diff --git a/.gitignore b/.gitignore index 55f30a3..b2be92b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -secrets/ -modules/services/matrix/default.nix result diff --git a/.sops.yaml b/.sops.yaml new file mode 100644 index 0000000..b08f268 --- /dev/null +++ b/.sops.yaml @@ -0,0 +1,19 @@ +keys: + - &sakura age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w + - &violet age1zegau3chyn53tqvkwud6tuyggpkazc88pdkqv8cknavaudu49enqm2f0h3 + - &dandelion age1dpzajxcx7dcumda55qc3hncxqd43a7k85t2cdwtcvy5qsgp6k5tsugxqmd +creation_rules: + - path_regex: secrets/sakura/secrets.yaml + key_groups: + - age: + - *sakura + - path_regex: secrets/violet/secrets.yaml + key_groups: + - age: + - *sakura + - *violet + - path_regex: secrets/dandelion/secrets.yaml + key_groups: + - age: + - *sakura + - *dandelion diff --git a/README.md b/README.md index c42c555..78be231 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,7 @@ - [variables.nix](variables.nix): base variables useful for all hosts - [hosts](hosts): per-host configurations that contain host specific settings - [yoshino](hosts/yoshino/): Desktop (yoshino) specific configuration + - [iris](hosts/iris/): Desktop (iris) specific configuration - [sakura](hosts/sakura/): Laptop (sakura) specific configuration - [ichiyo](hosts/ichiyo/): Laptop (ichiyo) specific configuration - [violet](hosts/violet/): Server (violet) specific configuration @@ -161,6 +162,7 @@ toggle_oppacity.sh Other dotfiles that I learned / copy from: - [Frost-Phoenix/nixos-config](https://github.com/Frost-Phoenix/nixos-config): This is the repository that I cloned and changed to my needs. Their credits are in their repository's readme. +- [IvarWithoutBones/dotfiles](https://github.com/IvarWithoutBones/dotfiles) - [notthebee/nix-config](https://github.com/notthebee/nix-config) - [mrusme/dotfiles](https://github.com/mrusme/dotfiles) diff --git a/flake.lock b/flake.lock index 0ce872c..bf17cbe 100644 --- a/flake.lock +++ b/flake.lock @@ -1,52 +1,10 @@ { "nodes": { - "Hyprspace": { - "inputs": { - "hyprland": [ - "hyprland" - ], - "systems": "systems" - }, - "locked": { - "lastModified": 1751272032, - "narHash": "sha256-493llKN7yyLkKlz8uYVAyvXH261IpDzuVA+TnewFIAg=", - "owner": "KZDKM", - "repo": "Hyprspace", - "rev": "847a770436e1ecebdbe5ed006a93db7666937ff2", - "type": "github" - }, - "original": { - "owner": "KZDKM", - "repo": "Hyprspace", - "type": "github" - } - }, - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager", - "nixpkgs": "nixpkgs", - "systems": "systems_2" - }, - "locked": { - "lastModified": 1750173260, - "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", - "owner": "ryantm", - "repo": "agenix", - "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, "alejandra": { "inputs": { "fenix": "fenix", "flakeCompat": "flakeCompat", - "nixpkgs": "nixpkgs_2" + "nixpkgs": "nixpkgs" }, "locked": { "lastModified": 1660592437, @@ -83,11 +41,11 @@ ] }, "locked": { - "lastModified": 1751740947, - "narHash": "sha256-35040CHH7P3JGmhGVfEb2oJHL/A5mI2IXumhkxrBnao=", + "lastModified": 1753216019, + "narHash": "sha256-zik7WISrR1ks2l6T1MZqZHb/OqroHdJnSnAehkE0kCk=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "dfc1db15a08c4cd234288f66e1199c653495301f", + "rev": "be166e11d86ba4186db93e10c54a141058bdce49", "type": "github" }, "original": { @@ -96,43 +54,22 @@ "type": "github" } }, - "catppuccin": { + "disko": { "inputs": { - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1751880463, - "narHash": "sha256-aSQllMKqsTYAUp4yhpspZn0Hj5yIj7Mh4UD5iyk5iMM=", - "owner": "catppuccin", - "repo": "nix", - "rev": "9474347c69e93e392f194dda7a57c641ba4b998e", + "lastModified": 1746728054, + "narHash": "sha256-eDoSOhxGEm2PykZFa/x9QG5eTH0MJdiJ9aR00VAofXE=", + "owner": "nix-community", + "repo": "disko", + "rev": "ff442f5d1425feb86344c028298548024f21256d", "type": "github" }, "original": { - "owner": "catppuccin", - "repo": "nix", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1744478979, - "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "43975d782b418ebf4969e9ccba82466728c2851b", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", + "owner": "nix-community", + "ref": "latest", + "repo": "disko", "type": "github" } }, @@ -161,11 +98,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", "type": "github" }, "original": { @@ -178,24 +115,6 @@ "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, - "locked": { - "lastModified": 1751413152, - "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_2" - }, "locked": { "lastModified": 1741352980, "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", @@ -210,7 +129,7 @@ "type": "github" } }, - "flake-parts_3": { + "flake-parts_2": { "inputs": { "nixpkgs-lib": [ "nixvim", @@ -232,7 +151,7 @@ "type": "github" } }, - "flake-parts_4": { + "flake-parts_3": { "inputs": { "nixpkgs-lib": [ "nur", @@ -255,7 +174,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems_6" + "systems": "systems_4" }, "locked": { "lastModified": 1731533236, @@ -312,36 +231,15 @@ "home-manager": { "inputs": { "nixpkgs": [ - "agenix", "nixpkgs" ] }, "locked": { - "lastModified": 1745494811, - "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", + "lastModified": 1755397986, + "narHash": "sha256-qwrF5laj6eE3Zht0wKYTmH6QzL7bdOyE2f6jd3WCO8g=", "owner": "nix-community", "repo": "home-manager", - "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1751990210, - "narHash": "sha256-krWErNDl9ggMLSfK00Q2BcoSk3+IRTSON/DiDgUzzMw=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "218da00bfa73f2a61682417efe74549416c16ba6", + "rev": "8b4ac149687e8520187a66f05e9d4eafebf96522", "type": "github" }, "original": { @@ -352,14 +250,14 @@ }, "hypr-contrib": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1751715349, - "narHash": "sha256-cP76ijtfGTFTpWFfmyFHA2MpDlIyKpWwW82kqQSQ6s0=", + "lastModified": 1753252360, + "narHash": "sha256-PFAJoEqQWMlo1J+yZb+4HixmhbRVmmNl58e/AkLYDDI=", "owner": "hyprwm", "repo": "contrib", - "rev": "dafa5d09b413d08a55a81f6f8e85775d717bacda", + "rev": "6839b23345b71db17cd408373de4f5605bf589b8", "type": "github" }, "original": { @@ -384,11 +282,11 @@ ] }, "locked": { - "lastModified": 1749155331, - "narHash": "sha256-XR9fsI0zwLiFWfqi/pdS/VD+YNorKb3XIykgTg4l1nA=", + "lastModified": 1753964049, + "narHash": "sha256-lIqabfBY7z/OANxHoPeIrDJrFyYy9jAM4GQLzZ2feCM=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "45fcc10b4c282746d93ec406a740c43b48b4ef80", + "rev": "44e91d467bdad8dcf8bbd2ac7cf49972540980a5", "type": "github" }, "original": { @@ -413,11 +311,11 @@ ] }, "locked": { - "lastModified": 1751808145, - "narHash": "sha256-OXgL0XaKMmfX2rRQkt9SkJw+QNfv0jExlySt1D6O72g=", + "lastModified": 1754305013, + "narHash": "sha256-u+M2f0Xf1lVHzIPQ7DsNCDkM1NYxykOSsRr4t3TbSM4=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "b841473a0bd4a1a74a0b64f1ec2ab199035c349f", + "rev": "4c1d63a0f22135db123fc789f174b89544c6ec2d", "type": "github" }, "original": { @@ -440,15 +338,15 @@ "nixpkgs" ], "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems_3", + "systems": "systems", "xdph": "xdph" }, "locked": { - "lastModified": 1751995875, - "narHash": "sha256-oGufLuYzFSdLP6fUSLsIm2m4QscfTPbRT1fzQTdkw4M=", + "lastModified": 1755416233, + "narHash": "sha256-tydnBQmV8pPHPlvq7sTEOEhkjXnYaeJtMN+77Rf/1NU=", "ref": "refs/heads/main", - "rev": "9517d0eaa4ef93de67dc80fecca7a826f7ad556d", - "revCount": 6256, + "rev": "251288ec5942b3544ad31de1299569284d80f0d7", + "revCount": 6370, "submodules": true, "type": "git", "url": "https://github.com/hyprwm/Hyprland" @@ -564,11 +462,11 @@ ] }, "locked": { - "lastModified": 1750371812, - "narHash": "sha256-D868K1dVEACw17elVxRgXC6hOxY+54wIEjURztDWLk8=", + "lastModified": 1753819801, + "narHash": "sha256-tHe6XeNeVeKapkNM3tcjW4RuD+tB2iwwoogWJOtsqTI=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "b13c7481e37856f322177010bdf75fccacd1adc8", + "rev": "b308a818b9dcaa7ab8ccab891c1b84ebde2152bc", "type": "github" }, "original": { @@ -592,6 +490,35 @@ "systems" ] }, + "locked": { + "lastModified": 1753622892, + "narHash": "sha256-0K+A+gmOI8IklSg5It1nyRNv0kCNL51duwnhUO/B8JA=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "23f0debd2003f17bd65f851cd3f930cff8a8c809", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprlang_2": { + "inputs": { + "hyprutils": [ + "hyprsunset", + "hyprutils" + ], + "nixpkgs": [ + "hyprsunset", + "nixpkgs" + ], + "systems": [ + "hyprsunset", + "systems" + ] + }, "locked": { "lastModified": 1750371198, "narHash": "sha256-/iuJ1paQOBoSLqHflRNNGyroqfF/yvPNurxzcCT0cAE=", @@ -610,8 +537,8 @@ "inputs": { "hyprutils": "hyprutils_2", "hyprwayland-scanner": "hyprwayland-scanner_2", - "nixpkgs": "nixpkgs_5", - "systems": "systems_4" + "nixpkgs": "nixpkgs_4", + "systems": "systems_2" }, "locked": { "lastModified": 1750371999, @@ -630,17 +557,18 @@ "hyprsunset": { "inputs": { "hyprland-protocols": "hyprland-protocols_2", + "hyprlang": "hyprlang_2", "hyprutils": "hyprutils_3", "hyprwayland-scanner": "hyprwayland-scanner_3", - "nixpkgs": "nixpkgs_6", - "systems": "systems_5" + "nixpkgs": "nixpkgs_5", + "systems": "systems_3" }, "locked": { - "lastModified": 1751567624, - "narHash": "sha256-tUVODSZhvafXmuN+5SwZpNWV+2cvhSd+5IJ5TXu3YgI=", + "lastModified": 1755112136, + "narHash": "sha256-eYLtZJayWWbKBC3u/gvDSqVyffuD+egryr7zPWRAeyY=", "owner": "hyprwm", "repo": "hyprsunset", - "rev": "4b2f0f9f46a6552930eecb979d18ac48d7079312", + "rev": "1f9afca28fac5f490e5f232e6f1887a69ff34896", "type": "github" }, "original": { @@ -661,11 +589,11 @@ ] }, "locked": { - "lastModified": 1751888065, - "narHash": "sha256-F2SV9WGqgtRsXIdUrl3sRe0wXlQD+kRRZcSfbepjPJY=", + "lastModified": 1754481650, + "narHash": "sha256-6u6HdEFJh5gY6VfyMQbhP7zDdVcqOrCDTkbiHJmAtMI=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "a8229739cf36d159001cfc203871917b83fdf917", + "rev": "df6b8820c4a0835d83d0c7c7be86fbc555f1f7fd", "type": "github" }, "original": { @@ -736,11 +664,11 @@ ] }, "locked": { - "lastModified": 1751881472, - "narHash": "sha256-meB0SnXbwIe2trD041MLKEv6R7NZ759QwBcVIhlSBfE=", + "lastModified": 1751897909, + "narHash": "sha256-FnhBENxihITZldThvbO7883PdXC/2dzW4eiNvtoV5Ao=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "8fb426b3e5452fd9169453fd6c10f8c14ca37120", + "rev": "fcca0c61f988a9d092cbb33e906775014c61579d", "type": "github" }, "original": { @@ -829,32 +757,13 @@ "type": "github" } }, - "nix-gaming": { - "inputs": { - "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_7" - }, - "locked": { - "lastModified": 1752026525, - "narHash": "sha256-uCkk6qnQFNKJh0wwpeN/B/S27834c0DpBSK/Frovvyo=", - "owner": "fufexan", - "repo": "nix-gaming", - "rev": "9d902f4f96cba7226f242045a5605b1ffcf18cd4", - "type": "github" - }, - "original": { - "owner": "fufexan", - "repo": "nix-gaming", - "type": "github" - } - }, "nixos-hardware": { "locked": { - "lastModified": 1751432711, - "narHash": "sha256-136MeWtckSHTN9Z2WRNRdZ8oRP3vyx3L8UxeBYE+J9w=", + "lastModified": 1755330281, + "narHash": "sha256-aJHFJWP9AuI8jUGzI77LYcSlkA9wJnOIg4ZqftwNGXA=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "497ae1357f1ac97f1aea31a4cb74ad0d534ef41f", + "rev": "3dac8a872557e0ca8c083cdcfc2f218d18e113b0", "type": "github" }, "original": { @@ -865,36 +774,21 @@ }, "nixpkgs": { "locked": { - "lastModified": 1745391562, - "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", - "owner": "NixOS", + "lastModified": 1657425264, + "narHash": "sha256-3aHvoI2e8vJKw3hvnHECaBpSsL5mxVsVtaLCnTdNcH8=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", + "rev": "de5b3dd17034e6106e75746e81618e5bd408de8a", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", + "owner": "nixos", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-lib": { - "locked": { - "lastModified": 1751159883, - "narHash": "sha256-urW/Ylk9FIfvXfliA1ywh75yszAbiTEVgpPeinFyVZo=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "14a40a1d7fb9afa4739275ac642ed7301a9ba1ab", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixpkgs-lib_2": { "locked": { "lastModified": 1740877520, "narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=", @@ -911,11 +805,11 @@ }, "nixpkgs_10": { "locked": { - "lastModified": 1742800061, - "narHash": "sha256-oDJGK1UMArK52vcW9S5S2apeec4rbfNELgc50LqiPNs=", + "lastModified": 1744868846, + "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1750f3c1c89488e2ffdd47cab9d05454dddfb734", + "rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c", "type": "github" }, "original": { @@ -925,45 +819,29 @@ "type": "github" } }, - "nixpkgs_11": { - "locked": { - "lastModified": 1751792365, - "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { "locked": { - "lastModified": 1657425264, - "narHash": "sha256-3aHvoI2e8vJKw3hvnHECaBpSsL5mxVsVtaLCnTdNcH8=", - "owner": "nixos", + "lastModified": 1746576598, + "narHash": "sha256-FshoQvr6Aor5SnORVvh/ZdJ1Sa2U4ZrIMwKBX5k2wu0=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "de5b3dd17034e6106e75746e81618e5bd408de8a", + "rev": "b3582c75c7f21ce0b429898980eddbbf05c68e55", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1750776420, - "narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=", + "lastModified": 1712163089, + "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf", + "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", "type": "github" }, "original": { @@ -975,11 +853,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1712163089, - "narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=", + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fd281bd6b7d3e32ddfa399853946f782553163b5", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", "type": "github" }, "original": { @@ -1007,11 +885,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1748929857, - "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", + "lastModified": 1755186698, + "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", + "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", "type": "github" }, "original": { @@ -1022,38 +900,6 @@ } }, "nixpkgs_7": { - "locked": { - "lastModified": 1751625545, - "narHash": "sha256-4E7wWftF1ExK5ZEDzj41+9mVgxtuRV3wWCId7QAYMAU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "c860cf0b3a0829f0f6cf344ca8de83a2bbfab428", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_8": { - "locked": { - "lastModified": 1751792365, - "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_9": { "locked": { "lastModified": 1743315132, "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", @@ -1069,18 +915,50 @@ "type": "github" } }, + "nixpkgs_8": { + "locked": { + "lastModified": 1742800061, + "narHash": "sha256-oDJGK1UMArK52vcW9S5S2apeec4rbfNELgc50LqiPNs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1750f3c1c89488e2ffdd47cab9d05454dddfb734", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1755186698, + "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { - "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_9", + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs_7", "nixvim": "nixvim_2" }, "locked": { - "lastModified": 1749898168, - "narHash": "sha256-aOUvfBcLdrNzI1BL+jhPh0y0cFkgjne2tstDb8k1vI0=", + "lastModified": 1755007783, + "narHash": "sha256-mxKUvsLy6Nf8Td8jQ0Q7q+A+FcTuYMyp/qmnnCRK1QE=", "owner": "ahwxorg", "repo": "nixvim-config", - "rev": "546d385ec71b0ed34abc3f32100e3d0792c349c8", + "rev": "d4b1e0a37718bd4b704c5c055151135094d911eb", "type": "github" }, "original": { @@ -1091,8 +969,8 @@ }, "nixvim_2": { "inputs": { - "flake-parts": "flake-parts_3", - "nixpkgs": "nixpkgs_10", + "flake-parts": "flake-parts_2", + "nixpkgs": "nixpkgs_8", "nuschtosSearch": "nuschtosSearch" }, "locked": { @@ -1111,15 +989,15 @@ }, "nur": { "inputs": { - "flake-parts": "flake-parts_4", - "nixpkgs": "nixpkgs_11" + "flake-parts": "flake-parts_3", + "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1752047019, - "narHash": "sha256-cquBxPthNijnDaoX6Pj5V0jQ5BhoqJOJ/DdGzeJ0xyg=", + "lastModified": 1755435577, + "narHash": "sha256-Rgcfyl8sWF+Uxe2HM51kJ72aNtaoy/UPiblwGTZHANU=", "owner": "nix-community", "repo": "NUR", - "rev": "64185b1642f23c6340e3ebd52eabccfadfb78cfb", + "rev": "199390e7082f9307578531d389cccd9f37412156", "type": "github" }, "original": { @@ -1162,11 +1040,11 @@ ] }, "locked": { - "lastModified": 1750779888, - "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", + "lastModified": 1754416808, + "narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", + "rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864", "type": "github" }, "original": { @@ -1177,20 +1055,18 @@ }, "root": { "inputs": { - "Hyprspace": "Hyprspace", - "agenix": "agenix", "alejandra": "alejandra", - "catppuccin": "catppuccin", - "home-manager": "home-manager_2", + "disko": "disko", + "home-manager": "home-manager", "hypr-contrib": "hypr-contrib", "hyprland": "hyprland", "hyprpicker": "hyprpicker", "hyprsunset": "hyprsunset", - "nix-gaming": "nix-gaming", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_8", + "nixpkgs": "nixpkgs_6", "nixvim": "nixvim", - "nur": "nur" + "nur": "nur", + "sops-nix": "sops-nix" } }, "rust-analyzer-src": { @@ -1210,6 +1086,24 @@ "type": "github" } }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_10" + }, + "locked": { + "lastModified": 1754988908, + "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1689347949, @@ -1227,16 +1121,16 @@ }, "systems_2": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -1256,36 +1150,6 @@ } }, "systems_4": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_5": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_6": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -1328,11 +1192,11 @@ ] }, "locked": { - "lastModified": 1751300244, - "narHash": "sha256-PFuv1TZVYvQhha0ac53E3YgdtmLShrN0t4T6xqHl0jE=", + "lastModified": 1753633878, + "narHash": "sha256-js2sLRtsOUA/aT10OCDaTjO80yplqwOIaLUqEe0nMx0=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "6115f3fdcb2c1a57b4a80a69f3c797e47607b90a", + "rev": "371b96bd11ad2006ed4f21229dbd1be69bed3e8a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 5371b3e..74cece5 100644 --- a/flake.nix +++ b/flake.nix @@ -2,38 +2,28 @@ description = "liv's NixOS configuration"; inputs = { - agenix.url = "github:ryantm/agenix"; alejandra.url = "github:kamadorueda/alejandra/3.0.0"; - catppuccin.url = "github:catppuccin/nix"; - home-manager = { - url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - hyprland = { - url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + home-manager.url = "github:nix-community/home-manager"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; + hyprland.inputs.nixpkgs.follows = "nixpkgs"; hypr-contrib.url = "github:hyprwm/contrib"; hyprpicker.url = "github:hyprwm/hyprpicker"; hyprsunset.url = "github:hyprwm/hyprsunset"; - Hyprspace = { - url = "github:KZDKM/Hyprspace"; - inputs.hyprland.follows = "hyprland"; # Hyprspace uses latest Hyprland. We declare this to keep them in sync. - }; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nur.url = "github:nix-community/NUR"; nixos-hardware.url = "github:nixos/nixos-hardware"; nixvim.url = "github:ahwxorg/nixvim-config"; - nix-gaming.url = "github:fufexan/nix-gaming"; + sops-nix.url = "github:Mic92/sops-nix"; + disko.url = "github:nix-community/disko/latest"; }; outputs = { self, nixpkgs, - catppuccin, - agenix, + sops-nix, + disko, ... }@inputs: let @@ -48,21 +38,10 @@ { overlays.default = overlays.addition; nixosConfigurations = { - desktop = nixpkgs.lib.nixosSystem { - inherit system; - modules = [ - (import ./hosts/desktop) - ]; - specialArgs = { - host = "desktop"; - inherit self inputs username; - }; - }; sakura = nixpkgs.lib.nixosSystem { inherit system; modules = [ (import ./hosts/sakura) - agenix.nixosModules.default ]; specialArgs = { host = "sakura"; @@ -73,7 +52,6 @@ inherit system; modules = [ (import ./hosts/yoshino) - agenix.nixosModules.default ]; specialArgs = { host = "yoshino"; @@ -84,7 +62,6 @@ inherit system; modules = [ (import ./hosts/ichiyo) - agenix.nixosModules.default ]; specialArgs = { host = "ichiyo"; @@ -95,7 +72,6 @@ inherit system; modules = [ (import ./hosts/violet) - agenix.nixosModules.default ]; specialArgs = { host = "violet"; @@ -106,7 +82,6 @@ inherit system; modules = [ (import ./hosts/dandelion) - agenix.nixosModules.default ]; specialArgs = { host = "dandelion"; @@ -117,21 +92,59 @@ inherit system; modules = [ (import ./hosts/lily) - agenix.nixosModules.default ]; specialArgs = { host = "lily"; inherit self inputs username; }; }; - - vm = nixpkgs.lib.nixosSystem { + zinnia = nixpkgs.lib.nixosSystem { inherit system; modules = [ - (import ./hosts/vm) + (import ./hosts/zinnia) ]; specialArgs = { - host = "vm"; + host = "zinnia"; + inherit self inputs username; + }; + }; + posy = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + (import ./hosts/posy) + ]; + specialArgs = { + host = "posy"; + inherit self inputs username; + }; + }; + hazel = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + (import ./hosts/hazel) + ]; + specialArgs = { + host = "hazel"; + inherit self inputs username; + }; + }; + daisy = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + (import ./hosts/daisy) + ]; + specialArgs = { + host = "daisy"; + inherit self inputs username; + }; + }; + iris = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + (import ./hosts/iris) + ]; + specialArgs = { + host = "iris"; inherit self inputs username; }; }; diff --git a/hosts/daisy/default.nix b/hosts/daisy/default.nix new file mode 100644 index 0000000..f511347 --- /dev/null +++ b/hosts/daisy/default.nix @@ -0,0 +1,48 @@ +{ + pkgs, + config, + lib, + ... +}: +{ + imports = [ + ./hardware-configuration.nix + ./../../modules/core/default.server.nix + # ./../../modules/services/violet.nix + ]; + + networking = { + hostName = "daisy"; + networkmanager.enable = true; + firewall = { + allowedTCPPorts = [ + # 80 + # 443 + # 25565 + 9123 + ]; + }; + }; + + time.timeZone = "Europe/Amsterdam"; + + environment.systemPackages = with pkgs; [ + pkgs.kitty.terminfo + ]; + + boot = { + loader.grub = { + enable = true; + device = "/dev/sdb"; + useOSProber = true; + }; + kernelModules = [ "acpi_call" ]; + extraModulePackages = + with config.boot.kernelPackages; + [ + acpi_call + cpupower + ] + ++ [ pkgs.cpupower-gui ]; + }; +} diff --git a/hosts/desktop/hardware-configuration.nix b/hosts/daisy/hardware-configuration.nix similarity index 66% rename from hosts/desktop/hardware-configuration.nix rename to hosts/daisy/hardware-configuration.nix index 3cf9604..4508655 100644 --- a/hosts/desktop/hardware-configuration.nix +++ b/hosts/daisy/hardware-configuration.nix @@ -8,23 +8,18 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "uhci_hcd" "hpsa" "mpt3sas" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/6b518d54-a144-42fe-b500-b6651038bbcc"; + { device = "/dev/disk/by-uuid/02aaca49-be45-42ad-ba44-6f5dbfe9032e"; fsType = "ext4"; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/D1A5-9B92"; - fsType = "vfat"; - }; - swapDevices = - [ { device = "/dev/disk/by-uuid/2d69abc2-3d44-481b-ada8-b436c2b9c8c2"; } + [ { device = "/dev/disk/by-uuid/40aff86f-c371-4f7f-ab62-5665c4f1c071"; } ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking @@ -32,10 +27,11 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.eno2.useDHCP = lib.mkDefault true; + # networking.interfaces.eno3.useDHCP = lib.mkDefault true; + # networking.interfaces.eno4.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix index 313dbc2..7349609 100644 --- a/hosts/dandelion/default.nix +++ b/hosts/dandelion/default.nix @@ -14,10 +14,9 @@ users.users.liv.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLdcB5JFWx6OK2BAr8J0wPHNhr2VP2/Ci6fv3a+DPfo liv@violet" # allow violet to log in over ssh to do back ups + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDi8gt51xGRzLSqaNr1LKSdrJ0VHps8U8FME71YCrs6K liv@posy" # allow posy to log in over ssh to mount music folder ]; - networking.hostName = "dandelion"; - liv.server.enable = true; nixpkgs.config.permittedInsecurePackages = [ @@ -27,8 +26,34 @@ time.timeZone = "Europe/Amsterdam"; + networking = { + hostName = "dandelion"; + firewall = { + allowedTCPPorts = [ + 5201 + ]; + allowedUDPPorts = [ + 5201 + ]; + interfaces."ens4s1".allowedTCPPorts = [ + # allow everything for local link + { + from = 1; + to = 65354; + } + ]; + interfaces."ens4s1".allowedUDPPorts = [ + # allow everything for local link + { + from = 1; + to = 65354; + } + ]; + }; + }; + systemd.network.networks."99-local" = { - matchConfig.name = "ens3s1"; + matchConfig.name = "ens4s1"; address = [ "192.168.1.100/24" ]; @@ -60,10 +85,22 @@ trim.enable = true; }; - # boot.zfs.extraPools = [ "terrabite" ]; + boot.zfs.extraPools = [ + "spinners" + ]; - # fileSystems."/terrabite/main" = { - # device = "terrabite/main"; - # fsType = "zfs"; + # fileSystems = { + # "/spinners/rootvol" = { + # device = "spinners/rootvol"; + # fsType = "zfs"; + # }; + # "/spinners/ahwx" = { + # device = "spinners/ahwx"; + # fsType = "zfs"; + # }; + # "/spinners/violet" = { + # device = "spinners/violet"; + # fsType = "zfs"; + # }; # }; } diff --git a/hosts/desktop/default.nix b/hosts/desktop/default.nix deleted file mode 100644 index 555e686..0000000 --- a/hosts/desktop/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - imports = [ - ./hardware-configuration.nix - ./../../modules/core - ]; - - nixpkgs.config.permittedInsecurePackages = [ - "jitsi-meet-1.0.8043" - "olm-3.2.16" - ]; - - liv.desktop.enable = true; - liv.gui.enable = true; -} diff --git a/hosts/hazel/default.nix b/hosts/hazel/default.nix new file mode 100644 index 0000000..ddf9849 --- /dev/null +++ b/hosts/hazel/default.nix @@ -0,0 +1,49 @@ +{ + pkgs, + config, + lib, + inputs, + ... +}: +{ + imports = [ + ./hardware-configuration.nix + ./disko.nix + ./../../modules/core/default.server.nix + # ./../../modules/services/hazel.nix + ]; + + networking.hostName = "hazel"; + + nixpkgs.config.permittedInsecurePackages = [ + "jitsi-meet-1.0.8043" + "olm-3.2.16" + ]; + + time.timeZone = lib.mkForce "Europe/Paris"; + + environment.systemPackages = with pkgs; [ + kitty.terminfo + ]; + + services = { + smartd = { + enable = true; + autodetect = true; + }; + }; + + networking.firewall = { + allowedTCPPorts = [ + 9123 + ]; + }; + + #boot = { + # loader.grub = { + # enable = true; + # device = "/dev/sda"; + # useOSProber = true; + # }; + #}; +} diff --git a/hosts/hazel/disko.nix b/hosts/hazel/disko.nix new file mode 100644 index 0000000..c95d152 --- /dev/null +++ b/hosts/hazel/disko.nix @@ -0,0 +1,32 @@ +{ inputs, ... }: +{ + imports = [ + inputs.disko.nixosModules.disko + ]; + disko.devices = { + disk = { + sda = { + device = "/dev/sda"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; + priority = 1; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/hazel/hardware-configuration.nix b/hosts/hazel/hardware-configuration.nix new file mode 100644 index 0000000..a1d5101 --- /dev/null +++ b/hosts/hazel/hardware-configuration.nix @@ -0,0 +1,45 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "ehci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # fileSystems."