Compare commits
1 commit
Author | SHA1 | Date | |
---|---|---|---|
7796baa7e5 |
106 changed files with 571 additions and 1675 deletions
Binary file not shown.
8
Makefile
8
Makefile
|
@ -32,13 +32,13 @@ help:
|
||||||
define machine_rule
|
define machine_rule
|
||||||
.PHONY: $(1)
|
.PHONY: $(1)
|
||||||
$(1): ;
|
$(1): ;
|
||||||
# systemctl --user reset-failed
|
systemctl --user reset-failed
|
||||||
sudo nix run -L $(NIX_ARGS) .#switch/$(1) -- $(BUILD_ARGS)
|
sudo nix run $(NIX_ARGS) .#switch/$(1) -- $(BUILD_ARGS)
|
||||||
endef
|
endef
|
||||||
|
|
||||||
define vps_rule
|
define vps_rule
|
||||||
.PHONY: $(1)
|
.PHONY: $(1)
|
||||||
$(1): ; nix run -L .#deploy/$(1) -- $(BUILD_ARGS)
|
$(1): ; nix run .#deploy/$(1) -- $(BUILD_ARGS)
|
||||||
|
|
||||||
endef
|
endef
|
||||||
|
|
||||||
|
@ -47,7 +47,7 @@ $(foreach vps,$(VPS),$(eval $(call vps_rule,$(vps))))
|
||||||
|
|
||||||
.PHONY: rollback
|
.PHONY: rollback
|
||||||
rollback:
|
rollback:
|
||||||
sudo nixos-rebuild switch --rollback
|
sudo nixos-rebuild --rollback
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Editor
|
# Editor
|
||||||
|
|
|
@ -1,63 +0,0 @@
|
||||||
{ device, memSize ? 1024 * 5, swapSize ? "10G" }:
|
|
||||||
{
|
|
||||||
disko = {
|
|
||||||
inherit memSize;
|
|
||||||
|
|
||||||
devices = {
|
|
||||||
disk = {
|
|
||||||
main = {
|
|
||||||
type = "disk";
|
|
||||||
inherit device;
|
|
||||||
content = {
|
|
||||||
type = "gpt";
|
|
||||||
partitions = {
|
|
||||||
ESP = {
|
|
||||||
size = "512M";
|
|
||||||
type = "EF00";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "vfat";
|
|
||||||
mountpoint = "/boot";
|
|
||||||
mountOptions = [ "defaults" ];
|
|
||||||
};
|
|
||||||
priority = 1;
|
|
||||||
};
|
|
||||||
cryptoroot = {
|
|
||||||
size = "100%";
|
|
||||||
content = {
|
|
||||||
type = "luks";
|
|
||||||
name = "luksroot";
|
|
||||||
settings.allowDiscards = true;
|
|
||||||
passwordFile = "/tmp/secret.key";
|
|
||||||
content = {
|
|
||||||
type = "btrfs";
|
|
||||||
extraArgs = [ "-f" ];
|
|
||||||
subvolumes = {
|
|
||||||
root = {
|
|
||||||
mountpoint = "/";
|
|
||||||
mountOptions = [ "compress=zstd" ];
|
|
||||||
};
|
|
||||||
persistent = {
|
|
||||||
mountpoint = "/persistent";
|
|
||||||
mountOptions = [ "compress=zstd" "noatime" ];
|
|
||||||
};
|
|
||||||
nix = {
|
|
||||||
mountpoint = "/nix";
|
|
||||||
mountOptions = [ "compress=zstd" "noatime" ];
|
|
||||||
};
|
|
||||||
swap = {
|
|
||||||
mountpoint = "/.swapvol";
|
|
||||||
mountOptions = [ "noatime" ];
|
|
||||||
swap.swapfile.size = swapSize;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
179
flake.lock
179
flake.lock
|
@ -10,11 +10,11 @@
|
||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1723293904,
|
"lastModified": 1715290355,
|
||||||
"narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
|
"narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=",
|
||||||
"owner": "ryantm",
|
"owner": "ryantm",
|
||||||
"repo": "agenix",
|
"repo": "agenix",
|
||||||
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
|
"rev": "8d37c5bdeade12b6479c85acd133063ab53187a0",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -23,26 +23,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"disko": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1727531434,
|
|
||||||
"narHash": "sha256-b+GBgCWd2N6pkiTkRZaMFOPztPO4IVTaclYPrQl2uLk=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "disko",
|
|
||||||
"rev": "b709e1cc33fcde71c7db43850a55ebe6449d0959",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "disko",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"firefox-addons": {
|
"firefox-addons": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
|
@ -50,11 +30,11 @@
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "repos/rycee/pkgs/firefox-addons",
|
"dir": "repos/rycee/pkgs/firefox-addons",
|
||||||
"lastModified": 1727605244,
|
"lastModified": 1713127732,
|
||||||
"narHash": "sha256-LQOKClgjj4L8gSl0duMqBQFTfD1d2o92JZ0lBhIg9iA=",
|
"narHash": "sha256-07prd+in1ZUcxETxPyWtFjl7xPKwlXzk9a47Q3RnHXU=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nur-combined",
|
"repo": "nur-combined",
|
||||||
"rev": "03735bab40042843097839f2fabac72793f5f669",
|
"rev": "6edb2a1a43dbd2f8b32876268a530ce82c64013f",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -70,11 +50,11 @@
|
||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726153070,
|
"lastModified": 1714641030,
|
||||||
"narHash": "sha256-HO4zgY0ekfwO5bX0QH/3kJ/h4KvUDFZg8YpkNwIbg1U=",
|
"narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=",
|
||||||
"owner": "hercules-ci",
|
"owner": "hercules-ci",
|
||||||
"repo": "flake-parts",
|
"repo": "flake-parts",
|
||||||
"rev": "bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a",
|
"rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -99,15 +79,12 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_2": {
|
"flake-utils_2": {
|
||||||
"inputs": {
|
|
||||||
"systems": "systems_2"
|
|
||||||
},
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726560853,
|
"lastModified": 1659877975,
|
||||||
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -117,6 +94,24 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_3": {
|
"flake-utils_3": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_2"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1705309234,
|
||||||
|
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"flake-utils_4": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_3"
|
"systems": "systems_3"
|
||||||
},
|
},
|
||||||
|
@ -136,11 +131,11 @@
|
||||||
},
|
},
|
||||||
"hardware": {
|
"hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728729581,
|
"lastModified": 1716173274,
|
||||||
"narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=",
|
"narHash": "sha256-FC21Bn4m6ctajMjiUof30awPBH/7WjD0M5yqrWepZbY=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806",
|
"rev": "d9e0b26202fd500cf3e79f73653cce7f7d541191",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -178,11 +173,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1727383923,
|
"lastModified": 1713818326,
|
||||||
"narHash": "sha256-4/vacp3CwdGoPf8U4e/N8OsGYtO09WTcQK5FqYfJbKs=",
|
"narHash": "sha256-aw3xbVPJauLk/bbrlakIYxKpeuMWzA2feGrkIpIuXd8=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "ffe2d07e771580a005e675108212597e5b367d2d",
|
"rev": "67de98ae6eed5ad6f91b1142356d71a87ba97f21",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -199,35 +194,20 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726989464,
|
"lastModified": 1715381426,
|
||||||
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
"narHash": "sha256-wPuqrAQGdv3ISs74nJfGb+Yprm23U/rFpcHFFNWgM94=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
"rev": "ab5542e9dbd13d0100f8baae2bc2d68af901f4b4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"ref": "release-24.05",
|
"ref": "release-23.11",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"impermanence": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1727556076,
|
|
||||||
"narHash": "sha256-5Iplxbdn/7kQp4UYXMnUMFL2i2lyysOhRyzvvtPe1Qc=",
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "impermanence",
|
|
||||||
"rev": "fff0d95cf40609941769a443a001b25fb95b68ab",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nix-community",
|
|
||||||
"repo": "impermanence",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"lan-mouse": {
|
"lan-mouse": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -236,11 +216,11 @@
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726858237,
|
"lastModified": 1713168888,
|
||||||
"narHash": "sha256-fAHjrIZV9cxAtJmp1SEP11ubvX3Er6lqUHUb7NBFuA8=",
|
"narHash": "sha256-pNd6KbkLlZtXKQvHWYwQB/Wbqa7lQYVffpSq5uWJqzQ=",
|
||||||
"owner": "feschber",
|
"owner": "feschber",
|
||||||
"repo": "lan-mouse",
|
"repo": "lan-mouse",
|
||||||
"rev": "b071201dcb000a09330df81784d2ef2c0446da90",
|
"rev": "36855a1a1767f4a777bad580d5a76fec1be5d9d1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -260,11 +240,11 @@
|
||||||
"rust-overlay": "rust-overlay_2"
|
"rust-overlay": "rust-overlay_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726716330,
|
"lastModified": 1714571717,
|
||||||
"narHash": "sha256-mIuOP4I51eFLquRaxMKx67pHmhatZrcVPjfHL98v/M8=",
|
"narHash": "sha256-o4tqlTzi9kcVub167kTGXgCac9jM3kW4+v9MH/ue4Hk=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "nil",
|
"repo": "nil",
|
||||||
"rev": "c8e8ce72442a164d89d3fdeaae0bcc405f8c015a",
|
"rev": "2f3ed6348bbf1440fcd1ab0411271497a0fbbfa4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -299,11 +279,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1731097096,
|
"lastModified": 1716244689,
|
||||||
"narHash": "sha256-hMBcuTUJs1+zQ5nwTA06isLxk/vUd1r5qs95JRJ5L5E=",
|
"narHash": "sha256-tFsMxZcbg8WAmNmmL/WxFjp4wgCK2XzTDkM5PNZqCZQ=",
|
||||||
"ref": "refs/heads/main",
|
"ref": "refs/heads/main",
|
||||||
"rev": "20bf0c7e51e1e5ebf5f3754332f134a8ca0ce04c",
|
"rev": "881339ef7077b5c1d07041a0024575a4170c0174",
|
||||||
"revCount": 94,
|
"revCount": 83,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.pleshevski.ru/pleshevskiy/nixeovim"
|
"url": "https://git.pleshevski.ru/pleshevskiy/nixeovim"
|
||||||
},
|
},
|
||||||
|
@ -330,23 +310,23 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1725233747,
|
"lastModified": 1714640452,
|
||||||
"narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
|
"narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
|
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
|
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728979988,
|
"lastModified": 1716128955,
|
||||||
"narHash": "sha256-GBJRnbFLDg0y7ridWJHAP4Nn7oss50/VNgqoXaf/RVk=",
|
"narHash": "sha256-3DNg/PV+X2V7yn8b/fUR2ppakw7D9N4sjVBGk6nDwII=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "7881fbfd2e3ed1dfa315fca889b2cfd94be39337",
|
"rev": "f9256de8281f2ccd04985ac5c30d8f69aefadbe8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -358,27 +338,27 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1729044727,
|
"lastModified": 1716061101,
|
||||||
"narHash": "sha256-GKJjtPY+SXfLF/yTN7M2cAnQB6RERFKnQhD8UvPSf3M=",
|
"narHash": "sha256-H0eCta7ahEgloGIwE/ihkyGstOGu+kQwAiHvwVoXaA0=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "dc2e0028d274394f73653c7c90cc63edbb696be1",
|
"rev": "e7cc61784ddf51c81487637b3031a6dd2d6673a2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-24.05",
|
"ref": "nixos-23.11",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1718428119,
|
"lastModified": 1706487304,
|
||||||
"narHash": "sha256-WdWDpNaq6u1IPtxtYHHWpl5BmabtpmLnMAx0RdJ/vo8=",
|
"narHash": "sha256-LE8lVX28MV2jWJsidW13D2qrHU/RUUONendL2Q/WlJg=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "e6cea36f83499eb4e9cd184c8a8e823296b50ad5",
|
"rev": "90f456026d284c22b3e3497be980b2e47d0b28ac",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -391,13 +371,11 @@
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
"disko": "disko",
|
|
||||||
"firefox-addons": "firefox-addons",
|
"firefox-addons": "firefox-addons",
|
||||||
"flake-utils": "flake-utils_2",
|
"flake-utils": "flake-utils_2",
|
||||||
"hardware": "hardware",
|
"hardware": "hardware",
|
||||||
"home-manager": "home-manager_2",
|
"home-manager": "home-manager_2",
|
||||||
"home-manager-unstable": "home-manager-unstable",
|
"home-manager-unstable": "home-manager-unstable",
|
||||||
"impermanence": "impermanence",
|
|
||||||
"lan-mouse": "lan-mouse",
|
"lan-mouse": "lan-mouse",
|
||||||
"nil": "nil",
|
"nil": "nil",
|
||||||
"nixeovim": "nixeovim",
|
"nixeovim": "nixeovim",
|
||||||
|
@ -415,11 +393,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1716257780,
|
"lastModified": 1710987136,
|
||||||
"narHash": "sha256-R+NjvJzKEkTVCmdrKRfPE4liX/KMGVqGUwwS5H8ET8A=",
|
"narHash": "sha256-Q8GRdlAIKZ8tJUXrbcRO1pA33AdoPfTUirsSnmGQnOU=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "4e5e3d2c5c9b2721bd266f9e43c14e96811b89d2",
|
"rev": "97596b54ac34ad8184ca1eef44b1ec2e5c2b5f9e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -430,17 +408,21 @@
|
||||||
},
|
},
|
||||||
"rust-overlay_2": {
|
"rust-overlay_2": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"flake-utils": [
|
||||||
|
"nil",
|
||||||
|
"flake-utils"
|
||||||
|
],
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nil",
|
"nil",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1726453838,
|
"lastModified": 1714529851,
|
||||||
"narHash": "sha256-pupsow4L79SBfNwT6vh/5RAbVZuhngIA0RTCZksXmZY=",
|
"narHash": "sha256-YMKJW880f7LHXVRzu93xa6Ek+QLECIu0IRQbXbzZe38=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "ca2e79cd22625d214b8437c2c4080ce79bd9f7d2",
|
"rev": "9ca720fdcf7865385ae3b93ecdf65f1a64cb475e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -451,14 +433,15 @@
|
||||||
},
|
},
|
||||||
"rust-overlay_3": {
|
"rust-overlay_3": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
|
"flake-utils": "flake-utils_4",
|
||||||
"nixpkgs": "nixpkgs_3"
|
"nixpkgs": "nixpkgs_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1727663505,
|
"lastModified": 1715393623,
|
||||||
"narHash": "sha256-83j/GrHsx8GFUcQofKh+PRPz6pz8sxAsZyT/HCNdey8=",
|
"narHash": "sha256-nSUFcUqyTQQ/aYFIB05mpCzytcKvfKMy3ZQAe0fP26A=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "c2099c6c7599ea1980151b8b6247a8f93e1806ee",
|
"rev": "8eb8671512cb0c72c748058506e50c54fb5d8e2b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -521,11 +504,11 @@
|
||||||
"rust-overlay": "rust-overlay_3"
|
"rust-overlay": "rust-overlay_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1727849733,
|
"lastModified": 1715552757,
|
||||||
"narHash": "sha256-mqxs/nyzOEKiBHa94OtcOLYBXd65P8tO4DUVTHWHn6o=",
|
"narHash": "sha256-ZOgCSIcdvG8+RcZCXSAEmb/LZ2Ap9wU4nvbxNDA+QN0=",
|
||||||
"owner": "Toqozz",
|
"owner": "Toqozz",
|
||||||
"repo": "wired-notify",
|
"repo": "wired-notify",
|
||||||
"rev": "a1f6965737754e7424f9468f6befef885a9ee0ad",
|
"rev": "18b44306b2636fc7f238a9d946c7b8aac217122d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
28
flake.nix
28
flake.nix
|
@ -1,14 +1,9 @@
|
||||||
{
|
{
|
||||||
inputs = {
|
inputs = {
|
||||||
flake-utils.url = "github:numtide/flake-utils";
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
|
||||||
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||||
hardware.url = "github:NixOS/nixos-hardware/master";
|
hardware.url = "github:NixOS/nixos-hardware/master";
|
||||||
impermanence.url = "github:nix-community/impermanence";
|
|
||||||
disko = {
|
|
||||||
url = "github:nix-community/disko";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
firefox-addons.url = "github:nix-community/nur-combined/master?dir=repos/rycee/pkgs/firefox-addons";
|
firefox-addons.url = "github:nix-community/nur-combined/master?dir=repos/rycee/pkgs/firefox-addons";
|
||||||
|
|
||||||
|
@ -19,7 +14,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager/release-24.05";
|
url = "github:nix-community/home-manager/release-23.11";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
home-manager-unstable = {
|
home-manager-unstable = {
|
||||||
|
@ -87,7 +82,7 @@
|
||||||
set -e
|
set -e
|
||||||
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname} $@
|
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname} $@
|
||||||
${lib.optionalString machine.config.hardware.pulseaudio.systemWide ''
|
${lib.optionalString machine.config.hardware.pulseaudio.systemWide ''
|
||||||
systemctl restart alsa-store.service
|
systemctl restart pulseaudio.service
|
||||||
''}
|
''}
|
||||||
'')
|
'')
|
||||||
localMachines);
|
localMachines);
|
||||||
|
@ -104,11 +99,6 @@
|
||||||
# Path to the agenix configuration file
|
# Path to the agenix configuration file
|
||||||
RULES = "./.agenix_config.nix";
|
RULES = "./.agenix_config.nix";
|
||||||
};
|
};
|
||||||
disk = pkgs.mkShell {
|
|
||||||
packages = [
|
|
||||||
inputs.disko.packages.${system}.disko
|
|
||||||
];
|
|
||||||
};
|
|
||||||
tools = pkgs.mkShell {
|
tools = pkgs.mkShell {
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
mkpasswd
|
mkpasswd
|
||||||
|
@ -141,9 +131,7 @@
|
||||||
modules =
|
modules =
|
||||||
(with inputs; [
|
(with inputs; [
|
||||||
agenix.nixosModules.default
|
agenix.nixosModules.default
|
||||||
home-manager.nixosModules.default
|
home-manager.nixosModule
|
||||||
disko.nixosModules.disko
|
|
||||||
impermanence.nixosModules.impermanence
|
|
||||||
])
|
])
|
||||||
++ [
|
++ [
|
||||||
# deployment settings
|
# deployment settings
|
||||||
|
@ -159,7 +147,6 @@
|
||||||
})
|
})
|
||||||
# base home manager settings
|
# base home manager settings
|
||||||
({ ... }: {
|
({ ... }: {
|
||||||
home-manager.backupFileExtension = "backup";
|
|
||||||
home-manager.useGlobalPkgs = true;
|
home-manager.useGlobalPkgs = true;
|
||||||
home-manager.useUserPackages = true;
|
home-manager.useUserPackages = true;
|
||||||
home-manager.extraSpecialArgs = {
|
home-manager.extraSpecialArgs = {
|
||||||
|
@ -171,6 +158,7 @@
|
||||||
./modules/home-manager
|
./modules/home-manager
|
||||||
inputs.wired.homeManagerModules.default
|
inputs.wired.homeManagerModules.default
|
||||||
inputs.lan-mouse.homeManagerModules.default
|
inputs.lan-mouse.homeManagerModules.default
|
||||||
|
"${inputs.home-manager-unstable}/modules/services/window-managers/river.nix"
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -178,12 +166,8 @@
|
||||||
]
|
]
|
||||||
++ extraModules
|
++ extraModules
|
||||||
++ [ ./modules/nixos ]
|
++ [ ./modules/nixos ]
|
||||||
++ [ ./hosts/${hostname}/configuration.nix ]
|
++ [ ./hosts/${hostname}/configuration.nix ];
|
||||||
++ [ "${inputs.nixpkgs-unstable}/nixos/modules/services/misc/renovate.nix" ];
|
|
||||||
})
|
})
|
||||||
(import ./hosts inputs);
|
(import ./hosts inputs);
|
||||||
diskoConfigurations = {
|
|
||||||
asus-gl553vd = import ./hosts/asus-gl553vd/disk-config.nix;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,13 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
