swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat[client,server]: add remote builds, confLib
Some checks failed
Flake check / Check flake (push) Has been cancelled
Details

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-12-02 00:57:35 +01:00 committed by Leon Schwarzäugl
parent c20f1b0b59
commit 9acfc5f934
133 changed files with 4297 additions and 3249 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/home/common/anki.nix
View file

@ -1,4 +1,4 @@
{ lib, config, pkgs, globals, inputs, nixosConfig ? config, ... }:
{ lib, config, pkgs, globals, inputs, confLib, ... }:
let
moduleName = "anki";
inherit (config.swarselsystems) isPublic isNixos;
@ -23,11 +23,11 @@ in
syncMedia = true;
autoSyncMediaMinutes = 5;
url = "https://${globals.services.ankisync.domain}";
usernameFile = nixosConfig.sops.secrets.anki-user.path;
usernameFile = confLib.getConfig.sops.secrets.anki-user.path;
# this is not the password but the syncKey
# get it by logging in or out, saving preferences and then
# show details on the "settings wont be saved" dialog
keyFile = nixosConfig.sops.secrets.anki-pw.path;
keyFile = confLib.getConfig.sops.secrets.anki-pw.path;
};
addons =
let

4
modules/home/common/element.nix
View file

@ -1,4 +1,4 @@
{ lib, config, ... }:
{ lib, config, globals, ... }:
let
moduleName = "element-desktop";
in
@ -10,7 +10,7 @@ in
settings = {
default_server_config = {
"m.homeserver" = {
base_url = "https://swatrix.swarsel.win/";
base_url = "https://${globals.services.matrix.domain}/";
};
};
UIFeature = {

16
modules/home/common/env.nix
View file

@ -1,8 +1,8 @@
{ lib, config, nixosConfig ? config, ... }:
{ lib, config, confLib, globals, ... }:
let
inherit (nixosConfig.repo.secrets.common.mail) address1 address2 address3 address4 allMailAddresses;
inherit (nixosConfig.repo.secrets.common.calendar) source1 source1-name source2 source2-name source3 source3-name;
inherit (nixosConfig.repo.secrets.common) fullName openrouterApi;
inherit (confLib.getConfig.repo.secrets.common.mail) address1 address2 address3 address4 allMailAddresses;
inherit (confLib.getConfig.repo.secrets.common.calendar) source1 source1-name source2 source2-name source3 source3-name;
inherit (confLib.getConfig.repo.secrets.common) fullName openrouterApi instaDomain sportDomain;
inherit (config.swarselsystems) isPublic homeDir;
DISPLAY = ":0";
@ -18,6 +18,12 @@ in
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
FLAKE = "${config.home.homeDirectory}/.dotfiles";
} // lib.optionalAttrs (!isPublic) {
SWARSEL_DOMAIN = globals.domains.main;
SWARSEL_RSS_DOMAIN = globals.services.freshrss.domain;
SWARSEL_MUSIC_DOMAIN = globals.services.navidrome.domain;
SWARSEL_FILES_DOMAIN = globals.services.nextcloud.domain;
SWARSEL_INSTA_DOMAIN = instaDomain;
SWARSEL_SPORT_DOMAIN = sportDomain;
SWARSEL_MAIL1 = address1;
SWARSEL_MAIL2 = address2;
SWARSEL_MAIL3 = address3;
@ -30,7 +36,7 @@ in
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = lib.mkDefault allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
GITHUB_NOTIFICATION_TOKEN_PATH = confLib.getConfig.sops.secrets.github-notifications-token.path;
OPENROUTER_API_KEY = openrouterApi;
};
};

4
modules/home/common/gammastep.nix
View file

@ -1,6 +1,6 @@
{ lib, config, nixosConfig ? config, ... }:
{ lib, config, confLib, ... }:
let
inherit (nixosConfig.repo.secrets.common.location) latitude longitude;
inherit (confLib.getConfig.repo.secrets.common.location) latitude longitude;
in
{
options.swarselmodules.gammastep = lib.mkEnableOption "gammastep settings";

6
modules/home/common/git.nix
View file

@ -1,7 +1,7 @@
{ lib, config, globals, minimal, nixosConfig ? config, ... }:
{ lib, config, globals, minimal, confLib, ... }:
let
inherit (nixosConfig.repo.secrets.common.mail) address1;
inherit (nixosConfig.repo.secrets.common) fullName;
inherit (confLib.getConfig.repo.secrets.common.mail) address1;
inherit (confLib.getConfig.repo.secrets.common) fullName;
gitUser = globals.user.name;
in

4
modules/home/common/hexchat.nix
View file

@ -1,7 +1,7 @@
{ lib, config, nixosConfig ? config, ... }:
{ lib, config, confLib, ... }:
let
moduleName = "hexchat";
inherit (nixosConfig.repo.secrets.common.irc) irc_nick1;
inherit (confLib.getConfig.repo.secrets.common.irc) irc_nick1;
in
{
options.swarselmodules.${moduleName} = lib.mkEnableOption "enable ${moduleName} and settings";

14
modules/home/common/mail.nix
View file

@ -1,7 +1,7 @@
{ lib, config, inputs, globals, nixosConfig ? config, ... }:
{ lib, config, inputs, globals, confLib, ... }:
let
inherit (nixosConfig.repo.secrets.common.mail) address1 address2 address2-name address3 address3-name address4;
inherit (nixosConfig.repo.secrets.common) fullName;
inherit (confLib.getConfig.repo.secrets.common.mail) address1 address2 address2-name address3 address3-name address4;
inherit (confLib.getConfig.repo.secrets.common) fullName;
inherit (config.swarselsystems) xdgDir;
in
{
@ -140,7 +140,7 @@ in
address = address4;
userName = address4;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address4-token.path}";
passwordCommand = "cat ${confLib.getConfig.sops.secrets.address4-token.path}";
mu.enable = true;
msmtp = {
enable = true;
@ -169,7 +169,7 @@ in
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
passwordCommand = "cat ${confLib.getConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
@ -183,7 +183,7 @@ in
address = address2;
userName = address2;
realName = address2-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address2-token.path}";
passwordCommand = "cat ${confLib.getConfig.sops.secrets.address2-token.path}";
}
defaultSettings;
@ -193,7 +193,7 @@ in
address = address3;
userName = address3;
realName = address3-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address3-token.path}";
passwordCommand = "cat ${confLib.getConfig.sops.secrets.address3-token.path}";
}
defaultSettings;

213
modules/home/common/niri.nix
View file

@ -1,213 +0,0 @@
{ config, pkgs, lib, vars, ... }:
{
options.swarselmodules.niri = lib.mkEnableOption "niri settings";
config = lib.mkIf config.swarselmodules.niri
{
programs.niri = {
package = pkgs.niri-unstable; # which package to use for niri validation
settings = {
xwayland-satellite = {
enable = true;
path = "${lib.getExe pkgs.xwayland-satellite-unstable}";
};
prefer-no-csd = true;
layer-rules = [
{ matches = [{ namespace = "^notifications$"; }]; block-out-from = "screencast"; }
{ matches = [{ namespace = "^wallpaper$"; }]; place-within-backdrop = true; }
];
window-rules = [
{
matches = [{ app-id = ".*"; }];
opacity = 0.95;
default-column-width = { proportion = 0.5; };
shadow = {
enable = true;
draw-behind-window = true;
};
geometry-corner-radius = { top-left = 2.0; top-right = 2.0; bottom-left = 2.0; bottom-right = 2.0; };
}
{ matches = [{ app-id = "at.yrlf.wl_mirror"; }]; opacity = 1.0; }
{ matches = [{ app-id = "Gimp"; }]; opacity = 1.0; }
{ matches = [{ app-id = "firefox"; }]; opacity = 0.99; }
{ matches = [{ app-id = "^special.*"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; }
{ matches = [{ app-id = "chromium-browser"; }]; opacity = 0.99; }
{ matches = [{ app-id = "^qalculate-gtk$"; }]; open-floating = true; }
{ matches = [{ app-id = "^blueman$"; }]; open-floating = true; }
{ matches = [{ app-id = "^pavucontrol$"; }]; open-floating = true; }
{ matches = [{ app-id = "^syncthingtray$"; }]; open-floating = true; }
{ matches = [{ app-id = "^Element$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; block-out-from = "screencast"; }
# { matches = [{ app-id = "^Element$"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; block-out-from = "screencast"; }
{ matches = [{ app-id = "^vesktop$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; block-out-from = "screencast"; }
# { matches = [{ app-id = "^vesktop$"; }]; default-column-width = { proportion = 0.9; }; open-on-workspace = "Scratchpad"; block-out-from = "screencast"; }
{ matches = [{ app-id = "^com.nextcloud.desktopclient.nextcloud$"; }]; open-floating = true; }
{ matches = [{ title = ".*1Password.*"; }]; excludes = [{ app-id = "^firefox$"; } { app-id = "^emacs$"; } { app-id = "^kitty$"; }]; open-floating = true; block-out-from = "screencast"; }
{ matches = [{ title = "(?:Open|Save) (?:File|Folder|As)"; }]; open-floating = true; }
{ matches = [{ title = "^Add$"; }]; open-floating = true; }
{ matches = [{ title = "^Picture-in-Picture$"; }]; open-floating = true; }
{ matches = [{ title = "Syncthing Tray"; }]; open-floating = true; }
{ matches = [{ title = "^Emacs Popup Frame$"; }]; open-floating = true; }
{ matches = [{ title = "^Emacs Popup Anchor$"; }]; open-floating = true; }
{ matches = [{ app-id = "^spotifytui$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; }
{ matches = [{ app-id = "^kittyterm$"; }]; open-floating = true; default-column-width = { proportion = 0.5; }; }
];
environment = {
DISPLAY = ":0";
} // vars.waylandSessionVariables;
screenshot-path = "~/Pictures/Screenshots/screenshot_%Y-%m-%d-%H%M%S.png";
input = {
mod-key = "Super";
keyboard = {
xkb = {
layout = "us";
variant = "altgr-intl";
};
};
mouse = {
natural-scroll = false;
};
touchpad = {
enable = true;
tap = true;
tap-button-map = "left-right-middle";
natural-scroll = true;
scroll-method = "two-finger";
click-method = "clickfinger";
disabled-on-external-mouse = true;
drag = true;
drag-lock = false;
dwt = true;
dwtp = true;
};
};
cursor = {
hide-after-inactive-ms = 2000;
hide-when-typing = true;
};
layout = {
background-color = "transparent";
border = {
enable = true;
width = 1;
};
focus-ring = {
enable = false;
};
gaps = 5;
};
binds = with config.lib.niri.actions; let
sh = spawn "sh" "-c";
in
{
# "Mod+Super_L" = spawn "killall -SIGUSR1 .waybar-wrapped";
"Mod+z".action = spawn "killall -SIGUSR1 .waybar-wrapped";
"Mod+Shift+t".action = toggle-window-rule-opacity;
# "Mod+Escape".action = "mode $exit";
"Mod+m".action = focus-workspace-previous;
"Mod+Shift+Space".action = toggle-window-floating;
"Mod+Shift+f".action = toggle-windowed-fullscreen;
"Mod+q".action = close-window;
"Mod+f".action = spawn "firefox";
"Mod+Space".action = spawn "fuzzel";
"Mod+Shift+c".action = spawn "qalculate-gtk";
"Mod+Ctrl+p".action = spawn "1password" "--quick-acces";
"Mod+Shift+Escape".action = spawn "kitty" "-o" "confirm_os_window_close=0" "btm";
"Mod+h".action = sh ''hyprpicker | wl-copy'';
# "Mod+s".action = spawn "grim" "-g" "\"$(slurp)\"" "-t" "png" "-" "|" "wl-copy" "-t" "image/png";
# "Mod+s".action = screenshot { show-pointer = false; };
"Mod+s".action.screenshot = { show-pointer = false; };
# "Mod+Shift+s".action = spawn "slurp" "|" "grim" "-g" "-" "Pictures/Screenshots/$(date +'screenshot_%Y-%m-%d-%H%M%S.png')";
# "Mod+Shift+s".action = screenshot-window { write-to-disk = true; };
"Mod+Shift+s".action.screenshot-window = { write-to-disk = true; };
# "Mod+Shift+v".action = spawn "wf-recorder" "-g" "'$(slurp -f %o -or)'" "-f" "~/Videos/screenrecord_$(date +%Y-%m-%d-%H%M%S).mkv";
"Mod+e".action = sh "emacsclient -nquc -a emacs -e '(dashboard-open)'";
"Mod+c".action = sh "emacsclient -ce '(org-capture)'";
"Mod+t".action = sh "emacsclient -ce '(org-agenda)'";
"Mod+Shift+m".action = sh "emacsclient -ce '(mu4e)'";
"Mod+Shift+a".action = sh "emacsclient -ce '(swarsel/open-calendar)'";
"Mod+a".action = spawn "swarselcheck-niri" "-s";
"Mod+x".action = spawn "swarselcheck-niri" "-k";
"Mod+d".action = spawn "swarselcheck-niri" "-d";
"Mod+w".action = spawn "swarselcheck-niri" "-e";
"Mod+p".action = spawn "pass-fuzzel";
"Mod+o".action = spawn "pass-fuzzel" "--otp";
"Mod+Shift+p".action = spawn "pass-fuzzel" "--type";
"Mod+Shift+o".action = spawn "pass-fuzzel" "--otp" "--type";
"Mod+Left".action = focus-column-or-monitor-left;
"Mod+Right".action = focus-column-or-monitor-right;
"Mod+Down".action = focus-window-or-workspace-down;
"Mod+Up".action = focus-window-or-workspace-up;
"Mod+Shift+Left".action = move-column-left;
"Mod+Shift+Right".action = move-column-right;
"Mod+Shift+Down".action = move-window-down-or-to-workspace-down;
"Mod+Shift+Up".action = move-window-up-or-to-workspace-up;
# "Mod+Ctrl+Shift+c".action = "reload";
# "Mod+Ctrl+Shift+r".action = "exec swarsel-displaypower";
# "Mod+Shift+e".action = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'";
# "Mod+r".action = "mode resize";
# "Mod+Return".action = "exec kitty";
"Mod+Return".action = spawn "swarselzellij";
"XF86AudioRaiseVolume".action = spawn "swayosd-client" "--output-volume" "raise";
"XF86AudioLowerVolume".action = spawn "swayosd-client" "--output-volume" "lower";
"XF86AudioMute".action = spawn "swayosd-client" "--output-volume" "mute-toggle";
"XF86MonBrightnessUp".action = spawn "swayosd-client" "--brightness raise";
"XF86MonBrightnessDown".action = spawn "swayosd-client" "--brightness lower";
"XF86Display".action = spawn "wl-mirror" "eDP-1";
"Mod+Escape".action = spawn "wlogout";
"Mod+Equal".action = set-column-width "+10%";
"Mod+Minus".action = set-column-width "-10%";
"Mod+1".action = focus-workspace 1;
"Mod+2".action = focus-workspace 2;
"Mod+3".action = focus-workspace 3;
"Mod+4".action = focus-workspace 4;
"Mod+5".action = focus-workspace 5;
"Mod+6".action = focus-workspace 6;
"Mod+7".action = focus-workspace 7;
"Mod+8".action = focus-workspace 8;
"Mod+9".action = focus-workspace 9;
"Mod+0".action = focus-workspace 0;
"Mod+Shift+1".action = move-column-to-index 1;
"Mod+Shift+2".action = move-column-to-index 2;
"Mod+Shift+3".action = move-column-to-index 3;
"Mod+Shift+4".action = move-column-to-index 4;
"Mod+Shift+5".action = move-column-to-index 5;
"Mod+Shift+6".action = move-column-to-index 6;
"Mod+Shift+7".action = move-column-to-index 7;
"Mod+Shift+8".action = move-column-to-index 8;
"Mod+Shift+9".action = move-column-to-index 9;
"Mod+Shift+0".action = move-column-to-index 0;
};
spawn-at-startup = [
# { command = [ "vesktop" "--start-minimized" "--enable-speech-dispatcher" "--ozone-platform-hint=auto" "--enable-features=WaylandWindowDecorations" "--enable-wayland-ime" ]; }
# { command = [ "element-desktop" "--hidden" "--enable-features=UseOzonePlatform" "--ozone-platform=wayland" "--disable-gpu-driver-bug-workarounds" ]; }
# { command = [ "anki" ]; }
# { command = [ "obsidian" ]; }
# { command = [ "nm-applet" ]; }
{ command = [ "niri" "msg" "action" "focus-workspace" "2" ]; }
];
workspaces = {
# "01-Main" = {
# name = "Scratchpad";
# };
"99-Scratchpad" = {
name = "";
};
};
};
};
} // {
programs.niri = lib.mkIf (!config.swarselmodules.niri) {
package = null;
config = null;
settings = null;
};
};
}

4
modules/home/common/obsidian.nix
View file

@ -1,7 +1,7 @@
{ lib, config, pkgs, nixosConfig ? config, ... }:
{ lib, config, pkgs, confLib, ... }:
let
moduleName = "obsidian";
inherit (nixosConfig.repo.secrets.common.obsidian) userIgnoreFilters;
inherit (confLib.getConfig.repo.secrets.common.obsidian) userIgnoreFilters;
name = "Main";
in
{

4
modules/home/common/opkssh.nix
View file

@ -1,4 +1,4 @@
{ lib, config, ... }:
{ lib, config, globals, ... }:
let
moduleName = "opkssh";
in
@ -13,7 +13,7 @@ in
providers = [
{
alias = "kanidm";
issuer = "https://sso.swarsel.win/oauth2/openid/opkssh";
issuer = "https://${globals.services.kanidm.domain}/oauth2/openid/opkssh";
client_id = "opkssh";
scopes = "openid email profile";
redirect_uris = [

6
modules/home/common/settings.nix
View file

@ -40,7 +40,11 @@ in
trusted-public-keys = [
atticPublicKey
];
trusted-users = [ "@wheel" "${mainUser}" ];
trusted-users = [
"@wheel"
"${mainUser}"
(lib.mkIf config.swarselmodules.server.ssh-builder "builder")
];
connect-timeout = 5;
bash-prompt-prefix = "$SHLVL:\\w ";
bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"\"; else printf \"\"; fi)λ ";

16
modules/home/common/ssh.nix
View file

@ -1,7 +1,7 @@
{ lib, config, nixosConfig ? config, ... }:
{ inputs, lib, config, confLib, ... }:
{
options.swarselmodules.ssh = lib.mkEnableOption "ssh settings";
config = lib.mkIf config.swarselmodules.ssh {
config = lib.mkIf config.swarselmodules.ssh ({
programs.ssh = {
enable = true;
enableDefaultConfig = false;
@ -18,11 +18,15 @@
serverAliveCountMax = 3;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlMaster = "auto";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
controlPersist = "5m";
};
} // nixosConfig.repo.secrets.common.ssh.hosts;
} // confLib.getConfig.repo.secrets.common.ssh.hosts;
};
};
} // lib.optionalAttrs (inputs ? sops) {
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
builder-key = { path = "${config.home.homeDirectory}/.ssh/builder"; mode = "0600"; };
};
});
}

4
modules/home/common/sway.nix
View file

@ -1,4 +1,4 @@
{ config, lib, vars, nixosConfig ? config, ... }:
{ config, lib, vars, confLib, ... }:
let
eachOutput = _: monitor: {
inherit (monitor) name;
@ -381,7 +381,7 @@ in
export XDG_CURRENT_DESKTOP=sway;
export XDG_SESSION_DESKTOP=sway;
export _JAVA_AWT_WM_NONREPARENTING=1;
export GITHUB_NOTIFICATION_TOKEN_PATH=${nixosConfig.sops.secrets.github-notifications-token.path};
export GITHUB_NOTIFICATION_TOKEN_PATH=${confLib.getConfig.sops.secrets.github-notifications-token.path};
'' + vars.waylandExports;
# extraConfigEarly = "
# exec systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK

6
modules/home/common/yubikey.nix
View file

@ -1,4 +1,4 @@
{ lib, config, inputs, nixosConfig ? config, ... }:
{ lib, config, inputs, confLib, ... }:
let
inherit (config.swarselsystems) homeDir;
in
@ -9,8 +9,8 @@ in
pam.yubico.authorizedYubiKeys = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
ids = [
nixosConfig.repo.secrets.common.yubikeys.dev1
nixosConfig.repo.secrets.common.yubikeys.dev2
confLib.getConfig.repo.secrets.common.yubikeys.dev1
confLib.getConfig.secrets.common.yubikeys.dev2
];
};
} // lib.optionalAttrs (inputs ? sops) {

6
modules/home/common/zsh.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, minimal, inputs, globals, nixosConfig ? config, ... }:
{ config, pkgs, lib, minimal, inputs, globals, confLib, ... }:
let
inherit (config.swarselsystems) flakePath isNixos;
crocDomain = globals.services.croc.domain;
@ -127,8 +127,8 @@ in
'';
sessionVariables = lib.mkIf (!config.swarselsystems.isPublic) {
CROC_RELAY = crocDomain;
CROC_PASS = "$(cat ${nixosConfig.sops.secrets.croc-password.path or ""})";
GITHUB_TOKEN = "$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path or ""})";
CROC_PASS = "$(cat ${confLib.getConfig.sops.secrets.croc-password.path or ""})";
GITHUB_TOKEN = "$(cat ${confLib.getConfig.sops.secrets.github-nixpkgs-review-token.path or ""})";
QT_QPA_PLATFORM_PLUGIN_PATH = "${pkgs.libsForQt5.qt5.qtbase.bin}/lib/qt-${pkgs.libsForQt5.qt5.qtbase.version}/plugins";
# QTWEBENGINE_CHROMIUM_FLAGS = "--no-sandbox";
};