Compare commits
33 Commits
Author | SHA1 | Date |
---|---|---|
Vivian | 2dd983451d | |
Vivian | 57b166f13c | |
Vivian | cbeb09796d | |
Vivian | 33d3631fd0 | |
Vivian | fe9f7e5efd | |
Vivian | 19f59b609d | |
Vivian | 741da44456 | |
Vivian | 9cf23df9ec | |
Vivian | 71d1aee2a0 | |
Vivian | d0e01e9f73 | |
Vivian | 2f65b2f692 | |
Vivian | b7f7c8f0a3 | |
Vivian | 86e4c4b78d | |
Vivian | 868112e4cc | |
Vivian | 73f968c074 | |
Vivian | 421949a671 | |
Vivian | 0629b8ec6a | |
Vivian | a4dd20beb5 | |
Vivian | 35adb9eb84 | |
Vivian | 7db895045e | |
Vivian | f71da21947 | |
Vivian | 0dec077ddf | |
Vivian | 1fbff29d2a | |
Vivian | 9f943fa7d2 | |
Vivian | 2106adca7b | |
Vivian | 5e16312be4 | |
Vivian | 2bcb4c3fbb | |
Vivian | e4eefd8279 | |
Vivian | 8ce5a9699d | |
Vivian | fbce62aee6 | |
Vivian | af10f6570e | |
Vivian | b11cd37ad2 | |
Vivian | e9f9a8e84d |
|
@ -26,9 +26,9 @@ jobs:
|
|||
git config user.email "<>"
|
||||
|
||||
# Run Update script
|
||||
./nixos/pkgs/plex-pass/update.sh
|
||||
./pkgs/plex-pass/update.sh
|
||||
|
||||
git add ./nixos/pkgs/plex-pass/
|
||||
git add ./pkgs/plex-pass/
|
||||
|
||||
# Push if changed
|
||||
if git status ./nixos/pkgs/plex-pass/ | grep -q "to be committed"; then
|
||||
|
|
Binary file not shown.
After Width: | Height: | Size: 59 KiB |
|
@ -1,17 +1,8 @@
|
|||
{ lib, pkgs, inputs, config, ... }: {
|
||||
imports =
|
||||
[ ./users ./modules inputs.vault-secrets.nixosModules.vault-secrets ];
|
||||
|
||||
vault-secrets =
|
||||
let
|
||||
inherit (config.networking) domain hostName;
|
||||
server = if domain == "olympus" then "vault" else "vault-0";
|
||||
in
|
||||
lib.mkIf (domain == "olympus" || domain == "hades") {
|
||||
vaultPrefix = "${domain}_secrets/nixos";
|
||||
vaultAddress = "http://${server}.${domain}:8200/";
|
||||
approlePrefix = "${domain}-${hostName}";
|
||||
};
|
||||
{ lib, inputs, pkgs, ... }: {
|
||||
imports = [
|
||||
./users
|
||||
./modules
|
||||
];
|
||||
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
|
@ -22,9 +13,6 @@
|
|||
|
||||
virtualisation.oci-containers.backend = lib.mkDefault "podman";
|
||||
|
||||
# Clean /tmp on boot.
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = lib.mkDefault "Europe/Amsterdam";
|
||||
|
||||
|
@ -33,7 +21,7 @@
|
|||
# https://src.fedoraproject.org/rpms/systemd/tree/acb90c49c42276b06375a66c73673ac3510255
|
||||
systemd.oomd = {
|
||||
enableRootSlice = true;
|
||||
enableUserServices = true;
|
||||
enableUserSlices = true;
|
||||
};
|
||||
|
||||
# security.polkit.enable = lib.mkDefault true;
|
||||
|
@ -50,16 +38,14 @@
|
|||
substituters = [
|
||||
"https://nix-community.cachix.org"
|
||||
"https://nixpkgs-review-bot.cachix.org"
|
||||
"https://colmena.cachix.org"
|
||||
# "https://cache.garnix.io"
|
||||
"https://cachix.cachix.org"
|
||||
"https://cosmic.cachix.org"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
"nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE="
|
||||
"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
|
||||
# "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
|
||||
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
|
||||
];
|
||||
};
|
||||
optimise = {
|
||||
|
@ -77,8 +63,6 @@
|
|||
'';
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# Limit the systemd journal to 100 MB of disk or the
|
||||
# last 7 days of logs, whichever happens first.
|
||||
services.journald.extraConfig = ''
|
||||
|
@ -86,6 +70,8 @@
|
|||
MaxFileSec=7day
|
||||
'';
|
||||
|
||||
services.dbus.implementation = "broker";
|
||||
|
||||
# Enable SSH
|
||||
services.openssh = {
|
||||
enable = true;
|
|
@ -1,4 +1,10 @@
|
|||
{ pkgs, lib, inputs, ... }: {
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
# Bootloader.
|
||||
boot = {
|
||||
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||
|
@ -7,36 +13,41 @@
|
|||
efi.canTouchEfiVariables = true;
|
||||
efi.efiSysMountPoint = "/boot/efi";
|
||||
};
|
||||
kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; };
|
||||
kernel.sysctl = lib.mkDefault { "fs.inotify.max_user_watches" = 524288; };
|
||||
initrd = {
|
||||
systemd.enable = true;
|
||||
verbose = false;
|
||||
};
|
||||
};
|
||||
|
||||
programs.nix-ld.enable = true;
|
||||
# programs.nix-ld.enable = true;
|
||||
|
||||
hardware.keyboard.qmk.enable = true;
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
users.vivian = import ./home.nix;
|
||||
extraSpecialArgs = { inherit inputs; };
|
||||
extraSpecialArgs = {
|
||||
inherit inputs;
|
||||
};
|
||||
};
|
||||
|
||||
hardware.pulseaudio.enable = false;
|
||||
services = {
|
||||
|
||||
# Enable my config for the gnome desktop environment
|
||||
v.gnome.enable = true;
|
||||
v.gnome.enable = lib.mkDefault true;
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
printing.enable = true;
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
audio.enable = true;
|
||||
# alsa.enable = true;
|
||||
# alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
# If you want to use JACK applications, uncomment this
|
||||
#jack.enable = true;
|
||||
jack.enable = true;
|
||||
|
||||
# use the example session manager (no others are packaged yet so this is enabled by default,
|
||||
# no need to redefine it in your config for now)
|
||||
|
@ -62,19 +73,16 @@
|
|||
};
|
||||
|
||||
# Global Packages
|
||||
environment.systemPackages = with pkgs; [ wireguard-tools sbctl podman-compose ];
|
||||
environment.systemPackages = with pkgs; [
|
||||
wireguard-tools
|
||||
sbctl
|
||||
]; # ++ (if config.virtualisation.podman.enable then [ pkgs.podman-compose ] else []);
|
||||
|
||||
# programs.virt-manager = {
|
||||
# enable = true;
|
||||
# };
|
||||
|
||||
# Enable sound with pipewire.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
|
||||
virtualisation = {
|
||||
podman.enable = true;
|
||||
podman.enable = lib.mkDefault true;
|
||||
libvirtd = {
|
||||
enable = true;
|
||||
qemu.package = pkgs.qemu_kvm;
|
||||
|
@ -88,23 +96,28 @@
|
|||
noto-fonts-emoji
|
||||
dejavu_fonts
|
||||
(nerdfonts.override {
|
||||
fonts =
|
||||
[ "DejaVuSansMono" "Ubuntu" "DroidSansMono" "NerdFontsSymbolsOnly" ];
|
||||
fonts = [
|
||||
"DejaVuSansMono"
|
||||
"Ubuntu"
|
||||
"DroidSansMono"
|
||||
"NerdFontsSymbolsOnly"
|
||||
];
|
||||
})
|
||||
];
|
||||
programs = {
|
||||
steam = {
|
||||
|
||||
enable = true;
|
||||
# Open ports in the firewall for Steam Remote Play
|
||||
remotePlay.openFirewall = true;
|
||||
package = pkgs.steam.override {
|
||||
extraPkgs = pkgs: with pkgs; [ gamescope mangohud ];
|
||||
extraPkgs =
|
||||
pkgs: with pkgs; [
|
||||
gamescope
|
||||
mangohud
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
gamemode.enable = true;
|
||||
|
||||
adb.enable = true;
|
||||
};
|
||||
networking = {
|
|
@ -1,35 +1,50 @@
|
|||
{ pkgs, inputs, config, ... }:
|
||||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
let
|
||||
tex = pkgs.texlive.combine {
|
||||
inherit (pkgs.texlive) scheme-full;
|
||||
dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; };
|
||||
dnd-5e-latex-template = {
|
||||
pkgs = [ pkgs.v.dnd-5e-latex-template ];
|
||||
};
|
||||
};
|
||||
my-python-packages = ps: with ps; [ pandas requests numpy ];
|
||||
in {
|
||||
my-python-packages =
|
||||
ps: with ps; [
|
||||
pandas
|
||||
requests
|
||||
numpy
|
||||
scapy
|
||||
pyshark
|
||||
cryptography
|
||||
flask
|
||||
ipwhois
|
||||
pyasn
|
||||
z3-solver
|
||||
];
|
||||
in
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
(python3.withPackages my-python-packages)
|
||||
btop
|
||||
calibre
|
||||
celluloid
|
||||
celluloid # video player
|
||||
cinny-desktop
|
||||
element-desktop
|
||||
fusee-launcher
|
||||
fractal-next
|
||||
foliate
|
||||
foliate # epub reader
|
||||
gcc
|
||||
gimp
|
||||
helix
|
||||
inputs.attic.packages.${pkgs.system}.attic
|
||||
inputs.comma.packages.${pkgs.system}.default
|
||||
inputs.webcord.packages.${pkgs.system}.default
|
||||
jetbrains.clion
|
||||
comma
|
||||
discord
|
||||
jetbrains.rust-rover
|
||||
kdenlive
|
||||
libreoffice-fresh
|
||||
mattermost-desktop
|
||||
mullvad-vpn
|
||||
neofetch
|
||||
nixfmt
|
||||
nixpkgs-review
|
||||
plex-media-player
|
||||
plexamp
|
||||
|
@ -39,6 +54,7 @@ in {
|
|||
tex
|
||||
unzip
|
||||
yt-dlp
|
||||
# z3
|
||||
];
|
||||
|
||||
# Enable my own hm modules
|
||||
|
@ -50,11 +66,6 @@ in {
|
|||
rust.enable = true;
|
||||
};
|
||||
|
||||
riff = {
|
||||
enable = true;
|
||||
direnv = true;
|
||||
};
|
||||
|
||||
firefox.enable = true;
|
||||
|
||||
chromium = {
|
||||
|
@ -69,28 +80,38 @@ in {
|
|||
|
||||
zsh = {
|
||||
enable = true;
|
||||
sessionVariables = { DIRENV_LOG_FORMAT = ""; };
|
||||
sessionVariables = {
|
||||
DIRENV_LOG_FORMAT = "";
|
||||
};
|
||||
};
|
||||
|
||||
thunderbird = {
|
||||
enable = true;
|
||||
profiles.default = { isDefault = true; };
|
||||
profiles.default = {
|
||||
isDefault = true;
|
||||
};
|
||||
};
|
||||
kitty = {
|
||||
enable = true;
|
||||
shellIntegration.enableZshIntegration = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Syncthing
|
||||
services.syncthing.enable = true;
|
||||
xdg.userDirs = let home = config.home.homeDirectory;
|
||||
in {
|
||||
enable = true;
|
||||
createDirectories = true;
|
||||
desktop = "${home}/.desktop";
|
||||
documents = "${home}/cloud/Documents";
|
||||
download = "${home}/dl";
|
||||
music = "${home}/cloud/Music";
|
||||
pictures = "${home}/cloud/Pictures";
|
||||
publicShare = "${home}/.publicShare";
|
||||
templates = "${home}/.templates";
|
||||
videos = "${home}/cloud/Videos";
|
||||
};
|
||||
xdg.userDirs =
|
||||
let
|
||||
home = config.home.homeDirectory;
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
createDirectories = true;
|
||||
desktop = "${home}/.desktop";
|
||||
documents = "${home}/cloud/Documents";
|
||||
download = "${home}/dl";
|
||||
music = "${home}/cloud/Music";
|
||||
pictures = "${home}/cloud/Pictures";
|
||||
publicShare = "${home}/.publicShare";
|
||||
templates = "${home}/.templates";
|
||||
videos = "${home}/cloud/Videos";
|
||||
};
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
_: {
|
||||
networking.useDHCP = true;
|
||||
{ lib, ... }: {
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
|
||||
# Enable qemu guest agent
|
||||
services.qemuGuest.enable = true;
|
|
@ -0,0 +1,90 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib;
|
||||
let
|
||||
inherit (builtins) fromTOML readFile;
|
||||
cfg = config.themes.v.catppuccin;
|
||||
mako = pkgs.fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "mako";
|
||||
rev = "9dd088aa5f4529a3dd4d9760415e340664cb86df";
|
||||
sha256 = "sha256-nUzWkQVsIH4rrCFSP87mXAka6P+Td2ifNbTuP7NM/SQ=";
|
||||
};
|
||||
starship = pkgs.fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "starship";
|
||||
rev = "5629d2356f62a9f2f8efad3ff37476c19969bd4f";
|
||||
sha256 = "sha256-nsRuxQFKbQkyEI4TXgvAjcroVdG+heKX5Pauq/4Ota0=";
|
||||
};
|
||||
in
|
||||
{
|
||||
options.themes.v.catppuccin = {
|
||||
enable = mkEnableOption "catppuccin";
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
home.pointerCursor = {
|
||||
name = "Bibata_Ghost";
|
||||