# Use the systemd-boot EFI boot loader.
|
||||||
boot.loader = {
|
boot.loader = {
|
||||||
timeout = 1;
|
|
||||||
systemd-boot = {
|
systemd-boot = {
|
||||||
enable = true;
|
enable = true;
|
||||||
configurationLimit = 20;
|
configurationLimit = 10;
|
||||||
};
|
};
|
||||||
|
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./boot.nix
|
./boot.nix
|
||||||
./imp.nix
|
|
||||||
./networking.nix
|
./networking.nix
|
||||||
./wireguard
|
./wireguard
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,76 +0,0 @@
|
||||||
{ config, lib, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
# A setup which would clean root subvolume between boots remove automatically removed roots that
|
|
||||||
# are older than one day:
|
|
||||||
#
|
|
||||||
# Source: https://github.com/nix-community/impermanence
|
|
||||||
boot.initrd.postDeviceCommands = lib.mkAfter ''
|
|
||||||
mkdir /btrfs_tmp
|
|
||||||
mount /dev/mapper/luksroot /btrfs_tmp
|
|
||||||
if [[ -e /btrfs_tmp/root ]]; then
|
|
||||||
mkdir -p /btrfs_tmp/old_roots
|
|
||||||
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
|
|
||||||
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
|
|
||||||
fi
|
|
||||||
|
|
||||||
delete_subvolume_recursively() {
|
|
||||||
IFS=$'\n'
|
|
||||||
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
|
|
||||||
delete_subvolume_recursively "/btrfs_tmp/$i"
|
|
||||||
done
|
|
||||||
btrfs subvolume delete "$1"
|
|
||||||
}
|
|
||||||
|
|
||||||
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +1); do
|
|
||||||
delete_subvolume_recursively "$i"
|
|
||||||
done
|
|
||||||
|
|
||||||
echo 1 | tee /btrfs_tmp/root/sys/class/leds/asus\:\:kbd_backlight/brightness
|
|
||||||
|
|
||||||
btrfs subvolume create /btrfs_tmp/root
|
|
||||||
umount /btrfs_tmp
|
|
||||||
rm -r /btrfs_tmp
|
|
||||||
'';
|
|
||||||
|
|
||||||
age.identityPaths = map (v: "/persistent/system/etc/ssh/${v}") [
|
|
||||||
"ssh_host_rsa_key"
|
|
||||||
"ssh_host_ed25519_key"
|
|
||||||
];
|
|
||||||
|
|
||||||
environment.persistence = {
|
|
||||||
"/persistent/system" = {
|
|
||||||
hideMounts = true;
|
|
||||||
directories = [
|
|
||||||
"/var/lib/bluetooth"
|
|
||||||
"/var/lib/nixos"
|
|
||||||
"/var/lib/systemd/coredump"
|
|
||||||
"/etc/NetworkManager/system-connections"
|
|
||||||
];
|
|
||||||
files = [
|
|
||||||
"/etc/machine-id"
|
|
||||||
"/etc/ssh/ssh_host_rsa_key"
|
|
||||||
"/etc/ssh/ssh_host_rsa_key.pub"
|
|
||||||
"/etc/ssh/ssh_host_ed25519_key"
|
|
||||||
"/etc/ssh/ssh_host_ed25519_key.pub"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
"/persistent/docker" = lib.mkIf config.virtualisation.docker.enable {
|
|
||||||
hideMounts = true;
|
|
||||||
directories = map (v: "/var/lib/docker/${v}") [
|
|
||||||
"containers"
|
|
||||||
"volumes"
|
|
||||||
"image"
|
|
||||||
"overlay2"
|
|
||||||
"network"
|
|
||||||
];
|
|
||||||
files = [ "/var/lib/docker/engine-id" ];
|
|
||||||
};
|
|
||||||
"/presistent/ollama" = lib.mkIf config.services.ollama.enable {
|
|
||||||
hideMounts = true;
|
|
||||||
directories = [
|
|
||||||
"/var/lib/private/ollama"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,10 +1,13 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "laptop"; # Define your hostname.
|
hostName = "laptop"; # Define your hostname.
|
||||||
|
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
|
|
||||||
useDHCP = false;
|
firewall.allowedTCPPortRanges = [
|
||||||
interfaces.wlp2s0.useDHCP = true;
|
{ from = 33000; to = 33999; }
|
||||||
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
|
@ -1,4 +1,4 @@
|
||||||
{ globalData, pkgs, ... }:
|
{ globalData, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -7,11 +7,7 @@
|
||||||
./users
|
./users
|
||||||
];
|
];
|
||||||
|
|
||||||
local.yubikey = {
|
local.yubikey.enable = true;
|
||||||
enable = true;
|
|
||||||
serial = "28058247";
|
|
||||||
unplug.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Services
|
# Services
|
||||||
|
@ -26,25 +22,12 @@
|
||||||
################################################################################
|
################################################################################
|
||||||
# Programs
|
# Programs
|
||||||
################################################################################
|
################################################################################
|
||||||
services.ollama = {
|
local.programs.browsers.tor-browser = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.unstable.ollama;
|
container = {
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
local.programs.communication = {
|
|
||||||
telegram = {
|
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.unstable.tdesktop;
|
externalInterface = "wg0";
|
||||||
};
|
sshAuthorizedKeys = globalData.publicKeys.users.jan;
|
||||||
simplex-chat = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.simplex-chat-desktop;
|
|
||||||
openFirewall = true;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.shellInit = ''
|
|
||||||
[ -n "$DISPLAY" ] && ${pkgs.xorg.xhost}/bin/xhost +local: > /dev/null || true
|
|
||||||
'';
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
import ../../disko/luks-btrfs.nix {
|
|
||||||
device = "/dev/disk/by-id/nvme-NE-256_2280_0015167003217";
|
|
||||||
}
|
|
|
@ -1,7 +1,16 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
# Include the results of the hardware scan.
|
||||||
./generated.nix # Include the results of the hardware scan.
|
imports = [ ./generated.nix ];
|
||||||
./manual.nix
|
|
||||||
|
# Enable keyboard on the boot
|
||||||
|
boot.initrd.availableKernelModules = [ "hid_asus" ];
|
||||||
|
|
||||||
|
boot.kernelModules = [
|
||||||
|
# Enable containers
|
||||||
|
# See: https://github.com/NixOS/nixpkgs/issues/38676
|
||||||
|
"veth"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
|
@ -20,7 +29,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# configure mouse and touchpad
|
# configure mouse and touchpad
|
||||||
services.libinput = {
|
services.xserver.libinput = {
|
||||||
enable = true;
|
enable = true;
|
||||||
touchpad = {
|
touchpad = {
|
||||||
accelSpeed = "0.5";
|
accelSpeed = "0.5";
|
||||||
|
|
|
@ -1,56 +1,36 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, modulesPath, ... }:
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot = {
|
||||||
boot.extraModulePackages = [ ];
|
initrd = {
|
||||||
|
availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||||
|
kernelModules = [ ];
|
||||||
|
};
|
||||||
|
|
||||||
boot.initrd = {
|
kernelModules = [ "kvm-intel" ];
|
||||||
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ];
|
extraModulePackages = [ ];
|
||||||
kernelModules = [ ];
|
|
||||||
luks.devices."luksroot".device = "/dev/disk/by-uuid/eb896c1c-f012-412e-86bd-48f663377129";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = "/dev/disk/by-uuid/45a33b08-0a15-4b47-9d8a-c58b7d62066a";
|
device = "/dev/disk/by-uuid/e6c0cbba-7000-4b1e-ba53-e7b5f8ae11c0";
|
||||||
fsType = "btrfs";
|
fsType = "ext4";
|
||||||
options = [ "subvol=root" "compress=zstd" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
"/persistent" = {
|
|
||||||
device = "/dev/disk/by-uuid/45a33b08-0a15-4b47-9d8a-c58b7d62066a";
|
|
||||||
fsType = "btrfs";
|
|
||||||
options = [ "subvol=persistent" "compress=zstd" ];
|
|
||||||
neededForBoot = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
"/nix" = {
|
|
||||||
device = "/dev/disk/by-uuid/45a33b08-0a15-4b47-9d8a-c58b7d62066a";
|
|
||||||
fsType = "btrfs";
|
|
||||||
options = [ "subvol=nix" "compress=zstd" "noatime" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
"/.swapvol" = {
|
|
||||||
device = "/dev/disk/by-uuid/45a33b08-0a15-4b47-9d8a-c58b7d62066a";
|
|
||||||
fsType = "btrfs";
|
|
||||||
options = [ "subvol=swap" "noatime" ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
"/boot" = {
|
"/boot" = {
|
||||||
device = "/dev/disk/by-uuid/94EE-CA0D";
|
device = "/dev/disk/by-uuid/499C-4EBD";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
options = [ "fmask=0022" "dmask=0022" ];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [{ device = "/.swapvol/swapfile"; }];
|
swapDevices = [{ device = "/dev/disk/by-uuid/fa457df9-cd48-4c81-90cb-a511a7689988"; }];
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
@ -60,6 +40,6 @@
|
||||||
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
|
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
|
||||||
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
|
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
boot.kernelModules = [
|
|
||||||
# Enable containers
|
|
||||||
# See: https://github.com/NixOS/nixpkgs/issues/38676
|
|
||||||
"veth"
|
|
||||||
];
|
|
||||||
|
|
||||||
# Enable keyboard on the boot
|
|
||||||
boot.initrd.availableKernelModules = [ "hid_asus" ];
|
|
||||||
|
|
||||||
boot.blacklistedKernelModules = [ "nouveau" ];
|
|
||||||
|
|
||||||
fileSystems."/home/jan" = {
|
|
||||||
device = "/dev/disk/by-uuid/e6c0cbba-7000-4b1e-ba53-e7b5f8ae11c0";
|
|
||||||
fsType = "ext4";
|
|
||||||
options = [
|
|
||||||
"defaults"
|
|
||||||
"X-mount.subdir=home/jan"
|
|
||||||
"X-mount.mkdir"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ hostsPath, usersPath, lib, ... }:
|
{ hostsPath, usersPath, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
asusData = import (hostsPath + "/asus-gl553vd/data.secret.nix");
|
asusData = import (hostsPath + "/asus-gl553vd/data.secret.nix");
|
||||||
|
|
Binary file not shown.
|
@ -6,7 +6,7 @@
|
||||||
services = {
|
services = {
|
||||||
avahi = {
|
avahi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
nssmdns4 = true;
|
nssmdns = true;
|
||||||
};
|
};
|
||||||
printing = {
|
printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
Binary file not shown.
