diff --git a/flake.nix b/flake.nix index 70e794c..f173dbc 100644 --- a/flake.nix +++ b/flake.nix @@ -2,6 +2,7 @@ description = "SwarseFlake - Nix Flake for all SwarselSystems"; inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05"; @@ -67,310 +68,293 @@ url = "github:nix-community/nix-index-database"; inputs.nixpkgs.follows = "nixpkgs"; }; + }; - outputs = inputs @ { - nixpkgs, - nixpkgs-stable, - home-manager, - nix-on-droid, - emacs-overlay, - nur, - nixgl, - stylix, - sops-nix, - lanzaboote, - nixos-hardware, - nix-alien, - nixos-generators, - nswitch-rcm-nix, - nix-index-database, - ... - }: let - system = "x86_64-linux"; # not very portable, but I do not use other architectures at the moment - pkgs = import nixpkgs { - inherit system; - overlays = [ - emacs-overlay.overlay - nur.overlay - nixgl.overlay - (final: _prev: { - stable = import nixpkgs-stable { - inherit (final) system config; - }; + outputs = + inputs@{ nixpkgs + , nixpkgs-stable + , home-manager + , nix-on-droid + , emacs-overlay + , nur + , nixgl + , stylix + , sops-nix + , lanzaboote + , nixos-hardware + , nix-alien + , nixos-generators + , nswitch-rcm-nix + , nix-index-database + , ... + }: + let + + system = "x86_64-linux"; # not very portable, but I do not use other architectures at the moment + pkgs = import nixpkgs { + inherit system; + overlays = [ + emacs-overlay.overlay + nur.overlay + nixgl.overlay + (final: _prev: { + stable = import nixpkgs-stable { + inherit (final) system config; + }; + }) + ]; + config.allowUnfree = true; + }; + + # NixOS modules that can only be used on NixOS systems + nixModules = [ + stylix.nixosModules.stylix + sops-nix.nixosModules.sops + nswitch-rcm-nix.nixosModules.nswitch-rcm + ./profiles/common/nixos.nix + # dynamic library loading + ({ self, system, ... }: { + environment.systemPackages = with self.inputs.nix-alien.packages.${system}; [ + nix-alien + ]; + # needed for `nix-alien-ld` + programs.nix-ld.enable = true; }) ]; - config.allowUnfree = true; - }; - # NixOS modules that can only be used on NixOS systems - nixModules = [ - stylix.nixosModules.stylix - sops-nix.nixosModules.sops - nswitch-rcm-nix.nixosModules.nswitch-rcm - ./profiles/common/nixos.nix - # dynamic library loading - ({ - self, - system, - ... - }: { - environment.systemPackages = with self.inputs.nix-alien.packages.${system}; [ - nix-alien - ]; - # needed for `nix-alien-ld` - programs.nix-ld.enable = true; - }) - ]; - - # Home-Manager modules wanted on non-NixOS systems - homeModules = [ - stylix.homeManagerModules.stylix - ]; - # Home-Manager modules wanted on both NixOS and non-NixOS systems - mixedModules = [ - sops-nix.homeManagerModules.sops - nix-index-database.hmModules.nix-index - ./profiles/common/home.nix - ]; - in { - # NixOS setups - run home-manager as a NixOS module for better compatibility - # another benefit - full rebuild on nixos-rebuild switch - # run rebuild using `nswitch` - - # NEW HOSTS: For a new host, decide whether a NixOS (nixosConfigurations) or non-NixOS (homeConfigurations) is used. - # Make sure to move hardware-configuration to the appropriate location, by default it is found in /etc/nixos/. - - nixosConfigurations = { - onett = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = - nixModules - ++ [ + # Home-Manager modules wanted on non-NixOS systems + homeModules = [ + stylix.homeManagerModules.stylix + ]; + # Home-Manager modules wanted on both NixOS and non-NixOS systems + mixedModules = [ + sops-nix.homeManagerModules.sops + nix-index-database.hmModules.nix-index + ./profiles/common/home.nix + ]; + + in + { + + # NixOS setups - run home-manager as a NixOS module for better compatibility + # another benefit - full rebuild on nixos-rebuild switch + # run rebuild using `nswitch` + + # NEW HOSTS: For a new host, decide whether a NixOS (nixosConfigurations) or non-NixOS (homeConfigurations) is used. + # Make sure to move hardware-configuration to the appropriate location, by default it is found in /etc/nixos/. + + nixosConfigurations = { + + onett = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = nixModules ++ [ ./profles/onett/nixos.nix home-manager.nixosModules.home-manager { - home-manager.users.swarsel.imports = - mixedModules - ++ [ - ./profiles/onett/home.nix - ]; + home-manager.users.swarsel.imports = mixedModules ++ [ + ./profiles/onett/home.nix + ]; } ]; - }; + }; - sandbox = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/sandbox/nixos.nix - ]; - }; + sandbox = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/sandbox/nixos.nix + ]; + }; - twoson = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = - nixModules - ++ [ + twoson = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = nixModules ++ [ ./profiles/twoson/nixos.nix home-manager.nixosModules.home-manager { - home-manager.users.swarsel.imports = - mixedModules - ++ [ - ./profiles/twoson/home.nix - ]; + home-manager.users.swarsel.imports = mixedModules ++ [ + ./profiles/twoson/home.nix + ]; } ]; - }; + }; - threed = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = - nixModules - ++ [ + threed = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = nixModules ++ [ lanzaboote.nixosModules.lanzaboote ./profiles/threed/nixos.nix home-manager.nixosModules.home-manager { - home-manager.users.swarsel.imports = - mixedModules - ++ [ - ./profiles/threed/home.nix - ]; + home-manager.users.swarsel.imports = mixedModules ++ [ + ./profiles/threed/home.nix + ]; } ]; - }; + }; - fourside = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = - nixModules - ++ [ + fourside = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = nixModules ++ [ nixos-hardware.nixosModules.lenovo-thinkpad-p14s-amd-gen2 ./profiles/fourside/nixos.nix home-manager.nixosModules.home-manager { - home-manager.users.swarsel.imports = - mixedModules - ++ [ - ./profiles/fourside/home.nix - ]; + home-manager.users.swarsel.imports = mixedModules ++ [ + ./profiles/fourside/home.nix + ]; } ]; - }; + }; - winters = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = - nixModules - ++ [ + winters = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = nixModules ++ [ nixos-hardware.nixosModules.framework-16-inch-7040-amd ./profiles/winters/nixos.nix home-manager.nixosModules.home-manager { - home-manager.users.swarsel.imports = - mixedModules - ++ [ - ./profiles/winters/home.nix - ]; + home-manager.users.swarsel.imports = mixedModules ++ [ + ./profiles/winters/home.nix + ]; } ]; - }; + }; - stand = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = - nixModules - ++ [ + stand = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = nixModules ++ [ ./profiles/stand/nixos.nix home-manager.nixosModules.home-manager { - home-manager.users.homelen.imports = - mixedModules - ++ [ - ./profiles/stand/home.nix - ]; + home-manager.users.homelen.imports = mixedModules ++ [ + ./profiles/stand/home.nix + ]; } ]; - }; + }; - nginx = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/nginx/nixos.nix - ]; - }; + nginx = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/nginx/nixos.nix + ]; + }; - calibre = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/calibre/nixos.nix - ]; - }; + calibre = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/calibre/nixos.nix + ]; + }; - jellyfin = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - # sops-nix.nixosModules.sops - ./profiles/server1/jellyfin/nixos.nix - ]; - }; + jellyfin = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + # sops-nix.nixosModules.sops + ./profiles/server1/jellyfin/nixos.nix + ]; + }; - transmission = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/transmission/nixos.nix - ]; - }; + transmission = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/transmission/nixos.nix + ]; + }; + + matrix = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + # this is to import a service module that is not on nixpkgs + # this way avoids infinite recursion errors + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/matrix/nixos.nix + ]; + }; - matrix = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - # this is to import a service module that is not on nixpkgs - # this way avoids infinite recursion errors - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/matrix/nixos.nix - ]; - }; + sound = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/sound/nixos.nix + ]; + }; - sound = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/sound/nixos.nix - ]; - }; + spotifyd = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/spotifyd/nixos.nix + ]; + }; - spotifyd = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/spotifyd/nixos.nix - ]; + paperless = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/server1/paperless/nixos.nix + ]; + }; + + #ovm swarsel + sync = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/remote/oracle/sync/nixos.nix + ]; + }; + + #ovm swarsel + swatrix = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs pkgs; }; + modules = [ + sops-nix.nixosModules.sops + ./profiles/remote/oracle/matrix/nixos.nix + ]; + }; }; - paperless = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/server1/paperless/nixos.nix - ]; - }; + # pure Home Manager setups - for non-NixOS machines + # run rebuild using `hmswitch` - #ovm swarsel - sync = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/remote/oracle/sync/nixos.nix - ]; - }; + homeConfigurations = { + + "leons@PCisLee" = home-manager.lib.homeManagerConfiguration { + inherit pkgs; + modules = homeModules ++ mixedModules ++ [ + ./profiles/surface/home.nix + ]; + }; - #ovm swarsel - swatrix = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs pkgs;}; - modules = [ - sops-nix.nixosModules.sops - ./profiles/remote/oracle/matrix/nixos.nix - ]; }; - }; - # pure Home Manager setups - for non-NixOS machines - # run rebuild using `hmswitch` + nixOnDroidConfigurations = { - homeConfigurations = { - "leons@PCisLee" = home-manager.lib.homeManagerConfiguration { - inherit pkgs; - modules = - homeModules - ++ mixedModules - ++ [ - ./profiles/surface/home.nix + default = nix-on-droid.lib.nixOnDroidConfiguration { + modules = [ + ./profiles/mysticant/configuration.nix ]; - }; - }; + }; - nixOnDroidConfigurations = { - default = nix-on-droid.lib.nixOnDroidConfiguration { - modules = [ - ./profiles/mysticant/configuration.nix - ]; }; - }; - packages.x86_64-linux = { - proxmox-lxc = nixos-generators.nixosGenerate { - inherit system; - modules = [ - ./profiles/server1/TEMPLATE/nixos.nix - ]; - format = "proxmox-lxc"; + packages.x86_64-linux = { + + proxmox-lxc = nixos-generators.nixosGenerate { + inherit system; + modules = [ + ./profiles/server1/TEMPLATE/nixos.nix + ]; + format = "proxmox-lxc"; + }; + }; + }; - }; } diff --git a/index.html b/index.html index 6571e4b..1149e1e 100644 --- a/index.html +++ b/index.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + SwarselSystems: NixOS + Emacs Configuration @@ -261,7 +261,7 @@

Table of Contents

  • 3.3.6. Linking dotfiles
  • 3.3.7. Sourcing environment variables
  • 3.3.8. Programs
    • -
  • 3.3.9. nix-index
    • +
  • 3.3.9. nix-index
  • 3.3.10. password-store
  • 3.3.11. direnv
  • 3.3.12. eza
    • @@ -329,7 +329,7 @@

    Table of Contents

    @@ -6993,8 +6993,8 @@

    3 -
    -

    3.3.9. nix-index

    +
    +

    3.3.9. nix-index

    nix-index provides a way to find out which packages are provided by which derivations. By default it also comes with a replacement for command-not-found.sh, however, the implementation is based on a channel based setup. I like consistency, so I replace the command with one that provides a flakes-based output. @@ -9266,10 +9266,10 @@

    4

    -
    (defun run-alejandra ()
+
    (defun swarsel/run-formatting ()
   (interactive)
   (let ((default-directory (expand-file-name "~/.dotfiles")))
-    (shell-command "alejandra . -q")))
+    (shell-command "nixpkgs-fmt . > /dev/null")))
 
   (defun swarsel/org-babel-tangle-config ()
     (when (string-equal (buffer-file-name)
@@ -9278,7 +9278,7 @@ 
    4
       (let ((org-confirm-babel-evaluate nil))
         (org-html-export-to-html)
         (org-babel-tangle)
-        (run-alejandra))))
+        (swarsel/run-formatting))))
 
   (setq org-html-htmlize-output-type nil)
 
@@ -9391,7 +9391,7 @@ 
    4

    -
  • Nix common prefix bracketer
    +
  • Nix common prefix bracketer

    This function searches for common delimiters in region and removes them, summarizing all captured lines by it. @@ -9424,7 +9424,7 @@

    4

    • -
  • Nix formatters
    +
  • Nix formatters

    This formats the org code block at point in accordance to the nixpkgs-fmt formatter @@ -10997,8 +10997,8 @@

    4

    • -
    -

    4.4.3. nixpkgs-fmt

    +
    +

    4.4.3. nixpkgs-fmt

    Adds functions for formatting nix code. @@ -13013,7 +13013,7 @@

    5

    Author: Leon Schwarzäugl

    -

    Created: 2024-07-20 Sa 00:04

    +

    Created: 2024-07-20 Sa 00:16

    Validate

    diff --git a/profiles/TEMPLATE/home.nix b/profiles/TEMPLATE/home.nix index ed5c6b2..02ed160 100644 --- a/profiles/TEMPLATE/home.nix +++ b/profiles/TEMPLATE/home.nix @@ -1,8 +1,8 @@ +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { + + services.gpg-agent = { enable = true; enableSshSupport = true; @@ -29,7 +29,7 @@ ]; }; # update path if the sops private key is stored somewhere else - sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; + sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ]; # waybar config - TEMPLATE - update for cores and temp programs.waybar.settings.mainBar = { @@ -40,7 +40,7 @@ # ----------------------------------------------------------------- # is this machine always connected to power? If yes, use this block: - # + # # programs.waybar.settings.mainBar."custom/pseudobat" = { # format = ""; # on-click-right = "wlogout -p layer-shell"; @@ -62,7 +62,7 @@ # "custom/left-arrow-dark" # "clock#1" # ]; - # + # # ----------------------------------------------------------------- # ----------------------------------------------------------------- @@ -109,6 +109,7 @@ natural_scroll = "enabled"; middle_emulation = "enabled"; }; + }; output = { @@ -119,21 +120,25 @@ }; }; - keybindings = let - inherit (config.wayland.windowManager.sway.config) modifier; - in { - # TEMPLATE - "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\""; - # "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\""; - }; + keybindings = + let + inherit (config.wayland.windowManager.sway.config) modifier; + in + { + # TEMPLATE + "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\""; + # "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\""; + }; startup = [ - {command = "nextcloud --background";} - {command = "discord --start-minimized";} - {command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} - {command = "ANKI_WAYLAND=1 anki";} - {command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} - {command = "nm-applet";} + + { command = "nextcloud --background"; } + { command = "discord --start-minimized"; } + { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } + { command = "ANKI_WAYLAND=1 anki"; } + { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; } + { command = "nm-applet"; } + ]; }; }; diff --git a/profiles/TEMPLATE/nixos.nix b/profiles/TEMPLATE/nixos.nix index f40d741..55d3ff3 100644 --- a/profiles/TEMPLATE/nixos.nix +++ b/profiles/TEMPLATE/nixos.nix @@ -1,7 +1,13 @@ -{pkgs, ...}: { - imports = [ - ./hardware-configuration.nix - ]; +{ pkgs, ... }: + +{ + + + imports = + [ + ./hardware-configuration.nix + ]; + services = { getty.autologinUser = "TEMPLATE"; @@ -67,7 +73,7 @@ }; monospace = { - package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; + package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; }; name = "FiraCode Nerd Font Mono"; }; @@ -78,6 +84,7 @@ }; }; + # Configure keymap in X11 (only used for login) services.xserver = { layout = "us"; @@ -87,12 +94,13 @@ users.users.TEMPLATE = { isNormalUser = true; description = "TEMPLATE"; - extraGroups = ["networkmanager" "wheel" "lp" "audio" "video"]; - packages = with pkgs; []; + extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" ]; + packages = with pkgs; [ ]; }; environment.systemPackages = with pkgs; [ ]; system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change + } diff --git a/profiles/common/home.nix b/profiles/common/home.nix index ade4368..ef8d40c 100644 --- a/profiles/common/home.nix +++ b/profiles/common/home.nix @@ -1,10 +1,8 @@ +{ config, pkgs, fetchFromGitHub, ... }: + { - config, - pkgs, - fetchFromGitHub, - ... -}: { home.packages = with pkgs; [ + # audio stuff spek # spectrum analyzer losslessaudiochecker @@ -20,7 +18,7 @@ simple-scan # dict - (aspellWithDicts (dicts: with dicts; [de en en-computers en-science])) + (aspellWithDicts (dicts: with dicts; [ de en en-computers en-science ])) # utilities util-linux @@ -150,21 +148,13 @@ # latex and related packages (pkgs.texlive.combine { - inherit - (pkgs.texlive) - scheme-full - dvisvgm - dvipng # for preview and export as html - wrapfig - amsmath - ulem - hyperref - capt-of - ; + inherit (pkgs.texlive) scheme-full + dvisvgm dvipng# for preview and export as html + wrapfig amsmath ulem hyperref capt-of; }) # font stuff - (nerdfonts.override {fonts = ["FiraMono" "FiraCode" "NerdFontsSymbolsOnly"];}) + (nerdfonts.override { fonts = [ "FiraMono" "FiraCode" "NerdFontsSymbolsOnly" ]; }) noto-fonts-emoji font-awesome_5 noto-fonts @@ -180,23 +170,23 @@ url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-modern.AppImage"; hash = "sha256-QVv7Wkfo082PH6n6rpsB79st2xK2+Np9ivBg/PYZd74="; }; - extraPkgs = pkgs: with pkgs; []; + extraPkgs = pkgs: with pkgs; [ ]; }; in - writeScriptBin "cura" '' - #! ${pkgs.bash}/bin/bash - # AppImage version of Cura loses current working directory and treats all paths relateive to $HOME. - # So we convert each of the files passed as argument to an absolute path. - # This fixes use cases like `cd /path/to/my/files; cura mymodel.stl anothermodel.stl`. - args=() - for a in "$@"; do - if [ -e "$a" ]; then - a="$(realpath "$a")" - fi - args+=("$a") - done - exec "${cura5}/bin/cura5" "''${args[@]}" - '' + writeScriptBin "cura" '' + #! ${pkgs.bash}/bin/bash + # AppImage version of Cura loses current working directory and treats all paths relateive to $HOME. + # So we convert each of the files passed as argument to an absolute path. + # This fixes use cases like `cd /path/to/my/files; cura mymodel.stl anothermodel.stl`. + args=() + for a in "$@"; do + if [ -e "$a" ]; then + a="$(realpath "$a")" + fi + args+=("$a") + done + exec "${cura5}/bin/cura5" "''${args[@]}" + '' ) #E: hides scratchpad depending on state, calls emacsclient for edit and then restores the scratchpad state @@ -237,7 +227,7 @@ (pkgs.writeShellApplication { name = "pass-fuzzel"; - runtimeInputs = [pkgs.pass pkgs.fuzzel]; + runtimeInputs = [ pkgs.pass pkgs.fuzzel ]; text = '' shopt -s nullglob globstar @@ -268,7 +258,7 @@ (pkgs.writeShellApplication { name = "pass-fuzzel-otp"; - runtimeInputs = [pkgs.fuzzel (pkgs.pass.withExtensions (exts: [exts.pass-otp]))]; + runtimeInputs = [ pkgs.fuzzel (pkgs.pass.withExtensions (exts: [ exts.pass-otp ])) ]; text = '' shopt -s nullglob globstar @@ -299,7 +289,7 @@ (pkgs.writeShellApplication { name = "cdw"; - runtimeInputs = [pkgs.fzf]; + runtimeInputs = [ pkgs.fzf ]; text = '' cd "$(git worktree list | fzf | awk '{print $1}')" ''; @@ -307,7 +297,7 @@ (pkgs.writeShellApplication { name = "cdb"; - runtimeInputs = [pkgs.fzf]; + runtimeInputs = [ pkgs.fzf ]; text = '' git checkout "$(git branch --list | grep -v "^\*" | fzf | awk '{print $1}')" ''; @@ -319,17 +309,18 @@ cp "$1"{,.bak} ''; }) + ]; sops = { defaultSopsFile = "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml"; validateSopsFiles = false; secrets = { - mrswarsel = {path = "/run/user/1000/secrets/mrswarsel";}; - nautilus = {path = "/run/user/1000/secrets/nautilus";}; - leon = {path = "/run/user/1000/secrets/leon";}; - swarselmail = {path = "/run/user/1000/secrets/swarselmail";}; - caldav = {path = "${config.home.homeDirectory}/.emacs.d/.caldav";}; + mrswarsel = { path = "/run/user/1000/secrets/mrswarsel"; }; + nautilus = { path = "/run/user/1000/secrets/nautilus"; }; + leon = { path = "/run/user/1000/secrets/leon"; }; + swarselmail = { path = "/run/user/1000/secrets/swarselmail"; }; + caldav = { path = "${config.home.homeDirectory}/.emacs.d/.caldav"; }; }; }; @@ -431,12 +422,13 @@ stylix.targets.emacs.enable = false; xdg.desktopEntries = { + cura = { name = "Ultimaker Cura"; genericName = "Cura"; exec = "cura"; terminal = false; - categories = ["Application"]; + categories = [ "Application" ]; }; anki = { @@ -444,7 +436,7 @@ genericName = "Anki"; exec = "anki"; terminal = false; - categories = ["Application"]; + categories = [ "Application" ]; }; # schlidichat = { @@ -460,7 +452,7 @@ genericName = "Element"; exec = "element-desktop -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; terminal = false; - categories = ["Application"]; + categories = [ "Application" ]; }; emacsclient-newframe = { @@ -469,8 +461,9 @@ exec = "emacsclient -r %u"; icon = "emacs"; terminal = false; - categories = ["Development" "TextEditor"]; + categories = [ "Development" "TextEditor" ]; }; + }; home.file = { @@ -519,25 +512,27 @@ zoxide.enable = true; }; - programs.nix-index = let - command-not-found = pkgs.runCommandLocal "command-not-found.sh" {} '' - mkdir -p $out/etc/profile.d - substitute ${../../scripts/command-not-found.sh} \ - $out/etc/profile.d/command-not-found.sh \ - --replace @nix-locate@ ${pkgs.nix-index}/bin/nix-locate \ - --replace @tput@ ${pkgs.ncurses}/bin/tput - ''; - in { - enable = true; - package = pkgs.symlinkJoin { - name = "nix-index"; - paths = [command-not-found]; + programs.nix-index = + let + command-not-found = pkgs.runCommandLocal "command-not-found.sh" { } '' + mkdir -p $out/etc/profile.d + substitute ${../../scripts/command-not-found.sh} \ + $out/etc/profile.d/command-not-found.sh \ + --replace @nix-locate@ ${pkgs.nix-index}/bin/nix-locate \ + --replace @tput@ ${pkgs.ncurses}/bin/tput + ''; + in + { + enable = true; + package = pkgs.symlinkJoin { + name = "nix-index"; + paths = [ command-not-found ]; + }; }; - }; programs.password-store = { enable = true; - package = pkgs.pass.withExtensions (exts: [exts.pass-otp]); + package = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]); }; programs.direnv = { @@ -771,7 +766,7 @@ enable = true; }; # this is needed so that mbsync can use the passwords from sops - systemd.user.services.mbsync.Unit.After = ["sops-nix.service"]; + systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ]; programs.msmtp = { enable = true; @@ -804,7 +799,7 @@ enable = true; create = "maildir"; expunge = "both"; - patterns = ["*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"]; + patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ]; extraConfig = { channel = { Sync = "All"; @@ -854,7 +849,7 @@ enable = true; create = "maildir"; expunge = "both"; - patterns = ["*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"]; + patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ]; extraConfig = { channel = { Sync = "All"; @@ -881,7 +876,7 @@ enable = true; create = "maildir"; expunge = "both"; - patterns = ["*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"]; + patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ]; extraConfig = { channel = { Sync = "All"; @@ -922,7 +917,7 @@ rev = "bc99afee611690f85f0cd0bd33300f3385ddd3d3"; hash = "sha256-0xMII1KJhTBgQ57tXJks0ZFYMXIanrOl9XyqVmu7a7Y="; }; - packageRequires = [epkgs.howm]; + packageRequires = [ epkgs.howm ]; }) (epkgs.trivialBuild rec { @@ -934,21 +929,23 @@ rev = "3f6ca0d5556fe9795b74714304564f2295dcfa24"; hash = "sha256-w1wmJW7YwXyjvXJOWdN2+k+QmhXr4IflES/c2bCX3CI="; }; - packageRequires = []; + packageRequires = [ ]; }) + ]; }; }; programs.waybar = { + enable = true; # systemd.enable = true; settings = { mainBar = { layer = "top"; position = "top"; - modules-left = ["sway/workspaces" "custom/outer-right-arrow-dark" "sway/window"]; - modules-center = ["sway/mode" "custom/configwarn"]; + modules-left = [ "sway/workspaces" "custom/outer-right-arrow-dark" "sway/window" ]; + modules-center = [ "sway/mode" "custom/configwarn" ]; "sway/mode" = { format = "{}"; }; @@ -993,6 +990,7 @@ critical-threshold = 80; format-critical = " {temperatureC}°C"; format = " {temperatureC}°C"; + }; mpris = { @@ -1077,9 +1075,10 @@ cpu = { min-length = 6; interval = 5; - format-icons = ["▁" "▂" "▃" "▄" "▅" "▆" "▇" "█"]; + format-icons = [ "▁" "▂" "▃" "▄" "▅" "▆" "▇" "█" ]; # on-click-right= "com.github.stsdc.monitor"; on-click-right = "kitty -o confirm_os_window_close=0 btm"; + }; battery = { states = { @@ -1174,68 +1173,48 @@ search.engines = { "Nix Packages" = { - urls = [ - { - template = "https://search.nixos.org/packages"; - params = [ - { - name = "type"; - value = "packages"; - } - { - name = "query"; - value = "{searchTerms}"; - } - ]; - } - ]; + urls = [{ + template = "https://search.nixos.org/packages"; + params = [ + { name = "type"; value = "packages"; } + { name = "query"; value = "{searchTerms}"; } + ]; + }]; icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@np"]; + definedAliases = [ "@np" ]; }; "NixOS Wiki" = { - urls = [ - { - template = "https://nixos.wiki/index.php?search={searchTerms}"; - } - ]; + urls = [{ + template = "https://nixos.wiki/index.php?search={searchTerms}"; + }]; iconUpdateURL = "https://nixos.wiki/favicon.png"; updateInterval = 24 * 60 * 60 * 1000; # every day - definedAliases = ["@nw"]; + definedAliases = [ "@nw" ]; }; "NixOS Options" = { - urls = [ - { - template = "https://search.nixos.org/options"; - params = [ - { - name = "query"; - value = "{searchTerms}"; - } - ]; - } - ]; + urls = [{ + template = "https://search.nixos.org/options"; + params = [ + { name = "query"; value = "{searchTerms}"; } + ]; + }]; icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@no"]; + definedAliases = [ "@no" ]; }; "Home Manager Options" = { - urls = [ - { - template = "https://home-manager-options.extranix.com/"; - params = [ - { - name = "query"; - value = "{searchTerms}"; - } - ]; - } - ]; + urls = [{ + template = "https://home-manager-options.extranix.com/"; + params = [ + { name = "query"; value = "{searchTerms}"; } + ]; + }]; icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; - definedAliases = ["@hm" "@ho" "@hmo"]; + definedAliases = [ "@hm" "@ho" "@hmo" ]; }; "Google".metaData.alias = "@g"; @@ -1311,78 +1290,80 @@ group-by=category modifier = "Mod4"; terminal = "kitty"; menu = "fuzzel"; - bars = [{command = "waybar";}]; - keybindings = let - inherit (config.wayland.windowManager.sway.config) modifier; - in { - "${modifier}+q" = "kill"; - "${modifier}+f" = "exec firefox"; - "${modifier}+Space" = "exec fuzzel"; - "${modifier}+Shift+Space" = "floating toggle"; - "${modifier}+e" = "exec emacsclient -nquc -a emacs -e \"(dashboard-open)\""; - "${modifier}+Shift+m" = "exec emacsclient -nquc -a emacs -e \"(mu4e)\""; - "${modifier}+Shift+c" = "exec emacsclient -nquc -a emacs -e \"(swarsel/open-calendar)\""; - "${modifier}+Shift+s" = "exec \"bash ~/.dotfiles/scripts/checkspotify.sh\""; - "${modifier}+m" = "exec \"bash ~/.dotfiles/scripts/checkspotifytui.sh\""; - "${modifier}+x" = "exec \"bash ~/.dotfiles/scripts/checkkitty.sh\""; - "${modifier}+d" = "exec \"bash ~/.dotfiles/scripts/checkdiscord.sh\""; - "${modifier}+Shift+r" = "exec \"bash ~/.dotfiles/scripts/restart.sh\""; - "${modifier}+Shift+t" = "exec \"bash ~/.dotfiles/scripts/toggle_opacity.sh\""; - "${modifier}+Shift+F12" = "move scratchpad"; - "${modifier}+F12" = "scratchpad show"; - "${modifier}+c" = "exec qalculate-gtk"; - "${modifier}+p" = "exec pass-fuzzel"; - "${modifier}+o" = "exec pass-fuzzel-otp"; - "${modifier}+Shift+p" = "exec pass-fuzzel --type"; - "${modifier}+Shift+o" = "exec pass-fuzzel-otp --type"; - "${modifier}+Escape" = "mode $exit"; - # "${modifier}+Shift+Escape" = "exec com.github.stsdc.monitor"; - "${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm"; - "${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; - "${modifier}+i" = "exec \"bash ~/.dotfiles/scripts/startup.sh\""; - "${modifier}+1" = "workspace 1:一"; - "${modifier}+Shift+1" = "move container to workspace 1:一"; - "${modifier}+2" = "workspace 2:二"; - "${modifier}+Shift+2" = "move container to workspace 2:二"; - "${modifier}+3" = "workspace 3:三"; - "${modifier}+Shift+3" = "move container to workspace 3:三"; - "${modifier}+4" = "workspace 4:四"; - "${modifier}+Shift+4" = "move container to workspace 4:四"; - "${modifier}+5" = "workspace 5:五"; - "${modifier}+Shift+5" = "move container to workspace 5:五"; - "${modifier}+6" = "workspace 6:六"; - "${modifier}+Shift+6" = "move container to workspace 6:六"; - "${modifier}+7" = "workspace 7:七"; - "${modifier}+Shift+7" = "move container to workspace 7:七"; - "${modifier}+8" = "workspace 8:八"; - "${modifier}+Shift+8" = "move container to workspace 8:八"; - "${modifier}+9" = "workspace 9:九"; - "${modifier}+Shift+9" = "move container to workspace 9:九"; - "${modifier}+0" = "workspace 10:十"; - "${modifier}+Shift+0" = "move container to workspace 10:十"; - "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; - "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; - "${modifier}+Left" = "focus left"; - "${modifier}+Right" = "focus right"; - "${modifier}+Down" = "focus down"; - "${modifier}+Up" = "focus up"; - "${modifier}+Shift+Left" = "move left 40px"; - "${modifier}+Shift+Right" = "move right 40px"; - "${modifier}+Shift+Down" = "move down 40px"; - "${modifier}+Shift+Up" = "move up 40px"; - "${modifier}+h" = "focus left"; - "${modifier}+l" = "focus right"; - "${modifier}+j" = "focus down"; - "${modifier}+k" = "focus up"; - "${modifier}+Shift+h" = "move left 40px"; - "${modifier}+Shift+l" = "move right 40px"; - "${modifier}+Shift+j" = "move down 40px"; - "${modifier}+Shift+k" = "move up 40px"; - "${modifier}+Ctrl+Shift+c" = "reload"; - "${modifier}+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; - "${modifier}+r" = "mode resize"; - "${modifier}+Return" = "exec kitty"; - }; + bars = [{ command = "waybar"; }]; + keybindings = + let + inherit (config.wayland.windowManager.sway.config) modifier; + in + { + "${modifier}+q" = "kill"; + "${modifier}+f" = "exec firefox"; + "${modifier}+Space" = "exec fuzzel"; + "${modifier}+Shift+Space" = "floating toggle"; + "${modifier}+e" = "exec emacsclient -nquc -a emacs -e \"(dashboard-open)\""; + "${modifier}+Shift+m" = "exec emacsclient -nquc -a emacs -e \"(mu4e)\""; + "${modifier}+Shift+c" = "exec emacsclient -nquc -a emacs -e \"(swarsel/open-calendar)\""; + "${modifier}+Shift+s" = "exec \"bash ~/.dotfiles/scripts/checkspotify.sh\""; + "${modifier}+m" = "exec \"bash ~/.dotfiles/scripts/checkspotifytui.sh\""; + "${modifier}+x" = "exec \"bash ~/.dotfiles/scripts/checkkitty.sh\""; + "${modifier}+d" = "exec \"bash ~/.dotfiles/scripts/checkdiscord.sh\""; + "${modifier}+Shift+r" = "exec \"bash ~/.dotfiles/scripts/restart.sh\""; + "${modifier}+Shift+t" = "exec \"bash ~/.dotfiles/scripts/toggle_opacity.sh\""; + "${modifier}+Shift+F12" = "move scratchpad"; + "${modifier}+F12" = "scratchpad show"; + "${modifier}+c" = "exec qalculate-gtk"; + "${modifier}+p" = "exec pass-fuzzel"; + "${modifier}+o" = "exec pass-fuzzel-otp"; + "${modifier}+Shift+p" = "exec pass-fuzzel --type"; + "${modifier}+Shift+o" = "exec pass-fuzzel-otp --type"; + "${modifier}+Escape" = "mode $exit"; + # "${modifier}+Shift+Escape" = "exec com.github.stsdc.monitor"; + "${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm"; + "${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; + "${modifier}+i" = "exec \"bash ~/.dotfiles/scripts/startup.sh\""; + "${modifier}+1" = "workspace 1:一"; + "${modifier}+Shift+1" = "move container to workspace 1:一"; + "${modifier}+2" = "workspace 2:二"; + "${modifier}+Shift+2" = "move container to workspace 2:二"; + "${modifier}+3" = "workspace 3:三"; + "${modifier}+Shift+3" = "move container to workspace 3:三"; + "${modifier}+4" = "workspace 4:四"; + "${modifier}+Shift+4" = "move container to workspace 4:四"; + "${modifier}+5" = "workspace 5:五"; + "${modifier}+Shift+5" = "move container to workspace 5:五"; + "${modifier}+6" = "workspace 6:六"; + "${modifier}+Shift+6" = "move container to workspace 6:六"; + "${modifier}+7" = "workspace 7:七"; + "${modifier}+Shift+7" = "move container to workspace 7:七"; + "${modifier}+8" = "workspace 8:八"; + "${modifier}+Shift+8" = "move container to workspace 8:八"; + "${modifier}+9" = "workspace 9:九"; + "${modifier}+Shift+9" = "move container to workspace 9:九"; + "${modifier}+0" = "workspace 10:十"; + "${modifier}+Shift+0" = "move container to workspace 10:十"; + "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "${modifier}+Left" = "focus left"; + "${modifier}+Right" = "focus right"; + "${modifier}+Down" = "focus down"; + "${modifier}+Up" = "focus up"; + "${modifier}+Shift+Left" = "move left 40px"; + "${modifier}+Shift+Right" = "move right 40px"; + "${modifier}+Shift+Down" = "move down 40px"; + "${modifier}+Shift+Up" = "move up 40px"; + "${modifier}+h" = "focus left"; + "${modifier}+l" = "focus right"; + "${modifier}+j" = "focus down"; + "${modifier}+k" = "focus up"; + "${modifier}+Shift+h" = "move left 40px"; + "${modifier}+Shift+l" = "move right 40px"; + "${modifier}+Shift+j" = "move down 40px"; + "${modifier}+Shift+k" = "move up 40px"; + "${modifier}+Ctrl+Shift+c" = "reload"; + "${modifier}+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; + "${modifier}+r" = "mode resize"; + "${modifier}+Return" = "exec kitty"; + }; modes = { resize = { Down = "resize grow height 10 px or 10 ppt"; @@ -1395,41 +1376,41 @@ group-by=category }; defaultWorkspace = "workspace 1:一"; startup = [ - {command = "kitty -T kittyterm";} - {command = "sleep 60; kitty -T spotifytui -o confirm_os_window_close=0 spotify_player";} + { command = "kitty -T kittyterm"; } + { command = "sleep 60; kitty -T spotifytui -o confirm_os_window_close=0 spotify_player"; } ]; window = { border = 1; titlebar = false; }; assigns = { - "1:一" = [{app_id = "firefox";}]; + "1:一" = [{ app_id = "firefox"; }]; }; floating = { border = 1; criteria = [ - {title = "^Picture-in-Picture$";} - {app_id = "qalculate-gtk";} - {app_id = "org.gnome.clocks";} - {app_id = "com.github.stsdc.monitor";} - {app_id = "blueman";} - {app_id = "pavucontrol";} - {app_id = "syncthingtray";} - {title = "Syncthing Tray";} - {app_id = "SchildiChat";} - {app_id = "Element";} - {app_id = "com.nextcloud.desktopclient.nextcloud";} - {app_id = "gnome-system-monitor";} - {title = "(?:Open|Save) (?:File|Folder|As)";} - {title = "^Add$";} - {title = "com-jgoodies-jdiskreport-JDiskReport";} - {app_id = "discord";} - {window_role = "pop-up";} - {window_role = "bubble";} - {window_role = "dialog";} - {window_role = "task_dialog";} - {window_role = "menu";} - {window_role = "Preferences";} + { title = "^Picture-in-Picture$"; } + { app_id = "qalculate-gtk"; } + { app_id = "org.gnome.clocks"; } + { app_id = "com.github.stsdc.monitor"; } + { app_id = "blueman"; } + { app_id = "pavucontrol"; } + { app_id = "syncthingtray"; } + { title = "Syncthing Tray"; } + { app_id = "SchildiChat"; } + { app_id = "Element"; } + { app_id = "com.nextcloud.desktopclient.nextcloud"; } + { app_id = "gnome-system-monitor"; } + { title = "(?:Open|Save) (?:File|Folder|As)"; } + { title = "^Add$"; } + { title = "com-jgoodies-jdiskreport-JDiskReport"; } + { app_id = "discord"; } + { window_role = "pop-up"; } + { window_role = "bubble"; } + { window_role = "dialog"; } + { window_role = "task_dialog"; } + { window_role = "menu"; } + { window_role = "Preferences"; } ]; titlebar = false; }; @@ -1479,6 +1460,7 @@ group-by=category # }; # } { + command = "resize set width 60 ppt height 60 ppt, sticky enable, move container to scratchpad"; criteria = { class = "Spotify"; @@ -1523,9 +1505,10 @@ group-by=category # exec systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK # exec hash dbus-update-activation-environment 2>/dev/null && dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK # "; - extraConfig = let - inherit (config.wayland.windowManager.sway.config) modifier; - swayfxSettings = " + extraConfig = + let + inherit (config.wayland.windowManager.sway.config) modifier; + swayfxSettings = " blur enable blur_xray disable blur_passes 1 @@ -1535,7 +1518,8 @@ group-by=category titlebar_separator disable default_dim_inactive 0.02 "; - in " + in + " exec_always autotiling set $exit \"exit: [s]leep, [p]oweroff, [r]eboot, [l]ogout\" mode $exit { @@ -1558,4 +1542,5 @@ group-by=category "; }; + } diff --git a/profiles/common/nixos.nix b/profiles/common/nixos.nix index 9aa87cf..1103839 100644 --- a/profiles/common/nixos.nix +++ b/profiles/common/nixos.nix @@ -1,9 +1,6 @@ +{ config, lib, pkgs, ... }: + { - config, - lib, - pkgs, - ... -}: { home-manager = { useGlobalPkgs = true; useUserPackages = true; @@ -16,7 +13,7 @@ }; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; users.mutableUsers = false; @@ -50,7 +47,7 @@ nix.optimise = { automatic = true; - dates = ["weekly"]; + dates = [ "weekly" ]; }; # systemd @@ -127,12 +124,12 @@ cloned-mac-address = "preserve"; mac-address = "90:2E:16:D0:A1:87"; }; - ipv4 = {method = "shared";}; + ipv4 = { method = "shared"; }; ipv6 = { addr-gen-mode = "stable-privacy"; method = "auto"; }; - proxy = {}; + proxy = { }; }; eduroam = { @@ -146,12 +143,12 @@ id = "eduroam"; type = "wifi"; }; - ipv4 = {method = "auto";}; + ipv4 = { method = "auto"; }; ipv6 = { addr-gen-mode = "default"; method = "auto"; }; - proxy = {}; + proxy = { }; wifi = { mode = "infrastructure"; ssid = "eduroam"; @@ -168,7 +165,7 @@ id = "local"; type = "ethernet"; }; - ethernet = {}; + ethernet = { }; ipv4 = { address1 = "10.42.1.1/24"; method = "shared"; @@ -177,7 +174,7 @@ addr-gen-mode = "stable-privacy"; method = "auto"; }; - proxy = {}; + proxy = { }; }; HH40V_39F5 = { @@ -185,12 +182,12 @@ id = "HH40V_39F5"; type = "wifi"; }; - ipv4 = {method = "auto";}; + ipv4 = { method = "auto"; }; ipv6 = { addr-gen-mode = "stable-privacy"; method = "auto"; }; - proxy = {}; + proxy = { }; wifi = { band = "bg"; mode = "infrastructure"; @@ -207,12 +204,12 @@ id = "magicant"; type = "wifi"; }; - ipv4 = {method = "auto";}; + ipv4 = { method = "auto"; }; ipv6 = { addr-gen-mode = "default"; method = "auto"; }; - proxy = {}; + proxy = { }; wifi = { mode = "infrastructure"; ssid = "magicant"; @@ -230,15 +227,16 @@ id = "PIA Sweden"; type = "vpn"; }; - ipv4 = {method = "auto";}; + ipv4 = { method = "auto"; }; ipv6 = { addr-gen-mode = "stable-privacy"; method = "auto"; }; - proxy = {}; + proxy = { }; vpn = { auth = "sha1"; - ca = "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem"; + ca = + "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem"; challenge-response-flags = "2"; cipher = "aes-128-cbc"; compress = "yes"; @@ -252,7 +250,7 @@ service-type = "org.freedesktop.NetworkManager.openvpn"; username = "$VPNUSER"; }; - vpn-secrets = {password = "$VPNPASS";}; + vpn-secrets = { password = "$VPNPASS"; }; }; Hotspot = { @@ -261,12 +259,12 @@ id = "Hotspot"; type = "wifi"; }; - ipv4 = {method = "shared";}; + ipv4 = { method = "shared"; }; ipv6 = { addr-gen-mode = "default"; method = "ignore"; }; - proxy = {}; + proxy = { }; wifi = { mode = "ap"; ssid = "Hotspot-fourside"; @@ -279,11 +277,12 @@ psk = "$HOTSPOT"; }; }; + }; }; }; - systemd.services.NetworkManager-ensure-profiles.after = ["NetworkManager.service"]; + systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ]; time.timeZone = "Europe/Vienna"; @@ -303,19 +302,20 @@ }; sops = { + defaultSopsFile = "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml"; validateSopsFiles = false; secrets = { - swarseluser = {neededForUsers = true;}; - ernest = {}; - frauns = {}; - hotspot = {}; - eduid = {}; - edupass = {}; - handyhotspot = {}; - vpnuser = {}; - vpnpass = {}; + swarseluser = { neededForUsers = true; }; + ernest = { }; + frauns = { }; + hotspot = { }; + eduid = { }; + edupass = { }; + handyhotspot = { }; + vpnuser = { }; + vpnpass = { }; }; templates = { "network-manager.env".content = '' @@ -383,7 +383,7 @@ #lsp-bridge / python gcc gdb - (python3.withPackages (ps: with ps; [jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server])) + (python3.withPackages (ps: with ps; [ jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server ])) # (python3.withPackages(ps: with ps; [ jupyter ipython pyqt5 numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server])) # -------------------------------------------- @@ -405,7 +405,9 @@ tar xvf $src -C $out/ mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/ ''; + }) + ]; programs = { @@ -416,15 +418,15 @@ programs.zsh.enable = true; users.defaultUserShell = pkgs.zsh; - environment.shells = with pkgs; [zsh]; - environment.pathsToLink = ["/share/zsh"]; + environment.shells = with pkgs; [ zsh ]; + environment.pathsToLink = [ "/share/zsh" ]; services.blueman.enable = true; # enable scanners over network hardware.sane = { enable = true; - extraBackends = [pkgs.sane-airscan]; + extraBackends = [ pkgs.sane-airscan ]; }; # enable discovery and usage of network devices (esp. printers) @@ -454,26 +456,28 @@ # Make CAPS work as a dual function ESC/CTRL key services.interception-tools = { enable = true; - udevmonConfig = let - dualFunctionKeysConfig = builtins.toFile "dual-function-keys.yaml" '' - TIMING: - TAP_MILLISEC: 200 - DOUBLE_TAP_MILLISEC: 0 - - MAPPINGS: - - KEY: KEY_CAPSLOCK - TAP: KEY_ESC - HOLD: KEY_LEFTCTRL + udevmonConfig = + let + dualFunctionKeysConfig = builtins.toFile "dual-function-keys.yaml" '' + TIMING: + TAP_MILLISEC: 200 + DOUBLE_TAP_MILLISEC: 0 + + MAPPINGS: + - KEY: KEY_CAPSLOCK + TAP: KEY_ESC + HOLD: KEY_LEFTCTRL + ''; + in + '' + - JOB: | + ${pkgs.interception-tools}/bin/intercept -g $DEVNODE \ + | ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \ + | ${pkgs.interception-tools}/bin/uinput -d $DEVNODE + DEVICE: + EVENTS: + EV_KEY: [KEY_CAPSLOCK] ''; - in '' - - JOB: | - ${pkgs.interception-tools}/bin/intercept -g $DEVNODE \ - | ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \ - | ${pkgs.interception-tools}/bin/uinput -d $DEVNODE - DEVICE: - EVENTS: - EV_KEY: [KEY_CAPSLOCK] - ''; }; programs.ssh.startAgent = false; @@ -505,4 +509,5 @@ environment.etc."greetd/environments".text = '' sway ''; + } diff --git a/profiles/fourside/hardware-configuration.nix b/profiles/fourside/hardware-configuration.nix index 8dc27e6..5c12a93 100644 --- a/profiles/fourside/hardware-configuration.nix +++ b/profiles/fourside/hardware-configuration.nix @@ -1,20 +1,19 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... +{ config +, lib +, modulesPath +, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/55eee3d2-4125-4aba-a326-10cde2abdf26"; @@ -27,7 +26,7 @@ }; swapDevices = [ - {device = "/dev/disk/by-uuid/0a74b04a-99e0-48cd-afcf-6ca849f6f85a";} + { device = "/dev/disk/by-uuid/0a74b04a-99e0-48cd-afcf-6ca849f6f85a"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/profiles/fourside/home.nix b/profiles/fourside/home.nix index 14fe1ab..5fac774 100644 --- a/profiles/fourside/home.nix +++ b/profiles/fourside/home.nix @@ -1,8 +1,8 @@ +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { + + services.gpg-agent = { enable = true; enableSshSupport = true; @@ -24,7 +24,7 @@ packages = with pkgs; [ ]; }; - sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; + sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ]; # waybar config - TEMPLATE - update for cores and temp programs.waybar.settings.mainBar = { @@ -34,6 +34,7 @@ temperature.input-filename = "temp1_input"; }; + programs.waybar.settings.mainBar.modules-right = [ "custom/outer-left-arrow-dark" "mpris" @@ -52,6 +53,7 @@ "clock#1" ]; + wayland.windowManager.sway = { config = rec { # update for actual inputs here, @@ -72,6 +74,7 @@ natural_scroll = "enabled"; middle_emulation = "enabled"; }; + }; output = { @@ -90,41 +93,40 @@ }; workspaceOutputAssign = [ - { - output = "eDP-1"; - workspace = "1:一"; - } - { - output = "DP-4"; - workspace = "2:二"; - } + { output = "eDP-1"; workspace = "1:一"; } + { output = "DP-4"; workspace = "2:二"; } ]; - keybindings = let - inherit (config.wayland.windowManager.sway.config) modifier; - in { - "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\""; - "XF86MonBrightnessUp" = "exec brightnessctl set +5%"; - "XF86MonBrightnessDown" = "exec brightnessctl set 5%-"; - "XF86Display" = "exec wl-mirror eDP-1"; - # these are left open to use - # "XF86WLAN" = "exec wl-mirror eDP-1"; - # "XF86Messenger" = "exec wl-mirror eDP-1"; - # "XF86Go" = "exec wl-mirror eDP-1"; - # "XF86Favorites" = "exec wl-mirror eDP-1"; - # "XF86HomePage" = "exec wtype -P Escape -p Escape"; - # "XF86AudioLowerVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink -5%"; - # "XF86AudioRaiseVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink +5% "; - "XF86AudioMute" = "pactl set-sink-mute alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink toggle"; - }; + + keybindings = + let + inherit (config.wayland.windowManager.sway.config) modifier; + in + { + "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\""; + "XF86MonBrightnessUp" = "exec brightnessctl set +5%"; + "XF86MonBrightnessDown" = "exec brightnessctl set 5%-"; + "XF86Display" = "exec wl-mirror eDP-1"; + # these are left open to use + # "XF86WLAN" = "exec wl-mirror eDP-1"; + # "XF86Messenger" = "exec wl-mirror eDP-1"; + # "XF86Go" = "exec wl-mirror eDP-1"; + # "XF86Favorites" = "exec wl-mirror eDP-1"; + # "XF86HomePage" = "exec wtype -P Escape -p Escape"; + # "XF86AudioLowerVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink -5%"; + # "XF86AudioRaiseVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink +5% "; + "XF86AudioMute" = "pactl set-sink-mute alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink toggle"; + }; startup = [ - {command = "nextcloud --background";} - {command = "discord --start-minimized";} - {command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} - {command = "ANKI_WAYLAND=1 anki";} - {command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} - {command = "nm-applet";} + + { command = "nextcloud --background"; } + { command = "discord --start-minimized"; } + { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } + { command = "ANKI_WAYLAND=1 anki"; } + { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; } + { command = "nm-applet"; } + ]; }; }; diff --git a/profiles/fourside/nixos.nix b/profiles/fourside/nixos.nix index d4dde2c..05b081c 100644 --- a/profiles/fourside/nixos.nix +++ b/profiles/fourside/nixos.nix @@ -1,17 +1,17 @@ +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { - # + + # # imports = # [ # ./hardware-configuration.nix # ]; - # - imports = [ - ./hardware-configuration.nix - ]; + # + imports = + [ + ./hardware-configuration.nix + ]; services = { getty.autologinUser = "swarsel"; @@ -24,7 +24,7 @@ # kernelPackages = pkgs.linuxPackages_latest; }; - sops.age.sshKeyPaths = ["${config.users.users.swarsel.home}/.ssh/sops"]; + sops.age.sshKeyPaths = [ "${config.users.users.swarsel.home}/.ssh/sops" ]; networking = { hostName = "fourside"; # Define your hostname. @@ -33,27 +33,15 @@ firewall.checkReversePath = false; firewall = { enable = true; - allowedUDPPorts = [4380 27036 14242 34197 51820]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard - allowedTCPPorts = []; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard + allowedUDPPorts = [ 4380 27036 14242 34197 51820 ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard + allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard allowedTCPPortRanges = [ - { - from = 27015; - to = 27030; - } # barotrauma - { - from = 27036; - to = 27037; - } # barotrauma + { from = 27015; to = 27030; } # barotrauma + { from = 27036; to = 27037; } # barotrauma ]; allowedUDPPortRanges = [ - { - from = 27000; - to = 27031; - } # barotrauma - { - from = 58962; - to = 58964; - } # barotrauma + { from = 27000; to = 27031; } # barotrauma + { from = 58962; to = 58964; } # barotrauma ]; }; }; @@ -106,7 +94,7 @@ }; monospace = { - package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; + package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; }; name = "FiraCode Nerd Font Mono"; }; @@ -117,6 +105,7 @@ }; }; + hardware = { graphics = { enable = true; @@ -162,8 +151,8 @@ isNormalUser = true; description = "Leon S"; hashedPasswordFile = config.sops.secrets.swarseluser.path; - extraGroups = ["networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner"]; - packages = with pkgs; []; + extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ]; + packages = with pkgs; [ ]; }; environment.systemPackages = with pkgs; [ @@ -177,4 +166,6 @@ ]; system.stateVersion = "23.05"; + + } diff --git a/profiles/mysticant/configuration.nix b/profiles/mysticant/configuration.nix index 163ac6f..37ac102 100644 --- a/profiles/mysticant/configuration.nix +++ b/profiles/mysticant/configuration.nix @@ -1,4 +1,4 @@ -{pkgs, ...}: { +{ pkgs, ... }: { environment.packages = with pkgs; [ vim git diff --git a/profiles/remote/oracle/matrix/hardware-configuration.nix b/profiles/remote/oracle/matrix/hardware-configuration.nix index a1c0b22..92264ce 100644 --- a/profiles/remote/oracle/matrix/hardware-configuration.nix +++ b/profiles/remote/oracle/matrix/hardware-configuration.nix @@ -1,5 +1,5 @@ -{modulesPath, ...}: { - imports = [(modulesPath + "/profiles/qemu-guest.nix")]; +{ modulesPath, ... }: { + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; boot.loader.grub = { efiSupport = true; efiInstallAsRemovable = true; @@ -9,8 +9,8 @@ device = "/dev/disk/by-uuid/A1B2-7E6F"; fsType = "vfat"; }; - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"]; - boot.initrd.kernelModules = ["nvme"]; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + boot.initrd.kernelModules = [ "nvme" ]; fileSystems."/" = { device = "/dev/mapper/ocivolume-root"; fsType = "xfs"; diff --git a/profiles/remote/oracle/matrix/nixos.nix b/profiles/remote/oracle/matrix/nixos.nix index 67b8178..df024e6 100644 --- a/profiles/remote/oracle/matrix/nixos.nix +++ b/profiles/remote/oracle/matrix/nixos.nix @@ -1,11 +1,9 @@ -{ - config, - pkgs, - sops, - ... -}: let +{ config, pkgs, sops, ... }: +let matrixDomain = "swatrix.swarsel.win"; -in { +in +{ + imports = [ ./hardware-configuration.nix ]; @@ -24,19 +22,19 @@ in { xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/root/.dotfiles/secrets/omatrix/secrets.yaml"; validateSopsFiles = false; secrets = { - dnstokenfull = {owner = "acme";}; - matrixsharedsecret = {owner = "matrix-synapse";}; - mautrixtelegram_as = {owner = "matrix-synapse";}; - mautrixtelegram_hs = {owner = "matrix-synapse";}; - mautrixtelegram_api_id = {owner = "matrix-synapse";}; - mautrixtelegram_api_hash = {owner = "matrix-synapse";}; + dnstokenfull = { owner = "acme"; }; + matrixsharedsecret = { owner = "matrix-synapse"; }; + mautrixtelegram_as = { owner = "matrix-synapse"; }; + mautrixtelegram_hs = { owner = "matrix-synapse"; }; + mautrixtelegram_api_id = { owner = "matrix-synapse"; }; + mautrixtelegram_api_hash = { owner = "matrix-synapse"; }; }; templates = { "certs.secret".content = '' @@ -82,6 +80,7 @@ in { recommendedOptimisation = true; recommendedGzipSettings = true; virtualHosts = { + "swatrix.swarsel.win" = { enableACME = true; forceSSL = true; @@ -169,13 +168,13 @@ in { listeners = [ { port = 8008; - bind_addresses = ["0.0.0.0"]; + bind_addresses = [ "0.0.0.0" ]; type = "http"; tls = false; x_forwarded = true; resources = [ { - names = ["client" "federation"]; + names = [ "client" "federation" ]; compress = true; } ]; @@ -291,6 +290,7 @@ in { domain = matrixDomain; }; appservice = { + address = "http://localhost:29328"; hostname = "0.0.0.0"; port = 29328; @@ -317,7 +317,7 @@ in { # messages out after a while. systemd.timers."restart-bridges" = { - wantedBy = ["timers.target"]; + wantedBy = [ "timers.target" ]; timerConfig = { OnBootSec = "1d"; OnUnitActiveSec = "1d"; @@ -336,4 +336,5 @@ in { User = "root"; }; }; + } diff --git a/profiles/remote/oracle/sync/hardware-configuration.nix b/profiles/remote/oracle/sync/hardware-configuration.nix index 973bc2b..e2d61ff 100644 --- a/profiles/remote/oracle/sync/hardware-configuration.nix +++ b/profiles/remote/oracle/sync/hardware-configuration.nix @@ -1,17 +1,16 @@ -{ - config, - lib, - modulesPath, - ... +{ config +, lib +, modulesPath +, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/4b47378a-02eb-4548-bab8-59cbf379252a"; @@ -24,7 +23,7 @@ }; swapDevices = [ - {device = "/dev/disk/by-uuid/f0126a93-753e-4769-ada8-7499a1efb3a9";} + { device = "/dev/disk/by-uuid/f0126a93-753e-4769-ada8-7499a1efb3a9"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/profiles/remote/oracle/sync/nixos.nix b/profiles/remote/oracle/sync/nixos.nix index f740d1f..7aa1845 100644 --- a/profiles/remote/oracle/sync/nixos.nix +++ b/profiles/remote/oracle/sync/nixos.nix @@ -1,8 +1,6 @@ +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { imports = [ ./hardware-configuration.nix ]; @@ -18,14 +16,14 @@ xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/root/.dotfiles/secrets/sync/secrets.yaml"; validateSopsFiles = false; - secrets.swarsel = {owner = "root";}; - secrets.dnstokenfull = {owner = "acme";}; + secrets.swarsel = { owner = "root"; }; + secrets.dnstokenfull = { owner = "acme"; }; templates."certs.secret".content = '' CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull} ''; @@ -46,6 +44,7 @@ recommendedOptimisation = true; recommendedGzipSettings = true; virtualHosts = { + "synki.swarsel.win" = { enableACME = true; forceSSL = true; @@ -161,4 +160,5 @@ }; }; }; + } diff --git a/profiles/sandbox/hardware-configuration.nix b/profiles/sandbox/hardware-configuration.nix index 518af3e..677023d 100644 --- a/profiles/sandbox/hardware-configuration.nix +++ b/profiles/sandbox/hardware-configuration.nix @@ -1,27 +1,26 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... +{ config +, lib +, modulesPath +, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" "sr_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/147e3682-eb15-4e96-9cac-4f2fb5888a69"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/sandbox/nixos.nix b/profiles/sandbox/nixos.nix index b7e6e4f..5d1e769 100644 --- a/profiles/sandbox/nixos.nix +++ b/profiles/sandbox/nixos.nix @@ -1,11 +1,9 @@ -{ - config, - pkgs, - sops, - ... -}: let +{ config, pkgs, sops, ... }: +let matrixDomain = "swatrix.swarsel.win"; -in { +in +{ + imports = [ ./hardware-configuration.nix ]; @@ -14,9 +12,9 @@ in { enable = true; device = "/dev/sda"; useOSProber = true; - supportedFilesystems = ["zfs"]; + supportedFilesystems = [ "zfs" ]; zfs.forceImportRoot = false; - kernelModules = ["tun"]; + kernelModules = [ "tun" ]; kernel.sysctl = { "net.ipv4.conf.all.rp_filter" = 2; "net.ipv4.conf.default.rp_filter" = 2; @@ -57,8 +55,8 @@ in { users = { groups = { - vpn = {}; - mpd = {}; + vpn = { }; + mpd = { }; navidrome = { gid = 61593; }; @@ -68,7 +66,7 @@ in { }; users = { jellyfin = { - extraGroups = ["video" "render"]; + extraGroups = [ "video" "render" ]; }; vpn = { isNormalUser = true; @@ -79,24 +77,24 @@ in { isSystemUser = true; uid = 61593; group = "navidrome"; - extraGroups = ["audio" "utmp"]; + extraGroups = [ "audio" "utmp" ]; }; spotifyd = { isSystemUser = true; uid = 65136; group = "spotifyd"; - extraGroups = ["audio" "utmp"]; + extraGroups = [ "audio" "utmp" ]; }; mpd = { isSystemUser = true; group = "mpd"; - extraGroups = ["audio" "utmp"]; + extraGroups = [ "audio" "utmp" ]; }; swarsel = { isNormalUser = true; description = "Leon S"; - extraGroups = ["networkmanager" "wheel" "lp"]; - packages = with pkgs; []; + extraGroups = [ "networkmanager" "wheel" "lp" ]; + packages = with pkgs; [ ]; }; root = { openssh.authorizedKeys.keyFiles = [ @@ -109,10 +107,12 @@ in { fileSystems."/mnt/Eternor" = { device = "//192.168.1.3/Eternor"; fsType = "cifs"; - options = let - # this line prevents hanging on network split - automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; - in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; + options = + let + # this line prevents hanging on network split + automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in + [ "${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100" ]; }; environment = { @@ -137,26 +137,31 @@ in { zfs ]; etc = { - "openvpn/iptables.sh" = { - source = ../../scripts/server1/iptables.sh; - mode = "0755"; - }; - "openvpn/update-resolv-conf" = { - source = ../../scripts/server1/update-resolv-conf; - mode = "0755"; - }; - "openvpn/routing.sh" = { - source = ../../scripts/server1/routing.sh; - mode = "0755"; - }; - "openvpn/ca.rsa.2048.crt" = { - source = ../../secrets/certs/ca.rsa.2048.crt; - mode = "0644"; - }; - "openvpn/crl.rsa.2048.pem" = { - source = ../../secrets/certs/crl.rsa.2048.pem; - mode = "0644"; - }; + "openvpn/iptables.sh" = + { + source = ../../scripts/server1/iptables.sh; + mode = "0755"; + }; + "openvpn/update-resolv-conf" = + { + source = ../../scripts/server1/update-resolv-conf; + mode = "0755"; + }; + "openvpn/routing.sh" = + { + source = ../../scripts/server1/routing.sh; + mode = "0755"; + }; + "openvpn/ca.rsa.2048.crt" = + { + source = ../../secrets/certs/ca.rsa.2048.crt; + mode = "0644"; + }; + "openvpn/crl.rsa.2048.pem" = + { + source = ../../secrets/certs/crl.rsa.2048.pem; + mode = "0644"; + }; }; shellAliases = { nswitch = "cd ~/.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; @@ -165,7 +170,7 @@ in { systemd = { timers."restart-bridges" = { - wantedBy = ["timers.target"]; + wantedBy = [ "timers.target" ]; timerConfig = { OnBootSec = "1d"; OnUnitActiveSec = "1d"; @@ -185,7 +190,7 @@ in { }; }; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change @@ -194,19 +199,19 @@ in { }; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/root/.dotfiles/secrets/sandbox/secrets.yaml"; validateSopsFiles = false; secrets = { - dnstokenfull = {owner = "acme";}; - kavita = {owner = "kavita";}; - vpnuser = {}; - rpcuser = {owner = "vpn";}; - vpnpass = {}; - rpcpass = {owner = "vpn";}; - vpnprot = {}; - vpnloc = {}; - mpdpass = {owner = "mpd";}; + dnstokenfull = { owner = "acme"; }; + kavita = { owner = "kavita"; }; + vpnuser = { }; + rpcuser = { owner = "vpn"; }; + vpnpass = { }; + rpcpass = { owner = "vpn"; }; + vpnprot = { }; + vpnloc = { }; + mpdpass = { owner = "mpd"; }; }; templates = { "transmission-rpc" = { @@ -269,12 +274,10 @@ in { openssh = { enable = true; settings.PermitRootLogin = "yes"; - listenAddresses = [ - { - port = 22; - addr = "0.0.0.0"; - } - ]; + listenAddresses = [{ + port = 22; + addr = "0.0.0.0"; + }]; }; nginx = { @@ -284,6 +287,7 @@ in { recommendedOptimisation = true; recommendedGzipSettings = true; virtualHosts = { + "stash.swarsel.win" = { enableACME = true; forceSSL = true; @@ -318,6 +322,7 @@ in { }; }; + "sound.swarsel.win" = { enableACME = true; forceSSL = true; @@ -512,6 +517,9 @@ in { # MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash} # ''; + + + # ---------------- # sops.secrets.mautrixwhatsapp_shared = {owner="matrix-synapse";}; # sops.templates.mautrixwhatsapp.owner = "matrix-synapse"; @@ -560,13 +568,13 @@ in { settings.listeners = [ { port = 8008; - bind_addresses = ["0.0.0.0"]; + bind_addresses = [ "0.0.0.0" ]; type = "http"; tls = false; x_forwarded = true; resources = [ { - names = ["client" "federation"]; + names = [ "client" "federation" ]; compress = true; } ]; @@ -678,6 +686,7 @@ in { domain = matrixDomain; }; appservice = { + address = "http://localhost:29328"; hostname = "0.0.0.0"; port = 29328; @@ -741,6 +750,7 @@ in { ]; }; + spotifyd = { enable = true; settings = { @@ -789,6 +799,7 @@ in { }; }; + avahi = { publish.enable = true; publish.userServices = true; diff --git a/profiles/server1/TEMPLATE/nixos.nix b/profiles/server1/TEMPLATE/nixos.nix index 1e4ca63..6b1a8ca 100644 --- a/profiles/server1/TEMPLATE/nixos.nix +++ b/profiles/server1/TEMPLATE/nixos.nix @@ -1,8 +1,6 @@ +{ pkgs, modulesPath, ... }: + { - pkgs, - modulesPath, - ... -}: { imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ]; @@ -18,7 +16,7 @@ xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; proxmoxLXC = { manageNetwork = true; # manage network myself diff --git a/profiles/server1/calibre/hardware-configuration.nix b/profiles/server1/calibre/hardware-configuration.nix index b63666a..7f001b2 100644 --- a/profiles/server1/calibre/hardware-configuration.nix +++ b/profiles/server1/calibre/hardware-configuration.nix @@ -1,20 +1,20 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--120--disk--0"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/calibre/nixos.nix b/profiles/server1/calibre/nixos.nix index 32e26a8..68a4ffb 100644 --- a/profiles/server1/calibre/nixos.nix +++ b/profiles/server1/calibre/nixos.nix @@ -1,9 +1,6 @@ +{ config, pkgs, modulesPath, ... }: + { - config, - pkgs, - modulesPath, - ... -}: { imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix @@ -30,13 +27,13 @@ xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/.dotfiles/secrets/calibre/secrets.yaml"; validateSopsFiles = false; - secrets.kavita = {owner = "kavita";}; + secrets.kavita = { owner = "kavita"; }; }; proxmoxLXC = { manageNetwork = true; # manage network myself @@ -68,4 +65,6 @@ port = 8080; tokenKeyFile = config.sops.secrets.kavita.path; }; + + } diff --git a/profiles/server1/jellyfin/hardware-configuration.nix b/profiles/server1/jellyfin/hardware-configuration.nix index 5fa49fb..a072c10 100644 --- a/profiles/server1/jellyfin/hardware-configuration.nix +++ b/profiles/server1/jellyfin/hardware-configuration.nix @@ -1,13 +1,13 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--121--disk--0"; @@ -19,7 +19,7 @@ fsType = "cifs"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/jellyfin/nixos.nix b/profiles/server1/jellyfin/nixos.nix index 54b8ab1..f4f1c9c 100644 --- a/profiles/server1/jellyfin/nixos.nix +++ b/profiles/server1/jellyfin/nixos.nix @@ -1,9 +1,6 @@ +{ config, pkgs, modulesPath, ... }: + { - config, - pkgs, - modulesPath, - ... -}: { imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix @@ -24,7 +21,7 @@ }; users.users.jellyfin = { - extraGroups = ["video" "render"]; + extraGroups = [ "video" "render" ]; }; services.xserver = { @@ -32,7 +29,7 @@ xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; proxmoxLXC = { manageNetwork = true; # manage network myself @@ -59,7 +56,7 @@ }; nixpkgs.config.packageOverrides = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;}; + vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; hardware.graphics = { enable = true; @@ -76,4 +73,5 @@ user = "jellyfin"; # openFirewall = true; # this works only for the default ports }; + } diff --git a/profiles/server1/matrix/hardware-configuration.nix b/profiles/server1/matrix/hardware-configuration.nix index 81f8c28..639dcac 100644 --- a/profiles/server1/matrix/hardware-configuration.nix +++ b/profiles/server1/matrix/hardware-configuration.nix @@ -1,20 +1,20 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--102--disk--0"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/matrix/nixos.nix b/profiles/server1/matrix/nixos.nix index 592f517..36394df 100644 --- a/profiles/server1/matrix/nixos.nix +++ b/profiles/server1/matrix/nixos.nix @@ -1,12 +1,10 @@ -{ - config, - pkgs, - modulesPath, - sops, - ... -}: let +{ config, pkgs, modulesPath, sops, ... }: +let matrixDomain = "matrix2.swarsel.win"; -in { +in +{ + + services = { xserver = { layout = "us"; @@ -15,16 +13,14 @@ in { openssh = { enable = true; settings.PermitRootLogin = "yes"; - listenAddresses = [ - { - port = 22; - addr = "0.0.0.0"; - } - ]; + listenAddresses = [{ + port = 22; + addr = "0.0.0.0"; + }]; }; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; proxmoxLXC = { manageNetwork = true; # manage network myself @@ -46,6 +42,7 @@ in { nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; }; + imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix @@ -67,15 +64,15 @@ in { ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/.dotfiles/secrets/matrix/secrets.yaml"; validateSopsFiles = false; secrets = { - matrixsharedsecret = {owner = "matrix-synapse";}; - mautrixtelegram_as = {owner = "matrix-synapse";}; - mautrixtelegram_hs = {owner = "matrix-synapse";}; - mautrixtelegram_api_id = {owner = "matrix-synapse";}; - mautrixtelegram_api_hash = {owner = "matrix-synapse";}; + matrixsharedsecret = { owner = "matrix-synapse"; }; + mautrixtelegram_as = { owner = "matrix-synapse"; }; + mautrixtelegram_hs = { owner = "matrix-synapse"; }; + mautrixtelegram_api_id = { owner = "matrix-synapse"; }; + mautrixtelegram_api_hash = { owner = "matrix-synapse"; }; }; templates = { "matrix_user_register.sh".content = '' @@ -139,13 +136,13 @@ in { listeners = [ { port = 8008; - bind_addresses = ["0.0.0.0"]; + bind_addresses = [ "0.0.0.0" ]; type = "http"; tls = false; x_forwarded = true; resources = [ { - names = ["client" "federation"]; + names = [ "client" "federation" ]; compress = true; } ]; @@ -261,6 +258,7 @@ in { domain = matrixDomain; }; appservice = { + address = "http://localhost:29328"; hostname = "0.0.0.0"; port = 29328; @@ -287,7 +285,7 @@ in { # messages out after a while. systemd.timers."restart-bridges" = { - wantedBy = ["timers.target"]; + wantedBy = [ "timers.target" ]; timerConfig = { OnBootSec = "1d"; OnUnitActiveSec = "1d"; @@ -306,4 +304,5 @@ in { User = "root"; }; }; + } diff --git a/profiles/server1/nginx/hardware-configuration.nix b/profiles/server1/nginx/hardware-configuration.nix index 0005a22..030f8ce 100644 --- a/profiles/server1/nginx/hardware-configuration.nix +++ b/profiles/server1/nginx/hardware-configuration.nix @@ -1,20 +1,20 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--119--disk--0"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/nginx/nixos.nix b/profiles/server1/nginx/nixos.nix index 5f46699..447eecd 100644 --- a/profiles/server1/nginx/nixos.nix +++ b/profiles/server1/nginx/nixos.nix @@ -1,9 +1,5 @@ +{ config, pkgs, modulesPath, ... }: { - config, - pkgs, - modulesPath, - ... -}: { imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix @@ -22,13 +18,13 @@ xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/.dotfiles/secrets/nginx/secrets.yaml"; validateSopsFiles = false; - secrets.dnstokenfull = {owner = "acme";}; + secrets.dnstokenfull = { owner = "acme"; }; templates."certs.secret".content = '' CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull} ''; @@ -73,6 +69,7 @@ recommendedOptimisation = true; recommendedGzipSettings = true; virtualHosts = { + "stash.swarsel.win" = { enableACME = true; forceSSL = true; @@ -110,6 +107,7 @@ }; }; + "sound.swarsel.win" = { enableACME = true; forceSSL = true; @@ -199,6 +197,8 @@ }; }; }; + }; }; + } diff --git a/profiles/server1/paperless/hardware-configuration.nix b/profiles/server1/paperless/hardware-configuration.nix index 269a999..208f084 100644 --- a/profiles/server1/paperless/hardware-configuration.nix +++ b/profiles/server1/paperless/hardware-configuration.nix @@ -1,20 +1,20 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--117--disk--0"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/paperless/nixos.nix b/profiles/server1/paperless/nixos.nix index 50bc18a..3bb074c 100644 --- a/profiles/server1/paperless/nixos.nix +++ b/profiles/server1/paperless/nixos.nix @@ -1,14 +1,14 @@ +{ config, pkgs, modulesPath, ... }: + { - config, - pkgs, - modulesPath, - ... -}: { + imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix ]; + + services = { xserver = { layout = "us"; @@ -17,16 +17,14 @@ openssh = { enable = true; settings.PermitRootLogin = "yes"; - listenAddresses = [ - { - port = 22; - addr = "0.0.0.0"; - } - ]; + listenAddresses = [{ + port = 22; + addr = "0.0.0.0"; + }]; }; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; proxmoxLXC = { manageNetwork = true; # manage network myself @@ -48,6 +46,8 @@ nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; }; + + users.groups.lxc_shares = { gid = 10000; members = [ @@ -68,10 +68,10 @@ }; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/root/.dotfiles/secrets/paperless/secrets.yaml"; validateSopsFiles = false; - secrets.admin = {owner = "paperless";}; + secrets.admin = { owner = "paperless"; }; }; services.paperless = { @@ -90,4 +90,5 @@ }; }; }; + } diff --git a/profiles/server1/sound/hardware-configuration.nix b/profiles/server1/sound/hardware-configuration.nix index 5dd0f3c..2050883 100644 --- a/profiles/server1/sound/hardware-configuration.nix +++ b/profiles/server1/sound/hardware-configuration.nix @@ -1,18 +1,18 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/mnt/data/images/118/vm-118-disk-0.raw"; fsType = "ext4"; - options = ["loop"]; + options = [ "loop" ]; }; fileSystems."/media" = { @@ -20,7 +20,7 @@ fsType = "cifs"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/sound/nixos.nix b/profiles/server1/sound/nixos.nix index 7182bdf..fd1099a 100644 --- a/profiles/server1/sound/nixos.nix +++ b/profiles/server1/sound/nixos.nix @@ -1,14 +1,14 @@ +{ config, pkgs, modulesPath, ... }: + { - config, - pkgs, - modulesPath, - ... -}: { + imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix ]; + + services = { xserver = { layout = "us"; @@ -17,16 +17,14 @@ openssh = { enable = true; settings.PermitRootLogin = "yes"; - listenAddresses = [ - { - port = 22; - addr = "0.0.0.0"; - } - ]; + listenAddresses = [{ + port = 22; + addr = "0.0.0.0"; + }]; }; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; proxmoxLXC = { manageNetwork = true; # manage network myself @@ -48,6 +46,8 @@ nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; }; + + proxmoxLXC.privileged = true; # manage hostname myself users = { @@ -65,7 +65,7 @@ gid = 61593; }; - mpd = {}; + mpd = { }; }; users = { @@ -73,13 +73,13 @@ isSystemUser = true; uid = 61593; group = "navidrome"; - extraGroups = ["audio" "utmp"]; + extraGroups = [ "audio" "utmp" ]; }; mpd = { isSystemUser = true; group = "mpd"; - extraGroups = ["audio" "utmp"]; + extraGroups = [ "audio" "utmp" ]; }; }; }; @@ -103,10 +103,10 @@ ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/.dotfiles/secrets/sound/secrets.yaml"; validateSopsFiles = false; - secrets.mpdpass = {owner = "mpd";}; + secrets.mpdpass = { owner = "mpd"; }; }; services.navidrome = { diff --git a/profiles/server1/spotifyd/hardware-configuration.nix b/profiles/server1/spotifyd/hardware-configuration.nix index 45bf80c..dcdcfd0 100644 --- a/profiles/server1/spotifyd/hardware-configuration.nix +++ b/profiles/server1/spotifyd/hardware-configuration.nix @@ -1,20 +1,20 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--123--disk--0"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/spotifyd/nixos.nix b/profiles/server1/spotifyd/nixos.nix index 94846a8..75d9483 100644 --- a/profiles/server1/spotifyd/nixos.nix +++ b/profiles/server1/spotifyd/nixos.nix @@ -1,13 +1,14 @@ +{ pkgs, modulesPath, ... }: + { - pkgs, - modulesPath, - ... -}: { + imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix ]; + + services = { xserver = { layout = "us"; @@ -16,16 +17,14 @@ openssh = { enable = true; settings.PermitRootLogin = "yes"; - listenAddresses = [ - { - port = 22; - addr = "0.0.0.0"; - } - ]; + listenAddresses = [{ + port = 22; + addr = "0.0.0.0"; + }]; }; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; proxmoxLXC = { manageNetwork = true; # manage network myself @@ -47,6 +46,8 @@ nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; }; + + proxmoxLXC.privileged = true; # manage hostname myself users.groups.spotifyd = { @@ -57,7 +58,7 @@ isSystemUser = true; uid = 65136; group = "spotifyd"; - extraGroups = ["audio" "utmp"]; + extraGroups = [ "audio" "utmp" ]; }; sound = { @@ -88,4 +89,5 @@ }; }; }; + } diff --git a/profiles/server1/transmission/hardware-configuration.nix b/profiles/server1/transmission/hardware-configuration.nix index 2468676..293818e 100644 --- a/profiles/server1/transmission/hardware-configuration.nix +++ b/profiles/server1/transmission/hardware-configuration.nix @@ -1,20 +1,20 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{lib, ...}: { - imports = []; +{ lib, ... }: { + imports = [ ]; - boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/mapper/pve-vm--122--disk--0"; fsType = "ext4"; }; - swapDevices = []; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/profiles/server1/transmission/nixos.nix b/profiles/server1/transmission/nixos.nix index 6c78940..4471666 100644 --- a/profiles/server1/transmission/nixos.nix +++ b/profiles/server1/transmission/nixos.nix @@ -1,9 +1,6 @@ +{ config, pkgs, modulesPath, ... }: + { - config, - pkgs, - modulesPath, - ... -}: { imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ./hardware-configuration.nix @@ -32,7 +29,7 @@ "root" ]; }; - users.groups.vpn = {}; + users.groups.vpn = { }; users.users.vpn = { isNormalUser = true; @@ -45,15 +42,15 @@ xkbVariant = "altgr-intl"; }; - nix.settings.experimental-features = ["nix-command" "flakes"]; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; sops = { - age.sshKeyPaths = ["/etc/ssh/sops"]; + age.sshKeyPaths = [ "/etc/ssh/sops" ]; defaultSopsFile = "/.dotfiles/secrets/transmission/secrets.yaml"; validateSopsFiles = false; }; - boot.kernelModules = ["tun"]; + boot.kernelModules = [ "tun" ]; proxmoxLXC = { manageNetwork = true; # manage network myself manageHostName = false; # manage hostname myself @@ -90,36 +87,39 @@ ''; }; environment.etc = { - "openvpn/iptables.sh" = { - source = ../../../scripts/server1/iptables.sh; - mode = "0755"; - }; - "openvpn/update-resolv-conf" = { - source = ../../../scripts/server1/update-resolv-conf; - mode = "0755"; - }; - "openvpn/routing.sh" = { - source = ../../../scripts/server1/routing.sh; - mode = "0755"; - }; - "openvpn/ca.rsa.2048.crt" = { - source = ../../../secrets/certs/ca.rsa.2048.crt; - mode = "0644"; - }; - "openvpn/crl.rsa.2048.pem" = { - source = ../../../secrets/certs/crl.rsa.2048.pem; - mode = "0644"; - }; + "openvpn/iptables.sh" = + { + source = ../../../scripts/server1/iptables.sh; + mode = "0755"; + }; + "openvpn/update-resolv-conf" = + { + source = ../../../scripts/server1/update-resolv-conf; + mode = "0755"; + }; + "openvpn/routing.sh" = + { + source = ../../../scripts/server1/routing.sh; + mode = "0755"; + }; + "openvpn/ca.rsa.2048.crt" = + { + source = ../../../secrets/certs/ca.rsa.2048.crt; + mode = "0644"; + }; + "openvpn/crl.rsa.2048.pem" = + { + source = ../../../secrets/certs/crl.rsa.2048.pem; + mode = "0644"; + }; }; services.openssh = { enable = true; settings.PermitRootLogin = "yes"; - listenAddresses = [ - { - port = 22; - addr = "0.0.0.0"; - } - ]; + listenAddresses = [{ + port = 22; + addr = "0.0.0.0"; + }]; }; users.users.root.openssh.authorizedKeys.keyFiles = [ ../../../secrets/keys/authorized_keys @@ -177,12 +177,12 @@ ''; }; secrets = { - vpnuser = {}; - rpcuser = {owner = "vpn";}; - vpnpass = {}; - rpcpass = {owner = "vpn";}; - vpnprot = {}; - vpnloc = {}; + vpnuser = { }; + rpcuser = { owner = "vpn"; }; + vpnpass = { }; + rpcpass = { owner = "vpn"; }; + vpnprot = { }; + vpnloc = { }; }; }; services.openvpn.servers = { @@ -199,6 +199,7 @@ user = "vpn"; group = "lxc_shares"; settings = { + alt-speed-down = 8000; alt-speed-enabled = false; alt-speed-time-begin = 0; @@ -269,4 +270,6 @@ utp-enabled = false; }; }; + + } diff --git a/profiles/threed/hardware-configuration.nix b/profiles/threed/hardware-configuration.nix index 8b50088..41025cb 100644 --- a/profiles/threed/hardware-configuration.nix +++ b/profiles/threed/hardware-configuration.nix @@ -1,20 +1,19 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... +{ config +, lib +, modulesPath +, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/4a590cad-28d9-4153-bdb8-e424ec3bd5c8"; @@ -27,7 +26,7 @@ }; swapDevices = [ - {device = "/dev/disk/by-uuid/b07aac27-a443-489c-9fdb-01c1ef633699";} + { device = "/dev/disk/by-uuid/b07aac27-a443-489c-9fdb-01c1ef633699"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/profiles/threed/home.nix b/profiles/threed/home.nix index 7ba133e..928307a 100644 --- a/profiles/threed/home.nix +++ b/profiles/threed/home.nix @@ -1,8 +1,8 @@ +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { + + services.gpg-agent = { enable = true; enableSshSupport = true; @@ -16,6 +16,7 @@ ''; }; + home = { username = "swarsel"; homeDirectory = "/home/swarsel"; @@ -25,7 +26,7 @@ ]; }; - sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; + sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ]; programs.waybar.settings.mainBar = { cpu.format = "{icon0} {icon1} {icon2} {icon3}"; @@ -50,6 +51,7 @@ "clock#1" ]; + wayland.windowManager.sway = { config = rec { input = { @@ -74,26 +76,30 @@ }; }; - keybindings = let - inherit (config.wayland.windowManager.sway.config) modifier; - in { - "${modifier}+F2" = "exec brightnessctl set +5%"; - "${modifier}+F1" = "exec brightnessctl set 5%-"; - "${modifier}+n" = "exec sway output eDP-1 transform normal, splith"; - "${modifier}+Ctrl+p" = "exec wl-mirror eDP-1"; - "${modifier}+t" = "exec sway output eDP-1 transform 90, splitv"; - "${modifier}+XF86AudioLowerVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; - "${modifier}+XF86AudioRaiseVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; - "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\""; - }; + keybindings = + let + inherit (config.wayland.windowManager.sway.config) modifier; + in + { + "${modifier}+F2" = "exec brightnessctl set +5%"; + "${modifier}+F1" = "exec brightnessctl set 5%-"; + "${modifier}+n" = "exec sway output eDP-1 transform normal, splith"; + "${modifier}+Ctrl+p" = "exec wl-mirror eDP-1"; + "${modifier}+t" = "exec sway output eDP-1 transform 90, splitv"; + "${modifier}+XF86AudioLowerVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; + "${modifier}+XF86AudioRaiseVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; + "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\""; + }; startup = [ - {command = "nextcloud --background";} - {command = "discord --start-minimized";} - {command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} - {command = "ANKI_WAYLAND=1 anki";} - {command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} - {command = "nm-applet";} + + { command = "nextcloud --background"; } + { command = "discord --start-minimized"; } + { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } + { command = "ANKI_WAYLAND=1 anki"; } + { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; } + { command = "nm-applet"; } + ]; keycodebindings = { diff --git a/profiles/threed/nixos.nix b/profiles/threed/nixos.nix index 010739d..34873a6 100644 --- a/profiles/threed/nixos.nix +++ b/profiles/threed/nixos.nix @@ -1,11 +1,12 @@ +{ lib, pkgs, ... }: + { - lib, - pkgs, - ... -}: { - imports = [ - ./hardware-configuration.nix - ]; + + imports = + [ + ./hardware-configuration.nix + ]; + services = { getty.autologinUser = "swarsel"; @@ -70,7 +71,7 @@ }; monospace = { - package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; + package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; }; name = "FiraCode Nerd Font Mono"; }; @@ -81,15 +82,17 @@ }; }; + users.users.swarsel = { isNormalUser = true; description = "Leon S"; - extraGroups = ["networkmanager" "wheel" "lp" "audio" "video"]; - packages = with pkgs; []; + extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" ]; + packages = with pkgs; [ ]; }; environment.systemPackages = with pkgs; [ ]; system.stateVersion = "23.05"; + } diff --git a/profiles/winters/home.nix b/profiles/winters/home.nix index 9ec26a8..0b8f6cd 100644 --- a/profiles/winters/home.nix +++ b/profiles/winters/home.nix @@ -1,8 +1,8 @@ +{ config, pkgs, ... }: + { - config, - pkgs, - ... -}: { + + services.gpg-agent = { enable = true; enableSshSupport = true; @@ -24,7 +24,7 @@ packages = with pkgs; [ ]; }; - sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; + sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ]; # waybar config - TEMPLATE - update for cores and temp programs.waybar.settings.mainBar = { @@ -34,6 +34,7 @@ temperature.input-filename = "temp1_input"; }; + programs.waybar.settings.mainBar.modules-right = [ "custom/outer-left-arrow-dark" "mpris" @@ -52,6 +53,7 @@ "clock#1" ]; + wayland.windowManager.sway = { config = rec { # update for actual inputs here, @@ -72,6 +74,7 @@ natural_scroll = "enabled"; middle_emulation = "enabled"; }; + }; output = { @@ -91,16 +94,11 @@ }; workspaceOutputAssign = [ - { - output = "eDP-1"; - workspace = "1:一"; - } - { - output = "HDMI-A-1"; - workspace = "2:二"; - } + { output = "eDP-1"; workspace = "1:一"; } + { output = "HDMI-A-1"; workspace = "2:二"; } ]; + # keybindings = let # inherit (config.wayland.windowManager.sway.config) modifier; # in { @@ -108,12 +106,14 @@ # }; startup = [ - {command = "nextcloud --background";} - {command = "discord --start-minimized";} - {command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} - {command = "ANKI_WAYLAND=1 anki";} - {command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} - {command = "nm-applet";} + + { command = "nextcloud --background"; } + { command = "discord --start-minimized"; } + { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } + { command = "ANKI_WAYLAND=1 anki"; } + { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; } + { command = "nm-applet"; } + ]; }; }; diff --git a/profiles/winters/nixos.nix b/profiles/winters/nixos.nix index 72c6d73..585a7fe 100644 --- a/profiles/winters/nixos.nix +++ b/profiles/winters/nixos.nix @@ -1,13 +1,17 @@ -{pkgs, ...}: { - # +{ pkgs, ... }: + +{ + + # # imports = # [ # ./hardware-configuration.nix # ]; - # - imports = [ - ./hardware-configuration.nix - ]; + # + imports = + [ + ./hardware-configuration.nix + ]; services = { getty.autologinUser = "swarsel"; @@ -27,8 +31,8 @@ firewall.checkReversePath = "strict"; firewall = { enable = true; - allowedUDPPorts = []; - allowedTCPPorts = []; + allowedUDPPorts = [ ]; + allowedTCPPorts = [ ]; allowedTCPPortRanges = [ ]; allowedUDPPortRanges = [ @@ -84,7 +88,7 @@ }; monospace = { - package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; + package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; }; name = "FiraCode Nerd Font Mono"; }; @@ -95,6 +99,7 @@ }; }; + hardware = { graphics = { enable = true; @@ -117,8 +122,8 @@ users.users.swarsel = { isNormalUser = true; description = "Leon S"; - extraGroups = ["networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner"]; - packages = with pkgs; []; + extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ]; + packages = with pkgs; [ ]; }; environment.systemPackages = with pkgs; [ @@ -133,4 +138,6 @@ ]; system.stateVersion = "23.05"; + + } diff --git a/programs/emacs/init.el b/programs/emacs/init.el index daa337f..8d88216 100644 --- a/programs/emacs/init.el +++ b/programs/emacs/init.el @@ -171,10 +171,10 @@ create a new one." visual-fill-column-center-text t) (visual-fill-column-mode 1)) -(defun run-alejandra () +(defun swarsel/run-formatting () (interactive) (let ((default-directory (expand-file-name "~/.dotfiles"))) - (shell-command "alejandra . -q"))) + (shell-command "nixpkgs-fmt . > /dev/null"))) (defun swarsel/org-babel-tangle-config () (when (string-equal (buffer-file-name) @@ -183,7 +183,7 @@ create a new one." (let ((org-confirm-babel-evaluate nil)) (org-html-export-to-html) (org-babel-tangle) - (run-alejandra)))) + (swarsel/run-formatting)))) (setq org-html-htmlize-output-type nil) diff --git a/templates/cpp_flake.nix b/templates/cpp_flake.nix index e45392c..d58b0d7 100644 --- a/templates/cpp_flake.nix +++ b/templates/cpp_flake.nix @@ -5,32 +5,34 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; - outputs = {nixpkgs, ...}: let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - llvm = pkgs.llvmPackages_latest; - in { - devShells.${system}.default = pkgs.mkShell { - packages = with pkgs; [ - gcc - #builder - cmake - gnumake - #headers - clang-tools - #lsp - llvm.libstdcxxClang - #tools - cppcheck - valgrind - doxygen - ]; - hardeningDisable = ["all"]; - # direnv does not allow aliases, use scripts as a workaround - shellHook = '' - PATH_add ~/.dotfiles/scripts/devShell - ''; - # ... + outputs = { nixpkgs, ... }: + let + system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + llvm = pkgs.llvmPackages_latest; + in + { + devShells.${system}.default = pkgs.mkShell { + packages = with pkgs; [ + gcc + #builder + cmake + gnumake + #headers + clang-tools + #lsp + llvm.libstdcxxClang + #tools + cppcheck + valgrind + doxygen + ]; + hardeningDisable = [ "all" ]; + # direnv does not allow aliases, use scripts as a workaround + shellHook = '' + PATH_add ~/.dotfiles/scripts/devShell + ''; + # ... + }; }; - }; } diff --git a/templates/cu_flake.nix b/templates/cu_flake.nix index a0d2035..4a8c690 100644 --- a/templates/cu_flake.nix +++ b/templates/cu_flake.nix @@ -5,42 +5,44 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; - outputs = {nixpkgs, ...}: let - system = "x86_64-linux"; - pkgs = import nixpkgs { + outputs = { nixpkgs, ... }: + let system = "x86_64-linux"; - config.allowUnfree = true; - }; - in { - devShells.${system}.default = pkgs.mkShell { - packages = with pkgs; [ - # gcc - #builder - # cmake - # gnumake - #headers - clang-tools - #lsp - # llvm.libstdcxxClang - # cudaPackages.cuda_nvcc - #tools - cppcheck - valgrind - doxygen - cudatoolkit + pkgs = import nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; + in + { + devShells.${system}.default = pkgs.mkShell { + packages = with pkgs; [ + # gcc + #builder + # cmake + # gnumake + #headers + clang-tools + #lsp + # llvm.libstdcxxClang + # cudaPackages.cuda_nvcc + #tools + cppcheck + valgrind + doxygen + cudatoolkit - (pkgs.python3.withPackages (python-pkgs: [ - python-pkgs.numpy - python-pkgs.pandas - python-pkgs.scipy - python-pkgs.matplotlib - python-pkgs.requests - python-pkgs.debugpy - python-pkgs.python-lsp-server - ])) - ]; - hardeningDisable = ["all"]; - # ... + (pkgs.python3.withPackages (python-pkgs: [ + python-pkgs.numpy + python-pkgs.pandas + python-pkgs.scipy + python-pkgs.matplotlib + python-pkgs.requests + python-pkgs.debugpy + python-pkgs.python-lsp-server + ])) + ]; + hardeningDisable = [ "all" ]; + # ... + }; }; - }; } diff --git a/templates/other_flake.nix b/templates/other_flake.nix index d0e050f..f40e5b6 100644 --- a/templates/other_flake.nix +++ b/templates/other_flake.nix @@ -4,14 +4,16 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; - outputs = {nixpkgs, ...}: let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - in { - devShells.${system}.default = pkgs.mkShell { - packages = with pkgs; [ - # fill here - ]; + outputs = { nixpkgs, ... }: + let + system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + in + { + devShells.${system}.default = pkgs.mkShell { + packages = with pkgs; [ + # fill here + ]; + }; }; - }; } diff --git a/templates/py_flake.nix b/templates/py_flake.nix index 5fd0c86..b5a463a 100644 --- a/templates/py_flake.nix +++ b/templates/py_flake.nix @@ -4,24 +4,26 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; }; - outputs = {nixpkgs, ...}: let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - in { - devShells.${system}.default = pkgs.mkShell { - packages = [ - (pkgs.python3.withPackages (python-pkgs: [ - python-pkgs.numpy - python-pkgs.pandas - python-pkgs.scipy - python-pkgs.matplotlib - python-pkgs.requests - python-pkgs.debugpy - python-pkgs.flake8 - python-pkgs.gnureadline - python-pkgs.python-lsp-server - ])) - ]; + outputs = { nixpkgs, ... }: + let + system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + in + { + devShells.${system}.default = pkgs.mkShell { + packages = [ + (pkgs.python3.withPackages (python-pkgs: [ + python-pkgs.numpy + python-pkgs.pandas + python-pkgs.scipy + python-pkgs.matplotlib + python-pkgs.requests + python-pkgs.debugpy + python-pkgs.flake8 + python-pkgs.gnureadline + python-pkgs.python-lsp-server + ])) + ]; + }; }; - }; } diff --git a/templates/rust_flake.nix b/templates/rust_flake.nix index 125affb..cd93ce7 100644 --- a/templates/rust_flake.nix +++ b/templates/rust_flake.nix @@ -5,34 +5,36 @@ rust-overlay.url = "github:oxalica/rust-overlay"; }; - outputs = { - nixpkgs, - rust-overlay, - ... - }: let - system = "x86_64-linux"; - pkgs = import nixpkgs { - inherit system; - overlays = [rust-overlay.overlays.default]; - }; - toolchain = pkgs.rust-bin.fromRustupToolchainFile ./toolchain.toml; - in { - devShells.${system}.default = pkgs.mkShell { - packages = with pkgs; [ - cargo - clippy - rustc - rustfmt - toolchain - rust-analyzer-unwrapped - rust-analyzer - ]; - env = { - RUST_BACKTRACE = "full"; + outputs = + { nixpkgs + , rust-overlay + , ... + }: + let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + overlays = [ rust-overlay.overlays.default ]; }; - RUST_SRC_PATH = "${toolchain}/lib/rustlib/src/rust/library"; + toolchain = pkgs.rust-bin.fromRustupToolchainFile ./toolchain.toml; + in + { + devShells.${system}.default = pkgs.mkShell { + packages = with pkgs; [ + cargo + clippy + rustc + rustfmt + toolchain + rust-analyzer-unwrapped + rust-analyzer + ]; + env = { + RUST_BACKTRACE = "full"; + }; + RUST_SRC_PATH = "${toolchain}/lib/rustlib/src/rust/library"; - # ... + # ... + }; }; - }; }