm = {
|
windowManager.dwm = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.dwm.overrideAttrs {
|
package = pkgs.dwm.overrideAttrs {
|
||||||
src = pkgs.fetchFromGitea {
|
# src = /home/sam/.local/share/src/dwm;
|
||||||
domain = "git.bitlab21.com";
|
src = pkgs.fetchgit {
|
||||||
owner = "sam";
|
url = "https://git.bitlab21.com/sam/dwm";
|
||||||
repo = "dwm";
|
rev = "3e0601b29d879e589703239e064f0baaabb3474b";
|
||||||
rev = "e34d0ecdd98e52164c135b560a5583aa11be89b7";
|
sha256 = "sha256-7Hq0vo6YnXKhEUdKjvaAeKodq2l8wwJRzCYJfdHDNMQ=";
|
||||||
sha256 = "sha256-er1zi2xYK7AB6oR7JmfkfehesKTw9P4bcgjafj2lIIU=";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -9,7 +9,6 @@
|
||||||
# Steam
|
# Steam
|
||||||
mangohud
|
mangohud
|
||||||
gamemode
|
gamemode
|
||||||
gamescope
|
|
||||||
|
|
||||||
# WINE
|
# WINE
|
||||||
wine
|
wine
|
||||||
|
@ -41,11 +40,9 @@
|
||||||
|
|
||||||
programs.steam = {
|
programs.steam = {
|
||||||
enable = true;
|
enable = true;
|
||||||
gamescopeSession.enable = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.gamemode.enable = true;
|
programs.gamemode.enable = true;
|
||||||
programs.gamescope.enable = true;
|
|
||||||
|
|
||||||
nixpkgs.config.packageOverrides = pkgs: {
|
nixpkgs.config.packageOverrides = pkgs: {
|
||||||
steam = pkgs.steam.override {
|
steam = pkgs.steam.override {
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
{
|
||||||
|
fileSystems."/media/homeshare" = {
|
||||||
|
device = "10.0.10.30:/mnt/homeshare";
|
||||||
|
fsType = "nfs";
|
||||||
|
options = [ "noatime" "_netdev" ];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
{
|
||||||
|
fileSystems."/media/media" = {
|
||||||
|
device = "10.0.10.30:/mnt/media";
|
||||||
|
fsType = "nfs";
|
||||||
|
options = ["noatime" "_netdev"];
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,9 @@
|
||||||
|
{
|
||||||
|
fileSystems."/media/photos" = {
|
||||||
|
device = "10.0.10.30:/mnt/photos";
|
||||||
|
fsType = "nfs";
|
||||||
|
options = [ "noatime" "_netdev" "ro" ];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
{ lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
# Using non-Nix Python Packages with Binaries on NixOS https://github.com/mcdonc/.nixconfig/blob/e7885ad18b7980f221e59a21c91b8eb02795b541/videos/pydev/script.rst
|
||||||
|
programs.nix-ld.enable = true;
|
||||||
|
programs.nix-ld.libraries = with pkgs; [
|
||||||
|
zlib # numpy
|
||||||
|
libgcc # sqlalchemy
|
||||||
|
expat # pyosmium
|
||||||
|
# that's where the shared libs go, you can find which one you need using
|
||||||
|
# nix-locate --top-level libstdc++.so.6 (replace this with your lib)
|
||||||
|
# ^ this requires `nix-index` pkg
|
||||||
|
];
|
||||||
|
|
||||||
|
environment.variables = {
|
||||||
|
NIX_LD_LIBRARY_PATH="/run/current-system/sw/share/nix-ld/lib";
|
||||||
|
NIX_LD="/run/current-system/sw/share/nix-ld/lib/ld.so";
|
||||||
|
LD_LIBRARY_PATH=lib.mkForce "$NIX_LD_LIBRARY_PATH";
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,274 @@
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
configVars,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||||
|
containerName = "bd-worker";
|
||||||
|
containerIp = configVars.networking.addresses.bd-worker.ip;
|
||||||
|
mongodbIp = configVars.networking.addresses.mongodb.ip;
|
||||||
|
mongodbPort = toString configVars.networking.addresses.mongodb.port;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
postgresIp = configVars.networking.addresses.postgres.ip;
|
||||||
|
postgresPort = toString configVars.networking.addresses.postgres.port;
|
||||||
|
bitcoindIp = configVars.networking.addresses.bitcoin-node.ip;
|
||||||
|
bitcoindPort = toString configVars.networking.addresses.bitcoin-node.services.bitcoind.port;
|
||||||
|
|
||||||
|
#secrets
|
||||||
|
sshKeyFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."ssh_keys/baseddata-models-access/id_ed25519".path;
|
||||||
|
notifybotUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."comms/xmpp/notifybot/username".path;
|
||||||
|
notifybotPwd = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."comms/xmpp/notifybot/password".path;
|
||||||
|
recipientUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."comms/xmpp/mrsu/username".path;
|
||||||
|
mongoclientAuth = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/auth".path;
|
||||||
|
mongoclientUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/username".path;
|
||||||
|
mongoclientPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path;
|
||||||
|
postgresUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_username".path;
|
||||||
|
postgresPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_password".path;
|
||||||
|
bitcoindRPCUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/username".path;
|
||||||
|
bitcoindRPCPassword= lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-public".path;
|
||||||
|
baseddataEnv = "dev";
|
||||||
|
in {
|
||||||
|
sops.secrets = {
|
||||||
|
"ssh_keys/baseddata-models-access/id_ed25519" = {};
|
||||||
|
"comms/xmpp/notifybot/username" = {};
|
||||||
|
"comms/xmpp/notifybot/password" = {};
|
||||||
|
"comms/xmpp/mrsu/username" = {};
|
||||||
|
"software/mongodb/baseddata/auth" = {};
|
||||||
|
"software/mongodb/baseddata/username" = {};
|
||||||
|
"software/mongodb/baseddata/password" = {};
|
||||||
|
"software/postgres/baseddata/user_password" = {};
|
||||||
|
"software/postgres/baseddata/user_username" = {};
|
||||||
|
"software/bitcoind/username" = {};
|
||||||
|
"software/bitcoind/bitcoin-rpcpassword-public" = {};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.persistence."/persist" = {
|
||||||
|
hideMounts = true;
|
||||||
|
directories = [
|
||||||
|
"/var/lib/nixos-containers/${containerName}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.nat.enable = true;
|
||||||
|
networking.nat.internalInterfaces = ["ve-+"];
|
||||||
|
networking.nat.externalInterface = "br0";
|
||||||
|
|
||||||
|
containers.${containerName} = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br0";
|
||||||
|
nixpkgs = pkgs.path;
|
||||||
|
bindMounts = {
|
||||||
|
"/root/.ssh/id_ed25519" = {
|
||||||
|
hostPath = "${sshKeyFile}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/notifybotUsername" = {
|
||||||
|
hostPath = "${notifybotUsername}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/notifybotPassword" = {
|
||||||
|
hostPath = "${notifybotPwd}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/recipientUsername" = {
|
||||||
|
hostPath = "${recipientUsername}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/mongoclientAuth" = {
|
||||||
|
hostPath = "${mongoclientAuth}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/mongoclientUser" = {
|
||||||
|
hostPath = "${mongoclientUser}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/mongoclientPassword" = {
|
||||||
|
hostPath = "${mongoclientPassword}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/postgresPassword" = {
|
||||||
|
hostPath = "${postgresPassword}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/postgresUser" = {
|
||||||
|
hostPath = "${postgresUser}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/bitcoindRPCPassword" = {
|
||||||
|
hostPath = "${bitcoindRPCPassword}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/run/secrets/bitcoindRPCUsername" = {
|
||||||
|
hostPath = "${bitcoindRPCUsername}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
"/media/baseddata-data" = {
|
||||||
|
hostPath = "/media/main-ssd/baseddata-data";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
networking = {
|
||||||
|
defaultGateway = "${gatewayIp}";
|
||||||
|
interfaces.eth0.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
"address" = "${containerIp}";
|
||||||
|
"prefixLength" = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [
|
||||||
|
4200
|
||||||
|
];
|
||||||
|
};
|
||||||
|
useHostResolvConf = lib.mkForce false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.enable = true;
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.vim
|
||||||
