swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2026-04-16 14:19:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: swarsel:83e10e2d51c80025485e7c618c38eb9a8c5e828e
Branches Tags
swarsel:main
swarsel:migrate/den-dev
swarsel:dev
swarsel:topology-oci
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1
..
compare: swarsel:b1b2fc68a340b615bb7cab5c2c6349c40aec26c2
Branches Tags
swarsel:migrate/den-dev
swarsel:main
swarsel:dev
swarsel:topology-oci
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1

No commits in common. "83e10e2d51c80025485e7c618c38eb9a8c5e828e" and "b1b2fc68a340b615bb7cab5c2c6349c40aec26c2" have entirely different histories.
83e10e2d51 ... b1b2fc68a3

57 changed files with 4320 additions and 4276 deletions
Download patch file Download diff file Expand all files Collapse all files

1211
SwarselSystems.org
View file

File diff suppressed because it is too large Load diff

23
files/emacs/early-init.el
View file

@ -2,22 +2,22 @@
(defvar swarsel-file-name-handler-alist file-name-handler-alist) (defvar swarsel-file-name-handler-alist file-name-handler-alist)
(defvar swarsel-vc-handled-backends vc-handled-backends) (defvar swarsel-vc-handled-backends vc-handled-backends)
(defun swarsel/restore-startup-settings ()
"Restore startup-tuned variables to their regular runtime values."
(setq gc-cons-threshold (* 32 1024 1024)
gc-cons-percentage 0.1
jit-lock-defer-time 0.05
read-process-output-max (* 1024 1024)
file-name-handler-alist swarsel-file-name-handler-alist
vc-handled-backends swarsel-vc-handled-backends)
(fset 'epg-wait-for-status #'ignore))
(setq gc-cons-threshold most-positive-fixnum (setq gc-cons-threshold most-positive-fixnum
gc-cons-percentage 0.6 gc-cons-percentage 0.6
file-name-handler-alist nil file-name-handler-alist nil
vc-handled-backends nil) vc-handled-backends nil)
(add-hook 'emacs-startup-hook #'swarsel/restore-startup-settings) (add-hook 'emacs-startup-hook
(lambda ()
(progn
(setq gc-cons-threshold (* 32 1024 1024)
gc-cons-percentage 0.1
jit-lock-defer-time 0.05
read-process-output-max (* 1024 1024)
file-name-handler-alist swarsel-file-name-handler-alist
vc-handled-backends swarsel-vc-handled-backends)
(fset 'epg-wait-for-status 'ignore)
)))
(tool-bar-mode 0) (tool-bar-mode 0)
(menu-bar-mode 0) (menu-bar-mode 0)
@ -46,7 +46,6 @@
'(undecorated . t) ; no title bar, borders etc. '(undecorated . t) ; no title bar, borders etc.
'(background-color . "#1D252C") ; load doom-citylight colors to avoid white flash '(background-color . "#1D252C") ; load doom-citylight colors to avoid white flash
'(foreground-color . "#A0B3C5") ; load doom-citylight colors to avoid white flash '(foreground-color . "#A0B3C5") ; load doom-citylight colors to avoid white flash
'(font . "FiraCode Nerd Font")
'(vertical-scroll-bars . nil) '(vertical-scroll-bars . nil)
'(horizontal-scroll-bars . nil) '(horizontal-scroll-bars . nil)
'(internal-border-width . 5) '(internal-border-width . 5)

498
files/emacs/init.el
View file

@ -213,27 +213,7 @@ create a new one."
(swarsel/run-formatting) (swarsel/run-formatting)
))) )))
(defun swarsel/org-babel-tangle-single-block-advice (orig-fun &rest args) (setq org-html-htmlize-output-type nil)
"Run ORIG-FUN with redisplay and messages temporarily inhibited."
(let ((inhibit-redisplay t)
(inhibit-message t))
(apply orig-fun args)))
(defun swarsel/org-babel-tangle-timing-advice (orig-fun &rest args)
"Run ORIG-FUN and report elapsed tangle time."
(let ((tim (current-time)))
(prog1 (apply orig-fun args)
(message "org-tangle took %f sec" (float-time (time-subtract (current-time) tim))))))
(defun swarsel/markdown-mode-keys ()
"Local markdown key customizations."
(local-set-key (kbd "C-c C-x C-l") #'org-latex-preview)
(local-set-key (kbd "C-c C-x C-u") #'markdown-toggle-url-hiding))
(defun swarsel/eglot-ensure-and-format ()
"Ensure eglot is running and enable format-on-save for current buffer."
(eglot-ensure)
(add-hook 'before-save-hook #'eglot-format nil 'local))
;; (add-hook 'org-mode-hook (lambda () (add-hook 'after-save-hook #'swarsel/org-babel-tangle-config))) ;; (add-hook 'org-mode-hook (lambda () (add-hook 'after-save-hook #'swarsel/org-babel-tangle-config)))
@ -400,7 +380,7 @@ create a new one."
"wm" '(delete-other-windows :wk "maximize") "wm" '(delete-other-windows :wk "maximize")
"<right>" 'up-list "<right>" 'up-list
"<left>" 'down-list "<left>" 'down-list
) ))
;; General often used hotkeys ;; General often used hotkeys
(general-define-key (general-define-key
@ -420,7 +400,7 @@ create a new one."
"C->" 'mc/mark-next-like-this "C->" 'mc/mark-next-like-this
"C-<" 'mc/mark-previous-like-this "C-<" 'mc/mark-previous-like-this
"C-c C-<" 'mc/mark-all-like-this "C-c C-<" 'mc/mark-all-like-this
)) )
;; set Nextcloud directory for journals etc. ;; set Nextcloud directory for journals etc.
(setq (setq
@ -438,10 +418,9 @@ create a new one."
url-history-file (expand-file-name "url/history" user-emacs-directory)) url-history-file (expand-file-name "url/history" user-emacs-directory))
;; Use no-littering to automatically set common paths to the new user-emacs-directory ;; Use no-littering to automatically set common paths to the new user-emacs-directory
(use-package no-littering (use-package no-littering)
:config
(setq custom-file (make-temp-file "emacs-custom-")) (setq custom-file (make-temp-file "emacs-custom-"))
(load custom-file t)) (load custom-file t)
(let ((backup-dir "~/tmp/emacs/backups") (let ((backup-dir "~/tmp/emacs/backups")
(auto-saves-dir "~/tmp/emacs/auto-saves/")) (auto-saves-dir "~/tmp/emacs/auto-saves/"))
@ -458,20 +437,22 @@ create a new one."
delete-old-versions t ; Clean up the backups delete-old-versions t ; Clean up the backups
version-control t ; Use version numbers on backups, version-control t ; Use version numbers on backups,
kept-new-versions 5 ; keep some new versions kept-new-versions 5 ; keep some new versions
kept-old-versions 2 ; and some old ones, too kept-old-versions 2) ; and some old ones, too
backup-by-copying-when-linked t)
;; use UTF-8 everywhere ;; use UTF-8 everywhere
(set-language-environment "UTF-8") (set-language-environment "UTF-8")
;; (profiler-start 'cpu) ;; (profiler-start 'cpu)
;; set default font size ;; set default font size
(defvar swarsel/default-font-size 130)
(setq swarsel-standard-font "FiraCode Nerd Font Mono"
swarsel-alt-font "FiraCode Nerd Font Mono")
;; (defalias 'yes-or-no-p 'y-or-n-p) ;; (defalias 'yes-or-no-p 'y-or-n-p)
;;(setq-default show-trailing-whitespace t) ;;(setq-default show-trailing-whitespace t)
(add-hook 'before-save-hook 'delete-trailing-whitespace) (add-hook 'before-save-hook 'delete-trailing-whitespace)
(global-hl-line-mode 1) (global-hl-line-mode 1)
;; (setq redisplay-dont-pause t) ;; obsolete ;; (setq redisplay-dont-pause t) ;; obsolete
(blink-cursor-mode -1) ;; blink-cursor is an unexpected source of slowdown (setq blink-cursor-mode nil) ;; blink-cursor is an unexpected source of slowdown
(global-subword-mode 1) ; Iterate through CamelCase words (global-subword-mode 1) ; Iterate through CamelCase words
(setq blink-matching-paren nil) ;; this makes the cursor jump around annoyingly (setq blink-matching-paren nil) ;; this makes the cursor jump around annoyingly
(delete-selection-mode 1) (delete-selection-mode 1)
@ -483,6 +464,7 @@ create a new one."
bidi-display-reordering 'left-to-right bidi-display-reordering 'left-to-right
bidi-inhibit-bpa t) bidi-inhibit-bpa t)
(global-so-long-mode) (global-so-long-mode)
(setq process-adaptive-read-buffering nil) ;; not sure if this is a good idea
(setq fast-but-imprecise-scrolling t (setq fast-but-imprecise-scrolling t
redisplay-skip-fontification-on-input t redisplay-skip-fontification-on-input t
inhibit-compacting-font-caches t) inhibit-compacting-font-caches t)
@ -490,7 +472,9 @@ create a new one."
which-func-update-delay 1.0) which-func-update-delay 1.0)
(setq undo-limit 80000000 (setq undo-limit 80000000
evil-want-fine-undo t evil-want-fine-undo t
auto-save-default t) auto-save-default t
password-cache-expiry nil
)
(setq browse-url-browser-function 'browse-url-firefox) (setq browse-url-browser-function 'browse-url-firefox)
;; (setenv "DISPLAY" ":0") ;; needed for firefox ;; (setenv "DISPLAY" ":0") ;; needed for firefox
;; disable a keybind that does more harm than good ;; disable a keybind that does more harm than good
@ -535,18 +519,16 @@ create a new one."
tab-width 2) tab-width 2)
(setq tab-always-indent 'complete) (setq tab-always-indent 'complete)
(setq python-indent-guess-indent-offset-verbose nil)
(use-package python
:ensure nil
:custom
(python-indent-guess-indent-offset-verbose nil))
(use-package highlight-indent-guides (use-package highlight-indent-guides
:hook (prog-mode . highlight-indent-guides-mode) :hook (prog-mode . highlight-indent-guides-mode)
:custom :init
(highlight-indent-guides-method 'column) (setq highlight-indent-guides-method 'column)
(highlight-indent-guides-responsive nil) (setq highlight-indent-guides-responsive 'top)
:config )
(with-eval-after-load 'highlight-indent-guides
(set-face-attribute 'highlight-indent-guides-even-face nil :background "gray10") (set-face-attribute 'highlight-indent-guides-even-face nil :background "gray10")
(set-face-attribute 'highlight-indent-guides-odd-face nil :background "gray20") (set-face-attribute 'highlight-indent-guides-odd-face nil :background "gray20")
(set-face-attribute 'highlight-indent-guides-stack-even-face nil :background "gray40") (set-face-attribute 'highlight-indent-guides-stack-even-face nil :background "gray40")
@ -616,7 +598,8 @@ create a new one."
(use-package evil-collection (use-package evil-collection
:after evil :after evil
:config :config
(evil-collection-init)) (evil-collection-init)
(setq forge-add-default-bindings nil))
;; enables 2-char inline search ;; enables 2-char inline search
(use-package evil-snipe (use-package evil-snipe
@ -636,28 +619,34 @@ create a new one."
(global-evil-surround-mode 1)) (global-evil-surround-mode 1))
(use-package evil-visual-mark-mode (use-package evil-visual-mark-mode
:commands evil-visual-mark-mode) :config (evil-visual-mark-mode))
(use-package evil-textobj-tree-sitter (use-package evil-textobj-tree-sitter)
:config
;; bind `function.outer`(entire function block) to `f` for use in things like `vaf`, `yaf` ;; bind `function.outer`(entire function block) to `f` for use in things like `vaf`, `yaf`
(define-key evil-outer-text-objects-map "f" (evil-textobj-tree-sitter-get-textobj "function.outer")) (define-key evil-outer-text-objects-map "f" (evil-textobj-tree-sitter-get-textobj "function.outer"))
;; bind `function.inner`(function block without name and args) to `f` for use in things like `vif`, `yif` ;; bind `function.inner`(function block without name and args) to `f` for use in things like `vif`, `yif`
(define-key evil-inner-text-objects-map "f" (evil-textobj-tree-sitter-get-textobj "function.inner")) (define-key evil-inner-text-objects-map "f" (evil-textobj-tree-sitter-get-textobj "function.inner"))
;; You can also bind multiple items and we will match the first one we can find ;; You can also bind multiple items and we will match the first one we can find
(define-key evil-outer-text-objects-map "a" (evil-textobj-tree-sitter-get-textobj ("if_statement.outer" "conditional.outer" "loop.outer") '((python-mode . ((if_statement.outer) @if_statement.outer)) (python-ts-mode . ((if_statement.outer) @if_statement.outer)))))) (define-key evil-outer-text-objects-map "a" (evil-textobj-tree-sitter-get-textobj ("if_statement.outer" "conditional.outer" "loop.outer") '((python-mode . ((if_statement.outer) @if_statement.outer)) (python-ts-mode . ((if_statement.outer) @if_statement.outer)))))
(use-package evil-numbers) (use-package evil-numbers)
;; set the NixOS wordlist by hand ;; set the NixOS wordlist by hand
(setq ispell-alternate-dictionary (getenv "WORDLIST")) (setq ispell-alternate-dictionary (getenv "WORDLIST"))
(setq swarsel/fixed-font "FiraCode Nerd Font" (dolist (face '(default fixed-pitch))
swarsel/variable-font "Iosevka Aile") (set-face-attribute face nil
:font "FiraCode Nerd Font Mono"))
(add-to-list 'default-frame-alist '(font . "FiraCode Nerd Font Mono"))
(set-face-attribute 'default nil :font swarsel/fixed-font :height 100) (set-face-attribute 'default nil :height 100)
(set-face-attribute 'fixed-pitch nil :font swarsel/fixed-font :height 130) (set-face-attribute 'fixed-pitch nil :height 1.0)
(set-face-attribute 'variable-pitch nil :font swarsel/variable-font :weight 'light :height 130)
(set-face-attribute 'variable-pitch nil
:family "IBM Plex Sans"
:weight 'regular
:height 1.06)
(use-package solaire-mode (use-package solaire-mode
:custom :custom
@ -692,21 +681,21 @@ create a new one."
(use-package mini-modeline (use-package mini-modeline
:after smart-mode-line :after smart-mode-line
:custom
(mini-modeline-display-gui-line nil)
(mini-modeline-enhance-visual nil)
(mini-modeline-truncate-p nil)
(mini-modeline-l-format nil)
(mini-modeline-right-padding 5)
(mini-modeline-r-format '("%e" mode-line-front-space mode-line-mule-info mode-line-client
mode-line-modified mode-line-remote mode-line-frame-identification
mode-line-buffer-identification " " mode-line-position " " mode-name evil-mode-line-tag))
:config :config
(mini-modeline-mode t) (mini-modeline-mode t)
(setq window-divider-default-places t (setq mini-modeline-display-gui-line nil)
window-divider-default-bottom-width 1 (setq mini-modeline-enhance-visual nil)
window-divider-default-right-width 1) (setq mini-modeline-truncate-p nil)
(window-divider-mode 1)) (setq mini-modeline-l-format nil)
(setq mini-modeline-right-padding 5)
(setq window-divider-mode t)
(setq window-divider-default-places t)
(setq window-divider-default-bottom-width 1)
(setq window-divider-default-right-width 1)
(setq mini-modeline-r-format '("%e" mode-line-front-space mode-line-mule-info mode-line-client
mode-line-modified mode-line-remote mode-line-frame-identification
mode-line-buffer-identification " " mode-line-position " " mode-name evil-mode-line-tag ))
)
(use-package smart-mode-line (use-package smart-mode-line
:config :config
@ -757,8 +746,8 @@ create a new one."
orderless-matching-styles '(orderless-literal orderless-regexp))) orderless-matching-styles '(orderless-literal orderless-regexp)))
(use-package consult (use-package consult
:custom :config
(consult-fontify-max-size 1024) (setq consult-fontify-max-size 1024)
:bind :bind
(("C-x b" . consult-buffer) (("C-x b" . consult-buffer)
("C-c <C-m>" . consult-global-mark) ("C-c <C-m>" . consult-global-mark)
@ -814,8 +803,8 @@ create a new one."
(use-package which-key (use-package which-key
:init (which-key-mode) :init (which-key-mode)
:diminish which-key-mode :diminish which-key-mode
:custom :config
(which-key-idle-delay 0.3)) (setq which-key-idle-delay 0.3))
(use-package helpful (use-package helpful
:bind :bind
@ -823,8 +812,8 @@ create a new one."
("C-h v" . helpful-variable) ("C-h v" . helpful-variable)
("C-h k" . helpful-key) ("C-h k" . helpful-key)
("C-h C-." . helpful-at-point)) ("C-h C-." . helpful-at-point))
:custom :config
(help-window-select nil)) (setq help-window-select nil))
(use-package ligature (use-package ligature
:init :init
@ -912,13 +901,6 @@ create a new one."
:bind :bind
(("C-<tab>" . org-fold-outer) (("C-<tab>" . org-fold-outer)
("C-c s" . org-store-link)) ("C-c s" . org-store-link))
:custom
(org-html-htmlize-output-type nil)
(org-fold-core-style 'overlays)
(org-src-preserve-indentation nil)
(org-src-fontify-natively t)
(org-export-with-broken-links 'mark)
(org-confirm-babel-evaluate nil)
:config :config
(setq org-ellipsis "" (setq org-ellipsis ""
org-link-descriptive t org-link-descriptive t
@ -927,7 +909,6 @@ create a new one."
(setq org-support-shift-select t) (setq org-support-shift-select t)
(setq org-agenda-start-with-log-mode t) (setq org-agenda-start-with-log-mode t)
(setq org-fontify-quote-and-verse-blocks t)
(setq org-log-done 'time) (setq org-log-done 'time)
(setq org-log-into-drawer t) (setq org-log-into-drawer t)
(setq org-startup-with-inline-images t) (setq org-startup-with-inline-images t)
@ -942,54 +923,13 @@ create a new one."
(setq org-capture-templates (setq org-capture-templates
'(("t" "Todo" entry (file+headline "~/Org/Tasks.org" "Inbox") '(("t" "Todo" entry (file+headline "~/Org/Tasks.org" "Inbox")
"* TODO %?\n %i\n %a") "* TODO %?\n %i\n %a")
("j" "Journal" entry (file+olp+datetree "~/Org/Journal.org") ("j" "Journal" entry (file+datetree "~/Org/Journal.org")
"* %?\nEntered on %U\n %i\n %a"))) "* %?\nEntered on %U\n %i\n %a")))
(setq org-refile-targets (setq org-refile-targets
'((swarsel-archive-org-file :maxlevel . 1) '((swarsel-archive-org-file :maxlevel . 1)
(swarsel-tasks-org-file :maxlevel . 1))) (swarsel-tasks-org-file :maxlevel . 1)))
(org-babel-do-load-languages
'org-babel-load-languages
'((emacs-lisp . t)
(python . t)
(js . t)
(shell . t)))
(set-face-attribute 'org-block nil :foreground nil :inherit 'fixed-pitch)
(set-face-attribute 'org-table nil :inherit 'fixed-pitch)
(set-face-attribute 'org-formula nil :inherit 'fixed-pitch)
(set-face-attribute 'org-code nil :inherit '(shadow fixed-pitch))
(set-face-attribute 'org-quote nil :inherit '(shadow fixed-pitch))
(set-face-attribute 'org-verse nil :inherit '(shadow fixed-pitch))
(set-face-attribute 'org-verbatim nil :inherit '(shadow fixed-pitch))
(set-face-attribute 'org-special-keyword nil :inherit '(font-lock-comment-face fixed-pitch))
(set-face-attribute 'org-meta-line nil :inherit '(font-lock-comment-face fixed-pitch))
(set-face-attribute 'org-checkbox nil :inherit 'fixed-pitch)
(dolist (face '((org-level-1 . 1.2)
(org-level-2 . 1.1)
(org-level-3 . 1.0)
(org-level-4 . 1.0)
(org-level-5 . 1.0)
(org-level-6 . 1.0)
(org-level-7 . 1.0)
(org-level-8 . 1.0)))
(set-face-attribute (car face) nil :font swarsel/variable-font :weight 'medium :height (cdr face)))
(add-to-list 'org-src-lang-modes '("conf-unix" . conf-unix))
(advice-add 'org-babel-tangle-single-block :around #'swarsel/org-babel-tangle-single-block-advice)
(advice-add 'org-babel-tangle :around #'swarsel/org-babel-tangle-timing-advice)
(require 'org-tempo)
(add-to-list 'org-structure-template-alist '("sh" . "src shell"))
(add-to-list 'org-structure-template-alist '("el" . "src emacs-lisp"))
(add-to-list 'org-structure-template-alist '("py" . "src python :results output"))
(add-to-list 'org-structure-template-alist '("nix" . "src nix-ts :tangle"))
(add-to-list 'org-structure-template-alist '("ne" . "bash :exports both"))
) )
(use-package org-appear (use-package org-appear
@ -1003,24 +943,64 @@ create a new one."
(use-package visual-fill-column (use-package visual-fill-column
:hook (org-mode . swarsel/org-mode-visual-fill)) :hook (org-mode . swarsel/org-mode-visual-fill))
(use-package auctex (setq org-fold-core-style 'overlays)
:hook ((LaTeX-mode . visual-line-mode)
(LaTeX-mode . flyspell-mode)
(LaTeX-mode . LaTeX-math-mode)
(LaTeX-mode . reftex-mode))
:custom
(TeX-auto-save t)
(TeX-save-query nil)
(TeX-parse-self t)
(TeX-engine 'luatex)
(TeX-master nil)
(LaTeX-electric-left-right-brace t)
(font-latex-fontify-script nil)
(TeX-electric-sub-and-superscript t))
(use-package org-fragtog (setq org-src-preserve-indentation nil)
:hook ((org-mode . org-fragtog-mode)
(markdown-mode . org-fragtog-mode))) (org-babel-do-load-languages
'org-babel-load-languages
'((emacs-lisp . t)
(python . t)
(js . t)
(shell . t)
))
(push '("conf-unix" . conf-unix) org-src-lang-modes)
(setq org-export-with-broken-links 'mark)
(setq org-confirm-babel-evaluate nil)
;; tangle is too slow, try to speed it up
(defadvice org-babel-tangle-single-block (around inhibit-redisplay activate protect compile)
"inhibit-redisplay and inhibit-message to avoid flicker."
(let ((inhibit-redisplay t)
(inhibit-message t))
ad-do-it))
(defadvice org-babel-tangle (around time-it activate compile)
"Display the execution time"
(let ((tim (current-time)))
ad-do-it
(message "org-tangle took %f sec" (float-time (time-subtract (current-time) tim)))))
(require 'org-tempo)
(add-to-list 'org-structure-template-alist '("sh" . "src shell"))
(add-to-list 'org-structure-template-alist '("el" . "src emacs-lisp"))
(add-to-list 'org-structure-template-alist '("py" . "src python :results output"))
(add-to-list 'org-structure-template-alist '("nix" . "src nix-ts :tangle"))
(add-to-list 'org-structure-template-alist '("ne" . "bash :exports both"))
(use-package auctex)
(setq TeX-auto-save t)
(setq TeX-save-query nil)
(setq TeX-parse-self t)
(setq-default TeX-engine 'luatex)
(setq-default TeX-master nil)
(add-hook 'LaTeX-mode-hook 'visual-line-mode)
(add-hook 'LaTeX-mode-hook 'flyspell-mode)
(add-hook 'LaTeX-mode-hook 'LaTeX-math-mode)
(add-hook 'LaTeX-mode-hook 'reftex-mode)
(setq LaTeX-electric-left-right-brace t)
(setq font-latex-fontify-script nil)
(setq TeX-electric-sub-and-superscript t)
;; (setq reftex-plug-into-AUCTeX t)
(use-package org-fragtog)
(add-hook 'org-mode-hook 'org-fragtog-mode)
(add-hook 'markdown-mode-hook 'org-fragtog-mode)
(use-package org-modern (use-package org-modern
:config (setq org-modern-block-name :config (setq org-modern-block-name
@ -1037,8 +1017,6 @@ create a new one."
("<right>" . swarsel/org-present-next)) ("<right>" . swarsel/org-present-next))
:hook ((org-present-mode . swarsel/org-present-start) :hook ((org-present-mode . swarsel/org-present-start)
(org-present-mode-quit . swarsel/org-present-end)) (org-present-mode-quit . swarsel/org-present-end))
:config
(add-hook 'org-present-after-navigate-functions #'swarsel/org-present-slide)
) )
@ -1048,11 +1026,8 @@ create a new one."
(setq-local face-remapping-alist '((default (:height 1.5) variable-pitch) (setq-local face-remapping-alist '((default (:height 1.5) variable-pitch)
(header-line (:height 4.0) variable-pitch) (header-line (:height 4.0) variable-pitch)
(org-document-title (:height 1.75) org-document-title) (org-document-title (:height 1.75) org-document-title)
(org-code (:height 1.2) org-code) (org-code (:height 1.55) org-code)
(org-verbatim (:height 1.0) org-verbatim) (org-verbatim (:height 1.55) org-verbatim)
(org-quote (:height 1.0) org-quote)
(org-verse (:height 1.0) org-verse)
(org-table (:height 0.8) org-table)
(org-block (:height 1.25) org-block) (org-block (:height 1.25) org-block)
(org-block-begin-line (:height 0.7) org-block) (org-block-begin-line (:height 0.7) org-block)
)) ))
@ -1064,7 +1039,7 @@ create a new one."
(org-level-6 . 1.2) (org-level-6 . 1.2)
(org-level-7 . 1.2) (org-level-7 . 1.2)
(org-level-8 . 1.2))) (org-level-8 . 1.2)))
(set-face-attribute (car face) nil :font swarsel/variable-font :weight 'medium :height (cdr face))) (set-face-attribute (car face) nil :font swarsel-alt-font :weight 'medium :height (cdr face)))
(setq header-line-format " ") (setq header-line-format " ")
(setq visual-fill-column-width 90) (setq visual-fill-column-width 90)
@ -1092,7 +1067,7 @@ create a new one."
(org-level-6 . 0.9) (org-level-6 . 0.9)
(org-level-7 . 0.9) (org-level-7 . 0.9)
(org-level-8 . 0.9))) (org-level-8 . 0.9)))
(set-face-attribute (car face) nil :font swarsel/variable-font :weight 'medium :height (cdr face))) (set-face-attribute (car face) nil :font swarsel-alt-font :weight 'medium :height (cdr face)))
(setq header-line-format nil) (setq header-line-format nil)
(setq visual-fill-column-width 150) (setq visual-fill-column-width 150)
(setq indicate-buffer-boundaries t) (setq indicate-buffer-boundaries t)
@ -1127,6 +1102,14 @@ create a new one."
(swarsel/org-present-slide) (swarsel/org-present-slide)
)) ))
(defun clojure-leave-clojure-mode-function ()
)
(add-hook 'buffer-list-update-hook #'clojure-leave-clojure-mode-function)
(add-hook 'org-present-mode-hook 'swarsel/org-present-start)
(add-hook 'org-present-mode-quit-hook 'swarsel/org-present-end)
(add-hook 'org-present-after-navigate-functions 'swarsel/org-present-slide)
(defun org-babel-execute:markdown (body params) (defun org-babel-execute:markdown (body params)
"Just return BODY unchanged, allowing noweb expansion." "Just return BODY unchanged, allowing noweb expansion."
body) body)
@ -1162,10 +1145,21 @@ create a new one."
lsp-nix-nixd-home-manager-options-expr "(builtins.getFlake \"/home/swarsel/.dotfiles\").nixosConfigurations.pyramid.options.home-manager.users.type.getSubOptions []" lsp-nix-nixd-home-manager-options-expr "(builtins.getFlake \"/home/swarsel/.dotfiles\").nixosConfigurations.pyramid.options.home-manager.users.type.getSubOptions []"
)) ))
(add-to-list 'auto-mode-alist '("\\.nix\\.enc\\'" . nix-mode))
(add-to-list 'auto-mode-alist '("\\.nix\\.enc\\'" . nix-ts-mode))
(with-eval-after-load 'lsp-mode
(lsp-register-client
(make-lsp-client :new-connection (lsp-stdio-connection "nixd")
:major-modes '(nix-mode nix-ts-mode)
:priority 0
:server-id 'nixd)))
(use-package hcl-mode (use-package hcl-mode
:mode "\\.hcl\\'" :mode "\\.hcl\\'"
:custom :config
(hcl-indent-level 2)) (setq hcl-indent-level 2))
(use-package groovy-mode) (use-package groovy-mode)
@ -1179,60 +1173,65 @@ create a new one."
(use-package terraform-mode (use-package terraform-mode
:mode "\\.tf\\'" :mode "\\.tf\\'"
:hook (terraform-mode . outline-minor-mode) :config
:custom (setq terraform-indent-level 2)
(terraform-indent-level 2) (setq terraform-format-on-save t))
(terraform-format-on-save t))
(add-hook 'terraform-mode-hook #'outline-minor-mode)
(use-package nixpkgs-fmt) (use-package nixpkgs-fmt)
(use-package shfmt (use-package shfmt
:custom :config
(shfmt-command "shfmt") (setq shfmt-command "shfmt")
(shfmt-arguments '("-i" "4" "-s" "-sr"))) (setq shfmt-arguments '("-i" "4" "-s" "-sr")))
(setq markdown-command "pandoc")
(use-package markdown-mode (use-package markdown-mode
:ensure t :ensure t
:mode ("README\\.md\\'" . gfm-mode) :mode ("README\\.md\\'" . gfm-mode)
:init :init (setq markdown-command "multimarkdown")
(setq markdown-command "multimarkdown")
:hook (markdown-mode . swarsel/markdown-mode-keys)
:bind (:map markdown-mode-map :bind (:map markdown-mode-map
("C-c C-e" . markdown-do) ("C-c C-e" . markdown-do)))
("C-c C-x C-l" . org-latex-preview)
("C-c C-x C-u" . markdown-toggle-url-hiding)))
(use-package elfeed (add-hook 'markdown-mode-hook
:custom (lambda ()
(elfeed-db-directory "~/.elfeed/db/") (local-set-key (kbd "C-c C-x C-l") 'org-latex-preview)
(elfeed-use-curl t) (local-set-key (kbd "C-c C-x C-u") 'markdown-toggle-url-hiding)
(elfeed-set-timeout 36000) ))
:config
(define-key elfeed-show-mode-map (kbd ";") #'visual-fill-column-mode) (use-package elfeed)
(define-key elfeed-show-mode-map (kbd "j") #'elfeed-goodies/split-show-next)
(define-key elfeed-show-mode-map (kbd "k") #'elfeed-goodies/split-show-prev) (use-package elfeed-goodies)
(define-key elfeed-search-mode-map (kbd "j") #'next-line) (elfeed-goodies/setup)
(define-key elfeed-search-mode-map (kbd "k") #'previous-line)
(define-key elfeed-show-mode-map (kbd "S-SPC") #'scroll-down-command)) (setq elfeed-db-directory "~/.elfeed/db/")
(use-package elfeed-goodies
:after elfeed
:config
(elfeed-goodies/setup))
(use-package elfeed-protocol (use-package elfeed-protocol
:after elfeed :after elfeed)
:custom
(elfeed-protocol-enabled-protocols '(fever))
(elfeed-protocol-fever-update-unread-only t)
(elfeed-protocol-fever-fetch-category-as-tag t)
:config
(elfeed-protocol-enable) (elfeed-protocol-enable)
(setq elfeed-use-curl t)
(setq elfeed-set-timeout 36000)
(setq elfeed-protocol-enabled-protocols '(fever))
(setq elfeed-protocol-fever-update-unread-only t)
(setq elfeed-protocol-fever-fetch-category-as-tag t)
(let ((domain (getenv "SWARSEL_RSS_DOMAIN"))) (let ((domain (getenv "SWARSEL_RSS_DOMAIN")))
(setq elfeed-protocol-feeds (setq elfeed-protocol-feeds
`((,(concat "fever+https://Swarsel@" domain) `((,(concat "fever+https://Swarsel@" domain)
:api-url ,(concat "https://" domain "/api/fever.php") :api-url ,(concat "https://" domain "/api/fever.php")
:password-file "~/.emacs.d/.fever"))))) :password-file "~/.emacs.d/.fever"))))
(define-key elfeed-show-mode-map (kbd ";") 'visual-fill-column-mode)
(define-key elfeed-show-mode-map (kbd "j") 'elfeed-goodies/split-show-next)
(define-key elfeed-show-mode-map (kbd "k") 'elfeed-goodies/split-show-prev)
(define-key elfeed-search-mode-map (kbd "j") 'next-line)
(define-key elfeed-search-mode-map (kbd "k") 'previous-line)
(define-key elfeed-show-mode-map (kbd "S-SPC") 'scroll-down-command)
(use-package rg) (use-package rg)
@ -1267,7 +1266,7 @@ create a new one."
(use-package treesit-auto (use-package treesit-auto
:custom :custom
(treesit-auto-install t) (setq treesit-auto-install t)
:config :config
(treesit-auto-add-to-auto-mode-alist 'all) (treesit-auto-add-to-auto-mode-alist 'all)
(global-treesit-auto-mode)) (global-treesit-auto-mode))
@ -1282,17 +1281,25 @@ create a new one."
(use-package avy (use-package avy
:bind :bind
(("M-o" . avy-goto-char-timer)) (("M-o" . avy-goto-char-timer))
:custom :config
(avy-all-windows 'all-frames)) (setq avy-all-windows 'all-frames))
(use-package devdocs (use-package devdocs)
:hook ((python-mode . (lambda () (setq-local devdocs-current-docs '("python~3.12" "numpy~1.23" "matplotlib~3.7" "pandas~1"))))
(python-ts-mode . (lambda () (setq-local devdocs-current-docs '("python~3.12" "numpy~1.23" "matplotlib~3.7" "pandas~1")))) (add-hook 'python-mode-hook
(c-mode . (lambda () (setq-local devdocs-current-docs '("c")))) (lambda () (setq-local devdocs-current-docs '("python~3.12" "numpy~1.23" "matplotlib~3.7" "pandas~1"))))
(c-ts-mode . (lambda () (setq-local devdocs-current-docs '("c")))) (add-hook 'python-ts-mode-hook
(c++-mode . (lambda () (setq-local devdocs-current-docs '("cpp")))) (lambda () (setq-local devdocs-current-docs '("python~3.12" "numpy~1.23" "matplotlib~3.7" "pandas~1"))))
(c++-ts-mode . (lambda () (setq-local devdocs-current-docs '("cpp")))))
) (add-hook 'c-mode-hook
(lambda () (setq-local devdocs-current-docs '("c"))))
(add-hook 'c-ts-mode-hook
(lambda () (setq-local devdocs-current-docs '("c"))))
(add-hook 'c++-mode-hook
(lambda () (setq-local devdocs-current-docs '("cpp"))))
(add-hook 'c++-ts-mode-hook
(lambda () (setq-local devdocs-current-docs '("cpp"))))
; (devdocs-update-all) ; (devdocs-update-all)
@ -1319,16 +1326,13 @@ create a new one."
;; yubikey support for pushing commits ;; yubikey support for pushing commits
;; commiting is enabled through nixos gpg-agent config ;; commiting is enabled through nixos gpg-agent config
(use-package pinentry (use-package pinentry)
:config
(pinentry-start) (pinentry-start)
(setq epg-pinentry-mode 'loopback) (setq epg-pinentry-mode 'loopback)
(setenv "SSH_AUTH_SOCK" (string-chop-newline (shell-command-to-string "gpgconf --list-dirs agent-ssh-socket")))) (setenv "SSH_AUTH_SOCK" (string-chop-newline (shell-command-to-string "gpgconf --list-dirs agent-ssh-socket")))
(use-package forge (use-package forge
:after magit :after magit)
:init
(setq forge-add-default-bindings nil))
(use-package git-timemachine (use-package git-timemachine
:hook (git-time-machine-mode . evil-normalize-keymaps) :hook (git-time-machine-mode . evil-normalize-keymaps)
@ -1357,7 +1361,7 @@ create a new one."
;; (if (char-equal c ?<) t (,electric-pair-inhibit-predicate c)))))) ;; (if (char-equal c ?<) t (,electric-pair-inhibit-predicate c))))))
(use-package rainbow-mode (use-package rainbow-mode
:hook ((css-mode css-ts-mode web-mode html-mode html-ts-mode) . rainbow-mode)) :config (rainbow-mode))
(use-package corfu (use-package corfu
:init :init
@ -1390,15 +1394,15 @@ create a new one."
("<insert-state> <down>" . swarsel/corfu-quit-and-down)) ("<insert-state> <down>" . swarsel/corfu-quit-and-down))
) )
(use-package nerd-icons-corfu (use-package nerd-icons-corfu)
:after corfu
:config
(add-to-list 'corfu-margin-formatters #'nerd-icons-corfu-formatter) (add-to-list 'corfu-margin-formatters #'nerd-icons-corfu-formatter)
(setq nerd-icons-corfu-mapping (setq nerd-icons-corfu-mapping
'((array :style "cod" :icon "symbol_array" :face font-lock-type-face) '((array :style "cod" :icon "symbol_array" :face font-lock-type-face)
(boolean :style "cod" :icon "symbol_boolean" :face font-lock-builtin-face) (boolean :style "cod" :icon "symbol_boolean" :face font-lock-builtin-face)
;; ... ;; ...
(t :style "cod" :icon "code" :face font-lock-warning-face)))) (t :style "cod" :icon "code" :face font-lock-warning-face)))
(use-package cape (use-package cape
:bind :bind
@ -1456,11 +1460,14 @@ create a new one."
"-o ControlMaster=auto -o ControlPersist=yes")) "-o ControlMaster=auto -o ControlPersist=yes"))
) )
(setq vterm-tramp-shells '(("ssh" "'sh'")))
(use-package diff-hl (use-package diff-hl
:hook :hook
((prog-mode ((prog-mode
org-mode) . diff-hl-mode) org-mode) . diff-hl-mode)
:init :init
(diff-hl-flydiff-mode)
(diff-hl-margin-mode) (diff-hl-margin-mode)
(diff-hl-show-hunk-mouse-mode)) (diff-hl-show-hunk-mouse-mode))
@ -1481,17 +1488,19 @@ create a new one."
;;rustic-mode ;;rustic-mode
tex-mode tex-mode
LaTeX-mode LaTeX-mode
) . swarsel/eglot-ensure-and-format) ) . (lambda () (progn
(eglot-ensure)
(add-hook 'before-save-hook 'eglot-format nil 'local))))
:custom :custom
(eldoc-echo-area-use-multiline-p nil) (eldoc-echo-area-use-multiline-p nil)
(completion-category-defaults nil)
(fset #'jsonrpc--log-event #'ignore)
(eglot-events-buffer-size 0) (eglot-events-buffer-size 0)
(eglot-sync-connect nil) (eglot-sync-connect nil)
(eglot-connect-timeout nil) (eglot-connect-timeout nil)
(eglot-autoshutdown t) (eglot-autoshutdown t)
(eglot-send-changes-idle-time 3) (eglot-send-changes-idle-time 3)
(flymake-no-changes-timeout 5) (flymake-no-changes-timeout 5)
:config
(fset #'jsonrpc--log-event #'ignore)
:bind (:map eglot-mode-map :bind (:map eglot-mode-map
("M-(" . flymake-goto-next-error) ("M-(" . flymake-goto-next-error)
("C-c ," . eglot-code-actions))) ("C-c ," . eglot-code-actions)))
@ -1509,13 +1518,7 @@ create a new one."
;; set prefix for lsp-command-keymap (few alternatives - "C-l", "C-c l") ;; set prefix for lsp-command-keymap (few alternatives - "C-l", "C-c l")
(setq lsp-keymap-prefix "C-c l") (setq lsp-keymap-prefix "C-c l")
(setq lsp-auto-guess-root "t") (setq lsp-auto-guess-root "t")
:commands lsp :commands lsp)
:config
(lsp-register-client
(make-lsp-client :new-connection (lsp-stdio-connection "nixd")
:major-modes '(nix-mode nix-ts-mode)
:priority 0
:server-id 'nixd)))
;; (use-package company) ;; (use-package company)
@ -1559,6 +1562,8 @@ create a new one."
; 'line to show errors on the current line ; 'line to show errors on the current line
(setq sideline-backends-right '(sideline-flymake))) (setq sideline-backends-right '(sideline-flymake)))
(setq backup-by-copying-when-linked t)
(use-package dirvish (use-package dirvish
:init :init
(dirvish-override-dired-mode) (dirvish-override-dired-mode)
@ -1633,8 +1638,6 @@ create a new one."
:ensure nil :ensure nil
;; :load-path "/usr/share/emacs/site-lisp/mu4e/" ;; :load-path "/usr/share/emacs/site-lisp/mu4e/"
;;:defer 20 ; Wait until 20 seconds after startup ;;:defer 20 ; Wait until 20 seconds after startup
:hook ((mu4e-compose-mode . swarsel/mu4e-send-from-correct-address)
(mu4e-compose-post . swarsel/mu4e-restore-default))
:config :config
;; This is set to 't' to avoid mail syncing issues when using mbsync ;; This is set to 't' to avoid mail syncing issues when using mbsync
@ -1678,31 +1681,12 @@ create a new one."
;; this does the equivalent of (setq mu4e-user-mail-address-list '(address1@about.com address2@about.com [...]))) ;; this does the equivalent of (setq mu4e-user-mail-address-list '(address1@about.com address2@about.com [...])))
(setq mu4e-user-mail-address-list (setq mu4e-user-mail-address-list
(mapcar #'intern (split-string (or (getenv "SWARSEL_MAIL_ALL") "") "[ ,]+" t))) (mapcar #'intern (split-string (or (getenv "SWARSEL_MAIL_ALL") "") "[ ,]+" t)))
(setq mu4e--log-max-size 1000)
(mu4e t)
(let ((work (getenv "SWARSEL_MAIL_WORK")))
(when (and work (not (string-empty-p work)))
(setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem")
(setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path))
(setq mml-secure-prefer-scheme 'smime)
(setq mml-secure-smime-sign-with-sender t)
(add-hook 'mu4e-compose-mode-hook
(lambda ()
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))))
(setq smime-keys
`((,(getenv "SWARSEL_MAIL_WORK")
,swarsel-smime-cert-path
("~/Certificates/harica-root.pem"
"~/Certificates/harica-intermediate.pem"))))
))
) )
(add-hook 'mu4e-compose-mode-hook #'swarsel/mu4e-send-from-correct-address)
(add-hook 'mu4e-compose-post-hook #'swarsel/mu4e-restore-default)
(use-package mu4e-alert (use-package mu4e-alert
:config :config
(mu4e-alert-enable-notifications) (mu4e-alert-enable-notifications)
@ -1720,6 +1704,30 @@ create a new one."
(add-hook 'after-init-hook #'mu4e-alert-enable-notifications) (add-hook 'after-init-hook #'mu4e-alert-enable-notifications)
) )
(mu4e t)
(let ((work (getenv "SWARSEL_MAIL_WORK")))
(when (and work (not (string-empty-p work)))
(setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem")
(setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path))
(setq mml-secure-prefer-scheme 'smime)
(setq mml-secure-smime-sign-with-sender t)
(add-hook 'mu4e-compose-mode-hook
(lambda ()
(when (and (boundp 'user-mail-address)
(stringp user-mail-address)
(string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK")))
(mml-secure-message-sign-smime))))
(setq smime-keys
`((,(getenv "SWARSEL_MAIL_WORK")
,swarsel-smime-cert-path
("~/Certificates/harica-root.pem"
"~/Certificates/harica-intermediate.pem"
))))
))
(use-package org-caldav (use-package org-caldav
:init :init
;; set org-caldav-sync-initalization ;; set org-caldav-sync-initalization
@ -1843,24 +1851,20 @@ create a new one."
( (
(,"󱄅" (,"󱄅"
,swarsel-domain ,swarsel-domain
,(concat "Browse " swarsel-domain) ,(concat "Browse " main-domain)
(lambda (&rest _) (browse-url ,(concat "https://" swarsel-domain)))) (lambda (&rest _) (browse-url ,(concat "https://" swarsel-domain))))
) )
)))) ))))
(use-package recentf
:ensure nil
:config
(add-to-list 'recentf-exclude "\\Archive\\.org\\'") (add-to-list 'recentf-exclude "\\Archive\\.org\\'")
(add-to-list 'recentf-exclude "\\Tasks\\.org\\'")) (add-to-list 'recentf-exclude "\\Tasks\\.org\\'")
(use-package vterm (use-package vterm
:ensure t :ensure t)
:custom
(vterm-tramp-shells '(("ssh" "'sh'"))))
(use-package multiple-cursors) (use-package multiple-cursors)
(setq mu4e--log-max-size 1000)
(setq message-log-max 30) (setq message-log-max 30)
(setq comint-buffer-maximum-size 50) (setq comint-buffer-maximum-size 50)
(add-hook 'comint-output-filter-functions 'comint-truncate-buffer) (add-hook 'comint-output-filter-functions 'comint-truncate-buffer)

19
files/firefox/chrome/userChrome.css
View file

@ -8,7 +8,7 @@ See the above repository for updates as well as full license text. */
:root{ :root{
--uc-autohide-toolbox-delay: 200ms; /* Wait 0.1s before hiding toolbars */ --uc-autohide-toolbox-delay: 200ms; /* Wait 0.1s before hiding toolbars */
--uc-toolbox-rotation: 82deg; /* This may need to be lower on mac - like 75 or so */ --uc-toolbox-rotation: 82deg; /* This may need to be lower on mac - like 75 or so */
/* swarsel: added colorscheme */
--base00: #1D252C; --base00: #1D252C;
--base01: #171D23; --base01: #171D23;
--base02: #5EC4FF; --base02: #5EC4FF;
@ -63,9 +63,9 @@ See the above repository for updates as well as full license text. */
:root[window-modal-open] #urlbar[popover], :root[window-modal-open] #urlbar[popover],
#mainPopupSet:has(> [panelopen]:not(#ask-chat-shortcuts,#selection-shortcut-action-panel,#chat-shortcuts-options-panel,#tab-preview-panel), > #tab-group-editor > [panelopen]) ~ toolbox #urlbar[popover], #mainPopupSet:has(> [panelopen]:not(#ask-chat-shortcuts,#selection-shortcut-action-panel,#chat-shortcuts-options-panel,#tab-preview-panel), > #tab-group-editor > [panelopen]) ~ toolbox #urlbar[popover],
/* swarsel: removed hover from next line */ /* swarsel: removed :hover from below line */
#navigator-toolbox:is(:focus-within,[movingtab]) #urlbar[popover], #navigator-toolbox:is(:focus-within,[movingtab]) #urlbar[popover],
:where(:root[sessionrestored]) #urlbar-container > #urlbar[popover]:is([focused],[open]){ #urlbar-container > #urlbar[popover]:is([focused],[open]){
pointer-events: auto; pointer-events: auto;
opacity: 1; opacity: 1;
transition-delay: 33ms; transition-delay: 33ms;
@ -75,7 +75,7 @@ See the above repository for updates as well as full license text. */
:root[window-modal-open] #navigator-toolbox, :root[window-modal-open] #navigator-toolbox,
#mainPopupSet:has(> [panelopen]:not(#ask-chat-shortcuts,#selection-shortcut-action-panel,#chat-shortcuts-options-panel,#tab-preview-panel), > #tab-group-editor > [panelopen]) ~ toolbox, #mainPopupSet:has(> [panelopen]:not(#ask-chat-shortcuts,#selection-shortcut-action-panel,#chat-shortcuts-options-panel,#tab-preview-panel), > #tab-group-editor > [panelopen]) ~ toolbox,
#navigator-toolbox:has(#urlbar:is([open],[focus-within])), #navigator-toolbox:has(#urlbar:is([open],[focus-within])),
/* swarsel: removed hover from next line */ /* swarsel: removed :hover from below line */
#navigator-toolbox:is(:focus-within,[movingtab]){ #navigator-toolbox:is(:focus-within,[movingtab]){
transition-delay: 33ms !important; transition-delay: 33ms !important;
transform: rotateX(0); transform: rotateX(0);
@ -95,16 +95,7 @@ See the above repository for updates as well as full license text. */
} }
} }
/* swarsel: set pointer-events to none !important */ #navigator-toolbox > *{ line-height: normal; pointer-events: auto }
#navigator-toolbox > *{ line-height: normal; pointer-events: none !important }
/* swarsel: make toolbox clickable */
:root[window-modal-open] #navigator-toolbox > *,
#mainPopupSet:has(> [panelopen]:not(#ask-chat-shortcuts,#selection-shortcut-action-panel,#chat-shortcuts-options-panel,#tab-preview-panel), > #tab-group-editor > [panelopen]) ~ toolbox > *,
#navigator-toolbox:has(#urlbar:is([open],[focus-within])) > *,
#navigator-toolbox:is(:focus-within,[movingtab],:hover) > * {
pointer-events: auto !important;
}
/* Don't apply transform before window has been fully created */ /* Don't apply transform before window has been fully created */
:root:not([sessionrestored]) #navigator-toolbox{ transform:none !important } :root:not([sessionrestored]) #navigator-toolbox{ transform:none !important }

33
files/scripts/command-not-found.sh Normal file
View file

@ -0,0 +1,33 @@
# Adapted from https://github.com/bennofs/nix-index/blob/master/command-not-found.sh
command_not_found_handle() {
if [ -n "${MC_SID-}" ] || ! [ -t 1 ]; then
>&2 echo "$1: command not found"
return 127
fi
echo -n "searching nix-index..."
ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --whole-name --at-root "/bin/$1")
case $(echo -n "$ATTRS" | grep -c "^") in
0)
>&2 echo -ne "$(@tput@ el1)\r"
>&2 echo "$1: command not found"
;;
*)
>&2 echo -ne "$(@tput@ el1)\r"
>&2 echo "The program $(@tput@ setaf 4)$1$(@tput@ sgr0) is currently not installed."
>&2 echo "It is provided by the following derivation(s):"
while read -r ATTR; do
ATTR=${ATTR%.out}
>&2 echo " $(@tput@ setaf 12)nixpkgs#$(@tput@ setaf 4)$ATTR$(@tput@ sgr0)"
done <<< "$ATTRS"
;;
esac
return 127
}
command_not_found_handler() {
command_not_found_handle "$@"
return $?
}

23
files/scripts/e.sh Normal file
View file

@ -0,0 +1,23 @@
wait=0
while :; do
case ${1:-} in
-w | --wait)
wait=1
;;
*) break ;;
esac
shift
done
STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true)
if [ "$STR" == "" ]; then
swaymsg '[title="kittyterm"]' scratchpad show
emacsclient -c -a "" "$@"
swaymsg '[title="kittyterm"]' scratchpad show
else
if [[ $wait -eq 0 ]]; then
emacsclient -n -c -a "" "$@"
else
emacsclient -c -a "" "$@"
fi
fi

20
files/scripts/fs-diff.sh Normal file
View file

@ -0,0 +1,20 @@
set -euo pipefail
OLD_TRANSID=$(sudo btrfs subvolume find-new /mnt/root-blank 9999999)
OLD_TRANSID=${OLD_TRANSID#transid marker was }
sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" |
sed '$d' |
cut -f17- -d' ' |
sort |
uniq |
while read -r path; do
path="/$path"
if [ -L "$path" ]; then
: # The path is a symbolic link, so is probably handled by NixOS already
elif [ -d "$path" ]; then
: # The path is a directory, ignore
else
echo "$path"
fi
done

11
files/scripts/niri-resize.sh Normal file
View file

@ -0,0 +1,11 @@
WORKSPACE=$(niri msg -j workspaces | jq -r '.[] | select(.is_focused == true) | .id')
COUNT=$(niri msg -j windows | jq --argjson ws "$WORKSPACE" -r '.[] | select(.workspace_id == $ws and .is_floating == false) | .app_id' | wc -l)
while [[ $COUNT == "0" || $COUNT == "2" ]]; do
COUNT=$(niri msg -j windows | jq --argjson ws "$WORKSPACE" -r '.[] | select(.workspace_id == $ws and .is_floating == false) | .app_id' | wc -l)
done
if [[ $COUNT == "1" ]]; then
niri msg action maximize-column
fi

5
files/scripts/opacitytoggle.sh Normal file
View file

@ -0,0 +1,5 @@
if swaymsg opacity plus 0.01 -q; then
swaymsg opacity 1
else
swaymsg opacity 0.95
fi

51
files/scripts/pass-fuzzel.sh Normal file
View file

@ -0,0 +1,51 @@
# Adapted from https://code.kulupu.party/thesuess/home-manager/src/branch/main/modules/river.nix
shopt -s nullglob globstar
otp=0
typeit=0
while :; do
case ${1:-} in
-t | --type)
typeit=1
;;
-o | --otp)
otp=1
;;
*) break ;;
esac
shift
done
export PASSWORD_STORE_DIR=~/.local/share/password-store
prefix=${PASSWORD_STORE_DIR-~/.local/share/password-store}
if [[ $otp -eq 0 ]]; then
password_files=("$prefix"/**/*.gpg)
else
password_files=("$prefix"/otp/**/*.gpg)
fi
password_files=("${password_files[@]#"$prefix"/}")
password_files=("${password_files[@]%.gpg}")
password=$(printf '%s\n' "${password_files[@]}" | fuzzel --dmenu "$@")
[[ -n $password ]] || exit
if [[ $otp -eq 0 ]]; then
if [[ $typeit -eq 0 ]]; then
pass show -c "$password" &> /tmp/pass-fuzzel
else
pass show "$password" | {
IFS= read -r pass
printf %s "$pass"
} | wtype -
fi
else
if [[ $typeit -eq 0 ]]; then
pass otp -c "$password" &> /tmp/pass-fuzzel
else
pass otp "$password" | {
IFS= read -r pass
printf %s "$pass"
} | wtype -
fi
fi
notify-send -u critical -a pass -t 1000 "Copied/Typed Password"

7
files/scripts/project.sh Normal file
View file

@ -0,0 +1,7 @@
set -euo pipefail
if [ ! -d "$(pwd)/.git" ]; then
git init
fi
nix flake init --template "$FLAKE"#"$1"
direnv allow

12
files/scripts/quickpass.sh Normal file
View file

@ -0,0 +1,12 @@
shopt -s nullglob globstar
notify-send "$(env | grep -E 'WAYLAND|SWAY')"
password="$1"
pass show "$password" | {
IFS= read -r pass
printf %s "$pass"
} | wtype -
notify-send -u critical -a pass -t 1000 "Typed Password"

11
files/scripts/sshrm.sh Normal file
View file

@ -0,0 +1,11 @@
HISTFILE="$HOME"/.histfile
last_ssh_cmd=$(grep -E "ssh " "$HISTFILE" | sed -E 's/^: [0-9]+:[0-9]+;//' | grep "^ssh " | tail -1)
host=$(echo "$last_ssh_cmd" | sed -E 's/.*ssh ([^@ ]+@)?([^ ]+).*/\2/')
if [[ -n $host ]]; then
echo "Removing SSH host key for: $host"
ssh-keygen -R "$host"
else
echo "No valid SSH command found in history."
fi

394
files/scripts/swarsel-bootstrap.sh Normal file
View file

@ -0,0 +1,394 @@
# highly inspired by https://github.com/EmergentMind/nix-config/blob/dev/files/scripts/bootstrap-nixos.sh
set -eo pipefail
target_hostname=""
target_destination=""
target_arch=""
target_user="swarsel"
ssh_port="22"
persist_dir=""
disk_encryption=0
disk_encryption_args=""
no_disko_deps="false"
temp=$(mktemp -d)
function help_and_exit() {
echo
echo "Remotely installs SwarselSystem on a target machine including secret deployment."
echo
echo "USAGE: $0 -n <target_hostname> -d <target_destination> [OPTIONS]"
echo
echo "ARGS:"
echo " -n <target_hostname> specify target_hostname of the target host to deploy the nixos config on."
echo " -d <target_destination> specify ip or url to the target host."
echo " -a <targeit_arch> specify the architecture of the target host."
echo " target during install process."
echo
echo "OPTIONS:"
echo " -u <target_user> specify target_user with sudo access. nix-config will be cloned to their home."
echo " Default='${target_user}'."
echo " --port <ssh_port> specify the ssh port to use for remote access. Default=${ssh_port}."
echo " --debug Enable debug mode."
echo " --no-disko-deps Upload only disk script and not dependencies (for use on low ram)."
echo " -h | --help Print this help."
exit 0
}
function cleanup() {
rm -rf "$temp"
rm -rf /tmp/disko-password
}
trap cleanup exit
function red() {
echo -e "\x1B[31m[!] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[31m[!] $($2) \x1B[0m"
fi
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
function yellow() {
echo -e "\x1B[33m[*] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[33m[*] $($2) \x1B[0m"
fi
}
function yes_or_no() {
echo -en "\x1B[32m[+] $* [y/n] (default: y): \x1B[0m"
while true; do
read -rp "" yn
yn=${yn:-y}
case $yn in
[Yy]*) return 0 ;;
[Nn]*) return 1 ;;
esac
done
}
function update_sops_file() {
key_name=$1
key_type=$2
key=$3
if [ ! "$key_type" == "hosts" ] && [ ! "$key_type" == "users" ]; then
red "Invalid key type passed to update_sops_file. Must be either 'hosts' or 'users'."
exit 1
fi
cd "${git_root}"
SOPS_FILE=".sops.yaml"
sed -i "{
# Remove any * and & entries for this host
/[*&]$key_name/ d;
# Inject a new age: entry
# n matches the first line following age: and p prints it, then we transform it while reusing the spacing
/age:/{n; p; s/\(.*- \*\).*/\1$key_name/};
# Inject a new hosts or user: entry
/&$key_type/{n; p; s/\(.*- &\).*/\1$key_name $key/}
}" $SOPS_FILE
green "Updating .sops.yaml"
cd -
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_hostname=$1
;;
-d)
shift
target_destination=$1
;;
-a)
shift
target_arch=$1
;;
-u)
shift
target_user=$1
;;
--port)
shift
ssh_port=$1
;;
--no-disko-deps)
no_disko_deps="true"
;;
--debug)
set -x
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
if [[ $target_arch == "" || $target_destination == "" || $target_hostname == "" ]]; then
red "error: target_arch, target_destination or target_hostname not set."
help_and_exit
fi
LOCKED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.node.lockFromBootstrapping)"
if [[ $LOCKED == "true" ]]; then
red "THIS SYSTEM IS LOCKED FROM BOOTSTRAPPING - set 'node.lockFromBootstrapping = lib.mkForce false;' to proceed"
exit
fi
green "~SwarselSystems~ remote installer"
green "Reading system information for $target_hostname ..."
DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)"
green "Root Disk: $DISK"
CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)"
if [[ $CRYPTED == "true" ]]; then
green "Encryption: ✓"
disk_encryption=1
disk_encryption_args=(
--disk-encryption-keys
/tmp/disko-password
/tmp/disko-password
)
else
red "Encryption: X"
disk_encryption=0
fi
IMPERMANENCE="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isImpermanence)"
if [[ $IMPERMANENCE == "true" ]]; then
green "Impermanence: ✓"
persist_dir="/persist"
else
red "Impermanence: X"
persist_dir=""
fi
SWAP="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSwap)"
if [[ $SWAP == "true" ]]; then
green "Swap: ✓"
else
red "Swap: X"
fi
SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSecureBoot)"
if [[ $SECUREBOOT == "true" ]]; then
green "Secure Boot: ✓"
else
red "Secure Boot: X"
fi
ssh_cmd="ssh -oport=${ssh_port} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -t $target_user@$target_destination"
# ssh_root_cmd=$(echo "$ssh_cmd" | sed "s|${target_user}@|root@|") # uses @ in the sed switch to avoid it triggering on the $ssh_key value
ssh_root_cmd=${ssh_cmd/${target_user}@/root@}
scp_cmd="scp -oport=${ssh_port} -o StrictHostKeyChecking=no"
if [[ -z ${FLAKE} ]]; then
FLAKE=/home/"$target_user"/.dotfiles
fi
if [ ! -d "$FLAKE" ]; then
cd /home/"$target_user"
yellow "Flake directory not found - cloning repository from GitHub"
git clone git@github.com:Swarsel/.dotfiles.git || (yellow "Could not clone repository via SSH - defaulting to HTTPS" && git clone https://github.com/Swarsel/.dotfiles.git)
FLAKE=/home/"$target_user"/.dotfiles
fi
cd "$FLAKE"
rm install/flake.lock || true
git_root=$(git rev-parse --show-toplevel)
# ------------------------
green "Wiping known_hosts of $target_destination"
sed -i "/$target_hostname/d; /$target_destination/d" ~/.ssh/known_hosts
# ------------------------
green "Preparing a new ssh_host_ed25519_key pair for $target_hostname."
# Create the directory where sshd expects to find the host keys
install -d -m755 "$temp/$persist_dir/etc/ssh"
# Generate host ssh key pair without a passphrase
ssh-keygen -t ed25519 -f "$temp/$persist_dir/etc/ssh/ssh_host_ed25519_key" -C root@"$target_hostname" -N ""
# Set the correct permissions so sshd will accept the key
chmod 600 "$temp/$persist_dir/etc/ssh/ssh_host_ed25519_key"
echo "Adding ssh host fingerprint at $target_destination to ~/.ssh/known_hosts"
# This will fail if we already know the host, but that's fine
ssh-keyscan -p "$ssh_port" "$target_destination" >> ~/.ssh/known_hosts || true
# ------------------------
# when using luks, disko expects a passphrase on /tmp/disko-password, so we set it for now and will update the passphrase later
# via the config
if [ "$disk_encryption" -eq 1 ]; then
while true; do
green "Set disk encryption passphrase:"
read -rs luks_passphrase
green "Please confirm passphrase:"
read -rs luks_passphrase_confirm
if [[ $luks_passphrase == "$luks_passphrase_confirm" ]]; then
echo "$luks_passphrase" > /tmp/disko-password
$ssh_root_cmd "echo '$luks_passphrase' > /tmp/disko-password"
break
else
red "Passwords do not match"
fi
done
fi
# ------------------------
green "Generating hardware-config.nix for $target_hostname and adding it to the nix-config."
$ssh_root_cmd "nixos-generate-config --force --no-filesystems --root /mnt"
mkdir -p "$FLAKE"/hosts/nixos/"$target_arch"/"$target_hostname"
$scp_cmd root@"$target_destination":/mnt/etc/nixos/hardware-configuration.nix "${git_root}"/hosts/nixos/"$target_arch"/"$target_hostname"/hardware-configuration.nix
# ------------------------
green "Generating hostkey for ssh initrd"
$ssh_root_cmd "mkdir -p $temp/etc/secrets/initrd /etc/secrets/initrd"
$ssh_root_cmd "ssh-keygen -t ed25519 -N '' -f $temp/etc/secrets/initrd/ssh_host_ed25519_key"
$ssh_root_cmd "cp $temp/etc/secrets/initrd/ssh_host_ed25519_key /etc/secrets/initrd/ssh_host_ed25519_key"
# ------------------------
green "Deploying minimal NixOS installation on $target_destination"
if [[ $no_disko_deps == "true" ]]; then
green "Building without disko dependencies (using custom kexec)"
nix run github:nix-community/nixos-anywhere/1.10.0 -- "${disk_encryption_args[@]}" --no-disko-deps --ssh-port "$ssh_port" --extra-files "$temp" --flake ./install#"$target_hostname" --kexec "$(nix build --print-out-paths .#packages."$target_arch".swarsel-kexec)/swarsel-kexec-$target_arch.tar.gz" root@"$target_destination"
else
green "Building with disko dependencies (using nixos-images kexec)"
nix run github:nix-community/nixos-anywhere/1.10.0 -- "${disk_encryption_args[@]}" --ssh-port "$ssh_port" --extra-files "$temp" --flake ./install#"$target_hostname" root@"$target_destination"
fi
echo "Updating ssh host fingerprint at $target_destination to ~/.ssh/known_hosts"
ssh-keyscan -p "$ssh_port" "$target_destination" >> ~/.ssh/known_hosts || true
# ------------------------
while true; do
read -rp "Press Enter to continue once the remote host has finished booting."
if nc -z "$target_destination" "${ssh_port}" 2> /dev/null; then
green "$target_destination is booted. Continuing..."
break
else
yellow "$target_destination is not yet ready."
fi
done
# ------------------------
if [[ $SECUREBOOT == "true" ]]; then
green "Setting up secure boot keys"
$ssh_root_cmd "mkdir -p /var/lib/sbctl"
read -ra scp_call <<< "${scp_cmd}"
sudo "${scp_call[@]}" -r /var/lib/sbctl root@"$target_destination":/var/lib/
$ssh_root_cmd "sbctl enroll-keys --ignore-immutable --microsoft || true"
fi
# ------------------------
if [ -n "$persist_dir" ]; then
$ssh_root_cmd "cp /etc/machine-id $persist_dir/etc/machine-id || true"
$ssh_root_cmd "cp -R /etc/ssh/ $persist_dir/etc/ssh/ || true"
fi
# ------------------------
green "Generating an age key based on the new ssh_host_ed25519_key."
target_key=$(
ssh-keyscan -p "$ssh_port" -t ssh-ed25519 "$target_destination" 2>&1 |
grep ssh-ed25519 |
cut -f2- -d" " ||
(
red "Failed to get ssh key. Host down?"
exit 1
)
)
host_age_key=$(nix shell nixpkgs#ssh-to-age.out -c sh -c "echo $target_key | ssh-to-age")
if grep -qv '^age1' <<< "$host_age_key"; then
red "The result from generated age key does not match the expected format."
yellow "Result: $host_age_key"
yellow "Expected format: age1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
exit 1
else
echo "$host_age_key"
fi
green "Updating nix-secrets/.sops.yaml"
update_sops_file "$target_hostname" "hosts" "$host_age_key"
yellow ".sops.yaml has been updated. There may be superfluous entries, you might need to edit manually."
if yes_or_no "Do you want to manually edit .sops.yaml now?"; then
vim "${git_root}"/.sops.yaml
fi
green "Updating all secrets files to reflect updates .sops.yaml"
sops updatekeys --yes --enable-local-keyservice "${git_root}"/hosts/nixos/"$target_arch"/"$target_hostname"/secrets/* || true
# --------------------------
green "Making ssh_host_ed25519_key available to home-manager for user $target_user"
sed -i "/$target_hostname/d; /$target_destination/d" ~/.ssh/known_hosts
$ssh_root_cmd "mkdir -p /home/$target_user/.ssh; chown -R $target_user:users /home/$target_user/.ssh/"
$scp_cmd root@"$target_destination":/etc/ssh/ssh_host_ed25519_key root@"$target_destination":/home/"$target_user"/.ssh/ssh_host_ed25519_key
$ssh_root_cmd "chown $target_user:users /home/$target_user/.ssh/ssh_host_ed25519_key"
# __________________________
if yes_or_no "Add ssh host fingerprints for git upstream repositories? (This is needed for building the full config)"; then
green "Adding ssh host fingerprints for git{lab,hub}"
$ssh_cmd "mkdir -p /home/$target_user/.ssh/; ssh-keyscan -t ssh-ed25519 gitlab.com github.com | tee /home/$target_user/.ssh/known_hosts"
$ssh_root_cmd "mkdir -p /root/.ssh/; ssh-keyscan -t ssh-ed25519 gitlab.com github.com | tee /root/.ssh/known_hosts"
fi
# --------------------------
if yes_or_no "Do you want to copy your full nix-config and nix-secrets to $target_hostname?"; then
green "Adding ssh host fingerprint at $target_destination to ~/.ssh/known_hosts"
ssh-keyscan -p "$ssh_port" "$target_destination" >> ~/.ssh/known_hosts || true
green "Copying full nix-config to $target_hostname"
cd "${git_root}"
just sync "$target_user" "$target_destination"
if [ -n "$persist_dir" ]; then
$ssh_root_cmd "cp -r /home/$target_user/.dotfiles $persist_dir/.dotfiles || true"
$ssh_root_cmd "cp -r /home/$target_user/.ssh $persist_dir/.ssh || true"
fi
if yes_or_no "Do you want to rebuild immediately?"; then
green "Building nix-config for $target_hostname"
# yellow "Reminder: The password is 'setup'"
$ssh_root_cmd "mkdir -p /root/.local/share/nix/; printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /root/.local/share/nix/trusted-settings.json"
# $ssh_cmd -oForwardAgent=yes "cd .dotfiles && sudo nixos-rebuild --show-trace --flake .#$target_hostname switch"
store_path=$(nix build --no-link --print-out-paths .#nixosConfigurations."$target_hostname".config.system.build.toplevel)
green "Copying generation to $target_hostname"
nix copy --to "ssh://root@$target_destination" "$store_path"
# prev_system=$($ssh_root_cmd " readlink -e /nix/var/nix/profiles/system")
green "Linking generation in bootloader"
$ssh_root_cmd "/run/current-system/sw/bin/nix-env --profile /nix/var/nix/profiles/system --set $store_path"
green "Setting generation to activate upon next boot"
$ssh_root_cmd "$store_path/bin/switch-to-configuration boot"
else
echo
green "NixOS was successfully installed!"
echo "Post-install config build instructions:"
echo "To copy nix-config from this machine to the $target_hostname, run the following command from ~/nix-config"
echo "just sync $target_user $target_destination"
echo "To rebuild, sign into $target_hostname and run the following command from ~/nix-config"
echo "cd nix-config"
# see above FIXME:(bootstrap)
echo "sudo nixos-rebuild .pre-commit-config.yaml show-trace --flake .#$target_hostname switch"
# echo "just rebuild"
echo
fi
fi
green "NixOS was successfully installed!"
if yes_or_no "You can now commit and push the nix-config, which includes the hardware-configuration.nix for $target_hostname?"; then
cd "${git_root}"
deadnix hosts/nixos/"$target_arch"/"$target_hostname"/hardware-configuration.nix -qe
nixpkgs--fmt hosts/nixos/"$target_arch"/"$target_hostname"/hardware-configuration.nix
(.pre-commit-config.yaml mit run --all-files 2> /dev/null || true) &&
git add "$git_root/hosts/nixos/$target_arch/$target_hostname/hardware-configuration.nix" &&
git add "$git_root/.sops.yaml" &&
git add "$git_root/secrets" &&
(git commit -m "feat: deployed $target_hostname" || true) && git push
fi
if yes_or_no "Reboot now?"; then
$ssh_root_cmd "reboot"
fi
rm -rf /tmp/disko-password

2
files/scripts/swarsel-displaypower.sh Normal file
View file

@ -0,0 +1,2 @@
swaymsg "output * power on" > /dev/null 2>&1 || true
swaymsg "output * dpms on" > /dev/null 2>&1 || true

188
files/scripts/swarsel-install.sh Normal file
View file

@ -0,0 +1,188 @@
set -eo pipefail
target_config="hotel"
target_hostname="hotel"
target_user="swarsel"
target_arch=""
persist_dir=""
target_disk="/dev/vda"
disk_encryption=0
function help_and_exit() {
echo
echo "Locally installs SwarselSystem on this machine."
echo
echo "USAGE: $0 -n <target_config> -d <target_disk> [OPTIONS]"
echo
echo "ARGS:"
echo " -n <target_config> specify the nixos config to deploy."
echo " Default: hotel"
echo " -d <target_disk> specify disk to install on."
echo " Default: /dev/vda"
echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel"
echo " -a <target_arch> specify target architecture."
echo " -h | --help Print this help."
exit 0
}
function red() {
echo -e "\x1B[31m[!] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[31m[!] $($2) \x1B[0m"
fi
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
function yellow() {
echo -e "\x1B[33m[*] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[33m[*] $($2) \x1B[0m"
fi
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_config=$1
target_hostname=$1
;;
-u)
shift
target_user=$1
;;
-d)
shift
target_disk=$1
;;
-a)
shift
target_arch=$1
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
function cleanup() {
sudo rm -rf .cache/nix
sudo rm -rf /root/.cache/nix
}
trap cleanup exit
if [[ $target_arch == "" || $target_hostname == "" ]]; then
red "error: target_arch or target_hostname not set."
help_and_exit
fi
green "~SwarselSystems~ local installer"
cd /home/"$target_user"
sudo rm -rf /root/.cache/nix
sudo rm -rf .cache/nix
sudo rm -rf .dotfiles
green "Cloning repository from GitHub"
git clone https://github.com/Swarsel/.dotfiles.git
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/public/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable ..."
sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
nix flake update vbc-nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
green "Reading system information for $target_config ..."
DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)"
green "Root Disk in config: $DISK - Root Disk passed in cli: $target_disk"
CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)"
if [[ $CRYPTED == "true" ]]; then
green "Encryption: ✓"
disk_encryption=1
else
red "Encryption: X"
disk_encryption=0
fi
IMPERMANENCE="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isImpermanence)"
if [[ $IMPERMANENCE == "true" ]]; then
green "Impermanence: ✓"
persist_dir="/persist"
else
red "Impermanence: X"
persist_dir=""
fi
SWAP="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSwap)"
if [[ $SWAP == "true" ]]; then
green "Swap: ✓"
else
red "Swap: X"
fi
SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSecureBoot)"
if [[ $SECUREBOOT == "true" ]]; then
green "Secure Boot: ✓"
else
red "Secure Boot: X"
fi
if [ "$disk_encryption" -eq 1 ]; then
while true; do
green "Set disk encryption passphrase:"
read -rs luks_passphrase
green "Please confirm passphrase:"
read -rs luks_passphrase_confirm
if [[ $luks_passphrase == "$luks_passphrase_confirm" ]]; then
echo "$luks_passphrase" > /tmp/disko-password
break
else
red "Passwords do not match"
fi
done
fi
green "Setting up disk ..."
if [[ $target_config == "hotel" ]]; then
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/v1.10.0 -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks --arg diskDevice "$target_disk"
else
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks
fi
sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/
sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/
sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user"
green "Generating hardware configuration ..."
sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/
git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/hardware-configuration.nix
sudo mkdir -p /root/.local/share/nix/
printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | sudo tee /root/.local/share/nix/trusted-settings.json > /dev/null
green "Installing flake $target_config"
store_path=$(nix build --no-link --print-out-paths .#nixosConfigurationsMinimal."$target_config".config.system.build.toplevel)
green "Linking generation in bootloader"
sudo "/run/current-system/sw/bin/nix-env --profile /nix/var/nix/profiles/system --set $store_path"
green "Setting generation to activate upon next boot"
sudo "$store_path/bin/switch-to-configuration boot"
green "Installation finished! Reboot to see changes"

72
files/scripts/swarsel-postinstall.sh Normal file
View file

@ -0,0 +1,72 @@
set -eo pipefail
target_config="hotel"
target_user="swarsel"
function help_and_exit() {
echo
echo "Locally installs SwarselSystem on this machine."
echo
echo "USAGE: $0 -d <disk> [OPTIONS]"
echo
echo "ARGS:"
echo " -d <disk> specify disk to install on."
echo " -n <target_config> specify the nixos config to deploy."
echo " Default: hotel"
echo " Default: hotel"
echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel"
echo " -h | --help Print this help."
exit 0
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_config=$1
;;
-u)
shift
target_user=$1
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
function cleanup() {
sudo rm -rf .cache/nix
sudo rm -rf /root/.cache/nix
}
trap cleanup exit
sudo rm -rf .cache/nix
sudo rm -rf /root/.cache/nix
green "~SwarselSystems~ remote post-installer"
cd /home/"$target_user"/.dotfiles
SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_config".config.swarselsystems.isSecureBoot)"
if [[ $SECUREBOOT == "true" ]]; then
green "Setting up secure boot keys"
sudo mkdir -p /var/lib/sbctl
sbctl create-keys || true
sbctl enroll-keys --ignore-immutable --microsoft || true
fi
sudo nixos-rebuild --flake .#"$target_config" switch
green "Post-install finished!"

110
files/scripts/swarsel-rebuild.sh Normal file
View file

@ -0,0 +1,110 @@
set -eo pipefail
target_config="hotel"
target_arch=""
target_user="swarsel"
function help_and_exit() {
echo
echo "Builds SwarselSystem configuration."
echo
echo "USAGE: $0 [OPTIONS]"
echo
echo "ARGS:"
echo " -n <target_config> specify nixos config to build."
echo " Default: hotel"
echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel"
echo " -a <target_arch> specify target architecture."
echo " -h | --help Print this help."
exit 0
}
function red() {
echo -e "\x1B[31m[!] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[31m[!] $($2) \x1B[0m"
fi
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
function yellow() {
echo -e "\x1B[33m[*] $1 \x1B[0m"
if [ -n "${2-}" ]; then
echo -e "\x1B[33m[*] $($2) \x1B[0m"
fi
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_config=$1
;;
-a)
shift
target_arch=$1
;;
-u)
shift
target_user=$1
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
if [[ $target_arch == "" ]]; then
red "error: target_arch not set."
help_and_exit
fi
cd /home/"$target_user"
if [ ! -d /home/"$target_user"/.dotfiles ]; then
green "Cloning repository from GitHub"
git clone https://github.com/Swarsel/.dotfiles.git
else
red "A .dotfiles repository is in the way. Please (re-)move the repository and try again."
exit 1
fi
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/public/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable"
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
rm modules/home/common/env.nix
rm modules/home/common/gammastep.nix
rm modules/home/common/git.nix
rm modules/home/common/mail.nix
rm modules/home/common/yubikey.nix
rm modules/nixos/server/restic.nix
rm hosts/nixos/aarch64-linux/milkywell/default.nix
rm -rf modules/nixos/server
rm -rf modules/home/server
nix flake update vbc-nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
sudo nixos-generate-config --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/
git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/hardware-configuration.nix
green "Installing flake $target_config"
sudo nixos-rebuild --show-trace --flake .#"$target_config" boot
yellow "Please keep in mind that this is only a demo of the configuration. Things might break unexpectedly."

62
files/scripts/swarselcheck.sh Normal file
View file

@ -0,0 +1,62 @@
kitty=0
element=0
vesktop=0
spotifyplayer=0
while :; do
case ${1:-} in
-k | --kitty)
kitty=1
;;
-e | --element)
element=1
;;
-d | --vesktop)
vesktop=1
;;
-s | --spotifyplayer)
spotifyplayer=1
;;
*) break ;;
esac
shift
done
if [[ $kitty -eq 1 ]]; then
STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true)
CHECK=$(swaymsg -t get_tree | grep kittyterm || true)
if [ "$CHECK" == "" ]; then
exec kitty --app-id kittyterm -T kittyterm -o confirm_os_window_close=0 zellij attach --create kittyterm &
sleep 1
fi
if [ "$STR" == "" ]; then
exec swaymsg '[title="kittyterm"]' scratchpad show
else
exec swaymsg '[title="kittyterm"]' scratchpad show
fi
elif [[ $element -eq 1 ]]; then
STR=$(swaymsg -t get_tree | grep Element || true)
if [ "$STR" == "" ]; then
exec element-desktop
else
exec swaymsg '[app_id=Element]' kill
fi
elif [[ $vesktop -eq 1 ]]; then
STR=$(swaymsg -t get_tree | grep vesktop || true)
if [ "$STR" == "" ]; then
exec vesktop
else
exec swaymsg '[app_id=vesktop]' kill
fi
elif [[ $spotifyplayer -eq 1 ]]; then
STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep spotifytui || true)
CHECK=$(swaymsg -t get_tree | grep spotifytui || true)
if [ "$CHECK" == "" ]; then
exec kitty --add-id spotifytui -T spotifytui -o confirm_os_window_close=0 spotify_player &
sleep 1
fi
if [ "$STR" == "" ]; then
exec swaymsg '[title="spotifytui"]' scratchpad show
else
exec swaymsg '[title="spotifytui"]' scratchpad show
fi
fi

8
files/scripts/swarselzellij.sh Normal file
View file

@ -0,0 +1,8 @@
# KITTIES=$(($(pgrep -P 1 kitty | wc -l) - 1))
# if ((KITTIES < 1)); then
# exec kitty -o confirm_os_window_close=0 zellij attach --create main
# else
# exec kitty -o confirm_os_window_close=0 zellij attach --create "temp $KITTIES"
# fi
exec kitty -o confirm_os_window_close=0 zellij

24
files/scripts/waybarupdate.sh Normal file
View file

@ -0,0 +1,24 @@
CFG=$(git --git-dir="$HOME"/.dotfiles/.git --work-tree="$HOME"/.dotfiles/ status -s | wc -l)
CSE=$(git --git-dir="$DOCUMENT_DIR_PRIV"/CSE_TUWIEN/.git --work-tree="$DOCUMENT_DIR_PRIV"/CSE_TUWIEN/ status -s | wc -l)
PASS=$(($(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ status -s | wc -l) + $(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ diff origin/main..HEAD | wc -l)))
if [[ $CFG != 0 ]]; then
CFG_STR='CONFIG'
else
CFG_STR=''
fi
if [[ $CSE != 0 ]]; then
CSE_STR=' CSE'
else
CSE_STR=''
fi
if [[ $PASS != 0 ]]; then
PASS_STR=' PASS'
else
PASS_STR=''
fi
OUT="$CFG_STR""$CSE_STR""$PASS_STR"
echo "$OUT"

504
flake.lock generated
View file

File diff suppressed because it is too large Load diff

2
flake.nix
View file

@ -28,7 +28,7 @@
smallpkgs.url = "github:nixos/nixpkgs/08fcb0dcb59df0344652b38ea6326a2d8271baff?narHash=sha256-HXIQzULIG/MEUW2Q/Ss47oE3QrjxvpUX7gUl4Xp6lnc%3D&shallow=1"; smallpkgs.url = "github:nixos/nixpkgs/08fcb0dcb59df0344652b38ea6326a2d8271baff?narHash=sha256-HXIQzULIG/MEUW2Q/Ss47oE3QrjxvpUX7gUl4Xp6lnc%3D&shallow=1";
nixpkgs-dev.url = "github:Swarsel/nixpkgs/main"; nixpkgs-dev.url = "github:Swarsel/nixpkgs/main";
nixpkgs-bisect.url = "github:nixos/nixpkgs/master"; nixpkgs-bisect.url = "github:nixos/nixpkgs/master";
# nixpkgs-update.url = "github:r-ryantm/nixpkgs/auto-update/oauth2-proxy"; nixpkgs-update.url = "github:r-ryantm/nixpkgs/auto-update/oauth2-proxy";
# nixpkgs-kernel.url = "github:NixOS/nixpkgs/063f43f2dbdef86376cc29ad646c45c46e93234c?narHash=sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o%3D"; #specifically pinned for kernel version # nixpkgs-kernel.url = "github:NixOS/nixpkgs/063f43f2dbdef86376cc29ad646c45c46e93234c?narHash=sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o%3D"; #specifically pinned for kernel version
nixpkgs-kernel.url = "github:nixos/nixpkgs/dd9b079222d43e1943b6ebd802f04fd959dc8e61?narHash=sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE%3D"; #specifically pinned for kernel version nixpkgs-kernel.url = "github:nixos/nixpkgs/dd9b079222d43e1943b6ebd802f04fd959dc8e61?narHash=sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE%3D"; #specifically pinned for kernel version
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11";

2
install/installer-config.nix
View file

@ -108,7 +108,7 @@ in
networking = { networking = {
hostName = "drugstore"; hostName = "drugstore";
wireless.enable = lib.mkForce false; wireless.enable = false;
# dhcpcd.runHook = "${pkgs.utillinux}/bin/agetty --reload"; # dhcpcd.runHook = "${pkgs.utillinux}/bin/agetty --reload";
networkmanager.enable = true; networkmanager.enable = true;
usePredictableInterfaceNames = false; usePredictableInterfaceNames = false;

3
modules/home/common/gpg-agent.nix
View file

@ -28,9 +28,6 @@ in
programs.gpg = { programs.gpg = {
enable = true; enable = true;
scdaemonSettings = {
disable-ccid = true; # prevent conflicts between pcscd and scdameon
};
publicKeys = [ publicKeys = [
{ {
source = "${self}/secrets/public/gpg/gpg-public-key-0x76FD3810215AE097.asc"; source = "${self}/secrets/public/gpg/gpg-public-key-0x76FD3810215AE097.asc";

40
modules/home/common/nix-index.nix
View file

@ -1,4 +1,4 @@
{ lib, config, pkgs, ... }: { self, lib, config, pkgs, ... }:
{ {
options.swarselmodules.nix-index = lib.mkEnableOption "nix-index settings"; options.swarselmodules.nix-index = lib.mkEnableOption "nix-index settings";
config = lib.mkIf config.swarselmodules.nix-index { config = lib.mkIf config.swarselmodules.nix-index {
@ -6,43 +6,7 @@
let let
commandNotFound = pkgs.runCommandLocal "command-not-found.sh" { } '' commandNotFound = pkgs.runCommandLocal "command-not-found.sh" { } ''
mkdir -p $out/etc/profile.d mkdir -p $out/etc/profile.d
cat > $out/etc/profile.d/command-not-found.sh <<'EOF' substitute ${self + /files/scripts/command-not-found.sh} \
# Adapted from https://github.com/bennofs/nix-index/blob/master/command-not-found.sh
command_not_found_handle() {
if [ -n "''${MC_SID-}" ] || ! [ -t 1 ]; then
>&2 echo "$1: command not found"
return 127
fi
echo -n "searching nix-index..."
ATTRS=$(@nix-locate@ --minimal --no-group --type x --type s --whole-name --at-root "/bin/$1")
case $(echo -n "$ATTRS" | grep -c "^") in
0)
>&2 echo -ne "$(@tput@ el1)\r"
>&2 echo "$1: command not found"
;;
*)
>&2 echo -ne "$(@tput@ el1)\r"
>&2 echo "The program $(@tput@ setaf 4)$1$(@tput@ sgr0) is currently not installed."
>&2 echo "It is provided by the following derivation(s):"
while read -r ATTR; do
ATTR=''${ATTR%.out}
>&2 echo " $(@tput@ setaf 12)nixpkgs#$(@tput@ setaf 4)$ATTR$(@tput@ sgr0)"
done <<< "$ATTRS"
;;
esac
return 127
}
command_not_found_handler() {
command_not_found_handle "$@"
return $?
}
EOF
substitute $out/etc/profile.d/command-not-found.sh \
$out/etc/profile.d/command-not-found.sh \ $out/etc/profile.d/command-not-found.sh \
--replace-fail @nix-locate@ ${pkgs.nix-index}/bin/nix-locate \ --replace-fail @nix-locate@ ${pkgs.nix-index}/bin/nix-locate \
--replace-fail @tput@ ${pkgs.ncurses}/bin/tput --replace-fail @tput@ ${pkgs.ncurses}/bin/tput

5
modules/home/common/packages.nix
View file

@ -171,12 +171,13 @@
}) })
# font stuff # font stuff
cantarell-fonts nerd-fonts.fira-mono
nerd-fonts.fira-code nerd-fonts.fira-code
(iosevka-bin.override { variant = "Aile"; })
nerd-fonts.symbols-only nerd-fonts.symbols-only
noto-fonts-color-emoji noto-fonts-color-emoji
font-awesome_5 font-awesome_5
noto-fonts
noto-fonts-cjk-sans
]; ];
}; };
} }

2
modules/nixos/client/hardwarecompatibility-yubikey.nix
View file

@ -8,7 +8,7 @@ in
config = lib.mkIf config.swarselmodules.yubikey { config = lib.mkIf config.swarselmodules.yubikey {
programs.ssh.startAgent = false; programs.ssh.startAgent = false;
services.pcscd.enable = true; services.pcscd.enable = false;
hardware.gpgSmartcards.enable = true; hardware.gpgSmartcards.enable = true;

8
modules/nixos/optional/hibernation.nix
View file

@ -22,9 +22,9 @@
}; };
systemd.services."systemd-suspend-then-hibernate".aliases = [ "systemd-suspend.service" ]; systemd.services."systemd-suspend-then-hibernate".aliases = [ "systemd-suspend.service" ];
powerManagement.enable = true; powerManagement.enable = true;
systemd.sleep.settings.Sleep = { systemd.sleep.extraConfig = ''
HibernateDelaySec = "120m"; HibernateDelaySec=120m
SuspendState = "freeze"; SuspendState=freeze
}; '';
}; };
} }

2
modules/nixos/optional/microvm-guest-shares.nix
View file

@ -1,4 +1,4 @@
{ lib, config, microVMParent, nodes, ... }: { self, lib, config, inputs, microVMParent, nodes, ... }:
{ {
config = { config = {
microvm = { microvm = {

8
modules/nixos/server/disk-encrypt.nix
View file

@ -1,5 +1,11 @@
{ self, pkgs, lib, config, minimal, ... }: { self, pkgs, lib, config, globals, minimal, ... }:
let let
localIp = globals.networks.${config.swarselsystems.server.netConfigName}.hosts.${config.node.name}.ipv4;
subnetMask = globals.networks.${config.swarselsystems.server.netConfigName}.subnetMask4;
gatewayIp = globals.hosts.${config.node.name}.defaultGateway4;
inherit (globals.general) routerServer;
isRouter = config.node.name == routerServer;
hostKeyPathBase = "/etc/secrets/initrd/ssh_host_ed25519_key"; hostKeyPathBase = "/etc/secrets/initrd/ssh_host_ed25519_key";
hostKeyPath = hostKeyPath =

2
modules/nixos/server/oauth2-proxy.nix
View file

@ -165,7 +165,7 @@ in
services = { services = {
${serviceName} = { ${serviceName} = {
enable = true; enable = true;
package = pkgs.oauth2-proxy; package = pkgs.update.oauth2-proxy;
cookie = { cookie = {
domain = ".${mainDomain}"; domain = ".${mainDomain}";
secure = true; secure = true;

2
modules/nixos/server/postgresql.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, confLib, ... }: { self, config, lib, pkgs, confLib, ... }:
let let
inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName; inherit (confLib.gen { name = "postgresql"; port = 3254; }) serviceName;
postgresVersion = 14; postgresVersion = 14;

16
modules/shared/vars.nix
View file

@ -37,27 +37,23 @@
}; };
serif = { serif = {
# package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; }); # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
# package = pkgs.cantarell-fonts; package = pkgs.cantarell-fonts;
# package = pkgs.montserrat; # package = pkgs.montserrat;
# name = "Cantarell"; name = "Cantarell";
package = pkgs.iosevka-bin.override { variant = "Aile"; };
name = "Iosevka Aile";
# name = "FiraCode Nerd Font Propo"; # name = "FiraCode Nerd Font Propo";
# name = "Montserrat"; # name = "Montserrat";
}; };
sansSerif = { sansSerif = {
# package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; }); # package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
# package = pkgs.cantarell-fonts; package = pkgs.cantarell-fonts;
# package = pkgs.montserrat; # package = pkgs.montserrat;
# name = "Cantarell"; name = "Cantarell";
package = pkgs.iosevka-bin.override { variant = "Aile"; };
name = "Iosevka Aile";
# name = "FiraCode Nerd Font Propo"; # name = "FiraCode Nerd Font Propo";
# name = "Montserrat"; # name = "Montserrat";
}; };
monospace = { monospace = {
package = pkgs.nerd-fonts.fira-code; # has overrides package = pkgs.nerd-fonts.fira-mono; # has overrides
name = "FiraCode Nerd Font"; name = "FiraCode Nerd Font Mono";
}; };
emoji = { emoji = {
package = pkgs.noto-fonts-color-emoji; package = pkgs.noto-fonts-color-emoji;

2
nix/overlays.nix
View file

@ -108,6 +108,8 @@ in
"libreoffice" "libreoffice"
"libreoffice-qt" "libreoffice-qt"
"nerd-fonts-symbols-only" "nerd-fonts-symbols-only"
"noto-fonts"
"noto-fonts-cjk-sans"
"noto-fonts-color-emoji" "noto-fonts-color-emoji"
# "pipewire" # "pipewire"
"podman" "podman"

1
pkgs/flake/cdb/default.nix
View file

@ -1,4 +1,5 @@
{ name, writeShellApplication, fzf, ... }: { name, writeShellApplication, fzf, ... }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ fzf ]; runtimeInputs = [ fzf ];

1
pkgs/flake/cdw/default.nix
View file

@ -1,4 +1,5 @@
{ name, writeShellApplication, fzf, ... }: { name, writeShellApplication, fzf, ... }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ fzf ]; runtimeInputs = [ fzf ];

2
pkgs/flake/cura5/default.nix
View file

@ -1,5 +1,7 @@
# taken from https://github.com/NixOS/nixpkgs/issues/186570#issuecomment-1627797219 # taken from https://github.com/NixOS/nixpkgs/issues/186570#issuecomment-1627797219
{ appimageTools, fetchurl, writeScriptBin, pkgs, ... }: { appimageTools, fetchurl, writeScriptBin, pkgs, ... }:
let let
cura5 = appimageTools.wrapType2 rec { cura5 = appimageTools.wrapType2 rec {
pname = "cura5"; pname = "cura5";

28
pkgs/flake/e/default.nix
View file

@ -1,30 +1,6 @@
{ name, writeShellApplication, emacs30-pgtk, sway, jq, ... }: { self, name, writeShellApplication, emacs30-pgtk, sway, jq }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ emacs30-pgtk sway jq ]; runtimeInputs = [ emacs30-pgtk sway jq ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
wait=0
while :; do
case ''${1:-} in
-w | --wait)
wait=1
;;
*) break ;;
esac
shift
done
STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true)
if [ "$STR" == "" ]; then
swaymsg '[title="kittyterm"]' scratchpad show
emacsclient -c -a "" "$@"
swaymsg '[title="kittyterm"]' scratchpad show
else
if [[ $wait -eq 0 ]]; then
emacsclient -n -c -a "" "$@"
else
emacsclient -c -a "" "$@"
fi
fi
'';
} }

25
pkgs/flake/fs-diff/default.nix
View file

@ -1,26 +1,5 @@
{ name, writeShellApplication, ... }: { self, name, writeShellApplication }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
set -euo pipefail
OLD_TRANSID=$(sudo btrfs subvolume find-new /mnt/root-blank 9999999)
OLD_TRANSID=''${OLD_TRANSID#transid marker was }
sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" |
sed '$d' |
cut -f17- -d' ' |
sort |
uniq |
while read -r path; do
path="/$path"
if [ -L "$path" ]; then
: # The path is a symbolic link, so is probably handled by NixOS already
elif [ -d "$path" ]; then
: # The path is a directory, ignore
else
echo "$path"
fi
done
'';
} }

1
pkgs/flake/hm-specialisation/default.nix
View file

@ -1,4 +1,5 @@
{ name, writeShellApplication, fzf, findutils, home-manager, ... }: { name, writeShellApplication, fzf, findutils, home-manager, ... }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ fzf findutils home-manager ]; runtimeInputs = [ fzf findutils home-manager ];

16
pkgs/flake/niri-resize/default.nix
View file

@ -1,18 +1,6 @@
{ name, writeShellApplication, jq, ... }: { self, name, writeShellApplication, jq }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ jq ]; runtimeInputs = [ jq ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
WORKSPACE=$(niri msg -j workspaces | jq -r '.[] | select(.is_focused == true) | .id')
COUNT=$(niri msg -j windows | jq --argjson ws "$WORKSPACE" -r '.[] | select(.workspace_id == $ws and .is_floating == false) | .app_id' | wc -l)
while [[ $COUNT == "0" || $COUNT == "2" ]]; do
COUNT=$(niri msg -j windows | jq --argjson ws "$WORKSPACE" -r '.[] | select(.workspace_id == $ws and .is_floating == false) | .app_id' | wc -l)
done
if [[ $COUNT == "1" ]]; then
niri msg action maximize-column
fi
'';
} }

10
pkgs/flake/opacitytoggle/default.nix
View file

@ -1,12 +1,6 @@
{ name, writeShellApplication, sway, ... }: { self, name, writeShellApplication, sway }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ sway ]; runtimeInputs = [ sway ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
if swaymsg opacity plus 0.01 -q; then
swaymsg opacity 1
else
swaymsg opacity 0.95
fi
'';
} }

56
pkgs/flake/pass-fuzzel/default.nix
View file

@ -1,58 +1,6 @@
{ name, writeShellApplication, libnotify, pass, fuzzel, wtype, ... }: { self, name, writeShellApplication, libnotify, pass, fuzzel, wtype }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ libnotify (pass.withExtensions (exts: [ exts.pass-otp ])) fuzzel wtype ]; runtimeInputs = [ libnotify (pass.withExtensions (exts: [ exts.pass-otp ])) fuzzel wtype ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
# Adapted from https://code.kulupu.party/thesuess/home-manager/src/branch/main/modules/river.nix
shopt -s nullglob globstar
otp=0
typeit=0
while :; do
case ''${1:-} in
-t | --type)
typeit=1
;;
-o | --otp)
otp=1
;;
*) break ;;
esac
shift
done
export PASSWORD_STORE_DIR=~/.local/share/password-store
prefix=''${PASSWORD_STORE_DIR-~/.local/share/password-store}
if [[ $otp -eq 0 ]]; then
password_files=("$prefix"/**/*.gpg)
else
password_files=("$prefix"/otp/**/*.gpg)
fi
password_files=("''${password_files[@]#"$prefix"/}")
password_files=("''${password_files[@]%.gpg}")
password=$(printf '%s\n' "''${password_files[@]}" | fuzzel --dmenu "$@")
[[ -n $password ]] || exit
if [[ $otp -eq 0 ]]; then
if [[ $typeit -eq 0 ]]; then
pass show -c "$password" &> /tmp/pass-fuzzel
else
pass show "$password" | {
IFS= read -r pass
printf %s "$pass"
} | wtype -
fi
else
if [[ $typeit -eq 0 ]]; then
pass otp -c "$password" &> /tmp/pass-fuzzel
else
pass otp "$password" | {
IFS= read -r pass
printf %s "$pass"
} | wtype -
fi
fi
notify-send -u critical -a pass -t 1000 "Copied/Typed Password"
'';
} }

12
pkgs/flake/project/default.nix
View file

@ -1,13 +1,5 @@
{ name, writeShellApplication, ... }: { self, name, writeShellApplication }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
set -euo pipefail
if [ ! -d "$(pwd)/.git" ]; then
git init
fi
nix flake init --template "$FLAKE"#"$1"
direnv allow
'';
} }

1
pkgs/flake/prstatus/default.nix
View file

@ -1,4 +1,5 @@
{ name, writeShellApplication, curl, ... }: { name, writeShellApplication, curl, ... }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ curl ]; runtimeInputs = [ curl ];

17
pkgs/flake/quickpass/default.nix
View file

@ -1,19 +1,6 @@
{ name, writeShellApplication, libnotify, pass, wtype, ... }: { self, name, writeShellApplication, libnotify, pass, wtype }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ libnotify pass wtype ]; runtimeInputs = [ libnotify pass wtype ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
shopt -s nullglob globstar
notify-send "$(env | grep -E 'WAYLAND|SWAY')"
password="$1"
pass show "$password" | {
IFS= read -r pass
printf %s "$pass"
} | wtype -
notify-send -u critical -a pass -t 1000 "Typed Password"
'';
} }

16
pkgs/flake/sshrm/default.nix
View file

@ -1,18 +1,6 @@
{ name, writeShellApplication, openssh, ... }: { self, name, writeShellApplication, openssh }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ openssh ]; runtimeInputs = [ openssh ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
HISTFILE="$HOME"/.histfile
last_ssh_cmd=$(grep -E "ssh " "$HISTFILE" | sed -E 's/^: [0-9]+:[0-9]+;//' | grep "^ssh " | tail -1)
host=$(echo "$last_ssh_cmd" | sed -E 's/.*ssh ([^@ ]+@)?([^ ]+).*/\2/')
if [[ -n $host ]]; then
echo "Removing SSH host key for: $host"
ssh-keygen -R "$host"
else
echo "No valid SSH command found in history."
fi
'';
} }

399
pkgs/flake/swarsel-bootstrap/default.nix
View file

@ -1,401 +1,6 @@
{ name, writeShellApplication, openssh, ... }: { self, name, writeShellApplication, openssh }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ openssh ]; runtimeInputs = [ openssh ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
# highly inspired by https://github.com/EmergentMind/nix-config/blob/dev/files/scripts/bootstrap-nixos.sh
set -eo pipefail
target_hostname=""
target_destination=""
target_arch=""
target_user="swarsel"
ssh_port="22"
persist_dir=""
disk_encryption=0
disk_encryption_args=""
no_disko_deps="false"
temp=$(mktemp -d)
function help_and_exit() {
echo
echo "Remotely installs SwarselSystem on a target machine including secret deployment."
echo
echo "USAGE: $0 -n <target_hostname> -d <target_destination> [OPTIONS]"
echo
echo "ARGS:"
echo " -n <target_hostname> specify target_hostname of the target host to deploy the nixos config on."
echo " -d <target_destination> specify ip or url to the target host."
echo " -a <targeit_arch> specify the architecture of the target host."
echo " target during install process."
echo
echo "OPTIONS:"
echo " -u <target_user> specify target_user with sudo access. nix-config will be cloned to their home."
echo " Default=''${target_user}."
echo " --port <ssh_port> specify the ssh port to use for remote access. Default=''${ssh_port}."
echo " --debug Enable debug mode."
echo " --no-disko-deps Upload only disk script and not dependencies (for use on low ram)."
echo " -h | --help Print this help."
exit 0
}
function cleanup() {
rm -rf "$temp"
rm -rf /tmp/disko-password
}
trap cleanup exit
function red() {
echo -e "\x1B[31m[!] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[31m[!] $($2) \x1B[0m"
fi
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
function yellow() {
echo -e "\x1B[33m[*] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[33m[*] $($2) \x1B[0m"
fi
}
function yes_or_no() {
echo -en "\x1B[32m[+] $* [y/n] (default: y): \x1B[0m"
while true; do
read -rp "" yn
yn=''${yn:-y}
case $yn in
[Yy]*) return 0 ;;
[Nn]*) return 1 ;;
esac
done
}
function update_sops_file() {
key_name=$1
key_type=$2
key=$3
if [ ! "$key_type" == "hosts" ] && [ ! "$key_type" == "users" ]; then
red "Invalid key type passed to update_sops_file. Must be either 'hosts' or 'users'."
exit 1
fi
cd "''${git_root}"
SOPS_FILE=".sops.yaml"
sed -i "{
# Remove any * and & entries for this host
/[*&]$key_name/ d;
# Inject a new age: entry
# n matches the first line following age: and p prints it, then we transform it while reusing the spacing
/age:/{n; p; s/\(.*- \*\).*/\1$key_name/};
# Inject a new hosts or user: entry
/&$key_type/{n; p; s/\(.*- &\).*/\1$key_name $key/}
}" $SOPS_FILE
green "Updating .sops.yaml"
cd -
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_hostname=$1
;;
-d)
shift
target_destination=$1
;;
-a)
shift
target_arch=$1
;;
-u)
shift
target_user=$1
;;
--port)
shift
ssh_port=$1
;;
--no-disko-deps)
no_disko_deps="true"
;;
--debug)
set -x
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
if [[ $target_arch == "" || $target_destination == "" || $target_hostname == "" ]]; then
red "error: target_arch, target_destination or target_hostname not set."
help_and_exit
fi
LOCKED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.node.lockFromBootstrapping)"
if [[ $LOCKED == "true" ]]; then
red "THIS SYSTEM IS LOCKED FROM BOOTSTRAPPING - set 'node.lockFromBootstrapping = lib.mkForce false;' to proceed"
exit
fi
green "~SwarselSystems~ remote installer"
green "Reading system information for $target_hostname ..."
DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)"
green "Root Disk: $DISK"
CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)"
if [[ $CRYPTED == "true" ]]; then
green "Encryption: "
disk_encryption=1
disk_encryption_args=(
--disk-encryption-keys
/tmp/disko-password
/tmp/disko-password
)
else
red "Encryption: X"
disk_encryption=0
fi
IMPERMANENCE="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isImpermanence)"
if [[ $IMPERMANENCE == "true" ]]; then
green "Impermanence: "
persist_dir="/persist"
else
red "Impermanence: X"
persist_dir=""
fi
SWAP="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSwap)"
if [[ $SWAP == "true" ]]; then
green "Swap: "
else
red "Swap: X"
fi
SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSecureBoot)"
if [[ $SECUREBOOT == "true" ]]; then
green "Secure Boot: "
else
red "Secure Boot: X"
fi
ssh_cmd="ssh -oport=''${ssh_port} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -t $target_user@$target_destination"
# ssh_root_cmd=$(echo "$ssh_cmd" | sed "s|''${target_user}@|root@|") # uses @ in the sed switch to avoid it triggering on the $ssh_key value
ssh_root_cmd=''${ssh_cmd/''${target_user}@/root@}
scp_cmd="scp -oport=''${ssh_port} -o StrictHostKeyChecking=no"
if [[ -z ''${FLAKE} ]]; then
FLAKE=/home/"$target_user"/.dotfiles
fi
if [ ! -d "$FLAKE" ]; then
cd /home/"$target_user"
yellow "Flake directory not found - cloning repository from GitHub"
git clone git@github.com:Swarsel/.dotfiles.git || (yellow "Could not clone repository via SSH - defaulting to HTTPS" && git clone https://github.com/Swarsel/.dotfiles.git)
FLAKE=/home/"$target_user"/.dotfiles
fi
cd "$FLAKE"
rm install/flake.lock || true
git_root=$(git rev-parse --show-toplevel)
# ------------------------
green "Wiping known_hosts of $target_destination"
sed -i "/$target_hostname/d; /$target_destination/d" ~/.ssh/known_hosts
# ------------------------
green "Preparing a new ssh_host_ed25519_key pair for $target_hostname."
# Create the directory where sshd expects to find the host keys
install -d -m755 "$temp/$persist_dir/etc/ssh"
# Generate host ssh key pair without a passphrase
ssh-keygen -t ed25519 -f "$temp/$persist_dir/etc/ssh/ssh_host_ed25519_key" -C root@"$target_hostname" -N ""
# Set the correct permissions so sshd will accept the key
chmod 600 "$temp/$persist_dir/etc/ssh/ssh_host_ed25519_key"
echo "Adding ssh host fingerprint at $target_destination to ~/.ssh/known_hosts"
# This will fail if we already know the host, but that's fine
ssh-keyscan -p "$ssh_port" "$target_destination" >> ~/.ssh/known_hosts || true
# ------------------------
# when using luks, disko expects a passphrase on /tmp/disko-password, so we set it for now and will update the passphrase later
# via the config
if [ "$disk_encryption" -eq 1 ]; then
while true; do
green "Set disk encryption passphrase:"
read -rs luks_passphrase
green "Please confirm passphrase:"
read -rs luks_passphrase_confirm
if [[ $luks_passphrase == "$luks_passphrase_confirm" ]]; then
echo "$luks_passphrase" > /tmp/disko-password
$ssh_root_cmd "echo '$luks_passphrase' > /tmp/disko-password"
break
else
red "Passwords do not match"
fi
done
fi
# ------------------------
green "Generating hardware-config.nix for $target_hostname and adding it to the nix-config."
$ssh_root_cmd "nixos-generate-config --force --no-filesystems --root /mnt"
mkdir -p "$FLAKE"/hosts/nixos/"$target_arch"/"$target_hostname"
$scp_cmd root@"$target_destination":/mnt/etc/nixos/hardware-configuration.nix "''${git_root}"/hosts/nixos/"$target_arch"/"$target_hostname"/hardware-configuration.nix
# ------------------------
green "Generating hostkey for ssh initrd"
$ssh_root_cmd "mkdir -p $temp/etc/secrets/initrd /etc/secrets/initrd"
$ssh_root_cmd "ssh-keygen -t ed25519 -N '''' -f $temp/etc/secrets/initrd/ssh_host_ed25519_key"
$ssh_root_cmd "cp $temp/etc/secrets/initrd/ssh_host_ed25519_key /etc/secrets/initrd/ssh_host_ed25519_key"
# ------------------------
green "Deploying minimal NixOS installation on $target_destination"
if [[ $no_disko_deps == "true" ]]; then
green "Building without disko dependencies (using custom kexec)"
nix run github:nix-community/nixos-anywhere/1.10.0 -- "''${disk_encryption_args[@]}" --no-disko-deps --ssh-port "$ssh_port" --extra-files "$temp" --flake ./install#"$target_hostname" --kexec "$(nix build --print-out-paths .#packages."$target_arch".swarsel-kexec)/swarsel-kexec-$target_arch.tar.gz" root@"$target_destination"
else
green "Building with disko dependencies (using nixos-images kexec)"
nix run github:nix-community/nixos-anywhere/1.10.0 -- "''${disk_encryption_args[@]}" --ssh-port "$ssh_port" --extra-files "$temp" --flake ./install#"$target_hostname" root@"$target_destination"
fi
echo "Updating ssh host fingerprint at $target_destination to ~/.ssh/known_hosts"
ssh-keyscan -p "$ssh_port" "$target_destination" >> ~/.ssh/known_hosts || true
# ------------------------
while true; do
read -rp "Press Enter to continue once the remote host has finished booting."
if nc -z "$target_destination" "''${ssh_port}" 2> /dev/null; then
green "$target_destination is booted. Continuing..."
break
else
yellow "$target_destination is not yet ready."
fi
done
# ------------------------
if [[ $SECUREBOOT == "true" ]]; then
green "Setting up secure boot keys"
$ssh_root_cmd "mkdir -p /var/lib/sbctl"
read -ra scp_call <<< "''${scp_cmd}"
sudo "''${scp_call[@]}" -r /var/lib/sbctl root@"$target_destination":/var/lib/
$ssh_root_cmd "sbctl enroll-keys --ignore-immutable --microsoft || true"
fi
# ------------------------
if [ -n "$persist_dir" ]; then
$ssh_root_cmd "cp /etc/machine-id $persist_dir/etc/machine-id || true"
$ssh_root_cmd "cp -R /etc/ssh/ $persist_dir/etc/ssh/ || true"
fi
# ------------------------
green "Generating an age key based on the new ssh_host_ed25519_key."
target_key=$(
ssh-keyscan -p "$ssh_port" -t ssh-ed25519 "$target_destination" 2>&1 |
grep ssh-ed25519 |
cut -f2- -d" " ||
(
red "Failed to get ssh key. Host down?"
exit 1
)
)
host_age_key=$(nix shell nixpkgs#ssh-to-age.out -c sh -c "echo $target_key | ssh-to-age")
if grep -qv '^age1' <<< "$host_age_key"; then
red "The result from generated age key does not match the expected format."
yellow "Result: $host_age_key"
yellow "Expected format: age1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
exit 1
else
echo "$host_age_key"
fi
green "Updating nix-secrets/.sops.yaml"
update_sops_file "$target_hostname" "hosts" "$host_age_key"
yellow ".sops.yaml has been updated. There may be superfluous entries, you might need to edit manually."
if yes_or_no "Do you want to manually edit .sops.yaml now?"; then
vim "''${git_root}"/.sops.yaml
fi
green "Updating all secrets files to reflect updates .sops.yaml"
sops updatekeys --yes --enable-local-keyservice "''${git_root}"/hosts/nixos/"$target_arch"/"$target_hostname"/secrets/* || true
# --------------------------
green "Making ssh_host_ed25519_key available to home-manager for user $target_user"
sed -i "/$target_hostname/d; /$target_destination/d" ~/.ssh/known_hosts
$ssh_root_cmd "mkdir -p /home/$target_user/.ssh; chown -R $target_user:users /home/$target_user/.ssh/"
$scp_cmd root@"$target_destination":/etc/ssh/ssh_host_ed25519_key root@"$target_destination":/home/"$target_user"/.ssh/ssh_host_ed25519_key
$ssh_root_cmd "chown $target_user:users /home/$target_user/.ssh/ssh_host_ed25519_key"
# __________________________
if yes_or_no "Add ssh host fingerprints for git upstream repositories? (This is needed for building the full config)"; then
green "Adding ssh host fingerprints for git{lab,hub}"
$ssh_cmd "mkdir -p /home/$target_user/.ssh/; ssh-keyscan -t ssh-ed25519 gitlab.com github.com | tee /home/$target_user/.ssh/known_hosts"
$ssh_root_cmd "mkdir -p /root/.ssh/; ssh-keyscan -t ssh-ed25519 gitlab.com github.com | tee /root/.ssh/known_hosts"
fi
# --------------------------
if yes_or_no "Do you want to copy your full nix-config and nix-secrets to $target_hostname?"; then
green "Adding ssh host fingerprint at $target_destination to ~/.ssh/known_hosts"
ssh-keyscan -p "$ssh_port" "$target_destination" >> ~/.ssh/known_hosts || true
green "Copying full nix-config to $target_hostname"
cd "''${git_root}"
just sync "$target_user" "$target_destination"
if [ -n "$persist_dir" ]; then
$ssh_root_cmd "cp -r /home/$target_user/.dotfiles $persist_dir/.dotfiles || true"
$ssh_root_cmd "cp -r /home/$target_user/.ssh $persist_dir/.ssh || true"
fi
if yes_or_no "Do you want to rebuild immediately?"; then
green "Building nix-config for $target_hostname"
# yellow "Reminder: The password is 'setup'"
$ssh_root_cmd "mkdir -p /root/.local/share/nix/; printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /root/.local/share/nix/trusted-settings.json"
# $ssh_cmd -oForwardAgent=yes "cd .dotfiles && sudo nixos-rebuild --show-trace --flake .#$target_hostname switch"
store_path=$(nix build --no-link --print-out-paths .#nixosConfigurations."$target_hostname".config.system.build.toplevel)
green "Copying generation to $target_hostname"
nix copy --to "ssh://root@$target_destination" "$store_path"
# prev_system=$($ssh_root_cmd " readlink -e /nix/var/nix/profiles/system")
green "Linking generation in bootloader"
$ssh_root_cmd "/run/current-system/sw/bin/nix-env --profile /nix/var/nix/profiles/system --set $store_path"
green "Setting generation to activate upon next boot"
$ssh_root_cmd "$store_path/bin/switch-to-configuration boot"
else
echo
green "NixOS was successfully installed!"
echo "Post-install config build instructions:"
echo "To copy nix-config from this machine to the $target_hostname, run the following command from ~/nix-config"
echo "just sync $target_user $target_destination"
echo "To rebuild, sign into $target_hostname and run the following command from ~/nix-config"
echo "cd nix-config"
# see above FIXME:(bootstrap)
echo "sudo nixos-rebuild .pre-commit-config.yaml show-trace --flake .#$target_hostname switch"
# echo "just rebuild"
echo
fi
fi
green "NixOS was successfully installed!"
if yes_or_no "You can now commit and push the nix-config, which includes the hardware-configuration.nix for $target_hostname?"; then
cd "''${git_root}"
deadnix hosts/nixos/"$target_arch"/"$target_hostname"/hardware-configuration.nix -qe
nixpkgs--fmt hosts/nixos/"$target_arch"/"$target_hostname"/hardware-configuration.nix
(.pre-commit-config.yaml mit run --all-files 2> /dev/null || true) &&
git add "$git_root/hosts/nixos/$target_arch/$target_hostname/hardware-configuration.nix" &&
git add "$git_root/.sops.yaml" &&
git add "$git_root/secrets" &&
(git commit -m "feat: deployed $target_hostname" || true) && git push
fi
if yes_or_no "Reboot now?"; then
$ssh_root_cmd "reboot"
fi
rm -rf /tmp/disko-password
'';
} }

7
pkgs/flake/swarsel-displaypower/default.nix
View file

@ -1,9 +1,6 @@
{ name, writeShellApplication, sway, ... }: { self, name, writeShellApplication, sway }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ sway ]; runtimeInputs = [ sway ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
swaymsg "output * power on" > /dev/null 2>&1 || true
swaymsg "output * dpms on" > /dev/null 2>&1 || true
'';
} }

193
pkgs/flake/swarsel-install/default.nix
View file

@ -1,195 +1,6 @@
{ name, writeShellApplication, git, ... }: { self, name, writeShellApplication, git }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ git ]; runtimeInputs = [ git ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
set -eo pipefail
target_config="hotel"
target_hostname="hotel"
target_user="swarsel"
target_arch=""
persist_dir=""
target_disk="/dev/vda"
disk_encryption=0
function help_and_exit() {
echo
echo "Locally installs SwarselSystem on this machine."
echo
echo "USAGE: $0 -n <target_config> -d <target_disk> [OPTIONS]"
echo
echo "ARGS:"
echo " -n <target_config> specify the nixos config to deploy."
echo " Default: hotel"
echo " -d <target_disk> specify disk to install on."
echo " Default: /dev/vda"
echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel"
echo " -a <target_arch> specify target architecture."
echo " -h | --help Print this help."
exit 0
}
function red() {
echo -e "\x1B[31m[!] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[31m[!] $($2) \x1B[0m"
fi
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
function yellow() {
echo -e "\x1B[33m[*] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[33m[*] $($2) \x1B[0m"
fi
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_config=$1
target_hostname=$1
;;
-u)
shift
target_user=$1
;;
-d)
shift
target_disk=$1
;;
-a)
shift
target_arch=$1
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
function cleanup() {
sudo rm -rf .cache/nix
sudo rm -rf /root/.cache/nix
}
trap cleanup exit
if [[ $target_arch == "" || $target_hostname == "" ]]; then
red "error: target_arch or target_hostname not set."
help_and_exit
fi
green "~SwarselSystems~ local installer"
cd /home/"$target_user"
sudo rm -rf /root/.cache/nix
sudo rm -rf .cache/nix
sudo rm -rf .dotfiles
green "Cloning repository from GitHub"
git clone https://github.com/Swarsel/.dotfiles.git
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/public/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"''${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable ..."
sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
nix flake update vbc-nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
green "Reading system information for $target_config ..."
DISK="$(nix eval --raw ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.rootDisk)"
green "Root Disk in config: $DISK - Root Disk passed in cli: $target_disk"
CRYPTED="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isCrypted)"
if [[ $CRYPTED == "true" ]]; then
green "Encryption: "
disk_encryption=1
else
red "Encryption: X"
disk_encryption=0
fi
IMPERMANENCE="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isImpermanence)"
if [[ $IMPERMANENCE == "true" ]]; then
green "Impermanence: "
persist_dir="/persist"
else
red "Impermanence: X"
persist_dir=""
fi
SWAP="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSwap)"
if [[ $SWAP == "true" ]]; then
green "Swap: "
else
red "Swap: X"
fi
SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_hostname".config.swarselsystems.isSecureBoot)"
if [[ $SECUREBOOT == "true" ]]; then
green "Secure Boot: "
else
red "Secure Boot: X"
fi
if [ "$disk_encryption" -eq 1 ]; then
while true; do
green "Set disk encryption passphrase:"
read -rs luks_passphrase
green "Please confirm passphrase:"
read -rs luks_passphrase_confirm
if [[ $luks_passphrase == "$luks_passphrase_confirm" ]]; then
echo "$luks_passphrase" > /tmp/disko-password
break
else
red "Passwords do not match"
fi
done
fi
green "Setting up disk ..."
if [[ $target_config == "hotel" ]]; then
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/v1.10.0 -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks --arg diskDevice "$target_disk"
else
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount --flake .#"$target_config" --yes-wipe-all-disks
fi
sudo mkdir -p /mnt/"$persist_dir"/home/"$target_user"/
sudo cp -r /home/"$target_user"/.dotfiles /mnt/"$persist_dir"/home/"$target_user"/
sudo chown -R 1000:100 /mnt/"$persist_dir"/home/"$target_user"
green "Generating hardware configuration ..."
sudo nixos-generate-config --root /mnt --no-filesystems --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/
git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/hardware-configuration.nix
sudo mkdir -p /root/.local/share/nix/
printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | sudo tee /root/.local/share/nix/trusted-settings.json > /dev/null
green "Installing flake $target_config"
store_path=$(nix build --no-link --print-out-paths .#nixosConfigurationsMinimal."$target_config".config.system.build.toplevel)
green "Linking generation in bootloader"
sudo "/run/current-system/sw/bin/nix-env --profile /nix/var/nix/profiles/system --set $store_path"
green "Setting generation to activate upon next boot"
sudo "$store_path/bin/switch-to-configuration boot"
green "Installation finished! Reboot to see changes"
'';
} }

77
pkgs/flake/swarsel-postinstall/default.nix
View file

@ -1,79 +1,6 @@
{ name, writeShellApplication, git, ... }: { self, name, writeShellApplication, git }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ git ]; runtimeInputs = [ git ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
set -eo pipefail
target_config="hotel"
target_user="swarsel"
function help_and_exit() {
echo
echo "Locally installs SwarselSystem on this machine."
echo
echo "USAGE: $0 -d <disk> [OPTIONS]"
echo
echo "ARGS:"
echo " -d <disk> specify disk to install on."
echo " -n <target_config> specify the nixos config to deploy."
echo " Default: hotel"
echo " Default: hotel"
echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel"
echo " -h | --help Print this help."
exit 0
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_config=$1
;;
-u)
shift
target_user=$1
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
function cleanup() {
sudo rm -rf .cache/nix
sudo rm -rf /root/.cache/nix
}
trap cleanup exit
sudo rm -rf .cache/nix
sudo rm -rf /root/.cache/nix
green "~SwarselSystems~ remote post-installer"
cd /home/"$target_user"/.dotfiles
SECUREBOOT="$(nix eval ~/.dotfiles#nixosConfigurations."$target_config".config.swarselsystems.isSecureBoot)"
if [[ $SECUREBOOT == "true" ]]; then
green "Setting up secure boot keys"
sudo mkdir -p /var/lib/sbctl
sbctl create-keys || true
sbctl enroll-keys --ignore-immutable --microsoft || true
fi
sudo nixos-rebuild --flake .#"$target_config" switch
green "Post-install finished!"
'';
} }

115
pkgs/flake/swarsel-rebuild/default.nix
View file

@ -1,117 +1,6 @@
{ name, writeShellApplication, git, ... }: { self, name, writeShellApplication, git }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ git ]; runtimeInputs = [ git ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
set -eo pipefail
target_config="hotel"
target_arch=""
target_user="swarsel"
function help_and_exit() {
echo
echo "Builds SwarselSystem configuration."
echo
echo "USAGE: $0 [OPTIONS]"
echo
echo "ARGS:"
echo " -n <target_config> specify nixos config to build."
echo " Default: hotel"
echo " -u <target_user> specify user to deploy for."
echo " Default: swarsel"
echo " -a <target_arch> specify target architecture."
echo " -h | --help Print this help."
exit 0
}
function red() {
echo -e "\x1B[31m[!] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[31m[!] $($2) \x1B[0m"
fi
}
function green() {
echo -e "\x1B[32m[+] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[32m[+] $($2) \x1B[0m"
fi
}
function yellow() {
echo -e "\x1B[33m[*] $1 \x1B[0m"
if [ -n "''${2-}" ]; then
echo -e "\x1B[33m[*] $($2) \x1B[0m"
fi
}
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
shift
target_config=$1
;;
-a)
shift
target_arch=$1
;;
-u)
shift
target_user=$1
;;
-h | --help) help_and_exit ;;
*)
echo "Invalid option detected."
help_and_exit
;;
esac
shift
done
if [[ $target_arch == "" ]]; then
red "error: target_arch not set."
help_and_exit
fi
cd /home/"$target_user"
if [ ! -d /home/"$target_user"/.dotfiles ]; then
green "Cloning repository from GitHub"
git clone https://github.com/Swarsel/.dotfiles.git
else
red "A .dotfiles repository is in the way. Please (re-)move the repository and try again."
exit 1
fi
local_keys=$(ssh-add -L || true)
pub_key=$(cat /home/"$target_user"/.dotfiles/secrets/public/ssh/yubikey.pub)
read -ra pub_arr <<< "$pub_key"
cd .dotfiles
if [[ $local_keys != *"''${pub_arr[1]}"* ]]; then
yellow "The ssh key for this configuration is not available."
green "Adjusting flake.nix so that the configuration is buildable"
sed -i '/nix-secrets = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/vbc-nix = {/,/^[[:space:]]*};/d' flake.nix
sed -i '/[[:space:]]*\/\/ (inputs.vbc-nix.overlays.default final prev)/d' overlays/default.nix
rm modules/home/common/env.nix
rm modules/home/common/gammastep.nix
rm modules/home/common/git.nix
rm modules/home/common/mail.nix
rm modules/home/common/yubikey.nix
rm modules/nixos/server/restic.nix
rm hosts/nixos/aarch64-linux/milkywell/default.nix
rm -rf modules/nixos/server
rm -rf modules/home/server
nix flake update vbc-nix
git add .
else
green "Valid SSH key found! Continuing with installation"
fi
sudo nixos-generate-config --dir /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/
git add /home/"$target_user"/.dotfiles/hosts/nixos/"$target_arch"/"$target_config"/hardware-configuration.nix
green "Installing flake $target_config"
sudo nixos-rebuild --show-trace --flake .#"$target_config" boot
yellow "Please keep in mind that this is only a demo of the configuration. Things might break unexpectedly."
'';
} }

2
pkgs/flake/swarselcheck-niri/default.nix
View file

@ -1,4 +1,4 @@
{ self, name, writeShellApplication, kitty, element-desktop, vesktop, spotify-player, jq, ... }: { self, name, writeShellApplication, kitty, element-desktop, vesktop, spotify-player, jq }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ kitty element-desktop vesktop spotify-player jq ]; runtimeInputs = [ kitty element-desktop vesktop spotify-player jq ];

67
pkgs/flake/swarselcheck/default.nix
View file

@ -1,69 +1,6 @@
{ name, writeShellApplication, kitty, element-desktop, vesktop, spotify-player, jq, ... }: { self, name, writeShellApplication, kitty, element-desktop, vesktop, spotify-player, jq }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ kitty element-desktop vesktop spotify-player jq ]; runtimeInputs = [ kitty element-desktop vesktop spotify-player jq ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
kitty=0
element=0
vesktop=0
spotifyplayer=0
while :; do
case ''${1:-} in
-k | --kitty)
kitty=1
;;
-e | --element)
element=1
;;
-d | --vesktop)
vesktop=1
;;
-s | --spotifyplayer)
spotifyplayer=1
;;
*) break ;;
esac
shift
done
if [[ $kitty -eq 1 ]]; then
STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true)
CHECK=$(swaymsg -t get_tree | grep kittyterm || true)
if [ "$CHECK" == "" ]; then
exec kitty --app-id kittyterm -T kittyterm -o confirm_os_window_close=0 zellij attach --create kittyterm &
sleep 1
fi
if [ "$STR" == "" ]; then
exec swaymsg '[title="kittyterm"]' scratchpad show
else
exec swaymsg '[title="kittyterm"]' scratchpad show
fi
elif [[ $element -eq 1 ]]; then
STR=$(swaymsg -t get_tree | grep Element || true)
if [ "$STR" == "" ]; then
exec element-desktop
else
exec swaymsg '[app_id=Element]' kill
fi
elif [[ $vesktop -eq 1 ]]; then
STR=$(swaymsg -t get_tree | grep vesktop || true)
if [ "$STR" == "" ]; then
exec vesktop
else
exec swaymsg '[app_id=vesktop]' kill
fi
elif [[ $spotifyplayer -eq 1 ]]; then
STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep spotifytui || true)
CHECK=$(swaymsg -t get_tree | grep spotifytui || true)
if [ "$CHECK" == "" ]; then
exec kitty --add-id spotifytui -T spotifytui -o confirm_os_window_close=0 spotify_player &
sleep 1
fi
if [ "$STR" == "" ]; then
exec swaymsg '[title="spotifytui"]' scratchpad show
else
exec swaymsg '[title="spotifytui"]' scratchpad show
fi
fi
'';
} }

13
pkgs/flake/swarselzellij/default.nix
View file

@ -1,15 +1,6 @@
{ name, writeShellApplication, kitty, ... }: { self, name, writeShellApplication, kitty }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ kitty ]; runtimeInputs = [ kitty ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
# KITTIES=$(($(pgrep -P 1 kitty | wc -l) - 1))
# if ((KITTIES < 1)); then
# exec kitty -o confirm_os_window_close=0 zellij attach --create main
# else
# exec kitty -o confirm_os_window_close=0 zellij attach --create "temp $KITTIES"
# fi
exec kitty -o confirm_os_window_close=0 zellij
'';
} }

29
pkgs/flake/waybarupdate/default.nix
View file

@ -1,31 +1,6 @@
{ name, writeShellApplication, git, ... }: { self, name, writeShellApplication, git }:
writeShellApplication { writeShellApplication {
inherit name; inherit name;
runtimeInputs = [ git ]; runtimeInputs = [ git ];
text = '' text = builtins.readFile "${self}/files/scripts/${name}.sh";
CFG=$(git --git-dir="$HOME"/.dotfiles/.git --work-tree="$HOME"/.dotfiles/ status -s | wc -l)
CSE=$(git --git-dir="$DOCUMENT_DIR_PRIV"/CSE_TUWIEN/.git --work-tree="$DOCUMENT_DIR_PRIV"/CSE_TUWIEN/ status -s | wc -l)
PASS=$(($(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ status -s | wc -l) + $(git --git-dir="$HOME"/.local/share/password-store/.git --work-tree="$HOME"/.local/share/password-store/ diff origin/main..HEAD | wc -l)))
if [[ $CFG != 0 ]]; then
CFG_STR='CONFIG'
else
CFG_STR=""
fi
if [[ $CSE != 0 ]]; then
CSE_STR=' CSE'
else
CSE_STR=""
fi
if [[ $PASS != 0 ]]; then
PASS_STR=' PASS'
else
PASS_STR=""
fi
OUT="$CFG_STR""$CSE_STR""$PASS_STR"
echo "$OUT"
'';
} }