size = 24;
|
||||
package = pkgs.bibata-cursors-translucent;
|
||||
};
|
||||
|
||||
programs.kitty = {
|
||||
theme = "Catppuccin-Frappe";
|
||||
font.name = "DejaVuSansMono Nerd Font";
|
||||
};
|
||||
|
||||
gtk = {
|
||||
enable = true;
|
||||
theme = {
|
||||
name = "Catppuccin-Frappe-Standard-Pink-Dark";
|
||||
package = pkgs.catppuccin-gtk.override {
|
||||
accents = [ "pink" ];
|
||||
variant = "frappe";
|
||||
size = "standard";
|
||||
};
|
||||
};
|
||||
iconTheme = {
|
||||
name = "Papirus-Dark";
|
||||
package = pkgs.papirus-icon-theme.override { color = "violet"; };
|
||||
};
|
||||
cursorTheme = {
|
||||
inherit (config.home.pointerCursor) name package size;
|
||||
};
|
||||
};
|
||||
|
||||
qt = {
|
||||
enable = true;
|
||||
platformTheme = "qtct";
|
||||
style.name = "kvantum";
|
||||
};
|
||||
|
||||
xdg.configFile = {
|
||||
"Kvantum/kvantum.kvconfig".text = ''
|
||||
[General]
|
||||
theme=Catppuccin-Frappe-Pink
|
||||
'';
|
||||
};
|
||||
|
||||
home.packages = with pkgs; [
|
||||
(catppuccin-kvantum.override {
|
||||
accent = "Pink";
|
||||
variant = "Frappe";
|
||||
})
|
||||
];
|
||||
|
||||
programs.mako.extraConfig = readFile "${mako}/src/frappe";
|
||||
|
||||
programs.starship.settings = {
|
||||
palette = "catppuccin_frappe";
|
||||
} //fromTOML (readFile "${starship}/palettes/frappe.toml");
|
||||
|
||||
programs.vscode = {
|
||||
userSettings."workbench.colorTheme" = "Catppuccin Frappé";
|
||||
extensions = [ pkgs.vscode-extensions.catppuccin.catppuccin-vsc ];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./catppuccin
|
||||
./nvim
|
||||
./vscode.nix
|
||||
./git.nix
|
||||
./rust.nix
|
||||
];
|
||||
}
|
|
@ -0,0 +1,409 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
let
|
||||
cfg = config.programs.v.nvim;
|
||||
nvim-nio = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "nvim-nio";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "nvim-neotest";
|
||||
repo = "nvim-nio";
|
||||
rev = "refs/tags/v1.8.0";
|
||||
sha256 = "sha256-RFmH+683vrg4BELwtAQqjV8oGkvRgzcd6kd5r1s3Jp8=";
|
||||
};
|
||||
};
|
||||
in
|
||||
with lib;
|
||||
{
|
||||
options.programs.v.nvim = {
|
||||
enable = mkEnableOption "nvim";
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
home.packages = with pkgs; [ fd ];
|
||||
home.file.".config/nvim/lua".source = ./lua;
|
||||
programs.nixvim = {
|
||||
enable = true;
|
||||
package = pkgs.neovim-unwrapped;
|
||||
vimAlias = true;
|
||||
luaLoader.enable = true;
|
||||
|
||||
globals.mapleader = " ";
|
||||
|
||||
options = {
|
||||
number = true;
|
||||
conceallevel = 2;
|
||||
};
|
||||
|
||||
clipboard.providers.wl-copy.enable = true;
|
||||
|
||||
keymaps = [
|
||||
# General
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>";
|
||||
action = ":noh<CR>";
|
||||
}
|
||||
# Telescope
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>ff";
|
||||
action = ":Telescope find_files<CR>";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>fs";
|
||||
action = ":Telescope file_browser<CR>";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>fg";
|
||||
action = "require('telescope.builtin').live_grep";
|
||||
lua = true;
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>fb";
|
||||
action = ":Telescope buffers<CR>";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>fo";
|
||||
action = ":Telescope oldfiles<CR>";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>fr";
|
||||
action = ":Telescope frecency<CR>";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>ob";
|
||||
action = "require('obsidian_picker').obsidian_picker";
|
||||
lua = true;
|
||||
}
|
||||
# Commenting
|
||||
{
|
||||
mode = "n";
|
||||
key = "<C-/>";
|
||||
action = "require('Comment.api').toggle.linewise.current";
|
||||
lua = true;
|
||||
}
|
||||
{
|
||||
mode = "x";
|
||||
key = "<C-/>";
|
||||
action = ''
|
||||
function()
|
||||
local esc = vim.api.nvim_replace_termcodes(
|
||||
'<ESC>', true, false, true
|
||||
)
|
||||
vim.api.nvim_feedkeys(esc, 'nx', false)
|
||||
require('Comment.api').toggle.linewise(vim.fn.visualmode())
|
||||
end
|
||||
'';
|
||||
lua = true;
|
||||
}
|
||||
# Float Term
|
||||
{
|
||||
mode = "n";
|
||||
key = "t";
|
||||
action = ":FloatermToggle myfloat<CR>";
|
||||
}
|
||||
{
|
||||
mode = "t";
|
||||
key = "<ESC>";
|
||||
action = "function() vim.cmd(':FloatermToggle myfloat') end";
|
||||
lua = true;
|
||||
}
|
||||
# Switch buffers
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>q";
|
||||
action = ":bd<CR>"; # Delete buffer
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>s";
|
||||
action = ":bn<CR>"; # Buffer next
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>a";
|
||||
action = ":bp<CR>"; # Buffer previous
|
||||
}
|
||||
# Change Indenting
|
||||
{
|
||||
mode = "n";
|
||||
key = "<S-Tab>";
|
||||
action = "<<_";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<Tab>";
|
||||
action = ">>_";
|
||||
}
|
||||
{
|
||||
mode = "v";
|
||||
key = "<Tab>";
|
||||
action = ">gv";
|
||||
}
|
||||
{
|
||||
mode = "v";
|
||||
key = "<S-Tab>";
|
||||
action = "<gv";
|
||||
}
|
||||
# Neotest
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>nr";
|
||||
lua = true;
|
||||
action = "require('neotest').run.run";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>no";
|
||||
lua = true;
|
||||
action = "require('neotest').output.open";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>ns";
|
||||
lua = true;
|
||||
action = "require('neotest').run.stop";
|
||||
}
|
||||
{
|
||||
mode = "n";
|
||||
key = "<leader>nf";
|
||||
lua = true;
|
||||
action = "function() require('neotest').run.run(vim.fn.expand('%')) end";
|
||||
}
|
||||
# LSP
|
||||
{
|
||||
mode = "n";
|
||||
key = "<M-CR>";
|
||||
action = ":Lspsaga code_action<CR>";
|
||||
}
|
||||
];
|
||||
|
||||
extraPlugins = with pkgs.vimPlugins; [
|
||||
FixCursorHold-nvim
|
||||
nvim-web-devicons
|
||||
nvim-nio
|
||||
nvim-surround
|
||||
];
|
||||
|
||||
extraConfigLua = "
|
||||
require('nvim-surround').setup()
|
||||
";
|
||||
|
||||
colorschemes.catppuccin = {
|
||||
enable = true;
|
||||
flavour = "frappe";
|
||||
};
|
||||
|
||||
plugins = {
|
||||
image = {
|
||||
enable = true;
|
||||
};
|
||||
bufferline.enable = true;
|
||||
nix.enable = true;
|
||||
luasnip.enable = true;
|
||||
typst-vim.enable = true;
|
||||
startup = {
|
||||
enable = true;
|
||||
theme = "my_theme";
|
||||
};
|
||||
obsidian = {
|
||||
enable = true;
|
||||
settings = {
|
||||
new_notes_location = "notes_subdir";
|
||||
daily_notes = {
|
||||
folder = "daily";
|
||||
};
|
||||
workspaces = [
|
||||
{
|
||||
name = "uni";
|
||||
path = "~/cloud/Documents/CESE/notes";
|
||||
}
|
||||
{
|
||||
name = "notes";
|
||||
path = "~/cloud/Notes";
|
||||
}
|
||||
];
|
||||
completion = {
|
||||
min_chars = 2;
|
||||
nvim_cmp = true;
|
||||
};
|
||||
picker.name = "telescope.nvim";
|
||||
note_id_func = ''
|
||||
function(title)
|
||||
-- Create note IDs in a Zettelkasten format with a timestamp and a suffix.
|
||||
-- In this case a note with the title 'My new note' will be given an ID that looks
|
||||
-- like '1657296016-my-new-note', and therefore the file name '1657296016-my-new-note.md'
|
||||
local suffix = ""
|
||||
if title ~= nil then
|
||||
-- If title is given, transform it into valid file name.
|
||||
suffix = title:gsub(" ", "-"):gsub("[^A-Za-z0-9-]", ""):lower()
|
||||
else
|
||||
-- If title is nil, just add 4 random uppercase letters to the suffix.
|
||||
for _ = 1, 4 do
|
||||
suffix = suffix .. string.char(math.random(65, 90))
|
||||
end
|
||||
end
|
||||
return tostring(os.time()) .. "-" .. suffix
|
||||
end
|
||||
'';
|
||||
};
|
||||
};
|
||||
fidget = {
|
||||
enable = true;
|
||||
progress = {
|
||||
ignoreDoneAlready = true;
|
||||
ignore = [ "ltex" ];
|
||||
display.doneTtl = 5;
|
||||
};
|
||||
notification = {
|
||||
overrideVimNotify = true;
|
||||
};
|
||||
};
|
||||
neotest = {
|
||||
enable = true;
|
||||
adapters = {
|
||||
plenary.enable = true;
|
||||
python.enable = true;
|
||||
rust = {
|
||||
enable = true;
|
||||
settings.args = [ "--no-capture" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
treesitter = {
|
||||
enable = true;
|
||||
nixGrammars = true;
|
||||
disabledLanguages = [ "latex" ];
|
||||
};
|
||||
# surround.enable = true;
|
||||
fugitive.enable = true;
|
||||
gitgutter.enable = true;
|
||||
|
||||
lualine = {
|
||||
enable = true;
|
||||
theme = "catppuccin";
|
||||
};
|
||||
|
||||
telescope = {
|
||||
enable = true;
|
||||
defaults.preview.ls_short = true;
|
||||
extensions.file-browser = {
|
||||
enable = true;
|
||||
hijackNetrw = true;
|
||||
dirIcon = "";
|
||||
};
|
||||
extensions.fzf-native.enable = true;
|
||||
extensions.fzf-native.fuzzy = true;
|
||||
extensions.frecency.enable = true;
|
||||
extraOptions = { };
|
||||
};
|
||||
comment-nvim.enable = true;
|
||||
none-ls = {
|
||||
enable = true;
|
||||
sources = {
|
||||
formatting = {
|
||||
nixfmt = {
|
||||
enable = true;
|
||||
package = pkgs.nixfmt-rfc-style;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
lsp = {
|
||||
enable = true;
|
||||
keymaps = {
|
||||
lspBuf = {
|
||||
K = "hover";
|
||||
gD = "references";
|
||||
gd = "definition";
|
||||
gi = "implementation";
|
||||
gt = "type_definition";
|
||||
"g=" = "format";
|
||||
};
|
||||
diagnostic = {
|
||||
"<leader>j" = "goto_next";
|
||||
"<leader>k" = "goto_prev";
|
||||
};
|
||||
};
|
||||
servers = {
|
||||
cssls.enable = true;
|
||||
nil_ls.enable = true; #NixOS
|
||||
dockerls.enable = true;
|
||||
rust-analyzer = {
|
||||
enable = true;
|
||||
installCargo = false;
|
||||
installRustc = false;
|
||||
};
|
||||
pyright.enable = true;
|
||||
pylsp = {
|
||||
enable = true;
|
||||
settings.plugins = {
|
||||
black = {
|
||||
enabled = true;
|
||||
cache_config = true;
|
||||
};
|
||||
pycodestyle = {
|
||||
maxLineLength = 100;
|
||||
};
|
||||
};
|
||||
};
|
||||
elixirls.enable = true;
|
||||
clangd.enable = true;
|
||||
yamlls.enable = true;
|
||||
lua-ls.enable = true;
|
||||
};
|
||||
};
|
||||
trouble.enable = true;
|
||||
lspkind.enable = true;
|
||||
lspsaga = {
|
||||
enable = true;
|
||||
lightbulb.enable = false;
|
||||
};
|
||||
nvim-lightbulb = {
|
||||
enable = true;
|
||||
settings = {
|
||||
autocmd.enabled = true;
|
||||
number.enabled = true;
|
||||
};
|
||||
};
|
||||
vimtex.enable = true;
|
||||
floaterm.enable = true;
|
||||
cmp = {
|
||||
enable = true;
|
||||
autoEnableSources = true;
|
||||
settings = {
|
||||
cmdline.":".sources = [ { name = "path"; } ];
|
||||
snippet.expand = "function(args) require('luasnip').lsp_expand(args.body) end";
|
||||
mapping = {
|
||||
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
|
||||
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
|
||||
"<CR>" = "cmp.mapping.confirm({ select = true })";
|
||||
"<C-Space>" = "cmp.mapping.complete()";
|
||||
"<C-e>" = "cmp.mapping.close()";
|
||||
};
|
||||
sources = [
|
||||
{ name = "nvim_lsp_signature_help"; }
|
||||
{ name = "path"; }
|
||||
{ name = "nvim_lsp"; }
|
||||
{ name = "luasnip"; }
|
||||
{
|
||||
name = "buffer";