|
pkgs.git
|
||||||
|
pkgs.python311
|
||||||
|
pkgs.poetry
|
||||||
|
pkgs.aria2
|
||||||
|
pkgs.osmctools
|
||||||
|
pkgs.osmium-tool
|
||||||
|
];
|
||||||
|
|
||||||
|
environment.variables = {
|
||||||
|
BASEDDATA_ENVIRONMENT = "dev";
|
||||||
|
NIX_LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||||
|
NIX_LD = "/run/current-system/sw/share/nix-ld/lib/ld.so";
|
||||||
|
LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.baseddata-deploy-service = {
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
after = ["network.target"];
|
||||||
|
description = "Initiates deployment of application and builds python environment using Poetry";
|
||||||
|
environment = {
|
||||||
|
BASEDDATA_ENVIRONMENT = "${baseddataEnv}";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = pkgs.writeShellScript "baseddata-deploy-service" ''
|
||||||
|
GITCMD="${pkgs.openssh}/bin/ssh -i /root/.ssh/id_ed25519"
|
||||||
|
if [ ! -d "/srv/baseddata-models" ]; then
|
||||||
|
GIT_SSH_COMMAND=$GITCMD ${pkgs.git}/bin/git clone --branch $BASEDDATA_ENVIRONMENT git@git.bitlab21.com:sam/baseddata-models.git /srv/baseddata-models
|
||||||
|
else
|
||||||
|
cd /srv/baseddata-models
|
||||||
|
GIT_SSH_COMMAND=$GITCMD ${pkgs.git}/bin/git stash --include-untracked
|
||||||
|
GIT_SSH_COMMAND=$GITCMD ${pkgs.git}/bin/git pull
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd /srv/baseddata-models
|
||||||
|
mkdir .venv
|
||||||
|
${pkgs.poetry}/bin/poetry install
|
||||||
|
'';
|
||||||
|
Restart = "on-failure";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.baseddata-prefect-server = {
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
after = ["baseddata-deploy-service.target"];
|
||||||
|
description = "Initates the Prefect server";
|
||||||
|
environment = {
|
||||||
|
NIX_LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||||
|
NIX_LD = "/run/current-system/sw/share/nix-ld/lib/ld.so";
|
||||||
|
LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||||
|
PREFECT_API_URL = "http://${containerIp}:4200/api";
|
||||||
|
BASEDDATA_ENVIRONMENT = "${baseddataEnv}";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
WorkingDirectory = "/srv/baseddata-models";
|
||||||
|
ExecStart = pkgs.writeShellScript "baseddata-prefect-server" ''
|
||||||
|
|
||||||
|
# run prefect server
|
||||||
|
.venv/bin/prefect server start --host 0.0.0.0
|
||||||
|
|
||||||
|
'';
|
||||||
|
Restart = "on-failure";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.baseddata-serve-flows = {
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
after = ["baseddata-prefect-server.target"];
|
||||||
|
description = "Serves the Prefect flows";
|
||||||
|
environment = {
|
||||||
|
PREFECT_API_URL = "http://${containerIp}:4200/api";
|
||||||
|
BASEDDATA_ENVIRONMENT = "${baseddataEnv}";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
Environment = "PATH=/run/current-system/sw/bin/";
|
||||||
|
WorkingDirectory = "/srv/baseddata-models";
|
||||||
|
ExecStartPre = "${pkgs.coreutils}/bin/timeout 120 ${pkgs.bash}/bin/bash -c 'until ${pkgs.netcat-openbsd}/bin/nc -z ${containerIp} 4200; do sleep 3; done'";
|
||||||
|
ExecStart = pkgs.writeShellScript "baseddata-serve-flows" ''
|
||||||
|
|
||||||
|
# set prefect environment variables
|
||||||
|
.venv/bin/prefect variable set "xmpp_jid" $(cat /run/secrets/notifybotUsername) --overwrite
|
||||||
|
.venv/bin/prefect variable set "xmpp_password" $(cat /run/secrets/notifybotPassword) --overwrite
|
||||||
|
.venv/bin/prefect variable set "xmpp_recipient" $(cat /run/secrets/recipientUsername) --overwrite
|
||||||
|
.venv/bin/prefect variable set "mongoclient_auth" $(cat /run/secrets/mongoclientAuth) --overwrite
|
||||||
|
.venv/bin/prefect variable set "mongoclient_host" "${mongodbIp}:${mongodbPort}" --overwrite
|
||||||
|
.venv/bin/prefect variable set "mongoclient_user" $(cat /run/secrets/mongoclientUser) --overwrite
|
||||||
|
.venv/bin/prefect variable set "mongoclient_pwd" $(cat /run/secrets/mongoclientPassword) --overwrite
|
||||||
|
.venv/bin/prefect variable set "postgres_host" ${postgresIp} --overwrite
|
||||||
|
.venv/bin/prefect variable set "postgres_port" ${postgresPort} --overwrite
|
||||||
|
.venv/bin/prefect variable set "postgres_user" $(cat /run/secrets/postgresUser) --overwrite
|
||||||
|
.venv/bin/prefect variable set "postgres_pwd" $(cat /run/secrets/postgresPassword) --overwrite
|
||||||
|
.venv/bin/prefect variable set "bitcoin_rpc_password" $(cat /run/secrets/bitcoindRPCPassword) --overwrite
|
||||||
|
.venv/bin/prefect variable set "bitcoin_rpc_username" $(cat /run/secrets/bitcoindRPCUsername) --overwrite
|
||||||
|
.venv/bin/prefect variable set "bitcoind_ip" ${bitcoindIp} --overwrite
|
||||||
|
.venv/bin/prefect variable set "bitcoind_port" ${bitcoindPort} --overwrite
|
||||||
|
|
||||||
|
.venv/bin/prefect variable set "osm_dir" "/media/baseddata-data/osm" --overwrite
|
||||||
|
.venv/bin/prefect variable set "wdpa_dir" "/media/baseddata-data/wdpa" --overwrite
|
||||||
|
.venv/bin/prefect variable set "mongo_db_name" "baseddata" --overwrite
|
||||||
|
.venv/bin/prefect variable set "postgres_dbname" "baseddata" --overwrite
|
||||||
|
.venv/bin/prefect variable set "postgres_schema" "models_final" --overwrite
|
||||||
|
.venv/bin/prefect variable set "unique_key" "row_uuid" --overwrite
|
||||||
|
|
||||||
|
# serve flows
|
||||||
|
.venv/bin/python automation/flows/serve-flows.py
|
||||||
|
'';
|
||||||
|
Restart = "on-failure";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.nix-ld.enable = true;
|
||||||
|
programs.nix-ld.libraries = with pkgs; [
|
||||||
|
zlib
|
||||||
|
libgcc
|
||||||
|
];
|
||||||
|
|
||||||
|
programs.ssh.knownHosts = {
|
||||||
|
"git.bitlab21.com" = {
|
||||||
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALNd2BGf64heYjWT9yt0fVmngepiHRIMsL7au/MRteg";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings.PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.root = {
|
||||||
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
};
|
||||||
|
|
||||||
|
system.stateVersion = "24.05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,87 @@
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||||
|
containerName = "jellyfin";
|
||||||
|
containerIp = configVars.networking.addresses.jellyfin.ip;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
in {
|
||||||
|
environment.persistence."/persist" = {
|
||||||
|
hideMounts = true;
|
||||||
|
directories = [
|
||||||
|
"/var/lib/nixos-containers/${containerName}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.nat.enable = true;
|
||||||
|
networking.nat.internalInterfaces = ["ve-+"];
|
||||||
|
networking.nat.externalInterface = "br0";
|
||||||
|
|
||||||
|
containers.${containerName} = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br0";
|
||||||
|
nixpkgs = pkgs.path;
|
||||||
|
bindMounts = {
|
||||||
|
"/var/lib/jellyfin" = {
|
||||||
|
hostPath = "/media/main-ssd/jellyfin";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/lib/jellyfin/data/media" = {
|
||||||
|
hostPath = "/media/media";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
networking = {
|
||||||
|
defaultGateway = "${gatewayIp}";
|
||||||
|
interfaces.eth0.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
"address" = "${containerIp}";
|
||||||
|
"prefixLength" = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [
|
||||||
|
8096
|
||||||
|
];
|
||||||
|
};
|
||||||
|
useHostResolvConf = lib.mkForce false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.enable = true;
|
||||||
|
|
||||||
|
services.jellyfin = {
|
||||||
|
enable = true;
|
||||||
|
openFirewall = true;
|
||||||
|
user="jellyfin";
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.jellyfin
|
||||||
|
pkgs.jellyfin-web
|
||||||
|
pkgs.jellyfin-ffmpeg
|
||||||
|
];
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings.PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.root = {
|
||||||
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
};
|
||||||
|
|
||||||
|