|
@ -1,4 +1,4 @@
|
||||||
{ config, pkgs, ... }:
|
{ globalData, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -7,111 +7,57 @@
|
||||||
./users
|
./users
|
||||||
];
|
];
|
||||||
|
|
||||||
|
local.yubikey.enable = true;
|
||||||
|
|
||||||
|
services.radicale = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
auth = {
|
||||||
|
# htpasswd -B -c /etc/radicale/users
|
||||||
|
type = "htpasswd";
|
||||||
|
htpasswd_filename = "/etc/radicale/users";
|
||||||
|
htpasswd_encryption = "bcrypt";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
rights = {
|
||||||
|
root = {
|
||||||
|
user = ".+";
|
||||||
|
collection = "";
|
||||||
|
permissions = "R";
|
||||||
|
};
|
||||||
|
principal = {
|
||||||
|
user = ".+";
|
||||||
|
collection = "{user}";
|
||||||
|
permissions = "RW";
|
||||||
|
};
|
||||||
|
calendars = {
|
||||||
|
user = ".+";
|
||||||
|
collection = "{user}/[^/]+";
|
||||||
|
permissions = "rw";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Programs
|
# Programs
|
||||||
################################################################################
|
################################################################################
|
||||||
|
local.programs.browsers.tor-browser = {
|
||||||
|
enable = true;
|
||||||
|
container = {
|
||||||
|
enable = true;
|
||||||
|
externalInterface = "wg0";
|
||||||
|
sshAuthorizedKeys = globalData.publicKeys.users.jan;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Services
|
# Services
|
||||||
################################################################################
|
################################################################################
|
||||||
local.services.i2pd.enable = true;
|
local.services.i2pd.enable = true;
|
||||||
local.services.kubo.enable = true;
|
|
||||||
|
|
||||||
local.services.octoprint.enable = true;
|
local.services.octoprint.enable = true;
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
# Torrent client
|
# Torrent client
|
||||||
services.transmission = {
|
services.transmission.enable = true;
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
rpc-bind-address = "192.168.7.10";
|
|
||||||
rpc-port = 9091;
|
|
||||||
rpc-whitelist = "192.168.7.*";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.ollama = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.ollama;
|
|
||||||
acceleration = "rocm";
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.sniffnet.enable = true;
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
# Containers
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
environment.shellInit = ''
|
|
||||||
[ -n "$DISPLAY" ] && ${pkgs.xorg.xhost}/bin/xhost +local: > /dev/null || true
|
|
||||||
'';
|
|
||||||
|
|
||||||
local.programs.communication = {
|
|
||||||
telegram = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.tdesktop;
|
|
||||||
};
|
|
||||||
simplex-chat = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.simplex-chat-desktop;
|
|
||||||
openFirewall = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
containers.games = {
|
|
||||||
autoStart = true;
|
|
||||||
bindMounts = {
|
|
||||||
"${config.services.transmission.settings.download-dir}" = { };
|
|
||||||
"/tmp/.X11-unix" = { };
|
|
||||||
"/run/opengl-driver/lib" = { };
|
|
||||||
"/run/opengl-driver-32/lib" = { };
|
|
||||||
};
|
|
||||||
allowedDevices = [
|
|
||||||
{
|
|
||||||
modifier = "r";
|
|
||||||
node = "/dev/kfd";
|
|
||||||
}
|
|
||||||
{
|
|
||||||
modifier = "r";
|
|
||||||
node = "/dev/dri";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
config = { pkgs, ... }: {
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
|
|
||||||
users.groups.transmission = config.users.groups.transmission;
|
|
||||||
users.users.john = {
|
|
||||||
isNormalUser = true;
|
|
||||||
home = "/home/john";
|
|
||||||
password = "hello";
|
|
||||||
extraGroups = [ "pulse-access" "transmission" ];
|
|
||||||
packages = with pkgs; [
|
|
||||||
# wine
|
|
||||||
wineWowPackages.stable
|
|
||||||
winetricks
|
|
||||||
# community edition
|
|
||||||
fallout-ce
|
|
||||||
fallout2-ce
|
|
||||||
openmw
|
|
||||||
openxcom
|
|
||||||
# tools
|
|
||||||
innoextract
|
|
||||||
vim
|
|
||||||
unzip
|
|
||||||
p7zip
|
|
||||||
unrar-wrapper
|
|
||||||
wget
|
|
||||||
];
|
|
||||||
};
|
|
||||||
environment.sessionVariables = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
PULSE_SERVER = "tcp:127.0.0.1:4713";
|
|
||||||
XAUTHORITY = "/home/john/.Xauthority";
|
|
||||||
|
|
||||||
WINEPREFIX = "/home/john/.wine";
|
|
||||||
WINEARCH = "win32";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,11 +26,6 @@
|
||||||
# extra configs
|
# extra configs
|
||||||
hardware.bluetooth.enable = true;
|
hardware.bluetooth.enable = true;
|
||||||
|
|
||||||
hardware.graphics = {
|
|
||||||
enable = true;
|
|
||||||
enable32Bit = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# All monitors in the right order
|
# All monitors in the right order
|
||||||
# Source: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/x11/xserver.nix#L83
|
# Source: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/x11/xserver.nix#L83
|
||||||
services.xserver.xrandrHeads = [
|
services.xserver.xrandrHeads = [
|
||||||
|
|
|
@ -33,28 +33,30 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
local.games.endless-sky.enable = true;
|
|
||||||
|
|
||||||
# Extra packages
|
# Extra packages
|
||||||
home.packages = with pkgs.unstable; [
|
home.packages = with pkgs.unstable; [
|
||||||
## game dev
|
# game dev
|
||||||
blender-hip
|
blender
|
||||||
godot_4
|
godot_4
|
||||||
libresprite
|
libresprite
|
||||||
|
|
||||||
## 3d printer
|
# 3d printer
|
||||||
# Cannot build unstable Cura!
|
cura
|
||||||
# See: https://github.com/NixOS/nixpkgs/issues/325896
|
|
||||||
# it's too old in the nixpkgs!
|
|
||||||
# See: https://github.com/NixOS/nixpkgs/issues/186570
|
|
||||||
pkgs.cura
|
|
||||||
|
|
||||||
## electronics
|
# electronics
|
||||||
# kicad-small
|
kicad-small
|
||||||
# librepcb
|
# librepcb
|
||||||
|
|
||||||
# tools
|
# tools
|
||||||
bind.dnsutils
|
bind.dnsutils
|
||||||
|
|
||||||
|
kubo # ipfs
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# games
|
||||||
|
local.games = {
|
||||||
|
mindustry.enable = true;
|
||||||
|
widelands.enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
|
@ -5,11 +5,4 @@
|
||||||
./generated.nix
|
./generated.nix
|
||||||
./networking.secret.nix
|
./networking.secret.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
swapDevices = [
|
|
||||||
{
|
|
||||||
device = "/var/lib/swapfile";
|
|
||||||
size = 2 * 1024;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,5 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [ ./wireguard ];
|
||||||
./forgejo-runners
|
|
||||||
./wireguard
|
|
||||||
# ./docker-registry-proxy.nix
|
|
||||||
./nginx.nix
|
|
||||||
./renovate.nix
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
{...}:
|
|
||||||
|
|
||||||
{
|
|
||||||
services.dockerRegistry = {
|
|
||||||
enable = true;
|
|
||||||
enableGarbageCollect = true;
|
|
||||||
extraConfig = {
|
|
||||||
proxy.remoteurl = "https://registry-1.docker.io";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.nginx = {
|
|
||||||
upstreams.docker-hub-registry.servers."localhost:5000" = { };
|
|
||||||
virtualHosts."docker-hub.pleshevski.ru" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
locations."/v2/".proxyPass = "http://docker-hub-registry";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,45 +0,0 @@
|
||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
NODE_OPTIONS = "--max_old_space_size=4096";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
age.secrets.forgejo-runner-token-istal-docker.file = ./forgejo-runner-token-istal-docker.age;
|
|
||||||
age.secrets.forgejo-runner-token-codeberg-docker.file = ./forgejo-runner-token-codeberg-docker.age;
|
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
|
||||||
|
|
||||||
services.gitea-actions-runner = {
|
|
||||||
package = pkgs.unstable.forgejo-runner;
|
|
||||||
instances = {
|
|
||||||
istal-docker = {
|
|
||||||
enable = true;
|
|
||||||
name = "istal-docker";
|
|
||||||
url = "https://git.pleshevski.ru";
|
|
||||||
labels = [ ];
|
|
||||||
tokenFile = config.age.secrets.forgejo-runner-token-istal-docker.path;
|
|
||||||
settings = {
|
|
||||||
runner = {
|
|
||||||
envs = { inherit NODE_OPTIONS; };
|
|
||||||
|
|
||||||
timeout = "1h";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
codeberg-docker = {
|
|
||||||
enable = true;
|
|
||||||
name = "codeberg-docker";
|
|
||||||
url = "https://codeberg.org";
|
|
||||||
labels = [ ];
|
|
||||||
tokenFile = config.age.secrets.forgejo-runner-token-codeberg-docker.path;
|
|
||||||
settings = {
|
|
||||||
runner = {
|
|
||||||
envs = { inherit NODE_OPTIONS; };
|
|
||||||
|
|
||||||
timeout = "1h";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
Binary file not shown.
Binary file not shown.
|
@ -1,41 +0,0 @@
|
||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
||||||
|
|
||||||
security.acme = {
|
|
||||||
acceptTerms = true;
|
|
||||||
defaults.email = "dmitriy@pleshevski.ru";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
# Use recommended settings
|
|
||||||
recommendedGzipSettings = true;
|
|
||||||
recommendedOptimisation = true;
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
recommendedTlsSettings = true;
|
|
||||||
|
|
||||||
appendHttpConfig = ''
|
|
||||||
# Add HSTS header with preloading to HTTPS requests.
|
|
||||||
# Adding this header to HTTP requests is discouraged
|
|
||||||
map $scheme $hsts_header {
|
|
||||||
https "max-age=31536000; includeSubdomains; preload";
|
|
||||||
}
|
|
||||||
add_header Strict-Transport-Security $hsts_header;
|
|
||||||
|
|
||||||
# Minimize information leaked to other domains
|
|
||||||
add_header 'Referrer-Policy' 'origin-when-cross-origin';
|
|
||||||
|
|
||||||
# Disable embedding as a frame
|
|
||||||
add_header X-Frame-Options DENY;
|
|
||||||
|
|
||||||
# Prevent injection of code in other mime types (XSS Attacks)
|
|
||||||
add_header X-Content-Type-Options nosniff;
|
|
||||||
|
|
||||||
# This might create errors
|
|
||||||
proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
Binary file not shown.
Binary file not shown.
|
@ -1,48 +0,0 @@
|
||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
age.secrets.renovate-gitea-token.file = ./renovate-gitea-token.age;
|
|
||||||
age.secrets.renovate-github-token.file = ./renovate-github-token.age;
|
|
||||||
|
|
||||||
services.renovate = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.renovate;
|
|
||||||
schedule = "0..3,10..23:00/15";
|
|
||||||
credentials = {
|
|
||||||
RENOVATE_TOKEN = config.age.secrets.renovate-gitea-token.path;
|
|
||||||
GITHUB_COM_TOKEN = config.age.secrets.renovate-github-token.path;
|
|
||||||
};
|
|
||||||
runtimePackages = with pkgs.unstable; [
|
|
||||||
nodePackages.pnpm
|
|
||||||
nodePackages.npm
|
|
||||||
python312
|
|
||||||
poetry
|
|
||||||
gnumake
|
|
||||||
cargo
|
|
||||||
];
|
|
||||||
settings = {
|
|
||||||
platform = "gitea";
|
|
||||||
endpoint = "https://git.pleshevski.ru";
|
|
||||||
assignees = [ "pleshevskiy" ];
|
|
||||||
autodiscover = true;
|
|
||||||
packageRules = [
|
|
||||||
{
|
|
||||||
matchUpdateTypes = [ "minor" "patch" "pin" "digest" ];
|
|
||||||
automerge = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
automergeStrategy = "fast-forward";
|
|
||||||
onboardingConfig = {
|
|
||||||
"$schema" = "https://docs.renovatebot.com/renovate-schema.json";
|
|
||||||
extends = [ "config:recommended" ];
|
|
||||||
configMigration = true;
|
|
||||||
};
|
|
||||||
globalExtends = ["npm:unpublishSafe"];
|
|
||||||
|
|
||||||
cacheHardTtlMinutes = 30;
|
|
||||||
httpCacheTtlDays = 1;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# systemd.services.renovate.environment.LOG_LEVEL = "debug";
|
|
||||||
}
|
|
Binary file not shown.
Binary file not shown.
|
@ -6,8 +6,6 @@
|
||||||
./services
|
./services
|
||||||
];
|
];
|
||||||
|
|
||||||
local.system.kernel = "hardened";
|
|
||||||
|
|
||||||
networking.hostName = "tatos";
|
networking.hostName = "tatos";
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = globalData.publicKeys.users.jan;
|
users.users.root.openssh.authorizedKeys.keys = globalData.publicKeys.users.jan;
|
||||||
|
|
Binary file not shown.
|
@ -79,7 +79,7 @@ in
|
||||||
}
|
}
|
||||||
# Phone 2 m
|
# Phone 2 m
|
||||||
{
|
{
|
||||||
publicKey = "p1GR0Ax2wrqnnd/coKYA4p0lvhdY9Mkk4iwhPxZfl3I=";
|
publicKey = "0+ejwId5JcTeMvoz+I/ACpmpUFjD7rl9wqz8H/OAHEw=";
|
||||||
allowedIPs = [ "10.20.30.6/32" ];
|
allowedIPs = [ "10.20.30.6/32" ];
|
||||||
}
|
}
|
||||||
# Phone 3 n
|
# Phone 3 n
|
||||||
|
@ -87,11 +87,6 @@ in
|
||||||
publicKey = "IUw38F1ik2y2XoPh3Nd1VVxHz9nfKDfNKyzBaEi0rjc=";
|
publicKey = "IUw38F1ik2y2XoPh3Nd1VVxHz9nfKDfNKyzBaEi0rjc=";
|
||||||
allowedIPs = [ "10.20.30.7/32" ];
|
allowedIPs = [ "10.20.30.7/32" ];
|
||||||
}
|
}
|
||||||
# Laptop m
|
|
||||||
{
|
|
||||||
publicKey = "dF5YEeK1nw2V4GNLwg67M+r8NMA315KpueQMk+ZFO1M=";
|
|
||||||
allowedIPs = [ "10.20.30.8/32" ];
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Binary file not shown.
