swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: code cleanup (nixpkgs-fmt style)

Browse source
This commit is contained in:
Swarsel 2024-07-20 00:21:55 +02:00
parent 2a08576697
commit dc66bb27dd
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
44 changed files with 1152 additions and 1138 deletions
Download patch file Download diff file Expand all files Collapse all files

480
flake.nix
View file

@ -2,6 +2,7 @@
description = "SwarseFlake - Nix Flake for all SwarselSystems"; description = "SwarseFlake - Nix Flake for all SwarselSystems";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
@ -67,310 +68,293 @@
url = "github:nix-community/nix-index-database"; url = "github:nix-community/nix-index-database";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = inputs @ { outputs =
nixpkgs, inputs@{ nixpkgs
nixpkgs-stable, , nixpkgs-stable
home-manager, , home-manager
nix-on-droid, , nix-on-droid
emacs-overlay, , emacs-overlay
nur, , nur
nixgl, , nixgl
stylix, , stylix
sops-nix, , sops-nix
lanzaboote, , lanzaboote
nixos-hardware, , nixos-hardware
nix-alien, , nix-alien
nixos-generators, , nixos-generators
nswitch-rcm-nix, , nswitch-rcm-nix
nix-index-database, , nix-index-database
... , ...
}: let }:
system = "x86_64-linux"; # not very portable, but I do not use other architectures at the moment let
pkgs = import nixpkgs {
inherit system; system = "x86_64-linux"; # not very portable, but I do not use other architectures at the moment
overlays = [ pkgs = import nixpkgs {
emacs-overlay.overlay inherit system;
nur.overlay overlays = [
nixgl.overlay emacs-overlay.overlay
(final: _prev: { nur.overlay
stable = import nixpkgs-stable { nixgl.overlay
inherit (final) system config; (final: _prev: {
}; stable = import nixpkgs-stable {
inherit (final) system config;
};
})
];
config.allowUnfree = true;
};
# NixOS modules that can only be used on NixOS systems
nixModules = [
stylix.nixosModules.stylix
sops-nix.nixosModules.sops
nswitch-rcm-nix.nixosModules.nswitch-rcm
./profiles/common/nixos.nix
# dynamic library loading
({ self, system, ... }: {
environment.systemPackages = with self.inputs.nix-alien.packages.${system}; [
nix-alien
];
# needed for `nix-alien-ld`
programs.nix-ld.enable = true;
}) })
]; ];
config.allowUnfree = true;
};
# NixOS modules that can only be used on NixOS systems # Home-Manager modules wanted on non-NixOS systems
nixModules = [ homeModules = [
stylix.nixosModules.stylix stylix.homeManagerModules.stylix
sops-nix.nixosModules.sops ];
nswitch-rcm-nix.nixosModules.nswitch-rcm # Home-Manager modules wanted on both NixOS and non-NixOS systems
./profiles/common/nixos.nix mixedModules = [
# dynamic library loading sops-nix.homeManagerModules.sops
({ nix-index-database.hmModules.nix-index
self, ./profiles/common/home.nix
system, ];
...
}: {
environment.systemPackages = with self.inputs.nix-alien.packages.${system}; [
nix-alien
];
# needed for `nix-alien-ld`
programs.nix-ld.enable = true;
})
];
# Home-Manager modules wanted on non-NixOS systems in
homeModules = [ {
stylix.homeManagerModules.stylix
];
# Home-Manager modules wanted on both NixOS and non-NixOS systems
mixedModules = [
sops-nix.homeManagerModules.sops
nix-index-database.hmModules.nix-index
./profiles/common/home.nix
];
in {
# NixOS setups - run home-manager as a NixOS module for better compatibility
# another benefit - full rebuild on nixos-rebuild switch
# run rebuild using `nswitch`
# NEW HOSTS: For a new host, decide whether a NixOS (nixosConfigurations) or non-NixOS (homeConfigurations) is used. # NixOS setups - run home-manager as a NixOS module for better compatibility
# Make sure to move hardware-configuration to the appropriate location, by default it is found in /etc/nixos/. # another benefit - full rebuild on nixos-rebuild switch
# run rebuild using `nswitch`
nixosConfigurations = { # NEW HOSTS: For a new host, decide whether a NixOS (nixosConfigurations) or non-NixOS (homeConfigurations) is used.
onett = nixpkgs.lib.nixosSystem { # Make sure to move hardware-configuration to the appropriate location, by default it is found in /etc/nixos/.
specialArgs = {inherit inputs pkgs;};
modules = nixosConfigurations = {
nixModules
++ [ onett = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = nixModules ++ [
./profles/onett/nixos.nix ./profles/onett/nixos.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.users.swarsel.imports = home-manager.users.swarsel.imports = mixedModules ++ [
mixedModules ./profiles/onett/home.nix
++ [ ];
./profiles/onett/home.nix
];
} }
]; ];
}; };
sandbox = nixpkgs.lib.nixosSystem { sandbox = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;}; specialArgs = { inherit inputs pkgs; };
modules = [ modules = [
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
./profiles/sandbox/nixos.nix ./profiles/sandbox/nixos.nix
]; ];
}; };
twoson = nixpkgs.lib.nixosSystem { twoson = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;}; specialArgs = { inherit inputs pkgs; };
modules = modules = nixModules ++ [
nixModules
++ [
./profiles/twoson/nixos.nix ./profiles/twoson/nixos.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.users.swarsel.imports = home-manager.users.swarsel.imports = mixedModules ++ [
mixedModules ./profiles/twoson/home.nix
++ [ ];
./profiles/twoson/home.nix
];
} }
]; ];
}; };
threed = nixpkgs.lib.nixosSystem { threed = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;}; specialArgs = { inherit inputs pkgs; };
modules = modules = nixModules ++ [
nixModules
++ [
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./profiles/threed/nixos.nix ./profiles/threed/nixos.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.users.swarsel.imports = home-manager.users.swarsel.imports = mixedModules ++ [
mixedModules ./profiles/threed/home.nix
++ [ ];
./profiles/threed/home.nix
];
} }
]; ];
}; };
fourside = nixpkgs.lib.nixosSystem { fourside = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;}; specialArgs = { inherit inputs pkgs; };
modules = modules = nixModules ++ [
nixModules
++ [
nixos-hardware.nixosModules.lenovo-thinkpad-p14s-amd-gen2 nixos-hardware.nixosModules.lenovo-thinkpad-p14s-amd-gen2
./profiles/fourside/nixos.nix ./profiles/fourside/nixos.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.users.swarsel.imports = home-manager.users.swarsel.imports = mixedModules ++ [
mixedModules ./profiles/fourside/home.nix
++ [ ];
./profiles/fourside/home.nix
];
} }
]; ];
}; };
winters = nixpkgs.lib.nixosSystem { winters = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;}; specialArgs = { inherit inputs pkgs; };
modules = modules = nixModules ++ [
nixModules
++ [
nixos-hardware.nixosModules.framework-16-inch-7040-amd nixos-hardware.nixosModules.framework-16-inch-7040-amd
./profiles/winters/nixos.nix ./profiles/winters/nixos.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.users.swarsel.imports = home-manager.users.swarsel.imports = mixedModules ++ [
mixedModules ./profiles/winters/home.nix
++ [ ];
./profiles/winters/home.nix
];
} }
]; ];
}; };
stand = nixpkgs.lib.nixosSystem { stand = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;}; specialArgs = { inherit inputs pkgs; };
modules = modules = nixModules ++ [
nixModules
++ [
./profiles/stand/nixos.nix ./profiles/stand/nixos.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.users.homelen.imports = home-manager.users.homelen.imports = mixedModules ++ [
mixedModules ./profiles/stand/home.nix
++ [ ];
./profiles/stand/home.nix
];
} }
]; ];
};
nginx = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/server1/nginx/nixos.nix
];
};
calibre = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/server1/calibre/nixos.nix
];
};
jellyfin = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
# sops-nix.nixosModules.sops
./profiles/server1/jellyfin/nixos.nix
];
};
transmission = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/server1/transmission/nixos.nix
];
};
matrix = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
# this is to import a service module that is not on nixpkgs
# this way avoids infinite recursion errors
modules = [
sops-nix.nixosModules.sops
./profiles/server1/matrix/nixos.nix
];
};
sound = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/server1/sound/nixos.nix
];
};
spotifyd = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/server1/spotifyd/nixos.nix
];
};
paperless = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/server1/paperless/nixos.nix
];
};
#ovm swarsel
sync = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/remote/oracle/sync/nixos.nix
];
};
#ovm swarsel
swatrix = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs pkgs; };
modules = [
sops-nix.nixosModules.sops
./profiles/remote/oracle/matrix/nixos.nix
];
};
}; };
nginx = nixpkgs.lib.nixosSystem { # pure Home Manager setups - for non-NixOS machines
specialArgs = {inherit inputs pkgs;}; # run rebuild using `hmswitch`
modules = [
sops-nix.nixosModules.sops
./profiles/server1/nginx/nixos.nix
];
};
calibre = nixpkgs.lib.nixosSystem { homeConfigurations = {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/server1/calibre/nixos.nix
];
};
jellyfin = nixpkgs.lib.nixosSystem { "leons@PCisLee" = home-manager.lib.homeManagerConfiguration {
specialArgs = {inherit inputs pkgs;}; inherit pkgs;
modules = [ modules = homeModules ++ mixedModules ++ [
# sops-nix.nixosModules.sops
./profiles/server1/jellyfin/nixos.nix
];
};
transmission = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/server1/transmission/nixos.nix
];
};
matrix = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
# this is to import a service module that is not on nixpkgs
# this way avoids infinite recursion errors
modules = [
sops-nix.nixosModules.sops
./profiles/server1/matrix/nixos.nix
];
};
sound = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/server1/sound/nixos.nix
];
};
spotifyd = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/server1/spotifyd/nixos.nix
];
};
paperless = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/server1/paperless/nixos.nix
];
};
#ovm swarsel
sync = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/remote/oracle/sync/nixos.nix
];
};
#ovm swarsel
swatrix = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs;};
modules = [
sops-nix.nixosModules.sops
./profiles/remote/oracle/matrix/nixos.nix
];
};
};
# pure Home Manager setups - for non-NixOS machines
# run rebuild using `hmswitch`
homeConfigurations = {
"leons@PCisLee" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules =
homeModules
++ mixedModules
++ [
./profiles/surface/home.nix ./profiles/surface/home.nix
]; ];
}; };
};
nixOnDroidConfigurations = {
default = nix-on-droid.lib.nixOnDroidConfiguration {
modules = [
./profiles/mysticant/configuration.nix
];
}; };
};
packages.x86_64-linux = { nixOnDroidConfigurations = {
proxmox-lxc = nixos-generators.nixosGenerate {
inherit system; default = nix-on-droid.lib.nixOnDroidConfiguration {
modules = [ modules = [
./profiles/server1/TEMPLATE/nixos.nix ./profiles/mysticant/configuration.nix
]; ];
format = "proxmox-lxc"; };
}; };
packages.x86_64-linux = {
proxmox-lxc = nixos-generators.nixosGenerate {
inherit system;
modules = [
./profiles/server1/TEMPLATE/nixos.nix
];
format = "proxmox-lxc";
};
};
}; };
};
} }

30
index.html
View file

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2024-07-20 Sa 00:04 --> <!-- 2024-07-20 Sa 00:16 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>SwarselSystems: NixOS + Emacs Configuration</title> <title>SwarselSystems: NixOS + Emacs Configuration</title>
@ -261,7 +261,7 @@
<li><a href="#h:5ef03803-e150-41bc-b603-e80d60d96efc">3.3.6. Linking dotfiles</a></li> <li><a href="#h:5ef03803-e150-41bc-b603-e80d60d96efc">3.3.6. Linking dotfiles</a></li>
<li><a href="#h:4486b02f-4fb8-432b-bfa2-2e786206341d">3.3.7. Sourcing environment variables</a></li> <li><a href="#h:4486b02f-4fb8-432b-bfa2-2e786206341d">3.3.7. Sourcing environment variables</a></li>
<li><a href="#h:070a75ce-e209-4cda-aa25-e979bbf75d47">3.3.8. Programs</a></li> <li><a href="#h:070a75ce-e209-4cda-aa25-e979bbf75d47">3.3.8. Programs</a></li>
<li><a href="#org1d39a6e">3.3.9. nix-index</a></li> <li><a href="#org05cfe0c">3.3.9. nix-index</a></li>
<li><a href="#h:ac0e5e62-0dbf-4782-9a96-9e558eae86ae">3.3.10. password-store</a></li> <li><a href="#h:ac0e5e62-0dbf-4782-9a96-9e558eae86ae">3.3.10. password-store</a></li>
<li><a href="#h:1ab84307-b3fb-4c32-9def-4b89a53a8547">3.3.11. direnv</a></li> <li><a href="#h:1ab84307-b3fb-4c32-9def-4b89a53a8547">3.3.11. direnv</a></li>
<li><a href="#h:1bd6b0c7-f201-43e2-9624-6c50de00a1f6">3.3.12. eza</a></li> <li><a href="#h:1bd6b0c7-f201-43e2-9624-6c50de00a1f6">3.3.12. eza</a></li>
@ -329,7 +329,7 @@
<ul> <ul>
<li><a href="#h:99544398-72af-4382-b8e1-01b2221baff4">4.4.1. Org Mode</a></li> <li><a href="#h:99544398-72af-4382-b8e1-01b2221baff4">4.4.1. Org Mode</a></li>
<li><a href="#h:406c2ecc-0e3e-4d9f-9ae3-3eb1f8b87d1b">4.4.2. Nix Mode</a></li> <li><a href="#h:406c2ecc-0e3e-4d9f-9ae3-3eb1f8b87d1b">4.4.2. Nix Mode</a></li>
<li><a href="#org23b260b">4.4.3. nixpkgs-fmt</a></li> <li><a href="#orgc3f7bff">4.4.3. nixpkgs-fmt</a></li>
<li><a href="#h:50327461-a11b-4e81-830a-90febc720cfa">4.4.4. Markdown Mode</a></li> <li><a href="#h:50327461-a11b-4e81-830a-90febc720cfa">4.4.4. Markdown Mode</a></li>
<li><a href="#h:65e69741-9860-4ed0-bbed-7b7be9a2a9d6">4.4.5. Olivetti</a></li> <li><a href="#h:65e69741-9860-4ed0-bbed-7b7be9a2a9d6">4.4.5. Olivetti</a></li>
<li><a href="#h:94d4a0dc-b0d7-4702-b760-beeaa6da2b8f">4.4.6. darkroom</a></li> <li><a href="#h:94d4a0dc-b0d7-4702-b760-beeaa6da2b8f">4.4.6. darkroom</a></li>
@ -389,7 +389,7 @@
</div> </div>
</div> </div>
<p> <p>
<b>This file has 41226 words spanning 10979 lines and was last revised on 2024-07-20 00:04:46 +0200.</b> <b>This file has 41230 words spanning 10979 lines and was last revised on 2024-07-20 00:16:24 +0200.</b>
</p> </p>
<p> <p>
@ -439,7 +439,7 @@ This section defines my Emacs configuration. For a while, I considered to use ry
</p> </p>
<p> <p>
My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2024-07-20 00:04:46 +0200) My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2024-07-20 00:16:24 +0200)
</p></li> </p></li>
</ul> </ul>
@ -6993,8 +6993,8 @@ programs = {
</li> </li>
</ol> </ol>
</div> </div>
<div id="outline-container-org1d39a6e" class="outline-4"> <div id="outline-container-org05cfe0c" class="outline-4">
<h4 id="org1d39a6e"><span class="section-number-4">3.3.9.</span> nix-index</h4> <h4 id="org05cfe0c"><span class="section-number-4">3.3.9.</span> nix-index</h4>
<div class="outline-text-4" id="text-3-3-9"> <div class="outline-text-4" id="text-3-3-9">
<p> <p>
nix-index provides a way to find out which packages are provided by which derivations. By default it also comes with a replacement for <code>command-not-found.sh</code>, however, the implementation is based on a channel based setup. I like consistency, so I replace the command with one that provides a flakes-based output. nix-index provides a way to find out which packages are provided by which derivations. By default it also comes with a replacement for <code>command-not-found.sh</code>, however, the implementation is based on a channel based setup. I like consistency, so I replace the command with one that provides a flakes-based output.
@ -9266,10 +9266,10 @@ We set a hook that runs everytime we save the file. It would be a bit more effic
</p> </p>
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-emacs-lisp">(defun run-alejandra () <pre class="src src-emacs-lisp">(defun swarsel/run-formatting ()
(interactive) (interactive)
(let ((default-directory (expand-file-name "~/.dotfiles"))) (let ((default-directory (expand-file-name "~/.dotfiles")))
(shell-command "alejandra . -q"))) (shell-command "nixpkgs-fmt . &gt; /dev/null")))
(defun swarsel/org-babel-tangle-config () (defun swarsel/org-babel-tangle-config ()
(when (string-equal (buffer-file-name) (when (string-equal (buffer-file-name)
@ -9278,7 +9278,7 @@ We set a hook that runs everytime we save the file. It would be a bit more effic
(let ((org-confirm-babel-evaluate nil)) (let ((org-confirm-babel-evaluate nil))
(org-html-export-to-html) (org-html-export-to-html)
(org-babel-tangle) (org-babel-tangle)
(run-alejandra)))) (swarsel/run-formatting))))
(setq org-html-htmlize-output-type nil) (setq org-html-htmlize-output-type nil)
@ -9391,7 +9391,7 @@ The standard Emacs behaviour for the Python process shell is a bit annoying. Thi
</div> </div>
</div> </div>
</li> </li>
<li><a id="org58d332d"></a>Nix common prefix bracketer<br /> <li><a id="org5914746"></a>Nix common prefix bracketer<br />
<div class="outline-text-5" id="text-4-2-1-15"> <div class="outline-text-5" id="text-4-2-1-15">
<p> <p>
This function searches for common delimiters in region and removes them, summarizing all captured lines by it. This function searches for common delimiters in region and removes them, summarizing all captured lines by it.
@ -9424,7 +9424,7 @@ This function searches for common delimiters in region and removes them, summari
</div> </div>
</div> </div>
</li> </li>
<li><a id="orge56e7f4"></a>Nix formatters<br /> <li><a id="orgd08d04a"></a>Nix formatters<br />
<div class="outline-text-5" id="text-4-2-1-16"> <div class="outline-text-5" id="text-4-2-1-16">
<p> <p>
This formats the org code block at <code>point</code> in accordance to the <code>nixpkgs-fmt</code> formatter This formats the org code block at <code>point</code> in accordance to the <code>nixpkgs-fmt</code> formatter
@ -10997,8 +10997,8 @@ This adds a rudimentary nix-mode to Emacs. I have not really tried this out, as
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-org23b260b" class="outline-4"> <div id="outline-container-orgc3f7bff" class="outline-4">
<h4 id="org23b260b"><span class="section-number-4">4.4.3.</span> nixpkgs-fmt</h4> <h4 id="orgc3f7bff"><span class="section-number-4">4.4.3.</span> nixpkgs-fmt</h4>
<div class="outline-text-4" id="text-4-4-3"> <div class="outline-text-4" id="text-4-4-3">
<p> <p>
Adds functions for formatting nix code. Adds functions for formatting nix code.
@ -13013,7 +13013,7 @@ My laptop, sadly soon to be replaced by a new one, since most basic functions ar
</div> </div>
<div id="postamble" class="status"> <div id="postamble" class="status">
<p class="author">Author: Leon Schwarzäugl</p> <p class="author">Author: Leon Schwarzäugl</p>
<p class="date">Created: 2024-07-20 Sa 00:04</p> <p class="date">Created: 2024-07-20 Sa 00:16</p>
<p class="validation"><a href="https://validator.w3.org/check?uri=referer">Validate</a></p> <p class="validation"><a href="https://validator.w3.org/check?uri=referer">Validate</a></p>
</div> </div>
</body> </body>

41
profiles/TEMPLATE/home.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableSshSupport = true; enableSshSupport = true;
@ -29,7 +29,7 @@
]; ];
}; };
# update path if the sops private key is stored somewhere else # update path if the sops private key is stored somewhere else
sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
# waybar config - TEMPLATE - update for cores and temp # waybar config - TEMPLATE - update for cores and temp
programs.waybar.settings.mainBar = { programs.waybar.settings.mainBar = {
@ -109,6 +109,7 @@
natural_scroll = "enabled"; natural_scroll = "enabled";
middle_emulation = "enabled"; middle_emulation = "enabled";
}; };
}; };
output = { output = {
@ -119,21 +120,25 @@
}; };
}; };
keybindings = let keybindings =
inherit (config.wayland.windowManager.sway.config) modifier; let
in { inherit (config.wayland.windowManager.sway.config) modifier;
# TEMPLATE in
"${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\""; {
# "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\""; # TEMPLATE
}; "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\"";
# "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\"";
};
startup = [ startup = [
{command = "nextcloud --background";}
{command = "discord --start-minimized";} { command = "nextcloud --background"; }
{command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} { command = "discord --start-minimized"; }
{command = "ANKI_WAYLAND=1 anki";} { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
{command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} { command = "ANKI_WAYLAND=1 anki"; }
{command = "nm-applet";} { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
{ command = "nm-applet"; }
]; ];
}; };
}; };

22
profiles/TEMPLATE/nixos.nix
View file

@ -1,7 +1,13 @@
{pkgs, ...}: { { pkgs, ... }:
imports = [
./hardware-configuration.nix {
];
imports =
[
./hardware-configuration.nix
];
services = { services = {
getty.autologinUser = "TEMPLATE"; getty.autologinUser = "TEMPLATE";
@ -67,7 +73,7 @@
}; };
monospace = { monospace = {
package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
name = "FiraCode Nerd Font Mono"; name = "FiraCode Nerd Font Mono";
}; };
@ -78,6 +84,7 @@
}; };
}; };
# Configure keymap in X11 (only used for login) # Configure keymap in X11 (only used for login)
services.xserver = { services.xserver = {
layout = "us"; layout = "us";
@ -87,12 +94,13 @@
users.users.TEMPLATE = { users.users.TEMPLATE = {
isNormalUser = true; isNormalUser = true;
description = "TEMPLATE"; description = "TEMPLATE";
extraGroups = ["networkmanager" "wheel" "lp" "audio" "video"]; extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" ];
packages = with pkgs; []; packages = with pkgs; [ ];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
]; ];
system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change
} }

419
profiles/common/home.nix
View file

@ -1,10 +1,8 @@
{ config, pkgs, fetchFromGitHub, ... }:
{ {
config,
pkgs,
fetchFromGitHub,
...
}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
# audio stuff # audio stuff
spek # spectrum analyzer spek # spectrum analyzer
losslessaudiochecker losslessaudiochecker
@ -20,7 +18,7 @@
simple-scan simple-scan
# dict # dict
(aspellWithDicts (dicts: with dicts; [de en en-computers en-science])) (aspellWithDicts (dicts: with dicts; [ de en en-computers en-science ]))
# utilities # utilities
util-linux util-linux
@ -150,21 +148,13 @@
# latex and related packages # latex and related packages
(pkgs.texlive.combine { (pkgs.texlive.combine {
inherit inherit (pkgs.texlive) scheme-full
(pkgs.texlive) dvisvgm dvipng# for preview and export as html
scheme-full wrapfig amsmath ulem hyperref capt-of;
dvisvgm
dvipng # for preview and export as html
wrapfig
amsmath
ulem
hyperref
capt-of
;
}) })
# font stuff # font stuff
(nerdfonts.override {fonts = ["FiraMono" "FiraCode" "NerdFontsSymbolsOnly"];}) (nerdfonts.override { fonts = [ "FiraMono" "FiraCode" "NerdFontsSymbolsOnly" ]; })
noto-fonts-emoji noto-fonts-emoji
font-awesome_5 font-awesome_5
noto-fonts noto-fonts
@ -180,23 +170,23 @@
url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-modern.AppImage"; url = "https://github.com/Ultimaker/Cura/releases/download/${version}/UltiMaker-Cura-${version}-linux-modern.AppImage";
hash = "sha256-QVv7Wkfo082PH6n6rpsB79st2xK2+Np9ivBg/PYZd74="; hash = "sha256-QVv7Wkfo082PH6n6rpsB79st2xK2+Np9ivBg/PYZd74=";
}; };
extraPkgs = pkgs: with pkgs; []; extraPkgs = pkgs: with pkgs; [ ];
}; };
in in
writeScriptBin "cura" '' writeScriptBin "cura" ''
#! ${pkgs.bash}/bin/bash #! ${pkgs.bash}/bin/bash
# AppImage version of Cura loses current working directory and treats all paths relateive to $HOME. # AppImage version of Cura loses current working directory and treats all paths relateive to $HOME.
# So we convert each of the files passed as argument to an absolute path. # So we convert each of the files passed as argument to an absolute path.
# This fixes use cases like `cd /path/to/my/files; cura mymodel.stl anothermodel.stl`. # This fixes use cases like `cd /path/to/my/files; cura mymodel.stl anothermodel.stl`.
args=() args=()
for a in "$@"; do for a in "$@"; do
if [ -e "$a" ]; then if [ -e "$a" ]; then
a="$(realpath "$a")" a="$(realpath "$a")"
fi fi
args+=("$a") args+=("$a")
done done
exec "${cura5}/bin/cura5" "''${args[@]}" exec "${cura5}/bin/cura5" "''${args[@]}"
'' ''
) )
#E: hides scratchpad depending on state, calls emacsclient for edit and then restores the scratchpad state #E: hides scratchpad depending on state, calls emacsclient for edit and then restores the scratchpad state
@ -237,7 +227,7 @@
(pkgs.writeShellApplication { (pkgs.writeShellApplication {
name = "pass-fuzzel"; name = "pass-fuzzel";
runtimeInputs = [pkgs.pass pkgs.fuzzel]; runtimeInputs = [ pkgs.pass pkgs.fuzzel ];
text = '' text = ''
shopt -s nullglob globstar shopt -s nullglob globstar
@ -268,7 +258,7 @@
(pkgs.writeShellApplication { (pkgs.writeShellApplication {
name = "pass-fuzzel-otp"; name = "pass-fuzzel-otp";
runtimeInputs = [pkgs.fuzzel (pkgs.pass.withExtensions (exts: [exts.pass-otp]))]; runtimeInputs = [ pkgs.fuzzel (pkgs.pass.withExtensions (exts: [ exts.pass-otp ])) ];
text = '' text = ''
shopt -s nullglob globstar shopt -s nullglob globstar
@ -299,7 +289,7 @@
(pkgs.writeShellApplication { (pkgs.writeShellApplication {
name = "cdw"; name = "cdw";
runtimeInputs = [pkgs.fzf]; runtimeInputs = [ pkgs.fzf ];
text = '' text = ''
cd "$(git worktree list | fzf | awk '{print $1}')" cd "$(git worktree list | fzf | awk '{print $1}')"
''; '';
@ -307,7 +297,7 @@
(pkgs.writeShellApplication { (pkgs.writeShellApplication {
name = "cdb"; name = "cdb";
runtimeInputs = [pkgs.fzf]; runtimeInputs = [ pkgs.fzf ];
text = '' text = ''
git checkout "$(git branch --list | grep -v "^\*" | fzf | awk '{print $1}')" git checkout "$(git branch --list | grep -v "^\*" | fzf | awk '{print $1}')"
''; '';
@ -319,17 +309,18 @@
cp "$1"{,.bak} cp "$1"{,.bak}
''; '';
}) })
]; ];
sops = { sops = {
defaultSopsFile = "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml"; defaultSopsFile = "${config.home.homeDirectory}/.dotfiles/secrets/general/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets = { secrets = {
mrswarsel = {path = "/run/user/1000/secrets/mrswarsel";}; mrswarsel = { path = "/run/user/1000/secrets/mrswarsel"; };
nautilus = {path = "/run/user/1000/secrets/nautilus";}; nautilus = { path = "/run/user/1000/secrets/nautilus"; };
leon = {path = "/run/user/1000/secrets/leon";}; leon = { path = "/run/user/1000/secrets/leon"; };
swarselmail = {path = "/run/user/1000/secrets/swarselmail";}; swarselmail = { path = "/run/user/1000/secrets/swarselmail"; };
caldav = {path = "${config.home.homeDirectory}/.emacs.d/.caldav";}; caldav = { path = "${config.home.homeDirectory}/.emacs.d/.caldav"; };
}; };
}; };
@ -431,12 +422,13 @@
stylix.targets.emacs.enable = false; stylix.targets.emacs.enable = false;
xdg.desktopEntries = { xdg.desktopEntries = {
cura = { cura = {
name = "Ultimaker Cura"; name = "Ultimaker Cura";
genericName = "Cura"; genericName = "Cura";
exec = "cura"; exec = "cura";
terminal = false; terminal = false;
categories = ["Application"]; categories = [ "Application" ];
}; };
anki = { anki = {
@ -444,7 +436,7 @@
genericName = "Anki"; genericName = "Anki";
exec = "anki"; exec = "anki";
terminal = false; terminal = false;
categories = ["Application"]; categories = [ "Application" ];
}; };
# schlidichat = { # schlidichat = {
@ -460,7 +452,7 @@
genericName = "Element"; genericName = "Element";
exec = "element-desktop -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; exec = "element-desktop -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";
terminal = false; terminal = false;
categories = ["Application"]; categories = [ "Application" ];
}; };
emacsclient-newframe = { emacsclient-newframe = {
@ -469,8 +461,9 @@
exec = "emacsclient -r %u"; exec = "emacsclient -r %u";
icon = "emacs"; icon = "emacs";
terminal = false; terminal = false;
categories = ["Development" "TextEditor"]; categories = [ "Development" "TextEditor" ];
}; };
}; };
home.file = { home.file = {
@ -519,25 +512,27 @@
zoxide.enable = true; zoxide.enable = true;
}; };
programs.nix-index = let programs.nix-index =
command-not-found = pkgs.runCommandLocal "command-not-found.sh" {} '' let
mkdir -p $out/etc/profile.d command-not-found = pkgs.runCommandLocal "command-not-found.sh" { } ''
substitute ${../../scripts/command-not-found.sh} \ mkdir -p $out/etc/profile.d
$out/etc/profile.d/command-not-found.sh \ substitute ${../../scripts/command-not-found.sh} \
--replace @nix-locate@ ${pkgs.nix-index}/bin/nix-locate \ $out/etc/profile.d/command-not-found.sh \
--replace @tput@ ${pkgs.ncurses}/bin/tput --replace @nix-locate@ ${pkgs.nix-index}/bin/nix-locate \
''; --replace @tput@ ${pkgs.ncurses}/bin/tput
in { '';
enable = true; in
package = pkgs.symlinkJoin { {
name = "nix-index"; enable = true;
paths = [command-not-found]; package = pkgs.symlinkJoin {
name = "nix-index";
paths = [ command-not-found ];
};
}; };
};
programs.password-store = { programs.password-store = {
enable = true; enable = true;
package = pkgs.pass.withExtensions (exts: [exts.pass-otp]); package = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]);
}; };
programs.direnv = { programs.direnv = {
@ -771,7 +766,7 @@
enable = true; enable = true;
}; };
# this is needed so that mbsync can use the passwords from sops # this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = ["sops-nix.service"]; systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
programs.msmtp = { programs.msmtp = {
enable = true; enable = true;
@ -804,7 +799,7 @@
enable = true; enable = true;
create = "maildir"; create = "maildir";
expunge = "both"; expunge = "both";
patterns = ["*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"]; patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = { extraConfig = {
channel = { channel = {
Sync = "All"; Sync = "All";
@ -854,7 +849,7 @@
enable = true; enable = true;
create = "maildir"; create = "maildir";
expunge = "both"; expunge = "both";
patterns = ["*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"]; patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = { extraConfig = {
channel = { channel = {
Sync = "All"; Sync = "All";
@ -881,7 +876,7 @@
enable = true; enable = true;
create = "maildir"; create = "maildir";
expunge = "both"; expunge = "both";
patterns = ["*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail"]; patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = { extraConfig = {
channel = { channel = {
Sync = "All"; Sync = "All";
@ -922,7 +917,7 @@
rev = "bc99afee611690f85f0cd0bd33300f3385ddd3d3"; rev = "bc99afee611690f85f0cd0bd33300f3385ddd3d3";
hash = "sha256-0xMII1KJhTBgQ57tXJks0ZFYMXIanrOl9XyqVmu7a7Y="; hash = "sha256-0xMII1KJhTBgQ57tXJks0ZFYMXIanrOl9XyqVmu7a7Y=";
}; };
packageRequires = [epkgs.howm]; packageRequires = [ epkgs.howm ];
}) })
(epkgs.trivialBuild rec { (epkgs.trivialBuild rec {
@ -934,21 +929,23 @@
rev = "3f6ca0d5556fe9795b74714304564f2295dcfa24"; rev = "3f6ca0d5556fe9795b74714304564f2295dcfa24";
hash = "sha256-w1wmJW7YwXyjvXJOWdN2+k+QmhXr4IflES/c2bCX3CI="; hash = "sha256-w1wmJW7YwXyjvXJOWdN2+k+QmhXr4IflES/c2bCX3CI=";
}; };
packageRequires = []; packageRequires = [ ];
}) })
]; ];
}; };
}; };
programs.waybar = { programs.waybar = {
enable = true; enable = true;
# systemd.enable = true; # systemd.enable = true;
settings = { settings = {
mainBar = { mainBar = {
layer = "top"; layer = "top";
position = "top"; position = "top";
modules-left = ["sway/workspaces" "custom/outer-right-arrow-dark" "sway/window"]; modules-left = [ "sway/workspaces" "custom/outer-right-arrow-dark" "sway/window" ];
modules-center = ["sway/mode" "custom/configwarn"]; modules-center = [ "sway/mode" "custom/configwarn" ];
"sway/mode" = { "sway/mode" = {
format = "<span style=\"italic\" font-weight=\"bold\">{}</span>"; format = "<span style=\"italic\" font-weight=\"bold\">{}</span>";
}; };
@ -993,6 +990,7 @@
critical-threshold = 80; critical-threshold = 80;
format-critical = " {temperatureC}°C"; format-critical = " {temperatureC}°C";
format = " {temperatureC}°C"; format = " {temperatureC}°C";
}; };
mpris = { mpris = {
@ -1077,9 +1075,10 @@
cpu = { cpu = {
min-length = 6; min-length = 6;
interval = 5; interval = 5;
format-icons = ["" "" "" "" "" "" "" ""]; format-icons = [ "" "" "" "" "" "" "" "" ];
# on-click-right= "com.github.stsdc.monitor"; # on-click-right= "com.github.stsdc.monitor";
on-click-right = "kitty -o confirm_os_window_close=0 btm"; on-click-right = "kitty -o confirm_os_window_close=0 btm";
}; };
battery = { battery = {
states = { states = {
@ -1174,68 +1173,48 @@
search.engines = { search.engines = {
"Nix Packages" = { "Nix Packages" = {
urls = [ urls = [{
{ template = "https://search.nixos.org/packages";
template = "https://search.nixos.org/packages"; params = [
params = [ { name = "type"; value = "packages"; }
{ { name = "query"; value = "{searchTerms}"; }
name = "type"; ];
value = "packages"; }];
}
{
name = "query";
value = "{searchTerms}";
}
];
}
];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"]; definedAliases = [ "@np" ];
}; };
"NixOS Wiki" = { "NixOS Wiki" = {
urls = [ urls = [{
{ template = "https://nixos.wiki/index.php?search={searchTerms}";
template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
}
];
iconUpdateURL = "https://nixos.wiki/favicon.png"; iconUpdateURL = "https://nixos.wiki/favicon.png";
updateInterval = 24 * 60 * 60 * 1000; # every day updateInterval = 24 * 60 * 60 * 1000; # every day
definedAliases = ["@nw"]; definedAliases = [ "@nw" ];
}; };
"NixOS Options" = { "NixOS Options" = {
urls = [ urls = [{
{ template = "https://search.nixos.org/options";
template = "https://search.nixos.org/options"; params = [
params = [ { name = "query"; value = "{searchTerms}"; }
{ ];
name = "query"; }];
value = "{searchTerms}";
}
];
}
];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@no"]; definedAliases = [ "@no" ];
}; };
"Home Manager Options" = { "Home Manager Options" = {
urls = [ urls = [{
{ template = "https://home-manager-options.extranix.com/";
template = "https://home-manager-options.extranix.com/"; params = [
params = [ { name = "query"; value = "{searchTerms}"; }
{ ];
name = "query"; }];
value = "{searchTerms}";
}
];
}
];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@hm" "@ho" "@hmo"]; definedAliases = [ "@hm" "@ho" "@hmo" ];
}; };
"Google".metaData.alias = "@g"; "Google".metaData.alias = "@g";
@ -1311,78 +1290,80 @@ group-by=category
modifier = "Mod4"; modifier = "Mod4";
terminal = "kitty"; terminal = "kitty";
menu = "fuzzel"; menu = "fuzzel";
bars = [{command = "waybar";}]; bars = [{ command = "waybar"; }];
keybindings = let keybindings =
inherit (config.wayland.windowManager.sway.config) modifier; let
in { inherit (config.wayland.windowManager.sway.config) modifier;
"${modifier}+q" = "kill"; in
"${modifier}+f" = "exec firefox"; {
"${modifier}+Space" = "exec fuzzel"; "${modifier}+q" = "kill";
"${modifier}+Shift+Space" = "floating toggle"; "${modifier}+f" = "exec firefox";
"${modifier}+e" = "exec emacsclient -nquc -a emacs -e \"(dashboard-open)\""; "${modifier}+Space" = "exec fuzzel";
"${modifier}+Shift+m" = "exec emacsclient -nquc -a emacs -e \"(mu4e)\""; "${modifier}+Shift+Space" = "floating toggle";
"${modifier}+Shift+c" = "exec emacsclient -nquc -a emacs -e \"(swarsel/open-calendar)\""; "${modifier}+e" = "exec emacsclient -nquc -a emacs -e \"(dashboard-open)\"";
"${modifier}+Shift+s" = "exec \"bash ~/.dotfiles/scripts/checkspotify.sh\""; "${modifier}+Shift+m" = "exec emacsclient -nquc -a emacs -e \"(mu4e)\"";
"${modifier}+m" = "exec \"bash ~/.dotfiles/scripts/checkspotifytui.sh\""; "${modifier}+Shift+c" = "exec emacsclient -nquc -a emacs -e \"(swarsel/open-calendar)\"";
"${modifier}+x" = "exec \"bash ~/.dotfiles/scripts/checkkitty.sh\""; "${modifier}+Shift+s" = "exec \"bash ~/.dotfiles/scripts/checkspotify.sh\"";
"${modifier}+d" = "exec \"bash ~/.dotfiles/scripts/checkdiscord.sh\""; "${modifier}+m" = "exec \"bash ~/.dotfiles/scripts/checkspotifytui.sh\"";
"${modifier}+Shift+r" = "exec \"bash ~/.dotfiles/scripts/restart.sh\""; "${modifier}+x" = "exec \"bash ~/.dotfiles/scripts/checkkitty.sh\"";
"${modifier}+Shift+t" = "exec \"bash ~/.dotfiles/scripts/toggle_opacity.sh\""; "${modifier}+d" = "exec \"bash ~/.dotfiles/scripts/checkdiscord.sh\"";
"${modifier}+Shift+F12" = "move scratchpad"; "${modifier}+Shift+r" = "exec \"bash ~/.dotfiles/scripts/restart.sh\"";
"${modifier}+F12" = "scratchpad show"; "${modifier}+Shift+t" = "exec \"bash ~/.dotfiles/scripts/toggle_opacity.sh\"";
"${modifier}+c" = "exec qalculate-gtk"; "${modifier}+Shift+F12" = "move scratchpad";
"${modifier}+p" = "exec pass-fuzzel"; "${modifier}+F12" = "scratchpad show";
"${modifier}+o" = "exec pass-fuzzel-otp"; "${modifier}+c" = "exec qalculate-gtk";
"${modifier}+Shift+p" = "exec pass-fuzzel --type"; "${modifier}+p" = "exec pass-fuzzel";
"${modifier}+Shift+o" = "exec pass-fuzzel-otp --type"; "${modifier}+o" = "exec pass-fuzzel-otp";
"${modifier}+Escape" = "mode $exit"; "${modifier}+Shift+p" = "exec pass-fuzzel --type";
# "${modifier}+Shift+Escape" = "exec com.github.stsdc.monitor"; "${modifier}+Shift+o" = "exec pass-fuzzel-otp --type";
"${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm"; "${modifier}+Escape" = "mode $exit";
"${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; # "${modifier}+Shift+Escape" = "exec com.github.stsdc.monitor";
"${modifier}+i" = "exec \"bash ~/.dotfiles/scripts/startup.sh\""; "${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm";
"${modifier}+1" = "workspace 1:"; "${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
"${modifier}+Shift+1" = "move container to workspace 1:"; "${modifier}+i" = "exec \"bash ~/.dotfiles/scripts/startup.sh\"";
"${modifier}+2" = "workspace 2:"; "${modifier}+1" = "workspace 1:";
"${modifier}+Shift+2" = "move container to workspace 2:"; "${modifier}+Shift+1" = "move container to workspace 1:";
"${modifier}+3" = "workspace 3:"; "${modifier}+2" = "workspace 2:";
"${modifier}+Shift+3" = "move container to workspace 3:"; "${modifier}+Shift+2" = "move container to workspace 2:";
"${modifier}+4" = "workspace 4:"; "${modifier}+3" = "workspace 3:";
"${modifier}+Shift+4" = "move container to workspace 4:"; "${modifier}+Shift+3" = "move container to workspace 3:";
"${modifier}+5" = "workspace 5:"; "${modifier}+4" = "workspace 4:";
"${modifier}+Shift+5" = "move container to workspace 5:"; "${modifier}+Shift+4" = "move container to workspace 4:";
"${modifier}+6" = "workspace 6:"; "${modifier}+5" = "workspace 5:";
"${modifier}+Shift+6" = "move container to workspace 6:"; "${modifier}+Shift+5" = "move container to workspace 5:";
"${modifier}+7" = "workspace 7:"; "${modifier}+6" = "workspace 6:";
"${modifier}+Shift+7" = "move container to workspace 7:"; "${modifier}+Shift+6" = "move container to workspace 6:";
"${modifier}+8" = "workspace 8:"; "${modifier}+7" = "workspace 7:";
"${modifier}+Shift+8" = "move container to workspace 8:"; "${modifier}+Shift+7" = "move container to workspace 7:";
"${modifier}+9" = "workspace 9:"; "${modifier}+8" = "workspace 8:";
"${modifier}+Shift+9" = "move container to workspace 9:"; "${modifier}+Shift+8" = "move container to workspace 8:";
"${modifier}+0" = "workspace 10:"; "${modifier}+9" = "workspace 9:";
"${modifier}+Shift+0" = "move container to workspace 10:"; "${modifier}+Shift+9" = "move container to workspace 9:";
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; "${modifier}+0" = "workspace 10:";
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; "${modifier}+Shift+0" = "move container to workspace 10:";
"${modifier}+Left" = "focus left"; "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
"${modifier}+Right" = "focus right"; "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
"${modifier}+Down" = "focus down"; "${modifier}+Left" = "focus left";
"${modifier}+Up" = "focus up"; "${modifier}+Right" = "focus right";
"${modifier}+Shift+Left" = "move left 40px"; "${modifier}+Down" = "focus down";
"${modifier}+Shift+Right" = "move right 40px"; "${modifier}+Up" = "focus up";
"${modifier}+Shift+Down" = "move down 40px"; "${modifier}+Shift+Left" = "move left 40px";
"${modifier}+Shift+Up" = "move up 40px"; "${modifier}+Shift+Right" = "move right 40px";
"${modifier}+h" = "focus left"; "${modifier}+Shift+Down" = "move down 40px";
"${modifier}+l" = "focus right"; "${modifier}+Shift+Up" = "move up 40px";
"${modifier}+j" = "focus down"; "${modifier}+h" = "focus left";
"${modifier}+k" = "focus up"; "${modifier}+l" = "focus right";
"${modifier}+Shift+h" = "move left 40px"; "${modifier}+j" = "focus down";
"${modifier}+Shift+l" = "move right 40px"; "${modifier}+k" = "focus up";
"${modifier}+Shift+j" = "move down 40px"; "${modifier}+Shift+h" = "move left 40px";
"${modifier}+Shift+k" = "move up 40px"; "${modifier}+Shift+l" = "move right 40px";
"${modifier}+Ctrl+Shift+c" = "reload"; "${modifier}+Shift+j" = "move down 40px";
"${modifier}+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'"; "${modifier}+Shift+k" = "move up 40px";
"${modifier}+r" = "mode resize"; "${modifier}+Ctrl+Shift+c" = "reload";
"${modifier}+Return" = "exec kitty"; "${modifier}+Shift+e" = "exec swaynag -t warning -m 'You pressed the exit shortcut. Do you really want to exit sway? This will end your Wayland session.' -b 'Yes, exit sway' 'swaymsg exit'";
}; "${modifier}+r" = "mode resize";
"${modifier}+Return" = "exec kitty";
};
modes = { modes = {
resize = { resize = {
Down = "resize grow height 10 px or 10 ppt"; Down = "resize grow height 10 px or 10 ppt";
@ -1395,41 +1376,41 @@ group-by=category
}; };
defaultWorkspace = "workspace 1:"; defaultWorkspace = "workspace 1:";
startup = [ startup = [
{command = "kitty -T kittyterm";} { command = "kitty -T kittyterm"; }
{command = "sleep 60; kitty -T spotifytui -o confirm_os_window_close=0 spotify_player";} { command = "sleep 60; kitty -T spotifytui -o confirm_os_window_close=0 spotify_player"; }
]; ];
window = { window = {
border = 1; border = 1;
titlebar = false; titlebar = false;
}; };
assigns = { assigns = {
"1:" = [{app_id = "firefox";}]; "1:" = [{ app_id = "firefox"; }];
}; };
floating = { floating = {
border = 1; border = 1;
criteria = [ criteria = [
{title = "^Picture-in-Picture$";} { title = "^Picture-in-Picture$"; }
{app_id = "qalculate-gtk";} { app_id = "qalculate-gtk"; }
{app_id = "org.gnome.clocks";} { app_id = "org.gnome.clocks"; }
{app_id = "com.github.stsdc.monitor";} { app_id = "com.github.stsdc.monitor"; }
{app_id = "blueman";} { app_id = "blueman"; }
{app_id = "pavucontrol";} { app_id = "pavucontrol"; }
{app_id = "syncthingtray";} { app_id = "syncthingtray"; }
{title = "Syncthing Tray";} { title = "Syncthing Tray"; }
{app_id = "SchildiChat";} { app_id = "SchildiChat"; }
{app_id = "Element";} { app_id = "Element"; }
{app_id = "com.nextcloud.desktopclient.nextcloud";} { app_id = "com.nextcloud.desktopclient.nextcloud"; }
{app_id = "gnome-system-monitor";} { app_id = "gnome-system-monitor"; }
{title = "(?:Open|Save) (?:File|Folder|As)";} { title = "(?:Open|Save) (?:File|Folder|As)"; }
{title = "^Add$";} { title = "^Add$"; }
{title = "com-jgoodies-jdiskreport-JDiskReport";} { title = "com-jgoodies-jdiskreport-JDiskReport"; }
{app_id = "discord";} { app_id = "discord"; }
{window_role = "pop-up";} { window_role = "pop-up"; }
{window_role = "bubble";} { window_role = "bubble"; }
{window_role = "dialog";} { window_role = "dialog"; }
{window_role = "task_dialog";} { window_role = "task_dialog"; }
{window_role = "menu";} { window_role = "menu"; }
{window_role = "Preferences";} { window_role = "Preferences"; }
]; ];
titlebar = false; titlebar = false;
}; };
@ -1479,6 +1460,7 @@ group-by=category
# }; # };
# } # }
{ {
command = "resize set width 60 ppt height 60 ppt, sticky enable, move container to scratchpad"; command = "resize set width 60 ppt height 60 ppt, sticky enable, move container to scratchpad";
criteria = { criteria = {
class = "Spotify"; class = "Spotify";
@ -1523,9 +1505,10 @@ group-by=category
# exec systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK # exec systemctl --user import-environment DISPLAY WAYLAND_DISPLAY SWAYSOCK
# exec hash dbus-update-activation-environment 2>/dev/null && dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK # exec hash dbus-update-activation-environment 2>/dev/null && dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK
# "; # ";
extraConfig = let extraConfig =
inherit (config.wayland.windowManager.sway.config) modifier; let
swayfxSettings = " inherit (config.wayland.windowManager.sway.config) modifier;
swayfxSettings = "
blur enable blur enable
blur_xray disable blur_xray disable
blur_passes 1 blur_passes 1
@ -1535,7 +1518,8 @@ group-by=category
titlebar_separator disable titlebar_separator disable
default_dim_inactive 0.02 default_dim_inactive 0.02
"; ";
in " in
"
exec_always autotiling exec_always autotiling
set $exit \"exit: [s]leep, [p]oweroff, [r]eboot, [l]ogout\" set $exit \"exit: [s]leep, [p]oweroff, [r]eboot, [l]ogout\"
mode $exit { mode $exit {
@ -1558,4 +1542,5 @@ group-by=category
"; ";
}; };
} }

115
profiles/common/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, lib, pkgs, ... }:
{ {
config,
lib,
pkgs,
...
}: {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
@ -16,7 +13,7 @@
}; };
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
users.mutableUsers = false; users.mutableUsers = false;
@ -50,7 +47,7 @@
nix.optimise = { nix.optimise = {
automatic = true; automatic = true;
dates = ["weekly"]; dates = [ "weekly" ];
}; };
# systemd # systemd
@ -127,12 +124,12 @@
cloned-mac-address = "preserve"; cloned-mac-address = "preserve";
mac-address = "90:2E:16:D0:A1:87"; mac-address = "90:2E:16:D0:A1:87";
}; };
ipv4 = {method = "shared";}; ipv4 = { method = "shared"; };
ipv6 = { ipv6 = {
addr-gen-mode = "stable-privacy"; addr-gen-mode = "stable-privacy";
method = "auto"; method = "auto";
}; };
proxy = {}; proxy = { };
}; };
eduroam = { eduroam = {
@ -146,12 +143,12 @@
id = "eduroam"; id = "eduroam";
type = "wifi"; type = "wifi";
}; };
ipv4 = {method = "auto";}; ipv4 = { method = "auto"; };
ipv6 = { ipv6 = {
addr-gen-mode = "default"; addr-gen-mode = "default";
method = "auto"; method = "auto";
}; };
proxy = {}; proxy = { };
wifi = { wifi = {
mode = "infrastructure"; mode = "infrastructure";
ssid = "eduroam"; ssid = "eduroam";
@ -168,7 +165,7 @@
id = "local"; id = "local";
type = "ethernet"; type = "ethernet";
}; };
ethernet = {}; ethernet = { };
ipv4 = { ipv4 = {
address1 = "10.42.1.1/24"; address1 = "10.42.1.1/24";
method = "shared"; method = "shared";
@ -177,7 +174,7 @@
addr-gen-mode = "stable-privacy"; addr-gen-mode = "stable-privacy";
method = "auto"; method = "auto";
}; };
proxy = {}; proxy = { };
}; };
HH40V_39F5 = { HH40V_39F5 = {
@ -185,12 +182,12 @@
id = "HH40V_39F5"; id = "HH40V_39F5";
type = "wifi"; type = "wifi";
}; };
ipv4 = {method = "auto";}; ipv4 = { method = "auto"; };
ipv6 = { ipv6 = {
addr-gen-mode = "stable-privacy"; addr-gen-mode = "stable-privacy";
method = "auto"; method = "auto";
}; };
proxy = {}; proxy = { };
wifi = { wifi = {
band = "bg"; band = "bg";
mode = "infrastructure"; mode = "infrastructure";
@ -207,12 +204,12 @@
id = "magicant"; id = "magicant";
type = "wifi"; type = "wifi";
}; };
ipv4 = {method = "auto";}; ipv4 = { method = "auto"; };
ipv6 = { ipv6 = {
addr-gen-mode = "default"; addr-gen-mode = "default";
method = "auto"; method = "auto";
}; };
proxy = {}; proxy = { };
wifi = { wifi = {
mode = "infrastructure"; mode = "infrastructure";
ssid = "magicant"; ssid = "magicant";
@ -230,15 +227,16 @@
id = "PIA Sweden"; id = "PIA Sweden";
type = "vpn"; type = "vpn";
}; };
ipv4 = {method = "auto";}; ipv4 = { method = "auto"; };
ipv6 = { ipv6 = {
addr-gen-mode = "stable-privacy"; addr-gen-mode = "stable-privacy";
method = "auto"; method = "auto";
}; };
proxy = {}; proxy = { };
vpn = { vpn = {
auth = "sha1"; auth = "sha1";
ca = "${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem"; ca =
"${config.users.users.swarsel.home}/.dotfiles/secrets/certs/sweden-aes-128-cbc-udp-dns-ca.pem";
challenge-response-flags = "2"; challenge-response-flags = "2";
cipher = "aes-128-cbc"; cipher = "aes-128-cbc";
compress = "yes"; compress = "yes";
@ -252,7 +250,7 @@
service-type = "org.freedesktop.NetworkManager.openvpn"; service-type = "org.freedesktop.NetworkManager.openvpn";
username = "$VPNUSER"; username = "$VPNUSER";
}; };
vpn-secrets = {password = "$VPNPASS";}; vpn-secrets = { password = "$VPNPASS"; };
}; };
Hotspot = { Hotspot = {
@ -261,12 +259,12 @@
id = "Hotspot"; id = "Hotspot";
type = "wifi"; type = "wifi";
}; };
ipv4 = {method = "shared";}; ipv4 = { method = "shared"; };
ipv6 = { ipv6 = {
addr-gen-mode = "default"; addr-gen-mode = "default";
method = "ignore"; method = "ignore";
}; };
proxy = {}; proxy = { };
wifi = { wifi = {
mode = "ap"; mode = "ap";
ssid = "Hotspot-fourside"; ssid = "Hotspot-fourside";
@ -279,11 +277,12 @@
psk = "$HOTSPOT"; psk = "$HOTSPOT";
}; };
}; };
}; };
}; };
}; };
systemd.services.NetworkManager-ensure-profiles.after = ["NetworkManager.service"]; systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ];
time.timeZone = "Europe/Vienna"; time.timeZone = "Europe/Vienna";
@ -303,19 +302,20 @@
}; };
sops = { sops = {
defaultSopsFile = "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml"; defaultSopsFile = "${config.users.users.swarsel.home}/.dotfiles/secrets/general/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets = { secrets = {
swarseluser = {neededForUsers = true;}; swarseluser = { neededForUsers = true; };
ernest = {}; ernest = { };
frauns = {}; frauns = { };
hotspot = {}; hotspot = { };
eduid = {}; eduid = { };
edupass = {}; edupass = { };
handyhotspot = {}; handyhotspot = { };
vpnuser = {}; vpnuser = { };
vpnpass = {}; vpnpass = { };
}; };
templates = { templates = {
"network-manager.env".content = '' "network-manager.env".content = ''
@ -383,7 +383,7 @@
#lsp-bridge / python #lsp-bridge / python
gcc gcc
gdb gdb
(python3.withPackages (ps: with ps; [jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server])) (python3.withPackages (ps: with ps; [ jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server ]))
# (python3.withPackages(ps: with ps; [ jupyter ipython pyqt5 numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server])) # (python3.withPackages(ps: with ps; [ jupyter ipython pyqt5 numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server]))
# -------------------------------------------- # --------------------------------------------
@ -405,7 +405,9 @@
tar xvf $src -C $out/ tar xvf $src -C $out/
mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/ mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/
''; '';
}) })
]; ];
programs = { programs = {
@ -416,15 +418,15 @@
programs.zsh.enable = true; programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
environment.shells = with pkgs; [zsh]; environment.shells = with pkgs; [ zsh ];
environment.pathsToLink = ["/share/zsh"]; environment.pathsToLink = [ "/share/zsh" ];
services.blueman.enable = true; services.blueman.enable = true;
# enable scanners over network # enable scanners over network
hardware.sane = { hardware.sane = {
enable = true; enable = true;
extraBackends = [pkgs.sane-airscan]; extraBackends = [ pkgs.sane-airscan ];
}; };
# enable discovery and usage of network devices (esp. printers) # enable discovery and usage of network devices (esp. printers)
@ -454,26 +456,28 @@
# Make CAPS work as a dual function ESC/CTRL key # Make CAPS work as a dual function ESC/CTRL key
services.interception-tools = { services.interception-tools = {
enable = true; enable = true;
udevmonConfig = let udevmonConfig =
dualFunctionKeysConfig = builtins.toFile "dual-function-keys.yaml" '' let
TIMING: dualFunctionKeysConfig = builtins.toFile "dual-function-keys.yaml" ''
TAP_MILLISEC: 200 TIMING:
DOUBLE_TAP_MILLISEC: 0 TAP_MILLISEC: 200
DOUBLE_TAP_MILLISEC: 0
MAPPINGS: MAPPINGS:
- KEY: KEY_CAPSLOCK - KEY: KEY_CAPSLOCK
TAP: KEY_ESC TAP: KEY_ESC
HOLD: KEY_LEFTCTRL HOLD: KEY_LEFTCTRL
'';
in
''
- JOB: |
${pkgs.interception-tools}/bin/intercept -g $DEVNODE \
| ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \
| ${pkgs.interception-tools}/bin/uinput -d $DEVNODE
DEVICE:
EVENTS:
EV_KEY: [KEY_CAPSLOCK]
''; '';
in ''
- JOB: |
${pkgs.interception-tools}/bin/intercept -g $DEVNODE \
| ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \
| ${pkgs.interception-tools}/bin/uinput -d $DEVNODE
DEVICE:
EVENTS:
EV_KEY: [KEY_CAPSLOCK]
'';
}; };
programs.ssh.startAgent = false; programs.ssh.startAgent = false;
@ -505,4 +509,5 @@
environment.etc."greetd/environments".text = '' environment.etc."greetd/environments".text = ''
sway sway
''; '';
} }

19
profiles/fourside/hardware-configuration.nix
View file

@ -1,20 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config
config, , lib
lib, , modulesPath
modulesPath, , ...
...
}: { }: {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/55eee3d2-4125-4aba-a326-10cde2abdf26"; device = "/dev/disk/by-uuid/55eee3d2-4125-4aba-a326-10cde2abdf26";
@ -27,7 +26,7 @@
}; };
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/0a74b04a-99e0-48cd-afcf-6ca849f6f85a";} { device = "/dev/disk/by-uuid/0a74b04a-99e0-48cd-afcf-6ca849f6f85a"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

74
profiles/fourside/home.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableSshSupport = true; enableSshSupport = true;
@ -24,7 +24,7 @@
packages = with pkgs; [ packages = with pkgs; [
]; ];
}; };
sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
# waybar config - TEMPLATE - update for cores and temp # waybar config - TEMPLATE - update for cores and temp
programs.waybar.settings.mainBar = { programs.waybar.settings.mainBar = {
@ -34,6 +34,7 @@
temperature.input-filename = "temp1_input"; temperature.input-filename = "temp1_input";
}; };
programs.waybar.settings.mainBar.modules-right = [ programs.waybar.settings.mainBar.modules-right = [
"custom/outer-left-arrow-dark" "custom/outer-left-arrow-dark"
"mpris" "mpris"
@ -52,6 +53,7 @@
"clock#1" "clock#1"
]; ];
wayland.windowManager.sway = { wayland.windowManager.sway = {
config = rec { config = rec {
# update for actual inputs here, # update for actual inputs here,
@ -72,6 +74,7 @@
natural_scroll = "enabled"; natural_scroll = "enabled";
middle_emulation = "enabled"; middle_emulation = "enabled";
}; };
}; };
output = { output = {
@ -90,41 +93,40 @@
}; };
workspaceOutputAssign = [ workspaceOutputAssign = [
{ { output = "eDP-1"; workspace = "1:"; }
output = "eDP-1"; { output = "DP-4"; workspace = "2:"; }
workspace = "1:";
}
{
output = "DP-4";
workspace = "2:";
}
]; ];
keybindings = let
inherit (config.wayland.windowManager.sway.config) modifier; keybindings =
in { let
"${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\""; inherit (config.wayland.windowManager.sway.config) modifier;
"XF86MonBrightnessUp" = "exec brightnessctl set +5%"; in
"XF86MonBrightnessDown" = "exec brightnessctl set 5%-"; {
"XF86Display" = "exec wl-mirror eDP-1"; "${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkelement.sh\"";
# these are left open to use "XF86MonBrightnessUp" = "exec brightnessctl set +5%";
# "XF86WLAN" = "exec wl-mirror eDP-1"; "XF86MonBrightnessDown" = "exec brightnessctl set 5%-";
# "XF86Messenger" = "exec wl-mirror eDP-1"; "XF86Display" = "exec wl-mirror eDP-1";
# "XF86Go" = "exec wl-mirror eDP-1"; # these are left open to use
# "XF86Favorites" = "exec wl-mirror eDP-1"; # "XF86WLAN" = "exec wl-mirror eDP-1";
# "XF86HomePage" = "exec wtype -P Escape -p Escape"; # "XF86Messenger" = "exec wl-mirror eDP-1";
# "XF86AudioLowerVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink -5%"; # "XF86Go" = "exec wl-mirror eDP-1";
# "XF86AudioRaiseVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink +5% "; # "XF86Favorites" = "exec wl-mirror eDP-1";
"XF86AudioMute" = "pactl set-sink-mute alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink toggle"; # "XF86HomePage" = "exec wtype -P Escape -p Escape";
}; # "XF86AudioLowerVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink -5%";
# "XF86AudioRaiseVolume" = "pactl set-sink-volume alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink +5% ";
"XF86AudioMute" = "pactl set-sink-mute alsa_output.pci-0000_08_00.6.HiFi__hw_Generic_1__sink toggle";
};
startup = [ startup = [
{command = "nextcloud --background";}
{command = "discord --start-minimized";} { command = "nextcloud --background"; }
{command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} { command = "discord --start-minimized"; }
{command = "ANKI_WAYLAND=1 anki";} { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
{command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} { command = "ANKI_WAYLAND=1 anki"; }
{command = "nm-applet";} { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
{ command = "nm-applet"; }
]; ];
}; };
}; };

49
profiles/fourside/nixos.nix
View file

@ -1,17 +1,17 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
# #
# imports = # imports =
# [ # [
# ./hardware-configuration.nix # ./hardware-configuration.nix
# ]; # ];
# #
imports = [ imports =
./hardware-configuration.nix [
]; ./hardware-configuration.nix
];
services = { services = {
getty.autologinUser = "swarsel"; getty.autologinUser = "swarsel";
@ -24,7 +24,7 @@
# kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_latest;
}; };
sops.age.sshKeyPaths = ["${config.users.users.swarsel.home}/.ssh/sops"]; sops.age.sshKeyPaths = [ "${config.users.users.swarsel.home}/.ssh/sops" ];
networking = { networking = {
hostName = "fourside"; # Define your hostname. hostName = "fourside"; # Define your hostname.
@ -33,27 +33,15 @@
firewall.checkReversePath = false; firewall.checkReversePath = false;
firewall = { firewall = {
enable = true; enable = true;
allowedUDPPorts = [4380 27036 14242 34197 51820]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard allowedUDPPorts = [ 4380 27036 14242 34197 51820 ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard
allowedTCPPorts = []; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard allowedTCPPorts = [ ]; # 34197: factorio; 4380 27036 14242: barotrauma; 51820: wireguard
allowedTCPPortRanges = [ allowedTCPPortRanges = [
{ { from = 27015; to = 27030; } # barotrauma
from = 27015; { from = 27036; to = 27037; } # barotrauma
to = 27030;
} # barotrauma
{
from = 27036;
to = 27037;
} # barotrauma
]; ];
allowedUDPPortRanges = [ allowedUDPPortRanges = [
{ { from = 27000; to = 27031; } # barotrauma
from = 27000; { from = 58962; to = 58964; } # barotrauma
to = 27031;
} # barotrauma
{
from = 58962;
to = 58964;
} # barotrauma
]; ];
}; };
}; };
@ -106,7 +94,7 @@
}; };
monospace = { monospace = {
package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
name = "FiraCode Nerd Font Mono"; name = "FiraCode Nerd Font Mono";
}; };
@ -117,6 +105,7 @@
}; };
}; };
hardware = { hardware = {
graphics = { graphics = {
enable = true; enable = true;
@ -162,8 +151,8 @@
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
hashedPasswordFile = config.sops.secrets.swarseluser.path; hashedPasswordFile = config.sops.secrets.swarseluser.path;
extraGroups = ["networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner"]; extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ];
packages = with pkgs; []; packages = with pkgs; [ ];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -177,4 +166,6 @@
]; ];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
} }

2
profiles/mysticant/configuration.nix
View file

@ -1,4 +1,4 @@
{pkgs, ...}: { { pkgs, ... }: {
environment.packages = with pkgs; [ environment.packages = with pkgs; [
vim vim
git git

8
profiles/remote/oracle/matrix/hardware-configuration.nix
View file

@ -1,5 +1,5 @@
{modulesPath, ...}: { { modulesPath, ... }: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")]; imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub = { boot.loader.grub = {
efiSupport = true; efiSupport = true;
efiInstallAsRemovable = true; efiInstallAsRemovable = true;
@ -9,8 +9,8 @@
device = "/dev/disk/by-uuid/A1B2-7E6F"; device = "/dev/disk/by-uuid/A1B2-7E6F";
fsType = "vfat"; fsType = "vfat";
}; };
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = ["nvme"]; boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/ocivolume-root"; device = "/dev/mapper/ocivolume-root";
fsType = "xfs"; fsType = "xfs";

37
profiles/remote/oracle/matrix/nixos.nix
View file

@ -1,11 +1,9 @@
{ { config, pkgs, sops, ... }:
config, let
pkgs,
sops,
...
}: let
matrixDomain = "swatrix.swarsel.win"; matrixDomain = "swatrix.swarsel.win";
in { in
{
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -24,19 +22,19 @@ in {
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/root/.dotfiles/secrets/omatrix/secrets.yaml"; defaultSopsFile = "/root/.dotfiles/secrets/omatrix/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets = { secrets = {
dnstokenfull = {owner = "acme";}; dnstokenfull = { owner = "acme"; };
matrixsharedsecret = {owner = "matrix-synapse";}; matrixsharedsecret = { owner = "matrix-synapse"; };
mautrixtelegram_as = {owner = "matrix-synapse";}; mautrixtelegram_as = { owner = "matrix-synapse"; };
mautrixtelegram_hs = {owner = "matrix-synapse";}; mautrixtelegram_hs = { owner = "matrix-synapse"; };
mautrixtelegram_api_id = {owner = "matrix-synapse";}; mautrixtelegram_api_id = { owner = "matrix-synapse"; };
mautrixtelegram_api_hash = {owner = "matrix-synapse";}; mautrixtelegram_api_hash = { owner = "matrix-synapse"; };
}; };
templates = { templates = {
"certs.secret".content = '' "certs.secret".content = ''
@ -82,6 +80,7 @@ in {
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
virtualHosts = { virtualHosts = {
"swatrix.swarsel.win" = { "swatrix.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -169,13 +168,13 @@ in {
listeners = [ listeners = [
{ {
port = 8008; port = 8008;
bind_addresses = ["0.0.0.0"]; bind_addresses = [ "0.0.0.0" ];
type = "http"; type = "http";
tls = false; tls = false;
x_forwarded = true; x_forwarded = true;
resources = [ resources = [
{ {
names = ["client" "federation"]; names = [ "client" "federation" ];
compress = true; compress = true;
} }
]; ];
@ -291,6 +290,7 @@ in {
domain = matrixDomain; domain = matrixDomain;
}; };
appservice = { appservice = {
address = "http://localhost:29328"; address = "http://localhost:29328";
hostname = "0.0.0.0"; hostname = "0.0.0.0";
port = 29328; port = 29328;
@ -317,7 +317,7 @@ in {
# messages out after a while. # messages out after a while.
systemd.timers."restart-bridges" = { systemd.timers."restart-bridges" = {
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnBootSec = "1d"; OnBootSec = "1d";
OnUnitActiveSec = "1d"; OnUnitActiveSec = "1d";
@ -336,4 +336,5 @@ in {
User = "root"; User = "root";
}; };
}; };
} }

19
profiles/remote/oracle/sync/hardware-configuration.nix
View file

@ -1,17 +1,16 @@
{ { config
config, , lib
lib, , modulesPath
modulesPath, , ...
...
}: { }: {
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
]; ];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod"]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-amd"]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/4b47378a-02eb-4548-bab8-59cbf379252a"; device = "/dev/disk/by-uuid/4b47378a-02eb-4548-bab8-59cbf379252a";
@ -24,7 +23,7 @@
}; };
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/f0126a93-753e-4769-ada8-7499a1efb3a9";} { device = "/dev/disk/by-uuid/f0126a93-753e-4769-ada8-7499a1efb3a9"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

16
profiles/remote/oracle/sync/nixos.nix
View file

@ -1,8 +1,6 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -18,14 +16,14 @@
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/root/.dotfiles/secrets/sync/secrets.yaml"; defaultSopsFile = "/root/.dotfiles/secrets/sync/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets.swarsel = {owner = "root";}; secrets.swarsel = { owner = "root"; };
secrets.dnstokenfull = {owner = "acme";}; secrets.dnstokenfull = { owner = "acme"; };
templates."certs.secret".content = '' templates."certs.secret".content = ''
CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull} CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull}
''; '';
@ -46,6 +44,7 @@
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
virtualHosts = { virtualHosts = {
"synki.swarsel.win" = { "synki.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -161,4 +160,5 @@
}; };
}; };
}; };
} }

19
profiles/sandbox/hardware-configuration.nix
View file

@ -1,27 +1,26 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config
config, , lib
lib, , modulesPath
modulesPath, , ...
...
}: { }: {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["xhci_pci" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" "sr_mod"]; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/147e3682-eb15-4e96-9cac-4f2fb5888a69"; device = "/dev/disk/by-uuid/147e3682-eb15-4e96-9cac-4f2fb5888a69";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

133
profiles/sandbox/nixos.nix
View file

@ -1,11 +1,9 @@
{ { config, pkgs, sops, ... }:
config, let
pkgs,
sops,
...
}: let
matrixDomain = "swatrix.swarsel.win"; matrixDomain = "swatrix.swarsel.win";
in { in
{
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -14,9 +12,9 @@ in {
enable = true; enable = true;
device = "/dev/sda"; device = "/dev/sda";
useOSProber = true; useOSProber = true;
supportedFilesystems = ["zfs"]; supportedFilesystems = [ "zfs" ];
zfs.forceImportRoot = false; zfs.forceImportRoot = false;
kernelModules = ["tun"]; kernelModules = [ "tun" ];
kernel.sysctl = { kernel.sysctl = {
"net.ipv4.conf.all.rp_filter" = 2; "net.ipv4.conf.all.rp_filter" = 2;
"net.ipv4.conf.default.rp_filter" = 2; "net.ipv4.conf.default.rp_filter" = 2;
@ -57,8 +55,8 @@ in {
users = { users = {
groups = { groups = {
vpn = {}; vpn = { };
mpd = {}; mpd = { };
navidrome = { navidrome = {
gid = 61593; gid = 61593;
}; };
@ -68,7 +66,7 @@ in {
}; };
users = { users = {
jellyfin = { jellyfin = {
extraGroups = ["video" "render"]; extraGroups = [ "video" "render" ];
}; };
vpn = { vpn = {
isNormalUser = true; isNormalUser = true;
@ -79,24 +77,24 @@ in {
isSystemUser = true; isSystemUser = true;
uid = 61593; uid = 61593;
group = "navidrome"; group = "navidrome";
extraGroups = ["audio" "utmp"]; extraGroups = [ "audio" "utmp" ];
}; };
spotifyd = { spotifyd = {
isSystemUser = true; isSystemUser = true;
uid = 65136; uid = 65136;
group = "spotifyd"; group = "spotifyd";
extraGroups = ["audio" "utmp"]; extraGroups = [ "audio" "utmp" ];
}; };
mpd = { mpd = {
isSystemUser = true; isSystemUser = true;
group = "mpd"; group = "mpd";
extraGroups = ["audio" "utmp"]; extraGroups = [ "audio" "utmp" ];
}; };
swarsel = { swarsel = {
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
extraGroups = ["networkmanager" "wheel" "lp"]; extraGroups = [ "networkmanager" "wheel" "lp" ];
packages = with pkgs; []; packages = with pkgs; [ ];
}; };
root = { root = {
openssh.authorizedKeys.keyFiles = [ openssh.authorizedKeys.keyFiles = [
@ -109,10 +107,12 @@ in {
fileSystems."/mnt/Eternor" = { fileSystems."/mnt/Eternor" = {
device = "//192.168.1.3/Eternor"; device = "//192.168.1.3/Eternor";
fsType = "cifs"; fsType = "cifs";
options = let options =
# this line prevents hanging on network split let
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; # this line prevents hanging on network split
in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
in
[ "${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100" ];
}; };
environment = { environment = {
@ -137,26 +137,31 @@ in {
zfs zfs
]; ];
etc = { etc = {
"openvpn/iptables.sh" = { "openvpn/iptables.sh" =
source = ../../scripts/server1/iptables.sh; {
mode = "0755"; source = ../../scripts/server1/iptables.sh;
}; mode = "0755";
"openvpn/update-resolv-conf" = { };
source = ../../scripts/server1/update-resolv-conf; "openvpn/update-resolv-conf" =
mode = "0755"; {
}; source = ../../scripts/server1/update-resolv-conf;
"openvpn/routing.sh" = { mode = "0755";
source = ../../scripts/server1/routing.sh; };
mode = "0755"; "openvpn/routing.sh" =
}; {
"openvpn/ca.rsa.2048.crt" = { source = ../../scripts/server1/routing.sh;
source = ../../secrets/certs/ca.rsa.2048.crt; mode = "0755";
mode = "0644"; };
}; "openvpn/ca.rsa.2048.crt" =
"openvpn/crl.rsa.2048.pem" = { {
source = ../../secrets/certs/crl.rsa.2048.pem; source = ../../secrets/certs/ca.rsa.2048.crt;
mode = "0644"; mode = "0644";
}; };
"openvpn/crl.rsa.2048.pem" =
{
source = ../../secrets/certs/crl.rsa.2048.pem;
mode = "0644";
};
}; };
shellAliases = { shellAliases = {
nswitch = "cd ~/.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; nswitch = "cd ~/.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
@ -165,7 +170,7 @@ in {
systemd = { systemd = {
timers."restart-bridges" = { timers."restart-bridges" = {
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnBootSec = "1d"; OnBootSec = "1d";
OnUnitActiveSec = "1d"; OnUnitActiveSec = "1d";
@ -185,7 +190,7 @@ in {
}; };
}; };
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change
@ -194,19 +199,19 @@ in {
}; };
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/root/.dotfiles/secrets/sandbox/secrets.yaml"; defaultSopsFile = "/root/.dotfiles/secrets/sandbox/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets = { secrets = {
dnstokenfull = {owner = "acme";}; dnstokenfull = { owner = "acme"; };
kavita = {owner = "kavita";}; kavita = { owner = "kavita"; };
vpnuser = {}; vpnuser = { };
rpcuser = {owner = "vpn";}; rpcuser = { owner = "vpn"; };
vpnpass = {}; vpnpass = { };
rpcpass = {owner = "vpn";}; rpcpass = { owner = "vpn"; };
vpnprot = {}; vpnprot = { };
vpnloc = {}; vpnloc = { };
mpdpass = {owner = "mpd";}; mpdpass = { owner = "mpd"; };
}; };
templates = { templates = {
"transmission-rpc" = { "transmission-rpc" = {
@ -269,12 +274,10 @@ in {
openssh = { openssh = {
enable = true; enable = true;
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
listenAddresses = [ listenAddresses = [{
{ port = 22;
port = 22; addr = "0.0.0.0";
addr = "0.0.0.0"; }];
}
];
}; };
nginx = { nginx = {
@ -284,6 +287,7 @@ in {
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
virtualHosts = { virtualHosts = {
"stash.swarsel.win" = { "stash.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -318,6 +322,7 @@ in {
}; };
}; };
"sound.swarsel.win" = { "sound.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -512,6 +517,9 @@ in {
# MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash} # MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash}
# ''; # '';
# ---------------- # ----------------
# sops.secrets.mautrixwhatsapp_shared = {owner="matrix-synapse";}; # sops.secrets.mautrixwhatsapp_shared = {owner="matrix-synapse";};
# sops.templates.mautrixwhatsapp.owner = "matrix-synapse"; # sops.templates.mautrixwhatsapp.owner = "matrix-synapse";
@ -560,13 +568,13 @@ in {
settings.listeners = [ settings.listeners = [
{ {
port = 8008; port = 8008;
bind_addresses = ["0.0.0.0"]; bind_addresses = [ "0.0.0.0" ];
type = "http"; type = "http";
tls = false; tls = false;
x_forwarded = true; x_forwarded = true;
resources = [ resources = [
{ {
names = ["client" "federation"]; names = [ "client" "federation" ];
compress = true; compress = true;
} }
]; ];
@ -678,6 +686,7 @@ in {
domain = matrixDomain; domain = matrixDomain;
}; };
appservice = { appservice = {
address = "http://localhost:29328"; address = "http://localhost:29328";
hostname = "0.0.0.0"; hostname = "0.0.0.0";
port = 29328; port = 29328;
@ -741,6 +750,7 @@ in {
]; ];
}; };
spotifyd = { spotifyd = {
enable = true; enable = true;
settings = { settings = {
@ -789,6 +799,7 @@ in {
}; };
}; };
avahi = { avahi = {
publish.enable = true; publish.enable = true;
publish.userServices = true; publish.userServices = true;

8
profiles/server1/TEMPLATE/nixos.nix
View file

@ -1,8 +1,6 @@
{ pkgs, modulesPath, ... }:
{ {
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
]; ];
@ -18,7 +16,7 @@
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself

14
profiles/server1/calibre/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--120--disk--0"; device = "/dev/mapper/pve-vm--120--disk--0";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

15
profiles/server1/calibre/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, modulesPath, ... }:
{ {
config,
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
@ -30,13 +27,13 @@
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/calibre/secrets.yaml"; defaultSopsFile = "/.dotfiles/secrets/calibre/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets.kavita = {owner = "kavita";}; secrets.kavita = { owner = "kavita"; };
}; };
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
@ -68,4 +65,6 @@
port = 8080; port = 8080;
tokenKeyFile = config.sops.secrets.kavita.path; tokenKeyFile = config.sops.secrets.kavita.path;
}; };
} }

14
profiles/server1/jellyfin/hardware-configuration.nix
View file

@ -1,13 +1,13 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--121--disk--0"; device = "/dev/mapper/pve-vm--121--disk--0";
@ -19,7 +19,7 @@
fsType = "cifs"; fsType = "cifs";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

14
profiles/server1/jellyfin/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, modulesPath, ... }:
{ {
config,
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
@ -24,7 +21,7 @@
}; };
users.users.jellyfin = { users.users.jellyfin = {
extraGroups = ["video" "render"]; extraGroups = [ "video" "render" ];
}; };
services.xserver = { services.xserver = {
@ -32,7 +29,7 @@
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
@ -59,7 +56,7 @@
}; };
nixpkgs.config.packageOverrides = pkgs: { nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;}; vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
}; };
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;
@ -76,4 +73,5 @@
user = "jellyfin"; user = "jellyfin";
# openFirewall = true; # this works only for the default ports # openFirewall = true; # this works only for the default ports
}; };
} }

14
profiles/server1/matrix/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--102--disk--0"; device = "/dev/mapper/pve-vm--102--disk--0";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

47
profiles/server1/matrix/nixos.nix
View file

@ -1,12 +1,10 @@
{ { config, pkgs, modulesPath, sops, ... }:
config, let
pkgs,
modulesPath,
sops,
...
}: let
matrixDomain = "matrix2.swarsel.win"; matrixDomain = "matrix2.swarsel.win";
in { in
{
services = { services = {
xserver = { xserver = {
layout = "us"; layout = "us";
@ -15,16 +13,14 @@ in {
openssh = { openssh = {
enable = true; enable = true;
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
listenAddresses = [ listenAddresses = [{
{ port = 22;
port = 22; addr = "0.0.0.0";
addr = "0.0.0.0"; }];
}
];
}; };
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
@ -46,6 +42,7 @@ in {
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
}; };
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
@ -67,15 +64,15 @@ in {
]; ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/matrix/secrets.yaml"; defaultSopsFile = "/.dotfiles/secrets/matrix/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets = { secrets = {
matrixsharedsecret = {owner = "matrix-synapse";}; matrixsharedsecret = { owner = "matrix-synapse"; };
mautrixtelegram_as = {owner = "matrix-synapse";}; mautrixtelegram_as = { owner = "matrix-synapse"; };
mautrixtelegram_hs = {owner = "matrix-synapse";}; mautrixtelegram_hs = { owner = "matrix-synapse"; };
mautrixtelegram_api_id = {owner = "matrix-synapse";}; mautrixtelegram_api_id = { owner = "matrix-synapse"; };
mautrixtelegram_api_hash = {owner = "matrix-synapse";}; mautrixtelegram_api_hash = { owner = "matrix-synapse"; };
}; };
templates = { templates = {
"matrix_user_register.sh".content = '' "matrix_user_register.sh".content = ''
@ -139,13 +136,13 @@ in {
listeners = [ listeners = [
{ {
port = 8008; port = 8008;
bind_addresses = ["0.0.0.0"]; bind_addresses = [ "0.0.0.0" ];
type = "http"; type = "http";
tls = false; tls = false;
x_forwarded = true; x_forwarded = true;
resources = [ resources = [
{ {
names = ["client" "federation"]; names = [ "client" "federation" ];
compress = true; compress = true;
} }
]; ];
@ -261,6 +258,7 @@ in {
domain = matrixDomain; domain = matrixDomain;
}; };
appservice = { appservice = {
address = "http://localhost:29328"; address = "http://localhost:29328";
hostname = "0.0.0.0"; hostname = "0.0.0.0";
port = 29328; port = 29328;
@ -287,7 +285,7 @@ in {
# messages out after a while. # messages out after a while.
systemd.timers."restart-bridges" = { systemd.timers."restart-bridges" = {
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnBootSec = "1d"; OnBootSec = "1d";
OnUnitActiveSec = "1d"; OnUnitActiveSec = "1d";
@ -306,4 +304,5 @@ in {
User = "root"; User = "root";
}; };
}; };
} }

14
profiles/server1/nginx/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--119--disk--0"; device = "/dev/mapper/pve-vm--119--disk--0";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

16
profiles/server1/nginx/nixos.nix
View file

@ -1,9 +1,5 @@
{ config, pkgs, modulesPath, ... }:
{ {
config,
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
@ -22,13 +18,13 @@
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/nginx/secrets.yaml"; defaultSopsFile = "/.dotfiles/secrets/nginx/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets.dnstokenfull = {owner = "acme";}; secrets.dnstokenfull = { owner = "acme"; };
templates."certs.secret".content = '' templates."certs.secret".content = ''
CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull} CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull}
''; '';
@ -73,6 +69,7 @@
recommendedOptimisation = true; recommendedOptimisation = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
virtualHosts = { virtualHosts = {
"stash.swarsel.win" = { "stash.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -110,6 +107,7 @@
}; };
}; };
"sound.swarsel.win" = { "sound.swarsel.win" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -199,6 +197,8 @@
}; };
}; };
}; };
}; };
}; };
} }

14
profiles/server1/paperless/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--117--disk--0"; device = "/dev/mapper/pve-vm--117--disk--0";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

29
profiles/server1/paperless/nixos.nix
View file

@ -1,14 +1,14 @@
{ config, pkgs, modulesPath, ... }:
{ {
config,
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
services = { services = {
xserver = { xserver = {
layout = "us"; layout = "us";
@ -17,16 +17,14 @@
openssh = { openssh = {
enable = true; enable = true;
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
listenAddresses = [ listenAddresses = [{
{ port = 22;
port = 22; addr = "0.0.0.0";
addr = "0.0.0.0"; }];
}
];
}; };
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
@ -48,6 +46,8 @@
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
}; };
users.groups.lxc_shares = { users.groups.lxc_shares = {
gid = 10000; gid = 10000;
members = [ members = [
@ -68,10 +68,10 @@
}; };
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/root/.dotfiles/secrets/paperless/secrets.yaml"; defaultSopsFile = "/root/.dotfiles/secrets/paperless/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets.admin = {owner = "paperless";}; secrets.admin = { owner = "paperless"; };
}; };
services.paperless = { services.paperless = {
@ -90,4 +90,5 @@
}; };
}; };
}; };
} }

16
profiles/server1/sound/hardware-configuration.nix
View file

@ -1,18 +1,18 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/mnt/data/images/118/vm-118-disk-0.raw"; device = "/mnt/data/images/118/vm-118-disk-0.raw";
fsType = "ext4"; fsType = "ext4";
options = ["loop"]; options = [ "loop" ];
}; };
fileSystems."/media" = { fileSystems."/media" = {
@ -20,7 +20,7 @@
fsType = "cifs"; fsType = "cifs";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

34
profiles/server1/sound/nixos.nix
View file

@ -1,14 +1,14 @@
{ config, pkgs, modulesPath, ... }:
{ {
config,
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
services = { services = {
xserver = { xserver = {
layout = "us"; layout = "us";
@ -17,16 +17,14 @@
openssh = { openssh = {
enable = true; enable = true;
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
listenAddresses = [ listenAddresses = [{
{ port = 22;
port = 22; addr = "0.0.0.0";
addr = "0.0.0.0"; }];
}
];
}; };
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
@ -48,6 +46,8 @@
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
}; };
proxmoxLXC.privileged = true; # manage hostname myself proxmoxLXC.privileged = true; # manage hostname myself
users = { users = {
@ -65,7 +65,7 @@
gid = 61593; gid = 61593;
}; };
mpd = {}; mpd = { };
}; };
users = { users = {
@ -73,13 +73,13 @@
isSystemUser = true; isSystemUser = true;
uid = 61593; uid = 61593;
group = "navidrome"; group = "navidrome";
extraGroups = ["audio" "utmp"]; extraGroups = [ "audio" "utmp" ];
}; };
mpd = { mpd = {
isSystemUser = true; isSystemUser = true;
group = "mpd"; group = "mpd";
extraGroups = ["audio" "utmp"]; extraGroups = [ "audio" "utmp" ];
}; };
}; };
}; };
@ -103,10 +103,10 @@
]; ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/sound/secrets.yaml"; defaultSopsFile = "/.dotfiles/secrets/sound/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets.mpdpass = {owner = "mpd";}; secrets.mpdpass = { owner = "mpd"; };
}; };
services.navidrome = { services.navidrome = {

14
profiles/server1/spotifyd/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--123--disk--0"; device = "/dev/mapper/pve-vm--123--disk--0";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

26
profiles/server1/spotifyd/nixos.nix
View file

@ -1,13 +1,14 @@
{ pkgs, modulesPath, ... }:
{ {
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
services = { services = {
xserver = { xserver = {
layout = "us"; layout = "us";
@ -16,16 +17,14 @@
openssh = { openssh = {
enable = true; enable = true;
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
listenAddresses = [ listenAddresses = [{
{ port = 22;
port = 22; addr = "0.0.0.0";
addr = "0.0.0.0"; }];
}
];
}; };
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
@ -47,6 +46,8 @@
nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
}; };
proxmoxLXC.privileged = true; # manage hostname myself proxmoxLXC.privileged = true; # manage hostname myself
users.groups.spotifyd = { users.groups.spotifyd = {
@ -57,7 +58,7 @@
isSystemUser = true; isSystemUser = true;
uid = 65136; uid = 65136;
group = "spotifyd"; group = "spotifyd";
extraGroups = ["audio" "utmp"]; extraGroups = [ "audio" "utmp" ];
}; };
sound = { sound = {
@ -88,4 +89,5 @@
}; };
}; };
}; };
} }

14
profiles/server1/transmission/hardware-configuration.nix
View file

@ -1,20 +1,20 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{lib, ...}: { { lib, ... }: {
imports = []; imports = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "vfio_pci" "usbhid"]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "vfio_pci" "usbhid" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/pve-vm--122--disk--0"; device = "/dev/mapper/pve-vm--122--disk--0";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = []; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

85
profiles/server1/transmission/nixos.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, modulesPath, ... }:
{ {
config,
pkgs,
modulesPath,
...
}: {
imports = [ imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix") (modulesPath + "/virtualisation/proxmox-lxc.nix")
./hardware-configuration.nix ./hardware-configuration.nix
@ -32,7 +29,7 @@
"root" "root"
]; ];
}; };
users.groups.vpn = {}; users.groups.vpn = { };
users.users.vpn = { users.users.vpn = {
isNormalUser = true; isNormalUser = true;
@ -45,15 +42,15 @@
xkbVariant = "altgr-intl"; xkbVariant = "altgr-intl";
}; };
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
sops = { sops = {
age.sshKeyPaths = ["/etc/ssh/sops"]; age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/transmission/secrets.yaml"; defaultSopsFile = "/.dotfiles/secrets/transmission/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
}; };
boot.kernelModules = ["tun"]; boot.kernelModules = [ "tun" ];
proxmoxLXC = { proxmoxLXC = {
manageNetwork = true; # manage network myself manageNetwork = true; # manage network myself
manageHostName = false; # manage hostname myself manageHostName = false; # manage hostname myself
@ -90,36 +87,39 @@
''; '';
}; };
environment.etc = { environment.etc = {
"openvpn/iptables.sh" = { "openvpn/iptables.sh" =
source = ../../../scripts/server1/iptables.sh; {
mode = "0755"; source = ../../../scripts/server1/iptables.sh;
}; mode = "0755";
"openvpn/update-resolv-conf" = { };
source = ../../../scripts/server1/update-resolv-conf; "openvpn/update-resolv-conf" =
mode = "0755"; {
}; source = ../../../scripts/server1/update-resolv-conf;
"openvpn/routing.sh" = { mode = "0755";
source = ../../../scripts/server1/routing.sh; };
mode = "0755"; "openvpn/routing.sh" =
}; {
"openvpn/ca.rsa.2048.crt" = { source = ../../../scripts/server1/routing.sh;
source = ../../../secrets/certs/ca.rsa.2048.crt; mode = "0755";
mode = "0644"; };
}; "openvpn/ca.rsa.2048.crt" =
"openvpn/crl.rsa.2048.pem" = { {
source = ../../../secrets/certs/crl.rsa.2048.pem; source = ../../../secrets/certs/ca.rsa.2048.crt;
mode = "0644"; mode = "0644";
}; };
"openvpn/crl.rsa.2048.pem" =
{
source = ../../../secrets/certs/crl.rsa.2048.pem;
mode = "0644";
};
}; };
services.openssh = { services.openssh = {
enable = true; enable = true;
settings.PermitRootLogin = "yes"; settings.PermitRootLogin = "yes";
listenAddresses = [ listenAddresses = [{
{ port = 22;
port = 22; addr = "0.0.0.0";
addr = "0.0.0.0"; }];
}
];
}; };
users.users.root.openssh.authorizedKeys.keyFiles = [ users.users.root.openssh.authorizedKeys.keyFiles = [
../../../secrets/keys/authorized_keys ../../../secrets/keys/authorized_keys
@ -177,12 +177,12 @@
''; '';
}; };
secrets = { secrets = {
vpnuser = {}; vpnuser = { };
rpcuser = {owner = "vpn";}; rpcuser = { owner = "vpn"; };
vpnpass = {}; vpnpass = { };
rpcpass = {owner = "vpn";}; rpcpass = { owner = "vpn"; };
vpnprot = {}; vpnprot = { };
vpnloc = {}; vpnloc = { };
}; };
}; };
services.openvpn.servers = { services.openvpn.servers = {
@ -199,6 +199,7 @@
user = "vpn"; user = "vpn";
group = "lxc_shares"; group = "lxc_shares";
settings = { settings = {
alt-speed-down = 8000; alt-speed-down = 8000;
alt-speed-enabled = false; alt-speed-enabled = false;
alt-speed-time-begin = 0; alt-speed-time-begin = 0;
@ -269,4 +270,6 @@
utp-enabled = false; utp-enabled = false;
}; };
}; };
} }

19
profiles/threed/hardware-configuration.nix
View file

@ -1,20 +1,19 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config
config, , lib
lib, , modulesPath
modulesPath, , ...
...
}: { }: {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = []; boot.initrd.kernelModules = [ ];
boot.kernelModules = ["kvm-intel"]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = []; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/4a590cad-28d9-4153-bdb8-e424ec3bd5c8"; device = "/dev/disk/by-uuid/4a590cad-28d9-4153-bdb8-e424ec3bd5c8";
@ -27,7 +26,7 @@
}; };
swapDevices = [ swapDevices = [
{device = "/dev/disk/by-uuid/b07aac27-a443-489c-9fdb-01c1ef633699";} { device = "/dev/disk/by-uuid/b07aac27-a443-489c-9fdb-01c1ef633699"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

52
profiles/threed/home.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableSshSupport = true; enableSshSupport = true;
@ -16,6 +16,7 @@
''; '';
}; };
home = { home = {
username = "swarsel"; username = "swarsel";
homeDirectory = "/home/swarsel"; homeDirectory = "/home/swarsel";
@ -25,7 +26,7 @@
]; ];
}; };
sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
programs.waybar.settings.mainBar = { programs.waybar.settings.mainBar = {
cpu.format = "{icon0} {icon1} {icon2} {icon3}"; cpu.format = "{icon0} {icon1} {icon2} {icon3}";
@ -50,6 +51,7 @@
"clock#1" "clock#1"
]; ];
wayland.windowManager.sway = { wayland.windowManager.sway = {
config = rec { config = rec {
input = { input = {
@ -74,26 +76,30 @@
}; };
}; };
keybindings = let keybindings =
inherit (config.wayland.windowManager.sway.config) modifier; let
in { inherit (config.wayland.windowManager.sway.config) modifier;
"${modifier}+F2" = "exec brightnessctl set +5%"; in
"${modifier}+F1" = "exec brightnessctl set 5%-"; {
"${modifier}+n" = "exec sway output eDP-1 transform normal, splith"; "${modifier}+F2" = "exec brightnessctl set +5%";
"${modifier}+Ctrl+p" = "exec wl-mirror eDP-1"; "${modifier}+F1" = "exec brightnessctl set 5%-";
"${modifier}+t" = "exec sway output eDP-1 transform 90, splitv"; "${modifier}+n" = "exec sway output eDP-1 transform normal, splith";
"${modifier}+XF86AudioLowerVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; "${modifier}+Ctrl+p" = "exec wl-mirror eDP-1";
"${modifier}+XF86AudioRaiseVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png"; "${modifier}+t" = "exec sway output eDP-1 transform 90, splitv";
"${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\""; "${modifier}+XF86AudioLowerVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
}; "${modifier}+XF86AudioRaiseVolume" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
"${modifier}+w" = "exec \"bash ~/.dotfiles/scripts/checkschildi.sh\"";
};
startup = [ startup = [
{command = "nextcloud --background";}
{command = "discord --start-minimized";} { command = "nextcloud --background"; }
{command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} { command = "discord --start-minimized"; }
{command = "ANKI_WAYLAND=1 anki";} { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
{command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} { command = "ANKI_WAYLAND=1 anki"; }
{command = "nm-applet";} { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
{ command = "nm-applet"; }
]; ];
keycodebindings = { keycodebindings = {

23
profiles/threed/nixos.nix
View file

@ -1,11 +1,12 @@
{ lib, pkgs, ... }:
{ {
lib,
pkgs, imports =
... [
}: { ./hardware-configuration.nix
imports = [ ];
./hardware-configuration.nix
];
services = { services = {
getty.autologinUser = "swarsel"; getty.autologinUser = "swarsel";
@ -70,7 +71,7 @@
}; };
monospace = { monospace = {
package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
name = "FiraCode Nerd Font Mono"; name = "FiraCode Nerd Font Mono";
}; };
@ -81,15 +82,17 @@
}; };
}; };
users.users.swarsel = { users.users.swarsel = {
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
extraGroups = ["networkmanager" "wheel" "lp" "audio" "video"]; extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" ];
packages = with pkgs; []; packages = with pkgs; [ ];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
]; ];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
} }

38
profiles/winters/home.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;
enableSshSupport = true; enableSshSupport = true;
@ -24,7 +24,7 @@
packages = with pkgs; [ packages = with pkgs; [
]; ];
}; };
sops.age.sshKeyPaths = ["${config.home.homeDirectory}/.ssh/sops"]; sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
# waybar config - TEMPLATE - update for cores and temp # waybar config - TEMPLATE - update for cores and temp
programs.waybar.settings.mainBar = { programs.waybar.settings.mainBar = {
@ -34,6 +34,7 @@
temperature.input-filename = "temp1_input"; temperature.input-filename = "temp1_input";
}; };
programs.waybar.settings.mainBar.modules-right = [ programs.waybar.settings.mainBar.modules-right = [
"custom/outer-left-arrow-dark" "custom/outer-left-arrow-dark"
"mpris" "mpris"
@ -52,6 +53,7 @@
"clock#1" "clock#1"
]; ];
wayland.windowManager.sway = { wayland.windowManager.sway = {
config = rec { config = rec {
# update for actual inputs here, # update for actual inputs here,
@ -72,6 +74,7 @@
natural_scroll = "enabled"; natural_scroll = "enabled";
middle_emulation = "enabled"; middle_emulation = "enabled";
}; };
}; };
output = { output = {
@ -91,16 +94,11 @@
}; };
workspaceOutputAssign = [ workspaceOutputAssign = [
{ { output = "eDP-1"; workspace = "1:"; }
output = "eDP-1"; { output = "HDMI-A-1"; workspace = "2:"; }
workspace = "1:";
}
{
output = "HDMI-A-1";
workspace = "2:";
}
]; ];
# keybindings = let # keybindings = let
# inherit (config.wayland.windowManager.sway.config) modifier; # inherit (config.wayland.windowManager.sway.config) modifier;
# in { # in {
@ -108,12 +106,14 @@
# }; # };
startup = [ startup = [
{command = "nextcloud --background";}
{command = "discord --start-minimized";} { command = "nextcloud --background"; }
{command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds";} { command = "discord --start-minimized"; }
{command = "ANKI_WAYLAND=1 anki";} { command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
{command = "OBSIDIAN_USE_WAYLAND=1 obsidian";} { command = "ANKI_WAYLAND=1 anki"; }
{command = "nm-applet";} { command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
{ command = "nm-applet"; }
]; ];
}; };
}; };

25
profiles/winters/nixos.nix
View file

@ -1,13 +1,17 @@
{pkgs, ...}: { { pkgs, ... }:
{
# #
# imports = # imports =
# [ # [
# ./hardware-configuration.nix # ./hardware-configuration.nix
# ]; # ];
# #
imports = [ imports =
./hardware-configuration.nix [
]; ./hardware-configuration.nix
];
services = { services = {
getty.autologinUser = "swarsel"; getty.autologinUser = "swarsel";
@ -27,8 +31,8 @@
firewall.checkReversePath = "strict"; firewall.checkReversePath = "strict";
firewall = { firewall = {
enable = true; enable = true;
allowedUDPPorts = []; allowedUDPPorts = [ ];
allowedTCPPorts = []; allowedTCPPorts = [ ];
allowedTCPPortRanges = [ allowedTCPPortRanges = [
]; ];
allowedUDPPortRanges = [ allowedUDPPortRanges = [
@ -84,7 +88,7 @@
}; };
monospace = { monospace = {
package = pkgs.nerdfonts.override {fonts = ["FiraCode"];}; package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
name = "FiraCode Nerd Font Mono"; name = "FiraCode Nerd Font Mono";
}; };
@ -95,6 +99,7 @@
}; };
}; };
hardware = { hardware = {
graphics = { graphics = {
enable = true; enable = true;
@ -117,8 +122,8 @@
users.users.swarsel = { users.users.swarsel = {
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
extraGroups = ["networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner"]; extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ];
packages = with pkgs; []; packages = with pkgs; [ ];
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -133,4 +138,6 @@
]; ];
system.stateVersion = "23.05"; system.stateVersion = "23.05";
} }

6
programs/emacs/init.el
View file

@ -171,10 +171,10 @@ create a new one."
visual-fill-column-center-text t) visual-fill-column-center-text t)
(visual-fill-column-mode 1)) (visual-fill-column-mode 1))
(defun run-alejandra () (defun swarsel/run-formatting ()
(interactive) (interactive)
(let ((default-directory (expand-file-name "~/.dotfiles"))) (let ((default-directory (expand-file-name "~/.dotfiles")))
(shell-command "alejandra . -q"))) (shell-command "nixpkgs-fmt . > /dev/null")))
(defun swarsel/org-babel-tangle-config () (defun swarsel/org-babel-tangle-config ()
(when (string-equal (buffer-file-name) (when (string-equal (buffer-file-name)
@ -183,7 +183,7 @@ create a new one."
(let ((org-confirm-babel-evaluate nil)) (let ((org-confirm-babel-evaluate nil))
(org-html-export-to-html) (org-html-export-to-html)
(org-babel-tangle) (org-babel-tangle)
(run-alejandra)))) (swarsel/run-formatting))))
(setq org-html-htmlize-output-type nil) (setq org-html-htmlize-output-type nil)

56
templates/cpp_flake.nix
View file

@ -5,32 +5,34 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
}; };
outputs = {nixpkgs, ...}: let outputs = { nixpkgs, ... }:
system = "x86_64-linux"; let
pkgs = nixpkgs.legacyPackages.${system}; system = "x86_64-linux";
llvm = pkgs.llvmPackages_latest; pkgs = nixpkgs.legacyPackages.${system};
in { llvm = pkgs.llvmPackages_latest;
devShells.${system}.default = pkgs.mkShell { in
packages = with pkgs; [ {
gcc devShells.${system}.default = pkgs.mkShell {
#builder packages = with pkgs; [
cmake gcc
gnumake #builder
#headers cmake
clang-tools gnumake
#lsp #headers
llvm.libstdcxxClang clang-tools
#tools #lsp
cppcheck llvm.libstdcxxClang
valgrind #tools
doxygen cppcheck
]; valgrind
hardeningDisable = ["all"]; doxygen
# direnv does not allow aliases, use scripts as a workaround ];
shellHook = '' hardeningDisable = [ "all" ];
PATH_add ~/.dotfiles/scripts/devShell # direnv does not allow aliases, use scripts as a workaround
''; shellHook = ''
# ... PATH_add ~/.dotfiles/scripts/devShell
'';
# ...
};
}; };
};
} }

72
templates/cu_flake.nix
View file

@ -5,42 +5,44 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
}; };
outputs = {nixpkgs, ...}: let outputs = { nixpkgs, ... }:
system = "x86_64-linux"; let
pkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
config.allowUnfree = true; pkgs = import nixpkgs {
}; system = "x86_64-linux";
in { config.allowUnfree = true;
devShells.${system}.default = pkgs.mkShell { };
packages = with pkgs; [ in
# gcc {
#builder devShells.${system}.default = pkgs.mkShell {
# cmake packages = with pkgs; [
# gnumake # gcc
#headers #builder
clang-tools # cmake
#lsp # gnumake
# llvm.libstdcxxClang #headers
# cudaPackages.cuda_nvcc clang-tools
#tools #lsp
cppcheck # llvm.libstdcxxClang
valgrind # cudaPackages.cuda_nvcc
doxygen #tools
cudatoolkit cppcheck
valgrind
doxygen
cudatoolkit
(pkgs.python3.withPackages (python-pkgs: [ (pkgs.python3.withPackages (python-pkgs: [
python-pkgs.numpy python-pkgs.numpy
python-pkgs.pandas python-pkgs.pandas
python-pkgs.scipy python-pkgs.scipy
python-pkgs.matplotlib python-pkgs.matplotlib
python-pkgs.requests python-pkgs.requests
python-pkgs.debugpy python-pkgs.debugpy
python-pkgs.python-lsp-server python-pkgs.python-lsp-server
])) ]))
]; ];
hardeningDisable = ["all"]; hardeningDisable = [ "all" ];
# ... # ...
};
}; };
};
} }

20
templates/other_flake.nix
View file

@ -4,14 +4,16 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
}; };
outputs = {nixpkgs, ...}: let outputs = { nixpkgs, ... }:
system = "x86_64-linux"; let
pkgs = nixpkgs.legacyPackages.${system}; system = "x86_64-linux";
in { pkgs = nixpkgs.legacyPackages.${system};
devShells.${system}.default = pkgs.mkShell { in
packages = with pkgs; [ {
# fill here devShells.${system}.default = pkgs.mkShell {
]; packages = with pkgs; [
# fill here
];
};
}; };
};
} }

40
templates/py_flake.nix
View file

@ -4,24 +4,26 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
}; };
outputs = {nixpkgs, ...}: let outputs = { nixpkgs, ... }:
system = "x86_64-linux"; let
pkgs = nixpkgs.legacyPackages.${system}; system = "x86_64-linux";
in { pkgs = nixpkgs.legacyPackages.${system};
devShells.${system}.default = pkgs.mkShell { in
packages = [ {
(pkgs.python3.withPackages (python-pkgs: [ devShells.${system}.default = pkgs.mkShell {
python-pkgs.numpy packages = [
python-pkgs.pandas (pkgs.python3.withPackages (python-pkgs: [
python-pkgs.scipy python-pkgs.numpy
python-pkgs.matplotlib python-pkgs.pandas
python-pkgs.requests python-pkgs.scipy
python-pkgs.debugpy python-pkgs.matplotlib
python-pkgs.flake8 python-pkgs.requests
python-pkgs.gnureadline python-pkgs.debugpy
python-pkgs.python-lsp-server python-pkgs.flake8
])) python-pkgs.gnureadline
]; python-pkgs.python-lsp-server
]))
];
};
}; };
};
} }

56
templates/rust_flake.nix
View file

@ -5,34 +5,36 @@
rust-overlay.url = "github:oxalica/rust-overlay"; rust-overlay.url = "github:oxalica/rust-overlay";
}; };
outputs = { outputs =
nixpkgs, { nixpkgs
rust-overlay, , rust-overlay
... , ...
}: let }:
system = "x86_64-linux"; let
pkgs = import nixpkgs { system = "x86_64-linux";
inherit system; pkgs = import nixpkgs {
overlays = [rust-overlay.overlays.default]; inherit system;
}; overlays = [ rust-overlay.overlays.default ];
toolchain = pkgs.rust-bin.fromRustupToolchainFile ./toolchain.toml;
in {
devShells.${system}.default = pkgs.mkShell {
packages = with pkgs; [
cargo
clippy
rustc
rustfmt
toolchain
rust-analyzer-unwrapped
rust-analyzer
];
env = {
RUST_BACKTRACE = "full";
}; };
RUST_SRC_PATH = "${toolchain}/lib/rustlib/src/rust/library"; toolchain = pkgs.rust-bin.fromRustupToolchainFile ./toolchain.toml;
in
{
devShells.${system}.default = pkgs.mkShell {
packages = with pkgs; [
cargo
clippy
rustc
rustfmt
toolchain
rust-analyzer-unwrapped
rust-analyzer
];
env = {
RUST_BACKTRACE = "full";
};
RUST_SRC_PATH = "${toolchain}/lib/rustlib/src/rust/library";
# ... # ...
};
}; };
};
} }