system.stateVersion = "24.05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,98 @@
|
||||||
|
{
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
configVars,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
mongodbPasswordPath = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path;
|
||||||
|
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||||
|
containerName = "mongodb";
|
||||||
|
containerIp = configVars.networking.addresses.mongodb.ip;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
in {
|
||||||
|
sops.secrets = {
|
||||||
|
"software/postgres/postgres/password" = {
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.persistence."/persist" = {
|
||||||
|
hideMounts = true;
|
||||||
|
directories = [
|
||||||
|
"/var/lib/nixos-containers/${containerName}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.nat.enable = true;
|
||||||
|
networking.nat.internalInterfaces = ["ve-+"];
|
||||||
|
networking.nat.externalInterface = "br0";
|
||||||
|
|
||||||
|
containers.${containerName} = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br0";
|
||||||
|
nixpkgs = pkgs.path;
|
||||||
|
bindMounts = {
|
||||||
|
# "/var/db/mongodb" = {
|
||||||
|
# hostPath = "/media/main-ssd/mongodb";
|
||||||
|
# isReadOnly = false;
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
networking = {
|
||||||
|
defaultGateway = "${gatewayIp}";
|
||||||
|
interfaces.eth0.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
"address" = "${containerIp}";
|
||||||
|
"prefixLength" = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [
|
||||||
|
27017
|
||||||
|
];
|
||||||
|
};
|
||||||
|
useHostResolvConf = lib.mkForce false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.enable = true;
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
mongosh
|
||||||
|
];
|
||||||
|
|
||||||
|
# allow unfree packages
|
||||||
|
nixpkgs.config.allowUnfreePredicate = let
|
||||||
|
whitelist = map lib.getName [
|
||||||
|
pkgs.mongodb
|
||||||
|
];
|
||||||
|
in
|
||||||
|
pkg: builtins.elem (lib.getName pkg) whitelist;
|
||||||
|
|
||||||
|
services.mongodb = {
|
||||||
|
enable = true;
|
||||||
|
# enableAuth = true;
|
||||||
|
# initialRootPassword = mongodbPasswordPath;
|
||||||
|
bind_ip = "0.0.0.0";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings.PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.root = {
|
||||||
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
};
|
||||||
|
|
||||||
|
system.stateVersion = "24.05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,173 @@
|
||||||
|
{
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
configVars,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
bitcoin-rpcpassword-privileged = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-privileged".path;
|
||||||
|
bitcoin-rpcpassword-public = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-public".path;
|
||||||
|
bitcoin-HMAC-privileged = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-HMAC-privileged".path;
|
||||||
|
bitcoin-HMAC-public = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-HMAC-public".path;
|
||||||
|
containerName = "bitcoin-node";
|
||||||
|
containerIp = configVars.networking.addresses.bitcoin-node.ip;
|
||||||
|
mempoolPort = configVars.networking.addresses.bitcoin-node.services.mempool.port;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
allowip = configVars.networking.addresses.bitcoin-node.services.bitcoind.allowip;
|
||||||
|
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||||
|
in {
|
||||||
|
sops.secrets = {
|
||||||
|
"software/bitcoind/bitcoin-rpcpassword-privileged" = {};
|
||||||
|
"software/bitcoind/bitcoin-rpcpassword-public" = {};
|
||||||
|
"software/bitcoind/bitcoin-HMAC-privileged" = {};
|
||||||
|
"software/bitcoind/bitcoin-HMAC-public" = {};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.persistence."/persist" = {
|
||||||
|
hideMounts = true;
|
||||||
|
directories = [
|
||||||
|
"/var/lib/nixos-containers/${containerName}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.nat.enable = true;
|
||||||
|
networking.nat.internalInterfaces = ["ve-+"];
|
||||||
|
networking.nat.externalInterface = "br0";
|
||||||
|
|
||||||
|
containers.${containerName} = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br0";
|
||||||
|
nixpkgs = pkgs.path;
|
||||||
|
bindMounts = {
|
||||||
|
"/etc/nix-bitcoin-secrets/bitcoin-rpcpassword-privileged" = {
|
||||||
|
hostPath = "${bitcoin-rpcpassword-privileged}";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/etc/nix-bitcoin-secrets/bitcoin-rpcpassword-public" = {
|
||||||
|
hostPath = "${bitcoin-rpcpassword-public}";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/etc/nix-bitcoin-secrets/bitcoin-HMAC-privileged" = {
|
||||||
|
hostPath = "${bitcoin-HMAC-privileged}";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/etc/nix-bitcoin-secrets/bitcoin-HMAC-public" = {
|
||||||
|
hostPath = "${bitcoin-HMAC-public}";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/lib/bitcoind" = {
|
||||||
|
hostPath = "/media/main-ssd/nix-bitcoin/bitcoind";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/lib/electrs" = {
|
||||||
|
hostPath = "/media/main-ssd/nix-bitcoin/electrs";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/lib/mysql" = {
|
||||||
|
hostPath = "/media/main-ssd/nix-bitcoin/mysql";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
"/var/lib/tor" = {
|
||||||
|
hostPath = "/media/main-ssd/nix-bitcoin/tor";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
inputs.nix-bitcoin.nixosModules.default
|
||||||
|
];
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
vim
|
||||||
|
lsof
|
||||||
|
jq
|
||||||
|
];
|
||||||
|
networking = {
|
||||||
|
defaultGateway = "${gatewayIp}";
|
||||||
|
interfaces.eth0.ipv4.addresses = [ { "address" = "${containerIp}"; "prefixLength" = 24; } ];
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
|
22
|
||||||
|
config.containers.bitcoin-node.config.services.bitcoind.rpc.port
|
||||||
|
config.containers.bitcoin-node.config.services.mempool.frontend.port
|
||||||
|
config.containers.bitcoin-node.config.services.electrs.port
|
||||||
|
];
|
||||||
|
};
|
||||||
|
useHostResolvConf = lib.mkForce false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.enable = true;
|
||||||
|
|
||||||
|
# node services here
|
||||||
|
nix-bitcoin.generateSecrets = true;
|
||||||
|
services = {
|
||||||
|
tor = {
|
||||||
|
enable = true;
|
||||||
|
client.enable = true;
|
||||||
|
};
|
||||||
|
bitcoind = {
|
||||||
|
tor.proxy = true;
|
||||||
|
tor.enforce = true;
|
||||||
|
enable = true;
|
||||||
|
dataDir = "/var/lib/bitcoind";
|
||||||
|
dbCache = 5000;
|
||||||
|
txindex = true;
|
||||||
|
rpc = {
|
||||||
|
address = "0.0.0.0";
|
||||||
|
threads = 6;
|
||||||
|
allowip = allowip;
|
||||||
|
users = let
|
||||||
|
name = "bitcoin";
|
||||||
|
in {
|
||||||
|
privileged.name = name;
|
||||||
|
public.name = name;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
extraConfig = ''
|
||||||
|
onlynet=onion
|
||||||
|
bind=127.0.0.1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
electrs = {
|
||||||
|
tor.enforce = true;
|
||||||
|
enable = true;
|
||||||
|
dataDir = "/var/lib/electrs";
|
||||||
|
address = "0.0.0.0";
|
||||||
|
};
|
||||||
|
mempool = {
|
||||||
|
enable = true;
|
||||||
|
electrumServer = "electrs";
|
||||||
|
frontend = {
|
||||||
|
port = mempoolPort;
|
||||||
|
address = "0.0.0.0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
nix-bitcoin.onionServices = {
|
||||||
|
bitcoind.enable = true;
|
||||||
|
electrs.enable = true;
|
||||||
|
mempool-frontend.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings.PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.root = {
|
||||||
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
};
|
||||||
|
|
||||||
|
system.stateVersion = "24.05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,120 @@
|
||||||
|
{
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
configVars,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