|
@ -1,3 +1,4 @@
|
||||||
|
# use nix-build -E (import <system>/misc/wg-client-conf.nix {})
|
||||||
{ pkgs ? import <nixpkgs> { }
|
{ pkgs ? import <nixpkgs> { }
|
||||||
, address
|
, address
|
||||||
, privateKey
|
, privateKey
|
||||||
|
|
|
@ -63,22 +63,8 @@ in
|
||||||
xclip # access x clipboard from a console
|
xclip # access x clipboard from a console
|
||||||
dmenu # menu for x window system
|
dmenu # menu for x window system
|
||||||
nitrogen # wallpaper manager
|
nitrogen # wallpaper manager
|
||||||
rofimoji # emoji picker
|
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.rofi.pass = {
|
|
||||||
enable = true;
|
|
||||||
extraConfig = ''
|
|
||||||
EDITOR='wezterm start -- nvim'
|
|
||||||
|
|
||||||
URL_field='url'
|
|
||||||
USERNAME_field='login'
|
|
||||||
AUTOTYPE_field='autotype'
|
|
||||||
|
|
||||||
default_autotype='user :tab pass'
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
xsession = {
|
xsession = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
|
|
|
@ -233,13 +233,10 @@ myManageHook = manageApps
|
||||||
anyOf :: [Query Bool] -> Query Bool
|
anyOf :: [Query Bool] -> Query Bool
|
||||||
anyOf = foldl (<||>) (pure False)
|
anyOf = foldl (<||>) (pure False)
|
||||||
|
|
||||||
machine = stringProperty "WM_CLIENT_MACHINE"
|
|
||||||
role = stringProperty "WM_WINDOW_ROLE"
|
role = stringProperty "WM_WINDOW_ROLE"
|
||||||
isPopup = role =? "pop-up"
|
isPopup = role =? "pop-up"
|
||||||
isPinentry = anyOf [className =? "Gcr-promter", className =? "Pinentry"]
|
isPinentry = anyOf [className =? "Gcr-promter", className =? "Pinentry"]
|
||||||
|
|
||||||
isGameMachine = machine =? "games"
|
|
||||||
|
|
||||||
isWezterm = className =? "org.wezfurlong.wezterm"
|
isWezterm = className =? "org.wezfurlong.wezterm"
|
||||||
isAlacritty = className =? "Alacritty"
|
isAlacritty = className =? "Alacritty"
|
||||||
isTerminal = anyOf [isWezterm, isAlacritty]
|
isTerminal = anyOf [isWezterm, isAlacritty]
|
||||||
|
@ -249,7 +246,6 @@ myManageHook = manageApps
|
||||||
composeOne
|
composeOne
|
||||||
[ -- apps
|
[ -- apps
|
||||||
className =? "Gimp" -?> doFloat,
|
className =? "Gimp" -?> doFloat,
|
||||||
isGameMachine -?> doFloat,
|
|
||||||
-- general
|
-- general
|
||||||
anyOf
|
anyOf
|
||||||
[ resource =? "desktop_window",
|
[ resource =? "desktop_window",
|
||||||
|
@ -277,15 +273,10 @@ myKeys conf =
|
||||||
("M-S-<Return>", spawn $ XMonad.terminal conf),
|
("M-S-<Return>", spawn $ XMonad.terminal conf),
|
||||||
-- launch a 'flameshot' to screenshot
|
-- launch a 'flameshot' to screenshot
|
||||||
("M-S-s", safeSpawn "flameshot" ["gui"]),
|
("M-S-s", safeSpawn "flameshot" ["gui"]),
|
||||||
-- launch browsers
|
-- launch 'librewolf' browser
|
||||||
("M-S-b", spawn "librewolf"),
|
("M-S-b", spawn "librewolf"),
|
||||||
("M-S-t", spawn "tor-browser"),
|
|
||||||
-- launch 'dmenu_run' to choose applications
|
-- launch 'dmenu_run' to choose applications
|
||||||
("M-r", spawn "dmenu_run"),
|
("M-p", spawn "dmenu_run")
|
||||||
-- launch 'rofi-pass' to use password manager
|
|
||||||
("M-p", spawn "rofi-pass --last-used"),
|
|
||||||
-- launch 'rofimoji' to pick emoji
|
|
||||||
("M-e", spawn "rofimoji --action copy")
|
|
||||||
-- Open calculator
|
-- Open calculator
|
||||||
-- ("<XF86Calculator>", spawn "gnome-calculator"),
|
-- ("<XF86Calculator>", spawn "gnome-calculator"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -8,14 +8,10 @@ in
|
||||||
mindustry.enable = mkEnableOption "mindustry";
|
mindustry.enable = mkEnableOption "mindustry";
|
||||||
widelands.enable = mkEnableOption "widelands";
|
widelands.enable = mkEnableOption "widelands";
|
||||||
unciv.enable = mkEnableOption "unciv";
|
unciv.enable = mkEnableOption "unciv";
|
||||||
freeciv.enable = mkEnableOption "freeciv";
|
|
||||||
endless-sky.enable = mkEnableOption "endless-sky";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config.home.packages =
|
config.home.packages =
|
||||||
lib.optional cfg.mindustry.enable pkgs.unstable.mindustry
|
lib.optional cfg.mindustry.enable pkgs.unstable.mindustry
|
||||||
++ lib.optional cfg.widelands.enable pkgs.widelands
|
++ lib.optional cfg.widelands.enable pkgs.widelands
|
||||||
++ lib.optional cfg.unciv.enable pkgs.unstable.unciv
|
++ lib.optional cfg.unciv.enable pkgs.unstable.unciv;
|
||||||
++ lib.optional cfg.freeciv.enable pkgs.unstable.freeciv
|
|
||||||
++ lib.optional cfg.endless-sky.enable pkgs.unstable.endless-sky;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -85,12 +85,9 @@ in
|
||||||
"text/plain" = "colorize";
|
"text/plain" = "colorize";
|
||||||
"text/rfc822-headers" = "colorize";
|
"text/rfc822-headers" = "colorize";
|
||||||
# "text/*" = "${pkgs.bat}/bin/bat -fpp --file-name='$AERC_FILENAME'";
|
# "text/*" = "${pkgs.bat}/bin/bat -fpp --file-name='$AERC_FILENAME'";
|
||||||
"message/*" = "cat | colorize";
|
"message/delivery-status" = "cat | colorize";
|
||||||
"application/pgp-keys" = "gpg";
|
"application/pgp-keys" = "gpg";
|
||||||
".filename,~\\.gpg" = "gpg --decrypt";
|
".filename,~\\.gpg" = "gpg --decrypt";
|
||||||
".filename,~\\.xml\\.gz" = "${pkgs.gzip}/bin/gunzip |"
|
|
||||||
+ "${pkgs.xmlformat}/bin/xmlformat |"
|
|
||||||
+ "${pkgs.bat}/bin/bat -fpp --file-name='$AERC_FILENAME' --language xml";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
openers = { };
|
openers = { };
|
||||||
|
@ -128,6 +125,10 @@ in
|
||||||
"\\" = fill "filter";
|
"\\" = fill "filter";
|
||||||
"n" = exec "next-result";
|
"n" = exec "next-result";
|
||||||
"N" = exec "prev-result";
|
"N" = exec "prev-result";
|
||||||
|
#"D" = exec "modify-labels +deleted -inbox";
|
||||||
|
#"A" = exec "modify-labels -inbox";
|
||||||
|
#"ms" = exec "modify-labels +spam -inbox";
|
||||||
|
#"mS" = exec "modify-labels -spam +inbox";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -153,14 +154,15 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
compose = {
|
compose = lib.mkMerge [
|
||||||
"$ex" = "<C-x>";
|
globalBinds
|
||||||
"<C-k>" = exec "prev-field";
|
{
|
||||||
"<C-j>" = exec "next-field";
|
"$ex" = "<C-x>";
|
||||||
"<tab>" = exec "next-field";
|
"<C-k>" = exec "prev-field";
|
||||||
"<C-l>" = exec "next-tab";
|
"<C-j>" = exec "next-field";
|
||||||
"<C-h>" = exec "prev-tab";
|
"<tab>" = exec "next-field";
|
||||||
};
|
}
|
||||||
|
];
|
||||||
|
|
||||||
"compose::editor" = {
|
"compose::editor" = {
|
||||||
"$noinherit" = "true";
|
"$noinherit" = "true";
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let cfg = config.local.programs.argos-translate; in
|
|
||||||
{
|
|
||||||
options.local.programs.argos-translate = with lib; {
|
|
||||||
enable = mkEnableOption "argostranslate";
|
|
||||||
package = mkPackageOption pkgs.python311Packages "argostranslate" {};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
home.packages = [ cfg.package ];
|
|
||||||
|
|
||||||
programs.zsh.shellAliases = lib.mkIf config.programs.zsh.enable {
|
|
||||||
en2ru = "${cfg.package}/bin/argos-translate --from en --to ru";
|
|
||||||
ru2en = "${cfg.package}/bin/argos-translate --from ru --to en";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -4,19 +4,15 @@
|
||||||
let cfg = config.local.programs.communication; in
|
let cfg = config.local.programs.communication; in
|
||||||
{
|
{
|
||||||
options.local.programs.communication = with lib; {
|
options.local.programs.communication = with lib; {
|
||||||
matrix = {
|
simplex-chat.enable = mkEnableOption "SimplexChat";
|
||||||
enable = mkEnableOption "nheko. matrix client";
|
telegram.enable = mkEnableOption "tdesktop. telegram client";
|
||||||
package = mkPackageOption pkgs "nheko" { };
|
matrix.enable = mkEnableOption "nheko. matrix client";
|
||||||
};
|
skype.enable = mkEnableOption "skype";
|
||||||
tox = {
|
|
||||||
enable = mkEnableOption "tox";
|
|
||||||
package = mkPackageOption pkgs "qtox" { };
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config.home.packages = with pkgs.unstable;
|
||||||
home.packages =
|
lib.optional cfg.simplex-chat.enable simplex-chat-desktop
|
||||||
lib.optional cfg.matrix.enable cfg.matrix.package
|
++ lib.optional cfg.telegram.enable tdesktop
|
||||||
++ lib.optional cfg.tox.enable cfg.tox.package;
|
++ lib.optional cfg.matrix.enable nheko
|
||||||
};
|
++ lib.optional cfg.skype.enable skypeforlinux;
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,6 @@
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./aerc.nix
|
./aerc.nix
|
||||||
./argos-translate.nix
|
|
||||||
./communication.nix
|
./communication.nix
|
||||||
./dev-tools.nix
|
./dev-tools.nix
|
||||||
./flameshot.nix
|
./flameshot.nix
|
||||||
|
|
|
@ -88,10 +88,6 @@ in
|
||||||
]
|
]
|
||||||
))
|
))
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.zsh.initExtra = ''
|
|
||||||
source <(kubectl completion zsh)
|
|
||||||
'';
|
|
||||||
})
|
})
|
||||||
|
|
||||||
(lib.mkIf cfg.psql.enable {
|
(lib.mkIf cfg.psql.enable {
|
||||||
|
|
|
@ -3,7 +3,6 @@
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./nautilus.nix
|
./nautilus.nix
|
||||||
./nnn.nix
|
|
||||||
./vifm
|
./vifm
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,5 +8,5 @@ in
|
||||||
enable = mkEnableOption "nautilus";
|
enable = mkEnableOption "nautilus";
|
||||||
};
|
};
|
||||||
|
|
||||||
config.home.packages = with pkgs.unstable; lib.optional cfg.enable nautilus;
|
config.home.packages = with pkgs.unstable; lib.optional cfg.enable gnome.nautilus;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.programs.file-managers.nnn;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.local.programs.file-managers.nnn = with lib; {
|
|
||||||
enable = mkEnableOption "nnn";
|
|
||||||
package = mkPackageOption pkgs "nnn" {};
|
|
||||||
};
|
|
||||||
|
|
||||||
config.home.packages = lib.optional cfg.enable cfg.package;
|
|
||||||
}
|
|
|
@ -11,7 +11,7 @@
|
||||||
" If you would like to use another vi clone such as Elvis or Vile
|
" If you would like to use another vi clone such as Elvis or Vile
|
||||||
" you will need to change this setting.
|
" you will need to change this setting.
|
||||||
|
|
||||||
set vicmd=nvim
|
set vicmd=vim
|
||||||
|
|
||||||
" This makes vifm perform file operations on its own instead of relying on
|
" This makes vifm perform file operations on its own instead of relying on
|
||||||
" standard utilities like `cp`. While using `cp` and alike is a more universal
|
" standard utilities like `cp`. While using `cp` and alike is a more universal
|
||||||
|
@ -128,12 +128,12 @@ mark h ~/
|
||||||
" %m run the command in a menu window
|
" %m run the command in a menu window
|
||||||
|
|
||||||
command! df df -h %m 2> /dev/null
|
command! df df -h %m 2> /dev/null
|
||||||
command! diff nvim -d %f %F
|
command! diff vim -d %f %F
|
||||||
command! zip zip -r %c.zip %f
|
command! zip zip -r %c.zip %f
|
||||||
command! run !! ./%f
|
command! run !! ./%f
|
||||||
command! make !!make %a
|
command! make !!make %a
|
||||||
command! mkcd :mkdir %a | cd %a
|
command! mkcd :mkdir %a | cd %a
|
||||||
command! vgrep nvim "+grep %a"
|
command! vgrep vim "+grep %a"
|
||||||
command! reload :write | restart full
|
command! reload :write | restart full
|
||||||
|
|
||||||
" ------------------------------------------------------------------------------
|
" ------------------------------------------------------------------------------
|
||||||
|
@ -316,6 +316,11 @@ nnoremap S :sort<cr>
|
||||||
nnoremap w :view<cr>
|
nnoremap w :view<cr>
|
||||||
vnoremap w :view<cr>gv
|
vnoremap w :view<cr>gv
|
||||||
|
|
||||||
|
" Open file in existing instance of gvim
|
||||||
|
nnoremap o :!gvim --remote-tab-silent %f<cr>
|
||||||
|
" Open file in new instance of gvim
|
||||||
|
nnoremap O :!gvim %f<cr>
|
||||||
|
|
||||||
" Open file in the background using its default program
|
" Open file in the background using its default program
|
||||||
nnoremap gb :file &<cr>l
|
nnoremap gb :file &<cr>l
|
||||||
|
|
||||||
|
@ -349,6 +354,8 @@ nnoremap ,t :!xterm &<cr>
|
||||||
|
|
||||||
" Open editor to edit vifmrc and apply settings after returning to vifm
|
" Open editor to edit vifmrc and apply settings after returning to vifm
|
||||||
nnoremap ,c :write | edit $MYVIFMRC | restart full<cr>
|
nnoremap ,c :write | edit $MYVIFMRC | restart full<cr>
|
||||||
|
" Open gvim to edit vifmrc
|
||||||
|
nnoremap ,C :!gvim --remote-tab-silent $MYVIFMRC &<cr>
|
||||||
|
|
||||||
" Toggle wrap setting on ,w key
|
" Toggle wrap setting on ,w key
|
||||||
nnoremap ,w :set wrap!<cr>
|
nnoremap ,w :set wrap!<cr>
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
|
|
||||||
programs.zsh = {
|
programs.zsh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
autosuggestion.enable = true;
|
enableAutosuggestions = true;
|
||||||
enableCompletion = true;
|
enableCompletion = true;
|
||||||
defaultKeymap = "viins";
|
defaultKeymap = "viins";
|
||||||
dotDir = ".config/zsh";
|
dotDir = ".config/zsh";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, pkgs, ... }:
|
{ lib, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [ ./common.nix ];
|
imports = [ ./common.nix ];
|
||||||
|
@ -35,19 +35,5 @@
|
||||||
################################################################################
|
################################################################################
|
||||||
local.programs.pass.enable = lib.mkDefault true;
|
local.programs.pass.enable = lib.mkDefault true;
|
||||||
|
|
||||||
local.programs.browsers = {
|
local.programs.browsers.librewolf.enable = lib.mkDefault true;
|
||||||
librewolf.enable = lib.mkDefault true;
|
|
||||||
tor-browser.enable = lib.mkDefault true;
|
|
||||||
ungoogled-chromium.enable = lib.mkDefault true;
|
|
||||||
};
|
|
||||||
|
|
||||||
security.sudo.extraRules = [{
|
|
||||||
commands = [
|
|
||||||
{
|
|
||||||
command = "/run/current-system/sw/bin/nixos-container";
|
|
||||||
options = [ "NOPASSWD" ];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
groups = [ "wheel" ];
|
|
||||||
}];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,11 +9,11 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.xserver.xkb = {
|
services.xserver = {
|
||||||
model = "pc105";
|
xkbModel = "pc105";
|
||||||
layout = "us,us";
|
layout = "us,us";
|
||||||
variant = "dvorak,";
|
xkbVariant = "dvorak,";
|
||||||
options = "grp:win_space_toggle";
|
xkbOptions = "grp:win_space_toggle";
|
||||||
};
|
};
|
||||||
|
|
||||||
console.useXkbConfig = true;
|
console.useXkbConfig = true;
|
||||||
|
|
|
@ -11,7 +11,7 @@ in
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
programs.i3lock = {
|
programs.i3lock = {
|
||||||
enable = true;
|
enable = true;
|
||||||
u2fSupport = lib.mkDefault config.security.pam.u2f.enable;
|
u2fSupport = lib.mkDefault config.local.yubikey.enable;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.xss-lock.enable = true;
|
programs.xss-lock.enable = true;
|
||||||
|
|
|
@ -42,11 +42,6 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
(final: prev: {
|
|
||||||
sniffnet = (import inputs.nixpkgs-unstable {
|
|
||||||
inherit (config.nixpkgs) config system;
|
|
||||||
}).sniffnet;
|
|
||||||
})
|
|
||||||
(final: prev: {
|
(final: prev: {
|
||||||
unstable = import inputs.nixpkgs-unstable {
|
unstable = import inputs.nixpkgs-unstable {
|
||||||
inherit (config.nixpkgs) config overlays system;
