swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: swarsel:41240db5c99088cc879200b60c704a82a4e8482d
Branches Tags
swarsel:main
swarsel:feat/router
swarsel:feat/nixos-dns
swarsel:test-extra-modules
swarsel:feat/microvm-preparation
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1
..
compare: swarsel:4c06f0055554b889fe830b74652a801a7d2256ed
Branches Tags
swarsel:feat/router
swarsel:main
swarsel:feat/nixos-dns
swarsel:test-extra-modules
swarsel:feat/microvm-preparation
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1

7 commits
41240db5c9 ... 4c06f00555

Author SHA1 Message Date
Leon Schwarzäugl
4c06f00555
fix[client]: make emacs mail notifications work
Some checks are pending
Flake check / Check flake (push) Waiting to run
Details
2025-10-21 22:19:08 +02:00
Leon Schwarzäugl
da56b4ea64
fix[work]: reply using S/MIME when appropriate 2025-10-21 21:56:00 +02:00
Leon Schwarzäugl
f5ff5d5066
docs: outline manual setup steps (WIP) 2025-10-21 21:37:59 +02:00
Leon Schwarzäugl
8813fb5117
fix[client]: stop anki from halting shutdown 2025-10-21 21:37:42 +02:00
Leon Schwarzäugl
723ce403b2
feat[work]: use s/mime certificates for mail 2025-10-21 20:37:51 +02:00
Leon Schwarzäugl
d83ff89712
chore[client]: increase tridactyl hint delay 2025-10-21 20:20:18 +02:00
Leon Schwarzäugl
baf7580e99
chore[client]: enable obsidian omnisearch keybind 2025-10-21 20:19:57 +02:00
10 changed files with 1892 additions and 1563 deletions
Download patch file Download diff file Expand all files Collapse all files

137
SwarselSystems.org
View file

@ -297,6 +297,18 @@ Here I give a brief overview over the hostmachines that I am using. This is held
|🔗 **Link Shortener** | [Shlink](https://github.com/Swarsel/.dotfiles/tree/main/modules/nixos/server/shlink.nix) |
#+end_src
** Manual steps when setting up a new machine
#+begin_src markdown :noweb yes :exports both :results html
<<setup>>
If the new machine is a work machine, these steps are additionally needed:
<<worksetup>>
#+end_src
* flake.nix
:PROPERTIES:
:CUSTOM_ID: h:c7588c0d-2528-485d-b2df-04d6336428d7
@ -10580,6 +10592,14 @@ This holds configuration that is specific to framework laptops.
Options that I need specifically at work. There are more options at [[#h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6][Work]] (home-manager side).
When setting up a new machine:
#+begin_src markdown :noweb-ref worksetup :exports both :results html
- setup the work VPN:
- using the laptop certificate `.pem` as User cert and private key (CA cert: none)
- vpn gateway is found in `nixosConfig.repo.secrets.local.work.vpnGateway`
#+end_src
#+begin_src nix-ts :tangle modules/nixos/optional/work.nix
{ self, lib, pkgs, config, configName, ... }:
let
@ -11715,7 +11735,7 @@ Sets environment variables. Here I am only setting the EDITOR variable, most var
SWARSEL_CAL3 = source3;
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses;
SWARSEL_MAIL_ALL = lib.mkDefault allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
OPENROUTER_API_KEY = openrouterApi;
};
@ -13555,6 +13575,8 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
***** anki service for tray
Sets up a systemd user service for anki that does not stall the shutdown process. Note that the outcommented =ExecStart= does not work because the home-manager anki package builds a separate anki package that - I think - cannot be referenced as no such expression exists in the module.
#+begin_src nix-ts :tangle modules/home/common/anki-tray.nix
{ lib, config, ... }:
{
@ -13578,10 +13600,15 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
Service = {
# ExecStart = "${lib.getExe config.programs.anki.package}";
ExecStart = "/etc/profiles/per-user/swarsel/bin/anki";
Type = "simple";
ExecStart = "/etc/profiles/per-user/${config.swarselsystems.mainUser}/bin/anki";
Environment = [
"QT_QPA_PLATFORM=xcb"
];
TimeoutStopSec = "2s";
KillMode = "mixed";
KillSignal = "SIGTERM";
SendSIGKILL = "yes";
};
};
@ -14420,7 +14447,18 @@ Currently, I am too lazy to explain every option here, but most of it is very se
:CUSTOM_ID: h:7d384e3b-1be7-4644-b304-ada4af0b692b
:END:
Settinfs that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
Settings that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
When setting up a new machine:
#+begin_src markdown :noweb-ref setup :exports both :results html
- setup gpgsm for signing of mails using S/MIME:
- `gpgsm --import ~/Certificates/<certname>.p12`
- `gpgsm --import ~/Certificates/harica-root.pem`
- `gpgsm --import ~/Certificates/harica-intermediate.pem`
- `gpgsm --list-keys --with-validation "HARICA Client RSA Root CA 2021"`
- trust the certificate and set passphrase
#+end_src
#+begin_src nix-ts :tangle modules/home/common/gpg-agent.nix
{ self, lib, config, pkgs, ... }:
@ -14558,6 +14596,19 @@ This service changes the screen hue at night. I am not sure if that really does
vimMode = false;
newFileLocation = "current";
};
hotkeys = {
"graph:open" = [ ];
"omnisearch:show-modal" = [
{
modifiers = [
"Mod"
];
key = "S";
}
];
"editor:save-file" = [ ];
"editor:delete-paragraph" = [ ];
};
corePlugins = [
"backlink"
"bookmarks"
@ -15196,17 +15247,27 @@ The rest of the settings is at [[#h:fb3f3e01-7df4-4b06-9e91-aa9cac61a431][gaming
#+end_src
**** Work
**** Work (pizauth)
:PROPERTIES:
:CUSTOM_ID: h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6
:END:
The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]. Here, I am setting up the different firefox profiles that I need for the SSO sites that I need to access at work as well as a few ssh shorthands.
When setting up a new machine:
#+begin_src markdown :noweb-ref setup :exports both :results html
- setup pizauth for microsoft mail sync (account names are possibly `uni` and `work`):
- `pizauth auth <account name, e.g. 'work'>`
- `pizauth dump > ~/.pizauth.state`
#+end_src
#+begin_src nix-ts :tangle modules/home/optional/work.nix :noweb yes
{ self, config, pkgs, lib, vars, nixosConfig ? config, ... }:
let
inherit (config.swarselsystems) homeDir;
inherit (nixosConfig.repo.secrets.local.mail) allMailAddresses;
inherit (nixosConfig.repo.secrets.local.work) mailAddress;
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
@ -15227,14 +15288,16 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
vscode
];
systemd.user.sessionVariables = {
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
} // lib.optionalAttrs (!config.swarselsystems.isPublic) {
SWARSEL_MAIL_ALL = lib.mkForce allMailAddresses;
SWARSEL_MAIL_WORK = lib.mkForce mailAddress;
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
inherit (nixosConfig.repo.secrets.local.work) mailName;
in
{
primary = false;
@ -18991,6 +19054,10 @@ Used here: [[#h:b92a18cf-eec3-4605-a8c2-37133ade3574][mu4e]]
(when-let ((dest (swarsel/mu4e-rfs--matching-address)))
(cl-destructuring-bind (from-user from-addr) dest
(setq user-mail-address from-addr)
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))
(message-position-on-field "From")
(message-beginning-of-line)
(delete-region (point) (line-end-position))
@ -21769,7 +21836,11 @@ The hook functions are defined here: [[#h:34506761-06b9-43b5-a818-506d9b3faf28][
(setq mu4e-mu-binary (executable-find "mu"))
(setq mu4e-hide-index-messages t)
(setq mu4e-update-interval 180)
;; this is so that messages that target multiple addresses still are individually shown in the unreads
;; this is needed because otherwise after closing the view there will still be an unread message
(setq mu4e-search-skip-duplicates nil)
(setq mu4e-update-interval 60)
(setq mu4e-get-mail-command "mbsync -a")
(setq mu4e-maildir "~/Mail")
@ -21818,13 +21889,53 @@ This adds the simple utility of sending desktop notifications whenever a new mai
(use-package mu4e-alert
:config
(setq mu4e-alert-set-default-style 'libnotify))
(mu4e-alert-enable-notifications)
(mu4e-alert-set-default-style 'libnotify)
(setq mu4e-alert-interesting-mail-query
(concat "(maildir:/leon/Inbox AND date:today..now"
" OR maildir:/work/Inbox AND date:today..now)"
" AND flag:unread"))
(alert-add-rule
:category "mu4e-alert"
:predicate (lambda (_) (string-match-p "^mu4e-" (symbol-name major-mode)))
:continue t)
(add-hook 'after-init-hook #'mu4e-alert-enable-notifications)
)
(mu4e t)
#+end_src
**** Work: Signing Mails (S/MIME, smime)
Used to automatically sign messages sent from my work email address using S/MIME certificate.
#+begin_src emacs-lisp
(let ((work (getenv "SWARSEL_MAIL_WORK")))
(when (and work (not (string-empty-p work)))
(setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem")
(setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path))
(setq mml-secure-prefer-scheme 'smime)
(setq mml-secure-smime-sign-with-sender t)
(add-hook 'mu4e-compose-mode-hook
(lambda ()
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))))
(setq smime-keys
`((,(getenv "SWARSEL_MAIL_WORK")
,swarsel-smime-cert-path
("~/Certificates/harica-root.pem"
"~/Certificates/harica-intermediate.pem"
))))
))
#+end_src
*** Calendar
:PROPERTIES:
:CUSTOM_ID: h:c760f04e-622f-4b3e-8916-53ca8cce6edc
@ -22067,6 +22178,14 @@ This sets up the =dashboard=, which is really quite useless. But, it looks cool
:END:
This sections is no longer used really. An introduction can be found in [[#h:bcc3ebbe-df8a-46bd-b42d-73aad6fc66e5][Structure of this file]] under the historical note. The little noweb-ref blocks that I still use are found in [[#h:48e0cb2c-e412-4ae3-a244-80a8c09dbb02][Hosts]] and [[#h:3bb92528-c61c-4b8d-8214-bf2a40baaa32][Services]].
** General steps when setting up a new machine
These general steps are needed when setting up a new machine and do not fit into another block well:
#+begin_src markdown :noweb-ref setup :exports both :results html
- setup yubikey (automatic yubikey enrollment is not yet supported by `disko`):
- `systemd-cryptenroll --fido2-device=auto /dev/<device, e.g. 'nvme0n1p2'>`
#+end_src
* Appendix B: Supplementary Files
:PROPERTIES:
@ -22303,7 +22422,7 @@ set allowautofocus false
jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"])
" default is 300ms
set hintdelay 100
set hintdelay 500
" Some pages like github break on the tridactyl quick search. have this as a fallback
unbind <C-f>

45
files/emacs/init.el
View file

@ -30,6 +30,10 @@
(when-let ((dest (swarsel/mu4e-rfs--matching-address)))
(cl-destructuring-bind (from-user from-addr) dest
(setq user-mail-address from-addr)
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))
(message-position-on-field "From")
(message-beginning-of-line)
(delete-region (point) (line-end-position))
@ -1560,7 +1564,11 @@ create a new one."
(setq mu4e-mu-binary (executable-find "mu"))
(setq mu4e-hide-index-messages t)
(setq mu4e-update-interval 180)
;; this is so that messages that target multiple addresses still are individually shown in the unreads
;; this is needed because otherwise after closing the view there will still be an unread message
(setq mu4e-search-skip-duplicates nil)
(setq mu4e-update-interval 60)
(setq mu4e-get-mail-command "mbsync -a")
(setq mu4e-maildir "~/Mail")
@ -1599,12 +1607,45 @@ create a new one."
(use-package mu4e-alert
:config
(setq mu4e-alert-set-default-style 'libnotify))
(mu4e-alert-enable-notifications)
(mu4e-alert-set-default-style 'libnotify)
(setq mu4e-alert-interesting-mail-query
(concat "(maildir:/leon/Inbox AND date:today..now"
" OR maildir:/work/Inbox AND date:today..now)"
" AND flag:unread"))
(alert-add-rule
:category "mu4e-alert"
:predicate (lambda (_) (string-match-p "^mu4e-" (symbol-name major-mode)))
:continue t)
(add-hook 'after-init-hook #'mu4e-alert-enable-notifications)
)
(mu4e t)
(let ((work (getenv "SWARSEL_MAIL_WORK")))
(when (and work (not (string-empty-p work)))
(setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem")
(setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path))
(setq mml-secure-prefer-scheme 'smime)
(setq mml-secure-smime-sign-with-sender t)
(add-hook 'mu4e-compose-mode-hook
(lambda ()
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))))
(setq smime-keys
`((,(getenv "SWARSEL_MAIL_WORK")
,swarsel-smime-cert-path
("~/Certificates/harica-root.pem"
"~/Certificates/harica-intermediate.pem"
))))
))
(use-package org-caldav
:init
;; set org-caldav-sync-initalization

2
files/firefox/tridactyl/tridactylrc
View file

@ -124,7 +124,7 @@ set allowautofocus false
jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["<all_urls>"],types:["main_frame"]},["blocking","responseHeaders"])
" default is 300ms
set hintdelay 100
set hintdelay 500
" Some pages like github break on the tridactyl quick search. have this as a fallback
unbind <C-f>

6
hosts/nixos/pyramid/secrets/pii.nix.enc
View file

@ -1,5 +1,5 @@
{
"data": "ENC[AES256_GCM,data:TAwmpSF2fhM/gHIL2qUs4lvaLwzbg3UR2ges9x3uioLMYCn4o0fFnf+NbqM3CBERqrBTh6f4TpWTD1SJ9934ZhvwR09xhjc1wVM6JcE9yWfAifm8zwxK85SAn8c3Ap1WRsuDKT7RdoyDwh5IDkl2bgkznlFNVIrIMaUSjj1XITacNwFuIBKoPBJjX9jHjYg0PT07RSQ2VWh9xGLbp9/RKDu+csVaNSdPqRRPYwPbwpcML34ABWvlwDre1dCwJjhq/hdBdAL9/fasvHSdYOinDytH67d8jrEOPGZGKUTOERf2GUGsgqMYuPmkVSG+3JRhZvOZZEVuCexvyErVvHoxXzMCfv/DzaqB9KgKZmL1Wfak/KLCeXs4jfPUS0+dEi0sxNc+R77opPbVqTEBO64mgniWbtvk0N3GHrBJj1BDR/9v/gs72QMcatQnSuWMAZ1DnRfsHVBYxvuAdZ+vEKhQ61lkdh7bV7FKkG9xQwO/W0b2dfAdpfTe3n2tRhzznEwhGDyujfTTguOpQrd/0whuI8Ete0eTGNFj5zrUcBOHR+HE+CuQlathFUEMAjxx+/oy7gk6pm9olDBSl6ptzJjGDF/suV0NUT5mcm6zVSUxGMMCjuH3MlKI0VTcdm69WpgDYj07seFvBfRs/pAEj5mMVbEY9VE8BRNiM5fQumQzwr5BlAEyWgy6VZ74wt4F/Y/3iPHv3n516ZwmBYVJ7xxqYqo3+lpenVurYCy9v0rw0KndojcE852oil90GX6R6ZhMQmM0JbUl4n75oI6ug5zHyzHUluuTNIZ1rNZzPamt32EOIeXkSTs+jAfyjku0eENt8aX14BZBsCh7JG+f7YNyIs711wK7rzMw3JBvk1vXveOFPjK4vBimIG3uBkiAiQ4GFk01ISTbpMvdmLmdtPeZdjp29OiMqWlG4GLm/4XfmHMvsLpnkCTKEKn75RD4eOuvp1P1oaopkPt1oQqMVJtUmFjA4NZlyRSn+KkLTO0lAjsfl03HsTC6RnQcnBNlEMBD0I2VFhH4qIKHrmwgMy5LCeWWQ0/QYPgtfV/xbO2AlvRwX4I5VYjlAZ00TZ3147qXF2KAweINOEHGavegFabx9Bh3MwM8JP2l1BPlO7eE5iXkwmvIPT2yr+dzNyd3A/uV4tnX/h3z7eErpmv189EZY6iKq6011d1En8l3x3PJMrtU0qwCXbwG0RBERbh1rH++gfED0A2LFnVDUAmiVTWTv26ik3kG9YRQbAL1LC9Bfx0jhktRy8uQRu9COMJX6oobC64/FThV1phuPfsEm468r5sJ/8sTkVHYQPf57ePE4uP5axvNB9D0nZwRhlh5duSaaOY64Sg3PdxT6h39V6GR42q9lCTJ7MFxm8YLzaeh3cf0Tl2aoZC4T6WQCbcNZ4SzncUBwDmJvbBjHqHM63nHuvlK5XPAgyWCtAoLpvQAKWeDPupCxLNyHB6uDbzAS3sY/XVD5qDAJffZBxNqwJHdPiO3gDn8aBZe51AamOmdqxK2ujl1XlBSLFmFkRSwssGoQQrLfQp1o0O0pCSfRy0cSStCp8uwzSubGF2Z1ebYViBpl8HwFmAA+i31nWhplEsFivdBqSlO+R5slKCZcZRVQynFsvLe2Rrp2uXaQzs27GeKUKE5jl0Yzmia8V7EKacTxZhs0/uEkhTRiMIjLzGPjFDHCPQr5APYzXrzauJeVbf9w7pkDlXeyDfu3pG+Nk3ljL+blyCA/sPFMFpwEUm5WdoVAb5sE2d8WcCDmJG9jWRrRs32i3lrfEphORYku8qd+jdBiqqnOGqAySv01Ip+0zkhstXuze6WoH7k32DMHgxKEfPLHqqGKJxAVfCluKhybJlWnaZ2BMW2Ctz5yZHNyXnkqv9FONArLJPgnNpecaEPiZXDWLbOsBXuqjhuNvuB6llX5GOCoc36ynZGjoI/PgG2V7SU2DDQf5ibM7qQnLye/bKi8YiZKvzDcMzbkujM5+PZDhuXbilYjMybR5ct03QOHnv2xg7Tc2Uf0uCCc9GqaFGiKL/q7tTR2AqYJ0moypVVLRVhMBJolQtO1eUrUoZjtbM9gFRF8+BHbDbNP/zVO2Gk0hNIBl/VCG0eusqmSPk5dfesF2xhoTTdwTBjoxTGWzEezoBj+ufL1zK49n44+uLwTF1isS0PSsTlGHQmvZC4sDQCtr0bjzWag6CHAe3cYa6zizC0SHbrrkZhuxJId3yk0pVzpRMYZ5HRGMrTw0W9Y5oQt10GeCtmhM03H80J+Q7M8/TtqF2dWf249aNI93RGQLiVMUj06k5hLwHk2/BlFdeOgzzQxzrVx03Y+qWNUMPVVJViyQp42tCinAaLYw2eCbtrj4/Ze0v8u/gZYMdgq1KegyNEPIQqlM9MGbCcwIXgEWGl9hvIngmQ+ZuoiJtjGhvRHtqUzql4x2IsfxOxcUVwXxoM6yISZrOdmiLgpd/mp/NBPEomba6E5AjQFlzy/b5Vk0/HT6EgYdJNXBthVWqB+X0/4IzQ79o9Kwd1VjOAkBvXy/siWuSU03demYuKnZTsCBV7h2bWyge19rCYyUryN9WaB+fcnVHmFvU999SUudE+6QXZC/0ZIU1SV2K9K5Cqovw7zSCTM2w+0QZp+0LCbPDS/tDOKpd2z0uHg5UWy11gH/i4P9Lt7ygRAjRQ0gZ9K3N41Z2RfH9UTTUsnKMXR5+Z6ebZhi6IST6VlOa1ahJj7CRXOSBxNeK6vWtHfSmO56wJN7FcoItsehpcwDyMYVIYYEe53eZTuho3UKqd/q9QEBlgwFpiBmUy6CEX4jryiC6LDiUEFL63YIq2qNy4JLhSjG7JwaAzjCXdDv3Au3tiWV+sDXNV88MG0AEAM/zQ83bHMhv/xcyvp/TA2YOuYBfvlVYuxXASbFzl,iv:Fu+GmDArq6JSpODMPTJ7boKT/N33l57UbHqdTwpYuxA=,tag:gi/VuS3QTzeOiUsZBfm7BQ==,type:str]",
"data": "ENC[AES256_GCM,data:8y8t7e8XhVy3lc+JcPnFFzI7DTpr+JlXfOKZJu7uX7DczTYQHIZQTrMcFjyBbB8SWJLWLUG8Yd5JGXk377CBX73cxGF+r895lxP+puoKRRzDapkg6y2uN0E3Gr1wnQFB4I8YX7n8UWnj18s3mTIohQHmhoxkuIqu2zvgEGBpMiz3oZIL4zmb8diLXh4PyB1qAI5U5RFWPpkwRWjXteD5m8mqcZ8k4A4l00IMgz2n9MJDQPMjYNITR3XbOlI1qNMYBVb3xuVLXBOBN6x5W4539kGAiHcAi8pOUvBjAXphOEGQ7uLoorAniHx2PPyqReDr5tx47h4RtKJGeGoJ6ZdaFS2LwD10Dkiac330ELLGpSuHoNn7cfw6P8xSyYfreIXbzgavZAlJ1t3fNjEwVtgz63bXL1IX326fP1WcFqBUgAMd8I+VZsxo15j92zZS8gUbdu4KdSMag4dlOa9rgJCLpZGw4UIifHn6RqbH8s/HdisWV2YA3p1/Oowp39Hnr1ZeUecHQCpC2Y/nVLZid9wy4NcIPDbkeb33vMzJ/G5o4EVeYcrnM4J7+KS7aJ4c2bbkRixc1w0bTYeQHFgvM9VBHHEO30t68AGEzju29XeMVi7bzamJZeApPEacMVzzCXlRiAWtPru9JtBYz17VXliMBiEc5Ffo12PXPV7VK/BimKBppJAGNSJiWg/fXawRJNs/fJkLywEL88cf3RYP0Wdy01umjU9tW7Y0W1zc46auKy8KPpCcT0e6kBGmlG2WJje3dNYDFUutFTllV+N7VeDOuZi4oaGrwF1Rz8cAKPrZWMyLX3bMc4EkP7t7h0DoTyXvl3CcA9/wgeCQrLIPLnUTBDTF6jsyt32IjxfiMMBTtR5hLJeM5BzybuYHI2Jbbnt2Ko+tCWOUNdRR7rOYT7o+xzm7g3apcrKIKaufc5YUxdD9asc8uAx+9w7tkg7O/2Ak9qPVgE7HIu9m5O4qaEQn8I1P1GbwiHZeIrfiRzcf6+KgjsLU7i+gCCb3EtMZJUS1CFmlyA+akgsFaunZFYLjg6vUmhQgTKhWooNj3DkdWXWN4bOB/lUyzsCezAD+HfPYyy2pYETRtS/XlpBktSYhP2yLZSxEyjsKBH8roZ/LpNwJV3RuvM+CPstj/pxf23Ayi8LrU1t88Q+/mje1OsMCr67Ltbl+7HXNcpM8zwLUfmTt72YZd1CnoAvbqM3pfecLM1AZEeR+p+xq8tsl1tRE2V0y/SH9kew4UOYRY/eZHmiy8P8Eyjj6/PL+/9+CLU9KGeK/28hGz1u1Ao03FxcPL1AeAeA1mlCNAErT/Q4GUKdDNa5uTHpU86VrMoELtvVaVn3V4AS5I+kTfvI9WF8oaI20U2ysAMpJSiPJyC5AVteyehXAEdGY7bgltvity8arU8efxwmrjbZ29ZWwRezqf1kZLb7pySCfsoqYwCFFDx4s7hD4RF1N4X9GQA5JupUO/+UZTcVX4aud+yf6uTb9yRC5LGjXJj5S03DQ+Vj35nZMUn6xhbPPnEj0uS9yug685mQm/bwUVHIEyoBZfPZquSSh1oolKsKnAPS2+fS13dr2sNuHktq40sJTTglz97ZexoIbZ7Ftx3tzFtqFMhh11EBV4eb0MCu9zwaq5DMoLugXECSkUy6Nfc9XGdRU/x3iIha36jg0wj9MwKNpztNFJzzWSVd8XU5rILbr9yWs4xZKBZq6PFx3NEXCIsJ0kkfc1FUBlnsiYG52A/zcFQZmUAPDy58M4rzLnWjC+qk7jU01Yw6aOcFqqE5kg9+AvYmF8JQ16s17d4o49I/fmL0MYVbSgdXrJZF9ejrkBkIMfu7UgbBlQdJCSW8BFx6zFmg2Y22bh52q8+//PK1rgUKs9RAsAasl8WKrKo+xNgai+1M9eMxg+wsBIP+j4WutMHXPv3AMeqt+JwIPiydPwny49820Z24h49pXPVK0EXTqZl46b7bUvyZqAbDTTDmjb/gOJII/ho6/EeaEUSk/r1NVUehq5S/e/UJagTDI3csmBgEcMYdk5CfoJt0cDeqHgrAo8U8xpURT5BAbeCHwWpI7sE47LZwHStf9WbHyacCGsob+ELvfMvunaY2YmqnlVaYulf0mgmn5YmBI8ouQ2Zc4eklzso+NN6e9j7ODhxPxF/MWKjoi/kpF8eBiEKEbPk0drOS4PcOFEDvbA7fFrwiwUnTqG2+FVBTgyidxDYX70jX5asox5wBc4WAgPXU0WNNb5I2bbenUoGKbDrZ989FblN5I3xnP5kxFq25evPtEvA5R9mwBYtBnd3UBBnDzcsI6gA7o73VW7Y25gfX5ODTRbMjxGYBU+xnNK+B9IOeMGTmFjuqchrlyaSOQ9T2Wx4kNyVUwWRMw/eZPkP6LtEQLVM8iotO6BNcPVqx6dCU4nh19IbjbfyrO0I5ZqSV/PVCRx2Pomceu0EfMpVReFvlIi/UyKROzLuOy6AY1RlthR8gM39l6a6l+WZeukkn+SoAEXeyw4U83K2H9WR6hYcgX0SPGVYfI3C83I0EChET30kiX/rb/fFtb8xdQogA4+R/vR3mPBaGMiWh0WDZVDhNy5/DlwYPYp1zDxtVjQffEhqWS5FqRdw5BsQJQc9glptU5QCgY/ITYwGlaW4OYWokFQWinH0JF9bcCjjjZMT9C52N9ZuZ0muxTT2/UxyhKhX7Eojxq6sz0HJ+TISa5FpUKx/W7I+XqT25n3PtKfnkRDDba+RxDy3bCYo60aOPfR9aCG0VbGLWgc4TQHCmC209rSSIlsD2DhBzFC2lCxasXHIgNAymGfbpOjvqdId9ev1XN0EEd0al4HBUvvGsq9FUeshAWMeWDKu1t0aDKJ6/c4bphThjoAqxtQaGPUFOhNw94PedCBgiRqXN02WZcrnqp/spj+uIfch1F/X5A3jTUev8vq/s7lge7h3CNWXNpBFrW5trdzE8N2Kw3AahsJfZCo/Qd9e6WHIDRgbZFEbKwkTIyeEW8rMv5Ls0Aq+kFvs76muJVnr+Pb7e/GabhgT3pPhYNLQWjPRQYkF2KDKrGUlrc2BkJqRLF3fhI7vQPFphWPl0Lj5idYglIn5v2P2HR9n3Z1+9oyIpmFsqjqILCdoMCDleQOb4DCzXnR5QE4LKg/jjJqqGyO4mAbpwdvN9Q4j1FOUsJNOgMNBUUdEr7n65ktKnJX5wX9cymosRUozgoteb2dblFJjY/pf8toH5kU+YIYmbQR0caw8tdpBl0ETcsaQpF3LbCsSfmN8tZyxS4R/0W782i08IsaN9uXEevlsyFgMg7I2q739fHqJ7kFeosXpKdUpOnmuoLu1A7,iv:9SAQXPwrhy5yjkNxn1lITD77MjqdrYOSlFpUBE8a/fY=,tag:tYApnwq2auUk+/N9alPX3w==,type:str]",
"sops": {
"age": [
{
@ -11,8 +11,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-10-11T08:44:45Z",
"mac": "ENC[AES256_GCM,data:pNbRA83NQcfWwTjgowEaFlfZVbZntWb1alGKdaX3IqjBlZEmYfJGKaxkbiL1uoMFNmrc5HtQUQLz0QVUpQ87ggH/HEUtdVcHnT65hxWjX3NWg3G2C9cbPqe3SiLv+UWPUsN70gu/xAJUuaiM9tsQoHkpNdefT3t382/uxF+Cb3M=,iv:1njSCqZFoCX46IhiowRqUteG8VJ5EEHDxricjMd4l58=,tag:9WBBXfUUW+7wmXy3zksMKQ==,type:str]",
"lastmodified": "2025-10-21T19:32:24Z",
"mac": "ENC[AES256_GCM,data:wM862FQH/qX/abuD+krJOazli9Ci5GrpLtdcnzFgKCeNdjA2cfZ8M3DyzsBwMXjp6HxBHLyO7QXGcQkx3kIKGnRhEBuQzVOtrZhqcDi2Ho8iBV8Dh4xkhcpBYufw7xP8hGWg6ZVZ4JyM3P4NfAdxbfWTdc1VMStAafJ2SZ3pAYI=,iv:tDAKNe8LV40hRCqKzN6j6B71IV81SnrBgerxGPzU4Zk=,tag:7ZsST8pl9TjMog0dNKcUcA==,type:str]",
"pgp": [
{
"created_at": "2025-06-14T22:31:01Z",

313
index.html
View file

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2025-10-21 Di 13:09 -->
<!-- 2025-10-21 Di 21:55 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>SwarselSystems: NixOS + Emacs Configurationo</title>
@ -209,6 +209,7 @@
<li><a href="#h:48e0cb2c-e412-4ae3-a244-80a8c09dbb02">1.4. Hosts</a></li>
<li><a href="#h:3bb92528-c61c-4b8d-8214-bf2a40baaa32">1.5. Programs</a></li>
<li><a href="#h:191e82b6-6ae5-4ec8-ae6d-dc683ce325d9">1.6. Services</a></li>
<li><a href="#org36875c7">1.7. Manual steps when setting up a new machine</a></li>
</ul>
</li>
<li><a href="#h:c7588c0d-2528-485d-b2df-04d6336428d7">2. flake.nix</a>
@ -443,8 +444,8 @@
<li><a href="#h:15b581ab-09fe-4f84-af26-2f1fbf7d726b">3.2.5.8. Hibernation</a></li>
<li><a href="#h:86fb3236-9e18-43f0-8a08-3a2acd61cc98">3.2.5.9. BTRFS</a></li>
<li><a href="#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf">3.2.5.10. work</a></li>
<li><a href="#orgcb2fcb7">3.2.5.11. microvm-host</a></li>
<li><a href="#orgcf7e090">3.2.5.12. microvm-guest</a></li>
<li><a href="#org23c703f">3.2.5.11. microvm-host</a></li>
<li><a href="#orgcfb6a06">3.2.5.12. microvm-guest</a></li>
</ul>
</li>
</ul>
@ -472,7 +473,7 @@
<li><a href="#h:4486b02f-4fb8-432b-bfa2-2e786206341d">3.3.1.12. Sourcing environment variables</a></li>
<li><a href="#h:f0e0b580-2e1c-4ca6-a983-f05d3ebbbcde">3.3.1.13. General Programs: bottom, imv, less, lesspipe, sioyek, bat, carapace, wlogout, swayr, yt-dlp, mpv, jq, nix-index, ripgrep, pandoc, fzf, zoxide, timidity</a></li>
<li><a href="#h:64dbbb9e-8097-4c1b-813c-8c10cf9b9748">3.3.1.14. nix-index</a></li>
<li><a href="#org0bc7fbc">3.3.1.15. nix-your-shell</a></li>
<li><a href="#orgf81635c">3.3.1.15. nix-your-shell</a></li>
<li><a href="#h:ac0e5e62-0dbf-4782-9a96-9e558eae86ae">3.3.1.16. password-store</a></li>
<li><a href="#h:1ab84307-b3fb-4c32-9def-4b89a53a8547">3.3.1.17. direnv</a></li>
<li><a href="#h:1bd6b0c7-f201-43e2-9624-6c50de00a1f6">3.3.1.18. eza</a></li>
@ -495,12 +496,12 @@
<li><a href="#h:99d05729-df35-4958-9940-3319d6a41359">3.3.1.31.3. Mako</a></li>
<li><a href="#h:388e71be-f00a-4d45-ade1-218ce942057d">3.3.1.31.4. SwayOSD</a></li>
<li><a href="#h:1598c90b-f195-41a0-9132-94612edf3586">3.3.1.31.5. yubikey-touch-detector</a></li>
<li><a href="#org2568de8">3.3.1.31.6. blueman-applet</a></li>
<li><a href="#org84c1201">3.3.1.31.7. network-manager-applet</a></li>
<li><a href="#org43f6e21">3.3.1.31.8. obsidian service for tray</a></li>
<li><a href="#orgaa41ee3">3.3.1.31.9. anki service for tray</a></li>
<li><a href="#orgcb4f253">3.3.1.31.10. element service for tray</a></li>
<li><a href="#orgb766ab8">3.3.1.31.11. vesktop service for tray</a></li>
<li><a href="#org0c2d462">3.3.1.31.6. blueman-applet</a></li>
<li><a href="#org65c057e">3.3.1.31.7. network-manager-applet</a></li>
<li><a href="#org194e70e">3.3.1.31.8. obsidian service for tray</a></li>
<li><a href="#org080d87e">3.3.1.31.9. anki service for tray</a></li>
<li><a href="#org89d97b2">3.3.1.31.10. element service for tray</a></li>
<li><a href="#orgbf0d5d2">3.3.1.31.11. vesktop service for tray</a></li>
</ul>
</li>
<li><a href="#h:02df9dfc-d1af-4a37-a7a0-d8da0af96a20">3.3.1.32. Sway</a></li>
@ -509,17 +510,17 @@
<li><a href="#h:7d384e3b-1be7-4644-b304-ada4af0b692b">3.3.1.35. gpg-agent</a></li>
<li><a href="#h:74e236be-a977-4d38-b8c5-0b9feef8af91">3.3.1.36. gammastep</a></li>
<li><a href="#h:d1fb3075-ad52-4c1b-ba45-5ddbd0d3b708">3.3.1.37. Spicetify</a></li>
<li><a href="#org3f19616">3.3.1.38. Obsidian</a></li>
<li><a href="#orgd0e6499">3.3.1.39. Anki</a></li>
<li><a href="#orgb6ac1d9">3.3.1.40. Element-desktop</a></li>
<li><a href="#org68fbf73">3.3.1.41. Hexchat</a></li>
<li><a href="#orgea285a9">3.3.1.42. obs-studio</a></li>
<li><a href="#orgd003fee">3.3.1.43. spotify-player</a></li>
<li><a href="#org8616bfa">3.3.1.44. vesktop</a></li>
<li><a href="#orgab3d85e">3.3.1.45. batsignal</a></li>
<li><a href="#orgde9dc92">3.3.1.46. autotiling</a></li>
<li><a href="#orge7185ca">3.3.1.47. swayidle</a></li>
<li><a href="#org4e801e4">3.3.1.48. swaylock</a></li>
<li><a href="#org0fd890d">3.3.1.38. Obsidian</a></li>
<li><a href="#org3633af4">3.3.1.39. Anki</a></li>
<li><a href="#orge6e7054">3.3.1.40. Element-desktop</a></li>
<li><a href="#org5b44f01">3.3.1.41. Hexchat</a></li>
<li><a href="#org1a7342e">3.3.1.42. obs-studio</a></li>
<li><a href="#org17f157b">3.3.1.43. spotify-player</a></li>
<li><a href="#orgcc87d9f">3.3.1.44. vesktop</a></li>
<li><a href="#org4ee72a0">3.3.1.45. batsignal</a></li>
<li><a href="#org0e92abf">3.3.1.46. autotiling</a></li>
<li><a href="#orgaa61d53">3.3.1.47. swayidle</a></li>
<li><a href="#org6d6098e">3.3.1.48. swaylock</a></li>
</ul>
</li>
<li><a href="#h:b1a00339-6e9b-4ae4-b5dc-6fd5669a2ddb">3.3.2. Server</a>
@ -536,7 +537,7 @@
<li><a href="#h:be623200-557e-4bb7-bb11-1ec5d76c6b8b">3.3.4. Optional</a>
<ul>
<li><a href="#h:84fd7029-ecb6-4131-9333-289982f24ffa">3.3.4.1. Gaming</a></li>
<li><a href="#h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6">3.3.4.2. Work</a></li>
<li><a href="#h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6">3.3.4.2. Work (pizauth)</a></li>
<li><a href="#h:52b41e73-46f3-4c2c-af64-eafb51e3b6b6">3.3.4.3. Uni</a></li>
<li><a href="#h:8a7b1c26-3448-42d3-932a-5d05d54b5490">3.3.4.4. Framework</a></li>
</ul>
@ -584,8 +585,8 @@
<li><a href="#h:c3362d4e-d3a8-43e8-9ef7-272b6de0572e">3.5.31. swarsel-build</a></li>
<li><a href="#h:95ebfd13-1f6b-427f-950d-e30c1ed6f9fa">3.5.32. swarsel-instantiate</a></li>
<li><a href="#h:02842543-caca-4d4c-a4d2-7ac749b5c136">3.5.33. sshrm</a></li>
<li><a href="#org6a36b50">3.5.34. endme</a></li>
<li><a href="#orgb3faf9e">3.5.35. git-replace</a></li>
<li><a href="#orgd874e4c">3.5.34. endme</a></li>
<li><a href="#org0eb85f0">3.5.35. git-replace</a></li>
</ul>
</li>
<li><a href="#h:f0f1c961-3e7a-47b8-99ab-1654bb45dffc">3.6. Profiles</a>
@ -594,7 +595,7 @@
<ul>
<li><a href="#h:32d654de-8db2-403a-9a27-4c46d7b9172d">3.6.1.1. Personal</a></li>
<li><a href="#h:b926f0c8-7968-4079-924c-a5d0ae4d3a45">3.6.1.2. Minimal</a></li>
<li><a href="#orgefd2161">3.6.1.3. Optionals</a></li>
<li><a href="#orgc7b0115">3.6.1.3. Optionals</a></li>
<li><a href="#h:b79fbb59-9cf2-48eb-b469-2589223dda95">3.6.1.4. Chaostheatre</a></li>
<li><a href="#h:cb3631a8-9c1b-42f2-ab01-502c7b4c273d">3.6.1.5. Work</a></li>
<li><a href="#h:87a83b10-3c2f-407c-89aa-922ad77748a4">3.6.1.6. Uni</a></li>
@ -775,6 +776,7 @@
<ul>
<li><a href="#h:b92a18cf-eec3-4605-a8c2-37133ade3574">4.4.39.1. mu4e</a></li>
<li><a href="#h:43209eeb-5d46-472e-b7c2-58a3fb465199">4.4.39.2. mu4e-alert</a></li>
<li><a href="#org86f5cec">4.4.39.3. Work: Signing Mails (S/MIME, smime)</a></li>
</ul>
</li>
<li><a href="#h:c760f04e-622f-4b3e-8916-53ca8cce6edc">4.4.40. Calendar</a></li>
@ -787,7 +789,11 @@
</li>
</ul>
</li>
<li><a href="#h:dae0c5bb-edb7-4fe4-ae31-9f8f064cc53c">5. Appendix A: Noweb-Ref blocks</a></li>
<li><a href="#h:dae0c5bb-edb7-4fe4-ae31-9f8f064cc53c">5. Appendix A: Noweb-Ref blocks</a>
<ul>
<li><a href="#orga485a52">5.1. General steps when setting up a new machine</a></li>
</ul>
</li>
<li><a href="#h:8fc9f66a-7412-4091-8dee-a06f897baf67">6. Appendix B: Supplementary Files</a>
<ul>
<li><a href="#h:c1e53aed-fb47-4aff-930c-dc52f3c5dcb8">6.1. Server Emacs config</a></li>
@ -837,7 +843,7 @@
</div>
</div>
<p>
<b>This file has 96128 words spanning 24842 lines and was last revised on 2025-10-21 13:09:36 +0200.</b>
<b>This file has 96633 words spanning 24946 lines and was last revised on 2025-10-21 21:55:49 +0200.</b>
</p>
<p>
@ -906,7 +912,7 @@ This section defines my Emacs configuration. For a while, I considered to use ry
</p>
<p>
My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2025-10-21 13:09:36 +0200)
My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2025-10-21 21:55:49 +0200)
</p></li>
</ul>
@ -1205,6 +1211,33 @@ Here I give a brief overview over the hostmachines that I am using. This is held
|✂️ **Paste Tool** | [Microbin](https://github.com/Swarsel/.dotfiles/tree/main/modules/nixos/server/microbin.nix) |
|📸 **Image Sharing** | [Slink](https://github.com/Swarsel/.dotfiles/tree/main/modules/nixos/server/slink.nix) |
|🔗 **Link Shortener** | [Shlink](https://github.com/Swarsel/.dotfiles/tree/main/modules/nixos/server/shlink.nix) |
</pre>
</div>
</div>
</div>
<div id="outline-container-org36875c7" class="outline-3">
<h3 id="org36875c7"><span class="section-number-3">1.7.</span> Manual steps when setting up a new machine</h3>
<div class="outline-text-3" id="text-1-7">
<div class="org-src-container">
<pre class="src src-markdown">
- setup gpgsm for signing of mails using S/MIME:
- `gpgsm --import ~/Certificates/&lt;certname&gt;.p12`
- `gpgsm --import ~/Certificates/harica-root.pem`
- `gpgsm --import ~/Certificates/harica-intermediate.pem`
- `gpgsm --list-keys --with-validation "HARICA Client RSA Root CA 2021"`
- trust the certificate and set passphrase
- setup pizauth for microsoft mail sync (account names are possibly `uni` and `work`):
- `pizauth auth &lt;account name, e.g. 'work'&gt;`
- `pizauth dump &gt; ~/.pizauth.state`
- setup yubikey (automatic yubikey enrollment is not yet supported by `disko`):
- `systemd-cryptenroll --fido2-device=auto /dev/&lt;device, e.g. 'nvme0n1p2'&gt;`
If the new machine is a work machine, these steps are additionally needed:
- setup the work VPN:
- using the laptop certificate `.pem` as User cert and private key (CA cert: none)
- vpn gateway is found in `nixosConfig.repo.secrets.local.work.vpnGateway`
</pre>
</div>
</div>
@ -11895,6 +11928,17 @@ This holds configuration that is specific to framework laptops.
Options that I need specifically at work. There are more options at <a href="#h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6">Work</a> (home-manager side).
</p>
<p>
When setting up a new machine:
</p>
<div class="org-src-container">
<pre class="src src-markdown">- setup the work VPN:
- using the laptop certificate `.pem` as User cert and private key (CA cert: none)
- vpn gateway is found in `nixosConfig.repo.secrets.local.work.vpnGateway`
</pre>
</div>
<div class="org-src-container">
<pre class="src src-nix-ts">{ self, lib, pkgs, config, configName, ... }:
let
@ -12134,8 +12178,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgcb2fcb7" class="outline-5">
<h5 id="orgcb2fcb7"><span class="section-number-5">3.2.5.11.</span> microvm-host</h5>
<div id="outline-container-org23c703f" class="outline-5">
<h5 id="org23c703f"><span class="section-number-5">3.2.5.11.</span> microvm-host</h5>
<div class="outline-text-5" id="text-3-2-5-11">
<p>
Some standard options that should be set for every microvm host.
@ -12161,8 +12205,8 @@ Some standard options that should be set for every microvm host.
</div>
</div>
</div>
<div id="outline-container-orgcf7e090" class="outline-5">
<h5 id="orgcf7e090"><span class="section-number-5">3.2.5.12.</span> microvm-guest</h5>
<div id="outline-container-orgcfb6a06" class="outline-5">
<h5 id="orgcfb6a06"><span class="section-number-5">3.2.5.12.</span> microvm-guest</h5>
<div class="outline-text-5" id="text-3-2-5-12">
<p>
Some standard options that should be set vor every microvm guest. We set the default
@ -13089,7 +13133,7 @@ in
SWARSEL_CAL3 = source3;
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses;
SWARSEL_MAIL_ALL = lib.mkDefault allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
OPENROUTER_API_KEY = openrouterApi;
};
@ -13232,8 +13276,8 @@ nix-index provides a way to find out which packages are provided by which deriva
</div>
</div>
</div>
<div id="outline-container-org0bc7fbc" class="outline-5">
<h5 id="org0bc7fbc"><span class="section-number-5">3.3.1.15.</span> nix-your-shell</h5>
<div id="outline-container-orgf81635c" class="outline-5">
<h5 id="orgf81635c"><span class="section-number-5">3.3.1.15.</span> nix-your-shell</h5>
<div class="outline-text-5" id="text-3-3-1-15">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -14946,8 +14990,8 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
</div>
</div>
</div>
<div id="outline-container-org2568de8" class="outline-6">
<h6 id="org2568de8"><span class="section-number-6">3.3.1.31.6.</span> blueman-applet</h6>
<div id="outline-container-org0c2d462" class="outline-6">
<h6 id="org0c2d462"><span class="section-number-6">3.3.1.31.6.</span> blueman-applet</h6>
<div class="outline-text-6" id="text-3-3-1-31-6">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -14961,8 +15005,8 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
</div>
</div>
</div>
<div id="outline-container-org84c1201" class="outline-6">
<h6 id="org84c1201"><span class="section-number-6">3.3.1.31.7.</span> network-manager-applet</h6>
<div id="outline-container-org65c057e" class="outline-6">
<h6 id="org65c057e"><span class="section-number-6">3.3.1.31.7.</span> network-manager-applet</h6>
<div class="outline-text-6" id="text-3-3-1-31-7">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -14977,8 +15021,8 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
</div>
</div>
</div>
<div id="outline-container-org43f6e21" class="outline-6">
<h6 id="org43f6e21"><span class="section-number-6">3.3.1.31.8.</span> obsidian service for tray</h6>
<div id="outline-container-org194e70e" class="outline-6">
<h6 id="org194e70e"><span class="section-number-6">3.3.1.31.8.</span> obsidian service for tray</h6>
<div class="outline-text-6" id="text-3-3-1-31-8">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -15012,9 +15056,13 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
</div>
</div>
</div>
<div id="outline-container-orgaa41ee3" class="outline-6">
<h6 id="orgaa41ee3"><span class="section-number-6">3.3.1.31.9.</span> anki service for tray</h6>
<div id="outline-container-org080d87e" class="outline-6">
<h6 id="org080d87e"><span class="section-number-6">3.3.1.31.9.</span> anki service for tray</h6>
<div class="outline-text-6" id="text-3-3-1-31-9">
<p>
Sets up a systemd user service for anki that does not stall the shutdown process. Note that the outcommented <code>ExecStart</code> does not work because the home-manager anki package builds a separate anki package that - I think - cannot be referenced as no such expression exists in the module.
</p>
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
{
@ -15038,10 +15086,15 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
Service = {
# ExecStart = "${lib.getExe config.programs.anki.package}";
ExecStart = "/etc/profiles/per-user/swarsel/bin/anki";
Type = "simple";
ExecStart = "/etc/profiles/per-user/${config.swarselsystems.mainUser}/bin/anki";
Environment = [
"QT_QPA_PLATFORM=xcb"
];
TimeoutStopSec = "2s";
KillMode = "mixed";
KillSignal = "SIGTERM";
SendSIGKILL = "yes";
};
};
@ -15051,8 +15104,8 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
</div>
</div>
</div>
<div id="outline-container-orgcb4f253" class="outline-6">
<h6 id="orgcb4f253"><span class="section-number-6">3.3.1.31.10.</span> element service for tray</h6>
<div id="outline-container-org89d97b2" class="outline-6">
<h6 id="org89d97b2"><span class="section-number-6">3.3.1.31.10.</span> element service for tray</h6>
<div class="outline-text-6" id="text-3-3-1-31-10">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, pkgs, ... }:
@ -15086,8 +15139,8 @@ The `extraConfig` section here CANNOT be reindented. This has something to do wi
</div>
</div>
</div>
<div id="outline-container-orgb766ab8" class="outline-6">
<h6 id="orgb766ab8"><span class="section-number-6">3.3.1.31.11.</span> vesktop service for tray</h6>
<div id="outline-container-orgbf0d5d2" class="outline-6">
<h6 id="orgbf0d5d2"><span class="section-number-6">3.3.1.31.11.</span> vesktop service for tray</h6>
<div class="outline-text-6" id="text-3-3-1-31-11">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, pkgs, ... }:
@ -15891,9 +15944,23 @@ Currently, I am too lazy to explain every option here, but most of it is very se
<h5 id="h:7d384e3b-1be7-4644-b304-ada4af0b692b"><span class="section-number-5">3.3.1.35.</span> gpg-agent</h5>
<div class="outline-text-5" id="text-h:7d384e3b-1be7-4644-b304-ada4af0b692b">
<p>
Settinfs that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
Settings that are needed for the gpg-agent. Also we are enabling emacs support for unlocking my Yubikey here.
</p>
<p>
When setting up a new machine:
</p>
<div class="org-src-container">
<pre class="src src-markdown">- setup gpgsm for signing of mails using S/MIME:
- `gpgsm --import ~/Certificates/&lt;certname&gt;.p12`
- `gpgsm --import ~/Certificates/harica-root.pem`
- `gpgsm --import ~/Certificates/harica-intermediate.pem`
- `gpgsm --list-keys --with-validation "HARICA Client RSA Root CA 2021"`
- trust the certificate and set passphrase
</pre>
</div>
<div class="org-src-container">
<pre class="src src-nix-ts">{ self, lib, config, pkgs, ... }:
let
@ -16001,8 +16068,8 @@ in
</div>
</div>
</div>
<div id="outline-container-org3f19616" class="outline-5">
<h5 id="org3f19616"><span class="section-number-5">3.3.1.38.</span> Obsidian</h5>
<div id="outline-container-org0fd890d" class="outline-5">
<h5 id="org0fd890d"><span class="section-number-5">3.3.1.38.</span> Obsidian</h5>
<div class="outline-text-5" id="text-3-3-1-38">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, pkgs, nixosConfig ? config, ... }:
@ -16034,6 +16101,19 @@ in
vimMode = false;
newFileLocation = "current";
};
hotkeys = {
"graph:open" = [ ];
"omnisearch:show-modal" = [
{
modifiers = [
"Mod"
];
key = "S";
}
];
"editor:save-file" = [ ];
"editor:delete-paragraph" = [ ];
};
corePlugins = [
"backlink"
"bookmarks"
@ -16146,8 +16226,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgd0e6499" class="outline-5">
<h5 id="orgd0e6499"><span class="section-number-5">3.3.1.39.</span> Anki</h5>
<div id="outline-container-org3633af4" class="outline-5">
<h5 id="org3633af4"><span class="section-number-5">3.3.1.39.</span> Anki</h5>
<div class="outline-text-5" id="text-3-3-1-39">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, pkgs, globals, nixosConfig ? config, ... }:
@ -16219,8 +16299,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgb6ac1d9" class="outline-5">
<h5 id="orgb6ac1d9"><span class="section-number-5">3.3.1.40.</span> Element-desktop</h5>
<div id="outline-container-orge6e7054" class="outline-5">
<h5 id="orge6e7054"><span class="section-number-5">3.3.1.40.</span> Element-desktop</h5>
<div class="outline-text-5" id="text-3-3-1-40">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -16256,8 +16336,8 @@ in
</div>
</div>
</div>
<div id="outline-container-org68fbf73" class="outline-5">
<h5 id="org68fbf73"><span class="section-number-5">3.3.1.41.</span> Hexchat</h5>
<div id="outline-container-org5b44f01" class="outline-5">
<h5 id="org5b44f01"><span class="section-number-5">3.3.1.41.</span> Hexchat</h5>
<div class="outline-text-5" id="text-3-3-1-41">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, nixosConfig ? config, ... }:
@ -16281,8 +16361,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgea285a9" class="outline-5">
<h5 id="orgea285a9"><span class="section-number-5">3.3.1.42.</span> obs-studio</h5>
<div id="outline-container-org1a7342e" class="outline-5">
<h5 id="org1a7342e"><span class="section-number-5">3.3.1.42.</span> obs-studio</h5>
<div class="outline-text-5" id="text-3-3-1-42">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -16302,8 +16382,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgd003fee" class="outline-5">
<h5 id="orgd003fee"><span class="section-number-5">3.3.1.43.</span> spotify-player</h5>
<div id="outline-container-org17f157b" class="outline-5">
<h5 id="org17f157b"><span class="section-number-5">3.3.1.43.</span> spotify-player</h5>
<div class="outline-text-5" id="text-3-3-1-43">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -16323,8 +16403,8 @@ in
</div>
</div>
</div>
<div id="outline-container-org8616bfa" class="outline-5">
<h5 id="org8616bfa"><span class="section-number-5">3.3.1.44.</span> vesktop</h5>
<div id="outline-container-orgcc87d9f" class="outline-5">
<h5 id="orgcc87d9f"><span class="section-number-5">3.3.1.44.</span> vesktop</h5>
<div class="outline-text-5" id="text-3-3-1-44">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -16410,8 +16490,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgab3d85e" class="outline-5">
<h5 id="orgab3d85e"><span class="section-number-5">3.3.1.45.</span> batsignal</h5>
<div id="outline-container-org4ee72a0" class="outline-5">
<h5 id="org4ee72a0"><span class="section-number-5">3.3.1.45.</span> batsignal</h5>
<div class="outline-text-5" id="text-3-3-1-45">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -16443,8 +16523,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgde9dc92" class="outline-5">
<h5 id="orgde9dc92"><span class="section-number-5">3.3.1.46.</span> autotiling</h5>
<div id="outline-container-org0e92abf" class="outline-5">
<h5 id="org0e92abf"><span class="section-number-5">3.3.1.46.</span> autotiling</h5>
<div class="outline-text-5" id="text-3-3-1-46">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -16465,8 +16545,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orge7185ca" class="outline-5">
<h5 id="orge7185ca"><span class="section-number-5">3.3.1.47.</span> swayidle</h5>
<div id="outline-container-orgaa61d53" class="outline-5">
<h5 id="orgaa61d53"><span class="section-number-5">3.3.1.47.</span> swayidle</h5>
<div class="outline-text-5" id="text-3-3-1-47">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, pkgs, ... }:
@ -16507,8 +16587,8 @@ in
</div>
</div>
</div>
<div id="outline-container-org4e801e4" class="outline-5">
<h5 id="org4e801e4"><span class="section-number-5">3.3.1.48.</span> swaylock</h5>
<div id="outline-container-org6d6098e" class="outline-5">
<h5 id="org6d6098e"><span class="section-number-5">3.3.1.48.</span> swaylock</h5>
<div class="outline-text-5" id="text-3-3-1-48">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, pkgs, ... }:
@ -16714,16 +16794,29 @@ in
</div>
</div>
<div id="outline-container-h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6" class="outline-5">
<h5 id="h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6"><span class="section-number-5">3.3.4.2.</span> Work</h5>
<h5 id="h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6"><span class="section-number-5">3.3.4.2.</span> Work (pizauth)</h5>
<div class="outline-text-5" id="text-h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6">
<p>
The rest of the settings is at <a href="#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf">work</a>. Here, I am setting up the different firefox profiles that I need for the SSO sites that I need to access at work as well as a few ssh shorthands.
</p>
<p>
When setting up a new machine:
</p>
<div class="org-src-container">
<pre class="src src-markdown">- setup pizauth for microsoft mail sync (account names are possibly `uni` and `work`):
- `pizauth auth &lt;account name, e.g. 'work'&gt;`
- `pizauth dump &gt; ~/.pizauth.state`
</pre>
</div>
<div class="org-src-container">
<pre class="src src-nix-ts">{ self, config, pkgs, lib, vars, nixosConfig ? config, ... }:
let
inherit (config.swarselsystems) homeDir;
inherit (nixosConfig.repo.secrets.local.mail) allMailAddresses;
inherit (nixosConfig.repo.secrets.local.work) mailAddress;
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
@ -16744,14 +16837,16 @@ The rest of the settings is at <a href="#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf"
vscode
];
systemd.user.sessionVariables = {
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
} // lib.optionalAttrs (!config.swarselsystems.isPublic) {
SWARSEL_MAIL_ALL = lib.mkForce allMailAddresses;
SWARSEL_MAIL_WORK = lib.mkForce mailAddress;
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
inherit (nixosConfig.repo.secrets.local.work) mailName;
in
{
primary = false;
@ -19713,8 +19808,8 @@ writeShellApplication {
</div>
</div>
</div>
<div id="outline-container-org6a36b50" class="outline-4">
<h4 id="org6a36b50"><span class="section-number-4">3.5.34.</span> endme</h4>
<div id="outline-container-orgd874e4c" class="outline-4">
<h4 id="orgd874e4c"><span class="section-number-4">3.5.34.</span> endme</h4>
<div class="outline-text-4" id="text-3-5-34">
<p>
Sometimes my DE crashes after putting it to suspend - to be precise, it happens when I put it into suspend when I have multiple screens plugged in. I have never taken the time to debug the issue, but instead just switch to a different TTY and then use this script to kill the hanging session.
@ -19735,8 +19830,8 @@ writeShellApplication {
</div>
</div>
</div>
<div id="outline-container-orgb3faf9e" class="outline-4">
<h4 id="orgb3faf9e"><span class="section-number-4">3.5.35.</span> git-replace</h4>
<div id="outline-container-org0eb85f0" class="outline-4">
<h4 id="org0eb85f0"><span class="section-number-4">3.5.35.</span> git-replace</h4>
<div class="outline-text-4" id="text-3-5-35">
<p>
This script allows for quick git replace of a string.
@ -19898,8 +19993,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgefd2161" class="outline-5">
<h5 id="orgefd2161"><span class="section-number-5">3.6.1.3.</span> Optionals</h5>
<div id="outline-container-orgc7b0115" class="outline-5">
<h5 id="orgc7b0115"><span class="section-number-5">3.6.1.3.</span> Optionals</h5>
<div class="outline-text-5" id="text-3-6-1-3">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, ... }:
@ -20642,6 +20737,10 @@ Used here: <a href="#h:b92a18cf-eec3-4605-a8c2-37133ade3574">mu4e</a>
(when-let ((dest (swarsel/mu4e-rfs--matching-address)))
(cl-destructuring-bind (from-user from-addr) dest
(setq user-mail-address from-addr)
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))
(message-position-on-field "From")
(message-beginning-of-line)
(delete-region (point) (line-end-position))
@ -23751,7 +23850,7 @@ The hook functions are defined here: <a href="#h:34506761-06b9-43b5-a818-506d9b3
(setq mu4e-mu-binary (executable-find "mu"))
(setq mu4e-hide-index-messages t)
(setq mu4e-update-interval 180)
(setq mu4e-update-interval 60)
(setq mu4e-get-mail-command "mbsync -a")
(setq mu4e-maildir "~/Mail")
@ -23807,6 +23906,40 @@ This adds the simple utility of sending desktop notifications whenever a new mai
(add-hook 'after-init-hook #'mu4e-alert-enable-notifications)
(mu4e t)
</pre>
</div>
</div>
</div>
<div id="outline-container-org86f5cec" class="outline-5">
<h5 id="org86f5cec"><span class="section-number-5">4.4.39.3.</span> Work: Signing Mails (S/MIME, smime)</h5>
<div class="outline-text-5" id="text-4-4-39-3">
<p>
Used to automatically sign messages sent from my work email address using S/MIME certificate.
</p>
<div class="org-src-container">
<pre class="src src-emacs-lisp">(let ((work (getenv "SWARSEL_MAIL_WORK")))
(when (and work (not (string-empty-p work)))
(setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem")
(setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path))
(setq mml-secure-prefer-scheme 'smime)
(setq mml-secure-smime-sign-with-sender t)
(add-hook 'mu4e-compose-mode-hook
(lambda ()
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))))
(setq smime-keys
`((,(getenv "SWARSEL_MAIL_WORK")
,swarsel-smime-cert-path
("~/Certificates/harica-root.pem"
"~/Certificates/harica-intermediate.pem"
))))
))
</pre>
</div>
</div>
@ -24062,6 +24195,20 @@ Also see `prot-window-delete-popup-frame'." command)
This sections is no longer used really. An introduction can be found in <a href="#h:bcc3ebbe-df8a-46bd-b42d-73aad6fc66e5">Structure of this file</a> under the historical note. The little noweb-ref blocks that I still use are found in <a href="#h:48e0cb2c-e412-4ae3-a244-80a8c09dbb02">Hosts</a> and <a href="#h:3bb92528-c61c-4b8d-8214-bf2a40baaa32">Services</a>.
</p>
</div>
<div id="outline-container-orga485a52" class="outline-3">
<h3 id="orga485a52"><span class="section-number-3">5.1.</span> General steps when setting up a new machine</h3>
<div class="outline-text-3" id="text-5-1">
<p>
These general steps are needed when setting up a new machine and do not fit into another block well:
</p>
<div class="org-src-container">
<pre class="src src-markdown">- setup yubikey (automatic yubikey enrollment is not yet supported by `disko`):
- `systemd-cryptenroll --fido2-device=auto /dev/&lt;device, e.g. 'nvme0n1p2'&gt;`
</pre>
</div>
</div>
</div>
</div>
<div id="outline-container-h:8fc9f66a-7412-4091-8dee-a06f897baf67" class="outline-2">
<h2 id="h:8fc9f66a-7412-4091-8dee-a06f897baf67"><span class="section-number-2">6.</span> Appendix B: Supplementary Files</h2>
@ -24303,7 +24450,7 @@ set allowautofocus false
jsb browser.webRequest.onHeadersReceived.addListener(tri.request.clobberCSP,{urls:["&lt;all_urls&gt;"],types:["main_frame"]},["blocking","responseHeaders"])
" default is 300ms
set hintdelay 100
set hintdelay 500
" Some pages like github break on the tridactyl quick search. have this as a fallback
unbind &lt;C-f&gt;
@ -26993,7 +27140,7 @@ similarly, there exists an version that starts from the right.
</div>
<div id="postamble" class="status">
<p class="author">Author: Leon Schwarzäugl</p>
<p class="date">Created: 2025-10-21 Di 13:09</p>
<p class="date">Created: 2025-10-21 Di 21:55</p>
<p class="validation"><a href="https://validator.w3.org/check?uri=referer">Validate</a></p>
</div>
</body>

7
modules/home/common/anki-tray.nix
View file

@ -20,10 +20,15 @@
Service = {
# ExecStart = "${lib.getExe config.programs.anki.package}";
ExecStart = "/etc/profiles/per-user/swarsel/bin/anki";
Type = "simple";
ExecStart = "/etc/profiles/per-user/${config.swarselsystems.mainUser}/bin/anki";
Environment = [
"QT_QPA_PLATFORM=xcb"
];
TimeoutStopSec = "2s";
KillMode = "mixed";
KillSignal = "SIGTERM";
SendSIGKILL = "yes";
};
};

2
modules/home/common/env.nix
View file

@ -28,7 +28,7 @@ in
SWARSEL_CAL3 = source3;
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses;
SWARSEL_MAIL_ALL = lib.mkDefault allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
OPENROUTER_API_KEY = openrouterApi;
};

13
modules/home/common/obsidian.nix
View file

@ -27,6 +27,19 @@ in
vimMode = false;
newFileLocation = "current";
};
hotkeys = {
"graph:open" = [ ];
"omnisearch:show-modal" = [
{
modifiers = [
"Mod"
];
key = "S";
}
];
"editor:save-file" = [ ];
"editor:delete-paragraph" = [ ];
};
corePlugins = [
"backlink"
"bookmarks"

8
modules/home/optional/work.nix
View file

@ -1,6 +1,8 @@
{ self, config, pkgs, lib, vars, nixosConfig ? config, ... }:
let
inherit (config.swarselsystems) homeDir;
inherit (nixosConfig.repo.secrets.local.mail) allMailAddresses;
inherit (nixosConfig.repo.secrets.local.work) mailAddress;
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
@ -21,14 +23,16 @@ in
vscode
];
systemd.user.sessionVariables = {
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
} // lib.optionalAttrs (!config.swarselsystems.isPublic) {
SWARSEL_MAIL_ALL = lib.mkForce allMailAddresses;
SWARSEL_MAIL_WORK = lib.mkForce mailAddress;
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
inherit (nixosConfig.repo.secrets.local.work) mailName;
in
{
primary = false;

6
secrets/repo/pii.nix.enc
View file

File diff suppressed because one or more lines are too long