swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 00:57:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: swarsel:910fef4914fb19d98a0dfea67e006b58f8858b3e
Branches Tags
swarsel:main
swarsel:feat/router
swarsel:feat/nixos-dns
swarsel:test-extra-modules
swarsel:feat/microvm-preparation
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1
..
compare: swarsel:47075799d6fb3eb7b744d2748fa3f62de32e0f7d
Branches Tags
swarsel:feat/router
swarsel:main
swarsel:feat/nixos-dns
swarsel:test-extra-modules
swarsel:feat/microvm-preparation
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1

3 commits
910fef4914 ... 47075799d6

Author SHA1 Message Date
Leon Schwarzäugl
47075799d6
feat: improve formatting 2025-11-14 00:29:55 +01:00
Leon Schwarzäugl
c098800c79
feat[client]: initialize syncthingtray on install 2025-11-13 23:41:56 +01:00
Leon Schwarzäugl
f950ea97be
chore: fix typos; build niri less eagerly 2025-11-13 23:40:41 +01:00
16 changed files with 647 additions and 235 deletions
Download patch file Download diff file Expand all files Collapse all files

237
SwarselSystems.org
View file

@ -318,6 +318,44 @@ Here I give a brief overview over the hostmachines that I am using. This is held
<<homemanageronlysetup>>
#+end_src
#+RESULTS:
#+begin_export html
These steps are required when setting up a normal NixOS host:
- setup yubikey (automatic yubikey enrollment is not yet supported by `disko`):
- `systemd-cryptenroll --fido2-device=auto /dev/<device, e.g. 'nvme0n1p2'>`
If the new machine is a work machine, these steps are additionally needed:
- setup the work VPN:
- using the laptop certificate `.pem` as User cert and private key (CA cert: none)
- vpn gateway is found in `nixosConfig.repo.secrets.local.work.vpnGateway`
- setup gpgsm for signing of mails using S/MIME:
- `gpgsm --import ~/Certificates/<certname>.p12`
- `gpgsm --import ~/Certificates/harica-root.pem`
- `gpgsm --import ~/Certificates/harica-intermediate.pem`
- `gpgsm --list-keys --with-validation "HARICA Client RSA Root CA 2021"`
- trust the certificate and set passphrase
- setup pizauth for microsoft mail sync (account names are possibly `uni` and `work`):
- `pizauth auth <account name, e.g. 'work'>`
- `pizauth dump > ~/.pizauth.state`
If the new machine is home-manager only, perform these steps:
- (Optional) Install openssh-server
- Set hostname to the name specified in the home-manager configuration
- Install nix, either:
- (if upgrading existing nix) Install nix version matching with version that `nix-plugins` is compiled against: `nix-env --install --file '<nixpkgs>' cacert -I nixpkgs=channel:nixpkgs-unstable --attr nixVersions.nix_x_yy`
- (or installing nix freshly):
- Grab the link to the install script of the needed nix version from https://releases.nixos.org/?prefix=nix, e.g. https://releases.nixos.org/nix/nix-2.30.1/install
- `bash <(curl -L https://releases.nixos.org/nix/nix-x-yy-y/install) --daemon`
- add the following to /etc/nix/nix.conf to become a trusted user: `trusted-users = @wheel root swarsel`
- For the first build:
1) Clone dotfile repo & change into it
2) `nix --extra-experimental-features 'nix-command flakes' develop`
3) `home-manager --extra-experimental-features 'nix-command flakes' switch --flake .#$(hostname) --show-trace`
#+end_export
** Current issues
#+begin_src markdown :noweb yes :exports both :results html
@ -523,6 +561,7 @@ A short overview over each input and what it does:
url = "github:astro/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
treefmt-nix.url = "github:numtide/treefmt-nix";
};
outputs =
@ -1315,7 +1354,7 @@ Lastly, in the =perSystem= attribute set, we see that it is actually passed some
inputs.pre-commit-hooks.flakeModule
];
perSystem = { pkgs, system, ... }:
perSystem = { pkgs, config, system, ... }:
{
pre-commit = {
check.enable = true;
@ -1337,6 +1376,7 @@ Lastly, in the =perSystem= attribute set, we see that it is actually passed some
nixpkgs-fmt.enable = true;
statix.enable = true;
trim-trailing-whitespace.enable = true;
treefmt.enable = true;
destroyed-symlinks = {
enable = true;
@ -1473,7 +1513,8 @@ Lastly, in the =perSystem= attribute set, we see that it is actually passed some
}
];
devshell.startup.pre-commit-install.text = "pre-commit install";
# devshell.startup.pre-commit-install.text = "pre-commit install";
devshell.startup.pre-commit.text = config.pre-commit.installationScript;
env =
let
@ -1544,10 +1585,32 @@ Otherwise, I define the function =mkTemplates= here which builds a named attribu
Defines a formatter that can be called using =nix flake format=. While a nice utility, I have stronger tools to perform this job.
#+begin_src nix-ts :tangle nix/formatter.nix
_:
{ inputs, ... }:
{
imports = [
inputs.treefmt-nix.flakeModule
];
perSystem = { pkgs, ... }: {
formatter = pkgs.nixpkgs-fmt;
# formatter = pkgs.nixpkgs-fmt;
# formatter is set by treefmt to:
# formatter = lib.mkIf config.treefmt.flakeFormatter (lib.mkDefault config.treefmt.build.wrapper);
treefmt = {
projectRootFile = "flake.nix";
programs = {
nixfmt = {
enable = true;
package = pkgs.nixpkgs-fmt;
};
deadnix.enable = true;
statix.enable = true;
shellcheck.enable = true;
};
settings.formatter.shellcheck.options = [
"--shell"
"bash"
];
};
};
}
@ -3664,7 +3727,7 @@ This is a slim setup for developing base configuration. I do not track the hardw
};
swarselmodules = {
servevr.network = lib.mkForce false;
server.network = lib.mkForce false;
};
swarselsystems = {
@ -5949,12 +6012,15 @@ Here I disable global completion to prevent redundant compinit calls and cache i
let
inherit (config.swarselsystems) mainUser homeDir;
devices = config.swarselsystems.syncthing.syncDevices;
servicePort = 8384;
in
{
options.swarselmodules.syncthing = lib.mkEnableOption "syncthing config";
config = lib.mkIf config.swarselmodules.syncthing {
services.syncthing = {
enable = true;
systemService = true;
guiAddress = "127.0.0.1:${builtins.toString servicePort}";
package = pkgs.syncthing;
user = mainUser;
dataDir = homeDir;
@ -6794,12 +6860,16 @@ Auto login for the initial session.
xwayland-satellite-unstable
];
niri-flake.cache.enable = true;
programs.niri = {
enable = true;
package = pkgs.niri-unstable; # the actual niri that will be installed and used
};
} // {
niri-flake.cache.enable = true;
programs.niri = {
package = null;
};
};
}
#+end_src
@ -11905,7 +11975,6 @@ The general structure here is the same as in the [[#h:6da812f5-358c-49cb-aff2-0a
Steps to get a home-manager only setup up and running:
#+begin_src markdown :noweb-ref homemanageronlysetup :exports both :results html
- (Optional) Install openssh-server
- Set hostname to the name specified in the home-manager configuration
- Install nix, either:
@ -11918,7 +11987,6 @@ Steps to get a home-manager only setup up and running:
1) Clone dotfile repo & change into it
2) `nix --extra-experimental-features 'nix-command flakes' develop`
3) `home-manager --extra-experimental-features 'nix-command flakes' switch --flake .#$(hostname) --show-trace`
#+end_src
*** TODO Common
@ -14703,6 +14771,131 @@ Sets up a systemd user service for anki that does not stall the shutdown process
}
#+end_src
***** syncthing service for tray
#+begin_src nix-ts :tangle modules/home/common/syncthing-tray.nix
{ lib, config, pkgs, ... }:
{
options.swarselmodules.syncthing-tray = lib.mkEnableOption "enable syncthing applet for tray";
config = lib.mkIf config.swarselmodules.syncthing-tray {
home.activation.setupSyncthingIni =
let
syncthingApiEnvVarName = "SYNCTHING_API_KEY";
syncthingIni = {
file = "${config.home.homeDirectory}/.config/syncthingtray.ini";
content = ''
[General]
v=2.0.2
[qt]
customfont=false
customicontheme=false
customlocale=false
custompalette=false
customstylesheet=false
customwidgetstyle=false
font="Cantarell,11,-1,5,400,0,0,0,0,0,0,0,0,0,0,1"
icontheme=hicolor
iconthemepath=
locale=en_US
palette="@Variant(\0\0\0\x44\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff jj\x86\x86\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xc0\xc0nn\xce\xce\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff jj\x86\x86\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\x66\x66\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xc0\xc0nn\xce\xce\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff jj\x86\x86\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x2\xff\xffP\x14\xff\xff\x65\x65\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xc0\xc0nn\xce\xce\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0)"
plugindir=
stylesheetpath=
trpath=
widgetstyle=
[startup]
considerForReconnect=false
considerLauncherForReconnect=false
showButton=false
showLauncherButton=false
stopOnMetered=false
stopServiceOnMetered=false
syncthingArgs="serve --no-browser --logflags=3"
syncthingAutostart=false
syncthingPath=syncthing
syncthingUnit=syncthing.service
systemUnit=false
useLibSyncthing=false
[tray]
connections\1\apiKey=@ByteArray(''$${syncthingApiEnvVarName})
connections\1\authEnabled=falsex
connections\1\autoConnect=true
connections\1\devStatsPollInterval=60000
connections\1\diskEventLimit=200
connections\1\errorsPollInterval=30000
connections\1\httpsCertPath=${config.home.homeDirectory}/.config/syncthing/https-cert.pem
connections\1\label=Primary instance
connections\1\localPath=
connections\1\longPollingTimeout=0
connections\1\password=
connections\1\pauseOnMetered=false
connections\1\reconnectInterval=30000
connections\1\requestTimeout=0
connections\1\statusComputionFlags=123
connections\1\syncthingUrl=http://${config.services.syncthing.guiAddress}
connections\1\trafficPollInterval=5000
connections\1\userName=
connections\size=1
dbusNotifications=true
distinguishTrayIcons=false
frameStyle=16
ignoreInavailabilityAfterStart=15
notifyOnDisconnect=true
notifyOnErrors=true
notifyOnLauncherErrors=true
notifyOnLocalSyncComplete=false
notifyOnNewDeviceConnects=false
notifyOnNewDirectoryShared=false
notifyOnRemoteSyncComplete=false
positioning\assumedIconPos=@Point(0 0)
positioning\useAssumedIconPosition=false
positioning\useCursorPos=true
preferIconsFromTheme=false
showDownloads=false
showSyncthingNotifications=true
showTabTexts=true
showTraffic=true
statusIcons="#ff26b6db,#ff0882c8,#ffffffff;#ffdb3c26,#ffc80828,#ffffffff;#ffc9ce3b,#ffebb83b,#ffffffff;#ff2d9d69,#ff2d9d69,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff"
statusIconsRenderSize=@Size(32 32)
statusIconsStrokeWidth=0
tabPos=1
trayIcons="#ff26b6db,#ff0882c8,#ffffffff;#ffdb3c26,#ffc80828,#ffffffff;#ffc9ce3b,#ffebb83b,#ffffffff;#ff2d9d69,#ff2d9d69,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff"
trayIconsRenderSize=@Size(32 32)
trayIconsStrokeWidth=0
trayMenuSize=@Size(575 475)
usePaletteForStatusIcons=false
usePaletteForTrayIcons=false
windowType=0
[webview]
customCommand=
disabled=false
mode=0
'';
};
in
lib.hm.dag.entryAfter [ "writeBoundary" ] ''
set -eu
if [ ! -f ${syncthingIni.file} ]; then
cat >${syncthingIni.file} <<'EOF'
${syncthingIni.content}
EOF
export ${syncthingApiEnvVarName}=$(cat /run/syncthing-init/api_key)
${lib.getExe pkgs.envsubst} -i ${syncthingIni.file} -o ${syncthingIni.file}
unset ${syncthingApiEnvVarName}
fi
'';
};
}
#+end_src
**** Sway
:PROPERTIES:
:CUSTOM_ID: h:02df9dfc-d1af-4a37-a7a0-d8da0af96a20
@ -15353,6 +15546,12 @@ Currently, I am too lazy to explain every option here, but most of it is very se
};
};
} // {
programs.niri = lib.mkIf (!config.swarselmodules.niri) {
package = null;
config = null;
settings = null;
};
};
}
#+end_src
@ -15405,7 +15604,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
exec = [ "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" ];
outputs = [
{
criteria = "eDP-2";
criteria = config.swarselsystems.sharescreen;
status = "enable";
scale = 1.0;
}
@ -15477,7 +15676,7 @@ Settings that are needed for the gpg-agent. Also we are enabling emacs support f
When setting up a new machine:
#+begin_src markdown :noweb-ref setup :exports both :results html
#+begin_src markdown :noweb-ref worksetup :exports both :results html
- setup gpgsm for signing of mails using S/MIME:
- `gpgsm --import ~/Certificates/<certname>.p12`
- `gpgsm --import ~/Certificates/harica-root.pem`
@ -16327,7 +16526,7 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
When setting up a new machine:
#+begin_src markdown :noweb-ref setup :exports both :results html
#+begin_src markdown :noweb-ref worksetup :exports both :results html
- setup pizauth for microsoft mail sync (account names are possibly `uni` and `work`):
- `pizauth auth <account name, e.g. 'work'>`
- `pizauth dump > ~/.pizauth.state`
@ -19445,7 +19644,7 @@ Modules that need to be loaded on the NixOS level. Note that these will not be a
lowBattery = lib.mkDefault false;
network = lib.mkDefault true;
networkDevices = lib.mkDefault true;
niri = lib.mkDefault true;
niri = lib.mkDefault false;
nix-ld = lib.mkDefault true;
nvd = lib.mkDefault true;
packages = lib.mkDefault true;
@ -19792,7 +19991,7 @@ This holds modules that are to be used on most hosts. These are also the most im
kitty = lib.mkDefault true;
mail = lib.mkDefault true;
mako = lib.mkDefault true;
niri = lib.mkDefault true;
niri = lib.mkDefault false;
nix-index = lib.mkDefault true;
nixgl = lib.mkDefault true;
nix-your-shell = lib.mkDefault true;
@ -19819,6 +20018,7 @@ This holds modules that are to be used on most hosts. These are also the most im
tmux = lib.mkDefault true;
vesktop = lib.mkDefault true;
vesktop-tray = lib.mkDefault true;
syncthing-tray = lib.mkDefault true;
waybar = lib.mkDefault true;
yubikey = lib.mkDefault false;
yubikeytouch = lib.mkDefault true;
@ -19891,6 +20091,7 @@ This holds modules that are to be used on most hosts. These are also the most im
tmux = lib.mkDefault true;
vesktop = lib.mkDefault false;
vesktop-tray = lib.mkDefault false;
syncthing-tray = lib.mkDefault false;
waybar = lib.mkDefault false;
yubikey = lib.mkDefault false;
yubikeytouch = lib.mkDefault false;
@ -22081,6 +22282,14 @@ Recently I have grown fond of holding presentations using Emacs :)
(add-hook 'org-present-after-navigate-functions 'swarsel/org-present-slide)
#+end_src
**** Render markdown blocks as body to expand noweb blocks
#+begin_src emacs-lisp
(defun org-babel-execute:markdown (body params)
"Just return BODY unchanged, allowing noweb expansion."
body)
#+end_src
*** Nix Mode
:PROPERTIES:
:CUSTOM_ID: h:406c2ecc-0e3e-4d9f-9ae3-3eb1f8b87d1b
@ -22201,7 +22410,7 @@ This adds support for Terraform configuration files. I need this at work.
(add-hook 'terraform-mode-hook #'outline-minor-mode)
#+end_src
*** nixpkgs-fmt
*** nix formatting
:PROPERTIES:
:CUSTOM_ID: h:5ca7484b-b9d6-4023-88d1-a1e37d5df249
:END:

4
files/emacs/init.el
View file

@ -1040,6 +1040,10 @@ create a new one."
(add-hook 'org-present-mode-quit-hook 'swarsel/org-present-end)
(add-hook 'org-present-after-navigate-functions 'swarsel/org-present-slide)
(defun org-babel-execute:markdown (body params)
"Just return BODY unchanged, allowing noweb expansion."
body)
(use-package nix-mode
:after lsp-mode
:ensure t

37
flake.lock generated
View file

@ -10577,6 +10577,22 @@
}
},
"nixpkgs_82": {
"locked": {
"lastModified": 1761236834,
"narHash": "sha256-+pthv6hrL5VLW2UqPdISGuLiUZ6SnAXdd2DdUE+fV2Q=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d5faa84122bc0a1fd5d378492efce4e289f8eac1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_83": {
"locked": {
"lastModified": 1754800730,
"narHash": "sha256-HfVZCXic9XLBgybP0318ym3cDnGwBs/+H5MgxFVYF4I=",
@ -12582,6 +12598,7 @@
"swarsel-modules": "swarsel-modules_6",
"swarsel-nix": "swarsel-nix_3",
"systems": "systems_64",
"treefmt-nix": "treefmt-nix_3",
"vbc-nix": "vbc-nix_8",
"zjstatus": "zjstatus_8"
}
@ -16052,6 +16069,24 @@
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": "nixpkgs_82"
},
"locked": {
"lastModified": 1762938485,
"narHash": "sha256-AlEObg0syDl+Spi4LsZIBrjw+snSVU4T8MOeuZJUJjM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "5b4ee75aeefd1e2d5a1cc43cf6ba65eba75e83e4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"vbc-nix": {
"inputs": {
"nixpkgs": [
@ -16628,7 +16663,7 @@
"inputs": {
"crane": "crane_17",
"flake-utils": "flake-utils_29",
"nixpkgs": "nixpkgs_82",
"nixpkgs": "nixpkgs_83",
"rust-overlay": "rust-overlay_17"
},
"locked": {

1
flake.nix
View file

@ -102,6 +102,7 @@
url = "github:astro/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
treefmt-nix.url = "github:numtide/treefmt-nix";
};
outputs =

20
hosts/nixos/aarch64-linux/moonside/default.nix
View file

@ -38,12 +38,9 @@ in
};
networking = {
nftables.enable = lib.mkForce false;
hostName = "moonside";
enableIPv6 = false;
domain = "subnet03291956.vcn03291956.oraclevcn.com";
firewall = {
allowedTCPPorts = [ 80 443 8384 ];
allowedTCPPorts = [ 8384 ];
};
wireguard = {
enable = true;
@ -132,7 +129,7 @@ in
swarselsystems = {
flakePath = "/root/.dotfiles";
info = "VM.Standard.A1.Flex, 4 OCPUs, 24GB RAM";
info = "VM.Standard.A1.Flex, 4 vCPUs, 24GB RAM";
isImpermanence = true;
isSecureBoot = false;
isCrypted = false;
@ -152,11 +149,12 @@ in
};
swarselmodules.server = {
oauth2-proxy = lib.mkDefault true;
croc = lib.mkDefault true;
microbin = lib.mkDefault true;
shlink = lib.mkDefault true;
slink = lib.mkDefault true;
syncthing = lib.mkDefault true;
oauth2-proxy = true;
croc = true;
microbin = true;
shlink = true;
slink = true;
syncthing = true;
diskEncryption = lib.mkForce false;
};
}

4
hosts/nixos/x86_64-linux/toto/default.nix
View file

@ -15,6 +15,10 @@
minimal = lib.mkForce true;
};
swarselmodules = {
server.network = lib.mkForce false;
};
swarselsystems = {
info = "~SwarselSystems~ remote install helper";
wallpaper = self + /files/wallpaper/lenovowp.png;

2
modules/home/common/kanshi.nix
View file

@ -39,7 +39,7 @@
exec = [ "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" ];
outputs = [
{
criteria = "eDP-2";
criteria = config.swarselsystems.sharescreen;
status = "enable";
scale = 1.0;
}

9
modules/home/common/niri.nix
View file

@ -1,7 +1,8 @@
{ config, pkgs, lib, vars, ... }:
{
options.swarselmodules.niri = lib.mkEnableOption "niri settings";
config = lib.mkIf config.swarselmodules.niri {
config = lib.mkIf config.swarselmodules.niri
{
programs.niri = {
package = pkgs.niri-unstable; # which package to use for niri validation
@ -202,5 +203,11 @@
};
};
} // {
programs.niri = lib.mkIf (!config.swarselmodules.niri) {
package = null;
config = null;
settings = null;
};
};
}

120
modules/home/common/syncthing-tray.nix Normal file
View file

@ -0,0 +1,120 @@
{ lib, config, pkgs, ... }:
{
options.swarselmodules.syncthing-tray = lib.mkEnableOption "enable syncthing applet for tray";
config = lib.mkIf config.swarselmodules.syncthing-tray {
home.activation.setupSyncthingIni =
let
syncthingApiEnvVarName = "SYNCTHING_API_KEY";
syncthingIni = {
file = "${config.home.homeDirectory}/.config/syncthingtray.ini";
content = ''
[General]
v=2.0.2
[qt]
customfont=false
customicontheme=false
customlocale=false
custompalette=false
customstylesheet=false
customwidgetstyle=false
font="Cantarell,11,-1,5,400,0,0,0,0,0,0,0,0,0,0,1"
icontheme=hicolor
iconthemepath=
locale=en_US
palette="@Variant(\0\0\0\x44\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff jj\x86\x86\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xc0\xc0nn\xce\xce\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff jj\x86\x86\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\x66\x66\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xc0\xc0nn\xce\xce\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff jj\x86\x86\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\0\0::ff\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff\x1d\x1d%%,,\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0\x1\x1\xff\xff\0\0\0\0\0\0\0\0\x1\x2\xff\xffP\x14\xff\xff\x65\x65\0\0\x1\x1\xff\xff\xa0\xa0\xb3\xb3\xc5\xc5\0\0\x1\x1\xff\xff^^\xc4\xc4\xff\xff\0\0\x1\x1\xff\xff\xc0\xc0nn\xce\xce\0\0\x1\x1\xff\xff\x17\x17\x1d\x1d##\0\0)"
plugindir=
stylesheetpath=
trpath=
widgetstyle=
[startup]
considerForReconnect=false
considerLauncherForReconnect=false
showButton=false
showLauncherButton=false
stopOnMetered=false
stopServiceOnMetered=false
syncthingArgs="serve --no-browser --logflags=3"
syncthingAutostart=false
syncthingPath=syncthing
syncthingUnit=syncthing.service
systemUnit=false
useLibSyncthing=false
[tray]
connections\1\apiKey=@ByteArray(''$${syncthingApiEnvVarName})
connections\1\authEnabled=falsex
connections\1\autoConnect=true
connections\1\devStatsPollInterval=60000
connections\1\diskEventLimit=200
connections\1\errorsPollInterval=30000
connections\1\httpsCertPath=${config.home.homeDirectory}/.config/syncthing/https-cert.pem
connections\1\label=Primary instance
connections\1\localPath=
connections\1\longPollingTimeout=0
connections\1\password=
connections\1\pauseOnMetered=false
connections\1\reconnectInterval=30000
connections\1\requestTimeout=0
connections\1\statusComputionFlags=123
connections\1\syncthingUrl=http://${config.services.syncthing.guiAddress}
connections\1\trafficPollInterval=5000
connections\1\userName=
connections\size=1
dbusNotifications=true
distinguishTrayIcons=false
frameStyle=16
ignoreInavailabilityAfterStart=15
notifyOnDisconnect=true
notifyOnErrors=true
notifyOnLauncherErrors=true
notifyOnLocalSyncComplete=false
notifyOnNewDeviceConnects=false
notifyOnNewDirectoryShared=false
notifyOnRemoteSyncComplete=false
positioning\assumedIconPos=@Point(0 0)
positioning\useAssumedIconPosition=false
positioning\useCursorPos=true
preferIconsFromTheme=false
showDownloads=false
showSyncthingNotifications=true
showTabTexts=true
showTraffic=true
statusIcons="#ff26b6db,#ff0882c8,#ffffffff;#ffdb3c26,#ffc80828,#ffffffff;#ffc9ce3b,#ffebb83b,#ffffffff;#ff2d9d69,#ff2d9d69,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff"
statusIconsRenderSize=@Size(32 32)
statusIconsStrokeWidth=0
tabPos=1
trayIcons="#ff26b6db,#ff0882c8,#ffffffff;#ffdb3c26,#ffc80828,#ffffffff;#ffc9ce3b,#ffebb83b,#ffffffff;#ff2d9d69,#ff2d9d69,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ff26b6db,#ff0882c8,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff;#ffa9a9a9,#ff58656c,#ffffffff"
trayIconsRenderSize=@Size(32 32)
trayIconsStrokeWidth=0
trayMenuSize=@Size(575 475)
usePaletteForStatusIcons=false
usePaletteForTrayIcons=false
windowType=0
[webview]
customCommand=
disabled=false
mode=0
'';
};
in
lib.hm.dag.entryAfter [ "writeBoundary" ] ''
set -eu
if [ ! -f ${syncthingIni.file} ]; then
cat >${syncthingIni.file} <<'EOF'
${syncthingIni.content}
EOF
export ${syncthingApiEnvVarName}=$(cat /run/syncthing-init/api_key)
${lib.getExe pkgs.envsubst} -i ${syncthingIni.file} -o ${syncthingIni.file}
unset ${syncthingApiEnvVarName}
fi
'';
};
}

9
modules/nixos/client/niri.nix
View file

@ -4,7 +4,8 @@ let
in
{
options.swarselmodules.${moduleName} = lib.mkEnableOption "${moduleName} settings";
config = lib.mkIf config.swarselmodules.${moduleName} {
config = lib.mkIf config.swarselmodules.${moduleName}
{
environment.systemPackages = with pkgs; [
wl-clipboard
@ -15,11 +16,15 @@ in
xwayland-satellite-unstable
];
niri-flake.cache.enable = true;
programs.niri = {
enable = true;
package = pkgs.niri-unstable; # the actual niri that will be installed and used
};
} // {
niri-flake.cache.enable = true;
programs.niri = {
package = null;
};
};
}

3
modules/nixos/client/syncthing.nix
View file

@ -2,12 +2,15 @@
let
inherit (config.swarselsystems) mainUser homeDir;
devices = config.swarselsystems.syncthing.syncDevices;
servicePort = 8384;
in
{
options.swarselmodules.syncthing = lib.mkEnableOption "syncthing config";
config = lib.mkIf config.swarselmodules.syncthing {
services.syncthing = {
enable = true;
systemService = true;
guiAddress = "127.0.0.1:${builtins.toString servicePort}";
package = pkgs.syncthing;
user = mainUser;
dataDir = homeDir;

6
nix/devshell.nix
View file

@ -5,7 +5,7 @@
inputs.pre-commit-hooks.flakeModule
];
perSystem = { pkgs, system, ... }:
perSystem = { pkgs, config, system, ... }:
{
pre-commit = {
check.enable = true;
@ -27,6 +27,7 @@
nixpkgs-fmt.enable = true;
statix.enable = true;
trim-trailing-whitespace.enable = true;
treefmt.enable = true;
destroyed-symlinks = {
enable = true;
@ -164,7 +165,8 @@
}
];
devshell.startup.pre-commit-install.text = "pre-commit install";
# devshell.startup.pre-commit-install.text = "pre-commit install";
devshell.startup.pre-commit.text = config.pre-commit.installationScript;
env =
let

26
nix/formatter.nix
View file

@ -1,6 +1,28 @@
_:
{ inputs, ... }:
{
imports = [
inputs.treefmt-nix.flakeModule
];
perSystem = { pkgs, ... }: {
formatter = pkgs.nixpkgs-fmt;
# formatter = pkgs.nixpkgs-fmt;
# formatter is set by treefmt to:
# formatter = lib.mkIf config.treefmt.flakeFormatter (lib.mkDefault config.treefmt.build.wrapper);
treefmt = {
projectRootFile = "flake.nix";
programs = {
nixfmt = {
enable = true;
package = pkgs.nixpkgs-fmt;
};
deadnix.enable = true;
statix.enable = true;
shellcheck.enable = true;
};
settings.formatter.shellcheck.options = [
"--shell"
"bash"
];
};
};
}

1
profiles/home/dgxspark/default.nix
View file

@ -55,6 +55,7 @@
tmux = lib.mkDefault true;
vesktop = lib.mkDefault false;
vesktop-tray = lib.mkDefault false;
syncthing-tray = lib.mkDefault false;
waybar = lib.mkDefault false;
yubikey = lib.mkDefault false;
yubikeytouch = lib.mkDefault false;

3
profiles/home/personal/default.nix
View file

@ -29,7 +29,7 @@
kitty = lib.mkDefault true;
mail = lib.mkDefault true;
mako = lib.mkDefault true;
niri = lib.mkDefault true;
niri = lib.mkDefault false;
nix-index = lib.mkDefault true;
nixgl = lib.mkDefault true;
nix-your-shell = lib.mkDefault true;
@ -56,6 +56,7 @@
tmux = lib.mkDefault true;
vesktop = lib.mkDefault true;
vesktop-tray = lib.mkDefault true;
syncthing-tray = lib.mkDefault true;
waybar = lib.mkDefault true;
yubikey = lib.mkDefault false;
yubikeytouch = lib.mkDefault true;

2
profiles/nixos/personal/default.nix
View file

@ -26,7 +26,7 @@
lowBattery = lib.mkDefault false;
network = lib.mkDefault true;
networkDevices = lib.mkDefault true;
niri = lib.mkDefault true;
niri = lib.mkDefault false;
nix-ld = lib.mkDefault true;
nvd = lib.mkDefault true;
packages = lib.mkDefault true;