|
inherit (config.nixpkgs) config overlays system;
|
||||||
|
|
|
@ -1,36 +0,0 @@
|
||||||
{ config, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.security.sudo;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.local.security.sudo = with lib; {
|
|
||||||
nopasswd = mkOption {
|
|
||||||
type = types.listOf (types.submodule {
|
|
||||||
options = {
|
|
||||||
commands = mkOption {
|
|
||||||
type = with types; listOf (either str package);
|
|
||||||
};
|
|
||||||
groups = mkOption {
|
|
||||||
type = types.listOf types.str;
|
|
||||||
default = [ "wheel" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
});
|
|
||||||
default = [ ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf (cfg.nopasswd != [ ]) {
|
|
||||||
security.sudo.extraRules = lib.flip map cfg.nopasswd (rule: {
|
|
||||||
inherit (rule) groups;
|
|
||||||
commands = lib.flip map rule.commands (cmd:
|
|
||||||
{
|
|
||||||
command = "${cmd}";
|
|
||||||
options = [ "NOPASSWD" ];
|
|
||||||
}
|
|
||||||
);
|
|
||||||
});
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,35 +1,17 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.sound;
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
options.local.sound = {
|
options.local.sound.enable = lib.mkEnableOption "sound";
|
||||||
enable = lib.mkEnableOption "sound";
|
|
||||||
systemWide = lib.mkEnableOption "systemWide";
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf config.local.sound.enable {
|
||||||
sound = {
|
sound = {
|
||||||
enable = true;
|
enable = true;
|
||||||
mediaKeys.enable = true;
|
mediaKeys.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
hardware.pulseaudio = lib.mkMerge [
|
hardware.pulseaudio = {
|
||||||
{
|
enable = true;
|
||||||
enable = true;
|
package = pkgs.pulseaudioFull;
|
||||||
package = pkgs.pulseaudioFull;
|
};
|
||||||
}
|
|
||||||
(lib.mkIf cfg.systemWide {
|
|
||||||
systemWide = true;
|
|
||||||
support32Bit = true;
|
|
||||||
tcp = {
|
|
||||||
enable = true;
|
|
||||||
anonymousClients.allowedIpRanges = [ "127.0.0.1" ];
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = lib.mkIf cfg.systemWide [ 4713 ];
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -40,7 +40,7 @@ in
|
||||||
})
|
})
|
||||||
|
|
||||||
(lib.mkIf (cfg.kernel == "stable") {
|
(lib.mkIf (cfg.kernel == "stable") {
|
||||||
boot.kernelPackages = pkgs.unstable.linuxPackages_6_10;
|
boot.kernelPackages = pkgs.unstable.linuxPackages_6_6;
|
||||||
})
|
})
|
||||||
|
|
||||||
(lib.mkIf (cfg.kernel == "latest") {
|
(lib.mkIf (cfg.kernel == "latest") {
|
||||||
|
|
|
@ -14,7 +14,7 @@ in
|
||||||
package = pkgs.unstable.hyprland;
|
package = pkgs.unstable.hyprland;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.gnupg.agent.pinentryPackage = pkgs.pinentry-gtk2;
|
programs.gnupg.agent.pinentryFlavor = "gtk2";
|
||||||
|
|
||||||
local.lockscreen.waylock.enable = lib.mkDefault true;
|
local.lockscreen.waylock.enable = lib.mkDefault true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -14,7 +14,7 @@ in
|
||||||
package = pkgs.unstable.river;
|
package = pkgs.unstable.river;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.gnupg.agent.pinentryPackage = pkgs.pinentry-gtk2;
|
programs.gnupg.agent.pinentryFlavor = "gtk2";
|
||||||
|
|
||||||
local.lockscreen.waylock.enable = lib.mkDefault true;
|
local.lockscreen.waylock.enable = lib.mkDefault true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -10,18 +10,19 @@ let cfg = config.local.window-manager.xmonad; in
|
||||||
packages = [ pkgs.dconf ];
|
packages = [ pkgs.dconf ];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.displayManager.defaultSession = "none+xmonad";
|
|
||||||
|
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
displayManager.lightdm = {
|
displayManager = {
|
||||||
enable = true;
|
defaultSession = "none+xmonad";
|
||||||
# greeters.tiny.enable = true;
|
lightdm = {
|
||||||
|
enable = true;
|
||||||
|
# greeters.tiny.enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
windowManager.xmonad.enable = true;
|
windowManager.xmonad.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.gnupg.agent.pinentryPackage = pkgs.pinentry-gtk2;
|
programs.gnupg.agent.pinentryFlavor = "gtk2";
|
||||||
|
|
||||||
local.lockscreen.i3lock.enable = lib.mkDefault true;
|
local.lockscreen.i3lock.enable = lib.mkDefault true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,71 +1,32 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let cfg = config.local.yubikey; in
|
||||||
cfg = config.local.yubikey;
|
|
||||||
|
|
||||||
control = if cfg.multi-factor.enable then "required" else "sufficient";
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
options.local.yubikey = with lib; {
|
options.local.yubikey = with lib; {
|
||||||
enable = mkEnableOption "yubikey";
|
enable = mkEnableOption "yubikey";
|
||||||
|
|
||||||
serial = mkOption {
|
|
||||||
type = types.nullOr types.str;
|
|
||||||
default = null;
|
|
||||||
};
|
|
||||||
|
|
||||||
multi-factor.enable = mkEnableOption "multi-factor" // { default = true; };
|
|
||||||
|
|
||||||
unplug = {
|
|
||||||
enable = mkEnableOption "Do action when a Yubikey is unplugged";
|
|
||||||
model = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "407";
|
|
||||||
};
|
|
||||||
command = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "${pkgs.systemd}/bin/loginctl lock-sessions";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
environment.systemPackages = [ pkgs.yubikey-manager pkgs.yubikey-personalization ];
|
environment.systemPackages = [ pkgs.yubikey-manager pkgs.yubikey-personalization ];
|
||||||
|
|
||||||
security.pam =
|
security.pam.u2f = {
|
||||||
if cfg.serial == null then
|
enable = true;
|
||||||
{
|
control = "required";
|
||||||
u2f = {
|
cue = lib.mkDefault true;
|
||||||
enable = true;
|
|
||||||
inherit control;
|
|
||||||
cue = lib.mkDefault true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services = {
|
|
||||||
login.u2fAuth = lib.mkDefault true;
|
|
||||||
sudo.u2fAuth = lib.mkDefault true;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
yubico = {
|
|
||||||
enable = true;
|
|
||||||
inherit control;
|
|
||||||
mode = "challenge-response";
|
|
||||||
id = [ cfg.serial ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.pcscd.enable = cfg.serial != null;
|
|
||||||
|
|
||||||
services.udev = {
|
|
||||||
packages = [ pkgs.yubikey-personalization ];
|
|
||||||
extraRules = lib.mkIf cfg.unplug.enable ''
|
|
||||||
ACTION=="remove",\
|
|
||||||
ENV{DEVTYPE}=="usb_device",\
|
|
||||||
ENV{PRODUCT}=="1050/${cfg.unplug.model}/543",\
|
|
||||||
RUN+="${cfg.unplug.command}"
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||||
|
security.pam.services = {
|
||||||
|
login.u2fAuth = true;
|
||||||
|
sudo.u2fAuth = true;
|
||||||
|
};
|
||||||
|
services.pcscd.enable = true;
|
||||||
|
|
||||||
|
services.udev.extraRules = lib.mkIf config.programs.xss-lock.enable ''
|
||||||
|
ACTION=="remove",\
|
||||||
|
ENV{DEVTYPE}=="usb_device",\
|
||||||
|
ENV{PRODUCT}=="1050/402/543",\
|
||||||
|
RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,107 +1,8 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ ... }:
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.programs.browsers;
|
|
||||||
|
|
||||||
contPackages =
|
|
||||||
lib.optional cfg.tor-browser.enable cfg.tor-browser.finalPackage
|
|
||||||
++ lib.optional cfg.librewolf.enable cfg.librewolf.finalPackage
|
|
||||||
++ lib.optional cfg.mullvad-browser.enable cfg.mullvad-browser.finalPackage
|
|
||||||
++ lib.optional cfg.ungoogled-chromium.enable cfg.ungoogled-chromium.package;
|
|
||||||
|
|
||||||
hostPackages = lib.flip map contPackages (p:
|
|
||||||
let
|
|
||||||
hostRunBrowser = pkgs.writeScript "cont-run-browser" ''
|
|
||||||
sudo nixos-container run browsers -- su -l jan -c "$*"
|
|
||||||
'';
|
|
||||||
|
|
||||||
hostBrowserScript = pkgs.writeScriptBin "${p.meta.mainProgram}" ''
|
|
||||||
${hostRunBrowser} ${p.meta.mainProgram} $@
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
pkgs.runCommand "${p.meta.mainProgram}" { } ''
|
|
||||||
mkdir $out
|
|
||||||
cp -r ${hostBrowserScript}/bin $out/bin
|
|
||||||
cp -r ${p}/share $out/share
|
|
||||||
''
|
|
||||||
);
|
|
||||||
|
|
||||||
isEnable = cfg.tor-browser.enable
|
|
||||||
or cfg.librewolf.enable
|
|
||||||
or cfg.mullvad-browser.enable;
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./tor-browser.nix
|
./tor-browser.nix
|
||||||
./mullvad-browser.nix
|
./mullvad-browser.nix
|
||||||
./librewolf.nix
|
./librewolf.nix
|
||||||
./ungoogled-chromium.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
config = lib.mkIf isEnable {
|
|
||||||
environment.systemPackages = hostPackages;
|
|
||||||
|
|
||||||
local.sound.systemWide = true;
|
|
||||||
|
|
||||||
containers.browsers = {
|
|
||||||
autoStart = true;
|
|
||||||
ephemeral = true;
|
|
||||||
restartIfChanged = false;
|
|
||||||
|
|
||||||
bindMounts = lib.mkMerge [
|
|
||||||
{
|
|
||||||
"/tmp/.X11-unix" = { };
|
|
||||||
"/home/jan/Downloads" = {
|
|
||||||
isReadOnly = false;
|
|
||||||
hostPath = "/home/jan/downloads/browser";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
(lib.mkIf config.hardware.graphics.enable {
|
|
||||||
"/run/opengl-driver/lib" = { };
|
|
||||||
})
|
|
||||||
(lib.mkIf config.hardware.graphics.enable32Bit {
|
|
||||||
"/run/opengl-driver-32/lib" = { };
|
|
||||||
})
|
|
||||||
(lib.mkIf cfg.librewolf.enable {
|
|
||||||
"/home/jan/.librewolf" = {
|
|
||||||
isReadOnly = false;
|
|
||||||
hostPath = "/persistent/per-machine/browsers/home/jan/.librewolf";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
(lib.mkIf cfg.ungoogled-chromium.enable {
|
|
||||||
"/home/jan/.config/chromium" = {
|
|
||||||
isReadOnly = false;
|
|
||||||
hostPath = "/persistent/per-machine/browsers/home/jan/.config/chromium";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
(lib.mkIf config.local.programs.communication.telegram.enable {
|
|
||||||
"/home/jan/downloads/telegram" = { };
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
config = { pkgs, ... }: {
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
|
|
||||||
fonts = {
|
|
||||||
inherit (config.fonts) enableDefaultPackages packages;
|
|
||||||
fontconfig = { inherit (config.fonts.fontconfig) defaultFonts; };
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.hosts = config.networking.hosts;
|
|
||||||
|
|
||||||
users.users.jan = {
|
|
||||||
isNormalUser = true;
|
|
||||||
home = "/home/jan";
|
|
||||||
password = "hello";
|
|
||||||
extraGroups = [ "pulse-access" ];
|
|
||||||
packages = contPackages;
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
PULSE_SERVER = "tcp:127.0.0.1:4713";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,26 +2,27 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.local.programs.browsers.librewolf;
|
cfg = config.local.programs.browsers.librewolf;
|
||||||
|
isPassEnabled = config.local.programs.pass.enable;
|
||||||
|
|
||||||
policiesJson = pkgs.callPackage ./policies.nix {
|
policiesJson = pkgs.callPackage ./policies.nix {
|
||||||
firefoxAddons = inputs.firefox-addons.packages."${pkgs.system}";
|
firefoxAddons = inputs.firefox-addons.packages."${pkgs.system}";
|
||||||
|
withPassffAddon = isPassEnabled;
|
||||||
withRedirectorAddon = true;
|
withRedirectorAddon = true;
|
||||||
withSidebarTabsAddon = true;
|
withSidebarTabsAddon = true;
|
||||||
withAllSearchEngines = true;
|
withAllSearchEngines = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
finalLibrewolf = cfg.package.override {
|
librewolf' = with pkgs.unstable; librewolf.override {
|
||||||
extraPoliciesFiles = cfg.package.unwrapped.extraPoliciesFiles ++ [ policiesJson ];
|
extraPoliciesFiles = librewolf.unwrapped.extraPoliciesFiles ++ [ policiesJson ];
|
||||||
|
nativeMessagingHosts = lib.optional isPassEnabled passff-host;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.local.programs.browsers.librewolf = with lib; {
|
options.local.programs.browsers.librewolf = with lib; {
|
||||||
enable = mkEnableOption "librewolf";
|
enable = mkEnableOption "librewolf";
|
||||||
package = mkPackageOption pkgs "librewolf" {};
|
};
|
||||||
finalPackage = mkOption {
|
|
||||||
type = types.package;
|
config = lib.mkIf cfg.enable {
|
||||||
readOnly = true;
|
environment.systemPackages = [ librewolf' ];
|
||||||
default = finalLibrewolf;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ let
|
||||||
withAllSearchEngines = true;
|
withAllSearchEngines = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
finalMullvadBrowser = cfg.package.overrideAttrs (attrs: {
|
mullvadBrowser = pkgs.mullvad-browser.overrideAttrs (attrs: {
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
rm $out/share/mullvad-browser/distribution/policies.json
|
rm $out/share/mullvad-browser/distribution/policies.json
|
||||||
|
|
||||||
|
@ -21,11 +21,9 @@ in
|
||||||
{
|
{
|
||||||
options.local.programs.browsers.mullvad-browser = with lib; {
|
options.local.programs.browsers.mullvad-browser = with lib; {
|
||||||
enable = mkEnableOption "mullvad-browser";
|
enable = mkEnableOption "mullvad-browser";
|
||||||
package = mkPackageOption pkgs "mullvad-browser" {};
|
};
|
||||||
finalPackage = mkOption {
|
|
||||||
type = types.package;
|
config = lib.mkIf cfg.enable {
|
||||||
readOnly = true;
|
environment.systemPackages = [ mullvadBrowser ];
|
||||||
default = finalMullvadBrowser;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,7 +28,7 @@ writeText "policies.json" (builtins.toJSON {
|
||||||
SearchEngines = {
|
SearchEngines = {
|
||||||
Add = [
|
Add = [
|
||||||
{
|
{
|
||||||
Alias = "@sx";
|
Alias = "sx";
|
||||||
Name = "SearXNG";
|
Name = "SearXNG";
|
||||||
Description = "SearXNG — a privacy-respecting, open metasearch engine";
|
Description = "SearXNG — a privacy-respecting, open metasearch engine";
|
||||||
IconURL = "https://search.sapti.me/static/themes/simple/img/favicon.png";
|
IconURL = "https://search.sapti.me/static/themes/simple/img/favicon.png";
|
||||||
|
@ -36,28 +36,28 @@ writeText "policies.json" (builtins.toJSON {
|
||||||
}
|
}
|
||||||
] ++ lib.optionals withAllSearchEngines [
|
] ++ lib.optionals withAllSearchEngines [
|
||||||
{
|
{
|
||||||
Alias = "@np";
|
Alias = "np";
|
||||||
Name = "NixOS Packages";
|
Name = "NixOS Packages";
|
||||||
Description = "Search NixOS packages by name or description.";
|
Description = "Search NixOS packages by name or description.";
|
||||||
IconURL = "https://nixos.org/favicon.png";
|
IconURL = "https://nixos.org/favicon.png";
|
||||||
URLTemplate = "https://search.nixos.org/packages?query={searchTerms}";
|
URLTemplate = "https://search.nixos.org/packages?query={searchTerms}";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
Alias = "@no";
|
Alias = "no";
|
||||||
Name = "NixOS Options";
|
Name = "NixOS Options";
|
||||||
Description = "Search NixOS options by name or description.";
|
Description = "Search NixOS options by name or description.";
|
||||||
IconURL = "https://nixos.org/favicon.png";
|
IconURL = "https://nixos.org/favicon.png";
|
||||||
URLTemplate = "https://search.nixos.org/options?query={searchTerms}";
|
URLTemplate = "https://search.nixos.org/options?query={searchTerms}";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