|
||||
# Words from other open buffers can also be suggested.
|
||||
option.get_bufnrs.__raw = "vim.api.nvim_list_bufs";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,48 @@
|
|||
local pickers = require "telescope.pickers"
|
||||
local finders = require "telescope.finders"
|
||||
local conf = require("telescope.config").values
|
||||
local actions = require("telescope.actions")
|
||||
local action_state = require("telescope.actions.state")
|
||||
|
||||
local obsidian_commands = require("obsidian.commands").commands
|
||||
local results = {}
|
||||
for key, _ in pairs(obsidian_commands) do
|
||||
table.insert(results, string.sub(key, 9))
|
||||
end
|
||||
|
||||
Local = 100
|
||||
local Local = 3
|
||||
print(Local)
|
||||
|
||||
local obsidian_picker = function(opts)
|
||||
opts = opts or require("telescope.themes").get_dropdown{}
|
||||
pickers.new(opts, {
|
||||
prompt_title = "Obsidian",
|
||||
finder = finders.new_table {
|
||||
results = results,
|
||||
-- entry_maker = function(entry)
|
||||
-- return {
|
||||
-- value = entry,
|
||||
-- display = entry[1],
|
||||
-- ordinal = entry[1],
|
||||
-- }
|
||||
-- end
|
||||
},
|
||||
sorter = conf.generic_sorter(opts),
|
||||
attach_mappings = function(prompt_bufnr, map)
|
||||
actions.select_default:replace(function()
|
||||
actions.close(prompt_bufnr)
|
||||
local selection = action_state.get_selected_entry()
|
||||
vim.cmd(':Obsidian' .. selection[1])
|
||||
end)
|
||||
return true
|
||||
end,
|
||||
}):find()
|
||||
end
|
||||
|
||||
-- obsidian_picker()
|
||||
|
||||
return {
|
||||
obsidian_picker = obsidian_picker
|
||||
}
|
||||
|
|
@ -0,0 +1,75 @@
|
|||
local settings = {
|
||||
-- every line should be same width without escaped \
|
||||
header = {
|
||||
type = "text",
|
||||
oldfiles_directory = false,
|
||||
align = "center",
|
||||
fold_section = false,
|
||||
title = "Header",
|
||||
margin = 5,
|
||||
content = {
|
||||
" ███╗ ██╗ ███████╗ ██████╗ ██╗ ██╗ ██╗ ███╗ ███╗",
|
||||
" ████╗ ██║ ██╔════╝██╔═══██╗ ██║ ██║ ██║ ████╗ ████║",
|
||||
" ██╔██╗ ██║ █████╗ ██║ ██║ ██║ ██║ ██║ ██╔████╔██║",
|
||||
" ██║╚██╗██║ ██╔══╝ ██║ ██║ ╚██╗ ██╔╝ ██║ ██║╚██╔╝██║",
|
||||
" ██║ ╚████║ ███████╗╚██████╔╝ ╚████╔╝ ██║ ██║ ╚═╝ ██║",
|
||||
" ╚═╝ ╚═══╝ ╚══════╝ ╚═════╝ ╚═══╝ ╚═╝ ╚═╝ ╚═╝",
|
||||
},
|
||||
highlight = "Statement",
|
||||
default_color = "",
|
||||
oldfiles_amount = 0,
|
||||
},
|
||||
-- name which will be displayed and command
|
||||
body = {
|
||||
type = "mapping",
|
||||
oldfiles_directory = false,
|
||||
align = "center",
|
||||
fold_section = false,
|
||||
title = "Basic Commands",
|
||||
margin = 5,
|
||||
content = {
|
||||
{ " Find File", "Telescope find_files", "<leader>ff"},
|
||||
{ " Find Word ", "Telescope live_grep", "<leader>fg"},
|
||||
{ " Recent Files", "Telescope oldfiles", "<leader>fo"},
|
||||
{ " File Browser", "Telescope file_browser", "<leader>fs"},
|
||||
{ " New File", "lua require'startup'.new_file()", "<leader>nf"},
|
||||
},
|
||||
highlight = "String",
|
||||
default_color = "",
|
||||
oldfiles_amount = 0,
|
||||
},
|
||||
footer = {
|
||||
type = "text",
|
||||
oldfiles_directory = false,
|
||||
align = "center",
|
||||
fold_section = false,
|
||||
title = "Footer",
|
||||
margin = 5,
|
||||
content = { "bottom text" },
|
||||
highlight = "Number",
|
||||
default_color = "",
|
||||
oldfiles_amount = 0,
|
||||
},
|
||||
|
||||
options = {
|
||||
mapping_keys = true,
|
||||
cursor_column = 0.5,
|
||||
empty_lines_between_mappings = true,
|
||||
disable_statuslines = true,
|
||||
paddings = { 1, 3, 3, 0 },
|
||||
},
|
||||
mappings = {
|
||||
execute_command = "<CR>",
|
||||
open_file = "o",
|
||||
open_file_split = "<c-o>",
|
||||
open_section = "<TAB>",
|
||||
open_help = "?",
|
||||
},
|
||||
colors = {
|
||||
background = "#1f2227",
|
||||
folded_section = "#56b6c2",
|
||||
},
|
||||
parts = { "header", "body", "footer" },
|
||||
}
|
||||
return settings
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
local pickers = require "telescope.pickers"
|
||||
local finders = require "telescope.finders"
|
||||
local conf = require("telescope.config").values
|
||||
local actions = require("telescope.actions")
|
||||
local action_state = require("telescope.actions.state")
|
||||
|
||||
local obsidian_commands = require("obsidian.commands").commands
|
||||
local results = {}
|
||||
for key, _ in pairs(obsidian_commands) do
|
||||
table.insert(results, string.sub(key, 9))
|
||||
end
|
||||
|
||||
local obsidian_picker = function(opts)
|
||||
opts = opts or require("telescope.themes").get_dropdown {}
|
||||
pickers.new(opts, {
|
||||
prompt_title = "Obsidian",
|
||||
finder = finders.new_table {
|
||||
results = results,
|
||||
},
|
||||
sorter = conf.generic_sorter(opts),
|
||||
attach_mappings = function(prompt_bufnr, map)
|
||||
actions.select_default:replace(function()
|
||||
actions.close(prompt_bufnr)
|
||||
local selection = action_state.get_selected_entry()
|
||||
vim.cmd(':Obsidian' .. selection[1])
|
||||
end)
|
||||
return true
|
||||
end,
|
||||
}):find()
|
||||
end
|
||||
|
||||
|
||||
return {
|
||||
obsidian_picker = obsidian_picker
|
||||
}
|
|
@ -0,0 +1,44 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
with lib;
|
||||
let
|
||||
cfg = config.programs.v.rust;
|
||||
in
|
||||
{
|
||||
options.programs.v.rust.enable = mkEnableOption "rust";
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
home = {
|
||||
packages = with pkgs; [
|
||||
rustup
|
||||
cargo-binutils
|
||||
cargo-nextest
|
||||
cargo-msrv
|
||||
cargo-dist
|
||||
cargo-cross
|
||||
];
|
||||
|
||||
file.".cargo/config.toml".text = ''
|
||||
[registries.crates-io]
|
||||
protocol = "sparse"
|
||||
|
||||
[build]
|
||||
rustc-wrapper = "${pkgs.sccache}/bin/sccache"
|
||||
[profile.rust-analyzer]
|
||||
inherits = "dev"
|
||||
'';
|
||||
|
||||
# [target.'cfg(not(target_arch = "mips"))']
|
||||
# linker = "${pkgs.clang}/bin/clang"
|
||||
# rustflags = ["-C", "link-arg=-fuse-ld=${pkgs.mold}/bin/mold"]
|
||||
|
||||
|
||||
|
||||
sessionPath = [ "$HOME/.cargo/bin" ];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
{ ... }: {
|
||||
imports = [
|
||||
./meta.nix
|
||||
./nginx.nix
|
||||
./dns.nix
|
||||
./flood.nix
|
||||
./gnome
|
||||
./unpackerr.nix
|
||||
./vault.nix
|
||||
];
|
||||
}
|
|
@ -1,18 +1,22 @@
|
|||
{ config, pkgs, lib, hosts, flat_hosts, ... }:
|
||||
{ config, pkgs, lib, self, ... }:
|
||||
# DNS Module to set up Unbound DNS with all my hosts in the config
|
||||
# Used for DNS Servers and my laptop
|
||||
with lib;
|
||||
let
|
||||
inherit (builtins) filter hasAttr attrNames;
|
||||
domains = attrNames hosts;
|
||||
ipv4Host = filter (hasAttr "ip") flat_hosts;
|
||||
ipv6Hosts = filter (hasAttr "ip6") flat_hosts;
|
||||
inherit (builtins) filter attrValues;
|
||||
domains = [ "hades" "olympus" "thalassa" ];
|
||||
mapConfig = host: {
|
||||
inherit (host.config.networking) hostName domain;
|
||||
inherit (host.config.meta) ipv4 ipv6;
|
||||
};
|
||||
hosts = (map mapConfig (attrValues self.nixosConfigurations));
|
||||
ipv4Hosts = filter (v: v.ipv4 != null) hosts;
|
||||
ipv6Hosts = filter (v: v.ipv6 != null) hosts;
|
||||
|
||||
localData = { hostname, realm, ip, ... }: ''"${hostname}.${realm}. A ${ip}"'';
|
||||
local6Data = { hostname, realm, ip6, ... }:
|
||||
''"${hostname}.${realm}. AAAA ${ip6}"'';
|
||||
ptrData = { hostname, realm, ip, ... }: ''"${ip} ${hostname}.${realm}"'';
|
||||
ptr6Data = { hostname, realm, ip6, ... }: ''"${ip6} ${hostname}.${realm}"'';
|
||||
localData = { hostName, domain, ipv4, ... }: ''"${hostName}.${domain}. A ${ipv4}"'';
|
||||
local6Data = { hostName, domain, ipv6, ... }: ''"${hostName}.${domain}. AAAA ${ipv6}"'';
|
||||
ptrData = { hostName, domain, ipv4, ... }: ''"${ipv4} ${hostName}.${domain}"'';
|
||||
ptr6Data = { hostName, domain, ipv6, ... }: ''"${ipv6} ${hostName}.${domain}"'';
|
||||
|
||||
cfg = config.services.v.dns;
|
||||
in {
|
||||
|
@ -37,7 +41,7 @@ in {
|
|||
};
|
||||
|
||||
mode = mkOption {
|
||||
type = enum [ "server" "laptop" ];
|
||||
type = types.enum [ "server" "laptop" ];
|
||||
default = "laptop";
|
||||
description = ''
|
||||
Whether to configure the DNS in server mode (listen on all interfaces) or laptop mode (just on localhost)
|
||||
|
@ -69,8 +73,8 @@ in {
|
|||
|
||||
local-zone =
|
||||
map (localdomain: ''"${localdomain}}." transparent'') domains;
|
||||
local-data = (map localData ipv4Host) ++ (map local6Data ipv6Hosts);
|
||||
local-data-ptr = (map ptrData ipv4Host) ++ (map ptr6Data ipv6Hosts);
|
||||
local-data = (map localData ipv4Hosts) ++ (map local6Data ipv6Hosts);
|
||||
local-data-ptr = (map ptrData ipv4Hosts) ++ (map ptr6Data ipv6Hosts);
|
||||
|
||||
private-address = [
|
||||
"127.0.0.0/8"
|
|
@ -1,11 +1,14 @@
|
|||
{ config, pkgs, lib, inputs, ... }:
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib;
|
||||
let cfg = config.services.v.gnome;
|
||||
in {
|
||||
imports = [
|
||||
inputs.gnome-autounlock-keyring.nixosModules.default
|
||||
];
|
||||
|
||||
let
|
||||
cfg = config.services.v.gnome;
|
||||
in
|
||||
{
|
||||
options.services.v.gnome = {
|
||||
enable = mkEnableOption "v.gnome";
|
||||
hm = mkOption {
|
||||
|
@ -33,14 +36,14 @@ in {
|
|||
xserver = {
|
||||
enable = true;
|
||||
excludePackages = [ pkgs.xterm ];
|
||||
|
||||
# Configure keymap in X11
|
||||
|
||||
layout = "us";
|
||||
xkbVariant = "altgr-intl";
|
||||
xkb = {
|
||||
layout = "us";
|
||||
variant = "altgr-intl";
|
||||
};
|
||||
|
||||
# Enable the GNOME Desktop Environment.
|
||||
displayManager.gdm.enable = true;
|
||||
displayManager.gdm.enable = lib.mkDefault true;
|
||||
desktopManager.gnome.enable = true;
|
||||
};
|
||||
udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
|
||||
|
@ -53,12 +56,16 @@ in {
|
|||
# Add Home-manager dconf stuff
|
||||
home-manager.sharedModules = mkIf cfg.hm [ ./hm.nix ];
|
||||
environment.gnome.excludePackages =
|
||||
(with pkgs; [ gnome-photos gnome-tour gnome-connections ])
|
||||
(with pkgs; [
|
||||
gnome-photos
|
||||
gnome-tour
|
||||
gnome-connections
|
||||
])
|
||||
++ (with pkgs.gnome; [
|
||||
atomix # puzzle game
|
||||
epiphany # web browser
|
||||
geary # email reader
|
||||
gedit # text editor
|
||||
pkgs.gedit # text editor
|
||||
gnome-calendar
|
||||
gnome-clocks
|
||||
gnome-contacts
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
|
||||
with lib.hm.gvariant;
|
||||
let
|
||||
|
@ -34,29 +34,29 @@ in {
|
|||
"application/x-extension-html" = "firefox.desktop";
|
||||
|
||||
# Images
|
||||
"image/bmp" = "org.gnome.eog.desktop";
|
||||
"image/gif" = "org.gnome.eog.desktop";
|
||||
"image/jpg" = "org.gnome.eog.desktop";
|
||||
"image/pjpeg" = "org.gnome.eog.desktop";
|
||||
"image/png" = "org.gnome.eog.desktop";
|
||||
"image/tiff" = "org.gnome.eog.desktop";
|
||||
"image/webp" = "org.gnome.eog.desktop";
|
||||
"image/x-bmp" = "org.gnome.eog.desktop";
|
||||
"image/x-gray" = "org.gnome.eog.desktop";
|
||||
"image/x-icb" = "org.gnome.eog.desktop";
|
||||
"image/x-ico" = "org.gnome.eog.desktop";
|
||||
"image/x-png" = "org.gnome.eog.desktop";
|
||||
"image/x-portable-anymap" = "org.gnome.eog.desktop";
|
||||
"image/x-portable-bitmap" = "org.gnome.eog.desktop";
|
||||
"image/x-portable-graymap" = "org.gnome.eog.desktop";
|
||||
"image/x-portable-pixmap" = "org.gnome.eog.desktop";
|
||||
"image/x-xbitmap" = "org.gnome.eog.desktop";
|
||||
"image/x-xpixmap" = "org.gnome.eog.desktop";
|
||||
"image/x-pcx" = "org.gnome.eog.desktop";
|
||||
"image/svg+xml" = "org.gnome.eog.desktop";
|
||||
"image/svg+xml-compressed" = "org.gnome.eog.desktop";
|
||||
"image/vnd.wap.wbmp" = "org.gnome.eog.desktop";
|
||||
"image/x-icns" = "org.gnome.eog.desktop";
|
||||
"image/bmp" = "org.gnome.Loupe.desktop";
|
||||
"image/gif" = "org.gnome.Loupe.desktop";
|
||||
"image/jpg" = "org.gnome.Loupe.desktop";
|
||||
"image/pjpeg" = "org.gnome.Loupe.desktop";
|
||||
"image/png" = "org.gnome.Loupe.desktop";
|
||||
"image/tiff" = "org.gnome.Loupe.desktop";
|
||||
"image/webp" = "org.gnome.Loupe.desktop";
|
||||
"image/x-bmp" = "org.gnome.Loupe.desktop";
|
||||
"image/x-gray" = "org.gnome.Loupe.desktop";
|
||||
"image/x-icb" = "org.gnome.Loupe.desktop";
|
||||
"image/x-ico" = "org.gnome.Loupe.desktop";
|
||||
"image/x-png" = "org.gnome.Loupe.desktop";
|
||||
"image/x-portable-anymap" = "org.gnome.Loupe.desktop";
|
||||
"image/x-portable-bitmap" = "org.gnome.Loupe.desktop";
|
||||
"image/x-portable-graymap" = "org.gnome.Loupe.desktop";
|
||||
"image/x-portable-pixmap" = "org.gnome.Loupe.desktop";
|
||||
"image/x-xbitmap" = "org.gnome.Loupe.desktop";
|
||||
"image/x-xpixmap" = "org.gnome.Loupe.desktop";
|
||||
"image/x-pcx" = "org.gnome.Loupe.desktop";
|
||||
"image/svg+xml" = "org.gnome.Loupe.desktop";
|
||||
"image/svg+xml-compressed" = "org.gnome.Loupe.desktop";
|
||||
"image/vnd.wap.wbmp" = "org.gnome.Loupe.desktop";
|
||||
"image/x-icns" = "org.gnome.Loupe.desktop";
|
||||
};
|
||||
|
||||
dconf.settings = {
|
||||
|
@ -120,7 +120,7 @@ in {
|
|||
} // generate_custom_keybindings {
|
||||
"terminal" = {
|
||||
binding = "<Super>Return";
|
||||
command = "kgx";
|
||||
command = "${pkgs.kitty}/bin/kitty";
|
||||
name = "Open Terminal";
|
||||
};
|
||||
"firefox" = {
|
|
@ -0,0 +1,89 @@
|
|||
{ lib, config, ... }:
|
||||
with lib;
|
||||
let
|
||||
exposesOpts = {
|
||||
options = {
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
example = "<name>.example.com";
|
||||
description = lib.mdDoc ''
|
||||
The domain under which this service should be available
|
||||
'';
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 80;
|
||||
example = 4242;
|
||||
description = lib.mdDoc ''
|
||||
The port under which the service runs on the host
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
in {
|
||||
options.meta = {
|
||||
exposes = mkOption {
|
||||
type = with types; attrsOf (submodule exposesOpts);
|
||||
default = { };
|
||||
description = ''
|
||||
Exposed services
|
||||
'';
|
||||
};
|
||||
|
||||
ipv4 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
Host's IPv4 Address
|
||||
'';
|
||||
};
|
||||
|
||||
ipv6 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
Host's IPv6 address
|
||||
'';
|
||||
};
|
||||
|
||||
mac = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
Own MAC Address
|
||||
'';
|
||||
};
|
||||
|
||||
isLaptop = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = lib.mdDoc ''
|
||||
Is this host a Laptop (i.e. no DNS entries should be made).