/" = { + # device = "/dev/disk/by-uuid/864dfbec-81f0-460f-b970-27693a0ad0e6"; + # fsType = "ext4"; + # }; + + # fileSystems."/boot" = { + # device = "/dev/disk/by-uuid/E141-F5CE"; + # fsType = "vfat"; + # options = [ + # "fmask=0077" + # "dmask=0077" + # ]; + # }; + + # swapDevices = [ ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/ichiyo/default.nix b/hosts/ichiyo/default.nix index 828d841..a056d37 100644 --- a/hosts/ichiyo/default.nix +++ b/hosts/ichiyo/default.nix @@ -12,9 +12,6 @@ ./../../modules/services/tailscale.nix ]; - # Enable fancy boot animations - boot.plymouth.enable = true; - powerManagement = { enable = true; # powertop.enable = true; diff --git a/hosts/iris/default.nix b/hosts/iris/default.nix new file mode 100644 index 0000000..bc47be4 --- /dev/null +++ b/hosts/iris/default.nix @@ -0,0 +1,68 @@ +{ + inputs, + pkgs, + config, + lib, + ... +}: +{ + imports = [ + ./hardware-configuration.nix + ./../../modules/core + # ./../../modules/home/nfs.nix + ./../../modules/core/virtualization.nix + ./../../modules/services/tailscale.nix + ./../../modules/services/mpd.nix + ]; + + powerManagement = { + enable = true; + # powertop.enable = true; + cpuFreqGovernor = lib.mkDefault "performance"; + }; + + networking = { + hostName = "iris"; + networkmanager.enable = true; + }; + + systemd.network.networks."99-local" = { + matchConfig.name = "enp68s0"; + address = [ + "192.168.1.100/24" + ]; + routes = [ + { + Gateway = "172.16.10.1"; + GatewayOnLink = false; + } + ]; + }; + + liv = { + desktop.enable = true; + creative.enable = true; + amdgpu.enable = true; + wine.enable = false; # use VM for this + gui.enable = true; + }; + + boot = { + kernelParams = [ ]; + kernelModules = [ "acpi_call" ]; + kernelPackages = pkgs.linuxPackages_latest; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + systemd-boot.configurationLimit = 10; + }; + extraModulePackages = + with config.boot.kernelPackages; + [ + acpi_call + cpupower + v4l2loopback + ] + ++ [ pkgs.cpupower-gui ]; + }; +} diff --git a/hosts/vm/hardware-configuration.nix b/hosts/iris/hardware-configuration.nix similarity index 50% rename from hosts/vm/hardware-configuration.nix rename to hosts/iris/hardware-configuration.nix index 7cd128a..81f813e 100644 --- a/hosts/vm/hardware-configuration.nix +++ b/hosts/iris/hardware-configuration.nix @@ -5,19 +5,27 @@ { imports = - [ (modulesPath + "/profiles/qemu-guest.nix") + [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/631775ef-6851-4fe7-997f-189372f87437"; + { device = "/dev/disk/by-uuid/6609be3d-2dda-4961-9247-6463349f196c"; fsType = "ext4"; }; + boot.initrd.luks.devices."luks-e8a36fde-6d6f-4650-b0dc-3152ef561c99".device = "/dev/disk/by-uuid/e8a36fde-6d6f-4650-b0dc-3152ef561c99"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/1793-F35D"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking @@ -25,7 +33,11 @@ # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.ens4f0.useDHCP = lib.mkDefault true; + # networking.interfaces.ens4f1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/posy/default.nix b/hosts/posy/default.nix new file mode 100644 index 0000000..e51f387 --- /dev/null +++ b/hosts/posy/default.nix @@ -0,0 +1,41 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ + ./../../modules/core/default.server.nix + ./../../modules/services/mpd.nix + ]; + + networking.hostName = "posy"; + + time.timeZone = "Europe/Amsterdam"; + + environment.systemPackages = with pkgs; [ + pkgs.kitty.terminfo + ]; + + boot = { + kernelPackages = pkgs.linuxKernel.packages.linux_rpi4; + initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ]; + loader = { + grub.enable = false; + generic-extlinux-compatible.enable = true; + }; + }; + + services = { + smartd = { + enable = lib.mkForce false; + autodetect = lib.mkForce false; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + }; + + hardware.enableRedistributableFirmware = true; +} diff --git a/hosts/sakura/default.nix b/hosts/sakura/default.nix index 99124c4..f901a81 100644 --- a/hosts/sakura/default.nix +++ b/hosts/sakura/default.nix @@ -12,6 +12,7 @@ ./../../modules/core/virtualization.nix ./../../modules/services/tailscale.nix ./../../modules/services/mpd.nix + ./../../modules/services/smart-monitoring.nix inputs.nixos-hardware.nixosModules.framework-13-7040-amd ]; @@ -45,13 +46,17 @@ # Disable light sensors and accelerometers as they are not used and consume extra battery hardware.sensor.iio.enable = lib.mkForce false; - networking.hostName = "sakura"; + networking = { + hostName = "sakura"; + # networkmanager.ethernet.macAddress = "13:37:6a:8a:ed:a4"; + }; powerManagement = { enable = true; # powertop.enable = true; cpuFreqGovernor = lib.mkDefault "ondemand"; }; + # change battery led to blue on suspend to indicate device is in suspend mode systemd.services."suspend-led-set" = { description = "blue led for sleep"; @@ -71,8 +76,11 @@ ${pkgs.fw-ectool}/bin/ectool led battery auto ''; }; + systemd.sleep.extraConfig = '' + HibernateDelaySec=30m + ''; + services.logind.lidSwitch = "suspend"; boot = { - plymouth.enable = true; kernelParams = [ "mem_sleep_default=deep" "acpi_osi=\"!Windows 2020\"" # otherwise GPU does weird shit that makes the computer look like the RAM is broken @@ -89,7 +97,11 @@ [ acpi_call cpupower + v4l2loopback ] ++ [ pkgs.cpupower-gui ]; + extraModprobeConfig = '' + options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1 + ''; }; } diff --git a/hosts/violet/default.nix b/hosts/violet/default.nix index 8aa285d..b9e9a0c 100644 --- a/hosts/violet/default.nix +++ b/hosts/violet/default.nix @@ -22,7 +22,8 @@ time.timeZone = "Europe/Amsterdam"; environment.systemPackages = with pkgs; [ - pkgs.kitty.terminfo + kitty.terminfo + cifs-utils ]; services = { @@ -33,6 +34,18 @@ xserver.videoDrivers = [ "nvidia" ]; }; + networking.firewall = { + allowedTCPPorts = [ + 80 + 443 + 25565 + 5201 + ]; + allowedUDPPorts = [ + 5201 + ]; + }; + liv.nvidia.enable = true; boot = { @@ -50,4 +63,14 @@ ] ++ [ pkgs.cpupower-gui ]; }; + + fileSystems."/mnt/nfs/violet" = { + device = "//172.16.10.130/spinners/violet"; # not ideal, should get the static IP from dandelion from a config attribute but whatever... + fsType = "cifs"; + options = [ + "x-systemd.automount" + "noauto" + "credentials=${config.sops.secrets.smbLoginDetails.path}" + ]; + }; } diff --git a/hosts/vm/default.nix b/hosts/vm/default.nix deleted file mode 100644 index b0a72a8..0000000 --- a/hosts/vm/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ pkgs, config, lib, ... }: -{ - imports = [ - ./hardware-configuration.nix - ./../../modules/core - ]; - - nixpkgs.config.permittedInsecurePackages = [ - "jitsi-meet-1.0.8043" - "olm-3.2.16" - ]; - - - # kvm/qemu doesn't use UEFI firmware mode by default. - # so we force-override the setting here - # and configure GRUB instead. - boot.loader = { - systemd-boot.enable = lib.mkForce false; - grub = { - enable = true; - device = "/dev/vda"; - useOSProber = false; - }; - }; - - # allow local remote access to make it easier to toy around with the system - services.openssh = { - enable = true; - ports = [22]; - settings = { - # PasswordAuthentication = lib.mkOverride true; - AllowUsers = null; - # PermitRootLogin = "yes"; - }; - }; -} diff --git a/hosts/yoshino/default.nix b/hosts/yoshino/default.nix index f61d5b5..94a9e67 100644 --- a/hosts/yoshino/default.nix +++ b/hosts/yoshino/default.nix @@ -12,6 +12,7 @@ # ./../../modules/home/nfs.nix ./../../modules/core/virtualization.nix ./../../modules/services/tailscale.nix + ./../../modules/services/mpd.nix ]; powerManagement = { @@ -20,6 +21,24 @@ cpuFreqGovernor = lib.mkDefault "performance"; }; + networking = { + hostName = "yoshino"; + networkmanager.enable = true; + }; + + systemd.network.networks."99-local" = { + matchConfig.name = "enp68s0"; + address = [ + "192.168.1.100/24" + ]; + routes = [ + { + Gateway = "172.16.10.1"; + GatewayOnLink = false; + } + ]; + }; + liv = { desktop.enable = true; creative.enable = true; @@ -28,11 +47,6 @@ gui.enable = true; }; - networking = { - hostName = "yoshino"; - networkmanager.enable = true; - }; - boot = { kernelParams = [ ]; kernelModules = [ "acpi_call" ]; diff --git a/hosts/zinnia/default.nix b/hosts/zinnia/default.nix new file mode 100644 index 0000000..f7ba60b --- /dev/null +++ b/hosts/zinnia/default.nix @@ -0,0 +1,61 @@ +{ + lib, + config, + pkgs, + ... +}: + +{ + imports = [ + ./hardware-configuration.nix + ./../../modules/core + ./../../modules/services/tailscale.nix + ./../../modules/services/mpd.nix + ]; + + liv = { + laptop.enable = true; + gui.enable = true; + desktop.enable = false; + creative.enable = false; + amdgpu.enable = false; + }; + + services = { + vnstat.enable = true; + }; + + networking.hostName = "zinnia"; + + powerManagement = { + enable = true; + powertop.enable = true; + cpuFreqGovernor = lib.mkDefault "ondemand"; + }; + + boot.initrd.luks.devices."luks-59aff546-c2c2-4697-a5f2-40a12f259f5a".device = + "/dev/disk/by-uuid/59aff546-c2c2-4697-a5f2-40a12f259f5a"; + + boot = { + kernelParams = [ + "mem_sleep_default=deep" + ]; + kernelModules = [ "acpi_call" ]; + kernelPackages = pkgs.linuxPackages_latest; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + systemd-boot.configurationLimit = 10; + }; + extraModulePackages = + with config.boot.kernelPackages; + [ + acpi_call + cpupower + ] + ++ [ pkgs.cpupower-gui ]; + }; + + time.timeZone = "Europe/Amsterdam"; + nixpkgs.config.allowUnfree = true; +} diff --git a/hosts/zinnia/hardware-configuration.nix b/hosts/zinnia/hardware-configuration.nix new file mode 100644 index 0000000..eb9890f --- /dev/null +++ b/hosts/zinnia/hardware-configuration.nix @@ -0,0 +1,45 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/hardware/network/broadcom-43xx.nix") + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/c9f69c59-2014-41de-b169-53c38c7d9f15"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."luks-ad0e2f90-490d-4a2b-8484-8d18bc9bdff5".device = "/dev/disk/by-uuid/ad0e2f90-490d-4a2b-8484-8d18bc9bdff5"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/0AEC-87AF"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/18a2707c-9fe0-4dc4-a15f-6908cc34f26e"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wwp0s20f0u2c2.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/core/default.nix b/modules/core/default.nix index 36b87a6..10c17fa 100644 --- a/modules/core/default.nix +++ b/modules/core/default.nix @@ -9,6 +9,7 @@ ++ [ (import ./network.nix) ] ++ [ (import ./pipewire.nix) ] ++ [ (import ./program.nix) ] + ++ [ (import ./plymouth.nix) ] ++ [ (import ./sshd.nix) ] ++ [ (import ./security.nix) ] ++ [ (import ./services.nix) ] @@ -16,6 +17,5 @@ ++ [ (import ./user.nix) ] ++ [ (import ./bluetooth.nix) ] ++ [ (import ./yubikey.nix) ] - # ++ [ (import ./steam.nix) ] ++ [ (import ./wayland.nix) ]; } diff --git a/modules/core/network.nix b/modules/core/network.nix index 2c80cdb..9cb9355 100644 --- a/modules/core/network.nix +++ b/modules/core/network.nix @@ -1,20 +1,16 @@ -{ pkgs, ... }: +{ pkgs, lib, ... }: { networking = { - networkmanager.enable = true; + networkmanager = { + enable = true; + wifi.macAddress = "stable-ssid"; + }; nameservers = [ "9.9.9.9" ]; firewall = { enable = true; - # allowedTCPPorts = [ 22 80 443 59010 59011 ]; - # allowedUDPPorts = [ 59010 59011 ]; - # allowedUDPPortRanges = [ - # { from = 4000; to = 4007; } - # { from = 8000; to = 8010; } - # ]; }; }; - - # environment.systemPackages = with pkgs; [ - # networkmanagerapplet - # ]; + services = { + avahi.enable = lib.mkDefault false; + }; } diff --git a/modules/core/plymouth.nix b/modules/core/plymouth.nix new file mode 100644 index 0000000..384b4b6 --- /dev/null +++ b/modules/core/plymouth.nix @@ -0,0 +1,40 @@ +{ + pkgs, + lib, + ... +}: +{ + # TODO: add https://github.com/FraioVeio/plymouth-xp-theme + boot = { + plymouth = { + enable = lib.mkDefault true; + theme = "lone"; + themePackages = with pkgs; [ + # By default we would install all themes + (adi1090x-plymouth-themes.override { + selected_themes = [ "lone" ]; + # selected_themes = [ "sliced" ]; + # selected_themes = [ "rings" ]; + # selected_themes = [ "red_loader" ]; + # selected_themes = [ "dna" ]; + # selected_themes = [ "hexagon_dots" ]; + }) + ]; + }; + + # Enable "Silent boot" + consoleLogLevel = 3; + initrd.verbose = false; + kernelParams = [ + "quiet" + "splash" + "boot.shell_on_fail" + "udev.log_priority=3" + "rd.systemd.show_status=auto" + ]; + # Hide the OS choice for bootloaders. + # It's still possible to open the bootloader list by pressing any key + # It will just not appear on screen unless a key is pressed + loader.timeout = 1; + }; +} diff --git a/modules/core/program.nix b/modules/core/program.nix index 2e7a9e7..5def924 100644 --- a/modules/core/program.nix +++ b/modules/core/program.nix @@ -1,4 +1,4 @@ -{ pkgs, agenix, ... }: +{ pkgs, ... }: { programs = { dconf.enable = true; @@ -15,6 +15,5 @@ git dig traceroute - # agenix.packages.x86_64-linux.default ]; } diff --git a/modules/core/security.nix b/modules/core/security.nix index f95be92..a7c557e 100644 --- a/modules/core/security.nix +++ b/modules/core/security.nix @@ -8,9 +8,17 @@ security = { rtkit.enable = true; pam.services.swaylock = { }; + auditd.enable = true; + audit = { + enable = true; + rules = [ + "-a exit,always -F arch=b64 -S execve" + ]; + }; sudo = { enable = true; + execWheelOnly = true; extraRules = [ { groups = [ "wheel" ]; @@ -20,7 +28,7 @@ options = [ "NOPASSWD" ]; } { - command = "/home/liv/.local/src/framework-system/target/debug/framework_tool"; + command = "/run/current-system/sw/bin/framework_tool --privacy"; options = [ "NOPASSWD" ]; } ]; diff --git a/modules/core/services.nix b/modules/core/services.nix index 8ec1b02..0020bf2 100644 --- a/modules/core/services.nix +++ b/modules/core/services.nix @@ -9,5 +9,5 @@ ''; # To prevent getting stuck at shutdown. - systemd.extraConfig = "DefaultTimeoutStopSec=10s"; + # systemd.extraConfig = "DefaultTimeoutStopSec=10s"; # Deprecated now } diff --git a/modules/core/sops.nix b/modules/core/sops.nix new file mode 100644 index 0000000..27b1c10 --- /dev/null +++ b/modules/core/sops.nix @@ -0,0 +1,46 @@ +{ + pkgs, + inputs, + username, + host, + config, + ... +}: +{ + imports = [ inputs.sops-nix.nixosModules.sops ]; + + sops = { + defaultSopsFile = ../../secrets/${host}/secrets.yaml; + defaultSopsFormat = "yaml"; + age.keyFile = "/home/${username}/.config/sops/age/keys.txt"; + secrets = + if (host == "violet") then + { + "systemMailerPassword" = { }; + "forgejoWorkerSecret" = { }; + "minioRootCredentials" = { }; + "matrixRegistrationSecret" = { + owner = "matrix-synapse"; + }; + "smbLoginDetails" = { }; + } + else if (host == "sakura") then + { + "systemMailerPassword" = { }; + "dandelionSyncthingId" = { }; + "sakuraSyncthingId" = { }; + } + else if (host == "dandelion") then + { + "systemMailerPassword" = { }; + "dandelionSyncthingId" = { }; + "sakuraSyncthingId" = { }; + } + else + { }; + }; + + environment.systemPackages = with pkgs; [ + sops + ]; +} diff --git a/modules/core/sshd.nix b/modules/core/sshd.nix index 36f4637..64d60bd 100644 --- a/modules/core/sshd.nix +++ b/modules/core/sshd.nix @@ -14,9 +14,12 @@ networking.firewall.allowedTCPPorts = config.services.openssh.ports; users.users.liv.