Alias = "@ng";
|
Alias = "ng";
|
||||||
Name = "Noogle";
|
Name = "Noogle";
|
||||||
Description = "Search for nix functions by name.";
|
Description = "Search for nix functions by name.";
|
||||||
IconURL = "https://noogle.dev/favicon.png";
|
IconURL = "https://noogle.dev/favicon.png";
|
||||||
URLTemplate = "https://noogle.dev/q?term={searchTerms}";
|
URLTemplate = "https://noogle.dev/q?term={searchTerms}";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
Alias = "@hg";
|
Alias = "hg";
|
||||||
Name = "Hoogle";
|
Name = "Hoogle";
|
||||||
Description = ''
|
Description = ''
|
||||||
Hoogle is a Haskell API search engine, which allows you to
|
Hoogle is a Haskell API search engine, which allows you to
|
||||||
|
@ -106,12 +106,5 @@ writeText "policies.json" (builtins.toJSON {
|
||||||
"yahoo@search.mozilla.org"
|
"yahoo@search.mozilla.org"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
Containers.Default = let cont = name: icon: color: { inherit name icon color; }; in [
|
|
||||||
(cont "per" "fingerprint" "blue")
|
|
||||||
(cont "wor" "briefcase" "orange")
|
|
||||||
(cont "com" "tree" "green")
|
|
||||||
(cont "fin" "dollar" "yellow")
|
|
||||||
(cont "sea" "circle" "purple")
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
|
@ -5,7 +5,7 @@ let
|
||||||
|
|
||||||
policiesJson = pkgs.callPackage ./policies.nix { };
|
policiesJson = pkgs.callPackage ./policies.nix { };
|
||||||
|
|
||||||
finalTorBrowser = (cfg.package.override {
|
torBrowser = (pkgs.tor-browser-bundle-bin.override {
|
||||||
mediaSupport = true;
|
mediaSupport = true;
|
||||||
pulseaudioSupport = true;
|
pulseaudioSupport = true;
|
||||||
}).overrideAttrs (attrs: {
|
}).overrideAttrs (attrs: {
|
||||||
|
@ -18,11 +18,95 @@ in
|
||||||
{
|
{
|
||||||
options.local.programs.browsers.tor-browser = with lib; {
|
options.local.programs.browsers.tor-browser = with lib; {
|
||||||
enable = mkEnableOption "tor-browser";
|
enable = mkEnableOption "tor-browser";
|
||||||
package = mkPackageOption pkgs "tor-browser-bundle-bin" {};
|
container = {
|
||||||
finalPackage = mkOption {
|
enable = mkEnableOption "tor-browser inside a container";
|
||||||
type = types.package;
|
externalInterface = mkOption {
|
||||||
readOnly = true;
|
type = types.str;
|
||||||
default = finalTorBrowser;
|
default = "";
|
||||||
|
};
|
||||||
|
sshAuthorizedKeys = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [ ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable (lib.mkMerge [
|
||||||
|
(lib.mkIf (!cfg.container.enable) {
|
||||||
|
environment.systemPackages = [ torBrowser ];
|
||||||
|
})
|
||||||
|
(lib.mkIf cfg.container.enable (
|
||||||
|
let
|
||||||
|
hostRunTorBrowser = pkgs.writeScriptBin "tor-browser" ''
|
||||||
|
${pkgs.socat}/bin/socat -d TCP-LISTEN:6000,fork,bind=192.168.7.10 UNIX-CONNECT:/tmp/.X11-unix/X0 &
|
||||||
|
${pkgs.xorg.xhost}/bin/xhost +
|
||||||
|
ssh -X browser@192.168.7.11 tor-browser
|
||||||
|
${pkgs.xorg.xhost}/bin/xhost -
|
||||||
|
'';
|
||||||
|
|
||||||
|
clientRunTorBrowser = pkgs.writeScriptBin "tor-browser" ''
|
||||||
|
PULSE_SERVER=tcp:192.168.7.10:4713 \
|
||||||
|
XAUTHORITY="/home/browser/.Xauthority" \
|
||||||
|
DBUS_SESSION_BUS_ADDRESS="" \
|
||||||
|
DISPLAY=192.168.7.10:0.0 \
|
||||||
|
${pkgs.apulse}/bin/apulse ${torBrowser}/bin/tor-browser $@
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
{
|
||||||
|
assertions = [
|
||||||
|
{
|
||||||
|
assertion = cfg.container.externalInterface != "";
|
||||||
|
message = "The `tor-browser` module with the `isContainer` option enabled requires a non-empty `externalInterface` with Internet access";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
assertion = cfg.container.sshAuthorizedKeys != [ ];
|
||||||
|
message = "The `tor-browser` module with the `isContainer` option enabled requires a non-empty `sshAuthorizedKeys` to connect to the container";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
environment.systemPackages = [ hostRunTorBrowser ];
|
||||||
|
|
||||||
|
hardware.pulseaudio = {
|
||||||
|
systemWide = true;
|
||||||
|
support32Bit = true;
|
||||||
|
tcp = {
|
||||||
|
enable = true;
|
||||||
|
anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.7.0/24" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
firewall.allowedTCPPorts = [ 4713 6000 ];
|
||||||
|
nat = {
|
||||||
|
enable = true;
|
||||||
|
internalInterfaces = [ "ve-browser" ];
|
||||||
|
externalInterface = cfg.container.externalInterface;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
containers.browser = {
|
||||||
|
autoStart = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostAddress = "192.168.7.10";
|
||||||
|
localAddress = "192.168.7.11";
|
||||||
|
|
||||||
|
config = { ... }: {
|
||||||
|
system.stateVersion = "23.11";
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings.X11Forwarding = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.extraUsers.browser = {
|
||||||
|
isNormalUser = true;
|
||||||
|
home = "/home/browser";
|
||||||
|
openssh.authorizedKeys.keys = cfg.container.sshAuthorizedKeys;
|
||||||
|
extraGroups = [ "pulse-access" ];
|
||||||
|
packages = [ clientRunTorBrowser ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
))
|
||||||
|
]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
{ pkgs, lib, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
options.local.programs.browsers.ungoogled-chromium = with lib; {
|
|
||||||
enable = mkEnableOption "ungoogled-chromium";
|
|
||||||
package = mkPackageOption pkgs "ungoogled-chromium" {};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,9 +0,0 @@
|
||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./skype.nix
|
|
||||||
./telegram.nix
|
|
||||||
./simplex-chat.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,20 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.programs.communication.simplex-chat;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.local.programs.communication.simplex-chat = with lib; {
|
|
||||||
enable = mkEnableOption "SimplexChat";
|
|
||||||
package = mkPackageOption pkgs "simplex-chat-desktop" { };
|
|
||||||
openFirewall = mkEnableOption "Open firewall to link mobile device";
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
environment.systemPackages = [ cfg.package ];
|
|
||||||
|
|
||||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
|
||||||
allowedTCPPorts = [ 44000 ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,73 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.programs.communication.skype;
|
|
||||||
|
|
||||||
hostRunPackage = pkgs.writeScript "cont-run" ''
|
|
||||||
sudo nixos-container run skype -- su -l jan -c "$*"
|
|
||||||
'';
|
|
||||||
|
|
||||||
hostPackageScript = pkgs.writeScriptBin "${cfg.package.meta.mainProgram}" ''
|
|
||||||
${hostRunPackage} ${cfg.package.meta.mainProgram} $@
|
|
||||||
'';
|
|
||||||
|
|
||||||
hostSkype = pkgs.runCommand "${cfg.package.meta.mainProgram}" { } ''
|
|
||||||
mkdir $out
|
|
||||||
cp -r ${hostPackageScript}/bin $out/bin
|
|
||||||
cp -r ${cfg.package}/share $out/share
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.local.programs.communication.skype = with lib; {
|
|
||||||
enable = mkEnableOption "skype";
|
|
||||||
package = mkPackageOption pkgs "skypeforlinux" { };
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
environment.systemPackages = [ hostSkype ];
|
|
||||||
|
|
||||||
local.sound.systemWide = true;
|
|
||||||
|
|
||||||
containers.skype = {
|
|
||||||
autoStart = true;
|
|
||||||
ephemeral = true;
|
|
||||||
|
|
||||||
bindMounts = lib.mkMerge [
|
|
||||||
{
|
|
||||||
"/tmp/.X11-unix" = { };
|
|
||||||
"/home/jan/downloads/skype" = { isReadonly = false; };
|
|
||||||
}
|
|
||||||
(lib.mkIf config.hardware.graphics.enable {
|
|
||||||
"/run/opengl-driver/lib" = { };
|
|
||||||
})
|
|
||||||
(lib.mkIf config.hardware.graphics.enable32Bit {
|
|
||||||
"/run/opengl-driver-32/lib" = { };
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
config = { pkgs, ... }: {
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
fonts = {
|
|
||||||
inherit (config.fonts) enableDefaultPackages packages;
|
|
||||||
fontconfig = { inherit (config.fonts.fontconfig) defaultFonts; };
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.jan = {
|
|
||||||
isNormalUser = true;
|
|
||||||
home = "/home/jan";
|
|
||||||
password = "hello";
|
|
||||||
extraGroups = [ "pulse-access" ];
|
|
||||||
packages = [ cfg.package ];
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
PULSE_SERVER = "tcp:127.0.0.1:4713";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,77 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.programs.communication.telegram;
|
|
||||||
|
|
||||||
hostRunPackage = pkgs.writeScript "cont-run" ''
|
|
||||||
sudo nixos-container run telegram -- su -l jan -c "$*"
|
|
||||||
'';
|
|
||||||
|
|
||||||
hostPackageScript = pkgs.writeScriptBin "${cfg.package.meta.mainProgram}" ''
|
|
||||||
${hostRunPackage} ${cfg.package.meta.mainProgram} $@
|
|
||||||
'';
|
|
||||||
|
|
||||||
hostTelegram = pkgs.runCommand "${cfg.package.meta.mainProgram}" { } ''
|
|
||||||
mkdir $out
|
|
||||||
cp -r ${hostPackageScript}/bin $out/bin
|
|
||||||
cp -r ${cfg.package}/share $out/share
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.local.programs.communication.telegram = with lib; {
|
|
||||||
enable = mkEnableOption "tdesktop. telegram client";
|
|
||||||
package = mkPackageOption pkgs "tdesktop" { };
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
environment.systemPackages = [ hostTelegram ];
|
|
||||||
|
|
||||||
local.sound.systemWide = true;
|
|
||||||
|
|
||||||
containers.telegram = {
|
|
||||||
autoStart = true;
|
|
||||||
ephemeral = true;
|
|
||||||
|
|
||||||
bindMounts = lib.mkMerge [
|
|
||||||
{
|
|
||||||
"/tmp/.X11-unix" = { };
|
|
||||||
"/home/jan/downloads/telegram" = {
|
|
||||||
isReadOnly = false;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
(lib.mkIf config.hardware.graphics.enable {
|
|
||||||
"/run/opengl-driver/lib" = { };
|
|
||||||
})
|
|
||||||
(lib.mkIf config.hardware.graphics.enable32Bit {
|
|
||||||
"/run/opengl-driver-32/lib" = { };
|
|
||||||
})
|
|
||||||
(lib.mkIf config.local.programs.browsers.librewolf.enable {
|
|
||||||
"/home/jan/downloads/browser" = { };
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
config = { pkgs, ... }: {
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
|
|
||||||
fonts = {
|
|
||||||
inherit (config.fonts) enableDefaultPackages packages;
|
|
||||||
fontconfig = { inherit (config.fonts.fontconfig) defaultFonts; };
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.jan = {
|
|
||||||
isNormalUser = true;
|
|
||||||
home = "/home/jan";
|
|
||||||
password = "hello";
|
|
||||||
extraGroups = [ "pulse-access" ];
|
|
||||||
packages = [ cfg.package ];
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
PULSE_SERVER = "tcp:127.0.0.1:4713";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -4,7 +4,5 @@
|
||||||
imports = [
|
imports = [
|
||||||
./pass.nix
|
./pass.nix
|
||||||
./browsers
|
./browsers
|
||||||
./communication
|
|
||||||
./editors
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +0,0 @@
|
||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [ ./jetbrains-idea.nix ];
|
|
||||||
}
|
|
|
@ -1,48 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.local.programs.editors.jetbrains-idea;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.local.programs.editors.jetbrains-idea = with lib; {
|
|
||||||
enable = mkEnableOption "jetbrains idea-community";
|
|
||||||
package = mkPackageOption pkgs.jetbrains "idea-community" { };
|
|
||||||
};
|
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
containers.jetbrains-idea = {
|
|
||||||
autoStart = true;
|
|
||||||
ephemeral = true;
|
|
||||||
|
|
||||||
bindMounts = {
|
|
||||||
"/tmp/.X11-unix" = { };
|
|
||||||
"/home/john/projects" = {
|
|
||||||
isReadOnly = false;
|
|
||||||
hostPath = "/home/jan/containers/jetbrains-idea/projects";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = { pkgs, ... }: {
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
|
|
||||||
fonts = {
|
|
||||||
inherit (config.fonts) enableDefaultPackages packages;
|
|
||||||
fontconfig = { inherit (config.fonts.fontconfig) defaultFonts; };
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.john = {
|
|
||||||
isNormalUser = true;
|
|
||||||
home = "/home/john";
|
|
||||||
password = "hello";
|
|
||||||
extraGroups = [ "pulse-access" ];
|
|
||||||
packages = [ cfg.package ];
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -6,9 +6,7 @@
|
||||||
./dnscrypt-proxy2.nix
|
./dnscrypt-proxy2.nix
|
||||||
./gnupg.nix
|
./gnupg.nix
|
||||||
./i2pd.nix
|
./i2pd.nix
|
||||||
./kubo.nix
|
|
||||||
./octoprint.nix
|
./octoprint.nix
|
||||||
|
|
||||||
./vpn
|
./vpn
|
||||||
./fail2ban
|
./fail2ban
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,14 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
options.local.services.kubo.enable = lib.mkEnableOption "kubo. The InterPlanetary File System (IPFS)";
|
|
||||||
|
|
||||||
config = lib.mkIf config.local.services.kubo.enable {
|
|
||||||
services.kubo = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.kubo;
|
|
||||||
# required to use ipfs companion browser extension
|
|
||||||
settings.Addresses.API = [ "/ip4/127.0.0.1/tcp/5001" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,20 +1,14 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cfg = config.local.services.vpn.wireguard;
|
cfg = config.local.services.vpn.wireguard;
|
||||||
|
|
||||||
addrsViaDefaultInterface = [
|
|
||||||
# cache.nixos.org
|
|
||||||
"151.101.86.217/32"
|
|
||||||
# tbank.ru
|
|
||||||
"178.248.236.218/32"
|
|
||||||
];
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.local.services.vpn.wireguard = with lib; {
|
options.local.services.vpn.wireguard = with lib; {
|
||||||
enable = mkEnableOption "Enable wireguard vpn";
|
enable = mkEnableOption "Enable wireguard vpn";
|
||||||
ip = mkOption {
|
ip = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
|
description = "10.100.0.<num>/24";
|
||||||
example = "10.100.0.1/24";
|
example = "10.100.0.1/24";
|
||||||
};
|
};
|
||||||
privateKeyFile = mkOption {
|
privateKeyFile = mkOption {
|
||||||
|
@ -50,22 +44,6 @@ in
|
||||||
# Path to the private key file.
|
# Path to the private key file.
|
||||||
privateKeyFile = cfg.privateKeyFile;
|
privateKeyFile = cfg.privateKeyFile;
|
||||||
|
|
||||||
postUp = ''
|
|
||||||
addr=`${pkgs.iproute}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $3; exit}'`
|
|
||||||
interface=`${pkgs.iproute}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $5; exit}'`
|
|
||||||
'' + lib.concatLines (map
|
|
||||||
(addr: "${pkgs.iproute}/bin/ip route add ${addr} via $addr dev $interface || true")
|
|
||||||
addrsViaDefaultInterface
|
|
||||||
);
|
|
||||||
|
|
||||||
preDown = ''
|
|
||||||
addr=`${pkgs.iproute}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $3; exit}'`
|
|
||||||
interface=`${pkgs.iproute}/bin/ip route | ${pkgs.gawk}/bin/awk '/default/ {print $5; exit}'`
|
|
||||||
'' + lib.concatLines (map
|
|
||||||
(addr: "${pkgs.iproute}/bin/ip route del ${addr} via $addr dev $interface || true")
|
|
||||||
addrsViaDefaultInterface
|
|
||||||
);
|
|
||||||
|
|
||||||
peers = [
|
peers = [
|
||||||
# For a client configuration, one peer entry for the server will suffice.
|
# For a client configuration, one peer entry for the server will suffice.
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
# Configs
|
# Configs
|
||||||
################################################################################
|
################################################################################
|
||||||
local.system = {
|
local.system = {
|
||||||
kernel = lib.mkDefault "stable";
|
kernel = lib.mkDefault "hardened";
|
||||||
headless = lib.mkDefault true;
|
headless = lib.mkDefault true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./language-server.nix
|
|
||||||
./line-limiter.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,86 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let inherit (lib.nix2lua) call; in
|
|
||||||
{
|
|
||||||
fn.lspconfig-eslint-on-attach = {
|
|
||||||
args = [ "client" "bufnr" ];
|
|
||||||
content = { bufnr, ... }: {
|
|
||||||
vim.augroup.eslint-fix = {
|
|
||||||
event = "BufWritePre";
|
|
||||||
buffer = bufnr;
|
|
||||||
command = "silent! EslintFixAll";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
plugins.language-server.lspconfig.serverSettings = {
|
|
||||||
# nix
|
|
||||||
nil_ls = { };
|
|
||||||
# rust
|
|
||||||
rust_analyzer = {
|
|
||||||
settings.rust-analyzer = {
|
|
||||||
"server.path" = "rust-analyzer";
|
|
||||||
"updates.prompt" = false;
|
|
||||||
"updates.checkOnStartup" = false;
|
|
||||||
"checkOnSave.enable" = true;
|
|
||||||
"checkOnSave.command" = "clippy";
|
|
||||||
"cargo.autoreload" = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# linter for javascript, typescript, vue
|
|
||||||
eslint = {
|
|
||||||
on_attach = config.fn.lspconfig-eslint-on-attach.lambda;
|
|
||||||
flags = {
|
|
||||||
allow_incremental_sync = false;
|
|
||||||
debounce_text_changes = 1000;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# vue
|
|
||||||
volar = {
|
|
||||||
init_options = {
|
|
||||||
typescript.tsdk = "./node_modules/typescript/lib";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# python
|
|
||||||
pylsp = { };
|
|
||||||
# typescript, javascript
|
|
||||||
denols = {
|
|
||||||
root_dir = call "${config.plugin.nvim-lspconfig.varName}.util.root_pattern" [ "deno.json" "deno.jsonc" ];
|
|
||||||
};
|
|
||||||
# java
|
|
||||||
jdtls = {
|
|
||||||
cmd = [
|
|
||||||
"${pkgs.jdt-language-server}/bin/jdtls"
|
|
||||||
"--jvm-arg=-javaagent:${pkgs.lombok.out}/share/java/lombok.jar"
|
|
||||||
"--jvm-arg=-Xbootclasspath/a:${pkgs.lombok.out}/share/java/lombok.jar"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
# json
|
|
||||||
jsonls = { };
|
|
||||||
# css, scss, less
|
|
||||||
cssls = { };
|
|
||||||
css_variables = {
|
|
||||||
lookupFiles = [
|
|
||||||
"**/*.scss"
|
|
||||||
"**/*.less"
|
|
||||||
"**/*.css"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
# Grammar/Spell Checker
|
|
||||||
ltex = {
|
|
||||||
language = "en-US";
|
|
||||||
languageToolHttpServerUri = "http://localhost:8081";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
plugins.language-server.typescript-tools = {
|
|
||||||
enable = true;
|
|
||||||
serverSettings = {
|
|
||||||
filetypes = [ "javascript" "javascriptreact" "typescript" "typescriptreact" "vue" ];
|
|
||||||
settings = {
|
|
||||||
tsserver_max_memory = "auto";
|
|
||||||
tsserver_plugins = [ "@vue/typescript-plugin" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,48 +0,0 @@
|
||||||
{ lib, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
mkLineLimiterOpts = limit: {
|
|
||||||
colorcolumn = toString (limit + 1);
|
|
||||||
textwidth = limit;
|
|
||||||
};
|
|
||||||
|
|
||||||
mkLineLimiterGroup = { limit, pattern }:
|
|
||||||
lib.nameValuePair
|
|
||||||
"line-limiter-${toString limit}"
|
|
||||||
{
|
|
||||||
inherit pattern;
|
|
||||||
opt = mkLineLimiterOpts limit;
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
buffer.filetype = lib.listToAttrs [
|
|
||||||
(mkLineLimiterGroup {
|
|
||||||
limit = 100;
|
|
||||||
pattern = [
|
|
||||||
"nix"
|
|
||||||
"javascript,javascriptreact"
|
|
||||||
"typescript,typescriptreact"
|
|
||||||
"vue"
|
|
||||||
"rust"
|
|
||||||
"haskell"
|
|
||||||
];
|
|
||||||
})
|
|
||||||
(mkLineLimiterGroup {
|
|
||||||
limit = 90;
|
|
||||||
pattern = [
|
|
||||||
"python"
|
|
||||||
];
|
|
||||||
})
|
|
||||||
(mkLineLimiterGroup {
|
|
||||||
limit = 80;
|
|
||||||
pattern = [
|
|
||||||
"json"
|
|
||||||
"yaml"
|
|
||||||
"markdown"
|
|
||||||
"html,htmldjango"
|
|
||||||
"css,scss,less"
|
|
||||||
"sql,psql"
|
|
||||||
];
|
|
||||||
})
|
|
||||||
];
|
|
||||||
}
|
|
143
neovim/dev.nix
143
neovim/dev.nix
|
@ -1,70 +1,84 @@
|
||||||
{ modulesPath, lib, pkgs, ... }:
|
{ config, modulesPath, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (lib.mod) ctrl;
|
inherit (lib.mod) ctrl;
|
||||||
inherit (lib.nix2lua) pipe1 require call0 nf var;
|
inherit (lib.nix2lua) pipe1 require call call0;
|
||||||
|
|
||||||
|
mkLineLimiterGroup = { limit, pattern }:
|
||||||
|
lib.nameValuePair
|
||||||
|
"line-limiter-${toString limit}"
|
||||||
|
{
|
||||||
|
inherit pattern;
|
||||||
|
opt = {
|
||||||
|
colorcolumn = toString limit;
|
||||||
|
textwidth = limit;
|
||||||
|
};
|
||||||
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
"${modulesPath}/profiles/recommended.nix"
|
"${modulesPath}/profiles/recommended.nix"
|
||||||
./snippets.nix
|
./snippets.nix
|
||||||
./configs
|
|
||||||
./plugins
|
|
||||||
];
|
];
|
||||||
|
|
||||||
vim.opt = {
|
vim.opt = {
|
||||||
list = true;
|
list = true;
|
||||||
formatoptions = "roqnlj";
|
formatexpr = "neoformat#Neoformat(0, '', v:lnum, v:lnum + v:count)";
|
||||||
};
|
};
|
||||||
|
|
||||||
buffer.filetype = {
|
buffer.filetype = {
|
||||||
text-options = {
|
nix.opt.formatexpr = "neoformat#Neoformat(0, '', 0, 99999)";
|
||||||
pattern = [ "txt" "markdown" "mail" "man" ];
|
} // lib.listToAttrs [
|
||||||
opt = { formatoptions = "roqwnjp"; };
|
(mkLineLimiterGroup {
|
||||||
};
|
limit = 101;
|
||||||
};
|
pattern = [
|
||||||
|
"nix"
|
||||||
|
"javascript,javascriptreact"
|
||||||
|
"typescript,typescriptreact"
|
||||||
|
"rust"
|
||||||
|
"haskell"
|
||||||
|
];
|
||||||
|
})
|
||||||
|
(mkLineLimiterGroup {
|
||||||
|
limit = 81;
|
||||||
|
pattern = [
|
||||||
|
"python"
|
||||||
|
"json"
|
||||||
|
"yaml"
|
||||||
|
"markdown"
|
||||||
|
"html"
|
||||||
|
"css"
|
||||||
|
"scss"
|
||||||
|
"less"
|
||||||
|
"sql"
|
||||||
|
"psql"
|
||||||
|
];
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
filetype.detect = {
|
filetype.detect = {
|
||||||
d2 = "*.d2";
|
d2 = "*.d2";
|
||||||
nickel = "*.ncl";
|
nickel = "*.ncl";
|
||||||
psql = "*.psql";
|
psql = "*.psql";
|
||||||
sql = "*.pgsql";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable fast navigation between windows
|
# Enable fast navigation between windows
|
||||||
vim.keymap.set = map (k: { mode = "n"; lhs = ctrl k; rhs = "${ctrl "w"}${k}"; }) [ "h" "l" "j" "k" ];
|
vim.keymap.set = map (k: { mode = "n"; lhs = ctrl k; rhs = "${ctrl "w"}${k}"; }) [ "h" "l" "j" "k" ];
|
||||||
|
|
||||||
plugins.style.nvim-treesitter = {
|
plugins.style.nvim-treesitter.extraGrammars = {
|
||||||
extraGrammars = {
|
tree-sitter-d2 = rec {
|
||||||
tree-sitter-d2 = rec {
|
language = "d2";
|
||||||
language = "d2";
|
version = "8a9d50043d58eedf1e375b0e2059e43efd856902";
|
||||||
version = "1e6d8ca3d85c0031ff010759bb60804dd47b95f2";
|
# version = "e7507ddd983427cb71b4bd96b039c382c73d65c5";
|
||||||
src = pkgs.fetchFromGitea {
|
src = pkgs.fetchFromGitea {
|
||||||
domain = "git.pleshevski.ru";
|
domain = "git.pleshevski.ru";
|
||||||
owner = "pleshevskiy";
|
owner = "pleshevskiy";
|
||||||
repo = "tree-sitter-d2";
|
repo = "tree-sitter-d2";
|
||||||
rev = version;
|
rev = version;
|
||||||
sha256 = "sha256-ld9zlJ7tXl/SyrHJXwPKviDHePbw/jhI9WPT3aNntt8=";
|
sha256 = "sha256-ZhVjxo7Xi7DaHN3qabUcykflY74bUqPcOA410fA3zRk=";
|
||||||
};
|
# sha256 = "sha256-m7ZCxnW4Q1bQp1GhntUF7l+p6DV1p/2AJXhVeRy8Rec=";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Source: https://github.com/DariusCorvus/tree-sitter-language-injection.nvim/blob/main/lua/tree-sitter-language-injection/init.lua
|
|
||||||
extraQueries.javascript.injections =
|
|
||||||
let
|
|
||||||
lang = "sql";
|
|
||||||
langMatch = ''^//+( )*${lang}( )*|^/[*]+( )*${lang}( )*[*]+/$'';
|
|
||||||
in
|
|
||||||
''
|
|
||||||
((comment) @comment .
|
|
||||||
([ (string(string_fragment) @injection.content)
|
|
||||||
(template_string(string_fragment) @injection.content)
|
|
||||||
] @injection.content
|
|
||||||
)
|
|
||||||
(#match? @comment "${langMatch}")
|
|
||||||
(#set! injection.language "${lang}")
|
|
||||||
)
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
|
||||||
plugins.style.neoformat.autoformat = {
|
plugins.style.neoformat.autoformat = {
|
||||||
|
@ -94,14 +108,45 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
plugins.snippet.luasnip.settings = {
|
fn.lspconfig-eslint-on-attach = {
|
||||||
ext_opts = [
|
args = [ "client" "bufnr" ];
|
||||||
(nf (var "luasnip_types.choiceNode") {
|
content = { bufnr, ... }: {
|
||||||
active.virt_text = [ [ "●" "WarningMsg" ] ];
|
vim.augroup.eslint-fix = {
|
||||||
})
|
event = "BufWritePre";
|
||||||
(nf (var "luasnip_types.insertNode") {
|
buffer = bufnr;
|
||||||
active.virt_text = [ [ "●" "Title" ] ];
|
command = "silent! EslintFixAll";
|
||||||
})
|
};
|
||||||
];
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
plugins.language-server.lspconfig.serverSettings = {
|
||||||
|
nil_ls = { };
|
||||||
|
rust_analyzer = {
|
||||||
|
settings.rust-analyzer = {
|
||||||
|
"server.path" = "rust-analyzer";
|
||||||
|
"updates.prompt" = false;
|
||||||
|
"updates.checkOnStartup" = false;
|
||||||
|
"checkOnSave.enable" = true;
|
||||||
|
"checkOnSave.command" = "clippy";
|
||||||
|
"cargo.autoreload" = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
tsserver = { };
|
||||||
|
eslint = {
|
||||||
|
on_attach = config.fn.lspconfig-eslint-on-attach.lambda;
|
||||||
|
};
|
||||||
|
volar = {
|
||||||
|
init_options = {
|
||||||
|
typescript.tsdk = "./node_modules/typescript/lib";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ltex = {
|
||||||
|
language = "en-US";
|
||||||
|
languageToolHttpServerUri = "http://localhost:8081";
|
||||||
|
};
|
||||||
|
pylsp = { };
|
||||||
|
denols = {
|
||||||
|
root_dir = call "${config.plugin.nvim-lspconfig.varName}.util.root_pattern" [ "deno.json" "deno.jsonc" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./ollama.nix
|
|
||||||
./spring-boot.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,7 +0,0 @@
|
||||||
{
|
|
||||||
plugin.ollama-nvim = {
|
|
||||||
enable = true;
|
|
||||||
name = "ollama";
|
|
||||||
setupSettings = { };
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,40 +0,0 @@
|
||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
|
|
||||||
let
|
|
||||||
inherit (lib.nix2lua) pipe1 call0 call1;
|
|
||||||
inherit (pkgs) vimUtils fetchFromGitHub;
|
|
||||||
|
|
||||||
spring-boot-nvim = vimUtils.buildVimPlugin {
|
|
||||||
pname = "spring-boot";
|
|
||||||
version = "2024-08-10";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "JavaHello";
|
|
||||||
repo = "spring-boot.nvim";
|
|
||||||
rev = "995a705becbc711b703f9ab344745ececf6471a3";
|
|
||||||
hash = "sha256-Hri6WQnWTmFwlOUCVG8O1eELn9FhlvVpUC9lt+uIGkc=";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
|
|
||||||
{
|
|
||||||
plugin.spring-boot-nvim = {
|
|
||||||
enable = true;
|
|
||||||
package = spring-boot-nvim;
|
|
||||||
name = "spring_boot";
|
|
||||||
};
|
|
||||||
|
|
||||||
plugin.nvim-lspconfig.beforeSetup = [
|
|
||||||
(pipe1 config.plugin.spring-boot-nvim.var (call1 "setup" {
|
|
||||||
java_cmd = "${pkgs.jdk22}/bin/java";
|
|
||||||
log_file = "/tmp/spring-boot.log";
|
|
||||||
}))
|
|
||||||
(pipe1 config.plugin.spring-boot-nvim.var (call0 "init_lsp_commands"))
|
|
||||||
];
|
|
||||||
|
|
||||||
plugins.language-server.lspconfig.serverSettings.jdtls = {
|
|
||||||
init_options = {
|
|
||||||
bundles = (pipe1 config.plugin.spring-boot-nvim.var (call0 "java_extensions"));
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -12,35 +12,35 @@
|
||||||
{ jump = 2; text = "trueBody"; }
|
{ jump = 2; text = "trueBody"; }
|
||||||
{ text = " else "; }
|
{ text = " else "; }
|
||||||
{ jump = 3; text = "falseBody"; }
|
{ jump = 3; text = "falseBody"; }
|
||||||
{ jump = 0; }
|
|
||||||
];
|
|
||||||
|
|
||||||
"inherit".nodes = [
|
|
||||||
{ text = "inherit "; }
|
|
||||||
{
|
|
||||||
jump = 1;
|
|
||||||
choices = [
|
|
||||||
{
|
|
||||||
nodes = [
|
|
||||||
{ text = "("; }
|
|
||||||
{ jump = 1; text = "lib"; }
|
|
||||||
{ text = ") "; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{ text = ""; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{ jump = 2; text = "filter"; }
|
|
||||||
{ text = ";"; }
|
{ text = ";"; }
|
||||||
{ jump = 0; }
|
|
||||||
];
|
];
|
||||||
|
|
||||||
"var".nodes = [
|
"var".nodes = [
|
||||||
{ jump = 1; text = "name"; }
|
{ jump = 1; text = "name"; }
|
||||||
{ text = " = "; }
|
{ text = " = "; }
|
||||||
{ jump = 2; text = "value"; }
|
{
|
||||||
|
jump = 2;
|
||||||
|
choices = [
|
||||||
|
{ kind = "insert"; text = "value"; }
|
||||||
|
{
|
||||||
|
nodes = [
|
||||||
|
{ jump = 1; }
|
||||||
|
{ text = "["; }
|
||||||
|
{ jump = 2; }
|
||||||
|
{ text = "]"; }
|
||||||
|
];
|
||||||
|
}
|
||||||
|
{
|
||||||
|
nodes = [
|
||||||
|
{ jump = 1; }
|
||||||
|
{ text = "{"; }
|
||||||
|
{ jump = 2; }
|
||||||
|
{ text = "}"; }
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
{ text = ";"; }
|
{ text = ";"; }
|
||||||
{ jump = 0; }
|
|
||||||
];
|
];
|
||||||
|
|
||||||
"module".nodes = [
|
"module".nodes = [
|
||||||
|
@ -61,15 +61,17 @@
|
||||||
choices = [
|
choices = [
|
||||||
{
|
{
|
||||||
nodes = [
|
nodes = [
|
||||||
{ text = "let "; }
|
|
||||||
{ jump = 1; }
|
{ jump = 1; }
|
||||||
|
{ text = "let "; }
|
||||||
|
{ jump = 2; }
|
||||||
{ text = "in"; }
|
{ text = "in"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
nodes = [
|
nodes = [
|
||||||
|
{ jump = 1; }
|
||||||
{ text = "with "; }
|
{ text = "with "; }
|
||||||
{ jump = 1; text = "lib"; }
|
{ jump = 2; text = "lib"; }
|
||||||
{ text = ";"; }
|
{ text = ";"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -85,7 +87,6 @@
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{ text = [ "" "}" ]; }
|
{ text = [ "" "}" ]; }
|
||||||
{ jump = 0; }
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,19 +0,0 @@
|
||||||
# Davmail
|
|
||||||
|
|
||||||
## Update refresh token
|
|
||||||
|
|
||||||
Stop current `davmail.service` and clone properties to a temp file
|
|
||||||
|
|
||||||
```sh
|
|
||||||
sudo systemctl stop davmail.service
|
|
||||||
cat $(sudo systemctl cat davmail.service | awk '/ExecStart=/ { print $2; }') > /tmp/davmail.properties
|
|
||||||
```
|
|
||||||
|
|
||||||
Start davmail manually
|
|
||||||
|
|
||||||
```sh
|
|
||||||
davmail /tmp/davmail.properties
|
|
||||||
```
|
|
||||||
|
|
||||||
Open renew link in the browser and copy `refreshToken` from
|
|
||||||
`/tmp/davmail.properties`
|
|
16
notes/vpn.md
16
notes/vpn.md
|
@ -1,6 +1,6 @@
|
||||||
# WireGuard
|
# WireGuard
|
||||||
|
|
||||||
## Generate key pair
|
## Generate keypair
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
umask 077
|
umask 077
|
||||||
|
@ -8,20 +8,6 @@ wg genkey > ./private
|
||||||
wg pubkey < ./private > ./public
|
wg pubkey < ./private > ./public
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
## Configuration
|
|
||||||
|
|
||||||
Then create QR code with configuration using the following command:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
nix build -f ./misc/wg-client-conf.nix \
|
|
||||||
--argstr address "" \
|
|
||||||
--argstr dns "" \
|
|
||||||
--argstr privateKey "$(cat private)" \
|
|
||||||
--argstr serverPublicKey "" \
|
|
||||||
--argstr serverEndpoint ""
|
|
||||||
```
|
|
||||||
|
|
||||||
# References:
|
# References:
|
||||||
|
|
||||||
- https://nixos.wiki/wiki/WireGuard
|
- https://nixos.wiki/wiki/WireGuard
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
{ buildNpmPackage, fetchFromGitHub }:
|
|
||||||
|
|
||||||
# https://github.com/BuilderIO/micro-agent
|
|
||||||
buildNpmPackage rec {
|
|
||||||
pname = "micro-agent";
|
|
||||||
version = "0.0.41";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "BuilderIO";
|
|
||||||
repo = "micro-agent";
|
|
||||||
rev = "v${version}";
|
|
||||||
hash = "sha256-NxnK8MgKPTZVIADd03fJ6egUWq5vgVxkOvqaD/T/12w=";
|
|
||||||
};
|
|
||||||
|
|
||||||
npmDepsHash = "sha256-exIqyldG5dcUt1xoVLQw/FLOOqfIpG44i3fdzG4cyvM=";
|
|
||||||
|
|
||||||
NODE_OPTIONS = "--openssl-legacy-provider";
|
|
||||||
|
|
||||||
npmFlags = [ "--ignore-scripts" ];
|
|
||||||
}
|
|
29
readme.md
29
readme.md
|
@ -2,6 +2,35 @@
|
||||||
|
|
||||||
This repository contains configurations for my personal vps and workstations.
