swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: finalize initial modules, some qol changes

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-04-15 17:59:20 +02:00
parent 27679d38fd
commit e8c405b3f1
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
45 changed files with 632 additions and 470 deletions
Download patch file Download diff file Expand all files Collapse all files

335
SwarselSystems.org
View file

@ -236,6 +236,7 @@ When setting this option normally, the password would normally be written world-
nixpkgs.url = "github:nixos/nixpkgs?rev=5f385baff93c728400d2c4ec8c9b0745b8f9e5b6";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-stable24_11.url = "github:NixOS/nixpkgs/nixos-24.11";
systems.url = "github:nix-systems/default-linux";
home-manager = {
url = "github:nix-community/home-manager";
@ -1528,7 +1529,7 @@ This machine mainly acts as an external sync helper. It manages the following th
isLinux = true;
isBtrfs = false;
flakePath = "/root/.dotfiles";
server = {
modules.server = {
forgejo = true;
ankisync = true;
};
@ -3047,8 +3048,6 @@ This program sets up a new NixOS host remotely. It also takes care of secret man
:CUSTOM_ID: h:1eabdc59-8832-44ca-a22b-11f848ab150a
:END:
This program builds a configuration locally.
#+begin_src shell :tangle scripts/swarsel-rebuild.sh
set -eo pipefail
@ -3164,8 +3163,6 @@ This program builds a configuration locally.
:CUSTOM_ID: h:fbd8aaf2-9dca-4ca3-aca1-19d0d188a435
:END:
This program sets up a new NixOS host locally.
#+begin_src shell :tangle scripts/swarsel-install.sh
set -eo pipefail
@ -3367,8 +3364,6 @@ This program sets up a new NixOS host locally.
:CUSTOM_ID: h:c98a7615-e5da-4f47-8ed1-2b2ea65519e9
:END:
This program sets up a new NixOS host locally.
#+begin_src shell :tangle scripts/swarsel-postinstall.sh
set -eo pipefail
@ -3462,8 +3457,6 @@ This program sets up a new NixOS host locally.
:CUSTOM_ID: h:5ad99997-e54c-4f0b-9ab7-15f76b1e16e1
:END:
This script allows for quick git branch switching.
#+begin_src nix :tangle pkgs/t2ts/default.nix
{ name, writeShellApplication, ... }:
@ -3482,8 +3475,6 @@ This script allows for quick git branch switching.
:CUSTOM_ID: h:5ad99997-e54c-4f0b-9ab7-15f76b1e16e1
:END:
This script allows for quick git branch switching.
#+begin_src nix :tangle pkgs/ts2t/default.nix
{ name, writeShellApplication, ... }:
@ -3502,8 +3493,6 @@ This script allows for quick git branch switching.
:CUSTOM_ID: h:7806b129-a4a5-4d10-af27-6cbeafbcb294
:END:
This script allows for quick git branch switching.
#+begin_src nix :tangle pkgs/vershell/default.nix
{ name, writeShellApplication, ... }:
@ -3522,8 +3511,6 @@ This script allows for quick git branch switching.
:CUSTOM_ID: h:9fda7829-09a4-4b8f-86f6-08b078ab2874
:END:
This script allows for quick git branch switching.
#+begin_src nix :tangle pkgs/eontimer/default.nix
{ lib
, python3
@ -3720,6 +3707,33 @@ AppImage version of mgba in which the lua scripting works.
#+end_src
**** sshrm
This programs simply runs ssh-keygen on the last host that I tried to ssh into. I need this frequently when working with cloud-init usually.
#+begin_src shell :tangle scripts/sshrm.sh
HISTFILE="$HOME"/.histfile
last_ssh_cmd=$(grep -E "ssh " "$HISTFILE" | sed -E 's/^: [0-9]+:[0-9]+;//' | grep "^ssh " | tail -1)
host=$(echo "$last_ssh_cmd" | sed -E 's/.*ssh ([^@ ]+@)?([^ ]+).*/\2/')
if [[ -n $host ]]; then
echo "Removing SSH host key for: $host"
ssh-keygen -R "$host"
else
echo "No valid SSH command found in history."
fi
#+end_src
#+begin_src nix :tangle pkgs/sshrm/default.nix
{ self, name, writeShellApplication, openssh }:
writeShellApplication {
inherit name;
runtimeInputs = [ openssh ];
text = builtins.readFile "${self}/scripts/${name}.sh";
}
#+end_src
*** Overlays (additions, overrides, nixpkgs-stable)
:PROPERTIES:
:CUSTOM_ID: h:5e3e21e0-57af-4dad-b32f-6400af9b7aab
@ -3772,6 +3786,13 @@ When adding a new entry here, do not forget to add it in the default output of t
};
};
nixpkgs-stable24_05 = final: _: {
stable24_05 = import inputs.nixpkgs-stable {
inherit (final) system;
config.allowUnfree = true;
};
};
zjstatus = _: prev: {
zjstatus = inputs.zjstatus.packages.${prev.system}.default;
};
@ -3784,6 +3805,7 @@ When adding a new entry here, do not forget to add it in the default output of t
(additions final prev)
// (modifications final prev)
// (nixpkgs-stable final prev)
// (nixpkgs-stable24_05 final prev)
// (zjstatus final prev)
// (inputs.vbc-nix.overlays.default final prev)
// (inputs.nur.overlays.default final prev)
@ -3921,7 +3943,6 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
storeOptimize = lib.mkDefault true;
time = lib.mkDefault true;
users = lib.mkDefault true;
};
server = {
general = lib.mkDefault true;
packages = lib.mkDefault true;
@ -3943,7 +3964,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
monitoring = lib.mkDefault true;
emacs = lib.mkDefault true;
freshrss = lib.mkDefault true;
};
};
};
};
@ -3968,7 +3989,6 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
storeOptimize = lib.mkDefault true;
time = lib.mkDefault true;
users = lib.mkDefault true;
};
server = {
general = lib.mkDefault true;
packages = lib.mkDefault true;
@ -3981,6 +4001,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
};
};
};
};
}
@ -6182,13 +6203,13 @@ Here we just define some aliases for rebuilding the system, and we allow some in
in
{
options.swarselsystems = {
server.general = lib.mkEnableOption "general setting on server";
modules.server.general = lib.mkEnableOption "general setting on server";
shellAliases = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
};
};
config = lib.mkIf config.swarselsystems.server.general {
config = lib.mkIf config.swarselsystems.modules.server.general {
environment.shellAliases = lib.recursiveUpdate
{
npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
@ -6222,8 +6243,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/packages.nix
{ lib, config, pkgs, ... }:
{
options.swarselsystems.server.packages = lib.mkEnableOption "enable packages on server";
config = lib.mkIf config.swarselsystems.server.packages {
options.swarselsystems.modules.server.packages = lib.mkEnableOption "enable packages on server";
config = lib.mkIf config.swarselsystems.modules.server.packages {
environment.systemPackages = with pkgs; [
gnupg
nix-index
@ -6244,8 +6265,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/sops.nix
{ config, lib, ... }:
{
options.swarselsystems.server.sops = lib.mkEnableOption "enable sops on server";
config = lib.mkIf config.swarselsystems.server.sops {
options.swarselsystems.modules.server.sops = lib.mkEnableOption "enable sops on server";
config = lib.mkIf config.swarselsystems.modules.server.sops {
sops = {
age.sshKeyPaths = lib.mkDefault [ "/etc/ssh/sops" ];
defaultSopsFile = lib.mkDefault "${config.swarselsystems.flakePath}/secrets/winters/secrets.yaml";
@ -6263,8 +6284,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/nfs.nix
{ lib, config, pkgs, ... }:
{
options.swarselsystems.server.nfs = lib.mkEnableOption "enable nfs on server";
config = lib.mkIf config.swarselsystems.server.nfs {
options.swarselsystems.modules.server.nfs = lib.mkEnableOption "enable nfs on server";
config = lib.mkIf config.swarselsystems.modules.server.nfs {
services = {
# add a user with sudo smbpasswd -a <user>
samba = {
@ -6323,8 +6344,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/nginx.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.nginx = lib.mkEnableOption "enable nginx on server";
config = lib.mkIf config.swarselsystems.server.nginx {
options.swarselsystems.modules.server.nginx = lib.mkEnableOption "enable nginx on server";
config = lib.mkIf config.swarselsystems.modules.server.nginx {
environment.systemPackages = with pkgs; [
lego
];
@ -6370,8 +6391,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/ssh.nix
{ self, lib, config, ... }:
{
options.swarselsystems.server.ssh = lib.mkEnableOption "enable ssh on server";
config = lib.mkIf config.swarselsystems.server.ssh {
options.swarselsystems.modules.server.ssh = lib.mkEnableOption "enable ssh on server";
config = lib.mkIf config.swarselsystems.modules.server.ssh {
services.openssh = {
enable = true;
};
@ -6398,8 +6419,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/kavita.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.kavita = lib.mkEnableOption "enable kavita on server";
config = lib.mkIf config.swarselsystems.server.kavita {
options.swarselsystems.modules.server.kavita = lib.mkEnableOption "enable kavita on server";
config = lib.mkIf config.swarselsystems.modules.server.kavita {
environment.systemPackages = with pkgs; [
calibre
];
@ -6449,8 +6470,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/jellyfin.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.jellyfin = lib.mkEnableOption "enable jellyfin on server";
config = lib.mkIf config.swarselsystems.server.jellyfin {
options.swarselsystems.modules.server.jellyfin = lib.mkEnableOption "enable jellyfin on server";
config = lib.mkIf config.swarselsystems.modules.server.jellyfin {
users.users.jellyfin = {
extraGroups = [ "video" "render" "users" ];
};
@ -6505,8 +6526,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
secretsDirectory = builtins.toString inputs.nix-secrets;
in
{
options.swarselsystems.server.navidrome = lib.mkEnableOption "enable navidrome on server";
config = lib.mkIf config.swarselsystems.server.navidrome {
options.swarselsystems.modules.server.navidrome = lib.mkEnableOption "enable navidrome on server";
config = lib.mkIf config.swarselsystems.modules.server.navidrome {
environment.systemPackages = with pkgs; [
pciutils
alsa-utils
@ -6608,8 +6629,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/spotifyd.nix
{ lib, config, ... }:
{
options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
config = lib.mkIf config.swarselsystems.server.spotifyd {
options.swarselsystems.modules.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
config = lib.mkIf config.swarselsystems.modules.server.spotifyd {
users.groups.spotifyd = {
gid = 65136;
};
@ -6651,8 +6672,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/mpd.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server";
config = lib.mkIf config.swarselsystems.server.mpd {
options.swarselsystems.modules.server.mpd = lib.mkEnableOption "enable mpd on server";
config = lib.mkIf config.swarselsystems.modules.server.mpd {
users = {
groups = {
mpd = { };
@ -6711,7 +6732,7 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/pipewire.nix
{ lib, config, ... }:
{
config = lib.mkIf (config?swarselsystems.server.mpd || config?swarselsystems.server.navidrome) {
config = lib.mkIf (config?swarselsystems.modules.server.mpd || config?swarselsystems.modules.server.navidrome) {
security.rtkit.enable = true; # this is required for pipewire real-time access
@ -6750,8 +6771,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
'';
in
{
options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server";
config = lib.mkIf config.swarselsystems.server.matrix {
options.swarselsystems.modules.server.matrix = lib.mkEnableOption "enable matrix on server";
config = lib.mkIf config.swarselsystems.modules.server.matrix {
environment.systemPackages = with pkgs; [
matrix-synapse
lottieconverter
@ -7072,8 +7093,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/nextcloud.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
config = lib.mkIf config.swarselsystems.server.nextcloud {
options.swarselsystems.modules.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
config = lib.mkIf config.swarselsystems.modules.server.nextcloud {
sops.secrets.nextcloudadminpass = {
owner = "nextcloud";
@ -7126,8 +7147,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/immich.nix
{ lib, config, ... }:
{
options.swarselsystems.server.immich = lib.mkEnableOption "enable immich on server";
config = lib.mkIf config.swarselsystems.server.immich {
options.swarselsystems.modules.server.immich = lib.mkEnableOption "enable immich on server";
config = lib.mkIf config.swarselsystems.modules.server.immich {
users.users.immich = {
extraGroups = [ "video" "render" "users" ];
@ -7184,8 +7205,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/paperless.nix
{ lib, config, ... }:
{
options.swarselsystems.server.paperless = lib.mkEnableOption "enable paperless on server";
config = lib.mkIf config.swarselsystems.server.paperless {
options.swarselsystems.modules.server.paperless = lib.mkEnableOption "enable paperless on server";
config = lib.mkIf config.swarselsystems.modules.server.paperless {
users.users.paperless = {
extraGroups = [ "users" ];
@ -7243,8 +7264,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
#+begin_src nix :tangle modules/nixos/server/transmission.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.transmission = lib.mkEnableOption "enable transmission and friends on server";
config = lib.mkIf config.swarselsystems.server.transmission {
options.swarselsystems.modules.server.transmission = lib.mkEnableOption "enable transmission and friends on server";
config = lib.mkIf config.swarselsystems.modules.server.transmission {
# this user/group section is probably unneeded
users = {
@ -7389,8 +7410,8 @@ Here we just define some aliases for rebuilding the system, and we allow some in
workHostName = lib.swarselsystems.getSecret "${secretsDirectory}/work/worklaptop-hostname";
in
{
options.swarselsystems.server.syncthing = lib.mkEnableOption "enable syncthing on server";
config = lib.mkIf config.swarselsystems.server.syncthing {
options.swarselsystems.modules.server.syncthing = lib.mkEnableOption "enable syncthing on server";
config = lib.mkIf config.swarselsystems.modules.server.syncthing {
users.users.syncthing = {
extraGroups = [ "users" ];
@ -7510,8 +7531,8 @@ Once this is finished, it will house a restic client that manages automatic back
#+begin_src nix :tangle modules/nixos/server/restic.nix
{ lib, config, ... }:
{
options.swarselsystems.server.restic = lib.mkEnableOption "enable restic backups on server";
config = lib.mkIf config.swarselsystems.server.restic {
options.swarselsystems.modules.server.restic = lib.mkEnableOption "enable restic backups on server";
config = lib.mkIf config.swarselsystems.modules.server.restic {
# TODO
@ -7529,8 +7550,8 @@ This section exposes several metrics that I use to check the health of my server
#+begin_src nix :tangle modules/nixos/server/monitoring.nix
{ self, lib, config, ... }:
{
options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server";
config = lib.mkIf config.swarselsystems.server.monitoring {
options.swarselsystems.modules.server.monitoring = lib.mkEnableOption "enable monitoring on server";
config = lib.mkIf config.swarselsystems.modules.server.monitoring {
sops.secrets = {
grafanaadminpass = {
@ -7656,7 +7677,7 @@ This section exposes several metrics that I use to check the health of my server
sslVerify = false;
scrapeUri = "http://localhost/nginx_status";
};
nextcloud = lib.mkIf config.swarselsystems.server.nextcloud {
nextcloud = lib.mkIf config.swarselsystems.modules.server.nextcloud {
enable = true;
port = 9205;
url = "https://stash.swarsel.win/ocs/v2.php/apps/serverinfo/api/v1/info";
@ -7706,8 +7727,8 @@ This is a WIP Jenkins instance. It is used to automatically build a new system w
#+begin_src nix :tangle modules/nixos/server/jenkins.nix
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server";
config = lib.mkIf config.swarselsystems.server.jenkins {
options.swarselsystems.modules.server.jenkins = lib.mkEnableOption "enable jenkins on server";
config = lib.mkIf config.swarselsystems.modules.server.jenkins {
services.jenkins = {
enable = true;
@ -7752,8 +7773,8 @@ This was an approach of hosting an RSS server from within emacs. That would have
#+begin_src nix :tangle modules/nixos/server/emacs.nix
{ lib, config, ... }:
{
options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server";
config = lib.mkIf config.swarselsystems.server.emacs {
options.swarselsystems.modules.server.emacs = lib.mkEnableOption "enable emacs server on server";
config = lib.mkIf config.swarselsystems.modules.server.emacs {
networking.firewall.allowedTCPPorts = [ 9812 ];
@ -7780,8 +7801,8 @@ It serves both a Greader API at https://signpost.swarsel.win/api/greader.php, as
#+begin_src nix :tangle modules/nixos/server/freshrss.nix
{ lib, config, ... }:
{
options.swarselsystems.server.freshrss = lib.mkEnableOption "enable freshrss on server";
config = lib.mkIf config.swarselsystems.server.freshrss {
options.swarselsystems.modules.server.freshrss = lib.mkEnableOption "enable freshrss on server";
config = lib.mkIf config.swarselsystems.modules.server.freshrss {
users.users.freshrss = {
extraGroups = [ "users" ];
@ -7825,8 +7846,8 @@ It serves both a Greader API at https://signpost.swarsel.win/api/greader.php, as
#+begin_src nix :tangle modules/nixos/server/forgejo.nix
{ lib, config, ... }:
{
options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server";
config = lib.mkIf config.swarselsystems.server.forgejo {
options.swarselsystems.modules.server.forgejo = lib.mkEnableOption "enable forgejo on server";
config = lib.mkIf config.swarselsystems.modules.server.forgejo {
networking.firewall.allowedTCPPorts = [ 3000 ];
@ -7880,8 +7901,8 @@ It serves both a Greader API at https://signpost.swarsel.win/api/greader.php, as
#+begin_src nix :tangle modules/nixos/server/ankisync.nix
{ lib, config, ... }:
{
options.swarselsystems.server.ankisync = lib.mkEnableOption "enable ankisync on server";
config = lib.mkIf config.swarselsystems.server.ankisync {
options.swarselsystems.modules.server.ankisync = lib.mkEnableOption "enable ankisync on server";
config = lib.mkIf config.swarselsystems.modules.server.ankisync {
networking.firewall.allowedTCPPorts = [ 22701 ];
@ -7975,6 +7996,13 @@ This opens a few gaming ports and installs the steam configuration suite for gam
{
options.swarselsystems.modules.optional.gaming = lib.mkEnableOption "optional gaming settings";
config = lib.mkIf config.swarselsystems.modules.optional.gaming {
programs.steam = {
enable = true;
package = pkgs.steam;
extraCompatPackages = [
pkgs.proton-ge-bin
];
};
specialisation = {
gaming.configuration = {
networking = {
@ -7993,13 +8021,6 @@ This opens a few gaming ports and installs the steam configuration suite for gam
};
};
programs.steam = {
enable = true;
package = pkgs.steam;
extraCompatPackages = [
pkgs.proton-ge-bin
];
};
hardware.xone.enable = true;
@ -8023,8 +8044,8 @@ This opens a few gaming ports and installs the steam configuration suite for gam
This sets the VirtualBox configuration. Guest should not be enabled if not direly needed, it will make rebuilds unbearably slow. I only use this privately to run an old editor that does not run well under wine, so I put it into it's own specialisation.
#+begin_src nix :tangle modules/nixos/optional/virtualbox.nix
{ lib, config, pkgs, ... }:
{
{ lib, config, pkgs, ... }:
{
options.swarselsystems.modules.optional.virtualbox = lib.mkEnableOption "optional VBox settings";
config = lib.mkIf config.swarselsystems.modules.optional.virtualbox {
specialisation = {
@ -8040,12 +8061,17 @@ This sets the VirtualBox configuration. Guest should not be enabled if not direl
};
};
# run an older kernel to provide compatibility with windows vm
boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
boot = {
kernelPackages = lib.mkForce pkgs.stable24_05.linuxPackages;
# kernelParams = [
# "amd_iommu=on"
# ];
};
};
};
};
}
}
#+end_src
**** VmWare
@ -8811,9 +8837,9 @@ Programming languages and default lsp's are defined here: [[#h:0e7e8bea-ec58-499
This holds packages that I can use as provided, or with small modifications (as in the =texlive= package that needs special configuration).
#+begin_src nix :tangle modules/home/common/packages.nix
{ lib, config, pkgs, ... }:
{ lib, config, pkgs, ... }:
{
{
options.swarselsystems.modules.packages = lib.mkEnableOption "packages settings";
config = lib.mkIf config.swarselsystems.modules.packages {
home.packages = with pkgs; [
@ -8855,6 +8881,7 @@ This holds packages that I can use as provided, or with small modifications (as
fuse
ventoy
poppler_utils
vdhcoapp
# nix
alejandra
@ -8911,7 +8938,7 @@ This holds packages that I can use as provided, or with small modifications (as
# general utilities
unrar
samba
# samba
cifs-utils
zbar # qr codes
readline
@ -8992,7 +9019,7 @@ This holds packages that I can use as provided, or with small modifications (as
noto-fonts-cjk-sans
];
};
}
}
#+end_src
***** Self-defined
@ -9031,6 +9058,7 @@ This is just a separate container for derivations defined in [[#h:64a5cc16-6b16-
swarsel-bootstrap
swarsel-displaypower
swarselzellij
sshrm
rustdesk-vbc
];
@ -9763,6 +9791,7 @@ The theme is handled by stylix.
zsh is the most convenient shell for me and it happens to be super neat to configure within home manager.
Here we set some aliases (some of them should be shellApplications instead) as well as some zsh plugins like =fzf-tab=.
Concerning the shell extensions, =zle <widget-name>= will run an existing widget and =zle -N <function_name>= will make a function available for use. The =my-= functions all remove =.= =/= and =:= from the =WORDCHARS= so that functions will stop there.
#+begin_src nix :tangle modules/home/common/zsh.nix
{ config, pkgs, lib, ... }:
@ -9840,40 +9869,48 @@ Here we set some aliases (some of them should be shellApplications instead) as w
}
];
initExtra = ''
bindkey "^[[1;5D" backward-word
bindkey "^[[1;5C" forward-word
my-forward-word() {
local WORDCHARS=$WORDCHARS
WORDCHARS="''${WORDCHARS//:}"
WORDCHARS="''${WORDCHARS//\/}"
WORDCHARS="''${WORDCHARS//.}"
zle backward-word
}
zle -N my-forward-word
# ctrl + right
bindkey "^[[1;5C" my-forward-word
# shift + right
bindkey "^[[1;2D" forward-word
my-backward-word() {
local WORDCHARS=$WORDCHARS
WORDCHARS="''${WORDCHARS//:}"
WORDCHARS="''${WORDCHARS//\/}"
WORDCHARS="''${WORDCHARS//.}"
zle forward-word
}
zle -N my-backward-word
# ctrl + left
bindkey "^[[1;5D" -mybackward-word
# shift + left
bindkey "^[[1;2C" backward-word
my-backward-delete-word() {
# Copy the global WORDCHARS variable to a local variable. That way any
# modifications are scoped to this function only
local WORDCHARS=$WORDCHARS
# Use bash string manipulation to remove `:` so our delete will stop at it
WORDCHARS="''${WORDCHARS//:}"
# Use bash string manipulation to remove `/` so our delete will stop at it
WORDCHARS="''${WORDCHARS//\/}"
# Use bash string manipulation to remove `.` so our delete will stop at it
WORDCHARS="''${WORDCHARS//.}"
# zle <widget-name> will run an existing widget.
zle backward-delete-word
}
zle -N my-backward-delete-word
# ctrl + del
bindkey '^H' my-backward-delete-word
# This will be our `ctrl+alt+w` command
my-backward-delete-whole-word() {
# Copy the global WORDCHARS variable to a local variable. That way any
# modifications are scoped to this function only
local WORDCHARS=$WORDCHARS
# Use bash string manipulation to add `:` to WORDCHARS if it's not present
# already.
[[ ! $WORDCHARS == *":"* ]] && WORDCHARS="$WORDCHARS"":"
# zle <widget-name> will run that widget.
zle backward-delete-word
}
# `zle -N` will create a new widget that we can use on the command line
zle -N my-backward-delete-whole-word
# bind this new widget to `ctrl+alt+w`
bindkey '^W' my-backward-delete-whole-word
# shift + del
bindkey '^?' backward-delete-word
'';
};
};
@ -10746,7 +10783,7 @@ I used to build the firefox addon =bypass-paywalls-clean= myself here, but the m
id = 0;
isDefault = true;
settings = {
"browser.startup.homepage" = "https://outlook.office.com|https://satellite.vbc.ac.at|https://bitbucket.vbc.ac.at|https://github.com";
"browser.startup.homepage" = "https://lobste.rs";
};
}
config.swarselsystems.firefox;
@ -11309,9 +11346,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
seat * hide_cursor 2000
exec kanshi
exec_always kill -1 $(pidof kanshi)
exec swayosd-server
bindswitch --locked lid:on exec kanshictl switch lidclosed
bindswitch --locked lid:off exec kanshictl switch lidopen
@ -11584,6 +11619,7 @@ The rest of the settings is at [[#h:fb3f3e01-7df4-4b06-9e91-aa9cac61a431][gaming
home.packages = with pkgs; [
lutris
wine
protonplus
winetricks
libudev-zero
dwarfs
@ -11672,6 +11708,7 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
"dc"
"cl"
"ws"
"work"
];
programs = {
@ -11761,6 +11798,15 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
id = 3;
}
config.swarselsystems.firefox;
work = lib.recursiveUpdate
{
inherit isDefault;
id = 4;
settings = {
"browser.startup.homepage" = "https://outlook.office.com|https://satellite.vbc.ac.at|https://bitbucket.vbc.ac.at|https://github.com";
};
}
config.swarselsystems.firefox;
};
};
@ -11914,6 +11960,12 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
icon = "firefox";
in
{
firefox_work = {
name = "Firefox (work)";
genericName = "Firefox work";
exec = "firefox -p work";
inherit terminal categories icon;
};
firefox_dc = {
name = "Firefox (dc)";
genericName = "Firefox dc";
@ -15259,30 +15311,49 @@ bindurl ^http(s)?://lobste\.rs c hint -Jc [class="u-url"],[class="comments_label
bindurl ^http(s)?://www\.google\.com gi composite focusinput -l ; text.end_of_line
" Work
command tab_or_tabopen jsb -p (async () => { let tabs = await browser.tabs.query({}); let tab = tabs.find(t => t.url.includes(JS_ARG)); if (tab) {browser.tabs.update(tab.id, { active: true });} else {tri.excmds.tabopen(JS_ARG);}})()
command tab_or_tabopen jsb -p (async () => {
let tabs = await browser.tabs.query({});
let tab = tabs.find(t => t.url.includes(JS_ARG));
if (tab) {
browser.tabs.update(tab.id, { active: true });
} else {
tri.excmds.tabopen(JS_ARG);
}
})()
bind gwa tab_or_tabopen apic-impimba-1.m.imp.ac.at
bind gwA tab_or_tabopen artifactory.imp.ac.at
bind gwb tab_or_tabopen bitbucket.vbc.ac.at
bind gwc tab_or_tabopen vbc.atlassian.net/wiki
bind gwd tab_or_tabopen datadomain-impimba-2.imp.ac.at
bind gwe tab_or_tabopen exivity.vbc.ac.at
bind gwg tab_or_tabopen github.com
bind gwG tab_or_tabopen goc.egi.eu
bind gwh tab_or_tabopen jupyterhub.vbc.ac.at
bind gwH tab_or_tabopen test-jupyterhub.vbc.ac.at
bind gwj tab_or_tabopen jenkins.vbc.ac.at
bind gwJ tab_or_tabopen test-jenkins.vbc.ac.at
bind gwl tab_or_tabopen lucid.app
bind gwm tab_or_tabopen monitoring.vbc.ac.at/grafana
bind gwM tab_or_tabopen monitoring.vbc.ac.at/prometheus
bind gwn tab_or_tabopen netbox.vbc.ac.at
bind gwN tab_or_tabopen nap.imp.ac.at
bind gwo tab_or_tabopen outlook.office.com
bind gws tab_or_tabopen satellite.vbc.ac.at
bind gwt tab_or_tabopen tower.vbc.ac.at
bind gwv tab_or_tabopen vc-impimba-1.m.imp.ac.at/ui
bind gwx tab_or_tabopen xclarity.vbc.ac.at
command tab_or_tabopen_local jsb -p (async () => {
const currentWindow = await browser.windows.getCurrent();
const tabs = await browser.tabs.query({ windowId: currentWindow.id });
const tab = tabs.find(t => t.url.includes(JS_ARG));
if (tab) {
browser.tabs.update(tab.id, { active: true });
} else {
tri.excmds.tabopen(JS_ARG);
}
})()
bind gwa tab_or_tabopen_local apic-impimba-1.m.imp.ac.at
bind gwA tab_or_tabopen_local artifactory.imp.ac.at
bind gwb tab_or_tabopen_local bitbucket.vbc.ac.at
bind gwc tab_or_tabopen_local vbc.atlassian.net/wiki
bind gwd tab_or_tabopen_local datadomain-impimba-2.imp.ac.at
bind gwe tab_or_tabopen_local exivity.vbc.ac.at
bind gwg tab_or_tabopen_local github.com
bind gwG tab_or_tabopen_local goc.egi.eu
bind gwh tab_or_tabopen_local jupyterhub.vbc.ac.at
bind gwH tab_or_tabopen_local test-jupyterhub.vbc.ac.at
bind gwj tab_or_tabopen_local jenkins.vbc.ac.at
bind gwJ tab_or_tabopen_local test-jenkins.vbc.ac.at
bind gwl tab_or_tabopen_local lucid.app
bind gwm tab_or_tabopen_local monitoring.vbc.ac.at/grafana
bind gwM tab_or_tabopen_local monitoring.vbc.ac.at/prometheus
bind gwn tab_or_tabopen_local netbox.vbc.ac.at
bind gwN tab_or_tabopen_local nap.imp.ac.at
bind gwo tab_or_tabopen_local outlook.office.com
bind gws tab_or_tabopen_local satellite.vbc.ac.at
bind gwt tab_or_tabopen_local tower.vbc.ac.at
bind gwv tab_or_tabopen_local vc-impimba-1.m.imp.ac.at/ui
bind gwx tab_or_tabopen_local xclarity.vbc.ac.at
" Search in page
set findcase smart

2
checks/default.nix
View file

@ -12,7 +12,7 @@
detect-private-keys.enable = true;
end-of-file-fixer.enable = true;
fix-byte-order-marker.enable = true;
flake-checker.enable = true;
flake-checker.enable = false;
forbid-new-submodules.enable = true;
mixed-line-endings.enable = true;
nixpkgs-fmt.enable = true;

17
flake.lock generated
View file

@ -1006,6 +1006,22 @@
"type": "github"
}
},
"nixpkgs-stable24_11": {
"locked": {
"lastModified": 1744309437,
"narHash": "sha256-QZnNHM823am8apCqKSPdtnzPGTy2ZB4zIXOVoBp5+W0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f9ebe33a928b5d529c895202263a5ce46bdf12f7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1741600792,
@ -1375,6 +1391,7 @@
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_5",
"nixpkgs-stable": "nixpkgs-stable_2",
"nixpkgs-stable24_11": "nixpkgs-stable24_11",
"nswitch-rcm-nix": "nswitch-rcm-nix",
"nur": "nur",
"pre-commit-hooks": "pre-commit-hooks_2",

1
flake.nix
View file

@ -15,6 +15,7 @@
nixpkgs.url = "github:nixos/nixpkgs?rev=5f385baff93c728400d2c4ec8c9b0745b8f9e5b6";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-stable24_11.url = "github:NixOS/nixpkgs/nixos-24.11";
systems.url = "github:nix-systems/default-linux";
home-manager = {
url = "github:nix-community/home-manager";

2
hosts/nixos/sync/default.nix
View file

@ -86,7 +86,7 @@ in
isLinux = true;
isBtrfs = false;
flakePath = "/root/.dotfiles";
server = {
modules.server = {
forgejo = true;
ankisync = true;
};

1
modules/home/common/custom-packages.nix
View file

@ -26,6 +26,7 @@
swarsel-bootstrap
swarsel-displaypower
swarselzellij
sshrm
rustdesk-vbc
];

2
modules/home/common/firefox.nix
View file

@ -140,7 +140,7 @@
id = 0;
isDefault = true;
settings = {
"browser.startup.homepage" = "https://outlook.office.com|https://satellite.vbc.ac.at|https://bitbucket.vbc.ac.at|https://github.com";
"browser.startup.homepage" = "https://lobste.rs";
};
}
config.swarselsystems.firefox;

3
modules/home/common/packages.nix
View file

@ -42,6 +42,7 @@
fuse
ventoy
poppler_utils
vdhcoapp
# nix
alejandra
@ -98,7 +99,7 @@
# general utilities
unrar
samba
# samba
cifs-utils
zbar # qr codes
readline

2
modules/home/common/sway.nix
View file

@ -392,9 +392,7 @@
seat * hide_cursor 2000
exec kanshi
exec_always kill -1 $(pidof kanshi)
exec swayosd-server
bindswitch --locked lid:on exec kanshictl switch lidclosed
bindswitch --locked lid:off exec kanshictl switch lidopen

54
modules/home/common/zsh.nix
View file

@ -73,40 +73,48 @@ in
}
];
initExtra = ''
bindkey "^[[1;5D" backward-word
bindkey "^[[1;5C" forward-word
my-forward-word() {
local WORDCHARS=$WORDCHARS
WORDCHARS="''${WORDCHARS//:}"
WORDCHARS="''${WORDCHARS//\/}"
WORDCHARS="''${WORDCHARS//.}"
zle backward-word
}
zle -N my-forward-word
# ctrl + right
bindkey "^[[1;5C" my-forward-word
# shift + right
bindkey "^[[1;2D" forward-word
my-backward-word() {
local WORDCHARS=$WORDCHARS
WORDCHARS="''${WORDCHARS//:}"
WORDCHARS="''${WORDCHARS//\/}"
WORDCHARS="''${WORDCHARS//.}"
zle forward-word
}
zle -N my-backward-word
# ctrl + left
bindkey "^[[1;5D" -mybackward-word
# shift + left
bindkey "^[[1;2C" backward-word
my-backward-delete-word() {
# Copy the global WORDCHARS variable to a local variable. That way any
# modifications are scoped to this function only
local WORDCHARS=$WORDCHARS
# Use bash string manipulation to remove `:` so our delete will stop at it
WORDCHARS="''${WORDCHARS//:}"
# Use bash string manipulation to remove `/` so our delete will stop at it
WORDCHARS="''${WORDCHARS//\/}"
# Use bash string manipulation to remove `.` so our delete will stop at it
WORDCHARS="''${WORDCHARS//.}"
# zle <widget-name> will run an existing widget.
zle backward-delete-word
}
zle -N my-backward-delete-word
# ctrl + del
bindkey '^H' my-backward-delete-word
# This will be our `ctrl+alt+w` command
my-backward-delete-whole-word() {
# Copy the global WORDCHARS variable to a local variable. That way any
# modifications are scoped to this function only
local WORDCHARS=$WORDCHARS
# Use bash string manipulation to add `:` to WORDCHARS if it's not present
# already.
[[ ! $WORDCHARS == *":"* ]] && WORDCHARS="$WORDCHARS"":"
# zle <widget-name> will run that widget.
zle backward-delete-word
}
# `zle -N` will create a new widget that we can use on the command line
zle -N my-backward-delete-whole-word
# bind this new widget to `ctrl+alt+w`
bindkey '^W' my-backward-delete-whole-word
# shift + del
bindkey '^?' backward-delete-word
'';
};
};

1
modules/home/optional/gaming.nix
View file

@ -7,6 +7,7 @@
home.packages = with pkgs; [
lutris
wine
protonplus
winetricks
libudev-zero
dwarfs

16
modules/home/optional/work.nix
View file

@ -46,6 +46,7 @@ in
"dc"
"cl"
"ws"
"work"
];
programs = {
@ -135,6 +136,15 @@ in
id = 3;
}
config.swarselsystems.firefox;
work = lib.recursiveUpdate
{
inherit isDefault;
id = 4;
settings = {
"browser.startup.homepage" = "https://outlook.office.com|https://satellite.vbc.ac.at|https://bitbucket.vbc.ac.at|https://github.com";
};
}
config.swarselsystems.firefox;
};
};
@ -288,6 +298,12 @@ in
icon = "firefox";
in
{
firefox_work = {
name = "Firefox (work)";
genericName = "Firefox work";
exec = "firefox -p work";
inherit terminal categories icon;
};
firefox_dc = {
name = "Firefox (dc)";
genericName = "Firefox dc";

14
modules/nixos/optional/gaming.nix
View file

@ -2,6 +2,13 @@
{
options.swarselsystems.modules.optional.gaming = lib.mkEnableOption "optional gaming settings";
config = lib.mkIf config.swarselsystems.modules.optional.gaming {
programs.steam = {
enable = true;
package = pkgs.steam;
extraCompatPackages = [
pkgs.proton-ge-bin
];
};
specialisation = {
gaming.configuration = {
networking = {
@ -20,13 +27,6 @@
};
};
programs.steam = {
enable = true;
package = pkgs.steam;
extraCompatPackages = [
pkgs.proton-ge-bin
];
};
hardware.xone.enable = true;

7
modules/nixos/optional/virtualbox.nix
View file

@ -15,7 +15,12 @@
};
};
# run an older kernel to provide compatibility with windows vm
boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
boot = {
kernelPackages = lib.mkForce pkgs.stable24_05.linuxPackages;
# kernelParams = [
# "amd_iommu=on"
# ];
};
};
};
};

4
modules/nixos/server/ankisync.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.ankisync = lib.mkEnableOption "enable ankisync on server";
config = lib.mkIf config.swarselsystems.server.ankisync {
options.swarselsystems.modules.server.ankisync = lib.mkEnableOption "enable ankisync on server";
config = lib.mkIf config.swarselsystems.modules.server.ankisync {
networking.firewall.allowedTCPPorts = [ 22701 ];

4
modules/nixos/server/emacs.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.emacs = lib.mkEnableOption "enable emacs server on server";
config = lib.mkIf config.swarselsystems.server.emacs {
options.swarselsystems.modules.server.emacs = lib.mkEnableOption "enable emacs server on server";
config = lib.mkIf config.swarselsystems.modules.server.emacs {
networking.firewall.allowedTCPPorts = [ 9812 ];

4
modules/nixos/server/forgejo.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.forgejo = lib.mkEnableOption "enable forgejo on server";
config = lib.mkIf config.swarselsystems.server.forgejo {
options.swarselsystems.modules.server.forgejo = lib.mkEnableOption "enable forgejo on server";
config = lib.mkIf config.swarselsystems.modules.server.forgejo {
networking.firewall.allowedTCPPorts = [ 3000 ];

4
modules/nixos/server/freshrss.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.freshrss = lib.mkEnableOption "enable freshrss on server";
config = lib.mkIf config.swarselsystems.server.freshrss {
options.swarselsystems.modules.server.freshrss = lib.mkEnableOption "enable freshrss on server";
config = lib.mkIf config.swarselsystems.modules.server.freshrss {
users.users.freshrss = {
extraGroups = [ "users" ];

4
modules/nixos/server/immich.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.immich = lib.mkEnableOption "enable immich on server";
config = lib.mkIf config.swarselsystems.server.immich {
options.swarselsystems.modules.server.immich = lib.mkEnableOption "enable immich on server";
config = lib.mkIf config.swarselsystems.modules.server.immich {
users.users.immich = {
extraGroups = [ "video" "render" "users" ];

4
modules/nixos/server/jellyfin.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.jellyfin = lib.mkEnableOption "enable jellyfin on server";
config = lib.mkIf config.swarselsystems.server.jellyfin {
options.swarselsystems.modules.server.jellyfin = lib.mkEnableOption "enable jellyfin on server";
config = lib.mkIf config.swarselsystems.modules.server.jellyfin {
users.users.jellyfin = {
extraGroups = [ "video" "render" "users" ];
};

4
modules/nixos/server/jenkins.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.jenkins = lib.mkEnableOption "enable jenkins on server";
config = lib.mkIf config.swarselsystems.server.jenkins {
options.swarselsystems.modules.server.jenkins = lib.mkEnableOption "enable jenkins on server";
config = lib.mkIf config.swarselsystems.modules.server.jenkins {
services.jenkins = {
enable = true;

4
modules/nixos/server/kavita.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.kavita = lib.mkEnableOption "enable kavita on server";
config = lib.mkIf config.swarselsystems.server.kavita {
options.swarselsystems.modules.server.kavita = lib.mkEnableOption "enable kavita on server";
config = lib.mkIf config.swarselsystems.modules.server.kavita {
environment.systemPackages = with pkgs; [
calibre
];

4
modules/nixos/server/matrix.nix
View file

@ -11,8 +11,8 @@ let
'';
in
{
options.swarselsystems.server.matrix = lib.mkEnableOption "enable matrix on server";
config = lib.mkIf config.swarselsystems.server.matrix {
options.swarselsystems.modules.server.matrix = lib.mkEnableOption "enable matrix on server";
config = lib.mkIf config.swarselsystems.modules.server.matrix {
environment.systemPackages = with pkgs; [
matrix-synapse
lottieconverter

6
modules/nixos/server/monitoring.nix
View file

@ -1,7 +1,7 @@
{ self, lib, config, ... }:
{
options.swarselsystems.server.monitoring = lib.mkEnableOption "enable monitoring on server";
config = lib.mkIf config.swarselsystems.server.monitoring {
options.swarselsystems.modules.server.monitoring = lib.mkEnableOption "enable monitoring on server";
config = lib.mkIf config.swarselsystems.modules.server.monitoring {
sops.secrets = {
grafanaadminpass = {
@ -127,7 +127,7 @@
sslVerify = false;
scrapeUri = "http://localhost/nginx_status";
};
nextcloud = lib.mkIf config.swarselsystems.server.nextcloud {
nextcloud = lib.mkIf config.swarselsystems.modules.server.nextcloud {
enable = true;
port = 9205;
url = "https://stash.swarsel.win/ocs/v2.php/apps/serverinfo/api/v1/info";

4
modules/nixos/server/mpd.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.mpd = lib.mkEnableOption "enable mpd on server";
config = lib.mkIf config.swarselsystems.server.mpd {
options.swarselsystems.modules.server.mpd = lib.mkEnableOption "enable mpd on server";
config = lib.mkIf config.swarselsystems.modules.server.mpd {
users = {
groups = {
mpd = { };

4
modules/nixos/server/navidrome.nix
View file

@ -3,8 +3,8 @@ let
secretsDirectory = builtins.toString inputs.nix-secrets;
in
{
options.swarselsystems.server.navidrome = lib.mkEnableOption "enable navidrome on server";
config = lib.mkIf config.swarselsystems.server.navidrome {
options.swarselsystems.modules.server.navidrome = lib.mkEnableOption "enable navidrome on server";
config = lib.mkIf config.swarselsystems.modules.server.navidrome {
environment.systemPackages = with pkgs; [
pciutils
alsa-utils

4
modules/nixos/server/nextcloud.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
config = lib.mkIf config.swarselsystems.server.nextcloud {
options.swarselsystems.modules.server.nextcloud = lib.mkEnableOption "enable nextcloud on server";
config = lib.mkIf config.swarselsystems.modules.server.nextcloud {
sops.secrets.nextcloudadminpass = {
owner = "nextcloud";

4
modules/nixos/server/nfs.nix
View file

@ -1,7 +1,7 @@
{ lib, config, pkgs, ... }:
{
options.swarselsystems.server.nfs = lib.mkEnableOption "enable nfs on server";
config = lib.mkIf config.swarselsystems.server.nfs {
options.swarselsystems.modules.server.nfs = lib.mkEnableOption "enable nfs on server";
config = lib.mkIf config.swarselsystems.modules.server.nfs {
services = {
# add a user with sudo smbpasswd -a <user>
samba = {

4
modules/nixos/server/nginx.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.nginx = lib.mkEnableOption "enable nginx on server";
config = lib.mkIf config.swarselsystems.server.nginx {
options.swarselsystems.modules.server.nginx = lib.mkEnableOption "enable nginx on server";
config = lib.mkIf config.swarselsystems.modules.server.nginx {
environment.systemPackages = with pkgs; [
lego
];

4
modules/nixos/server/packages.nix
View file

@ -1,7 +1,7 @@
{ lib, config, pkgs, ... }:
{
options.swarselsystems.server.packages = lib.mkEnableOption "enable packages on server";
config = lib.mkIf config.swarselsystems.server.packages {
options.swarselsystems.modules.server.packages = lib.mkEnableOption "enable packages on server";
config = lib.mkIf config.swarselsystems.modules.server.packages {
environment.systemPackages = with pkgs; [
gnupg
nix-index

4
modules/nixos/server/paperless.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.paperless = lib.mkEnableOption "enable paperless on server";
config = lib.mkIf config.swarselsystems.server.paperless {
options.swarselsystems.modules.server.paperless = lib.mkEnableOption "enable paperless on server";
config = lib.mkIf config.swarselsystems.modules.server.paperless {
users.users.paperless = {
extraGroups = [ "users" ];

2
modules/nixos/server/pipewire.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }:
{
config = lib.mkIf (config?swarselsystems.server.mpd || config?swarselsystems.server.navidrome) {
config = lib.mkIf (config?swarselsystems.modules.server.mpd || config?swarselsystems.modules.server.navidrome) {
security.rtkit.enable = true; # this is required for pipewire real-time access

4
modules/nixos/server/restic.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.restic = lib.mkEnableOption "enable restic backups on server";
config = lib.mkIf config.swarselsystems.server.restic {
options.swarselsystems.modules.server.restic = lib.mkEnableOption "enable restic backups on server";
config = lib.mkIf config.swarselsystems.modules.server.restic {
# TODO

4
modules/nixos/server/settings.nix
View file

@ -4,13 +4,13 @@ let
in
{
options.swarselsystems = {
server.general = lib.mkEnableOption "general setting on server";
modules.server.general = lib.mkEnableOption "general setting on server";
shellAliases = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
};
};
config = lib.mkIf config.swarselsystems.server.general {
config = lib.mkIf config.swarselsystems.modules.server.general {
environment.shellAliases = lib.recursiveUpdate
{
npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";

4
modules/nixos/server/sops.nix
View file

@ -1,7 +1,7 @@
{ config, lib, ... }:
{
options.swarselsystems.server.sops = lib.mkEnableOption "enable sops on server";
config = lib.mkIf config.swarselsystems.server.sops {
options.swarselsystems.modules.server.sops = lib.mkEnableOption "enable sops on server";
config = lib.mkIf config.swarselsystems.modules.server.sops {
sops = {
age.sshKeyPaths = lib.mkDefault [ "/etc/ssh/sops" ];
defaultSopsFile = lib.mkDefault "${config.swarselsystems.flakePath}/secrets/winters/secrets.yaml";

4
modules/nixos/server/spotifyd.nix
View file

@ -1,7 +1,7 @@
{ lib, config, ... }:
{
options.swarselsystems.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
config = lib.mkIf config.swarselsystems.server.spotifyd {
options.swarselsystems.modules.server.spotifyd = lib.mkEnableOption "enable spotifyd on server";
config = lib.mkIf config.swarselsystems.modules.server.spotifyd {
users.groups.spotifyd = {
gid = 65136;
};

4
modules/nixos/server/ssh.nix
View file

@ -1,7 +1,7 @@
{ self, lib, config, ... }:
{
options.swarselsystems.server.ssh = lib.mkEnableOption "enable ssh on server";
config = lib.mkIf config.swarselsystems.server.ssh {
options.swarselsystems.modules.server.ssh = lib.mkEnableOption "enable ssh on server";
config = lib.mkIf config.swarselsystems.modules.server.ssh {
services.openssh = {
enable = true;
};

4
modules/nixos/server/syncthing.nix
View file

@ -4,8 +4,8 @@ let
workHostName = lib.swarselsystems.getSecret "${secretsDirectory}/work/worklaptop-hostname";
in
{
options.swarselsystems.server.syncthing = lib.mkEnableOption "enable syncthing on server";
config = lib.mkIf config.swarselsystems.server.syncthing {
options.swarselsystems.modules.server.syncthing = lib.mkEnableOption "enable syncthing on server";
config = lib.mkIf config.swarselsystems.modules.server.syncthing {
users.users.syncthing = {
extraGroups = [ "users" ];

4
modules/nixos/server/transmission.nix
View file

@ -1,7 +1,7 @@
{ pkgs, lib, config, ... }:
{
options.swarselsystems.server.transmission = lib.mkEnableOption "enable transmission and friends on server";
config = lib.mkIf config.swarselsystems.server.transmission {
options.swarselsystems.modules.server.transmission = lib.mkEnableOption "enable transmission and friends on server";
config = lib.mkIf config.swarselsystems.modules.server.transmission {
# this user/group section is probably unneeded
users = {

8
overlays/default.nix
View file

@ -40,6 +40,13 @@ let
};
};
nixpkgs-stable24_05 = final: _: {
stable24_05 = import inputs.nixpkgs-stable {
inherit (final) system;
config.allowUnfree = true;
};
};
zjstatus = _: prev: {
zjstatus = inputs.zjstatus.packages.${prev.system}.default;
};
@ -52,6 +59,7 @@ in
(additions final prev)
// (modifications final prev)
// (nixpkgs-stable final prev)
// (nixpkgs-stable24_05 final prev)
// (zjstatus final prev)
// (inputs.vbc-nix.overlays.default final prev)
// (inputs.nur.overlays.default final prev)

6
pkgs/sshrm/default.nix Normal file
View file

@ -0,0 +1,6 @@
{ self, name, writeShellApplication, openssh }:
writeShellApplication {
inherit name;
runtimeInputs = [ openssh ];
text = builtins.readFile "${self}/scripts/${name}.sh";
}

3
profiles/nixos/localserver/default.nix
View file

@ -12,7 +12,6 @@
storeOptimize = lib.mkDefault true;
time = lib.mkDefault true;
users = lib.mkDefault true;
};
server = {
general = lib.mkDefault true;
packages = lib.mkDefault true;
@ -34,7 +33,7 @@
monitoring = lib.mkDefault true;
emacs = lib.mkDefault true;
freshrss = lib.mkDefault true;
};
};
};
};

2
profiles/nixos/syncserver/default.nix
View file

@ -12,7 +12,6 @@
storeOptimize = lib.mkDefault true;
time = lib.mkDefault true;
users = lib.mkDefault true;
};
server = {
general = lib.mkDefault true;
packages = lib.mkDefault true;
@ -25,5 +24,6 @@
};
};
};
};
}

65
programs/firefox/tridactyl/tridactylrc
View file

@ -30,30 +30,49 @@ bindurl ^http(s)?://lobste\.rs c hint -Jc [class="u-url"],[class="comments_label
bindurl ^http(s)?://www\.google\.com gi composite focusinput -l ; text.end_of_line
" Work
command tab_or_tabopen jsb -p (async () => { let tabs = await browser.tabs.query({}); let tab = tabs.find(t => t.url.includes(JS_ARG)); if (tab) {browser.tabs.update(tab.id, { active: true });} else {tri.excmds.tabopen(JS_ARG);}})()
command tab_or_tabopen jsb -p (async () => {
let tabs = await browser.tabs.query({});
let tab = tabs.find(t => t.url.includes(JS_ARG));
if (tab) {
browser.tabs.update(tab.id, { active: true });
} else {
tri.excmds.tabopen(JS_ARG);
}
})()
bind gwa tab_or_tabopen apic-impimba-1.m.imp.ac.at
bind gwA tab_or_tabopen artifactory.imp.ac.at
bind gwb tab_or_tabopen bitbucket.vbc.ac.at
bind gwc tab_or_tabopen vbc.atlassian.net/wiki
bind gwd tab_or_tabopen datadomain-impimba-2.imp.ac.at
bind gwe tab_or_tabopen exivity.vbc.ac.at
bind gwg tab_or_tabopen github.com
bind gwG tab_or_tabopen goc.egi.eu
bind gwh tab_or_tabopen jupyterhub.vbc.ac.at
bind gwH tab_or_tabopen test-jupyterhub.vbc.ac.at
bind gwj tab_or_tabopen jenkins.vbc.ac.at
bind gwJ tab_or_tabopen test-jenkins.vbc.ac.at
bind gwl tab_or_tabopen lucid.app
bind gwm tab_or_tabopen monitoring.vbc.ac.at/grafana
bind gwM tab_or_tabopen monitoring.vbc.ac.at/prometheus
bind gwn tab_or_tabopen netbox.vbc.ac.at
bind gwN tab_or_tabopen nap.imp.ac.at
bind gwo tab_or_tabopen outlook.office.com
bind gws tab_or_tabopen satellite.vbc.ac.at
bind gwt tab_or_tabopen tower.vbc.ac.at
bind gwv tab_or_tabopen vc-impimba-1.m.imp.ac.at/ui
bind gwx tab_or_tabopen xclarity.vbc.ac.at
command tab_or_tabopen_local jsb -p (async () => {
const currentWindow = await browser.windows.getCurrent();
const tabs = await browser.tabs.query({ windowId: currentWindow.id });
const tab = tabs.find(t => t.url.includes(JS_ARG));
if (tab) {
browser.tabs.update(tab.id, { active: true });
} else {
tri.excmds.tabopen(JS_ARG);
}
})()
bind gwa tab_or_tabopen_local apic-impimba-1.m.imp.ac.at
bind gwA tab_or_tabopen_local artifactory.imp.ac.at
bind gwb tab_or_tabopen_local bitbucket.vbc.ac.at
bind gwc tab_or_tabopen_local vbc.atlassian.net/wiki
bind gwd tab_or_tabopen_local datadomain-impimba-2.imp.ac.at
bind gwe tab_or_tabopen_local exivity.vbc.ac.at
bind gwg tab_or_tabopen_local github.com
bind gwG tab_or_tabopen_local goc.egi.eu
bind gwh tab_or_tabopen_local jupyterhub.vbc.ac.at
bind gwH tab_or_tabopen_local test-jupyterhub.vbc.ac.at
bind gwj tab_or_tabopen_local jenkins.vbc.ac.at
bind gwJ tab_or_tabopen_local test-jenkins.vbc.ac.at
bind gwl tab_or_tabopen_local lucid.app
bind gwm tab_or_tabopen_local monitoring.vbc.ac.at/grafana
bind gwM tab_or_tabopen_local monitoring.vbc.ac.at/prometheus
bind gwn tab_or_tabopen_local netbox.vbc.ac.at
bind gwN tab_or_tabopen_local nap.imp.ac.at
bind gwo tab_or_tabopen_local outlook.office.com
bind gws tab_or_tabopen_local satellite.vbc.ac.at
bind gwt tab_or_tabopen_local tower.vbc.ac.at
bind gwv tab_or_tabopen_local vc-impimba-1.m.imp.ac.at/ui
bind gwx tab_or_tabopen_local xclarity.vbc.ac.at
" Search in page
set findcase smart

11
scripts/sshrm.sh Normal file
View file

@ -0,0 +1,11 @@
HISTFILE="$HOME"/.histfile
last_ssh_cmd=$(grep -E "ssh " "$HISTFILE" | sed -E 's/^: [0-9]+:[0-9]+;//' | grep "^ssh " | tail -1)
host=$(echo "$last_ssh_cmd" | sed -E 's/.*ssh ([^@ ]+@)?([^ ]+).*/\2/')
if [[ -n $host ]]; then
echo "Removing SSH host key for: $host"
ssh-keygen -R "$host"
else
echo "No valid SSH command found in history."
fi