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXi00z/rxVrWLKgYr+tWIsbHsSQO75hUMSTThNm5wUw liv@sakura" # main laptop - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2nsQHyWnrmuQway0ehoMUcYYfhD8Ph/vpD0Tzip1b1 liv@meow" # main phone - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHv2zxCy22KU1tZOH2hA1p8fWVpOSrTYF68+3E5r330O liv@ichiyo" # 2nd laptop + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXi00z/rxVrWLKgYr+tWIsbHsSQO75hUMSTThNm5wUw liv@sakura" # sakura + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHv2zxCy22KU1tZOH2hA1p8fWVpOSrTYF68+3E5r330O liv@ichiyo" # ichiyo + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDltZ7vfyrLrl32TIWCC3iUx40TrCtIz6Ssi/SZvikg liv@zinnia" # zinnia + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKQtG69zrMFsoHForwZEi66y1tPvctqg1OgjQFrF3OI+ liv@iris" # iris + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7mHVQp99G0osUAtnVoq5TARR8x5wjCkdbe7ChnzLRa liv@azalea" # linux phone + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2nsQHyWnrmuQway0ehoMUcYYfhD8Ph/vpD0Tzip1b1 liv@meow" # xz1c ]; } diff --git a/modules/core/steam.nix b/modules/core/steam.nix deleted file mode 100644 index 0901a55..0000000 --- a/modules/core/steam.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ ... }: -{ - programs.steam = { - enable = true; - remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play - dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server - localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers - }; -} diff --git a/modules/core/system.nix b/modules/core/system.nix index 7ac70fe..664a91a 100644 --- a/modules/core/system.nix +++ b/modules/core/system.nix @@ -1,12 +1,21 @@ -{ self, pkgs, lib, inputs, ...}: { - # imports = [ inputs.nix-gaming.nixosModules.default ]; + self, + pkgs, + lib, + inputs, + ... +}: +{ nix = { settings = { + allowed-users = [ "@wheel" ]; auto-optimise-store = true; - experimental-features = [ "nix-command" "flakes" ]; - substituters = [ "https://nix-gaming.cachix.org" ]; - trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; + # substituters = [ "http://violet.booping.local" ]; + # trusted-public-keys = [ "violet.booping.local:2gshN3xfGSL7eKFc8tGkqSoIb3WQxuB2RJ8DuakLLqc=%" ]; }; gc = { automatic = true; @@ -15,18 +24,24 @@ }; }; - # nixpkgs = { - # overlays = [ - # self.overlays.default - # inputs.nur.overlay - # ]; - # }; + programs.nix-ld = { + enable = true; + libraries = with pkgs; [ ]; + }; + + nixpkgs = { + overlays = [ + self.overlays.default + # inputs.nur.overlay + ]; + }; nixpkgs.config = { allowUnfree = true; permittedInsecurePackages = [ "jitsi-meet-1.0.8043" "olm-3.2.16" + "libsoup-2.74.3" ]; overlays = [ self.overlays.default @@ -41,7 +56,7 @@ "en_US.UTF-8/UTF-8" "ja_JP.UTF-8/UTF-8" ]; - + # Font packages environment.systemPackages = with pkgs; [ noto-fonts-cjk-sans @@ -49,6 +64,6 @@ ipaexfont ]; - time.timeZone = "Europe/Amsterdam"; + time.timeZone = lib.mkDefault "Europe/Amsterdam"; system.stateVersion = "24.05"; } diff --git a/modules/core/user.nix b/modules/core/user.nix index 5ddb8db..aa2c3ec 100644 --- a/modules/core/user.nix +++ b/modules/core/user.nix @@ -10,6 +10,7 @@ imports = [ inputs.home-manager.nixosModules.home-manager ] ++ [ ./../../roles/default.nix ] + ++ [ ./sops.nix ] ++ [ ./../../variables.nix ]; home-manager = { useUserPackages = true; @@ -17,14 +18,18 @@ extraSpecialArgs = { inherit inputs username host; }; users.${username} = { imports = - if (host == "desktop") then - [ ./../home/default.desktop.nix ] - else if (host == "violet") then + if (host == "violet") then [ ./../home/default.server.nix ] else if (host == "dandelion") then [ ./../home/default.server.nix ] else if (host == "lily") then [ ./../home/default.server.nix ] + else if (host == "posy") then + [ ./../home/default.server.nix ] + else if (host == "hazel") then + [ ./../home/default.server.nix ] + else if (host == "daisy") then + [ ./../home/default.server.nix ] # else if (host == "yoshino") then # [ ./../home/default.nix ] else @@ -40,8 +45,6 @@ fonts.fontconfig.antialias = false; - users.groups.gay = { }; - users.users.${username} = { isNormalUser = true; description = "${username}"; @@ -50,10 +53,11 @@ "wheel" "docker" "input" - "gay" "dialout" + "wheel" ]; shell = pkgs.zsh; + initialPassword = "temporary-password"; }; nix.settings.allowed-users = [ "${username}" ]; } diff --git a/modules/core/virtualization.nix b/modules/core/virtualization.nix index eeca5d6..e800e35 100644 --- a/modules/core/virtualization.nix +++ b/modules/core/virtualization.nix @@ -1,9 +1,19 @@ -{ pkgs, ... }: +{ pkgs, host, ... }: { virtualisation = { # vmware.host.enable = true; # Causes issues for now :p - waydroid.enable = true; - libvirtd.enable = true; + waydroid.enable = if (host == "sakura") then true else false; + libvirtd.enable = + if (host == "violet") then + true + else if (host == "sakura") then + true + else if (host == "yoshino") then + true + else if (host == "iris") then + true + else + false; spiceUSBRedirection.enable = true; }; diff --git a/modules/home/agenix.nix b/modules/home/agenix.nix deleted file mode 100644 index fd3662a..0000000 --- a/modules/home/agenix.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ config, pkgs, lib, inputs, ... }:{ - environment.systemPackages = [ - inputs.agenix.packages."${system}".default - ]; -} diff --git a/modules/home/default.desktop.nix b/modules/home/default.desktop.nix deleted file mode 100644 index 4e658d9..0000000 --- a/modules/home/default.desktop.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ ...}: { - imports = - [(import ./default.nix)] - ++ [ (import ./steam.nix) ]; -} diff --git a/modules/home/gaming.nix b/modules/home/gaming.nix deleted file mode 100644 index c9e167f..0000000 --- a/modules/home/gaming.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ pkgs, config, inputs, ... }: -{ - home.packages = with pkgs;[ - ## Utils - # gamemode - # gamescope - # winetricks - # inputs.nix-gaming.packages.${pkgs.system}.wine-ge - ]; -} diff --git a/modules/home/hyprland/config.nix b/modules/home/hyprland/config.nix index a014d1e..0bfab5d 100644 --- a/modules/home/hyprland/config.nix +++ b/modules/home/hyprland/config.nix @@ -1,4 +1,9 @@ -{ pkgs, ... }: +{ + pkgs, + host, + username, + ... +}: { fonts.fontconfig.enable = true; home.packages = [ @@ -8,6 +13,7 @@ pkgs.noto-fonts-emoji pkgs.swww pkgs.swaylock + pkgs.pywal16 ]; gtk = { @@ -58,7 +64,13 @@ source = "~/nixos-config/modules/home/hyprland/displays.conf"; "debug:disable_scale_checks" = true; - monitor = "eDP-1, 2256x1504@60, 0x0, 1.5"; + monitor = + if (host == "sakura") then + "eDP-1, 2256x1504@60, 0x0, 1.5" + else if (host == "zinnia") then + "eDP-1, 1920x1080@60, 0x0, 1.0" + else + ", preferred, auto, 1"; # autostart exec-once = [ @@ -207,7 +219,7 @@ "$mainMod, F, fullscreen, 0" # set 1 to 0 to set full screen without waybar "$mainMod, Space, togglefloating," "$mainMod, D, exec, bemenu-run -l 5 --ignorecase" - "SUPER SHIFT, L, exec, hyprlock" + "SUPER SHIFT, L, exec, swaylock --image /home/${username}/.local/share/bg.png" "$mainMod, E, exec, thunar" "$mainMod SHIFT, B, exec, pkill -SIGUSR1 .waybar-wrapped" "$mainMod, C,exec, hyprpicker -a" @@ -376,6 +388,22 @@ xwayland { force_zero_scaling = true } + + plugin { + hyprbars { + bar_height = 38 + bar_color = rgb(1e1e1e) + col.text = $foreground + bar_text_size = 12 + bar_text_font = GohuFont 11 Nerd Font Propo + bar_button_padding = 12 + bar_padding = 10 + bar_precedence_over_border = true + hyprbars-button = $color1, 20, , hyprctl dispatch killactive + hyprbars-button = $color3, 20, , hyprctl dispatch fullscreen 2 + hyprbars-button = $color4, 20, , hyprctl dispatch togglefloating + } + } "; }; } diff --git a/modules/home/hyprland/hyprland.nix b/modules/home/hyprland/hyprland.nix index ed959a4..283e464 100644 --- a/modules/home/hyprland/hyprland.nix +++ b/modules/home/hyprland/hyprland.nix @@ -22,8 +22,8 @@ # enableNvidiaPatches = false; systemd.enable = true; plugins = [ - # inputs.Hyprspace.packages.${pkgs.system}.Hyprspace - # inputs.Hyswipe.packages.${pkgs.system}.Hyswipe + pkgs.hyprlandPlugins.hyprbars + # pkgs.hyprlandPlugins.hyprspace # causes hyprland to crash on 4-finger swipe; great software ]; }; } diff --git a/modules/home/kitty.nix b/modules/home/kitty.nix index cac7f8c..39371d6 100644 --- a/modules/home/kitty.nix +++ b/modules/home/kitty.nix @@ -3,7 +3,7 @@ programs.kitty = { enable = true; - theme = "3024 Night"; + # theme = "3024 Night"; font = { name = "GohuFont 14 Nerd Font Mono"; @@ -12,7 +12,7 @@ settings = { confirm_os_window_close = 0; - background_opacity = "0.75"; + background_opacity = "0.50"; window_padding_width = 10; scrollback_lines = 10000; enable_audio_bell = false; @@ -35,5 +35,102 @@ "ctrl+shift+left" = "no_op"; "ctrl+shift+right" = "no_op"; }; + extraConfig = '' + # vim:ft=kitty + + ## name: Base2Tone Suburb Dark + ## author: Bram de Haan (https://github.com/atelierbram) + ## license: MIT + ## upstream: https://github.com/atelierbram/Base2Tone-kitty/blob/main/themes/base2tone-suburb-dark.conf + ## blurb: duotone theme | warm blue - bright pink + + + #: The basic colors + + foreground #878ba6 + # background #1e202f + selection_foreground #878ba6 + selection_background #292c3d + + + #: Cursor colors + + cursor #d14781 + cursor_text_color #1e202f + + + #: URL underline color when hovering with mouse + + url_color #d2d8fe + + + #: kitty window border colors and terminal bell colors + + active_border_color #444864 + inactive_border_color #1e202f + bell_border_color #5165e6 + visual_bell_color none + + + #: OS Window titlebar colors + + wayland_titlebar_color #292c3d + macos_titlebar_color #292c3d + + + #: Tab bar colors + + active_tab_foreground #fbf9fa + active_tab_background #1e202f + inactive_tab_foreground #b0a6aa + inactive_tab_background #292c3d + tab_bar_background #292c3d + tab_bar_margin_color none + + + #: Colors for marks (marked text in the terminal) + + mark1_foreground #1e202f + mark1_background #6375ee + mark2_foreground #1e202f + mark2_background #8d8186 + mark3_foreground #1e202f + mark3_background #e44e8c + + + #: The basic 16 colors + + #: black + color0 #1e202f + color8 #4f5472 + + #: red + color1 #7586f5 + color9 #fe81b5 + + #: green + color2 #fb6fa9 + color10 #292c3d + + #: yellow + color3 #ffb3d2 + color11 #444864 + + #: blue + color4 #8696fd + color12 #5b6080 + + #: magenta + color5 #fb6fa9 + color13 #d2d8fe + + #: cyan + color6 #a0acfe + color14 #f764a1 + + #: white + color7 #878ba6 + color15 #ebedff + ''; }; } diff --git a/modules/home/packages.nix b/modules/home/packages.nix index 4ac677b..34db02f 100644 --- a/modules/home/packages.nix +++ b/modules/home/packages.nix @@ -1,4 +1,10 @@ -{ inputs, pkgs, ... }: +{ + inputs, + lib, + pkgs, + config, + ... +}: { home.packages = with pkgs; [ # Environment shit @@ -48,7 +54,6 @@ gitleaks ripgrep yt-dlp - spotify-player nodejs_22 yarn cargo @@ -57,31 +62,18 @@ reader nmap speedtest-go - delta powertop android-tools + sshpass + net-tools + nmap - # GUI shit - element-desktop - gajim - signal-desktop - anki-bin - obs-studio - wdisplays - librewolf # main - ungoogled-chromium # for things that don't work with librewolf - nsxiv - imv - libreoffice - xfce.thunar - spotify - thunderbird - lxqt.pavucontrol-qt - mpv - plasma5Packages.kdeconnect-kde - - # Gaming - lunar-client + # Install pip packages + # python3 + # python3Packages.pip + # (writeShellScriptBin "install-pip-packages" '' # This script does not run, yet. + # pip install --user --break-system-packages + # '') inputs.alejandra.defaultPackage.${system} inputs.nixvim.packages.${pkgs.system}.default diff --git a/modules/home/scripts/scripts/setbg b/modules/home/scripts/scripts/setbg index c0e7277..e796894 100644 --- a/modules/home/scripts/scripts/setbg +++ b/modules/home/scripts/scripts/setbg @@ -1,4 +1,5 @@ #!