|
||||
'';
|
||||
};
|
||||
|
||||
realm = mkOption {
|
||||
readOnly = true;
|
||||
type = types.nullOr (types.enum [ "thalassa" "hades" "olympus" ]);
|
||||
default = config.networking.domain;
|
||||
defaultText = literalExpression "config.network.domain";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
# TODO: Open Firewall
|
||||
|
||||
assertions = [
|
||||
{
|
||||
assertion = config.meta.mac != null;
|
||||
message =
|
||||
"${config.networking.fqdnOrHostName} is missing a mac address";
|
||||
}
|
||||
{
|
||||
assertion = !config.meta.isLaptop -> config.meta.ipv4 != null;
|
||||
message =
|
||||
"${config.networking.fqdnOrHostName} needs ipv4 address set as it is not a laptop";
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,5 +1,16 @@
|
|||
{ config, pkgs, lib, ... }: {
|
||||
imports = [ ./laura.nix ./vivian.nix ./jonathan.nix ];
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
./laura.nix
|
||||
./vivian.nix
|
||||
./jonathan.nix
|
||||
];
|
||||
programs = {
|
||||
|
||||
# Setup ZSH to use grml config
|
||||
|
@ -11,12 +22,16 @@
|
|||
interactiveShellInit = ''
|
||||
source "${pkgs.grml-zsh-config}/etc/zsh/zshrc"
|
||||
export FZF_DEFAULT_COMMAND="${pkgs.ripgrep}/bin/rg --files --follow"
|
||||
source "${pkgs.fzf}/share/fzf/key-bindings.zsh"
|
||||
source "${pkgs.fzf}/share/fzf/completion.zsh"
|
||||
export FZF_CTRL_T_COMMAND="$FZF_DEFAULT_COMMAND"
|
||||
export FZF_CTRL_R_COMMAND="$FZF_DEFAULT_COMMAND"
|
||||
eval "$(${pkgs.zoxide}/bin/zoxide init zsh)"
|
||||
eval "$(${pkgs.fzf}/bin/fzf --zsh)"
|
||||
|
||||
export TEMPDIRS="$HOME/tmp"
|
||||
source "${inputs.t.packages.${pkgs.system}.default}/bin/t-rs.sh"
|
||||
'';
|
||||
# otherwise it'll override the grml prompt
|
||||
promptInit = "";
|
||||
# promptInit = lib.mkDefault "";
|
||||
};
|
||||
|
||||
# Install Neovim and set it as alias for vi(m)
|
||||
|
@ -36,8 +51,7 @@
|
|||
# Configure the root account
|
||||
users.extraUsers.root = {
|
||||
# Allow my SSH keys for logging in as root.
|
||||
openssh.authorizedKeys.keys =
|
||||
config.users.extraUsers.vivian.openssh.authorizedKeys.keys;
|
||||
openssh.authorizedKeys.keys = config.users.extraUsers.vivian.openssh.authorizedKeys.keys;
|
||||
# Also use zsh for root
|
||||
shell = pkgs.zsh;
|
||||
};
|
||||
|
@ -54,6 +68,9 @@
|
|||
ripgrep
|
||||
rsync
|
||||
zoxide
|
||||
|
||||
# Terminfo
|
||||
pkgs.kitty.terminfo
|
||||
];
|
||||
|
||||
programs.tmux = {
|
||||
|
@ -66,6 +83,4 @@
|
|||
setw -g mouse on
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
}
|
|
@ -41,6 +41,5 @@
|
|||
homeDirectory = "/home/vivian";
|
||||
stateVersion = "23.05";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
1199
flake.lock
1199
flake.lock
File diff suppressed because it is too large
Load Diff
236
flake.nix
236
flake.nix
|
@ -6,7 +6,7 @@
|
|||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-unstable";
|
||||
nixpkgs_stable.url = "nixpkgs/nixos-23.05";
|
||||
flake-utils-plus.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.4.0";
|
||||
nur.url = "github:nix-community/NUR";
|
||||
colmena.url = "github:zhaofengli/colmena";
|
||||
deploy.url = "github:serokell/deploy-rs";
|
||||
|
@ -17,12 +17,6 @@
|
|||
home-manager.url = "github:nix-community/home-manager";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
riff.url = "github:DeterminateSystems/riff";
|
||||
|
||||
webcord.url = "github:fufexan/webcord-flake";
|
||||
|
||||
comma.url = "github:nix-community/comma";
|
||||
|
||||
mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
|
||||
mailserver.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
|
@ -33,132 +27,152 @@
|
|||
|
||||
nixos-hardware.url = "github:nixos/nixos-hardware";
|
||||
|
||||
lanzaboote = {
|
||||
url = "github:nix-community/lanzaboote";
|
||||
|
||||
# Optional but recommended to limit the size of your system closure.
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
lanzaboote.url = "github:nix-community/lanzaboote";
|
||||
lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git";
|
||||
vault-unseal.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
gnome-autounlock-keyring.url = "git+https://git.0x76.dev/v/gnome-autounlock-keyring.git";
|
||||
gnome-autounlock-keyring.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
t.url = "github:jdonszelmann/t-rs";
|
||||
t.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
attic.url = "github:zhaofengli/attic";
|
||||
attic.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
# Website(s)
|
||||
essentials.url = "github:jdonszelmann/essentials";
|
||||
essentials.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
outputs =
|
||||
{ self
|
||||
, nixpkgs
|
||||
, nixpkgs_stable
|
||||
, vault-secrets
|
||||
, colmena
|
||||
, nixos-generators
|
||||
, nur
|
||||
, attic
|
||||
, deploy
|
||||
, ...
|
||||
{
|
||||
self,
|
||||
nixpkgs,
|
||||
flake-utils-plus,
|
||||
nur,
|
||||
attic,
|
||||
deploy,
|
||||
home-manager,
|
||||
gnome-autounlock-keyring,
|
||||
lanzaboote,
|
||||
t,
|
||||
...
|
||||
}@inputs:
|
||||
let
|
||||
inherit (nixpkgs) lib;
|
||||
|
||||
util = import ./nixos/util.nix inputs;
|
||||
inherit (util) hosts flat_hosts nixHosts;
|
||||
|
||||
system = "x86_64-linux";
|
||||
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
config.allowUnfree = true;
|
||||
overlays = [ (import ./nixos/pkgs) vault-secrets.overlay nur.overlay ];
|
||||
};
|
||||
|
||||
pkgs_stable = import nixpkgs_stable {
|
||||
inherit system;
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
|
||||
# Define args each module gets access to (access to hosts is useful for DNS/DHCP)
|
||||
specialArgs = { inherit hosts flat_hosts inputs pkgs_stable; };
|
||||
|
||||
# Script to apply local colmena deployments
|
||||
pkgs = self.pkgs.x86_64-linux.nixpkgs;
|
||||
apply-local = pkgs.writeShellScriptBin "apply-local" ''
|
||||
"${
|
||||
colmena.packages.${system}.colmena
|
||||
}"/bin/colmena apply-local --sudo $@
|
||||
'';
|
||||
|
||||
fast-repl = pkgs.writeShellScriptBin "fast-repl" ''
|
||||
source /etc/set-environment
|
||||
nix repl --file "${./.}/repl.nix" $@
|
||||
nh os switch --ask
|
||||
'';
|
||||
in
|
||||
{
|
||||
# Make the nixosConfigurations for compat reasons (e.g. vault)
|
||||
nixosConfigurations =
|
||||
(import (inputs.colmena + "/src/nix/hive/eval.nix") {
|
||||
rawFlake = self;
|
||||
colmenaOptions =
|
||||
import (inputs.colmena + "/src/nix/hive/options.nix");
|
||||
colmenaModules =
|
||||
import (inputs.colmena + "/src/nix/hive/modules.nix");
|
||||
}).nodes;
|
||||
flake-utils-plus.lib.mkFlake {
|
||||
# `self` and `inputs` arguments are required
|
||||
inherit self inputs;
|
||||
|
||||
# Make the colmena configuration
|
||||
colmena = lib.foldr (el: acc: acc // util.mkColmenaHost el)
|
||||
{
|
||||
meta = {
|
||||
inherit specialArgs;
|
||||
nixpkgs = pkgs;
|
||||
};
|
||||
}
|
||||
nixHosts;
|
||||
# Supported systems, used for packages, apps, devShell and multiple other definitions. Defaults to `flake-utils.lib.defaultSystems`.
|
||||
supportedSystems = [ "x86_64-linux" ];
|
||||
|
||||
packages.${system} = {
|
||||
inherit apply-local;
|
||||
# Channels config
|
||||
channelsConfig = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
sharedOverlays = [
|
||||
(import ./pkgs)
|
||||
nur.overlay
|
||||
];
|
||||
|
||||
default = colmena.packages.${system}.colmena;
|
||||
# host defaults
|
||||
hostDefaults = {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
gnome-autounlock-keyring.nixosModules.default
|
||||
./common
|
||||
];
|
||||
|
||||
proxmox-lxc = nixos-generators.nixosGenerate {
|
||||
inherit system specialArgs;
|
||||
format = "proxmox-lxc";
|
||||
modules = util.base_imports
|
||||
++ [ (import ./nixos/templates/proxmox-lxc.nix) ];
|
||||
};
|
||||
|
||||
# Broken
|
||||
proxmox-vm = nixos-generators.nixosGenerate {
|
||||
inherit system specialArgs;
|
||||
format = "proxmox";
|
||||
modules = util.base_imports
|
||||
++ [ (import ./nixos/templates/proxmox-vm.nix) ];
|
||||
specialArgs = {
|
||||
inherit self inputs home-manager;
|
||||
};
|
||||
};
|
||||
|
||||
# Use by running `nix develop`
|
||||
devShells.${system}.default = pkgs.mkShell {
|
||||
VAULT_ADDR = "http://vault.olympus:8200/";
|
||||
buildInputs = with pkgs; [
|
||||
attic.packages.${pkgs.system}.attic
|
||||
apply-local
|
||||
colmena.packages.${system}.colmena
|
||||
deploy.packages.${system}.deploy-rs
|
||||
cachix
|
||||
deadnix
|
||||
statix
|
||||
nixfmt
|
||||
nixpkgs-fmt
|
||||
nixUnstable
|
||||
nil
|
||||
vault
|
||||
yamllint
|
||||
jq
|
||||
(vault-push-approle-envs self { })
|
||||
(vault-push-approles self { })
|
||||
fast-repl
|
||||
];
|
||||
# hosts
|
||||
hosts = {
|
||||
# TODO: Figure out why this is reversed, and how/why it sets the FQDN
|
||||
"olympus.bastion" = {
|
||||
modules = [
|
||||
./common/generic-vm.nix
|
||||
./hosts/olympus/bastion
|
||||
];
|
||||
};
|
||||
|
||||
aoife = {
|
||||
modules = [
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
./common/desktop
|
||||
./hosts/thalassa/aoife
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# deploy-rs
|
||||
deploy = {
|
||||
user = "root";
|
||||
nodes = {
|
||||
"bastion-olympus" = {
|
||||
hostname = "bastion.olympus";
|
||||
fastConnection = true;
|
||||
remoteBuild = true;
|
||||
profiles = {
|
||||
system = {
|
||||
path = deploy.lib.x86_64-linux.activate.nixos self.nixosConfigurations."olympus.bastion";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
aoife = {
|
||||
remoteBuild = true;
|
||||
fastConnection = true;
|
||||
hostname = "aoife";
|
||||
profiles.system.path = deploy.lib.x86_64-linux.activate.nixos self.nixosConfigurations.aoife;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Outputs
|
||||
outputsBuilder = channels: {
|
||||
devShells.default = channels.nixpkgs.mkShell {
|
||||
name = "devShell";
|
||||
VAULT_ADDR = "http://vault.olympus:8200/";
|
||||
FLAKE = "/home/vivian/src/infrastructure-new";
|
||||
packages = with pkgs; [
|
||||
attic.packages.${system}.attic
|
||||
apply-local
|
||||
deploy.packages.${system}.deploy-rs
|
||||
deadnix
|
||||
statix
|
||||
nixUnstable
|
||||
vault
|
||||
yamllint
|
||||
jq
|
||||
fup-repl
|
||||
nh
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# Checks
|
||||
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy.lib // {
|
||||
x86_64-linux.mac = pkgs.stdenvNoCC.mkDerivation {
|
||||
name = "mac check";
|
||||
src = self;
|
||||
dontBuild = true;
|
||||
doCheck = true;
|
||||
checkPhase = ''
|
||||
echo "Hello World"
|
||||
'';
|
||||
installPhase = "mkdir $out";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
old_cluster
|
|
@ -1,12 +0,0 @@
|
|||
# Kubernetes Cluster
|
||||
This is my personal Kubernetes Cluster. [Flux] watches this git repo and reconciles and changes made to the cluster.
|
||||
|
||||
## Bootstrap
|
||||
```sh
|
||||
flux bootstrap git --url ssh://gitea@git.0x76.dev:42/v/infrastructure.git --branch=main --path=flux/olympus/base --ssh-key-algorithm=ed25519
|
||||
```
|
||||
|
||||
## References
|
||||
Heavily inspired by: [onedr0p's cluster](https://github.com/onedr0p/home-cluster)
|
||||
|
||||
[Flux]: https://github.com/fluxcd/flux2
|
|
@ -1,15 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: weave-gitops
|
||||
namespace: flux-system
|
||||
spec:
|
||||
refreshInterval: "5m"
|
||||
secretStoreRef:
|
||||
name: vault
|
||||
kind: ClusterSecretStore
|
||||
target:
|
||||
name: oidc-auth
|
||||
dataFrom:
|
||||
- extract:
|
||||
key: flux-system/weave-gitops
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- rbac.yaml
|
||||
- external-secret.yaml
|
||||
- weave-gitops-dashboard.yaml
|
|
@ -1,76 +0,0 @@
|
|||
---
|
||||
# Admin cluster role
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: weave-admin
|
||||
rules:
|
||||
# Flux Resources
|
||||
- apiGroups: ["kustomize.toolkit.fluxcd.io"]
|
||||
resources: ["kustomizations"]
|
||||
verbs: ["get", "list", "patch"]
|
||||
- apiGroups: ["helm.toolkit.fluxcd.io"]
|
||||
resources: ["helmreleases"]
|
||||
verbs: ["get", "list", "patch"]
|
||||
- apiGroups: ["source.toolkit.fluxcd.io"]
|
||||
resources:
|
||||
[
|
||||
"buckets",
|
||||
"helmcharts",
|
||||
"gitrepositories",
|
||||
"helmrepositories",
|
||||
"ocirepositories",
|
||||
]
|
||||
verbs: ["get", "list", "patch"]
|
||||
- apiGroups: ["notification.toolkit.fluxcd.io"]
|
||||
resources: ["providers", "alerts"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["infra.contrib.fluxcd.io"]
|
||||
resources: ["terraforms"]
|
||||
verbs: ["get", "list", "patch"]
|
||||
# Resources managed via Flux
|
||||
- apiGroups: [""]
|
||||
resources:
|
||||
[
|
||||
"configmaps",
|
||||
"secrets",
|
||||
"pods",
|
||||
"services",
|
||||
"namespaces",
|
||||
"persistentvolumes",
|
||||
"persistentvolumeclaims",
|
||||
]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["apps"]
|
||||
resources: ["deployments", "replicasets", "statefulsets"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["batch"]
|
||||
resources: ["jobs", "cronjobs"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["autoscaling"]
|
||||
resources: ["horizontalpodautoscalers"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["rbac.authorization.k8s.io"]
|
||||
resources: ["roles", "clusterroles", "rolebindings", "clusterrolebindings"]
|
||||
verbs: ["get", "list"]
|
||||
- apiGroups: ["networking.k8s.io"]
|
||||
resources: ["ingresses"]
|
||||
verbs: ["get", "list"]
|
||||
# Feedback
|
||||
- apiGroups: [""]
|
||||
resources: ["events"]
|
||||
verbs: ["get", "watch", "list"]
|
||||
---
|
||||
# Bind the cluster admin role to admins
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: weave-admin
|
||||
subjects:
|
||||
- kind: User
|
||||
name: "victor@xirion.net"
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: weave-admin
|
||||
apiGroup: rbac.authorization.k8s.io
|
|
@ -1,48 +0,0 @@
|
|||
---
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
annotations:
|
||||
metadata.weave.works/description: This is the source location for the Weave GitOps
|
||||
Dashboard's helm chart.
|
||||
labels:
|
||||
app.kubernetes.io/component: ui
|
||||
app.kubernetes.io/created-by: weave-gitops-cli
|
||||
app.kubernetes.io/name: weave-gitops-dashboard
|
||||
app.kubernetes.io/part-of: weave-gitops
|
||||
name: ww-gitops
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1h0m0s
|
||||
type: oci
|
||||
url: oci://ghcr.io/weaveworks/charts
|
||||
---
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
annotations:
|
||||
metadata.weave.works/description: This is the Weave GitOps Dashboard. It provides
|
||||
a simple way to get insights into your GitOps workloads.
|
||||
name: ww-gitops
|
||||
namespace: flux-system
|
||||
spec:
|
||||
chart:
|
||||
spec:
|
||||
chart: weave-gitops
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: ww-gitops
|
||||
interval: 1h0m0s
|
||||
values:
|
||||
ingress:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: flux.0x76.dev
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
adminUser:
|
||||
create: true
|
||||
passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC
|
||||
username: admin
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- flux-system
|
||||
- services
|
||||
- websites
|
|
@ -1,4 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- renovate
|
|
@ -1,57 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: renovate
|
||||
namespace: services
|
||||
data:
|
||||
config.js: |-
|
||||
module.exports = {
|
||||
"binarySource": "install",
|
||||
"repositories": ["v/infrastructure"],
|
||||
"flux": {
|
||||
"fileMatch": ["flux/.+\\.ya?ml$"]
|
||||
},
|
||||
"helm-values": {
|
||||
"fileMatch": ["flux/.+\\.ya?ml$"]
|
||||
},
|
||||
"kubernetes": {
|
||||
"fileMatch": ["flux/.+\\.ya?ml$"]
|
||||
},
|
||||
"hostRules": [
|
||||
{
|
||||
"hostType": "docker",
|
||||
"matchHost": "ghcr.io",
|
||||
"username": "NULLx76",
|
||||
"password": process.env.GITHUB_COM_TOKEN
|
||||
}
|
||||
],
|
||||
"packageRules": [
|
||||
{
|
||||
"automerge": true,
|
||||
"automergeType": "branch",
|
||||
"matchUpdateTypes": ["minor", "patch", "pin", "digest"],
|
||||
"matchPackageNames": [
|
||||
"renovate/renovate"
|
||||
],
|
||||
"matchPackagePrefixes": [
|
||||
"git.0x76.dev"
|
||||
]
|
||||
}
|
||||
],
|
||||
// ignore individual fluxcd images
|
||||
"ignoreDeps": [
|
||||
"ghcr.io/fluxcd/helm-controller",
|
||||
"ghcr.io/fluxcd/image-automation-controller",
|
||||
"ghcr.io/fluxcd/image-reflector-controller",
|
||||
"ghcr.io/fluxcd/kustomize-controller",
|
||||
"ghcr.io/fluxcd/notification-controller",
|
||||
"ghcr.io/fluxcd/source-controller"
|
||||
],
|
||||
"regexManagers": [
|
||||
{
|
||||
"fileMatch": [".+\\.nix"],
|
||||
"matchStrings": ["image\\s*=\\s*\"(?<depName>.*?):(?<currentValue>.*?)\"\\s*;\\s*"],
|
||||
"datasourceTemplate": "docker"
|
||||
}
|
||||
]
|
||||
};
|
|
@ -1,46 +0,0 @@
|
|||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: renovate
|
||||
namespace: services
|
||||
spec:
|
||||
# Run every 8 hours
|
||||
schedule: "0 */8 * * *"
|
||||
concurrencyPolicy: Forbid
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
volumes:
|
||||
- name: config-volume
|
||||
configMap:
|
||||
name: renovate
|
||||
- name: work-volume
|
||||
emptyDir: {}
|
||||
containers:
|
||||
- name: renovate
|
||||
image: renovate/renovate:37.67.3
|
||||
volumeMounts:
|
||||
- name: config-volume
|
||||
mountPath: /opt/renovate/
|
||||
- name: work-volume
|
||||
mountPath: /tmp/renovate/
|
||||
env:
|
||||
- name: LOG_LEVEL
|
||||
value: debug
|
||||
- name: RENOVATE_ENDPOINT
|
||||
value: "https://git.0x76.dev/api/v1/"
|
||||
- name: RENOVATE_PLATFORM
|
||||
value: gitea
|
||||
- name: RENOVATE_AUTODISCOVER
|
||||
value: "false"
|
||||
- name: RENOVATE_GIT_AUTHOR
|
||||
value: "Renovate Bot <renovate@xirion.net>"
|
||||
- name: RENOVATE_CONFIG_FILE
|
||||
value: "/opt/renovate/config.js"
|
||||
- name: RENOVATE_BASE_DIR
|
||||
value: "/tmp/renovate"
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: renovate
|
||||
restartPolicy: Never
|
|
@ -1,21 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: renovate
|
||||
namespace: services
|
||||
spec:
|
||||
refreshInterval: "5m"
|
||||
secretStoreRef:
|
||||
name: vault
|
||||
kind: ClusterSecretStore
|
||||
target:
|
||||
name: renovate
|
||||
data:
|
||||
- secretKey: RENOVATE_TOKEN
|
||||
remoteRef:
|
||||
key: gitops/renovate
|
||||
property: gitea_token
|
||||
- secretKey: GITHUB_COM_TOKEN
|
||||
remoteRef:
|
||||
key: gitops/renovate
|
||||
property: github_token
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- external-secret.yaml
|
||||
- config.yaml
|
||||
- cronjob.yaml
|
|
@ -1,52 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: x76dev
|
||||
namespace: websites
|
||||
labels:
|
||||
app: x76dev
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: x76dev
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: x76dev
|
||||
spec:
|
||||
containers:
|
||||
- name: x76dev
|
||||
image: git.0x76.dev/v/0x76.dev:5
|
||||
ports:
|
||||
- containerPort: 80
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: x76dev
|
||||
namespace: websites
|
||||
spec:
|
||||
selector:
|
||||
app: x76dev
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: x76dev
|
||||
namespace: websites
|
||||
spec:
|
||||
rules:
|
||||
- host: "0x76.dev"
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: x76dev
|
||||
port:
|
||||
number: 80
|
|
@ -1,52 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: blog
|
||||
namespace: websites
|
||||
labels:
|
||||
app: blog
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: blog
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: blog
|
||||
spec:
|
||||
containers:
|
||||
- name: blog
|
||||
image: git.0x76.dev/v/blog.xirion.net:5
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: blog
|
||||
namespace: websites
|
||||
spec:
|
||||
selector:
|
||||
app: blog
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8080
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: blog
|
||||
namespace: websites
|
||||
spec:
|
||||
rules:
|
||||
- host: "blog.xirion.net"
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: blog
|
||||
port:
|
||||
number: 8080
|
|
@ -1,52 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: internal
|
||||
namespace: websites
|
||||
labels:
|
||||
app: internal
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: internal
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: internal
|
||||
spec:
|
||||
containers:
|
||||
- name: internal
|
||||
image: git.0x76.dev/v/internal.xirion.net:1
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: internal
|
||||
namespace: websites
|
||||
spec:
|
||||
selector:
|
||||
app: internal
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8080
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: internal
|
||||
namespace: websites
|
||||
spec:
|
||||
rules:
|
||||
- host: "internal.xirion.net"
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: internal
|
||||
port:
|
||||
number: 8080
|
|
@ -1,9 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
namespace: websites
|
||||
resources:
|
||||
- 0x76.yaml
|
||||
- internal.yaml
|
||||
- blog.yaml
|
||||
- xirion.yaml
|
|
@ -1,52 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: xirion
|
||||
namespace: websites
|
||||
labels:
|
||||
app: xirion
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: xirion
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: xirion
|
||||
spec:
|
||||
containers:
|
||||
- name: xirion
|
||||
image: git.0x76.dev/v/xirion.net:2
|
||||
ports:
|
||||
- containerPort: 80
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: xirion
|
||||
namespace: websites
|
||||
spec:
|
||||
selector:
|
||||
app: xirion
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: xirion
|
||||
namespace: websites
|
||||
spec:
|
||||
rules:
|
||||
- host: "xirion.net"
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: xirion
|
||||
port:
|
||||
number: 80
|
|
@ -1,15 +0,0 @@
|
|||
---
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: apps
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 10m0s
|
||||
dependsOn:
|
||||
- name: core
|
||||
path: ./flux/olympus/apps
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: flux-system
|
|
@ -1,13 +0,0 @@
|
|||
---
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: core
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 10m0s
|
||||
path: ./flux/olympus/core
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: flux-system
|
File diff suppressed because it is too large
Load Diff
|
@ -1,27 +0,0 @@
|
|||
# This manifest was generated by flux. DO NOT EDIT.
|
||||
---
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: GitRepository
|
||||
metadata:
|
||||
name: flux-system
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m0s
|
||||
ref:
|
||||
branch: main
|
||||
secretRef:
|
||||
name: flux-system
|
||||
url: ssh://gitea@git.0x76.dev:42/v/infrastructure.git
|
||||
---
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: flux-system
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 10m0s
|
||||
path: ./flux/olympus/base
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: flux-system
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- gotk-components.yaml
|
||||
- gotk-sync.yaml
|
||||
- repositories
|
|
@ -1,8 +0,0 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1beta2
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: external-secrets
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1h
|
||||
url: https://charts.external-secrets.io
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- external-secrets.yaml
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- helm
|
||||
|
|
@ -1 +0,0 @@
|
|||
vault-secret-id.yaml
|
|
@ -1,29 +0,0 @@
|
|||
---
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: external-secrets
|
||||
namespace: security
|
||||
spec:
|
||||
interval: 30m
|
||||
chart:
|
||||
spec:
|
||||
chart: external-secrets
|
||||
version: 0.9.9
|
||||
interval: 30m
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: external-secrets
|
||||
namespace: flux-system
|
||||
values:
|
||||
installCRDs: true
|
||||
replicaCount: 1
|
||||
leaderElect: true
|
||||
# serviceMonitor:
|
||||
# enabled: true
|
||||
# webhook:
|
||||
# serviceMonitor:
|
||||
# enabled: true
|
||||
# certController:
|
||||
# serviceMonitor:
|
||||
# enabled: true
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- helm-release.yaml
|
||||
- vault-secret-store.yaml
|
|
@ -1,7 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: vault-secret-id
|
||||
namespace: security
|
||||
data:
|
||||
secret-id: XXXXXX # Obtain by `vault write -f auth/approle/role/external-secrets/secret-id`
|
|
@ -1,27 +0,0 @@
|
|||
apiVersion: external-secrets.io/v1beta1
|
||||
kind: ClusterSecretStore
|
||||
metadata:
|
||||
name: vault
|
||||
namespace: security
|
||||
spec:
|
||||
provider:
|
||||
vault:
|
||||
server: "http://vault.olympus:8200"
|
||||
path: "k8s"
|
||||
version: "v2"
|
||||
auth:
|
||||
# VaultAppRole authenticates with Vault using the
|
||||
# App Role auth mechanism
|
||||
# https://www.vaultproject.io/docs/auth/approle
|
||||
appRole:
|
||||
# Path where the App Role authentication backend is mounted
|
||||
path: "approle"
|
||||
# RoleID configured in the App Role authentication backend
|
||||
# `vault read auth/approle/role/external-secrets/role-id`
|
||||
roleId: "bb841a0e-45c1-9dab-36f0-f72647d6aff0"
|
||||
# Reference to a key in a K8 Secret that contains the App Role SecretId
|
||||
# (not commited in git)
|
||||
secretRef:
|
||||
name: "vault-secret-id"
|
||||
namespace: "security"
|
||||
key: "secret-id"
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- namespaces
|
||||
- external-secrets
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- websites.yaml
|
||||
- security.yaml
|
||||
- services.yaml
|
|
@ -1,4 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: security
|
|
@ -1,4 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: services
|
|
@ -1,4 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: websites
|
|
@ -0,0 +1,12 @@
|
|||
# common container config
|
||||
{ lib, home-manager, ... }: {
|
||||
imports = [
|
||||
# ../../../../common/modules
|
||||
home-manager.nixosModules.home-manager # TODO: I don't like this
|
||||
];
|
||||
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
|
||||
networking.useHostResolvConf = lib.mkForce false;
|
||||
services.resolved.enable = true;
|
||||
|
||||
system.stateVersion = lib.mkDefault "24.05";
|
||||
}
|
|
@ -0,0 +1,33 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
hostAddress = "10.42.99.1";
|
||||
hostAddress6 = "fc00::1";
|
||||
in {
|
||||
# TODO: Loop over subdirs, create nixos container for each
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
internalInterfaces = [ "ve-+" ];
|
||||
externalInterface = "ens18";
|
||||
# Lazy IPv6 connectivity for the container
|
||||
enableIPv6 = true;
|
||||
|
||||
forwardPorts = [
|
||||
|
||||
];
|
||||
};
|
||||
|
||||
# Containers network is
|
||||
# * 10.42.99.0/24
|
||||
# * fc00:x
|
||||
|
||||
containers = {
|
||||
dns = {
|
||||
autoStart = true;
|
||||
inherit hostAddress hostAddress6;
|
||||
localAddress = "10.42.99.1";
|
||||
localAddress6 = "fc00::2";
|
||||
|
||||
config = ./dns.nix;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
{ ... }: {
|
||||
imports = [ ./common.nix ];
|
||||
services.v.dns = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
mode = "server";
|
||||
};
|
||||
}
|
|
@ -0,0 +1,39 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ pkgs, ... }: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
./containers
|
||||
# ./vms.nix
|
||||
];
|
||||
|
||||
programs.nix-ld.enable = true;
|
||||
|
||||
meta = {
|
||||
ipv4 = "10.42.42.4";
|
||||
ipv6 = "2001:41f0:9639:1:80f0:7cff:fecb:bd6d";
|
||||
mac = "82:F0:7C:CB:BD:6D";
|
||||
};
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
|
||||
virtualisation.podman.enable = true;
|
||||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ vault ];
|
||||
|
||||
networking.useNetworkd = true;
|
||||
}
|
|
@ -0,0 +1,25 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||
boot = {
|
||||
|
||||
initrd.availableKernelModules =
|
||||
[ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||
initrd.kernelModules = [ ];
|
||||
kernelModules = [ ];
|
||||
extraModulePackages = [ ];
|
||||
};
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
|
||||
|
||||
}
|
|
@ -0,0 +1,32 @@
|
|||
{ config, pkgs, inputs, ... }: {
|
||||
imports = [
|
||||
inputs.microvm.nixosModules.host
|
||||
];
|
||||
|
||||
microvm.vms = {
|
||||
test-vm = {
|
||||
inherit pkgs;
|
||||
|
||||
# (Optional) A set of special arguments to be passed to the MicroVM's NixOS modules.
|
||||
#specialArgs = {};
|
||||
|
||||
# The configuration for the MicroVM.
|
||||
# Multiple definitions will be merged as expected.
|
||||
config = {
|
||||
# It is highly recommended to share the host's nix-store
|
||||
# with the VMs to prevent building huge images.
|
||||
microvm.hypervisor = "crosvm";
|
||||
microvm.shares = [{
|
||||
source = "/nix/store";
|
||||
mountPoint = "/nix/.ro-store";
|
||||
tag = "ro-store";
|
||||
proto = "virtiofs";
|
||||
}];
|
||||
|
||||
# Any other configuration for your MicroVM
|
||||
# [...]
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
}
|
|
@ -2,13 +2,29 @@
|
|||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ inputs, lib, ... }: {
|
||||
{
|
||||
inputs,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-z
|
||||
./hardware.nix
|
||||
./uni.nix
|
||||
];
|
||||
|
||||
meta = {
|
||||
mac = "04:7b:cb:b6:2d:88";
|
||||
isLaptop = true;
|
||||
};
|
||||
|
||||
users.users.vivian.extraGroups = [ "adbusers" ];
|
||||
|
||||
security.pki.certificateFiles = [ ./domain.crt ];
|
||||
|
||||
# Bootloader.
|
||||
boot = {
|
||||
bootspec.enable = true;
|
||||
|
@ -29,11 +45,35 @@
|
|||
|
||||
home-manager.users.vivian = import ./home;
|
||||
|
||||
programs.nix-ld.enable = true;
|
||||
programs.nix-ld.libraries = with pkgs; [
|
||||
|
||||
# Add any missing dynamic libraries for unpackaged programs
|
||||
|
||||
# here, NOT in environment.systemPackages
|
||||
];
|
||||
|
||||
programs.hyprland.enable = true;
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
# services.gnome-autounlock-keyring = {
|
||||
# enable = true;
|
||||
# target = "hyprland-session.target";
|
||||
# };
|
||||
|
||||
services.interception-tools = {
|
||||
enable = true;
|
||||
plugins = [ pkgs.interception-tools-plugins.caps2esc ];
|
||||
udevmonConfig = ''
|
||||
- JOB: "${pkgs.interception-tools}/bin/intercept -g $DEVNODE | ${pkgs.interception-tools-plugins.caps2esc}/bin/caps2esc | ${pkgs.interception-tools}/bin/uinput -d $DEVNODE"
|
||||
DEVICE:
|
||||
EVENTS:
|
||||
EV_KEY: [KEY_CAPSLOCK, KEY_ESC]
|
||||
'';
|
||||
};
|
||||
|
||||
# Enable Ozone rendering for Chromium and Electron apps.
|
||||
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||
|
||||
# environment.sessionVariables.INFRA_INFO = self; # hosts.${config.networking.domain}.${config.networking.hostName};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
|
@ -0,0 +1,21 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDZTCCAk2gAwIBAgIUcCV6T0NduGa58qOcAhe9n8oOcEIwDQYJKoZIhvcNAQEL
|
||||
BQAwWzELMAkGA1UEBhMCTkwxFTATBgNVBAgMDFp1aWQtSG9sbGFuZDEOMAwGA1UE
|
||||
BwwFRGVsZnQxETAPBgNVBAoMCFRVIERlbGZ0MRIwEAYDVQQDDAlsb2NhbGhvc3Qw
|
||||
HhcNMjQwNDA1MDgyMDQxWhcNMjUwNDA1MDgyMDQxWjBbMQswCQYDVQQGEwJOTDEV
|
||||
MBMGA1UECAwMWnVpZC1Ib2xsYW5kMQ4wDAYDVQQHDAVEZWxmdDERMA8GA1UECgwI
|
||||
VFUgRGVsZnQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQAD
|
||||
ggEPADCCAQoCggEBAIcX6xGqorbXkIqtH0ek2L9YAc0ruKF7aTpY9q7n6EpD4OC1
|
||||
Q575fvnEqBsvKC74xh1AO58x7HLxAIWmy76UqUxJIQ7vtfCKxFDjBDhgitmnxWK1
|
||||
3QCrHwFS3MThqOq0zhK7AqnpzzdHsj9zfPWbrhP86m4uugIAund2YiSUPX7ZrSSO
|
||||
pY60bZiA2c3hJbqxg+NvNN1vZHEsPGaZHXMMrycw0bLOBoKPvbenl3ig23vsyRSO
|
||||
MwiJgLK/ztMI6r2KMJVZofjbu1Mz+WPzotKaCrSArSRF36BOzafyxqgO0h3Vqp4W
|
||||
Z6UpS1bFTpbJckz8LqNvlP/Z4mV5+1QyrwwN/iMCAwEAAaMhMB8wHQYDVR0OBBYE
|
||||
FOSRI3SKLWlk2RamJJwyyFlP9UnhMA0GCSqGSIb3DQEBCwUAA4IBAQARLh5z4Ius
|
||||
0kiejnMtzV5xAckbqbcultdEdGfjZciv3BM9C7DpEF5Nj8CbaK6TXrKh98bxQ6w+
|
||||
lPL/6LECkPhvHWRhTOsrhDV5h6eSPyV/TX4Jj127WnzA1LcjoEngUY97y6p/eBkE
|
||||
hZWepPPAhuEmu/ws1UmF8vrT4sc+nMKXrOTsqkdUKHh2JZuFby3+SHDkYX66ZxXK
|
||||
bQ3dEi6GyOkZIOuaNK+mS76yVanRU4k0A3dhIpW4pV6W12AAWioGaZv34uKVTp9E
|
||||
XgNhqDC39lU4rLp260NvuRywAKxvR7hKyWfmwak5lr0dZ9t4eufPI4jU5SD+aotq
|
||||
FVTMFwAKZO5v
|
||||
-----END CERTIFICATE-----
|
|
@ -1,28 +1,48 @@
|
|||
{ pkgs, ... }: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
pciutils
|
||||
usbutils
|
||||
lshw
|
||||
];
|
||||
|
||||
hardware = {
|
||||
enableAllFirmware = true;
|
||||
|
||||
bluetooth.enable = true;
|
||||
|
||||
# Vulkan
|
||||
opengl.driSupport = true;
|
||||
opengl.extraPackages = with pkgs; [
|
||||
amdvlk
|
||||
rocm-opencl-icd
|
||||
rocm-opencl-runtime
|
||||
];
|
||||
# OpenGL + Vulkan
|
||||
opengl = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
extraPackages = with pkgs; [
|
||||
amdvlk
|
||||
rocm-opencl-icd
|
||||
rocm-opencl-runtime
|
||||
mesa.drivers
|
||||
];
|
||||
};
|
||||
};
|
||||
services = {
|
||||
fwupd.enable = true;
|
||||
|
||||
hardware.bolt.enable = true;
|
||||
|
||||
fprintd.enable = true;
|
||||
fprintd = {
|
||||
enable = true;
|
||||
# fprintd test suite fails
|
||||
package = pkgs.fprintd.overrideAttrs {
|
||||
mesonCheckFlags = [
|
||||
"--no-suite"
|
||||
"fprintd:TestPamFprintd"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# Video Driver
|
||||
xserver.videoDrivers = [ "amdgpu" ];
|
||||
xserver = {
|
||||
dpi = 280;
|
||||
xkbOptions = "caps:swapescape";
|
||||
xkb.options = "caps:swapescape";
|
||||
};
|
||||
|
||||
# SSD Trim
|
|
@ -1,4 +1,10 @@
|
|||
{ pkgs, ... }: {
|
||||
imports = [
|
||||
./starship.nix
|
||||
./hyprland.nix
|
||||
];
|
||||
|
||||
|
||||
# Custom dconf settings
|
||||
dconf.settings."org/gnome/desktop/input-sources" = {
|
||||
xkb-options = [ "caps:swapescape" ];
|
||||
|
@ -10,7 +16,11 @@
|
|||
|
||||
home.packages = with pkgs; [
|
||||
libreoffice-fresh
|
||||
jetbrains.clion
|
||||
jetbrains.rust-rover
|
||||
eduvpn-client
|
||||
localsend
|
||||
obsidian
|
||||
typst
|
||||
prismlauncher
|
||||
];
|
||||
}
|
|
@ -0,0 +1,12 @@
|
|||
#!/bin/sh
|
||||
|
||||
if command -v pamixer &>/dev/null; then
|
||||
if [ true == $(pamixer --get-mute) ]; then
|
||||
echo 0
|
||||
exit
|
||||
else
|
||||
pamixer --get-volume
|
||||
fi
|
||||
else
|
||||
amixer -D pulse sget Master | awk -F '[^0-9]+' '/Left:/{print $3}'
|
||||
fi
|
|
@ -0,0 +1,15 @@
|
|||
#!/bin/sh
|
||||
|
||||
per="???"
|
||||
|
||||
if pamixer --get-mute | rg -q true; then
|
||||
icon="婢"
|
||||
elif [ "$per" -gt 66 ]; then
|
||||
icon="墳" # high
|
||||
elif [ "$per" -gt 33 ]; then
|
||||
icon="奔" # med
|
||||
else
|
||||
icon="奄" #low
|
||||
fi
|
||||
|
||||
printf "{\"icon\": \"${icon}\", \"percent\": \"${per}\"}"
|
|
@ -0,0 +1,341 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
terminal = "${config.programs.kitty.package}/bin/kitty -1";
|
||||
in
|
||||
{
|
||||
|
||||
home.packages = with pkgs; [
|
||||
v.hyprland-workspaces
|
||||
];
|
||||
|
||||
systemd.user.services.mako = {
|
||||
Install = {
|
||||
WantedBy = [ "hyprland-session.target" ];
|
||||
};
|
||||
Service = {
|
||||
Type = "dbus";
|
||||
BusName = "org.freedesktop.Notifications";
|
||||
|
||||
ExecCondition = ''
|
||||
${pkgs.bash}/bin/bash -c '[ -n "$WAYLAND_DISPLAY" ]'
|
||||
'';
|
||||
|
||||
ExecStart = ''
|
||||
${pkgs.mako}/bin/mako
|
||||
'';
|
||||
|
||||
ExecReload = ''
|
||||
${pkgs.mako}/bin/makoctl reload
|
||||
'';
|
||||
|
||||
Restart = "on-failure";
|
||||
RestartSec = 1;
|
||||
TimeoutStopSec = 10;
|
||||
};
|
||||
};
|
||||
|
||||
xdg.configFile."hypr/hyprpaper.conf".text =
|
||||
let
|
||||
wallpaper = "/home/vivian/cloud/Pictures/Wallpapers-Laptop/wallpaper-nix-pink.png";
|
||||
in
|
||||
''
|
||||
|
||||
'';
|
||||
|
||||
programs = {
|
||||
wofi = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
# eww = {
|
||||
# enable = true;
|
||||
# configDir = ./eww;
|
||||
# };
|
||||
|
||||
mako.enable = true;
|
||||
|
||||
waybar = {
|
||||
enable = true;
|
||||
style = ./waybar.css;
|
||||
settings = {
|
||||
mainBar = {
|
||||
layer = "top";
|
||||
position = "top";
|
||||
height = 30;
|
||||
modules-left = [ "hyprland/workspaces" ];
|
||||
modules-center = [ "clock" ];
|
||||
modules-right = [
|
||||
"wireplumber"
|
||||
"power-profiles-daemon"
|
||||
"network"
|
||||
"battery"
|
||||
];
|
||||
|
||||
wireplumber = {
|
||||
format = " {volume}%";
|
||||
format-muted = "";
|
||||
on-click = "${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_SINK@ toggle";
|
||||
};
|
||||
|
||||
network =
|
||||
let
|
||||
nmtui = pkgs.writeScriptBin "nmtui.sh" ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
unset COLORTERM
|
||||
TERM=xterm-old ${pkgs.networkmanager}/bin/nmtui
|
||||
'';
|
||||
in
|
||||
{
|
||||
format-wifi = " {essid} ({signalStrength}%)";
|
||||
format-ethernet = " {ifname}: {ipaddr}/{cidr}";
|
||||
format-disconnected = " ";
|
||||
tooltip-format = "{ifname}: {ipaddr}";
|
||||
on-click = "touch ~/a && ${terminal} --execute ${nmtui}/bin/nmtui.sh";
|
||||
};
|
||||
|
||||
power-profiles-daemon = {
|
||||
format = "{icon}";
|
||||
format-icons = {
|
||||
performance = "";
|
||||
balanced = "";
|
||||
power-saver = "";
|
||||
};
|
||||
};
|
||||
|
||||
battery = {
|
||||
states = {
|
||||
warning = 30;
|
||||
critical = 15;
|
||||
};
|
||||
|
||||
format = " {capacity}%";
|
||||
format-discharging = "{icon} {capacity}%";
|
||||
|
||||
format-icons = [
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
""
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
systemd = {
|
||||
enable = true;
|
||||
target = "hyprland-session.target";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.hyprland =
|
||||
let
|
||||
toggle_mirror = pkgs.writeScriptBin "toggle_mirror.sh" ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
if [ $(hyprctl monitors all -j | ${pkgs.jq}/bin/jq '.[1].activeWorkspace.id') = '-1' ]; then
|
||||
hyprctl keyword monitor ",preferred,auto,1"
|
||||
else
|
||||
hyprctl keyword monitor ",preferred,auto,1,mirror,eDP-1"
|
||||
fi
|
||||
'';
|
||||
startup = pkgs.writeScriptBin "startup.sh" ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
firefox &
|
||||
discord &
|
||||
|
||||
# start keyring, then unlock it, then start Element
|
||||
gnome-keyring-daemon -r -d && ${
|
||||
inputs.gnome-autounlock-keyring.packages.${pkgs.system}.default
|
||||
}/bin/gnome-autounlock-keyring unlock && element-desktop &
|
||||
'';
|
||||
hyprpaper-conf =
|
||||
let
|
||||
wallpaper = ../../../../assets/wallpaper-nix-pink.png;
|
||||
in
|
||||
pkgs.writeText "hyprpaper.conf" ''
|
||||
preload = ${wallpaper}
|
||||
wallpaper = eDP-1,${wallpaper}
|
||||
|
||||
splash = false
|
||||
ipc = off
|
||||
'';
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
systemd.enable = true;
|
||||
|
||||
settings =
|
||||
let
|
||||
inherit (builtins) genList concatLists toString;
|
||||
wpctl = "${pkgs.wireplumber}/bin/wpctl";
|
||||
brightnessctl = "${pkgs.brightnessctl}/bin/brightnessctl";
|
||||
menu = "${config.programs.wofi.package}/bin/wofi --show run,drun";
|
||||
fileManager = "${pkgs.gnome.nautilus}/bin/nautilus";
|
||||
in
|
||||
{
|
||||
"$mod" = "SUPER";
|
||||
exec-once = [
|
||||
"${pkgs.hyprpaper}/bin/hyprpaper -c ${hyprpaper-conf}"
|
||||
"${startup}/bin/startup.sh"
|
||||
];
|
||||
monitor = [
|
||||
"eDP-1, 3840x2400@60,0x0,2"
|
||||
",highres,auto,1"
|
||||
];
|
||||
input = {
|
||||
touchpad.natural_scroll = true;
|
||||
};
|
||||
general = {
|
||||
gaps_in = 5;
|
||||
gaps_out = 10;
|
||||
border_size = 2;
|
||||
"col.active_border" = "rgba(8caaeeee) rgba(a6d189ee) 45deg";
|
||||
"col.inactive_border" = "rgba(303446aa)";
|
||||
layout = "dwindle";
|
||||
# Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on
|
||||
allow_tearing = false;
|
||||
};
|
||||
group = {
|
||||
"col.border_active" = "rgba(babbf1ee) rgba(f4b8e4ee) 45deg";
|
||||
"col.border_inactive" = "rgba(232634aa)";
|
||||
|
||||
groupbar = {
|
||||
font_size = 16;
|
||||
"col.active" = "rgba(babbf1aa)";
|
||||
"col.inactive" = "rgba(414559aa)";
|
||||
text_color = "rgba(81c8beee)";
|
||||
};
|
||||
};
|
||||
decoration = {
|
||||
rounding = 10;
|
||||
|
||||
blur = {
|
||||
enabled = true;
|
||||
size = 3;
|
||||
passes = 1;
|
||||
};
|
||||
|
||||
drop_shadow = "yes";
|
||||
shadow_range = 4;
|
||||
shadow_render_power = 3;
|
||||
"col.shadow" = "rgba(1a1a1aee)";
|
||||
};
|
||||
animations = {
|
||||
enabled = "yes";
|
||||
|
||||
bezier = "myBezier, 0.05, 0.9, 0.1, 1.05";
|
||||
|
||||
animation = [
|
||||
"windows, 1, 7, myBezier"
|
||||
"windowsOut, 1, 7, default, popin 80%"
|
||||
"border, 1, 10, default"
|
||||
"borderangle, 1, 8, default"
|
||||
"fade, 1, 7, default"
|
||||
"workspaces, 1, 6, default"
|
||||
];
|
||||
};
|
||||
dwindle = {
|
||||
preserve_split = "yes";
|
||||
pseudotile = "yes";
|
||||
};
|
||||
gestures.workspace_swipe = true;
|
||||
|
||||
misc = {
|
||||
force_default_wallpaper = 2;
|
||||
disable_splash_rendering = true;
|
||||
disable_hyprland_logo = true;
|
||||
disable_autoreload = true;
|
||||
};
|
||||
|
||||
windowrulev2 = [
|
||||
"suppressevent maximize, class:.* # You'll probably like this."