postgresPasswordPath = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/postgres/password".path;
|
||||||
|
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||||
|
containerName = "postgres";
|
||||||
|
containerIp = configVars.networking.addresses.postgres.ip;
|
||||||
|
subnetIp = configVars.networking.addresses.subnet.ip;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
in {
|
||||||
|
sops.secrets = {
|
||||||
|
"software/postgres/postgres/password" = {
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.persistence."/persist" = {
|
||||||
|
hideMounts = true;
|
||||||
|
directories = [
|
||||||
|
"/var/lib/nixos-containers/${containerName}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.nat.enable = true;
|
||||||
|
networking.nat.internalInterfaces = ["ve-+"];
|
||||||
|
networking.nat.externalInterface = "br0";
|
||||||
|
|
||||||
|
containers.${containerName} = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostBridge = "br0";
|
||||||
|
nixpkgs = pkgs.path;
|
||||||
|
bindMounts = {
|
||||||
|
"/var/lib/postgresql" = {
|
||||||
|
hostPath = "/media/main-ssd/postgresql";
|
||||||
|
isReadOnly = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
networking = {
|
||||||
|
defaultGateway = "${gatewayIp}";
|
||||||
|
interfaces.eth0.ipv4.addresses = [
|
||||||
|
{
|
||||||
|
"address" = "${containerIp}";
|
||||||
|
"prefixLength" = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [
|
||||||
|
5432
|
||||||
|
];
|
||||||
|
};
|
||||||
|
useHostResolvConf = lib.mkForce false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.enable = true;
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
lsof
|
||||||
|
];
|
||||||
|
|
||||||
|
services.postgresql = {
|
||||||
|
enable = true;
|
||||||
|
enableJIT = true;
|
||||||
|
package = pkgs.postgresql_16;
|
||||||
|
extraPlugins = with pkgs.postgresql_16.pkgs; [ postgis ];
|
||||||
|
enableTCPIP = true;
|
||||||
|
settings = {
|
||||||
|
max_worker_processes = "12";
|
||||||
|
max_parallel_workers = "8";
|
||||||
|
max_parallel_workers_per_gather = "4";
|
||||||
|
max_connections = "100";
|
||||||
|
autovacuum_work_mem = "2GB";
|
||||||
|
shared_buffers = "32GB";
|
||||||
|
work_mem = "0.32GB";
|
||||||
|
maintenance_work_mem = "64MB";
|
||||||
|
};
|
||||||
|
authentication = pkgs.lib.mkOverride 10 ''
|
||||||
|
#type database DBuser origin-address auth-method
|
||||||
|
local all postgres peer
|
||||||
|
host all all ${subnetIp}/24 scram-sha-256
|
||||||
|
local replication all peer
|
||||||
|
host replication all 127.0.0.1/32 scram-sha-256
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.postgresql.postStart = ''
|
||||||
|
$PSQL -tA <<'EOF'
|
||||||
|
DO $$
|
||||||
|
DECLARE password TEXT;
|
||||||
|
BEGIN
|
||||||
|
password := trim(both from replace(pg_read_file('${postgresPasswordPath}'), E'\n', '''));
|
||||||
|
EXECUTE format('ALTER ROLE postgres WITH PASSWORD '''%s''';', password);
|
||||||
|
END $$;
|
||||||
|
EOF
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings.PasswordAuthentication = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.users.root = {
|
||||||
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
};
|
||||||
|
|
||||||
|
system.stateVersion = "24.05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -4,6 +4,7 @@
|
||||||
hideMounts = true;
|
hideMounts = true;
|
||||||
directories = [
|
directories = [
|
||||||
"/etc/nixos"
|
"/etc/nixos"
|
||||||
|
"/srv"
|
||||||
"/var/log"
|
"/var/log"
|
||||||
"/var/lib/nixos"
|
"/var/lib/nixos"
|
||||||
"/var/lib/systemd/coredump"
|
"/var/lib/systemd/coredump"
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
serverIp = configVars.networking.addresses.merlin.ip;
|
||||||
|
in {
|
||||||
|
services = {
|
||||||
|
udev.packages = [pkgs.sane-airscan];
|
||||||
|
printing = {
|
||||||
|
enable = true;
|
||||||
|
drivers = [pkgs.gutenprint pkgs.hplip];
|
||||||
|
};
|
||||||
|
avahi = {
|
||||||
|
enable = true;
|
||||||
|
nssmdns4 = true;
|
||||||
|
openFirewall = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
hardware = {
|
||||||
|
sane = {
|
||||||
|
enable = true;
|
||||||
|
extraBackends = [pkgs.sane-airscan];
|
||||||
|
netConf = "${serverIp}";
|
||||||
|
};
|
||||||
|
printers = {
|
||||||
|
ensurePrinters = [
|
||||||
|
{
|
||||||
|
name = "HP_ENVY_6000";
|
||||||
|
description = "Network printer hosted on bob";
|
||||||
|
location = "bob";
|
||||||
|
deviceUri = "ipp://bob/printers/HP_ENVY_6000_series";
|
||||||
|
model = "everywhere";
|
||||||
|
ppdOptions = {
|
||||||
|
PageSize = "A4";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,12 @@
|
||||||
|
{pkgs, ...}: let
|
||||||
|
customLayout = pkgs.writeText "xkb-layout" ''
|
||||||
|
keycode 64 = Mode_switch
|
||||||
|
keycode 43 = h H Left H
|
||||||
|
keycode 44 = j J Down J
|
||||||
|
keycode 45 = k K Up K
|
||||||
|
keycode 46 = l L Right L
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
# Remap Alt_L +[hjkl] to left down up right
|
||||||
|
services.xserver.displayManager.sessionCommands = "sleep 5 && ${pkgs.xorg.xmodmap}/bin/xmodmap ${customLayout}";
|
||||||
|
}
|
|
@ -1,5 +1,6 @@
|
||||||
{ pkgs, inputs, config, lib, ... }:
|
{ pkgs, inputs, config, lib, ... }:
|
||||||
let
|
let
|
||||||
|
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
||||||
username = "admin";
|
username = "admin";
|
||||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
||||||
hostname = config.networking.hostName;
|
hostname = config.networking.hostName;
|
||||||
|
@ -15,7 +16,14 @@ in
|
||||||
hashedPasswordFile = sopsHashedPasswordFile;
|
hashedPasswordFile = sopsHashedPasswordFile;
|
||||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
|
||||||
extraGroups = ["wheel"];
|
extraGroups = [
|
||||||
|
"wheel"
|
||||||
|
] ++ ifTheyExist [
|
||||||
|
"docker"
|
||||||
|
"lxc"
|
||||||
|
"git"
|
||||||
|
"podman"
|
||||||
|
];
|
||||||
|
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
];
|
];
|
||||||
|
@ -36,11 +44,6 @@ in
|
||||||
mode = "0644";
|
mode = "0644";
|
||||||
owner = "${username}";
|
owner = "${username}";
|
||||||
};
|
};
|
||||||
"ssh_keys/deploy_key/id_ed25519" = {
|
|
||||||
path = "/home/${username}/.ssh/deploy_key-ssh-ed25519";
|
|
||||||
mode = "0644";
|
|
||||||
owner = "${username}";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDgPtDNQEN97mnrq/v9RPMUaSjLpIaF/ga/L41xETB9h0y5jdpPUMbZ6uTV6vW8Vm1YW2tzEs2l1lxb9yTrsK8hdVfz8/vWvDSbsUIJn3gOQSOTNQ+nNFFYlKqNhypK+3Mn8BD7EeJaLNK8Ahr/87PS0c/B5YN+TcntsEZpsXF7U2CCqMh559JXp1byie7DuwTYUdvjdDtCidYNphGoEljuzID+lJFBYsaa5SQFlmrr7HcQfaE/MwyxyPRryRnlO7E9k12BrL56UONYycyTf4dyK9MnhhO0wAkIoHyd46/sAdgvNrloY4I+WLjUOqKY6vys8kxG7xNcmN5XfeDJXrPMhW5N0Kz2dc/Yu8SOG8weCiz7uuDjcxYz9eK5cxKgg37A+drbgddoHTi7GCM5Q6wN2Jlig0++6Xo2CGOUKpNOmGBRGAjlIByXYWu1KFRBVclXZES/g38274gRihVk3WCbtLEUafS7wsl8ruMmecU7rhDL7fITd2hWvBkONpA7RxLlMTBfMAEXuq4hOystGZeZj7KusPG4purJDtT+3rCcl5LZ8cn4G5fvINTbXeix5pOz/TdSGNTSJW7ML2W0W6Q+2kVO0l2N/+6IA/rPa4j+AwTODBxWkWVHEBRncJ5hIh5iFz+dSnmllkwOi41tbDFmdGuDeyQ0dsq4wXrBzXGfxw== samual.shop@protonmail.com :: laptop
|
|
|
@ -1,22 +1,26 @@
|
||||||
{ pkgs, inputs, config, lib, ... }:
|
{
|
||||||
let
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
username = "media";
|
username = "media";
|
||||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
pubKeys = lib.filesystem.listFilesRecursive ../keys;
|
||||||
hostname = config.networking.hostName;
|
hostname = config.networking.hostName;
|
||||||
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path;
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path;
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
|
in {
|
||||||
in
|
|
||||||
{
|
|
||||||
users.users.${username} = {
|
users.users.${username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
shell = pkgs.zsh; # default shell
|
shell = pkgs.zsh; # default shell
|
||||||
hashedPasswordFile = sopsHashedPasswordFile;
|
hashedPasswordFile = sopsHashedPasswordFile;
|
||||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
|
||||||
extraGroups =
|
extraGroups = [
|
||||||
[
|
"scanner"
|
||||||
|
"lp"
|
||||||
"wheel"