/usr/bin/env bash magick convert "$1" ~/.local/share/bg.png +wal -i "$1" swww img ~/.local/share/bg.png --transition-type fade diff --git a/modules/home/scripts/scripts/unfuck.sh b/modules/home/scripts/scripts/unfuck.sh index d49273e..480bd72 100644 --- a/modules/home/scripts/scripts/unfuck.sh +++ b/modules/home/scripts/scripts/unfuck.sh @@ -26,7 +26,9 @@ unfuck_wallpaper() { } unfuck_fingerprint() { - systemctl restart fprintd.service + notify-send "Touch sensor or use YubiKey." "Sleeping for 10 seconds." + sleep 10 + sudo systemctl restart fprintd.service } unfuck_bar() { @@ -37,6 +39,8 @@ unfuck_bar() { unfuck_networkmanager() { # sudo modprobe -r iwlwifi # sudo modprobe iwlwifi + notify-send "Touch sensor or use YubiKey." "Sleeping for 10 seconds." + sleep 10 sudo systemctl restart NetworkManager } @@ -58,6 +62,8 @@ unfuck_audio() { devices+=("$device") done systemctl --user restart wireplumber pipewire pipewire-pulse bluetooth + rfkill block bluetooth + rfkill unblock bluetooth bluetoothctl power off bluetoothctl power on for device in ${devices[*]}; do diff --git a/modules/home/steam.nix b/modules/home/steam.nix deleted file mode 100644 index 4b559a5..0000000 --- a/modules/home/steam.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ pkgs, lib, ... }: -{ - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = false; - }; - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "steam" - "steam-original" - "steam-runtime" - ]; - # proton-ge-bin - -# warning: The package proton-ge in nix-gaming has been deprecated as of 2024-03-17. - -# You should use proton-ge-bin from Nixpkgs, which conforms to -# the new `extraCompatTools` module option under `programs.steam` -# For details, see the relevant pull request: -} diff --git a/modules/home/swaync/default.nix b/modules/home/swaync/default.nix index f70bcbd..45d3fe4 100644 --- a/modules/home/swaync/default.nix +++ b/modules/home/swaync/default.nix @@ -1,381 +1,233 @@ { pkgs, username, ... }: { home = { - packages = with pkgs; [ swaynotificationcenter ]; + packages = with pkgs; [ + swaynotificationcenter + wlogout + ]; file."/home/${username}/.config/swaync/config.json".text = '' - { - "positionX": "right", - "positionY": "top", - "layer": "overlay", - "layer-shell": "true", - "cssPriority": "application", - "control-center-margin-top": 10, - "control-center-margin-bottom": 10, - "control-center-margin-right": 10, - "control-center-margin-left": 10, - "notification-icon-size": 64, - "notification-body-image-height": 128, - "notification-body-image-width": 200, - "timeout": 10, - "timeout-low": 5, - "timeout-critical": 0, - "fit-to-screen": true, - "control-center-width": 400, - "control-center-height": 650, - "notification-window-width": 350, - "keyboard-shortcuts": true, - "image-visibility": "when-available", - "transition-time": 200, - "hide-on-clear": false, - "hide-on-action": true, - "script-fail-notify": true, - "widgets": [ - "title", - "dnd", - "notifications" - ], - "widget-config": { - "title": { - "text": "Notifications", - "clear-all-button": true, - "button-text": " Clear all " - }, - "dnd": { - "text": " Do not disturb" - }, - } + { + "$schema": "/etc/xdg/swaync/configSchema.json", + "positionX": "right", + "positionY": "top", + "layer": "overlay", + "layer-shell": true, + "cssPriority": "user", + + "control-center-width": 380, + "control-center-height": 860, + "control-center-margin-top": 8, + "control-center-margin-bottom": 8, + "control-center-margin-right": 8, + "control-center-margin-left": 8, + + "notification-window-width": 400, + "notification-icon-size": 48, + "notification-body-image-height": 160, + "notification-body-image-width": 200, + + "widgets": ["buttons-grid", "title", "dnd", "notifications", "mpris"], + "widget-config": { + "title": { + "text": "Notifications", + "clear-all-button": true, + "button-text": "Clear All" + }, + "dnd": { + "text": "Do Not Disturb" + }, + "label": { + "max-lines": 1, + "text": " " + }, + "mpris": { + "image-size": 60, + "image-radius": 12 + }, + "buttons-grid": { + "actions": [ + { + "label": " ", + "command": "kitty -e nmtui-connect" + }, + { + "label": "󰂯", + "command": "waybar-bluetooth toggle" + }, + { + "label": "󰏘", + "command": "kitty -e walp" + }, + { + "label": "⏻", + "command": "wlogout" + } + ] + } + } } ''; - file = { - "/home/${username}/.config/swaync/style.css".text = '' - * { - all: unset; - font-size: 14px; - font-family: "GohuFont 14 Nerd Font Mono"; - transition: 200ms; - } + file."/home/${username}/.config/swaync/style.css".text = '' + @import "../../.cache/wal/colors-waybar.css"; - trough highlight { - background: #cdd6f4; - } + @define-color text @foreground; + @define-color bg @color1; + @define-color selected @color6; + @define-color hover alpha(@selected, .4); - scale trough { - margin: 0rem 1rem; - background-color: #313244; - min-height: 8px; - min-width: 70px; - } + * { + outline: none; + transition: 200ms; + padding: 1px; + background: transparent; + } - slider { - background-color: #89b4fa; - } + .notification-row { + outline: none; + margin: 0; + padding: 0px; + } - .floating-notifications.background .notification-row .notification-background { - box-shadow: 0 0 8px 0 rgba(0, 0, 0, 0.8), inset 0 0 0 1px #313244; - margin: 18px; - background-color: #000000; - color: #cdd6f4; - padding: 0; - } + .notification-row .notification-background .close-button { + /* The notification Close Button */ + background: transparent; + color: @text; + text-shadow: none; + box-shadow: none; + margin-top: 2px; + margin-right: 2px; + padding: 0; + border: none; + border-radius: 100%; + min-width: 24px; + min-height: 24px; + } - .floating-notifications.background .notification-row .notification-background .notification { - padding: 7px; - } + .notification-row .notification-background .close-button:hover { + box-shadow: none; + background: transparent; + transition: background 0.15s ease-in-out; + border: 0px; + } - .floating-notifications.background .notification-row .notification-background .notification.critical { - box-shadow: inset 0 0 7px 0 #f38ba8; - } + .notification-row .notification-background .notification { + /* The actual notification */ + background: transparent; + } - .floating-notifications.background .notification-row .notification-background .notification .notification-content { - margin: 7px; - } + .notification-group .notification-group-headers { + /* Notficiation Group Headers */ + margin-top: 10px; + margin-bottom: 10px; + } - .floating-notifications.background .notification-row .notification-background .notification .notification-content .summary { - color: #cdd6f4; - } + .notification-group .notification-group-headers .notification-group-header { + font-size: 20px; + margin-left: 3px; + } - .floating-notifications.background .notification-row .notification-background .notification .notification-content .time { - color: #a6adc8; - } + .notification-group.collapsed .notification-row .notification { + background: alpha(@background, 0.55); + } - .floating-notifications.background .notification-row .notification-background .notification .notification-content .body { - color: #cdd6f4; - } + .control-center { + /* The Control Center which contains the old notifications + widgets */ + margin: 18px; + padding: 14px; + box-shadow: 0px 2px 5px black; + background: alpha(@background, 0.55); + border: 2px solid @selected; + } - .floating-notifications.background .notification-row .notification-background .notification > *:last-child > * { - min-height: 3.4em; - } + .control-center-clear-all { + /* Clear All button */ + background: transparent; + padding: 5px; + } - .floating-notifications.background .notification-row .notification-background .notification > *:last-child > * .notification-action { - color: #cdd6f4; - background-color: #000000; - box-shadow: inset 0 0 0 1px #45475a; - margin: 7px; - } + .control-center-clear-all:hover { + background: @hover; + } - .floating-notifications.background .notification-row .notification-background .notification > *:last-child > * .notification-action:hover { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #000000; - color: #cdd6f4; - } + .control-center-clear-all:active { + background: @selected; + } - .floating-notifications.background .notification-row .notification-background .notification > *:last-child > * .notification-action:active { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #000000; - color: #cdd6f4; - } + /*** Widgets ***/ + /* Title widget */ + .widget-title { + background: transparent; + margin-top: 15px; + margin-left: 15px; + margin-right: 15px; + } - .floating-notifications.background .notification-row .notification-background .close-button { - margin: 7px; - padding: 2px; - color: #1e1e2e; - background-color: #000000; - } + /* Do Not Disturb widget */ + .widget-dnd { + background: transparent; + margin-left: 15px; + margin-right: 15px; + } - .floating-notifications.background .notification-row .notification-background .close-button:hover { - background-color: #000000; - color: #1e1e2e; - } + .widget-dnd > switch { + background: @bg; + font-size: initial; + border-radius: 12px; + box-shadow: none; + padding: 2px; + } - .floating-notifications.background .notification-row .notification-background .close-button:active { - background-color: #000000; - color: #1e1e2e; - } + /* Media Player widget */ + @define-color mpris-album-art-overlay rgba(0, 0, 0, 0.55); + @define-color mpris-button-hover rgba(0, 0, 0, 0.50); - .control-center { - box-shadow: 0 0 8px 0 rgba(0, 0, 0, 0.8), inset 0 0 0 1px #313244; - margin: 18px; - background-color: #000000; - color: #cdd6f4; - padding: 14px; - } + .widget-mpris { + } - .control-center .widget-title > label { - color: #cdd6f4; - font-size: 1.3em; - } + .widget-mpris .widget-mpris-player { + padding: 10px; + margin: 8px 15px; + /* background-color: @mpris-album-art-overlay; */ + box-shadow: 0px 2px 5px rgba(0, 0, 0, 0.75); + border: 2px; + } - .control-center .widget-title button { - color: #cdd6f4; - background-color: #313244; - box-shadow: inset 0 0 0 1px #45475a; - padding: 8px; - } + .widget-mpris .widget-mpris-player .widget-mpris-title { + font-size: 16px; + } - .control-center .widget-title button:hover { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #585b70; - color: #cdd6f4; - } + .widget-mpris .widget-mpris-player .widget-mpris-subtitle { + font-size: 14px; + } - .control-center .widget-title button:active { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #74c7ec; - color: #1e1e2e; - } + /* Buttons widget */ + .widget-buttons-grid { + /* background-color: alpha(@color2, 0.5); */ + } - .control-center .notification-row .notification-background { - color: #cdd6f4; - background-color: #313244; - box-shadow: inset 0 0 0 1px #45475a; - margin-top: 14px; - } + .widget-buttons-grid > flowbox > flowboxchild > button { + /* background: alpha(@color2, 0.5); */ + /* border-radius: 12px; */ + min-width: 45px; + } - .control-center .notification-row .notification-background .notification { - padding: 7px; - } + .control-center .notification-row .notification-background .notification { + padding: 10px; + } - .control-center .notification-row .notification-background .notification.critical { - box-shadow: inset 0 0 7px 0 #f38ba8; - } + .floating-notifications.background .notification-row .notification-background .close-button { + margin: 10px; + padding: 2px; + } - .control-center .notification-row .notification-background .notification .notification-content { - margin: 7px; - } + .floating-notifications.background .notification-row .notification-background { + margin: 18px; + padding: 0; + } - .control-center .notification-row .notification-background .notification .notification-content .summary { - color: #cdd6f4; - } - - .control-center .notification-row .notification-background .notification .notification-content .time { - color: #a6adc8; - } - - .control-center .notification-row .notification-background .notification .notification-content .body { - color: #cdd6f4; - } - - .control-center .notification-row .notification-background .notification > *:last-child > * { - min-height: 3.4em; - } - - .control-center .notification-row .notification-background .notification > *:last-child > * .notification-action { - color: #cdd6f4; - background-color: #11111b; - box-shadow: inset 0 0 0 1px #45475a; - margin: 7px; - } - - .control-center .notification-row .notification-background .notification > *:last-child > * .notification-action:hover { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #313244; - color: #cdd6f4; - } - - .control-center .notification-row .notification-background .notification > *:last-child > * .notification-action:active { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #74c7ec; - color: #cdd6f4; - } - - .control-center .notification-row .notification-background .close-button { - margin: 7px; - padding: 2px; - color: #1e1e2e; - background-color: #eba0ac; - } - - .close-button { - } - - .control-center .notification-row .notification-background .close-button:hover { - background-color: #f38ba8; - color: #1e1e2e; - } - - .control-center .notification-row .notification-background .close-button:active { - background-color: #f38ba8; - color: #1e1e2e; - } - - .control-center .notification-row .notification-background:hover { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #7f849c; - color: #cdd6f4; - } - - .control-center .notification-row .notification-background:active { - box-shadow: inset 0 0 0 1px #45475a; - background-color: #74c7ec; - color: #cdd6f4; - } - - .notification.critical progress { - background-color: #f38ba8; - } - - .notification.low progress, - .notification.normal progress { - background-color: #89b4fa; - } - - .control-center-dnd { - margin-top: 5px; - background: #313244; - border: 1px solid #45475a; - box-shadow: none; - } - - .control-center-dnd:checked { - background: #313244; - } - - .control-center-dnd slider { - background: #45475a; - } - - .widget-dnd { - margin: 0px; - font-size: 1.1rem; - } - - .widget-dnd > switch { - font-size: initial; - background: #313244; - border: 1px solid #45475a; - box-shadow: none; - } - - .widget-dnd > switch:checked { - background: #313244; - } - - .widget-dnd > switch slider { - background: #45475a; - border: 1px solid #6c7086; - } - - .widget-mpris .widget-mpris-player { - background: #313244; - padding: 7px; - } - - .widget-mpris .widget-mpris-title { - font-size: 1.2rem; - } - - .widget-mpris .widget-mpris-subtitle { - font-size: 0.8rem; - } - - .widget-menubar > box > .menu-button-bar > button > label { - font-size: 3rem; - padding: 0.5rem 2rem; - } - - .widget-menubar > box > .menu-button-bar > :last-child { - color: #f38ba8; - } - - .power-buttons button:hover, - .powermode-buttons button:hover, - .screenshot-buttons button:hover { - background: #313244; - } - - .control-center .widget-label > label { - color: #cdd6f4; - font-size: 2rem; - } - - .widget-buttons-grid { - padding-top: 1rem; - } - - .widget-buttons-grid > flowbox > flowboxchild > button label { - font-size: 2.5rem; - } - - .widget-volume { - padding-top: 1rem; - } - - .widget-volume label { - font-size: 1.5rem; - color: #74c7ec; - } - - .widget-volume trough highlight { - background: #74c7ec; - } - - .widget-backlight trough highlight { - background: #f9e2af; - } - - .widget-backlight scale { - margin-right: 1rem; - } - - .widget-backlight label { - font-size: 1.5rem; - color: #f9e2af; - } - - .widget-backlight .KB { - padding-bottom: 1rem; - } - ''; - }; + .floating-notifications.background .notification-row .notification-background .notification { + padding: 7px; + } + ''; }; } diff --git a/modules/home/waybar/default.nix b/modules/home/waybar/default.nix index 184134c..dfe464a 100644 --- a/modules/home/waybar/default.nix +++ b/modules/home/waybar/default.nix @@ -23,8 +23,8 @@ "/home/${username}/.config/waybar/config" = { text = '' [{ - "layer": "top", - "position": "top", + "layer": "bottom", + "position": "bottom", "modules-left": [ "privacy", @@ -85,7 +85,7 @@ "network": { "format": "󰈀 {ifname}", - "format-wifi": " {ipaddr}/{cidr} {signalStrength}%", + "format-wifi": " {essid} - {ipaddr}/{cidr} {signalStrength}%", "format-ethernet": "󰈀 {ipaddr}/{cidr}", "format-disconnected": "󰈂", "tooltip-format": "{ifname} via {gwaddr}", @@ -316,7 +316,7 @@ "group/clock": { "orientation": "horizontal", - "modules": [ "custom/clock#minutes", "clock#time", "clock#date" ], + "modules": [ "clock#time", "custom/clock#minutes", "clock#date" ], "drawer": { "transition-left-to-right": false, "transition-duration": 500 @@ -349,7 +349,7 @@ "clock#time": { "interval": 60, - "format": " {:%I:%M %p}", + "format": " {:%I:%M %p}", "actions": { "on-scroll-up": "tz_up", "on-scroll-down": "tz_down" @@ -377,9 +377,9 @@ /* margin: 0 0px; */ } - window#waybar.top { + window#waybar.bottom { /* background-color: rgba(115, 116, 116, 0.22); */ - background-color: rgba(0, 0, 0, 0.75); + background-color: rgba(0, 0, 0, 0.25); border-bottom: none; color: #eeeeee; transition-property: background-color; @@ -387,7 +387,7 @@ } window#waybar.hidden { - opacity: 0.5; + opacity: 0.25; } label#window { diff --git a/modules/home/waybar/scripts.nix b/modules/home/waybar/scripts.nix index c24b8d3..a4a7bb7 100644 --- a/modules/home/waybar/scripts.nix +++ b/modules/home/waybar/scripts.nix @@ -187,8 +187,8 @@ LTEXT="󰛧 " fi - MICROPHONE_STATE="$(sudo /home/liv/.local/src/framework-system/target/debug/framework_tool --privacy | tail -n2 | head -n1)" - CAMERA_STATE="$(sudo /home/liv/.local/src/framework-system/target/debug/framework_tool --privacy | tail -n1)" + MICROPHONE_STATE="$(sudo framework_tool --privacy | tail -n2 | head -n1)" + CAMERA_STATE="$(sudo framework_tool --privacy | tail -n1)" if [[ "$(echo $MICROPHONE_STATE | grep 'Microphone: Connected')" ]]; then MIC=1 diff --git a/modules/home/zsh.nix b/modules/home/zsh.nix index d771fdc..fa1f4b6 100644 --- a/modules/home/zsh.nix +++ b/modules/home/zsh.nix @@ -3,6 +3,7 @@ config, pkgs, host, + lib, ... }: { @@ -11,6 +12,21 @@ enable = true; autocd = true; autosuggestion.enable = true; + #syntaxHighlighting = { + # enable = true; + # highlighters = [ + # "main" + # "brackets" + # "pattern" + # "regexp" + # "cursor" + # "root" + # "line" + # ]; + #}; + + defaultKeymap = "viins"; + enableCompletion = true; # enableGlobalCompInit = true; # Should be a thing according to NixOS options but is not a thing? @@ -27,13 +43,16 @@ SYSTEMD_LESS = "FRXMK"; # Fix weird sideways scrolling in systemctl status ... ZSH_AUTOSUGGEST_HIGHLIGHT_STYLE = "fg=#808080"; ZSH_AUTOSUGGEST_USE_ASYNC = 1; - HISTSIZE = 100000; - SAVEHIST = 100000; + HISTSIZE = 10000000; + SAVEHIST = 10000000; HISTFILE = "~/.zsh_history"; HISTORY_SUBSTRING_SEARCH_ENSURE_UNIQUE = 1; + KEYTIMEOUT = 1; # make Vi-mode transitions faster }; initContent = '' + export export PATH="''${PATH}:''${HOME}/.local/bin/:''${HOME}/.cargo/bin/:''${HOME}/.fzf/bin/" + autoload -U add-zsh-hook autoload -U compinit zmodload zsh/complist @@ -109,7 +128,38 @@ printf "%s\n" "''${url}" } - export export PATH="''${PATH}:''${HOME}/.local/bin/:''${HOME}/.cargo/bin/:''${HOME}/.fzf/bin/" + function nixcd () { + PACKAGE_NAME="$1" + if [[ "$PACKAGE_NAME" = "" ]]; then + echo "Usage: nixcd " + fi + PKGINSTORE="$(NIXPKGS_ALLOW_UNFREE=1 nix path-info nixpkgs#$PACKAGE_NAME --impure)" + if [[ -d "$PKGINSTORE" ]]; then + cd $PKGINSTORE + else + echo "Could not find path for package: $PKGINSTORE" + return 1 + fi + } + + # Enter a 'nix shell' with packages selected by fzf + source ${pkgs.nix-search-fzf.zsh-shell-widget}/bin/nix-search-fzf-shell-widget + zle -N nix-search-fzf-shell-widget + bindkey '^O' nix-search-fzf-shell-widget + + # Use fzf as a history widget + zle -N fzf-history-widget + bindkey '^R' fzf-history-widget + bindkey -M viins '^R' fzf-history-widget + bindkey -M vicmd '^R' fzf-history-widget + + # Use fzf as a cd completion widget + zle -N fzf-cd-widget + bindkey '^G' fzf-cd-widget + + # Use fzf as a file completion widget + zle -N fzf-file-widget + bindkey '^F' fzf-file-widget # if [[ $(which sxiv&>/dev/null && echo 1) == "1" ]]; then # alias imv="sxiv" @@ -133,9 +183,9 @@ gcm = "git commit -m"; gph = "git push -u origin main"; g = "git"; + gp = "git pull"; - calc = "eva"; - wikipedia = "wikit"; + wiki = "wikit"; }; }; @@ -170,12 +220,19 @@ yt-dlp-audio = "yt-dlp -f 'ba' -x --audio-format mp3"; open = "xdg-open"; tree = "eza --icons --tree --group-directories-first"; - # nvim = "nix run /home/liv/Development/nixvim --"; - vim = "nvim"; doas = "sudo"; sxiv = "nsxiv"; enby = "man"; woman = "man"; + mkcd = "mkdir $1 && cd $1"; + du = "dust"; + cp = "cp -i -v"; + mv = "mv -i -v"; + rm = "rm -i -v"; + cat = "${lib.getExe pkgs.bat} --plain"; + diff = "${lib.getExe pkgs.delta} --color-only"; + battery-left = "${lib.getExe pkgs.acpi} | cut -d' ' -f5"; + github-actions = "${lib.getExe pkgs.act} -s GITHUB_TOKEN=\"$(${lib.getExe pkgs.github-cli} auth token)\""; # NixOS ns = "nix-shell --run zsh"; @@ -207,9 +264,28 @@ }; file = "autopair.zsh"; } + { + name = "zsh-vi-mode"; + file = "zsh-vi-mode.plugin.zsh"; + src = pkgs.fetchFromGitHub { + owner = "jeffreytse"; + repo = "zsh-vi-mode"; + rev = "3eeca1bc6db172edee5a2ca13d9ff588b305b455"; + sha256 = "0na6b5b46k4473c53mv1wkb009i6b592gxpjq94bdnlz1kkcqwg6"; + }; + } + { + name = "fzf-zsh-plugin"; + src = fetchFromGitHub { + owner = "unixorn"; + repo = "fzf-zsh-plugin"; + rev = "04ae801499a7844c87ff1d7b97cdf57530856c65"; + sha256 = "sha256-FEGhx36Z5pqHEOgPsidiHDN5SXviqMsf6t6hUZo+I8A="; + }; + file = "fzf-zsh-plugin.plugin.zsh"; + } ]; }; - fzf = { enable = true; enableZshIntegration = true; @@ -220,4 +296,11 @@ enableZshIntegration = true; }; }; + home.packages = with pkgs; [ + dust + fd + delta + bat + nix-search-fzf.zsh-shell-widget + ]; } diff --git a/modules/services/borg.nix b/modules/services/borg.nix index fad706a..668e70c 100644 --- a/modules/services/borg.nix +++ b/modules/services/borg.nix @@ -37,6 +37,12 @@ in paths = [ "/var/lib" ]; + exclude = [ + "/var/lib/matrix-synapse" + "/var/lib/mautrix-signal" + "/var/lib/mautrix-whatsapp" + "/var/lib/bitwarden_rs" + ]; repo = "${baseRepo}/var-lib"; encryption.mode = "none"; compression = "auto,zstd"; diff --git a/modules/services/dandelion.nix b/modules/services/dandelion.nix index 6bd0cd9..c11eff1 100644 --- a/modules/services/dandelion.nix +++ b/modules/services/dandelion.nix @@ -2,8 +2,8 @@ { imports = [ (import ./docker.nix) ] - ++ [ (import ./immich.nix) ] - ++ [ (import ./nextcloud.nix) ] + # ++ [ (import ./immich.nix) ] + # ++ [ (import ./nextcloud.nix) ] ++ [ (import ./home-assistant.nix) ] ++ [ (import ./monitoring.nix) ] ++ [ (import ./smart-monitoring.nix) ] diff --git a/modules/services/email.nix b/modules/services/email.nix new file mode 100644 index 0000000..5876fa9 --- /dev/null +++ b/modules/services/email.nix @@ -0,0 +1,19 @@ +{ + pkgs, + config, + ... +}: +{ + programs.msmtp = { + enable = true; + accounts.default = { + auth = true; + tls = true; + port = 465; + host = "smtp.migadu.com"; + from = config.liv.variables.senderEmail; + user = config.liv.variables.senderEmail; + passwordeval = "${pkgs.coreutils}/bin/cat ${config.sops.secrets.systemMailerPassword.path}"; + }; + }; +} diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix index 52e94bc..a2dc10e 100644 --- a/modules/services/forgejo.nix +++ b/modules/services/forgejo.nix @@ -9,57 +9,64 @@ let srv = cfg.settings.server; in { - services.forgejo = { - enable = true; - # database.type = "postgres"; - # Enable support for Git Large File Storage - lfs.enable = true; - settings = { - server = { - DOMAIN = "code.liv.town"; - # You need to specify this to remove the port from URLs in the web UI. - ROOT_URL = "https://${srv.DOMAIN}/"; - HTTP_PORT = 3050; - }; - # You can temporarily allow registration to create an admin user. - service.DISABLE_REGISTRATION = true; - # Add support for actions, based on act: https://github.com/nektos/act - actions = { - ENABLED = true; - DEFAULT_ACTIONS_URL = "github"; - }; - # Sending emails is completely optional - # You can send a test email from the web UI at: - # Profile Picture > Site Administration > Configuration > Mailer Configuration - # mailer = { - # ENABLED = true; - # SMTP_ADDR = "mail.example.com"; - # FROM = "noreply@${srv.DOMAIN}"; - # USER = "noreply@${srv.DOMAIN}"; - # }; - }; - # mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path; - }; - # gitea-actions-runner = { - # package = pkgs.forgejo-runner; - # instances.my-forgejo-instance = { - # enable = true; - # name = "forgejo-01"; - # token = ""; # TODO: fill in tokens etc - # url = "https://code.liv.town"; - # labels = [ - # "node-22:docker://node:22-bookworm" - # "nixos-latest:docker://nixos/nix" - # ]; - # }; - # }; services = { + forgejo = { + enable = true; + # database.type = "postgres"; + # Enable support for Git Large File Storage + lfs.enable = true; + settings = { + server = { + DOMAIN = "code.liv.town"; + # You need to specify this to remove the port from URLs in the web UI. + ROOT_URL = "https://${srv.DOMAIN}/"; + HTTP_PORT = 3050; + }; + # You can temporarily allow registration to create an admin user. + service.DISABLE_REGISTRATION = true; + # Add support for actions, based on act: https://github.com/nektos/act + actions = { + ENABLED = true; + DEFAULT_ACTIONS_URL = "github"; + }; + # TODO: run own email server that sends users emails! + # You can send a test email from the web UI at: + # Profile Picture > Site Administration > Configuration > Mailer Configuration + mailer = { + ENABLED = true; + SMTP_ADDR = "smtp.migadu.com"; + FROM = config.liv.variables.senderEmail; + USER = config.liv.variables.senderEmail; + }; + }; + secrets.mailer.PASSWD = config.sops.secrets.systemMailerPassword.path; + }; + gitea-actions-runner = { + package = pkgs.forgejo-runner; + instances.code-liv-town = { + enable = true; + name = "forgejo-01"; + tokenFile = "${config.sops.secrets.forgejoWorkerSecret.path}"; + url = "https://code.liv.town"; + labels = [ + "node-22:docker://node:22-bookworm" + "nixos-latest:docker://nixos/nix" + ]; + }; + }; + anubis.instances.forgejo = { + settings = { + TARGET = "http://localhost:3050"; + BIND = ":3051"; + BIND_NETWORK = "tcp"; + }; + }; nginx.virtualHosts."code.liv.town" = { forceSSL = true; sslCertificate = "/var/lib/acme/liv.town/cert.pem"; sslCertificateKey = "/var/lib/acme/liv.town/key.pem"; locations."/" = { - proxyPass = "http://localhost:3050"; + proxyPass = "http://localhost${toString config.services.anubis.instances.forgejo.settings.BIND}"; proxyWebsockets = true; }; }; diff --git a/modules/services/matrix/secrets.yaml b/modules/services/matrix/secrets.yaml deleted file mode 100644 index 357c281..0000000 --- a/modules/services/matrix/secrets.yaml +++ /dev/null @@ -1,3 +0,0 @@ -registration_shared_secret: "" - -report_stats: false diff --git a/modules/services/monitoring.nix b/modules/services/monitoring.nix index 43b5319..b24e67b 100644 --- a/modules/services/monitoring.nix +++ b/modules/services/monitoring.