|
||||
"workspace 1 silent, class:^(Element)$"
|
||||
"workspace 1 silent, class:^(discord)$"
|
||||
"group, class:^(Element|discord)$,workspace:1"
|
||||
"workspace 2 silent, class:^(firefox)$"
|
||||
"float,class:^(firefox)$,title:^(Picture-in-Picture)$"
|
||||
];
|
||||
|
||||
# l -> works when screen is locked
|
||||
# e -> repeats when held
|
||||
bindel = [
|
||||
",XF86AudioRaiseVolume,exec,${wpctl} set-volume @DEFAULT_AUDIO_SINK@ 5%+"
|
||||
",XF86AudioLowerVolume,exec,${wpctl} set-volume @DEFAULT_AUDIO_SINK@ 5%-"
|
||||
",XF86MonBrightnessUp,exec,${brightnessctl} -q s +5%"
|
||||
",XF86MonBrightnessDown,exec,${brightnessctl} -q s 5%-"
|
||||
];
|
||||
|
||||
bindl = [ ",XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" ];
|
||||
|
||||
bind =
|
||||
[
|
||||
"$mod, RETURN, exec, ${terminal}"
|
||||
"$mod, Q, killactive,"
|
||||
"$mod SHIFT, escape, exit,"
|
||||
"$mod, E, exec, ${fileManager}"
|
||||
"$mod, V, togglefloating,"
|
||||
"$mod, D, exec, ${menu}"
|
||||
"$mod, P, pseudo, # dwindle"
|
||||
"$mod, J, togglesplit, # dwindle"
|
||||
"$mod,m,fullscreen"
|
||||
|
||||
# Move focus with arrow keys
|
||||
"$mod, left, movefocus, l"
|
||||
"$mod, right, movefocus, r"
|
||||
"$mod, up, movefocus, u"
|
||||
"$mod, down, movefocus, d"
|
||||
|
||||
# Scratch workspace
|
||||
"$mod, S, togglespecialworkspace, magic"
|
||||
"$mod SHIFT, S, movetoworkspace, special:magic"
|
||||
# Groups aka Tabs
|
||||
"$mod,g,togglegroup"
|
||||
"$mod,tab,changegroupactive"
|
||||
|
||||
# PrintScreen
|
||||
",Print,exec,${pkgs.grimblast}/bin/grimblast copysave area /home/vivian/cloud/Pictures/Screenshots/$(date --iso=seconds).png"
|
||||
# Toggle Mirror for external displays on/off
|
||||
",XF86Display,exec,${toggle_mirror}/bin/toggle_mirror.sh"
|
||||
]
|
||||
++ (
|
||||
# workspaces
|
||||
# binds $mod + [shift +] {1..10} to [move to] workspace {1..10}
|
||||
concatLists (
|
||||
genList (
|
||||
x:
|
||||
let
|
||||
ws =
|
||||
let
|
||||
c = (x + 1) / 10;
|
||||
in
|
||||
toString (x + 1 - (c * 10));
|
||||
in
|
||||
[
|
||||
"$mod, ${ws}, workspace, ${toString (x + 1)}"
|
||||
"$mod SHIFT, ${ws}, movetoworkspacesilent, ${toString (x + 1)}"
|
||||
]
|
||||
) 10
|
||||
)
|
||||
|
||||
);
|
||||
|
||||
# Bind mouse
|
||||
bindm = [
|
||||
# Move/resize windows with mod + LMB/RMB and dragging
|
||||
"$mod, mouse:272, movewindow"
|
||||
"$mod, mouse:273, resizewindow"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -0,0 +1,17 @@
|
|||
{ pkgs, config, ...}:
|
||||
let
|
||||
starshipNerdFont = pkgs.runCommand "starship-nerd-font.toml" { STARSHIP_CACHE = "/tmp"; } ''
|
||||
${config.programs.starship.package}/bin/starship preset nerd-font-symbols > $out
|
||||
'';
|
||||
in{
|
||||
programs.starship = {
|
||||
enable = true;
|
||||
enableZshIntegration = true;
|
||||
enableFishIntegration = true;
|
||||
enableNushellIntegration = true;
|
||||
|
||||
settings = {
|
||||
nix_shell.heuristic = true;
|
||||
} // builtins.fromTOML (builtins.readFile starshipNerdFont);
|
||||
};
|
||||
}
|
|
@ -0,0 +1,125 @@
|
|||
/* Catppucin Frappe */
|
||||
@define-color base #303446;
|
||||
@define-color mantle #292c3c;
|
||||
@define-color crust #232634;
|
||||
|
||||
@define-color text #c6d0f5;
|
||||
@define-color subtext0 #a5adce;
|
||||
@define-color subtext1 #b5bfe2;
|
||||
|
||||
@define-color surface0 #414559;
|
||||
@define-color surface1 #51576d;
|
||||
@define-color surface2 #626880;
|
||||
|
||||
@define-color overlay0 #737994;
|
||||
@define-color overlay1 #838ba7;
|
||||
@define-color overlay2 #949cbb;
|
||||
|
||||
@define-color blue #8caaee;
|
||||
@define-color lavender #babbf1;
|
||||
@define-color sapphire #85c1dc;
|
||||
@define-color sky #99d1db;
|
||||
@define-color teal #81c8be;
|
||||
@define-color green #a6d189;
|
||||
@define-color yellow #e5c890;
|
||||
@define-color peach #ef9f76;
|
||||
@define-color maroon #ea999c;
|
||||
@define-color red #e78284;
|
||||
@define-color mauve #ca9ee6;
|
||||
@define-color pink #f4b8e4;
|
||||
@define-color flamingo #eebebe;
|
||||
@define-color rosewater #f2d5cf;
|
||||
|
||||
|
||||
window {
|
||||
border: none;
|
||||
font-family: DejaVuSansM Nerd Font, sans-serif;
|
||||
font-size: 13px;
|
||||
color: @text;
|
||||
}
|
||||
|
||||
window#waybar {
|
||||
color: @text;
|
||||
background-color: rgba(0, 0, 0, 0);
|
||||
transition-property: background-color;
|
||||
transition-duration: 0.5s;
|
||||
transition-duration: .5s;
|
||||
}
|
||||
|
||||
window#waybar.hidden {
|
||||
opacity: 0.2;
|
||||
}
|
||||
|
||||
#workspaces {
|
||||
/* background: @overlay0; */
|
||||
}
|
||||
|
||||
#workspaces button {
|
||||
color: @text;
|
||||
/* background: @background3; */
|
||||
/* margin: 7px 5px 10px 5px; */
|
||||
}
|
||||
|
||||
#workspaces button:hover {
|
||||
background: @surface0;
|
||||
color: @text;
|
||||
}
|
||||
|
||||
#workspaces button.active {
|
||||
color: @crust;
|
||||
background: @overlay2;
|
||||
border: none;
|
||||
}
|
||||
|
||||
#clock,
|
||||
#battery,
|
||||
#network,
|
||||
#power-profiles-daemon,
|
||||
#wireplumber {
|
||||
padding: 0px 20px;
|
||||
border-radius: 8px;
|
||||
margin-left: 5px;
|
||||
color: @crust;
|
||||
}
|
||||
|
||||
#wireplumber {
|
||||
padding: 0px 20px 0px 17px;
|
||||
background-color: @teal;
|
||||
}
|
||||
|
||||
#network {
|
||||
padding: 0px 15px 0px 20px;
|
||||
background-color: @green;
|
||||
}
|
||||
|
||||
#battery {
|
||||
background-color: @lavender;
|
||||
}
|
||||
|
||||
#clock {
|
||||
background-color: @pink;
|
||||
}
|
||||
|
||||
#power-profiles-daemon {
|
||||
background-color: @mauve;
|
||||
}
|
||||
|
||||
@keyframes blink {
|
||||
to {
|
||||
background-color: rgba(30, 34, 42, 0.5);
|
||||
color: #abb2bf;
|
||||
}
|
||||
}
|
||||
|
||||
#battery.critical:not(.charging) {
|
||||
color: #f53c3c;
|
||||
animation-name: blink;
|
||||
animation-duration: 0.5s;
|
||||
animation-timing-function: linear;
|
||||
animation-iteration-count: infinite;
|
||||
animation-direction: alternate;
|
||||
}
|
||||
|
||||
label:focus {
|
||||
background-color: #000000;
|
||||
}
|
|
@ -0,0 +1,38 @@
|
|||
# Config options needed for various university courses, such as:
|
||||
# * Wireless IoT and Local Area Networks
|
||||
# * Network Security
|
||||
# * Smart Phone Sensing
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
android-studio
|
||||
docker-compose
|
||||
bridge-utils
|
||||
nettools
|
||||
wget
|
||||
];
|
||||
|
||||
programs.wireshark.enable = true;
|
||||
programs.wireshark.package = pkgs.wireshark;
|
||||
|
||||
virtualisation.lxc.enable = false;
|
||||
virtualisation.lxd.enable = false;
|
||||
|
||||
virtualisation.podman.enable = false;
|
||||
virtualisation.docker.enable = true;
|
||||
virtualisation.docker.storageDriver = "btrfs";
|
||||
|
||||
users.extraUsers.vivian.extraGroups = [
|
||||
"wireshark"
|
||||
"docker"
|
||||
"lxd"
|
||||
];
|
||||
|
||||
programs.nix-ld = {
|
||||
enable = true;
|
||||
package = pkgs.nix-ld-rs;
|
||||
libraries = [
|
||||
|
||||
];
|
||||
};
|
||||
}
|
|
@ -30,8 +30,7 @@ let
|
|||
|
||||
exec Hyprland
|
||||
'';
|
||||
in
|
||||
{
|
||||
in {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
|
@ -46,6 +45,7 @@ in
|
|||
users.vivian = import ./home;
|
||||
extraSpecialArgs = { inherit inputs; };
|
||||
};
|
||||
|
||||
security = {
|
||||
|
||||
pam.services.swaylock = { };
|
||||
|
@ -106,7 +106,6 @@ in
|
|||
kernel.sysctl = { "fs.inotify.max_user_watches" = 524288; };
|
||||
};
|
||||
services = {
|
||||
|
||||
gnome.gnome-keyring.enable = true;
|
||||
|
||||
udisks2.enable = true;
|
|
@ -1,15 +1,25 @@
|
|||
{ config, pkgs, inputs, texlive, ... }:
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
inputs,
|
||||
texlive,
|
||||
...
|
||||
}:
|
||||
let
|
||||
tex = pkgs.texlive.combine {
|
||||
inherit (pkgs.texlive) scheme-full;
|
||||
dnd-5e-latex-template = { pkgs = [ pkgs.v.dnd-5e-latex-template ]; };
|
||||
dnd-5e-latex-template = {
|
||||
pkgs = [ pkgs.v.dnd-5e-latex-template ];
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
programs = {
|
||||
home-manager.enable = true;
|
||||
|
||||
foot = { enable = true; };
|
||||
foot = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
nix-index.enable = true;
|
||||
|
||||
|
@ -64,18 +74,142 @@ in
|
|||
"latex.outDir" = "%TMPDIR%/%RELATIVE_DOC%";
|
||||
};
|
||||
"workbench.colorTheme" = "Catppuccin Frappé";
|
||||
"editor.fontFamily" =
|
||||
"'DejaVuSansMono Nerd Font', 'monospace', monospace";
|
||||
"editor.fontFamily" = "'DejaVuSansMono Nerd Font', 'monospace', monospace";
|
||||
"keyboard.dispatch" = "keyCode";
|
||||
"rust-analyzer.server.path" = "${pkgs.rust-analyzer}/bin/rust-analyzer";
|
||||
"terminal.integrated.defaultProfile.linux" = "zsh";
|
||||
"nix.enableLanguageServer" = true; # Enable LSP.
|
||||
"nix.serverPath" =
|
||||
"${pkgs.nil}/bin/nil"; # The path to the LSP server executable.
|
||||
"[nix]" = { "editor.defaultFormatter" = "brettm12345.nixfmt-vscode"; };
|
||||
"nix.serverPath" = "${pkgs.nil}/bin/nil"; # The path to the LSP server executable.
|
||||
"[nix]" = {
|
||||
"editor.defaultFormatter" = "brettm12345.nixfmt-vscode";
|
||||
};
|
||||
"latex-workshop.latex.tools" = [
|
||||
{
|
||||
"name" = "latexmk";
|
||||
"command" = "latexmk";
|
||||
"args" = [
|
||||
"-shell-escape"
|
||||
"-synctex=1"
|
||||
"-interaction=nonstopmode"
|
||||
"-file-line-error"
|
||||
"-pdf"
|
||||
"-outdir=%OUTDIR%"
|
||||
"%DOC%"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "lualatexmk";
|
||||
"command" = "latexmk";
|
||||
"args" = [
|
||||
"-synctex=1"
|
||||
"-interaction=nonstopmode"
|
||||
"-file-line-error"
|
||||
"-lualatex"
|
||||
"-outdir=%OUTDIR%"
|
||||
"%DOC%"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "xelatexmk";
|
||||
"command" = "latexmk";
|
||||
"args" = [
|
||||
"-synctex=1"
|
||||
"-interaction=nonstopmode"
|
||||
"-file-line-error"
|
||||
"-xelatex"
|
||||
"-outdir=%OUTDIR%"
|
||||
"%DOC%"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "latexmk_rconly";
|
||||
"command" = "latexmk";
|
||||
"args" = [ "%DOC%" ];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "pdflatex";
|
||||
"command" = "pdflatex";
|
||||
"args" = [
|
||||
"-synctex=1"
|
||||
"-interaction=nonstopmode"
|
||||
"-file-line-error"
|
||||
"%DOC%"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "bibtex";
|
||||
"command" = "bibtex";
|
||||
"args" = [ "%DOCFILE%" ];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "rnw2tex";
|
||||
"command" = "Rscript";
|
||||
"args" = [
|
||||
"-e"
|
||||
"knitr==opts_knit$set(concordance = TRUE); knitr==knit('%DOCFILE_EXT%')"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "jnw2tex";
|
||||
"command" = "julia";
|
||||
"args" = [
|
||||
"-e"
|
||||
"using Weave; weave(\"%DOC_EXT%\"; doctype=\"tex\")"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "jnw2texminted";
|
||||
"command" = "julia";
|
||||
"args" = [
|
||||
"-e"
|
||||
"using Weave; weave(\"%DOC_EXT%\"; doctype=\"texminted\")"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "pnw2tex";
|
||||
"command" = "pweave";
|
||||
"args" = [
|
||||
"-f"
|
||||
"tex"
|
||||
"%DOC_EXT%"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "pnw2texminted";
|
||||
"command" = "pweave";
|
||||
"args" = [
|
||||
"-f"
|
||||
"texminted"
|
||||
"%DOC_EXT%"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
{
|
||||
"name" = "tectonic";
|
||||
"command" = "tectonic";
|
||||
"args" = [
|
||||
"--synctex"
|
||||
"--keep-logs"
|
||||
"%DOC%.tex"
|
||||
];
|
||||
"env" = { };
|
||||
}
|
||||
];
|
||||
};
|
||||
extensions = with pkgs.vscode-extensions;
|
||||
with pkgs.v.vscode-extensions; [
|
||||
extensions =
|
||||
with pkgs.vscode-extensions;
|
||||
with pkgs.v.vscode-extensions;
|
||||
[
|
||||
# astro-build.astro-vscode
|
||||
brettm12345.nixfmt-vscode
|
||||
catppuccin.catppuccin-vsc
|
||||
|
@ -99,12 +233,16 @@ in
|
|||
|
||||
direnv = {
|
||||
enable = true;
|
||||
nix-direnv = { enable = true; };
|
||||
nix-direnv = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
zsh = {
|
||||
enable = true;
|
||||
sessionVariables = { DIRENV_LOG_FORMAT = ""; };
|
||||
sessionVariables = {
|
||||
DIRENV_LOG_FORMAT = "";
|
||||
};
|
||||
};
|
||||
};
|
||||
home = {
|
||||
|
@ -128,8 +266,7 @@ in
|
|||
gnome.gnome-font-viewer
|
||||
gnome.nautilus
|
||||
grim # Screenshot tool
|
||||
inputs.comma.packages.${pkgs.system}.default
|
||||
inputs.riff.packages.${pkgs.system}.riff
|
||||
# inputs.comma.packages.${pkgs.system}.default
|
||||
inputs.webcord.packages.${pkgs.system}.default
|
||||
k9s
|
||||
kubectl
|
||||
|
@ -159,13 +296,20 @@ in
|
|||
];
|
||||
};
|
||||
|
||||
imports = [ ./hyprland.nix ./neovim.nix ./eww ./theme.nix ];
|
||||
imports = [
|
||||
./hyprland.nix
|
||||
./neovim.nix
|
||||
./eww
|
||||
./theme.nix
|
||||
];
|
||||
|
||||
xdg.mimeApps = {
|
||||
enable = true;
|
||||
defaultApplications =
|
||||
let browser = [ "firefox.desktop" ];
|
||||
in {
|
||||
let
|
||||
browser = [ "firefox.desktop" ];
|
||||
in
|
||||
{
|
||||
"image/*" = "org.gnome.eog.desktop";
|
||||
"text/html" = browser;
|
||||
"x-scheme-handler/http" = browser;
|
||||
|
@ -189,8 +333,10 @@ in
|
|||
};
|
||||
|
||||
xdg.userDirs =
|
||||
let home = config.home.homeDirectory;
|
||||
in {
|
||||
let
|
||||
home = config.home.homeDirectory;
|
||||
in
|
||||
{
|
||||
enable = true;
|
||||
createDirectories = true;
|
||||
desktop = "${home}/.desktop";
|
|
@ -0,0 +1,138 @@
|
|||
$light-gray: #9699b7;
|
||||
|
||||
* {
|
||||
all: unset; //Unsets everything so you can style everything from scratch
|
||||
font-family: "JetBrainsMono"
|
||||
}
|
||||
|
||||
tooltip {
|
||||
background-color: $base;
|
||||
border-radius: 5px
|
||||
}
|
||||
|
||||
button {
|
||||
transition: background-color 200ms, color 200ms;
|
||||
}
|
||||
|
||||
.active {
|
||||
color: $pink;
|
||||
font-size: 1.4rem;
|
||||
}
|
||||
|
||||
.inactive {
|
||||
color: $base;
|
||||
font-size: 1.4rem;
|
||||
}
|
||||
|
||||
.inactive:hover {
|
||||
color: $light-gray;
|
||||
}
|
||||
|
||||
.bar {
|
||||
background-color: $mantle;
|
||||
}
|
||||
|
||||
.clock {
|
||||
font-weight: bold;
|
||||
background-color: $base;
|
||||
color: $text;
|
||||
border-radius: 10px;
|
||||
padding: 0.2rem;
|
||||
margin: 0.5rem;
|
||||
}
|
||||
|
||||
.date {
|
||||
font-size: 1.5rem;
|
||||
color: $text;
|
||||
}
|
||||
|
||||
|
||||
.battery {
|
||||
font-family: monospace;
|
||||
font-size: 1.5rem;
|
||||
color: $teal;
|
||||
}
|
||||
|
||||
.volume,
|
||||
.dnd,
|
||||
.wifi {
|
||||
font-family: monospace;
|
||||
font-size: 1.5rem;
|
||||
color: $mauve;
|
||||
padding: 0 5px;
|
||||
}
|
||||
|
||||
|
||||
// battery menu
|
||||
.batterywindow {
|
||||
background-color: $mantle;
|
||||
border-radius: 5px;
|
||||
font-size: 18px;
|
||||
font-weight: normal;
|
||||
color: $text;
|
||||
|
||||
progressbar {
|
||||
border-radius: 5px;
|
||||
}
|
||||
|
||||
progressbar progress {
|
||||
background-color: $green;
|
||||
}
|
||||
|
||||
progressbar trough {
|
||||
background-color: $base;
|
||||
}
|
||||
|
||||
.batterymenu {
|
||||
padding: 10px;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// Calendar
|
||||
.cal {
|
||||
background-color: $mantle;
|
||||
border-radius: 5px;
|
||||
font-size: 18px;
|
||||
font-weight: normal;
|
||||
|
||||
.cal-in {
|
||||
padding: 0px 10px 0px 10px;
|
||||
color: $text;
|
||||
|
||||
.cal {
|
||||
&.highlight {
|
||||
padding: 20px;
|
||||
}
|
||||
|
||||
padding: 5px 5px 5px 5px;
|
||||
margin-left: 10px;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
calender {
|
||||
color: $text;
|
||||
}
|
||||
|
||||
calendar:selected {
|
||||
color: $mauve;
|
||||
}
|
||||
|
||||
calendar.header {
|
||||
color: $overlay0;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
calendar.button {
|
||||
color: $base;
|
||||
}
|
||||
|
||||
calendar.highlight {
|
||||
color: $overlay0;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
calendar:indeterminate {
|
||||
color: $text;
|
||||
}
|
|
@ -0,0 +1,164 @@
|
|||
(defwidget bar []
|
||||
(centerbox
|
||||
:orientation "v"
|
||||
(box
|
||||
:valign "start"
|
||||
:hexpand false
|
||||
:vexpand false
|
||||
:orientation "v"
|
||||
:space-evenly false
|
||||
)
|
||||
|
||||
(workspaces
|
||||
:halign "center"
|
||||
:vexpand true
|
||||
:hexpand false
|
||||
:orientation "v"
|
||||
)
|
||||
|
||||
(box :valign "end" :hexpand false :vexpand true :orientation "v" :space-evenly false
|
||||
(wifi)
|
||||
(do-not-disturb)
|
||||
(volume)
|
||||
(battery)
|
||||
(time)
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
;; ━━━ BATTERY ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
(defwidget battery []
|
||||
(eventbox :onclick "eww open batterywindow --toggle"
|
||||
(label
|
||||
:text `${
|
||||
EWW_BATTERY.BAT0.status == "Charging" ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 10 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 20 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 30 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 40 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 50 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 60 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 70 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 80 ? "" :
|
||||
EWW_BATTERY.BAT0.capacity < 90 ? "" : ""
|
||||
}`
|
||||
:class "battery"
|
||||
))
|
||||
)
|
||||
|
||||
(defwidget batterymenu []
|
||||
(box :orientation "v"
|
||||
:class "batterymenu"
|
||||
(label :text "${EWW_BATTERY.BAT0.status}: ${EWW_BATTERY.BAT0.capacity}%")
|
||||
(progress :value "${EWW_BATTERY.BAT0.capacity}" :orientation "h") ; TODO: change class (and color) on low juice
|
||||
)
|
||||
)
|
||||
|
||||
(defwindow batterywindow
|
||||
:monitor 0
|
||||
:geometry (geometry
|
||||
:x "53px"
|
||||
:y "30px"
|
||||
:anchor "bottom left"
|
||||
)
|
||||
(batterymenu)
|
||||
)
|
||||
|
||||
; ━━━ do-not-disturb ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
(defvar dnd "")
|
||||
(defwidget do-not-disturb []
|
||||
(eventbox
|
||||
:orientation "h"
|
||||
:halign "center"
|
||||
:space-evenly false
|
||||
:onclick "nohup ./scripts/do-not-disturb.sh &"
|
||||
(label
|
||||
:text {dnd}
|
||||
:class "dnd"
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
;; ━━━ WIFI ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
(defpoll wifi :interval "30s" "./scripts/wifi.sh")
|
||||
|
||||
(defwidget wifi []
|
||||
(box
|
||||
:orientation "h"
|
||||
:halign "center"
|
||||
:space-evenly false
|
||||
(label
|
||||
:text {wifi.icon}
|
||||
:tooltip {wifi.status}
|
||||
:class "wifi"
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
;; ━━━ VOLUME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
(defpoll volume :interval "1s" "./scripts/volume.sh")
|
||||
(defwidget volume []
|
||||
(eventbox
|
||||
:orientation "h"
|
||||
:halign "center"
|
||||
:space-evenly false
|
||||
:onclick "pamixer -t"
|
||||
(label
|
||||
:text {volume.icon}
|
||||
:tooltip "${volume.percent}%"
|
||||
:class "volume"
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
;; ━━━ TIME ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
(defpoll hour :interval "10s" "date +%H")
|
||||
(defpoll minute :interval "10s" "date +%M")
|
||||
(defpoll dateVar :interval "600s" "date '+%A %d.%m.%y'")
|
||||
|
||||
(defwidget time []
|
||||
(eventbox
|
||||
:cursor "hand"
|
||||
:hexpand false
|
||||
:vexpand false
|
||||
:tooltip "${dateVar}"
|
||||
:onclick "eww open calendar --toggle &"
|
||||
(box :orientation "v" :hexpand false :vexpand false :space-evenly false :class "clock"
|
||||
(label :class "date" :text "${hour}")
|
||||
|
||||
(label :class "date" :text "${minute}")
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
;; Calendar
|
||||
(defpoll calendar_day :interval "20h" "date '+%d'")
|
||||
(defpoll calendar_year :interval "20h" "date '+%Y'")
|
||||
(defwidget cal []
|
||||
(box :class "cal" :orientation "v"
|
||||
(box :class "cal-in"
|
||||
(calendar :class "cal"
|
||||
:day calendar_day
|
||||
:year calendar_year))))
|
||||
|
||||
(defwindow calendar
|
||||
:monitor 0
|
||||
:geometry (geometry :x "53px"
|
||||
:y "5px"
|
||||
:anchor "bottom left"
|
||||
:width "270px"
|
||||
:height "60px")
|
||||
(cal))
|
||||
|
||||
(deflisten workspaces_listen "./scripts/workspaces.sh")
|
||||
(defwidget workspaces []
|
||||
(literal :content workspaces_listen))
|
||||
|
||||
(defwindow bar
|
||||
:monitor 0
|
||||
:exclusive false
|
||||
:geometry (geometry :height "1080px" :x "-4px" :y "0px"
|
||||
:width "52px"
|
||||
:anchor "top left")
|
||||
:stacking "fg"
|
||||
(bar))
|
|
@ -0,0 +1,10 @@
|
|||
#!/usr/bin/env nix-shell
|
||||
#! nix-shell -p jq -i bash
|
||||
|
||||
if makoctl mode | rg -q "do-not-disturb"; then
|
||||
eww update dnd=""
|
||||
makoctl mode -r do-not-disturb > /dev/null
|
||||
else
|
||||
eww update dnd=""
|
||||
makoctl mode -a do-not-disturb > /dev/null
|
||||
fi
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue