swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 17:17:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: swarsel:ae2126f363eb72a7c432934f4fb5c1bd1c577467
Branches Tags
swarsel:main
swarsel:feat/router
swarsel:feat/nixos-dns
swarsel:test-extra-modules
swarsel:feat/microvm-preparation
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1
..
compare: swarsel:9577cdf243bee1062bb05ca378f7bcf834569baa
Branches Tags
swarsel:feat/router
swarsel:main
swarsel:feat/nixos-dns
swarsel:test-extra-modules
swarsel:feat/microvm-preparation
swarsel:v1.1.4
swarsel:v1.1.3
swarsel:v1.1.2
swarsel:v1.1.1
swarsel:v1.1.0
swarsel:v1.0.0
swarsel:v0.1.0
swarsel:v1.0.0-1

No commits in common. "ae2126f363eb72a7c432934f4fb5c1bd1c577467" and "9577cdf243bee1062bb05ca378f7bcf834569baa" have entirely different histories.
ae2126f363 ... 9577cdf243

19 changed files with 1803 additions and 4086 deletions
Download patch file Download diff file Expand all files Collapse all files

349
SwarselSystems.org
View file

@ -3415,7 +3415,7 @@ This is the "reference implementation" of a setup that runs without NixOS, only
imports = [
inputs.stylix.homeManagerModules.stylix
inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.homeModules.nix-index
inputs.nix-index-database.hmModules.nix-index
"${self}/modules/home"
"${self}/modules/nixos/common/pii.nix"
"${self}/modules/nixos/common/meta.nix"
@ -3889,7 +3889,7 @@ in
}
#+end_src
**** Expose home-manager sops secrets in NixOS (automatically active)
**** Expose home-manager secrets in NixOS (automatically active)
#+begin_src nix-ts :tangle modules/nixos/common/home-manager-secrets.nix
{ lib, config, globals, ... }:
@ -3913,7 +3913,6 @@ in
fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; };
}) // (lib.optionalAttrs modules.zsh {
croc-password = { owner = mainUser; };
github-nixpkgs-review-token = { owner = mainUser; };
}) // (lib.optionalAttrs modules.emacs {
emacs-radicale-pw = { owner = mainUser; };
});
@ -4105,7 +4104,7 @@ We enable the use of =home-manager= as a NixoS module. A nice trick here is the
useUserPackages = true;
verbose = true;
users.${config.swarselsystems.mainUser}.imports = [
inputs.nix-index-database.homeModules.nix-index
inputs.nix-index-database.hmModules.nix-index
inputs.sops-nix.homeManagerModules.sops
# inputs.stylix.homeModules.stylix
{
@ -4633,9 +4632,7 @@ Next, we will setup some environment variables that need to be set on the system
gst-plugins-ugly
gst-libav
]);
} // (lib.optionalAttrs (!config.swarselsystems.isPublic) {
GITHUB_NOTIFICATION_TOKEN_PATH = config.sops.secrets.github-notifications-token.path;
});
};
};
};
}
@ -4687,10 +4684,10 @@ There is a persistent bug over Linux kernels that makes the user wait 1m30s on s
options.swarselmodules.systemdTimeout = lib.mkEnableOption "systemd timeout config";
config = lib.mkIf config.swarselmodules.systemdTimeout {
# systemd
systemd.settings.Manager = {
DefaultTimeoutStartSec = "60s";
DefaultTimeoutStopSec = "15s";
};
systemd.extraConfig = ''
DefaultTimeoutStartSec=60s
DefaultTimeoutStopSec=15s
'';
};
}
#+end_src
@ -5592,7 +5589,7 @@ This section houses the greetd related settings. I do not really want to use a d
settings = {
initial_session.command = "sway";
default_session.command = ''
${pkgs.tuigreet}/bin/tuigreet \
${pkgs.greetd.tuigreet}/bin/tuigreet \
--time \
--asterisks \
--user-menu \
@ -5704,7 +5701,7 @@ When a program does not work, start with =nix-ldd <program>=. This will tell you
pixman
speex
stdenv.cc.cc
stable.steam-fhsenv-without-steam
steam-fhsenv-without-steam
systemd
tbb
vulkan-loader
@ -10386,6 +10383,7 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
gh
];
services = {
spice-vdagentd.enable = true;
openssh = {
@ -11212,7 +11210,6 @@ Sets environment variables. Here I am only setting the EDITOR variable, most var
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
};
};
}
@ -11684,7 +11681,6 @@ Currently I only use it as before with =initExtra= though.
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
croc-password = { };
github-nixpkgs-review-token = { };
};
programs.zsh = {
@ -11719,10 +11715,8 @@ Currently I only use it as before with =initExtra= though.
boot-diff = "nix store diff-closures /run/*-system";
gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system";
cc = "wl-copy";
build-topology = "nix build .#topology.x86_64-linux.config.output";
build-iso = "nix build --print-out-paths .#live-iso";
nix-review- = "nix run nixpkgs#nixpkgs-review -- rev HEAD";
nix-review-post = "nix run nixpkgs#nixpkgs-review -- pr --post-result --systems linux";
topology = "nix build .#topology.x86_64-linux.config.output";
iso = "nix build --print-out-paths .#live-iso";
}
config.swarselsystems.shellAliases;
autosuggestion.enable = true;
@ -11796,7 +11790,6 @@ Currently I only use it as before with =initExtra= though.
bindkey '^H' my-backward-delete-word
export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})"
export GITHUB_TOKEN="$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})"
'';
};
};
@ -11979,76 +11972,22 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
# this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
programs.thunderbird = {
enable = true;
profiles.default = {
isDefault = true;
withExternalGnupg = true;
settings = {
"mail.identity.default.archive_enabled" = true;
"mail.identity.default.archive_keep_folder_structure" = true;
"mail.identity.default.compose_html" = false;
"mail.identity.default.protectSubject" = true;
"mail.identity.default.reply_on_top" = 1;
"mail.identity.default.sig_on_reply" = false;
"mail.identity.default.sig_bottom" = false;
"gfx.webrender.all" = true;
"gfx.webrender.enabled" = true;
};
};
settings = {
"mail.server.default.allow_utf8_accept" = true;
"mail.server.default.max_articles" = 1000;
"mail.server.default.check_all_folders_for_new" = true;
"mail.show_headers" = 1;
"mail.identity.default.auto_quote" = true;
"mail.identity.default.attachPgpKey" = true;
"mailnews.default_sort_order" = 2;
"mailnews.default_sort_type" = 18;
"mailnews.default_view_flags" = 0;
"mailnews.sort_threads_by_root" = true;
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showUserAgent" = true;
"mail.imap.expunge_after_delete" = true;
"mail.server.default.delete_model" = 2;
"mail.warn_on_delete_from_trash" = false;
"mail.warn_on_shift_delete" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.prompted" = 2;
"app.update.auto" = false;
"privacy.donottrackheader.enabled" = true;
};
};
xdg.mimeApps.defaultApplications = {
"x-scheme-handler/mailto" = [ "thunderbird.desktop" ];
"x-scheme-handler/mid" = [ "thunderbird.desktop" ];
"message/rfc822" = [ "thunderbird.desktop" ];
};
accounts = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
email =
let
defaultSettings = {
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true; # SSL/TLS
};
thunderbird = {
enable = true;
profiles = [ "default" ];
email = {
maildirBasePath = "Mail";
accounts = {
leon = {
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
mu.enable = true;
msmtp = {
enable = true;
@ -12069,10 +12008,7 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
};
};
};
in
{
maildirBasePath = "Mail";
accounts = {
swarsel = {
address = address4;
userName = address4-user;
@ -12095,39 +12031,59 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
};
};
leon = lib.recursiveUpdate
{
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
}
defaultSettings;
nautilus = lib.recursiveUpdate
{
nautilus = {
primary = false;
address = address2;
userName = address2;
realName = address2-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address2-token.path}";
}
defaultSettings;
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
mrswarsel = lib.recursiveUpdate
{
mrswarsel = {
primary = false;
address = address3;
userName = address3;
realName = address3-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address3-token.path}";
}
defaultSettings;
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
};
};
@ -13033,10 +12989,9 @@ Currently, I am too lazy to explain every option here, but most of it is very se
"${modifier}+Shift+F12" = "move scratchpad";
"${modifier}+F12" = "scratchpad show";
"${modifier}+Shift+c" = "exec qalculate-gtk";
"${modifier}+c" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-org-capture)'";
"${modifier}+t" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-org-agenda)'";
"${modifier}+Shift+m" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-mu4e)'";
"${modifier}+Shift+a" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-swarsel/open-calendar)'";
"${modifier}+c" = "emacsclient -e '(prot-window-popup-org-capture)'";
"${modifier}+Shift+m" = "emacsclient -e '(prot-window-popup-mu4e)'";
"${modifier}+Shift+a" = "emacsclient -e '(prot-window-popup-swarsel/open-calendar)'";
"${modifier}+p" = "exec pass-fuzzel";
"${modifier}+o" = "exec pass-fuzzel --otp";
"${modifier}+Shift+p" = "exec pass-fuzzel --type";
@ -13169,8 +13124,7 @@ Currently, I am too lazy to explain every option here, but most of it is very se
{ title = "^Add$"; }
{ title = "^Picture-in-Picture$"; }
{ title = "Syncthing Tray"; }
{ title = "^Emacs Popup Frame$"; }
{ title = "^Emacs Popup Anchor$"; }
{ title = "Emacs Popup Frame"; }
{ title = "^spotifytui$"; }
{ title = "^kittyterm$"; }
{ app_id = "vesktop"; }
@ -13221,18 +13175,6 @@ Currently, I am too lazy to explain every option here, but most of it is very se
title = "^Picture-in-Picture$";
};
}
{
command = "resize set width 60 ppt height 60 ppt, opacity 0.99, sticky enable";
criteria = {
title = "^Emacs Popup Frame$";
};
}
{
command = "move container to scratchpad";
criteria = {
title = "^Emacs Popup Anchor$";
};
}
{
command = "resize set width 60 ppt height 60 ppt, opacity 0.8, sticky enable, border normal, move container to scratchpad";
criteria = {
@ -13664,8 +13606,7 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
config = lib.mkIf config.swarselmodules.optional.work
{
config = lib.mkIf config.swarselmodules.optional.work {
home.packages = with pkgs; [
stable.teams-for-linux
shellcheck
@ -13678,92 +13619,13 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
stable.prometheus.cli
tigervnc
openstackclient
pizauth
];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
in
{
primary = false;
address = mailAddress;
userName = mailAddress;
realName = mailName;
passwordCommand = "pizauth show work";
imap = {
host = "outlook.office365.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "outlook.office365.com";
port = 587;
tls = {
enable = true; # SSL/TLS
useStartTls = true;
};
};
thunderbird = {
enable = true;
profiles = [ "default" ];
settings = id: {
"mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth
"mail.server.server_${id}.authMethod" = 10; # oauth
# "toolkit.telemetry.enabled" = false;
# "toolkit.telemetry.rejected" = true;
# "toolkit.telemetry.prompted" = 2;
};
};
msmtp = {
enable = false;
extraConfig = {
account = "work";
auth = "xoauth2";
host = "outlook.office365.com";
protocol = "smtp";
port = "587";
tls = "on";
tls_starttls = "on";
from = "${mailAddress}";
user = "${mailAddress}";
passwordeval = "pizauth show work";
};
};
mu.enable = false;
mbsync = {
enable = false;
expunge = "both";
extraConfig = {
account = {
AuthMechs = "XOAUTH2";
};
};
};
};
wayland.windowManager.sway.config = {
output = {
"Applied Creative Technology Transmitter QUATTRO201811" = {
@ -14036,23 +13898,6 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in
{
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = {
defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];
@ -18718,12 +18563,9 @@ I set the annotation-mode of marginalia to =heavy=. This gives even more informa
#+begin_src emacs-lisp
(use-package marginalia
:after vertico
:bind (:map minibuffer-local-map
("M-A" . marginalia-cycle))
:init
(marginalia-mode)
;; (setq marginalia-annotators '(marginalia-annotators-heavy marginalia-annotators-light nil))
)
(setq marginalia-annotators '(marginalia-annotators-heavy marginalia-annotators-light nil)))
#+end_src
***** nerd-icons-completion
@ -18902,22 +18744,6 @@ This part of the configuration mostly makes some aesthetic changes, enables neat
#+begin_src emacs-lisp
(defun swarsel/org-agenda-done-and-archive ()
"Mark TODO at point as DONE, archive it, and save all agenda files."
(interactive)
(let ((org-archive-location "~/Nextcloud/Org/Archive.org::Archive"))
(org-agenda-todo "DONE")
(org-agenda-archive)
(dolist (buf (buffer-list))
(with-current-buffer buf
(when (and buffer-file-name
(string-prefix-p (expand-file-name "~/Nextcloud/Org/") (file-truename buffer-file-name))
(derived-mode-p 'org-mode))
(save-buffer))))))
(with-eval-after-load 'org-agenda
(define-key org-agenda-mode-map (kbd "C-a") #'swarsel/org-agenda-done-and-archive))
(use-package org
;;:diminish (org-indent-mode)
:hook (org-mode . swarsel/org-mode-setup)
@ -18944,18 +18770,11 @@ This part of the configuration mostly makes some aesthetic changes, enables neat
"/home/swarsel/Nextcloud/Org/Archive.org"
))
(setq org-capture-templates
'(("t" "Todo" entry (file+headline "~/Nextcloud/Org/Tasks.org" "Inbox")
"* TODO %?\n %i\n %a")
("j" "Journal" entry (file+datetree "~/Nextcloud/Org/Journal.org")
"* %?\nEntered on %U\n %i\n %a")))
(setq org-refile-targets
'((swarsel-archive-org-file :maxlevel . 1)
(swarsel-tasks-org-file :maxlevel . 1)))
)
#+end_src
**** org-appear
:PROPERTIES:
@ -20505,7 +20324,6 @@ This sets up the =dashboard=, which is really quite useless. But, it looks cool
(add-hook 'comint-output-filter-functions 'comint-truncate-buffer)
#+end_src
*** Popup frames
#+begin_src emacs-lisp
@ -20522,19 +20340,14 @@ This sets up the =dashboard=, which is really quite useless. But, it looks cool
,(format "Run `%s' in a popup frame with `prot-window-popup-frame' parameter.
Also see `prot-window-delete-popup-frame'." command)
(interactive)
(let ((frame (make-frame '((prot-window-popup-frame . t)
(title . "Emacs Popup Frame")))))
(unwind-protect
(progn
(let ((frame (make-frame '((prot-window-popup-frame . t)))))
(select-frame frame)
(modify-frame-parameters nil '((title . "Emacs Popup Frame")))
(switch-to-buffer " prot-window-hidden-buffer-for-popup-frame")
(condition-case nil
(call-interactively ',command)
((quit error user-error)
(delete-frame frame))))
(dolist (fr (frame-list))
(when (string= (frame-parameter fr 'name) "Emacs Popup Anchor")
(delete-frame fr)))))))
(delete-frame frame))))))
(declare-function org-capture "org-capture" (&optional goto keys))
(defvar org-capture-after-finalize-hook)
@ -20552,10 +20365,6 @@ This sets up the =dashboard=, which is really quite useless. But, it looks cool
(prot-window-define-with-popup-frame swarsel/open-calendar)
(advice-add 'bury-buffer :after #'prot-window-delete-popup-frame)
(declare-function org-agenda "org-agenda" (&optional goto keys))
;;;###autoload (autoload 'prot-window-popup-org-agenda "prot-window")
(prot-window-define-with-popup-frame org-agenda)
#+end_src
* Appendix A: Noweb-Ref blocks

42
files/emacs/init.el
View file

@ -713,12 +713,9 @@ create a new one."
(use-package marginalia
:after vertico
:bind (:map minibuffer-local-map
("M-A" . marginalia-cycle))
:init
(marginalia-mode)
;; (setq marginalia-annotators '(marginalia-annotators-heavy marginalia-annotators-light nil))
)
(setq marginalia-annotators '(marginalia-annotators-heavy marginalia-annotators-light nil)))
(use-package nerd-icons-completion
:after (marginalia nerd-icons)
@ -804,22 +801,6 @@ create a new one."
(setq auth-sources '( "~/.emacs.d/.authinfo")
auth-source-cache-expiry nil)
(defun swarsel/org-agenda-done-and-archive ()
"Mark TODO at point as DONE, archive it, and save all agenda files."
(interactive)
(let ((org-archive-location "~/Nextcloud/Org/Archive.org::Archive"))
(org-agenda-todo "DONE")
(org-agenda-archive)
(dolist (buf (buffer-list))
(with-current-buffer buf
(when (and buffer-file-name
(string-prefix-p (expand-file-name "~/Nextcloud/Org/") (file-truename buffer-file-name))
(derived-mode-p 'org-mode))
(save-buffer))))))
(with-eval-after-load 'org-agenda
(define-key org-agenda-mode-map (kbd "C-a") #'swarsel/org-agenda-done-and-archive))
(use-package org
;;:diminish (org-indent-mode)
:hook (org-mode . swarsel/org-mode-setup)
@ -846,12 +827,6 @@ create a new one."
"/home/swarsel/Nextcloud/Org/Archive.org"
))
(setq org-capture-templates
'(("t" "Todo" entry (file+headline "~/Nextcloud/Org/Tasks.org" "Inbox")
"* TODO %?\n %i\n %a")
("j" "Journal" entry (file+datetree "~/Nextcloud/Org/Journal.org")
"* %?\nEntered on %U\n %i\n %a")))
(setq org-refile-targets
'((swarsel-archive-org-file :maxlevel . 1)
(swarsel-tasks-org-file :maxlevel . 1)))
@ -1748,19 +1723,14 @@ Make the new frame have the `prot-window-popup-frame' parameter."
,(format "Run `%s' in a popup frame with `prot-window-popup-frame' parameter.
Also see `prot-window-delete-popup-frame'." command)
(interactive)
(let ((frame (make-frame '((prot-window-popup-frame . t)
(title . "Emacs Popup Frame")))))
(unwind-protect
(progn
(let ((frame (make-frame '((prot-window-popup-frame . t)))))
(select-frame frame)
(modify-frame-parameters nil '((title . "Emacs Popup Frame")))
(switch-to-buffer " prot-window-hidden-buffer-for-popup-frame")
(condition-case nil
(call-interactively ',command)
((quit error user-error)
(delete-frame frame))))
(dolist (fr (frame-list))
(when (string= (frame-parameter fr 'name) "Emacs Popup Anchor")
(delete-frame fr)))))))
(delete-frame frame))))))
(declare-function org-capture "org-capture" (&optional goto keys))
(defvar org-capture-after-finalize-hook)
@ -1777,7 +1747,3 @@ Also see `prot-window-delete-popup-frame'." command)
;;;###autoload (autoload 'prot-window-popup-swarsel/open-calendar "prot-window")
(prot-window-define-with-popup-frame swarsel/open-calendar)
(advice-add 'bury-buffer :after #'prot-window-delete-popup-frame)
(declare-function org-agenda "org-agenda" (&optional goto keys))
;;;###autoload (autoload 'prot-window-popup-org-agenda "prot-window")
(prot-window-define-with-popup-frame org-agenda)

1945
flake.lock generated
View file

File diff suppressed because it is too large Load diff

2
hosts/home/treehouse/default.nix
View file

@ -4,7 +4,7 @@
imports = [
inputs.stylix.homeManagerModules.stylix
inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.homeModules.nix-index
inputs.nix-index-database.hmModules.nix-index
"${self}/modules/home"
"${self}/modules/nixos/common/pii.nix"
"${self}/modules/nixos/common/meta.nix"

6
hosts/nixos/pyramid/secrets/pii.nix.enc
View file

@ -1,5 +1,5 @@
{
"data": "ENC[AES256_GCM,data:kkwEMOzab5JK9G+rSfYygcAI6Y+b1tXkUFPdxN8e2Rnz2Uv4bDfITu8bmKqJ1q5kmHxQjQukioZkdQkabqBR8cx/CG3dRJfPAjEwMz4v8UYGSNSf8blJvdb4YKSizeOEALCuawBIm5hmvwuskXlol6UfkK66h9UnP94wwdh0KKemWinANxbIUX+cl6kK4X1eZrWRGr5Ts2HmjcowIbA+SmA8yVAwqoP6L1DuavilLGPfWhBI4Kj7ZTI3LRlvu4DZZ+DCAea3FgrrjbTWiWZfFW0YX2fDgNQkIxpp3N203zDu23HebZcmCrVBkfvFS7awBr5iVnwfsqOJR0LH92lIlUb8YoFShlJU/Day80i9uyYDCTHc4l2NBvjIH8NlpiYaA2A+rCW3VkVX3WzCGxBfi/kIqoNE3RdLJAYrIimsYaHSmk4o6jslR3xIRyQzDcNtWa92kINdCwBuJXc0UYe/HnR8tFlmOrlixMlVINTy45PRNYJoy7cuoJPd+aNIPQ2V31TB/CjUSZhEptVJSnQnKDui1xuV7vqcyPv06xftJGZRk/LL2cl3+HDLflkZYE7NVlLaOWMBOkX99W/WokF3NGBWuVeUp9bLCwpuEmzFafpCjKhGrQSDGkw17jmYWCULN9v3q6OvyylwqVuDDQZNSxGZFsSPr7qOxeENwTDQvRwpydthPRMMHh/wf3t5pyV/jW79SBuxIWvn4JbO8TBsd9TmVgXMgpd97+Zg3CnTqZApVVRzM8NzF25fMYHJv12YvkEmyOm0otFU84COhgNkpBRTJhyJdjKWVOTJFJyQviwy6BTBF6jqHyS+YP7BEZO2UID/9ODKVrSACCatSQlNtLQRrXOiE9h3g43uAJc/TyJ+A0IceUJ3BM+6PEJiqDWUfO5ucP3pLDdb4IDOAi/YeV9HQdyCdEVRf6a0CHmPcnkb+X+fxxcmZQCvuzQjOZQZw8UUwfhdJms6jTWqaN9leb3z4u8RPxOM1T+Qsu5dL5ouady7xVSO4c1Fw+EiiL9yOh42DTa4OyBlcTJiz5iigqmkaiQOwdwn+FlOYNraOd24h8+x7dDVQBbHjnV7xF7I1rmpOfA/lUbfovLU5SrIxLPT64J25ucudJWBTCDiYADUwhv+QmfJJsdt11+NWPkS3ymFbbWPtpZvhCaawrNKb3s/ohOEi8JIAyY9dtfRGuRoTsCcsJ4xjeSLehX4TgR0cl31Jmm+0kO2uuP7veDrqyUg1Swqsq4+BKfimprh/QzwSoB9lOdEPu0bdQza9sk+D5+H2ooXsVXA2YJscBZ/Kv+YYW57LlfwEvfpJDx5XiQtAYYlUeN8SPx72i9QzYugm339gj+eB8gtbX3W8Sl+D9Vs0P+GZ4G7K03JvzEExtA=,iv:Go3U5S9ZxtPawFoVjknH8j8WDg2TJLIU6mp5DQDj9BE=,tag:0QPJYyQsuZ4hz8xZZ2V4xw==,type:str]",
"data": "ENC[AES256_GCM,data:SEQIHMS8xUj6vsC1+1zTRG+h5BbqL0miA77UEh0UbiFOP7RgqhUlZgq+LmO7BRiIf4RHO13BZ5PXdKiZ96lgGcaquVnaEEQqv2NvkstXpwm3eLjUTJryMxfVupeir5g/FNXHETzhN425KD93EyMr4g7INJW4N4mHXmDnHJOJgS8rlKnSLG64cpgrlef8GAsGfp+i3ky2dig4jNQG8Ijdc46qtiyH9bs7k0d/YuNNmcZSaSIukNyyIMVTqlt6MV+9iUQ4Lj5h0pxgDLfjM1TNQAHRkWW4eozt7SO17U9td1DxvBF9TUdj3xbFCVo4c1OGw4hrjahvUAF8u1TEXBhhJfLqApDUBddRMxybk8Dy98jOHcb6Qwu3qUcgRt9XgkOktwgovS/B2WWAIWMTIZhyKm5ENriaTZWSp6n7hzkw1C1wXyCaP6YT0A4SSPPJt/DuTcBZ5BOFM10237NNgZA0Q7B5J5C57W88bhtzZ2aJZexyQYqQPrr5c38RwR00OAVGJeCgcq70JqeA5EpTuud20rBE0/dHHEPeVUBkrq8pjBHh4SYeMOh8g85CnlF31cxAcnrVJbO14hQQ8sQd4ZmkRNcY3EL981ruDy6Okd3K5AifmF/E9IEZwbvCSLY8EYANA+NV97ZsL4zJOWC6tnA1QHFDoqCR/POsupvGQetYpembrUY0WoB5XkfAvMicQCeLJe2H7S6pOVMDOIIZLx57vcO855LlIJiCpMw2ytqbBXRZolM2WXEBZDEL6BnrEydUnoiUCxqsUrdvQE3HTzktXKQww9jc6HLfBV1MvfScWq2fisGDlkrC2rI5VcWamm8Xbke4uTVcdbKlDpgbpC8NaWmmgNhFe50VNf7M/L5etnvuWWbY68epLZo7dsaaWVE584pdVFT+2K2GwWmGnMHKW+KKA6O9hFfdPUOsJj+eJiF9JX7OwLPAJILTjesWfHXivILBwjDyY5CBCHg91fsrPF37222O/HPPukveY/u6WBOt+co3Ch9mq9usdD7fhieo59IZ7aOJb7dxHSa99nBD8NZbwn6nJkgn3hpLfP9q/2TWcF/zSD1oGY7f1GVbEKEHj2hHv+OHMhFzgRhi5NtvGOO4l0aa1QE1eyRJgHLeqS5aL119Fh1+PSSN9/+v1q6l2JjYuQAV1BqzVdG2GS64J4PBxVqmZ3M9Qv2ZvH0Zwjs64M3MDUMNa5+HZAkPpThvrUWSCEFivIfiOi4Bt/h+HmyQb04LB5QuNFSiRpuF+fQcA+MmMQ==,iv:PL7Z5mKqbNbPfptREw9xFTiOQ1qiVkyxLPvDSoPvbbY=,tag:OPlhVLtN5IDdL/nkkj8+CQ==,type:str]",
"sops": {
"age": [
{
@ -11,8 +11,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-08-07T12:21:20Z",
"mac": "ENC[AES256_GCM,data:JxNvTsW6D7IbaczGsdgfTJcACm5VLrOw6Ep+RU9PoXn2LJZeJ9U8KIlnNdODtxMpiIpZ+ZPeJgQk+EXlUVd5n2dJQEr6vqfs4o85givDWE29Pki12Zb7jMhiW8/z9GYQ/TcskkWUfA0Brz9fKVKXLARvQdL1/9Rlw+F1VwWWBOo=,iv:V31hoIpUgq6X47D0B+MtBMsdD0oDpPkh2kvQWRJtS3w=,tag:dsW9SUIdGipX5rKyLAvCvQ==,type:str]",
"lastmodified": "2025-07-13T23:20:32Z",
"mac": "ENC[AES256_GCM,data:ibG9NVwVLf4UgdxnHbAToq5n12v4PPgPmnTn8PYg0LZfU2x6GaxRtNvWoFxDa9bEWMRzrlC5oV+hXsTxzJdYliafNTOxWjtOI/ME/HgEE8cU17HuJViWkR+CL+kzCelgFjCD3XajbTRzdTBtcI9icsUvnaManjlSvsgWmqNP36Y=,iv:uCy8Mv5HM611Qd4cvvEiDovnv1uuLZVSN7p7SV10zRA=,tag:fRjfyRkIIh5L97WVyNyxSQ==,type:str]",
"pgp": [
{
"created_at": "2025-06-14T22:31:01Z",

400
index.html
View file

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2025-08-09 Sa 14:31 -->
<!-- 2025-08-05 Di 01:22 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>SwarselSystems: NixOS + Emacs Configuration</title>
@ -203,7 +203,7 @@
<ul>
<li><a href="#h:a86fe971-f169-4052-aacf-15e0f267c6cd">1. Introduction (no code)</a>
<ul>
<li><a href="#org95f3948">1.1. How to use this document</a></li>
<li><a href="#org9caf49d">1.1. How to use this document</a></li>
<li><a href="#h:bcc3ebbe-df8a-46bd-b42d-73aad6fc66e5">1.2. Structure of this file</a></li>
<li><a href="#h:2c5529ed-e6d9-44b6-b0d3-5bf96a6bed64">1.3. <span class="todo TODO">TODO</span> Structure of this flake</a></li>
<li><a href="#h:48e0cb2c-e412-4ae3-a244-80a8c09dbb02">1.4. Hosts</a></li>
@ -319,7 +319,7 @@
<li><a href="#h:5c3027b4-ba66-445e-9c5f-c27e332c90e5">3.2.1.2. Share configuration between nodes (automatically active)</a></li>
<li><a href="#h:85c9b83f-40c3-4558-bb28-a37b6f8597b9">3.2.1.3. Global options (automatically active)</a></li>
<li><a href="#h:30b81bf9-1e69-4ce8-88af-5592896bcee4">3.2.1.4. Meta options (options only)</a></li>
<li><a href="#org102ae59">3.2.1.5. Expose home-manager sops secrets in NixOS (automatically active)</a></li>
<li><a href="#org15130d1">3.2.1.5. Expose home-manager secrets in NixOS (automatically active)</a></li>
<li><a href="#h:e2e7444b-cb85-4719-b154-e5f37274d02d">3.2.1.6. Topology (automatically active)</a></li>
<li><a href="#h:24c9146f-2147-4fd5-bafc-d5853e15cf12">3.2.1.7. General NixOS settings (nix, stateVersion)</a></li>
<li><a href="#h:7f6d6908-4d02-4907-9c70-f802f4358520">3.2.1.8. Setup home-manager base</a></li>
@ -328,7 +328,7 @@
<li><a href="#h:852d59ab-63c3-4831-993d-b5e23b877796">3.2.1.11. Time, locale settings</a></li>
<li><a href="#h:82b8ede2-02d8-4c43-8952-7200ebd4dc23">3.2.1.12. PII management</a></li>
<li><a href="#h:d9a89071-b3ba-44d1-b5e0-e9ca6270d377">3.2.1.13. Lanzaboote (secure boot)</a></li>
<li><a href="#org895e59b">3.2.1.14. Boot</a></li>
<li><a href="#org7b2302c">3.2.1.14. Boot</a></li>
<li><a href="#h:e7668594-fa8b-4d36-a695-a58222478988">3.2.1.15. Impermanence</a></li>
</ul>
</li>
@ -418,7 +418,7 @@
<li><a href="#h:f922e8d6-f6e8-4779-a7ad-4037229c9bf0">3.2.3.33. croc</a></li>
<li><a href="#h:13071cc3-5cba-44b5-8b5b-2a27be22e021">3.2.3.34. microbin</a></li>
<li><a href="#h:4ccdcd5c-a4dd-49e4-94e7-d81db970059c">3.2.3.35. shlink</a></li>
<li><a href="#orgb7ca62f">3.2.3.36. slink</a></li>
<li><a href="#org7d3bf84">3.2.3.36. slink</a></li>
</ul>
</li>
<li><a href="#h:ac0cd8b3-06cf-4dca-ba73-6100c8fedb47">3.2.4. Darwin</a>
@ -515,10 +515,10 @@
</li>
</ul>
</li>
<li><a href="#org7f776e3">3.4. Shared</a>
<li><a href="#orgb2d6f3a">3.4. Shared</a>
<ul>
<li><a href="#h:79f7150f-b162-4f57-abdf-07f40dffd932">3.4.1. <span class="todo TODO">TODO</span> Configuration options</a></li>
<li><a href="#org6e2eee2">3.4.2. Variables (vars; holds firefox &amp; stylix config parts)</a></li>
<li><a href="#orgbb0bc3c">3.4.2. Variables (vars; holds firefox &amp; stylix config parts)</a></li>
</ul>
</li>
<li><a href="#h:64a5cc16-6b16-4802-b421-c67ccef853e1">3.5. Packages</a>
@ -757,7 +757,7 @@
<li><a href="#h:a81fb9de-6b6b-4a4a-b758-5107c6e7f0cb">4.4.42. vterm</a></li>
<li><a href="#h:1f4d32a0-c1ed-4409-aec4-7b5c96aa21dd">4.4.43. multiple cursors</a></li>
<li><a href="#h:438d928f-77a8-477a-ac8b-ca54ec673f91">4.4.44. Less logging</a></li>
<li><a href="#org9515b19">4.4.45. Popup frames</a></li>
<li><a href="#org8f4e81b">4.4.45. Popup frames</a></li>
</ul>
</li>
</ul>
@ -812,7 +812,7 @@
</div>
</div>
<p>
<b>This file has 91224 words spanning 23377 lines and was last revised on 2025-08-09 14:31:36 +0200.</b>
<b>This file has 90489 words spanning 23186 lines and was last revised on 2025-08-05 01:22:51 +0200.</b>
</p>
<p>
@ -842,8 +842,8 @@ This configuration is part of a NixOS system that is (nearly) fully declarative
This literate configuration lets me explain my choices to my future self as well as you, the reader. I go to great lengths to explain the choices for all configuration steps that I take in order for me to pay due diligence in crafting my setup, and not simply copying big chunks of other peoples code. Also, the literate configuration approach is very convenient to me as I only need to keep of (ideally) a single file to manage all of my configuration. I hope that this documentation will make it easier for beginners to get into Emacs and NixOS as I know it can be a struggle in the beginning.
</p>
</div>
<div id="outline-container-org95f3948" class="outline-3">
<h3 id="org95f3948"><span class="section-number-3">1.1.</span> How to use this document</h3>
<div id="outline-container-org9caf49d" class="outline-3">
<h3 id="org9caf49d"><span class="section-number-3">1.1.</span> How to use this document</h3>
<div class="outline-text-3" id="text-1-1">
<p>
When I started out with nix, it was a painful time. For a beginner, the available resources tend to be too detailed or assume too much prior knowledge. Also, it is a (sad) fact that using nix requires the user to understand it pretty well before most things start to make sense.
@ -881,7 +881,7 @@ This section defines my Emacs configuration. For a while, I considered to use ry
</p>
<p>
My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2025-08-09 14:31:36 +0200)
My emacs is built using the emacs-overlay nix flake, which builds a bleeding edge emacs on wayland (pgtk) with utilities like treesitter support. By executing the below source block, the current build setting can be updated at any time, and you can see my most up-to-date build options (last updated: 2025-08-05 01:22:51 +0200)
</p></li>
</ul>
@ -893,7 +893,7 @@ system-configuration-options
</div>
<pre class="example">
--prefix=/nix/store/6gy60bnwvzbvvmg10vqcnhrjnnrpi4y8-emacs-git-pgtk-20250808.0 --disable-build-details --with-modules --with-pgtk --with-compress-install --with-toolkit-scroll-bars --with-native-compilation --without-imagemagick --with-mailutils --without-small-ja-dic --with-tree-sitter --without-xinput2 --without-xwidgets --with-dbus --with-selinux
--prefix=/nix/store/sjapaaf7z48pzml6dw2njyfdgvpp1nn7-emacs-git-pgtk-20250707.0 --disable-build-details --with-modules --with-pgtk --with-compress-install --with-toolkit-scroll-bars --with-native-compilation --without-imagemagick --with-mailutils --without-small-ja-dic --with-tree-sitter --without-xinput2 --without-xwidgets --with-dbus --with-selinux
</pre>
@ -4519,7 +4519,7 @@ This is the "reference implementation" of a setup that runs without NixOS, only
imports = [
inputs.stylix.homeManagerModules.stylix
inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.homeModules.nix-index
inputs.nix-index-database.hmModules.nix-index
"${self}/modules/home"
"${self}/modules/nixos/common/pii.nix"
"${self}/modules/nixos/common/meta.nix"
@ -5003,8 +5003,8 @@ in
</div>
</div>
</div>
<div id="outline-container-org102ae59" class="outline-5">
<h5 id="org102ae59"><span class="section-number-5">3.2.1.5.</span> Expose home-manager sops secrets in NixOS (automatically active)</h5>
<div id="outline-container-org15130d1" class="outline-5">
<h5 id="org15130d1"><span class="section-number-5">3.2.1.5.</span> Expose home-manager secrets in NixOS (automatically active)</h5>
<div class="outline-text-5" id="text-3-2-1-5">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, config, globals, ... }:
@ -5028,7 +5028,6 @@ in
fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; };
}) // (lib.optionalAttrs modules.zsh {
croc-password = { owner = mainUser; };
github-nixpkgs-review-token = { owner = mainUser; };
}) // (lib.optionalAttrs modules.emacs {
emacs-radicale-pw = { owner = mainUser; };
});
@ -5234,7 +5233,7 @@ We enable the use of <code>home-manager</code> as a NixoS module. A nice trick h
useUserPackages = true;
verbose = true;
users.${config.swarselsystems.mainUser}.imports = [
inputs.nix-index-database.homeModules.nix-index
inputs.nix-index-database.hmModules.nix-index
inputs.sops-nix.homeManagerModules.sops
# inputs.stylix.homeModules.stylix
{
@ -5486,8 +5485,8 @@ This dynamically uses systemd boot or Lanzaboote depending on the minimal system
</div>
</div>
</div>
<div id="outline-container-org895e59b" class="outline-5">
<h5 id="org895e59b"><span class="section-number-5">3.2.1.14.</span> Boot</h5>
<div id="outline-container-org7b2302c" class="outline-5">
<h5 id="org7b2302c"><span class="section-number-5">3.2.1.14.</span> Boot</h5>
<div class="outline-text-5" id="text-3-2-1-14">
<div class="org-src-container">
<pre class="src src-nix-ts">{ lib, pkgs, config, globals, ... }:
@ -5788,9 +5787,7 @@ Next, we will setup some environment variables that need to be set on the system
gst-plugins-ugly
gst-libav
]);
} // (lib.optionalAttrs (!config.swarselsystems.isPublic) {
GITHUB_NOTIFICATION_TOKEN_PATH = config.sops.secrets.github-notifications-token.path;
});
};
};
};
}
@ -5846,10 +5843,10 @@ There is a persistent bug over Linux kernels that makes the user wait 1m30s on s
options.swarselmodules.systemdTimeout = lib.mkEnableOption "systemd timeout config";
config = lib.mkIf config.swarselmodules.systemdTimeout {
# systemd
systemd.settings.Manager = {
DefaultTimeoutStartSec = "60s";
DefaultTimeoutStopSec = "15s";
};
systemd.extraConfig = ''
DefaultTimeoutStartSec=60s
DefaultTimeoutStopSec=15s
'';
};
}
</pre>
@ -6813,7 +6810,7 @@ This section houses the greetd related settings. I do not really want to use a d
settings = {
initial_session.command = "sway";
default_session.command = ''
${pkgs.tuigreet}/bin/tuigreet \
${pkgs.greetd.tuigreet}/bin/tuigreet \
--time \
--asterisks \
--user-menu \
@ -6931,7 +6928,7 @@ When a program does not work, start with <code>nix-ldd &lt;program&gt;</code>. T
pixman
speex
stdenv.cc.cc
stable.steam-fhsenv-without-steam
steam-fhsenv-without-steam
systemd
tbb
vulkan-loader
@ -11025,8 +11022,8 @@ in
</div>
</div>
</div>
<div id="outline-container-orgb7ca62f" class="outline-5">
<h5 id="orgb7ca62f"><span class="section-number-5">3.2.3.36.</span> slink</h5>
<div id="outline-container-org7d3bf84" class="outline-5">
<h5 id="org7d3bf84"><span class="section-number-5">3.2.3.36.</span> slink</h5>
<div class="outline-text-5" id="text-3-2-3-36">
<p>
Deployment notes:
@ -11693,6 +11690,7 @@ in
gh
];
services = {
spice-vdagentd.enable = true;
openssh = {
@ -12568,7 +12566,6 @@ in
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
};
};
}
@ -13075,7 +13072,6 @@ in
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic &amp;&amp; !config.swarselsystems.isNixos) {
croc-password = { };
github-nixpkgs-review-token = { };
};
programs.zsh = {
@ -13110,10 +13106,8 @@ in
boot-diff = "nix store diff-closures /run/*-system";
gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system";
cc = "wl-copy";
build-topology = "nix build .#topology.x86_64-linux.config.output";
build-iso = "nix build --print-out-paths .#live-iso";
nix-review- = "nix run nixpkgs#nixpkgs-review -- rev HEAD";
nix-review-post = "nix run nixpkgs#nixpkgs-review -- pr --post-result --systems linux";
topology = "nix build .#topology.x86_64-linux.config.output";
iso = "nix build --print-out-paths .#live-iso";
}
config.swarselsystems.shellAliases;
autosuggestion.enable = true;
@ -13187,7 +13181,6 @@ in
bindkey '^H' my-backward-delete-word
export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})"
export GITHUB_TOKEN="$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})"
'';
};
};
@ -13376,76 +13369,22 @@ in
# this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
programs.thunderbird = {
enable = true;
profiles.default = {
isDefault = true;
withExternalGnupg = true;
settings = {
"mail.identity.default.archive_enabled" = true;
"mail.identity.default.archive_keep_folder_structure" = true;
"mail.identity.default.compose_html" = false;
"mail.identity.default.protectSubject" = true;
"mail.identity.default.reply_on_top" = 1;
"mail.identity.default.sig_on_reply" = false;
"mail.identity.default.sig_bottom" = false;
"gfx.webrender.all" = true;
"gfx.webrender.enabled" = true;
};
};
settings = {
"mail.server.default.allow_utf8_accept" = true;
"mail.server.default.max_articles" = 1000;
"mail.server.default.check_all_folders_for_new" = true;
"mail.show_headers" = 1;
"mail.identity.default.auto_quote" = true;
"mail.identity.default.attachPgpKey" = true;
"mailnews.default_sort_order" = 2;
"mailnews.default_sort_type" = 18;
"mailnews.default_view_flags" = 0;
"mailnews.sort_threads_by_root" = true;
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showUserAgent" = true;
"mail.imap.expunge_after_delete" = true;
"mail.server.default.delete_model" = 2;
"mail.warn_on_delete_from_trash" = false;
"mail.warn_on_shift_delete" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.prompted" = 2;
"app.update.auto" = false;
"privacy.donottrackheader.enabled" = true;
};
};
xdg.mimeApps.defaultApplications = {
"x-scheme-handler/mailto" = [ "thunderbird.desktop" ];
"x-scheme-handler/mid" = [ "thunderbird.desktop" ];
"message/rfc822" = [ "thunderbird.desktop" ];
};
accounts = lib.mkIf (config.swarselsystems.isNixos &amp;&amp; !config.swarselsystems.isPublic) {
email =
let
defaultSettings = {
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true; # SSL/TLS
};
thunderbird = {
enable = true;
profiles = [ "default" ];
email = {
maildirBasePath = "Mail";
accounts = {
leon = {
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
mu.enable = true;
msmtp = {
enable = true;
@ -13466,10 +13405,7 @@ in
};
};
};
in
{
maildirBasePath = "Mail";
accounts = {
swarsel = {
address = address4;
userName = address4-user;
@ -13492,39 +13428,59 @@ in
};
};
leon = lib.recursiveUpdate
{
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
}
defaultSettings;
nautilus = lib.recursiveUpdate
{
nautilus = {
primary = false;
address = address2;
userName = address2;
realName = address2-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address2-token.path}";
}
defaultSettings;
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
mrswarsel = lib.recursiveUpdate
{
mrswarsel = {
primary = false;
address = address3;
userName = address3;
realName = address3-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address3-token.path}";
}
defaultSettings;
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
};
};
@ -14465,10 +14421,9 @@ in
"${modifier}+Shift+F12" = "move scratchpad";
"${modifier}+F12" = "scratchpad show";
"${modifier}+Shift+c" = "exec qalculate-gtk";
"${modifier}+c" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-org-capture)'";
"${modifier}+t" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-org-agenda)'";
"${modifier}+Shift+m" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-mu4e)'";
"${modifier}+Shift+a" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-swarsel/open-calendar)'";
"${modifier}+c" = "emacsclient -e '(prot-window-popup-org-capture)'";
"${modifier}+Shift+m" = "emacsclient -e '(prot-window-popup-mu4e)'";
"${modifier}+Shift+a" = "emacsclient -e '(prot-window-popup-swarsel/open-calendar)'";
"${modifier}+p" = "exec pass-fuzzel";
"${modifier}+o" = "exec pass-fuzzel --otp";
"${modifier}+Shift+p" = "exec pass-fuzzel --type";
@ -14601,8 +14556,7 @@ in
{ title = "^Add$"; }
{ title = "^Picture-in-Picture$"; }
{ title = "Syncthing Tray"; }
{ title = "^Emacs Popup Frame$"; }
{ title = "^Emacs Popup Anchor$"; }
{ title = "Emacs Popup Frame"; }
{ title = "^spotifytui$"; }
{ title = "^kittyterm$"; }
{ app_id = "vesktop"; }
@ -14653,18 +14607,6 @@ in
title = "^Picture-in-Picture$";
};
}
{
command = "resize set width 60 ppt height 60 ppt, opacity 0.99, sticky enable";
criteria = {
title = "^Emacs Popup Frame$";
};
}
{
command = "move container to scratchpad";
criteria = {
title = "^Emacs Popup Anchor$";
};
}
{
command = "resize set width 60 ppt height 60 ppt, opacity 0.8, sticky enable, border normal, move container to scratchpad";
criteria = {
@ -15115,8 +15057,7 @@ let
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
config = lib.mkIf config.swarselmodules.optional.work
{
config = lib.mkIf config.swarselmodules.optional.work {
home.packages = with pkgs; [
stable.teams-for-linux
shellcheck
@ -15129,92 +15070,13 @@ in
stable.prometheus.cli
tigervnc
openstackclient
pizauth
];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
in
{
primary = false;
address = mailAddress;
userName = mailAddress;
realName = mailName;
passwordCommand = "pizauth show work";
imap = {
host = "outlook.office365.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "outlook.office365.com";
port = 587;
tls = {
enable = true; # SSL/TLS
useStartTls = true;
};
};
thunderbird = {
enable = true;
profiles = [ "default" ];
settings = id: {
"mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth
"mail.server.server_${id}.authMethod" = 10; # oauth
# "toolkit.telemetry.enabled" = false;
# "toolkit.telemetry.rejected" = true;
# "toolkit.telemetry.prompted" = 2;
};
};
msmtp = {
enable = false;
extraConfig = {
account = "work";
auth = "xoauth2";
host = "outlook.office365.com";
protocol = "smtp";
port = "587";
tls = "on";
tls_starttls = "on";
from = "${mailAddress}";
user = "${mailAddress}";
passwordeval = "pizauth show work";
};
};
mu.enable = false;
mbsync = {
enable = false;
expunge = "both";
extraConfig = {
account = {
AuthMechs = "XOAUTH2";
};
};
};
};
wayland.windowManager.sway.config = {
output = {
"Applied Creative Technology Transmitter QUATTRO201811" = {
@ -15487,23 +15349,6 @@ in
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in
{
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = {
defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];
@ -15687,8 +15532,8 @@ This holds configuration that is specific to framework laptops.
</div>
</div>
</div>
<div id="outline-container-org7f776e3" class="outline-3">
<h3 id="org7f776e3"><span class="section-number-3">3.4.</span> Shared</h3>
<div id="outline-container-orgb2d6f3a" class="outline-3">
<h3 id="orgb2d6f3a"><span class="section-number-3">3.4.</span> Shared</h3>
<div class="outline-text-3" id="text-3-4">
<p>
This section is for modules that are to be used on <code>NixOS</code> and <code>home-manager</code> scopes alike. This is for example needed in order to allow me to define and set my own custom functions only once in the <code>NixOS</code> config and then mirror them into the corresponding <code>home-manager</code> option.
@ -15777,8 +15622,8 @@ TODO: check which of these can be replaced but builtin functions.
</div>
</div>
</div>
<div id="outline-container-org6e2eee2" class="outline-4">
<h4 id="org6e2eee2"><span class="section-number-4">3.4.2.</span> Variables (vars; holds firefox &amp; stylix config parts)</h4>
<div id="outline-container-orgbb0bc3c" class="outline-4">
<h4 id="orgbb0bc3c"><span class="section-number-4">3.4.2.</span> Variables (vars; holds firefox &amp; stylix config parts)</h4>
<div class="outline-text-4" id="text-3-4-2">
<p>
At work I am using several services that are using SSO login - however, as I am using four different accounts at work, this becomes a chore here. Hence, I have defined multiple profiles in <a href="#h:f0b2ea93-94c8-48d8-8d47-6fe58f58e0e6">Work</a> that are all practically using the same configuration. To save screen space, I template that profile here.
@ -20451,12 +20296,9 @@ I set the annotation-mode of marginalia to <code>heavy</code>. This gives even m
<div class="org-src-container">
<pre class="src src-emacs-lisp">(use-package marginalia
:after vertico
:bind (:map minibuffer-local-map
("M-A" . marginalia-cycle))
:init
(marginalia-mode)
;; (setq marginalia-annotators '(marginalia-annotators-heavy marginalia-annotators-light nil))
)
(setq marginalia-annotators '(marginalia-annotators-heavy marginalia-annotators-light nil)))
</pre>
</div>
@ -20662,22 +20504,6 @@ This part of the configuration mostly makes some aesthetic changes, enables neat
<div class="org-src-container">
<pre class="src src-emacs-lisp">
(defun swarsel/org-agenda-done-and-archive ()
"Mark TODO at point as DONE, archive it, and save all agenda files."
(interactive)
(let ((org-archive-location "~/Nextcloud/Org/Archive.org::Archive"))
(org-agenda-todo "DONE")
(org-agenda-archive)
(dolist (buf (buffer-list))
(with-current-buffer buf
(when (and buffer-file-name
(string-prefix-p (expand-file-name "~/Nextcloud/Org/") (file-truename buffer-file-name))
(derived-mode-p 'org-mode))
(save-buffer))))))
(with-eval-after-load 'org-agenda
(define-key org-agenda-mode-map (kbd "C-a") #'swarsel/org-agenda-done-and-archive))
(use-package org
;;:diminish (org-indent-mode)
:hook (org-mode . swarsel/org-mode-setup)
@ -20704,18 +20530,11 @@ This part of the configuration mostly makes some aesthetic changes, enables neat
"/home/swarsel/Nextcloud/Org/Archive.org"
))
(setq org-capture-templates
'(("t" "Todo" entry (file+headline "~/Nextcloud/Org/Tasks.org" "Inbox")
"* TODO %?\n %i\n %a")
("j" "Journal" entry (file+datetree "~/Nextcloud/Org/Journal.org")
"* %?\nEntered on %U\n %i\n %a")))
(setq org-refile-targets
'((swarsel-archive-org-file :maxlevel . 1)
(swarsel-tasks-org-file :maxlevel . 1)))
)
</pre>
</div>
</div>
@ -22428,8 +22247,8 @@ This sets up the <code>dashboard</code>, which is really quite useless. But, it
</div>
</div>
</div>
<div id="outline-container-org9515b19" class="outline-4">
<h4 id="org9515b19"><span class="section-number-4">4.4.45.</span> Popup frames</h4>
<div id="outline-container-org8f4e81b" class="outline-4">
<h4 id="org8f4e81b"><span class="section-number-4">4.4.45.</span> Popup frames</h4>
<div class="outline-text-4" id="text-4-4-45">
<div class="org-src-container">
<pre class="src src-emacs-lisp">(defun prot-window-delete-popup-frame (&amp;rest _)
@ -22445,19 +22264,14 @@ Make the new frame have the `prot-window-popup-frame' parameter."
,(format "Run `%s' in a popup frame with `prot-window-popup-frame' parameter.
Also see `prot-window-delete-popup-frame'." command)
(interactive)
(let ((frame (make-frame '((prot-window-popup-frame . t)
(title . "Emacs Popup Frame")))))
(unwind-protect
(progn
(let ((frame (make-frame '((prot-window-popup-frame . t)))))
(select-frame frame)
(modify-frame-parameters nil '((title . "Emacs Popup Frame")))
(switch-to-buffer " prot-window-hidden-buffer-for-popup-frame")
(condition-case nil
(call-interactively ',command)
((quit error user-error)
(delete-frame frame))))
(dolist (fr (frame-list))
(when (string= (frame-parameter fr 'name) "Emacs Popup Anchor")
(delete-frame fr)))))))
(delete-frame frame))))))
(declare-function org-capture "org-capture" (&amp;optional goto keys))
(defvar org-capture-after-finalize-hook)
@ -22475,10 +22289,6 @@ Also see `prot-window-delete-popup-frame'." command)
(prot-window-define-with-popup-frame swarsel/open-calendar)
(advice-add 'bury-buffer :after #'prot-window-delete-popup-frame)
(declare-function org-agenda "org-agenda" (&amp;optional goto keys))
;;;###autoload (autoload 'prot-window-popup-org-agenda "prot-window")
(prot-window-define-with-popup-frame org-agenda)
</pre>
</div>
</div>
@ -25213,7 +25023,7 @@ builtins.listToAttrs converts a list of name-value pairs into an attribute set.
</div>
<pre class="example">
{ bakery = "directory"; chaostheatre = "directory"; milkywell = "directory"; moonside = "directory"; pyramid = "directory"; toto = "directory"; winters = "directory"; }
{ bakery = "directory"; chaostheatre = "directory"; milkywell = "directory"; moonside = "directory"; pyramid = "directory"; sync = "directory"; toto = "directory"; winters = "directory"; }
</pre>
</div>
</div>
@ -25461,7 +25271,7 @@ similarly, there exists an version that starts from the right.
</div>
<div id="postamble" class="status">
<p class="author">Author: Leon Schwarzäugl</p>
<p class="date">Created: 2025-08-09 Sa 14:31</p>
<p class="date">Created: 2025-08-05 Di 01:22</p>
<p class="validation"><a href="https://validator.w3.org/check?uri=referer">Validate</a></p>
</div>
</body>

1
modules/home/common/env.nix
View file

@ -31,7 +31,6 @@ in
SWARSEL_CAL3NAME = source3-name;
SWARSEL_FULLNAME = fullName;
SWARSEL_MAIL_ALL = allMailAddresses;
GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path;
};
};
}

151
modules/home/common/mail.nix
View file

@ -33,76 +33,22 @@ in
# this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
programs.thunderbird = {
enable = true;
profiles.default = {
isDefault = true;
withExternalGnupg = true;
settings = {
"mail.identity.default.archive_enabled" = true;
"mail.identity.default.archive_keep_folder_structure" = true;
"mail.identity.default.compose_html" = false;
"mail.identity.default.protectSubject" = true;
"mail.identity.default.reply_on_top" = 1;
"mail.identity.default.sig_on_reply" = false;
"mail.identity.default.sig_bottom" = false;
"gfx.webrender.all" = true;
"gfx.webrender.enabled" = true;
};
};
settings = {
"mail.server.default.allow_utf8_accept" = true;
"mail.server.default.max_articles" = 1000;
"mail.server.default.check_all_folders_for_new" = true;
"mail.show_headers" = 1;
"mail.identity.default.auto_quote" = true;
"mail.identity.default.attachPgpKey" = true;
"mailnews.default_sort_order" = 2;
"mailnews.default_sort_type" = 18;
"mailnews.default_view_flags" = 0;
"mailnews.sort_threads_by_root" = true;
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showUserAgent" = true;
"mail.imap.expunge_after_delete" = true;
"mail.server.default.delete_model" = 2;
"mail.warn_on_delete_from_trash" = false;
"mail.warn_on_shift_delete" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.prompted" = 2;
"app.update.auto" = false;
"privacy.donottrackheader.enabled" = true;
};
};
xdg.mimeApps.defaultApplications = {
"x-scheme-handler/mailto" = [ "thunderbird.desktop" ];
"x-scheme-handler/mid" = [ "thunderbird.desktop" ];
"message/rfc822" = [ "thunderbird.desktop" ];
};
accounts = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
email =
let
defaultSettings = {
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true; # SSL/TLS
};
thunderbird = {
enable = true;
profiles = [ "default" ];
email = {
maildirBasePath = "Mail";
accounts = {
leon = {
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
mu.enable = true;
msmtp = {
enable = true;
@ -123,10 +69,7 @@ in
};
};
};
in
{
maildirBasePath = "Mail";
accounts = {
swarsel = {
address = address4;
userName = address4-user;
@ -149,39 +92,59 @@ in
};
};
leon = lib.recursiveUpdate
{
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
}
defaultSettings;
nautilus = lib.recursiveUpdate
{
nautilus = {
primary = false;
address = address2;
userName = address2;
realName = address2-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address2-token.path}";
}
defaultSettings;
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
mrswarsel = lib.recursiveUpdate
{
mrswarsel = {
primary = false;
address = address3;
userName = address3;
realName = address3-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address3-token.path}";
}
defaultSettings;
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
};
};

22
modules/home/common/sway.nix
View file

@ -126,10 +126,9 @@ in
"${modifier}+Shift+F12" = "move scratchpad";
"${modifier}+F12" = "scratchpad show";
"${modifier}+Shift+c" = "exec qalculate-gtk";
"${modifier}+c" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-org-capture)'";
"${modifier}+t" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-org-agenda)'";
"${modifier}+Shift+m" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-mu4e)'";
"${modifier}+Shift+a" = "exec emacsclient -cF '((name . \"Emacs Popup Anchor\"))' -e '(prot-window-popup-swarsel/open-calendar)'";
"${modifier}+c" = "emacsclient -e '(prot-window-popup-org-capture)'";
"${modifier}+Shift+m" = "emacsclient -e '(prot-window-popup-mu4e)'";
"${modifier}+Shift+a" = "emacsclient -e '(prot-window-popup-swarsel/open-calendar)'";
"${modifier}+p" = "exec pass-fuzzel";
"${modifier}+o" = "exec pass-fuzzel --otp";
"${modifier}+Shift+p" = "exec pass-fuzzel --type";
@ -262,8 +261,7 @@ in
{ title = "^Add$"; }
{ title = "^Picture-in-Picture$"; }
{ title = "Syncthing Tray"; }
{ title = "^Emacs Popup Frame$"; }
{ title = "^Emacs Popup Anchor$"; }
{ title = "Emacs Popup Frame"; }
{ title = "^spotifytui$"; }
{ title = "^kittyterm$"; }
{ app_id = "vesktop"; }
@ -314,18 +312,6 @@ in
title = "^Picture-in-Picture$";
};
}
{
command = "resize set width 60 ppt height 60 ppt, opacity 0.99, sticky enable";
criteria = {
title = "^Emacs Popup Frame$";
};
}
{
command = "move container to scratchpad";
criteria = {
title = "^Emacs Popup Anchor$";
};
}
{
command = "resize set width 60 ppt height 60 ppt, opacity 0.8, sticky enable, border normal, move container to scratchpad";
criteria = {

8
modules/home/common/zsh.nix
View file

@ -15,7 +15,6 @@ in
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
croc-password = { };
github-nixpkgs-review-token = { };
};
programs.zsh = {
@ -50,10 +49,8 @@ in
boot-diff = "nix store diff-closures /run/*-system";
gen-diff = "nix profile diff-closures --profile /nix/var/nix/profiles/system";
cc = "wl-copy";
build-topology = "nix build .#topology.x86_64-linux.config.output";
build-iso = "nix build --print-out-paths .#live-iso";
nix-review- = "nix run nixpkgs#nixpkgs-review -- rev HEAD";
nix-review-post = "nix run nixpkgs#nixpkgs-review -- pr --post-result --systems linux";
topology = "nix build .#topology.x86_64-linux.config.output";
iso = "nix build --print-out-paths .#live-iso";
}
config.swarselsystems.shellAliases;
autosuggestion.enable = true;
@ -127,7 +124,6 @@ in
bindkey '^H' my-backward-delete-word
export CROC_PASS="$(cat ${nixosConfig.sops.secrets.croc-password.path})"
export GITHUB_TOKEN="$(cat ${nixosConfig.sops.secrets.github-nixpkgs-review-token.path})"
'';
};
};

99
modules/home/optional/work.nix
View file

@ -4,8 +4,7 @@ let
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
config = lib.mkIf config.swarselmodules.optional.work
{
config = lib.mkIf config.swarselmodules.optional.work {
home.packages = with pkgs; [
stable.teams-for-linux
shellcheck
@ -18,92 +17,13 @@ in
stable.prometheus.cli
tigervnc
openstackclient
pizauth
];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
in
{
primary = false;
address = mailAddress;
userName = mailAddress;
realName = mailName;
passwordCommand = "pizauth show work";
imap = {
host = "outlook.office365.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "outlook.office365.com";
port = 587;
tls = {
enable = true; # SSL/TLS
useStartTls = true;
};
};
thunderbird = {
enable = true;
profiles = [ "default" ];
settings = id: {
"mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth
"mail.server.server_${id}.authMethod" = 10; # oauth
# "toolkit.telemetry.enabled" = false;
# "toolkit.telemetry.rejected" = true;
# "toolkit.telemetry.prompted" = 2;
};
};
msmtp = {
enable = false;
extraConfig = {
account = "work";
auth = "xoauth2";
host = "outlook.office365.com";
protocol = "smtp";
port = "587";
tls = "on";
tls_starttls = "on";
from = "${mailAddress}";
user = "${mailAddress}";
passwordeval = "pizauth show work";
};
};
mu.enable = false;
mbsync = {
enable = false;
expunge = "both";
extraConfig = {
account = {
AuthMechs = "XOAUTH2";
};
};
};
};
wayland.windowManager.sway.config = {
output = {
"Applied Creative Technology Transmitter QUATTRO201811" = {
@ -376,23 +296,6 @@ in
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in
{
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = {
defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];

4
modules/nixos/client/env.nix
View file

@ -13,9 +13,7 @@
gst-plugins-ugly
gst-libav
]);
} // (lib.optionalAttrs (!config.swarselsystems.isPublic) {
GITHUB_NOTIFICATION_TOKEN_PATH = config.sops.secrets.github-notifications-token.path;
});
};
};
};
}

2
modules/nixos/client/login.nix
View file

@ -7,7 +7,7 @@
settings = {
initial_session.command = "sway";
default_session.command = ''
${pkgs.tuigreet}/bin/tuigreet \
${pkgs.greetd.tuigreet}/bin/tuigreet \
--time \
--asterisks \
--user-menu \

2
modules/nixos/client/nix-ld.nix
View file

@ -82,7 +82,7 @@
pixman
speex
stdenv.cc.cc
stable.steam-fhsenv-without-steam
steam-fhsenv-without-steam
systemd
tbb
vulkan-loader

8
modules/nixos/client/systemd.nix
View file

@ -3,9 +3,9 @@
options.swarselmodules.systemdTimeout = lib.mkEnableOption "systemd timeout config";
config = lib.mkIf config.swarselmodules.systemdTimeout {
# systemd
systemd.settings.Manager = {
DefaultTimeoutStartSec = "60s";
DefaultTimeoutStopSec = "15s";
};
systemd.extraConfig = ''
DefaultTimeoutStartSec=60s
DefaultTimeoutStopSec=15s
'';
};
}

1
modules/nixos/common/home-manager-secrets.nix
View file

@ -19,7 +19,6 @@ in
fever-pw = { path = "${homeDir}/.emacs.d/.fever"; owner = mainUser; };
}) // (lib.optionalAttrs modules.zsh {
croc-password = { owner = mainUser; };
github-nixpkgs-review-token = { owner = mainUser; };
}) // (lib.optionalAttrs modules.emacs {
emacs-radicale-pw = { owner = mainUser; };
});

2
modules/nixos/common/home-manager.nix
View file

@ -7,7 +7,7 @@
useUserPackages = true;
verbose = true;
users.${config.swarselsystems.mainUser}.imports = [
inputs.nix-index-database.homeModules.nix-index
inputs.nix-index-database.hmModules.nix-index
inputs.sops-nix.homeManagerModules.sops
# inputs.stylix.homeModules.stylix
{

1
modules/nixos/optional/work.nix
View file

@ -213,6 +213,7 @@ in
gh
];
services = {
spice-vdagentd.enable = true;
openssh = {

6
secrets/general/secrets.yaml
View file

@ -22,8 +22,6 @@ croc-password: ENC[AES256_GCM,data:uz7vI2rrPi1uTKEks4IPnWOt/R6ydlp/cQ==,iv:ZE01X
github-api-token: ENC[AES256_GCM,data:9AhHkmv4JUjmir77INYflGvjNWW/E17FmfoXs5IUnAlL7B/l8s7UlVob0Az4lOUnm3+R0RWJz0HKMvOdZVZjd3RakdoWqvBHFqOVNF1MNthg2izIiaERsnDXcxj54qJfpD505xFSBWmnTKWVwRZlW5WEsFPuvaVy,iv:wzXT+qsn4VG+R8tGU33EWoaMKs4c/BB5W7f2JvuX2eY=,tag:EEhbktsmWHBwh0iBtfaXlA==,type:str]
#ENC[AES256_GCM,data:vQF1i7rtfz/MBElKIN9j8N0=,iv:jf2SZpulx85yx2sHcnA3iwkiXJcHq4x1fdBUcSRuiK0=,tag:WpUNpH6/8jDvQA8zRGrdKg==,type:comment]
emacs-radicale-pw: ENC[AES256_GCM,data:BIORG0geX8s1WOA=,iv:SeoVn8xHlqQGxZzHrm5I5LITMoutRnz3OygswDc96ew=,tag:C3S4a8IEvCjHgAyRrCaaRw==,type:str]
#ENC[AES256_GCM,data:qsBNKxd3Ng==,iv:1fNMDJt7vgKFSdghYBZsuDoZ1sWvzj1Zu8NmkjX6Zh8=,tag:0D7EsgN8B1z7/y4iZS/PtQ==,type:comment]
github-nixpkgs-review-token: ENC[AES256_GCM,data:/4ssZAEwEc9fZeR69GCvLMm4eRv4uabyDbGDGqfRUllO5DVSbZxO+A==,iv:mcARvAyPAB9pyCGFy2A/6qeZbSepHyWVNyusaQ5ze3I=,tag:o7AP6g8XHkPUaCnXK3CFig==,type:str]
sops:
age:
- recipient: age1h72072slm2pthn9m2qwjsyy2dsazc6hz97kpzh4gksvv0r2jqecqul8w63
@ -89,8 +87,8 @@ sops:
SjV6L3crUkdLWTlsNFgyRHBla2FFam8KILYsNbLdCirfoC/Vex8yEYpS2G4O0EQP
wa1xzPk3Ue0/g67dv5UZFhUn0ZB2XGFC3kEPWpptTj0VL+9Z/r0zKA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-05T09:33:50Z"
mac: ENC[AES256_GCM,data:rMtrDQtYsDyNqqVYKY9vg7fDGJjO2zQ+boN3j0dmYKyr5zzbbJAeCxAs3H/rNkgc3ril7sCfyAvP8n9KtYO6xmQuvu3Qgj2oqBiyvolfmYCArT0l7n+ImnNUGnFOfeugYPEIxvhDcEDK6dKiBMlEuyhtJ0hbVfvE4POQZi/jvMM=,iv:imWVUiFAbgzhPN/RNecx2LzCC5MJFg5nAIvGDCN2k0I=,tag:z0P180ZKj5p/g/E38CUjAQ==,type:str]
lastmodified: "2025-07-22T05:16:03Z"
mac: ENC[AES256_GCM,data:CoOd5ki9DoSBzwTeTw3JDGPReJD4th+v20AItwIZBLX15eLb1KXANdz5ekHeFZ6ntHq4ij0FUH63W6ojpBdvzJS7GgboQyAThkyJSmqtr7lN9rTa3XZSIKDTZCKm4wrG60q17vUIZXPLxM+NN1Fp2oEyCwt1s7SHM11xJ3JdyBk=,iv:ofyAhu4pjzNAJguU5Z5H9Capqcky/mTMXHEYS/qhvNs=,tag:L9tZRzd5VgbB7lyCkT6yTA==,type:str]
pgp:
- created_at: "2025-07-10T23:51:26Z"
enc: |-