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, host, ... }: { services = { prometheus = { @@ -10,6 +10,15 @@ enabledCollectors = [ "systemd" ]; port = 9002; }; + smokeping = { + enable = true; + hosts = [ + "172.16.10.1" + "172.16.10.2" + "9.9.9.9" + "149.112.112.112" + ]; + }; }; scrapeConfigs = [ { @@ -20,6 +29,14 @@ } ]; } + { + job_name = "${host} - smokeping"; + static_configs = [ + { + targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.smokeping.port}" ]; + } + ]; + } ]; }; }; diff --git a/modules/services/nfs.nix b/modules/services/nfs.nix index 5391100..2f9d3c4 100644 --- a/modules/services/nfs.nix +++ b/modules/services/nfs.nix @@ -8,7 +8,7 @@ services = { # Network shares samba = { - package = pkgs.samba4Full; + package = pkgs.samba; # ^^ `samba4Full` is compiled with avahi, ldap, AD etc support (compared to the default package, `samba` # Required for samba to register mDNS records for auto discovery # See https://github.com/NixOS/nixpkgs/blob/592047fc9e4f7b74a4dc85d1b9f5243dfe4899e3/pkgs/top-level/all-packages.nix#L27268 @@ -26,7 +26,7 @@ # ^^ Needed to allow samba to automatically register mDNS records (without the need for an `extraServiceFile` #nssmdns4 = true; # ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it - enable = true; + enable = lib.mkForce true; openFirewall = true; }; samba-wsdd = { diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index fd64712..cda6d24 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -37,24 +37,6 @@ recommendedProxySettings = true; clientMaxBodySize = lib.mkDefault "10G"; - #defaultListen = - # let - # listen = [ - # { - # addr = "[::]"; - # port = 80; - # extraParameters = [ "proxy_protocol" ]; - # } - # { - # addr = "[::]"; - # port = 443; - # ssl = true; - # extraParameters = [ "proxy_protocol" ]; - # } - # ]; - # in - # map (x: (x // { addr = "0.0.0.0"; })) listen ++ listen; - # Hardened TLS and HSTS preloading appendHttpConfig = '' # Proxying diff --git a/modules/services/nix-serve.nix b/modules/services/nix-serve.nix new file mode 100644 index 0000000..06fcdfc --- /dev/null +++ b/modules/services/nix-serve.nix @@ -0,0 +1,18 @@ +{ config, ... }: +{ + services = { + nix-serve = { + enable = true; + secretKeyFile = "/var/secrets/cache-private-key.pem"; + }; + + nginx.virtualHosts."violet.booping.local" = { + forceSSL = false; + # sslCertificate = "/var/lib/acme/liv.town/cert.pem"; + # sslCertificateKey = "/var/lib/acme/liv.town/key.pem"; + locations."/" = { + proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; + }; + }; + }; +} diff --git a/modules/services/paperless-ngx.nix b/modules/services/paperless-ngx.nix new file mode 100644 index 0000000..4ab78b1 --- /dev/null +++ b/modules/services/paperless-ngx.nix @@ -0,0 +1,29 @@ +{ + services = { + paperless = { + enable = true; + consumptionDirIsPublic = true; + settings = { + PAPERLESS_CONSUMER_IGNORE_PATTERN = [ + ".DS_STORE/*" + "desktop.ini" + ]; + PAPERLESS_OCR_LANGUAGE = "deu+eng+nld"; + PAPERLESS_OCR_USER_ARGS = { + optimize = 1; + pdfa_image_compression = "lossless"; + }; + PAPERLESS_URL = "https://documents.liv.town"; + }; + }; + nginx.virtualHosts."documents.liv.town" = { + forceSSL = true; + sslCertificate = "/var/lib/acme/liv.town/cert.pem"; + sslCertificateKey = "/var/lib/acme/liv.town/key.pem"; + locations."/" = { + proxyPass = "http://127.0.0.1:28981"; + proxyWebsockets = true; + }; + }; + }; +} diff --git a/modules/services/remote-build.nix b/modules/services/remote-build.nix new file mode 100644 index 0000000..811231f --- /dev/null +++ b/modules/services/remote-build.nix @@ -0,0 +1,55 @@ +{ + config, + pkgs, + username, + ... +}: +{ + users.users.remotebuild = { + isNormalUser = true; + createHome = false; + group = "remotebuild"; + openssh.authorizedKeys.keys = config.users.users.${username}.openssh.authorizedKeys.keys ++ [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINKI2KQn97mykFLIaMUWMftA1txJec9qW56hAMj5/MhE liv@dandelion +" + ]; + }; + + users.groups.remotebuild = { }; + + nix = { + nrBuildUsers = 64; + settings = { + trusted-users = [ "remotebuild" ]; + + min-free = 10 * 1024 * 1024; + max-free = 200 * 1024 * 1024; + + max-jobs = "auto"; + cores = 0; + }; + }; + + systemd.services.nix-daemon.serviceConfig = { + MemoryAccounting = true; + MemoryMax = "90%"; + OOMScoreAdjust = 500; + }; + + # add to clients: + # nix.distributedBuilds = true; + # nix.settings.builders-use-substitutes = true; + # nix.buildMachines = [ + # { + # hostName = "violet"; + # sshUser = "remotebuild"; + # sshKey = "/home/liv/.ssh/id_ed25519"; # Make sure to give a key that works for this user. + # system = pkgs.stdenv.hostPlatform.system; + # supportedFeatures = [ + # "nixos-test" + # "big-parallel" + # "kvm" + # ]; + # } + # ]; +} diff --git a/modules/services/smart-monitoring.nix b/modules/services/smart-monitoring.nix index 0b4e63c..055b0ae 100644 --- a/modules/services/smart-monitoring.nix +++ b/modules/services/smart-monitoring.nix @@ -1,7 +1,15 @@ -{ config, ... }: +{ config, host, ... }: { + imports = [ ./email.nix ]; services.scrutiny = { - enable = true; + # Enable based on name of host + enable = + if (host == "dandelion") then + true + else if (host == "lily") then + true + else + false; collector.enable = true; settings.web.listen.port = 8181; settings.notify.urls = [ @@ -10,18 +18,20 @@ ]; }; - # services.smartd = { - # enable = true; - # autodetect = true; - # notifications = { - # mail = { - # enable = true; - # # mailer = "/path/to/mailer/binary"; # Need to get system emails working first - # sender = "${config.liv.variables.fromEmail}"; - # recipient = "${config.liv.variables.toEmail}"; - # }; - # }; - # }; + services.smartd = { + enable = true; + autodetect = true; + notifications = { + wall = { + enable = true; + }; + mail = { + enable = true; + sender = config.liv.variables.senderEmail; + recipient = config.liv.variables.email; + }; + }; + }; # services.nginx.virtualHosts."" = { # locations."/" = { diff --git a/modules/services/vaultwarden.nix b/modules/services/vaultwarden.nix new file mode 100644 index 0000000..93ce630 --- /dev/null +++ b/modules/services/vaultwarden.nix @@ -0,0 +1,70 @@ +{ + config, + host, + pkgs, + username, + ... +}: +let + baseRepo = "ssh://liv@dandelion:9123/spinners/rootvol/backups/${host}"; +in +{ + services = { + vaultwarden = { + enable = true; + dbBackend = "sqlite"; + config = { + SIGNUPS_ALLOWED = false; + ENABLE_WEBSOCKET = true; + SENDS_ALLOWED = true; + INVITATIONS_ENABLED = true; + EMERGENCY_ACCESS_ALLOWED = true; + EMAIL_ACCESS_ALLOWED = true; + DOMAIN = "https://passwords.liv.town"; + ROCKET_ADDRESS = "0.0.0.0"; + ROCKET_PORT = 8003; + }; + }; + nginx = { + enable = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = { + "passwords.liv.town" = { + forceSSL = true; + sslCertificate = "/var/lib/acme/liv.town/cert.pem"; + sslCertificateKey = "/var/lib/acme/liv.town/key.pem"; + locations."/" = { + proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}/"; + proxyWebsockets = true; + }; + }; + }; + }; + borgbackup.jobs."violet-vaultwarden" = { + paths = [ "/var/lib/bitwarden_rs" ]; + repo = "${baseRepo}/var-vaultwarden"; + encryption.mode = "none"; + compression = "auto,zstd"; + startAt = "daily"; + preHook = '' + systemctl stop vaultwarden + ''; + postHook = '' + systemctl start vaultwarden + if [ $exitStatus -eq 2 ]; then + ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (vaultwarden) failed with errors" + else + ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (vaultwarden) completed succesfully with exit status $exitStatus" + fi + ''; + user = "root"; + extraCreateArgs = [ + "--stats" + ]; + environment = { + BORG_RSH = "ssh -p 9123 -i /home/${username}/.ssh/id_ed25519"; + }; + }; + }; +} diff --git a/modules/services/violet.nix b/modules/services/violet.nix index 2f31873..15639ef 100644 --- a/modules/services/violet.nix +++ b/modules/services/violet.nix @@ -7,6 +7,7 @@ ++ [ (import ./binternet-proxy.nix) ] ++ [ (import ./bluemap-proxy.nix) ] ++ [ (import ./docker.nix) ] + ++ [ (import ./email.nix) ] ++ [ (import ./forgejo.nix) ] ++ [ (import ./grafana.nix) ] ++ [ (import ./guacamole.nix) ] @@ -17,14 +18,20 @@ ++ [ (import ./matrix/default.nix) ] ++ [ (import ./mumble.nix) ] ++ [ (import ./monitoring.nix) ] + # ++ [ (import ./minio.nix) ] + # ++ [ (import ./nextcloud.nix) ] ++ [ (import ./ntfy.nix) ] ++ [ (import ./nginx.nix) ] + ++ [ (import ./nix-serve.nix) ] + ++ [ (import ./paperless-ngx.nix) ] ++ [ (import ./radicale.nix) ] + ++ [ (import ./remote-build.nix) ] ++ [ (import ./readarr.nix) ] ++ [ (import ./sharkey-proxy.nix) ] # ++ [ (import ./komga.nix) ] # ++ [ (import ./xmpp.nix) ] - ++ [ (import ./tailscale.nix) ]; + ++ [ (import ./tailscale.nix) ] + ++ [ (import ./vaultwarden.nix) ]; # ++ [ (import ./smart-monitoring.nix) ] # ++ [ (import ./jitsi-meet.nix) ] } diff --git a/overlays/default.nix b/overlays/default.nix index 29457b4..9086c35 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,3 +1,3 @@ { - addition = final: _: import ../pkgs { pkgs = final; }; + addition = final: _: import ../pkgs/default.nix { pkgs = final; }; } diff --git a/pkgs/createScript/default.nix b/pkgs/createScript/default.nix new file mode 100644 index 0000000..f69f894 --- /dev/null +++ b/pkgs/createScript/default.nix @@ -0,0 +1,40 @@ +{ + lib, + runCommand, + makeWrapper, +}: + +# A function which creates a shell script with optional dependencies added to PATH. + +name: src: +{ + dependencies ? [ ], + ... +}@attrs: + +runCommand name + ( + { + inherit src; + nativeBuildInputs = lib.optionals (dependencies != [ ]) (attrs.nativeBuildInputs or [ ]) ++ [ + makeWrapper + ]; + + meta = { + mainProgram = name; + } // attrs.meta or { }; + } + // (builtins.removeAttrs attrs [ + "nativeBuildInputs" + "meta" + ]) + ) + '' + mkdir -p $out/bin + install -Dm755 $src $out/bin/$name + patchShebangs $out/bin/$name + + ${lib.optionalString (dependencies != [ ]) '' + wrapProgram $out/bin/$name --prefix PATH : ${lib.makeBinPath dependencies} + ''} + '' diff --git a/pkgs/default.nix b/pkgs/default.nix index ec41d4e..7d89d6c 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,4 +1,5 @@ -{ pkgs } : +{ pkgs }: { - wikit = pkgs.callPackage ./wikit/default.nix { }; + createScript = pkgs.callPackage ./createScript/default.nix { }; + nix-search-fzf = pkgs.callPackage ./nix-search-fzf/default.nix { }; } diff --git a/pkgs/nix-search-fzf/default.nix b/pkgs/nix-search-fzf/default.nix new file mode 100644 index 0000000..d9116fd --- /dev/null +++ b/pkgs/nix-search-fzf/default.nix @@ -0,0 +1,50 @@ +{ + createScript, + replaceVars, + gnused, + jq, + fzf, + nix, + coreutils, + bash, + nix-search-fzf, + writeShellScriptBin, +}: + +let + previewText = createScript "fzf-preview" ./fzf-preview.sh { }; + src = replaceVars ./nix-search-fzf.sh { + previewText = "${previewText}/bin/fzf-preview"; + }; +in +createScript "nix-search-fzf" src { + dependencies = [ + gnused + jq + fzf + nix + coreutils + bash + ]; + + # Enter a 'nix shell' with packages selected by this script + passthru.zsh-shell-widget = writeShellScriptBin "nix-search-fzf-shell-widget" '' + nix-search-fzf-shell-widget() { + setopt localoptions pipefail no_aliases 2> /dev/null + local cmd="$(eval "${nix-search-fzf}/bin/nix-search-fzf -c")" + if [[ -z "$cmd" ]]; then + zle redisplay + return 0 + fi + zle push-line + BUFFER="''${cmd}" + zle accept-line + local ret=$? + unset cmd + zle reset-prompt + return $ret + } + ''; + + meta.description = "a wrapper around 'nix {run,shell,edit}' with autocomplete using fzf"; +} diff --git a/pkgs/nix-search-fzf/fzf-preview.sh b/pkgs/nix-search-fzf/fzf-preview.sh new file mode 100644 index 0000000..fabdc12 --- /dev/null +++ b/pkgs/nix-search-fzf/fzf-preview.sh @@ -0,0 +1,73 @@ +#! /usr/bin/env nix-shell +#! nix-shell -i bash -p +# shellcheck shell=bash + +set -euo pipefail + +PKG_NAME="$1" +FLAKE="$2" +FLAKE_PATH="${FLAKE}#${PKG_NAME}" + +removeQuotes() { + local flag="$*" + flag="${flag%\"}" + echo "${flag#\"}" +} + +newlinesToCommaSeperated() { + echo "$@" | sed ':a;N;$!ba;s/\n/, /g' +} + +evalAttr() { + local attr data + attr="$1" + data="$(nix eval "$FLAKE_PATH"."$attr" 2>/dev/null)" + [[ $data != "null" && $data != "false" && -n $data ]] && removeQuotes "$data" +} + +evalJsonAttr() { + local attr jqArgs data + attr="$1" + jqArgs="$2" + data="$(nix eval --json "$FLAKE_PATH"."$attr" 2>/dev/null | jq -r "$jqArgs")" + [[ $data != "null" && -n $data ]] && echo "$data" +} + +evalNixpkgsLib() { + local function data + function="$1" + # Impure is needed to import the flake reference + data="$(nix eval --raw --impure --expr "let pkgs = (builtins.getFlake \"flake:$FLAKE\"); in pkgs.lib.$function pkgs.$PKG_NAME" 2>/dev/null)" + [[ $data != "null" && -n $data ]] && echo "$data" +} + +maybeEcho() { + local -r prefix="$1" + local flag="$2" + local -r commaSeperated="${3:-false}" + [[ $commaSeperated == "true" ]] && flag="$(newlinesToCommaSeperated "$flag")" + test -n "$flag" && echo "$prefix $flag" +} + +test -n "$(evalAttr "meta.broken")" && echo "broken: true" +test -n "$(evalAttr "meta.insecure")" && echo "insecure: true" + +version="$(evalAttr "version")" +# Derive the version from "name" using 'lib.getVersion' if it's not set +test -z "$version" && version="$(evalNixpkgsLib "getVersion")" +maybeEcho "version:" "$version" + +homepage="$(evalAttr "meta.homepage")" +maybeEcho "homepage:" "$homepage" + +description="$(evalAttr "meta.description")" +maybeEcho "description:" "$description" + +license="$(evalJsonAttr "meta.license" 'if type=="array" then .[].fullName else .fullName end')" +maybeEcho "license:" "$license" true + +maintainers="$(evalJsonAttr "meta.maintainers" '.[].github')" +maybeEcho "maintainers:" "$maintainers" true + +platforms="$(evalJsonAttr "meta.platforms" 'if type=="array" then .[] else . end')" +maybeEcho "platforms:" "$platforms" true diff --git a/pkgs/nix-search-fzf/nix-search-fzf.sh b/pkgs/nix-search-fzf/nix-search-fzf.sh new file mode 100644 index 0000000..b7a3036 --- /dev/null +++ b/pkgs/nix-search-fzf/nix-search-fzf.sh @@ -0,0 +1,161 @@ +#!/usr/bin/env bash + +# An fzf script with autocomplete from "nix search" which allows for interactive fuzzy searching of derivations. +# After the search a nix subcommand is executed on the selected derivation(s), e.g. "nix shell" or "nix run". + +set -eou pipefail + +FLAKE="nixpkgs" # The default flake to use. TODO: make this configurable +NIX_SUBCOMMAND="shell" # The default nix subcommand to execute +MULTIPLE_SELECTION=true # Whether to allow the user to select multiple derivations +PRINT_COMMAND=false # Only print the command that would be executed, don't execute it + +if [ -n "${XDG_CACHE_HOME-}" ]; then + CACHE_PATH="$XDG_CACHE_HOME/nix-search-fzf/cache.txt" +else + CACHE_PATH="$HOME/.cache/nix-search-fzf/cache.txt" +fi + +# Because fzf executes commands from keybindings in a subprocess, we cannot directly change this scripts state. +# Instead we can use a temporary file as an IPC mechanism, to change which subcommand to execute. +TMP_FILE="$(mktemp --dry-run --suffix "-nix-search-fzf")" +trap 'rm -f "$TMP_FILE"' EXIT INT TERM + +handleArguments() { + while (("$#" > 0)); do + case "$1" in + -s | shell | --shell) + NIX_SUBCOMMAND="shell" + ;; + -b | build | --build) + NIX_SUBCOMMAND="build" + ;; + -r | run | --run) + NIX_SUBCOMMAND="run" + MULTIPLE_SELECTION=false + ;; + -e | edit | --edit) + NIX_SUBCOMMAND="edit" + MULTIPLE_SELECTION=false + ;; + -c | command | --command) + PRINT_COMMAND=true + ;; + -u | update | --update) + manageCache true + exit + ;; + -h | help | --help) + echo "Usage: $(basename "$0") [--shell|--build|--run|--edit|--update]" + echo " --shell: enter a nix shell with the selected package(s). This is the default" + echo " --build: build the selected package(s) with nix build" + echo " --run: run the selected package with nix run" + echo " --edit: edit the selected package with nix edit" + echo " --command: only print the command that would be executed, don't execute it" + echo " --update: update the nix search cache, this is done automatically every 10 days" + echo " --help: show this help message" + exit 0 + ;; + *) + echo "Unknown option '$1'" + exit 1 + ;; + esac + shift 1 + done +} + +runColored() { + printf "\e[32m\$ %s\n\e[0m" "$1" + eval "$1" +} + +manageCache() { + local doUpdate="${1:-false}" + mkdir -p "$(dirname "$CACHE_PATH")" + + if [ ! -f "$CACHE_PATH" ] || [ ! -s "$CACHE_PATH" ]; then + doUpdate="true" + echo "attribute path cache does not exist, generating..." >&2 + elif (($(date -r "$CACHE_PATH" +%s) < $(date -d "now - 10 days" +%s))); then + doUpdate="true" + echo "cache file is older than 10 days, updating..." >&2 + fi + + if [ "$doUpdate" == "true" ]; then + echo "caching attribute paths..." >&2 + # Create a list of all attribute paths with "legacyPackages.$arch" stripped + # In the future this could contain metadata as well, doing a "nix-eval" for each is not the fastest + nix search "$FLAKE" "^" --quiet --json | jq -r 'keys[]' | cut -d'.' -f3- >"$CACHE_PATH" + echo "successfully generated attribute path cache" >&2 + fi +} + +fzfBindingFlag() { + local tmpFile="$1" + local -A bindings=( + ["shell"]="ctrl-s" + ["build"]="ctrl-b" + ["edit"]="ctrl-e" + ["run"]="ctrl-r" + ) + + local result="--bind=" + for subCommand in "${!bindings[@]}"; do + local binding="${bindings[$subCommand]}" + # When pressed, write the appropriate command to our temporary IPC file, and change the prompt accordingly + result+="$binding:execute-silent(echo $subCommand > $tmpFile)+change-prompt($subCommand > )," + done + echo "${result%,}" +} + +runFzf() { + local multi_flag + if [ "$MULTIPLE_SELECTION" == true ]; then + multi_flag="--multi" + else + multi_flag="--no-multi" + fi + + fzf "$multi_flag" \ + --height 40% \ + --preview-window right,70% \ + --border rounded \ + --prompt "$NIX_SUBCOMMAND > " \ + --preview "bash -c \"@previewText@ {} $FLAKE\"" \ + "$(fzfBindingFlag "$TMP_FILE")" <"$CACHE_PATH" +} + +runNix() { + local packages selectedPkgs command + readarray -t selectedPkgs <<<"$@" + ((${#selectedPkgs[@]} == 0)) && exit 0 + + if [ "$MULTIPLE_SELECTION" == true ] && ((${#selectedPkgs[@]} > 1)); then + # Build a brace expansion string + local pkg_list="{" + for pkg in "${selectedPkgs[@]}"; do + pkg_list+="$pkg," + done + packages="${pkg_list%,}}" + else + packages="${selectedPkgs[0]}" + fi + + ((${#packages} == 0)) && exit 0 + + # Update what subcommand to execute, in case it was changed by a keybinding from fzf + [ -s "$TMP_FILE" ] && NIX_SUBCOMMAND="$(<"$TMP_FILE")" + + command="NIXPKGS_ALLOW_UNFREE=1 nix $NIX_SUBCOMMAND $FLAKE#$packages --impure" + if [ "$PRINT_COMMAND" == true ]; then + echo "$command" + exit 0 + else + runColored "$command" + fi +} + +handleArguments "$@" +manageCache +runNix "$(runFzf)" diff --git a/pkgs/wikit/default.nix b/pkgs/wikit/default.nix deleted file mode 100644 index fa9ab39..0000000 --- a/pkgs/wikit/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ lib, ... }: -with lib; -let - src = fetchFromGitHub { - owner = "KorySchneider"; - repo = "wikit"; - rev = "6432c6020606868cc5f240d0317040e38b992292"; - }; -in { - wikit = mkYarnPackage { - name = "wikit"; - inherit src; - packageJSON = src + "./package.json"; - yarnLock = src + "./yarn.lock"; - }; -} diff --git a/roles/gui.nix b/roles/gui.nix index 4b05bd4..ff059bd 100644 --- a/roles/gui.nix +++ b/roles/gui.nix @@ -17,9 +17,46 @@ in config = mkIf cfg.enable { services = { - gvfs.enable = true; + gvfs = { + enable = true; + package = lib.mkForce pkgs.gnome.gvfs; + }; gnome.gnome-keyring.enable = true; dbus.enable = true; }; + + home-manager.users.${username}.home.packages = with pkgs; [ + element-desktop + gajim + signal-desktop + mumble + anki-bin + obs-studio + wdisplays + librewolf # main + ungoogled-chromium # for things that don't work with librewolf + nsxiv + imv + libreoffice + xfce.thunar + spotify + spotify-player + thunderbird + lxqt.pavucontrol-qt + mpv + plasma5Packages.kdeconnect-kde + winbox + # onthespot-overlay + + # Gaming + lunar-client + + # Not GUI but specific to GUI usage + sshuttle + sshfs + + # try out for a bit + niri + ]; }; } diff --git a/secrets/dandelion/secrets.yaml b/secrets/dandelion/secrets.yaml new file mode 100644 index 0000000..1d7791f --- /dev/null +++ b/secrets/dandelion/secrets.yaml @@ -0,0 +1,27 @@ +systemMailerPassword: ENC[AES256_GCM,data:b9Mmxo3beDpo1pi1Y+5TZn64ZeKJzJXlJwYFs5BjVMngeej+Y0naWmwBdlTEwzPm6OiO/N1haNQUlwT4KdOTx7t8PsZwQ5dOQl1gjWp0T+0ImWLImvINyvDIg6uh9RsvqLIJBvgLAtiUHE3jq7vLwDPaZ69tvjmGACNfNKX8A0A=,iv:BvmZ7GtDsHFWSY+cL10P1e7I75ZwrzjFJ6e5J2IbEic=,tag:g9yqAQtJ9kD3o1cfng0gTA==,type:str] +dandelionSyncthingId: ENC[AES256_GCM,data:YgkjHxSD5mp44MMd7X46Rt5FqW89prMvhrkvHN5dxvPJ937cOGV9WYXf69A0+0XEbO97jlDAp7ph1GF0Q9UV,iv:45gaF2MZh1GbZmvKRnEtkQfNgx11r9xYaxvqAkU2ZkM=,tag:f9Iel/5029acJuzzTmyHXQ==,type:str] +sakuraSyncthingId: ENC[AES256_GCM,data:dzMpAy6wzlbGdnsesc7OUB25AkvdRwReT+o1UUqoz1VXXldy5esTpa3vGqM2B/Qa3lZq999VX4hejisSRBGd,iv:Eorc7tX4cnu2n2Kc1uPrfTdU5KQ8jjUsKDuByf1/mts=,tag:+ev+2RbN1v22N96zuQHV9w==,type:str] +sops: + age: + - recipient: age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIcHFGUFltcUVSNnJXNWhI + TU5ySU1SQXVYdUFNOUlXdmZzYTZnZFhWQVJnCmV6T1duSnlGejNMc1hDUHovYTJE + Ri93OURqaEVrd0xCRUZZdWhsKzI1QkEKLS0tIExDeE9BNUxoYjhzWjBrM1FIUzV1 + cGpiNmJ6blQ2c1FiOEFnNllrbWxjWmsKDXsXc2tlmgXHmEveCVq1WMrFRtzLttgc + 0sMlwMFo71eV5JWrDjPbg0WwXonGI9TILJ09FFSTK7FRhwyFpgL6TA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1dpzajxcx7dcumda55qc3hncxqd43a7k85t2cdwtcvy5qsgp6k5tsugxqmd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxS250MmZyazRFVGMzdzVy + T09EaE1lY1h1d3BiMFRlNWV2SXNXNFBuekRnClRieVJrbGFMRjdCZEFVUjdoa2JQ + K1RzalZBVThOMWl3T2pZakxUTUI5cXcKLS0tIHBPeVdtUmtCUmtOTVVRZlNwUXpO + L1d2bW5tRDhjQ2VaU0xDWWlZYi94TEUKvjD1Pk8/Jq18nCJioeVBYbfaT3rSYr4l + aZ+j21bb7tE3JbUQfGkYo2blJqZsxFxblZlvf6tK2DU39Tl64naUpQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-08-04T12:32:42Z" + mac: ENC[AES256_GCM,data:JrU10DY9ih8eMtR3vNpuGppU4gZQyxAzDZ7R2+UFnv/g0zGVYnIKyVEQB9AfO2PEc+nBIYvruiO8XJrqx9O3osf7gvICXnWgEB8C4VPv7IvgniPz68O0hAgpBKkh7Lj0ZP/EGpjXjMr1yBTLtMWsFBXqJa16cD21qsHnlQjBp9Q=,iv:4LWlyE86dKDgwErqE/PmbquGFyQxUVfZw8bifjSB51I=,tag:95INrs/69ipBIutWb5ZbrA==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/secrets/sakura/secrets.yaml b/secrets/sakura/secrets.yaml new file mode 100644 index 0000000..b6ee715 --- /dev/null +++ b/secrets/sakura/secrets.yaml @@ -0,0 +1,18 @@ +systemMailerPassword: ENC[AES256_GCM,data:fdCLxxQOPw00kSGrddcr/ZsYWJ9xYPkfxUeS52jA+MNM4dNNfeQ2rhvWKLYpH/6D3/J7CND0UNUVuRLtPdEnU8ct8jkAmYX5nGDm9HAnVScDvbn5dMvaNxg+0o34Fz7E0XbmRM3B6zpzL4T6Odmmd2iRh/cRiz7WBwmKUpcCV3Q=,iv:ddPxnK6f1wEH+xxQLLADO5SdG8YZkbSVlNfan+AA4vs=,tag:WLrQzVsok6dtxSSQH3HHsw==,type:str] +dandelionSyncthingId: ENC[AES256_GCM,data:crzT7Ph2gDYm/LAyEM2yw/THzu+Dv5SBrw17NF42j2jCvGMLaDgdlMAhkJlr7bonnpjII+9/TLjEXtcEIhcd,iv:6e94tT8rCLFxwDWLNj2T/Fx+0yAuhfS2AdjAKJKt/k0=,tag:Ai44ZvRZps4lQ4gLBbfUDw==,type:str] +sakuraSyncthingId: ENC[AES256_GCM,data:/4MQEcCYVsw2ad2WmUn8Y2f/9mUcyjU9l7Z7PorexQfwaIucmfNH1+Z/FF+0wRj4uaUQLqpR29bRl3EQr/ve,iv:FsiLQYuLZ9YvkfqyF3mAV6jW7csZ5+yXx0sN8f768BE=,tag:U/OTuSnjkOeVT6Vdz96bOw==,type:str] +sops: + age: + - recipient: age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3cFNzYWRSTTdwMXY1K3hK + MEJ6TEN1YS9XdkJOclhmWVVBWmxJcEsrdWxjCld4NThJdmoyMGRKbFNVZWdWQ1FQ + MmpQMm1TOTZhQlllWlV4Y0tiUGxDNkkKLS0tIFVBcEgzNlBVaHozOTViZG1FcXIx + bjBJd2RtdDhkSFlaUzVRTkQyTVpVSDgKoZ7S/izFqmPw3qHT37ws8m2Cmmb8prC/ + JaVn8U57G4aRgp1BqXQvpnKA98HT3BwEsMce5LeNvX7kAtdqkU5eRQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-08-04T12:32:56Z" + mac: ENC[AES256_GCM,data:so7buQVx6nUTRYBfCPdITDccVWOjEmfPslkG8+Z0RKkDgIgwH4Aa/GnTkX0WxmB2bbI6/GQ1PhILE4UXTo8O7W0OO10+PWV2AWwngMcog+ggbH7qpd1395Tw0A8KiiXdPXwxFBEZqrYkKmYVyw314H02+h5+Qd3irH0bWqmpGOg=,iv:Sy4wR3GdSJCR1tlAxV2lau7cpLox/CoiGTC5eZoNVos=,tag:W2pv//unvIE0HBuJ0v35GA==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/secrets/violet/secrets.yaml b/secrets/violet/secrets.yaml new file mode 100644 index 0000000..f8d5015 --- /dev/null +++ b/secrets/violet/secrets.yaml @@ -0,0 +1,29 @@ +systemMailerPassword: ENC[AES256_GCM,data:b1fvCLZMiA9xDu/9BKQGnCTbwj46uixlo37qer66DK09U7CEB8ZBqe+Y+DqjcOJUHHHSo8Qk1XGvGQWypkGICxmxNP8KWvmY42Woh3677APvotUdjW5fVKTgB+Y1m/6/cvXKicJFjbw5LOzZ2/JcXP01KPSkRxWb/X4xzvawSMY=,iv:vbchTqHaH2PB9Mll/s8q4zLhN6ThAsCVvhoggOhj7H4=,tag:6b+TiV1YYHWOn0P9qJZ/bQ==,type:str] +forgejoWorkerSecret: ENC[AES256_GCM,data:kmUjukTJ9SP6nJvfhIMFVTu5vAc9TIfZidUgejC7FSNBDJiP/lVlHw==,iv:jF9LpWLxtBi5i5NCC5nkLeLqJQzOAIY7H1z2NfHqUQI=,tag:3mtTcn+LQEbCESlt34nf9g==,type:str] +matrixRegistrationSecret: ENC[AES256_GCM,data:xDFYVpBJa+FHWjmLlZspJAzJcoav53nWPoctQ5+gAnDYMurtSCkmoQn8r5j6fOmiy56KQyk8AD2/kT1HeFFNKA==,iv:82eIoh1ePc0VxfTbBPxpwGhYrcdRMI6WjFhlUJhxuHk=,tag:FAYUXUy0lEQU56ni2dxvbg==,type:str] +minioRootCredentials: ENC[AES256_GCM,data:/IrpspB6Puy+6scHheBSBp6zQVh8uwpu4nFPLSkueuohSUESPHbRb0w1XAp4V5HraMtOThFqlm0JeBW0XbhY4E8L1P+S3/aMLKjp2voA928l9AjF6sTaSKsO7qh6LEmo90qm9Jo0nDo=,iv:M5NOGfSsl+LggLyEjV49vcWCaYmbG0eJcgwI2v7AKcI=,tag:A+CrDTL+TkEayOqBUII4aQ==,type:str] +smbLoginDetails: ENC[AES256_GCM,data:Puv+Vewv0TDpiYM+Uym180CLT+vXKoeSW/uNxAX7f9y0NvG2Uqqglj/HcCMhyQn9GpCIQyb+xidlLWn3Ywdg6ybaf4WN5EdAEXMK/FRQyVIvvOcCcwG+IeUc1Wc5NmM2qEbxLqLNDWxiH8/QsrT9rWWxxx4c4eD1HOpIv9LCuavXXLmKy6JvtxYwtOv4u8ukp+e0uP7pLN7d,iv:XH+6soi7lZiGz9ZGlQb49f44API715ib/Y7Zh3hFnDM=,tag:iz8RYRSwNxrMxy+rqeM07Q==,type:str] +sops: + age: + - recipient: age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXeG8vNWltdmJGcHhpMFVv + L2loTVRWeUVQMjdFbXlLdDZ4NWd2czlMa1JVClErdlhXdlJKSDFrakhqVjRQMlBx + RStBKzI3bHkzWlZrdkFTZFZvRjN0eFUKLS0tIGJFaTRkVGhSbmZSbEdYZEFWV2Fz + bytGVUhvL1dKNk41cytPajJMUFdXQmMKbJZ7RDB5MXqotaLrWABIKFs2wEZtIAVm + +k+ykISzj/XhhCt2J4IWbhPqRDlivsOLvQF1srNgk02/laE+0Nz5Pg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1zegau3chyn53tqvkwud6tuyggpkazc88pdkqv8cknavaudu49enqm2f0h3 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxMWV2NkVGSWR3UzBPWmFQ + S2lQRm9zZENGc29mN1VxT3hsb2c5d3k3ZGw4Ck5JWlpXQUU0WnhXT2ZocFZFSlkr + WjhZM214YVBDR3UzcU9SQ09ucWJDSUUKLS0tIE00aXVkeTQ5eG1TTTA2UnBuVnVB + S3pjSjlhZjZiSDBNakhLVzNKMjd3bWsKC2geLVXFp190lkjxtmZKq8aLN0XMNeAI + VqbwIY3a30iuWAaxqf8h1ZuCGJvbAZZBevFZraj9yktRHc54JV3Aww== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-08-19T12:23:05Z" + mac: ENC[AES256_GCM,data:hH3cTyHeFMTH5zYpCWyM1uqLta/uzQcLc5HPSdsR52Skh89/5h51vC666g0JuVm/sXh3gv6XQ1AGidPMAmx60qmHjiWE/LRli7xDwKk3p4mldC7RC2FrR0JPmfhDzXIo7VL60PCq4CPWevyRpAWMEMgnc3Z/IzmfDObUsvU+rg0=,iv:CrL4uqV8keGMw+tuqvkNrpKoM0qqr1vsdhESPUb+Hig=,tag:O2NKejf2dpkrkTzX1IfQcA==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/variables.nix b/variables.nix index 95798b8..9d61168 100644 --- a/variables.nix +++ b/variables.nix @@ -29,5 +29,11 @@ in readOnly = true; description = "My primary email"; }; + senderEmail = mkOption { + default = "notifications@liv.town"; + type = types.str; + readOnly = true; + description = "Emailaddress used to send mails from the system"; + }; }; }