|
This repository contains configurations for my personal vps and workstations.
|
||||||
|
|
||||||
|
## Hosts
|
||||||
|
|
||||||
|
Workstations:
|
||||||
|
|
||||||
|
- **home** - Home desktop computer for work.
|
||||||
|
- **asus-gl553vd** - My laptop for remote work.
|
||||||
|
|
||||||
|
# Home Manager configs
|
||||||
|
|
||||||
|
User configurations are included.
|
||||||
|
|
||||||
|
### Themes
|
||||||
|
|
||||||
|
| Name | Palettes | Note |
|
||||||
|
| :--------- | :------- | :------ |
|
||||||
|
| Catppuccin | Frappe | Current |
|
||||||
|
|
||||||
|
### Core Programs
|
||||||
|
|
||||||
|
| Type | Program |
|
||||||
|
| :------------- | :------ |
|
||||||
|
| Status Bar | Polybar |
|
||||||
|
| Window Manager | XMonad |
|
||||||
|
| Launcher | Dmenu |
|
||||||
|
| Terminal | Wezterm |
|
||||||
|
| Editor | Neovim |
|
||||||
|
| File Manager | vifm |
|
||||||
|
| Shell | Zsh |
|
||||||
|
|
||||||
### Screenshots
|
### Screenshots
|
||||||
|
|
||||||
![workspace](assets/screenshot_1.png)
|
![workspace](assets/screenshot_1.png)
|
||||||
|
|
|
@ -5,12 +5,12 @@
|
||||||
{
|
{
|
||||||
"description": "home youtube.com/youtu.be -> invidious",
|
"description": "home youtube.com/youtu.be -> invidious",
|
||||||
"exampleUrl": "https://www.youtube.com/",
|
"exampleUrl": "https://www.youtube.com/",
|
||||||
"exampleResult": "https://yewtu.be/",
|
"exampleResult": "https://inv.oikei.net/",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://(?:www\\.)?(youtube\\.com|youtu.be)/$",
|
"includePattern": "https://(?:www\\.)?(youtube\\.com|youtu.be)/$",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "get home page ",
|
"patternDesc": "get home page ",
|
||||||
"redirectUrl": "https://yewtu.be/",
|
"redirectUrl": "https://inv.oikei.net/",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -22,12 +22,12 @@
|
||||||
{
|
{
|
||||||
"description": "youtu.be -> invidious",
|
"description": "youtu.be -> invidious",
|
||||||
"exampleUrl": "https://youtu.be/MYRBI-X5nfhI?si=sSoZBk9bB7NSEE8j",
|
"exampleUrl": "https://youtu.be/MYRBI-X5nfhI?si=sSoZBk9bB7NSEE8j",
|
||||||
"exampleResult": "https://yewtu.be/watch?v=MYRBI-X5nfhI",
|
"exampleResult": "https://inv.oikei.net/watch?v=MYRBI-X5nfhI",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://youtu.be/([\\w-]+)(\\?.*)?",
|
"includePattern": "https://youtu.be/([\\w-]+)(\\?.*)?",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "get video id from url",
|
"patternDesc": "get video id from url",
|
||||||
"redirectUrl": "https://yewtu.be/watch?v=$1",
|
"redirectUrl": "https://inv.oikei.net/watch?v=$1",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -39,12 +39,12 @@
|
||||||
{
|
{
|
||||||
"description": "youtube.com -> invidious",
|
"description": "youtube.com -> invidious",
|
||||||
"exampleUrl": "https://www.youtube.com/watch?v=jQ-KdWyzKfE",
|
"exampleUrl": "https://www.youtube.com/watch?v=jQ-KdWyzKfE",
|
||||||
"exampleResult": "https://yewtu.be/watch?v=jQ-KdWyzKfE",
|
"exampleResult": "https://inv.oikei.net/watch?v=jQ-KdWyzKfE",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://(?:www\\.)?youtube\\.com/watch\\?v=([\\w-]+)(&.*)?",
|
"includePattern": "https://(?:www\\.)?youtube\\.com/watch\\?v=([\\w-]+)(&.*)?",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "get video id from url",
|
"patternDesc": "get video id from url",
|
||||||
"redirectUrl": "https://yewtu.be/watch?v=$1",
|
"redirectUrl": "https://inv.oikei.net/watch?v=$1",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -56,12 +56,12 @@
|
||||||
{
|
{
|
||||||
"description": "youtube.com/shorts -> invidious",
|
"description": "youtube.com/shorts -> invidious",
|
||||||
"exampleUrl": "https://www.youtube.com/shorts/jQkhyLSqlLg",
|
"exampleUrl": "https://www.youtube.com/shorts/jQkhyLSqlLg",
|
||||||
"exampleResult": "https://yewtu.be/watch?v=jQkhyLSqlLg",
|
"exampleResult": "https://inv.oikei.net/watch?v=jQkhyLSqlLg",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://(?:www\\.)?youtube\\.com/shorts/([\\w-]+)(&.*)?",
|
"includePattern": "https://(?:www\\.)?youtube\\.com/shorts/([\\w-]+)(&.*)?",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "get video id from url",
|
"patternDesc": "get video id from url",
|
||||||
"redirectUrl": "https://yewtu.be/watch?v=$1",
|
"redirectUrl": "https://inv.oikei.net/watch?v=$1",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -73,12 +73,12 @@
|
||||||
{
|
{
|
||||||
"description": "youtube.com/live -> invidious",
|
"description": "youtube.com/live -> invidious",
|
||||||
"exampleUrl": "https://www.youtube.com/live/jQ-KdWyzKfE",
|
"exampleUrl": "https://www.youtube.com/live/jQ-KdWyzKfE",
|
||||||
"exampleResult": "https://yewtu.be/watch?v=jQ-KdWyzKfE",
|
"exampleResult": "https://inv.oikei.net/watch?v=jQ-KdWyzKfE",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://(?:www\\.)?youtube\\.com/live/([\\w-]+)(\\?.*)?",
|
"includePattern": "https://(?:www\\.)?youtube\\.com/live/([\\w-]+)(\\?.*)?",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "get video id from url",
|
"patternDesc": "get video id from url",
|
||||||
"redirectUrl": "https://yewtu.be/watch?v=$1",
|
"redirectUrl": "https://inv.oikei.net/watch?v=$1",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -90,12 +90,12 @@
|
||||||
{
|
{
|
||||||
"description": "youtube.com/channel -> invidious",
|
"description": "youtube.com/channel -> invidious",
|
||||||
"exampleUrl": "https://www.youtube.com/@KdWyzKfE",
|
"exampleUrl": "https://www.youtube.com/@KdWyzKfE",
|
||||||
"exampleResult": "https://yewtu.be/@KdWyzKfE",
|
"exampleResult": "https://inv.oikei.net/@KdWyzKfE",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://(?:www\\.)?youtube\\.com/(@[\\w-]+)(\\?.*)?",
|
"includePattern": "https://(?:www\\.)?youtube\\.com/(@[\\w-]+)(\\?.*)?",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "get channel name from url",
|
"patternDesc": "get channel name from url",
|
||||||
"redirectUrl": "https://yewtu.be/$1",
|
"redirectUrl": "https://inv.oikei.net/$1",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -107,12 +107,12 @@
|
||||||
{
|
{
|
||||||
"description": "indivious (old -> current)",
|
"description": "indivious (old -> current)",
|
||||||
"exampleUrl": "https://yt.cdaut.de/watch?v=jUnhS74uicE",
|
"exampleUrl": "https://yt.cdaut.de/watch?v=jUnhS74uicE",
|
||||||
"exampleResult": "https://yewtu.be/watch?v=jUnhS74uicE",
|
"exampleResult": "https://invidious.einfachzocken.eu/watch?v=jUnhS74uicE",
|
||||||
"error": null,
|
"error": null,
|
||||||
"includePattern": "https://(yt.cdaut.de|inv.oikei.net|invidious.einfachzocken.eu)/(.*)",
|
"includePattern": "https://(yt.cdaut.de|inv.oikei.net)/(.*)",
|
||||||
"excludePattern": "",
|
"excludePattern": "",
|
||||||
"patternDesc": "Redirect from old instances",
|
"patternDesc": "Redirect from old instances",
|
||||||
"redirectUrl": "https://yewtu.be/$2",
|
"redirectUrl": "https://invidious.einfachzocken.eu/$2",
|
||||||
"patternType": "R",
|
"patternType": "R",
|
||||||
"processMatches": "noProcessing",
|
"processMatches": "noProcessing",
|
||||||
"disabled": false,
|
"disabled": false,
|
||||||
|
@ -139,4 +139,4 @@
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
Binary file not shown.
|
@ -1,4 +1,4 @@
|
||||||
{ config, pkgs, lib, inputs, globalData, packagesPath, ... }:
|
{ config, pkgs, lib, inputs, globalData, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [./davmail.secret.nix];
|
imports = [./davmail.secret.nix];
|
||||||
|
@ -57,7 +57,6 @@
|
||||||
imports = [
|
imports = [
|
||||||
./email_accounts.secret.nix
|
./email_accounts.secret.nix
|
||||||
./calendars.secret.nix
|
./calendars.secret.nix
|
||||||
./ssh.secret.nix
|
|
||||||
./git
|
./git
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -95,20 +94,22 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
local.programs.file-managers.vifm.enable = lib.mkDefault true;
|
local.programs.file-managers.vifm.enable = lib.mkDefault true;
|
||||||
local.programs.file-managers.nnn = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.unstable.nnn;
|
|
||||||
};
|
|
||||||
|
|
||||||
local.programs.aerc.enable = lib.mkDefault true;
|
local.programs.aerc.enable = lib.mkDefault true;
|
||||||
|
|
||||||
|
local.programs.communication = {
|
||||||
|
telegram.enable = lib.mkDefault true;
|
||||||
|
matrix.enable = lib.mkDefault true;
|
||||||
|
simplex-chat.enable = lib.mkDefault (config.local.system.kernel != "hardened");
|
||||||
|
};
|
||||||
|
|
||||||
local.programs.dev-tools = {
|
local.programs.dev-tools = {
|
||||||
base.enable = lib.mkDefault true;
|
base.enable = lib.mkDefault true;
|
||||||
nix.enable = lib.mkDefault true;
|
nix.enable = lib.mkDefault true;
|
||||||
web.enable = lib.mkDefault true;
|
web.enable = lib.mkDefault true;
|
||||||
psql = {
|
psql = {
|
||||||
enable = lib.mkDefault true;
|
enable = lib.mkDefault true;
|
||||||
package = lib.mkDefault pkgs.postgresql_16;
|
package = lib.mkDefault pkgs.postgresql_14;
|
||||||
};
|
};
|
||||||
eza.enable = lib.mkDefault true;
|
eza.enable = lib.mkDefault true;
|
||||||
direnv.enable = lib.mkDefault true;
|
direnv.enable = lib.mkDefault true;
|
||||||
|
@ -119,8 +120,6 @@
|
||||||
|
|
||||||
local.programs.flameshot.enable = lib.mkDefault true;
|
local.programs.flameshot.enable = lib.mkDefault true;
|
||||||
|
|
||||||
local.programs.argos-translate.enable = lib.mkDefault true;
|
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Services
|
# Services
|
||||||
################################################################################
|
################################################################################
|
||||||
|
@ -156,11 +155,6 @@
|
||||||
# tools
|
# tools
|
||||||
procs
|
procs
|
||||||
bottom
|
bottom
|
||||||
jq
|
|
||||||
|
|
||||||
nodePackages.vscode-langservers-extracted # html, css, json, eslint
|
|
||||||
|
|
||||||
(pkgs.callPackage (packagesPath + /micro-agent) {})
|
|
||||||
];
|
];
|
||||||
|
|
||||||
home.file = {
|
home.file = {
|
||||||
|
|
Binary file not shown.
|
@ -25,7 +25,6 @@
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
init.defaultBranch = "main";
|
init.defaultBranch = "main";
|
||||||
pull.rebase = true;
|
pull.rebase = true;
|
||||||
advice.skippedCherryPicks = false;
|
|
||||||
};
|
};
|
||||||
aliases = {
|
aliases = {
|
||||||
co = "switch";
|
co = "switch";
|
||||||
|
@ -47,9 +46,7 @@
|
||||||
can = "commit --amend --no-edit";
|
can = "commit --amend --no-edit";
|
||||||
|
|
||||||
p = "push";
|
p = "push";
|
||||||
pt = "push --tags";
|
|
||||||
po = "push origin";
|
po = "push origin";
|
||||||
pot = "push origin --tags";
|
|
||||||
pf = "push --force-with-lease";
|
pf = "push --force-with-lease";
|
||||||
pfo = "push --force-with-lease origin";
|
pfo = "push --force-with-lease origin";
|
||||||
pl = "pull";
|
pl = "pull";
|
||||||
|
@ -73,14 +70,8 @@
|
||||||
|
|
||||||
re = "restore";
|
re = "restore";
|
||||||
res = "restore --staged";
|
res = "restore --staged";
|
||||||
resw = "restore --staged --worktree";
|
|
||||||
|
|
||||||
rls = "ls-remote --heads";
|
|
||||||
rlso = "ls-remote --heads origin";
|
|
||||||
rlsu = "ls-remote --heads upstream";
|
|
||||||
|
|
||||||
lo = "log --pretty=oneline";
|
lo = "log --pretty=oneline";
|
||||||
los = "log --pretty='format:%s'";
|
|
||||||
|
|
||||||
sma = "submodule add";
|
sma = "submodule add";
|
||||||
smui = "submodule update --init";
|
smui = "submodule update --init";
|
||||||
|
@ -92,9 +83,6 @@
|
||||||
sai = "stash apply --index";
|
sai = "stash apply --index";
|
||||||
sp = "stash pop";
|
sp = "stash pop";
|
||||||
spi = "stash pop --index";
|
spi = "stash pop --index";
|
||||||
|
|
||||||
t = "tag";
|
|
||||||
tf = "tag --force";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue