swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: WIP

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-03-31 18:29:07 +02:00
parent 289f072c13
commit ecd37537cc
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
53 changed files with 2370 additions and 1932 deletions
Download patch file Download diff file Expand all files Collapse all files

2226
SwarselSystems.org
View file

File diff suppressed because it is too large Load diff

2
hosts/nixos/nbl-imba-2/default.nix
View file

@ -23,6 +23,7 @@ in
"${modulesPath}/nixos/optional/nswitch-rcm.nix" "${modulesPath}/nixos/optional/nswitch-rcm.nix"
"${modulesPath}/nixos/optional/gaming.nix" "${modulesPath}/nixos/optional/gaming.nix"
"${modulesPath}/nixos/optional/work.nix" "${modulesPath}/nixos/optional/work.nix"
"${self}/profiles/nixos"
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
{ {
@ -90,6 +91,7 @@ in
swarselsystems = lib.recursiveUpdate swarselsystems = lib.recursiveUpdate
{ {
profiles.personal = true;
wallpaper = self + /wallpaper/lenovowp.png; wallpaper = self + /wallpaper/lenovowp.png;
hasBluetooth = true; hasBluetooth = true;
hasFingerprint = true; hasFingerprint = true;

12
lib/default.nix
View file

@ -26,6 +26,11 @@ in
} }
); );
mkTrueOption = lib.mkOption {
type = lib.types.bool;
default = true;
};
getSecret = filename: lib.strings.trim (builtins.readFile "${filename}"); getSecret = filename: lib.strings.trim (builtins.readFile "${filename}");
forEachSystem = f: lib.genAttrs (import systems) (system: f lib.swarselsystems.pkgsFor.${system}); forEachSystem = f: lib.genAttrs (import systems) (system: f lib.swarselsystems.pkgsFor.${system});
@ -132,6 +137,13 @@ in
}) })
names); names);
mkProfiles = names: type: builtins.listToAttrs (map
(name: {
inherit name;
value = import "${self}/profiles/${type}/${name}";
})
names);
mkTemplates = names: builtins.listToAttrs (map mkTemplates = names: builtins.listToAttrs (map
(name: { (name: {
inherit name; inherit name;

1
modules/home/common/symlink.nix
View file

@ -23,6 +23,7 @@
xdg.configFile = { xdg.configFile = {
"tridactyl/tridactylrc".source = self + /programs/firefox/tridactyl/tridactylrc; "tridactyl/tridactylrc".source = self + /programs/firefox/tridactyl/tridactylrc;
"tridactyl/themes/base16-codeschool.css".source = self + /programs/firefox/tridactyl/themes/base16-codeschool.css; "tridactyl/themes/base16-codeschool.css".source = self + /programs/firefox/tridactyl/themes/base16-codeschool.css;
"tridactyl/themes/swarsel.css".source = self + /programs/firefox/tridactyl/themes/swarsel.css;
"swayidle/config".source = self + /programs/swayidle/config; "swayidle/config".source = self + /programs/swayidle/config;
}; };
} }

12
modules/nixos/common/appimage.nix
View file

@ -1,9 +1,11 @@
_: { lib, config, ... }:
{ {
options.swarselsystems.modules.appimage = lib.mkEnableOption "appimage config";
programs.appimage = { config = lib.mkIf config.swarselsystems.modules.appimage {
enable = true; programs.appimage = {
binfmt = true; enable = true;
binfmt = true;
};
}; };
} }

9
modules/nixos/common/blueman.nix
View file

@ -1,5 +1,8 @@
_: { lib, config, ... }:
{ {
services.blueman.enable = true; options.swarselsystems.modules.blueman = lib.mkEnableOption "blueman config";
services.hardware.bolt.enable = true; config = lib.mkIf config.swarselsystems.modules.blueman {
services.blueman.enable = true;
services.hardware.bolt.enable = true;
};
} }

5
modules/nixos/common/default.nix
View file

@ -8,10 +8,5 @@ in
"${modulesPath}/home/common/sharedsetup.nix" "${modulesPath}/home/common/sharedsetup.nix"
]; ];
nixpkgs.config.permittedInsecurePackages = [
"jitsi-meet-1.0.8043"
"electron-29.4.6"
"SDL_ttf-2.0.11"
];
} }

22
modules/nixos/common/distrobox.nix
View file

@ -1,14 +1,16 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
environment.systemPackages = with pkgs; [ options.swarselsystems.modules.distrobox = lib.mkEnableOption "distrobox config";
distrobox config = lib.mkIf config.swarselsystems.modules.distrobox {
boxbuddy environment.systemPackages = with pkgs; [
]; distrobox
boxbuddy
];
virtualisation.podman = { virtualisation.podman = {
enable = true; enable = true;
dockerCompat = true; dockerCompat = true;
package = pkgs.stable.podman; package = pkgs.stable.podman;
};
}; };
} }

26
modules/nixos/common/env.nix
View file

@ -1,16 +1,18 @@
{ lib, pkgs, ... }: { lib, config, pkgs, ... }:
{ {
environment = { options.swarselsystems.modules.env = lib.mkEnableOption "environment config";
wordlist.enable = true; config = lib.mkIf config.swarselsystems.modules.env {
sessionVariables = { environment = {
NIXOS_OZONE_WL = "1"; wordlist.enable = true;
GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (with pkgs.gst_all_1; [ sessionVariables = {
gst-plugins-good NIXOS_OZONE_WL = "1";
gst-plugins-bad GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (with pkgs.gst_all_1; [
gst-plugins-ugly gst-plugins-good
gst-libav gst-plugins-bad
]); gst-plugins-ugly
gst-libav
]);
};
}; };
}; };
# gstreamer plugins for nautilus (used for file metadata)
} }

15
modules/nixos/common/gc.nix
View file

@ -1,9 +1,12 @@
_: { lib, config, ... }:
{ {
nix.gc = { options.swarselsystems.modules.gc = lib.mkEnableOption "garbage collection config";
automatic = true; config = lib.mkIf config.swarselsystems.modules.gc {
randomizedDelaySec = "14m"; nix.gc = {
dates = "weekly"; automatic = true;
options = "--delete-older-than 10d"; randomizedDelaySec = "14m";
dates = "weekly";
options = "--delete-older-than 10d";
};
}; };
} }

13
modules/nixos/common/gnome-keyring.nix
View file

@ -1,8 +1,11 @@
_: { lib, config, ... }:
{ {
services.gnome.gnome-keyring = { options.swarselsystems.modules.gnome-keyring = lib.mkEnableOption "gnome-keyring config";
enable = true; config = lib.mkIf config.swarselsystems.modules.gnome-keyring {
}; services.gnome.gnome-keyring = {
enable = true;
};
programs.seahorse.enable = true; programs.seahorse.enable = true;
};
} }

7
modules/nixos/common/gvfs.nix
View file

@ -1,4 +1,7 @@
_: { lib, config, ... }:
{ {
services.gvfs.enable = true; options.swarselsystems.modules.gvfs = lib.mkEnableOption "gvfs config for nautilus";
config = lib.mkIf config.swarselsystems.modules.gvfs {
services.gvfs.enable = true;
};
} }

3
modules/nixos/common/hardware.nix
View file

@ -2,6 +2,7 @@
{ {
options.swarselsystems = { options.swarselsystems = {
modules.hardware = lib.mkEnableOption "hardware config";
hasBluetooth = lib.mkEnableOption "bluetooth availability"; hasBluetooth = lib.mkEnableOption "bluetooth availability";
hasFingerprint = lib.mkEnableOption "fingerprint sensor availability"; hasFingerprint = lib.mkEnableOption "fingerprint sensor availability";
trackpoint = { trackpoint = {
@ -12,7 +13,7 @@
}; };
}; };
}; };
config = { config = lib.mkIf config.swarselsystems.modules.hardware {
hardware = { hardware = {
# opengl.driSupport32Bit = true is replaced with graphics.enable32Bit and hence redundant # opengl.driSupport32Bit = true is replaced with graphics.enable32Bit and hence redundant
graphics = { graphics = {

15
modules/nixos/common/hardwarecompatibility-keyboards.nix
View file

@ -1,8 +1,11 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
services.udev.packages = with pkgs; [ options.swarselsystems.modules.keyboards = lib.mkEnableOption "keyboards config";
qmk-udev-rules config = lib.mkIf config.swarselsystems.modules.keyboards {
vial services.udev.packages = with pkgs; [
via qmk-udev-rules
]; vial
via
];
};
} }

13
modules/nixos/common/hardwarecompatibility-ledger.nix
View file

@ -1,9 +1,12 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
hardware.ledger.enable = true; options.swarselsystems.modules.ledger = lib.mkEnableOption "ledger config";
config = lib.mkIf config.swarselsystems.modules.ledger {
hardware.ledger.enable = true;
services.udev.packages = with pkgs; [ services.udev.packages = with pkgs; [
ledger-udev-rules ledger-udev-rules
]; ];
};
} }

25
modules/nixos/common/hardwarecompatibility-yubikey.nix
View file

@ -1,21 +1,16 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
programs.ssh.startAgent = false; options.swarselsystems.modules.yubikey = lib.mkEnableOption "yubikey config";
config = lib.mkIf config.swarselsystems.modules.yubikey {
programs.ssh.startAgent = false;
services.pcscd.enable = false; services.pcscd.enable = false;
hardware.gpgSmartcards.enable = true; hardware.gpgSmartcards.enable = true;
services.udev.packages = with pkgs; [ services.udev.packages = with pkgs; [
yubikey-personalization yubikey-personalization
]; ];
# systemd.services.shutdownSopsGpg = {
# path = [ pkgs.gnupg ];
# script = ''
# gpgconf --homedir /var/lib/sops --kill gpg-agent
# '';
# wantedBy = [ "multi-user.target" ];
# };
};
} }

7
modules/nixos/common/home-manager-extra.nix
View file

@ -1,6 +1,9 @@
{ inputs, config, lib, ... }: { inputs, config, lib, ... }:
{ {
home-manager = lib.mkIf config.swarselsystems.withHomeManager { options.swarselsystems.modules.home-managerExtra = lib.mkEnableOption "home-manager extras for non-chaostheatre";
extraSpecialArgs = { inherit (inputs) nix-secrets nixgl; }; config = lib.mkIf config.swarselsystems.modules.home-managerExtra {
home-manager = lib.mkIf config.swarselsystems.withHomeManager {
extraSpecialArgs = { inherit (inputs) nix-secrets nixgl; };
};
}; };
} }

12
modules/nixos/common/home-manager.nix
View file

@ -1,8 +1,12 @@
{ inputs, config, lib, ... }: { inputs, config, lib, ... }:
{ {
home-manager = lib.mkIf config.swarselsystems.withHomeManager {
useGlobalPkgs = true; options.swarselsystems.modules.home-manager = lib.mkEnableOption "home-manager";
useUserPackages = true; config = lib.mkIf config.swarselsystems.modules.home-manager {
extraSpecialArgs = { inherit (inputs) self; }; home-manager = lib.mkIf config.swarselsystems.withHomeManager {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = { inherit (inputs) self; };
};
}; };
} }

157
modules/nixos/common/impermanence.nix
View file

@ -4,88 +4,91 @@ let
inherit (config.swarselsystems) homeDir isImpermanence isCrypted; inherit (config.swarselsystems) homeDir isImpermanence isCrypted;
in in
{ {
options.swarselsystems.modules.impermanence = lib.mkEnableOption "impermanence config";
config = lib.mkIf config.swarselsystems.modules.impermanence {
security.sudo.extraConfig = lib.mkIf isImpermanence '' security.sudo.extraConfig = lib.mkIf isImpermanence ''
# rollback results in sudo lectures after each reboot # rollback results in sudo lectures after each reboot
Defaults lecture = never Defaults lecture = never
'';
# This script does the actual wipe of the system
# So if it doesn't run, the btrfs system effectively acts like a normal system
# Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix
boot.initrd.systemd.enable = lib.mkIf isImpermanence true;
boot.initrd.systemd.services.rollback = lib.mkIf isImpermanence {
description = "Rollback BTRFS root subvolume to a pristine state";
wantedBy = [ "initrd.target" ];
# make sure it's done after encryption
# i.e. LUKS/TPM process
after = lib.swarselsystems.mkIfElseList isCrypted [ "systemd-cryptsetup@cryptroot.service" ] [ "dev-disk-by\\x2dlabel-nixos.device" ];
requires = lib.mkIf (!isCrypted) [ "dev-disk-by\\x2dlabel-nixos.device" ];
# mount the root fs before clearing
before = [ "sysroot.mount" ];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir -p /mnt
# We first mount the btrfs root to /mnt
# so we can manipulate btrfs subvolumes.
mount -o subvolid=5 -t btrfs ${mapperTarget} /mnt
btrfs subvolume list -o /mnt/root
# While we're tempted to just delete /root and create
# a new snapshot from /root-blank, /root is already
# populated at this point with a number of subvolumes,
# which makes `btrfs subvolume delete` fail.
# So, we remove them first.
#
# /root contains subvolumes:
# - /root/var/lib/portables
# - /root/var/lib/machines
btrfs subvolume list -o /mnt/root |
cut -f9 -d' ' |
while read subvolume; do
echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume"
done &&
echo "deleting /root subvolume..." &&
btrfs subvolume delete /mnt/root
echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/root-blank /mnt/root
# Once we're done rolling back to a blank snapshot,
# we can unmount /mnt and continue on the boot process.
umount /mnt
''; '';
};
# This script does the actual wipe of the system
# So if it doesn't run, the btrfs system effectively acts like a normal system
# Taken from https://github.com/NotAShelf/nyx/blob/2a8273ed3f11a4b4ca027a68405d9eb35eba567b/modules/core/common/system/impermanence/default.nix
boot.initrd.systemd.enable = lib.mkIf isImpermanence true;
boot.initrd.systemd.services.rollback = lib.mkIf isImpermanence {
description = "Rollback BTRFS root subvolume to a pristine state";
wantedBy = [ "initrd.target" ];
# make sure it's done after encryption
# i.e. LUKS/TPM process
after = lib.swarselsystems.mkIfElseList isCrypted [ "systemd-cryptsetup@cryptroot.service" ] [ "dev-disk-by\\x2dlabel-nixos.device" ];
requires = lib.mkIf (!isCrypted) [ "dev-disk-by\\x2dlabel-nixos.device" ];
# mount the root fs before clearing
before = [ "sysroot.mount" ];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir -p /mnt
# We first mount the btrfs root to /mnt
# so we can manipulate btrfs subvolumes.
mount -o subvolid=5 -t btrfs ${mapperTarget} /mnt
btrfs subvolume list -o /mnt/root
# While we're tempted to just delete /root and create
# a new snapshot from /root-blank, /root is already
# populated at this point with a number of subvolumes,
# which makes `btrfs subvolume delete` fail.
# So, we remove them first.
#
# /root contains subvolumes:
# - /root/var/lib/portables
# - /root/var/lib/machines
btrfs subvolume list -o /mnt/root |
cut -f9 -d' ' |
while read subvolume; do
echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume"
done &&
echo "deleting /root subvolume..." &&
btrfs subvolume delete /mnt/root
echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/root-blank /mnt/root
# Once we're done rolling back to a blank snapshot,
# we can unmount /mnt and continue on the boot process.
umount /mnt
'';
};
environment.persistence."/persist" = lib.mkIf isImpermanence { environment.persistence."/persist" = lib.mkIf isImpermanence {
hideMounts = true; hideMounts = true;
directories = directories =
[ [
"/.cache/nix" "/.cache/nix"
"/srv" "/srv"
"/etc/nixos" "/etc/nixos"
"/etc/nix" "/etc/nix"
"/etc/NetworkManager/system-connections" "/etc/NetworkManager/system-connections"
# "/etc/secureboot" # "/etc/secureboot"
"${homeDir}/.dotfiles" "${homeDir}/.dotfiles"
"/var/db/sudo" "/var/db/sudo"
"/var/cache" "/var/cache"
"/var/lib" "/var/lib"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
]; ];
};
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
}; };
} }

51
modules/nixos/common/interceptiontools.nix
View file

@ -1,29 +1,32 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
# Make CAPS work as a dual function ESC/CTRL key options.swarselsystems.modules.interceptionTools = lib.mkEnableOption "interception tools config";
services.interception-tools = { config = lib.mkIf config.swarselsystems.modules.interceptionTools {
enable = true; # Make CAPS work as a dual function ESC/CTRL key
udevmonConfig = services.interception-tools = {
let enable = true;
dualFunctionKeysConfig = builtins.toFile "dual-function-keys.yaml" '' udevmonConfig =
TIMING: let
TAP_MILLISEC: 200 dualFunctionKeysConfig = builtins.toFile "dual-function-keys.yaml" ''
DOUBLE_TAP_MILLISEC: 0 TIMING:
TAP_MILLISEC: 200
DOUBLE_TAP_MILLISEC: 0
MAPPINGS: MAPPINGS:
- KEY: KEY_CAPSLOCK - KEY: KEY_CAPSLOCK
TAP: KEY_ESC TAP: KEY_ESC
HOLD: KEY_LEFTCTRL HOLD: KEY_LEFTCTRL
'';
in
''
- JOB: |
${pkgs.interception-tools}/bin/intercept -g $DEVNODE \
| ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \
| ${pkgs.interception-tools}/bin/uinput -d $DEVNODE
DEVICE:
EVENTS:
EV_KEY: [KEY_CAPSLOCK]
''; '';
in };
''
- JOB: |
${pkgs.interception-tools}/bin/intercept -g $DEVNODE \
| ${pkgs.interception-tools-plugins.dual-function-keys}/bin/dual-function-keys -c ${dualFunctionKeysConfig} \
| ${pkgs.interception-tools}/bin/uinput -d $DEVNODE
DEVICE:
EVENTS:
EV_KEY: [KEY_CAPSLOCK]
'';
}; };
} }

21
modules/nixos/common/lanzaboote.nix
View file

@ -1,14 +1,17 @@
{ lib, config, ... }: { lib, config, ... }:
{ {
boot = { options.swarselsystems.modules.lanzaboote = lib.mkEnableOption "lanzaboote config";
loader = { config = lib.mkIf config.swarselsystems.modules.lanzaboote {
efi.canTouchEfiVariables = true; boot = {
systemd-boot.enable = lib.swarselsystems.mkIfElse (config.swarselsystems.initialSetup || !config.swarselsystems.isSecureBoot) (lib.mkForce true) (lib.mkForce false); loader = {
}; efi.canTouchEfiVariables = true;
lanzaboote = lib.mkIf (!config.swarselsystems.initialSetup && config.swarselsystems.isSecureBoot) { systemd-boot.enable = lib.swarselsystems.mkIfElse (config.swarselsystems.initialSetup || !config.swarselsystems.isSecureBoot) (lib.mkForce true) (lib.mkForce false);
enable = true; };
pkiBundle = "/var/lib/sbctl"; lanzaboote = lib.mkIf (!config.swarselsystems.initialSetup && config.swarselsystems.isSecureBoot) {
configurationLimit = 3; enable = true;
pkiBundle = "/var/lib/sbctl";
configurationLimit = 3;
};
}; };
}; };
} }

61
modules/nixos/common/lid.nix
View file

@ -1,34 +1,37 @@
_: { lib, config, ... }:
{ {
services.logind = { options.swarselsystems.modules.lid = lib.mkEnableOption "lid config";
lidSwitch = "suspend"; config = lib.mkIf config.swarselsystems.modules.lid {
lidSwitchDocked = "ignore"; services.logind = {
}; lidSwitch = "suspend";
services.acpid = { lidSwitchDocked = "ignore";
enable = true;
handlers.lidClosed = {
event = "button/lid \\w+ close";
action = ''
cat /sys/class/backlight/amdgpu_bl1/device/enabled
if grep -Fxq disabled /sys/class/backlight/amdgpu_bl1/device/enabled
then
echo "Lid closed. Disabling fprintd."
systemctl stop fprintd
ln -s /dev/null /run/systemd/transient/fprintd.service
systemctl daemon-reload
fi
'';
}; };
handlers.lidOpen = { services.acpid = {
event = "button/lid \\w+ open"; enable = true;
action = '' handlers.lidClosed = {
if ! $(systemctl is-active --quiet fprintd); then event = "button/lid \\w+ close";
echo "Lid open. Enabling fprintd." action = ''
rm -f /run/systemd/transient/fprintd.service cat /sys/class/backlight/amdgpu_bl1/device/enabled
systemctl daemon-reload if grep -Fxq disabled /sys/class/backlight/amdgpu_bl1/device/enabled
systemctl start fprintd then
fi echo "Lid closed. Disabling fprintd."
''; systemctl stop fprintd
ln -s /dev/null /run/systemd/transient/fprintd.service
systemctl daemon-reload
fi
'';
};
handlers.lidOpen = {
event = "button/lid \\w+ open";
action = ''
if ! $(systemctl is-active --quiet fprintd); then
echo "Lid open. Enabling fprintd."
rm -f /run/systemd/transient/fprintd.service
systemctl daemon-reload
systemctl start fprintd
fi
'';
};
}; };
}; };
} }

35
modules/nixos/common/login.nix
View file

@ -1,20 +1,23 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
services.greetd = { options.swarselsystems.modules.login = lib.mkEnableOption "login config";
enable = true; config = lib.mkIf config.swarselsystems.modules.login {
settings = { services.greetd = {
initial_session.command = "sway"; enable = true;
default_session.command = '' settings = {
${pkgs.greetd.tuigreet}/bin/tuigreet \ initial_session.command = "sway";
--time \ default_session.command = ''
--asterisks \ ${pkgs.greetd.tuigreet}/bin/tuigreet \
--user-menu \ --time \
--cmd sway --asterisks \
''; --user-menu \
--cmd sway
'';
};
}; };
};
environment.etc."greetd/environments".text = '' environment.etc."greetd/environments".text = ''
sway sway
''; '';
};
} }

45
modules/nixos/common/lowbattery.nix
View file

@ -1,26 +1,29 @@
{ pkgs, lib, ... }: { pkgs, lib, config, ... }:
{ {
systemd.user.services."battery-low" = { options.swarselsystems.modules.lowBattery = lib.mkEnableOption "low battery notification config";
enable = true; config = lib.mkIf config.swarselsystems.modules.lowBattery {
description = "Timer for battery check that alerts at 10% or less"; systemd.user.services."battery-low" = {
partOf = [ "graphical-session.target" ]; enable = true;
wantedBy = [ "graphical-session.target" ]; description = "Timer for battery check that alerts at 10% or less";
serviceConfig = { partOf = [ "graphical-session.target" ];
Type = "simple"; wantedBy = [ "graphical-session.target" ];
ExecStart = pkgs.writeShellScript "battery-low-notification" serviceConfig = {
'' Type = "simple";
if (( 10 >= $(${lib.getExe pkgs.acpi} -b | head -n 1 | ${lib.getExe pkgs.ripgrep} -o "\d+%" | ${lib.getExe pkgs.ripgrep} -o "\d+") && $(${lib.getExe pkgs.acpi} -b | head -n 1 | ${lib.getExe pkgs.ripgrep} -o "\d+%" | ${lib.getExe pkgs.ripgrep} -o "\d+") > 0 )); ExecStart = pkgs.writeShellScript "battery-low-notification"
then ${lib.getExe pkgs.libnotify} --urgency=critical "low battery" "$(${lib.getExe pkgs.acpi} -b | head -n 1 | ${lib.getExe pkgs.ripgrep} -o "\d+%")"; ''
fi; if (( 10 >= $(${lib.getExe pkgs.acpi} -b | head -n 1 | ${lib.getExe pkgs.ripgrep} -o "\d+%" | ${lib.getExe pkgs.ripgrep} -o "\d+") && $(${lib.getExe pkgs.acpi} -b | head -n 1 | ${lib.getExe pkgs.ripgrep} -o "\d+%" | ${lib.getExe pkgs.ripgrep} -o "\d+") > 0 ));
''; then ${lib.getExe pkgs.libnotify} --urgency=critical "low battery" "$(${lib.getExe pkgs.acpi} -b | head -n 1 | ${lib.getExe pkgs.ripgrep} -o "\d+%")";
fi;
'';
};
}; };
}; systemd.user.timers."battery-low" = {
systemd.user.timers."battery-low" = { wantedBy = [ "timers.target" ];
wantedBy = [ "timers.target" ]; timerConfig = {
timerConfig = { # Every Minute
# Every Minute OnCalendar = "*-*-* *:*:00";
OnCalendar = "*-*-* *:*:00"; Unit = "battery-low.service";
Unit = "battery-low.service"; };
}; };
}; };
} }

443
modules/nixos/common/network.nix
View file

@ -1,245 +1,248 @@
{ lib, config, ... }: { lib, config, ... }:
{ {
networking = { options.swarselsystems.modules.network = lib.mkEnableOption "network config";
nftables.enable = lib.mkDefault true; config = lib.mkIf config.swarselsystems.modules.network {
enableIPv6 = lib.mkDefault true; networking = {
firewall = { nftables.enable = lib.mkDefault true;
checkReversePath = lib.mkDefault false; enableIPv6 = lib.mkDefault true;
enable = lib.mkDefault true; firewall = {
allowedUDPPorts = [ 51820 ]; # 51820: wireguard checkReversePath = lib.mkDefault false;
allowedTCPPortRanges = [ enable = lib.mkDefault true;
{ from = 1714; to = 1764; } # kde-connect allowedUDPPorts = [ 51820 ]; # 51820: wireguard
]; allowedTCPPortRanges = [
allowedUDPPortRanges = [ { from = 1714; to = 1764; } # kde-connect
{ from = 1714; to = 1764; } # kde-connect
];
};
networkmanager = {
enable = true;
ensureProfiles = lib.mkIf (!config.swarselsystems.isPublic) {
environmentFiles = [
"${config.sops.templates."network-manager.env".path}"
]; ];
profiles = { allowedUDPPortRanges = [
"Ernest Routerford" = { { from = 1714; to = 1764; } # kde-connect
connection = { ];
id = "Ernest Routerford"; };
permissions = "";
type = "wifi";
};
ipv4 = {
dns-search = "";
method = "auto";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
dns-search = "";
method = "auto";
};
wifi = {
mac-address-blacklist = "";
mode = "infrastructure";
ssid = "Ernest Routerford";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$ERNEST";
};
};
LAN-Party = { networkmanager = {
connection = { enable = true;
autoconnect = "false"; ensureProfiles = lib.mkIf (!config.swarselsystems.isPublic) {
id = "LAN-Party"; environmentFiles = [
type = "ethernet"; "${config.sops.templates."network-manager.env".path}"
];
profiles = {
"Ernest Routerford" = {
connection = {
id = "Ernest Routerford";
permissions = "";
type = "wifi";
};
ipv4 = {
dns-search = "";
method = "auto";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
dns-search = "";
method = "auto";
};
wifi = {
mac-address-blacklist = "";
mode = "infrastructure";
ssid = "Ernest Routerford";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$ERNEST";
};
}; };
ethernet = {
auto-negotiate = "true";
cloned-mac-address = "preserve";
mac-address = "90:2E:16:D0:A1:87";
};
ipv4 = { method = "shared"; };
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
};
eduroam = { LAN-Party = {
"802-1x" = { connection = {
eap = "ttls;"; autoconnect = "false";
identity = "$EDUID"; id = "LAN-Party";
password = "$EDUPASS"; type = "ethernet";
phase2-auth = "mschapv2"; };
ethernet = {
auto-negotiate = "true";
cloned-mac-address = "preserve";
mac-address = "90:2E:16:D0:A1:87";
};
ipv4 = { method = "shared"; };
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
}; };
connection = {
id = "eduroam";
type = "wifi";
};
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
proxy = { };
wifi = {
mode = "infrastructure";
ssid = "eduroam";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
};
local = { eduroam = {
connection = { "802-1x" = {
autoconnect = "false"; eap = "ttls;";
id = "local"; identity = "$EDUID";
type = "ethernet"; password = "$EDUPASS";
phase2-auth = "mschapv2";
};
connection = {
id = "eduroam";
type = "wifi";
};
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
proxy = { };
wifi = {
mode = "infrastructure";
ssid = "eduroam";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
}; };
ethernet = { };
ipv4 = {
address1 = "10.42.1.1/24";
method = "shared";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
};
HH40V_39F5 = { local = {
connection = { connection = {
id = "HH40V_39F5"; autoconnect = "false";
type = "wifi"; id = "local";
type = "ethernet";
};
ethernet = { };
ipv4 = {
address1 = "10.42.1.1/24";
method = "shared";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
}; };
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
wifi = {
band = "bg";
mode = "infrastructure";
ssid = "HH40V_39F5";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = "$FRAUNS";
};
};
magicant = { HH40V_39F5 = {
connection = { connection = {
id = "magicant"; id = "HH40V_39F5";
type = "wifi"; type = "wifi";
};
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
wifi = {
band = "bg";
mode = "infrastructure";
ssid = "HH40V_39F5";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = "$FRAUNS";
};
}; };
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
proxy = { };
wifi = {
mode = "infrastructure";
ssid = "magicant";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$HANDYHOTSPOT";
};
};
wireguardvpn = { magicant = {
connection = { connection = {
id = "HomeVPN"; id = "magicant";
type = "wireguard"; type = "wifi";
autoconnect = "false"; };
interface-name = "wg1"; ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
proxy = { };
wifi = {
mode = "infrastructure";
ssid = "magicant";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$HANDYHOTSPOT";
};
}; };
wireguard = { private-key = "$WIREGUARDPRIV"; };
"wireguard-peer.$WIREGUARDPUB" = {
endpoint = "$WIREGUARDENDPOINT";
allowed-ips = "0.0.0.0/0";
};
ipv4 = {
method = "ignore";
address1 = "192.168.3.3/32";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "ignore";
};
proxy = { };
};
"sweden-aes-128-cbc-udp-dns" = { wireguardvpn = {
connection = { connection = {
autoconnect = "false"; id = "HomeVPN";
id = "PIA Sweden"; type = "wireguard";
type = "vpn"; autoconnect = "false";
interface-name = "wg1";
};
wireguard = { private-key = "$WIREGUARDPRIV"; };
"wireguard-peer.$WIREGUARDPUB" = {
endpoint = "$WIREGUARDENDPOINT";
allowed-ips = "0.0.0.0/0";
};
ipv4 = {
method = "ignore";
address1 = "192.168.3.3/32";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "ignore";
};
proxy = { };
}; };
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
vpn = {
auth = "sha1";
ca = config.sops.secrets."sweden-aes-128-cbc-udp-dns-ca.pem".path;
challenge-response-flags = "2";
cipher = "aes-128-cbc";
compress = "yes";
connection-type = "password";
crl-verify-file = config.sops.secrets."sweden-aes-128-cbc-udp-dns-crl-verify.pem".path;
dev = "tun";
password-flags = "0";
remote = "sweden.privacy.network:1198";
remote-cert-tls = "server";
reneg-seconds = "0";
service-type = "org.freedesktop.NetworkManager.openvpn";
username = "$VPNUSER";
};
vpn-secrets = { password = "$VPNPASS"; };
};
Hotspot = { "sweden-aes-128-cbc-udp-dns" = {
connection = { connection = {
autoconnect = "false"; autoconnect = "false";
id = "Hotspot"; id = "PIA Sweden";
type = "wifi"; type = "vpn";
};
ipv4 = { method = "auto"; };
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
proxy = { };
vpn = {
auth = "sha1";
ca = config.sops.secrets."sweden-aes-128-cbc-udp-dns-ca.pem".path;
challenge-response-flags = "2";
cipher = "aes-128-cbc";
compress = "yes";
connection-type = "password";
crl-verify-file = config.sops.secrets."sweden-aes-128-cbc-udp-dns-crl-verify.pem".path;
dev = "tun";
password-flags = "0";
remote = "sweden.privacy.network:1198";
remote-cert-tls = "server";
reneg-seconds = "0";
service-type = "org.freedesktop.NetworkManager.openvpn";
username = "$VPNUSER";
};
vpn-secrets = { password = "$VPNPASS"; };
}; };
ipv4 = { method = "shared"; };
ipv6 = {
addr-gen-mode = "default";
method = "ignore";
};
proxy = { };
wifi = {
mode = "ap";
ssid = "Hotspot-${config.swarselsystems.mainUser}";
};
wifi-security = {
group = "ccmp;";
key-mgmt = "wpa-psk";
pairwise = "ccmp;";
proto = "rsn;";
psk = "$HOTSPOT";
};
};
Hotspot = {
connection = {
autoconnect = "false";
id = "Hotspot";
type = "wifi";
};
ipv4 = { method = "shared"; };
ipv6 = {
addr-gen-mode = "default";
method = "ignore";
};
proxy = { };
wifi = {
mode = "ap";
ssid = "Hotspot-${config.swarselsystems.mainUser}";
};
wifi-security = {
group = "ccmp;";
key-mgmt = "wpa-psk";
pairwise = "ccmp;";
proto = "rsn;";
psk = "$HOTSPOT";
};
};
};
}; };
}; };
}; };
};
systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ]; systemd.services.NetworkManager-ensure-profiles.after = [ "NetworkManager.service" ];
};
} }

53
modules/nixos/common/networkdevices.nix
View file

@ -1,30 +1,33 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
# enable scanners over network options.swarselsystems.modules.networkDevices = lib.mkEnableOption "network device config";
hardware.sane = { config = lib.mkIf config.swarselsystems.modules.networkDevices {
enable = true; # enable scanners over network
extraBackends = [ pkgs.sane-airscan ]; hardware.sane = {
}; enable = true;
extraBackends = [ pkgs.sane-airscan ];
};
# enable discovery and usage of network devices (esp. printers) # enable discovery and usage of network devices (esp. printers)
services.printing = { services.printing = {
enable = true; enable = true;
drivers = [ drivers = [
pkgs.gutenprint pkgs.gutenprint
pkgs.gutenprintBin pkgs.gutenprintBin
]; ];
browsedConf = '' browsedConf = ''
BrowseDNSSDSubTypes _cups,_print BrowseDNSSDSubTypes _cups,_print
BrowseLocalProtocols all BrowseLocalProtocols all
BrowseRemoteProtocols all BrowseRemoteProtocols all
CreateIPPPrinterQueues All CreateIPPPrinterQueues All
BrowseProtocols all BrowseProtocols all
''; '';
}; };
services.avahi = { services.avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;
openFirewall = true; openFirewall = true;
};
}; };
} }

217
modules/nixos/common/nix-ld.nix
View file

@ -1,110 +1,113 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
programs.nix-ld = { options.swarselsystems.modules.nix-ld = lib.mkEnableOption "nix-ld config";
enable = true; config = lib.mkIf config.swarselsystems.modules.nix-ld {
libraries = with pkgs; [ programs.nix-ld = {
SDL enable = true;
SDL2 libraries = with pkgs; [
SDL2_image SDL
SDL2_mixer SDL2
SDL2_ttf SDL2_image
SDL_image SDL2_mixer
SDL_mixer SDL2_ttf
SDL_ttf SDL_image
alsa-lib SDL_mixer
at-spi2-atk SDL_ttf
at-spi2-core alsa-lib
atk at-spi2-atk
bzip2 at-spi2-core
cairo atk
cups bzip2
curl cairo
dbus cups
dbus-glib curl
expat dbus
ffmpeg dbus-glib
flac expat
fontconfig ffmpeg
freeglut flac
freetype fontconfig
fuse3 freeglut
gdk-pixbuf freetype
glew110 fuse3
glib gdk-pixbuf
stable.gnome2.GConf glew110
pango glib
gtk2 stable.gnome2.GConf
gtk3 pango
icu gtk2
libGL gtk3
libappindicator-gtk2 icu
libappindicator-gtk3 libGL
libcaca libappindicator-gtk2
libcanberra libappindicator-gtk3
libcap libcaca
libdbusmenu-gtk2 libcanberra
libdrm libcap
libelf libdbusmenu-gtk2
libgcrypt libdrm
libglvnd libelf
libidn libgcrypt
libindicator-gtk2 libglvnd
libjpeg libidn
libmikmod libindicator-gtk2
libnotify libjpeg
libogg libmikmod
libpng libnotify
libpng12 libogg
libpulseaudio libpng
librsvg libpng12
libsamplerate libpulseaudio
libtheora librsvg
libtiff libsamplerate
libudev0-shim libtheora
libunwind libtiff
libusb1 libudev0-shim
libuuid libunwind
libva libusb1
libvdpau libuuid
libvorbis libva
libvpx libvdpau
libxkbcommon libvorbis
libxml2 libvpx
libz libxkbcommon
mesa libxml2
nspr libz
nss mesa
openssl nspr
pango nss
pipewire openssl
pixman pango
speex pipewire
stdenv.cc.cc pixman
steam-fhsenv-without-steam speex
systemd stdenv.cc.cc
tbb steam-fhsenv-without-steam
vulkan-loader systemd
xorg.libICE tbb
xorg.libSM vulkan-loader
xorg.libX11 xorg.libICE
xorg.libXScrnSaver xorg.libSM
xorg.libXcomposite xorg.libX11
xorg.libXcursor xorg.libXScrnSaver
xorg.libXdamage xorg.libXcomposite
xorg.libXext xorg.libXcursor
xorg.libXfixes xorg.libXdamage
xorg.libXft xorg.libXext
xorg.libXi xorg.libXfixes
xorg.libXinerama xorg.libXft
xorg.libXmu xorg.libXi
xorg.libXrandr xorg.libXinerama
xorg.libXrender xorg.libXmu
xorg.libXt xorg.libXrandr
xorg.libXtst xorg.libXrender
xorg.libXxf86vm xorg.libXt
xorg.libxcb xorg.libXtst
xorg.libxshmfence xorg.libXxf86vm
zlib xorg.libxcb
]; xorg.libxshmfence
zlib
];
};
}; };
} }

17
modules/nixos/common/nvd-rebuild.nix
View file

@ -1,10 +1,13 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
system.activationScripts.diff = { options.swarselsystems.modules.nvd = lib.mkEnableOption "nvd config";
supportsDryActivation = true; config = lib.mkIf config.swarselsystems.modules.nvd {
text = '' system.activationScripts.diff = {
${pkgs.nvd}/bin/nvd --color=always --nix-bin-dir=${pkgs.nix}/bin diff \ supportsDryActivation = true;
/run/current-system "$systemConfig" text = ''
''; ${pkgs.nvd}/bin/nvd --color=always --nix-bin-dir=${pkgs.nix}/bin diff \
/run/current-system "$systemConfig"
'';
};
}; };
} }

170
modules/nixos/common/packages.nix
View file

@ -1,123 +1,83 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
environment.systemPackages = with pkgs; [ options.swarselsystems.modules.packages = lib.mkEnableOption "install packages";
# yubikey packages config = lib.mkIf config.swarselsystems.modules.packages {
gnupg environment.systemPackages = with pkgs; [
yubikey-personalization # yubikey packages
yubikey-personalization-gui gnupg
yubico-pam yubikey-personalization
yubioath-flutter yubikey-personalization-gui
yubikey-manager yubico-pam
yubikey-manager-qt yubioath-flutter
yubikey-touch-detector yubikey-manager
yubico-piv-tool yubikey-manager-qt
cfssl yubikey-touch-detector
pcsctools yubico-piv-tool
pcscliteWithPolkit.out cfssl
pcsctools
pcscliteWithPolkit.out
# ledger packages # ledger packages
ledger-live-desktop ledger-live-desktop
# pinentry # pinentry
dbus dbus
swaylock-effects swaylock-effects
syncthingtray-minimal syncthingtray-minimal
wl-mirror wl-mirror
# secure boot # secure boot
sbctl sbctl
libsForQt5.qt5.qtwayland libsForQt5.qt5.qtwayland
# nix package database # nix package database
nix-index nix-index
nixos-generators nixos-generators
# commit hooks # commit hooks
pre-commit pre-commit
# proc info # proc info
acpi acpi
# pci info # pci info
pciutils pciutils
usbutils usbutils
# better make for general tasks # better make for general tasks
just just
screenshare screenshare
fullscreen fullscreen
# keyboards # keyboards
qmk qmk
vial vial
via via
# theme related # theme related
adwaita-icon-theme adwaita-icon-theme
# kde-connect # kde-connect
xdg-desktop-portal xdg-desktop-portal
xdg-desktop-portal-wlr xdg-desktop-portal-wlr
# bluetooth # bluetooth
bluez bluez
ghostscript_headless
wireguard-tools
nixd
zig
zls
ansible-language-server
# lsp-related ------------------------------- ];
# nix
# latex
# texlab
ghostscript_headless
# wireguard
wireguard-tools
# rust
# rust-analyzer
# clippy
# rustfmt
# go
# go
# gopls
# nix
nixd
# zig
zig
zls
# cpp
# clang-tools
# + cuda
# cudatoolkit
# ansible
# ansible-lint
ansible-language-server
# molecule
#lsp-bridge / python
# gcc
# gdb
# (python3.withPackages (ps: with ps; [ jupyter ipython pyqt5 epc orjson sexpdata six setuptools paramiko numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server ]))
# (python3.withPackages(ps: with ps; [ jupyter ipython pyqt5 numpy pandas scipy matplotlib requests debugpy flake8 gnureadline python-lsp-server]))
# --------------------------------------------
# (stdenv.mkDerivation { nixpkgs.config.permittedInsecurePackages = [
# name = "oama"; "jitsi-meet-1.0.8043"
"electron-29.4.6"
# src = pkgs.fetchurl { "SDL_ttf-2.0.11"
# name = "oama"; ];
# url = "https://github.com/pdobsan/oama/releases/download/0.13.1/oama-0.13.1-Linux-x86_64-static.tgz"; };
# sha256 = "sha256-OTdCObVfnMPhgZxVtZqehgUXtKT1iyqozdkPIV+i3Gc=";
# };
# phases = [
# "unpackPhase"
# ];
# unpackPhase = ''
# mkdir -p $out/bin
# tar xvf $src -C $out/
# mv $out/oama-0.13.1-Linux-x86_64-static/oama $out/bin/
# '';
# })
];
} }

24
modules/nixos/common/pipewire.nix
View file

@ -1,15 +1,19 @@
_: { { lib, config, ... }:
security.rtkit.enable = true; # this is required for pipewire real-time access {
options.swarselsystems.modules.pipewire = lib.mkEnableOption "pipewire config";
config = lib.mkIf config.swarselsystems.modules.pipewire {
security.rtkit.enable = true; # this is required for pipewire real-time access
services.pipewire = { services.pipewire = {
enable = true;
pulse.enable = true;
jack.enable = true;
audio.enable = true;
wireplumber.enable = true;
alsa = {
enable = true; enable = true;
support32Bit = true; pulse.enable = true;
jack.enable = true;
audio.enable = true;
wireplumber.enable = true;
alsa = {
enable = true;
support32Bit = true;
};
}; };
}; };
} }

32
modules/nixos/common/polkit.nix
View file

@ -1,20 +1,22 @@
_: { lib, config, ... }:
{ {
options.swarselsystems.modules.security = lib.mkEnableOption "security config";
config = lib.mkIf config.swarselsystems.modules.security {
security = { security = {
pam.services = { pam.services = {
login.u2fAuth = true; login.u2fAuth = true;
sudo.u2fAuth = true; sudo.u2fAuth = true;
swaylock.u2fAuth = true; swaylock.u2fAuth = true;
swaylock.fprintAuth = false; swaylock.fprintAuth = false;
};
polkit.enable = true;
sudo.extraConfig = ''
Defaults env_keep+=SSH_AUTH_SOCK
Defaults env_keep+=XDG_RUNTIME_DIR
Defaults env_keep+=WAYLAND_DISPLAY
'';
}; };
polkit.enable = true;
sudo.extraConfig = ''
Defaults env_keep+=SSH_AUTH_SOCK
Defaults env_keep+=XDG_RUNTIME_DIR
Defaults env_keep+=WAYLAND_DISPLAY
'';
}; };
} }

7
modules/nixos/common/power-profiles-daemon.nix
View file

@ -1,4 +1,7 @@
_: { lib, config, ... }:
{ {
services.power-profiles-daemon.enable = true; options.swarselsystems.modules.ppd = lib.mkEnableOption "power profiles daemon config";
config = lib.mkIf config.swarselsystems.modules.ppd {
services.power-profiles-daemon.enable = true;
};
} }

13
modules/nixos/common/programs.nix
View file

@ -1,8 +1,11 @@
_: { lib, config, ... }:
{ {
programs = { options.swarselsystems.modules.programs = lib.mkEnableOption "small program modules config";
dconf.enable = true; config = lib.mkIf config.swarselsystems.modules.programs {
evince.enable = true; programs = {
kdeconnect.enable = true; dconf.enable = true;
evince.enable = true;
kdeconnect.enable = true;
};
}; };
} }

9
modules/nixos/common/pulseaudio.nix
View file

@ -1,8 +1,11 @@
{ config, pkgs, lib, ... }: { { config, pkgs, lib, ... }: {
services.pulseaudio = { options.swarselsystems.modules.pulseaudio = lib.mkEnableOption "pulseaudio config";
enable = lib.mkIf (!config.services.pipewire.enable) true; config = lib.mkIf config.swarselsystems.modules.pulseaudio {
package = pkgs.pulseaudioFull; services.pulseaudio = {
enable = lib.mkIf (!config.services.pipewire.enable) true;
package = pkgs.pulseaudioFull;
};
}; };
} }

76
modules/nixos/common/settings.nix
View file

@ -1,45 +1,45 @@
{ lib, config, outputs, inputs, ... }: { lib, config, outputs, inputs, ... }:
{ {
options.swarselsystems.modules.general = lib.mkEnableOption "general nix settings";
nixpkgs = { config = lib.mkIf config.swarselsystems.modules.general {
overlays = [ outputs.overlays.default ]; nixpkgs = {
config = { overlays = [ outputs.overlays.default ];
allowUnfree = true; config = {
}; allowUnfree = true;
};
nix =
let
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
in
{
settings = {
experimental-features = [
"nix-command"
"flakes"
"ca-derivations"
"cgroups"
"pipe-operators"
];
trusted-users = [ "@wheel" "${config.swarselsystems.mainUser}" ];
connect-timeout = 5;
bash-prompt-prefix = "$SHLVL:\\w ";
bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"\"; else printf \"\"; fi)\[\e[1m\]λ\[\e[0m\] ";
fallback = true;
min-free = 128000000;
max-free = 1000000000;
flake-registry = "";
auto-optimise-store = true;
warn-dirty = false;
max-jobs = 1;
use-cgroups = lib.mkIf config.swarselsystems.isLinux true;
}; };
channel.enable = false;
registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
}; };
nix =
let
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
in
{
settings = {
experimental-features = [
"nix-command"
"flakes"
"ca-derivations"
"cgroups"
"pipe-operators"
];
trusted-users = [ "@wheel" "${config.swarselsystems.mainUser}" ];
connect-timeout = 5;
bash-prompt-prefix = "$SHLVL:\\w ";
bash-prompt = "$(if [[ $? -gt 0 ]]; then printf \"\"; else printf \"\"; fi)\[\e[1m\]λ\[\e[0m\] ";
fallback = true;
min-free = 128000000;
max-free = 1000000000;
flake-registry = "";
auto-optimise-store = true;
warn-dirty = false;
max-jobs = 1;
use-cgroups = lib.mkIf config.swarselsystems.isLinux true;
};
channel.enable = false;
registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
};
system.stateVersion = lib.mkDefault "23.05"; system.stateVersion = lib.mkDefault "23.05";
};
} }

81
modules/nixos/common/sops.nix
View file

@ -4,48 +4,51 @@ let
inherit (config.swarselsystems) mainUser homeDir; inherit (config.swarselsystems) mainUser homeDir;
in in
{ {
sops = lib.mkIf (!config.swarselsystems.isPublic) { options.swarselsystems.modules.commonSops = lib.mkEnableOption "sops config";
config = lib.mkIf config.swarselsystems.modules.commonSops {
sops = lib.mkIf (!config.swarselsystems.isPublic) {
age.sshKeyPaths = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${homeDir}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ]; age.sshKeyPaths = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs [ "/persist/.ssh/sops" "/persist/.ssh/ssh_host_ed25519_key" ] [ "${homeDir}/.ssh/sops" "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${homeDir}/.dotfiles/secrets/general/secrets.yaml"; defaultSopsFile = lib.swarselsystems.mkIfElseList config.swarselsystems.isBtrfs "/persist/.dotfiles/secrets/general/secrets.yaml" "${homeDir}/.dotfiles/secrets/general/secrets.yaml";
validateSopsFiles = false; validateSopsFiles = false;
secrets = { secrets = {
ernest = { }; ernest = { };
frauns = { }; frauns = { };
hotspot = { }; hotspot = { };
eduid = { }; eduid = { };
edupass = { }; edupass = { };
handyhotspot = { }; handyhotspot = { };
vpnuser = { }; vpnuser = { };
vpnpass = { }; vpnpass = { };
wireguardpriv = { }; wireguardpriv = { };
wireguardpub = { }; wireguardpub = { };
wireguardendpoint = { }; wireguardendpoint = { };
stashuser = { }; stashuser = { };
stashpass = { }; stashpass = { };
githubforgeuser = { }; githubforgeuser = { };
githubforgepass = { }; githubforgepass = { };
gitlabforgeuser = { }; gitlabforgeuser = { };
gitlabforgepass = { }; gitlabforgepass = { };
"sweden-aes-128-cbc-udp-dns-crl-verify.pem" = { sopsFile = certsSopsFile; owner = mainUser; }; "sweden-aes-128-cbc-udp-dns-crl-verify.pem" = { sopsFile = certsSopsFile; owner = mainUser; };
"sweden-aes-128-cbc-udp-dns-ca.pem" = { sopsFile = certsSopsFile; owner = mainUser; }; "sweden-aes-128-cbc-udp-dns-ca.pem" = { sopsFile = certsSopsFile; owner = mainUser; };
}; };
templates = { templates = {
"network-manager.env".content = '' "network-manager.env".content = ''
ERNEST=${config.sops.placeholder.ernest} ERNEST=${config.sops.placeholder.ernest}
FRAUNS=${config.sops.placeholder.frauns} FRAUNS=${config.sops.placeholder.frauns}
HOTSPOT=${config.sops.placeholder.hotspot} HOTSPOT=${config.sops.placeholder.hotspot}
EDUID=${config.sops.placeholder.eduid} EDUID=${config.sops.placeholder.eduid}
EDUPASS=${config.sops.placeholder.edupass} EDUPASS=${config.sops.placeholder.edupass}
HANDYHOTSPOT=${config.sops.placeholder.handyhotspot} HANDYHOTSPOT=${config.sops.placeholder.handyhotspot}
VPNUSER=${config.sops.placeholder.vpnuser} VPNUSER=${config.sops.placeholder.vpnuser}
VPNPASS=${config.sops.placeholder.vpnpass} VPNPASS=${config.sops.placeholder.vpnpass}
WIREGUARDPRIV=${config.sops.placeholder.wireguardpriv} WIREGUARDPRIV=${config.sops.placeholder.wireguardpriv}
WIREGUARDPUB=${config.sops.placeholder.wireguardpub} WIREGUARDPUB=${config.sops.placeholder.wireguardpub}
WIREGUARDENDPOINT=${config.sops.placeholder.wireguardendpoint} WIREGUARDENDPOINT=${config.sops.placeholder.wireguardendpoint}
''; '';
};
}; };
}; };
} }

11
modules/nixos/common/store.nix
View file

@ -1,7 +1,10 @@
_: { lib, config, ... }:
{ {
nix.optimise = { options.swarselsystems.modules.storeOptimize = lib.mkEnableOption "store optimization config";
automatic = true; config = lib.mkIf config.swarselsystems.modules.storeOptimize {
dates = [ "weekly" ]; nix.optimise = {
automatic = true;
dates = [ "weekly" ];
};
}; };
} }

21
modules/nixos/common/stylix.nix
View file

@ -1,14 +1,17 @@
{ lib, config, ... }: { lib, config, ... }:
{ {
stylix = lib.recursiveUpdate options.swarselsystems.modules.stylix = lib.mkEnableOption "stylix config";
{ config = lib.mkIf config.swarselsystems.modules.stylix {
targets.grub.enable = false; # the styling makes grub more ugly stylix = lib.recursiveUpdate
image = config.swarselsystems.wallpaper; {
} targets.grub.enable = false; # the styling makes grub more ugly
config.swarselsystems.stylix; image = config.swarselsystems.wallpaper;
home-manager.users."${config.swarselsystems.mainUser}" = { }
stylix = { config.swarselsystems.stylix;
targets = config.swarselsystems.stylixHomeTargets; home-manager.users."${config.swarselsystems.mainUser}" = {
stylix = {
targets = config.swarselsystems.stylixHomeTargets;
};
}; };
}; };
} }

37
modules/nixos/common/sway.nix
View file

@ -1,23 +1,24 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
options.swarselsystems.modules.sway = lib.mkEnableOption "sway config";
config = lib.mkIf config.swarselsystems.modules.sway {
programs.sway = {
enable = true;
package = pkgs.swayfx;
wrapperFeatures = {
base = true;
gtk = true;
};
programs.sway = { extraSessionCommands = ''
enable = true; export XDG_SESSION_DESKTOP=sway
package = pkgs.swayfx; export SDL_VIDEODRIVER=wayland
wrapperFeatures = { export QT_QPA_PLATFORM=wayland-egl
base = true; export QT_WAYLAND_DISABLE_WINDOWDECORATION=1
gtk = true; export QT_QPA_PLATFORM_PLUGIN_PATH="${pkgs.libsForQt5.qt5.qtbase.bin}/lib/qt-${pkgs.libsForQt5.qt5.qtbase.version}/plugins";
export MOZ_ENABLE_WAYLAND=1
export MOZ_DISABLE_RDD_SANDBOX=1
'';
}; };
extraSessionCommands = ''
export XDG_SESSION_DESKTOP=sway
export SDL_VIDEODRIVER=wayland
export QT_QPA_PLATFORM=wayland-egl
export QT_WAYLAND_DISABLE_WINDOWDECORATION=1
export QT_QPA_PLATFORM_PLUGIN_PATH="${pkgs.libsForQt5.qt5.qtbase.bin}/lib/qt-${pkgs.libsForQt5.qt5.qtbase.version}/plugins";
export MOZ_ENABLE_WAYLAND=1
export MOZ_DISABLE_RDD_SANDBOX=1
'';
}; };
} }

87
modules/nixos/common/syncthing.nix
View file

@ -3,49 +3,52 @@ let
inherit (config.swarselsystems) mainUser homeDir; inherit (config.swarselsystems) mainUser homeDir;
in in
{ {
services.syncthing = { options.swarselsystems.modules.syncthing = lib.mkEnableOption "syncthing config";
enable = true; config = lib.mkIf config.swarselsystems.modules.syncthing {
user = mainUser; services.syncthing = {
dataDir = homeDir; enable = true;
configDir = "${homeDir}/.config/syncthing"; user = mainUser;
openDefaultPorts = true; dataDir = homeDir;
settings = { configDir = "${homeDir}/.config/syncthing";
devices = { openDefaultPorts = true;
"magicant" = { settings = {
id = "VMWGEE2-4HDS2QO-KNQOVGN-LXLX6LA-666E4EK-ZBRYRRO-XFEX6FB-6E3XLQO"; devices = {
"magicant" = {
id = "VMWGEE2-4HDS2QO-KNQOVGN-LXLX6LA-666E4EK-ZBRYRRO-XFEX6FB-6E3XLQO";
};
"sync (@oracle)" = {
id = "ETW6TST-NPK7MKZ-M4LXMHA-QUPQHDT-VTSHH5X-CR5EIN2-YU7E55F-MGT7DQB";
};
"winters" = {
id = "O7RWDMD-AEAHPP7-7TAVLKZ-BSWNBTU-2VA44MS-EYGUNBB-SLHKB3C-ZSLMOAA";
};
}; };
"sync (@oracle)" = { folders = {
id = "ETW6TST-NPK7MKZ-M4LXMHA-QUPQHDT-VTSHH5X-CR5EIN2-YU7E55F-MGT7DQB"; "Default Folder" = lib.mkDefault {
}; path = "${homeDir}/Sync";
"winters" = { devices = [ "sync (@oracle)" "magicant" "winters" ];
id = "O7RWDMD-AEAHPP7-7TAVLKZ-BSWNBTU-2VA44MS-EYGUNBB-SLHKB3C-ZSLMOAA"; id = "default";
}; };
}; "Obsidian" = {
folders = { path = "${homeDir}/Nextcloud/Obsidian";
"Default Folder" = lib.mkDefault { devices = [ "sync (@oracle)" "magicant" "winters" ];
path = "${homeDir}/Sync"; id = "yjvni-9eaa7";
devices = [ "sync (@oracle)" "magicant" "winters" ]; };
id = "default"; "Org" = {
}; path = "${homeDir}/Nextcloud/Org";
"Obsidian" = { devices = [ "sync (@oracle)" "magicant" "winters" ];
path = "${homeDir}/Nextcloud/Obsidian"; id = "a7xnl-zjj3d";
devices = [ "sync (@oracle)" "magicant" "winters" ]; };
id = "yjvni-9eaa7"; "Vpn" = {
}; path = "${homeDir}/Vpn";
"Org" = { devices = [ "sync (@oracle)" "magicant" "winters" ];
path = "${homeDir}/Nextcloud/Org"; id = "hgp9s-fyq3p";
devices = [ "sync (@oracle)" "magicant" "winters" ]; };
id = "a7xnl-zjj3d"; ".elfeed" = {
}; path = "${homeDir}/.elfeed";
"Vpn" = { devices = [ "sync (@oracle)" "magicant" "winters" ];
path = "${homeDir}/Vpn"; id = "h7xbs-fs9v1";
devices = [ "sync (@oracle)" "magicant" "winters" ]; };
id = "hgp9s-fyq3p";
};
".elfeed" = {
path = "${homeDir}/.elfeed";
devices = [ "sync (@oracle)" "magicant" "winters" ];
id = "h7xbs-fs9v1";
}; };
}; };
}; };

15
modules/nixos/common/systemd.nix
View file

@ -1,8 +1,11 @@
_: { lib, config, ... }:
{ {
# systemd options.swarselsystems.modules.systemdTimeout = lib.mkEnableOption "systemd timeout config";
systemd.extraConfig = '' config = lib.mkIf config.swarselsystems.modules.systemdTimeout {
DefaultTimeoutStartSec=60s # systemd
DefaultTimeoutStopSec=15s systemd.extraConfig = ''
''; DefaultTimeoutStartSec=60s
DefaultTimeoutStopSec=15s
'';
};
} }

37
modules/nixos/common/time.nix
View file

@ -1,22 +1,25 @@
_: { lib, config, ... }:
{ {
time = { options.swarselsystems.modules.time = lib.mkEnableOption "time config";
timeZone = "Europe/Vienna"; config = lib.mkIf config.swarselsystems.modules.time {
# hardwareClockInLocalTime = true; time = {
}; timeZone = "Europe/Vienna";
# hardwareClockInLocalTime = true;
};
i18n = { i18n = {
defaultLocale = "en_US.UTF-8"; defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { extraLocaleSettings = {
LC_ADDRESS = "de_AT.UTF-8"; LC_ADDRESS = "de_AT.UTF-8";
LC_IDENTIFICATION = "de_AT.UTF-8"; LC_IDENTIFICATION = "de_AT.UTF-8";
LC_MEASUREMENT = "de_AT.UTF-8"; LC_MEASUREMENT = "de_AT.UTF-8";
LC_MONETARY = "de_AT.UTF-8"; LC_MONETARY = "de_AT.UTF-8";
LC_NAME = "de_AT.UTF-8"; LC_NAME = "de_AT.UTF-8";
LC_NUMERIC = "de_AT.UTF-8"; LC_NUMERIC = "de_AT.UTF-8";
LC_PAPER = "de_AT.UTF-8"; LC_PAPER = "de_AT.UTF-8";
LC_TELEPHONE = "de_AT.UTF-8"; LC_TELEPHONE = "de_AT.UTF-8";
LC_TIME = "de_AT.UTF-8"; LC_TIME = "de_AT.UTF-8";
};
}; };
}; };
} }

23
modules/nixos/common/users.nix
View file

@ -1,16 +1,19 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
{ {
sops.secrets.swarseluser = lib.mkIf (!config.swarselsystems.isPublic) { neededForUsers = true; }; options.swarselsystems.modules.users = lib.mkEnableOption "user config";
config = lib.mkIf config.swarselsystems.modules.users {
sops.secrets.swarseluser = lib.mkIf (!config.swarselsystems.isPublic) { neededForUsers = true; };
users = { users = {
mutableUsers = lib.mkIf (!config.swarselsystems.initialSetup) false; mutableUsers = lib.mkIf (!config.swarselsystems.initialSetup) false;
users."${config.swarselsystems.mainUser}" = { users."${config.swarselsystems.mainUser}" = {
isNormalUser = true; isNormalUser = true;
description = "Leon S"; description = "Leon S";
password = lib.mkIf config.swarselsystems.initialSetup "setup"; password = lib.mkIf config.swarselsystems.initialSetup "setup";
hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path; hashedPasswordFile = lib.mkIf (!config.swarselsystems.initialSetup) config.sops.secrets.swarseluser.path;
extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ]; extraGroups = [ "networkmanager" "syncthing" "docker" "wheel" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ]; packages = with pkgs; [ ];
};
}; };
}; };
} }

29
modules/nixos/common/xdg-portal.nix
View file

@ -1,19 +1,20 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
options.swarselsystems.modules.xdg-portal = lib.mkEnableOption "xdg portal config";
xdg.portal = { config = lib.mkIf config.swarselsystems.modules.xdg-portal {
enable = true; xdg.portal = {
config = { enable = true;
common = { config = {
default = "wlr"; common = {
default = "wlr";
};
};
wlr.enable = true;
wlr.settings.screencast = {
output_name = "eDP-1";
chooser_type = "simple";
chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or";
}; };
}; };
wlr.enable = true;
wlr.settings.screencast = {
output_name = "eDP-1";
chooser_type = "simple";
chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or";
};
}; };
} }

13
modules/nixos/common/xserver.nix
View file

@ -1,9 +1,12 @@
_: { lib, config, ... }:
{ {
services.xserver = { options.swarselsystems.modules.xserver = lib.mkEnableOption "xserver keymap";
xkb = { config = lib.mkIf config.swarselsystems.modules.packages {
layout = "us"; services.xserver = {
variant = "altgr-intl"; xkb = {
layout = "us";
variant = "altgr-intl";
};
}; };
}; };
} }

13
modules/nixos/common/zsh.nix
View file

@ -1,7 +1,10 @@
{ pkgs, ... }: { lib, config, pkgs, ... }:
{ {
programs.zsh.enable = true; options.swarselsystems.modules.zsh = lib.mkEnableOption "zsh base config";
users.defaultUserShell = pkgs.zsh; config = lib.mkIf config.swarselsystems.modules.zsh {
environment.shells = with pkgs; [ zsh ]; programs.zsh.enable = true;
environment.pathsToLink = [ "/share/zsh" ]; users.defaultUserShell = pkgs.zsh;
environment.shells = with pkgs; [ zsh ];
environment.pathsToLink = [ "/share/zsh" ];
};
} }

2
profiles/home/default.nix
View file

@ -2,4 +2,4 @@
let let
moduleNames = lib.swarselsystems.readNix "profiles/home"; moduleNames = lib.swarselsystems.readNix "profiles/home";
in in
lib.swarselsystems.mkModules moduleNames "home" lib.swarselsystems.mkProfiles moduleNames "home"

2
profiles/nixos/default.nix
View file

@ -2,4 +2,4 @@
let let
moduleNames = lib.swarselsystems.readNix "profiles/nixos"; moduleNames = lib.swarselsystems.readNix "profiles/nixos";
in in
lib.swarselsystems.mkModules moduleNames "nixos" lib.swarselsystems.mkProfiles moduleNames "nixos"

51
profiles/nixos/personal/default.nix Normal file
View file

@ -0,0 +1,51 @@
{ lib, config, ... }:
{
options.swarselsystems.profiles.personalz = lib.mkEnableOption "is this a personal host";
config = lib.mkIf config.swarselsystems.profiles.personalz {
config.swarselsystems.modules = {
packages = lib.mkDefault true;
general = lib.mkDefault true;
home-manager = lib.mkDefault true;
home-managerExtra = lib.mkDefault true;
xserver = lib.mkDefault true;
users = lib.mkDefault true;
env = lib.mkDefault true;
security = lib.mkDefault true;
gc = lib.mkDefault true;
storeOptimize = lib.mkDefault true;
systemdTimeout = lib.mkDefault true;
hardware = lib.mkDefault true;
pulseaudio = lib.mkDefault true;
pipewire = lib.mkDefault true;
network = lib.mkDefault true;
time = lib.mkDefault true;
commonSops = lib.mkDefault true;
stylix = lib.mkDefault true;
programs = lib.mkDefault true;
zsh = lib.mkDefault true;
syncthing = lib.mkDefault true;
blueman = lib.mkDefault true;
networkDevices = lib.mkDefault true;
gvfs = lib.mkDefault true;
interceptionTools = lib.mkDefault true;
ppd = lib.mkDefault true;
yubikey = lib.mkDefault true;
ledger = lib.mkDefault true;
keyboards = lib.mkDefault true;
login = lib.mkDefault true;
nix-ld = lib.mkDefault true;
impermanence = lib.mkDefault true;
nvd = lib.mkDefault true;
gnome-keyring = lib.mkDefault true;
sway = lib.mkDefault true;
xdg-portal = lib.mkDefault true;
distrobox = lib.mkDefault true;
appimage = lib.mkDefault true;
lid = lib.mkDefault true;
lowBattery = lib.mkDefault true;
lanzaboote = lib.mkDefault true;
};
};
}

18
programs/firefox/chrome/userChrome.css
View file

@ -8,6 +8,24 @@ See the above repository for updates as well as full license text. */
:root{ :root{
--uc-autohide-toolbox-delay: 0ms; /* Wait 0.1s before hiding toolbars */ --uc-autohide-toolbox-delay: 0ms; /* Wait 0.1s before hiding toolbars */
--uc-toolbox-rotation: 107deg; /* This may need to be lower on mac - like 75 or so */ --uc-toolbox-rotation: 107deg; /* This may need to be lower on mac - like 75 or so */
--base00: #1D252C;
--base01: #171D23;
--base02: #5EC4FF;
--base03: #566C7D;
--base04: #5EC4FF;
--base05: #A0B3C5;
--base06: #C06ECE;
--base07: #A0B3C5;
--base08: #D95468;
--base09: #FFA880;
--base0A: #5EC4FF;
--base0B: #8BD49C;
--base0C: #008B94;
--base0D: #5EC4FF;
--base0E: #C06ECE;
--base0F: #5EC4FF;
} }
:root[sizemode="maximized"]{ :root[sizemode="maximized"]{

1
programs/firefox/tridactyl/themes/.#base16-codeschool.css Symbolic link
View file

@ -0,0 +1 @@
swarsel@nbl-imba-2.3038:1743148454

4
programs/firefox/tridactyl/tridactylrc
View file

@ -15,6 +15,7 @@ set searchurls.hm https://home-manager-options.extranix.com/?query=
set completions.Tab.statusstylepretty true set completions.Tab.statusstylepretty true
set hintfiltermode vimperator-reflow set hintfiltermode vimperator-reflow
set hintnames numeric set hintnames numeric
unbind --mode=hint <Space>
" Binds " Binds
bind <C-m> buffer # bind <C-m> buffer #
@ -47,6 +48,7 @@ bind gwm tab_or_tabopen monitoring.vbc.ac.at/grafana
bind gwM tab_or_tabopen monitoring.vbc.ac.at/prometheus bind gwM tab_or_tabopen monitoring.vbc.ac.at/prometheus
bind gwn tab_or_tabopen netbox.vbc.ac.at bind gwn tab_or_tabopen netbox.vbc.ac.at
bind gwN tab_or_tabopen nap.imp.ac.at bind gwN tab_or_tabopen nap.imp.ac.at
bind gwo tab_or_tabopen outlook.office.com bind gwo tab_or_tabopen outlook.office.com
bind gws tab_or_tabopen satellite.vbc.ac.at bind gws tab_or_tabopen satellite.vbc.ac.at
bind gwt tab_or_tabopen tower.vbc.ac.at bind gwt tab_or_tabopen tower.vbc.ac.at
@ -102,7 +104,7 @@ set allowautofocus false
jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"]) jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"])
" default is 300ms " default is 300ms
set hintdelay 100 " set hintdelay 500
" Some pages like github break on the tridactyl quick search. have this as a fallback " Some pages like github break on the tridactyl quick search. have this as a fallback
unbind <C-f> unbind <C-f>

1
programs/stylix/.#swarsel.yaml Symbolic link
View file

@ -0,0 +1 @@
swarsel@nbl-imba-2.3038:1743148454