|
"wheel"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -65,13 +69,11 @@ in
|
||||||
# The containing ssh folders are created as root and if this is the first ~/.ssh/ entry when writing keys,
|
# The containing ssh folders are created as root and if this is the first ~/.ssh/ entry when writing keys,
|
||||||
# the ownership is busted and home-manager can't target because it can't write into .ssh...
|
# the ownership is busted and home-manager can't target because it can't write into .ssh...
|
||||||
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
||||||
system.activationScripts.sopsSetSshOwnwership =
|
system.activationScripts.sopsSetSshOwnwership = let
|
||||||
let
|
|
||||||
sshFolder = "/home/${username}/.ssh";
|
sshFolder = "/home/${username}/.ssh";
|
||||||
user = config.users.users.${username}.name;
|
user = config.users.users.${username}.name;
|
||||||
group = config.users.users.${username}.group;
|
group = config.users.users.${username}.group;
|
||||||
in
|
in ''
|
||||||
''
|
|
||||||
mkdir -p ${sshFolder} || true
|
mkdir -p ${sshFolder} || true
|
||||||
chown -R ${user}:${group} /home/${username}/.ssh
|
chown -R ${user}:${group} /home/${username}/.ssh
|
||||||
'';
|
'';
|
||||||
|
@ -82,7 +84,7 @@ in
|
||||||
programs.fuse.userAllowOther = true;
|
programs.fuse.userAllowOther = true;
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
extraSpecialArgs = { inherit inputs; };
|
extraSpecialArgs = {inherit inputs;};
|
||||||
users = {
|
users = {
|
||||||
${username} = import ../../../../home/${hostname}.nix;
|
${username} = import ../../../../home/${hostname}.nix;
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,13 +1,19 @@
|
||||||
{ pkgs, inputs, config, lib, ... }:
|
{
|
||||||
let
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
hostname = config.networking.hostName;
|
hostname = config.networking.hostName;
|
||||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
pubKeys = lib.filesystem.listFilesRecursive ../keys;
|
||||||
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path;
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path;
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
|
baseddataPostgresIp = configVars.networking.addresses.postgres.ip;
|
||||||
username = "sam";
|
username = "sam";
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
users.users.${username} = {
|
users.users.${username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
shell = pkgs.zsh; # default shell
|
shell = pkgs.zsh; # default shell
|
||||||
|
@ -16,10 +22,14 @@ in
|
||||||
|
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"wheel"
|
"wheel"
|
||||||
|
"networkmanager"
|
||||||
|
"scanner"
|
||||||
|
"lp"
|
||||||
|
"docker"
|
||||||
|
"podman"
|
||||||
];
|
];
|
||||||
|
|
||||||
};
|
};
|
||||||
|
services.tailscale.enable = true;
|
||||||
sops.secrets = {
|
sops.secrets = {
|
||||||
"passwords/${username}" = {
|
"passwords/${username}" = {
|
||||||
sopsFile = "${secretsFile}";
|
sopsFile = "${secretsFile}";
|
||||||
|
@ -38,18 +48,26 @@ in
|
||||||
"github-access-token" = {
|
"github-access-token" = {
|
||||||
mode = "0655";
|
mode = "0655";
|
||||||
};
|
};
|
||||||
"software/postgres/btc_models/password" = { };
|
"software/postgres/baseddata_models/password" = {};
|
||||||
"software/postgres/btc_models/ip" = { };
|
"software/postgres/baseddata_models/ip" = {};
|
||||||
"software/postgres/btc_models/username" = { };
|
"software/postgres/baseddata_models/username" = {};
|
||||||
"software/zotero/username" = { };
|
"software/postgres/osm/password" = {};
|
||||||
"software/zotero/password" = { };
|
"software/postgres/osm/ip" = {};
|
||||||
"software/zotero/guid" = { };
|
"software/postgres/osm/username" = {};
|
||||||
|
"software/postgres/bitcoin/password" = {};
|
||||||
|
"software/postgres/bitcoin/ip" = {};
|
||||||
|
"software/postgres/bitcoin/username" = {};
|
||||||
|
"software/postgres/baseddata/user_password" = {};
|
||||||
|
"software/postgres/baseddata/user_username" = {};
|
||||||
|
"software/zotero/username" = {};
|
||||||
|
"software/zotero/password" = {};
|
||||||
|
"software/zotero/guid" = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Setup software specific templates for user
|
# Setup software specific templates for user
|
||||||
# Should be part of home-manager - waiting for templates functionality
|
# Should be part of home-manager - waiting for templates functionality
|
||||||
# See here https://github.com/Mic92/sops-nix/issues/423 and here https://github.com/Mic92/sops-nix/issues/498
|
# See here https://github.com/Mic92/sops-nix/issues/423 and here https://github.com/Mic92/sops-nix/issues/498
|
||||||
# TODO migrate db_ui connection to home-manager when issue 423 and 498 are resolved in github:Mic92/sops-nix
|
# TODO: migrate db_ui connection to home-manager when issue 423 and 498 are resolved in github:Mic92/sops-nix
|
||||||
sops.templates."dbui_connections.json" = {
|
sops.templates."dbui_connections.json" = {
|
||||||
path = "/home/${username}/.local/share/db_ui/connections.json";
|
path = "/home/${username}/.local/share/db_ui/connections.json";
|
||||||
owner = "${username}";
|
owner = "${username}";
|
||||||
|
@ -57,12 +75,24 @@ in
|
||||||
content = ''
|
content = ''
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
"url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/btc_models",
|
"url": "postgresql://${config.sops.placeholder."software/postgres/baseddata_models/username"}:${config.sops.placeholder."software/postgres/baseddata_models/password"}@${config.sops.placeholder."software/postgres/baseddata_models/ip"}/btc_models",
|
||||||
"name": "btc_models"
|
"name": "baseddata_models"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"url": "postgresql://${config.sops.placeholder."software/postgres/btc_models/username"}:${config.sops.placeholder."software/postgres/btc_models/password"}@${config.sops.placeholder."software/postgres/btc_models/ip"}/dev_btc_models",
|
"url": "postgresql://${config.sops.placeholder."software/postgres/baseddata_models/username"}:${config.sops.placeholder."software/postgres/baseddata_models/password"}@${config.sops.placeholder."software/postgres/baseddata_models/ip"}/dev_baseddata_models",
|
||||||
"name": "dev_btc_models"
|
"name": "dev_baseddata_models"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "postgresql://${config.sops.placeholder."software/postgres/osm/username"}:${config.sops.placeholder."software/postgres/osm/password"}@${config.sops.placeholder."software/postgres/osm/ip"}/osm",
|
||||||
|
"name": "osm"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "postgresql://${config.sops.placeholder."software/postgres/bitcoin/username"}:${config.sops.placeholder."software/postgres/bitcoin/password"}@${config.sops.placeholder."software/postgres/bitcoin/ip"}/bitcoin",
|
||||||
|
"name": "bitcoin"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"url": "postgresql://${config.sops.placeholder."software/postgres/baseddata/user_username"}:${config.sops.placeholder."software/postgres/baseddata/user_password"}@${baseddataPostgresIp}/baseddata",
|
||||||
|
"name": "baseddata"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
'';
|
'';
|
||||||
|
@ -73,27 +103,27 @@ in
|
||||||
owner = "${username}";
|
owner = "${username}";
|
||||||
mode = "0600";
|
mode = "0600";
|
||||||
content = ''
|
content = ''
|
||||||
bitcoin:
|
baseddata:
|
||||||
target: dev
|
target: dev
|
||||||
outputs:
|
outputs:
|
||||||
dev:
|
dev:
|
||||||
dbname: dev_btc_models
|
dbname: dev_baseddata
|
||||||
host: ${config.sops.placeholder."software/postgres/btc_models/ip"}
|
host: ${baseddataPostgresIp}
|
||||||
pass: '${config.sops.placeholder."software/postgres/btc_models/password"}'
|
pass: '${config.sops.placeholder."software/postgres/baseddata/user_password"}'
|
||||||
port: 5432
|
port: 5432
|
||||||
schema: models
|
schema: models
|
||||||
threads: 6
|
threads: 6
|
||||||
type: postgres
|
type: postgres
|
||||||
user: ${config.sops.placeholder."software/postgres/btc_models/username"}
|
user: ${config.sops.placeholder."software/postgres/baseddata/user_username"}
|
||||||
prod:
|
prod:
|
||||||
dbname: btc_models
|
dbname: baseddata
|
||||||
host: ${config.sops.placeholder."software/postgres/btc_models/ip"}
|
host: ${baseddataPostgresIp}
|
||||||
pass: '${config.sops.placeholder."software/postgres/btc_models/password"}'
|
pass: '${config.sops.placeholder."software/postgres/baseddata/user_password"}'
|
||||||
port: 5432
|
port: 5432
|
||||||
schema: models
|
schema: models
|
||||||
threads: 6
|
threads: 6
|
||||||
type: postgres
|
type: postgres
|
||||||
user: ${config.sops.placeholder."software/postgres/btc_models/username"}
|
user: ${config.sops.placeholder."software/postgres/baseddata/user_username"}
|
||||||
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
@ -107,13 +137,11 @@ in
|
||||||
# The containing folders are created as root and if this is the first entry when writing files,
|
# The containing folders are created as root and if this is the first entry when writing files,
|
||||||
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
||||||
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
||||||
system.activationScripts.sopsSetOwnwership =
|
system.activationScripts.sopsSetOwnwership = let
|
||||||
let
|
|
||||||
sshFolder = "/home/${username}/.ssh";
|
sshFolder = "/home/${username}/.ssh";
|
||||||
user = config.users.users.${username}.name;
|
user = config.users.users.${username}.name;
|
||||||
group = config.users.users.${username}.group;
|
group = config.users.users.${username}.group;
|
||||||
in
|
in ''
|
||||||
''
|
|
||||||
mkdir -p ${sshFolder} || true
|
mkdir -p ${sshFolder} || true
|
||||||
chown -R ${user}:${group} /home/${username}/.ssh
|
chown -R ${user}:${group} /home/${username}/.ssh
|
||||||
'';
|
'';
|
||||||
|
@ -127,13 +155,9 @@ in
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
extraSpecialArgs = { inherit inputs; };
|
extraSpecialArgs = {inherit inputs;};
|
||||||
users = {
|
users = {
|
||||||
${username} = import ../../../../home/${hostname}.nix;
|
${username} = import ../../../../home/${hostname}.nix;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = [
|
|
||||||
#inputs.sqlfmt.packages.x86_64-linux.sqlfmt
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,50 +0,0 @@
|
||||||
{ inputs, config, lib, pkgs, outputs, configLib, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports =
|
|
||||||
[
|
|
||||||
# Import core options
|
|
||||||
./hardware-configuration.nix
|
|
||||||
../common/core
|
|
||||||
|
|
||||||
# Import optional options
|
|
||||||
../common/optional/openssh
|
|
||||||
../common/optional/fileserver-nfs-mount.nix
|
|
||||||
|
|
||||||
# Create users for this host
|
|
||||||
../common/users/admin
|
|
||||||
|
|
||||||
];
|
|
||||||
|
|
||||||
nixpkgs = {
|
|
||||||
overlays = [
|
|
||||||
outputs.overlays.additions
|
|
||||||
outputs.overlays.modifications
|
|
||||||
outputs.overlays.unstable-packages
|
|
||||||
];
|
|
||||||
config = {
|
|
||||||
allowUnfree = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
||||||
|
|
||||||
boot.loader.grub.enable = true;
|
|
||||||
boot.loader.grub.device = "/dev/vda";
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "fileserver";
|
|
||||||
networkmanager.enable = true;
|
|
||||||
enableIPv6 = false;
|
|
||||||
hosts = { "192.168.122.223" = [ "fileserver" ]; };
|
|
||||||
};
|
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
|
||||||
|
|
||||||
programs.gnupg.agent = {
|
|
||||||
enable = true;
|
|
||||||
enableSSHSupport = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
{ inputs, config, lib, pkgs, outputs, ... }:
|
{ inputs, ... }:
|
||||||
let
|
let
|
||||||
# Disko setup
|
# Disko setup
|
||||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||||
dev = "/dev/sda"; # depends on target hardware
|
dev = "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00005";
|
||||||
encrypted = false; # currrently only applies to btrfs
|
encrypted = false; # currrently only applies to btrfs
|
||||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
impermanence = false;
|
||||||
user = "admin";
|
user = "admin";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -13,9 +13,9 @@ in
|
||||||
# Create users for this host
|
# Create users for this host
|
||||||
../common/users/${user}
|
../common/users/${user}
|
||||||
|
|
||||||
# Disk configuration
|
# Root disk configuration
|
||||||
inputs.disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
(import ../common/disks { device = dev; fsType = fsType; encrypted = encrypted; })
|
(import ../common/disks { device = dev; impermanence = impermanence; fsType = fsType; encrypted = encrypted; })
|
||||||
|
|
||||||
# Import core options
|
# Import core options
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
@ -23,21 +23,29 @@ in
|
||||||
|
|
||||||
# Import optional options
|
# Import optional options
|
||||||
../common/optional/openssh.nix
|
../common/optional/openssh.nix
|
||||||
|
../common/optional/docker
|
||||||
|
../common/optional/docker/postgres.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.loader.grub.enable = true;
|
boot = {
|
||||||
boot.loader.grub.device = "/dev/sda";
|
loader = {
|
||||||
|
systemd-boot.enable = true;
|
||||||
|
efi.canTouchEfiVariables = true;
|
||||||
|
timeout = 3;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "nebula";
|
hostName = "merlin";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
enableIPv6 = false;
|
enableIPv6 = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.supportedFilesystems = [ "zfs" ];
|
boot.supportedFilesystems = [ "zfs" ];
|
||||||
boot.zfs.forceImportRoot = false;
|
boot.zfs.forceImportRoot = false;
|
||||||
networking.hostId = "18aec5d7"
|
networking.hostId = "18aec5d7";
|
||||||
|
boot.zfs.extraPools = [ "zspeed" ];
|
||||||
|
|
||||||
services.libinput.enable = true;
|
services.libinput.enable = true;
|
||||||
}
|
}
|
|
@ -8,18 +8,11 @@
|
||||||
[ (modulesPath + "/profiles/qemu-guest.nix")
|
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk" ];
|
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
|
||||||
{ device = "/dev/disk/by-uuid/9bed98b2-5ee2-4408-a9b1-6d40e9b68135";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [ ];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
# still possible to use this option, but it's recommended to use it in conjunction
|
|
@ -1,34 +0,0 @@
|
||||||
{ inputs, config, lib, pkgs, outputs,... }:
|
|
||||||
let
|
|
||||||
dev = "/dev/vda";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
imports =
|
|
||||||
[
|
|
||||||
# Import core options
|
|
||||||
./hardware-configuration.nix
|
|
||||||
../common/core
|
|
||||||
|
|
||||||
# Import optional options
|
|
||||||
../common/optional/pipewire.nix
|
|
||||||
../common/optional/hyprland.nix
|
|
||||||
../common/optional/displayManager/sddm.nix
|
|
||||||
../common/optional/openssh.nix
|
|
||||||
|
|
||||||
# Create users for this host
|
|
||||||
../common/users/sam
|
|
||||||
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.loader.grub.enable = true;
|
|
||||||
boot.loader.grub.device = "${dev}";
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "nixdev";
|
|
||||||
networkmanager.enable = true;
|
|
||||||
enableIPv6 = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.libinput.enable = true;
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,33 +0,0 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports =
|
|
||||||
[ (modulesPath + "/profiles/qemu-guest.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
|
|
||||||
boot.initrd.kernelModules = [ ];
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
fileSystems."/" =
|
|
||||||
{ device = "/dev/disk/by-uuid/f9abe09a-de68-4913-b6c5-ad55b473a961";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices =
|
|
||||||
[ { device = "/dev/disk/by-uuid/fe24d2ba-2fbc-4ef5-8139-a26f4fc3f3e3"; }
|
|
||||||
];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
}
|
|
|
@ -1,25 +1,43 @@
|
||||||
{ inputs, config, lib, pkgs, outputs, ... }:
|
{
|
||||||
let
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
# Disko setup
|
# Disko setup
|
||||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||||
dev = "/dev/nvme0n1"; # depends on target hardware
|
dev = "/dev/nvme0n1"; # depends on target hardware
|
||||||
encrypted = true; # currrently only applies to btrfs
|
encrypted = true; # currrently only applies to btrfs
|
||||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
btrfsMountDevice =
|
||||||
|
if encrypted
|
||||||
|
then "/dev/mapper/crypted"
|
||||||
|
else "/dev/root_vg/root";
|
||||||
user = "sam";
|
user = "sam";
|
||||||
in
|
impermanence = true;
|
||||||
{
|
pieholeIp = configVars.networking.addresses.piehole.ip;
|
||||||
imports =
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
[
|
semitaIp = configVars.networking.addresses.semita.ip;
|
||||||
|
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
# Create users for this host
|
# Create users for this host
|
||||||
../common/users/${user}
|
../common/users/${user}
|
||||||
|
|
||||||
# Disk configuration
|
# Disk configuration
|
||||||
inputs.disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
(import ../common/disks { device = dev; fsType = fsType; encrypted = encrypted; })
|
(import ../common/disks {
|
||||||
|
device = dev;
|
||||||
|
impermanence = impermanence;
|
||||||
|
fsType = fsType;
|
||||||
|
encrypted = encrypted;
|
||||||
|
})
|
||||||
|
|
||||||
# Impermanence
|
# Impermanence
|
||||||
inputs.impermanence.nixosModules.impermanence
|
(import ../common/disks/btrfs/impermanence.nix {
|
||||||
(import ../common/disks/btrfs-impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; })
|
btrfsMountDevice = btrfsMountDevice;
|
||||||
|
lib = lib;
|
||||||
|
})
|
||||||
|
|
||||||
# Import core options
|
# Import core options
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
@ -30,11 +48,25 @@ in
|
||||||
../common/optional/pipewire.nix
|
../common/optional/pipewire.nix
|
||||||
../common/optional/openssh.nix
|
../common/optional/openssh.nix
|
||||||
../common/optional/dwm.nix
|
../common/optional/dwm.nix
|
||||||
|
../common/optional/nfs-mounts/media.nix
|
||||||
|
../common/optional/nfs-mounts/homeshare.nix
|
||||||
|
../common/optional/printing.nix
|
||||||
|
../common/optional/docker
|
||||||
|
../common/optional/nixos-containers/nix-bitcoin.nix
|
||||||
|
../common/optional/nixos-containers/postgres.nix
|
||||||
|
../common/optional/nixos-containers/jellyfin.nix
|
||||||
|
../common/optional/nixos-containers/baseddata-worker.nix
|
||||||
|
../common/optional/nixos-containers/mongodb.nix
|
||||||
|
../common/optional/nix-ld.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
fileSystems."/media/main-ssd" = {
|
||||||
|
device = "/dev/disk/by-uuid/ba884006-e813-4b67-9fe6-62aea08b3b59";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
blacklistedKernelModules = [ "snd_hda_intel" "snd_soc_skl" ];
|
blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
|
||||||
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
||||||
loader = {
|
loader = {
|
||||||
systemd-boot.enable = true;
|
systemd-boot.enable = true;
|
||||||
|
@ -43,14 +75,67 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
xserver = {
|
||||||
|
dpi = 144;
|
||||||
|
upscaleDefaultCursor = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.variables = {
|
||||||
|
GDK_SCALE = "2";
|
||||||
|
GDK_DPI_SCALE = "0.6";
|
||||||
|
_JAVA_OPTIONS = "-Dsun.java2d.uiScale=1.8";
|
||||||
|
QT_AUTO_SCREEN_SCALE_FACTOR = "1";
|
||||||
|
XCURSOR_SIZE = "32";
|
||||||
|
};
|
||||||
|
|
||||||
hardware.firmware = [
|
hardware.firmware = [
|
||||||
pkgs.sof-firmware
|
pkgs.sof-firmware
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Add hardware support for intel gpus as specified here: https://nixos.wiki/wiki/Jellyfin
|
||||||
|
nixpkgs.config.packageOverrides = pkgs: {
|
||||||
|
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ {
|
||||||
|
device = "/.swapvol/swapfile";
|
||||||
|
size = 32*1024;
|
||||||
|
} ];
|
||||||
|
|
||||||
|
hardware.opengl = {
|
||||||
|
enable = true;
|
||||||
|
extraPackages = with pkgs; [
|
||||||
|
intel-media-driver
|
||||||
|
intel-vaapi-driver
|
||||||
|
vaapiVdpau
|
||||||
|
libvdpau-va-gl
|
||||||
|
intel-compute-runtime
|
||||||
|
# only available on unstable
|
||||||
|
unstable.vpl-gpu-rt
|
||||||
|
intel-media-sdk
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "semita";
|
hostName = "semita";
|
||||||
networkmanager.enable = true;
|
nameservers = ["${pieholeIp}" "${gatewayIp}" "8.8.8.8"];
|
||||||
enableIPv6 = false;
|
defaultGateway = "${gatewayIp}";
|
||||||
|
useDHCP = false;
|
||||||
|
bridges = {
|
||||||
|
br0 = {
|
||||||
|
interfaces = ["eth0"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
interfaces.br0 = {
|
||||||
|
ipv4.addresses = [
|
||||||
|
{
|
||||||
|
"address" = "${semitaIp}";
|
||||||
|
"prefixLength" = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.libinput.enable = true;
|
services.libinput.enable = true;
|
||||||
|
|
|
@ -1,24 +1,40 @@
|
||||||
{ inputs, config, lib, pkgs, outputs, ... }:
|
{
|
||||||
let
|
inputs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
configVars,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
# Disko setup
|
# Disko setup
|
||||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||||
dev = "/dev/sda"; # depends on target hardware
|
dev = "/dev/sda"; # depends on target hardware
|
||||||
encrypted = false; # currrently only applies to btrfs
|
encrypted = false; # currrently only applies to btrfs
|
||||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
btrfsMountDevice =
|
||||||
in
|
if encrypted
|
||||||
{
|
then "/dev/mapper/crypted"
|
||||||
imports =
|
else "/dev/root_vg/root";
|
||||||
[
|
impermanence = true;
|
||||||
|
pieholeIp = configVars.networking.addresses.piehole.ip;
|
||||||
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
# Create users for this host
|
# Create users for this host
|
||||||
../common/users/media
|
../common/users/media
|
||||||
|
|
||||||
# Disk configuration
|
# Disk configuration
|
||||||
inputs.disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
(import ../common/disks { device = dev; fsType = fsType; encrypted = encrypted; })
|
(import ../common/disks {
|
||||||
|
device = dev;
|
||||||
|
impermanence = impermanence;
|
||||||
|
fsType = fsType;
|
||||||
|
encrypted = encrypted;
|
||||||
|
})
|
||||||
|
|
||||||
# Impermanence
|
# Impermanence
|
||||||
inputs.impermanence.nixosModules.impermanence
|
(import ../common/disks/btrfs/impermanence.nix {
|
||||||
(import ../common/disks/btrfs-impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; })
|
btrfsMountDevice = btrfsMountDevice;
|
||||||
|
lib = lib;
|
||||||
|
})
|
||||||
|
|
||||||
# Import core options
|
# Import core options
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
@ -27,8 +43,9 @@ in
|
||||||
# Import optional options
|
# Import optional options
|
||||||
../common/optional/openssh.nix
|
../common/optional/openssh.nix
|
||||||
../common/optional/persistence.nix
|
../common/optional/persistence.nix
|
||||||
|
../common/optional/nfs-mounts/media.nix
|
||||||
../common/optional/gaming.nix
|
../common/optional/gaming.nix
|
||||||
|
../common/optional/printing.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
|
@ -38,12 +55,13 @@ in
|
||||||
timeout = 3;
|
timeout = 3;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
boot.kernelParams = [ "i915.enable_psr=0" ];
|
boot.kernelParams = ["i915.enable_psr=0"];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "sparky";
|
hostName = "sparky";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
enableIPv6 = false;
|
enableIPv6 = false;
|
||||||
|
nameservers = ["${pieholeIp}" "${gatewayIp}" "8.8.8.8"];
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg:
|
nixpkgs.config.allowUnfreePredicate = pkg:
|
||||||
|
@ -59,7 +77,7 @@ in
|
||||||
|
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
videoDrivers = [ "nvidia" ];
|
videoDrivers = ["nvidia"];
|
||||||
displayManager.lightdm.enable = true;
|
displayManager.lightdm.enable = true;
|
||||||
exportConfiguration = true;
|
exportConfiguration = true;
|
||||||
deviceSection = ''
|
deviceSection = ''
|
||||||
|
|
10
justfile
10
justfile
|
@ -1,4 +1,4 @@
|
||||||
SOPS_FILE := "../nix-secrets/secrets.yaml"
|
SOPS_FILE := "~/.local/share/src/nix-secrets/secrets.yaml"
|
||||||
|
|
||||||
# default recipe to display help information
|
# default recipe to display help information
|
||||||
default:
|
default:
|
||||||
|
@ -14,6 +14,11 @@ rebuild-system:
|
||||||
git add *.nix
|
git add *.nix
|
||||||
sudo nixos-rebuild switch --option eval-cache false --flake .#$(hostname)
|
sudo nixos-rebuild switch --option eval-cache false --flake .#$(hostname)
|
||||||
|
|
||||||
|
# test full system rebuild from flake (stages changes and automatically detects host)
|
||||||
|
rebuild-system-test:
|
||||||
|
git add *.nix
|
||||||
|
sudo nixos-rebuild test --option eval-cache false --flake .#$(hostname)
|
||||||
|
|
||||||
# updates all flake inputs for system
|
# updates all flake inputs for system
|
||||||
update-flake:
|
update-flake:
|
||||||
nix flake update
|
nix flake update
|
||||||
|
@ -23,10 +28,11 @@ update-flake:
|
||||||
edit-sops:
|
edit-sops:
|
||||||
echo "Editing {{SOPS_FILE}}"
|
echo "Editing {{SOPS_FILE}}"
|
||||||
nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
|
nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops {{SOPS_FILE}}"
|
||||||
|
cd $(dirname {{SOPS_FILE}}) && git add . && git commit -m "autocommit" && git push
|
||||||
|
|
||||||
# update keys in secrets.yaml and push to remote
|
# update keys in secrets.yaml and push to remote
|
||||||
update-sops-secrets:
|
update-sops-secrets:
|
||||||
cd ../nix-secrets && (\
|
cd ~/.local/share/src/nix-secrets && (\
|
||||||
nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \
|
nix-shell -p sops --run "sops updatekeys -y secrets.yaml" && \
|
||||||
git add -u && (git commit -m "updated secrets" || true) && git push \
|
git add -u && (git commit -m "updated secrets" || true) && git push \
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
pkgs: {
|
pkgs: {
|
||||||
sddm-theme = pkgs.callPackage ./sddm-theme { };
|
sddm-theme = pkgs.callPackage ./sddm-theme {};
|
||||||
st = pkgs.callPackage ./st { };
|
st = pkgs.callPackage ./st {};
|
||||||
dwmblocks = pkgs.callPackage ./dwmblocks { };
|
dwmblocks = pkgs.callPackage ./dwmblocks {};
|
||||||
dmenu = pkgs.callPackage ./dmenu { };
|
dmenu = pkgs.callPackage ./dmenu {};
|
||||||
nsxiv = pkgs.callPackage ./nsxiv { };
|
nsxiv = pkgs.callPackage ./nsxiv {};
|
||||||
sqlfmt = pkgs.callPackage ./sqlfmt { };
|
sqlfmt = pkgs.callPackage ./sqlfmt {};
|
||||||
|
kunst = pkgs.callPackage ./kunst {};
|
||||||
|
set_wm_class = pkgs.callPackage ./set_wm_class {};
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
{ pkgs ? import <nixpkgs> { }
|
||||||
|
, fetchFromGitea ? pkgs.fetchFromGitea
|
||||||
|
}:
|
||||||
|
pkgs.stdenv.mkDerivation {
|
||||||
|
pname = "kunst";
|
||||||
|
name = "kunst";
|
||||||
|
|
||||||
|
src = fetchFromGitea {
|
||||||
|
domain = "git.bitlab21.com";
|
||||||
|
owner = "sam";
|
||||||
|
repo = "kunst";
|
||||||
|
rev = "efff362ab9ea14cae2bb6c5d246601011e345732";
|
||||||
|
sha256 = "sha256-AeAYh2z2Ty9rYfgm+EhYB99OI87aWqLURDbfT0N3wUg=";
|
||||||
|
};
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
mv kunst $out/bin
|
||||||
|
chmod 755 $out/bin/kunst
|
||||||
|
'';
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,35 @@
|
||||||
|
{ pkgs ? import <nixpkgs> { }
|
||||||
|
, fetchFromGitea ? pkgs.fetchFromGitea
|
||||||
|
, pkg-config ? pkgs.pkg-config
|
||||||
|
, libX11 ? pkgs.xorg.libX11
|
||||||
|
}:
|
||||||
|
pkgs.stdenv.mkDerivation {
|
||||||
|
pname = "set_wm_class";
|
||||||
|
name = "set_wm_class";
|
||||||
|
|
||||||
|
src = fetchFromGitea {
|
||||||
|
domain = "git.bitlab21.com";
|
||||||
|
owner = "sam";
|
||||||
|
repo = "set_wm_class";
|
||||||
|
rev = "b39fb4b360";
|
||||||
|
sha256 = "sha256-5z2YQof4jbfa1dQll5GLt2OL54UhDKZ4Dzzte7vT0zM=";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
pkg-config
|
||||||
|
];
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
libX11
|
||||||
|
];
|
||||||
|
|
||||||
|
buildPhase = ''
|
||||||
|
make
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
mv set_wm_class $out/bin
|
||||||
|
'';
|
||||||
|
|
||||||
|
}
|
|
@ -2,14 +2,17 @@
|
||||||
, fetchurl ? pkgs.fetchurl
|
, fetchurl ? pkgs.fetchurl
|
||||||
, buildPythonPackage ? pkgs.python311Packages.buildPythonPackage
|
, buildPythonPackage ? pkgs.python311Packages.buildPythonPackage
|
||||||
}:
|
}:
|
||||||
|
let
|
||||||
|
version = "0.21.4"; # this needs to be fetched from github to get the latest
|
||||||
|
in
|
||||||
buildPythonPackage {
|
buildPythonPackage {
|
||||||
pname = "shandy-sqlfmt";
|
pname = "shandy-sqlfmt";
|
||||||
version = "0.21.3";
|
|
||||||
format = "wheel";
|
format = "wheel";
|
||||||
|
version = version;
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "https://github.com/tconbeer/sqlfmt/releases/download/v0.21.3/shandy_sqlfmt-0.21.3-py3-none-any.whl";
|
url = "https://github.com/tconbeer/sqlfmt/releases/download/v${version}/shandy_sqlfmt-${version}-py3-none-any.whl";
|
||||||
sha256 = "sha256-gb/gLAcGD7F/0LL6WllfX1CW4Tug//jNDA0v9O5tedA=";
|
sha256 = "sha256-mS8afZtQxN/blaVgG2cBD/wnRZGxAwQWPJqtTji1IJk=";
|
||||||
};
|
};
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
|
@ -12,8 +12,8 @@ pkgs.stdenv.mkDerivation {
|
||||||
domain = "git.bitlab21.com";
|
domain = "git.bitlab21.com";
|
||||||
owner = "sam";
|
owner = "sam";
|
||||||
repo = "st";
|
repo = "st";
|
||||||
rev = "31e0ba8cb2086fb12741afc5fc3dfd938ca1f59b";
|
rev = "0e926487c85227aad9eed6667b91e149018014b8";
|
||||||
sha256 = "sha256-dbkXFbNr/lJveMeR7qXo7jGgF5+79S9vqKsLM7XM250=";
|
sha256 = "sha256-aUquoUotLKJDxOISIcx0RUybNvBrytc7+EF7PE1MRJU=";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [
|
nativeBuildInputs = [
|
||||||
|
|
|
@ -17,6 +17,8 @@ read -p "Enter hostname of target: " hostname
|
||||||
read -p "Enter IP of target: " ip
|
read -p "Enter IP of target: " ip
|
||||||
read -p "Enter config to install on target: " config
|
read -p "Enter config to install on target: " config
|
||||||
read -p "Enter username (if none, use 'root'): " username
|
read -p "Enter username (if none, use 'root'): " username
|
||||||
|
read -p "Using impermanence? (yes|no): " impermanence
|
||||||
|
[ "$impermanence" = "yes" ] && persist="/persist"
|
||||||
|
|
||||||
# Delete key in known hosts if exists
|
# Delete key in known hosts if exists
|
||||||
sed -i "/$ip/d" ~/.ssh/known_hosts
|
sed -i "/$ip/d" ~/.ssh/known_hosts
|
||||||
|
@ -36,23 +38,23 @@ cleanup() {
|
||||||
trap cleanup EXIT
|
trap cleanup EXIT
|
||||||
|
|
||||||
# Create the directory for target host keys
|
# Create the directory for target host keys
|
||||||
install -d -m755 "$temp/persist/etc/ssh"
|
install -d -m755 "$temp$persist/etc/ssh"
|
||||||
|
|
||||||
# Create ssh keys
|
# Create ssh keys
|
||||||
echo "Creating '$hostname' ssh keys"
|
echo "Creating '$hostname' ssh keys"
|
||||||
ssh-keygen -t ed25519 -f "$temp/persist/etc/ssh/ssh_host_ed25519_key" -C root@"$hostname" -N ""
|
ssh-keygen -t ed25519 -f "$temp$persist/etc/ssh/ssh_host_ed25519_key" -C root@"$hostname" -N ""
|
||||||
|
|
||||||
# Extract luks key from secrets
|
# Extract luks key from secrets
|
||||||
luks_secret=$(nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops -d --extract '[""\"luks_passphrase""\"][""\"$hostname""\"]' ../nix-secrets/secrets.yaml")
|
luks_secret=$(nix-shell -p sops --run "SOPS_AGE_KEY_FILE=~/.config/sops/age/keys.txt sops -d --extract '[""\"luks_passphrase""\"][""\"$hostname""\"]' ~/.local/share/src/nix-secrets/secrets.yaml")
|
||||||
echo "$luks_secret" > /tmp/luks_secret.key
|
echo "$luks_secret" > /tmp/luks_secret.key
|
||||||
|
|
||||||
# Generate age key from target host and user public ssh key
|
# Generate age key from target host and user public ssh key
|
||||||
echo "Generating age key from target host and user ssh key"
|
echo "Generating age key from target host and user ssh key"
|
||||||
HOST_AGE_KEY=$(nix-shell -p ssh-to-age --run "cat $temp/persist/etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age")
|
HOST_AGE_KEY=$(nix-shell -p ssh-to-age --run "cat $temp$persist/etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age")
|
||||||
echo -e "Host age key:\n$HOST_AGE_KEY\n"
|
echo -e "Host age key:\n$HOST_AGE_KEY\n"
|
||||||
|
|
||||||
# Update .sops.yaml with new age key:
|
# Update .sops.yaml with new age key:
|
||||||
SOPS_FILE="../nix-secrets/.sops.yaml"
|
SOPS_FILE="$HOME/.local/share/src/nix-secrets/.sops.yaml"
|
||||||
sed -i "{
|
sed -i "{
|
||||||
# Remove any * and & entries for this host
|
# Remove any * and & entries for this host
|
||||||
/[*&]$hostname/ d;
|
/[*&]$hostname/ d;
|
||||||
|
@ -61,13 +63,14 @@ sed -i "{
|
||||||
/age:/{n; p; s/\(.*- \*\).*/\1$hostname/};
|
/age:/{n; p; s/\(.*- \*\).*/\1$hostname/};
|
||||||
# Inject a new hosts: entry
|
# Inject a new hosts: entry
|
||||||
/&hosts:/{n; p; s/\(.*- &\).*/\1$hostname $HOST_AGE_KEY/}
|
/&hosts:/{n; p; s/\(.*- &\).*/\1$hostname $HOST_AGE_KEY/}
|
||||||
}" $SOPS_FILE
|
}" "$SOPS_FILE"
|
||||||
|
|
||||||
# Commit and push changes to sops file
|
# Commit and push changes to sops file
|
||||||
just update-sops-secrets && just update-flake-secrets && just update-flake
|
just update-sops-secrets && just update-flake-secrets && just update-flake
|
||||||
|
|
||||||
# Copy current nix config over to target
|
# Copy current nix config over to target
|
||||||
cp -prv . "$temp/persist/etc/nixos"
|
echo "copying current nix config to host"
|
||||||
|
cp -pr . "$temp$persist/etc/nixos"
|
||||||
|
|
||||||
# Install Nixos to target
|
# Install Nixos to target
|
||||||
SHELL=/bin/sh nix run github:nix-community/nixos-anywhere/1.3.0 -- --extra-files "$temp" --disk-encryption-keys /tmp/luks_secret.key /tmp/luks_secret.key --flake .#"$config" root@"$ip" -i "$HOME/.ssh/id_ed25519"
|
SHELL=/bin/sh nix run github:nix-community/nixos-anywhere/1.3.0 -- --extra-files "$temp" --disk-encryption-keys /tmp/luks_secret.key /tmp/luks_secret.key --flake .#"$config" root@"$ip" -i "$HOME/.ssh/id_ed25519"
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
{ pkgs ? import <nixpkgs> { } }:
|
||||||
|
|
||||||
|
pkgs.mkShell
|
||||||
|
{
|
||||||
|
nativeBuildInputs = with pkgs; [
|
||||||
|
update-nix-fetchgit
|
||||||
|
];
|
||||||
|
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue